def testRaisesIfUsernameSetInRequest(self): user = user_plugin.ApiGrrUser(username="******") with self.assertRaises(ValueError): self.handler.Handle(user, token=access_control.ACLToken(username="******")) user = user_plugin.ApiGrrUser(username="******") with self.assertRaises(ValueError): self.handler.Handle(user, token=access_control.ACLToken(username="******"))
def Handle(self, args, token=None): if not args.username: raise ValueError("username can't be empty.") user_urn = aff4.ROOT_URN.Add("users").Add(args.username) events.Events.PublishEvent("Audit", events.AuditEvent(user=token.username, action="USER_UPDATE", urn=user_urn), token=token) with aff4.FACTORY.Open(user_urn, aff4_type=users.GRRUser, mode="rw", token=token) as fd: if args.HasField("password"): fd.SetPassword(args.password) if args.user_type == args.UserType.USER_TYPE_ADMIN: fd.AddLabels(["admin"], owner="GRR") elif args.user_type == args.UserType.USER_TYPE_STANDARD: fd.RemoveLabels(["admin"], owner="GRR") return api_user.ApiGrrUser().InitFromAff4Object(fd)
def Handle(self, args, token=None): if not args.username: raise ValueError("username can't be empty.") user_urn = aff4.ROOT_URN.Add("users").Add(args.username) events.Events.PublishEvent("Audit", events.AuditEvent(user=token.username, action="USER_ADD", urn=user_urn), token=token) if aff4.FACTORY.ExistsWithType(user_urn, aff4_type=users.GRRUser, token=token): raise access_control.UnauthorizedAccess( "Cannot add user %s: User already exists." % args.username) with aff4.FACTORY.Create(user_urn, aff4_type=users.GRRUser, mode="rw", token=token) as fd: if args.HasField("password"): fd.SetPassword(args.password) if args.user_type == args.UserType.USER_TYPE_ADMIN: fd.AddLabels(["admin"], owner="GRR") return api_user.ApiGrrUser().InitFromAff4Object(fd)
def testSetsSettingsForUserCorrespondingToToken(self): settings = aff4_users.GUISettings(mode="ADVANCED", canary_mode=True, docs_location="REMOTE") user = user_plugin.ApiGrrUser(settings=settings) self.handler.Handle(user, token=access_control.ACLToken(username="******")) # Check that settings for user "foo" were applied. fd = aff4.FACTORY.Open("aff4:/users/foo", token=self.token) self.assertEqual(fd.Get(fd.Schema.GUI_SETTINGS), settings)
def testSetsSettingsForUserCorrespondingToToken(self): settings = aff4_users.GUISettings(mode="ADVANCED", canary_mode=True) user = user_plugin.ApiGrrUser(settings=settings) self.handler.Handle(user, token=access_control.ACLToken(username="******")) # Check that settings for user "foo" were applied. fd = aff4.FACTORY.Open("aff4:/users/foo", token=self.token) self.assertEqual(fd.Get(fd.Schema.GUI_SETTINGS), settings) # Check that settings were applied in relational db. u = data_store.REL_DB.ReadGRRUser("foo") self.assertEqual(settings.mode, u.ui_mode) self.assertEqual(settings.canary_mode, u.canary_mode)
def Handle(self, args, token=None): if not args.username: raise ValueError("username can't be empty.") user_urn = aff4.ROOT_URN.Add("users").Add(args.username) try: fd = aff4.FACTORY.Open(user_urn, aff4_type=users.GRRUser, mode="r", token=token) return api_user.ApiGrrUser().InitFromAff4Object(fd) except aff4.InstantiationError: raise api_call_handler_base.ResourceNotFoundError( "GRR user with username '%s' could not be found." % args.username)
def Handle(self, args, token=None): users_root = aff4.FACTORY.Open(aff4.ROOT_URN.Add("users"), token=token) usernames = sorted(users_root.ListChildren()) total_count = len(usernames) if args.count: usernames = usernames[args.offset:args.offset + args.count] else: usernames = usernames[args.offset:] items = [] for aff4_obj in aff4.FACTORY.MultiOpen(usernames, aff4_type=users.GRRUser, token=token): items.append(api_user.ApiGrrUser().InitFromAff4Object(aff4_obj)) return ApiListGrrUsersResult(total_count=total_count, items=items)
def testRaisesIfTraitsSetInRequest(self): user = user_plugin.ApiGrrUser( interface_traits=user_plugin.ApiGrrUserInterfaceTraits()) with self.assertRaises(ValueError): self.handler.Handle(user, token=access_control.ACLToken(username="******"))