private regkeyeffectiverights_item CreateItemTypeFromWinACE(object collectedData, string regHive, string regKey, string collectedSid) { WMIWinACE systemData = (WMIWinACE)collectedData; return(new regkeyeffectiverights_item() { status = StatusEnumeration.exists, hive = new EntityItemRegistryHiveType() { Value = regHive }, key = OvalHelper.CreateItemEntityWithStringValue(regKey), trustee_sid = OvalHelper.CreateItemEntityWithStringValue(collectedSid), access_system_security = OvalHelper.CreateBooleanEntityItemFromBoolValue(systemData.ACCESS_SYSTEM_SECURITY), standard_delete = OvalHelper.CreateBooleanEntityItemFromBoolValue(systemData.DELETE), standard_read_control = OvalHelper.CreateBooleanEntityItemFromBoolValue(systemData.READ_CONTROL), standard_synchronize = OvalHelper.CreateBooleanEntityItemFromBoolValue(systemData.SYNCHRONIZE), standard_write_dac = OvalHelper.CreateBooleanEntityItemFromBoolValue(systemData.WRITE_DAC), standard_write_owner = OvalHelper.CreateBooleanEntityItemFromBoolValue(systemData.WRITE_OWNER), generic_all = OvalHelper.CreateBooleanEntityItemFromBoolValue(systemData.GENERIC_ALL), generic_execute = OvalHelper.CreateBooleanEntityItemFromBoolValue(systemData.GENERIC_EXECUTE), generic_read = OvalHelper.CreateBooleanEntityItemFromBoolValue(systemData.GENERIC_READ), generic_write = OvalHelper.CreateBooleanEntityItemFromBoolValue(systemData.GENERIC_WRITE), key_create_link = OvalHelper.CreateBooleanEntityItemFromBoolValue(systemData.KEY_CREATE_LINK), key_create_sub_key = OvalHelper.CreateBooleanEntityItemFromBoolValue(systemData.KEY_CREATE_SUB_KEY), key_enumerate_sub_keys = OvalHelper.CreateBooleanEntityItemFromBoolValue(systemData.KEY_ENUMERATE_SUB_KEYS), key_notify = OvalHelper.CreateBooleanEntityItemFromBoolValue(systemData.KEY_NOTIFY), key_query_value = OvalHelper.CreateBooleanEntityItemFromBoolValue(systemData.KEY_QUERY_VALUE), key_set_value = OvalHelper.CreateBooleanEntityItemFromBoolValue(systemData.KEY_SET_VALUE), key_wow64_32key = OvalHelper.CreateBooleanEntityItemFromBoolValue(systemData.KEY_WOW64_32KEY), key_wow64_64key = OvalHelper.CreateBooleanEntityItemFromBoolValue(systemData.KEY_WOW64_64KEY) }); }
public void FillItemTypeWithData(user_sid_item userSidToFill, object collectedData) { var allUserGroupSIDs = ((WindowsUserAccount)collectedData).GroupSIDs; userSidToFill.enabled = OvalHelper.CreateBooleanEntityItemFromBoolValue(((WindowsUserAccount)collectedData).UserEnabled); userSidToFill.group_sid = new EntityItemStringType[allUserGroupSIDs.Count]; for (int i = 0; i < allUserGroupSIDs.Count; i++) { var newGroupSIDEntity = OvalHelper.CreateItemEntityWithStringValue(allUserGroupSIDs[i]); userSidToFill.group_sid[i] = newGroupSIDEntity; } }
private user_sid_item CreateCollectedUserItem(string userSID, bool?userEnabled, IEnumerable <string> groupSIDs) { var groupEntities = groupSIDs.Select(group => new EntityItemStringType() { Value = group }); return(new user_sid_item() { status = StatusEnumeration.exists, user_sid = OvalHelper.CreateItemEntityWithStringValue(userSID), enabled = OvalHelper.CreateBooleanEntityItemFromBoolValue((bool)userEnabled), group_sid = groupEntities.ToArray() }); }
