public void Should_be_to_generate_xmlfilecontent_items_from_an_object_with_referenced_variable_on_xpath_entity() { var expectedXpath = @"//bookstore/book/author/text()"; var fakeOvalObject = ProbeHelper.GetDefinitionObjectTypeByID("definitionsSimple", "2315"); var fakeEvaluatedVariables = VariableHelper.CreateVariableWithOneValue(fakeOvalObject.id, "oval:modulo:var:2315", expectedXpath); var mocks = new MockRepository(); var fakeFileProvider = mocks.DynamicMock<IFileProvider>(); var pathOperator = new PathOperatorEvaluator(fakeFileProvider, FamilyEnumeration.windows); var itemTypeGenerator = new XmlFileContentItemTypeGenerator(pathOperator); Expect.Call(fakeFileProvider.FileExists(null)).IgnoreArguments().Return(true); mocks.ReplayAll(); var itemsToCollect = itemTypeGenerator.GetItemsToCollect(fakeOvalObject, fakeEvaluatedVariables).ToArray(); DoBasicAssert(itemsToCollect, 1, typeof(xmlfilecontent_item)); AssertXmlFileItem(itemsToCollect.Single(), @"c:\temp\bools.xml", expectedXpath); }
public void Should_be_possible_to_execute_a_simple_file_collect_defined_with_one_entity() { // Arrange var objectType = ProbeHelper.GetDefinitionObjectTypeByID("definitionsSimple.xml", "oval:modulo:obj:1"); var fakeCollectInfo = ProbeHelper.CreateFakeCollectInfo(new Definitions.ObjectType[] { objectType }, null, null); var fakeWmiObjects = new WmiObject[] { this.createFakeWmiObject() }; var fakeFileItem = this.CreateFakeFileItem("c:\\temp\\file.txt", null, null); var fileProber = this.CreateMockedFileProber(fakeWmiObjects, new ItemType[] { fakeFileItem }, null); // Act var collectedObjects = (List <CollectedObject>)fileProber.Execute(FakeContext, FakeTarget, fakeCollectInfo).CollectedObjects; // Assert Assert.IsNotNull(collectedObjects, "The result of file collect cannot be null"); Assert.IsNotNull(collectedObjects.Single(), string.Format("The object '{0}' was not found.", "oval:modulo:obj:1")); this.AssertCollectedFileItems(collectedObjects.Single(), fakeWmiObjects); this.AssertFilePathEntityExistence((file_item)collectedObjects.Single().SystemData[0]); }
public void Should_be_possible_to_generate_xmlfilecontent_items_from_an_object_with_patternMatch_operation_in_the_middle_of_a_windows_path() { //<xmlfilecontent_object id="oval:modulo:obj:2321"> // <filepath operation="pattern match">c:\temp\.*\usb\devices.xml</filepath> // <xpath>//bookstore/book/price/text()</xpath> //</xmlfilecontent_object> var fakeFilepaths = new string[] { @"c:\temp\hub1\", @"c:\temp\hub2\", @"c:\temp\hub3\" }; var fakeOvalObject = (xmlfilecontent_object)ProbeHelper.GetDefinitionObjectTypeByID("definitionsSimple", "2321"); var xpathObjectEntity = (EntitySimpleBaseType)fakeOvalObject.GetItemValue(xmlfilecontent_ItemsChoices.xpath); var itemTypeGenerator = this.CreateMockedItemTypeGenerator(fakeFilepaths); var itemsToCollect = itemTypeGenerator.GetItemsToCollect(fakeOvalObject, null).ToArray(); DoBasicAssert(itemsToCollect, 3, typeof(xmlfilecontent_item)); AssertXmlFileItem(itemsToCollect.ElementAt(0), @"c:\temp\hub1\usb\devices.xml", xpathObjectEntity.Value); AssertXmlFileItem(itemsToCollect.ElementAt(1), @"c:\temp\hub2\usb\devices.xml", xpathObjectEntity.Value); AssertXmlFileItem(itemsToCollect.ElementAt(2), @"c:\temp\hub3\usb\devices.xml", xpathObjectEntity.Value); }
public void Should_be_possible_execute_a_variable_collect() { var definitions = new LoadOvalDocument().GetFakeOvalDefinitions("definitionsWithConstantVariable.xml"); var objects = definitions.objects.OfType <variable_object>().ToArray(); var variables = this.CreateVariable("oval:modulo:obj:4000", "oval:modulo:var:1002", new string[] { "c:\\temp" }); var collectInfo = ProbeHelper.CreateFakeCollectInfo(objects, variables, null); collectInfo.Variables = variables; var collectedObjects = new VariableProber().Execute(FakeContext, FakeTargetInfo, collectInfo).CollectedObjects; Assert.AreEqual(1, collectedObjects.Count()); Assert.AreEqual(1, collectedObjects.Single().SystemData.Count); var collectedItem = (variable_item)collectedObjects.Single().SystemData.First(); Assert.AreEqual(StatusEnumeration.exists, collectedItem.status); Assert.AreEqual("c:\\temp", collectedItem.value[0].Value); }
