def setUp(self):
super(ApiListHuntOutputPluginLogsHandlerTest, self).setUp()
self.client_ids = self.SetupClients(5)
self.handler = hunt_plugin.ApiListHuntOutputPluginLogsHandler()
self.output_plugins = [
output_plugin.OutputPluginDescriptor(
plugin_name=test_plugins.DummyHuntTestOutputPlugin.__name__,
plugin_args=test_plugins.DummyHuntTestOutputPlugin.args_type(
filename_regex="foo")),
output_plugin.OutputPluginDescriptor(
plugin_name=test_plugins.DummyHuntTestOutputPlugin.__name__,
plugin_args=test_plugins.DummyHuntTestOutputPlugin.args_type(
filename_regex="bar"))
]
def Run(self):
email_descriptor = output_plugin.OutputPluginDescriptor(
plugin_name=email_plugin.EmailOutputPlugin.__name__,
plugin_args=email_plugin.EmailOutputPluginArgs(
email_address="test@localhost", emails_limit=42))
with test_lib.FakeTime(42):
flow_urn = flow.GRRFlow.StartFlow(
flow_name=flow_test_lib.DummyFlowWithSingleReply.__name__,
client_id=self.client_id,
output_plugins=[email_descriptor],
token=self.token)
with test_lib.FakeTime(43):
for _ in flow_test_lib.TestFlowHelper(flow_urn, token=self.token):
pass
self.Check(
"ListFlowOutputPluginLogs",
args=flow_plugin.ApiListFlowOutputPluginLogsArgs(
client_id=self.client_id.Basename(),
flow_id=flow_urn.Basename(),
plugin_id="EmailOutputPlugin_0"),
replace={
flow_urn.Basename(): "W:ABCDEF"
})
def _CreateHuntFromHunt(self):
flow_args = rdf_file_finder.FileFinderArgs(
paths=["a/*", "b/*"],
action=rdf_file_finder.FileFinderAction(action_type="STAT"))
flow_runner_args = rdf_flows.FlowRunnerArgs(
flow_name=file_finder.FileFinder.__name__)
client_rule_set = self._CreateForemanClientRuleSet()
source_h = self.CreateHunt(flow_args=flow_args,
flow_runner_args=flow_runner_args,
description="foo-description",
client_rule_set=client_rule_set)
ref = rdf_hunts.FlowLikeObjectReference.FromHuntId(
source_h.urn.Basename())
# Modify flow_args so that there are differences.
flow_args.paths = ["b/*", "c/*"]
client_rule_set.rules[0].regex.field = "FQDN"
output_plugins = [
output_plugin.OutputPluginDescriptor(
plugin_name="TestOutputPlugin")
]
new_h = self.CreateHunt(flow_args=flow_args,
flow_runner_args=flow_runner_args,
description="bar-description",
client_rule_set=client_rule_set,
output_plugins=output_plugins,
original_object=ref)
return new_h, source_h
def Run(self):
with test_lib.FakeTime(42, increment=1):
hunt_urn = self.StartHunt(
description="the hunt",
output_plugins=[
output_plugin.OutputPluginDescriptor(
plugin_name=standard_test.FailingDummyHuntOutputPlugin.
__name__)
])
self.client_ids = self.SetupClients(2)
for index, client_id in enumerate(self.client_ids):
self.AssignTasksToClients(client_ids=[client_id])
self.RunHunt(failrate=-1)
with test_lib.FakeTime(100042 + index * 100):
try:
self.ProcessHuntOutputPlugins()
except process_results.ResultsProcessingError:
if flags.FLAGS.debug:
pdb.post_mortem()
self.Check("ListHuntOutputPluginErrors",
args=hunt_plugin.ApiListHuntOutputPluginErrorsArgs(
hunt_id=hunt_urn.Basename(),
plugin_id="FailingDummyHuntOutputPlugin_0"),
replace={hunt_urn.Basename(): "H:123456"})
def testFlowLogsSuccessfulOutputPluginProcessing(self):
flow_urn = self.RunFlow(plugins=output_plugin.OutputPluginDescriptor(
plugin_name="DummyFlowOutputPlugin"))
flow_obj = aff4.FACTORY.Open(flow_urn, token=self.token)
log_messages = [item.log_message for item in flow_obj.GetLog()]
self.assertTrue(
"Plugin DummyFlowOutputPlugin sucessfully processed 1 flow replies."
