public IEnumerable<ObjectType> ProcessVariables(ObjectType objcetType)
{
var textFileContentObject = (textfilecontent54_object)objcetType;
var textFileContentObjects = new List<ObjectType>();
IEnumerable<string> variablesFromFilePath = null;
IEnumerable<string> variablesFromFileName = null;
IEnumerable<string> variablesFrompath = null;
if (textFileContentObject.IsFilePathDefined())
variablesFromFilePath = this.ProcessVariableForFilePath(textFileContentObject);
else
{
variablesFromFileName = this.ProcessVariableForFileName(textFileContentObject);
variablesFrompath = this.ProcessVariableForPath(textFileContentObject);
}
var variablesFrompattern = this.ProcessVariableForPattern(textFileContentObject);
var variablesFromInstance = this.ProcessVariableForInstance(textFileContentObject);
if (this.IsVariablesWasProcessed(variablesFromFilePath, variablesFromFileName, variablesFrompattern, variablesFrompath, variablesFromInstance))
{
var factory = new TextFileContentObjectFactory();
textFileContentObjects.AddRange(factory.CreateObjectTypeByCombinationOfEntities(textFileContentObject,
variablesFromFilePath,
variablesFromFileName,
variablesFrompath,
variablesFrompattern,
variablesFromInstance));
}
return textFileContentObjects;
}
protected override set GetSetElement(ObjectType objectType)
{
var setElementName = fileeffectiverights53_object_ItemsChoices.set;
var setElement = ((fileeffectiverights53_object)objectType).GetItemValue(setElementName);
return (set)setElement;
}
public UserSID55EntityVariableEvaluator(ObjectType objectType, VariablesEvaluated variablesEvaluated)
: base(objectType, variablesEvaluated)
{
this.checkObjectType(objectType);
base.AllObjectEntities = new Dictionary<string, EntityObjectStringType>();
base.AllObjectEntities.Add("user_sid", ((user_sid55_object)objectType).UserSID);
}
public RegKeyEffectiveRightsVariableEvaluator(ObjectType objectType, VariablesEvaluated variablesEvaluated)
: base(objectType, variablesEvaluated)
{
if (!(objectType is regkeyeffectiverights53_object))
throw new Exception(string.Format("[RegKeyEffectiveRightsVariableEvaluator] - The type of object is invalid: '{0}'.", objectType.ToString()));
base.AllObjectEntities = ((regkeyeffectiverights53_object)objectType).GetAllObjectEntities();
}
/// <summary>
/// Constructor.
/// </summary>
/// <param name="ovalDefinitionsObjects">The oval objects list from Oval Definitions.</param>
public TargetPlatformDiscoverer(ObjectType[] ovalDefinitionsObjects)
{
this.OvalDefinitionsObjectNamepaces = new List<String>();
if (ovalDefinitionsObjects != null)
foreach (var @object in ovalDefinitionsObjects)
foreach (var attribute in @object.GetType().GetCustomAttributes(typeof(XmlRootAttribute), false))
if (!this.OvalDefinitionsObjectNamepaces.Contains((attribute as XmlRootAttribute).Namespace))
this.OvalDefinitionsObjectNamepaces.Add((attribute as XmlRootAttribute).Namespace);
}
public SID_SID_EntityVariableEvaluator(ObjectType objectType, VariablesEvaluated variablesEvaluated)
: base(objectType, variablesEvaluated)
{
if (!(objectType is sid_sid_object))
throw new Exception(string.Format("[SID_SID_EntityVariableEvaluator] - The type of object is invalid: '{0}'.", objectType.ToString()));
base.AllObjectEntities = new Dictionary<string, EntityObjectStringType>();
base.AllObjectEntities.Add("trustee_sid", ((sid_sid_object)objectType).TrusteeSID);
}
public UserEntityVariableEvaluator(ObjectType objectType, VariablesEvaluated variablesEvaluated)
: base(objectType, variablesEvaluated)
{
if (!(objectType is user_object))
throw new Exception(string.Format("[UserEntityVariableEvaluator] - The type of object is invalid: '{0}'.", objectType.ToString()));
base.AllObjectEntities = new Dictionary<string, EntityObjectStringType>();
base.AllObjectEntities.Add("user", ((user_object)objectType).User);
}
public virtual IEnumerable<string> ProcessOperationForKeyEntity(ObjectType sourceObject, string[] KeysAlreadyProcessed)
{
this.ConfigureObjectEntities((regkeyeffectiverights53_object)sourceObject);
KeysAlreadyProcessed = this.GetEntityValuesAlreadyProcessed(KeysAlreadyProcessed, this.KeyObjectEntity.Value);
List<String> operationResult = new List<String>();
foreach (var key in KeysAlreadyProcessed)
operationResult.AddRange(this.processKey(key));
return operationResult;
}
public IEnumerable<OVAL.SystemCharacteristics.ItemType> GetItemsToCollect(ObjectType objectType, VariablesEvaluated variables)
{
var processObject = (OVAL.Definitions.Unix.process_object)objectType;
var commandEntity = (EntityObjectStringType)processObject.Item;
var commandEntityValues = new VariableEntityEvaluator(variables).EvaluateVariableForEntity(commandEntity);
var itemsToCollect = new List<OVAL.SystemCharacteristics.ItemType>();
foreach (var commandValue in commandEntityValues)
itemsToCollect.AddRange(ProcessEntityOperation(commandValue, commandEntity));
return itemsToCollect;
}
private void assertFileEffectiveRightsInitialEntities(Definitions.ObjectType sourceObject, SystemCharacteristics.ItemType collectedItem)