public void Should_be_possible_to_execute_a_collect_for_RegKeyEffectiveRights_with_referenced_variable_on_key_entity() { var fakeObjects = new Definitions.ObjectType[] { ProbeHelper.GetDefinitionObjectTypeByID("definitionsSimple", "770") }; string fakeVariableValue = @"SOFTWARE\Microsoft\Windows NT\CurrentVersion"; var fakeEvaluatedVariables = VariableHelper.CreateVariableWithOneValue("oval:modulo:obj:770", "oval:modulo:var:770", fakeVariableValue); var fakeCollectInfo = ProbeHelper.CreateFakeCollectInfo(fakeObjects, fakeEvaluatedVariables, null); var fakeCollectedItems = new CollectedItem[] { ProbeHelper.CreateFakeCollectedItem(new regkeyeffectiverights_item()) }; var prober = this.GetMockedRegKeyEffectiveRightsProber(fakeCollectedItems, null); var proberExecutionResult = prober.Execute(FakeContext, FakeTargetInfo, fakeCollectInfo); this.doBasicProbeResultAssert(proberExecutionResult); CollectedObject collectedObject = proberExecutionResult.CollectedObjects.Single(obj => obj.ObjectType.id.Equals("oval:modulo:obj:770")); this.assertCollectedItemsReferences(collectedObject, (IList <ItemType>)collectedObject.SystemData); Assert.AreEqual(1, collectedObject.SystemData.Count, "Unexpected system data count."); this.assertCollectedItemStatus(collectedObject.ObjectType.reference.ElementAt(0), collectedObject.SystemData[0]); }
public void Should_be_possible_to_generate_xmlfilecontent_items_from_an_object_with_patternMatch_operation_in_the_middle_of_a_unix_path() { //<xmlfilecontent_object id="oval:modulo:obj:2322"> // <path>/etc/gconf/gconf.xml.mandatory</path> // <filename operation="pattern match">.*</filename> // <xpath>/desktop/gnome/volume_manager/automount_media</xpath> //</xmlfilecontent_object> var fakeFilepaths = new string[] { @"file1", @"file2" }; var fakeOvalObject = (xmlfilecontent_object)ProbeHelper.GetDefinitionObjectTypeByID("definitionsSimple", "2322"); var xpathObjectEntity = (EntitySimpleBaseType)fakeOvalObject.GetItemValue(xmlfilecontent_ItemsChoices.xpath); var itemTypeGenerator = this.CreateMockedItemTypeGenerator(fakeFilepaths, false); var itemsToCollect = itemTypeGenerator.GetItemsToCollect(fakeOvalObject, null).ToArray(); DoBasicAssert(itemsToCollect, 2, typeof(xmlfilecontent_item)); AssertXmlFileItem(itemsToCollect.ElementAt(0), @"/etc/gconf/gconf.xml.mandatory/file1", xpathObjectEntity.Value); AssertXmlFileItem(itemsToCollect.ElementAt(1), @"/etc/gconf/gconf.xml.mandatory/file2", xpathObjectEntity.Value); }
public void Should_be_possible_to_collect_uname_object() { // Arrange var prober = new UnameProber(); var probeBehaviorCreator = new ProberBehaviorCreator(); var fakeCollectInfo = base.GetFakeCollectInfo("9", "definitions_all_unix"); probeBehaviorCreator.CreateBehaviorForNormalFlowExecution( prober, new ItemType[] { new uname_item() }, new CollectedItem[] { ProbeHelper.CreateFakeCollectedItem(new uname_item()) }); // Act var probeResult = prober.Execute(base.FakeContext, base.FakeTargetInfo, fakeCollectInfo); // Assert DoAssertForSingleCollectedObject(probeResult, typeof(uname_item)); }
public void Should_be_possible_to_generate_textfilecontentItems_from_textfilecontentObject_with_referenced_variables_with_multiple_values_in_all_entities() { var objectType = (textfilecontent54_object)ProbeHelper.GetDefinitionObjectTypeByID("definitionsSimple", "oval:modulo:obj:960"); var fakeVariables = this.CreateFakeEvaluateVariablesForAllEntities(objectType.id); var itemTypeGenerator = CreateItemTypeGeneratorWithMockedBehavior(new string[] { "does not care" }, true); var generatedItems = itemTypeGenerator.GetItemsToCollect(objectType, fakeVariables).ToArray(); ItemTypeChecker.DoBasicAssertForItems(generatedItems, 8, typeof(textfilecontent_item)); AssertGeneratedTextFileContentItem(generatedItems.ElementAt(0), @"c:\windows\boot.ini", "^Services.*", "1"); AssertGeneratedTextFileContentItem(generatedItems.ElementAt(1), @"c:\windows\boot.ini", "^Application.*", "1"); AssertGeneratedTextFileContentItem(generatedItems.ElementAt(2), @"c:\windows\win.ini", "^Services.*", "1"); AssertGeneratedTextFileContentItem(generatedItems.ElementAt(3), @"c:\windows\win.ini", "^Application.*", "1"); AssertGeneratedTextFileContentItem(generatedItems.ElementAt(4), @"c:\windows NT\boot.ini", "^Services.*", "1"); AssertGeneratedTextFileContentItem(generatedItems.ElementAt(5), @"c:\windows NT\boot.ini", "^Application.*", "1"); AssertGeneratedTextFileContentItem(generatedItems.ElementAt(6), @"c:\windows NT\win.ini", "^Services.*", "1"); AssertGeneratedTextFileContentItem(generatedItems.ElementAt(7), @"c:\windows NT\win.ini", "^Application.*", "1"); }
