def testArtifactsValidate(self, registry):
"""Check each artifact we have passes validation."""
registry.AddFileSource(self.test_artifacts_file)
for artifact in registry.GetArtifacts():
ar.Validate(artifact)
art_obj = registry.GetArtifact("TestCmdArtifact")
art_obj.labels.append("BadLabel")
self.assertRaises(rdf_artifacts.ArtifactDefinitionError, ar.Validate,
art_obj)
def testReadArtifactPatchingDeep(self):
source = rdf_artifacts.ArtifactSource()
source.type = rdf_artifacts.ArtifactSource.SourceType.REGISTRY_VALUE
source.attributes = {
b"key_value_pairs": [
{
b"key": "foo",
b"value": "bar",
},
{
b"key": b"quux",
b"value": 1337,
},
],
}
artifact = rdf_artifacts.Artifact()
artifact.name = "foobar"
artifact.doc = "Lorem ipsum."
artifact.sources = [source]
self.db.WriteArtifact(artifact)
artifact = self.db.ReadArtifact("foobar")
artifact_registry.Validate(artifact) # Should not raise.
self.assertLen(artifact.sources, 1)
source = artifact.sources[0]
self.assertEqual(source.attributes["key_value_pairs"][0]["key"], "foo")
self.assertEqual(source.attributes["key_value_pairs"][0]["value"],
"bar")
self.assertEqual(source.attributes["key_value_pairs"][1]["key"],
"quux")
self.assertEqual(source.attributes["key_value_pairs"][1]["value"],
1337)
# Read again, to ensure that we retrieve what is stored in the database.
artifact = self.db.ReadArtifact("foobar")
artifact_registry.Validate(artifact) # Should not raise.
def StartCollection(self, responses):
"""Start collecting."""
if not responses.success:
raise artifact_utils.KnowledgeBaseUninitializedError(
"Attempt to initialize Knowledge Base failed.")
if not self.state.knowledge_base:
self.state.knowledge_base = _ReadClientKnowledgeBase(
self.client_id, allow_uninitialized=True)
for artifact_name in self.args.artifact_list:
artifact_obj = self._GetArtifactFromName(artifact_name)
# Ensure artifact has been written sanely. Note that this could be
# removed if it turns out to be expensive. Artifact tests should catch
# these.
artifact_registry.Validate(artifact_obj)
self.Collect(artifact_obj)
def StartCollection(self, responses):
"""Start collecting."""
if not responses.success:
raise artifact_utils.KnowledgeBaseUninitializedError(
"Attempt to initialize Knowledge Base failed.")
if not self.state.knowledge_base:
self.client = aff4.FACTORY.Open(self.client_id, token=self.token)
# If we are processing the knowledge base, it still won't exist yet.
self.state.knowledge_base = artifact.GetArtifactKnowledgeBase(
self.client, allow_uninitialized=True)
for artifact_name in self.args.artifact_list:
artifact_obj = artifact_registry.REGISTRY.GetArtifact(artifact_name)
# Ensure artifact has been written sanely. Note that this could be
# removed if it turns out to be expensive. Artifact tests should catch
# these.
artifact_registry.Validate(artifact_obj)
self.Collect(artifact_obj)
def testArtifactsValidate(self, registry):
"""Check each artifact we have passes validation."""
registry.AddFileSource(self.test_artifacts_file)
for artifact in registry.GetArtifacts():
ar.Validate(artifact)