in log_messages)
def testFlowLogsFailedOutputPluginProcessing(self):
flow_urn = self.RunFlow(plugins=output_plugin.OutputPluginDescriptor(
plugin_name="FailingDummyFlowOutputPlugin"))
flow_obj = aff4.FACTORY.Open(flow_urn, token=self.token)
log_messages = [item.log_message for item in flow_obj.GetLog()]
self.assertTrue(
"Plugin FailingDummyFlowOutputPlugin failed to process 1 replies "
"due to: Oh no!" in log_messages)
def testUserChangesToCopiedFlowAreRespected(self):
args = flows_processes.ListProcessesArgs(filename_regex="test[a-z]*",
fetch_binaries=True)
flow.GRRFlow.StartFlow(
flow_name=flows_processes.ListProcesses.__name__,
args=args,
client_id=self.client_id,
output_plugins=[self.email_descriptor],
token=self.token)
# Navigate to client and select newly created flow.
self.Open("/#c=C.0000000000000001")
self.Click("css=a[grrtarget='client.flows']")
self.Click("css=td:contains('ListProcesses')")
# Open wizard and change the arguments.
self.Click("css=button[name=copy_flow]")
self.Type("css=label:contains('Filename Regex') ~ * input",
"somethingElse*")
self.Click(
"css=label:contains('Fetch Binaries') ~ * input[type=checkbox]")
# Change output plugin and add another one.
self.Click("css=label:contains('Output Plugins') ~ * button")
self.Select(
"css=grr-output-plugin-descriptor-form "
"label:contains('Plugin') ~ * select:eq(0)", "DummyOutputPlugin")
self.Type(
"css=grr-output-plugin-descriptor-form "
"label:contains('Filename Regex'):eq(0) ~ * input:text", "foobar!")
self.Click("css=button:contains('Launch')")
# Check that flows list got updated and that the new flow is selected.
self.WaitUntil(
self.IsElementPresent,
"css=grr-client-flows-list tr:contains('ListProcesses'):nth(1)")
self.WaitUntil(
self.IsElementPresent, "css=grr-client-flows-list "
"tr:contains('ListProcesses'):nth(0).row-selected")
# Now open the last flow and check that it has the changes we made.
fd = aff4.FACTORY.Open(self.client_id.Add("flows"), token=self.token)
flows = sorted(fd.ListChildren(), key=lambda x: x.age)
fobj = aff4.FACTORY.Open(flows[-1], token=self.token)
self.assertEqual(
fobj.args,
flows_processes.ListProcessesArgs(
filename_regex="somethingElse*", ))
self.assertListEqual(list(fobj.runner_args.output_plugins), [
output_plugin.OutputPluginDescriptor(
plugin_name=gui_test_lib.DummyOutputPlugin.__name__,
plugin_args=flows_processes.ListProcessesArgs(
filename_regex="foobar!")), self.email_descriptor
])
def testGetPluginArgsHandlesMissingPluginsCorrectly(self):
descriptor = output_plugin.OutputPluginDescriptor(
plugin_name="TestOutputPluginWithArgs",
plugin_args=rdf_flows.FlowRunnerArgs(
flow_name=transfer.GetFile.__name__))
serialized = descriptor.SerializeToString()
deserialized = output_plugin.OutputPluginDescriptor()
deserialized.ParseFromString(serialized)
self.assertEqual(deserialized, descriptor)
self.assertEqual(deserialized.GetPluginClass(),
TestOutputPluginWithArgs)
with utils.Stubber(output_plugin.OutputPlugin, "classes", {}):
deserialized = output_plugin.OutputPluginDescriptor()
deserialized.ParseFromString(serialized)
self.assertTrue(deserialized.GetPluginClass(),
output_plugin.UnknownOutputPlugin)