private user_item CreateUserItem(StatusEnumeration itemStatus) { var newUserItem = new user_item() { status = itemStatus, user = OvalHelper.CreateItemEntityWithStringValue(EVERYONE_USER) }; if (itemStatus.Equals(StatusEnumeration.exists)) { newUserItem.enabled = OvalHelper.CreateBooleanEntityItemFromBoolValue(true); newUserItem.group = new EntityItemStringType[] { OvalHelper.CreateItemEntityWithStringValue("g1") }; } return(newUserItem); }
private void FillCollectedItemFromUserWinACEs( fileeffectiverights_item fileEffectiveRightsItem, object managementWinACEs) { var userTrusteeName = fileEffectiveRightsItem.trustee_name.Value; var daclDisassembler = new WindowsSecurityDescriptorDisassembler(SecurityDescriptorType.DACL); var userDACLs = daclDisassembler.GetSecurityDescriptorsFromManagementObject(managementWinACEs, userTrusteeName, this.WmiDataProvider); var userEffectiveRights = this.CalculateUserEffectiveRightsForItem(userDACLs); if (userEffectiveRights == null) { throw new UserNotFoundException(); } this.AdjustGenericRights(userEffectiveRights); fileEffectiveRightsItem.trustee_name = null; fileEffectiveRightsItem.trustee_sid = OvalHelper.CreateItemEntityWithStringValue(userEffectiveRights.Trustee.SIDString); #region Setting File Effective Rights Entities fileEffectiveRightsItem.access_system_security = OvalHelper.CreateBooleanEntityItemFromBoolValue(userEffectiveRights.ACCESS_SYSTEM_SECURITY); fileEffectiveRightsItem.file_append_data = OvalHelper.CreateBooleanEntityItemFromBoolValue(userEffectiveRights.FILE_APPEND_DATA); fileEffectiveRightsItem.file_delete_child = OvalHelper.CreateBooleanEntityItemFromBoolValue(userEffectiveRights.FILE_DELETE_CHILD); fileEffectiveRightsItem.file_execute = OvalHelper.CreateBooleanEntityItemFromBoolValue(userEffectiveRights.FILE_EXECUTE); fileEffectiveRightsItem.file_read_attributes = OvalHelper.CreateBooleanEntityItemFromBoolValue(userEffectiveRights.FILE_READ_ATTRIBUTES); fileEffectiveRightsItem.file_read_data = OvalHelper.CreateBooleanEntityItemFromBoolValue(userEffectiveRights.FILE_READ_DATA); fileEffectiveRightsItem.file_read_ea = OvalHelper.CreateBooleanEntityItemFromBoolValue(userEffectiveRights.FILE_READ_EA); fileEffectiveRightsItem.file_write_attributes = OvalHelper.CreateBooleanEntityItemFromBoolValue(userEffectiveRights.FILE_WRITE_ATTRIBUTES); fileEffectiveRightsItem.file_write_data = OvalHelper.CreateBooleanEntityItemFromBoolValue(userEffectiveRights.FILE_WRITE_DATA); fileEffectiveRightsItem.file_write_ea = OvalHelper.CreateBooleanEntityItemFromBoolValue(userEffectiveRights.FILE_WRITE_EA); fileEffectiveRightsItem.generic_all = OvalHelper.CreateBooleanEntityItemFromBoolValue(userEffectiveRights.GENERIC_ALL); fileEffectiveRightsItem.generic_execute = OvalHelper.CreateBooleanEntityItemFromBoolValue(userEffectiveRights.GENERIC_EXECUTE); fileEffectiveRightsItem.generic_read = OvalHelper.CreateBooleanEntityItemFromBoolValue(userEffectiveRights.GENERIC_READ); fileEffectiveRightsItem.generic_write = OvalHelper.CreateBooleanEntityItemFromBoolValue(userEffectiveRights.GENERIC_WRITE); fileEffectiveRightsItem.standard_delete = OvalHelper.CreateBooleanEntityItemFromBoolValue(userEffectiveRights.DELETE); fileEffectiveRightsItem.standard_read_control = OvalHelper.CreateBooleanEntityItemFromBoolValue(userEffectiveRights.READ_CONTROL); fileEffectiveRightsItem.standard_synchronize = OvalHelper.CreateBooleanEntityItemFromBoolValue(userEffectiveRights.SYNCHRONIZE); fileEffectiveRightsItem.standard_write_dac = OvalHelper.CreateBooleanEntityItemFromBoolValue(userEffectiveRights.WRITE_DAC); fileEffectiveRightsItem.standard_write_owner = OvalHelper.CreateBooleanEntityItemFromBoolValue(userEffectiveRights.WRITE_OWNER); #endregion }