{
fileeffectiverights_item collectedFileEffectiveRightsItem = (fileeffectiverights_item)collectedItem;
var allExpectedEntities = OvalHelper.GetFileEffectiveRightsFromObjectType((fileeffectiverights_object)sourceObject);
string expectedPath = allExpectedEntities[fileeffectiverights_object_ItemsChoices.path.ToString()].Value;
string expectedFileName = allExpectedEntities[fileeffectiverights_object_ItemsChoices.filename.ToString()].Value;
string expectedTrusteeName = allExpectedEntities[fileeffectiverights_object_ItemsChoices.trustee_name.ToString()].Value;
Assert.AreEqual(expectedPath, collectedFileEffectiveRightsItem.path.Value, string.Format(MSG_UNEXPECTED_COLLECTED_ITEM_VALUE, "path"));
Assert.AreEqual(expectedFileName, collectedFileEffectiveRightsItem.filename.Value, string.Format(MSG_UNEXPECTED_COLLECTED_ITEM_VALUE, "filename"));
Assert.AreEqual(expectedTrusteeName, collectedFileEffectiveRightsItem.trustee_name.Value, string.Format(MSG_UNEXPECTED_COLLECTED_ITEM_VALUE, "trustee_name"));
}
public AuditEventPolicyProberTest()
{
this.FakeContext = ProbeHelper.CreateFakeContext();
this.FakeTargetInfo = ProbeHelper.CreateFakeTarget();
this.FakeItemsToCollect = new ItemType[] { new auditeventpolicy_item() };
var fakeAuditEventPolicyItem = new auditeventpolicy_item();
fakeAuditEventPolicyItem.CreateAllEntityItemsWithAuditNoneEventStatus();
fakeAuditEventPolicyItem.detailed_tracking.Value = AuditEventStatus.AUDIT_SUCCESS_FAILURE.ToString();
this.FakeCollectedItems = new CollectedItem[] { ProbeHelper.CreateFakeCollectedItem(fakeAuditEventPolicyItem) };
var objects = new Definitions.ObjectType[] { ProbeHelper.GetDefinitionObjectTypeByID("definitionsSimple", "2100") };
this.FakeCollectInfo = ProbeHelper.CreateFakeCollectInfo(objects, null, null);
}
private IEnumerable <String> processVariables(Definitions.ObjectType objectType, VariablesEvaluated variables)
{
var groupSIDEntity = ((group_sid_object)objectType).GetGroupSIDEntity();
var thereIsNoEvaluatedVariable = ((variables == null) || (variables.VariableValues.Count() == 0));
if (thereIsNoEvaluatedVariable && (string.IsNullOrEmpty(groupSIDEntity.var_ref)))
{
return(new List <String>(new string[] { groupSIDEntity.Value }));
}
var result = new GroupSIDEntityVariableEvaluator(objectType, variables).TryToProcessObjectEntity(objectType.ComponentString);
return((result == null) ? null : result);
}
/// <summary>
/// Creates a items to collect from given object type.
/// </summary>
/// <param name="objectType">Type of the object.</param>
/// <returns>A list of ItemType</returns>
public virtual IEnumerable <ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables)
{
var variableEvaluator = new FileEffectiveRightsVariableEvaluator(variables);
var operationEvaluator = new FileEffectiveRightsOperationEvaluator(SystemDataSource, FileProvider);
var fileEffectiveRights = (fileeffectiverights_object)objectType;
if (fileEffectiveRights.HasVariableDefined())
{
var objects = variableEvaluator.ProcessVariables(objectType);
return(operationEvaluator.ProcessOperation(objects).ToList());
}
return(operationEvaluator.ProcessOperation(fileEffectiveRights).ToList());
}
private IEnumerable <String> processVariables(Definitions.ObjectType objectType, VariablesEvaluated variables)
{
var userSIDEntity = ((user_sid55_object)objectType).UserSID;
bool thereIsNoEvaluatedVariable = ((variables == null) || (variables.VariableValues.Count() == 0));
if (thereIsNoEvaluatedVariable && (string.IsNullOrEmpty(userSIDEntity.var_ref)))
{
return(new List <String>(new string[] { userSIDEntity.Value }));
}
var variableEvaluator = new UserSID55EntityVariableEvaluator(objectType, variables);
var processedVariables = variableEvaluator.ProcessVariableForAllObjectEntities();
return((processedVariables == null) ? null : processedVariables);
}
private IEnumerable<ObjectType> CreateFileObjectWithFilePath(ObjectType fileObject, IEnumerable<string> variablesFromFilePath)
{
List<ObjectType> fileObjects = new List<ObjectType>();
if (variablesFromFilePath == null)
return fileObjects;
foreach (string filePath in variablesFromFilePath)
{
if (String.IsNullOrWhiteSpace(filePath))
continue;
ObjectType newFileObject = this.CreateObjectTypeFrom(fileObject, filePath, "", "");
fileObjects.Add(newFileObject);
}
return fileObjects;
}
private IEnumerable <String> processVariables(Definitions.ObjectType objectType, VariablesEvaluated variables)
{
string groupNameEntityValue = ((group_object)objectType).Group.Value;
if ((variables == null) || (variables.VariableValues.Count() == 0))
{
return(new List <String>(new string[] { groupNameEntityValue }));
}
else
{
var variableEvaluator = new GroupEntityVariableEvaluator(objectType, variables);
var processedVariables = variableEvaluator.ProcessVariableForAllObjectEntities();
return((processedVariables == null) ? null : processedVariables);
}
}
/// <summary>
/// Generates concrete items type to collect from object type.
