def testGetFlowFilesArchiveReturnsNonLimitedHandlerForArtifactsWhenNeeded( self): router = self._CreateRouter( artifact_collector_flow=rr.RobotRouterArtifactCollectorFlowParams( artifact_collector_flow_name=AnotherArtifactCollector.__name__ ), get_flow_files_archive=rr.RobotRouterGetFlowFilesArchiveParams( enabled=True, skip_glob_checks_for_artifact_collector=True, path_globs_blacklist=["**/*.txt"], path_globs_whitelist=["foo/*", "bar/*"])) flow_id = self._CreateFlowWithRobotId() handler = router.GetFlowFilesArchive( api_flow.ApiGetFlowFilesArchiveArgs(client_id=self.client_id, flow_id=flow_id), token=self.token) self.assertEqual(handler.path_globs_blacklist, ["**/*.txt"]) self.assertEqual(handler.path_globs_whitelist, ["foo/*", "bar/*"]) flow_id = self._CreateFlowWithRobotId( flow_name=AnotherArtifactCollector.__name__, flow_args=rdf_artifacts.ArtifactCollectorFlowArgs( artifact_list=["Foo"])) handler = router.GetFlowFilesArchive( api_flow.ApiGetFlowFilesArchiveArgs(client_id=self.client_id, flow_id=flow_id), token=self.token) self.assertTrue(handler.path_globs_blacklist is None) self.assertTrue(handler.path_globs_whitelist is None)
def testGetFlowFilesArchiveReturnsNonLimitedHandlerForArtifactsWhenNeeded( self): router = self._CreateRouter( artifact_collector_flow=rr.RobotRouterArtifactCollectorFlowParams( artifact_collector_flow_name=AnotherArtifactCollector.__name__ ), # pylint: disable=undefined-variable get_flow_files_archive=rr.RobotRouterGetFlowFilesArchiveParams( enabled=True, skip_glob_checks_for_artifact_collector=True, exclude_path_globs=["**/*.txt"], include_only_path_globs=["foo/*", "bar/*"])) flow_id = self._CreateFlowWithRobotId() handler = router.GetFlowFilesArchive( api_flow.ApiGetFlowFilesArchiveArgs(client_id=self.client_id, flow_id=flow_id), context=self.context) self.assertEqual(handler.exclude_path_globs, ["**/*.txt"]) self.assertEqual(handler.include_only_path_globs, ["foo/*", "bar/*"]) flow_id = self._CreateFlowWithRobotId( flow_name=AnotherArtifactCollector.__name__, # pylint: disable=undefined-variable flow_args=rdf_artifacts.ArtifactCollectorFlowArgs( artifact_list=["Foo"])) handler = router.GetFlowFilesArchive( api_flow.ApiGetFlowFilesArchiveArgs(client_id=self.client_id, flow_id=flow_id), context=self.context) self.assertIsNone(handler.exclude_path_globs) self.assertIsNone(handler.include_only_path_globs)
def testGeneratesTarGzArchive(self): result = self.handler.Handle(flow_plugin.ApiGetFlowFilesArchiveArgs( client_id=self.client_id, flow_id=self.flow_id, archive_format="TAR_GZ"), token=self.token) with utils.TempDirectory() as temp_dir: tar_path = os.path.join(temp_dir, "archive.tar.gz") with open(tar_path, "wb") as fd: for chunk in result.GenerateContent(): fd.write(chunk) with tarfile.open(tar_path) as tar_fd: tar_fd.extractall(path=temp_dir) manifest_file_path = None for parent, _, files in os.walk(temp_dir): if "MANIFEST" in files: manifest_file_path = os.path.join(parent, "MANIFEST") break self.assertTrue(manifest_file_path) with open(manifest_file_path, "rb") as fd: manifest = yaml.safe_load(fd.read()) self.assertEqual(manifest["archived_files"], 1) self.assertEqual(manifest["failed_files"], 0) self.assertEqual(manifest["processed_files"], 1) self.assertEqual(manifest["ignored_files"], 0)
def testGetFlowFilesArchiveWorksIfFlowWasCreatedBySameRouter(self): flow_id = self._CreateFlowWithRobotId() router = self._CreateRouter( get_flow_files_archive=rr.RobotRouterGetFlowFilesArchiveParams( enabled=True)) router.GetFlowFilesArchive(api_flow.ApiGetFlowFilesArchiveArgs( client_id=self.client_id, flow_id=flow_id), token=self.token)
def testFlowFilesArchiveRaisesIfFlowWasNotCreatedBySameUser(self): flow_id = flow_test_lib.StartFlow(file_finder.FileFinder, self.client_id, creator=self.another_username) router = self._CreateRouter() with self.assertRaises(access_control.UnauthorizedAccess): router.GetFlowFilesArchive(api_flow.ApiGetFlowFilesArchiveArgs( client_id=self.client_id, flow_id=flow_id), context=self.context)
