protected override set GetSetElement(Definitions.ObjectType objectType) { var setElementName = fileeffectiverights53_object_ItemsChoices.set; var setElement = ((fileeffectiverights53_object)objectType).GetItemValue(setElementName); return (set)setElement; }
protected override set GetSetElement(Definitions.ObjectType objectType) { var setElementName = fileauditedpermissions53_objectItemsChoices.set; var setElement = ((fileauditedpermissions53_object)objectType).GetItemValue(setElementName); return (set)setElement; }
public virtual IEnumerable<ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables) { var userSIDEntity = ((user_sid55_object)objectType).GetUserSIDEntity(); var userSIDs = this.processVariables(objectType, variables); if (userSIDs == null) return null; if (userSIDEntity.operation != OperationEnumeration.equals) { var collectedItems = ProcessOperationDifferentOfEquals(userSIDEntity.operation, userSIDs); if (collectedItems.Count > 0) return collectedItems; var newUserSidItem = CreateUserSIDItemType(userSIDEntity.Value ?? ""); newUserSidItem.status = StatusEnumeration.doesnotexist; newUserSidItem.user_sid.status = newUserSidItem.status; return new ItemType[] { newUserSidItem }; } var itemsToCollect = new List<ItemType>(); foreach (var userSID in userSIDs) itemsToCollect.Add(CreateUserSIDItemType(userSID)); return itemsToCollect; }
public virtual IEnumerable<ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables) { var securityPrincipleEntity = ((accesstoken_object)objectType).GetSecurityPrincipleEntity(); var securityPrinciples = this.EvaluateVariable(objectType, variables); securityPrinciples = this.ProcessOperation(securityPrinciples, securityPrincipleEntity); return this.CreateItemsToCollectFromSecurityPrincipleList(securityPrinciples); }
public virtual IEnumerable<ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables) { var userNames = this.processVariables(objectType, variables); if (userNames == null) return new List<ItemType>(); return this.ProcessOperation(((user_object)objectType).User, userNames); }
private IEnumerable<string> ApplyOperations(Definitions.ObjectType sourceObject, IEnumerable<string> processedGroupSIDs) { var groupSIDEntity = ((group_sid_object)sourceObject).GetGroupSIDEntity(); if (groupSIDEntity.operation == OperationEnumeration.equals) return processedGroupSIDs; return this.ProcessOperationDifferentOfEquals(groupSIDEntity.operation, processedGroupSIDs); }
private IEnumerable<String> processVariables(Definitions.ObjectType objectType, VariablesEvaluated variables) { var userEntityValue = ((user_object)objectType).User.Value; if (variables == null || variables.VariableValues.IsEmpty()) return new string[] { userEntityValue }; return new UserEntityVariableEvaluator(objectType, variables) .ProcessVariableForAllObjectEntities(); }
public IEnumerable<ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables) { var trusteeSIDs = this.processVariables(objectType, variables); if (trusteeSIDs == null) return new List<ItemType>(); var derivedTrusteeSIDs = this.processOperation(objectType, trusteeSIDs.ToArray()); return this.createSidItemsToCollect(derivedTrusteeSIDs.ToList()); }
private IList<string> EvaluateVariable(Definitions.ObjectType objectType, VariablesEvaluated variables) { var securityPrincipleEntity = ((accesstoken_object)objectType).GetSecurityPrincipleEntity(); if (string.IsNullOrEmpty(securityPrincipleEntity.var_ref)) return new List<String>(new string[] { securityPrincipleEntity.Value }); var variableEvaluator = new AccessTokenVariableEvaluator(objectType, variables); var result = variableEvaluator.ProcessVariableForAllObjectEntities(); return (result == null) ? new string[] { }.ToList() : result.ToList(); }
/// <summary> /// this method returns the item_types to collect. /// </summary> /// <param name="objectType">Type of the object.</param> /// <returns></returns> public virtual IEnumerable<ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables) { var variableEvaluator = new RegistryEntityVariableEvaluator(variables); var operationEvaluator = new RegistryEntityOperationEvaluator(this.SystemDataSource, this.WmiDataProvider); var registryObjectsVariableProcessed = variableEvaluator.ProcessVariableForRegistryObject((registry_object)objectType); var registryObjectsOperationProcessed = operationEvaluator.ProcessOperation(registryObjectsVariableProcessed); return registryObjectsOperationProcessed; }
