synapse 2.187.0__py311-none-any.whl → 2.188.0__py311-none-any.whl

synapse/models/orgs.py

@@ -249,8 +249,24 @@ class OuModule(s_module.CoreModule):
                     'doc': 'Vital statistics about an org for a given time period.',
                 }),
                 ('ou:opening', ('guid', {}), {
-                    'doc': 'A job/work opening within an org.',
-                }),
+                    'doc': 'A job/work opening within an org.'}),
+
+                ('ou:candidate:method:taxonomy', ('taxonomy', {}), {
+                    'interfaces': ('meta:taxonomy',),
+                    'doc': 'A taxonomy of methods by which a candidate came under consideration.'}),
+
+                ('ou:candidate', ('guid', {}), {
+                    'doc': 'A candidate being considered for a role within an organization.',
+                    'display': {
+                        'columns': (
+                            {'type': 'prop', 'opts': {'name': 'contact::name'}},
+                            {'type': 'prop', 'opts': {'name': 'contact::email'}},
+                            {'type': 'prop', 'opts': {'name': 'submitted'}},
+                            {'type': 'prop', 'opts': {'name': 'org::name'}},
+                            {'type': 'prop', 'opts': {'name': 'opening::jobtitle'}},
+                        ),
+                    }}),
+
                 ('ou:jobtype', ('taxonomy', {}), {
                     'ex': 'it.dev.python',
                     'doc': 'A taxonomy of job types.',
@@ -287,6 +303,8 @@ class OuModule(s_module.CoreModule):
                     'doc': 'The campaign used the technique.'}),
                 (('ou:org', 'uses', 'ou:technique'), {
                     'doc': 'The org uses the technique.'}),
+                (('risk:vuln', 'uses', 'ou:technique'), {
+                    'doc': 'The vulnerability uses the technique.'}),
 
                 (('ou:org', 'uses', None), {
                     'doc': 'The ou:org makes use of the target node.'}),
@@ -354,6 +372,44 @@ class OuModule(s_module.CoreModule):
                     }),
                     # TODO a way to encode/normalize requirements.
                 )),
+                ('ou:candidate:method:taxonomy', {}, ()),
+                ('ou:candidate', {}, (
+
+                    ('org', ('ou:org', {}), {
+                        'doc': 'The organization considering the candidate.'}),
+
+                    ('contact', ('ps:contact', {}), {
+                        'doc': 'The contact information of the candidate.'}),
+
+                    ('method', ('ou:candidate:method:taxonomy', {}), {
+                        'doc': 'The method by which the candidate came under consideration.'}),
+
+                    ('submitted', ('time', {}), {
+                        'doc': 'The time the candidate was submitted for consideration.'}),
+
+                    ('intro', ('str', {'strip': True}), {
+                        'doc': 'An introduction or cover letter text submitted by the candidate.'}),
+
+                    ('resume', ('file:bytes', {}), {
+                        'doc': "The candidate's resume or CV."}),
+
+                    ('opening', ('ou:opening', {}), {
+                        'doc': 'The opening that the candidate is being considered for.'}),
+
+                    ('agent', ('ps:contact', {}), {
+                        'doc': 'The contact information of an agent who advocates for the candidate.'}),
+
+                    ('recruiter', ('ps:contact', {}), {
+                        'doc': 'The contact information of a recruiter who works on behalf of the organization.'}),
+
+                    ('attachments', ('array', {'type': 'file:attachment', 'sorted': True, 'uniq': True}), {
+                        'doc': 'An array of additional files submitted by the candidate.'}),
+
+                    # TODO: doc:questionare / responses
+                    # TODO: :skills=[<ps:skill>]? vs :contact -> ps:proficiency?
+                    # TODO: proj:task to track evaluation of the candidate?
+
+                )),
                 ('ou:vitals', {}, (
 
                     ('asof', ('time', {}), {
@@ -876,6 +932,12 @@ class OuModule(s_module.CoreModule):
                     ('names', ('array', {'type': 'ou:industryname', 'uniq': True, 'sorted': True}), {
                         'doc': 'An array of alternative names for the industry.'}),
 
