def filter_line(self, blob): if 'chrome' != blob.get( 'osxcollector_section') or 'preferences' != blob.get( 'osxcollector_subsection'): return blob extensions_blob = DictUtils.get_deep(blob, 'contents.extensions.settings', {}) for key in extensions_blob.keys(): setting = extensions_blob[key] extension = { 'osxcollector_section': 'chrome', 'osxcollector_subsection': 'extensions', 'osxcollector_incident_id': blob['osxcollector_incident_id'], 'state': setting.get('state'), 'was_installed_by_default': setting.get('was_installed_by_default'), 'name': DictUtils.get_deep(setting, 'manifest.name'), 'description': DictUtils.get_deep(setting, 'manifest.description'), 'path': setting.get('path') } if blob.get('osxcollector_username'): extension['osxcollector_username'] = blob[ 'osxcollector_username'] self._new_lines.append(extension) return None
def config_get_deep(key, default=None): """Reads from the config. Args: key: Dictionary key to lookup in config default: Value to return if key is not found Returns: Value from config or default if not found otherwise """ return DictUtils.get_deep(_read_config(), key, default)
def filter_line(self, blob): self._all_blobs.append(blob) if self._when and self._when(blob): for key in self.FILE_NAME_KEYS: val = DictUtils.get_deep(blob, key) if val: self._create_terms(val) if 'osxcollector_username' in blob: self._usernames.add(blob['osxcollector_username'].lower()) return None
def filter_line(self, blob): if 'chrome' != blob.get('osxcollector_section') or 'preferences' != blob.get('osxcollector_subsection'): return blob extensions_blob = DictUtils.get_deep(blob, 'contents.extensions.settings', {}) for key in extensions_blob.keys(): setting = extensions_blob[key] extension = { 'osxcollector_section': 'chrome', 'osxcollector_subsection': 'extensions', 'osxcollector_incident_id': blob['osxcollector_incident_id'], 'state': setting.get('state'), 'was_installed_by_default': setting.get('was_installed_by_default'), 'name': DictUtils.get_deep(setting, 'manifest.name'), 'description': DictUtils.get_deep(setting, 'manifest.description'), 'path': setting.get('path') } if blob.get('osxcollector_username'): extension['osxcollector_username'] = blob['osxcollector_username'] self._new_lines.append(extension) return None
def filter_line(self, blob): if 'firefox' != blob.get('osxcollector_section') or 'json_files' != blob.get('osxcollector_subsection'): return blob if blob.get('osxcollector_json_file') not in ['addons.json', 'extensions.json']: return blob extensions_blobs = DictUtils.get_deep(blob, 'contents.addons', []) for addon in extensions_blobs: extension = { 'osxcollector_section': 'firefox', 'osxcollector_subsection': 'extensions', 'osxcollector_incident_id': blob['osxcollector_incident_id'], 'name': DictUtils.get_deep(addon, 'defaultLocale.name', addon.get('name')), 'description': DictUtils.get_deep(addon, 'defaultLocale.description', addon.get('description')), 'path': addon.get('id') } if blob.get('osxcollector_username'): extension['osxcollector_username'] = blob['osxcollector_username'] self._new_lines.append(extension) return None
def filter_line(self, blob): if 'firefox' != blob.get( 'osxcollector_section') or 'json_files' != blob.get( 'osxcollector_subsection'): return blob if blob.get('osxcollector_json_file') not in [ 'addons.json', 'extensions.json' ]: return blob extensions_blobs = DictUtils.get_deep(blob, 'contents.addons', []) for addon in extensions_blobs: extension = { 'osxcollector_section': 'firefox', 'osxcollector_subsection': 'extensions', 'osxcollector_incident_id': blob['osxcollector_incident_id'], 'name': DictUtils.get_deep(addon, 'defaultLocale.name', addon.get('name')), 'description': DictUtils.get_deep(addon, 'defaultLocale.description', addon.get('description')), 'path': addon.get('id') } if blob.get('osxcollector_username'): extension['osxcollector_username'] = blob[ 'osxcollector_username'] self._new_lines.append(extension) return None
def match_line(self, blob): """Determines whether a line matches the blacklist. Returns: String of matched term is the value matches, None otherwise """ for key in self._blacklisted_keys: values = DictUtils.get_deep(blob, key) if not values: continue matching_term = self.match_values(values) if matching_term: return matching_term return None