def Run(self): client_id = self.SetupClient(0) email_descriptor = rdf_output_plugin.OutputPluginDescriptor( plugin_name=email_plugin.EmailOutputPlugin.__name__, plugin_args=email_plugin.EmailOutputPluginArgs( email_address="test@localhost", emails_limit=42)) with test_lib.FakeTime(42): if data_store.RelationalDBFlowsEnabled(): flow_id = flow_test_lib.StartAndRunFlow( flow_cls=flow_test_lib.DummyFlowWithSingleReply, client_id=client_id.Basename(), output_plugins=[email_descriptor]) else: flow_urn = flow.StartAFF4Flow( flow_name=flow_test_lib.DummyFlowWithSingleReply.__name__, client_id=client_id, output_plugins=[email_descriptor], token=self.token) flow_id = flow_urn.Basename() flow_test_lib.TestFlowHelper(flow_urn, token=self.token) self.Check("ListFlowOutputPluginLogs", args=flow_plugin.ApiListFlowOutputPluginLogsArgs( client_id=client_id.Basename(), flow_id=flow_id, plugin_id="EmailOutputPlugin_0"), replace={flow_id: "W:ABCDEF"})
def Run(self): client_id = self.SetupClient(0) email_descriptor = rdf_output_plugin.OutputPluginDescriptor( plugin_name=email_plugin.EmailOutputPlugin.__name__, plugin_args=email_plugin.EmailOutputPluginArgs( email_address="test@localhost", emails_limit=42)) with test_lib.FakeTime(42): if data_store.RelationalDBFlowsEnabled(): flow_id = flow.StartFlow( flow_cls=processes.ListProcesses, client_id=client_id.Basename(), output_plugins=[email_descriptor]) else: flow_urn = flow.StartAFF4Flow( flow_name=processes.ListProcesses.__name__, client_id=client_id, output_plugins=[email_descriptor], token=self.token) flow_id = flow_urn.Basename() self.Check( "ListFlowOutputPlugins", args=flow_plugin.ApiListFlowOutputPluginsArgs( client_id=client_id.Basename(), flow_id=flow_id), replace={flow_id: "W:ABCDEF"})
def testWritingAndReadingHuntOutputPluginsStatesWorks(self): hunt_obj = rdf_hunt_objects.Hunt(description="foo") self.db.WriteHuntObject(hunt_obj) plugin_descriptor = rdf_output_plugin.OutputPluginDescriptor( plugin_name=compatibility.GetName(email_plugin.EmailOutputPlugin), plugin_args=email_plugin.EmailOutputPluginArgs(emails_limit=42)) state_1 = rdf_flow_runner.OutputPluginState( plugin_descriptor=plugin_descriptor, plugin_state={}) plugin_descriptor = rdf_output_plugin.OutputPluginDescriptor( plugin_name=compatibility.GetName(email_plugin.EmailOutputPlugin), plugin_args=email_plugin.EmailOutputPluginArgs(emails_limit=43)) state_2 = rdf_flow_runner.OutputPluginState( plugin_descriptor=plugin_descriptor, plugin_state={}) written_states = [state_1, state_2] self.db.WriteHuntOutputPluginsStates(hunt_obj.hunt_id, written_states) read_states = self.db.ReadHuntOutputPluginsStates(hunt_obj.hunt_id) self.assertEqual(read_states, written_states)
def testEmailPluginSendsEmailPerEveyBatchOfResponses(self): self.ProcessResponses(plugin_args=email_plugin.EmailOutputPluginArgs( email_address=self.email_address), responses=[rdf_client.Process(pid=42)]) self.assertLen(self.email_messages, 1) msg = self.email_messages[0] self.assertEqual(msg["address"], self.email_address) self.assertIn("got a new result in %s" % self.results_urn, msg["title"]) self.assertIn(utils.SmartStr(self.client_id), msg["message"]) self.assertIn(utils.SmartStr(self.hostname), msg["message"])
def setUp(self): super(TestFlowCopy, self).setUp() # Prepare our fixture. self.client_id = rdf_client.ClientURN("C.0000000000000001") # This attribute is used by StandardHuntTestMixin. self.client_ids = [self.client_id] fixture_test_lib.ClientFixture(self.client_id, self.token) self.RequestAndGrantClientApproval("C.0000000000000001") self.email_descriptor = rdf_output_plugin.OutputPluginDescriptor( plugin_name=email_plugin.EmailOutputPlugin.__name__, plugin_args=email_plugin.EmailOutputPluginArgs( email_address="test@localhost", emails_limit=42))
def testApprovalIndicatesThatHuntWasCopiedFromFlow(self): email_descriptor = rdf_output_plugin.OutputPluginDescriptor( plugin_name=compatibility.GetName(email_plugin.EmailOutputPlugin), plugin_args=email_plugin.EmailOutputPluginArgs( email_address="test@localhost", emails_limit=42)) args = flows_processes.ListProcessesArgs( filename_regex="test[a-z]*", fetch_binaries=True) flow_test_lib.StartFlow( flows_processes.ListProcesses, flow_args=args, client_id=self.client_id, output_plugins=[email_descriptor]) self.Open("/#/clients/%s" % self.client_id) self.Click("css=a[grrtarget='client.flows']") self.Click("css=td:contains('ListProcesses')") # Open the wizard. self.Click("css=button[name=create_hunt]") # Go to the hunt parameters page. self.Click("css=grr-new-hunt-wizard-form button.Next") # Go to the output plugins page. self.Click("css=grr-new-hunt-wizard-form button.Next") # Go to the rules page. self.Click("css=grr-new-hunt-wizard-form button.Next") # Go to the review page. self.Click("css=grr-new-hunt-wizard-form button.Next") # Create the hunt. self.Click("css=button:contains('Create Hunt')") self.Click("css=button:contains('Done')") # Request an approval. hunts = data_store.REL_DB.ListHuntObjects(offset=0, count=1) h = hunts[0] approval_id = self.RequestHuntApproval( h.hunt_id, requestor=self.token.username, reason="reason", approver=self.token.username) # Open the approval page. self.Open("/#/users/%s/approvals/hunt/%s/%s" % (self.token.username, h.hunt_id, approval_id)) self.WaitUntil(self.IsElementPresent, "css=div.panel-body:contains('This hunt was created from')")
