def find_matching_files(file_pattern, script_output):
files = []
separator = re.escape(os_utils.path_sep())
output_patterns = [file_pattern]
while len(output_patterns) > 0:
output_pattern = output_patterns.pop(0)
if '#' in output_pattern:
regex_start = output_pattern.find('#')
group_number_matches = re.findall('^#\d+#',
output_pattern[regex_start:])
if group_number_matches:
first_match = group_number_matches[0]
group_number = int(first_match[1:-1])
pattern_start = regex_start + len(first_match) - 1
else:
group_number = 0
pattern_start = regex_start
regex_end = output_pattern.find('#', pattern_start + 1)
while (regex_end >=
0) and output_pattern[regex_end:].startswith('#any_path'):
regex_end = output_pattern.find('#', regex_end + 1)
if regex_end >= 0:
regex_pattern = output_pattern[pattern_start + 1:regex_end]
if regex_pattern.startswith('#any_path') and (regex_start
== 0):
if os_utils.is_linux() or os_utils.is_mac():
regex_pattern = '~?' + regex_pattern
elif os_utils.is_win():
regex_pattern = '(([^\W\d_]:)|~)' + regex_pattern
regex_pattern = regex_pattern.replace(
'#any_path', '(' + separator + '([\w.\-]|(\\\ ))+)+')
found_matches = re.finditer(regex_pattern, script_output)
for match in found_matches:
matched_group = match.group(group_number)
new_output_pattern = string_utils.replace(
output_pattern, matched_group, regex_start, regex_end)
output_patterns.append(new_output_pattern)
continue
if '*' not in output_pattern:
files.append(output_pattern)
else:
recursive = '**' in output_pattern
matching_files = file_utils.search_glob(output_pattern,
recursive=recursive)
files.extend(matching_files)
return files
def test_authenticate_success_when_plain(self):
if self.verifier == 'htpasswd' and os_utils.is_linux():
return
os_utils.set_win()
authenticator = self._create_authenticator(
{'htpasswd_path': self.file_path})
for username, password in crypt_users.items():
self._assert_authenticated(username, password, authenticator)
def test_authenticate_failure_when_plain_with_crypt_password(self):
if self.verifier == 'htpasswd' and os_utils.is_linux():
return
os_utils.set_win()
authenticator = self._create_authenticator(
{'htpasswd_path': self.file_path})
for username in crypt_users.keys():
password = username_passwords[username]
self._assert_rejected(username, password, authenticator)
def find_matching_files(file_pattern, script_output):
files = []
separator = re.escape(os_utils.path_sep())
output_patterns = [file_pattern]
while len(output_patterns) > 0:
output_pattern = output_patterns.pop(0)
if '#' in output_pattern:
regex_start = output_pattern.find('#')
group_number_matches = re.findall('^#\d+#', output_pattern[regex_start:])
if group_number_matches:
first_match = group_number_matches[0]
group_number = int(first_match[1:-1])
pattern_start = regex_start + len(first_match) - 1
else:
group_number = 0
pattern_start = regex_start
regex_end = output_pattern.find('#', pattern_start + 1)
while (regex_end >= 0) and output_pattern[regex_end:].startswith('#any_path'):
regex_end = output_pattern.find('#', regex_end + 1)
if regex_end >= 0:
regex_pattern = output_pattern[pattern_start + 1:regex_end]
if regex_pattern.startswith('#any_path') and (regex_start == 0):
if os_utils.is_linux() or os_utils.is_mac():
regex_pattern = '~?' + regex_pattern
elif os_utils.is_win():
regex_pattern = '(([^\W\d_]:)|~)' + regex_pattern
regex_pattern = regex_pattern.replace('#any_path', '(' + separator + '([\w.\-]|(\\\ ))+)+')
found_matches = re.finditer(regex_pattern, script_output)
for match in found_matches:
matched_group = match.group(group_number)
new_output_pattern = string_utils.replace(output_pattern, matched_group, regex_start, regex_end)
output_patterns.append(new_output_pattern)
continue
if '*' not in output_pattern:
files.append(output_pattern)
else:
recursive = '**' in output_pattern
matching_files = file_utils.search_glob(output_pattern, recursive=recursive)
files.extend(matching_files)
return files
def _load_script_config(self, path, content_or_json_dict, user, parameter_values):
