public virtual IEnumerable<ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables)
{
var userSIDEntity = ((user_sid55_object)objectType).GetUserSIDEntity();
var userSIDs = this.processVariables(objectType, variables);
if (userSIDs == null)
return null;
if (userSIDEntity.operation != OperationEnumeration.equals)
{
var collectedItems = ProcessOperationDifferentOfEquals(userSIDEntity.operation, userSIDs);
if (collectedItems.Count > 0)
return collectedItems;
var newUserSidItem = CreateUserSIDItemType(userSIDEntity.Value ?? "");
newUserSidItem.status = StatusEnumeration.doesnotexist;
newUserSidItem.user_sid.status = newUserSidItem.status;
return new ItemType[] { newUserSidItem };
}
var itemsToCollect = new List<ItemType>();
foreach (var userSID in userSIDs)
itemsToCollect.Add(CreateUserSIDItemType(userSID));
return itemsToCollect;
}
public RegistryEntityVariableEvaluator(VariablesEvaluated variablesEvaluated)
{
if (variablesEvaluated == null)
throw new ArgumentNullException("[ RegistryEntityVariableEvaluator ] - The VariableEvaluated cannot be null.");
this.variables = variablesEvaluated;
}
public SetEvaluator(oval_system_characteristics systemCharacteristics, IEnumerable<StateType> states, VariablesEvaluated variables)
{
this.systemCharacteristics = systemCharacteristics;
this.ovalDefinitionStates = states;
this.variables = variables;
this.filterEvaluator = new FilterEvaluator(this.systemCharacteristics, this.ovalDefinitionStates, this.variables);
}
public RegKeyEffectiveRightsVariableEvaluator(ObjectType objectType, VariablesEvaluated variablesEvaluated)
: base(objectType, variablesEvaluated)
{
if (!(objectType is regkeyeffectiverights53_object))
throw new Exception(string.Format("[RegKeyEffectiveRightsVariableEvaluator] - The type of object is invalid: '{0}'.", objectType.ToString()));
base.AllObjectEntities = ((regkeyeffectiverights53_object)objectType).GetAllObjectEntities();
}
public UserSID55EntityVariableEvaluator(ObjectType objectType, VariablesEvaluated variablesEvaluated)
: base(objectType, variablesEvaluated)
{
this.checkObjectType(objectType);
base.AllObjectEntities = new Dictionary<string, EntityObjectStringType>();
base.AllObjectEntities.Add("user_sid", ((user_sid55_object)objectType).UserSID);
}
public virtual IEnumerable<ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables)
{
var securityPrincipleEntity = ((accesstoken_object)objectType).GetSecurityPrincipleEntity();
var securityPrinciples = this.EvaluateVariable(objectType, variables);
securityPrinciples = this.ProcessOperation(securityPrinciples, securityPrincipleEntity);
return this.CreateItemsToCollectFromSecurityPrincipleList(securityPrinciples);
}
public virtual IEnumerable<ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables)
{
var userNames = this.processVariables(objectType, variables);
if (userNames == null)
return new List<ItemType>();
return this.ProcessOperation(((user_object)objectType).User, userNames);
}
private IEnumerable<string> ProcessVariableForEntity(
OVAL.Definitions.ObjectType sourceObject,
sql57_object_choices entityName,
VariablesEvaluated evaluatedVariables)
{
var entity = ((sql57_object)sourceObject).GetObjectEntityByName(entityName);
return new VariableEntityEvaluator(evaluatedVariables).EvaluateVariableForEntity(entity);
}
public UserEntityVariableEvaluator(ObjectType objectType, VariablesEvaluated variablesEvaluated)
: base(objectType, variablesEvaluated)
{
if (!(objectType is user_object))
throw new Exception(string.Format("[UserEntityVariableEvaluator] - The type of object is invalid: '{0}'.", objectType.ToString()));
