def testURNValidation(self):
# These should all come out the same: C.00aaeccbb45f33a3
test_set = [
"C.00aaeccbb45f33a3", "C.00aaeccbb45f33a3".upper(),
"c.00aaeccbb45f33a3", "C.00aaeccbb45f33a3 "
]
results = []
for urnstr in test_set:
results.append(rdf_client.ClientURN(urnstr))
results.append(rdf_client.ClientURN("aff4:/%s" % urnstr))
self.assertEqual(len(results), len(test_set) * 2)
# Check all are identical
self.assertTrue(all([x == results[0] for x in results]))
# Check we can handle URN as well as string
rdf_client.ClientURN(rdf_client.ClientURN(test_set[0]))
error_set = [
"B.00aaeccbb45f33a3", "c.00accbb45f33a3",
"aff5:/C.00aaeccbb45f33a3"
]
for badurn in error_set:
self.assertRaises(type_info.TypeValueError, rdf_client.ClientURN,
badurn)
def Run(self):
with test_lib.FakeTime(42):
with self.CreateHunt(description="the hunt") as hunt_obj:
with test_lib.FakeTime(52):
hunt_obj.LogClientError(
rdf_client.ClientURN("C.0000111122223333"),
"Error foo.")
with test_lib.FakeTime(55):
hunt_obj.LogClientError(
rdf_client.ClientURN("C.1111222233334444"),
"Error bar.", "<some backtrace>")
self.Check("ListHuntErrors",
args=hunt_plugin.ApiListHuntErrorsArgs(
hunt_id=hunt_obj.urn.Basename()),
replace={hunt_obj.urn.Basename(): "H:123456"})
self.Check("ListHuntErrors",
args=hunt_plugin.ApiListHuntErrorsArgs(
hunt_id=hunt_obj.urn.Basename(), count=1),
replace={hunt_obj.urn.Basename(): "H:123456"})
self.Check("ListHuntErrors",
args=hunt_plugin.ApiListHuntErrorsArgs(
hunt_id=hunt_obj.urn.Basename(), offset=1, count=1),
replace={hunt_obj.urn.Basename(): "H:123456"})
def testUnversionedKeywords(self):
index = client_index.CreateClientIndex(token=self.token)
client_urns = self.SetupClients(5)
with test_lib.FakeTime(1000000):
for i in range(5):
client = aff4.FACTORY.Create(client_urns[i],
aff4_type=aff4_grr.VFSGRRClient,
mode="rw",
token=self.token)
client.Set(client.Schema.HOST_IPS("10.1.0.%d" % i))
client.Flush()
index.AddClient(client)
with test_lib.FakeTime(2000000):
for i in range(5):
client = aff4.FACTORY.Create(client_urns[i],
aff4_type=aff4_grr.VFSGRRClient,
mode="rw",
token=self.token)
client.Set(client.Schema.HOST_IPS("10.1.1.%d" % i))
client.Flush()
index.AddClient(client)
with test_lib.FakeTime(3000000):
self.assertEqual(
index.LookupClients(["10.1.0", "Host-2"]),
[rdf_client.ClientURN("aff4:/C.1000000000000002")])
self.assertEqual(index.LookupClients(["+10.1.0", "Host-2"]), [])
self.assertEqual(
index.LookupClients(["+10.1.1", "Host-2"]),
[rdf_client.ClientURN("aff4:/C.1000000000000002")])
def testAFF4Path(self):
"""Test the pathspec to URN conversion function."""
pathspec = rdf_paths.PathSpec(
path="\\\\.\\Volume{1234}\\",
pathtype=rdf_paths.PathSpec.PathType.OS,
mount_point="/c:/").Append(
path="/windows", pathtype=rdf_paths.PathSpec.PathType.TSK)
urn = pathspec.AFF4Path(rdf_client.ClientURN("C.1234567812345678"))
self.assertEqual(
urn,
rdfvalue.RDFURN(
r"aff4:/C.1234567812345678/fs/tsk/\\.\Volume{1234}\/windows"))
# Test an ADS
pathspec = rdf_paths.PathSpec(
path="\\\\.\\Volume{1234}\\",
pathtype=rdf_paths.PathSpec.PathType.OS,
mount_point="/c:/").Append(
pathtype=rdf_paths.PathSpec.PathType.TSK,
path="/Test Directory/notes.txt:ads",
inode=66,
ntfs_type=128,
ntfs_id=2)
urn = pathspec.AFF4Path(rdf_client.ClientURN("C.1234567812345678"))
self.assertEqual(
urn,
rdfvalue.RDFURN(r"aff4:/C.1234567812345678/fs/tsk/\\.\Volume{1234}\/"
"Test Directory/notes.txt:ads"))
def testOperatingSystemSelection(self):
"""Tests that we can distinguish based on operating system."""
