From 1b0e5bba3a9b120bd9e6c60dd1ebd74336d39660 Mon Sep 17 00:00:00 2001 From: Cecilia Stevens <63068179+ceciliastevens@users.noreply.github.com> Date: Thu, 23 Apr 2026 08:04:10 -0400 Subject: [PATCH 1/3] INTEG-3159 - add new trust features --- CHANGELOG.md | 4 +- docs/sdk/enums.md | 26 ++++ src/_incydr_cli/cmds/trusted_activities.py | 74 ++++++++-- src/_incydr_sdk/enums/trusted_activities.py | 22 +++ src/_incydr_sdk/trusted_activities/client.py | 33 ++++- src/_incydr_sdk/trusted_activities/models.py | 1 + tests/test_trusted_activities.py | 148 +++++++++++++++++++ 7 files changed, 294 insertions(+), 14 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 44b06a1c..12d6be7f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -16,7 +16,9 @@ - Added the `GroupingEventQuery` class, used to make these queries. - Added the cli command `incydr file-events search-groups` to get approximate aggregate file event counts by a given grouping term. - Added the `type` parameter to session search methods and commands, allowing users to filter results to STANDARD or ACCOUNT_TAKE_OVER. - +- Added the `is_high_value` option to trusted activity methods in the SDK, and the `--high-value` option to trusted activity methods in the CLI. +- Added the ability to specify domain trust for browser destinations, allowing users to specify when users should be allowed to use certain destinations when logged-in using a trusted domain. +- Added the ability to specify trust for file-transfer tools when adding a trusted domain. ## 2.11.0 - 2026-02-10 diff --git a/docs/sdk/enums.md b/docs/sdk/enums.md index fce7e7ff..105969e4 100644 --- a/docs/sdk/enums.md +++ b/docs/sdk/enums.md @@ -604,6 +604,8 @@ Devices has been replaced by [Agents](#agents) * **FILE_UPLOAD** = `"FILE_UPLOAD"` * **GIT_PUSH** = `"GIT_PUSH"` * **GIT_REPOSITORY_URI** = `"GIT_REPOSITORY_URI"` +* **USER_ACCOUNT_UPLOAD** = `"USER_ACCOUNT_UPLOAD"` +* **FILE_TRANSFER** = `"FILE_TRANSFER"` ### Cloud Sync Apps @@ -631,6 +633,30 @@ Devices has been replaced by [Agents](#agents) * **GMAIL** = `"GMAIL"` * **OFFICE_365** = `"OFFICE_365"` +* **GOOGLE_DRIVE** = `"GOOGLE_DRIVE"` + + +### Browser Destinations + +::: incydr.enums.trusted_activities.BrowserDestination + :docstring: + +* **AIRTABLE** = `"AIRTABLE"` +* **AMAZON_WEB_SERVICES** = `"AMAZON_WEB_SERVICES"` +* **BLACKBOX** = `"BLACKBOX"` +* **BOX** = `"BOX"` +* **CHATGPT** = `"CHATGPT"` +* **CLAUDE** = `"CLAUDE"` +* **CONCUR** = `"CONCUR"` +* **CURSOR** = `"CURSOR"` +* **DROPBOX** = `"DROPBOX"` +* **GOOGLE_WORKSPACE** = `"GOOGLE_WORKSPACE"` +* **MICROSOFT_365** = `"MICROSOFT_365"` +* **NOTTA** = `"NOTTA"` +* **OTTER** = `"OTTER"` +* **PERPLEXITY** = `"PERPLEXITY"` +* **SLACK** = `"SLACK"` +* **YOU_DOT_COM** = `"YOU_DOT_COM"` ### Principal Types diff --git a/src/_incydr_cli/cmds/trusted_activities.py b/src/_incydr_cli/cmds/trusted_activities.py index fbdbaec4..b6106cb0 100644 --- a/src/_incydr_cli/cmds/trusted_activities.py +++ b/src/_incydr_cli/cmds/trusted_activities.py @@ -13,10 +13,21 @@ from _incydr_cli.core import IncydrGroup from _incydr_sdk.core.client import Client from _incydr_sdk.enums.trusted_activities import ActivityType +from _incydr_sdk.enums.trusted_activities import BrowserDestination +from _incydr_sdk.enums.trusted_activities import CloudShareApps +from _incydr_sdk.enums.trusted_activities import CloudSyncApps +from _incydr_sdk.enums.trusted_activities import EmailServices from _incydr_sdk.trusted_activities.client import MissingActivityActionGroupsError from _incydr_sdk.trusted_activities.models import TrustedActivity from _incydr_sdk.utils import model_as_card +high_value_option = click.option( + "--high-value", + is_flag=True, + default=False, + help="Indicate that this resource is a high-value source.", +) + @click.group(cls=IncydrGroup) @logging_options @@ -150,6 +161,12 @@ def add(): default=False, help="Trust file upload events to where the tab URL or title includes this domain.", ) +@click.option( + "--file-transfer", + is_flag=True, + default=False, + help="Trust