def testDownloadCollectionWithFoldersEntries(self):
"""Check we can download RDFValueCollection that also references folders."""
fd = aff4.FACTORY.Create("aff4:/testcoll",
"RDFValueCollection",
token=self.token)
fd.Add(
file_finder.FileFinderResult(stat_entry=rdfvalue.StatEntry(
aff4path=self.out.Add("testfile5"))))
fd.Add(
file_finder.FileFinderResult(stat_entry=rdfvalue.StatEntry(
aff4path=self.out.Add("testdir1"), st_mode=stat.S_IFDIR)))
fd.Close()
with utils.TempDirectory() as tmpdir:
export_utils.DownloadCollection("aff4:/testcoll",
tmpdir,
overwrite=True,
dump_client_info=True,
token=self.token,
max_threads=2)
expected_outdir = os.path.join(tmpdir, self.out.Path()[1:])
# Check we found both files.
self.assertTrue("testfile5" in os.listdir(expected_outdir))
self.assertTrue("testdir1" in os.listdir(expected_outdir))
def testDownloadCollectionWithFlattenOption(self):
"""Check we can download files references in RDFValueCollection."""
# Create a collection with URNs to some files.
fd = aff4.FACTORY.Create("aff4:/testcoll",
collects.RDFValueCollection,
token=self.token)
fd.Add(rdfvalue.RDFURN(self.out.Add("testfile1")))
fd.Add(rdf_client.StatEntry(aff4path=self.out.Add("testfile2")))
fd.Add(file_finder.FileFinderResult(stat_entry=rdf_client.StatEntry(
aff4path=self.out.Add("testfile5"))))
fd.Close()
with utils.TempDirectory() as tmpdir:
export_utils.DownloadCollection("aff4:/testcoll",
tmpdir,
overwrite=True,
dump_client_info=True,
flatten=True,
token=self.token,
max_threads=2)
# Check that "files" folder is filled with symlinks to downloaded files.
symlinks = os.listdir(os.path.join(tmpdir, "files"))
self.assertEqual(len(symlinks), 3)
self.assertListEqual(
sorted(symlinks), ["C.1000000000000000_fs_os_testfile1",
"C.1000000000000000_fs_os_testfile2",
"C.1000000000000000_fs_os_testfile5"])
self.assertEqual(
os.readlink(os.path.join(tmpdir, "files",
"C.1000000000000000_fs_os_testfile1")),
os.path.join(tmpdir, "C.1000000000000000", "fs", "os", "testfile1"))
def testDownloadCollection(self):
"""Check we can download files references in RDFValueCollection."""
# Create a collection with URNs to some files.
fd = aff4.FACTORY.Create("aff4:/testcoll",
"RDFValueCollection",
token=self.token)
fd.Add(rdfvalue.RDFURN(self.out.Add("testfile1")))
fd.Add(rdfvalue.StatEntry(aff4path=self.out.Add("testfile2")))
fd.Add(
file_finder.FileFinderResult(stat_entry=rdfvalue.StatEntry(
aff4path=self.out.Add("testfile5"))))
fd.Close()
with utils.TempDirectory() as tmpdir:
export_utils.DownloadCollection("aff4:/testcoll",
tmpdir,
overwrite=True,
dump_client_info=True,
token=self.token,
max_threads=2)
expected_outdir = os.path.join(tmpdir, self.out.Path()[1:])
# Check we found both files.
self.assertTrue("testfile1" in os.listdir(expected_outdir))
self.assertTrue("testfile2" in os.listdir(expected_outdir))
self.assertTrue("testfile5" in os.listdir(expected_outdir))
# Check we dumped a YAML file to the root of the client.
expected_rootdir = os.path.join(tmpdir, self.client_id.Basename())
self.assertTrue("client_info.yaml" in os.listdir(expected_rootdir))
def testStartsZipGenerationWhenGenerateZipButtonIsClicked(self):
stat_entry = rdf_client.StatEntry(aff4path="aff4:/foo/bar")
values = [file_finder.FileFinderResult(stat_entry=stat_entry)]
with self.ACLChecksDisabled():
hunt_urn = self.CreateGenericHuntWithCollection(values=values)
self.GrantHuntApproval(hunt_urn)
self.Open("/")
self.Click("css=a[grrtarget=ManageHunts]")
self.Click("css=td:contains('GenericHunt')")
self.Click("css=li[heading=Results]")
self.Click("css=button.DownloadButton")
self.WaitUntil(self.IsTextPresent, "Generation has started")
with self.ACLChecksDisabled():
flows_dir = aff4.FACTORY.Open("aff4:/flows")
flows = list(flows_dir.OpenChildren())
export_flows = [
f for f in flows
if f.__class__.__name__ == "ExportCollectionFilesAsArchive"
]
self.assertEqual(len(export_flows), 1)
self.assertEqual(export_flows[0].args.collection_urn,
hunt_urn.Add("Results"))
def testHuntAuthorizationIsRequiredToGenerateResultsArchive(self):
stat_entry = rdf_client.StatEntry(aff4path="aff4:/foo/bar")
values = [file_finder.FileFinderResult(stat_entry=stat_entry)]
with self.ACLChecksDisabled():
self.CreateGenericHuntWithCollection(values=values)
self.Open("/")
self.Click("css=a[grrtarget=hunts]")
self.Click("css=td:contains('GenericHunt')")
self.Click("css=li[heading=Results]")
self.Click("css=button.DownloadButton")
self.WaitUntil(self.IsTextPresent, "Create a new approval request")
def testShowsGenerateArchiveButtonForFileFinderHunt(self):
stat_entry = rdf_client.StatEntry(aff4path="aff4:/foo/bar")
values = [file_finder.FileFinderResult(stat_entry=stat_entry)]
with self.ACLChecksDisabled():
self.CreateGenericHuntWithCollection(values=values)
self.Open("/")
self.Click("css=a[grrtarget=ManageHunts]")
self.Click("css=td:contains('GenericHunt')")
self.Click("css=li[heading=Results]")
self.WaitUntil(self.IsTextPresent,
"Files referenced in this collection can be downloaded")
def testNetgroupBufferParser(self):
"""Ensure we can extract users from a netgroup file."""