public void Should_be_possible_to_generate_items_to_collect_from_an_file_object_with_pattern_match_operation_in_path_entity() { //<file_object id="oval:gov.irs.rhel5:obj:33"> // <path operation="pattern match">/lib/modules/.*/kernel/drivers/usb/storage</path> // <filename>usb-storage.ko</filename> //</file_object> var expectedFilepath1 = "lib/modules/2.6.18-128.1.10.el5.xs5.5.0.51xen/kernel/drivers/usb/storage"; var expectedFilepath2 = "lib/modules/2.6.18-128.el5/kernel/drivers/usb/storage"; var fileObject = ProbeHelper.GetDefinitionObjectTypeByID("definitions_all_unix", "oval:gov.irs.rhel5:obj:33"); var fileItemTypeGenerator = CreateFileItemTypeGeneratorWithMockedBehaviorToProcessPatternMatchOperation(); var itemsToCollect = fileItemTypeGenerator.GetItemsToCollect(fileObject, null).ToArray(); ItemTypeChecker.DoBasicAssertForItems(itemsToCollect, 2, TypeOfUnixFileItem); AssertFileItem(new ItemType[] { itemsToCollect[0] }, expectedFilepath1, string.Empty, true); AssertFileItem(new ItemType[] { itemsToCollect[1] }, expectedFilepath2, string.Empty, true); }
public void Should_be_possible_to_evaluate_multiple_variables_for_textfilecontent_which_was_definied_with_path_and_filename_entities() { var objectType = ProbeHelper.GetDefinitionObjectTypeByID("definitionsSimple", OBJECT_TYPE_930); var fakeVariableValues = new Dictionary <String, IEnumerable <String> >(); fakeVariableValues.Add("oval:modulo:var:911", new string[] { "c:\\windows", "c:\\windows NT" }); fakeVariableValues.Add("oval:modulo:var:914", new string[] { "boot.ini", "win.ini" }); var fakeVariables = VariableHelper.CreateEvaluatedVariables(OBJECT_TYPE_930, fakeVariableValues); TextFileContentVariableEvaluator variableEvaluator = new TextFileContentVariableEvaluator(fakeVariables); var evaluationVariableResult = variableEvaluator.ProcessVariablesForTypeFilePathEntities(objectType); this.DoBasicAssert(evaluationVariableResult, 4); Assert.AreEqual(@"c:\windows\boot.ini", evaluationVariableResult.ElementAt(0), "Unexpected variable value was found after variables evaluation."); Assert.AreEqual(@"c:\windows\win.ini", evaluationVariableResult.ElementAt(1), "Unexpected variable value was found after variables evaluation."); Assert.AreEqual(@"c:\windows NT\boot.ini", evaluationVariableResult.ElementAt(2), "Unexpected variable value was found after variables evaluation."); Assert.AreEqual(@"c:\windows NT\win.ini", evaluationVariableResult.ElementAt(3), "Unexpected variable value was found after variables evaluation."); }
public void Should_be_possible_to_create_items_to_collect_only_for_users_that_have_DACL_on_registry_key() { //<regkeyeffectiverights53_object id="oval:modulo:obj:832"> // <hive>HKEY_LOCAL_MACHINE</hive> // <key>SOFTWARE\Modulo\modSIC</key> // <trustee_sid operation="pattern match">.*</trustee_sid> //</regkeyeffectiverights53_object> var fakeObject = ProbeHelper.GetDefinitionObjectTypeByID("definitionsSimple", "832"); var itemTypeGenerator = CreateMockedItemTypeGeneratorToReturnOnlySomeDACLs(); var generatedItems = itemTypeGenerator.GetItemsToCollect(fakeObject, VariableHelper.CreateEmptyEvaluatedVariables()); ItemTypeChecker.DoBasicAssertForItems(generatedItems.ToArray(), 3, typeof(regkeyeffectiverights_item)); AssertGeneratedRegKeyEffectiveRightsItem(generatedItems.ElementAt(0), DEFAULT_REG_HIVE, DEFAULT_REG_KEY, "S-1-2"); AssertGeneratedRegKeyEffectiveRightsItem(generatedItems.ElementAt(1), DEFAULT_REG_HIVE, DEFAULT_REG_KEY, "S-1-3"); AssertGeneratedRegKeyEffectiveRightsItem(generatedItems.ElementAt(2), DEFAULT_REG_HIVE, DEFAULT_REG_KEY, "S-1-4"); }