+                    ('reporter', ('ou:org', {}), {
+                        'doc': 'The organization reporting on the industry.'}),
+
+                    ('reporter:name', ('ou:name', {}), {
+                        'doc': 'The name of the organization reporting on the industry.'}),
+
                     ('subs', ('array', {'type': 'ou:industry', 'split': ',', 'uniq': True, 'sorted': True}), {
                         'deprecated': True,
                         'doc': 'Deprecated. Please use ou:industry:type taxonomy.'}),

synapse/models/proj.py

@@ -16,10 +16,9 @@ class ProjectModule(s_module.CoreModule):
 
     async def initCoreModule(self):
         self.model.form('proj:project').onAdd(self._onAddProj)
-        self.model.form('proj:project').onDel(self._onDelProj)
 
     async def _onAddProj(self, node):
-        # ref counts on authgates?
+        # TODO: remove all storm:project authgates in 3.x migration
         gateiden = node.ndef[1]
 
         await self.core.auth.addAuthGate(node.ndef[1], 'storm:project')
@@ -29,10 +28,6 @@ class ProjectModule(s_module.CoreModule):
         rule = (True, ('project', 'admin'))
         await node.snap.user.addRule(rule, gateiden=gateiden)
 
-    async def _onDelProj(self, node):
-        gateiden = node.ndef[1]
-        await self.core.auth.delAuthGate(gateiden)
-
     def getModelDefs(self):
         return (
 

synapse/models/risk.py

@@ -159,6 +159,27 @@ class RiskModule(s_module.CoreModule):
                 ('risk:extortion', ('guid', {}), {
                     'doc': 'An event where an attacker attempted to extort a victim.'}),
 
+                ('risk:outage:cause:taxonomy', ('taxonomy', {}), {
+                    'interfaces': ('meta:taxonomy',),
+                    'doc': 'An outage cause taxonomy.'}),
+
+                ('risk:outage:type:taxonomy', ('taxonomy', {}), {
+                    'interfaces': ('meta:taxonomy',),
+                    'doc': 'An outage type taxonomy.'}),
+
+                ('risk:outage', ('guid', {}), {
+                    'display': {
+                        'columns': (
+                            {'type': 'prop', 'opts': {'name': 'name'}},
+                            {'type': 'prop', 'opts': {'name': 'type'}},
+                            {'type': 'prop', 'opts': {'name': 'cause'}},
+                            {'type': 'prop', 'opts': {'name': 'period'}},
+                            {'type': 'prop', 'opts': {'name': 'provider:name'}},
+                            {'type': 'prop', 'opts': {'name': 'reporter:name'}},
+                        ),
+                    },
+                    'doc': 'An outage event which affected resource availability.'}),
+
                 ('risk:extortion:type:taxonomy', ('taxonomy', {}), {
                     'interfaces': ('meta:taxonomy',),
                     'doc': 'A taxonomy of extortion event types.'}),
@@ -185,6 +206,8 @@ class RiskModule(s_module.CoreModule):
                     'doc': 'The threat cluster uses the vulnerability.'}),
                 (('risk:tool:software', 'uses', 'risk:vuln'), {
                     'doc': 'The tool uses the vulnerability.'}),
+                (('ou:technique', 'uses', 'risk:vuln'), {
+                    'doc': 'The technique uses the vulnerability.'}),
 
                 (('risk:attack', 'targets', 'ou:industry'), {
                     'doc': 'The attack targeted the industry.'}),
@@ -224,6 +247,15 @@ class RiskModule(s_module.CoreModule):
 
                 (('risk:extortion', 'leveraged', None), {
                     'doc': 'The extortion event was based on attacker access to the target node.'}),
+
+                (('meta:event', 'caused', 'risk:outage'), {
+                    'doc': 'The event caused the outage.'}),
+
+                (('risk:attack', 'caused', 'risk:outage'), {
+                    'doc': 'The attack caused the outage.'}),
+
+                (('risk:outage', 'impacted', None), {
+                    'doc': 'The outage event impacted the availability of the target node.'}),
             ),
             'forms': (
 
@@ -1025,6 +1057,39 @@ class RiskModule(s_module.CoreModule):
 