public IEnumerable<ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables) { var groupNames = this.processVariables(objectType, variables); if (groupNames == null) return new List<ItemType>(); var derivedGroupNames = this.processOperation(objectType, groupNames.ToArray()); return this.createGroupItemsToCollect(derivedGroupNames.ToList()); }
public virtual IEnumerable<ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables) { var fileEffectiveRights53Object = (fileeffectiverights53_object)objectType; if (fileEffectiveRights53Object.HasVariableDefined()) { var objectTypes = new FileEffectiveRights53EntityVariableEvaluator(variables).ProcessVariables(objectType); return this.OperationEvaluator.ProcessOperation(objectTypes).ToList(); } return OperationEvaluator.ProcessOperation(fileEffectiveRights53Object).ToList(); }
public virtual IEnumerable<ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables) { var itemsToCollect = new List<ItemType>(); var fileObjects = new FileAuditedPermissionsVariableEvaluator(variables).ProcessVariables(objectType); foreach (var fileObject in fileObjects) { var processedItems = this.ProcessOperation((fileauditedpermissions53_object)fileObject); itemsToCollect.AddRange(processedItems); } return itemsToCollect; }
public virtual IEnumerable<ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables) { var itemsToCollect = new List<ItemType>(); var xmlFileObjects = new XmlFileContentVariableEvaluator(variables).ProcessVariables(objectType); foreach (var xmlFileContentObject in xmlFileObjects) { var processedItems = this.ProcessOperation((xmlfilecontent_object)xmlFileContentObject); itemsToCollect.AddRange(processedItems); } return itemsToCollect; }
private IEnumerable<String> processVariables(Definitions.ObjectType objectType, VariablesEvaluated variables) { string groupNameEntityValue = ((group_object)objectType).Group.Value; if ((variables == null) || (variables.VariableValues.Count() == 0)) return new List<String>(new string[] { groupNameEntityValue }); else { var variableEvaluator = new GroupEntityVariableEvaluator(objectType, variables); var processedVariables = variableEvaluator.ProcessVariableForAllObjectEntities(); return (processedVariables == null) ? null : processedVariables; } }
public IEnumerable<String> ProcessVariablesForTypeFilePathEntities(Definitions.ObjectType objectType) { textfilecontent54_object fileContentObj = (textfilecontent54_object)objectType; var variablesFromFilePath = this.EvaluateVariableForEntity(fileContentObj, textfilecontent54_ItemsChoices.filepath); if ((variablesFromFilePath != null) && (variablesFromFilePath.Count() > 0)) return variablesFromFilePath; var variablesFromPath = this.EvaluateVariableForEntity(fileContentObj, textfilecontent54_ItemsChoices.path); var variablesFromFilename = this.EvaluateVariableForEntity(fileContentObj, textfilecontent54_ItemsChoices.filename); return this.CreateFilePathsListByCombinationOfEntities(variablesFromPath, variablesFromFilename); }
private IEnumerable<String> processVariables(Definitions.ObjectType objectType, VariablesEvaluated variables) { var trusteeSIDEntityValue = ((sid_sid_object)objectType).TrusteeSID.Value; if ((variables == null) || (variables.VariableValues.Count() == 0)) return new string[] { trusteeSIDEntityValue }; else { var variableEvaluator = new SID_SID_EntityVariableEvaluator(objectType, variables); var processedVariables = variableEvaluator.ProcessVariableForAllObjectEntities(); return (processedVariables == null) ? null : processedVariables.ToList(); } }
/// <summary> /// Creates a items to collect from given object type. /// </summary> /// <param name="objectType">Type of the object.</param> /// <returns>A list of ItemType</returns> public virtual IEnumerable<ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables) { var variableEvaluator = new FileEffectiveRightsVariableEvaluator(variables); var operationEvaluator = new FileEffectiveRightsOperationEvaluator(SystemDataSource, FileProvider); var fileEffectiveRights = (fileeffectiverights_object)objectType; if (fileEffectiveRights.HasVariableDefined()) { var objects = variableEvaluator.ProcessVariables(objectType); return operationEvaluator.ProcessOperation(objects).ToList(); } return operationEvaluator.ProcessOperation(fileEffectiveRights).ToList(); }
