def post(self):
args = self.parser.parse_args(
) # need to exists for input payload validation
name = args['name']
sql = args['query']
interval = args['interval']
tags = args['tags'].split(',')
query = dao.get_query_by_name(name)
if query:
message = 'Query with this name already exists'
elif not validate_osquery_query(sql):
message = ('Invalid osquery query: "{0}"'.format(args['query']))
else:
query = dao.create_query_obj(name,
sql,
interval,
args['platform'],
args['version'],
args['description'],
args['value'],
100,
snapshot=args['snapshot'])
if tags:
query.tags = create_tags(*tags)
query.save()
return marshal({'query_id': query.id}, wrapper.add_query_wrapper)
return marshal(respcls(message), parentwrapper.failure_response_parent)
def test_get_configs_with_only_valid_host_identifier(
self, client, url_prefix, token, node, options, default_filter,
default_query, packs, queries):
"""
Test-case with only valid payload value of host_identifier
and without existing node and config data,
expected output:- status is success, and
a response dict data with key values are options, queries, packs, filters and file_paths
"""
payload = {'host_identifier': 'foobar'}
p = packs_dao.get_pack_by_name('pytest_pack')
q = queries_dao.get_query_by_name('test_query')
q.packs.append(p)
resp = client.post(url_prefix + '/configs/view',
headers={'x-access-token': token},
json=payload)
assert resp.status_code == 200
response_dict = json.loads(resp.data)
assert response_dict['status'] == 'success'
nod = hosts_dao.get_node_by_host_identifier('foobar')
data = nod.get_config()
assert response_dict['data']['options'] == data['options']
assert response_dict['data']['queries'] == data['queries']
assert response_dict['data']['packs'] == data['packs']
assert response_dict['data']['filters'] == data['filters']
assert response_dict['data']['file_paths'] == {}
def add_pack_through_json_data(args):
from polylogyx.dao import packs_dao, queries_dao
from polylogyx.wrappers import parent_wrappers
from polylogyx.utils import create_tags, validate_osquery_query
from flask_restplus import marshal
if 'tags' in args: tags = args['tags'].split(',')
else: tags = []
name = args['name']
queries = args['queries']
pack = packs_dao.get_pack_by_name(name)
if not pack:
pack = packs_dao.add_pack(**args)
for query_name, query in queries.items():
if not validate_osquery_query(query['query']):
message = ('Invalid osquery query: "{0}"'.format(query['query']))
return marshal({'message': message},
parent_wrappers.failure_response_parent)
q = queries_dao.get_query_by_name(query_name)
if not q:
q = queries_dao.add_query(query_name, **query)
pack.queries.append(q)
current_app.logger.debug("Adding new query %s to pack %s", q.name,
pack.name)
continue
else:
if q.sql == query['query']:
current_app.logger.debug("Adding existing query %s to pack %s",
q.name, pack.name)
pack.queries.append(q)
else:
q2 = queries_dao.add_query(query_name, **query)
current_app.logger.debug(
"Created another query named %s, but different sql: %r vs %r",
query_name, q2.sql.encode('utf-8'), q.sql.encode('utf-8'))
pack.queries.append(q2)
if q in pack.queries:
continue
if pack:
if tags:
pack.tags = create_tags(*tags)
pack.save()
return pack