def test_forbidden_string_checker(self, opts, expected):
opts.update({
"key": "forbiddenstring",
"forbidden": [">>>>>>", "<<<<<<", "===="]
})
checker = Checker(opts)
self.assertEqual(checker.err_messages, expected)
def test_private_key_checker(self, opts, expected):
opts.update({
"key": "privatekey",
"forbidden": ["PRIVATE KEY", "ssh-rsa"],
"filepath": "fizzbuzz.js",
"enabled": True
})
checker = Checker(opts)
self.assertEqual(checker.err_messages, expected)
def test_str_messages(self):
checker = Checker({
"key": "alert",
"forbidden": ["alert"],
"check": [".js"],
"directory": "/usr/local",
"filepath": "fizzbuzz.js",
"changes": "var x = 3; alert(x);",
"enabled": True
})
err = "\"alert\" found, but not allowed (alert)."
self.assertEqual(str(checker), err)
def test_alert_checker(self, opts, expected):
opts.update({
"key": "alert",
"forbidden": ["alert"],
"check": [".js"],
"directory": "/usr/local",
"enabled": True
})
checker = Checker(opts)
self.assertEqual(checker.has_errors, bool(expected))
self.assertEqual(len(checker.err_messages), len(expected))
self.assertEqual(checker.err_messages, expected)
def main():
# Directory where repo's .git folder lives
try:
top_lvl = check_output("git rev-parse --show-toplevel".split()).strip()
except CalledProcessError:
exit(1)
# If we're initializing, then do the installation magic
if (len(sys.argv) == 2) and (sys.argv[1] in ["init", "install"]):
install(top_lvl, "/.git/hooks")
# If there are no changes to any of the files, then there is no
# reason to run gitpatrol
full_diff = check_output("git diff --cached --".split()).strip()
if (len(full_diff) == 0):
print "No files have changed."
exit(1)
# Path to gitpatrol.toml file
confpath = findfile("gitpatrol.toml", top_lvl, {})
config = {}
if confpath:
with open(confpath) as conffile:
config = toml.loads(conffile.read())
# Build opts from the gitpatrol.toml
optslist = map(morph_opts, config.get("checkers", {}).iteritems())
# Iterate through all diffs
diff_list = re.findall(REGEXP, full_diff)
for (filepath, diff) in diff_list:
# TODO(arthurb): If possible, pull out the line number
# Get the bit that changed
changed = "\n".join(
(ln[1:] for ln in diff.split("\n") if ln.startswith("+")))
# Update all options and then record a checker of each set of options
for opts in optslist:
opts.update({
"filepath": filepath,
"changes": changed,
"directory": os.path.dirname(filepath)
})
res.record(Checker(opts))
if res.has_errors or res.disabled:
print res
sys.exit(1)
sys.exit(0)
def test_strict_paren_spacing_checker(self, opts, file_ext, expected):
opts.update({
"key":
"strictparenspacing",
"ignore": [".sh", ".bash", ""],
"forbidden": [
'\([ \t]+[^\s]', '[^\s][ \t]+\)', '\[[ \t]+[^\s]',
'[^\s][ \t]+\]'
],
"filepath":
"fizzbuzz" + file_ext,
"enabled":
True
})
checker = Checker(opts)
self.assertEqual(checker.err_messages, expected)
def start():
c = Checker()
c.read_yml('.list.yml')
c.add_to_list("斗鱼", 101)
c.add_to_list("斗鱼", 100)
c.check()
def run_checkers(arg_conf_standard_dir_path, am_config_list,
stateful_config_list, computer_list, computer_groups_list,
policy_list, scheduled_task_list, arg_modules_to_check):
"""
Runs checkers for Anti-Malware Configs, Stateful Configs, Computers, Policies, Scheduled Tasks
Args:
arg_conf_standard_dir_path: Directory path with Conformity Standard configs
am_config_list: List of Anti Malware Configurations
stateful_config_list: List of Stateful Configurations
computer_list: List of Computers
computer_groups_list: List of Computer Groups
policy_list: List of Policies
scheduled_task_list: List of Scheduled Tasks
arg_modules_to_check: Dict of Module names to check
Returns:
Named Tuple containing the bundled results for each checker
"""
parser = YAMLParser()
checker = Checker(arg_conf_standard_dir_path,
parser,
include_modules=arg_modules_to_check)
am_configs_results = None
fw_configs_results = None
if VALID_MODULES[
"am"] in arg_modules_to_check and am_config_list is not None:
am_checker = AntiMalwareChecker(arg_conf_standard_dir_path, parser)
am_configs_results = am_checker.check_anti_malware_configurations(
am_config_list)
if VALID_MODULES[
"fw"] in arg_modules_to_check and stateful_config_list is not None:
fw_checker = FirewallChecker(arg_conf_standard_dir_path, parser)
fw_configs_results = fw_checker.check_firewall_configurations(
stateful_config_list)
computer_checker = ComputerChecker(checker, computer_list,
arg_modules_to_check,
computer_groups_list,
am_configs_results, fw_configs_results)
policy_checker = PolicyChecker(checker, policy_list, am_configs_results,
fw_configs_results,
computer_checker.used_policies)
computer_stats_getter = ComputerStatisticsGetter(
computer_list, arg_modules_to_check, computer_checker.computer_groups,
computer_checker.computer_results, computer_checker.module_results,
policy_checker.policy_results)
scheduled_tasks_checker = ScheduledTaskChecker(
checker, scheduled_task_list, computer_list,
computer_checker.computer_groups,
computer_stats_getter.get_mapped_policies())
bundled_results = namedtuple("bundled_results", [
"computer_checker", "policy_checker", "computer_stats_getter",
"scheduled_tasks_checker"
])
return bundled_results(computer_checker.get_bundle(),
policy_checker.get_bundle(),
computer_stats_getter.get_bundle(),
scheduled_tasks_checker.get_bundle())
content['name'] = progress.name
content['progress'] = progress.progress
data = json.dumps(content)
else:
new_endpoint = endpoint
data = progress.json()
