private IEnumerable<string> ApplyRestriction(RestrictionType restriction, string value, Common.SimpleDatatypeEnumeration datatypeEnumeration, string restrictionHint)
{
List<string> messages = new List<string>();
IOvalComparator comparator = new OvalComparatorFactory().GetComparator(datatypeEnumeration);
if (!comparator.Compare(value, restriction.Value, restriction.operation))
{
StringBuilder sb = new StringBuilder();
sb.AppendLine(restrictionHint);
sb.AppendLine(restriction.GetRestrictionMessage());
messages.Add(sb.ToString());
}
return messages;
}
public static IEnumerable<string> EvaluateOperationsDifferentsOfPatternMatch(
OperationEnumeration operation, string entityValue, IEnumerable<string> valuesToMatch)
{
IOvalComparator comparator = new OvalComparatorFactory().GetComparator(SimpleDatatypeEnumeration.@string);
List<string> values = new List<string>();
foreach (string valueToMatch in valuesToMatch)
{
if (comparator.Compare(entityValue, valueToMatch, operation))
values.Add(valueToMatch);
}
return values;
}
private IEnumerable<String> ProcessOperationForIdEntity(
EntityObjectIntType idEntity, IEnumerable<string> currentIdValues)
{
if (idEntity.operation.Equals(OperationEnumeration.equals))
return currentIdValues;
var result = new List<String>();
var allMetabaseIDs = this.ObjectCollector.GetAllMetabaseIDs();
var ovalComparator = new OvalComparatorFactory().GetComparator(idEntity.datatype);
foreach (var idValue in currentIdValues)
foreach (var metabaseId in allMetabaseIDs)
if (ovalComparator.Compare(metabaseId, idValue, idEntity.operation))
result.Add(metabaseId);
return result;
}
private IEnumerable<OVAL.SystemCharacteristics.ItemType> ProcessEntityOperation(String entityValue, EntityObjectStringType entity)
{
var allTargetProcesses = this.ProcessCollector.getProcessInfo();
var processResult = new List<OVAL.SystemCharacteristics.ItemType>();
var comparator = new OvalComparatorFactory().GetComparator(SimpleDatatypeEnumeration.@string);
foreach (var targetProcess in allTargetProcesses)
{
if (comparator.Compare(targetProcess.Command, entityValue, entity.operation))
{
var newProcessItem = CreateProcessItem(targetProcess);
processResult.Add(newProcessItem);
}
}
return processResult;
}
private bool ProcessComparisionForComplexEntityType(
EntityItemRecordType[] valueOfFieldItemType,
EntityStateRecordType valueOfFieldStateType)
{
if (valueOfFieldItemType == null)
return false;
var recordFieldsOfState = valueOfFieldStateType.field;
var recordFieldsOfItem = valueOfFieldItemType.First().field;
foreach (var stateField in recordFieldsOfState)
{
var equivalentItemField =
recordFieldsOfItem.Where(
item => item.name.Equals(stateField.name, StringComparison.InvariantCultureIgnoreCase))
.SingleOrDefault();
if (equivalentItemField == null)
return false;
var stateEntityFieldValue = stateField.Value;
if (!String.IsNullOrWhiteSpace(stateField.var_ref))
stateEntityFieldValue = ProcessVariableById(stateField.var_ref);
var ovalComparator = new OvalComparatorFactory().GetComparator(stateField.datatype);
if (!ovalComparator.Compare(equivalentItemField.Value, stateEntityFieldValue, stateField.operation))
return false;
}
return true;
}
private bool Compare(EntityItemSimpleBaseType valueOfFieldItemType, EntitySimpleBaseType valueOfFieldStateType)
{
string itemValue = valueOfFieldItemType.Value;
string stateValue = valueOfFieldStateType.Value;
if ((itemValue == null) && (stateValue == null))
return true;
// If one of objects to compare is null and another one is not null the compare result must be false.
