public IEnumerable<ObjectType> ProcessVariables(ObjectType objcetType) { var textFileContentObject = (textfilecontent54_object)objcetType; var textFileContentObjects = new List<ObjectType>(); IEnumerable<string> variablesFromFilePath = null; IEnumerable<string> variablesFromFileName = null; IEnumerable<string> variablesFrompath = null; if (textFileContentObject.IsFilePathDefined()) variablesFromFilePath = this.ProcessVariableForFilePath(textFileContentObject); else { variablesFromFileName = this.ProcessVariableForFileName(textFileContentObject); variablesFrompath = this.ProcessVariableForPath(textFileContentObject); } var variablesFrompattern = this.ProcessVariableForPattern(textFileContentObject); var variablesFromInstance = this.ProcessVariableForInstance(textFileContentObject); if (this.IsVariablesWasProcessed(variablesFromFilePath, variablesFromFileName, variablesFrompattern, variablesFrompath, variablesFromInstance)) { var factory = new TextFileContentObjectFactory(); textFileContentObjects.AddRange(factory.CreateObjectTypeByCombinationOfEntities(textFileContentObject, variablesFromFilePath, variablesFromFileName, variablesFrompath, variablesFrompattern, variablesFromInstance)); } return textFileContentObjects; }
protected override set GetSetElement(ObjectType objectType) { var setElementName = fileeffectiverights53_object_ItemsChoices.set; var setElement = ((fileeffectiverights53_object)objectType).GetItemValue(setElementName); return (set)setElement; }
public UserSID55EntityVariableEvaluator(ObjectType objectType, VariablesEvaluated variablesEvaluated) : base(objectType, variablesEvaluated) { this.checkObjectType(objectType); base.AllObjectEntities = new Dictionary<string, EntityObjectStringType>(); base.AllObjectEntities.Add("user_sid", ((user_sid55_object)objectType).UserSID); }
public RegKeyEffectiveRightsVariableEvaluator(ObjectType objectType, VariablesEvaluated variablesEvaluated) : base(objectType, variablesEvaluated) { if (!(objectType is regkeyeffectiverights53_object)) throw new Exception(string.Format("[RegKeyEffectiveRightsVariableEvaluator] - The type of object is invalid: '{0}'.", objectType.ToString())); base.AllObjectEntities = ((regkeyeffectiverights53_object)objectType).GetAllObjectEntities(); }
/// <summary> /// Constructor. /// </summary> /// <param name="ovalDefinitionsObjects">The oval objects list from Oval Definitions.</param> public TargetPlatformDiscoverer(ObjectType[] ovalDefinitionsObjects) { this.OvalDefinitionsObjectNamepaces = new List<String>(); if (ovalDefinitionsObjects != null) foreach (var @object in ovalDefinitionsObjects) foreach (var attribute in @object.GetType().GetCustomAttributes(typeof(XmlRootAttribute), false)) if (!this.OvalDefinitionsObjectNamepaces.Contains((attribute as XmlRootAttribute).Namespace)) this.OvalDefinitionsObjectNamepaces.Add((attribute as XmlRootAttribute).Namespace); }
public SID_SID_EntityVariableEvaluator(ObjectType objectType, VariablesEvaluated variablesEvaluated) : base(objectType, variablesEvaluated) { if (!(objectType is sid_sid_object)) throw new Exception(string.Format("[SID_SID_EntityVariableEvaluator] - The type of object is invalid: '{0}'.", objectType.ToString())); base.AllObjectEntities = new Dictionary<string, EntityObjectStringType>(); base.AllObjectEntities.Add("trustee_sid", ((sid_sid_object)objectType).TrusteeSID); }
public UserEntityVariableEvaluator(ObjectType objectType, VariablesEvaluated variablesEvaluated) : base(objectType, variablesEvaluated) { if (!(objectType is user_object)) throw new Exception(string.Format("[UserEntityVariableEvaluator] - The type of object is invalid: '{0}'.", objectType.ToString())); base.AllObjectEntities = new Dictionary<string, EntityObjectStringType>(); base.AllObjectEntities.Add("user", ((user_object)objectType).User); }
