def _RenderApprovals(self, approvals, subjects_by_urn): rendered_approvals = [] for approval in approvals: try: subject = subjects_by_urn[approval.Get( approval.Schema.SUBJECT)] except KeyError: continue rendered_approval = api_aff4_object_renderers.RenderAFF4Object( approval) rendered_approval[ "subject"] = api_aff4_object_renderers.RenderAFF4Object( subject) try: approval.CheckAccess(approval.token) rendered_approval["is_valid"] = True except access_control.UnauthorizedAccess as e: rendered_approval["is_valid"] = False rendered_approval["is_valid_message"] = utils.SmartStr(e) rendered_approvals.append(rendered_approval) return dict(items=rendered_approvals)
def Render(self, args, token=None): end = args.count or sys.maxint rendered_clients = [] # An empty query matches all clients, use the universal keyword ".". query = args.query or "." keywords = shlex.split(query) if not keywords: raise ValueError("Couldn't parse query string.") index = aff4.FACTORY.Create(client_index.MAIN_INDEX, aff4_type="ClientIndex", mode="rw", token=token) result_urns = sorted(index.LookupClients(keywords), key=str)[args.offset:args.offset + end] result_set = aff4.FACTORY.MultiOpen(result_urns, token=token) for child in result_set: rendered_client = api_aff4_object_renderers.RenderAFF4Object( child, [ rdfvalue.ApiAFF4ObjectRendererArgs( type_info="WITH_TYPES_AND_METADATA") ]) rendered_clients.append(rendered_client) return dict(query=args.query, offset=args.offset, count=len(rendered_clients), items=rendered_clients)
def Render(self, args, token=None): hunt = aff4.FACTORY.Open(HUNTS_ROOT_PATH.Add(args.hunt_id), aff4_type="GRRHunt", token=token) return api_aff4_object_renderers.RenderAFF4Object( hunt, [ApiGRRHuntRendererArgs(with_full_summary=True)])
def Render(self, args, token=None): fd = aff4.FACTORY.Open("aff4:/hunts", mode="r", token=token) children = list(fd.ListChildren()) children.sort(key=operator.attrgetter("age"), reverse=True) if args.count: children = children[args.offset:args.offset + args.count] else: children = children[args.offset:] hunt_list = [] for hunt in fd.OpenChildren(children=children): if not isinstance(hunt, hunts.GRRHunt) or not hunt.state: continue hunt_list.append(hunt) hunt_list.sort(key=lambda hunt: hunt.GetRunner().context.create_time, reverse=True) encoded_hunt_list = [] for hunt in hunt_list: encoded_hunt = api_aff4_object_renderers.RenderAFF4Object( hunt, [rdfvalue.ApiAFF4ObjectRendererArgs(limit_lists=0)]) encoded_hunt_list.append(encoded_hunt) return encoded_hunt_list
def Render(self, args, token=None): end = args.count or sys.maxint rendered_clients = [] keywords = shlex.split(args.query) index = aff4.FACTORY.Create(client_index.MAIN_INDEX, aff4_type="ClientIndex", mode="rw", token=token) result_urns = sorted(index.LookupClients(keywords), key=str)[args.offset:args.offset + end] result_set = aff4.FACTORY.MultiOpen(result_urns, token=token) for child in result_set: rendered_client = api_aff4_object_renderers.RenderAFF4Object( child, [ rdfvalue.ApiAFF4ObjectRendererArgs( type_info="WITH_TYPES_AND_METADATA") ]) rendered_clients.append(rendered_client) return dict(query=args.query, offset=args.offset, count=len(rendered_clients), items=rendered_clients)
def Render(self, args, token=None): results = aff4.FACTORY.Open( HUNTS_ROOT_PATH.Add(args.hunt_id).Add("Results"), mode="r", token=token) return api_aff4_object_renderers.RenderAFF4Object( results, [api_aff4_object_renderers.ApiRDFValueCollectionRendererArgs( offset=args.offset, count=args.count, filter=args.filter, with_total_count=True)])
def Render(self, args, token=None): errors_collection = aff4.FACTORY.Create( HUNTS_ROOT_PATH.Add(args.hunt_id).Add("errors"), aff4_type="RDFValueCollection", mode="r", token=token) return api_aff4_object_renderers.RenderAFF4Object( errors_collection, [rdfvalue.ApiRDFValueCollectionRendererArgs( offset=args.offset, count=args.count, with_total_count=True, items_type_info="WITH_TYPES_AND_METADATA")])
def Render(self, args, token=None): client = aff4.FACTORY.Open(args.client_id, aff4_type="VFSGRRClient", token=token) return api_aff4_object_renderers.RenderAFF4Object( client, [ rdfvalue.ApiAFF4ObjectRendererArgs( type_info="WITH_TYPES_AND_METADATA") ])
def Render(self, args, token=None): # TODO(user): handle cases when hunt doesn't exists. # TODO(user): Use hunt's logs_collection_urn to open errors collection. errors_collection = aff4.FACTORY.Create( HUNTS_ROOT_PATH.Add(args.hunt_id).Add("ErrorClients"), aff4_type="RDFValueCollection", mode="r", token=token) return api_aff4_object_renderers.RenderAFF4Object( errors_collection, [api_aff4_object_renderers.ApiRDFValueCollectionRendererArgs( offset=args.offset, count=args.count, with_total_count=True)])
