From 9cbf03756ede0f67ca2c7721e22849f5728927ad Mon Sep 17 00:00:00 2001
From: shabina-metron <shabina@metronlabs.com>
Date: Wed, 12 Feb 2025 11:52:01 +0530
Subject: [PATCH] update unit test coverage

---
 .../Integrations/Cybereason/Cybereason.py     | 31 +++++++------------
 .../Cybereason/Cybereason_test.py             | 18 +++++------
 2 files changed, 19 insertions(+), 30 deletions(-)

diff --git a/Packs/Cybereason/Integrations/Cybereason/Cybereason.py b/Packs/Cybereason/Integrations/Cybereason/Cybereason.py
index dd8f7ccab9e3..a3d3dc1afbca 100644
--- a/Packs/Cybereason/Integrations/Cybereason/Cybereason.py
+++ b/Packs/Cybereason/Integrations/Cybereason/Cybereason.py
@@ -1587,17 +1587,9 @@ def fetch_incidents(client: Client):
     max_update_time = int(last_update_time)
 
     if FETCH_BY == 'MALOP UPDATE TIME':
-        filters = [{
-            'facetName': 'malopLastUpdateTime',
-            'values': [last_update_time],
-            'filterType': 'GreaterThan'
-        }]
+        pass
     elif FETCH_BY == 'MALOP CREATION TIME':
-        filters = [{
-            'facetName': 'creationTime',
-            'values': [last_update_time],
-            'filterType': 'GreaterThan'
-        }]
+        pass
     else:
         raise Exception('Given filter to fetch by is invalid.')
 
@@ -1619,13 +1611,13 @@ def fetch_incidents(client: Client):
         offset = 0
     if not total_malops_fetched:
         total_malops_fetched = 0
-    
+
     malop_management_response = get_malop_management_data(client, start_time, end_time, offset)
     demisto.info(f"mmng/v2 response: {malop_management_response}")
-    demisto.debug((
-    f"Polling starts. total_malops_fetched: {total_malops_fetched} "
-    f"offset: {offset} start_time: {start_time} end_time: {end_time}"
-    ))
+    demisto.debug(
+        f"Polling starts. total_malops_fetched: {total_malops_fetched} "
+        f"offset: {offset} start_time: {start_time} end_time: {end_time}"
+    )
 
     edr_guid_list, non_edr_guid_list = [], []
     total_malops_available = malop_management_response["data"]["totalHits"]
@@ -1713,11 +1705,10 @@ def fetch_incidents(client: Client):
     integration_context['offset'] = offset
     set_integration_context(integration_context)
     demisto.debug("Saved integration context data for mmng/v2")
-    demisto.debug((
-    f"Polling ends. total_malops_available: {total_malops_available} "
-    f"total_malops_fetched: {total_malops_fetched} offset: {offset}"
-    ))
-
+    demisto.debug(
+        f"Polling ends. total_malops_available: {total_malops_available} "
+        f"total_malops_fetched: {total_malops_fetched} offset: {offset}"
+    )
 
 
 def login(client: Client):
diff --git a/Packs/Cybereason/Integrations/Cybereason/Cybereason_test.py b/Packs/Cybereason/Integrations/Cybereason/Cybereason_test.py
index 9d3fea6e3fc5..09ce3515432b 100644
--- a/Packs/Cybereason/Integrations/Cybereason/Cybereason_test.py
+++ b/Packs/Cybereason/Integrations/Cybereason/Cybereason_test.py
@@ -250,7 +250,7 @@ def test_unisolate_machine_command(mocker):
 
 
 def test_get_non_edr_malop_data(mocker):
-    from Cybereason import get_non_edr_malop_data
+    from Cybereason import get_detection_details
     from Cybereason import Client
     HEADERS = {'Content-Type': 'application/json', 'Connection': 'close'}
     client = Client(
@@ -259,12 +259,12 @@ def test_get_non_edr_malop_data(mocker):
         headers=HEADERS,
         proxy=True)
     args = {
-        "lastUpdateTime": 1672848355574
+        "malopGuid": "AAAA0yUlnvXGQODT"
     }
     raw_response = json.loads(load_mock_response('malop_detection_data.json'))
     mocker.patch("Cybereason.Client.cybereason_api_call", return_value=raw_response)
-    command_output = get_non_edr_malop_data(client, args)
-    assert command_output[0]['guid'] == 'AAAA0yUlnvXGQODT'
+    command_output = get_detection_details(client, args)
+    assert command_output['malops'][0]['guid'] == 'AAAA0yUlnvXGQODT'
 
 
 def test_query_malops_command(mocker):
@@ -774,12 +774,10 @@ def test_fetch_incidents(mocker):
         headers=HEADERS,
         proxy=True)
 
-    raw_response = json.loads(load_mock_response('query_malop_raw_response.json'))
-    mocker.patch("Cybereason.query_malops", return_value=(raw_response, {}))
-    raw_response = json.loads(load_mock_response('non_edr.json'))
-    mocker.patch("Cybereason.get_non_edr_malop_data", return_value=(raw_response, {}))
-    raw_response = json.loads(load_mock_response('malop_to_incident.json'))
-    mocker.patch("Cybereason.malop_to_incident", return_value=(raw_response, {}))
+    raw_response = json.loads(load_mock_response('query_malop_management_raw_response.json'))
+    mocker.patch("Cybereason.get_malop_management_data", return_value=raw_response)
+    malop_process_raw_response = json.loads(load_mock_response('query_malop_raw_response.json'))
+    mocker.patch("Cybereason.Client.cybereason_api_call", return_value=malop_process_raw_response)
 
     command_output = fetch_incidents(client)
     command_output = str(command_output)