public void Should_be_possible_to_create_new_object_type_keeping_the_behavior_entity_from_source_object() { var objectType = ProbeHelper.GetDefinitionObjectTypeByID("definitionsSimple", "920"); var filepaths = new string[] { @"c:\windows\win.ini" }; var patterns = new string[] { "VERSION.*" }; var instances = new string[] { "1" }; var createdFileObjects = new TextFileContentObjectFactory() .CreateFileObjects((textfilecontent54_object)objectType, filepaths, null, null, patterns, instances); Assert.IsNotNull(createdFileObjects, "The file objects were not created."); Assert.AreEqual(1, createdFileObjects.Count()); var textFileObject = (textfilecontent54_object)createdFileObjects.Single(); var multiLineBehavior = (Textfilecontent54Behaviors)((textfilecontent54_object)textFileObject).Items.OfType <Textfilecontent54Behaviors>().Single(); Assert.IsFalse(multiLineBehavior.multiline); Assert.IsFalse(textFileObject.IsMultiline(), "Unexpected behavior value was found."); }
public void Should_be_possible_to_collect_a_user_object_with_set() { var fakeUserObjectGuest = new UserObjectFactory().NewObject("Guest"); var fakeUserObjectAdmin = new UserObjectFactory().NewObject("admin"); var fakeUserObjectWithSet = new UserObjectFactory().NewObjectWithSet(fakeUserObjectGuest, fakeUserObjectAdmin); var fakeCollectInfo = ProbeHelper.CreateFakeCollectInfo(new Definitions.ObjectType[] { fakeUserObjectWithSet }); var prober = new UserProber(); ProberBehaviorCreator .CreateBehaviorForNormalFlowExecution( prober, new ItemType[] { new user_item() }, new CollectedItem[] { ProbeHelper.CreateFakeCollectedItem(new user_item()) }); var probeResult = prober.Execute(FakeContext, FakeTargetInfo, fakeCollectInfo); Assert.IsNotNull(probeResult, "The result of probe execution cannot be null."); Assert.AreEqual(0, probeResult.CollectedObjects.Count(), "No items are expected"); }
private RegKeyEffectiveRightsObjectCollector CreateObjectCollectorWithBehavior() { MockRepository mocks = new MockRepository(); var fakeWmiDataProvider = mocks.DynamicMock <WmiDataProvider>(); var fakeACLProvider = AccessControlListProvider.CreateInstance(); Expect.Call(fakeACLProvider.GetRegistryKeyEffectiveRights(null, 0, null, null)) .IgnoreArguments() .Return(KEY_CREATE_LINK_PERMISSION); mocks.ReplayAll(); return(new RegKeyEffectiveRightsObjectCollector() { TargetInfo = ProbeHelper.CreateFakeTarget(), WmiDataProvider = fakeWmiDataProvider, AccessControlListProvider = fakeACLProvider }); }
public void Should_be_possible_to_collect_file_object_for_unix_systems() { var fakeFileItemsToReturn = new ItemType[] { new unix.file_item() { filepath = OvalHelper.CreateItemEntityWithStringValue("/home/usr/readme") } }; var fakeCollectedItemsToReturn = new CollectedItem[] { ProbeHelper.CreateFakeCollectedItem(CreateFileItem()) }; var unixFileProber = new FileProber(); ProberBehaviorCreator .CreateBehaviorForNormalFlowExecution( unixFileProber, fakeFileItemsToReturn, fakeCollectedItemsToReturn); var result = unixFileProber.Execute(FakeContext, FakeTargetInfo, GetFakeCollectInfo("oval:modulo:obj:2", "definitions_all_unix")); DoAssertForSingleCollectedObject(result, typeof(unix.file_item)); }
public void Should_be_possible_to_execute_a_registry_collect_with_Set_element() { var fakeDefinitions = ProbeHelper.GetFakeOvalDefinitions("definitionsWithSet.xml"); var fakeObjects = fakeDefinitions.objects.OfType <registry_object>().ToArray(); oval_system_characteristics fakeSystemCharacteristics = new LoadOvalDocument().GetFakeOvalSystemCharacteristics("system_characteristics_with_sets.xml"); CollectInfo fakeCollectedInfo = ProbeHelper.CreateFakeCollectInfo(fakeObjects, null, fakeSystemCharacteristics); registry_item fakeRegistryItem = this.GetFakeRegistryItem(@"Software\Microsoft\Windows NT\CurrentVersion", "CurrentVersion", eValueTypes.STRING, "6.0"); RegistryProber registryProber = this.GetMockedRegistryProber(fakeRegistryItem); IEnumerable <CollectedObject> result = registryProber.Execute(fakeContext, fakeTarget, fakeCollectedInfo).CollectedObjects; Assert.IsNotNull(result, "the result is not expected"); CollectedObject collectedObject = result.Where <CollectedObject>(obj => obj.ObjectType.id == "oval:org.mitre.oval:obj:6000").SingleOrDefault(); Assert.IsNotNull(collectedObject, "the element was not found"); Assert.AreEqual(collectedObject.ObjectType.reference.Count(), 3, "the quantity of object referenced is not expected"); }
