Beispiel #1
0
  def testUserModificationAudit(self):
    worker = worker_test_lib.MockWorker(token=self.token)
    token = self.GenerateToken(username="******", reason="reason")

    maintenance_utils.AddUser(
        "testuser", password="******", labels=["admin"], token=token)
    worker.Simulate()

    maintenance_utils.UpdateUser(
        "testuser", "xxx", delete_labels=["admin"], token=token)
    worker.Simulate()

    maintenance_utils.DeleteUser("testuser", token=token)
    worker.Simulate()

    log_entries = []
    for log in audit.AllAuditLogs(token=self.token):
      log_entries.extend(log)

    self.assertEqual(len(log_entries), 3)

    self.assertEqual(log_entries[0].action, "USER_ADD")
    self.assertEqual(log_entries[0].urn, "aff4:/users/testuser")
    self.assertEqual(log_entries[0].user, "usermodtest")

    self.assertEqual(log_entries[1].action, "USER_UPDATE")
    self.assertEqual(log_entries[1].urn, "aff4:/users/testuser")
    self.assertEqual(log_entries[1].user, "usermodtest")

    self.assertEqual(log_entries[2].action, "USER_DELETE")
    self.assertEqual(log_entries[2].urn, "aff4:/users/testuser")
    self.assertEqual(log_entries[2].user, "usermodtest")
Beispiel #2
0
def AddUsers(token=None):
  # Now initialize with our modified config.
  server_startup.Init()

  print "\nStep 3: Adding Admin User"
  try:
    maintenance_utils.AddUser(
        "admin",
        labels=["admin"],
        token=token,
        password=flags.FLAGS.admin_password)
  except maintenance_utils.UserError:
    if flags.FLAGS.noprompt:
      maintenance_utils.UpdateUser(
          "admin",
          password=flags.FLAGS.admin_password,
          add_labels=["admin"],
          token=token)
    else:
      if ((raw_input("User 'admin' already exists, do you want to "
                     "reset the password? [yN]: ").upper() or "N") == "Y"):
        maintenance_utils.UpdateUser(
            "admin", password=True, add_labels=["admin"], token=token)
Beispiel #3
0
            print e

    elif flags.FLAGS.subparser_name == "delete_user":
        maintenance_utils.DeleteUser(flags.FLAGS.username, token=token)

    elif flags.FLAGS.subparser_name == "add_user":
        labels = []
        if not flags.FLAGS.noadmin:
            labels.append("admin")

        if flags.FLAGS.labels:
            labels.extend(flags.FLAGS.labels)

        try:
            maintenance_utils.AddUser(flags.FLAGS.username,
                                      flags.FLAGS.password,
                                      labels,
                                      token=token)
        except maintenance_utils.UserError as e:
            print e

    elif flags.FLAGS.subparser_name == "upload_python":
        python_hack_root_urn = grr_config.CONFIG.Get("Config.python_hack_root")
        content = open(flags.FLAGS.file, "rb").read(1024 * 1024 * 30)
        aff4_path = flags.FLAGS.dest_path
        platform = flags.FLAGS.platform
        if not aff4_path:
            aff4_path = python_hack_root_urn.Add(platform.lower()).Add(
                os.path.basename(flags.FLAGS.file))
        if not str(aff4_path).startswith(str(python_hack_root_urn)):
            raise ValueError("AFF4 path must start with %s." %
                             python_hack_root_urn)