# Replace the "." with "[dot]", will replace back when getting from kvstore.
data = data.replace('.', "[dot]")
r = requests.post(new_endpoint, data=data, headers=self._json_header, verify=False)
assert r.status_code in (201, 200)
def get_upgrade_progress(self, endpoint):
return self._get_info_from_endpoint(endpoint)
def delete_upgrade_progress(self, endpoint, progress):
content = self._find_kvpair_by_id(endpoint, progress.cluster_id)
if not content:
return
_key = content['_key']
delete_endpoint = os.path.join(endpoint, _key)
r = requests.delete(delete_endpoint, headers=self._json_header, verify=False)
assert r.status_code in (201, 200)
if __name__ == '__main__':
from lib.checker import Checker
checker = Checker('https://health.sv.splunk.com:8089', 'admin', 'changed')
session_key = checker._password2sessionkey()
helper = KVStoreHelper(session_key)
helper.delete_cluster_info('https://health.sv.splunk.com:8089/servicesNS/nobody/splunk-checker/storage/collections/data/clusterinfo', 'systest-linux-multisite')
def test_check_license():
checker = Checker('https://systest-auto-master:1901', 'admin', 'changed')
print 'Checking license:'
checker.check_license()
def test_enabled_without_opts(self):
checker = Checker()
self.enabled_helper(checker, False)
def test_warning_message(self):
checker = Checker()
expected = "\"ham\" found, but not allowed (basechecker)."
self.assertEqual(checker.warning_message("ham"), expected)
def test_enabled_with_opts(self):
checker = Checker({"enabled": True})
self.enabled_helper(checker, True)
def get_conf(self, conf_name):
"""
:param conf_name:
:return: a dict where each sub-dict is a stanza
"""
endpoint = '/services/configs/conf-{conf_name}?count=-1'.format(
conf_name=conf_name)
parsed_response = self._checker.request_get(endpoint)
conf_content = dict()
for stanza_info in parsed_response['entry']:
conf_content[stanza_info['name']] = stanza_info['content']
return conf_content
def get_stanza(self, conf_name, stanza):
endpoint = '/services/configs/conf-{conf_name}/{stanza}?count=-1'.format(
conf_name=conf_name, stanza=stanza)
parsed_response = self._checker.request_get(endpoint)
return parsed_response['entry'][0]['content']
if __name__ == '__main__':
from lib.checker import Checker
splunk_uri = 'https://systest-auto-idx2:1901'
checker = Checker('https://systest-auto-idx2:1901', 'admin', 'changed')
helper = ConfHelper(checker)
helper.get_conf('outputs')
helper.get_stanza('outputs', 'tcpout')
def test_messages(self):
checker = Checker()
self.assertEqual(checker.err_messages, [])
from flask import Flask, render_template, url_for, request
from lib.checker import Checker
app = Flask(__name__)
checker = Checker()
@app.route("/", methods=["GET", "POST"])
def home():
if request.method == "POST":
text = request.form["input"]
text = spellcheck(text)
return render_template("home.html", text=text)
text = "Write something here to have it spell checked!"
return render_template("home.html", text=text)
def spellcheck(text):
checked = []
for word in text.split():
w = checker.correct(word)
checked.append(w)
return ' '.join(checked)
if __name__ == "__main__":
app.run()
def test_cannot_set_properties(self):
checker = Checker({"enabled": True})
val = ""
for attr in self.UNSETTABLE:
setattr(checker, attr, val)
self.assertNotEqual(getattr(checker, attr), val)