base.AllObjectEntities = new Dictionary<string, EntityObjectStringType>();
base.AllObjectEntities.Add("user", ((user_object)objectType).User);
}
public SID_SID_EntityVariableEvaluator(ObjectType objectType, VariablesEvaluated variablesEvaluated)
: base(objectType, variablesEvaluated)
{
if (!(objectType is sid_sid_object))
throw new Exception(string.Format("[SID_SID_EntityVariableEvaluator] - The type of object is invalid: '{0}'.", objectType.ToString()));
base.AllObjectEntities = new Dictionary<string, EntityObjectStringType>();
base.AllObjectEntities.Add("trustee_sid", ((sid_sid_object)objectType).TrusteeSID);
}
private IList<string> EvaluateVariable(Definitions.ObjectType objectType, VariablesEvaluated variables)
{
var securityPrincipleEntity = ((accesstoken_object)objectType).GetSecurityPrincipleEntity();
if (string.IsNullOrEmpty(securityPrincipleEntity.var_ref))
return new List<String>(new string[] { securityPrincipleEntity.Value });
var variableEvaluator = new AccessTokenVariableEvaluator(objectType, variables);
var result = variableEvaluator.ProcessVariableForAllObjectEntities();
return (result == null) ? new string[] { }.ToList() : result.ToList();
}
public IEnumerable<ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables)
{
var groupNames = this.processVariables(objectType, variables);
if (groupNames == null)
return new List<ItemType>();
var derivedGroupNames = this.processOperation(objectType, groupNames.ToArray());
return this.createGroupItemsToCollect(derivedGroupNames.ToList());
}
/// <summary>
/// this method returns the item_types to collect.
/// </summary>
/// <param name="objectType">Type of the object.</param>
/// <returns></returns>
public virtual IEnumerable<ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables)
{
var variableEvaluator = new RegistryEntityVariableEvaluator(variables);
var operationEvaluator = new RegistryEntityOperationEvaluator(this.SystemDataSource, this.WmiDataProvider);
var registryObjectsVariableProcessed = variableEvaluator.ProcessVariableForRegistryObject((registry_object)objectType);
var registryObjectsOperationProcessed = operationEvaluator.ProcessOperation(registryObjectsVariableProcessed);
return registryObjectsOperationProcessed;
}
private IEnumerable<String> processVariables(Definitions.ObjectType objectType, VariablesEvaluated variables)
{
var userEntityValue = ((user_object)objectType).User.Value;
if (variables == null || variables.VariableValues.IsEmpty())
return new string[] { userEntityValue };
return
new UserEntityVariableEvaluator(objectType, variables)
.ProcessVariableForAllObjectEntities();
}
public IEnumerable<ItemType> GetItemsToCollect(OVAL.Definitions.ObjectType objectType, VariablesEvaluated variables)
{
var trusteeNames = this.processVariables(objectType, variables);
if (trusteeNames == null)
return new List<ItemType>();
var derivedTrusteeNames = this.processOperation(objectType, trusteeNames.ToArray());
return this.createSidItemsToCollect(derivedTrusteeNames.ToList());
}
public void Should_not_possible_to_evaluate_variables_that_has_multiples_values()
{
List<string> values = new List<string>() { "1.0","1.1","1.2" };
VariableValue variable = new VariableValue("oval:org.mitre.oval:obj:3000", "oval:org.mitre.oval:var:3000", values);
VariablesEvaluated variables = new VariablesEvaluated(new List<VariableValue>() { variable });
ItemType itemType = this.systemCharacteristics.GetSystemDataByReferenceId("3");
StateType state = this.states.Where(obj => obj.id == "oval:org.mitre.oval:ste:100").SingleOrDefault();
StateTypeComparator comparator = new StateTypeComparator(state, itemType, variables);
