def testSuccess(self):
# Create two properly-formed events to be returned.
file_catalog_1 = bit9_test_utils.CreateFileCatalog(
id=100, certificate_id=101)
computer_1 = bit9_test_utils.CreateComputer(id=102)
cert_1 = bit9_test_utils.CreateCertificate(id=101)
event_1 = bit9_test_utils.CreateEvent(
id=103, file_catalog_id=100, computer_id=102)
event_1 = bit9_test_utils.Expand(
event_1, api.Event.file_catalog_id, file_catalog_1)
event_1 = bit9_test_utils.Expand(
event_1, api.Event.computer_id, computer_1)
file_catalog_2 = bit9_test_utils.CreateFileCatalog(
id=200, certificate_id=201)
computer_2 = bit9_test_utils.CreateComputer(id=202)
cert_2 = bit9_test_utils.CreateCertificate(id=201)
event_2 = bit9_test_utils.CreateEvent(
id=203, file_catalog_id=200, computer_id=202)
event_2 = bit9_test_utils.Expand(
event_2, api.Event.file_catalog_id, file_catalog_2)
event_2 = bit9_test_utils.Expand(
event_2, api.Event.computer_id, computer_2)
self._AppendMockApiResults([event_1, event_2], cert_2, cert_1)
results = sync.GetEvents(0)
self.assertEqual(2, len(results))
self.assertListEqual([103, 203], [e.id for e, _ in results])
self.assertListEqual(
[[101], [201]], [[c.id for c in sc] for _, sc in results])
def testOtherException(self, mock_get_signing_chain):
# Create a properly-formed event that will be returned.
file_catalog_1 = bit9_test_utils.CreateFileCatalog(
id=100, certificate_id=101)
computer_1 = bit9_test_utils.CreateComputer(id=102)
cert_1 = bit9_test_utils.CreateCertificate(id=101)
signing_chain_1 = [cert_1]
event_1 = bit9_test_utils.CreateEvent(
id=103, file_catalog_id=100, computer_id=102)
event_1 = bit9_test_utils.Expand(
event_1, api.Event.file_catalog_id, file_catalog_1)
event_1 = bit9_test_utils.Expand(
event_1, api.Event.computer_id, computer_1)
# Create a second event that will hit an exception.
file_catalog_2 = bit9_test_utils.CreateFileCatalog(
id=200, certificate_id=201)
computer_2 = bit9_test_utils.CreateComputer(id=202)
event_2 = bit9_test_utils.CreateEvent(
id=203, file_catalog_id=200, computer_id=202)
event_2 = bit9_test_utils.Expand(
event_2, api.Event.file_catalog_id, file_catalog_2)
event_2 = bit9_test_utils.Expand(
event_2, api.Event.computer_id, computer_2)
# Create another properly-formed event won't be returned.
file_catalog_3 = bit9_test_utils.CreateFileCatalog(
id=300, certificate_id=301)
computer_3 = bit9_test_utils.CreateComputer(id=302)
cert_3 = bit9_test_utils.CreateCertificate(id=301)
signing_chain_3 = [cert_3]
event_3 = bit9_test_utils.CreateEvent(
id=303, file_catalog_id=300, computer_id=302)
event_3 = bit9_test_utils.Expand(
event_3, api.Event.file_catalog_id, file_catalog_3)
event_3 = bit9_test_utils.Expand(
event_3, api.Event.computer_id, computer_3)
self._AppendMockApiResults([event_1, event_2, event_3], cert_3, cert_1)
mock_get_signing_chain.side_effect = [
signing_chain_3, Exception, signing_chain_1]
results = sync.GetEvents(0)
self.assertEqual(2, len(results))
self.assertTrue(sync.monitoring.events_skipped.Increment.called)
actual_event_1, actual_signing_chain_1 = results[0]
self.assertEqual(1, len(actual_signing_chain_1))
self.assertEqual(103, actual_event_1.id)
self.assertEqual(101, actual_signing_chain_1[0].id)
actual_event_3, actual_signing_chain_3 = results[1]
self.assertEqual(1, len(actual_signing_chain_3))
self.assertEqual(303, actual_event_3.id)
self.assertEqual(301, actual_signing_chain_3[0].id)
def testNewBit9Binary_ForcedInstaller(self):
self.PatchSetting('ENABLE_BINARY_ANALYSIS_PRECACHING', True)
event, signing_chain = _CreateEventTuple(
file_catalog=bit9_test_utils.CreateFileCatalog(
file_flags=bit9_constants.FileFlags.MARKED_INSTALLER))
file_catalog = event.get_expand(api.Event.file_catalog_id)
self.assertEntityCount(bit9_db.Bit9Binary, 0)
self.assertEntityCount(bit9_db.Bit9Rule, 0)
changed = sync._PersistBit9Binary(
event, file_catalog, signing_chain).get_result()
self.assertTrue(changed)
self.assertEntityCount(bit9_db.Bit9Binary, 1)
self.assertEntityCount(bit9_db.Bit9Rule, 1)
binary = bit9_db.Bit9Binary.query().get()
self.assertTrue(binary.is_installer)
self.assertFalse(binary.detected_installer)
rule = bit9_db.Bit9Rule.query().get()
self.assertTrue(constants.RULE_POLICY.FORCE_INSTALLER, rule.policy)
self.assertTaskCount(constants.TASK_QUEUE.METRICS, 1)
# Should be 1 for the new Binary
self.DrainTaskQueue(constants.TASK_QUEUE.BQ_PERSISTENCE)
self.assertEntityCount(bigquery_db.BinaryRow, 1)
def _CreateEventsAndCerts(
count=1, event_kwargs=None, file_catalog_kwargs=None, computer_kwargs=None):
