public void Should_be_possible_to_collect_file_effective_rights()
        {
            #region File Effective Rights Object
            //<fileeffectiverights_object id="oval:modulo:obj:7" version="1" xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5#windows">
            //    <path>c:\temp</path>
            //    <filename>file1.txt</filename>
            //    <trustee_name>mss\lfernandes</trustee_name>
            //</fileeffectiverights_object>
            #endregion

            oval_definitions definitions = ProbeHelper.GetFakeOvalDefinitions("definitionsSimple.xml");
            CollectInfo fakeCollectInfo = ProbeHelper.CreateFakeCollectInfo(definitions.objects, null, null);
            Definitions::ObjectType fileEffectiveRightsObject = ProbeHelper.GetOvalComponentByOvalID(definitions, "oval:modulo:obj:7");
            IEnumerable<CollectedItem> fakeCollectedItems = new CollectedItem[] { this.createFakeCollectedItem(fileEffectiveRightsObject) };

            FileEffectiveRightsProber prober = this.createMockedFileEffectiveRightsProber(fakeCollectedItems);
            ProbeResult result = prober.Execute(ProbeHelper.CreateFakeContext(), ProbeHelper.CreateFakeTarget(), fakeCollectInfo);

            Assert.IsNotNull(result, "The result of FileEffectiveRightsProber execution cannot be null.");
            Assert.IsNotNull(result.ExecutionLog, "The ExecutionLog of FileEffectiveRightsProber was not created.");
            Assert.IsNotNull(result.CollectedObjects, "There are no collected objects.");
            Assert.AreEqual(1, result.CollectedObjects.Count(), "Unexpected collected objects count found.");

            this.AssertCollectedFileItems(fileEffectiveRightsObject, result.CollectedObjects.ElementAt(0), fakeCollectedItems);
        }
        protected override IEnumerable<CollectedItem> collectDataForSystemItem(ItemType systemItem)
        {
            var filePath = string.Empty;
            try
            {
                var fileContentItem = (textfilecontent_item)systemItem;
                filePath = Path.Combine(fileContentItem.path.Value, fileContentItem.filename.Value);
                var interimList = WinNetUtils.getWinTextFileContent(hostUNC, filePath, fileContentItem.line.Value);

                var collectedItems = new List<CollectedItem>();
                foreach (FileContentItemSystemData srcItem in interimList)
                {
                    var destItem = new textfilecontent_item();
                    this.BuilderFileContentItem(destItem, srcItem, fileContentItem);
                    var newCollectedItem = new CollectedItem() { ItemType = destItem, ExecutionLog = BuildExecutionLog() };
                    collectedItems.Add(newCollectedItem);
                }

                return collectedItems;
            }
            catch (FileNotFoundException)
            {
                base.SetDoesNotExistStatusForItemType(systemItem, filePath);
            }

            return new ItemTypeHelper().CreateCollectedItemsWithOneItem(systemItem, BuildExecutionLog());
        }
Пример #3
0
 public RunLevelProberTests()
 {
     FakeItemToCollect1 = CreateFakeRunlevelItem("ssh", "2", null, null);
     FakeItemToCollect2 = CreateFakeRunlevelItem("cups", "3", null, null);
     FakeCollectedItem1 = ProbeHelper.CreateFakeCollectedItem(CreateFakeRunlevelItem("ssh", "2", "0", "1"));
     FakeCollectedItem2 = ProbeHelper.CreateFakeCollectedItem(CreateFakeRunlevelItem("cups", "3", "1", "0"));
 }
Пример #4
0
        public RpmInfoProberTests()
        {
            FakeItemToCollect1 = CreateFakeRpmInfoItem("vbox", null, null, null, null, null);
            FakeItemToCollect2 = CreateFakeRpmInfoItem("firefox", null, null, null, null, null);

