def testUserModificationAudit(self):
audit.AuditEventListener.created_logs.clear()
worker = test_lib.MockWorker(token=self.token)
token = self.GenerateToken(username="******", reason="reason")
maintenance_utils.AddUser(
"testuser", password="******", labels=["admin"], token=token)
worker.Simulate()
maintenance_utils.UpdateUser(
"testuser", "xxx", delete_labels=["admin"], token=token)
worker.Simulate()
maintenance_utils.DeleteUser("testuser", token=token)
worker.Simulate()
log_entries = []
for log in aff4.FACTORY.Open(
"aff4:/audit/logs", token=self.token).OpenChildren():
log_entries.extend(log)
self.assertEqual(len(log_entries), 3)
self.assertEqual(log_entries[0].action, "USER_ADD")
self.assertEqual(log_entries[0].urn, "aff4:/users/testuser")
self.assertEqual(log_entries[0].user, "usermodtest")
self.assertEqual(log_entries[1].action, "USER_UPDATE")
self.assertEqual(log_entries[1].urn, "aff4:/users/testuser")
self.assertEqual(log_entries[1].user, "usermodtest")
self.assertEqual(log_entries[2].action, "USER_DELETE")
self.assertEqual(log_entries[2].urn, "aff4:/users/testuser")
self.assertEqual(log_entries[2].user, "usermodtest")
def AddUsers(token=None):
# Now initialize with our modified config.
startup.Init()
print "\nStep 3: Adding Admin User"
try:
maintenance_utils.AddUser(
"admin",
labels=["admin"],
token=token,
password=flags.FLAGS.admin_password)
except maintenance_utils.UserError:
if flags.FLAGS.noprompt:
maintenance_utils.UpdateUser(
"admin",
password=flags.FLAGS.admin_password,
add_labels=["admin"],
token=token)
else:
if ((raw_input("User 'admin' already exists, do you want to "
"reset the password? [yN]: ").upper() or "N") == "Y"):
maintenance_utils.UpdateUser(
"admin", password=True, add_labels=["admin"], token=token)
print e
elif flags.FLAGS.subparser_name == "delete_user":
maintenance_utils.DeleteUser(flags.FLAGS.username, token=token)
elif flags.FLAGS.subparser_name == "add_user":
labels = []
if not flags.FLAGS.noadmin:
labels.append("admin")
if flags.FLAGS.labels:
labels.extend(flags.FLAGS.labels)
try:
maintenance_utils.AddUser(flags.FLAGS.username,
flags.FLAGS.password,
labels,
token=token)
except maintenance_utils.UserError as e:
print e
elif flags.FLAGS.subparser_name == "upload_python":
content = open(flags.FLAGS.file, "rb").read(1024 * 1024 * 30)
aff4_path = flags.FLAGS.dest_path
if not aff4_path:
python_hack_root_urn = config_lib.CONFIG.Get(
"Config.python_hack_root")
aff4_path = python_hack_root_urn.Add(
os.path.basename(flags.FLAGS.file))
context = [
"Platform:%s" % flags.FLAGS.platform.title(), "Client Context"
]
