def CreateFileWithTimeline(client_id, path, path_type, token):
"""Add a file with timeline."""
# Add a version of the file at gui_test_lib.TIME_0. Since we write all MAC
# times, this will result in three timeline items.
stat_entry = rdf_client.StatEntry()
stat_entry.pathspec.path = path
stat_entry.pathspec.pathtype = path_type
stat_entry.st_atime = gui_test_lib.TIME_0.AsSecondsSinceEpoch() + 1000
stat_entry.st_mtime = gui_test_lib.TIME_0.AsSecondsSinceEpoch()
stat_entry.st_ctime = gui_test_lib.TIME_0.AsSecondsSinceEpoch() - 1000
with test_lib.FakeTime(gui_test_lib.TIME_0):
filesystem.WriteStatEntries([stat_entry],
client_id,
mutation_pool=None,
token=token)
# Add a version with a stat entry, but without timestamps.
stat_entry = rdf_client.StatEntry()
stat_entry.pathspec.path = path
stat_entry.pathspec.pathtype = path_type
stat_entry.st_ino = 99
with test_lib.FakeTime(gui_test_lib.TIME_1):
filesystem.WriteStatEntries([stat_entry],
client_id,
mutation_pool=None,
token=token)
def ProcessCollectedRegistryStatEntry(self, responses):
"""Create AFF4 objects for registry statentries.
We need to do this explicitly because we call StatFile client action
directly for performance reasons rather than using one of the flows that do
this step automatically.
Args:
responses: Response objects from the artifact source.
"""
if not responses.success:
self.CallStateInline(next_state="ProcessCollected",
responses=responses)
return
with data_store.DB.GetMutationPool() as pool:
stat_entries = map(rdf_client.StatEntry, responses)
filesystem.WriteStatEntries(stat_entries,
client_id=self.client_id,
mutation_pool=pool,
token=self.token)
self.CallStateInline(next_state="ProcessCollected",
request_data=responses.request_data,
messages=stat_entries)
def _CreateAff4Stat(self, response, mutation_pool=None):
filesystem.WriteStatEntries([response.stat_entry],
client_id=self.client_id,
token=self.token,
mutation_pool=mutation_pool)