def testFlowFilesArchiveRaisesIfFlowWasNotCreatedBySameRouter(self): flow_urn = flow.StartFlow(client_id=self.client_id, flow_name=file_finder.FileFinder.__name__, token=self.token) router = self._CreateRouter() with self.assertRaises(access_control.UnauthorizedAccess): router.GetFlowFilesArchive(api_flow.ApiGetFlowFilesArchiveArgs( client_id=self.client_id, flow_id=flow_urn.Basename()), token=self.token)
def testAllClientFlowsMethodsAreAccessChecked(self): args = api_flow.ApiListFlowsArgs(client_id=self.client_id) self.CheckMethodIsAccessChecked( self.router.ListFlows, "CheckClientAccess", args=args) args = api_flow.ApiGetFlowArgs(client_id=self.client_id) self.CheckMethodIsAccessChecked( self.router.GetFlow, "CheckClientAccess", args=args) args = api_flow.ApiCreateFlowArgs(client_id=self.client_id) self.CheckMethodIsAccessChecked( self.router.CreateFlow, "CheckClientAccess", args=args) self.CheckMethodIsAccessChecked( self.router.CreateFlow, "CheckIfCanStartClientFlow", args=args) args = api_flow.ApiCancelFlowArgs(client_id=self.client_id) self.CheckMethodIsAccessChecked( self.router.CancelFlow, "CheckClientAccess", args=args) args = api_flow.ApiListFlowRequestsArgs(client_id=self.client_id) self.CheckMethodIsAccessChecked( self.router.ListFlowRequests, "CheckClientAccess", args=args) args = api_flow.ApiListFlowResultsArgs(client_id=self.client_id) self.CheckMethodIsAccessChecked( self.router.ListFlowResults, "CheckClientAccess", args=args) args = api_flow.ApiGetExportedFlowResultsArgs(client_id=self.client_id) self.CheckMethodIsAccessChecked( self.router.GetExportedFlowResults, "CheckClientAccess", args=args) args = api_flow.ApiGetFlowResultsExportCommandArgs(client_id=self.client_id) self.CheckMethodIsAccessChecked( self.router.GetFlowResultsExportCommand, "CheckClientAccess", args=args) args = api_flow.ApiGetFlowFilesArchiveArgs(client_id=self.client_id) self.CheckMethodIsAccessChecked( self.router.GetFlowFilesArchive, "CheckClientAccess", args=args) args = api_flow.ApiListFlowOutputPluginsArgs(client_id=self.client_id) self.CheckMethodIsAccessChecked( self.router.ListFlowOutputPlugins, "CheckClientAccess", args=args) args = api_flow.ApiListFlowOutputPluginLogsArgs(client_id=self.client_id) self.CheckMethodIsAccessChecked( self.router.ListFlowOutputPluginLogs, "CheckClientAccess", args=args) args = api_flow.ApiListFlowOutputPluginErrorsArgs(client_id=self.client_id) self.CheckMethodIsAccessChecked( self.router.ListFlowOutputPluginErrors, "CheckClientAccess", args=args) args = api_flow.ApiListFlowLogsArgs(client_id=self.client_id) self.CheckMethodIsAccessChecked( self.router.ListFlowLogs, "CheckClientAccess", args=args)
def testGeneratesZipArchive(self): result = self.handler.Handle(flow_plugin.ApiGetFlowFilesArchiveArgs( client_id=self.client_id, flow_id=self.flow_id, archive_format="ZIP"), token=self.token) manifest = self._GetZipManifest(result) self.assertEqual(manifest["archived_files"], 1) self.assertEqual(manifest["failed_files"], 0) self.assertEqual(manifest["processed_files"], 1) self.assertEqual(manifest["ignored_files"], 0)
def testGeneratesTarGzArchive(self): result = self.handler.Handle(flow_plugin.ApiGetFlowFilesArchiveArgs( client_id=self.client_id, flow_id=self.flow_id, archive_format="TAR_GZ"), context=self.context) manifest = self._GetTarGzManifest(result) self.assertEqual(manifest["archived_files"], 1) self.assertEqual(manifest["failed_files"], 0) self.assertEqual(manifest["processed_files"], 1) self.assertEqual(manifest["ignored_files"], 0)
def testGetFlowFilesArchiveReturnsLimitedHandler(self): flow_id = self._CreateFlowWithRobotId() router = self._CreateRouter( get_flow_files_archive=rr.RobotRouterGetFlowFilesArchiveParams( enabled=True, path_globs_blacklist=["**/*.txt"], path_globs_whitelist=["foo/*", "bar/*"])) handler = router.GetFlowFilesArchive( api_flow.ApiGetFlowFilesArchiveArgs(client_id=self.client_id, flow_id=flow_id), token=self.token) self.assertEqual(handler.path_globs_blacklist, ["**/*.txt"]) self.assertEqual(handler.path_globs_whitelist, ["foo/*", "bar/*"])
