def open_dump(input_dump, columns, *, sieve=None, repres=None):
abs_input_dump = os.path.abspath(input_dump)
print_info(f'Opening USB event dump: "{abs_input_dump}"')
try:
with open(abs_input_dump, 'r', encoding='utf-8') as dump:
events_dumped = json.load(dump)
except json.decoder.JSONDecodeError as e:
print_critical('Failed to decode event dump (JSON)',
initial_error=str(e))
return
if not events_dumped:
print_critical('This dump is empty!')
return
events_to_show = _filter_events(events_dumped, sieve)
if not events_to_show:
print_info('No USB events found!')
return
if columns:
table_data = [[COLUMN_NAMES[name] for name in columns]]
else:
columns = [key for key in COLUMN_NAMES.keys()]
table_data = [[val for val in COLUMN_NAMES.values()]]
_represent_events(events_to_show, columns, table_data,
'USB-Event-Dump', repres)
def event_history(self, columns, *, indent=4, sieve=None, repres=None):
self._events_to_show = _filter_events(self._all_events, sieve)
if not self._events_to_show:
print_info('No USB events found!')
return
if not cfg.QUIET and cfg.ISATTY:
choice, abs_filename = _output_choice('event history',
'history.json', 'history/')
if choice == '2':
try:
_dump_events(self._events_to_show, 'event history',
abs_filename, indent)
except USBRipError as e:
print_critical(str(e),
initial_error=e.errors['initial_error'])
return
# elif choice == '1' or choice == '':
if columns:
table_data = [[COLUMN_NAMES[name] for name in columns]]
else:
columns = [key for key in COLUMN_NAMES.keys()]
table_data = [[val for val in COLUMN_NAMES.values()]]
_represent_events(self._events_to_show, columns, table_data,
'USB-History-Events', repres)
def search_violations(self,
input_auth,
attributes,
columns,
*,
indent=4,
sieve=None,
repres=None):
print_info(
f'Opening authorized device list: "{os.path.abspath(input_auth)}"')
try:
auth = _process_auth_list(input_auth, indent)
except json.decoder.JSONDecodeError as e:
print_critical('Failed to decode authorized device list (JSON)',
initial_error=str(e))
return
print_info('Searching for violations')
if not attributes:
attributes = auth.keys()
for event in self._all_events:
try:
if any(event[key] not in vals and event[key] is not None
for key, vals in zip(attributes, auth.values())):
self._violations.append(event)
except KeyError as e:
print_critical('No such attribute in authorized device list',
initial_error=str(e))
return
self._events_to_show = _filter_events(self._violations, sieve)
if not self._events_to_show:
print_info('No USB violation events found!')
return
if not cfg.QUIET and cfg.ISATTY:
number, filename = _output_choice('violation', 'viol.json',
'violations/')
if number is None:
return
elif number == 1:
try:
_dump_events(self._events_to_show, 'violations', filename,
indent)
except USBRipError as e:
print_critical(str(e),
initial_error=e.errors['initial_error'])
return
if columns:
table_data = [[COLUMN_NAMES[name] for name in columns]]
else:
columns = [key for key in COLUMN_NAMES.keys()]
table_data = [[val for val in COLUMN_NAMES.values()]]
_represent_events(self._events_to_show, columns, table_data,
'USB-Violation-Events', repres)
def _validate_column_args(args):
if 'column' in args and args.column:
for column in args.column:
if column not in COLUMN_NAMES.keys():
usbrip_arg_error(column + ': Invalid column name')