/// </summary>
public virtual IEnumerable <ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables)
{
var itemsToCollect = new List <ItemType>();
var variableEvaluator = new RegKeyEffectiveRightsVariableEvaluator(objectType, variables);
var hiveValue = variableEvaluator.AllObjectEntities[HiveEntityValue].Value;
var processedKeys = variableEvaluator.TryToProcessObjectEntity(KeyEntityName);
if (processedKeys != null)
{
processedKeys = this.OperationEvaluator.ProcessOperationForKeyEntity(objectType, processedKeys.ToArray());
}
if (processedKeys == null)
{
return new ItemType[] { }
}
;
var processedTrustees = variableEvaluator.TryToProcessObjectEntity(TrusteeSIDEntityName);
var trusteeSidEntity = variableEvaluator.AllObjectEntities[TrusteeSIDEntityName];
if (processedTrustees == null)
{
return new ItemType[] { }
}
;
foreach (var regKey in processedKeys)
{
foreach (var sid in processedTrustees)
{
if (trusteeSidEntity.operation.Equals(OperationEnumeration.equals))
{
var newItemToCollect = this.createRegKeyEffectiveRights(hiveValue, regKey, sid);
newItemToCollect.status = StatusEnumeration.notcollected;
itemsToCollect.Add(newItemToCollect);
}
else
{
var alreadyCollectedItems = ObjectCollector.CollectItemsApplyingOperation(hiveValue, regKey, sid, trusteeSidEntity.operation);
itemsToCollect.AddRange(alreadyCollectedItems);
}
}
}
return(itemsToCollect);
}
public AuditEventPolicyProberTest()
{
this.FakeContext = ProbeHelper.CreateFakeContext();
this.FakeTargetInfo = ProbeHelper.CreateFakeTarget();
this.FakeItemsToCollect = new ItemType[] { new auditeventpolicy_item() };
var fakeAuditEventPolicyItem = new auditeventpolicy_item();
fakeAuditEventPolicyItem.CreateAllEntityItemsWithAuditNoneEventStatus();
fakeAuditEventPolicyItem.detailed_tracking.Value = AuditEventStatus.AUDIT_SUCCESS_FAILURE.ToString();
this.FakeCollectedItems = new CollectedItem[] { ProbeHelper.CreateFakeCollectedItem(fakeAuditEventPolicyItem) };
var objects = new Definitions.ObjectType[] { ProbeHelper.GetDefinitionObjectTypeByID("definitionsSimple", "2100") };
this.FakeCollectInfo = ProbeHelper.CreateFakeCollectInfo(objects, null, null);
}
public IEnumerable <String> ProcessVariablesForTypeFilePathEntities(Definitions.ObjectType objectType)
{
textfilecontent54_object fileContentObj = (textfilecontent54_object)objectType;
var variablesFromFilePath = this.EvaluateVariableForEntity(fileContentObj, textfilecontent54_ItemsChoices.filepath);
if ((variablesFromFilePath != null) && (variablesFromFilePath.Count() > 0))
{
return(variablesFromFilePath);
}
var variablesFromPath = this.EvaluateVariableForEntity(fileContentObj, textfilecontent54_ItemsChoices.path);
var variablesFromFilename = this.EvaluateVariableForEntity(fileContentObj, textfilecontent54_ItemsChoices.filename);
return(this.CreateFilePathsListByCombinationOfEntities(variablesFromPath, variablesFromFilename));
}
public virtual IEnumerable <ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated evaluatedVariables)
{
var textFileContentObject = (textfilecontent54_object)objectType;
if (textFileContentObject.HasVariableDefined())
{
var variableEvaluator = new TextFileContentEntityVariableEvaluator(evaluatedVariables);
var objectTypes = variableEvaluator.ProcessVariables(objectType);
return(this.OperationEvaluator.ProcessOperation(objectTypes).ToList());
}
else
{
return(this.OperationEvaluator.ProcessOperation(textFileContentObject).ToList());
}
}
private IEnumerable<ObjectType> CreateFileObjectWithoutFilePath(ObjectType fileObject, IEnumerable<string> paths, IEnumerable<string> fileNames)
{
List<ObjectType> fileObjects = new List<ObjectType>();
foreach (string path in paths)
{
foreach (string fileName in fileNames)
{
if (!string.IsNullOrEmpty(path))
{
ObjectType newFileObject = this.CreateObjectTypeFrom(fileObject, " ", path, fileName);
fileObjects.Add(newFileObject);
}
}
}
return fileObjects;
}
public IEnumerable<ObjectType> ProcessVariables(ObjectType objectType)
{
List<ObjectType> fileEffectiveRightObjects = new List<ObjectType>();
fileeffectiverights_object fileEffectiveRights = (fileeffectiverights_object)objectType;
IEnumerable<string> fileNames = this.processVariablesFromEntity(fileEffectiveRights,fileeffectiverights_object_ItemsChoices.filename);
IEnumerable<string> paths = this.processVariablesFromEntity(fileEffectiveRights,fileeffectiverights_object_ItemsChoices.path);
IEnumerable<string> trustee_names = this.processVariablesFromEntity(fileEffectiveRights, fileeffectiverights_object_ItemsChoices.trustee_name);
if (this.IsVariablesWasProcessed(fileEffectiveRights,fileNames, paths, trustee_names))
{
FileEffectiveRightsObjectTypeFactory factory = new FileEffectiveRightsObjectTypeFactory();
var objectTypes = factory.CreateObjectTypeByCombinationOfEntities(fileEffectiveRights, paths, fileNames, trustee_names);
fileEffectiveRightObjects.AddRange(objectTypes);
}
return fileEffectiveRightObjects;
}
public IEnumerable<ObjectType> ProcessVariables(ObjectType objcetType)
{
