def Handle(self, args, token=None): results_collection = aff4.FACTORY.Open( HUNTS_ROOT_PATH.Add(args.hunt_id).Add("Results"), mode="r", token=token) items = api_call_handler_utils.FilterAff4Collection( results_collection, args.offset, args.count, args.filter) wrapped_items = [ApiHuntResult().InitFromGrrMessage(item) for item in items] return ApiListHuntResultsResult( items=wrapped_items, total_count=len(results_collection))
def Handle(self, args, token=None): logs_collection_urn = args.client_id.Add( "flows").Add(args.flow_id.Basename()).Add("Logs") logs_collection = aff4.FACTORY.Create( logs_collection_urn, aff4_type="FlowLogCollection", mode="r", token=token) result = api_call_handler_utils.FilterAff4Collection( logs_collection, args.offset, args.count, args.filter) return ApiListFlowLogsResult( items=result, total_count=len(logs_collection))
def Handle(self, args, token=None): # TODO(user): handle cases when hunt doesn't exists. # TODO(user): Use hunt's logs_collection_urn to open errors collection. errors_collection = aff4.FACTORY.Open( HUNTS_ROOT_PATH.Add(args.hunt_id).Add("ErrorClients"), mode="r", token=token) result = api_call_handler_utils.FilterAff4Collection( errors_collection, args.offset, args.count, args.filter) return ApiListHuntErrorsResult( items=result, total_count=len(errors_collection))
def Handle(self, args, token=None): try: aff4_crashes = aff4.FACTORY.Open( HUNTS_ROOT_PATH.Add(args.hunt_id).Add("crashes"), mode="r", aff4_type="PackedVersionedCollection", token=token) total_count = len(aff4_crashes) result = api_call_handler_utils.FilterAff4Collection( aff4_crashes, args.offset, args.count, args.filter) except aff4.InstantiationError: total_count = 0 result = [] return ApiListHuntCrashesResult( items=result, total_count=total_count)
def Handle(self, args, token=None): flow_urn = args.client_id.Add("flows").Add(args.flow_id.Basename()) flow_obj = aff4.FACTORY.Open(flow_urn, aff4_type="GRRFlow", mode="r", token=token) output_urn = flow_obj.GetRunner().output_urn # TODO(user): RDFValueCollection is a deprecated type. output_collection = aff4.FACTORY.Create( output_urn, aff4_type="RDFValueCollection", mode="r", token=token) items = api_call_handler_utils.FilterAff4Collection( output_collection, args.offset, args.count, args.filter) wrapped_items = [ApiFlowResult().InitFromRdfValue(item) for item in items] return ApiListFlowResultsResult( items=wrapped_items, total_count=len(output_collection))
def Handle(self, args, token=None): # TODO(user): handle cases when hunt doesn't exists. # TODO(user): Use hunt's logs_collection_urn to open logs collection. try: logs_collection = aff4.FACTORY.Open( HUNTS_ROOT_PATH.Add(args.hunt_id).Add("Logs"), aff4_type=flow_runner.FlowLogCollection.__name__, mode="r", token=token) except IOError: logs_collection = aff4.FACTORY.Create( HUNTS_ROOT_PATH.Add(args.hunt_id).Add("Logs"), aff4_type="RDFValueCollection", mode="r", token=token) result = api_call_handler_utils.FilterAff4Collection( logs_collection, args.offset, args.count, args.filter) return ApiListHuntLogsResult( items=result, total_count=len(logs_collection))
def testFiltersByFilterString(self): data = api_call_handler_utils.FilterAff4Collection( self.fd, 0, 0, "tmp-8") self.assertEqual(len(data), 1) self.assertEqual(data[0].path, "/var/os/tmp-8")
def testRaisesOnNegativeCount(self): with self.assertRaises(ValueError): api_call_handler_utils.FilterAff4Collection(self.fd, 0, -10, None)
def testIngoresTooBigCount(self): data = api_call_handler_utils.FilterAff4Collection( self.fd, 0, 50, None) self.assertEqual(len(data), 10) self.assertEqual(data[0].path, "/var/os/tmp-0") self.assertEqual(data[-1].path, "/var/os/tmp-9")
def testFiltersByOffsetAndCount(self): data = api_call_handler_utils.FilterAff4Collection(self.fd, 2, 5, None) self.assertEqual(len(data), 5) self.assertEqual(data[0].path, "/var/os/tmp-2") self.assertEqual(data[-1].path, "/var/os/tmp-6")