comparator.IsEquals();
}
public IEnumerable<OVAL.SystemCharacteristics.ItemType> GetItemsToCollect(ObjectType objectType, VariablesEvaluated variables)
{
var processObject = (OVAL.Definitions.Unix.process_object)objectType;
var commandEntity = (EntityObjectStringType)processObject.Item;
var commandEntityValues = new VariableEntityEvaluator(variables).EvaluateVariableForEntity(commandEntity);
var itemsToCollect = new List<OVAL.SystemCharacteristics.ItemType>();
foreach (var commandValue in commandEntityValues)
itemsToCollect.AddRange(ProcessEntityOperation(commandValue, commandEntity));
return itemsToCollect;
}
public void Should_be_possible_to_get_a_variable_by_ovalComponentId()
{
List<string> variableValues = new List<string>() { "Multiprocessor Free" };
VariableValue variable = new VariableValue("oval:org.mitre.oval:obj:6000", "oval:com.hp:var:1", variableValues);
IEnumerable<VariableValue> variables = new List<VariableValue>() { variable };
VariablesEvaluated variablesEvaluated = new VariablesEvaluated(variables);
IEnumerable<VariableValue> variablesExpected = variablesEvaluated.GetVariableValueForOvalComponent("oval:org.mitre.oval:obj:6000");
Assert.IsNotNull(variablesExpected, "the variable was not found");
variablesExpected = variablesEvaluated.GetVariableValueForOvalComponent("oval:org.mitre.oval:obj:6005");
Assert.IsTrue(variablesExpected.Count() == 0, "the variable is not expected");
}
public IEnumerable<OVAL.SystemCharacteristics.ItemType> GetItemsToCollect(OVAL.Definitions.ObjectType objectType, VariablesEvaluated variables)
{
var showSubcommandEntity = ((line_object)objectType).GetShowSubcommandEntity();
var showSubcommandValues =
new VariableEntityEvaluator(variables)
.EvaluateVariableForEntity(showSubcommandEntity);
return
showSubcommandValues
.Select(v =>
new line_item() { show_subcommand = new EntityItemStringType() { Value = v } });
}
public static CollectInfo CreateFakeCollectInfo(
IEnumerable<Definitions.ObjectType> objects,
VariablesEvaluated variables = null,
oval_system_characteristics systemCharacteristics = null)
{
CollectInfo collectInfo = new CollectInfo();
collectInfo.Variables = (variables == null) ? new VariablesEvaluated(new List<VariableValue>()) : variables;
collectInfo.ObjectTypes = objects;
collectInfo.SystemCharacteristics = systemCharacteristics;
return collectInfo;
}
public virtual IEnumerable<ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables)
{
var fileEffectiveRights53Object = (fileeffectiverights53_object)objectType;
if (fileEffectiveRights53Object.HasVariableDefined())
{
var objectTypes = new FileEffectiveRights53EntityVariableEvaluator(variables).ProcessVariables(objectType);
return this.OperationEvaluator.ProcessOperation(objectTypes).ToList();
}
return OperationEvaluator.ProcessOperation(fileEffectiveRights53Object).ToList();
}
private IEnumerable<String> processVariables(OVAL.Definitions.ObjectType objectType, VariablesEvaluated variables)
{
string trusteeNameEntityValue = ((sid_object)objectType).TrusteeName.Value;
if ((variables == null) || (variables.VariableValues.Count() == 0))
return new List<String>(new string[] { trusteeNameEntityValue });
else
{
var variableEvaluator = new SIDEntityVariableEvaluator(objectType, variables);
var processedVariables = variableEvaluator.ProcessVariableForAllObjectEntities();
return (processedVariables == null) ? null : processedVariables;
}
}
public virtual IEnumerable<ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables)
{
var itemsToCollect = new List<ItemType>();
var fileObjects = new FileAuditedPermissionsVariableEvaluator(variables).ProcessVariables(objectType);
