예제 #1
0
파일: filters_test.py 프로젝트: qsdj/grr
 def testValidate(self):
   filt = filters.StatFilter()
   for params in self.badness:
     for bad in params:
       self.assertRaises(filters.DefinitionError, filt.Validate, bad)
   for params in self.just_fine:
     for ok in params:
       self.assertTrue(filt.Validate(ok), "Rejected valid expression: %s" % ok)
예제 #2
0
파일: filters_test.py 프로젝트: qsdj/grr
 def testPathREParse(self):
   """Path regexes operate successfully."""
   filt = filters.StatFilter()
   obj1 = self._GenStat(path="/etc/passwd")
   obj2 = self._GenStat(path="/etc/alternatives/ssh-askpass")
   obj3 = self._GenStat(path="/etc/alternatives/ssh-askpass.1.gz")
   objs = [obj1, obj2, obj3]
   results = filt.Parse(objs, "path_re:/etc/*")
   self.assertItemsEqual(objs, results)
   results = filt.Parse(objs, "path_re:alternatives")
   self.assertItemsEqual([obj2, obj3], results)
   results = filt.Parse(objs, "path_re:alternatives file_re:pass$")
   self.assertItemsEqual([obj2], results)
예제 #3
0
파일: filters_test.py 프로젝트: qsdj/grr
 def testPermissionsParse(self):
   """Permissions comparisons operate successfully."""
   filt = filters.StatFilter()
   obj1 = self._GenStat(st_mode=0100740)
   obj2 = self._GenStat(st_mode=0100755)
   objs = [obj1, obj2]
   results = filt.Parse(objs, "mode:0644")
   self.assertFalse(results)
   results = filt.Parse(objs, "mode:0740")
   self.assertItemsEqual([obj1], results)
   results = filt.Parse(objs, "mode:0640 mask:0640")
   self.assertItemsEqual(objs, results)
   results = filt.Parse(objs, "mode:0014 mask:0014")
   self.assertItemsEqual([obj2], results)
예제 #4
0
파일: filters_test.py 프로젝트: qsdj/grr
 def testFileTypeParse(self):
   """FileType filters restrict results to specified file types."""
   all_types = {
       "BLOCK": self._GenStat(st_mode=24992),  # 0060640
       "Character": self._GenStat(st_mode=8608),  # 0020640
       "directory": self._GenStat(st_mode=16873),  # 0040751
       "fiFO": self._GenStat(st_mode=4534),  # 0010666
       "REGULAR": self._GenStat(st_mode=33204),  # 0100664
       "socket": self._GenStat(st_mode=49568),  # 0140640
       "SymLink": self._GenStat(st_mode=41471)
   }  # 0120777
   filt = filters.StatFilter()
   for file_type, expected in all_types.iteritems():
     filt._Flush()
     results = filt.Parse(all_types.values(), "file_type:%s" % file_type)
     self.assertEqual(1, len(results), "Expected exactly 1 %s" % file_type)
     self.assertEqual(expected, results[0],
                      "Expected stat %s, got %s" % (expected, results[0]))
예제 #5
0
파일: filters_test.py 프로젝트: qsdj/grr
 def testGIDParse(self):
   """GID comparisons operate successfully."""
   filt = filters.StatFilter()
   obj1 = self._GenStat(st_gid=0)
   obj2 = self._GenStat(st_gid=500)
   obj3 = self._GenStat(st_gid=5000)
   objs = [obj1, obj2, obj3]
   results = filt.Parse(objs, "gid:=0")
   self.assertItemsEqual([obj1], results)
   results = filt.Parse(objs, "gid:>=0")
   self.assertItemsEqual(objs, results)
   results = filt.Parse(objs, "gid:>0")
   self.assertItemsEqual([obj2, obj3], results)
   results = filt.Parse(objs, "gid:>0,<=5000")
   self.assertItemsEqual([obj2, obj3], results)
   results = filt.Parse(objs, "gid:>0,<5000")
   self.assertItemsEqual([obj2], results)
   results = filt.Parse(objs, "gid:!5000")
   self.assertItemsEqual([obj1, obj2], results)
예제 #6
0
파일: filters_test.py 프로젝트: qsdj/grr
 def testUIDParse(self):
   """UID comparisons operate successfully."""
   filt = filters.StatFilter()
   obj1 = self._GenStat(st_uid=1001)
   obj2 = self._GenStat(st_uid=5000)
   objs = [obj1, obj2]
   results = filt.Parse(objs, "uid:=0")
   self.assertFalse(results)
   results = filt.Parse(objs, "uid:=1001")
   self.assertItemsEqual([obj1], results)
   results = filt.Parse(objs, "uid:>=0")
   self.assertItemsEqual(objs, results)
   results = filt.Parse(objs, "uid:>0")
   self.assertItemsEqual(objs, results)
   results = filt.Parse(objs, "uid:>0,<=5000")
   self.assertItemsEqual(objs, results)
   results = filt.Parse(objs, "uid:>0,<5000")
   self.assertItemsEqual([obj1], results)
   results = filt.Parse(objs, "uid:!5000")
   self.assertItemsEqual([obj1], results)
예제 #7
0
파일: filters_test.py 프로젝트: qsdj/grr
 def testParseFileObjs(self):
   """Multiple file types are parsed successfully."""
   filt = filters.StatFilter()
   ok = self._GenStat(path="/etc/shadow", st_uid=0, st_gid=0, st_mode=0100640)
   link = self._GenStat(
       path="/etc/shadow", st_uid=0, st_gid=0, st_mode=0120640)
   user = self._GenStat(
       path="/etc/shadow", st_uid=1000, st_gid=1000, st_mode=0100640)
   writable = self._GenStat(
       path="/etc/shadow", st_uid=0, st_gid=0, st_mode=0100666)
   cfg = {"path": "/etc/shadow", "st_uid": 0, "st_gid": 0, "st_mode": 0100640}
   invalid = rdf_protodict.AttributedDict(**cfg)
   objs = [ok, link, user, writable, invalid]
   results = filt.Parse(objs, "uid:>=0 gid:>=0")
   self.assertItemsEqual([ok, link, user, writable], results)
   results = filt.Parse(objs, "uid:=0 mode:0440 mask:0440")
   self.assertItemsEqual([ok, link, writable], results)
   results = filt.Parse(objs, "uid:=0 mode:0440 mask:0444")
   self.assertItemsEqual([ok, link], results)
   results = list(
       filt.Parse(objs, "uid:=0 mode:0440 mask:0444 file_type:regular"))
   self.assertItemsEqual([ok], results)