event_kwargs = event_kwargs or {}
file_catalog_kwargs = file_catalog_kwargs or {}
computer_kwargs = computer_kwargs or {}
# Create a generator for each type of ID, with each range starting where the
# previous one left off.
id_gens = itertools.izip(
xrange(100 + (count * 0), 100 + (count * 1)),
xrange(100 + (count * 1), 100 + (count * 2)),
xrange(100 + (count * 2), 100 + (count * 3)),
xrange(100 + (count * 3), 100 + (count * 4)))
events = []
certs = []
for event_id, file_catalog_id, computer_id, certificate_id in id_gens:
# Construct the Certificate.
cert = bit9_test_utils.CreateCertificate(id=certificate_id)
# Construct the Computer.
computer_id = computer_kwargs.get('id', computer_id)
computer_defaults = {'id': computer_id}
computer_defaults.update(computer_kwargs.copy())
computer = bit9_test_utils.CreateComputer(**computer_defaults)
# Construct the FileCatalog.
file_catalog_id = file_catalog_kwargs.get('id', file_catalog_id)
file_catalog_defaults = {
'id': file_catalog_id,
'certificate_id': certificate_id}
file_catalog_defaults.update(file_catalog_kwargs.copy())
file_catalog = bit9_test_utils.CreateFileCatalog(**file_catalog_defaults)
# Construct the Event.
event_defaults = {
'id': event_id,
'file_catalog_id': file_catalog_id,
'computer_id': computer_id}
event_defaults.update(event_kwargs.copy())
event = bit9_test_utils.CreateEvent(**event_defaults)
event = bit9_test_utils.Expand(
event, api.Event.file_catalog_id, file_catalog)
event = bit9_test_utils.Expand(event, api.Event.computer_id, computer)
events.append(event)
# Stuff the certs in backwards due to the reverse sorting in GetEvents().
certs.insert(0, cert)
return events, certs
def testNoBans(self):
bit9_binary = test_utils.CreateBit9Binary()
file_catalog = bit9_test_utils.CreateFileCatalog(
id=bit9_binary.file_catalog_id,
sha256=bit9_binary.key.id(),
certificate_state=bit9_constants.APPROVAL_STATE.APPROVED,
file_state=bit9_constants.APPROVAL_STATE.APPROVED,
publisher_state=bit9_constants.APPROVAL_STATE.APPROVED)
self.assertEntityCount(base_models.Note, 0)
sync._PersistBanNote(file_catalog).wait()
self.assertEntityCount(base_models.Note, 0)
def testNewBan(self):
bit9_binary = test_utils.CreateBit9Binary()
# Create FileCatalog with at least one that's BANNED.
file_catalog = bit9_test_utils.CreateFileCatalog(
id=bit9_binary.file_catalog_id,
sha256=bit9_binary.key.id(),
certificate_state=bit9_constants.APPROVAL_STATE.BANNED,
file_state=bit9_constants.APPROVAL_STATE.APPROVED,
publisher_state=bit9_constants.APPROVAL_STATE.APPROVED)
self.assertEntityCount(base_db.Note, 0)
sync._PersistBanNote(file_catalog).wait()
self.assertEntityCount(base_db.Note, 1)
def testComputerMissing(self):
# Simulate an event with a missing computer.
file_catalog = bit9_test_utils.CreateFileCatalog(
id=100, certificate_id=101, sha256=None)
signing_chain = [bit9_test_utils.CreateCertificate(id=101)]
event = bit9_test_utils.CreateEvent(
id=102, file_catalog_id=100, computer_id=103)
event = bit9_test_utils.Expand(
event, api.Event.file_catalog_id, file_catalog)
self._AppendMockApiResults(event, signing_chain)
results = sync.GetEvents(0)
self.assertEqual(0, len(results))
self.assertTrue(sync.monitoring.events_skipped.Increment.called)
def testNoChanges(self):
bit9_binary = test_utils.CreateBit9Binary(detected_installer=False)
event, signing_chain = _CreateEventTuple(
file_catalog=bit9_test_utils.CreateFileCatalog(
id=bit9_binary.file_catalog_id,
sha256=bit9_binary.key.id(),
file_flags=0x0))
file_catalog = event.get_expand(api.Event.file_catalog_id)
changed = sync._PersistBit9Binary(
event, file_catalog, signing_chain).get_result()
self.assertFalse(changed)