foreach (var fileObject in fileObjects)
{
var processedItems = this.ProcessOperation((fileauditedpermissions53_object)fileObject);
itemsToCollect.AddRange(processedItems);
}
return itemsToCollect;
}
public virtual IEnumerable<ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables)
{
var itemsToCollect = new List<ItemType>();
var xmlFileObjects = new XmlFileContentVariableEvaluator(variables).ProcessVariables(objectType);
foreach (var xmlFileContentObject in xmlFileObjects)
{
var processedItems = this.ProcessOperation((xmlfilecontent_object)xmlFileContentObject);
itemsToCollect.AddRange(processedItems);
}
return itemsToCollect;
}
public override void PrepareCollectionOfObjects(IEnumerable<ObjectType> allItemsToCollect, VariablesEvaluated variables)
{
base.PrepareCollectionOfObjects(allItemsToCollect, variables);
if (allItemsToCollect.Count() > 0)
{
var variableEvaluator = new VariableEntityEvaluator(variables);
var allSapObjects = allItemsToCollect.OfType<sapcode_object>().ToList();
var issues = allSapObjects.SelectMany(x => variableEvaluator.EvaluateVariableForEntity(((EntitySimpleBaseType)(x.Items[x.ItemsElementName.ToList().IndexOf(SapCodeObjectItemsChoices.issue)])))).Distinct();
var systemNames = allSapObjects.SelectMany(x => variableEvaluator.EvaluateVariableForEntity(((EntitySimpleBaseType)x.Items[x.ItemsElementName.ToList().IndexOf(SapCodeObjectItemsChoices.system_name)]))).Distinct();
var systemIds = systemNames.Select(x => Convert.ToInt32(x));
if (systemIds.Count() > 1)
throw new NotSupportedException("Only concurrent collections of a single system is supported!");
ExecutionLogBuilder.AddInfo(string.Format("Authenticating at code control with user '{0}'.", AuthUser));
var authResult = connectionProvider.authenticate(AuthUser, AuthPassword);
if (authResult.error)
{
ExecutionLogBuilder.AnErrorOccurred(string.Format("Error authenticating at code control : {0}.", authResult.errorMessage));
}
else
{
ExecutionLogBuilder.AddInfo(string.Format("Successfully authenticated.", AuthUser));
int nSystem = systemIds.Single();
var allIssues = issues.Select(x => (long)Convert.ToInt32(x)).ToArray();
ExecutionLogBuilder.AddInfo(
string.Format("Starting scan request for system {0} and issues '{1}'.", nSystem, string.Join(",", allIssues)));
issueResult = connectionProvider.scanIssueListBySystem(authResult.token, nSystem,allIssues);
var scanCriteria = new ScanCriteriaDTO() {scanIdList = new[] {issueResult.scanId ?? 0}};
var waitTime = 0L;
//const int timeOut = 3600000; // 1 hour
//const int timeOut = 10800000; // 3 hs
const int timeOut = 18000000;
while (((issueResult.status == "AWAITING") || (issueResult.status == "PROCESSING"))
&& (waitTime <= timeOut)
)
{
Thread.Sleep(40000);
issueResult = connectionProvider.findScan(authResult.token, scanCriteria).FirstOrDefault();
// Wait time is desconsidering remote call duration,
// should be done with a stop watch
waitTime += 40000;
}
}
}
}
public virtual IEnumerable<ItemType> GetItemsToCollect(OVAL.Definitions.ObjectType objectType, VariablesEvaluated variables)
{
var variableNameEntity = ((environmentvariable_object)objectType).GetEnvironmentVariableNameEntity();
var variableNameValues = this.EvaluateVariable(variableNameEntity, variables);
var itemsToCollect = new List<ItemType>();
foreach (var variableName in variableNameValues)
{
var newItemToCollect = new environmentvariable_item() { name = OvalHelper.CreateItemEntityWithStringValue(variableName) };
itemsToCollect.Add(newItemToCollect);
}
return itemsToCollect;
}
/// <summary>
/// Creates a items to collect from given object type.
