def testUserModificationAudit(self):
worker = worker_test_lib.MockWorker(token=self.token)
token = self.GenerateToken(username="******", reason="reason")
maintenance_utils.AddUser(
"testuser", password="******", labels=["admin"], token=token)
worker.Simulate()
maintenance_utils.UpdateUser(
"testuser", "xxx", delete_labels=["admin"], token=token)
worker.Simulate()
maintenance_utils.DeleteUser("testuser", token=token)
worker.Simulate()
log_entries = []
for log in audit.AllAuditLogs(token=self.token):
log_entries.extend(log)
self.assertEqual(len(log_entries), 3)
self.assertEqual(log_entries[0].action, "USER_ADD")
self.assertEqual(log_entries[0].urn, "aff4:/users/testuser")
self.assertEqual(log_entries[0].user, "usermodtest")
self.assertEqual(log_entries[1].action, "USER_UPDATE")
self.assertEqual(log_entries[1].urn, "aff4:/users/testuser")
self.assertEqual(log_entries[1].user, "usermodtest")
self.assertEqual(log_entries[2].action, "USER_DELETE")
self.assertEqual(log_entries[2].urn, "aff4:/users/testuser")
self.assertEqual(log_entries[2].user, "usermodtest")
def AddUsers(token=None):
# Now initialize with our modified config.
server_startup.Init()
print "\nStep 3: Adding Admin User"
try:
maintenance_utils.AddUser(
"admin",
labels=["admin"],
token=token,
password=flags.FLAGS.admin_password)
except maintenance_utils.UserError:
if flags.FLAGS.noprompt:
maintenance_utils.UpdateUser(
"admin",
password=flags.FLAGS.admin_password,
add_labels=["admin"],
token=token)
else:
if ((raw_input("User 'admin' already exists, do you want to "
"reset the password? [yN]: ").upper() or "N") == "Y"):
maintenance_utils.UpdateUser(
"admin", password=True, add_labels=["admin"], token=token)
print e
elif flags.FLAGS.subparser_name == "delete_user":
maintenance_utils.DeleteUser(flags.FLAGS.username, token=token)
elif flags.FLAGS.subparser_name == "add_user":
labels = []
if not flags.FLAGS.noadmin:
labels.append("admin")
if flags.FLAGS.labels:
labels.extend(flags.FLAGS.labels)
try:
maintenance_utils.AddUser(flags.FLAGS.username,
flags.FLAGS.password,
labels,
token=token)
except maintenance_utils.UserError as e:
print e
elif flags.FLAGS.subparser_name == "upload_python":
python_hack_root_urn = grr_config.CONFIG.Get("Config.python_hack_root")
content = open(flags.FLAGS.file, "rb").read(1024 * 1024 * 30)
aff4_path = flags.FLAGS.dest_path
platform = flags.FLAGS.platform
if not aff4_path:
aff4_path = python_hack_root_urn.Add(platform.lower()).Add(
os.path.basename(flags.FLAGS.file))
if not str(aff4_path).startswith(str(python_hack_root_urn)):
raise ValueError("AFF4 path must start with %s.",
python_hack_root_urn)