public IEnumerable<ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables) { var variableId = ((variable_object)objectType).GetItemValue().ToString(); var variableValues = variables.GetVariableValueForVariableId(variableId); if (HasVariableValues(variables.VariableValues)) { var variable = variableValues.FirstOrDefault(var => var.VariableId.Equals(variableId)); if (variable != null && variable.values != null && variable.values.Count() > 0) return new ItemType[] { this.CreateVariableItem(variableId) }; } return new ItemType[] { }; }
public virtual IEnumerable<ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables) { var variableEvaluator = new VariableEntityEvaluator(variables); var namespaceEntity = (EntityObjectStringType)((wmi_object)objectType).GetItemValue(wmi_object_ItemsChoices.@namespace); var wqlEntity = (EntityObjectStringType)((wmi_object)objectType).GetItemValue(wmi_object_ItemsChoices.wql); var namespaces = variableEvaluator.EvaluateVariableForEntity(namespaceEntity); var wqls = variableEvaluator.EvaluateVariableForEntity(wqlEntity); var itemsToCollect = new List<ItemType>(); foreach (var ns in namespaces) foreach (var wql in wqls) itemsToCollect.Add(this.CreateWmiItem(ns, wql)); return itemsToCollect; }
public virtual IEnumerable<ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated evaluatedVariables) { var textFileContentObject = (textfilecontent54_object)objectType; if (textFileContentObject.HasVariableDefined()) { var variableEvaluator = new TextFileContentEntityVariableEvaluator(evaluatedVariables); var objectTypes = variableEvaluator.ProcessVariables(objectType); return this.OperationEvaluator.ProcessOperation(objectTypes).ToList(); } else { return this.OperationEvaluator.ProcessOperation(textFileContentObject).ToList(); } }
public virtual IEnumerable<ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated evaluatedVariables) { var textFileContentObject = (textfilecontent_object)objectType; var operationEvaluator = new FileContentEntityOperationEvaluator( this.FileContentSystemDataSource, WindowsFileProvider); if (textFileContentObject.HasVariableDefined()) { var fileContentEntityVariableEvaluator = new FileContentEntityVariableEvaluator(evaluatedVariables); var objectTypes = fileContentEntityVariableEvaluator.ProcessVariables((textfilecontent_object)objectType); return operationEvaluator.ProcessOperation(objectTypes).ToList(); } else return operationEvaluator.ProcessOperation(textFileContentObject).ToList(); }
public IEnumerable<ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables) { var sapcodeObjectType = (sapcode_object)objectType; var variableEvaluator = new VariableEntityEvaluator(variables); var issues = variableEvaluator.EvaluateVariableForEntity(((EntitySimpleBaseType)sapcodeObjectType.Items[sapcodeObjectType.ItemsElementName.ToList().IndexOf(SapCodeObjectItemsChoices.issue)])); var systemNames = variableEvaluator.EvaluateVariableForEntity(((EntitySimpleBaseType)sapcodeObjectType.Items[sapcodeObjectType.ItemsElementName.ToList().IndexOf(SapCodeObjectItemsChoices.system_name)])); var itemList = new List<ItemType>(); foreach (var systemName in systemNames) foreach (var issueNumber in issues) itemList.Add(new sapcode_item() { issue = OvalHelper.CreateItemEntityWithIntegerValue(issueNumber), system_name = OvalHelper.CreateItemEntityWithIntegerValue(systemName) }); return itemList.ToArray(); }
public virtual IEnumerable<ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables) { var processedGroupSIDs = this.processVariables(objectType, variables); if (processedGroupSIDs == null) return null; processedGroupSIDs = this.ApplyOperations(objectType, processedGroupSIDs); var itemsToCollect = new List<ItemType>(); foreach (var groupSID in processedGroupSIDs) { var newItemToCollect = new group_sid_item() { group_sid = OvalHelper.CreateItemEntityWithStringValue(groupSID) }; itemsToCollect.Add(newItemToCollect); } return itemsToCollect; }
private IEnumerable<string> processOperation(Definitions.ObjectType objectType, IEnumerable<String> evalutedVariables) { var trusteeEntity = ((sid_sid_object)objectType).TrusteeSID; var entityOperation = trusteeEntity.operation; var trusteeSIDs = string.IsNullOrEmpty(trusteeEntity.var_ref) ? new string[] { trusteeEntity.Value } : evalutedVariables.ToArray(); var operationResult = new List<String>(); foreach (var trusteeSID in trusteeSIDs) { var valuesToApply = (this.getValuesToApplyOperation(entityOperation, trusteeSID)).ToArray(); if (entityOperation == OperationEnumeration.patternmatch) operationResult.AddRange(new MultiLevelPatternMatchOperation(FamilyEnumeration.windows).applyPatternMatch(trusteeSID, valuesToApply)); else operationResult.AddRange(this.EvaluateOperationsDifferentsOfPatternMatch(entityOperation, trusteeSID, valuesToApply)); } return operationResult; }
