def matches(self, rule: 'Rule', process: psutil.Process,
cache: Dict[str, Any]) -> bool:
if self._name is None and self._name_norm_base != rule.name:
self._name_norm_base = rule.name
self._name_norm = rule.name
if self._normalize:
self._name_norm = normalize(self._name_norm)
if self._case_insensitive:
self._name_norm = self._name_norm.casefold()
exe: str
try:
exe = cache['exe']
except KeyError:
exe = next(iter(process.as_dict(['exe']).values()))
cache['exe'] = exe
if exe is not None:
if self._normalize:
exe = normalize(exe)
if self._case_insensitive:
exe = exe.casefold()
if exe.endswith(self._name_norm):
return True
return False
def matches(self, rule: 'Rule', process: psutil.Process,
cache: Dict[str, Any]) -> bool:
if self.name not in PropertyMatcher.PROPERTY_WHITELIST:
raise PermissionError('Property %(name)s not in whitelist' %
{'name': self.name})
if not isinstance(self.value,
PropertyMatcher.ALLOWED_TYPES[self.operation]):
raise TypeError(
'Value of type %(type)s not supported for operation %(op)s' % {
'type': self.value.__class__.__name__,
'op': self.operation
})
if self.name not in cache:
cache.update(process.as_dict([self.name]))
value = cache[self.name]
if self.key is not None:
try:
value = value[self.key]
except KeyError:
return self.inverted
if self.length:
try:
value = len(value)
except TypeError:
return self.inverted
if not isinstance(value,
PropertyMatcher.ALLOWED_TYPES[self.operation]):
raise TypeError(
'Operation %(op)s not supported on value of type %(type)s' % {
'op': self.operation,
'type': value.__class__.__name__
})
self_value: str = self.value
if self.normalize_strings:
if isinstance(value, str):
value = normalize(value)
if isinstance(self_value, str):
self_value = normalize(self_value)
if self.case_insensitive:
if isinstance(value, str):
value = value.casefold()
if isinstance(self_value, str):
self_value = self_value.casefold()
result: bool
if self.operation == PropertyMatcher.Operator.EqualTo:
result = value == self_value
elif self.operation == PropertyMatcher.Operator.GreaterThanOrEqualTo:
result = value >= self_value
elif self.operation == PropertyMatcher.Operator.LessThanOrEqualTo:
result = value <= self_value
elif self.operation == PropertyMatcher.Operator.StartsWith:
if isinstance(value, Sequence):
if isinstance(self_value, Sequence):
result = \
value[0:len(self_value)] == self_value[0:len(value)]
else:
result = value[0] == self_value
else:
result = value.startswith(self_value)
elif self.operation == PropertyMatcher.Operator.EndsWith:
if isinstance(value, Sequence):
if isinstance(self_value, Sequence):
result = \
value[-len(self_value):] == self_value[-len(value):]
else:
result = value[-1] == self_value
else:
result = value.endswith(self_value)
elif self.operation in (PropertyMatcher.Operator.MatchesGlob,
PropertyMatcher.Operator.MatchesRegex):
if (self._cache is None or self._cache[0] != self.operation
or self._cache[1] != self_value):
_value: str = self_value
if self.operation == PropertyMatcher.Operator.MatchesGlob:
_value = fnmatch.translate(_value)
self._cache = (self.operation, self_value, re.compile(_value))
result = self._cache[2].fullmatch(value) is not None
elif self.operation == PropertyMatcher.Operator.Contains:
result = self_value in value
else:
assert False
return result if not self.inverted else not result