textfilecontent_object fileContentObject = (textfilecontent_object)objcetType;
List<ObjectType> fileContentObjects = new List<ObjectType>();
IEnumerable<string> variablesFromfileName = this.ProcessVariableForFileName(fileContentObject);
IEnumerable<string> variablesFromline = this.ProcessVariableForLine(fileContentObject);
IEnumerable<string> variablesFrompath = this.ProcessVariableForPath(fileContentObject);
if (this.IsVariablesWasProcessed(variablesFromfileName, variablesFromline, variablesFrompath))
{
FileContentObjectTypeFactory factory = new FileContentObjectTypeFactory();
fileContentObjects.AddRange(factory.CreateObjectTypeByCombinationOfEntities(fileContentObject, variablesFromfileName, variablesFromline, variablesFrompath));
}
return fileContentObjects;
}
private IEnumerable <String> processVariables(Definitions.ObjectType objectType, VariablesEvaluated variables)
{
var trusteeSIDEntityValue = ((sid_sid_object)objectType).TrusteeSID.Value;
if ((variables == null) || (variables.VariableValues.Count() == 0))
{
return new string[] { trusteeSIDEntityValue }
}
;
else
{
var variableEvaluator = new SID_SID_EntityVariableEvaluator(objectType, variables);
var processedVariables = variableEvaluator.ProcessVariableForAllObjectEntities();
return((processedVariables == null) ? null : processedVariables.ToList());
}
}
private IEnumerable <ItemType> TryToGetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables)
{
try
{
var itemsToCollect = this.ItemTypeGenerator.GetItemsToCollect(objectType, variables);
if (itemsToCollect.Count() > 0)
{
return(itemsToCollect);
}
return(new ItemType[] { });
}
catch (Exception ex)
{
return(new ItemType[] { this.CreateItemTypeWithErrorStatus(ex.Message) });
}
}
public void Should_be_possible_to_execute_a_collect_for_RegKeyEffectiveRights_with_referenced_variable_on_key_entity()
{
var fakeObjects = new Definitions.ObjectType[] { ProbeHelper.GetDefinitionObjectTypeByID("definitionsSimple", "770") };
string fakeVariableValue = @"SOFTWARE\Microsoft\Windows NT\CurrentVersion";
var fakeEvaluatedVariables = VariableHelper.CreateVariableWithOneValue("oval:modulo:obj:770", "oval:modulo:var:770", fakeVariableValue);
var fakeCollectInfo = ProbeHelper.CreateFakeCollectInfo(fakeObjects, fakeEvaluatedVariables, null);
var fakeCollectedItems = new CollectedItem[] { ProbeHelper.CreateFakeCollectedItem(new regkeyeffectiverights_item()) };
var prober = this.GetMockedRegKeyEffectiveRightsProber(fakeCollectedItems, null);
var proberExecutionResult = prober.Execute(FakeContext, FakeTargetInfo, fakeCollectInfo);
this.doBasicProbeResultAssert(proberExecutionResult);
CollectedObject collectedObject = proberExecutionResult.CollectedObjects.Single(obj => obj.ObjectType.id.Equals("oval:modulo:obj:770"));
this.assertCollectedItemsReferences(collectedObject, (IList <ItemType>)collectedObject.SystemData);
Assert.AreEqual(1, collectedObject.SystemData.Count, "Unexpected system data count.");
this.assertCollectedItemStatus(collectedObject.ObjectType.reference.ElementAt(0), collectedObject.SystemData[0]);
}
public IEnumerable <ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables)
{
var variableId = ((variable_object)objectType).GetItemValue().ToString();
var variableValues = variables.GetVariableValueForVariableId(variableId);
if (HasVariableValues(variables.VariableValues))
{
var variable = variableValues.FirstOrDefault(var => var.VariableId.Equals(variableId));
if (variable != null && variable.values != null && variable.values.Count() > 0)
{
return new ItemType[] { this.CreateVariableItem(variableId) }
}
;
}
return(new ItemType[] { });
}
public virtual IEnumerable <ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated evaluatedVariables)
{
var textFileContentObject = (textfilecontent_object)objectType;
var operationEvaluator =
new FileContentEntityOperationEvaluator(
this.FileContentSystemDataSource, WindowsFileProvider);
if (textFileContentObject.HasVariableDefined())
{
var fileContentEntityVariableEvaluator = new FileContentEntityVariableEvaluator(evaluatedVariables);
var objectTypes = fileContentEntityVariableEvaluator.ProcessVariables((textfilecontent_object)objectType);
return(operationEvaluator.ProcessOperation(objectTypes).ToList());
}
else
{
return(operationEvaluator.ProcessOperation(textFileContentObject).ToList());
}
}
private static string GetFilepathEntityName(Defs.ObjectType objectType)
{
var windowsFileObjectType = typeof(OVAL.Definitions.Windows.file_object);
var unixFileObjectType = typeof(OVAL.Definitions.Unix.file_object);
if (objectType.GetType().Equals(windowsFileObjectType))
{
return(file_object_ItemsChoices.filepath.ToString());
}
else if (objectType.GetType().Equals(unixFileObjectType))
{
return(OVAL.Definitions.Unix.ItemsChoiceType3.filepath.ToString());
}
else
{
throw new ArgumentException(String.Format("This object type '{0}' is not supported.", objectType.GetType().ToString()));
}
}
/// <summary>
/// Creates a items to collect from given object type.