                 )),
 
+                ('risk:outage:type:taxonomy', {}, ()),
+                ('risk:outage:cause:taxonomy', {}, ()),
+                ('risk:outage', {}, (
+
+                    ('name', ('str', {'lower': True, 'onespace': True}), {
+                        'doc': 'A name for the outage event.'}),
+
+                    ('period', ('ival', {}), {
+                        'doc': 'The time period where the outage impacted availability.'}),
+
+                    ('type', ('risk:outage:type:taxonomy', {}), {
+                        'ex': 'service.power',
+                        'doc': 'The type of outage.'}),
+
+                    ('cause', ('risk:outage:cause:taxonomy', {}), {
+                        'ex': 'nature.earthquake',
+                        'doc': 'The outage cause type.'}),
+
+                    ('provider', ('ou:org', {}), {
+                        'doc': 'The organization which experienced the outage event.'}),
+
+                    ('provider:name', ('ou:name', {}), {
+                        'doc': 'The name of the organization which experienced the outage event.'}),
+
+                    ('reporter', ('ou:org', {}), {
+                        'doc': 'The organization reporting on the outage event.'}),
+
+                    ('reporter:name', ('ou:name', {}), {
+                        'doc': 'The name of the organization reporting on the outage event.'}),
+                )),
+
+                # TODO risk:outage:vitals to track outage stats over time
+
                 ('risk:extortion:type:taxonomy', {}, ()),
                 ('risk:extortion', {}, (
 

synapse/tests/test_cortex.py

@@ -5801,6 +5801,13 @@ class CortexBasicTest(s_t_utils.SynTest):
             # but getTypeNorm won't handle that
             await self.asyncraises(s_exc.NoSuchType, core.getTypeNorm('test:str:tick', '3001'))
 
+            # specify typeopts to getTypeNorm/getPropNorm
+            norm, info = await prox.getTypeNorm('array', ('  TIME   ', '   pass   ', '   the  '), {'uniq': True, 'sorted': True, 'type': 'str', 'typeopts': {'strip': True, 'lower': True}})
+            self.eq(norm, ('pass', 'the', 'time'))
+
+            norm, info = await prox.getPropNorm('test:comp', "1234:comedy", {'sepr': ':'})
+            self.eq(norm, (1234, "comedy"))
+
             # getTypeNorm can norm types which aren't defined as forms/props
             norm, info = await core.getTypeNorm('test:lower', 'ASDF')
             self.eq(norm, 'asdf')
@@ -6191,7 +6198,17 @@ class CortexBasicTest(s_t_utils.SynTest):
                 with self.raises(s_exc.DupEdgeType):
                     await core.addEdge(('test:int', '_goes', None), {})
 
+                await core.addType('_test:type', 'str', {}, {'interfaces': ['taxonomy']})
+                self.eq(['meta:taxonomy'], core.model.type('_test:type').info.get('interfaces'))
+
+                with self.raises(s_exc.NoSuchType):
+                    await core.addType('_test:newp', 'newp', {}, {})
+
+                with self.raises(s_exc.BadTypeDef):
+                    await core.addType('_test:newp', 'array', {'type': 'newp'}, {})
+
                 # manually edit in borked entries
+                core.exttypes.set('_type:bork', ('_type:bork', None, None, None))
                 core.extforms.set('_hehe:bork', ('_hehe:bork', None, None, None))
                 core.extedges.set(s_common.guid('newp'), ((None, '_does', 'newp'), {}))
 
@@ -6219,6 +6236,7 @@ class CortexBasicTest(s_t_utils.SynTest):
 
                 await core.nodes('._woot [ -._woot ]')
 
+                self.nn(core.model.type('_test:type'))
                 self.nn(core.model.prop('._woot'))
                 self.nn(core.model.prop('inet:ipv4._woot'))
                 self.nn(core.model.form('inet:ipv4').prop('._woot'))
@@ -6256,6 +6274,9 @@ class CortexBasicTest(s_t_utils.SynTest):
                 with self.raises(s_exc.NoSuchEdge):
                     await core.delEdge(('newp', 'newp', 'newp'))
 
