def setUp(self): super(TestSearchFileContentWithFixture, self).setUp() self.client_mock = action_mocks.GrepClientMock() self.vfs_overrider = test_lib.VFSOverrider( rdf_paths.PathSpec.PathType.OS, test_lib.ClientVFSHandlerFixture) self.vfs_overrider.Start()
def testSearchFileContents(self): pattern = "searching/*.log" client_mock = action_mocks.GrepClientMock() path = os.path.join(self.base_path, pattern) args = grep.SearchFileContentArgs( paths=[path], pathtype=rdf_paths.PathSpec.PathType.OS) args.grep.literal = rdf_standard.LiteralExpression( "session opened for user dearjohn") args.grep.mode = rdf_client.GrepSpec.Mode.ALL_HITS # Run the flow. for s in test_lib.TestFlowHelper("SearchFileContent", client_mock, client_id=self.client_id, args=args, token=self.token): session_id = s fd = aff4.FACTORY.Open(session_id.Add(flow_runner.RESULTS_SUFFIX), token=self.token) # Make sure that there is a hit. self.assertEqual(len(fd), 1) first = fd[0] self.assertEqual(first.offset, 350) self.assertEqual( first.data, "session): session opened for user dearjohn by (uid=0")
def testSearchFileContentDownload(self): pattern = "searching/*.log" client_mock = action_mocks.GrepClientMock() path = os.path.join(self.base_path, pattern) # Do not provide a Grep expression - should match all files. args = grep.SearchFileContentArgs(paths=[path], also_download=True) # Run the flow. for s in test_lib.TestFlowHelper("SearchFileContent", client_mock, client_id=self.client_id, args=args, token=self.token): session_id = s fd = aff4.FACTORY.Open(session_id.Add(flow_runner.RESULTS_SUFFIX), token=self.token) self.assertEqual(len(fd), 3) for log in aff4.FACTORY.Open(rdfvalue.RDFURN( self.client_id).Add("/fs/os/").Add( self.base_path).Add("searching"), token=self.token).OpenChildren(): self.assertTrue(isinstance(log, aff4_grr.VFSBlobImage)) # Make sure there is some data. self.assertGreater(len(log), 0)
def testSearchFileContentsNoGrep(self): """Search files without a grep specification.""" pattern = "searching/*.log" client_mock = action_mocks.GrepClientMock() path = os.path.join(self.base_path, pattern) # Do not provide a Grep expression - should match all files. args = grep.SearchFileContentArgs(paths=[path]) # Run the flow. for s in test_lib.TestFlowHelper("SearchFileContent", client_mock, client_id=self.client_id, args=args, token=self.token): session_id = s fd = flow.GRRFlow.ResultCollectionForFID(session_id, token=self.token) self.assertEqual(len(fd), 3)