def testGetFlowFilesArchiveReturnsLimitedHandler(self): flow_id = self._CreateFlowWithRobotId() router = self._CreateRouter( get_flow_files_archive=rr.RobotRouterGetFlowFilesArchiveParams( enabled=True, exclude_path_globs=["**/*.txt"], include_only_path_globs=["foo/*", "bar/*"])) handler = router.GetFlowFilesArchive( api_flow.ApiGetFlowFilesArchiveArgs(client_id=self.client_id, flow_id=flow_id), context=self.context) self.assertEqual(handler.exclude_path_globs, ["**/*.txt"]) self.assertEqual(handler.include_only_path_globs, ["foo/*", "bar/*"])
def testArchivesFileMatchingPathGlobsWhitelist(self): handler = flow_plugin.ApiGetFlowFilesArchiveHandler( path_globs_blacklist=[], path_globs_whitelist=[rdf_paths.GlobExpression("/**/*/test.plist")]) result = handler.Handle( flow_plugin.ApiGetFlowFilesArchiveArgs( client_id=self.client_id, flow_id=self.flow_urn.Basename(), archive_format="ZIP"), token=self.token) manifest = self._GetZipManifest(result) self.assertEqual(manifest["archived_files"], 1) self.assertEqual(manifest["failed_files"], 0) self.assertEqual(manifest["processed_files"], 1) self.assertEqual(manifest["ignored_files"], 0)
def testArchivesFileMatchingPathGlobsInclusionList(self): handler = flow_plugin.ApiGetFlowFilesArchiveHandler( exclude_path_globs=[], include_only_path_globs=[rdf_paths.GlobExpression("/**/*/test.plist")]) result = handler.Handle( flow_plugin.ApiGetFlowFilesArchiveArgs( client_id=self.client_id, flow_id=self.flow_id, archive_format="ZIP"), context=self.context) manifest = self._GetZipManifest(result) self.assertEqual(manifest["archived_files"], 1) self.assertEqual(manifest["failed_files"], 0) self.assertEqual(manifest["processed_files"], 1) self.assertEqual(manifest["ignored_files"], 0)
def testIgnoresFileNotMatchingPathGlobsInclusionList(self): handler = flow_plugin.ApiGetFlowFilesArchiveHandler( exclude_path_globs=[], include_only_path_globs=[rdf_paths.GlobExpression("/**/foo.bar")]) result = handler.Handle(flow_plugin.ApiGetFlowFilesArchiveArgs( client_id=self.client_id, flow_id=self.flow_id, archive_format="ZIP"), token=self.token) manifest = self._GetZipManifest(result) self.assertEqual(manifest["archived_files"], 0) self.assertEqual(manifest["failed_files"], 0) self.assertEqual(manifest["processed_files"], 1) self.assertEqual(manifest["ignored_files"], 1) self.assertEqual( manifest["ignored_files_list"], ["aff4:/%s/fs/os%s/test.plist" % (self.client_id, self.base_path)])
def testIgnoresFileNotMatchingPathGlobsWhitelist(self): handler = flow_plugin.ApiGetFlowFilesArchiveHandler( path_globs_blacklist=[], path_globs_whitelist=[rdf_paths.GlobExpression("/**/foo.bar")]) result = handler.Handle(flow_plugin.ApiGetFlowFilesArchiveArgs( client_id=self.client_id, flow_id=self.flow_id, archive_format="ZIP"), token=self.token) manifest = self._GetZipManifest(result) self.assertEqual(manifest["archived_files"], 0) self.assertEqual(manifest["failed_files"], 0) self.assertEqual(manifest["processed_files"], 1) self.assertEqual(manifest["ignored_files"], 1) self.assertEqual(manifest["ignored_files_list"], [ utils.SmartUnicode( self.client_id.Add("fs/os").Add( self.base_path).Add("test.plist")) ])
def testGeneratesTarGzArchiveForFlowWithCustomMappings(self): path = abstract_db.ClientPath.OS( self.client_id, self.base_path.lstrip("/").split("/") + ["test.plist"]) mappings = [ flow_base.ClientPathArchiveMapping(path, "foo/file"), ] with mock.patch.object(file_finder.FileFinder, "GetFilesArchiveMappings", return_value=mappings): result = self.handler.Handle( flow_plugin.ApiGetFlowFilesArchiveArgs( client_id=self.client_id, flow_id=self.flow_id, archive_format="TAR_GZ"), token=self.token) manifest = self._GetTarGzManifest(result) self.assertEqual(manifest["client_id"], self.client_id) self.assertEqual(manifest["flow_id"], self.flow_id) self.assertEqual(manifest["processed_files"], {path.vfs_path: "foo/file"}) self.assertEmpty(manifest["missing_files"])