public void Should_be_possible_to_create_items_to_collected_from_RegKeyEffectiveRighstObject_with_referenced_variables_on_key_and_trusteeSID_entities() { var expectedKey = @"SOFTWARE\Microsoft\Windows NT\CurrentVersion"; var sourceObjectType = ProbeHelper.GetDefinitionObjectTypeByID("definitionsSimple", "771"); var fakeVarValues = new Dictionary <String, IEnumerable <String> >(); fakeVarValues.Add("oval:modulo:var:201", new string[] { @"S-1-5-18", @"S-1-5-20" }); fakeVarValues.Add("oval:modulo:var:770", new string[] { expectedKey }); var fakeVariables = VariableHelper.CreateEvaluatedVariables(sourceObjectType.id, fakeVarValues); var generatedItems = CreateRegKeyEffectiveRightsItemTypeGeneratorWithoutBehavior() .GetItemsToCollect(sourceObjectType, fakeVariables); ItemTypeChecker.DoBasicAssertForItems(generatedItems.ToArray(), 2, typeof(regkeyeffectiverights_item), StatusEnumeration.notcollected); this.AssertGeneratedRegKeyEffectiveRightsItem(generatedItems.ElementAt(0), "HKEY_LOCAL_MACHINE", expectedKey, "S-1-5-18"); this.AssertGeneratedRegKeyEffectiveRightsItem(generatedItems.ElementAt(1), "HKEY_LOCAL_MACHINE", expectedKey, "S-1-5-20"); }
public void Should_be_possible_to_generate_SIDItems_from_SIDObject_with_referenced_variable() { // Arrange oval_definitions definitions = ProbeHelper.GetFakeOvalDefinitions(DEFINITIONS_SIMPLE); sid_object sidObject10 = (sid_object)definitions.objects.Where(obj => obj.id.Equals("oval:modulo:obj:11")).Single(); VariableType variable10 = definitions.variables.Where(var => var.id.Equals("oval:modulo:var:10")).Single(); string variable10Value = ((VariablesTypeVariableConstant_variable)variable10).value.First().Value; VariablesEvaluated fakeVariables = VariableHelper.CreateVariableWithOneValue(sidObject10.id, variable10.id, variable10Value); SIDItemTypeGenerator itemGenerator = new SIDItemTypeGenerator(); // Act IList <ItemType> generatedItems = itemGenerator.GetItemsToCollect(sidObject10, fakeVariables).ToList(); Assert.IsNotNull(generatedItems, "The result of GetItemsToCollect cannot be null."); Assert.AreEqual(1, generatedItems.Count, "Unexpected items count was found."); Assert.IsInstanceOfType(generatedItems[0], typeof(sid_item), "Unexpected type of generated item found. The correct type is 'sid_item'"); Assert.AreEqual(variable10Value, ((sid_item)generatedItems[0]).trustee_name.Value); }
public FileEffectiveRightsItemTypeGeneratorTests() { var ovalDefinitions = ProbeHelper.GetFakeOvalDefinitions("definitionsSimple"); this.FileEffectiveRightsObjectSamples = ovalDefinitions.objects.OfType <fileeffectiverights53_object>(); this.ItemTypeGenerator = new FileEffectiveRights53ItemTypeGenerator(null, null); this.ObjectFactory = new FileEffectiveRights53ObjectFactory(); this.FakeVariables = new Dictionary <string, IEnumerable <string> >(); FakeVariables.Add("oval:modsic.test:var:1", new string[] { "c:\\windows\\odbc.ini" }); FakeVariables.Add("oval:modsic.test:var:2", new string[] { "c:\\windows" }); FakeVariables.Add("oval:modsic.test:var:3", new string[] { "odbc.ini" }); FakeVariables.Add("oval:modsic.test:var:4", new string[] { "S-1-1-0" }); this.FakeMultiVariables = new Dictionary <string, IEnumerable <string> >(); FakeMultiVariables.Add("oval:modsic.test:var:1", new string[] { "c:\\windows", "c:\\windows NT" }); FakeMultiVariables.Add("oval:modsic.test:var:2", new string[] { "odbc.ini" }); FakeMultiVariables.Add("oval:modsic.test:var:3", new string[] { "S-1-0", "S-1-1" }); }
public void Should_not_be_possible_generate_smf_items_from_an_object_with_pattern_match_operation_on_service_name_entity() { var smfObject = ProbeHelper.GetDefinitionObjectTypeByID("definitionsSimple", "2900"); var fakeVariables = CreateFakeEvaluatedVariablesWithMultiValues("oval:modulo:obj:2900"); var generatedItems = new SMFItemTypeGenerator().GetItemsToCollect(smfObject, fakeVariables).ToArray(); ItemTypeChecker.DoBasicAssertForItems(generatedItems, 1, typeof(smf_item), StatusEnumeration.error); var generatedSmfItem = (smf_item)generatedItems.Single(); Assert.AreEqual(StatusEnumeration.error, generatedSmfItem.status, "The expected status is 'error'."); var fmriEntity = generatedSmfItem.fmri; Assert.IsNotNull(fmriEntity); Assert.AreEqual(StatusEnumeration.error, fmriEntity.status); Assert.IsNotNull(generatedSmfItem.message); Assert.AreEqual(MessageLevelEnumeration.error, generatedSmfItem.message.First().level); Assert.AreEqual("The 'patternmatch' operation is not supported for this entity.", generatedSmfItem.message.First().Value); }