self.SetupClient(1, system="Windows XP")
self.SetupClient(2, system="Linux")
self.SetupClient(3, system="Windows 7")
with utils.Stubber(flow.GRRFlow, "StartFlow", self.StartFlow):
# Now setup the filters
now = rdfvalue.RDFDatetime.Now()
expires = now + rdfvalue.Duration("1h")
foreman_obj = foreman.GetForeman(token=self.token)
# Make a new rule
rule = foreman_rules.ForemanRule(created=now,
expires=expires,
description="Test rule")
# Matches Windows boxes
rule.client_rule_set = foreman_rules.ForemanClientRuleSet(rules=[
foreman_rules.ForemanClientRule(
rule_type=foreman_rules.ForemanClientRule.Type.OS,
os=foreman_rules.ForemanOsClientRule(os_windows=True))
])
# Will run Test Flow
rule.actions.Append(flow_name="Test Flow",
argv=rdf_protodict.Dict(foo="bar"))
# Clear the rule set and add the new rule to it.
rule_set = foreman_obj.Schema.RULES()
rule_set.Append(rule)
# Assign it to the foreman
foreman_obj.Set(foreman_obj.Schema.RULES, rule_set)
foreman_obj.Close()
self.clients_launched = []
foreman_obj.AssignTasksToClient("C.1000000000000001")
foreman_obj.AssignTasksToClient("C.1000000000000002")
foreman_obj.AssignTasksToClient("C.1000000000000003")
# Make sure that only the windows machines ran
self.assertEqual(len(self.clients_launched), 2)
self.assertEqual(self.clients_launched[0][0],
rdf_client.ClientURN("C.1000000000000001"))
self.assertEqual(self.clients_launched[1][0],
rdf_client.ClientURN("C.1000000000000003"))
self.clients_launched = []
# Run again - This should not fire since it did already
foreman_obj.AssignTasksToClient("C.1000000000000001")
foreman_obj.AssignTasksToClient("C.1000000000000002")
foreman_obj.AssignTasksToClient("C.1000000000000003")
self.assertEqual(len(self.clients_launched), 0)
def setUp(self):
super(TestTimeline, self).setUp()
# Prepare our fixture.
fixture_test_lib.ClientFixture("C.0000000000000001", token=self.token)
self.CreateFileWithTimeline(rdf_client.ClientURN("C.0000000000000001"),
"c/proc/changed.txt",
rdf_paths.PathSpec.PathType.OS, self.token)
self.CreateFileWithTimeline(rdf_client.ClientURN("C.0000000000000001"),
"c/proc/other.txt",
rdf_paths.PathSpec.PathType.OS, self.token)
self.RequestAndGrantClientApproval("C.0000000000000001")
def CreateLeasedClientRequest(client_id=None, token=None):
if not client_id:
client_id = rdf_client.ClientURN("C.0000000000000001")
else:
client_id = rdf_client.ClientURN(client_id)
flow.StartFlow(
client_id=client_id,
flow_name=processes.ListProcesses.__name__,
token=token)
with queue_manager.QueueManager(token=token) as manager:
manager.QueryAndOwn(client_id.Queue(), limit=1, lease_seconds=10000)
def CheckClientAccess(self, token, client_urn):
if not client_urn:
raise ValueError("Client urn can't be empty.")
client_urn = rdf_client.ClientURN(client_urn)
return ValidateToken(token, [client_urn]) and (
token.supervisor or self._CheckApprovals(token, client_urn))
def testClickingOnInterrogateStartsInterrogateFlow(self):
self.Open("/#/clients/%s" % self.client_id)
# A click on the Interrogate button starts a flow, disables the button and
# shows a loading icon within the button.
self.Click("css=button:contains('Interrogate'):not([disabled])")
self.WaitUntil(self.IsElementPresent,
"css=button:contains('Interrogate')[disabled]")
self.WaitUntil(self.IsElementPresent,
"css=button:contains('Interrogate') i")