parser = linux_file_parser.NetgroupBufferParser()
buf1 = rdf_client.BufferReference(data="group1 (-,user1,) (-,user2,) "
"(-,user3,)\n")
buf2 = rdf_client.BufferReference(data="super_group3 (-,user5,) (-,user6,)"
" group1 group2\n")
ff_result = file_finder.FileFinderResult(matches=[buf1, buf2])
config_lib.CONFIG.Set("Artifacts.netgroup_user_blacklist", ["user2",
"user3"])
out = list(parser.Parse(ff_result, None))
self.assertItemsEqual([x.username for x in out],
[u"user1", u"user5", u"user6"])
def testFileViewHasExportTabWhenCollectionHasFileFinderResults(self):
collection_urn = "aff4:/C.0000000000000001/analysis/SomeFlow/results"
with self.ACLChecksDisabled():
with aff4.FACTORY.Create(collection_urn,
"RDFValueCollection",
token=self.token) as fd:
fd.Add(
file_finder.FileFinderResult(
stat_entry=rdf_client.StatEntry(
aff4path="aff4:/some/unique/path")))
self.GrantClientApproval("C.0000000000000001")
self.CheckExportTabIsPresent()
def testDownloadCollection(self):
"""Check we can download files references in RDFValueCollection."""
# Create a collection with URNs to some files.
fd = aff4.FACTORY.Create("aff4:/testcoll",
collects.RDFValueCollection,
token=self.token)
fd.Add(rdfvalue.RDFURN(self.out.Add("testfile1")))
fd.Add(rdf_client.StatEntry(aff4path=self.out.Add("testfile2")))
fd.Add(file_finder.FileFinderResult(stat_entry=rdf_client.StatEntry(
aff4path=self.out.Add("testfile5"))))
fd.Add(collectors.ArtifactFilesDownloaderResult(
downloaded_file=rdf_client.StatEntry(aff4path=self.out.Add(
"testfile6"))))
fd.Close()
self._VerifyDownload()
def testPasswdBufferParser(self):
"""Ensure we can extract users from a passwd file."""
parser = linux_file_parser.PasswdBufferParser()
buf1 = rdfvalue.BufferReference(data="user1:x:1000:1000:User1"
" Name,,,:/home/user1:/bin/bash\n")
buf2 = rdfvalue.BufferReference(data="user2:x:1000:1000:User2"
" Name,,,:/home/user2:/bin/bash\n")
ff_result = file_finder.FileFinderResult(matches=[buf1, buf2])
out = list(parser.Parse(ff_result, None))
self.assertEqual(len(out), 2)
self.assertTrue(isinstance(out[1], rdfvalue.KnowledgeBaseUser))
self.assertTrue(isinstance(out[1], rdfvalue.KnowledgeBaseUser))
self.assertEqual(out[0].username, "user1")
self.assertEqual(out[0].full_name, "User1 Name,,,")
def testGenerateZipButtonGetsDisabledAfterClick(self):
stat_entry = rdf_client.StatEntry(aff4path="aff4:/foo/bar")
values = [file_finder.FileFinderResult(stat_entry=stat_entry)]
with self.ACLChecksDisabled():
hunt_urn = self.CreateGenericHuntWithCollection(values=values)
self.GrantHuntApproval(hunt_urn)
self.Open("/")
self.Click("css=a[grrtarget=hunts]")
self.Click("css=td:contains('GenericHunt')")
self.Click("css=li[heading=Results]")
self.Click("css=button.DownloadButton")
self.WaitUntil(self.IsElementPresent, "css=button.DownloadButton[disabled]")
self.WaitUntil(self.IsTextPresent, "Generation has started")
def testShowsPerFileDownloadButtonForFileFinderHunt(self):
with self.ACLChecksDisabled():
client_id = self.SetupClients(1)[0]
stat_entry = rdf_client.StatEntry(aff4path=client_id.Add("fs/os/foo/bar"))
values = [file_finder.FileFinderResult(stat_entry=stat_entry)]
with self.ACLChecksDisabled():
self.CreateGenericHuntWithCollection(values=values)
self.Open("/")
self.Click("css=a[grrtarget=hunts]")
self.Click("css=td:contains('GenericHunt')")
self.Click("css=li[heading=Results]")
self.WaitUntil(self.IsElementPresent,
"css=grr-results-collection grr-downloadable-urn button")
def _testCollection(self, collection_type):
# Create a collection with URNs to some files.
fd = aff4.FACTORY.Create("aff4:/testcoll",
collection_type,
token=self.token)
fd.Add(rdfvalue.RDFURN(self.out.Add("testfile1")))
fd.Add(rdf_client.StatEntry(aff4path=self.out.Add("testfile2")))
fd.Add(
file_finder.FileFinderResult(stat_entry=rdf_client.StatEntry(
aff4path=self.out.Add("testfile5"))))
fd.Add(
collectors.ArtifactFilesDownloaderResult(
downloaded_file=rdf_client.StatEntry(
aff4path=self.out.Add("testfile6"))))
fd.Close()
self._VerifyDownload()