# UnknownOutputPlugin should just return serialized arguments as bytes.
self.assertEqual(deserialized.plugin_args,
descriptor.plugin_args.SerializeToString())
def testCreateHuntFromFlow(self):
email_descriptor = output_plugin.OutputPluginDescriptor(
plugin_name=email_plugin.EmailOutputPlugin.__name__,
plugin_args=email_plugin.EmailOutputPluginArgs(
email_address="test@localhost", emails_limit=42))
args = flows_processes.ListProcessesArgs(filename_regex="test[a-z]*",
fetch_binaries=True)
flow.GRRFlow.StartFlow(
flow_name=flows_processes.ListProcesses.__name__,
args=args,
client_id=self.client_id,
output_plugins=[email_descriptor],
token=self.token)
# Navigate to client and select newly created flow.
self.Open("/#c=C.0000000000000001")
self.Click("css=a[grrtarget='client.flows']")
self.Click("css=td:contains('ListProcesses')")
# Open wizard and check if flow arguments are copied.
self.Click("css=button[name=create_hunt]")
self.WaitUntilEqual("test[a-z]*", self.GetValue,
"css=label:contains('Filename Regex') ~ * input")
self.WaitUntil(
self.IsChecked, "css=label:contains('Fetch Binaries') "
"~ * input[type=checkbox]")
# Go to next page and check that we did not copy the output plugins.
self.Click("css=button:contains('Next')")
self.WaitUntilNot(self.IsElementPresent,
"css=grr-output-plugin-descriptor-form")
# Nothing else to check, so finish the hunt.
self.Click("css=button:contains('Next')")
self.Click("css=button:contains('Next')")
self.Click("css=button:contains('Create Hunt')")
self.Click("css=button:contains('Done')")
# Check that we get redirected to ManageHunts.
self.WaitUntilEqual(1, self.GetCssCount,
"css=grr-hunts-list table tbody tr")
self.WaitUntilEqual(1, self.GetCssCount,
"css=grr-hunts-list table tbody tr.row-selected")
self.WaitUntil(self.IsTextPresent, "GenericHunt")
self.WaitUntil(self.IsTextPresent,
flows_processes.ListProcesses.__name__)
def setUp(self):
super(TestFlowCopy, self).setUp()
# Prepare our fixture.
self.client_id = rdf_client.ClientURN("C.0000000000000001")
# This attribute is used by StandardHuntTestMixin.
self.client_ids = [self.client_id]
fixture_test_lib.ClientFixture(self.client_id, self.token)
self.RequestAndGrantClientApproval("C.0000000000000001")
self.email_descriptor = output_plugin.OutputPluginDescriptor(
plugin_name=email_plugin.EmailOutputPlugin.__name__,
plugin_args=email_plugin.EmailOutputPluginArgs(
email_address="test@localhost", emails_limit=42))
def _CreateHunt(self, description):
output_plugins = [
output_plugin.OutputPluginDescriptor(
plugin_name="TestOutputPlugin")
]
with implementation.GRRHunt.StartHunt(
hunt_name=standard.GenericHunt.__name__,
flow_runner_args=rdf_flows.FlowRunnerArgs(
flow_name=transfer.GetFile.__name__),
output_plugins=output_plugins,
description=description,
client_rate=0,
token=self.token) as hunt:
return hunt
def Run(self):
with test_lib.FakeTime(42):
with self.CreateHunt(
description="the hunt",
output_plugins=[
output_plugin.OutputPluginDescriptor(
plugin_name=test_plugins.DummyHuntTestOutputPlugin.__name__,
plugin_args=test_plugins.DummyHuntTestOutputPlugin.args_type(
filename_regex="blah!", fetch_binaries=True))
]) as hunt_obj:
pass
self.Check(
"ListHuntOutputPlugins",
args=hunt_plugin.ApiListHuntOutputPluginsArgs(
hunt_id=hunt_obj.urn.Basename()),
replace={hunt_obj.urn.Basename(): "H:123456"})
def Run(self):
email_descriptor = output_plugin.OutputPluginDescriptor(