def Run(self): client_id = self.SetupClient(0) email_descriptor = rdf_output_plugin.OutputPluginDescriptor( plugin_name=email_plugin.EmailOutputPlugin.__name__, plugin_args=email_plugin.EmailOutputPluginArgs( email_address="test@localhost", emails_limit=42)) with test_lib.FakeTime(42): flow_id = flow.StartFlow(flow_cls=processes.ListProcesses, client_id=client_id, output_plugins=[email_descriptor]) self.Check("ListFlowOutputPlugins", args=flow_plugin.ApiListFlowOutputPluginsArgs( client_id=client_id, flow_id=flow_id), replace={flow_id: "W:ABCDEF"})
def Run(self): client_id = self.SetupClient(0) email_descriptor = rdf_output_plugin.OutputPluginDescriptor( plugin_name=email_plugin.EmailOutputPlugin.__name__, plugin_args=email_plugin.EmailOutputPluginArgs( email_address="test@localhost", emails_limit=42)) with test_lib.FakeTime(42): flow_id = flow_test_lib.StartAndRunFlow( flow_cls=flow_test_lib.DummyFlowWithSingleReply, client_id=client_id, output_plugins=[email_descriptor]) self.Check("ListFlowOutputPluginLogs", args=flow_plugin.ApiListFlowOutputPluginLogsArgs( client_id=client_id, flow_id=flow_id, plugin_id="EmailOutputPlugin_0"), replace={flow_id: "W:ABCDEF"})
def testEmailPluginStopsSendingEmailsAfterLimitIsReached(self): responses = [rdf_client.Process(pid=i) for i in range(11)] self.ProcessResponses(plugin_args=email_plugin.EmailOutputPluginArgs( email_address=self.email_address, emails_limit=10), responses=responses, process_responses_separately=True) self.assertLen(self.email_messages, 10) for msg in self.email_messages: self.assertEqual(msg["address"], self.email_address) self.assertIn("got a new result in %s" % self.results_urn, msg["title"]) self.assertIn(utils.SmartStr(self.client_id), msg["message"]) self.assertIn(utils.SmartStr(self.hostname), msg["message"]) for msg in self.email_messages[:10]: self.assertNotIn("sending of emails will be disabled now", msg) self.assertIn("sending of emails will be disabled now", self.email_messages[9]["message"])
def testCreateHuntFromFlow(self): email_descriptor = rdf_output_plugin.OutputPluginDescriptor( plugin_name=compatibility.GetName(email_plugin.EmailOutputPlugin), plugin_args=email_plugin.EmailOutputPluginArgs( email_address="test@localhost", emails_limit=42)) args = flows_processes.ListProcessesArgs( filename_regex="test[a-z]*", fetch_binaries=True) flow_test_lib.StartFlow( flows_processes.ListProcesses, flow_args=args, client_id=self.client_id, output_plugins=[email_descriptor]) # Navigate to client and select newly created flow. self.Open("/#/clients/%s" % self.client_id) self.Click("css=a[grrtarget='client.flows']") self.Click("css=td:contains('ListProcesses')") # Open wizard and check if flow arguments are copied. self.Click("css=button[name=create_hunt]") self.WaitUntilEqual("test[a-z]*", self.GetValue, "css=label:contains('Filepath Regex') ~ * input") self.WaitUntil( self.IsChecked, "css=label:contains('Fetch Binaries') " "~ * input[type=checkbox]") # Go to output plugins page and check that we did not copy the output # plugins. self.Click("css=button:contains('Next')") self.WaitUntil(self.IsElementPresent, "css=grr-wizard-form:contains('Hunt parameters')") self.Click("css=grr-new-hunt-wizard-form button.Next") self.WaitUntil(self.IsElementPresent, "css=grr-wizard-form:contains('How to process results')") self.WaitUntilNot(self.IsElementPresent, "css=grr-output-plugin-descriptor-form") # Nothing else to check, so finish the hunt. # Click on "Next" button self.Click("css=grr-new-hunt-wizard-form button.Next") self.WaitUntil(self.IsElementPresent, "css=grr-wizard-form:contains('Where to run?')") self.Click("css=button:contains('Next')") self.WaitUntil(self.IsElementPresent, "css=grr-wizard-form:contains('Review')") self.Click("css=button:contains('Create Hunt')") self.Click("css=button:contains('Done')") # Check that we get redirected to ManageHunts. self.WaitUntilEqual(1, self.GetCssCount, "css=grr-hunts-list table tbody tr") self.WaitUntilEqual(1, self.GetCssCount, "css=grr-hunts-list table tbody tr.row-selected") self.WaitUntil(self.IsTextPresent, "GenericHunt") self.WaitUntil(self.IsTextPresent, compatibility.GetName(flows_processes.ListProcesses))