private RegistryProber GetMockedRegistryProber(registry_item fakeItem)
{
var fakeValues = new List <String>(new string[] { "FakeValue" });
var fakeCollectedItems = new CollectedItem[] { ProbeHelper.CreateFakeCollectedItem(fakeItem) };
MockRepository mocks = new MockRepository();
var fakeConnection = mocks.DynamicMock <IConnectionManager>();
var fakeSystemInformation = mocks.DynamicMock <ISystemInformationService>();
var fakeProvider = mocks.DynamicMock <RegistryConnectionProvider>();
var fakeWmiProvider = new WmiDataProviderExpectFactory().GetFakeWmiDataProviderForTestInvokeMethodEnumKeyWithReturnSuccess();
var fakeDataCollector = mocks.DynamicMock <RegistryObjectCollector>();
fakeDataCollector.WmiDataProvider = fakeWmiProvider;
var registryItemTypeGeneration = new RegistryItemTypeGenerator()
{
SystemDataSource = fakeDataCollector, WmiDataProvider = fakeWmiProvider
};
Expect.Call(fakeConnection.Connect <RegistryConnectionProvider>(null, null)).IgnoreArguments().Repeat.Any().Return(fakeProvider);
Expect.Call(fakeDataCollector.CollectDataForSystemItem(fakeItem)).IgnoreArguments().Repeat.Any().Return(fakeCollectedItems);
Expect.Call(fakeDataCollector.GetValues(null)).IgnoreArguments().Repeat.Any().Return(fakeValues);
Expect.Call(fakeSystemInformation.GetSystemInformationFrom(null)).IgnoreArguments().Return(SystemInformationFactory.GetExpectedSystemInformation());
mocks.ReplayAll();
return(new RegistryProber()
{
ConnectionManager = fakeConnection, ObjectCollector = fakeDataCollector, ItemTypeGenerator = registryItemTypeGeneration
});
}
public void Should_be_possible_to_generate_itemTypes_from_objectTypes()
{
var ovalObject = WindowsTestHelper.GetObjectFromDefinitions(DEFINITIONS_WITH_LOCAL_VARIABLE, OBJ_MITRE_3000_ID);
var fakeDataSource = WindowsTestHelper.GetDataSourceFakewithoutRegex();
var wmiDataProvider = new WmiDataProviderExpectFactory().GetFakeWmiDataProviderForTestInvokeMethodEnumKeyWithReturnSuccess();
var fakeRegistryKeyPath = new List <string>()
{
@"Software\Microsoft\Windows NT\CurrentVersion"
};
var variable = new VariableValue(ovalObject.id, VAR_MITRE_3000_ID, fakeRegistryKeyPath);
var variables = new VariablesEvaluated(new List <VariableValue>()
{
variable
});
RegistryItemTypeGenerator itemGenerator = new RegistryItemTypeGenerator()
{
SystemDataSource = fakeDataSource, WmiDataProvider = wmiDataProvider
};
IEnumerable <ItemType> itemsToCollect = itemGenerator.GetItemsToCollect(ovalObject, variables);
Assert.AreEqual(1, itemsToCollect.Count(), "the quantity of items is not expected");
this.AssertGeneratedRegistryItem(itemsToCollect.ElementAt(0), "HKEY_LOCAL_MACHINE", @"Software\Microsoft\Windows NT\CurrentVersion", "CurrentVersion");
}
public void Should_be_possible_to_define_a_not_equals_operation_on_the_keyEntity()
{
string hiveHKLM = eHiveNames.HKEY_LOCAL_MACHINE.ToString();
string startKey = "SOFTWARE\\Adobe";
var ovalObject = WindowsTestHelper.GetObjectFromDefinitions("definitionsWithLocalVariable.xml", "oval:modulo:obj:6000");
var fakeDataSource =
new SystemDataSourceFactory()
.GetDataSourceFakeWithSpecificNames(startKey, new string[] { "Acrobat Reader\\9.0\\Installer",
"Acrobat Reader\\9.0\\InstallPath",
"Acrobat Reader\\Language\\current",
"Adobe Air\\FileTypeRegistration",
"Adobe Air\\Repair\\9.0\\IOD" });
var wmiDataProvider = new WmiDataProviderExpectFactory().GetFakeWmiDataProviderForTestInvokeMethodEnumKeyWithReturnSuccess();
var itemGenerator = new RegistryItemTypeGenerator()
{
SystemDataSource = fakeDataSource, WmiDataProvider = wmiDataProvider
};
var itemsToCollect = itemGenerator.GetItemsToCollect(ovalObject, VariableHelper.CreateEmptyEvaluatedVariables()).Cast <registry_item>();
Assert.AreEqual(2, itemsToCollect.Count());
this.AssertGeneratedRegistryItem(itemsToCollect.ElementAt(0), hiveHKLM, "SOFTWARE\\Adobe\\Adobe Air\\FileTypeRegistration", "Path");
this.AssertGeneratedRegistryItem(itemsToCollect.ElementAt(1), hiveHKLM, "SOFTWARE\\Adobe\\Repair\\9.0\\IOD", "Path");
}
public void Should_be_possible_to_generate_itemTypes_from_objectTypes_with_variables()
{
string hiveHKLM = eHiveNames.HKEY_LOCAL_MACHINE.ToString();
string key = @"Software\Microsoft\Windows NT\CurrentVersion";
string name = "CurrentType";
var ovalObject = WindowsTestHelper.GetObjectFromDefinitions("definitionsWithLocalVariable.xml", "oval:org.mitre.oval:obj:4000");
BaseObjectCollector fakeDataSource = WindowsTestHelper.GetDataSourceFakewithoutRegex();
WmiDataProvider wmiDataProvider = new WmiDataProviderExpectFactory().GetFakeWmiDataProviderForTestInvokeMethodEnumKeyWithReturnSuccess();
