def test_import_store(self, out_dir, data): import_store = jsonlite.connect(out_dir + "/tmp/tmp.jsonlite", discriminator="type") with import_store.store_file("testfile.txt") as (path, io): io.write(123 * b'A') import_store.insert({"type": "foo", "export_path": path}) import_store.close() store = jsonlite.connect(out_dir + "/amcache/amcache.jsonlite", discriminator="type") with store.store_file("testfile.txt") as (path, io): io.write(123 * b'B') store.insert({"type": "foo", "export_path": path}) store.import_jsonlite(out_dir + "/tmp/tmp.jsonlite") items = store.all() assert len(list(items)) == 2 with open(out_dir + "/amcache/amcache.jsonlite/testfile.txt", 'rb') as io: assert io.read() == 123 * b'B' with open(out_dir + "/amcache/amcache.jsonlite/testfile_0.txt", 'rb') as io: assert io.read() == 123 * b'A' store.close() shutil.rmtree(out_dir) shutil.rmtree(data)
def test_update_type(self, out_dir, data): store = jsonlite.connect(data + "/forensicstore/example1.forensicstore") store.update("process--920d7c41-0fef-4cf8-bce2-ead120f6b506", {"type": "foo"}) assert len(list(store.all())) == 8 first = store.get("foo--920d7c41-0fef-4cf8-bce2-ead120f6b506") assert first == { "id": "foo--920d7c41-0fef-4cf8-bce2-ead120f6b506", "artifact": "IPTablesRules", "type": "foo", "name": "iptables", "created": "2016-01-20T14:11:25.550Z", "cwd": "/root/", "arguments": [ "-L", "-n", "-v" ], "command_line": "/sbin/iptables -L -n -v", "stdout_path": "IPTablesRules/stdout", "stderr_path": "IPTablesRules/stderr", "return_code": 0 } store.close() shutil.rmtree(out_dir) shutil.rmtree(data)
def test_all(self, out_dir, data): store = jsonlite.connect(data + "/forensicstore/example1.forensicstore") assert len(list(store.all())) == 7 store.close() shutil.rmtree(out_dir) shutil.rmtree(data)
def test_get_not_existing(self, out_dir, data): store = jsonlite.connect( data + "/non_existing.forensicstore") with pytest.raises(KeyError): store.get("0-process") store.close() shutil.rmtree(out_dir) shutil.rmtree(data)
def test_init_create(self, out_dir, data): store = jsonlite.connect( out_dir + "/init_create.jsonlite") store.close() assert store.remote_fs.__class__.__name__ == "OSFS" assert os.path.exists(out_dir + "/init_create.jsonlite/item.db") shutil.rmtree(out_dir) shutil.rmtree(data)
def test_insert_empty_list(self, out_dir, data): store = jsonlite.connect(data + "/forensicstore/example1.forensicstore") assert len(list(store.all())) == 8 store.insert({"type": "foo", "list": [], "id": "foo--2cd66ab1-9b85-4110-8d77-4b6906819693"}) assert len(list(store.all())) == 9 assert store.get("foo--2cd66ab1-9b85-4110-8d77-4b6906819693") == { "type": "foo", "id": "foo--2cd66ab1-9b85-4110-8d77-4b6906819693"} store.close() shutil.rmtree(out_dir) shutil.rmtree(data)
def test_init_create_memory(self, out_dir, data): mem_fs = memoryfs.MemoryFS() store = jsonlite.connect(mem_fs, discriminator="type") store.close() assert not store.remote_is_local assert store.remote_fs.__class__.__name__ == "MemoryFS" shutil.rmtree(out_dir) shutil.rmtree(data)
def test_insert_quotes(self, out_dir, data): store = jsonlite.connect( out_dir + "/quotes.jsonlite") item_id = store.insert({"type": "foo"}) store.update( item_id, {"foo": '@"%ProgramFiles%\\Windows Journal\\Journal.exe",-3072'}) assert store.get(item_id)[ "foo"] == '@"%ProgramFiles%\\Windows Journal\\Journal.exe",-3072' store.close() shutil.rmtree(out_dir) shutil.rmtree(data)
def test_init_create_ref(self, out_dir, data): cwd = os.getcwd() os.chdir(out_dir) store = jsonlite.connect("init_create.jsonlite", discriminator="type") store.close() os.chdir(cwd) assert store.remote_is_local assert store.remote_fs.__class__.__name__ == "OSFS" assert store.local_fs.__class__.__name__ == "OSFS" assert os.path.exists(out_dir + "/init_create.jsonlite/item.db") shutil.rmtree(out_dir) shutil.rmtree(data)
def test_save(self, out_dir, data): store = jsonlite.connect(data + "/forensicstore/example1.forensicstore") store.close() shutil.rmtree(out_dir) shutil.rmtree(data)