            var fakeCollectedItem1 = CreateFakeRpmInfoItem("vbox", "x86", "2010", "1020", "12345678", "1");
            FakeCollectedItem1 = ProbeHelper.CreateFakeCollectedItem(fakeCollectedItem1);
            var fakeCollectedItem2 = CreateFakeRpmInfoItem("firefox", "x86", "2010", "1020", "12345678", "1");
            FakeCollectedItem2 = ProbeHelper.CreateFakeCollectedItem(fakeCollectedItem2);
        }
Пример #5
0
        public void Should_be_possible_to_collect_wmi_object()
        {
            var fakeItemsToReturn = this.CreateWmiItems(FAKE_WMI_NAMESPACE, FAKE_WQL);
            var fakeCollectedItems = new CollectedItem[] { ProbeHelper.CreateFakeCollectedItem(fakeItemsToReturn.First()) };
            var fakeCollectedInfo = GetFakeCollectInfo("oval:modulo:obj:2200");
            ProberBehaviorCreator
                .CreateBehaviorForNormalFlowExecution(
                    WMIProber,
                    fakeItemsToReturn,
                    fakeCollectedItems);

            var proberExecutionResult = WMIProber.Execute(FakeContext, FakeTargetInfo, fakeCollectedInfo);

            DoAssertForSingleCollectedObject(proberExecutionResult, typeof(wmi_item));
        }
Пример #6
0
        public void Should_be_possible_to_collect_file_object_for_unix_systems()
        {
            var fakeFileItemsToReturn = new ItemType[] { new unix.file_item() { filepath = OvalHelper.CreateItemEntityWithStringValue("/home/usr/readme") } };
            var fakeCollectedItemsToReturn = new CollectedItem[] { ProbeHelper.CreateFakeCollectedItem(CreateFileItem()) };
            var unixFileProber = new FileProber();
            ProberBehaviorCreator
                .CreateBehaviorForNormalFlowExecution(
                    unixFileProber,
                    fakeFileItemsToReturn,
                    fakeCollectedItemsToReturn);

            var result = unixFileProber.Execute(FakeContext, FakeTargetInfo, GetFakeCollectInfo("oval:modulo:obj:2", "definitions_all_unix"));

            DoAssertForSingleCollectedObject(result, typeof(unix.file_item));
        }
        public void CreateBehaviorForNormalFlowExecution(
            ProbeBase probeToConfigure,
            ItemType[] fakeItemsToReturnByItemTypeGenerator,
            CollectedItem[] fakeCollectedItemsToReturnByObjectCollector)
        {
            var mocksRepository = new MockRepository();
            var fakeConnectionManager = mocksRepository.DynamicMock<IConnectionManager>();
            var fakeObjectCollector = mocksRepository.DynamicMock<FileEffectiveRights53ObjectCollector>();
            var fakeItemTypeGenerator = mocksRepository.DynamicMock<IItemTypeGenerator>();

            Expect.Call(fakeItemTypeGenerator.GetItemsToCollect(null, null))
                 .IgnoreArguments()
                     .Return(fakeItemsToReturnByItemTypeGenerator);

            Expect.Call(fakeObjectCollector.CollectDataForSystemItem(null))
                 .IgnoreArguments()
                     .Return(fakeCollectedItemsToReturnByObjectCollector);

            mocksRepository.ReplayAll();

            probeToConfigure.ConnectionManager = fakeConnectionManager;
            probeToConfigure.ItemTypeGenerator = fakeItemTypeGenerator;
            probeToConfigure.ObjectCollector = fakeObjectCollector;
        }
        private FileAuditedPermissionsProber CreateMockedXmlFileContentProber(CollectedItem[] fakeCollectedItems, Exception exception)
        {
            MockRepository mocks = new MockRepository();
            var fakeConnectionManager = mocks.DynamicMock<IConnectionManager>();
            var fakeSystemDataSource = mocks.DynamicMock<FileAuditedPermissionsObjectCollector>();
            var fakeItemTypeGenerator = mocks.DynamicMock<FileAuditedPermissionsItemTypeGenerator>();

            if (exception == null)
            {
                var fakeItems = this.CreateFakeItemTypes();
                Expect.Call(fakeItemTypeGenerator.GetItemsToCollect(null, null)).IgnoreArguments().Return(fakeItems);
                Expect.Call(fakeSystemDataSource.CollectDataForSystemItem(null)).IgnoreArguments().Return(fakeCollectedItems);
            }
            else
            {
                Expect.Call(fakeSystemDataSource.CollectDataForSystemItem(null)).IgnoreArguments().CallOriginalMethod(OriginalCallOptions.NoExpectation);
                Expect.Call(fakeItemTypeGenerator.GetItemsToCollect(null, null)).IgnoreArguments().Throw(exception);
            }