# Empty because Binary is not new and State is not BANNED.
self.assertTaskCount(constants.TASK_QUEUE.BQ_PERSISTENCE, 0)
def testFileCatalogMalformed(self):
# Simulate an event with a malformed fileCatalog (in this case, no SHA256).
file_catalog = bit9_test_utils.CreateFileCatalog(
id=100, certificate_id=101, sha256=None)
computer = bit9_test_utils.CreateComputer(id=102)
signing_chain = [bit9_test_utils.CreateCertificate(id=101)]
event = bit9_test_utils.CreateEvent(
id=103, file_catalog_id=100, computer_id=102)
event = bit9_test_utils.Expand(
event, api.Event.file_catalog_id, file_catalog)
event = bit9_test_utils.Expand(event, api.Event.computer_id, computer)
self._AppendMockApiResults(event, signing_chain)
results = sync.GetEvents(0)
self.assertEqual(0, len(results))
self.assertTrue(sync.monitoring.events_skipped.Increment.called)
def _CreateEventTuple(computer=None,
file_catalog=None,
signing_chain=None,
**event_kwargs):
if computer is None:
computer = bit9_test_utils.CreateComputer()
if file_catalog is None:
file_catalog = bit9_test_utils.CreateFileCatalog()
if signing_chain is None:
signing_chain = [bit9_test_utils.CreateCertificate()]
event = bit9_test_utils.CreateEvent(
computer_id=computer.id, file_catalog_id=file_catalog.id, **event_kwargs)
event = bit9_test_utils.Expand(event, api.Event.file_catalog_id, file_catalog)
event = bit9_test_utils.Expand(event, api.Event.computer_id, computer)
return event, signing_chain
def testFileCatalogIdInitiallyMissing(self):
bit9_binary = test_utils.CreateBit9Binary(file_catalog_id=None)
sha256 = bit9_binary.key.id()
event, signing_chain = _CreateEventTuple(
file_catalog=bit9_test_utils.CreateFileCatalog(
id='12345',
sha256=sha256))
file_catalog = event.get_expand(api.Event.file_catalog_id)
changed = sync._PersistBit9Binary(
event, file_catalog, signing_chain).get_result()
self.assertTrue(changed)
bit9_binary = bit9_db.Bit9Binary.get_by_id(sha256)
self.assertEqual('12345', bit9_binary.file_catalog_id)
# Should be Empty: No new Binary or BANNED State.
self.assertTaskCount(constants.TASK_QUEUE.BQ_PERSISTENCE, 0)
def testStateChangedToBanned(self):
bit9_binary = test_utils.CreateBit9Binary(state=constants.STATE.UNTRUSTED)
sha256 = bit9_binary.key.id()
event, signing_chain = _CreateEventTuple(
subtype=bit9_constants.SUBTYPE.BANNED,
file_catalog=bit9_test_utils.CreateFileCatalog(
id='12345',
sha256=sha256))
file_catalog = event.get_expand(api.Event.file_catalog_id)
changed = sync._PersistBit9Binary(
event, file_catalog, signing_chain).get_result()
self.assertTrue(changed)
bit9_binary = bit9_db.Bit9Binary.get_by_id(sha256)
self.assertEqual(constants.STATE.BANNED, bit9_binary.state)
# Should be 1 for the BANNED State.
self.DrainTaskQueue(constants.TASK_QUEUE.BQ_PERSISTENCE)
self.assertEntityCount(bigquery_db.BinaryRow, 1)
def testForcedInstaller_PreexistingRule_ConflictingPolicy(self):
bit9_binary = test_utils.CreateBit9Binary(
detected_installer=False, is_installer=False)
test_utils.CreateBit9Rule(
bit9_binary.key,
is_committed=True,
policy=constants.RULE_POLICY.FORCE_NOT_INSTALLER)
event, signing_chain = _CreateEventTuple(
file_catalog=bit9_test_utils.CreateFileCatalog(
id=bit9_binary.file_catalog_id,
sha256=bit9_binary.key.id(),
file_flags=bit9_constants.FileFlags.MARKED_INSTALLER))
file_catalog = event.get_expand(api.Event.file_catalog_id)
changed = sync._PersistBit9Binary(
event, file_catalog, signing_chain).get_result()
self.assertTrue(changed)
self.assertTrue(bit9_binary.key.get().is_installer)
# Empty because Binary is not new and State is not BANNED.
self.assertTaskCount(constants.TASK_QUEUE.BQ_PERSISTENCE, 0)