public void The_result_of_item_generation_should_be_a_list_with_items_already_collected() { #region //<textfilecontent54_object id="oval:modulo:obj:920"> // <filepath>c:\windows\win.ini</filepath> // <pattern>VERSION.*</pattern> // <instance datatype="int">1</instance> //</textfilecontent54_object> #endregion var fakeFileLines = new string[] { "VERSION=10.1" }; var sourceObjectType = (textfilecontent54_object)ProbeHelper.GetDefinitionObjectTypeByID("definitionsSimple", "920"); var itemTypeGenerator = CreateItemTypeGeneratorWithMockedBehavior(fakeFileLines, false); var result = itemTypeGenerator.GetItemsToCollect(sourceObjectType, null).ToArray(); ItemTypeChecker.DoBasicAssertForItems(result, 1, typeof(textfilecontent_item)); AssertGeneratedTextFileContentItem(result.Single(), @"c:\windows\win.ini", "VERSION.*", "1"); ItemTypeEntityChecker.AssertItemTypeEntity(((textfilecontent_item)result.Single()).text, "VERSION=10.1"); }
public void Should_be_possible_to_generate_metabase_items_from_an_object_with_greaterthanorequal_operation_in_id_entity() { var fakeOvalMetabaseObject = (metabase_object)ProbeHelper.GetOvalComponentByOvalID(FakeOvalDefinitions, "6008"); var itemsToCollect = CreateMetabaseItemTypeGeneratorWithBehaviorInID(new string[] { "1001", "1002", "1003", "1004" }) .GetItemsToCollect(fakeOvalMetabaseObject, null); Assert.AreEqual(3, itemsToCollect.Count(), "Unexpected amount of items to collect."); var firstItem = (metabase_item)itemsToCollect.ElementAt(0); var secondItem = (metabase_item)itemsToCollect.ElementAt(1); var thirdItem = (metabase_item)itemsToCollect.ElementAt(2); AssertMetabaseEntity(firstItem.key, "/"); AssertMetabaseEntity(firstItem.id1, "1002"); AssertMetabaseEntity(secondItem.key, "/"); AssertMetabaseEntity(secondItem.id1, "1003"); AssertMetabaseEntity(thirdItem.key, "/"); AssertMetabaseEntity(thirdItem.id1, "1004"); }
public void Should_be_possible_to_process_a_RegKeyEffectiveRightsObject_with_set_operation() { var definitions = ProbeHelper.GetFakeOvalDefinitions("definitionsSimple.xml"); var fakeObjects = this.GetFakeObjectsFromDefinitions(definitions, new string[] { "750", "751", "760" }); var fakeSysCharac = ProbeHelper.GetOvalSystemCharacteristicsFromFile("system_characteristics_with_sets.xml"); var fakeCollectInfo = ProbeHelper.CreateFakeCollectInfo(fakeObjects, null, fakeSysCharac); var fakeCollectedItems = new CollectedItem[] { ProbeHelper.CreateFakeCollectedItem(new regkeyeffectiverights_item()) }; var prober = this.GetMockedRegKeyEffectiveRightsProber(fakeCollectedItems, null); ProbeResult proberExecutionResult = prober.Execute(FakeContext, FakeTargetInfo, fakeCollectInfo); this.doBasicProbeResultAssert(proberExecutionResult); Assert.AreEqual(3, proberExecutionResult.CollectedObjects.Count(), "Unexpected collected objects count."); var collectedObjFromObjectWithSet = proberExecutionResult.CollectedObjects.SingleOrDefault(obj => obj.ObjectType.id.Equals("oval:modulo:obj:760")); Assert.IsNotNull(collectedObjFromObjectWithSet, "There are no collected objects generated from object type with set."); var referencedItems = collectedObjFromObjectWithSet.ObjectType.reference; Assert.AreEqual(2, referencedItems.Count(), "Unexpected collected object references count."); Assert.AreEqual("761", referencedItems.ElementAt(0).item_ref, "Unexpected referenced item was found on collected object."); Assert.AreEqual("762", referencedItems.ElementAt(1).item_ref, "Unexpected referenced item was found on collected object."); var generatedItemFromObjectTypeWithSet = collectedObjFromObjectWithSet.SystemData; Assert.IsNotNull(generatedItemFromObjectTypeWithSet, "No item type was found in collected object system