            mocks.ReplayAll();

            return new FileAuditedPermissionsProber() { ConnectionManager = fakeConnectionManager, ObjectCollector = fakeSystemDataSource, ItemTypeGenerator = fakeItemTypeGenerator };
        }
Пример #9
0
        public void The_operation_evaluator_of_TextFileContentItemTypeGenerator_must_be_configured()
        {
            var objectType = ProbeHelper.GetDefinitionObjectTypeByID("definitionsSimple", "900");
            var fakeCollectInfo = ProbeHelper.CreateFakeCollectInfo(new Definitions.ObjectType[] { objectType }, null, null);
            var fakeCollectedItems = new CollectedItem[] {  ProbeHelper.CreateFakeCollectedItem(new textfilecontent_item()) };
            var textFileContentProber = CreateMockedProberWithNoFakeItemTypeGenerator(fakeCollectedItems);

            textFileContentProber.Execute(FakeContext, FakeTargetInfo, fakeCollectInfo);

            Assert.IsInstanceOfType(textFileContentProber.ItemTypeGenerator, typeof(TextFileContentItemTypeGenerator));
            var itemTypeGenerator = (TextFileContentItemTypeGenerator)textFileContentProber.ItemTypeGenerator;
            Assert.IsNotNull(itemTypeGenerator.OperationEvaluator);
        }
Пример #10
0
        private RegistryProber GetMockedRegistryProber(registry_item fakeItem)
        {
            var fakeValues = new List<String>(new string[] { "FakeValue" });
            var fakeCollectedItems = new CollectedItem[] { ProbeHelper.CreateFakeCollectedItem(fakeItem) };

            MockRepository mocks = new MockRepository();
                var fakeConnection = mocks.DynamicMock<IConnectionManager>();
                var fakeSystemInformation = mocks.DynamicMock<ISystemInformationService>();
                var fakeProvider = mocks.DynamicMock<RegistryConnectionProvider>();
                var fakeWmiProvider = new WmiDataProviderExpectFactory().GetFakeWmiDataProviderForTestInvokeMethodEnumKeyWithReturnSuccess();
                var fakeDataCollector = mocks.DynamicMock<RegistryObjectCollector>();
                fakeDataCollector.WmiDataProvider = fakeWmiProvider;
                var  registryItemTypeGeneration = new RegistryItemTypeGenerator() { SystemDataSource = fakeDataCollector, WmiDataProvider = fakeWmiProvider };

                Expect.Call(fakeConnection.Connect<RegistryConnectionProvider>(null, null)).IgnoreArguments().Repeat.Any().Return(fakeProvider);
                Expect.Call(fakeDataCollector.CollectDataForSystemItem(fakeItem)).IgnoreArguments().Repeat.Any().Return(fakeCollectedItems);
                Expect.Call(fakeDataCollector.GetValues(null)).IgnoreArguments().Repeat.Any().Return(fakeValues);
                Expect.Call(fakeSystemInformation.GetSystemInformationFrom(null)).IgnoreArguments().Return(SystemInformationFactory.GetExpectedSystemInformation());
            mocks.ReplayAll();

            return new RegistryProber() { ConnectionManager = fakeConnection, ObjectCollector = fakeDataCollector, ItemTypeGenerator = registryItemTypeGeneration};
        }
        public void Should_be_possible_to_execute_a_collect_for_RegKeyEffectiveRights_with_referenced_variable_on_key_entity()
        {
            var fakeObjects = new Definitions.ObjectType[] { ProbeHelper.GetDefinitionObjectTypeByID("definitionsSimple", "770") };
            string fakeVariableValue = @"SOFTWARE\Microsoft\Windows NT\CurrentVersion";
            var fakeEvaluatedVariables = VariableHelper.CreateVariableWithOneValue("oval:modulo:obj:770", "oval:modulo:var:770", fakeVariableValue);
            var fakeCollectInfo = ProbeHelper.CreateFakeCollectInfo(fakeObjects, fakeEvaluatedVariables, null);
            var fakeCollectedItems = new CollectedItem[] { ProbeHelper.CreateFakeCollectedItem(new regkeyeffectiverights_item()) };
            var prober = this.GetMockedRegKeyEffectiveRightsProber(fakeCollectedItems, null);

            var proberExecutionResult = prober.Execute(FakeContext, FakeTargetInfo, fakeCollectInfo);