+                with self.raises(s_exc.NoSuchType):
+                    await core.delType('_newp')
+
                 await core._delEdge(('newp', 'newp', 'newp'))
 
                 await core.nodes('_hehe:haha [ -:visi ]')

synapse/tests/test_lib_agenda.py

@@ -432,6 +432,19 @@ class AgendaTest(s_t_utils.SynTest):
 
                     self.eq(2, appt.startcount)
 
+                # Can't use an existing authgate iden
+                viewiden = core.getView().iden
+                cdef = {'creator': core.auth.rootuser.iden,
+                        'storm': '[test:str=bar]',
+                        'reqs': {'hour': 10},
+                        'incunit': 'dayofweek',
+                        'incvals': (2, 4),
+                        'iden': viewiden}
+                await self.asyncraises(s_exc.DupIden, core.addCronJob(cdef))
+                await core.delCronJob(viewiden)
+
+                self.nn(core.getAuthGate(viewiden))
+
     async def test_agenda_persistence(self):
         ''' Test we can make/change/delete appointments and they are persisted to storage '''
 

synapse/tests/test_lib_auth.py

@@ -31,6 +31,21 @@ class AuthTest(s_test.SynTest):
             with self.raises(s_exc.DupRoleName):
                 await auth.addRole('ninjas')
 
+            viewiden = core.getView().iden
+            with self.raises(s_exc.DupIden):
+                await auth.addUser('view', iden=viewiden)
+
+            with self.raises(s_exc.NoSuchUser):
+                await auth.delUser(viewiden)
+            self.nn(core.auth.getAuthGate(viewiden))
+
+            with self.raises(s_exc.DupIden):
+                await auth.addRole('view', iden=viewiden)
+
+            with self.raises(s_exc.NoSuchRole):
+                await auth.delRole(viewiden)
+            self.nn(core.auth.getAuthGate(viewiden))
+
             self.none(await auth._addUser(user.iden, 'visi@vertex.link'))
             self.none(await auth._addRole(user.iden, 'ninjas'))
 

synapse/tests/test_lib_cell.py

@@ -2993,7 +2993,7 @@ class CellTest(s_t_utils.SynTest):
                 self.eq('barprof', valu)
 
                 msgs = await core.stormlist('cron.list')
-                self.stormIsInPrint('visi       8437c35a', msgs)
+                self.stormIsInPrint(' visi                      8437c35a.. ', msgs)
                 self.stormIsInPrint('[tel:mob:telem=*]', msgs)
 
                 msgs = await core.stormlist('dmon.list')

synapse/tests/test_lib_httpapi.py

@@ -777,6 +777,12 @@ class HttpApiTest(s_tests.SynTest):
                     retn = await resp.json()
                     self.eq('MissingField', retn.get('code'))
 
+                body = {'prop': 'test:comp', 'value': '3^foobar', 'typeopts': {'sepr': '^'}}
+                async with sess.get(f'https://localhost:{port}/api/v1/model/norm', json=body) as resp:
+                    retn = await resp.json()
+                    self.eq('ok', retn.get('status'))
+                    self.eq([3, 'foobar'], retn['result']['norm'])
+
                 # Norm via POST
                 body = {'prop': 'inet:ipv4', 'value': '1.2.3.4'}
                 async with sess.post(f'https://localhost:{port}/api/v1/model/norm', json=body) as resp:

synapse/tests/test_lib_nexus.py

@@ -310,6 +310,32 @@ class NexusTest(s_t_utils.SynTest):
                         await cell01.sync()
                     self.isin(s_nexus.leaderversion, cell01.nexsroot.writeholds)
 
+                cell00.getCellInfo = getCellInfo
+
+                # test case where a mirror which is updated first may push events
+                # the leader does not yet have handlers for
+                async with await s_cell.Cell.anit(dirn=path) as cell01:
+                    cell01.nexsiden = 'newp'
+                    with self.raises(s_exc.NoSuchIden) as cm:
+                        await cell01.sync()
+                    self.eq(cm.exception.get('mesg'), 'No Nexus Pusher with iden newp.')
+
+                    self.none(await cell00.nexsroot.nexslog.last())
+                    self.none(await cell01.nexsroot.nexslog.last())
+
+                    cell01.nexsiden = cell00.nexsiden
+                    await cell01.sync()
+
+                    self.eq(0, (await cell00.nexsroot.nexslog.last())[0])
+                    self.eq(0, (await cell01.nexsroot.nexslog.last())[0])
+
+                    with self.raises(s_exc.NoSuchName) as cm:
+                        await cell01._push('newp')
+                    self.eq(cm.exception.get('mesg'), 'No Nexus handler for event newp.')
+
+                    self.eq(0, (await cell00.nexsroot.nexslog.last())[0])
+                    self.eq(0, (await cell01.nexsroot.nexslog.last())[0])
+
     async def test_mirror_nexus_loop_failure(self):
         with self.getTestDir() as dirn:
 

