def testDownloadCollectionWithFoldersEntries(self): """Check we can download RDFValueCollection that also references folders.""" fd = aff4.FACTORY.Create("aff4:/testcoll", "RDFValueCollection", token=self.token) fd.Add( file_finder.FileFinderResult(stat_entry=rdfvalue.StatEntry( aff4path=self.out.Add("testfile5")))) fd.Add( file_finder.FileFinderResult(stat_entry=rdfvalue.StatEntry( aff4path=self.out.Add("testdir1"), st_mode=stat.S_IFDIR))) fd.Close() with utils.TempDirectory() as tmpdir: export_utils.DownloadCollection("aff4:/testcoll", tmpdir, overwrite=True, dump_client_info=True, token=self.token, max_threads=2) expected_outdir = os.path.join(tmpdir, self.out.Path()[1:]) # Check we found both files. self.assertTrue("testfile5" in os.listdir(expected_outdir)) self.assertTrue("testdir1" in os.listdir(expected_outdir))
def testDownloadCollectionWithFlattenOption(self): """Check we can download files references in RDFValueCollection.""" # Create a collection with URNs to some files. fd = aff4.FACTORY.Create("aff4:/testcoll", collects.RDFValueCollection, token=self.token) fd.Add(rdfvalue.RDFURN(self.out.Add("testfile1"))) fd.Add(rdf_client.StatEntry(aff4path=self.out.Add("testfile2"))) fd.Add(file_finder.FileFinderResult(stat_entry=rdf_client.StatEntry( aff4path=self.out.Add("testfile5")))) fd.Close() with utils.TempDirectory() as tmpdir: export_utils.DownloadCollection("aff4:/testcoll", tmpdir, overwrite=True, dump_client_info=True, flatten=True, token=self.token, max_threads=2) # Check that "files" folder is filled with symlinks to downloaded files. symlinks = os.listdir(os.path.join(tmpdir, "files")) self.assertEqual(len(symlinks), 3) self.assertListEqual( sorted(symlinks), ["C.1000000000000000_fs_os_testfile1", "C.1000000000000000_fs_os_testfile2", "C.1000000000000000_fs_os_testfile5"]) self.assertEqual( os.readlink(os.path.join(tmpdir, "files", "C.1000000000000000_fs_os_testfile1")), os.path.join(tmpdir, "C.1000000000000000", "fs", "os", "testfile1"))
def testDownloadCollection(self): """Check we can download files references in RDFValueCollection.""" # Create a collection with URNs to some files. fd = aff4.FACTORY.Create("aff4:/testcoll", "RDFValueCollection", token=self.token) fd.Add(rdfvalue.RDFURN(self.out.Add("testfile1"))) fd.Add(rdfvalue.StatEntry(aff4path=self.out.Add("testfile2"))) fd.Add( file_finder.FileFinderResult(stat_entry=rdfvalue.StatEntry( aff4path=self.out.Add("testfile5")))) fd.Close() with utils.TempDirectory() as tmpdir: export_utils.DownloadCollection("aff4:/testcoll", tmpdir, overwrite=True, dump_client_info=True, token=self.token, max_threads=2) expected_outdir = os.path.join(tmpdir, self.out.Path()[1:]) # Check we found both files. self.assertTrue("testfile1" in os.listdir(expected_outdir)) self.assertTrue("testfile2" in os.listdir(expected_outdir)) self.assertTrue("testfile5" in os.listdir(expected_outdir)) # Check we dumped a YAML file to the root of the client. expected_rootdir = os.path.join(tmpdir, self.client_id.Basename()) self.assertTrue("client_info.yaml" in os.listdir(expected_rootdir))
def testStartsZipGenerationWhenGenerateZipButtonIsClicked(self): stat_entry = rdf_client.StatEntry(aff4path="aff4:/foo/bar") values = [file_finder.FileFinderResult(stat_entry=stat_entry)] with self.ACLChecksDisabled(): hunt_urn = self.CreateGenericHuntWithCollection(values=values) self.GrantHuntApproval(hunt_urn) self.Open("/") self.Click("css=a[grrtarget=ManageHunts]") self.Click("css=td:contains('GenericHunt')") self.Click("css=li[heading=Results]") self.Click("css=button.DownloadButton") self.WaitUntil(self.IsTextPresent, "Generation has started") with self.ACLChecksDisabled(): flows_dir = aff4.FACTORY.Open("aff4:/flows") flows = list(flows_dir.OpenChildren()) export_flows = [ f for f in flows if f.__class__.__name__ == "ExportCollectionFilesAsArchive" ] self.assertEqual(len(export_flows), 1) self.assertEqual(export_flows[0].args.collection_urn, hunt_urn.Add("Results"))
def testHuntAuthorizationIsRequiredToGenerateResultsArchive(self): stat_entry = rdf_client.StatEntry(aff4path="aff4:/foo/bar") values = [file_finder.FileFinderResult(stat_entry=stat_entry)] with self.ACLChecksDisabled(): self.CreateGenericHuntWithCollection(values=values) self.Open("/") self.Click("css=a[grrtarget=hunts]") self.Click("css=td:contains('GenericHunt')") self.Click("css=li[heading=Results]") self.Click("css=button.DownloadButton") self.WaitUntil(self.IsTextPresent, "Create a new approval request")
