def test_clear(mock_connect, mock_info, agent_list, expected_affected_items,
expected_calls, wdb_side_effect):
"""Test if function clear() returns expected result and if delete command is executed.
The databases of 4 agents are requested to be cleared, 3 of them exist.
2 failed items are expected:
- 1 non existent agent.
- 1 exception when running execute() method.
Parameters
----------
agent_list : list
List of agent IDs.
expected_affected_items : list
List of expected agent IDs in the result.
expected_calls : list
List of expected calls to the mocked WazuhDBConnection._send function.
wdb_side_effect : Union[WazuhError, list]
Side effect used in the mocked WazuhDBConnection._send function.
"""
with patch('wazuh.core.wdb.WazuhDBConnection._send',
side_effect=wdb_side_effect) as mock_wdbconn:
result = rootcheck.clear(agent_list).render()
assert result['data']['affected_items'] == expected_affected_items
assert result['data']['total_affected_items'] == len(
expected_affected_items)
assert result['data']['total_failed_items'] == len(agent_list) - len(
expected_affected_items)
mock_wdbconn.assert_has_calls(expected_calls, any_order=True)
def test_clear(mock_connect, mock_info, mock_wdbconn):
"""Test if function clear() returns expected result and if delete command is executed.
The databases of 4 agents are requested to be cleared, 3 of them exist.
2 failed items are expected:
- 1 non existent agent.
- 1 exception when running execute() method.
"""
result = rootcheck.clear(['000', '001', '002', '003']).render()
assert result['data']['affected_items'] == ['000', '001']
assert result['data']['total_affected_items'] == 2
assert result['data']['total_failed_items'] == 2
mock_wdbconn.assert_has_calls([
call('agent 000 rootcheck delete'),
call('agent 001 rootcheck delete')
])
def found_terminator(self):
response = b''.join(self.received_data)
error = 0
cmd = self.f.decrypt(response[:common.cluster_sync_msg_size]).decode()
self.command = cmd.split(" ")
logging.debug("Command received: {0}".format(self.command))
if not check_cluster_cmd(self.command, self.node_type):
logging.error(
"Received invalid cluster command {0} from {1}".format(
self.command[0], self.addr))
error = 1
res = "Received invalid cluster command {0}".format(
self.command[0])
if error == 0:
if self.command[0] == list_requests_cluster['node']:
res = get_node()
elif self.command[0] == list_requests_cluster['zip']:
zip_bytes = self.f.decrypt(
response[common.cluster_sync_msg_size:])
res = extract_zip(zip_bytes)
self.restart = res['restart']
elif self.command[0] == list_requests_agents['RESTART_AGENTS']:
args = self.f.decrypt(response[common.cluster_sync_msg_size:])
args = args.split(" ")
if (len(args) == 2):
agents = args[0].split("-")
restart_all = ast.literal_eval(args[1])
else:
agents = None
restart_all = ast.literal_eval(args[0])
cluster_depth = ast.literal_eval(self.command[1]) - 1
res = Agent.restart_agents(agents, restart_all, cluster_depth)
elif self.command[0] == list_requests_agents[
'AGENTS_UPGRADE_RESULT']:
args = self.f.decrypt(response[common.cluster_sync_msg_size:])
args = args.split(" ")
try:
agent = args[0]
timeout = args[1]
res = Agent.get_upgrade_result(agent, timeout)
except Exception as e:
res = str(e)
elif self.command[0] == list_requests_agents['AGENTS_UPGRADE']:
args = self.f.decrypt(response[common.cluster_sync_msg_size:])
args = args.split(" ")
agent_id = args[0]
wpk_repo = ast.literal_eval(args[1])
version = ast.literal_eval(args[2])
force = ast.literal_eval(args[3])
chunk_size = ast.literal_eval(args[4])
try:
res = Agent.upgrade_agent(agent_id, wpk_repo, version,
force, chunk_size)
except Exception as e:
res = str(e)
elif self.command[0] == list_requests_agents[
'AGENTS_UPGRADE_CUSTOM']:
args = self.f.decrypt(response[common.cluster_sync_msg_size:])
args = args.split(" ")
agent_id = args[0]
file_path = ast.literal_eval(args[1])
installer = ast.literal_eval(args[2])
try:
res = Agent.upgrade_agent_custom(agent_id, file_path,
installer)
except Exception as e:
res = str(e)
elif self.command[0] == list_requests_syscheck[
'SYSCHECK_LAST_SCAN']:
args = self.f.decrypt(response[common.cluster_sync_msg_size:])
agent = args.split(" ")
res = syscheck.last_scan(agent[0])
elif self.command[0] == list_requests_syscheck['SYSCHECK_RUN']:
args = self.f.decrypt(response[common.cluster_sync_msg_size:])
args = args.split(" ")
if (len(args) == 2):
agents = args[0]
all_agents = ast.literal_eval(args[1])
else:
agents = None
all_agents = ast.literal_eval(args[0])
cluster_depth = ast.literal_eval(self.command[1]) - 1
res = syscheck.run(agents, all_agents, cluster_depth)
elif self.command[0] == list_requests_syscheck['SYSCHECK_CLEAR']:
args = self.f.decrypt(response[common.cluster_sync_msg_size:])
args = args.split(" ")
if (len(args) == 2):
agents = args[0]
all_agents = ast.literal_eval(args[1])
else:
agents = None
all_agents = ast.literal_eval(args[0])
cluster_depth = ast.literal_eval(self.command[1]) - 1
res = syscheck.clear(agents, all_agents, cluster_depth)
elif self.command[0] == list_requests_rootcheck['ROOTCHECK_PCI']:
args = self.f.decrypt(response[common.cluster_sync_msg_size:])
args = args.split(" ")
index = 0
agents = None
if (len(args) == 5):
agents = args[0]
index = index + 1
offset = ast.literal_eval(args[index])
index = index + 1
limit = ast.literal_eval(args[index])
index = index + 1
sort = ast.literal_eval(args[index])
index = index + 1
search = ast.literal_eval(args[index])
res = args
res = rootcheck.get_pci(agents, offset, limit, sort, search)
elif self.command[0] == list_requests_rootcheck['ROOTCHECK_CIS']:
args = self.f.decrypt(response[common.cluster_sync_msg_size:])
args = args.split(" ")
index = 0
agents = None
if (len(args) == 5):
agents = args[0]
index = index + 1
offset = ast.literal_eval(args[index])
index = index + 1
limit = ast.literal_eval(args[index])
index = index + 1
sort = ast.literal_eval(args[index])
index = index + 1
search = ast.literal_eval(args[index])
res = args
res = rootcheck.get_cis(agents, offset, limit, sort, search)
elif self.command[0] == list_requests_rootcheck[
'ROOTCHECK_LAST_SCAN']:
args = self.f.decrypt(response[common.cluster_sync_msg_size:])
agent = args.split(" ")
res = rootcheck.last_scan(agent[0])
elif self.command[0] == list_requests_rootcheck['ROOTCHECK_RUN']:
args = self.f.decrypt(response[common.cluster_sync_msg_size:])
args = args.split(" ")
if (len(args) == 2):
agents = args[0]
all_agents = ast.literal_eval(args[1])
else:
agents = None
all_agents = ast.literal_eval(args[0])
cluster_depth = ast.literal_eval(self.command[1]) - 1
res = rootcheck.run(agents, all_agents, cluster_depth)
elif self.command[0] == list_requests_rootcheck['ROOTCHECK_CLEAR']:
args = self.f.decrypt(response[common.cluster_sync_msg_size:])
args = args.split(" ")
if (len(args) == 2):
agents = args[0]
all_agents = ast.literal_eval(args[1])
else:
agents = None
all_agents = ast.literal_eval(args[0])
cluster_depth = ast.literal_eval(self.command[1]) - 1
res = rootcheck.clear(agents, all_agents, cluster_depth)
elif self.command[0] == list_requests_managers['MANAGERS_STATUS']:
args = self.f.decrypt(response[common.cluster_sync_msg_size:])
args = args.split(" ")
cluster_depth = ast.literal_eval(self.command[1]) - 1
res = manager.managers_status(cluster_depth=cluster_depth)
elif self.command[0] == list_requests_managers['MANAGERS_LOGS']:
args = self.f.decrypt(response[common.cluster_sync_msg_size:])
args = args.split(" ")
cluster_depth = ast.literal_eval(self.command[1]) - 1
