def Run(self): client_id = self.SetupClient(0) flow_id = flow_test_lib.StartFlow( processes.ListProcesses, client_id, creator=self.token.username) with test_lib.FakeTime(52): self._AddLogToFlow(client_id, flow_id, "Sample message: foo.") with test_lib.FakeTime(55): self._AddLogToFlow(client_id, flow_id, "Sample message: bar.") replace = {flow_id: "W:ABCDEF"} self.Check( "ListFlowLogs", args=flow_plugin.ApiListFlowLogsArgs( client_id=client_id, flow_id=flow_id), replace=replace) self.Check( "ListFlowLogs", args=flow_plugin.ApiListFlowLogsArgs( client_id=client_id, flow_id=flow_id, count=1), replace=replace) self.Check( "ListFlowLogs", args=flow_plugin.ApiListFlowLogsArgs( client_id=client_id, flow_id=flow_id, count=1, offset=1), replace=replace)
def Run(self): client_id = self.SetupClient(0) flow_urn = flow.StartAFF4Flow( flow_name=processes.ListProcesses.__name__, client_id=client_id, token=self.token) with aff4.FACTORY.Open(flow_urn, mode="rw", token=self.token) as flow_obj: with test_lib.FakeTime(52): flow_obj.Log("Sample message: foo.") with test_lib.FakeTime(55): flow_obj.Log("Sample message: bar.") replace = {flow_urn.Basename(): "W:ABCDEF"} self.Check("ListFlowLogs", args=flow_plugin.ApiListFlowLogsArgs( client_id=client_id.Basename(), flow_id=flow_urn.Basename()), replace=replace) self.Check("ListFlowLogs", args=flow_plugin.ApiListFlowLogsArgs( client_id=client_id.Basename(), flow_id=flow_urn.Basename(), count=1), replace=replace) self.Check("ListFlowLogs", args=flow_plugin.ApiListFlowLogsArgs( client_id=client_id.Basename(), flow_id=flow_urn.Basename(), count=1, offset=1), replace=replace)
def testListFlowLogsWorksIfFlowWasCreatedBySameRouter(self): flow_id = self._CreateFlowWithRobotId() router = self._CreateRouter( list_flow_logs=rr.RobotRouterListFlowLogsParams(enabled=True)) router.ListFlowLogs(api_flow.ApiListFlowLogsArgs( client_id=self.client_id, flow_id=flow_id), token=self.token)
def testListFlowLogsRaisesIfFlowWasNotCreatedBySameUser(self): flow_id = flow_test_lib.StartFlow(file_finder.FileFinder, self.client_id, creator=self.another_username) router = self._CreateRouter( list_flow_logs=rr.RobotRouterListFlowLogsParams(enabled=True)) with self.assertRaises(access_control.UnauthorizedAccess): router.ListFlowLogs(api_flow.ApiListFlowLogsArgs( client_id=self.client_id, flow_id=flow_id), context=self.context)
def testAllClientFlowsMethodsAreAccessChecked(self): args = api_flow.ApiListFlowsArgs(client_id=self.client_id) self.CheckMethodIsAccessChecked( self.router.ListFlows, "CheckClientAccess", args=args) args = api_flow.ApiGetFlowArgs(client_id=self.client_id) self.CheckMethodIsAccessChecked( self.router.GetFlow, "CheckClientAccess", args=args) args = api_flow.ApiCreateFlowArgs(client_id=self.client_id) self.CheckMethodIsAccessChecked( self.router.CreateFlow, "CheckClientAccess", args=args) self.CheckMethodIsAccessChecked( self.router.CreateFlow, "CheckIfCanStartClientFlow", args=args) args = api_flow.ApiCancelFlowArgs(client_id=self.client_id) self.CheckMethodIsAccessChecked( self.router.CancelFlow, "CheckClientAccess", args=args) args = api_flow.ApiListFlowRequestsArgs(client_id=self.client_id) self.CheckMethodIsAccessChecked( self.router.ListFlowRequests, "CheckClientAccess", args=args) args = api_flow.ApiListFlowResultsArgs(client_id=self.client_id) self.CheckMethodIsAccessChecked( self.router.ListFlowResults, "CheckClientAccess", args=args) args = api_flow.ApiGetExportedFlowResultsArgs(client_id=self.client_id) self.CheckMethodIsAccessChecked( self.router.GetExportedFlowResults, "CheckClientAccess", args=args) args = api_flow.ApiGetFlowResultsExportCommandArgs(client_id=self.client_id) self.CheckMethodIsAccessChecked( self.router.GetFlowResultsExportCommand, "CheckClientAccess", args=args) args = api_flow.ApiGetFlowFilesArchiveArgs(client_id=self.client_id) self.CheckMethodIsAccessChecked( self.router.GetFlowFilesArchive, "CheckClientAccess", args=args) args = api_flow.ApiListFlowOutputPluginsArgs(client_id=self.client_id) self.CheckMethodIsAccessChecked( self.router.ListFlowOutputPlugins, "CheckClientAccess", args=args) args = api_flow.ApiListFlowOutputPluginLogsArgs(client_id=self.client_id) self.CheckMethodIsAccessChecked( self.router.ListFlowOutputPluginLogs, "CheckClientAccess", args=args) args = api_flow.ApiListFlowOutputPluginErrorsArgs(client_id=self.client_id) self.CheckMethodIsAccessChecked( self.router.ListFlowOutputPluginErrors, "CheckClientAccess", args=args) args = api_flow.ApiListFlowLogsArgs(client_id=self.client_id) self.CheckMethodIsAccessChecked( self.router.ListFlowLogs, "CheckClientAccess", args=args)
def testListFlowLogsRaisesIfFlowWasNotCreatedBySameRouter(self): flow_urn = flow.StartAFF4Flow( client_id=self.client_id, flow_name=file_finder.FileFinder.__name__, token=self.token) router = self._CreateRouter( list_flow_logs=rr.RobotRouterListFlowLogsParams(enabled=True)) with self.assertRaises(access_control.UnauthorizedAccess): router.ListFlowLogs(api_flow.ApiListFlowLogsArgs( client_id=self.client_id, flow_id=flow_urn.Basename()), token=self.token)