data."); Assert.AreEqual(2, generatedItemFromObjectTypeWithSet.Count, "Unexpected system data count."); var firstRegKeyEffectiveRightsItem = (regkeyeffectiverights_item)generatedItemFromObjectTypeWithSet[0]; Assert.AreEqual("761", firstRegKeyEffectiveRightsItem.id, "Unexpected id for a item was found."); Assert.AreEqual(@"SOFTWARE\Modulo\RiskManager", firstRegKeyEffectiveRightsItem.key.Value, "Unexpected entity item type value was found."); Assert.AreEqual("0", firstRegKeyEffectiveRightsItem.key_enumerate_sub_keys.Value, "Unexpected entity item type value was found."); var secondRegKeyEffectiveRightsItem = (regkeyeffectiverights_item)generatedItemFromObjectTypeWithSet[1]; Assert.AreEqual("762", secondRegKeyEffectiveRightsItem.id, "Unexpected id for a item was found."); Assert.AreEqual(@"SOFTWARE\Modulo\RiskManagerNG", secondRegKeyEffectiveRightsItem.key.Value, "Unexpected entity item type value was found."); Assert.AreEqual("1", secondRegKeyEffectiveRightsItem.key_enumerate_sub_keys.Value, "Unexpected entity item type value was found."); }
public void Should_Be_Possible_To_Execute_A_Default_Registry_Collect() { // Arrange oval_definitions fakeDefinitions = ProbeHelper.GetFakeOvalDefinitions("fdcc_xpfirewall_oval.xml"); CollectInfo fakeCollectInfo = ProbeHelper.CreateFakeCollectInfo(fakeDefinitions.objects.OfType <registry_object>().ToArray(), null, null); registry_item fakeItem = this.GetFakeRegistryItem("Software\\Modulo", "NG", eValueTypes.STRING, "Secret"); List <registry_item> expectedRegistryItems = new List <registry_item>(new registry_item[] { fakeItem }); RegistryProber registryProber = this.GetMockedRegistryProber(fakeItem); // Act IEnumerable <CollectedObject> result = registryProber.Execute(this.fakeContext, this.fakeTarget, fakeCollectInfo).CollectedObjects; // Assert Assert.AreEqual(46, result.Count()); this.AssertProbeResultItem(result.ElementAt(0), fakeDefinitions.objects[1].id, null, expectedRegistryItems); this.AssertProbeResultItem(result.ElementAt(10), fakeDefinitions.objects[11].id, null, expectedRegistryItems); this.AssertProbeResultItem(result.ElementAt(45), fakeDefinitions.objects[46].id, null, expectedRegistryItems); }
public TextFileContentProberTest() { FakeItemsToReturnByItemTypeGenerator = new ItemType[] { CreateFakeTextFileContentItem(null, FAKE_PATH, FAKE_FILENAME, FAKE_PATTERN, FAKE_INSTANCE) }; FakeColletedItems = new CollectedItem[] { ProbeHelper.CreateFakeCollectedItem(FakeItemsToReturnByItemTypeGenerator.First()) }; var textFileContent54ObjectsSample = ProbeHelper.GetFakeOvalDefinitions("definitionsSimple").objects.OfType <textfilecontent54_object>(); this.TextFileContent54ObjectsWithoutBehaviors = textFileContent54ObjectsSample.First(); this.TextFileContent54ObjectWithMultilineBehavior = textFileContent54ObjectsSample.Single(obj => obj.id.Equals("oval:modulo:obj:910")); this.TextFileContent54ObjectWithoutMultilineBehavior = textFileContent54ObjectsSample.Single(obj => obj.id.Equals("oval:modulo:obj:920")); }
public void Should_be_possible_to_collect_family_for_unix_based_systems() { var familyObject = ProbeHelper.GetDefinitionObjectTypeByID("definitionsSimple", "oval:org.mitre.oval:obj:1000"); var fakeCollectInfo = ProbeHelper.CreateFakeCollectInfo(new Definitions.ObjectType[] { familyObject }, null, null); var prober = this.GetMockedFamilyProberForUnix(null); var probeResult = prober.Execute(FakeContext, FakeTargetInfo, fakeCollectInfo); Assert.IsNotNull(probeResult); Assert.AreEqual(1, probeResult.CollectedObjects.Count()); var collectedItems = probeResult.CollectedObjects.Single().SystemData; Assert.AreEqual(1, collectedItems.Count); var familyItem = (family_item)collectedItems.Single(); Assert.AreEqual(familyItem.status, StatusEnumeration.exists); Assert.AreEqual(familyItem.family.Value, FAKE_FAMILY); }