if (this.IsOneOfTheseObjectsNullAndAnotherOneNotNull(itemValue, stateValue) && string.IsNullOrEmpty(valueOfFieldStateType.var_ref))
return false;
var value = valueOfFieldStateType.Value;
if (IsThereDefinedVariable(valueOfFieldStateType))
value = ProcessVariableById(valueOfFieldStateType.var_ref);
IOvalComparator comparator = new OvalComparatorFactory().GetComparator(valueOfFieldStateType.datatype);
string firstElement = itemValue;
string secondElement = value;
return comparator.Compare(firstElement, secondElement, valueOfFieldStateType.operation);
}
private IEnumerable<ItemType> ProcessOperationsInstance(IEnumerable<ItemType> itemTypes, textfilecontent54_object textFileContent)
{
var result = new List<ItemType>();
var instanceEntity =
(EntityObjectIntType)textFileContent.GetItemValue(textfilecontent54_ItemsChoices.instance);
var comparator = new OvalComparatorFactory().GetComparator(instanceEntity.datatype);
foreach (var itemType in itemTypes)
{
if (itemType.status == StatusEnumeration.exists)
{
var textFileContentItem = (textfilecontent_item)itemType;
if (comparator.Compare(textFileContentItem.instance.Value, instanceEntity.Value, instanceEntity.operation))
result.Add(itemType);
}
else
{
result.Add(itemType);
}
}
return result;
}
private List<String> processTrusteeSID(string trusteeSID, string[] valuesToComparer)
{
var objectCollector = ((RegKeyEffectiveRightsObjectCollector)this.SystemDataSource);
if ((valuesToComparer == null) || (valuesToComparer.Count() == 0))
valuesToComparer = objectCollector.SearchUserTrusteeSIDs().ToArray();
var result = new List<String>();
var comparator = new OvalComparatorFactory().GetComparator(SimpleDatatypeEnumeration.@string);
foreach (var sidToCompare in valuesToComparer)
{
//var hasRegKeyUserDACL =
// objectCollector.IsThereDACLOnRegistryKeyForUser(
// HiveObjectEntity.Value, KeyObjectEntity.Value, sidToCompare);
//if (!hasRegKeyUserDACL)
// continue;
if (comparator.Compare(sidToCompare, trusteeSID, this.TrusteeSIDObjectEntity.operation))
result.Add(sidToCompare);
}
return result;
}
private IList<string> ProcessOperationDifferentOfEquals(OperationEnumeration operation, String entityValue)
{
var allSecurityPrinciples = this.getAllSecurityPrinciples();
var comparator = new OvalComparatorFactory().GetComparator(SimpleDatatypeEnumeration.@string);
var processingResult = new List<String>();
foreach (var securityPrinciple in allSecurityPrinciples)
if (comparator.Compare(securityPrinciple, entityValue, operation))
processingResult.Add(securityPrinciple);
return processingResult;
}
private bool Compare(string foundUserSID, string expectedUserSID, OperationEnumeration operation)
{
var ovalCompartor = new OvalComparatorFactory().GetComparator(SimpleDatatypeEnumeration.@string);
return ovalCompartor.Compare(foundUserSID, expectedUserSID, operation);
}
private IEnumerable<String> ProcessOperationForKeyEntity(
EntityObjectStringType keyEntity, IEnumerable<string> currentKeyValues)
{
if (keyEntity.operation.Equals(OperationEnumeration.equals))
return currentKeyValues;
var result = new List<String>();
var allMetabaseKeys = this.ObjectCollector.GetAllMetabaseKeys();
var ovalComparator = new OvalComparatorFactory().GetComparator(keyEntity.datatype);
foreach (var keyValue in currentKeyValues)
foreach (var metabaseKey in allMetabaseKeys)
if (ovalComparator.Compare(metabaseKey, keyValue, keyEntity.operation))
result.Add(metabaseKey);
return result;
}
private IEnumerable<string> EvaluateOperation(string value, IEnumerable<string> valuesToMatch, OperationEnumeration operation)
{
IOvalComparator comparator = new OvalComparatorFactory().GetComparator(SimpleDatatypeEnumeration.@string);
List<string> values = new List<string>();
foreach (string valueToMatch in valuesToMatch)
{