            this.doBasicProbeResultAssert(proberExecutionResult);
            CollectedObject collectedObject = proberExecutionResult.CollectedObjects.Single(obj => obj.ObjectType.id.Equals("oval:modulo:obj:770"));
            this.assertCollectedItemsReferences(collectedObject, (IList<ItemType>)collectedObject.SystemData);
            Assert.AreEqual(1, collectedObject.SystemData.Count, "Unexpected system data count.");
            this.assertCollectedItemStatus(collectedObject.ObjectType.reference.ElementAt(0), collectedObject.SystemData[0]);
        }
        public void Should_be_possible_to_process_a_RegKeyEffectiveRightsObject_with_set_operation()
        {
            var definitions = ProbeHelper.GetFakeOvalDefinitions("definitionsSimple.xml");
            var fakeObjects = this.GetFakeObjectsFromDefinitions(definitions, new string[] { "750", "751", "760" });
            var fakeSysCharac = ProbeHelper.GetOvalSystemCharacteristicsFromFile("system_characteristics_with_sets.xml");
            var fakeCollectInfo = ProbeHelper.CreateFakeCollectInfo(fakeObjects, null, fakeSysCharac);
            var fakeCollectedItems = new CollectedItem[] { ProbeHelper.CreateFakeCollectedItem(new regkeyeffectiverights_item()) };
            var prober = this.GetMockedRegKeyEffectiveRightsProber(fakeCollectedItems, null);

            ProbeResult proberExecutionResult = prober.Execute(FakeContext, FakeTargetInfo, fakeCollectInfo);


            this.doBasicProbeResultAssert(proberExecutionResult);
            Assert.AreEqual(3, proberExecutionResult.CollectedObjects.Count(), "Unexpected collected objects count.");
            
            var collectedObjFromObjectWithSet = proberExecutionResult.CollectedObjects.SingleOrDefault(obj => obj.ObjectType.id.Equals("oval:modulo:obj:760"));
            Assert.IsNotNull(collectedObjFromObjectWithSet, "There are no collected objects generated from object type with set.");
            
            var referencedItems = collectedObjFromObjectWithSet.ObjectType.reference;
            Assert.AreEqual(2, referencedItems.Count(), "Unexpected collected object references count.");
            Assert.AreEqual("761", referencedItems.ElementAt(0).item_ref, "Unexpected referenced item was found on collected object.");
            Assert.AreEqual("762", referencedItems.ElementAt(1).item_ref, "Unexpected referenced item was found on collected object.");

            var generatedItemFromObjectTypeWithSet = collectedObjFromObjectWithSet.SystemData;
            Assert.IsNotNull(generatedItemFromObjectTypeWithSet, "No item type was found in collected object system data.");
            Assert.AreEqual(2, generatedItemFromObjectTypeWithSet.Count, "Unexpected system data count.");
            
            var firstRegKeyEffectiveRightsItem = (regkeyeffectiverights_item)generatedItemFromObjectTypeWithSet[0];
            Assert.AreEqual("761", firstRegKeyEffectiveRightsItem.id, "Unexpected id for a item was found.");
            Assert.AreEqual(@"SOFTWARE\Modulo\RiskManager", firstRegKeyEffectiveRightsItem.key.Value, "Unexpected entity item type value was found.");
            Assert.AreEqual("0", firstRegKeyEffectiveRightsItem.key_enumerate_sub_keys.Value, "Unexpected entity item type value was found.");
            
            var secondRegKeyEffectiveRightsItem = (regkeyeffectiverights_item)generatedItemFromObjectTypeWithSet[1];
            Assert.AreEqual("762", secondRegKeyEffectiveRightsItem.id, "Unexpected id for a item was found.");
            Assert.AreEqual(@"SOFTWARE\Modulo\RiskManagerNG", secondRegKeyEffectiveRightsItem.key.Value, "Unexpected entity item type value was found.");
            Assert.AreEqual("1", secondRegKeyEffectiveRightsItem.key_enumerate_sub_keys.Value, "Unexpected entity item type value was found.");
        }
Пример #13
0
        private ProbeBase CreateMockedProbe(CollectedItem[] fakeCollectedItems, ItemType[] fakeGeneratedItems, Exception exceptionToThrow)
        {
            MockRepository mocks = new MockRepository();
            var fakeConnectionManager = mocks.DynamicMock<IConnectionManager>();
            var fakeSystemDataSource = mocks.DynamicMock<BaseObjectCollector>();
            var fakeItemTypeGenerator = mocks.DynamicMock<IItemTypeGenerator>();