file upload events to this domain using file transfer tools.", +) @click.option( "--git-push", is_flag=True, @@ -159,7 +176,7 @@ def add(): @click.option( "--cloud-sync", "cloud_sync_services", - type=click.Choice(["BOX", "GOOGLE_DRIVE", "ICLOUD", "ONE_DRIVE"]), + type=click.Choice([x.value for x in CloudSyncApps]), default=[], help="Specify which cloud sync service(s) to trust.", multiple=True, @@ -167,7 +184,7 @@ def add(): @click.option( "--cloud-share", "cloud_share_services", - type=click.Choice(["BOX", "GOOGLE_DRIVE", "ONE_DRIVE"]), + type=click.Choice([x.value for x in CloudShareApps]), default=[], help="Specify which cloud share service(s) to trust.", multiple=True, @@ -175,21 +192,33 @@ def add(): @click.option( "--email-share", "email_share_services", - type=click.Choice(["GMAIL", "MICROSOFT_365"]), + type=click.Choice([x.value for x in EmailServices]), default=[], help="Specify which email share service(s) to trust.", multiple=True, ) +@click.option( + "--browser-destination", + "browser_destinations", + type=click.Choice([x.value for x in BrowserDestination]), + default=[], + help="Specify which browser destinations to trust when users are logged in with this domain.", + multiple=True, +) +@high_value_option @single_format_option @logging_options def domain_( domain: str, description: str = None, file_upload: bool = False, + file_transfer: bool = False, git_push: bool = False, cloud_sync_services: str = None, cloud_share_services: str = None, email_share_services: str = None, + browser_destinations: str = None, + high_value: bool = None, format_: SingleFormat = None, ): """ @@ -198,19 +227,23 @@ def domain_( The following activities can be configured: * `--file-upload` - Trust file uploads to this domain. Defaults to false. + * `--file-transfer` - Trust file uploads to this domain using file transfer tools. Defaults to false. * `--git-push` - Trust git push events to this domain. Defaults to false. - * `--cloud-sync-services` [`BOX|GOOGLE_DRIVE|ICLOUD|ONE_DRIVE`] - Trust cloud sync activity from the specified service(s) if the username signed into the sync app is on this domain. + * `--cloud-sync` [`BOX|GOOGLE_DRIVE|ICLOUD|ONE_DRIVE`] - Trust cloud sync activity from the specified service(s) if the username signed into the sync app is on this domain. If you want to only trust activity for a specific corporate account, add a trusted account name instead. - * `--cloud-share-services` [`BOX|GOOGLE_DRIVE|ONE_DRIVE`] - Trust cloud share activity from the specified service(s) if the user its shared with is on this domain. + * `--cloud-share` [`BOX|GOOGLE_DRIVE|ONE_DRIVE`] - Trust cloud share activity from the specified service(s) if the user its shared with is on this domain. You must have a cloud connector configured for your tenant to support this trusted action. - * `--email-share-services` [`GMAIL|MICROSOFT_365`] - Trust email share activity from the specified service(s) if the email recipient is on this domain. + * `--email-share` [`GMAIL|OFFICE_365|GOOGLE_DRIVE`] - Trust email share activity from the specified service(s) if the email recipient is on this domain. You must have an email connector configured for your tenant to support this trusted action. + * `--browser-destination` [`AIRTABLE|AMAZON_WEB_SERVICES|BLACKBOX|BOX|CHATGPT|CLAUDE|CONCUR|CURSOR|DROPBOX|GOOGLE_WORKSPACE|MICROSOFT_365|NOTTA|OTTER|PERPLEXITY|SLACK|YOU_DOT_COM`] + Trust these destinations when users log in using this configured domain. + * `--high-value` - Indicate that this domain is a high value source. - Multiple options can be supplied to specify cloud-share, cloud-sync, and email-share services. + Multiple options can be supplied to specify cloud-share, cloud-sync, email-share services, and browser-destinations. For example, the following command will create a trusted domain that trusts file-uploads to the domain and cloud sync events from `BOX` and `ICLOUD`. - trusted-activities add domain --file-upload --cloud-sync-services BOX --cloud-sync-services ICLOUD + trusted-activities add domain --file-upload --cloud-sync BOX --cloud-sync ICLOUD """ client = Client() @@ -223,6 +256,9 @@ def domain_( cloud_sync_services=cloud_sync_services, cloud_share_services=cloud_share_services, email_share_services=email_share_services, + file_transfer_tools=file_transfer, + browser_destinations=browser_destinations, + is_high_value=high_value, ) except MissingActivityActionGroupsError: raise click.UsageError( @@ -234,29 +270,35 @@ def domain_( @add.command("url-path", cls=IncydrCommand) @click.argument("url_path") @click.option("--description", default=None, help="Optional description.") +@high_value_option @single_format_option @logging_options def url_path_( url_path: str, description: str = None, + high_value: bool = False, format_: SingleFormat = None, ): """ Trust browser uploads to only part of a domain by trusting a specific `URL_PATH` (ex: `my-domain.com/path`). """ client = Client() - activity = client.trusted_activities.v2.add_url_path(url_path, description) + activity = client.trusted_activities.v2.add_url_path( + url_path, description, is_high_value=high_value + ) _output_trusted_activity(activity, format_, client.settings.use_rich) @add.command(cls=IncydrCommand) @click.argument("workspace_name") @click.option("--description", default=None, help="Optional description.") +@high_value_option @single_format_option @logging_options def slack_workspace( workspace_name: str, description: str = None, + high_value: bool = False, format_: SingleFormat = None, ): """ @@ -264,7 +306,7 @@ def slack_workspace( """ client = Client() activity = client.trusted_activities.v2.add_slack_workspace( - workspace_name, description=description + workspace_name, description=description, is_high_value=high_value ) _output_trusted_activity(activity, format_, client.settings.use_rich) @@ -284,6 +326,7 @@ def slack_workspace( default=False, help="Trust OneDrive as a cloud sync service.", ) +@high_value_option @single_format_option @logging_options def account( @@ -291,6 +334,7 @@ def account( description: str = None, dropbox: bool = False, one_drive: bool = False, + high_value: bool = False, format_: SingleFormat = None, ): """ @@ -300,7 +344,11 @@ def account( """ client = Client() activity = client.trusted_activities.v2.add_account_name( - account_name, description=description, dropbox=dropbox, one_drive=one_drive + account_name, + description=description, + dropbox=dropbox, + one_drive=one_drive, + is_high_value=high_value, ) _output_trusted_activity(activity, format_, client.settings.use_rich) @@ -308,11 +356,13 @@ def account( @add.command(cls=IncydrCommand) @click.argument("git_uri") @click.option("--description", default=None, help="Optional description.") +@high_value_option @single_format_option @logging_options def git_repo( git_uri: str, description: str = None, + high_value: bool = False, format_: SingleFormat = None, ): """ @@ -320,7 +370,7 @@ def git_repo( """ client = Client() activity = client.trusted_activities.v2.add_git_repository( - git_uri, description=description + git_uri, description=description, is_high_value=high_value ) _output_trusted_activity(activity, format_, client.settings.use_rich) diff --git a/src/_incydr_sdk/enums/trusted_activities.py b/src/_incydr_sdk/enums/trusted_activities.py index a0241529..dde07e05 100644 --- a/src/_incydr_sdk/enums/trusted_activities.py +++ b/src/_incydr_sdk/enums/trusted_activities.py @@ -12,6 +12,8 @@ class ActivityType(_Enum): FILE_UPLOAD = "FILE_UPLOAD" GIT_PUSH = "GIT_PUSH" GIT_REPOSITORY_URI = "GIT_REPOSITORY_URI" + USER_ACCOUNT_UPLOAD = "USER_ACCOUNT_UPLOAD" + FILE_TRANSFER = "FILE_TRANSFER" class CloudSyncApps(_Enum): @@ -28,6 +30,7 @@ class CloudShareApps(_Enum): class EmailServices(_Enum): + GOOGLE_DRIVE = "GOOGLE_DRIVE" GMAIL = "GMAIL" OFFICE_365 = "OFFICE_365" @@ -57,3 +60,22 @@ class SortKeys(_Enum): UPDATED_BY_PRINCIPAL_NAME = "UPDATED_BY_PRINCIPAL_NAME" UPDATE_TIME = "UPDATE_TIME" VALUE = "VALUE" + + +class BrowserDestination(_Enum): + AIRTABLE = "AIRTABLE" + AMAZON_WEB_SERVICES = "AMAZON_WEB_SERVICES" + BLACKBOX = "BLACKBOX" + BOX = "BOX" + CHATGPT = "CHATGPT" + CLAUDE = "CLAUDE" + CONCUR = "CONCUR" + CURSOR = "CURSOR" + DROPBOX = "DROPBOX" + GOOGLE_WORKSPACE = "GOOGLE_WORKSPACE" + MICROSOFT_365 = "MICROSOFT_365" + NOTTA = "NOTTA" + OTTER = "OTTER" + PERPLEXITY = "PERPLEXITY" + SLACK = "SLACK" + YOU_DOT_COM = "YOU_DOT_COM" diff --git a/src/_incydr_sdk/trusted_activities/client.py b/src/_incydr_sdk/trusted_activities/client.py index d147b596..e56b35c2 100644 --- a/src/_incydr_sdk/trusted_activities/client.py +++ b/src/_incydr_sdk/trusted_activities/client.py @@ -6,6 +6,7 @@ from _incydr_sdk.enums import SortDirection from _incydr_sdk.enums.trusted_activities import ActivityType +from _incydr_sdk.enums.trusted_activities import BrowserDestination from _incydr_sdk.enums.trusted_activities import CloudShareApps from _incydr_sdk.enums.trusted_activities import CloudSyncApps from _incydr_sdk.enums.trusted_activities import EmailServices @@ -124,6 +125,9 @@ def add_domain( cloud_share_services: List[CloudShareApps] = None, email_share_services: List[EmailServices] = None, git_push: bool = None, + browser_destinations: List[BrowserDestination] = None, + file_transfer_tools: bool = None, + is_high_value: bool = None, ) -> TrustedActivity: """ Trust activity across an entire domain. @@ -140,9 +144,14 @@ def add_domain( Supported cloud storage services for file sharing are `BOX`, `GOOGLE_DRIVE` and/or `ONE_DRIVE`. You must have a cloud connector configured for your tenant to support this trusted action. * **email_share_services**: `List[EmailServices]` - Activity is trusted if the email recipient is on this domain. - Supported email services are `GMAIL` and/or `MICROSOFT_365`. You must have an email connector configured + Supported email services are `GMAIL`, `GOOGLE_DRIVE`, and `OFFICE_365`. You must have an email connector configured for your tenant to support this trusted action. * **git_push**: `bool` - Whether to trust Git push events to this domain. + * **browser_destinations**: `List[BrowserDestination]` - Activity is trusted if the user is logging in to one of these + browser destinations using this domain. Examples include `CHATGPT`, `CLAUDE`, `AMAZON_WEB_SERVICES`. For the complete list + consult the documentation at https://developer.code42.com/api/#tag/Trusted-Activities/operation/createTrustResource + * **file_transfer_tools**: `bool` - Whether to trust uploads to this domain using file-transfer tools. + * **is_high_value**: `bool` - Indicates whether or not this should be a high-value source. Defaults to not sending an indication. **Returns**: A [`TrustedActivity`][trustedactivity-model] object representing the newly created trusted activity. @@ -158,6 +167,10 @@ def add_domain( if git_push: activity_actions.append(ActivityAction(type=ActivityType.GIT_PUSH)) + # FILE TRANSFER TOOLS + if file_transfer_tools: + activity_actions.append(ActivityAction(type=ActivityType.FILE_TRANSFER)) + # CLOUD SYNC SERVICES services = [ ( @@ -175,6 +188,11 @@ def add_domain( EmailServices, ActivityType.EMAIL, ), # # EMAIL_SHARE_SERVICES + ( + browser_destinations, + BrowserDestination, + ActivityType.USER_ACCOUNT_UPLOAD, + ), # # USER_ACCOUNT_UPLOAD ] for element in services: service, enum, activity_type = element @@ -194,6 +212,7 @@ def add_domain( type=ActivityType.DOMAIN, value=domain, description=description, + isHighValueSource=is_high_value, activityActionGroups=[ ActivityActionGroup(activityActions=activity_actions, name=Name.DEFAULT) ], @@ -208,6 +227,7 @@ def add_url_path( self, url: str, description: str = None, + is_high_value: bool = None, ) -> TrustedActivity: """ Trust browser uploads to only part of a domain by including a specific path. For example: `github.com/company` will only trust uploads to the `company` repository. @@ -216,6 +236,7 @@ def add_url_path( * **url**: `str` (required) - URL path to trust (ex: `example.com/path`). * **description**: `str` - Optional description