if (comparator.Compare(value, valueToMatch, operation))
values.Add(value);
}
return values;
}
private List<string> EvaluateOperationNotEqualsOfFileName(string path, string fileName,bool concatenatedPath)
{
List<string> values = new List<string>();
string[] result;
result = this.searchFileChildren(path, true);
result = this.removeDirectoriesFromList(result);
IOvalComparator comparator = new OvalComparatorFactory().GetComparator(SimpleDatatypeEnumeration.@string);
foreach (string valueToMatch in result)
{
string fileNameToMatch = Path.GetFileName(valueToMatch);
if (comparator.Compare(fileName, fileNameToMatch, OperationEnumeration.notequal))
{
if (concatenatedPath)
values.Add(valueToMatch);
else
values.Add(fileNameToMatch);
}
}
return values;
}
private IList<String> processOperation(string[] allGroupSIDs, string entityValue, OperationEnumeration operation)
{
var comparator = new OvalComparatorFactory().GetComparator(SimpleDatatypeEnumeration.@string);
var processingResult = new List<String>();
foreach (var groupSID in allGroupSIDs)
if (comparator.Compare(groupSID, entityValue, operation))
processingResult.Add(groupSID);
return processingResult;
}
private bool Compare(EntityItemSimpleBaseType valueOfFieldItemType, EntityItemSimpleBaseType valueOfFieldOtherItemType)
{
if ((valueOfFieldItemType.Value == null) && (valueOfFieldOtherItemType.Value == null))
return true;
if (valueOfFieldItemType.status != valueOfFieldOtherItemType.status)
return false;
IOvalComparator comparator = new OvalComparatorFactory().GetComparator(valueOfFieldItemType.datatype);
return comparator.Compare(valueOfFieldItemType.Value, valueOfFieldOtherItemType.Value, OperationEnumeration.equals);
}
public virtual IEnumerable<ItemType> CollectItems(string filepath, string trusteeSidPattern, OperationEnumeration operation)
{
var cachedItems = this.TryToGetCollectedItemsFromCache(filepath, trusteeSidPattern);
if (cachedItems != null)
return cachedItems.Select(item => CloneItemType(item));
var invokeMethodInfo = CreateInvokeMethodInfo(filepath);
object managementACEs = null;
try
{
managementACEs = WmiProvider.InvokeMethodByWmiPath(invokeMethodInfo);
}
catch (InvalidInvokeMethodException)
{
var notExistItem = CreateItemToCollect(filepath, trusteeSidPattern, StatusEnumeration.doesnotexist);
return new ItemType[] { notExistItem };
}
var allUsers = DaclDisassembler.GetAllSecurityDescriptorsFromManagementObject(managementACEs).ToList();
var usersDACLs = new Dictionary<string, List<WMIWinACE>>();
foreach (var userACL in allUsers)
{
var sid = userACL.Trustee.SIDString;
if (usersDACLs.ContainsKey(sid))
usersDACLs[sid].Add(userACL);
else
usersDACLs.Add(sid, new WMIWinACE[] { userACL }.ToList());
}
var ovalComparator = new OvalComparatorFactory().GetComparator(SimpleDatatypeEnumeration.@string);
var collectedItems = new List<fileeffectiverights_item>();
foreach (var dacl in usersDACLs)
{
var trusteeSID = dacl.Key;
var userDACLs = dacl.Value;
if (ovalComparator.Compare(trusteeSID, trusteeSidPattern, operation))
{
cachedItems = this.TryToGetCollectedItemsFromCache(filepath, trusteeSID);
if (cachedItems != null)
{
collectedItems.AddRange(cachedItems.Select(item => CloneItemType(item)));
continue;
}
var newCollectedItem = this.CreateItemToCollect(filepath, trusteeSID);
FillCollectedItem(newCollectedItem, userDACLs);
collectedItems.Add(newCollectedItem);
this.AddToFlatCache(filepath, trusteeSID, newCollectedItem);
}
}
if (collectedItems.Count == 0)
{
var newNotExistsItem = CreateItemToCollect(filepath, trusteeSidPattern, StatusEnumeration.doesnotexist);
collectedItems.Add(newNotExistsItem);
this.AddToFlatCache(filepath, trusteeSidPattern, newNotExistsItem);
}
this.AddToCache(filepath, trusteeSidPattern, collectedItems);
return collectedItems;
}