def DeleteGRRUser(self, username):
"""Deletes the user and all related metadata with the given username."""
try:
del self.approvals_by_username[username]
except KeyError:
pass # No approvals to delete for this user.
for approvals in self.approvals_by_username.values():
for approval in approvals.values():
grants = [
g for g in approval.grants
if g.grantor_username != username
]
if len(grants) != len(approval.grants):
approval.grants = grants
try:
del self.notifications_by_username[username]
except KeyError:
pass # No notifications to delete for this user.
for sf in list(self.scheduled_flows.values()):
if sf.creator == username:
self.DeleteScheduledFlow(sf.client_id, username,
sf.scheduled_flow_id)
try:
del self.users[username]
except KeyError:
raise db.UnknownGRRUserError(username)
def DeleteGRRUser(self, username, cursor=None):
"""Deletes the user and all related metadata with the given username."""
cursor.execute("DELETE FROM grr_users WHERE username_hash = %s",
(mysql_utils.Hash(username), ))
if cursor.rowcount == 0:
raise db.UnknownGRRUserError(username)
def DeleteGRRUser(self, username):
"""Deletes the user and all related metadata with the given username."""
try:
del self.approvals_by_username[username]
except KeyError:
pass # No approvals to delete for this user.
for approvals in self.approvals_by_username.values():
for approval in approvals.values():
grants = [
g for g in approval.grants
if g.grantor_username != username
]
if len(grants) != len(approval.grants):
approval.grants = grants
try:
del self.notifications_by_username[username]
except KeyError:
pass # No notifications to delete for this user.
try:
del self.users[username]
except KeyError:
raise db.UnknownGRRUserError(username)
def WriteYaraSignatureReference(
self,
blob_id,
username,
):
"""Marks specified blob id as a YARA signature."""
if username not in self.users:
raise db.UnknownGRRUserError(username=username)
self.yara[blob_id] = username
def WriteYaraSignatureReference(
self,
blob_id: rdf_objects.BlobID,
username: Text,
) -> None:
"""Marks specified blob id as a YARA signature."""
if username not in self.users:
raise db.UnknownGRRUserError(username=username)
self.yara[blob_id] = username
def WriteUserNotification(self, notification):
"""Writes a notification for a given user."""
if notification.username not in self.users:
raise db.UnknownGRRUserError(notification.username)
cloned_notification = notification.Copy()
if not cloned_notification.timestamp:
cloned_notification.timestamp = rdfvalue.RDFDatetime.Now()
self.notifications_by_username.setdefault(
cloned_notification.username, []).append(cloned_notification)
def ReadGRRUser(self, username, cursor=None):
"""Reads a user object corresponding to a given name."""
cursor.execute(
"SELECT username, password, ui_mode, canary_mode, user_type "
"FROM grr_users WHERE username_hash = %s", [mysql_utils.Hash(username)])
row = cursor.fetchone()
if row is None:
raise db.UnknownGRRUserError(username)
return self._RowToGRRUser(row)
def WriteScheduledFlow(
self, scheduled_flow: rdf_flow_objects.ScheduledFlow) -> None:
"""See base class."""
if scheduled_flow.client_id not in self.metadatas:
raise db.UnknownClientError(scheduled_flow.client_id)
if scheduled_flow.creator not in self.users:
raise db.UnknownGRRUserError(scheduled_flow.creator)
full_id = (scheduled_flow.client_id, scheduled_flow.creator,
scheduled_flow.scheduled_flow_id)
self.scheduled_flows[full_id] = scheduled_flow.Copy()
def WriteUserNotification(self, notification, cursor=None):
"""Writes a notification for a given user."""
# Copy the notification to ensure we don't modify the source object.
args = {
"username_hash": mysql_utils.Hash(notification.username),
"notification_state": int(notification.state),
"notification": notification.SerializeToString(),
}
query = "INSERT INTO user_notification {columns} VALUES {values}".format(
columns=mysql_utils.Columns(args),
values=mysql_utils.NamedPlaceholders(args))
try:
cursor.execute(query, args)
except MySQLdb.IntegrityError:
raise db.UnknownGRRUserError(notification.username)
def WriteYaraSignatureReference(
self,
blob_id,
username,
cursor,
):
"""Marks specified blob id as a YARA signature."""
query = """
INSERT IGNORE INTO yara_signature_references
VALUES (%(blob_id)s, %(username_hash)s, NOW(6))
"""
args = {
"blob_id": blob_id.AsBytes(),
"username_hash": mysql_utils.Hash(username),
}
try:
cursor.execute(query, args)
except MySQLdb.IntegrityError:
raise db.UnknownGRRUserError(username=username)
def ReadGRRUser(self, username):
"""Reads a user object corresponding to a given name."""
try:
return self.users[username].Copy()
except KeyError:
raise db.UnknownGRRUserError(username)
def SampleCallWithGRRError(self):
raise db.UnknownGRRUserError("Unknown")