# Get the started flow and finish it, this will re-enable the button.
client_id = rdf_client.ClientURN(self.client_id)
fd = aff4.FACTORY.Open(client_id.Add("flows"), token=self.token)
flows = list(fd.ListChildren())
client_mock = action_mocks.ActionMock()
for flow_urn in flows:
flow_test_lib.TestFlowHelper(flow_urn,
client_mock,
client_id=client_id,
token=self.token,
check_flow_errors=False)
self.WaitUntilNot(self.IsElementPresent,
"css=button:contains('Interrogate')[disabled]")
# Check if an Interrogate flow was started.
self.Click("css=a[grrtarget='client.flows']")
self.Click("css=td:contains('Interrogate')")
self.WaitUntilContains(
discovery.Interrogate.__name__, self.GetText,
"css=table td.proto_key:contains('Flow name') "
"~ td.proto_value")
def testClientApprovalMultiLabelCheckRequester(self):
"""Requester must be listed as prod_admin_approval in approvals.yaml."""
self.TouchFile(rdf_client.ClientURN(self.client_prod_id), "fs/os/foo")
# No approvals yet, this should fail.
self.assertRaises(
grr_api_errors.AccessForbiddenError,
self.api.Client(self.client_prod_id).File("fs/os/foo").Get)
# Grant all the necessary approvals
approval_id = self.RequestAndGrantClientApproval(
self.client_prod_id, requestor=self.token.username)
self.GrantClientApproval(
self.client_prod_id,
requestor=self.token.username,
approval_id=approval_id,
approver="legal1")
self.GrantClientApproval(
self.client_prod_id,
requestor=self.token.username,
approval_id=approval_id,
approver="prod2")
self.GrantClientApproval(
self.client_prod_id,
requestor=self.token.username,
approval_id=approval_id,
approver="prod3")
# We have "approver", "legal1", "prod2", "prod3" approvals but because
# "notprod" user isn't in prod_admin_approval and
# requester_must_be_authorized is True it should still fail. This user can
# never get a complete approval.
self.assertRaises(
grr_api_errors.AccessForbiddenError,
self.api.Client(self.client_prod_id).File("fs/os/foo").Get)
def testClientApprovalSingleLabel(self):
"""Client requires an approval from a member of "legal_approval"."""
self.TouchFile(rdf_client.ClientURN(self.client_legal_id), "fs/os/foo")
self.assertRaises(
grr_api_errors.AccessForbiddenError,
self.api.Client(self.client_legal_id).File("fs/os/foo").Get)
approval_id = self.RequestAndGrantClientApproval(
self.client_legal_id, requestor=self.token.username)
# This approval isn't enough, we need one from legal, so it should still
# fail.
self.assertRaises(
grr_api_errors.AccessForbiddenError,
self.api.Client(self.client_legal_id).File("fs/os/foo").Get)
# Grant an approval from a user in the legal_approval list in
# approvers.yaml
self.GrantClientApproval(
self.client_legal_id,
requestor=self.token.username,
approval_id=approval_id,
approver="legal1")
# Check we now have access
self.api.Client(self.client_legal_id).File("fs/os/foo").Get()
def __init__(self,
client_id,
token=None,
fixture=None,
age=None,
**kwargs):
"""Constructor.
Args:
client_id: The unique id for the new client.
token: An instance of access_control.ACLToken security token.
fixture: An optional fixture to install. If not provided we use
client_fixture.VFS.
age: Create the fixture at this timestamp. If None we use FIXTURE_TIME.
**kwargs: Any other parameters which need to be interpolated by the
fixture.
"""
self.args = kwargs
self.token = token
self.age = age or FIXTURE_TIME.AsSecondsSinceEpoch()
self.client_id = rdf_client.ClientURN(client_id)
self.args["client_id"] = self.client_id.Basename()
self.args["age"] = self.age
self.CreateClientObject(fixture or client_fixture.VFS)
def setUp(self):
super(DirRecursiveRefreshTest, self).setUp()
# Prepare our fixture.
self.client_id = rdf_client.ClientURN("C.0000000000000001")
fixture_test_lib.ClientFixture(self.client_id, self.token)
gui_test_lib.CreateFileVersions(self.client_id, self.token)
self.RequestAndGrantClientApproval("C.0000000000000001")
def Run(self):
with test_lib.FakeTime(42):
hunt_urn = self.StartHunt(description="the hunt")
if data_store.RelationalDBReadEnabled():
clients = self.SetupTestClientObjects(5)
client_ids = sorted(clients)
else:
client_ids = [urn.Basename() for urn in self.SetupClients(5)]
self.AssignTasksToClients(client_ids=client_ids)
