def Handle(self, args, token=None):
results_collection = aff4.FACTORY.Open(
HUNTS_ROOT_PATH.Add(args.hunt_id).Add("Results"), mode="r",
token=token)
items = api_call_handler_utils.FilterAff4Collection(
results_collection, args.offset, args.count, args.filter)
wrapped_items = [ApiHuntResult().InitFromGrrMessage(item)
for item in items]
return ApiListHuntResultsResult(
items=wrapped_items, total_count=len(results_collection))
def Handle(self, args, token=None):
logs_collection_urn = args.client_id.Add(
"flows").Add(args.flow_id.Basename()).Add("Logs")
logs_collection = aff4.FACTORY.Create(
logs_collection_urn, aff4_type="FlowLogCollection",
mode="r", token=token)
result = api_call_handler_utils.FilterAff4Collection(
logs_collection, args.offset, args.count, args.filter)
return ApiListFlowLogsResult(
items=result, total_count=len(logs_collection))
def Handle(self, args, token=None):
# TODO(user): handle cases when hunt doesn't exists.
# TODO(user): Use hunt's logs_collection_urn to open errors collection.
errors_collection = aff4.FACTORY.Open(
HUNTS_ROOT_PATH.Add(args.hunt_id).Add("ErrorClients"),
mode="r",
token=token)
result = api_call_handler_utils.FilterAff4Collection(
errors_collection, args.offset, args.count, args.filter)
return ApiListHuntErrorsResult(
items=result, total_count=len(errors_collection))
def Handle(self, args, token=None):
try:
aff4_crashes = aff4.FACTORY.Open(
HUNTS_ROOT_PATH.Add(args.hunt_id).Add("crashes"), mode="r",
aff4_type="PackedVersionedCollection", token=token)
total_count = len(aff4_crashes)
result = api_call_handler_utils.FilterAff4Collection(
aff4_crashes, args.offset, args.count, args.filter)
except aff4.InstantiationError:
total_count = 0
result = []
return ApiListHuntCrashesResult(
items=result, total_count=total_count)
def Handle(self, args, token=None):
flow_urn = args.client_id.Add("flows").Add(args.flow_id.Basename())
flow_obj = aff4.FACTORY.Open(flow_urn, aff4_type="GRRFlow", mode="r",
token=token)
output_urn = flow_obj.GetRunner().output_urn
# TODO(user): RDFValueCollection is a deprecated type.
output_collection = aff4.FACTORY.Create(
output_urn, aff4_type="RDFValueCollection", mode="r", token=token)
items = api_call_handler_utils.FilterAff4Collection(
output_collection, args.offset, args.count, args.filter)
wrapped_items = [ApiFlowResult().InitFromRdfValue(item)
for item in items]
return ApiListFlowResultsResult(
items=wrapped_items, total_count=len(output_collection))
def Handle(self, args, token=None):
# TODO(user): handle cases when hunt doesn't exists.
# TODO(user): Use hunt's logs_collection_urn to open logs collection.
try:
logs_collection = aff4.FACTORY.Open(
HUNTS_ROOT_PATH.Add(args.hunt_id).Add("Logs"),
aff4_type=flow_runner.FlowLogCollection.__name__, mode="r",
token=token)
except IOError:
logs_collection = aff4.FACTORY.Create(
HUNTS_ROOT_PATH.Add(args.hunt_id).Add("Logs"),
aff4_type="RDFValueCollection", mode="r", token=token)
result = api_call_handler_utils.FilterAff4Collection(
logs_collection, args.offset, args.count, args.filter)
return ApiListHuntLogsResult(
items=result, total_count=len(logs_collection))
def testFiltersByFilterString(self):
data = api_call_handler_utils.FilterAff4Collection(
self.fd, 0, 0, "tmp-8")
self.assertEqual(len(data), 1)
self.assertEqual(data[0].path, "/var/os/tmp-8")
def testRaisesOnNegativeCount(self):
with self.assertRaises(ValueError):
api_call_handler_utils.FilterAff4Collection(self.fd, 0, -10, None)
def testIngoresTooBigCount(self):
data = api_call_handler_utils.FilterAff4Collection(
self.fd, 0, 50, None)
self.assertEqual(len(data), 10)
self.assertEqual(data[0].path, "/var/os/tmp-0")
self.assertEqual(data[-1].path, "/var/os/tmp-9")
def testFiltersByOffsetAndCount(self):
data = api_call_handler_utils.FilterAff4Collection(self.fd, 2, 5, None)
self.assertEqual(len(data), 5)
self.assertEqual(data[0].path, "/var/os/tmp-2")
self.assertEqual(data[-1].path, "/var/os/tmp-6")