def _RenderHuntList(self, hunt_list): hunts_list = sorted(hunt_list, reverse=True, key=lambda hunt: hunt.GetRunner().context.create_time) encoded_hunt_list = [] for hunt in hunts_list: encoded_hunt = api_aff4_object_renderers.RenderAFF4Object( hunt, [api_aff4_object_renderers.ApiAFF4ObjectRendererArgs(limit_lists=0)]) encoded_hunt_list.append(encoded_hunt) return encoded_hunt_list
def Render(self, args, token=None): flow_urn = args.client_id.Add("flows").Add(args.flow_id.Basename()) flow_obj = aff4.FACTORY.Open(flow_urn, aff4_type="GRRFlow", mode="r", token=token) output_urn = flow_obj.GetRunner().output_urn output_collection = aff4.FACTORY.Create( output_urn, aff4_type="RDFValueCollection", mode="r", token=token) return api_aff4_object_renderers.RenderAFF4Object( output_collection, [api_aff4_object_renderers.ApiRDFValueCollectionRendererArgs( offset=args.offset, count=args.count, filter=args.filter, with_total_count=True)])
def Render(self, args, token=None): # TODO(user): handle cases when hunt doesn't exists. # TODO(user): Use hunt's logs_collection_urn to open logs collection. try: logs_collection = aff4.FACTORY.Open( HUNTS_ROOT_PATH.Add(args.hunt_id).Add("Logs"), aff4_type=flow_runner.FlowLogCollection.__name__, mode="r", token=token) except IOError: logs_collection = aff4.FACTORY.Create( HUNTS_ROOT_PATH.Add(args.hunt_id).Add("Logs"), aff4_type="RDFValueCollection", mode="r", token=token) return api_aff4_object_renderers.RenderAFF4Object( logs_collection, [api_aff4_object_renderers.ApiRDFValueCollectionRendererArgs( offset=args.offset, count=args.count, with_total_count=True)])
def Render(self, args, token=None): # TODO(user): handle cases when hunt doesn't exists. # TODO(user): Use hunt's logs_collection_urn to open logs collection. logs_collection = aff4.FACTORY.Create(HUNTS_ROOT_PATH.Add( args.hunt_id).Add("Logs"), aff4_type="RDFValueCollection", mode="r", token=token) return api_aff4_object_renderers.RenderAFF4Object( logs_collection, [ rdfvalue.ApiRDFValueCollectionRendererArgs( offset=args.offset, count=args.count, with_total_count=True, items_type_info="WITH_TYPES_AND_METADATA") ])
def Render(self, args, token=None): aff4_object = aff4.FACTORY.Open(args.aff4_path, token=token) rendered_data = api_aff4_object_renderers.RenderAFF4Object( aff4_object, [x.args for x in args.additional_args]) return rendered_data
def Render(self, args, token=None): approvals_base_urn = aff4.ROOT_URN.Add("users").Add( token.username).Add("approvals").Add( args.approval_type.name.lower()) all_children = aff4.FACTORY.RecursiveMultiListChildren( [approvals_base_urn], token=token) approvals_urns = [] for subject, children in all_children: # We only want to process leaf nodes. if children: continue approvals_urns.append(subject) approvals_urns.sort(key=lambda x: x.age, reverse=True) if args.count: right_edge = args.offset + args.count else: right_edge = len(approvals_urns) approvals_urns = approvals_urns[args.offset:right_edge] approvals = list( aff4.FACTORY.MultiOpen(approvals_urns, mode="r", aff4_type=aff4_security.Approval.__name__, age=aff4.ALL_TIMES, token=token)) subjects_urns = [a.Get(a.Schema.SUBJECT) for a in approvals] subjects_by_urn = {} for subject in aff4.FACTORY.MultiOpen(subjects_urns, mode="r", token=token): subjects_by_urn[subject.urn] = subject rendered_approvals_by_urn = {} for approval in approvals: try: subject = subjects_by_urn[approval.Get( approval.Schema.SUBJECT)] except KeyError: continue rendered_approval = api_aff4_object_renderers.RenderAFF4Object( approval) rendered_approval[ "subject"] = api_aff4_object_renderers.RenderAFF4Object( subject) try: approval.CheckAccess(approval.token) rendered_approval["is_valid"] = True except access_control.UnauthorizedAccess as e: rendered_approval["is_valid"] = False rendered_approval["is_valid_message"] = utils.SmartStr(e) rendered_approvals_by_urn[approval.symlink_urn or approval.urn] = rendered_approval items = [] for urn in approvals_urns: try: items.append(rendered_approvals_by_urn[urn]) except KeyError: pass return dict(items=items, offset=args.offset, count=len(items))
def Render(self, args, token=None): client = aff4.FACTORY.Open(args.client_id, aff4_type="VFSGRRClient", token=token) return api_aff4_object_renderers.RenderAFF4Object(client)