# Only running the hunt on a single client, as SampleMock
# implementation is non-deterministic in terms of resources
# usage that gets reported back to the hunt.
client_urns = [rdf_client.ClientURN(client_ids[-1])]
self.RunHunt(client_ids=client_urns, failrate=0)
# Create replace dictionary.
replace = {hunt_urn.Basename(): "H:123456"}
self.Check("ListHuntClients",
args=hunt_plugin.ApiListHuntClientsArgs(
hunt_id=hunt_urn.Basename(), client_status="STARTED"),
replace=replace)
self.Check("ListHuntClients",
args=hunt_plugin.ApiListHuntClientsArgs(
hunt_id=hunt_urn.Basename(),
client_status="OUTSTANDING"),
replace=replace)
self.Check("ListHuntClients",
args=hunt_plugin.ApiListHuntClientsArgs(
hunt_id=hunt_urn.Basename(), client_status="COMPLETED"),
replace=replace)
def testWellKnownFlowResponsesAreProcessedOnlyOnce(self):
worker_obj = worker_lib.GRRWorker(token=self.token)
# Send a message to a WellKnownFlow - ClientStatsAuto.
client_id = rdf_client.ClientURN("C.1100110011001100")
self.SendResponse(rdfvalue.SessionID(queue=queues.STATS,
flow_name="Stats"),
data=rdf_client.ClientStats(RSS_size=1234),
client_id=client_id,
well_known=True)
# Process all messages
worker_obj.RunOnce()
worker_obj.thread_pool.Join()
client = aff4.FACTORY.Open(client_id.Add("stats"), token=self.token)
stats = client.Get(client.Schema.STATS)
self.assertEqual(stats.RSS_size, 1234)
aff4.FACTORY.Delete(client_id.Add("stats"), token=self.token)
# Process all messages once again - there should be no actual processing
# done, as all the responses were processed last time.
worker_obj.RunOnce()
worker_obj.thread_pool.Join()
# Check that stats haven't changed as no new responses were processed.
client = aff4.FACTORY.Open(client_id.Add("stats"), token=self.token)
self.assertIsNone(client.Get(client.Schema.STATS))
def Run(self):
if data_store.RelationalDBReadEnabled():
clients = self.SetupTestClientObjects(10)
client_ids = sorted(clients)
else:
client_ids = [urn.Basename() for urn in self.SetupClients(10)]
client_mock = hunt_test_lib.SampleHuntMock()
with test_lib.FakeTime(42):
with self.CreateHunt(description="the hunt") as hunt_obj:
hunt_obj.Run()
time_offset = 0
for client_id in client_ids:
with test_lib.FakeTime(45 + time_offset):
self.AssignTasksToClients([client_id])
hunt_test_lib.TestHuntHelper(client_mock,
[rdf_client.ClientURN(client_id)],
False, self.token)
time_offset += 10
replace = {hunt_obj.urn.Basename(): "H:123456"}
self.Check("GetHuntClientCompletionStats",
args=hunt_plugin.ApiGetHuntClientCompletionStatsArgs(
hunt_id=hunt_obj.urn.Basename()),
replace=replace)
self.Check("GetHuntClientCompletionStats",
args=hunt_plugin.ApiGetHuntClientCompletionStatsArgs(
hunt_id=hunt_obj.urn.Basename(), size=4),
replace=replace)
self.Check("GetHuntClientCompletionStats",
args=hunt_plugin.ApiGetHuntClientCompletionStatsArgs(
hunt_id=hunt_obj.urn.Basename(), size=1000),
replace=replace)
def ApprovalRevokeRaw(aff4_path, token):
"""Revokes an approval for a given token.
This method requires raw datastore access to manipulate approvals directly.
Args:
aff4_path: The aff4_path or client id the approval should be created for.
token: The token that should be revoked.