if isinstance(content_or_json_dict, str):
json_object = json.loads(content_or_json_dict)
else:
json_object = content_or_json_dict
config = script_config.ConfigModel(
json_object,
path,
user.get_username(),
user.get_audit_name(),
pty_enabled_default=os_utils.is_pty_supported(),
ansi_enabled_default=os_utils.is_linux() or os_utils.is_mac(),
parameter_values=parameter_values)
return config
def _load_script_config(self, path, content_or_json_dict, user, parameter_values):
if isinstance(content_or_json_dict, str):
json_object = json.loads(content_or_json_dict)
else:
json_object = content_or_json_dict
config = script_config.ConfigModel(
json_object,
path,
user.get_username(),
user.get_audit_name(),
pty_enabled_default=os_utils.is_pty_supported(),
ansi_enabled_default=os_utils.is_linux() or os_utils.is_mac(),
parameter_values=parameter_values)
return config
def read_full(file_path,
json_object,
username,
audit_name,
pty_enabled_default=False):
short_config = read_short(file_path, json_object)
config = Config()
config.name = short_config.name
config.script_command = json_object.get("script_path")
config.description = json_object.get("description")
config.working_directory = json_object.get("working_directory")
config.requires_terminal = read_boolean("requires_terminal", json_object,
pty_enabled_default)
config.bash_formatting = read_boolean(
"bash_formatting", json_object,
os_utils.is_linux() or os_utils.is_mac())
output_files = json_object.get("output_files")
if output_files:
config.output_files = output_files
parameters_json = json_object.get("parameters")
if parameters_json is not None:
parameter_values = {}
for parameter_json in parameters_json:
parameter = Parameter()
parameter.set_name(parameter_json.get('name'))
parameter.set_param(parameter_json.get('param'))
parameter.set_no_value(parameter_json.get('no_value'))
parameter.set_description(parameter_json.get('description'))
parameter.set_required(parameter_json.get('required'))
parameter.set_min(parameter_json.get('min'))
parameter.set_max(parameter_json.get('max'))
parameter.secure = read_boolean('secure', parameter_json)
parameter.separator = parameter_json.get('separator', ',')
parameter.multiple_arguments = read_boolean('multiple_arguments',
parameter_json,
default=False)
parameter.default = _resolve_default(parameter_json.get('default'),
username, audit_name)
parameter_values[parameter] = parameter_json.get('values')
type = parameter_json.get('type')
if type:
parameter.type = type
constant = parameter_json.get('constant')
if constant is True:
if not parameter.default:
raise Exception(
'Constant should have default value specified')
parameter.set_constant(constant)
config.add_parameter(parameter)
for parameter in config.parameters:
values = parameter_values.get(parameter)
if values is None:
continue
values_provider = _create_values_provider(values, parameter,
config.parameters)
parameter.values_provider = values_provider
return config
def from_json(file_path, json_object, pty_enabled_default=False):
config = Config()
config.name = read_name(file_path, json_object)
config.script_command = json_object.get("script_path")
config.description = json_object.get("description")
config.working_directory = json_object.get("working_directory")
config.requires_terminal = read_boolean("requires_terminal", json_object,
pty_enabled_default)
config.bash_formatting = read_boolean(
"bash_formatting", json_object,
os_utils.is_linux() or os_utils.is_mac())
config.allowed_users = json_object.get('allowed_users')
if config.allowed_users is None:
config.allowed_users = ANY_USER
output_files = json_object.get("output_files")
if output_files:
config.output_files = output_files
parameters_json = json_object.get("parameters")
if parameters_json is not None:
for parameter_json in parameters_json:
parameter = Parameter()
parameter.set_name(parameter_json.get('name'))
parameter.set_param(parameter_json.get('param'))
parameter.set_no_value(parameter_json.get('no_value'))