def testShowsGenerateArchiveButtonForFileFinderHunt(self): stat_entry = rdf_client.StatEntry(aff4path="aff4:/foo/bar") values = [file_finder.FileFinderResult(stat_entry=stat_entry)] with self.ACLChecksDisabled(): self.CreateGenericHuntWithCollection(values=values) self.Open("/") self.Click("css=a[grrtarget=ManageHunts]") self.Click("css=td:contains('GenericHunt')") self.Click("css=li[heading=Results]") self.WaitUntil(self.IsTextPresent, "Files referenced in this collection can be downloaded")
def testNetgroupBufferParser(self): """Ensure we can extract users from a netgroup file.""" parser = linux_file_parser.NetgroupBufferParser() buf1 = rdf_client.BufferReference(data="group1 (-,user1,) (-,user2,) " "(-,user3,)\n") buf2 = rdf_client.BufferReference(data="super_group3 (-,user5,) (-,user6,)" " group1 group2\n") ff_result = file_finder.FileFinderResult(matches=[buf1, buf2]) config_lib.CONFIG.Set("Artifacts.netgroup_user_blacklist", ["user2", "user3"]) out = list(parser.Parse(ff_result, None)) self.assertItemsEqual([x.username for x in out], [u"user1", u"user5", u"user6"])
def testFileViewHasExportTabWhenCollectionHasFileFinderResults(self): collection_urn = "aff4:/C.0000000000000001/analysis/SomeFlow/results" with self.ACLChecksDisabled(): with aff4.FACTORY.Create(collection_urn, "RDFValueCollection", token=self.token) as fd: fd.Add( file_finder.FileFinderResult( stat_entry=rdf_client.StatEntry( aff4path="aff4:/some/unique/path"))) self.GrantClientApproval("C.0000000000000001") self.CheckExportTabIsPresent()
def testDownloadCollection(self): """Check we can download files references in RDFValueCollection.""" # Create a collection with URNs to some files. fd = aff4.FACTORY.Create("aff4:/testcoll", collects.RDFValueCollection, token=self.token) fd.Add(rdfvalue.RDFURN(self.out.Add("testfile1"))) fd.Add(rdf_client.StatEntry(aff4path=self.out.Add("testfile2"))) fd.Add(file_finder.FileFinderResult(stat_entry=rdf_client.StatEntry( aff4path=self.out.Add("testfile5")))) fd.Add(collectors.ArtifactFilesDownloaderResult( downloaded_file=rdf_client.StatEntry(aff4path=self.out.Add( "testfile6")))) fd.Close() self._VerifyDownload()
def testPasswdBufferParser(self): """Ensure we can extract users from a passwd file.""" parser = linux_file_parser.PasswdBufferParser() buf1 = rdfvalue.BufferReference(data="user1:x:1000:1000:User1" " Name,,,:/home/user1:/bin/bash\n") buf2 = rdfvalue.BufferReference(data="user2:x:1000:1000:User2" " Name,,,:/home/user2:/bin/bash\n") ff_result = file_finder.FileFinderResult(matches=[buf1, buf2]) out = list(parser.Parse(ff_result, None)) self.assertEqual(len(out), 2) self.assertTrue(isinstance(out[1], rdfvalue.KnowledgeBaseUser)) self.assertTrue(isinstance(out[1], rdfvalue.KnowledgeBaseUser)) self.assertEqual(out[0].username, "user1") self.assertEqual(out[0].full_name, "User1 Name,,,")
def testGenerateZipButtonGetsDisabledAfterClick(self): stat_entry = rdf_client.StatEntry(aff4path="aff4:/foo/bar") values = [file_finder.FileFinderResult(stat_entry=stat_entry)] with self.ACLChecksDisabled(): hunt_urn = self.CreateGenericHuntWithCollection(values=values) self.GrantHuntApproval(hunt_urn) self.Open("/") self.Click("css=a[grrtarget=hunts]") self.Click("css=td:contains('GenericHunt')") self.Click("css=li[heading=Results]") self.Click("css=button.DownloadButton") self.WaitUntil(self.IsElementPresent, "css=button.DownloadButton[disabled]") self.WaitUntil(self.IsTextPresent, "Generation has started")
def testShowsPerFileDownloadButtonForFileFinderHunt(self): with self.ACLChecksDisabled(): client_id = self.SetupClients(1)[0] stat_entry = rdf_client.StatEntry(aff4path=client_id.Add("fs/os/foo/bar")) values = [file_finder.FileFinderResult(stat_entry=stat_entry)] with self.ACLChecksDisabled(): self.CreateGenericHuntWithCollection(values=values) self.Open("/") self.Click("css=a[grrtarget=hunts]") self.Click("css=td:contains('GenericHunt')") self.Click("css=li[heading=Results]") self.WaitUntil(self.IsElementPresent, "css=grr-results-collection grr-downloadable-urn button")
def _testCollection(self, collection_type): # Create a collection with URNs to some files. fd = aff4.FACTORY.Create("aff4:/testcoll", collection_type, token=self.token) fd.Add(rdfvalue.RDFURN(self.out.Add("testfile1"))) fd.Add(rdf_client.StatEntry(aff4path=self.out.Add("testfile2"))) fd.Add( file_finder.FileFinderResult(stat_entry=rdf_client.StatEntry( aff4path=self.out.Add("testfile5")))) fd.Add( collectors.ArtifactFilesDownloaderResult( downloaded_file=rdf_client.StatEntry( aff4path=self.out.Add("testfile6")))) fd.Close() self._VerifyDownload()