def Run(self):
def ReplaceCronJobUrn():
jobs = list(aff4_cronjobs.GetCronManager().ListJobs(token=self.token))
return {jobs[0]: "CreateAndRunGenericHuntFlow_1234"}
flow_name = file_finder.FileFinder.__name__
flow_args = rdf_file_finder.FileFinderArgs(
paths=["c:\\windows\\system32\\notepad.*"])
hunt_runner_args = rdf_hunts.HuntRunnerArgs()
hunt_runner_args.client_rule_set.rules = [
foreman_rules.ForemanClientRule(
os=foreman_rules.ForemanOsClientRule(os_windows=True))
]
hunt_runner_args.description = "Foobar! (cron)"
self.Check(
"CreateCronJob",
args=cron_plugin.ApiCreateCronJobArgs(
description="Foobar!",
flow_name=flow_name,
flow_args=flow_args,
hunt_runner_args=hunt_runner_args,
periodicity=604800,
lifetime=3600),
replace=ReplaceCronJobUrn)
def testAddForemanRulesHuntRunnerArgumentIsNotRespected(self):
args = cron_plugin.ApiCreateCronJobArgs(
flow_name=flow_test_lib.FlowWithOneNestedFlow.__name__,
hunt_runner_args=rdf_hunts.HuntRunnerArgs(
# Default is True.
add_foreman_rules=False))
result = self.handler.Handle(args, context=self.context)
self.assertTrue(
result.args.hunt_cron_action.hunt_runner_args.add_foreman_rules)
def Handle(self, args, context=None):
del args, context # Unused.
return ApiUiConfig(
heading=config.CONFIG["AdminUI.heading"],
report_url=config.CONFIG["AdminUI.report_url"],
help_url=config.CONFIG["AdminUI.help_url"],
grr_version=config.CONFIG["Source.version_string"],
profile_image_url=config.CONFIG["AdminUI.profile_image_url"],
default_hunt_runner_args=rdf_hunts.HuntRunnerArgs(),
)
def InitFromHuntObject(self,
hunt_obj,
hunt_counters=None,
with_full_summary=False):
"""Initialize API hunt object from a database hunt object.
Args:
hunt_obj: rdf_hunt_objects.Hunt to read the data from.
hunt_counters: Optional db.HuntCounters object with counters information.
with_full_summary: if True, hunt_runner_args, completion counts and a few
other fields will be filled in. The way to think about it is that with
with_full_summary==True ApiHunt will have the data to render "Hunt
Overview" page and with with_full_summary==False it will have enough
data to be rendered as a hunts list row.
Returns:
Self.
"""
self.urn = rdfvalue.RDFURN("hunts").Add(str(hunt_obj.hunt_id))
self.hunt_id = hunt_obj.hunt_id
if (hunt_obj.args.hunt_type ==
rdf_hunt_objects.HuntArguments.HuntType.STANDARD):
self.name = "GenericHunt"
self.hunt_type = self.HuntType.STANDARD
else:
self.name = "VariableGenericHunt"
self.hunt_type = self.HuntType.VARIABLE
self.state = str(hunt_obj.hunt_state)
self.crash_limit = hunt_obj.crash_limit
self.client_limit = hunt_obj.client_limit
self.client_rate = hunt_obj.client_rate
self.created = hunt_obj.create_time
self.duration = hunt_obj.duration
self.creator = hunt_obj.creator
self.init_start_time = hunt_obj.init_start_time
self.last_start_time = hunt_obj.last_start_time
self.description = hunt_obj.description
self.is_robot = hunt_obj.creator in access_control.SYSTEM_USERS
if hunt_counters is not None:
self.results_count = hunt_counters.num_results
self.clients_with_results_count = hunt_counters.num_clients_with_results
self.remaining_clients_count = hunt_counters.num_running_clients
# TODO(user): remove this hack when AFF4 is gone. For regression tests
# compatibility only.
self.total_cpu_usage = hunt_counters.total_cpu_seconds or 0
self.total_net_usage = hunt_counters.total_network_bytes_sent
if with_full_summary:
self.all_clients_count = hunt_counters.num_clients
self.completed_clients_count = (
hunt_counters.num_successful_clients +
hunt_counters.num_failed_clients)
else:
self.results_count = 0
self.clients_with_results_count = 0
self.remaining_clients_count = 0
self.total_cpu_usage = 0
self.total_net_usage = 0
if with_full_summary:
self.all_clients_count = 0
self.completed_clients_count = 0
if hunt_obj.original_object.object_type != "UNKNOWN":
ref = ApiFlowLikeObjectReference()
self.original_object = ref.FromFlowLikeObjectReference(
hunt_obj.original_object)
if with_full_summary:
hra = self.hunt_runner_args = rdf_hunts.HuntRunnerArgs(
hunt_name=self.name,
description=hunt_obj.description,
client_rule_set=hunt_obj.client_rule_set,
crash_limit=hunt_obj.crash_limit,
expiry_time=hunt_obj.duration,
avg_results_per_client_limit=hunt_obj.avg_results_per_client_limit,
avg_cpu_seconds_per_client_limit=hunt_obj
.avg_cpu_seconds_per_client_limit,
avg_network_bytes_per_client_limit=hunt_obj
.avg_network_bytes_per_client_limit,
client_rate=hunt_obj.client_rate,
original_object=hunt_obj.original_object)
if hunt_obj.HasField("output_plugins"):
hra.output_plugins = hunt_obj.output_plugins
# TODO(user): This is a backwards compatibility code. Remove
# HuntRunnerArgs from ApiHunt.
if hunt_obj.client_limit != 100:
hra.client_limit = hunt_obj.client_limit
if hunt_obj.HasField("per_client_cpu_limit"):
hra.per_client_cpu_limit = hunt_obj.per_client_cpu_limit
if hunt_obj.HasField("per_client_network_limit_bytes"):
hra.per_client_network_limit_bytes = (
hunt_obj.per_client_network_bytes_limit)
if hunt_obj.HasField("total_network_bytes_limit"):
hra.network_bytes_limit = hunt_obj.total_network_bytes_limit
self.client_rule_set = hunt_obj.client_rule_set
if (hunt_obj.args.hunt_type ==
rdf_hunt_objects.HuntArguments.HuntType.STANDARD):
# TODO(hanuszczak): API hunt objects should not use dynamic type lookup
# as well.
flow_name = hunt_obj.args.standard.flow_name
flow_cls = registry.FlowRegistry.FlowClassByName(flow_name)
flow_args = hunt_obj.args.standard.flow_args.Unpack(flow_cls.args_type)
self.flow_name = flow_name
self.flow_args = flow_args
elif (hunt_obj.args.hunt_type ==
rdf_hunt_objects.HuntArguments.HuntType.VARIABLE):
self.flow_args = hunt_obj.args.variable
return self