"""
try:
urn = rdf_client.ClientURN(aff4_path)
except type_info.TypeValueError:
urn = rdfvalue.RDFURN(aff4_path)
approval_urn = aff4.ROOT_URN.Add("ACL").Add(urn.Path()).Add(
token.username).Add(utils.EncodeReasonString(token.reason))
super_token = access_control.ACLToken(username="******")
super_token.supervisor = True
approval_request = aff4.FACTORY.Open(approval_urn,
mode="rw",
token=super_token)
approval_request.DeleteAttribute(approval_request.Schema.APPROVER)
approval_request.Close()
def _FindAuditEvent(self):
for fd in audit.AllAuditLogs(token=self.token):
for event in fd:
if event.action == rdf_events.AuditEvent.Action.CLIENT_ADD_LABEL:
for client_id in self.client_ids:
if event.client == rdf_client.ClientURN(client_id):
return event
def ApprovalCreateRaw(aff4_path,
reason="",
expire_in=60 * 60 * 24 * 7,
token=None,
approval_type="ClientApproval"):
"""Creates an approval with raw access.
This method requires raw datastore access to manipulate approvals directly.
This currently doesn't work for hunt or cron approvals, because they check
that each approver has the admin label. Since the fake users don't exist the
check fails.
Args:
aff4_path: The aff4_path or client id the approval should be created for.
reason: The reason to put in the token.
expire_in: Expiry in seconds to use in the token.
token: The token that will be used. If this is specified reason and expiry
are ignored.
approval_type: The type of the approval to create.
Returns:
The token.
Raises:
RuntimeError: On bad token.
"""
if approval_type in ["ClientApproval", security.ClientApproval]:
urn = rdf_client.ClientURN(aff4_path)
else:
urn = rdfvalue.RDFURN(aff4_path)
if not token:
expiry = time.time() + expire_in
token = access_control.ACLToken(reason=reason, expiry=expiry)
if not token.reason:
raise RuntimeError("Cannot create approval with empty reason")
if not token.username:
token.username = getpass.getuser()
approval_urn = security.ApprovalRequestor.ApprovalUrnBuilder(
urn.Path(), token.username, token.reason)
super_token = access_control.ACLToken(username="******")
super_token.supervisor = True
if isinstance(approval_type, basestring):
approval_type_cls = aff4.AFF4Object.classes[approval_type]
else:
approval_type_cls = approval_type
approval_request = aff4.FACTORY.Create(approval_urn,
approval_type_cls,
mode="rw",
token=super_token)
# Add approvals indicating they were approved by fake "raw" mode users.
approval_request.AddAttribute(
approval_request.Schema.APPROVER("%s1-raw" % token.username))
approval_request.AddAttribute(
approval_request.Schema.APPROVER("%s-raw2" % token.username))
approval_request.Close()
def testViewUpdatedWhenRecursiveUpdateCompletesAfterSelectionChange(self):
self.Open("/#/clients/C.0000000000000001/vfs/fs/os/c/")
self.Click("css=button[name=RecursiveRefresh]:not([disabled])")
self.Click("css=button[name=Proceed]")
# Wait until the dialog is automatically closed.
self.WaitUntilNot(
self.IsElementPresent,
"css=.modal-header:contains('Recursive Directory Refresh')")
# Change the selection while the update is in progress.
self.WaitUntil(self.IsElementPresent,
"css=button[name=RecursiveRefresh][disabled]")
self.Click("css=#_fs-os-c-bin a")
client_id = rdf_client.ClientURN("C.0000000000000001")
self._RunUpdateFlow(client_id)
# The flow should be finished now, and directory tree update should
# be triggered, even though the selection has changed during the update.
#
# Ensure that the tree got updated as well as files list.
self.WaitUntil(self.IsElementPresent,
"css=#_fs-os-c-TestFolder i.jstree-icon")
self.WaitUntil(self.IsElementPresent,
"css=#_fs-os-c-bin-TestBinFolder i.jstree-icon")
def testClickingOnTreeNodeRefreshesTimeline(self):
# Open VFS view for client 1 on a specific location.
self.Open("/#c=C.0000000000000001&main=VirtualFileSystemView"
"&t=_fs-os-c-proc")