synapse/tests/test_lib_scrape.py

@@ -1,5 +1,7 @@
 from unittest import mock
 
+import regex
+
 import synapse.exc as s_exc
 
 import synapse.lib.scrape as s_scrape
@@ -889,14 +891,20 @@ class ScrapeTest(s_t_utils.SynTest):
         nodes.remove(('inet:url', 'smb://1:2:3:4:5:6:7:8/share'))
 
     async def test_scrape_async(self):
+        text = 'log4j vuln CVE-2021-44228 is pervasive'
+        ndefs = await s_t_utils.alist(s_scrape.scrapeAsync(text))
+        self.eq(ndefs, (('it:sec:cve', 'CVE-2021-44228'),))
 
-        with mock.patch('synapse.lib.scrape.SCRAPE_SPAWN_LENGTH', 0):
-            ndefs = await s_t_utils.alist(s_scrape.scrapeAsync('log4j vuln CVE-2021-44228 is pervasive'))
-            self.eq(ndefs, (('it:sec:cve', 'CVE-2021-44228'),))
+        regx = regex.compile('(?P<valu>CVE-[0-9]{4}-[0-9]{4,})(?:[^a-z0-9]|$)')
+        infos = s_scrape._genMatchList(text, regx, {})
+        self.eq(infos, [{'match': 'CVE-2021-44228', 'offset': 11, 'valu': 'CVE-2021-44228'}])
 
-            text = 'endashs are a vulnerability  CVE\u20132022\u20131138 '
-            infos = await s_t_utils.alist(s_scrape.contextScrapeAsync(text))
-            self.eq(infos, [{'match': 'CVE–2022–1138', 'offset': 29, 'valu': 'CVE-2022-1138', 'form': 'it:sec:cve'}])
+        text = 'endashs are a vulnerability  CVE\u20132022\u20131138 '
+        infos = await s_t_utils.alist(s_scrape.contextScrapeAsync(text))
+        self.eq(infos, [{'match': 'CVE–2022–1138', 'offset': 29, 'valu': 'CVE-2022-1138', 'form': 'it:sec:cve'}])
+
+        infos = s_scrape._contextScrapeList(text)
+        self.eq(infos, [{'match': 'CVE–2022–1138', 'offset': 29, 'valu': 'CVE-2022-1138', 'form': 'it:sec:cve'}])
 
     def test_scrape_sequential(self):
         md5 = ('a' * 32, 'b' * 32,)

synapse/tests/test_lib_storm.py

@@ -638,6 +638,8 @@ class StormTest(s_t_utils.SynTest):
             with self.raises(s_exc.NoSuchVar):
                 await core.nodes('background { $lib.print($foo) }')
 
+            await core.nodes('background ${ $foo=test $lib.print($foo) }')
+
             await core.nodes('background { $lib.time.sleep(4) }')
             task = await core.callStorm('for $t in $lib.ps.list() { if $t.info.background { return($t) } }')
             self.nn(task)
@@ -667,6 +669,9 @@ class StormTest(s_t_utils.SynTest):
             q = '[ inet:fqdn=www.vertex.link ] $q=:domain | parallel $q'
             await self.asyncraises(s_exc.StormRuntimeError, core.nodes(q))
 
+            nodes = await core.nodes('ou:org | parallel ${ $foo=bar [ :name=$foo ]}')
+            self.true(all([n.get('name') == 'bar' for n in nodes]))
+
             # test $lib.exit() and the StormExit handlers
             msgs = [m async for m in core.view.storm('$lib.exit()')]
             self.eq(msgs[-1][0], 'fini')
@@ -2137,6 +2142,49 @@ class StormTest(s_t_utils.SynTest):
             self.nn(bot.get('country::flag::md5'))
             self.eq(bot['country::flag::md5'][0], 'fa818a259cbed7ce8bc2a22d35a464fc')
 