plugin_name=email_plugin.EmailOutputPlugin.__name__,
plugin_args=email_plugin.EmailOutputPluginArgs(
email_address="test@localhost", emails_limit=42))
with test_lib.FakeTime(42):
flow_urn = flow.GRRFlow.StartFlow(
flow_name=processes.ListProcesses.__name__,
client_id=self.client_id,
output_plugins=[email_descriptor],
token=self.token)
self.Check("ListFlowOutputPlugins",
args=flow_plugin.ApiListFlowOutputPluginsArgs(
client_id=self.client_id.Basename(),
flow_id=flow_urn.Basename()),
replace={flow_urn.Basename(): "W:ABCDEF"})
def CreateSampleHunt(self, description, token=None):
implementation.GRRHunt.StartHunt(
hunt_name=standard.GenericHunt.__name__,
description=description,
flow_runner_args=rdf_flows.FlowRunnerArgs(
flow_name=transfer.GetFile.__name__),
flow_args=transfer.GetFileArgs(pathspec=rdf_paths.PathSpec(
path="/tmp/evil.txt",
pathtype=rdf_paths.PathSpec.PathType.TSK,
)),
client_rule_set=self._CreateForemanClientRuleSet(),
output_plugins=[
output_plugin.OutputPluginDescriptor(
plugin_name="DummyOutputPlugin",
plugin_args=gui_test_lib.DummyOutputPlugin.args_type(
filename_regex="blah!", fetch_binaries=True))
],
client_rate=60,
token=token)
def Run(self):
failing_descriptor = output_plugin.OutputPluginDescriptor(
plugin_name=standard_test.FailingDummyHuntOutputPlugin.__name__)
with test_lib.FakeTime(42):
flow_urn = flow.GRRFlow.StartFlow(
flow_name=flow_test_lib.DummyFlowWithSingleReply.__name__,
client_id=self.client_id,
output_plugins=[failing_descriptor],
token=self.token)
with test_lib.FakeTime(43):
for _ in flow_test_lib.TestFlowHelper(flow_urn, token=self.token):
pass
self.Check("ListFlowOutputPluginErrors",
args=flow_plugin.ApiListFlowOutputPluginErrorsArgs(
client_id=self.client_id.Basename(),
flow_id=flow_urn.Basename(),
plugin_id="FailingDummyHuntOutputPlugin_0"),
replace={flow_urn.Basename(): "W:ABCDEF"})
def Run(self):
with test_lib.FakeTime(42, increment=1):
hunt_urn = self.StartHunt(
description="the hunt",
output_plugins=[
output_plugin.OutputPluginDescriptor(
plugin_name=test_plugins.DummyHuntTestOutputPlugin.
__name__,
plugin_args=test_plugins.DummyHuntTestOutputPlugin.
args_type(filename_regex="blah!", fetch_binaries=True))
])
self.client_ids = self.SetupClients(2)
for index, client_id in enumerate(self.client_ids):
self.AssignTasksToClients(client_ids=[client_id])
self.RunHunt(failrate=-1)
with test_lib.FakeTime(100042 + index * 100):
self.ProcessHuntOutputPlugins()
self.Check("ListHuntOutputPluginLogs",
args=hunt_plugin.ApiListHuntOutputPluginLogsArgs(
hunt_id=hunt_urn.Basename(),
plugin_id="DummyHuntTestOutputPlugin_0"),
replace={hunt_urn.Basename(): "H:123456"})
def testFlowDoesNotFailWhenOutputPluginFails(self):
flow_urn = self.RunFlow(plugins=output_plugin.OutputPluginDescriptor(
plugin_name="FailingDummyFlowOutputPlugin"))
flow_obj = aff4.FACTORY.Open(flow_urn, token=self.token)
self.assertEqual(flow_obj.context.state, "TERMINATED")
def testFlowWithOutputPluginProcessesResultsSuccessfully(self):
self.RunFlow(plugins=output_plugin.OutputPluginDescriptor(
plugin_name="DummyFlowOutputPlugin"))
self.assertEqual(DummyFlowOutputPlugin.num_calls, 1)
self.assertEqual(DummyFlowOutputPlugin.num_responses, 1)
def testFlowWithOutputPluginButWithoutResultsCompletes(self):
self.RunFlow(flow_name="NoRequestParentFlow",
plugins=output_plugin.OutputPluginDescriptor(
plugin_name="DummyFlowOutputPlugin"))
self.assertEqual(DummyFlowOutputPlugin.num_calls, 0)