public void Should_be_possible_to_evaluate_variable_for_all_entities_at_same_time() { var sourceObject = ProbeHelper.GetOvalComponentByOvalID(this.Definitions, ConstantHelper.OBJECT_ID_1050); var variablesAndValues = this.CreateVariableAndValuesDictionary(sourceObject.id); var evaluatedVariables = VariableHelper.CreateEvaluatedVariables(sourceObject.id, variablesAndValues); var variableEvaluator = new FileEffectiveRights53EntityVariableEvaluator(evaluatedVariables); var evaluationResult = variableEvaluator.ProcessVariables(sourceObject); DoBasicAssertForVariableProcessing(evaluationResult, 1, typeof(fileeffectiverights53_object)); var pathVariableValue = this.GetVariableValue(variablesAndValues.ElementAt(0).Key); AssertObjectEntity(evaluationResult.First(), ConstantHelper.PathEntityName, pathVariableValue); var filenameVariableValue = this.GetVariableValue(variablesAndValues.ElementAt(1).Key); AssertObjectEntity(evaluationResult.First(), ConstantHelper.FilenameEntityName, filenameVariableValue); var trusteeSIDVariableValue = this.GetVariableValue(variablesAndValues.ElementAt(2).Key); AssertObjectEntity(evaluationResult.First(), ConstantHelper.TrusteeSIDEntityName, trusteeSIDVariableValue); AssertCorrectnessOfFileEntities((fileeffectiverights53_object)evaluationResult.First()); }
public void Should_Be_Possible_To_Extract_From_OVAL_Definitions_Objects_That_Not_Contains_A_Test_Or_DefinitionAssociated() { oval_definitions fakeDefinitions = ProbeHelper.GetFakeOvalDefinitions("definitionsWithOnlyObjects.xml"); Assert.IsNotNull(fakeDefinitions.objects); Assert.AreEqual(6, fakeDefinitions.objects.Count()); Assert.IsNotNull(fakeDefinitions.objects.SingleOrDefault(obj => obj.id.Equals("oval:gov.nist.fdcc.xpfirewall:obj:50000"))); registry_object obj50001 = (registry_object)fakeDefinitions.objects.SingleOrDefault(obj => obj.id.Equals("oval:gov.nist.fdcc.xpfirewall:obj:50001")); Assert.IsNotNull(obj50001); string foundHiveName = ((EntityObjectRegistryHiveType)obj50001.Items[0]).Value; string foundKeyName = ((EntityObjectStringType)obj50001.Items[1]).Value; EntityObjectStringType foundValueEntity = (EntityObjectStringType)obj50001.Items[2]; Assert.AreEqual("HKEY_LOCAL_MACHINE", foundHiveName); Assert.AreEqual("SOFTWARE\\Microsoft\\Windows\\CurrentVersion", foundKeyName); Assert.AreEqual(OperationEnumeration.patternmatch, foundValueEntity.operation); Assert.AreEqual(".*Build$", foundValueEntity.Value); }
public void Should_be_possible_to_execute_a_registry_collect_with_variables() { // Arrange string[] fakeVarValues = new string[] { @"Software\Microsoft\Windows NT\CurrentVersion" }; oval_definitions fakeDefinitions = ProbeHelper.GetFakeOvalDefinitions("definitionsWithConstantVariable.xml"); var fakeObjects = fakeDefinitions.objects.OfType <registry_object>().ToArray(); VariablesEvaluated variables = VariableHelper.CreateVariableWithMultiplesValue(OBJ_3000_ID, VAR_3000_ID, fakeVarValues); CollectInfo fakeCollectInfo = ProbeHelper.CreateFakeCollectInfo(fakeObjects, variables, null); registry_item fakeRegistryItem = this.GetFakeRegistryItem(@"Software\Microsoft\Windows NT\CurrentVersion", "CurrentVersion", eValueTypes.STRING, "6.0"); RegistryProber registryProber = this.GetMockedRegistryProber(fakeRegistryItem); // Act IEnumerable <CollectedObject> result = registryProber.Execute(fakeContext, fakeTarget, fakeCollectInfo).CollectedObjects; // Assert Assert.AreEqual(1, result.Count(), "the quantity is not expected"); this.AssertProbeResultItem(result.ElementAt(0), fakeDefinitions.objects[1].id, fakeVarValues, new List <registry_item>() { fakeRegistryItem }); }
public void When_an_error_occurs_while_creating_items_to_collect_the_created_items_must_have_error_status() { var fakeTargetInfo = ProbeHelper.CreateFakeTarget(); var fakeContext = ProbeHelper.CreateFakeContext(); var objectType = ProbeHelper.GetDefinitionObjectTypeByID("definitionsSimple.xml", "oval:org.mitre.oval:obj:1000"); var fakeCollectInfo = ProbeHelper.CreateFakeCollectInfo(new Definitions.ObjectType[] { objectType }, null, null); var prober = GetMockedFamilyProberForUnix(new Exception("Timeout")); var probeResult = prober.Execute(fakeContext, fakeTargetInfo, fakeCollectInfo); Assert.IsNotNull(probeResult); Assert.AreEqual(1, probeResult.CollectedObjects.Count()); var collectedItems = probeResult.CollectedObjects.Single().SystemData; Assert.AreEqual(1, collectedItems.Count); var familyItem = (family_item)collectedItems.Single(); Assert.AreEqual(familyItem.status, StatusEnumeration.error); Assert.IsNotNull(familyItem.message); }