/// </summary>
/// <param name="objectType">Type of the object.</param>
/// <returns>A list of ItemType</returns>
public virtual IList<ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables)
{
this.CreateEvaluators(variables);
var objectTypes = new Definitions.ObjectType[] { objectType };
if (this.HasVariableDefined(objectType))
{
if (objectType is OVAL.Definitions.Unix.file_object)
objectTypes = this.FileVariableEvaluator.ProcessVariables((OVAL.Definitions.Unix.file_object)objectType).ToArray();
else
objectTypes = this.FileVariableEvaluator.ProcessVariables((OVAL.Definitions.Windows.file_object)objectType).ToArray();
}
var itemsToCollect = this.OperationEvaluator.ProcessOperation(objectTypes).ToList();
this.OperationEvaluator = null;
this.FileVariableEvaluator = null;
return itemsToCollect;
}
public virtual IEnumerable <ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables)
{
var variableEvaluator = new VariableEntityEvaluator(variables);
var namespaceEntity = (EntityObjectStringType)((wmi_object)objectType).GetItemValue(wmi_object_ItemsChoices.@namespace);
var wqlEntity = (EntityObjectStringType)((wmi_object)objectType).GetItemValue(wmi_object_ItemsChoices.wql);
var namespaces = variableEvaluator.EvaluateVariableForEntity(namespaceEntity);
var wqls = variableEvaluator.EvaluateVariableForEntity(wqlEntity);
var itemsToCollect = new List <ItemType>();
foreach (var ns in namespaces)
{
foreach (var wql in wqls)
{
itemsToCollect.Add(this.CreateWmiItem(ns, wql));
}
}
return(itemsToCollect);
}
public IEnumerable<ObjectType> ProcessVariables(ObjectType objectType)
{
var fileeffectiverights53Object = (fileeffectiverights53_object)objectType;
IEnumerable<string> filepaths = null;
IEnumerable<string> paths = null;
IEnumerable<string> filenames = null;
if (fileeffectiverights53Object.IsFilePathDefined())
filepaths = this.EvaluateEntity(fileeffectiverights53Object, fileeffectiverights53_object_ItemsChoices.filepath);
else
{
paths = this.EvaluateEntity(fileeffectiverights53Object, fileeffectiverights53_object_ItemsChoices.path);
filenames = this.EvaluateEntity(fileeffectiverights53Object, fileeffectiverights53_object_ItemsChoices.filename, true);
}
IEnumerable<String> trusteeSIDs = this.EvaluateEntity(fileeffectiverights53Object, fileeffectiverights53_object_ItemsChoices.trustee_sid);
var objectFactory = new FileEffectiveRights53ObjectFactory();
return objectFactory.CreateFileObjects(fileeffectiverights53Object, filepaths, paths, filenames, trusteeSIDs);
}
public virtual IEnumerable<String> ProcessOperationForTrusteeSidEntity(
ObjectType sourceObject, string[] TrusteeSIDsAlreadyProcessed)
{
this.ConfigureObjectEntities((regkeyeffectiverights53_object)sourceObject);
TrusteeSIDsAlreadyProcessed =
GetEntityValuesAlreadyProcessed(TrusteeSIDsAlreadyProcessed, TrusteeSIDObjectEntity.Value);
List<String> operationResult = new List<String>();
foreach (var trusteeSID in TrusteeSIDsAlreadyProcessed)
{
if (this.TrusteeSIDObjectEntity.operation == OperationEnumeration.equals)
{
operationResult.Add(trusteeSID);
continue;
}
operationResult = this.processTrusteeSID(trusteeSID, operationResult.ToArray());
}
return operationResult;
}
public IEnumerable<ObjectType> ProcessVariables(ObjectType objectType)
{
var fileAuditedPermissionsObject = (fileauditedpermissions53_object)objectType;
string[] filepaths = null;
string[] paths = null;
string[] filenames = null;
if (fileAuditedPermissionsObject.IsFilePathDefined())
filepaths = this.EvaluateEntity(fileAuditedPermissionsObject, fileauditedpermissions53_objectItemsChoices.filepath).ToArray();
else
{
paths = this.EvaluateEntity(fileAuditedPermissionsObject, fileauditedpermissions53_objectItemsChoices.path).ToArray();
filenames = this.EvaluateEntity(fileAuditedPermissionsObject, fileauditedpermissions53_objectItemsChoices.filename).ToArray();
}
var trusteeSIDs = this.EvaluateEntity(fileAuditedPermissionsObject, fileauditedpermissions53_objectItemsChoices.trustee_sid).ToArray();
return new FileAuditedPermissions53ObjectFactory().CreateFileAuditedPermissions53Objects(
fileAuditedPermissionsObject, filepaths, paths, filenames, trusteeSIDs);
}
public IEnumerable<ObjectType> ProcessVariables(ObjectType objectType)
{
var xmlfilecontentObject = (xmlfilecontent_object)objectType;
string[] filepaths = null;
string[] paths = null;
string[] filenames = null;
if (xmlfilecontentObject.IsFilePathDefined())
filepaths = this.EvaluateEntity(xmlfilecontentObject, xmlfilecontent_ItemsChoices.filepath).ToArray();
else
{
paths = this.EvaluateEntity(xmlfilecontentObject, xmlfilecontent_ItemsChoices.path).ToArray();
filenames = this.EvaluateEntity(xmlfilecontentObject, xmlfilecontent_ItemsChoices.filename).ToArray();
}
var xpaths = this.EvaluateEntity(xmlfilecontentObject, xmlfilecontent_ItemsChoices.xpath).ToArray();