+            await core.nodes('''
+                [( risk:vulnerable=*
+                    :mitigated=true
+                    :node={ [ it:prod:hardware=* :name=foohw ] return($node.ndef()) }
+                    :vuln={[ risk:vuln=* :name=barvuln ]}
+                    +#test
+                )]
+                [( inet:service:rule=*
+                    :object={ risk:vulnerable#test return($node.ndef()) }
+                    :grantee={ [ inet:service:account=* :id=foocon ] return($node.ndef()) }
+                    +#test
+                )]
+            ''')
+
+            opts = {
+                'embeds': {
+                    'risk:vulnerable': {
+                        'vuln': ['name'],
+                        'node': ['name'],
+                    },
+                    'inet:service:rule': {
+                        'object': ['mitigated', 'newp'],
+                        'object::node': ['name', 'newp'],
+                        'grantee': ['id', 'newp'],
+                    }
+                }
+            }
+            msgs = await core.stormlist('inet:service:rule#test :object -+> risk:vulnerable', opts=opts)
+            nodes = sorted([m[1] for m in msgs if m[0] == 'node'], key=lambda p: p[0][0])
+            self.eq(['inet:service:rule', 'risk:vulnerable'], [n[0][0] for n in nodes])
+
+            embeds = nodes[0][1]['embeds']
+            self.eq(1, embeds['object']['mitigated'])
+            self.eq(None, embeds['object']['newp'])
+            self.eq('foohw', embeds['object::node']['name'])
+            self.eq(None, embeds['object::node']['newp'])
+            self.eq('foocon', embeds['grantee']['id'])
+            self.eq(None, embeds['grantee']['newp'])
+
+            embeds = nodes[1][1]['embeds']
+            self.eq('barvuln', embeds['vuln']['name'])
+            self.eq('foohw', embeds['node']['name'])
+
     async def test_storm_wget(self):
 
         async def _getRespFromSha(core, mesgs):

synapse/tests/test_lib_stormlib_modelext.py

@@ -25,6 +25,13 @@ class StormtypesModelextTest(s_test.SynTest):
 
                 $edgeinfo = ({"doc": "A test edge."})
                 $lib.model.ext.addEdge(inet:user, _copies, *, $edgeinfo)
+
+                $typeopts = ({"lower": true, "onespace": true})
+                $typeinfo = ({"doc": "A test type doc."})
+                $forminfo = ({"doc": "A test type form doc."})
+                $lib.model.ext.addType(_test:type, str, $typeopts, $typeinfo)
+                $lib.model.ext.addForm(_test:typeform, _test:type, ({}), $forminfo)
+                $lib.model.ext.addForm(_test:typearry, array, ({"type": "_test:type"}), $forminfo)
             ''')
 
             nodes = await core.nodes('[ _visi:int=10 :tick=20210101 ._woot=30 +#lol:score=99 ]')
@@ -39,6 +46,18 @@ class StormtypesModelextTest(s_test.SynTest):
             self.eq(nodes[0].ndef, ('test:int', 1234))
             self.eq(nodes[0].get('_tick'), 1609459200000)
 
+            nodes = await core.nodes('[_test:typeform="  FoO BaR  "]')
+            self.len(1, nodes)
+            self.eq(nodes[0].ndef, ('_test:typeform', 'foo bar'))
+
+            with self.raises(s_exc.DupTypeName):
+                q = '$lib.model.ext.addType(_test:type, str, ({}), ({}))'
+                await core.callStorm(q)
+
+            with self.raises(s_exc.DupTypeName):
+                q = '$lib.model.ext.addForm(_test:type, str, ({}), ({}))'
+                await core.callStorm(q)
+
             with self.raises(s_exc.DupPropName):
                 q = '''$lib.model.ext.addFormProp(_visi:int, tick, (time, ({})), ({}))'''
                 await core.callStorm(q)
@@ -69,7 +88,7 @@ class StormtypesModelextTest(s_test.SynTest):
             await core._delAllTagProp('score', {})
             self.len(0, await core.nodes('#lol:score'))
 
