def main():
parser = argparse.ArgumentParser(description='King Phisher Interactive Database Console', conflict_handler='resolve')
utilities.argp_add_args(parser)
config_group = parser.add_mutually_exclusive_group(required=True)
config_group.add_argument('-c', '--config', dest='server_config', type=argparse.FileType('r'), help='the server configuration file')
config_group.add_argument('-u', '--url', dest='database_url', help='the database connection url')
arguments = parser.parse_args()
if arguments.database_url:
database_connection_url = arguments.database_url
elif arguments.server_config:
server_config = yaml.load(arguments.server_config)
database_connection_url = server_config['server']['database']
else:
raise RuntimeError('no database connection was specified')
engine = manager.init_database(database_connection_url)
session = manager.Session()
rpc_session = aaa.AuthenticatedSession(user=getpass.getuser())
console = code.InteractiveConsole(dict(
engine=engine,
graphql=graphql,
graphql_query=graphql_query,
manager=manager,
models=models,
pprint=pprint.pprint,
rpc_session=rpc_session,
session=session
))
console.interact('starting interactive database console')
if os.path.isdir(os.path.dirname(history_file)):
readline.write_history_file(history_file)
def test_query_auth_middleware_session(self):
self._init_db()
session = db_manager.Session()
rpc_session = aaa.AuthenticatedSession('alice')
result = graphql.schema.execute(
"{ db { users { edges { node { id, otpSecret } } } } }",
context_value={'rpc_session': rpc_session, 'session': session}
)
users = result.data['db']['users']['edges']
self.assertEquals(len(users), 2)
self.assertEquals(users[0]['node']['id'], 'alice')
self.assertEquals(users[0]['node']['otpSecret'], 'secret')
self.assertIsNone(users[1]['node']['otpSecret'])
def test_query_auth_middleware_session(self):
session = db_manager.Session()
db_user = self.users['alice']
rpc_session = aaa.AuthenticatedSession(db_user)
result = graphql_schema.execute(
"{ db { users { edges { node { id name otpSecret } } } } }",
context_value={'rpc_session': rpc_session, 'session': session}
)
users = result.data['db']['users']['edges']
self.assertEquals(len(users), 2)
self.assertEquals(users[0]['node']['id'], str(db_user.id))
self.assertEquals(users[0]['node']['name'], db_user.name)
self.assertEquals(users[0]['node']['otpSecret'], 'secret')
self.assertIsNone(users[1]['node']['otpSecret'])
def main():
parser = argparse.ArgumentParser(
description='King Phisher Interactive Database Console',
conflict_handler='resolve')
utilities.argp_add_args(parser)
config_group = parser.add_mutually_exclusive_group(required=True)
config_group.add_argument('-c',
'--config',
dest='server_config',
help='the server configuration file')
config_group.add_argument('-u',
'--url',
dest='database_url',
help='the database connection url')
arguments = parser.parse_args()
if arguments.database_url:
database_connection_url = arguments.database_url
elif arguments.server_config:
server_config = configuration.ex_load_config(arguments.server_config)
database_connection_url = server_config.get('server.database')
else:
raise RuntimeError('no database connection was specified')
engine = manager.init_database(database_connection_url)
session = manager.Session()
username = getpass.getuser()
user = session.query(models.User).filter_by(name=username).first()
if user is None:
print("[-] no user {0} found in the database".format(username))
return
rpc_session = aaa.AuthenticatedSession(user=user)
console = code.InteractiveConsole(
dict(engine=engine,
graphql_query=graphql_query,
manager=manager,
models=models,
pprint=pprint.pprint,
rpc_session=rpc_session,
session=session))
console.interact('starting interactive database console')
if os.path.isdir(os.path.dirname(history_file)):
readline.write_history_file(history_file)