return new XmlFileContentObjectFactory()
.CreateXmlFileContentObjects(xmlfilecontentObject, filepaths, paths, filenames, xpaths);
}
public IEnumerable <ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables)
{
var sapcodeObjectType = (sapcode_object)objectType;
var variableEvaluator = new VariableEntityEvaluator(variables);
var issues = variableEvaluator.EvaluateVariableForEntity(((EntitySimpleBaseType)sapcodeObjectType.Items[sapcodeObjectType.ItemsElementName.ToList().IndexOf(SapCodeObjectItemsChoices.issue)]));
var systemNames = variableEvaluator.EvaluateVariableForEntity(((EntitySimpleBaseType)sapcodeObjectType.Items[sapcodeObjectType.ItemsElementName.ToList().IndexOf(SapCodeObjectItemsChoices.system_name)]));
var itemList = new List <ItemType>();
foreach (var systemName in systemNames)
{
foreach (var issueNumber in issues)
{
itemList.Add(new sapcode_item()
{
issue = OvalHelper.CreateItemEntityWithIntegerValue(issueNumber),
system_name = OvalHelper.CreateItemEntityWithIntegerValue(systemName)
});
}
}
return(itemList.ToArray());
}
public void Should_be_possible_to_collect_a_GroupSIDObject_with_SET_element_defined()
{
var objectTypes = new Definitions.ObjectType[] { ProbeHelper.GetDefinitionObjectTypeByID("definitionsWithSet.xml", "oval:modulo:obj:1000") };
var fakeSystemCharacteristics = ProbeHelper.GetOvalSystemCharacteristicsFromFile("system_characteristics_with_sets.xml");
var fakeCollectInfo = ProbeHelper.CreateFakeCollectInfo(objectTypes, null, fakeSystemCharacteristics);
var fakeCollectedItem = ProbeHelper.CreateFakeCollectedItem(this.CreateFakeGroupSIDItemType());
var groupSIDProber = new GroupSIDProber();
ProberBehaviorCreator
.CreateBehaviorForNormalFlowExecution(
groupSIDProber,
null,
new CollectedItem[] { fakeCollectedItem });
var probeExecutionResult = groupSIDProber.Execute(FakeContext, FakeTargetInfo, fakeCollectInfo);
Assert.IsNotNull(probeExecutionResult);
Assert.AreEqual(1, probeExecutionResult.CollectedObjects.Count());
var collectedObject = probeExecutionResult.CollectedObjects.ElementAt(0).ObjectType;
Assert.AreEqual("oval:modulo:obj:1000", collectedObject.id);
Assert.AreEqual(FlagEnumeration.complete, collectedObject.flag);
Assert.AreEqual(2, collectedObject.reference.Count());
Assert.AreEqual("1001", collectedObject.reference.ElementAt(0).item_ref);
Assert.AreEqual("1002", collectedObject.reference.ElementAt(1).item_ref);
var collectedItems = probeExecutionResult.CollectedObjects.ElementAt(0).SystemData;
Assert.AreEqual(2, collectedItems.Count);
var firstItem = (group_sid_item)collectedItems.ElementAt(0);
this.AssertCollectedItem(firstItem, "1001", "S-1-5-32-500", new string[] { "S-1-5-32-500-1", "S-1-5-32-500-2" });
var secondItem = (group_sid_item)collectedItems.ElementAt(1);
this.AssertCollectedItem(secondItem, "1002", "S-1-5-32-501", new string[] { "S-1-5-32-501-1", "S-1-5-32-501-2" });
}
private IEnumerable <string> processOperation(Definitions.ObjectType objectType, IEnumerable <String> evalutedVariables)
{
var trusteeEntity = ((sid_sid_object)objectType).TrusteeSID;
var entityOperation = trusteeEntity.operation;
var trusteeSIDs = string.IsNullOrEmpty(trusteeEntity.var_ref) ? new string[] { trusteeEntity.Value } : evalutedVariables.ToArray();
var operationResult = new List <String>();
foreach (var trusteeSID in trusteeSIDs)
{
var valuesToApply = (this.getValuesToApplyOperation(entityOperation, trusteeSID)).ToArray();
if (entityOperation == OperationEnumeration.patternmatch)
{
operationResult.AddRange(new MultiLevelPatternMatchOperation(FamilyEnumeration.windows).applyPatternMatch(trusteeSID, valuesToApply));
}
else
{
operationResult.AddRange(this.EvaluateOperationsDifferentsOfPatternMatch(entityOperation, trusteeSID, valuesToApply));
}
}
return(operationResult);
}
/// <summary>
/// Creates a items to collect from given object type.
/// </summary>
/// <param name="objectType">Type of the object.</param>
/// <returns>A list of ItemType</returns>
public virtual IList <ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables)
{
this.CreateEvaluators(variables);
var objectTypes = new Definitions.ObjectType[] { objectType };
if (this.HasVariableDefined(objectType))
{
if (objectType is OVAL.Definitions.Unix.file_object)
{
objectTypes = this.FileVariableEvaluator.ProcessVariables((OVAL.Definitions.Unix.file_object)objectType).ToArray();
}
else
{
objectTypes = this.FileVariableEvaluator.ProcessVariables((OVAL.Definitions.Windows.file_object)objectType).ToArray();
}
}
var itemsToCollect = this.OperationEvaluator.ProcessOperation(objectTypes).ToList();
this.OperationEvaluator = null;
this.FileVariableEvaluator = null;
return(itemsToCollect);
}
/// <summary>
/// Executes a normal collect, using the system datasource for data collecting.