-            await core.callStorm('_visi:int=10 test:int=1234 | delnode')
+            await core.callStorm('_visi:int=10 test:int=1234 _test:typeform | delnode')
             await core.callStorm('''
                 $lib.model.ext.delTagProp(score, force=(true))
                 $lib.model.ext.delUnivProp(_woot, force=(true))
@@ -79,6 +98,22 @@ class StormtypesModelextTest(s_test.SynTest):
                 $lib.model.ext.delEdge(inet:user, _copies, *)
             ''')
 
+            with self.raises(s_exc.CantDelType) as cm:
+                await core.callStorm('$lib.model.ext.delType(_test:type)')
+            self.isin('still in use by other types', cm.exception.get('mesg'))
+
+            await core.callStorm('$lib.model.ext.delForm(_test:typeform)')
+
+            with self.raises(s_exc.CantDelType) as cm:
+                await core.callStorm('$lib.model.ext.delType(_test:type)')
+            self.isin('still in use by array types', cm.exception.get('mesg'))
+
+            await core.callStorm('$lib.model.ext.delForm(_test:typearry)')
+            await core.callStorm('$lib.model.ext.delType(_test:type)')
+
+            self.none(core.model.type('_test:type'))
+            self.none(core.model.form('_test:typeform'))
+            self.none(core.model.form('_test:typearry'))
             self.none(core.model.form('_visi:int'))
             self.none(core.model.prop('._woot'))
             self.none(core.model.prop('_visi:int:tick'))
@@ -100,6 +135,14 @@ class StormtypesModelextTest(s_test.SynTest):
             q = '''$lib.model.ext.addTagProp(some:_score, (int, ({})), ({}))'''
             self.none(await core.callStorm(q))
 
+            with self.raises(s_exc.BadTypeDef):
+                q = '$lib.model.ext.addType(test:type, str, ({}), ({}))'
+                await core.callStorm(q)
+
+            with self.raises(s_exc.BadTypeDef):
+                q = '$lib.model.ext.delType(test:type)'
+                await core.callStorm(q)
+
             with self.raises(s_exc.BadPropDef):
                 q = '''$l =$lib.list('str', ({})) $d=({"doc": "Foo"})
                 $lib.model.ext.addFormProp('test:str', '_test:_my^prop', $l, $d)
@@ -158,6 +201,18 @@ class StormtypesModelextTest(s_test.SynTest):
                     $lib.model.ext.addForm(_visi:int, int, $typeinfo, $forminfo)
                 ''', opts=opts)
 
+            with self.raises(s_exc.AuthDeny) as cm:
+                await core.callStorm('''
+                    $lib.model.ext.addType(_test:type, str, ({}), ({}))
+                ''', opts=opts)
+            self.isin('permission model.type.add._test:type', cm.exception.get('mesg'))
+
+            with self.raises(s_exc.AuthDeny) as cm:
+                await core.callStorm('''
+                    $lib.model.ext.delType(_test:type)
+                ''', opts=opts)
+            self.isin('permission model.type.del._test:type', cm.exception.get('mesg'))
+
             with self.raises(s_exc.AuthDeny):
                 await core.callStorm('''
                     $propinfo = ({"doc": "A test prop doc."})
@@ -206,6 +261,10 @@ class StormtypesModelextTest(s_test.SynTest):
         # Add props which conflict with what was previously dumped
         async with self.getTestCore() as core:
             await core.callStorm('''
+                $typeopts = ({"lower": true})
+                $typeinfo = ({"doc": "A test type doc."})
+                $lib.model.ext.addType(_test:type, str, $typeopts, $typeinfo)
+
                 $typeinfo = ({})
                 $forminfo = ({"doc": "NEWP"})
                 $lib.model.ext.addForm(_visi:int, int, $typeinfo, $forminfo)
@@ -226,6 +285,11 @@ class StormtypesModelextTest(s_test.SynTest):
                 $lib.model.ext.addEdge(inet:user, _copies, *, $edgeinfo)
             ''')
 
