def testRaisesIfOneOfArgumentAttributesIsNone(self): model_args = hunt_plugin.ApiGetHuntFileArgs( hunt_id=self.hunt.urn.Basename(), client_id=self.client_id, vfs_path=self.aff4_file_path, timestamp=rdfvalue.RDFDatetime.Now()) with self.assertRaises(ValueError): args = model_args.Copy() args.hunt_id = None self.handler.Handle(args) with self.assertRaises(ValueError): args = model_args.Copy() args.client_id = None self.handler.Handle(args) with self.assertRaises(ValueError): args = model_args.Copy() args.vfs_path = None self.handler.Handle(args) with self.assertRaises(ValueError): args = model_args.Copy() args.timestamp = None self.handler.Handle(args)
def testRaisesIfVfsRootIsNotWhitelisted(self): args = hunt_plugin.ApiGetHuntFileArgs( hunt_id=self.hunt.urn.Basename(), client_id=self.client_id, vfs_path="flows/W:123456", timestamp=rdfvalue.RDFDatetime().Now()) with self.assertRaises(ValueError): self.handler.Handle(args)
def testRaisesIfResultIsBeforeTimestamp(self): results = data_store.REL_DB.ReadHuntResults(self.hunt_id, 0, 1) args = hunt_plugin.ApiGetHuntFileArgs(hunt_id=self.hunt_id, client_id=self.client_id, vfs_path=self.vfs_file_path, timestamp=results[0].timestamp + rdfvalue.DurationSeconds("1s")) with self.assertRaises(hunt_plugin.HuntFileNotFoundError): self.handler.Handle(args, token=self.token)
def testReturnsResultIfWithinMaxRecordsAfterTimestamp(self): original_result = self._FillInStubResults() args = hunt_plugin.ApiGetHuntFileArgs( hunt_id=self.hunt.urn.Basename(), client_id=self.client_id, vfs_path=self.aff4_file_path, timestamp=original_result.age - self.handler.MAX_RECORDS_TO_CHECK * rdfvalue.Duration("1s")) self.handler.Handle(args, token=self.token)
def testRaisesIfResultIsBeforeTimestamp(self): results = implementation.GRRHunt.ResultCollectionForHID( self.hunt.urn, token=self.token) args = hunt_plugin.ApiGetHuntFileArgs(hunt_id=self.hunt.urn.Basename(), client_id=self.client_id, vfs_path=self.aff4_file_path, timestamp=results[0].age + rdfvalue.Duration("1s")) with self.assertRaises(hunt_plugin.HuntFileNotFoundError): self.handler.Handle(args, token=self.token)
def testRaisesIfResultIsAfterMaxRecordsAfterTimestamp(self): original_result = self._FillInStubResults() args = hunt_plugin.ApiGetHuntFileArgs( hunt_id=self.hunt.urn.Basename(), client_id=self.client_id, vfs_path=self.aff4_file_path, timestamp=original_result.age - (self.handler.MAX_RECORDS_TO_CHECK + 1) * rdfvalue.Duration("1s")) with self.assertRaises(hunt_plugin.HuntFileNotFoundError): self.handler.Handle(args, token=self.token)
def testReturnsBinaryStreamIfResultFound(self): results = implementation.GRRHunt.ResultCollectionForHID( self.hunt.urn, token=self.token) args = hunt_plugin.ApiGetHuntFileArgs(hunt_id=self.hunt.urn.Basename(), client_id=self.client_id, vfs_path=self.aff4_file_path, timestamp=results[0].age) result = self.handler.Handle(args, token=self.token) self.assertTrue(hasattr(result, "GenerateContent")) self.assertEqual(result.content_length, results[0].payload.stat_entry.st_size)
def testReturnsBinaryStreamIfResultFound(self): results = data_store.REL_DB.ReadHuntResults(self.hunt_id, 0, 1) timestamp = results[0].timestamp args = hunt_plugin.ApiGetHuntFileArgs(hunt_id=self.hunt_id, client_id=self.client_id, vfs_path=self.vfs_file_path, timestamp=timestamp) result = self.handler.Handle(args, token=self.token) self.assertTrue(hasattr(result, "GenerateContent")) self.assertEqual(result.content_length, results[0].payload.stat_entry.st_size)
def testRaisesIfResultIsBeforeTimestamp(self): if data_store.RelationalDBEnabled(): results = data_store.REL_DB.ReadHuntResults(self.hunt_id, 0, 1) else: results = implementation.GRRHunt.ResultCollectionForHID( self.hunt_urn, token=self.token) args = hunt_plugin.ApiGetHuntFileArgs(hunt_id=self.hunt_id, client_id=self.client_id, vfs_path=self.aff4_file_path, timestamp=results[0].age + rdfvalue.Duration("1s")) with self.assertRaises(hunt_plugin.HuntFileNotFoundError): self.handler.Handle(args, token=self.token)
def testRaisesIfResultFileIsNotStream(self): original_results = implementation.GRRHunt.ResultCollectionForHID( self.hunt.urn, token=self.token) original_result = original_results[0] with aff4.FACTORY.Create(original_result.payload.stat_entry.AFF4Path( self.client_id), aff4_type=aff4.AFF4Volume, token=self.token): pass args = hunt_plugin.ApiGetHuntFileArgs(hunt_id=self.hunt.urn.Basename(), client_id=self.client_id, vfs_path=self.aff4_file_path, timestamp=original_result.age) with self.assertRaises(hunt_plugin.HuntFileNotFoundError): self.handler.Handle(args, token=self.token)