of the trusted activity. + * **is_high_value**: `bool` - Indicates whether or not this should be a high-value source. Defaults to not sending an indication. **Returns**: A [`TrustedActivity`][trustedactivity-model] object representing the newly created trusted activity. @@ -225,6 +246,7 @@ def add_url_path( type=ActivityType.URL_PATH, value=url, description=description, + isHighValueSource=is_high_value, activityActionGroups=[], ) @@ -237,6 +259,7 @@ def add_slack_workspace( self, workspace_name: str, description: str = None, + is_high_value: bool = None, ) -> TrustedActivity: """ Trust activity uploaded through a Slack workspace. @@ -245,6 +268,7 @@ def add_slack_workspace( * **workspace_name**: `str` (required) - Name of the Slack workspace to trust. * **description**: `str` - Optional description of the trusted activity. + * **is_high_value**: `bool` - Indicates whether or not this should be a high-value source. Defaults to not sending an indication. **Returns**: A [`TrustedActivity`][trustedactivity-model] object representing the newly created trusted activity. @@ -254,6 +278,7 @@ def add_slack_workspace( type=ActivityType.SLACK, value=workspace_name, description=description, + isHighValueSource=is_high_value, activityActionGroups=[], ) @@ -268,6 +293,7 @@ def add_account_name( description: str = None, dropbox: bool = False, one_drive: bool = False, + is_high_value: bool = None, ) -> TrustedActivity: """ Trust activity for a specific corporate account for cloud sync apps installed on user devices. @@ -278,6 +304,7 @@ def add_account_name( * **description**: `str` - Optional description of the trusted activity. * **dropbox**: `bool` - Whether to trust Dropbox as a cloud sync service. Defaults to False. * **one_drive** `bool` - Whether to trust OneDrive as a cloud sync service. Defaults to False. + * **is_high_value**: `bool` - Indicates whether or not this should be a high-value source. Defaults to not sending an indication. At least 1 activity action group (dropbox, one_drive) is required to be trusted. @@ -310,6 +337,7 @@ def add_account_name( type=ActivityType.ACCOUNT_NAME, value=account_name, description=description, + isHighValueSource=is_high_value, activityActionGroups=[activity_action_group], ) @@ -322,6 +350,7 @@ def add_git_repository( self, git_uri: str, description: str = None, + is_high_value: bool = None, ) -> TrustedActivity: """ Trust file uploads to a git repository. @@ -330,6 +359,7 @@ def add_git_repository( * **git_uri**: `str` (required) - Git URI to trust (ex: `bitbucket.org:exampleent/myrepo`). * **description**: `str` - Optional description of the trusted activity. + * **is_high_value**: `bool` - Indicates whether or not this should be a high-value source. Defaults to not sending an indication. **Returns**: A [`TrustedActivity`][trustedactivity-model] object representing the newly created trusted activity. @@ -344,6 +374,7 @@ def add_git_repository( type=ActivityType.GIT_REPOSITORY_URI, value=git_uri, description=description, + isHighValueSource=is_high_value, activityActionGroups=[activity_action_group], ) diff --git a/src/_incydr_sdk/trusted_activities/models.py b/src/_incydr_sdk/trusted_activities/models.py index 9af0ef19..32ed9f02 100644 --- a/src/_incydr_sdk/trusted_activities/models.py +++ b/src/_incydr_sdk/trusted_activities/models.py @@ -171,4 +171,5 @@ class CreateTrustedActivityRequest(Model): type: Optional[str] value: Optional[str] description: Optional[str] + isHighValueSource: Optional[bool] activityActionGroups: Optional[List[ActivityActionGroup]] diff --git a/tests/test_trusted_activities.py b/tests/test_trusted_activities.py index b5f74989..53d803f6 100644 --- a/tests/test_trusted_activities.py +++ b/tests/test_trusted_activities.py @@ -181,6 +181,7 @@ def test_add_domain_when_default_params_returns_expected_data( test_data = { "type": activity_type, "value": domain, + "isHighValueSource": None, "description": "Description", "activityActionGroups": activity_action_groups, } @@ -238,6 +239,144 @@ def test_add_domain_when_no_trusted_actions_raises_error(httpserver_auth: HTTPSe assert "At least 1 action for the domain must be trusted." in str(e.value) +def test_add_domain_when_file_transfer_tools_returns_expected_data( + httpserver_auth: HTTPServer, +): + domain = "transfer.example.com" + activity_type = ActivityType.DOMAIN + activity_action_groups = [ + { + "name": "DEFAULT", + "activityActions": [ + {"type": "FILE_TRANSFER", "providers": None}, + ], + } + ] + + test_data = { + "type": activity_type, + "value": domain, + "isHighValueSource": None, + "description": "Description", + "activityActionGroups": activity_action_groups, + } + + test_response = TEST_TRUSTED_ACTIVITY_1.copy() + test_response.update(test_data) + test_response.update({"type": activity_type}) + + httpserver_auth.expect_request( + uri="/v2/trusted-activities", method="POST", json=test_data + ).respond_with_json(test_response) + + client = Client() + trusted_activity = client.trusted_activities.v2.add_domain( + domain=domain, + description="Description", + file_transfer_tools=True, + ) + assert isinstance(trusted_activity, TrustedActivity) + assert trusted_activity.type == activity_type + assert trusted_activity.value == domain + assert ( + json.loads(trusted_activity.json())["activityActionGroups"] + == activity_action_groups + ) + + +def test_add_domain_when_browser_destinations_returns_expected_data( + httpserver_auth: HTTPServer, +): + domain = "browser.example.com" + activity_type = ActivityType.DOMAIN + activity_action_groups = [ + { + "name": "DEFAULT", + "activityActions": [ + { + "type": "USER_ACCOUNT_UPLOAD", + "providers": [ + {"name": "SLACK"}, + {"name": "CHATGPT"}, + ], + }, + ], + } + ] + + test_data = { + "type": activity_type, + "value": domain, + "isHighValueSource": None, + "description": None, + "activityActionGroups": activity_action_groups, + } + + test_response = TEST_TRUSTED_ACTIVITY_1.copy() + test_response.update(test_data) + test_response.update({"type": activity_type}) + + httpserver_auth.expect_request( + uri="/v2/trusted-activities", method="POST", json=test_data + ).respond_with_json(test_response) + + client = Client() + trusted_activity = client.trusted_activities.v2.add_domain( + domain=domain, + browser_destinations=["SLACK", "CHATGPT"], + ) + assert isinstance(trusted_activity, TrustedActivity) + assert trusted_activity.type == activity_type + assert trusted_activity.value == domain + assert ( + json.loads(trusted_activity.json())["activityActionGroups"] + == activity_action_groups + ) + + +def test_add_domain_when_is_high_value_returns_expected_data( + httpserver_auth: HTTPServer, +): + domain = "highvalue.example.com" + activity_type = ActivityType.DOMAIN + activity_action_groups = [ + { + "name": "DEFAULT", + "activityActions": [ + {"type": "FILE_UPLOAD", "providers": None}, + ], + } + ] + + test_data = { + "type": activity_type, + "value": domain, + "isHighValueSource": True, + "description": "Description", + "activityActionGroups": activity_action_groups, + } + + test_response = TEST_TRUSTED_ACTIVITY_1.copy() + test_response.update(test_data) + test_response.update({"type": activity_type}) + + httpserver_auth.expect_request( + uri="/v2/trusted-activities", method="POST", json=test_data + ).respond_with_json(test_response) + + client = Client() + trusted_activity = client.trusted_activities.v2.add_domain( + domain=domain, + description="Description", + file_upload=True, + is_high_value=True, + ) + assert isinstance(trusted_activity, TrustedActivity) + assert trusted_activity.type == activity_type + assert trusted_activity.value == domain + assert trusted_activity.is_high_value_source is True + + def test_add_url_path_when_default_params_returns_expected_data( httpserver_auth: HTTPServer, ): @@ -248,6 +387,7 @@ def test_add_url_path_when_default_params_returns_expected_data( test_data = { "type": activity_type, "value": url, + "isHighValueSource": None, "description": "Description", "activityActionGroups": activity_action_groups, } @@ -281,6 +421,7 @@ def test_add_slack_workspace_when_default_params_returns_expected_data( test_data = { "type": activity_type, "value": workspace_name, + "isHighValueSource": None, "description": "Description", "activityActionGroups": activity_action_groups, } @@ -324,6 +465,7 @@ def test_add_account_name_when_default_params_returns_expected_data( test_data = { "type": activity_type, "value": account_name, + "isHighValueSource": None, "description": "Description", "activityActionGroups": activity_action_groups, } @@ -382,6 +524,7 @@ def test_add_git_repository_when_default_params_returns_expected_data( test_data = { "type": activity_type, "value": git_uri, + "isHighValueSource": None, "description": "Description", "activityActionGroups": activity_action_groups, } @@ -549,6 +692,7 @@ def test_cli_add_domain_makes_expected_call(httpserver_auth, runner): test_data = { "type": activity_type, "value": domain, + "isHighValueSource": False, "description": "Description", "activityActionGroups": activity_action_groups, } @@ -601,6 +745,7 @@ def test_cli_add_url_path_makes_expected_call(httpserver_auth, runner): test_data = { "type": activity_type, "value": url, + "isHighValueSource": False, "description": "Description", "activityActionGroups": activity_action_groups, } @@ -628,6 +773,7 @@ def test_cli_add_slack_workspace_makes_expected_call(httpserver_auth, runner): test_data = { "type": activity_type, "value": workspace_name, + "isHighValueSource": False, "description": "Description", "activityActionGroups": activity_action_groups, } @@ -672,6 +818,7 @@ def test_cli_add_account_name_makes_expected_call(httpserver_auth, runner): test_data = { "type": activity_type, "value": account_name, + "isHighValueSource": False, "description": "Description", "activityActionGroups": activity_action_groups, } @@ -715,6 +862,7 @@ def test_cli_git_repo_makes_expected_call(httpserver_auth, runner): test_data = { "type": activity_type, "value": git_uri, + "isHighValueSource": False, "description": "Description", "activityActionGroups": activity_action_groups, } From 9126cf71a25bdae9fc8a6a2d72e5ca951f91d21a Mon Sep 17 00:00:00 2001 From: Cecilia Stevens <63068179+ceciliastevens@users.noreply.github.com> Date: Thu, 23 Apr 2026 11:41:12 -0400 Subject: [PATCH 2/3] docs --- src/incydr/enums/trusted_activities.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/incydr/enums/trusted_activities.py b/src/incydr/enums/trusted_activities.py index 58ef0118..bd70b609 100644 --- a/src/incydr/enums/trusted_activities.py +++ b/src/incydr/enums/trusted_activities.py @@ -4,6 +4,7 @@ from _incydr_sdk.enums.trusted_activities import EmailServices from _incydr_sdk.enums.trusted_activities import PrincipalType from _incydr_sdk.enums.trusted_activities import SortKeys +from _incydr_sdk.enums.trusted_activities import BrowserDestination __all__ = [ "ActivityType", @@ -12,4 +13,5 @@ "EmailServices", "PrincipalType", "SortKeys", + "BrowserDestination", ] From 509169a50eb90d62c5f58f270f1ed1a55d6f694a Mon Sep 17 00:00:00 2001 From: Cecilia Stevens <63068179+ceciliastevens@users.noreply.github.com> Date: Thu, 23 Apr 2026 11:54:12 -0400 Subject: [PATCH 3/3] style --- src/incydr/enums/trusted_activities.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/incydr/enums/trusted_activities.py b/src/incydr/enums/trusted_activities.py index bd70b609..9173f607 100644 --- a/src/incydr/enums/trusted_activities.py +++ b/src/incydr/enums/trusted_activities.py @@ -1,10 +1,10 @@ from _incydr_sdk.enums.trusted_activities import ActivityType +from _incydr_sdk.enums.trusted_activities import BrowserDestination from _incydr_sdk.enums.trusted_activities import CloudShareApps from _incydr_sdk.enums.trusted_activities import CloudSyncApps from _incydr_sdk.enums.trusted_activities import EmailServices from _incydr_sdk.enums.trusted_activities import PrincipalType from _incydr_sdk.enums.trusted_activities import SortKeys -from _incydr_sdk.enums.trusted_activities import BrowserDestination __all__ = [ "ActivityType",