def testUrlSensitiveCharactersAreShownInTree(self):
gui_test_lib.CreateFileVersion(self.client_id,
"fs/os/c/foo?bar&oh/a&=?b.txt",
"Hello World",
timestamp=gui_test_lib.TIME_1,
token=self.token)
# Open VFS view for client 1 on a specific location.
self.Open(
"/#c=C.0000000000000001&main=VirtualFileSystemView&t=_fs-os-c")
# Wait until the folder gets selected and its information displayed in
# the details pane.
self.WaitUntil(self.IsTextPresent, "C.0000000000000001/fs/os/c")
# Click on the "foo?bar&oh" subfolder.
self.Click("css=#_fs-os-c-foo_3Fbar_26oh a:visible")
# Some more unicode testing.
self.Click(u"css=tr:contains(\"a&=?b.txt\")")
self.Click("css=li[heading=Download]")
self.WaitUntil(self.IsTextPresent, u"a&=?b.txt")
# Test the text viewer.
self.Click("css=li[heading=TextView]")
self.WaitUntilContains("Hello World", self.GetText,
"css=div.monospace pre")
def _RunUpdateFlow(self, client_id):
# Get the flows that should have been started and finish them.
fd = aff4.FACTORY.Open(client_id.Add("flows"), token=self.token)
flows = list(fd.ListChildren())
gui_test_lib.CreateFileVersion(client_id,
"fs/os/c/a.txt",
"Hello World",
timestamp=gui_test_lib.TIME_0,
token=self.token)
gui_test_lib.CreateFolder(client_id,
"fs/os/c/TestFolder",
timestamp=gui_test_lib.TIME_0,
token=self.token)
gui_test_lib.CreateFolder(client_id,
"fs/os/c/bin/TestBinFolder",
timestamp=gui_test_lib.TIME_0,
token=self.token)
client_mock = action_mocks.ActionMock()
for flow_urn in flows:
flow_test_lib.TestFlowHelper(flow_urn,
client_mock,
client_id=client_id,
token=self.token,
check_flow_errors=False)
def testApprovalExpiry(self):
"""Tests that approvals expire after the correct time."""
client_id = self.SetupClient(0)
gui_test_lib.CreateFileVersion(client_id,
"fs/os/foo",
token=self.token)
with self.assertRaises(grr_api_errors.AccessForbiddenError):
self.api.Client(client_id.Basename()).File("fs/os/foo").Get()
with test_lib.FakeTime(100.0, increment=1e-3):
self.RequestAndGrantClientApproval(client_id,
requestor=self.token.username)
# This should work now.
self.api.Client(client_id.Basename()).File("fs/os/foo").Get()
token_expiry = config.CONFIG["ACL.token_expiry"]
# Make sure the caches are reset.
self.ClearCache()
# This is close to expiry but should still work.
with test_lib.FakeTime(100.0 + token_expiry - 100.0):
self.api.Client(client_id.Basename()).File("fs/os/foo").Get()
# Make sure the caches are reset.
self.ClearCache()
# Past expiry, should fail.
with test_lib.FakeTime(100.0 + token_expiry + 100.0):
with self.assertRaises(grr_api_errors.AccessForbiddenError):
self.api.Client(client_id.Basename()).File("fs/os/foo").Get()
def testSimpleUnauthorizedAccess(self):
"""Tests that simple access requires a token."""
client_id = self.SetupClient(0)
gui_test_lib.CreateFileVersion(client_id,
"fs/os/foo",
token=self.token)
with self.assertRaises(grr_api_errors.AccessForbiddenError):
self.api.Client(client_id.Basename()).File("fs/os/foo").Get()
def GenerateNotifications(cls, client_id, token):
"""Generates fake notifications of different notification types."""
session_id = flow.GRRFlow.StartFlow(
client_id=client_id,
flow_name=discovery.Interrogate.__name__,
token=token)
with aff4.FACTORY.Open(session_id, mode="rw", token=token) as flow_obj:
notification.Notify(
token.username,
rdf_objects.UserNotification.Type.TYPE_CLIENT_INTERROGATED,
"Fake discovery message",
rdf_objects.ObjectReference(
reference_type=rdf_objects.ObjectReference.Type.CLIENT,
client=rdf_objects.ClientReference(
client_id=client_id.Basename())))
# ViewObject: VirtualFileSystem
notification.Notify(
token.username,
rdf_objects.UserNotification.Type.TYPE_VFS_FILE_COLLECTED,
"File fetch completed",
rdf_objects.ObjectReference(
reference_type=rdf_objects.ObjectReference.Type.VFS_FILE,
vfs_file=rdf_objects.VfsFileReference(
client_id=client_id.Basename(),
path_type=rdf_objects.PathInfo.PathType.OS,
path_components=["proc", "10", "exe"])))
gui_test_lib.CreateFileVersion(
client_id,
"fs/os/proc/10/exe",
"",
timestamp=gui_test_lib.TIME_0,
token=token)
# ViewObject: Flow
notification.Notify(
token.username,
rdf_objects.UserNotification.Type.TYPE_FLOW_RUN_COMPLETED,
"Fake view flow message",
rdf_objects.ObjectReference(
reference_type=rdf_objects.ObjectReference.Type.FLOW,
flow=rdf_objects.FlowReference(
client_id=client_id.Basename(),
flow_id=flow_obj.urn.Basename())))
# FlowError
flow_obj.GetRunner().Error("Fake flow error")
return session_id
def testFolderPathCanContainUrlSensitiveCharacters(self):
gui_test_lib.CreateFileVersion(self.client_id,
"fs/os/c/foo?bar&oh/a&=?b.txt",
"Hello World",
timestamp=gui_test_lib.TIME_1,
token=self.token)
