def testCorrectlyFiltersByTag(self):
foo_result = self.handler.Handle(
flow_plugin.ApiListFlowResultsArgs(
client_id=self.client_id, flow_id=self.flow_id, with_tag="tag:foo"))
self.assertLen(foo_result.items, 1)
self.assertEqual(foo_result.items[0].tag, "tag:foo")
bar_result = self.handler.Handle(
flow_plugin.ApiListFlowResultsArgs(
client_id=self.client_id, flow_id=self.flow_id, with_tag="tag:bar"))
self.assertLen(bar_result.items, 1)
self.assertEqual(bar_result.items[0].tag, "tag:bar")
def Run(self):
acl_test_lib.CreateUser(self.token.username)
client_id = self.SetupClient(0)
flow_id = self._RunFlow(client_id)
self.Check(
"ListFlowResults",
args=flow_plugin.ApiListFlowResultsArgs(
client_id=client_id, flow_id=flow_id, filter="evil"),
replace={flow_id: "W:ABCDEF"})
self.Check(
"ListFlowResults",
args=flow_plugin.ApiListFlowResultsArgs(
client_id=client_id, flow_id=flow_id, filter="benign"),
replace={flow_id: "W:ABCDEF"})
def Run(self):
acl_test_lib.CreateUser(self.token.username)
client_id = self.SetupClient(0)
runner_args = rdf_flow_runner.FlowRunnerArgs(
flow_name=transfer.GetFile.__name__)
flow_args = transfer.GetFileArgs(pathspec=rdf_paths.PathSpec(
path="/tmp/evil.txt", pathtype=rdf_paths.PathSpec.PathType.OS))
client_mock = hunt_test_lib.SampleHuntMock()
with test_lib.FakeTime(42):
flow_urn = flow.StartAFF4Flow(client_id=client_id,
args=flow_args,
runner_args=runner_args,
token=self.token)
flow_test_lib.TestFlowHelper(flow_urn,
client_mock=client_mock,
client_id=client_id,
token=self.token)
self.Check("ListFlowResults",
args=flow_plugin.ApiListFlowResultsArgs(
client_id=client_id.Basename(),
flow_id=flow_urn.Basename()),
replace={flow_urn.Basename(): "W:ABCDEF"})
def testReturnsTagsInResultsList(self):
result = self.handler.Handle(
flow_plugin.ApiListFlowResultsArgs(client_id=self.client_id,
flow_id=self.flow_id))
self.assertLen(result.items, 2)
self.assertEqual(result.items[0].tag, "tag:foo")
self.assertEqual(result.items[1].tag, "tag:bar")
def testReturnsNothingWhenFilteringByNonExistingTag(self):
result = self.handler.Handle(
flow_plugin.ApiListFlowResultsArgs(
client_id=self.client_id,
flow_id=self.flow_id,
with_tag="non-existing"))
self.assertEmpty(result.items)
def testListFlowResultsWorksIfFlowWasCreatedBySameRouter(self):
flow_id = self._CreateFlowWithRobotId()
router = self._CreateRouter(
list_flow_results=rr.RobotRouterListFlowResultsParams(
enabled=True))
router.ListFlowResults(api_flow.ApiListFlowResultsArgs(
client_id=self.client_id, flow_id=flow_id),
token=self.token)
def testListFlowResultsRaisesIfFlowWasNotCreatedBySameUser(self):
flow_id = flow_test_lib.StartFlow(
file_finder.FileFinder, self.client_id, creator=self.another_username)
router = self._CreateRouter(
list_flow_results=rr.RobotRouterListFlowResultsParams(enabled=True))
with self.assertRaises(access_control.UnauthorizedAccess):
router.ListFlowResults(
api_flow.ApiListFlowResultsArgs(
client_id=self.client_id, flow_id=flow_id),
token=self.token)
def testAllClientFlowsMethodsAreAccessChecked(self):
args = api_flow.ApiListFlowsArgs(client_id=self.client_id)
self.CheckMethodIsAccessChecked(
self.router.ListFlows, "CheckClientAccess", args=args)
args = api_flow.ApiGetFlowArgs(client_id=self.client_id)
self.CheckMethodIsAccessChecked(
self.router.GetFlow, "CheckClientAccess", args=args)
args = api_flow.ApiCreateFlowArgs(client_id=self.client_id)
self.CheckMethodIsAccessChecked(
self.router.CreateFlow, "CheckClientAccess", args=args)
self.CheckMethodIsAccessChecked(
self.router.CreateFlow, "CheckIfCanStartClientFlow", args=args)
args = api_flow.ApiCancelFlowArgs(client_id=self.client_id)
self.CheckMethodIsAccessChecked(
self.router.CancelFlow, "CheckClientAccess", args=args)
args = api_flow.ApiListFlowRequestsArgs(client_id=self.client_id)
self.CheckMethodIsAccessChecked(
self.router.ListFlowRequests, "CheckClientAccess", args=args)
args = api_flow.ApiListFlowResultsArgs(client_id=self.client_id)
self.CheckMethodIsAccessChecked(
self.router.ListFlowResults, "CheckClientAccess", args=args)
args = api_flow.ApiGetExportedFlowResultsArgs(client_id=self.client_id)
self.CheckMethodIsAccessChecked(
self.router.GetExportedFlowResults, "CheckClientAccess", args=args)
args = api_flow.ApiGetFlowResultsExportCommandArgs(client_id=self.client_id)
self.CheckMethodIsAccessChecked(
self.router.GetFlowResultsExportCommand, "CheckClientAccess", args=args)
args = api_flow.ApiGetFlowFilesArchiveArgs(client_id=self.client_id)
self.CheckMethodIsAccessChecked(
self.router.GetFlowFilesArchive, "CheckClientAccess", args=args)
args = api_flow.ApiListFlowOutputPluginsArgs(client_id=self.client_id)
self.CheckMethodIsAccessChecked(
self.router.ListFlowOutputPlugins, "CheckClientAccess", args=args)
args = api_flow.ApiListFlowOutputPluginLogsArgs(client_id=self.client_id)
self.CheckMethodIsAccessChecked(
self.router.ListFlowOutputPluginLogs, "CheckClientAccess", args=args)
args = api_flow.ApiListFlowOutputPluginErrorsArgs(client_id=self.client_id)
self.CheckMethodIsAccessChecked(
self.router.ListFlowOutputPluginErrors, "CheckClientAccess", args=args)
args = api_flow.ApiListFlowLogsArgs(client_id=self.client_id)
self.CheckMethodIsAccessChecked(
self.router.ListFlowLogs, "CheckClientAccess", args=args)
def testListFlowResultsRaisesIfFlowWasNotCreatedBySameRouter(self):
flow_urn = flow.StartFlow(client_id=self.client_id,
flow_name=file_finder.FileFinder.__name__,
token=self.token)
router = self._CreateRouter(
list_flow_results=rr.RobotRouterListFlowResultsParams(
enabled=True))
with self.assertRaises(access_control.UnauthorizedAccess):
router.ListFlowResults(api_flow.ApiListFlowResultsArgs(
client_id=self.client_id, flow_id=flow_urn.Basename()),
token=self.token)