/// <summary> /// Creates a items to collect from given object type. /// </summary> /// <param name="objectType">Type of the object.</param> /// <returns>A list of ItemType</returns> public virtual IList<ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables) { this.CreateEvaluators(variables); var objectTypes = new Definitions.ObjectType[] { objectType }; if (this.HasVariableDefined(objectType)) { if (objectType is OVAL.Definitions.Unix.file_object) objectTypes = this.FileVariableEvaluator.ProcessVariables((OVAL.Definitions.Unix.file_object)objectType).ToArray(); else objectTypes = this.FileVariableEvaluator.ProcessVariables((OVAL.Definitions.Windows.file_object)objectType).ToArray(); } var itemsToCollect = this.OperationEvaluator.ProcessOperation(objectTypes).ToList(); this.OperationEvaluator = null; this.FileVariableEvaluator = null; return itemsToCollect; }
private IEnumerable<string> processOperation(Definitions.ObjectType objectType, IEnumerable<String> evalutedVariables) { var groupEntity = ((group_object)objectType).Group; var entityOperation = groupEntity.operation; string[] groupNames = string.IsNullOrEmpty(groupEntity.var_ref) ? new string[] { groupEntity.Value } : evalutedVariables.ToArray(); var operationResult = new List<String>(); foreach (var groupName in groupNames) { string[] valuesToApply = (this.getValuesToApplyOperation(entityOperation, groupName)).ToArray(); if (entityOperation == OperationEnumeration.patternmatch) { var multiLevelOperation = new MultiLevelPatternMatchOperation(FamilyEnumeration.windows); operationResult.AddRange(multiLevelOperation.applyPatternMatch(groupName, valuesToApply)); } else operationResult.AddRange(this.EvaluateOperationsDifferentsOfPatternMatch(entityOperation, groupName, valuesToApply)); } return operationResult; }
/// <summary> /// Generates concrete items type to collect from object type. /// </summary> public virtual IEnumerable<ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables) { var itemsToCollect = new List<ItemType>(); var variableEvaluator = new RegKeyEffectiveRightsVariableEvaluator(objectType, variables); var hiveValue = variableEvaluator.AllObjectEntities[HiveEntityValue].Value; var processedKeys = variableEvaluator.TryToProcessObjectEntity(KeyEntityName); if (processedKeys != null) processedKeys = this.OperationEvaluator.ProcessOperationForKeyEntity(objectType, processedKeys.ToArray()); if (processedKeys == null) return new ItemType[] { }; var processedTrustees = variableEvaluator.TryToProcessObjectEntity(TrusteeSIDEntityName); var trusteeSidEntity = variableEvaluator.AllObjectEntities[TrusteeSIDEntityName]; if (processedTrustees == null) return new ItemType[] { }; foreach (var regKey in processedKeys) { foreach (var sid in processedTrustees) { if (trusteeSidEntity.operation.Equals(OperationEnumeration.equals)) { var newItemToCollect = this.createRegKeyEffectiveRights(hiveValue, regKey, sid); newItemToCollect.status = StatusEnumeration.notcollected; itemsToCollect.Add(newItemToCollect); } else { var alreadyCollectedItems = ObjectCollector.CollectItemsApplyingOperation(hiveValue, regKey, sid, trusteeSidEntity.operation); itemsToCollect.AddRange(alreadyCollectedItems); } } } return itemsToCollect; }
protected override set GetSetElement(Definitions.ObjectType objectType) { var variableObject = (variable_object)objectType; return variableObject.HasTheSetElement() ? (set)variableObject.Items.OfType<set>().First() : null; }
public static string GetFullFilePathFromObjectType(Defs::ObjectType objectType) { var allEntities = (objectType is file_object) ? OvalHelper.GetFileEntitiesFromObjectType((file_object)objectType) : OvalHelper.GetFileEffectiveRightsFromObjectType((fileeffectiverights_object)objectType); string fullFilePath = string.Empty; if (OvalHelper.IsFilePathEntityDefined(allEntities)) fullFilePath = allEntities[file_object_ItemsChoices.filepath.ToString()].Value; if (string.IsNullOrEmpty(fullFilePath)) { string path = allEntities[file_object_ItemsChoices.path.ToString()].Value; string filename = allEntities[file_object_ItemsChoices.filename.ToString()].Value; fullFilePath = string.Format(@"{0}\{1}", path, filename); } return fullFilePath; }