type_log = args[0]
category = args[1]
months = ast.literal_eval(args[2])
offset = ast.literal_eval(args[3])
limit = ast.literal_eval(args[4])
sort = ast.literal_eval(args[5])
search = ast.literal_eval(args[6])
res = manager.managers_ossec_log(type_log=type_log,
category=category,
months=months,
offset=offset,
limit=limit,
sort=sort,
search=search,
cluster_depth=cluster_depth)
elif self.command[0] == list_requests_managers[
'MANAGERS_LOGS_SUMMARY']:
args = self.f.decrypt(response[common.cluster_sync_msg_size:])
args = args.split(" ")
cluster_depth = ast.literal_eval(self.command[1]) - 1
months = ast.literal_eval(args[0])
res = manager.managers_ossec_log_summary(
months=months, cluster_depth=cluster_depth)
elif self.command[0] == list_requests_managers[
'MANAGERS_STATS_TOTALS']:
args = self.f.decrypt(response[common.cluster_sync_msg_size:])
args = args.split(" ")
cluster_depth = ast.literal_eval(self.command[1]) - 1
year = ast.literal_eval(args[0])
month = ast.literal_eval(args[1])
day = ast.literal_eval(args[2])
res = stats.totals(year=year,
month=month,
day=day,
cluster_depth=cluster_depth)
elif self.command[0] == list_requests_managers[
'MANAGERS_STATS_HOURLY']:
args = self.f.decrypt(response[common.cluster_sync_msg_size:])
args = args.split(" ")
cluster_depth = ast.literal_eval(self.command[1]) - 1
res = stats.hourly(cluster_depth=cluster_depth)
elif self.command[0] == list_requests_managers[
'MANAGERS_STATS_WEEKLY']:
args = self.f.decrypt(response[common.cluster_sync_msg_size:])
args = args.split(" ")
cluster_depth = ast.literal_eval(self.command[1]) - 1
res = stats.weekly(cluster_depth=cluster_depth)
elif self.command[0] == list_requests_managers[
'MANAGERS_OSSEC_CONF']:
args = self.f.decrypt(response[common.cluster_sync_msg_size:])
args = args.split(" ")
cluster_depth = ast.literal_eval(self.command[1]) - 1
section = args[0]
field = ast.literal_eval(args[1])
res = manager.managers_get_ossec_conf(
section=section, field=field, cluster_depth=cluster_depth)
elif self.command[0] == list_requests_managers['MANAGERS_INFO']:
args = self.f.decrypt(response[common.cluster_sync_msg_size:])
args = args.split(" ")
cluster_depth = ast.literal_eval(self.command[1]) - 1
res = myWazuh.managers_get_ossec_init(
cluster_depth=cluster_depth)
elif self.command[0] == list_requests_cluster['CLUSTER_CONFIG']:
args = self.f.decrypt(response[common.cluster_sync_msg_size:])
args = args.split(" ")
cluster_depth = ast.literal_eval(self.command[1]) - 1
res = get_config_distributed(cluster_depth=cluster_depth)
elif self.command[0] == list_requests_cluster['MASTER_FORW']:
args = self.f.decrypt(response[common.cluster_sync_msg_size:])
args = args.split(" ")
args_list = []
if args[0] in all_list_requests.values():
agent_id = None
request_type = args[0]
if (len(args) > 1):
args_list = args[1:]
elif len(args) > 1 and args[1] in all_list_requests.values():
agent_id = args[0].split("-")
request_type = args[1]
if (len(args) > 2):
args_list = args[2:]
res = distributed_api_request(request_type=request_type,
agent_id=agent_id,
args=args_list,
cluster_depth=1,
affected_nodes=None,
from_cluster=True)
elif self.command[0] == list_requests_cluster['ready']:
res = "Starting to sync client's files"
# execute an independent process to "crontab" the sync interval
kill(child_pid, SIGUSR1)
elif self.command[0] == list_requests_cluster['data']:
res = "Saving data from actual master"
actual_master_data = json.loads(
self.f.decrypt(
response[common.cluster_sync_msg_size:]).decode())
if save_actual_master_data_on_db(actual_master_data):
restart_manager()
logging.debug("Command {0} executed for {1}".format(
self.command[0], self.addr))
self.data = json.dumps({'error': error, 'data': res})
self.handle_write()