def _RenderApprovals(self, approvals, subjects_by_urn):
rendered_approvals = []
for approval in approvals:
try:
subject = subjects_by_urn[approval.Get(
approval.Schema.SUBJECT)]
except KeyError:
continue
rendered_approval = api_aff4_object_renderers.RenderAFF4Object(
approval)
rendered_approval[
"subject"] = api_aff4_object_renderers.RenderAFF4Object(
subject)
try:
approval.CheckAccess(approval.token)
rendered_approval["is_valid"] = True
except access_control.UnauthorizedAccess as e:
rendered_approval["is_valid"] = False
rendered_approval["is_valid_message"] = utils.SmartStr(e)
rendered_approvals.append(rendered_approval)
return dict(items=rendered_approvals)
def Render(self, args, token=None):
end = args.count or sys.maxint
rendered_clients = []
# An empty query matches all clients, use the universal keyword ".".
query = args.query or "."
keywords = shlex.split(query)
if not keywords:
raise ValueError("Couldn't parse query string.")
index = aff4.FACTORY.Create(client_index.MAIN_INDEX,
aff4_type="ClientIndex",
mode="rw",
token=token)
result_urns = sorted(index.LookupClients(keywords),
key=str)[args.offset:args.offset + end]
result_set = aff4.FACTORY.MultiOpen(result_urns, token=token)
for child in result_set:
rendered_client = api_aff4_object_renderers.RenderAFF4Object(
child, [
rdfvalue.ApiAFF4ObjectRendererArgs(
type_info="WITH_TYPES_AND_METADATA")
])
rendered_clients.append(rendered_client)
return dict(query=args.query,
offset=args.offset,
count=len(rendered_clients),
items=rendered_clients)
def Render(self, args, token=None):
hunt = aff4.FACTORY.Open(HUNTS_ROOT_PATH.Add(args.hunt_id),
aff4_type="GRRHunt", token=token)
return api_aff4_object_renderers.RenderAFF4Object(
hunt,
[ApiGRRHuntRendererArgs(with_full_summary=True)])
def Render(self, args, token=None):
fd = aff4.FACTORY.Open("aff4:/hunts", mode="r", token=token)
children = list(fd.ListChildren())
children.sort(key=operator.attrgetter("age"), reverse=True)
if args.count:
children = children[args.offset:args.offset + args.count]
else:
children = children[args.offset:]
hunt_list = []
for hunt in fd.OpenChildren(children=children):
if not isinstance(hunt, hunts.GRRHunt) or not hunt.state:
continue
hunt_list.append(hunt)
hunt_list.sort(key=lambda hunt: hunt.GetRunner().context.create_time,
reverse=True)
encoded_hunt_list = []
for hunt in hunt_list:
encoded_hunt = api_aff4_object_renderers.RenderAFF4Object(
hunt, [rdfvalue.ApiAFF4ObjectRendererArgs(limit_lists=0)])
encoded_hunt_list.append(encoded_hunt)
return encoded_hunt_list
def Render(self, args, token=None):
end = args.count or sys.maxint
rendered_clients = []
keywords = shlex.split(args.query)
index = aff4.FACTORY.Create(client_index.MAIN_INDEX,
aff4_type="ClientIndex",
mode="rw",
token=token)
result_urns = sorted(index.LookupClients(keywords),
key=str)[args.offset:args.offset + end]
result_set = aff4.FACTORY.MultiOpen(result_urns, token=token)
for child in result_set:
rendered_client = api_aff4_object_renderers.RenderAFF4Object(
child, [
rdfvalue.ApiAFF4ObjectRendererArgs(
type_info="WITH_TYPES_AND_METADATA")
])
rendered_clients.append(rendered_client)
return dict(query=args.query,
offset=args.offset,
count=len(rendered_clients),
items=rendered_clients)
def Render(self, args, token=None):
results = aff4.FACTORY.Open(
HUNTS_ROOT_PATH.Add(args.hunt_id).Add("Results"), mode="r",
token=token)
return api_aff4_object_renderers.RenderAFF4Object(
results,
[api_aff4_object_renderers.ApiRDFValueCollectionRendererArgs(
offset=args.offset, count=args.count, filter=args.filter,
with_total_count=True)])
def Render(self, args, token=None):
errors_collection = aff4.FACTORY.Create(
HUNTS_ROOT_PATH.Add(args.hunt_id).Add("errors"),
aff4_type="RDFValueCollection", mode="r", token=token)
return api_aff4_object_renderers.RenderAFF4Object(
errors_collection,
[rdfvalue.ApiRDFValueCollectionRendererArgs(
offset=args.offset, count=args.count, with_total_count=True,
items_type_info="WITH_TYPES_AND_METADATA")])
def Render(self, args, token=None):
client = aff4.FACTORY.Open(args.client_id,
aff4_type="VFSGRRClient",
token=token)
return api_aff4_object_renderers.RenderAFF4Object(
client, [
rdfvalue.ApiAFF4ObjectRendererArgs(
type_info="WITH_TYPES_AND_METADATA")
])
def Render(self, args, token=None):