def testReturnsBinaryStreamIfResultFound(self): if data_store.RelationalDBEnabled(): results = data_store.REL_DB.ReadHuntResults(self.hunt_id, 0, 1) timestamp = results[0].timestamp else: results = implementation.GRRHunt.ResultCollectionForHID( self.hunt_urn, token=self.token) timestamp = results[0].age args = hunt_plugin.ApiGetHuntFileArgs(hunt_id=self.hunt_id, client_id=self.client_id, vfs_path=self.aff4_file_path, timestamp=timestamp) result = self.handler.Handle(args, token=self.token) self.assertTrue(hasattr(result, "GenerateContent")) self.assertEqual(result.content_length, results[0].payload.stat_entry.st_size)
def testRaisesIfResultIsEmptyStream(self): original_results = implementation.GRRHunt.ResultCollectionForHID( self.hunt_urn, token=self.token) original_result = original_results[0] urn = original_result.payload.stat_entry.AFF4Path(self.client_id) aff4.FACTORY.Delete(urn, token=self.token) with aff4.FACTORY.Create(urn, aff4_type=aff4_grr.VFSFile, token=self.token): pass args = hunt_plugin.ApiGetHuntFileArgs( hunt_id=self.hunt_id, client_id=self.client_id, vfs_path=self.aff4_file_path, timestamp=original_result.age) with self.assertRaises(hunt_plugin.HuntFileNotFoundError): self.handler.Handle(args, token=self.token)
def testRaisesIfResultFileDoesNotExist(self): results = data_store.REL_DB.ReadHuntResults(self.hunt_id, 0, 1) original_result = results[0] with test_lib.FakeTime(original_result.timestamp - rdfvalue.Duration.From(1, rdfvalue.SECONDS)): wrong_result = original_result.Copy() payload = wrong_result.payload payload.stat_entry.pathspec.path += "blah" data_store.REL_DB.WriteFlowResults([wrong_result]) wrong_result_timestamp = wrong_result.timestamp args = hunt_plugin.ApiGetHuntFileArgs(hunt_id=self.hunt_id, client_id=self.client_id, vfs_path=self.vfs_file_path + "blah", timestamp=wrong_result_timestamp) with self.assertRaises(hunt_plugin.HuntFileNotFoundError): self.handler.Handle(args, token=self.token)
def testRaisesIfResultFileDoesNotExist(self): if data_store.RelationalDBEnabled(): results = data_store.REL_DB.ReadHuntResults(self.hunt_id, 0, 1) original_result = results[0] with test_lib.FakeTime(original_result.timestamp - rdfvalue.Duration("1s")): wrong_result = original_result.Copy() payload = wrong_result.payload payload.stat_entry.pathspec.path += "blah" data_store.REL_DB.WriteFlowResults([wrong_result]) wrong_result_timestamp = wrong_result.timestamp else: results = implementation.GRRHunt.ResultCollectionForHID( self.hunt_urn, token=self.token) original_result = results[0] with data_store.DB.GetMutationPool() as pool: wrong_result = original_result.Copy() payload = wrong_result.payload payload.stat_entry.pathspec.path += "blah" wrong_result.payload = payload wrong_result.age -= rdfvalue.Duration("1s") results.Add(wrong_result, timestamp=wrong_result.age, mutation_pool=pool) wrong_result_timestamp = wrong_result.age args = hunt_plugin.ApiGetHuntFileArgs(hunt_id=self.hunt_id, client_id=self.client_id, vfs_path=self.aff4_file_path + "blah", timestamp=wrong_result_timestamp) with self.assertRaises(hunt_plugin.HuntFileNotFoundError): self.handler.Handle(args, token=self.token)
def testRaisesIfResultFileDoesNotExist(self): results = implementation.GRRHunt.ResultCollectionForHID( self.hunt.urn, token=self.token) original_result = results[0] with data_store.DB.GetMutationPool() as pool: wrong_result = original_result.Copy() payload = wrong_result.payload payload.stat_entry.pathspec.path += "blah" wrong_result.payload = payload wrong_result.age -= rdfvalue.Duration("1s") results.Add(wrong_result, timestamp=wrong_result.age, mutation_pool=pool) args = hunt_plugin.ApiGetHuntFileArgs( hunt_id=self.hunt.urn.Basename(), client_id=self.client_id, vfs_path=self.aff4_file_path + "blah", timestamp=wrong_result.age) with self.assertRaises(hunt_plugin.HuntFileNotFoundError): self.handler.Handle(args, token=self.token)
def testGetHuntFileIsAccessChecked(self): args = api_hunt.ApiGetHuntFileArgs(hunt_id="H:123456") self.CheckMethodIsAccessChecked(self.router.GetHuntFilesArchive, "CheckHuntAccess", args=args)