VariableValue variable = new VariableValue(ovalObject.id, "oval:org.mitre.oval:var:4000", new List <string>()
{
key
});
VariablesEvaluated variables = new VariablesEvaluated(new List <VariableValue>()
{
variable
});
var itemGenerator = new RegistryItemTypeGenerator()
{
SystemDataSource = fakeDataSource, WmiDataProvider = wmiDataProvider
};
var itemsToCollect = itemGenerator.GetItemsToCollect(ovalObject, variables);
Assert.IsTrue(itemsToCollect.Count() == 1, "the quantity of items is not expected");
this.AssertGeneratedRegistryItem(itemsToCollect.ElementAt(0), hiveHKLM, key, name);
}
public void Should_be_possible_to_create_a_system_information_with_data_about_the_hostName()
{
WmiDataProviderExpectFactory wmiFactory = new WmiDataProviderExpectFactory();
WindowsSystemInformationFactory factory = new WindowsSystemInformationFactory();
SystemInformation systemInformation = factory.CreateSystemInformation(
wmiFactory.GetWmiObjectsForComputerSystemQuery(),
wmiFactory.GetWmiObjectsForOperatingSystemQuery(),
wmiFactory.GetWmiObjectsForNetworkInterfaces());
Assert.AreEqual("mss-rj-220.mss.modulo.com.br", systemInformation.PrimaryHostName, "the primaryHostName is not expected");
Assert.AreEqual("INTEL32", systemInformation.Architecture, "the architecture is not expected");
}
public void Should_be_possible_to_create_a_system_information_with_data_about_the_operationalSystem()
{
WmiDataProviderExpectFactory wmiFactory = new WmiDataProviderExpectFactory();
WindowsSystemInformationFactory factory = new WindowsSystemInformationFactory();
SystemInformation systemInformation = factory.CreateSystemInformation(
wmiFactory.GetWmiObjectsForComputerSystemQuery(),
wmiFactory.GetWmiObjectsForOperatingSystemQuery(),
wmiFactory.GetWmiObjectsForNetworkInterfaces());
Assert.AreEqual("Microsoft Windows Server 2008 Enterprise SP2", systemInformation.SystemName, "the systemName is not expected");
Assert.AreEqual("6.0.6002", systemInformation.SystemVersion, "the systemVersion is not expected");
}
public void Should_be_possible_to_create_a_system_information_with_data_about_the_networkInterfaces()
{
WmiDataProviderExpectFactory wmiFactory = new WmiDataProviderExpectFactory();
WindowsSystemInformationFactory factory = new WindowsSystemInformationFactory();
SystemInformation systemInformation = factory.CreateSystemInformation(
wmiFactory.GetWmiObjectsForComputerSystemQuery(),
wmiFactory.GetWmiObjectsForOperatingSystemQuery(),
wmiFactory.GetWmiObjectsForNetworkInterfaces());
Assert.IsNotNull(systemInformation.Interfaces, "the interfaces is not created");
Assert.AreEqual(systemInformation.Interfaces.Count, 1, "the quantity of interfaces is not expected");
Assert.AreEqual("172.16.3.166", systemInformation.Interfaces[0].IpAddress, "the ip address is not expected");
Assert.AreEqual("00 - 23 - AE - B6 - 6F - BF", systemInformation.Interfaces[0].MacAddress, "the mac address is not expected");
Assert.AreEqual("Intel(R) 82567LM-3 Gigabit Network Connection", systemInformation.Interfaces[0].Name, "the name is not expected");
}
public void Should_be_possible_to_generate_itemTypes_from_objectTypes_with_regex_operation()
{
string hiveHKLM = eHiveNames.HKEY_LOCAL_MACHINE.ToString();
string startKey = "SOFTWARE\\Microsoft\\Windows";
var obj50003 = WindowsTestHelper.GetObjectFromDefinitions(DEFINITIONS_REGEX_ON_VALUE, OBJ_50003_ID);
BaseObjectCollector fakeDataSource = WindowsTestHelper.GetDataSourceFakeWithRegex(startKey, 2);
WmiDataProvider wmiDataProvider = new WmiDataProviderExpectFactory().GetFakeWmiDataProviderForTestInvokeMethodEnumKeyWithReturnSuccess();
RegistryItemTypeGenerator itemGenerator = new RegistryItemTypeGenerator()
{
SystemDataSource = fakeDataSource, WmiDataProvider = wmiDataProvider
};
var itemsToCollect = itemGenerator.GetItemsToCollect(obj50003, VariableHelper.CreateEmptyEvaluatedVariables()).Cast <registry_item>();
Assert.AreEqual(4, itemsToCollect.Count());
this.AssertGeneratedRegistryItem(itemsToCollect.ElementAt(0), hiveHKLM, "SOFTWARE\\Microsoft\\Windows\\CurrentBuild", "CurrentBuild");
this.AssertGeneratedRegistryItem(itemsToCollect.ElementAt(1), hiveHKLM, "SOFTWARE\\Microsoft\\Windows\\CurrentBuild", "LastBuild");
this.AssertGeneratedRegistryItem(itemsToCollect.ElementAt(2), hiveHKLM, "SOFTWARE\\Microsoft\\Windows\\CurrentVersion", "CurrentBuild");
this.AssertGeneratedRegistryItem(itemsToCollect.ElementAt(3), hiveHKLM, "SOFTWARE\\Microsoft\\Windows\\CurrentVersion", "LastBuild");
}