            if (exceptionToThrow == null)
            {
                Expect.Call(fakeItemTypeGenerator.GetItemsToCollect(null, null)).IgnoreArguments().Return(fakeGeneratedItems);
                Expect.Call(fakeSystemDataSource.CollectDataForSystemItem(null)).IgnoreArguments().Return(fakeCollectedItems);
            }
            else
            {
                Expect.Call(fakeItemTypeGenerator.GetItemsToCollect(null, null)).IgnoreArguments().Throw(exceptionToThrow);
                Expect.Call(fakeSystemDataSource.CollectDataForSystemItem(null)).IgnoreArguments().CallOriginalMethod(OriginalCallOptions.NoExpectation);
            }

            mocks.ReplayAll();

            return new AuditEventPolicyProber()
            {
                ConnectionManager = fakeConnectionManager,
                ObjectCollector = fakeSystemDataSource,
                ItemTypeGenerator = fakeItemTypeGenerator
            };
        }
Пример #14
0
 private void DoBasicAssert(CollectedItem[] collectedItems, int expectedResultCount)
 {
     Assert.IsNotNull(collectedItems, "The result of item collection cannot be null");
     Assert.AreEqual(1, collectedItems.Count(), "Unexpected items count was found.");
 }
        private void DoBasicAssertForXmlFileContentCollectedItems(CollectedItem[] collectedItems, StatusEnumeration expectedStatus)
        {
            var collectedItemType = collectedItems.Single().ItemType;
            var withExistsStatus = expectedStatus == StatusEnumeration.exists;
            var expectedType = typeof(xmlfilecontent_item);
            
            ItemTypeChecker.DoBasicAssertForCollectedItems(collectedItems, 1, expectedType, withExistsStatus);
            

            if (expectedStatus == StatusEnumeration.error)
                ItemTypeChecker.AssertItemTypeWithErrorStatus(collectedItemType, "XmlFileContentObjectCollector");
            else
                Assert.AreEqual(expectedStatus, collectedItemType.status, "Unexpected collected item status was found.");

            var filepathEntity = ((xmlfilecontent_item)collectedItemType).filepath;
            var xpathEntity = ((xmlfilecontent_item)collectedItemType).xpath;
            ItemTypeEntityChecker.AssertItemTypeEntity(filepathEntity, "c:\\temp");
            ItemTypeEntityChecker.AssertItemTypeEntity(xpathEntity, "//generator/product_name");
        }
 private void DoBasicAssert(CollectedItem[] collectedItems, int expectedCollectedItemsCount)
 {
     Assert.IsNotNull(collectedItems, "There is no collected items.");
     Assert.AreEqual(expectedCollectedItemsCount, collectedItems.Count(), "Unexpected collected items count was found.");
 }
Пример #17
0
 public ProcessProberTests()
 {
     this.FakeProcessItem = new process_item();
     this.FakeCollectedItem = ProbeHelper.CreateFakeCollectedItem(new OVAL.SystemCharacteristics.Unix.process_item());
 }
        private void assertFileEffectiveRightsCollectedItems(CollectedItem expectedItem, ItemType collectedItem)
        {
            fileeffectiverights_item expectedFileItem = (fileeffectiverights_item)expectedItem.ItemType;
            fileeffectiverights_item collectedFileItem = (fileeffectiverights_item)collectedItem;

            Assert.AreEqual(expectedFileItem.trustee_sid.Value, collectedFileItem.trustee_sid.Value, string.Format(MSG_UNEXPECTED_COLLECTED_ENTITY_VALUE, "trustee_sid"));
        }
Пример #19
0
 private IEnumerable<CollectedItem> createFakeFamilyItem()
 {
     var familyItemType = new EntityItemFamilyType() { Value = "Windows" };
     var family = new family_item() { id = "1", family = familyItemType };
     var collectedItem = new CollectedItem() { ItemType = family, ExecutionLog = new List<ProbeLogItem>() };
     return new List<CollectedItem>() { collectedItem } ;
 }