def Handle(self, args, token=None):
if not args.hunt_id:
raise ValueError("hunt_id can't be None")
if not args.client_id:
raise ValueError("client_id can't be None")
if not args.vfs_path:
raise ValueError("vfs_path can't be None")
if not args.timestamp:
raise ValueError("timestamp can't be None")
api_vfs.ValidateVfsPath(args.vfs_path)
hunt_results_urn = rdfvalue.RDFURN("aff4:/hunts").Add(
args.hunt_id.Basename()).Add("Results")
results = aff4.FACTORY.Open(
hunt_results_urn,
aff4_type=hunts_results.HuntResultCollection,
token=token)
expected_aff4_path = args.client_id.Add(args.vfs_path)
# TODO(user): should after_tiestamp be strictly less than the desired
# timestamp.
timestamp = rdfvalue.RDFDatetime(int(args.timestamp) - 1)
# If the entry corresponding to a given path is not found within
# MAX_RECORDS_TO_CHECK from a given timestamp, we report a 404.
for _, item in results.Scan(
after_timestamp=timestamp.AsMicroSecondsFromEpoch(),
max_records=self.MAX_RECORDS_TO_CHECK):
try:
aff4_path = export.CollectionItemToAff4Path(item)
except export.ItemNotExportableError:
continue
if aff4_path != expected_aff4_path:
continue
try:
aff4_stream = aff4.FACTORY.Open(aff4_path,
aff4_type=aff4.AFF4Stream,
token=token)
if not aff4_stream.GetContentAge():
break
return api_call_handler_base.ApiBinaryStream(
"%s_%s" % (args.client_id.Basename(),
utils.SmartStr(aff4_path.Basename())),
content_generator=self._GenerateFile(aff4_stream),
content_length=len(aff4_stream))
except aff4.InstantiationError:
break
raise HuntFileNotFoundError(
"File %s with timestamp %s and client %s "
"wasn't found among the results of hunt %s" %
(utils.SmartStr(args.vfs_path), utils.SmartStr(args.timestamp),
utils.SmartStr(args.client_id), utils.SmartStr(args.hunt_id)))
def _ItemsToUrns(self, items):
"""Converts collection items to aff4 urns suitable for downloading."""
for item in items:
try:
yield flow_export.CollectionItemToAff4Path(item)
except flow_export.ItemNotExportableError:
pass
def Handle(self, args, token=None):
if not args.hunt_id:
raise ValueError("hunt_id can't be None")
if not args.client_id:
raise ValueError("client_id can't be None")
if not args.vfs_path:
raise ValueError("vfs_path can't be None")
if not args.timestamp:
raise ValueError("timestamp can't be None")
api_vfs.ValidateVfsPath(args.vfs_path)
results = implementation.GRRHunt.ResultCollectionForHID(
args.hunt_id.ToURN(), token=token)
expected_aff4_path = args.client_id.ToClientURN().Add(args.vfs_path)
# TODO(user): should after_tiestamp be strictly less than the desired
# timestamp.
timestamp = rdfvalue.RDFDatetime(int(args.timestamp) - 1)
# If the entry corresponding to a given path is not found within
# MAX_RECORDS_TO_CHECK from a given timestamp, we report a 404.
for _, item in results.Scan(
after_timestamp=timestamp.AsMicroSecondsFromEpoch(),
max_records=self.MAX_RECORDS_TO_CHECK):
try:
# Do not pass the client id we got from the caller. This will
# get filled automatically from the hunt results and we check
# later that the aff4_path we get is the same as the one that
# was requested.
aff4_path = export.CollectionItemToAff4Path(item, client_id=None)
except export.ItemNotExportableError:
continue
if aff4_path != expected_aff4_path:
continue
try:
aff4_stream = aff4.FACTORY.Open(
aff4_path, aff4_type=aff4.AFF4Stream, token=token)
if not aff4_stream.GetContentAge():
break
return api_call_handler_base.ApiBinaryStream(
"%s_%s" % (args.client_id, utils.SmartStr(aff4_path.Basename())),
content_generator=self._GenerateFile(aff4_stream),
content_length=len(aff4_stream))
except aff4.InstantiationError:
break
raise HuntFileNotFoundError(
"File %s with timestamp %s and client %s "
"wasn't found among the results of hunt %s" %
(utils.SmartStr(args.vfs_path), utils.SmartStr(args.timestamp),
utils.SmartStr(args.client_id), utils.SmartStr(args.hunt_id)))
def testDisplaysErrorMessageIfSingleHuntFileCanNotBeRead(self):
hunt = self._CreateHuntWithDownloadedFile()
results = hunt.ResultCollection()
aff4_path = flow_export.CollectionItemToAff4Path(results[0])
with aff4.FACTORY.Create(
aff4_path, aff4_type=aff4.AFF4Volume, token=self.token) as _:
pass
self.GrantHuntApproval(hunt.urn)
self.Open("/")
self.Click("css=a[grrtarget=hunts]")
self.Click("css=td:contains('GenericHunt')")
self.Click("css=li[heading=Results]")
self.Click("css=grr-results-collection button:has(span.glyphicon-download)")
self.WaitUntil(self.IsTextPresent, "Couldn't download the file.")
def testDownloadsSingleHuntFileIfAuthorizationIsPresent(self):
hunt = self._CreateHuntWithDownloadedFile()
results = hunt.ResultCollection()
fd = aff4.FACTORY.Open(
flow_export.CollectionItemToAff4Path(results[0]), token=self.token)
self.GrantHuntApproval(hunt.urn)
self.Open("/")
self.Click("css=a[grrtarget=hunts]")
self.Click("css=td:contains('GenericHunt')")
self.Click("css=li[heading=Results]")
with mock.patch.object(fd.__class__, "Read") as mock_obj:
self.Click(
"css=grr-results-collection button:has(span.glyphicon-download)")
self.WaitUntil(lambda: mock_obj.called)
def IsCollectionExportable(collection_urn_or_obj,
token=None):
if isinstance(collection_urn_or_obj, aff4.RDFValueCollection):
collection = collection_urn_or_obj
else:
collection = aff4.FACTORY.Create(
collection_urn_or_obj, "RDFValueCollection", mode="r", token=token)
if not collection:
return False
try:
export.CollectionItemToAff4Path(collection[0])
except export.ItemNotExportableError:
return False
return True
def testDisplaysErrorMessageIfSingleHuntFileCanNotBeRead(self):
hunt = self._CreateHuntWithDownloadedFile()
with self.ACLChecksDisabled():
results = aff4.FACTORY.Open(hunt.urn.Add("Results"), token=self.token)
aff4_path = flow_export.CollectionItemToAff4Path(results[0])
with aff4.FACTORY.Create(aff4_path,
aff4_type=aff4.AFF4Volume.__name__,
token=self.token) as _:
pass
self.GrantHuntApproval(hunt.urn)
self.Open("/")
self.Click("css=a[grrtarget=hunts]")
self.Click("css=td:contains('GenericHunt')")
self.Click("css=li[heading=Results]")
self.Click("css=grr-results-collection grr-downloadable-urn button")
self.WaitUntil(self.IsTextPresent, "Couldn't download the file.")
def testDownloadsSingleHuntFileIfAuthorizationIsPresent(self):
hunt = self._CreateHuntWithDownloadedFile()
with self.ACLChecksDisabled():
results = aff4.FACTORY.Open(hunt.urn.Add("Results"),
token=self.token)
fd = aff4.FACTORY.Open(flow_export.CollectionItemToAff4Path(
results[0]),
token=self.token)
self.GrantHuntApproval(hunt.urn)
self.Open("/")
self.Click("css=a[grrtarget=ManageHunts]")
self.Click("css=td:contains('GenericHunt')")
self.Click("css=li[heading=Results]")
with mock.patch.object(fd.__class__, "Read") as mock_obj:
self.Click(
"css=grr-results-collection grr-downloadable-urn button")
self.WaitUntil(lambda: mock_obj.called)
