def testGetFlowFilesArchiveReturnsNonLimitedHandlerForArtifactsWhenNeeded( self): router = self._CreateRouter( artifact_collector_flow=rr.RobotRouterArtifactCollectorFlowParams( artifact_collector_flow_name=AnotherArtifactCollector.__name__ ), get_flow_files_archive=rr.RobotRouterGetFlowFilesArchiveParams( enabled=True, skip_glob_checks_for_artifact_collector=True, path_globs_blacklist=["**/*.txt"], path_globs_whitelist=["foo/*", "bar/*"])) flow_id = self._CreateFlowWithRobotId() handler = router.GetFlowFilesArchive( api_flow.ApiGetFlowFilesArchiveArgs(client_id=self.client_id, flow_id=flow_id), token=self.token) self.assertEqual(handler.path_globs_blacklist, ["**/*.txt"]) self.assertEqual(handler.path_globs_whitelist, ["foo/*", "bar/*"]) flow_id = self._CreateFlowWithRobotId( flow_name=AnotherArtifactCollector.__name__, flow_args=artifact_utils.ArtifactCollectorFlowArgs( artifact_list=["Foo"])) handler = router.GetFlowFilesArchive( api_flow.ApiGetFlowFilesArchiveArgs(client_id=self.client_id, flow_id=flow_id), token=self.token) self.assertTrue(handler.path_globs_blacklist is None) self.assertTrue(handler.path_globs_whitelist is None)
def testGeneratesTarGzArchive(self): result = self.handler.Handle(flow_plugin.ApiGetFlowFilesArchiveArgs( client_id=self.client_id, flow_id=self.flow_urn.Basename(), archive_format="TAR_GZ"), token=self.token) with utils.TempDirectory() as temp_dir: tar_path = os.path.join(temp_dir, "archive.tar.gz") with open(tar_path, "w") as fd: for chunk in result.GenerateContent(): fd.write(chunk) with tarfile.open(tar_path) as tar_fd: tar_fd.extractall(path=temp_dir) manifest_file_path = None for parent, _, files in os.walk(temp_dir): if "MANIFEST" in files: manifest_file_path = os.path.join(parent, "MANIFEST") break self.assertTrue(manifest_file_path) with open(manifest_file_path) as fd: manifest = yaml.safe_load(fd.read()) self.assertEqual(manifest["archived_files"], 1) self.assertEqual(manifest["failed_files"], 0) self.assertEqual(manifest["processed_files"], 1) self.assertEqual(manifest["skipped_files"], 0)
def testGetFlowFilesArchiveWorksIfFlowWasCreatedBySameRouter(self): flow_id = self._CreateFlowWithRobotId() router = self._CreateRouter( get_flow_files_archive=rr.RobotRouterGetFlowFilesArchiveParams( enabled=True)) router.GetFlowFilesArchive(api_flow.ApiGetFlowFilesArchiveArgs( client_id=self.client_id, flow_id=flow_id), token=self.token)
def testFlowFilesArchiveRaisesIfFlowWasNotCreatedBySameRouter(self): flow_urn = flow.GRRFlow.StartFlow( client_id=self.client_id, flow_name=file_finder.FileFinder.__name__, token=self.token) router = self._CreateRouter() with self.assertRaises(access_control.UnauthorizedAccess): router.GetFlowFilesArchive(api_flow.ApiGetFlowFilesArchiveArgs( client_id=self.client_id, flow_id=flow_urn.Basename()), token=self.token)
def testGeneratesZipArchive(self): result = self.handler.Handle(flow_plugin.ApiGetFlowFilesArchiveArgs( client_id=self.client_id, flow_id=self.flow_urn.Basename(), archive_format="ZIP"), token=self.token) manifest = self._GetZipManifest(result) self.assertEqual(manifest["archived_files"], 1) self.assertEqual(manifest["failed_files"], 0) self.assertEqual(manifest["processed_files"], 1) self.assertEqual(manifest["ignored_files"], 0)
def testGetFlowFilesArchiveReturnsLimitedHandler(self): flow_id = self._CreateFlowWithRobotId() router = self._CreateRouter( get_flow_files_archive=rr.RobotRouterGetFlowFilesArchiveParams( enabled=True, path_globs_blacklist=["**/*.txt"], path_globs_whitelist=["foo/*", "bar/*"])) handler = router.GetFlowFilesArchive( api_flow.ApiGetFlowFilesArchiveArgs(client_id=self.client_id, flow_id=flow_id), token=self.token) self.assertEqual(handler.path_globs_blacklist, ["**/*.txt"]) self.assertEqual(handler.path_globs_whitelist, ["foo/*", "bar/*"])
