diff options
| author | Victor Näslund <victor@sunet.se> | 2022-11-19 19:06:38 +0100 |
|---|---|---|
| committer | Victor Näslund <victor@sunet.se> | 2022-11-19 19:06:38 +0100 |
| commit | ed22012bf1dfce0d9ab925d39e9eafd0f941f960 (patch) | |
| tree | 4e62a679db31f3f45f67499a46723d00cc9f01ef /src/soc_collector/schema.py | |
| parent | 220653827c2df98cdbc8e94423e549edb4231d2f (diff) | |
Updated schema with tags and better logic for the 'result' tag, lets force descriptionvictor_updates
Diffstat (limited to 'src/soc_collector/schema.py')
| -rw-r--r-- | src/soc_collector/schema.py | 57 |
1 files changed, 32 insertions, 25 deletions
diff --git a/src/soc_collector/schema.py b/src/soc_collector/schema.py index 2c2dfb9..7688631 100644 --- a/src/soc_collector/schema.py +++ b/src/soc_collector/schema.py @@ -1,6 +1,10 @@ """Our schema module""" from typing import Any, Dict, Optional, Union -import jsonschema +from jsonschema.exceptions import ValidationError + +# docker-compose require jsonschema < 4 so use Draft7 for now +from jsonschema.validators import Draft7Validator + from bson import ObjectId from bson.errors import InvalidId @@ -8,12 +12,19 @@ from bson.errors import InvalidId # NOTE: Commented out properties are left intentionally, so it is easier to see # what properties are optional. schema = { - "$schema": "http://json-schema.org/schema#", + "$schema": "https://json-schema.org/draft-07/schema#", "type": "object", "properties": { - "document_version": {"type": "integer"}, + "document_version": {"type": "integer", "minimum": 2}, + "tags": { + "type": "array", + "uniqueItems": True, + "items": {"type": "string", "enum": ["dev", "display", "hide", "notify"]}, + "minItems": 1, + "maxItems": 3 # hide is incompatible with notify and/or display + }, "ip": {"type": "string"}, - "port": {"type": "integer"}, + "port": {"type": "integer", "minimum": 1, "maximum": 65535}, "whois_description": {"type": "string"}, "asn": {"type": "string"}, "asn_country_code": {"type": "string"}, @@ -50,34 +61,29 @@ schema = { "display_name": {"type": "string"}, "vulnerable": {"type": "boolean"}, "investigation_needed": {"type": "boolean"}, - "reliability": {"type": "integer"}, + "reliability": {"type": "integer", "minimum": 1, "maximum": 5}, + "severity": {"type": "integer", "minimum": 1, "maximum": 5}, "description": {"type": "string"}, }, "oneOf": [ { - "required": [ - "display_name", - "vulnerable", - # "reliability", # TODO: reliability is required if vulnerable = true - # "description", - ] + "properties": {"investigation_needed": {"const": True}}, + "required": ["display_name", "investigation_needed", "description"] }, { - "required": - [ - "display_name", - "investigation_needed", - # "reliability", # TODO: reliability is required if investigation_needed = true - # "description", - ] - }, + "properties": {"vulnerable": {"type": "boolean"}}, + "if": {"properties": {"vulnerable": {"const": True}}}, + "then": {"required": ["display_name", "vulnerable", "reliability", "severity", "description"]}, + "else": {"required": ["display_name", "vulnerable"]} + } ] - }, - }, - }, + } + } + } }, "required": [ "document_version", + "tags", "ip", "port", "whois_description", @@ -88,9 +94,9 @@ schema = { "domain", "timestamp", "display_name", + "result" # "description", # "custom_data", - "result", ], } @@ -103,8 +109,9 @@ def valid_schema(json_data: Dict[str, Any]) -> bool: """ try: - jsonschema.validate(json_data, schema, format_checker=jsonschema.FormatChecker()) - except jsonschema.exceptions.ValidationError as exc: + # docker-compose require jsonschema < 4 so use Draft7 for now + Draft7Validator(schema).validate(json_data) + except ValidationError as exc: print(f"Validation failed with error: {exc.message}") return False return True |