protected override IEnumerable <CollectedItem> collectDataForSystemItem(ItemType systemItem) { if (systemItem.status.Equals(StatusEnumeration.notcollected)) { var userToBeCollected = ((user_item)systemItem).user.Value; try { var collectedUser = this.WindowsAccountProvider.GetUserByName(userToBeCollected); systemItem = new user_item() { status = StatusEnumeration.exists, user = OvalHelper.CreateItemEntityWithStringValue(collectedUser.Name), enabled = OvalHelper.CreateBooleanEntityItemFromBoolValue((bool)collectedUser.Enabled), }; var userGroups = this.WindowsAccountProvider.GetUserGroups(userToBeCollected, AccountSearchReturnType.Name); if (userGroups.Count() > 0) { ((user_item)systemItem).group = userGroups.Select(grp => new EntityItemStringType() { Value = grp }).ToArray(); } else { ((user_item)systemItem).group = new EntityItemStringType[] { new EntityItemStringType() { status = StatusEnumeration.doesnotexist } } }; } catch (WindowsUserNotFound) { systemItem.status = StatusEnumeration.doesnotexist; ((user_item)systemItem).user.status = systemItem.status; } } return(new ItemTypeHelper().CreateCollectedItemsWithOneItem(systemItem, BuildExecutionLog())); }
protected override IEnumerable <CollectedItem> collectDataForSystemItem(Modulo.Collect.OVAL.SystemCharacteristics.ItemType systemItem) { var fileItem = (file_item)systemItem; try { var completeFilepath = GetCompleteFilepath(fileItem); var collectedVariableValue = this.TryToCollectFile(completeFilepath); var shortFileTime = this.ToShortFileTime(collectedVariableValue.LastModified); fileItem.m_time = OvalHelper.CreateItemEntityWithIntegerValue(shortFileTime); fileItem.filepath = OvalHelper.CreateItemEntityWithStringValue(completeFilepath); fileItem.size = OvalHelper.CreateItemEntityWithIntegerValue(collectedVariableValue.FileSize.ToString()); fileItem.type = OvalHelper.CreateItemEntityWithStringValue(collectedVariableValue.FileType); fileItem.suid = OvalHelper.CreateBooleanEntityItemFromBoolValue((collectedVariableValue.Mode & 0x0800) != 0); fileItem.sgid = OvalHelper.CreateBooleanEntityItemFromBoolValue((collectedVariableValue.Mode & 0x0400) != 0); fileItem.sticky = OvalHelper.CreateBooleanEntityItemFromBoolValue((collectedVariableValue.Mode & 0x0200) != 0); fileItem.uread = OvalHelper.CreateBooleanEntityItemFromBoolValue((collectedVariableValue.Mode & 0x0100) != 0); fileItem.uwrite = OvalHelper.CreateBooleanEntityItemFromBoolValue((collectedVariableValue.Mode & 0x0080) != 0); fileItem.uexec = OvalHelper.CreateBooleanEntityItemFromBoolValue((collectedVariableValue.Mode & 0x0040) != 0); fileItem.gread = OvalHelper.CreateBooleanEntityItemFromBoolValue((collectedVariableValue.Mode & 0x0020) != 0); fileItem.gwrite = OvalHelper.CreateBooleanEntityItemFromBoolValue((collectedVariableValue.Mode & 0x0010) != 0); fileItem.gexec = OvalHelper.CreateBooleanEntityItemFromBoolValue((collectedVariableValue.Mode & 0x0008) != 0); fileItem.oread = OvalHelper.CreateBooleanEntityItemFromBoolValue((collectedVariableValue.Mode & 0x0004) != 0); fileItem.owrite = OvalHelper.CreateBooleanEntityItemFromBoolValue((collectedVariableValue.Mode & 0x0002) != 0); fileItem.oexec = OvalHelper.CreateBooleanEntityItemFromBoolValue((collectedVariableValue.Mode & 0x0001) != 0); fileItem.group_id = OvalHelper.CreateItemEntityWithIntegerValue(collectedVariableValue.Group); fileItem.user_id = OvalHelper.CreateItemEntityWithIntegerValue(collectedVariableValue.Owner); } catch (FileNotExistsException) { base.SetDoesNotExistStatusForItemType(systemItem, String.Format("{0}/{1}", fileItem.path.Value, fileItem.filename.Value)); } return(new ItemTypeHelper().CreateCollectedItemsWithOneItem(systemItem, BuildExecutionLog())); }
private ItemType CreateUserItemFromWindowsAccount(WindowsAccount windowsAccount) { var groups = new EntityItemStringType[] { new EntityItemStringType() { status = StatusEnumeration.doesnotexist } }; if (windowsAccount.Members.HasItems()) { groups = windowsAccount.Members.Select(g => new EntityItemStringType() { Value = g.Name }).ToArray(); } return(new user_item() { status = StatusEnumeration.exists, user = OvalHelper.CreateItemEntityWithStringValue(windowsAccount.Name), enabled = OvalHelper.CreateBooleanEntityItemFromBoolValue(windowsAccount.Enabled), group = groups }); }
protected override IEnumerable <CollectedItem> collectDataForSystemItem(ItemType systemItem) { this.CreateRunLevelsCollectorInstance(); var runLevelItem = (runlevel_item)systemItem; try { var collectedVariableValue = this.TryToCollectRunLevel(runLevelItem.service_name.Value, runLevelItem.runlevel.Value); runLevelItem.start = OvalHelper.CreateBooleanEntityItemFromBoolValue(collectedVariableValue.Start); runLevelItem.kill = OvalHelper.CreateBooleanEntityItemFromBoolValue(collectedVariableValue.Kill); } catch (ServiceNotExistsException) { base.SetDoesNotExistStatusForItemType(systemItem, runLevelItem.service_name.Value); } catch (NoRunLevelDataException) { base.SetDoesNotExistStatusForItemType(systemItem, "AnyRunLevelDataAtAll"); } return(new ItemTypeHelper().CreateCollectedItemsWithOneItem(runLevelItem, BuildExecutionLog())); }
protected override IEnumerable <CollectedItem> collectDataForSystemItem(ItemType systemItem) { if (systemItem.status.Equals(StatusEnumeration.notcollected)) { var userSIDItem = ((user_sid_item)systemItem); try { var allUsers = this.WindowsAccountProvider.GetAllGroupByUsers(); var userSidValue = userSIDItem.user_sid.Value; var collectedUserItem = allUsers.Where(user => user.AccountSID.Equals(userSidValue)).FirstOrDefault(); if (collectedUserItem == null) { throw new UserSIDNotFoundException(userSidValue); } systemItem.status = StatusEnumeration.exists; userSIDItem.enabled = OvalHelper.CreateBooleanEntityItemFromBoolValue((bool)collectedUserItem.Enabled); userSIDItem.group_sid = new EntityItemStringType[] { new EntityItemStringType() { status = StatusEnumeration.doesnotexist } }; if ((collectedUserItem.Members != null) && (collectedUserItem.Members.Count() > 0)) { userSIDItem.group_sid = collectedUserItem.Members.Select(grp => OvalHelper.CreateItemEntityWithStringValue(grp.AccountSID)).ToArray(); } } catch (UserSIDNotFoundException) { SetDoesNotExistStatusForItemType(systemItem, userSIDItem.user_sid.Value); ((user_sid_item)systemItem).user_sid.status = StatusEnumeration.doesnotexist; } } return(new ItemTypeHelper().CreateCollectedItemsWithOneItem(systemItem, BuildExecutionLog())); }