def testAllClientFlowsMethodsAreAccessChecked(self): args = api_flow.ApiListFlowsArgs(client_id=self.client_id) self.CheckMethodIsAccessChecked( self.router.ListFlows, "CheckClientAccess", args=args) args = api_flow.ApiGetFlowArgs(client_id=self.client_id) self.CheckMethodIsAccessChecked( self.router.GetFlow, "CheckClientAccess", args=args) args = api_flow.ApiCreateFlowArgs(client_id=self.client_id) self.CheckMethodIsAccessChecked( self.router.CreateFlow, "CheckClientAccess", args=args) self.CheckMethodIsAccessChecked( self.router.CreateFlow, "CheckIfCanStartFlow", args=args) args = api_flow.ApiCancelFlowArgs(client_id=self.client_id) self.CheckMethodIsAccessChecked( self.router.CancelFlow, "CheckClientAccess", args=args) args = api_flow.ApiListFlowRequestsArgs(client_id=self.client_id) self.CheckMethodIsAccessChecked( self.router.ListFlowRequests, "CheckClientAccess", args=args) args = api_flow.ApiListFlowResultsArgs(client_id=self.client_id) self.CheckMethodIsAccessChecked( self.router.ListFlowResults, "CheckClientAccess", args=args) args = api_flow.ApiGetFlowResultsExportCommandArgs(client_id=self.client_id) self.CheckMethodIsAccessChecked( self.router.GetFlowResultsExportCommand, "CheckClientAccess", args=args) args = api_flow.ApiGetFlowFilesArchiveArgs(client_id=self.client_id) self.CheckMethodIsAccessChecked( self.router.GetFlowFilesArchive, "CheckClientAccess", args=args) args = api_flow.ApiListFlowOutputPluginsArgs(client_id=self.client_id) self.CheckMethodIsAccessChecked( self.router.ListFlowOutputPlugins, "CheckClientAccess", args=args) args = api_flow.ApiListFlowOutputPluginLogsArgs(client_id=self.client_id) self.CheckMethodIsAccessChecked( self.router.ListFlowOutputPluginLogs, "CheckClientAccess", args=args) args = api_flow.ApiListFlowOutputPluginErrorsArgs(client_id=self.client_id) self.CheckMethodIsAccessChecked( self.router.ListFlowOutputPluginErrors, "CheckClientAccess", args=args) args = api_flow.ApiListFlowLogsArgs(client_id=self.client_id) self.CheckMethodIsAccessChecked( self.router.ListFlowLogs, "CheckClientAccess", args=args)
def testArchivesFileMatchingPathGlobsWhitelist(self): handler = flow_plugin.ApiGetFlowFilesArchiveHandler( path_globs_blacklist=[], path_globs_whitelist=[rdf_paths.GlobExpression("/**/*/test.plist")]) result = handler.Handle( flow_plugin.ApiGetFlowFilesArchiveArgs( client_id=self.client_id, flow_id=self.flow_urn.Basename(), archive_format="ZIP"), token=self.token) manifest = self._GetZipManifest(result) self.assertEqual(manifest["archived_files"], 1) self.assertEqual(manifest["failed_files"], 0) self.assertEqual(manifest["processed_files"], 1) self.assertEqual(manifest["ignored_files"], 0)
def testIgnoresFileNotMatchingPathGlobsWhitelist(self): handler = flow_plugin.ApiGetFlowFilesArchiveHandler( path_globs_blacklist=[], path_globs_whitelist=[rdf_paths.GlobExpression("/**/foo.bar")]) result = handler.Handle(flow_plugin.ApiGetFlowFilesArchiveArgs( client_id=self.client_id, flow_id=self.flow_urn.Basename(), archive_format="ZIP"), token=self.token) manifest = self._GetZipManifest(result) self.assertEqual(manifest["archived_files"], 0) self.assertEqual(manifest["failed_files"], 0) self.assertEqual(manifest["processed_files"], 1) self.assertEqual(manifest["ignored_files"], 1) self.assertEqual(manifest["ignored_files_list"], [ utils.SmartUnicode( self.client_id.Add("fs/os").Add( self.base_path).Add("test.plist")) ])
def testGeneratesZipArchive(self): result = self.handler.Handle(flow_plugin.ApiGetFlowFilesArchiveArgs( client_id=self.client_id, flow_id=self.flow_urn.Basename(), archive_format="ZIP"), token=self.token) out_fd = StringIO.StringIO() for chunk in result.GenerateContent(): out_fd.write(chunk) zip_fd = zipfile.ZipFile(out_fd, "r") manifest = None for name in zip_fd.namelist(): if name.endswith("MANIFEST"): manifest = yaml.safe_load(zip_fd.read(name)) self.assertEqual(manifest["archived_files"], 1) self.assertEqual(manifest["failed_files"], 0) self.assertEqual(manifest["processed_files"], 1) self.assertEqual(manifest["skipped_files"], 0)