# Open VFS view for client 1 on a location containing unicode characters.
self.Open(
"/#c=C.0000000000000001&main=VirtualFileSystemView&t=_fs-os-c"
"-foo_3Fbar_26oh")
# Check that the correct file is listed.
self.WaitUntil(self.IsElementPresent, "css=tr:contains(\"a&=?b.txt\")")
def testClientApproval(self):
"""Tests that we can create an approval object to access clients."""
client_id = self.SetupClient(0)
gui_test_lib.CreateFileVersion(client_id,
"fs/os/foo",
token=self.token)
with self.assertRaises(grr_api_errors.AccessForbiddenError):
self.api.Client(client_id.Basename()).File("fs/os/foo").Get()
self.RequestAndGrantClientApproval(client_id,
requestor=self.token.username)
self.api.Client(client_id.Basename()).File("fs/os/foo").Get()
# Move the clocks forward to make sure the approval expires.
with test_lib.FakeTime(rdfvalue.RDFDatetime.Now() +
config.CONFIG["ACL.token_expiry"],
increment=1e-3):
with self.assertRaises(grr_api_errors.AccessForbiddenError):
self.api.Client(client_id.Basename()).File("fs/os/foo").Get()
def testRefreshFileStartsFlow(self):
self.Open("/")
self.Type("client_query", "C.0000000000000001")
self.Click("client_query_submit")
self.WaitUntilEqual(u"C.0000000000000001", self.GetText,
"css=span[type=subject]")
# Choose client 1.
self.Click("css=td:contains('0001')")
# Go to Browse VFS.
self.Click("css=a:contains('Browse Virtual Filesystem')")
self.Click("css=#_fs i.jstree-icon")
self.Click("css=#_fs-os i.jstree-icon")
self.Click("css=#_fs-os-c i.jstree-icon")
# Test file versioning.
self.WaitUntil(self.IsElementPresent, "css=#_fs-os-c-Downloads")
self.Click("link=Downloads")
# Select a file and start a flow by requesting a newer version.
self.Click("css=tr:contains(\"a.txt\")")
self.Click("css=li[heading=Download]")
self.Click("css=button:contains(\"Collect from the client\")")
# Create a new file version (that would have been created by the flow
# otherwise) and finish the flow.
client_id = rdf_client.ClientURN("C.0000000000000001")
fd = aff4.FACTORY.Open(client_id.Add("flows"), token=self.token)
# Make sure that the flow has started (when button is clicked, the HTTP
# API request is sent asynchronously).
def MultiGetFileStarted():
return transfer.MultiGetFile.__name__ in list(
x.__class__.__name__ for x in fd.OpenChildren())
self.WaitUntil(MultiGetFileStarted)
flows = list(fd.ListChildren())
client_mock = action_mocks.MultiGetFileClientMock()
for flow_urn in flows:
flow_test_lib.TestFlowHelper(flow_urn,
client_mock,
client_id=client_id,
check_flow_errors=False,
token=self.token)
time_in_future = rdfvalue.RDFDatetime.Now() + rdfvalue.Duration("1h")
# We have to make sure that the new version will not be within a second
# from the current one, otherwise the previous one and the new one will
# be indistinguishable in the UI (as it has a 1s precision when
# displaying versions).
with test_lib.FakeTime(time_in_future):
gui_test_lib.CreateFileVersion(
rdf_client.ClientURN("C.0000000000000001"),
"fs/os/c/Downloads/a.txt",
"The newest version!",
timestamp=rdfvalue.RDFDatetime.Now(),
token=self.token)
# Once the flow has finished, the file view should update and add the
# newly created, latest version of the file to the list. The selected
# option should still be "HEAD".
self.WaitUntilContains("HEAD", self.GetText,
"css=.version-dropdown > option[selected]")
# The file table should also update and display the new timestamp.
self.WaitUntilContains(gui_test_lib.DateTimeString(time_in_future),
self.GetText,
"css=.version-dropdown > option:nth(1)")
# The file table should also update and display the new timestamp.
self.WaitUntil(
self.IsElementPresent,
"css=grr-file-table tbody > tr td:contains(\"%s\")" %
(gui_test_lib.DateTimeString(time_in_future)))
# Make sure the file content has changed.
self.Click("css=li[heading=TextView]")
self.WaitUntilContains("The newest version!", self.GetText,
"css=div.monospace pre")
# Go to the flow management screen and check that there was a new flow.
self.Click("css=a:contains('Manage launched flows')")
self.Click("css=grr-flows-list tr:contains('MultiGetFile')")
self.WaitUntilContains(transfer.MultiGetFile.__name__, self.GetText,
"css=#main_bottomPane")
self.WaitUntilContains(
"c/Downloads/a.txt", self.GetText,
"css=#main_bottomPane table > tbody td.proto_key:contains(\"Path\") "
"~ td.proto_value")
def TouchFile(self, client_id, path):
gui_test_lib.CreateFileVersion(client_id=client_id,
path=path,
token=self.token)