+            q = '''return ($lib.model.ext.addExtModel($model_defs))'''
+            with self.raises(s_exc.BadTypeDef) as cm:
+                opts = {'vars': {'model_defs': {'types': model_defs['types']}}}
+                await core.callStorm(q, opts)
+
             q = '''return ($lib.model.ext.addExtModel($model_defs))'''
             with self.raises(s_exc.BadFormDef) as cm:
                 opts = {'vars': {'model_defs': {'forms': model_defs['forms']}}}
@@ -255,6 +319,9 @@ class StormtypesModelextTest(s_test.SynTest):
         async with self.getTestCore() as core:
             opts = {'vars': {'model_defs': model_defs}}
             q = '''
+            for ($name, $type, $opts, $info) in $model_defs.types {
+                $lib.model.ext.addType($name, $type, $opts, $info)
+            }
             for ($name, $type, $opts, $info) in $model_defs.forms {
                 $lib.model.ext.addForm($name, $type, $opts, $info)
             }
@@ -473,6 +540,14 @@ class StormtypesModelextTest(s_test.SynTest):
                 '$lib.model.ext.addForm(inet:fqdn, _foo:bar, ({}), ())',
                 'Form type info should be a dict.'
             ),
+            (
+                '$lib.model.ext.addType(_test:type, str, (guid, ()), ())',
+                'Type options should be a dict.'
+            ),
+            (
+                '$lib.model.ext.addType(_test:type, str, ({}), ())',
+                'Type info should be a dict.'
+            ),
             (
                 '$lib.model.ext.addFormProp(inet:fqdn, _foo:bar, ({}), ())',
                 'Form property type definitions should be a tuple.'

synapse/tests/test_lib_stormlib_scrape.py

@@ -105,14 +105,6 @@ class StormScrapeTest(s_test.SynTest):
             self.stormIsInPrint('inet:url=https://giggles.com/mallory.html', msgs)
             self.stormIsInPrint("'match': 'hzzps[:]\\\\giggles.com/mallory.html'", msgs)
 
-            with mock.patch('synapse.lib.scrape.SCRAPE_SPAWN_LENGTH', 0):
-                msgs = await core.stormlist(q, opts={'vars': {'text': text}})
-                self.stormIsInPrint('ps:name=alice', msgs)
-                self.stormIsInPrint('inet:fqdn=foo.bar.com', msgs)
-                self.stormIsInPrint('inet:url=https://1.2.3.4/alice.html', msgs)
-                self.stormIsInPrint('inet:url=https://giggles.com/mallory.html', msgs)
-                self.stormIsInPrint("'match': 'hzzps[:]\\\\giggles.com/mallory.html'", msgs)
-
             cq = '''$ret=$lib.list()
             for ($form, $valu) in $lib.scrape.ndefs($text) {
                 $ret.append(($form, $valu))

synapse/tests/test_lib_stormtypes.py

@@ -2342,7 +2342,7 @@ class StormTypesTest(s_test.SynTest):
                 path = pode[1]['path']
                 self.len(1, path)
                 key = list(path.keys())[0]
-                self.true(key.startswith("Node{(('inet:fqdn', 'vertex.link'), {'iden':"))
+                self.true(key.startswith('vertex.link'))
                 self.eq(('foo', 'bar'), path[key])
 
                 q = '''

synapse/tests/test_lib_trigger.py

@@ -264,6 +264,14 @@ class TrigTest(s_t_utils.SynTest):
                 await view.addTrigger(tdef)
             self.eq(pdef0.get('storm'), (await view.getTrigger(iden)).tdef.get('storm'))
 
+            with self.raises(s_exc.DupIden):
+                tdef = {'cond': 'node:add', 'storm': '[ +#dupiden ]', 'form': 'test:int', 'iden': view.iden}
+                await view.addTrigger(tdef)
+
+            with self.raises(s_exc.NoSuchIden):
+                await view.delTrigger(view.iden)
+            self.nn(core.auth.getAuthGate(view.iden))
+
             # Bad trigger parms
             with self.raises(s_exc.SchemaViolation):
                 await view.addTrigger({'cond': 'nocond', 'storm': 'test:int=4', 'form': 'test:str'})