public override void FillItemTypeWithData(object collectedData) { WMIWinACE systemData = (WMIWinACE)collectedData; regkeyeffectiverights_item buildingItemType = (regkeyeffectiverights_item)base.BuildingItemType; buildingItemType.access_system_security = OvalHelper.CreateBooleanEntityItemFromBoolValue(systemData.ACCESS_SYSTEM_SECURITY); buildingItemType.standard_delete = OvalHelper.CreateBooleanEntityItemFromBoolValue(systemData.DELETE); buildingItemType.standard_read_control = OvalHelper.CreateBooleanEntityItemFromBoolValue(systemData.READ_CONTROL); buildingItemType.standard_synchronize = OvalHelper.CreateBooleanEntityItemFromBoolValue(systemData.SYNCHRONIZE); buildingItemType.standard_write_dac = OvalHelper.CreateBooleanEntityItemFromBoolValue(systemData.WRITE_DAC); buildingItemType.standard_write_owner = OvalHelper.CreateBooleanEntityItemFromBoolValue(systemData.WRITE_OWNER); buildingItemType.generic_all = OvalHelper.CreateBooleanEntityItemFromBoolValue(systemData.GENERIC_ALL); buildingItemType.generic_execute = OvalHelper.CreateBooleanEntityItemFromBoolValue(systemData.GENERIC_EXECUTE); buildingItemType.generic_read = OvalHelper.CreateBooleanEntityItemFromBoolValue(systemData.GENERIC_READ); buildingItemType.generic_write = OvalHelper.CreateBooleanEntityItemFromBoolValue(systemData.GENERIC_WRITE); buildingItemType.key_create_link = OvalHelper.CreateBooleanEntityItemFromBoolValue(systemData.KEY_CREATE_LINK); buildingItemType.key_create_sub_key = OvalHelper.CreateBooleanEntityItemFromBoolValue(systemData.KEY_CREATE_SUB_KEY); buildingItemType.key_enumerate_sub_keys = OvalHelper.CreateBooleanEntityItemFromBoolValue(systemData.KEY_ENUMERATE_SUB_KEYS); buildingItemType.key_notify = OvalHelper.CreateBooleanEntityItemFromBoolValue(systemData.KEY_NOTIFY); buildingItemType.key_query_value = OvalHelper.CreateBooleanEntityItemFromBoolValue(systemData.KEY_QUERY_VALUE); buildingItemType.key_set_value = OvalHelper.CreateBooleanEntityItemFromBoolValue(systemData.KEY_SET_VALUE); buildingItemType.key_wow64_32key = OvalHelper.CreateBooleanEntityItemFromBoolValue(systemData.KEY_WOW64_32KEY); buildingItemType.key_wow64_64key = OvalHelper.CreateBooleanEntityItemFromBoolValue(systemData.KEY_WOW64_64KEY); }
private EntityItemBoolType CreateFalseEntityItem() { return(OvalHelper.CreateBooleanEntityItemFromBoolValue(false)); }
private EntityItemBoolType CreateTrueEntityItem() { return(OvalHelper.CreateBooleanEntityItemFromBoolValue(true)); }
private void MapDomainPasswrodInformationToPasswordPolicyItemType(passwordpolicy_item passwordItemType, PasswordPolicySamServer.DomainPasswordInformation?passwordInfo) { passwordItemType.password_complexity = OvalHelper.CreateBooleanEntityItemFromBoolValue(passwordInfo.HasValue? (bool?)passwordInfo.Value.PasswordComplex: null); passwordItemType.reversible_encryption = OvalHelper.CreateBooleanEntityItemFromBoolValue(passwordInfo.HasValue ? (bool?)passwordInfo.Value.PasswordReversibleEncryption : null); }