# TODO(user): handle cases when hunt doesn't exists.
# TODO(user): Use hunt's logs_collection_urn to open errors collection.
errors_collection = aff4.FACTORY.Create(
HUNTS_ROOT_PATH.Add(args.hunt_id).Add("ErrorClients"),
aff4_type="RDFValueCollection", mode="r", token=token)
return api_aff4_object_renderers.RenderAFF4Object(
errors_collection,
[api_aff4_object_renderers.ApiRDFValueCollectionRendererArgs(
offset=args.offset, count=args.count, with_total_count=True)])
def _RenderHuntList(self, hunt_list):
hunts_list = sorted(hunt_list, reverse=True,
key=lambda hunt: hunt.GetRunner().context.create_time)
encoded_hunt_list = []
for hunt in hunts_list:
encoded_hunt = api_aff4_object_renderers.RenderAFF4Object(
hunt,
[api_aff4_object_renderers.ApiAFF4ObjectRendererArgs(limit_lists=0)])
encoded_hunt_list.append(encoded_hunt)
return encoded_hunt_list
def Render(self, args, token=None):
flow_urn = args.client_id.Add("flows").Add(args.flow_id.Basename())
flow_obj = aff4.FACTORY.Open(flow_urn, aff4_type="GRRFlow", mode="r",
token=token)
output_urn = flow_obj.GetRunner().output_urn
output_collection = aff4.FACTORY.Create(
output_urn, aff4_type="RDFValueCollection", mode="r", token=token)
return api_aff4_object_renderers.RenderAFF4Object(
output_collection,
[api_aff4_object_renderers.ApiRDFValueCollectionRendererArgs(
offset=args.offset, count=args.count, filter=args.filter,
with_total_count=True)])
def Render(self, args, token=None):
# TODO(user): handle cases when hunt doesn't exists.
# TODO(user): Use hunt's logs_collection_urn to open logs collection.
try:
logs_collection = aff4.FACTORY.Open(
HUNTS_ROOT_PATH.Add(args.hunt_id).Add("Logs"),
aff4_type=flow_runner.FlowLogCollection.__name__, mode="r",
token=token)
except IOError:
logs_collection = aff4.FACTORY.Create(
HUNTS_ROOT_PATH.Add(args.hunt_id).Add("Logs"),
aff4_type="RDFValueCollection", mode="r", token=token)
return api_aff4_object_renderers.RenderAFF4Object(
logs_collection,
[api_aff4_object_renderers.ApiRDFValueCollectionRendererArgs(
offset=args.offset, count=args.count, with_total_count=True)])
def Render(self, args, token=None):
# TODO(user): handle cases when hunt doesn't exists.
# TODO(user): Use hunt's logs_collection_urn to open logs collection.
logs_collection = aff4.FACTORY.Create(HUNTS_ROOT_PATH.Add(
args.hunt_id).Add("Logs"),
aff4_type="RDFValueCollection",
mode="r",
token=token)
return api_aff4_object_renderers.RenderAFF4Object(
logs_collection, [
rdfvalue.ApiRDFValueCollectionRendererArgs(
offset=args.offset,
count=args.count,
with_total_count=True,
items_type_info="WITH_TYPES_AND_METADATA")
])
def Render(self, args, token=None):
aff4_object = aff4.FACTORY.Open(args.aff4_path, token=token)
rendered_data = api_aff4_object_renderers.RenderAFF4Object(
aff4_object, [x.args for x in args.additional_args])
return rendered_data
def Render(self, args, token=None):
approvals_base_urn = aff4.ROOT_URN.Add("users").Add(
token.username).Add("approvals").Add(
args.approval_type.name.lower())
all_children = aff4.FACTORY.RecursiveMultiListChildren(
[approvals_base_urn], token=token)
approvals_urns = []
for subject, children in all_children:
# We only want to process leaf nodes.
if children:
continue
approvals_urns.append(subject)
approvals_urns.sort(key=lambda x: x.age, reverse=True)
if args.count:
right_edge = args.offset + args.count
else:
right_edge = len(approvals_urns)
approvals_urns = approvals_urns[args.offset:right_edge]
approvals = list(
aff4.FACTORY.MultiOpen(approvals_urns,
mode="r",
aff4_type=aff4_security.Approval.__name__,
age=aff4.ALL_TIMES,
token=token))
subjects_urns = [a.Get(a.Schema.SUBJECT) for a in approvals]
subjects_by_urn = {}
for subject in aff4.FACTORY.MultiOpen(subjects_urns,
mode="r",
token=token):
subjects_by_urn[subject.urn] = subject
rendered_approvals_by_urn = {}
for approval in approvals:
try:
subject = subjects_by_urn[approval.Get(
approval.Schema.SUBJECT)]
except KeyError:
continue
rendered_approval = api_aff4_object_renderers.RenderAFF4Object(
approval)
rendered_approval[
"subject"] = api_aff4_object_renderers.RenderAFF4Object(
subject)
try:
approval.CheckAccess(approval.token)
rendered_approval["is_valid"] = True
except access_control.UnauthorizedAccess as e:
rendered_approval["is_valid"] = False
rendered_approval["is_valid_message"] = utils.SmartStr(e)
rendered_approvals_by_urn[approval.symlink_urn
or approval.urn] = rendered_approval
items = []
for urn in approvals_urns:
try:
items.append(rendered_approvals_by_urn[urn])
except KeyError:
pass
return dict(items=items, offset=args.offset, count=len(items))
def Render(self, args, token=None):
client = aff4.FACTORY.Open(args.client_id,
aff4_type="VFSGRRClient",
token=token)
return api_aff4_object_renderers.RenderAFF4Object(client)