/// </summary>
/// <param name="ovalComponent">The oval component.</param>
/// <param name="collectInfo">The collect info.</param>
/// <param name="id">The id parameter is 'a sequencial number controlled by external scope.</param>
/// <returns></returns>
private CollectedObject ProcessCollect(Definitions.ObjectType ovalComponent, CollectInfo collectInfo, ProbeResultBuilder probeResultBuilder, ref int id)
{
CollectedObject collectedObject = null;
var allItemsToCollect = this.TryToGetItemsToCollect(ovalComponent, collectInfo.Variables);
if (allItemsToCollect.Count() > 0)
{
collectedObject = new CollectedObject(ovalComponent.id);
foreach (var itemToCollect in allItemsToCollect)
{
var collectedItems = ObjectCollector.CollectDataForSystemItem(itemToCollect);
foreach (var collectedItem in collectedItems)
{
var itemType = probeResultBuilder.GetItemType(collectedItem.ItemType);
if (itemType == null)
{
collectedItem.ItemType.id = id.ToString();
id++;
}
else
{
collectedItem.ItemType = itemType;
}
collectedObject.AddItemToSystemData(collectedItem.ItemType);
var variables = collectInfo.GetVariableValueForOvalComponent(collectedObject.ObjectType.id);
collectedObject.AddVariableReference(variables);
ExecutionLogBuilder.AddDetailInformation(collectedItem.ExecutionLog);
}
}
collectedObject.UpdateCollectedObjectStatus();
}
return(collectedObject);
}
public virtual IEnumerable <ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables)
{
var processedGroupSIDs = this.processVariables(objectType, variables);
if (processedGroupSIDs == null)
{
return(null);
}
processedGroupSIDs = this.ApplyOperations(objectType, processedGroupSIDs);
var itemsToCollect = new List <ItemType>();
foreach (var groupSID in processedGroupSIDs)
{
var newItemToCollect = new group_sid_item()
{
group_sid = OvalHelper.CreateItemEntityWithStringValue(groupSID)
};
itemsToCollect.Add(newItemToCollect);
}
return(itemsToCollect);
}
private ItemType CreateFileEffectiveRightsItemTypeWithError(Definitions.ObjectType objectType, string message)
{
var fileobject = (fileeffectiverights53_object)objectType;
var path = string.Empty;
var filepath = string.Empty;
var filename = string.Empty;
var trustee = fileobject.GetItemValue(fileeffectiverights53_object_ItemsChoices.trustee_sid).ToString();
if (fileobject.IsFilePathDefined())
{
filepath = fileobject.GetItemValue(fileeffectiverights53_object_ItemsChoices.filepath).ToString();
path = System.IO.Path.GetDirectoryName(filepath);
filename = System.IO.Path.GetFileName(filepath);
}
else
{
path = fileobject.GetItemValue(fileeffectiverights53_object_ItemsChoices.path).ToString();
filename = fileobject.GetItemValue(fileeffectiverights53_object_ItemsChoices.filename).ToString();
}
return
(CreateFileEffectiveRightsItemTypeFactory()
.CreateFileItemTypesWithError(path, filename, trustee, message, StatusEnumeration.error));
}
protected override OVAL.Definitions.set GetSetElement(Definitions.ObjectType objectType)
{
return(((smf_object)objectType).GetSetElement());
}
private void checkObjectType(ObjectType objectType)
{
if (!(objectType is user_sid55_object))
throw new Exception(string.Format("[UserSID55EntityVariableEvaluator] - The type of object is invalid: '{0}'.", objectType.ToString()));
}
protected override set GetSetElement(Definitions.ObjectType objectType)
{
var setElement = ((textfilecontent54_object)objectType).GetItemValue(textfilecontent54_ItemsChoices.set);
return((Definitions.set)setElement);
}
public GroupSIDEntityVariableEvaluator(ObjectType objectType, VariablesEvaluated evaluatedVariables)
: base(objectType, evaluatedVariables)
{
base.AllObjectEntities = new Dictionary<string, EntityObjectStringType>();
base.AllObjectEntities.Add("group_sid", ((group_sid_object)objectType).GetGroupSIDEntity());
}
protected override set GetSetElement(Definitions.ObjectType objectType)
{
return(((user_object)objectType).GetSetEntity());
}
private ObjectType CreateObjectTypeFrom(ObjectType fileObject, string filePath, string path, string fileName)
{
//EntityObjectStringType filePathFrom = (EntityObjectStringType) fileObject.GetItemValue(file_object_ItemsChoices.filepath);
//EntityObjectStringType pathFrom = (EntityObjectStringType) fileObject.GetItemValue(file_object_ItemsChoices.path);
//EntityObjectStringType fileNameFrom = (EntityObjectStringType)fileObject.GetItemValue(file_object_ItemsChoices.filename);
var filePathFrom = (EntityObjectStringType)GetFileEntity(fileObject, "filepath");
var pathFrom = (EntityObjectStringType)GetFileEntity(fileObject, "path");
var fileNameFrom = (EntityObjectStringType)GetFileEntity(fileObject, "filename");
EntityObjectStringType newfilePath = null;
EntityObjectStringType newPath = null;
EntityObjectStringType newFileName = null;
//if (fileObject.IsFilePathSet())
if (filePathFrom != null)
{
newfilePath = this.CreateObjectStringTypeFrom(filePathFrom);
newfilePath.Value = !string.IsNullOrEmpty(filePath) ? filePath : newfilePath.Value;
}
else
{
newPath = this.CreateObjectStringTypeFrom(pathFrom);
newPath.Value = !string.IsNullOrEmpty(path) ? path : newPath.Value;
if (fileNameFrom == null)
{
newFileName = new EntityObjectStringType() { Value = string.Empty };
}
else
{
newFileName = this.CreateObjectStringTypeFrom(fileNameFrom);
newFileName.Value = fileName == null ? newFileName.Value : fileName;
}
}
if (fileObject is OVAL.Definitions.Unix.file_object)
return this.CreateUnixFileObject(newfilePath, newPath, newFileName);
return this.CreateFileObject(newfilePath,newPath, newFileName);
}
protected override Definitions.set GetSetElement(Definitions.ObjectType objectType)
{
return((Definitions.set)((file_object)objectType).GetItemValue(ItemsChoiceType3.set));