/// </summary>
/// <param name="objectType">Type of the object.</param>
/// <returns>A list of ItemType</returns>
public virtual IEnumerable<ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables)
{
var variableEvaluator = new FileEffectiveRightsVariableEvaluator(variables);
var operationEvaluator = new FileEffectiveRightsOperationEvaluator(SystemDataSource, FileProvider);
var fileEffectiveRights = (fileeffectiverights_object)objectType;
if (fileEffectiveRights.HasVariableDefined())
{
var objects = variableEvaluator.ProcessVariables(objectType);
return operationEvaluator.ProcessOperation(objects).ToList();
}
return operationEvaluator.ProcessOperation(fileEffectiveRights).ToList();
}
public IEnumerable<ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables)
{
var variableId = ((variable_object)objectType).GetItemValue().ToString();
var variableValues = variables.GetVariableValueForVariableId(variableId);
if (HasVariableValues(variables.VariableValues))
{
var variable = variableValues.FirstOrDefault(var => var.VariableId.Equals(variableId));
if (variable != null && variable.values != null && variable.values.Count() > 0)
return new ItemType[] { this.CreateVariableItem(variableId) };
}
return new ItemType[] { };
}
public IEnumerable<ItemType> GetItemsToCollect(OVAL.Definitions.ObjectType objectType, VariablesEvaluated variables)
{
var variableEvaluator = new VariableEntityEvaluator(variables);
var fileEffectiveRightsObject = (fileeffectiverights53_object)objectType;
var paths = new List<String>();
var filenames = new List<String>();
if (fileEffectiveRightsObject.IsFilePathDefined())
{
var filepathEntity = (EntitySimpleBaseType)fileEffectiveRightsObject.GetItemValue(fileeffectiverights53_object_ItemsChoices.filepath);
var filepathValues = variableEvaluator.EvaluateVariableForEntity(filepathEntity);
filepathValues = this.ProcessOperationForFilepathEntity(filepathEntity.operation, filepathValues);
paths.AddRange(filepathValues.Select(filepath => Path.GetDirectoryName(filepath)).Distinct());
filenames.AddRange(filepathValues.Select(filepath => Path.GetFileName(filepath)).Distinct());
}
else
{
var pathEntity = (EntitySimpleBaseType)fileEffectiveRightsObject.GetItemValue(fileeffectiverights53_object_ItemsChoices.path);
var pathEntityValues = variableEvaluator.EvaluateVariableForEntity(pathEntity);
pathEntityValues = ProcessOperationForFilepathEntity(pathEntity.operation, pathEntityValues);
paths.AddRange(pathEntityValues);
var filenameEntity = (EntitySimpleBaseType)fileEffectiveRightsObject.GetItemValue(fileeffectiverights53_object_ItemsChoices.filename);
if (filenameEntity == null)
filenames.Add(string.Empty);
else
{
var filenameEntityValues = variableEvaluator.EvaluateVariableForEntity(filenameEntity);
filenameEntityValues = ProcessOperationForFilenameEntity(filenameEntity.operation, filenameEntityValues, pathEntityValues);
filenames.AddRange(filenameEntityValues.Distinct());
}
}
var trusteeSidEntity = (EntitySimpleBaseType)fileEffectiveRightsObject.GetItemValue(fileeffectiverights53_object_ItemsChoices.trustee_sid);
var trusteeSidEntityValues = variableEvaluator.EvaluateVariableForEntity(trusteeSidEntity);
var itemsToCollect = new List<ItemType>();
foreach(var path in paths)
foreach(var filename in filenames)
foreach (var trusteeSID in trusteeSidEntityValues)
{
var newItems = ProcessOperationForTrusteeSidEntity(path, filename, trusteeSID, trusteeSidEntity.operation);
itemsToCollect.AddRange(newItems);
}
return itemsToCollect;
}
public IEnumerable<ItemType> GetItemsToCollect(OVAL.Definitions.ObjectType objectType, VariablesEvaluated variables)
{
var usernameEntity = ((password_object)objectType).Items.OfType<EntityObjectStringType>().FirstOrDefault();
if (usernameEntity != null)
{
var usernames = new VariableEntityEvaluator(variables).EvaluateVariableForEntity(usernameEntity);
return
usernames
.Select(
user =>
new password_item() { username = OvalHelper.CreateItemEntityWithStringValue(user) });
}
return null;
}
public VariableEntityEvaluator(VariablesEvaluated variables)
{
this.variables = variables;
}
