Feat: Support send phishing email with email file path (#110)

* Feat: Support send phishing email with email file path
intezer · Aug 8, 2023 · 5f2132e · 5f2132e
1 parent 2e52aae
commit 5f2132e
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 4 deletions.
diff --git a/CHANGES b/CHANGES
@@ -1,3 +1,7 @@
+1.18.7
+______
+- Support email file path for sending phishing email.
+
 1.18.6
 ______
 - Raise `FileTooLargeError` on analyzing file that is too large.

diff --git a/intezer_sdk/__init__.py b/intezer_sdk/__init__.py
@@ -1 +1 @@
-__version__ = '1.18.6'
+__version__ = '1.18.7'
diff --git a/intezer_sdk/alerts.py b/intezer_sdk/alerts.py
@@ -1,6 +1,7 @@
 import hashlib
 import json
 import time
+from io import BytesIO
 from typing import BinaryIO
 
 import requests
@@ -227,16 +228,17 @@ def send(cls,
 
     @classmethod
     def send_phishing_email(cls,
-                            raw_email: BinaryIO,
-                            api: IntezerApiClient = None,
+                            raw_email: Optional[BinaryIO] = None,
+                            api: Optional[IntezerApiClient] = None,
                             environment: Optional[str] = None,
                             default_verdict: Optional[str] = None,
                             alert_sender: Optional[str] = None,
                             wait: bool = False,
                             timeout: Optional[int] = None,
-                            ):
+                            email_path: Optional[str] = None):
         """
         Send an alert for further investigation using the Intezer Analyze API.
+        Should pass either raw_email or email_path.
 
         :param raw_email: The raw alert data.
         :param api: The API connection to Intezer.
@@ -245,10 +247,16 @@ def send_phishing_email(cls,
         :param alert_sender: The sender of the alert.
         :param wait: Wait for the alert to finish processing before returning.
         :param timeout: The timeout for the wait operation.
+        :param email_path: The path to the email file.
         :raises: :class:`requests.HTTPError` if the request failed for any reason.
         :return: The Alert instance, initialized with the alert id. when the `wait` parameter is set to True, the
                  resulting alert object will be initialized with the alert triage data.
         """
+        if not raw_email and not email_path:
+            raise ValueError('raw_email or email_path must be provided')
+        if email_path:
+            with open(email_path, 'rb') as email_file:
+                raw_email = BytesIO(email_file.read())
         _api = IntezerApi(api or get_global_api())
         if not bool(raw_email.getvalue()):
             raise ValueError('alert cannot be empty')