}
public IEnumerable <ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables)
{
return(new ItemType[] { new family_item() });
}
protected override set GetSetElement(Definitions.ObjectType objectType)
{
var setElement = ((group_sid_object)objectType).Items.FirstOrDefault();
return(setElement is set ? (set)setElement : null);
}
private void AssertObjectEntityFromSourceObject(ObjectType createdObjectType, string entityName, ObjectType sourceObjectType)
{
var entityToAssert = ((fileeffectiverights53_object)createdObjectType).GetAllObjectEntities()[entityName];
var sourceEntity = ((fileeffectiverights53_object)sourceObjectType).GetAllObjectEntities()[entityName];
Assert.AreEqual(sourceEntity.Value, entityToAssert.Value, string.Format("Unexpected object entity value ('{0}') was found after variable evaluation.", entityName));
}
public void Should_be_possible_to_execute_a_collect_for_RegKeyEffectiveRights_with_referenced_variable_on_key_entity()
{
var fakeObjects = new Definitions.ObjectType[] { ProbeHelper.GetDefinitionObjectTypeByID("definitionsSimple", "770") };
string fakeVariableValue = @"SOFTWARE\Microsoft\Windows NT\CurrentVersion";
var fakeEvaluatedVariables = VariableHelper.CreateVariableWithOneValue("oval:modulo:obj:770", "oval:modulo:var:770", fakeVariableValue);
var fakeCollectInfo = ProbeHelper.CreateFakeCollectInfo(fakeObjects, fakeEvaluatedVariables, null);
var fakeCollectedItems = new CollectedItem[] { ProbeHelper.CreateFakeCollectedItem(new regkeyeffectiverights_item()) };
var prober = this.GetMockedRegKeyEffectiveRightsProber(fakeCollectedItems, null);
var proberExecutionResult = prober.Execute(FakeContext, FakeTargetInfo, fakeCollectInfo);
this.doBasicProbeResultAssert(proberExecutionResult);
CollectedObject collectedObject = proberExecutionResult.CollectedObjects.Single(obj => obj.ObjectType.id.Equals("oval:modulo:obj:770"));
this.assertCollectedItemsReferences(collectedObject, (IList<ItemType>)collectedObject.SystemData);
Assert.AreEqual(1, collectedObject.SystemData.Count, "Unexpected system data count.");
this.assertCollectedItemStatus(collectedObject.ObjectType.reference.ElementAt(0), collectedObject.SystemData[0]);
}
public ObjectEntityVariableEvaluator(ObjectType objectType, VariablesEvaluated variablesEvaluated)
{
this.ObjectType = objectType;
this.Variables = variablesEvaluated;
}
private object GetFileEntity(ObjectType fileObject, string entityName)
{
if (fileObject is OVAL.Definitions.Unix.file_object)
{
var unixFilepath = (OVAL.Definitions.Unix.file_object)fileObject;
if (entityName.Equals("filepath"))
return unixFilepath.GetItemValue(OVAL.Definitions.Unix.ItemsChoiceType3.filepath);
if (entityName.Equals("path"))
return unixFilepath.GetItemValue(OVAL.Definitions.Unix.ItemsChoiceType3.path);
if (entityName.Equals("filename"))
return unixFilepath.GetItemValue(OVAL.Definitions.Unix.ItemsChoiceType3.filename);
return null;
}
if (entityName.Equals("filepath"))
return ((file_object)fileObject).GetItemValue(file_object_ItemsChoices.filepath);
if (entityName.Equals("path"))
return ((file_object)fileObject).GetItemValue(file_object_ItemsChoices.path);
if (entityName.Equals("filename"))
return ((file_object)fileObject).GetItemValue(file_object_ItemsChoices.filename);
return null;
}
public AccessTokenVariableEvaluator(ObjectType objectType, VariablesEvaluated variablesEvaluated)
: base(objectType, variablesEvaluated)
{
base.AllObjectEntities = ((accesstoken_object)objectType).GetAllObjectEntities();
}
public UserProberTests()
{
var fakeObjects = new Definitions.ObjectType[] { new UserObjectFactory().NewObject("guest") };
this.FakeCollectInfo = ProbeHelper.CreateFakeCollectInfo(fakeObjects, null, null);
}
protected override Definitions.set GetSetElement(Definitions.ObjectType objectType)
{
return(null);
}
public void Should_be_possible_to_collect_a_GroupSIDObject_with_SET_element_defined()
{
var objectTypes = new Definitions.ObjectType[] { ProbeHelper.GetDefinitionObjectTypeByID("definitionsWithSet.xml", "oval:modulo:obj:1000") };
var fakeSystemCharacteristics = ProbeHelper.GetOvalSystemCharacteristicsFromFile("system_characteristics_with_sets.xml");
var fakeCollectInfo = ProbeHelper.CreateFakeCollectInfo(objectTypes, null, fakeSystemCharacteristics);
var fakeCollectedItem = ProbeHelper.CreateFakeCollectedItem(this.CreateFakeGroupSIDItemType());
var groupSIDProber = new GroupSIDProber();
ProberBehaviorCreator
.CreateBehaviorForNormalFlowExecution(
groupSIDProber,
null,
new CollectedItem[] { fakeCollectedItem });
var probeExecutionResult = groupSIDProber.Execute(FakeContext, FakeTargetInfo, fakeCollectInfo);
Assert.IsNotNull(probeExecutionResult);
Assert.AreEqual(1, probeExecutionResult.CollectedObjects.Count());
var collectedObject = probeExecutionResult.CollectedObjects.ElementAt(0).ObjectType;
Assert.AreEqual("oval:modulo:obj:1000", collectedObject.id);
Assert.AreEqual(FlagEnumeration.complete, collectedObject.flag);
Assert.AreEqual(2, collectedObject.reference.Count());
Assert.AreEqual("1001", collectedObject.reference.ElementAt(0).item_ref);
Assert.AreEqual("1002", collectedObject.reference.ElementAt(1).item_ref);
var collectedItems = probeExecutionResult.CollectedObjects.ElementAt(0).SystemData;
Assert.AreEqual(2, collectedItems.Count);
var firstItem = (group_sid_item)collectedItems.ElementAt(0);
this.AssertCollectedItem(firstItem, "1001", "S-1-5-32-500", new string[] { "S-1-5-32-500-1", "S-1-5-32-500-2" });
var secondItem = (group_sid_item)collectedItems.ElementAt(1);
this.AssertCollectedItem(secondItem, "1002", "S-1-5-32-501", new string[] { "S-1-5-32-501-1", "S-1-5-32-501-2" });
}