parameter.set_description(parameter_json.get('description'))
parameter.set_required(parameter_json.get('required'))
parameter.set_default(parameter_json.get('default'))
parameter.set_min(parameter_json.get('min'))
parameter.set_max(parameter_json.get('max'))
parameter.secure = read_boolean('secure', parameter_json)
parameter.separator = parameter_json.get('separator', ',')
parameter.multiple_arguments = read_boolean('multiple_arguments',
parameter_json,
default=False)
values = parameter_json.get("values")
if values:
if isinstance(values, list):
parameter.set_values(values)
elif "script" in values:
script_output = process_utils.invoke(values["script"])
script_output = script_output.rstrip("\n")
derived_values = script_output.split("\n")
parameter.set_values(derived_values)
else:
raise Exception("Unsupported values")
type = parameter_json.get('type')
if type:
parameter.type = type
constant = parameter_json.get("constant")
if constant is True:
if not parameter.get_default():
raise Exception(
"Constant should have default value specified")
parameter.set_constant(constant)
config.add_parameter(parameter)
return config
from execution.logging import ScriptOutputLogger
from features import file_download_feature
from model import external_model
from model import model_helper
from model import script_configs
from model import server_conf
from utils import bash_utils as bash_utils
from utils import file_utils as file_utils
from utils import os_utils as os_utils
from utils import process_utils as process_utils
from utils.audit_utils import get_audit_name
from utils.audit_utils import get_all_audit_names
TEMP_FOLDER = "temp"
pty_supported = os_utils.is_linux()
if pty_supported:
from execution import execution_pty
CONFIG_FOLDER = "conf"
SERVER_CONF_PATH = os.path.join(CONFIG_FOLDER, "conf.json")
SCRIPT_CONFIGS_FOLDER = os.path.join(CONFIG_FOLDER, "runners")
running_scripts = {}
def list_config_names():
def add_name(path, content):
try:
return script_configs.read_name(path, content)
def from_json(file_path, json_string, pty_enabled_default=False):
json_object = json.loads(json_string)
config = Config()
config.name = read_name(file_path, json_string)
config.script_command = json_object.get("script_path")
config.description = json_object.get("description")
config.working_directory = json_object.get("working_directory")
config.requires_terminal = read_boolean("requires_terminal", json_object,
pty_enabled_default)
config.bash_formatting = read_boolean(
"bash_formatting", json_object,
os_utils.is_linux() or os_utils.is_mac())
config.kill_on_disconnect = read_boolean('kill_on_disconnect', json_object,
True)
output_files = json_object.get("output_files")
if output_files:
config.output_files = output_files
parameters_json = json_object.get("parameters")
if parameters_json is not None:
for parameter_json in parameters_json:
parameter = Parameter()
parameter.set_name(parameter_json.get("name"))
parameter.set_param(parameter_json.get("param"))
parameter.set_no_value(parameter_json.get("no_value"))
parameter.set_description(parameter_json.get("description"))
parameter.set_required(parameter_json.get("required"))
parameter.set_default(parameter_json.get("default"))
parameter.set_min(parameter_json.get("min"))
parameter.set_max(parameter_json.get("max"))
parameter.secure = read_boolean('secure', parameter_json)
values = parameter_json.get("values")
if values:
if isinstance(values, list):
parameter.set_values(values)
elif "script" in values:
script_output = process_utils.invoke(values["script"])
script_output = script_output.rstrip("\n")
derived_values = script_output.split("\n")
parameter.set_values(derived_values)
else:
raise Exception("Unsupported values")
type = parameter_json.get('type')
if type:
parameter.type = type
constant = parameter_json.get("constant")
if constant is True:
if not parameter.get_default():
raise Exception(
"Constant should have default value specified")
parameter.set_constant(constant)
config.add_parameter(parameter)
return config