# We have to wait until the "proc" node gets highlighted in the tree,
# as the tree expansion may take time and happen in multiple steps.
# On every expansion step, the view mode will be switched to "file list",
# even if "timeline" mode was previously active.
self.WaitUntil(self.IsElementPresent,
"css=a.jstree-clicked:contains('proc')")
self.WaitUntilEqual(2, self.GetCssCount, "css=.file-list tbody tr")
self.Click("css=.btn:contains('Timeline')")
# Wait until the UI finished loading.
self.WaitUntilEqual(2 * self.TIMELINE_ITEMS_PER_FILE, self.GetCssCount,
"css=grr-file-timeline tbody tr")
# Add a new file with several versions.
self.CreateFileWithTimeline(rdf_client.ClientURN("C.0000000000000001"),
"c/proc/newly_added.txt",
rdf_paths.PathSpec.PathType.OS, self.token)
# Click on tree again.
self.Click("link=proc")
# Wait until the UI finished loading.
self.WaitUntilEqual(3 * self.TIMELINE_ITEMS_PER_FILE, self.GetCssCount,
"css=grr-file-timeline tbody tr")
self.WaitUntil(self.IsElementPresent,
"css=grr-file-timeline td:contains('newly_added.txt')")
def testClientApprovalMultiLabel(self):
"""Multi-label client approval test.
This client requires one legal and two prod admin approvals. The requester
must also be in the prod admin group.
"""
self.TouchFile(rdf_client.ClientURN(self.client_prod_id), "fs/os/foo")
self.token.username = "******"
webauth.WEBAUTH_MANAGER.SetUserName(self.token.username)
# No approvals yet, this should fail.
self.assertRaises(
grr_api_errors.AccessForbiddenError,
self.api.Client(self.client_prod_id).File("fs/os/foo").Get)
approval_id = self.RequestAndGrantClientApproval(
self.client_prod_id, requestor=self.token.username)
# This approval from "approver" isn't enough.
self.assertRaises(
grr_api_errors.AccessForbiddenError,
self.api.Client(self.client_prod_id).File("fs/os/foo").Get)
# Grant an approval from a user in the legal_approval list in
# approvers.yaml
self.GrantClientApproval(
self.client_prod_id,
requestor=self.token.username,
approval_id=approval_id,
approver="legal1")
# We have "approver", "legal1": not enough.
self.assertRaises(
grr_api_errors.AccessForbiddenError,
self.api.Client(self.client_prod_id).File("fs/os/foo").Get)
# Grant an approval from a user in the prod_admin_approval list in
# approvers.yaml
self.GrantClientApproval(
self.client_prod_id,
requestor=self.token.username,
approval_id=approval_id,
approver="prod2")
# We have "approver", "legal1", "prod2": not enough.
self.assertRaises(
grr_api_errors.AccessForbiddenError,
self.api.Client(self.client_prod_id).File("fs/os/foo").Get)
self.GrantClientApproval(
self.client_prod_id,
requestor=self.token.username,
approval_id=approval_id,
approver="prod3")
# We have "approver", "legal1", "prod2", "prod3": we should have
# access.
self.api.Client(self.client_prod_id).File("fs/os/foo").Get()
def AssignTasksToClients(self, client_ids=None):
# Pretend to be the foreman now and dish out hunting jobs to all the
# clients..
client_ids = client_ids or self.client_ids
foreman_obj = foreman.GetForeman(token=self.token)
for client_id in client_ids:
foreman_obj.AssignTasksToClient(
rdf_client.ClientURN(client_id).Basename())
def testNoClientActionIsDisplayedWhenFlowIsStarted(self):
self.RequestAndGrantClientApproval(self.client_id)
self.Open("/#/clients/%s/load-stats" % self.client_id)
self.WaitUntil(self.IsTextPresent, "No actions currently in progress.")
flow.GRRFlow.StartFlow(client_id=rdf_client.ClientURN(self.client_id),
flow_name=processes.ListProcesses.__name__,
token=self.token)
def LookupClients(self, keywords):
"""Returns a list of client URNs associated with keywords.
Args:
keywords: The list of keywords to search by.
Returns:
A list of client URNs.
Raises:
ValueError: A string (single keyword) was passed instead of an iterable.
"""
if isinstance(keywords, basestring):
raise ValueError(
"Keywords should be an iterable, not a string (got %s)." %
keywords)
start_time, end_time, filtered_keywords, unversioned_keywords = (
self._AnalyzeKeywords(keywords))
last_seen_map = None
if unversioned_keywords:
last_seen_map = {}
# TODO(user): Make keyword index datetime aware so that
# AsMicrosecondsSinceEpoch is unnecessary.
raw_results = self.Lookup(
map(self._NormalizeKeyword, filtered_keywords),
start_time=start_time.AsMicrosecondsSinceEpoch(),
end_time=end_time.AsMicrosecondsSinceEpoch(),
last_seen_map=last_seen_map)
if not raw_results:
return []
if unversioned_keywords:
universal_last_seen_raw = {}
self.ReadPostingLists(
map(self._NormalizeKeyword, raw_results),
start_time=start_time.AsMicrosecondsSinceEpoch(),
end_time=end_time.AsMicrosecondsSinceEpoch(),
last_seen_map=universal_last_seen_raw)
universal_last_seen = {}
for (_, client_id), ts in universal_last_seen_raw.iteritems():
universal_last_seen[client_id] = ts
old_results = set()
for keyword in unversioned_keywords:
for result in raw_results:
if last_seen_map[(keyword,
result)] < universal_last_seen[result]:
old_results.add(result)
raw_results -= old_results
return [rdf_client.ClientURN(result) for result in raw_results]
def testListErrors(self):
client_urn_1 = rdf_client.ClientURN("C.0000111122223333")
with test_lib.FakeTime(52):
self.hunt_obj.LogClientError(client_urn_1, "Error foo.")
client_urn_2 = rdf_client.ClientURN("C.1111222233334444")
with test_lib.FakeTime(55):
self.hunt_obj.LogClientError(client_urn_2, "Error bar.",
"<some backtrace>")
errors = list(self.api.Hunt(self.hunt_obj.urn.Basename()).ListErrors())
self.assertEqual(len(errors), 2)
self.assertEqual(errors[0].log_message, "Error foo.")
self.assertEqual(errors[0].client.client_id, client_urn_1.Basename())
self.assertEqual(errors[0].backtrace, "")
self.assertEqual(errors[1].log_message, "Error bar.")
self.assertEqual(errors[1].client.client_id, client_urn_2.Basename())
self.assertEqual(errors[1].backtrace, "<some backtrace>")
def testClickingOnTreeNodeRefreshesChildrenFoldersList(self):
self.Open("/#/clients/C.0000000000000001/vfs/fs/os/c/")
self.WaitUntilNot(self.IsElementPresent, "link=foo")
gui_test_lib.CreateFolder(rdf_client.ClientURN("C.0000000000000001"),
"fs/os/c/foo",
timestamp=gui_test_lib.TIME_0,
token=self.token)
self.Click("link=c")
self.WaitUntil(self.IsElementPresent, "link=foo")
def setUp(self):
super(TestFileView, self).setUp()
# Prepare our fixture.
self.client_id, self.unapproved_client_id = [
u.Basename() for u in self.SetupClients(2)
]
fixture_test_lib.ClientFixture(self.client_id, self.token)
gui_test_lib.CreateFileVersions(rdf_client.ClientURN(self.client_id),
self.token)
self.RequestAndGrantClientApproval(self.client_id)
def ApprovalRequest(client_id,
token=None,
approver="approver",
reason="testing"):
token = token or GetToken()
approval_reason = reason or token.reason
security.ClientApprovalRequestor(
reason=approval_reason,
subject_urn=rdf_client.ClientURN(client_id),
approver=approver,
token=token).Request()
def Run(self):
if data_store.RelationalDBReadEnabled():
client = self.SetupTestClientObject(0)
client_id = client.client_id
client_ids = [rdf_client.ClientURN(client_id)]
else:
client_ids = self.SetupClients(1)
client_id = client_ids[0].Basename()
client_mock = flow_test_lib.CrashClientMock(
rdf_client.ClientURN(client_id), self.token)
with test_lib.FakeTime(42):
with self.CreateHunt(description="the hunt") as hunt_obj:
hunt_obj.Run()
with test_lib.FakeTime(45):
self.AssignTasksToClients(client_ids)
hunt_test_lib.TestHuntHelperWithMultipleMocks(
{client_id: client_mock}, False, self.token)
crashes = aff4_grr.VFSGRRClient.CrashCollectionForCID(
rdf_client.ClientURN(client_id))
crash = list(crashes)[0]
session_id = crash.session_id.Basename()
replace = {
hunt_obj.urn.Basename(): "H:123456",
session_id: "H:11223344"
}
self.Check(
"ListClientCrashes",
args=client_plugin.ApiListClientCrashesArgs(client_id=client_id),
replace=replace)
self.Check("ListClientCrashes",
args=client_plugin.ApiListClientCrashesArgs(
client_id=client_id, count=1),
replace=replace)
self.Check("ListClientCrashes",
args=client_plugin.ApiListClientCrashesArgs(
client_id=client_id, offset=1, count=1),
replace=replace)