public virtual IEnumerable<string> ProcessOperationForKeyEntity(ObjectType sourceObject, string[] KeysAlreadyProcessed) { this.ConfigureObjectEntities((regkeyeffectiverights53_object)sourceObject); KeysAlreadyProcessed = this.GetEntityValuesAlreadyProcessed(KeysAlreadyProcessed, this.KeyObjectEntity.Value); List<String> operationResult = new List<String>(); foreach (var key in KeysAlreadyProcessed) operationResult.AddRange(this.processKey(key)); return operationResult; }
public IEnumerable<OVAL.SystemCharacteristics.ItemType> GetItemsToCollect(ObjectType objectType, VariablesEvaluated variables) { var processObject = (OVAL.Definitions.Unix.process_object)objectType; var commandEntity = (EntityObjectStringType)processObject.Item; var commandEntityValues = new VariableEntityEvaluator(variables).EvaluateVariableForEntity(commandEntity); var itemsToCollect = new List<OVAL.SystemCharacteristics.ItemType>(); foreach (var commandValue in commandEntityValues) itemsToCollect.AddRange(ProcessEntityOperation(commandValue, commandEntity)); return itemsToCollect; }
private void assertFileEffectiveRightsInitialEntities(Definitions.ObjectType sourceObject, SystemCharacteristics.ItemType collectedItem) { fileeffectiverights_item collectedFileEffectiveRightsItem = (fileeffectiverights_item)collectedItem; var allExpectedEntities = OvalHelper.GetFileEffectiveRightsFromObjectType((fileeffectiverights_object)sourceObject); string expectedPath = allExpectedEntities[fileeffectiverights_object_ItemsChoices.path.ToString()].Value; string expectedFileName = allExpectedEntities[fileeffectiverights_object_ItemsChoices.filename.ToString()].Value; string expectedTrusteeName = allExpectedEntities[fileeffectiverights_object_ItemsChoices.trustee_name.ToString()].Value; Assert.AreEqual(expectedPath, collectedFileEffectiveRightsItem.path.Value, string.Format(MSG_UNEXPECTED_COLLECTED_ITEM_VALUE, "path")); Assert.AreEqual(expectedFileName, collectedFileEffectiveRightsItem.filename.Value, string.Format(MSG_UNEXPECTED_COLLECTED_ITEM_VALUE, "filename")); Assert.AreEqual(expectedTrusteeName, collectedFileEffectiveRightsItem.trustee_name.Value, string.Format(MSG_UNEXPECTED_COLLECTED_ITEM_VALUE, "trustee_name")); }
public AuditEventPolicyProberTest() { this.FakeContext = ProbeHelper.CreateFakeContext(); this.FakeTargetInfo = ProbeHelper.CreateFakeTarget(); this.FakeItemsToCollect = new ItemType[] { new auditeventpolicy_item() }; var fakeAuditEventPolicyItem = new auditeventpolicy_item(); fakeAuditEventPolicyItem.CreateAllEntityItemsWithAuditNoneEventStatus(); fakeAuditEventPolicyItem.detailed_tracking.Value = AuditEventStatus.AUDIT_SUCCESS_FAILURE.ToString(); this.FakeCollectedItems = new CollectedItem[] { ProbeHelper.CreateFakeCollectedItem(fakeAuditEventPolicyItem) }; var objects = new Definitions.ObjectType[] { ProbeHelper.GetDefinitionObjectTypeByID("definitionsSimple", "2100") }; this.FakeCollectInfo = ProbeHelper.CreateFakeCollectInfo(objects, null, null); }
private IEnumerable <String> processVariables(Definitions.ObjectType objectType, VariablesEvaluated variables) { var groupSIDEntity = ((group_sid_object)objectType).GetGroupSIDEntity(); var thereIsNoEvaluatedVariable = ((variables == null) || (variables.VariableValues.Count() == 0)); if (thereIsNoEvaluatedVariable && (string.IsNullOrEmpty(groupSIDEntity.var_ref))) { return(new List <String>(new string[] { groupSIDEntity.Value })); } var result = new GroupSIDEntityVariableEvaluator(objectType, variables).TryToProcessObjectEntity(objectType.ComponentString); return((result == null) ? null : result); }
/// <summary> /// Creates a items to collect from given object type. /// </summary> /// <param name="objectType">Type of the object.</param> /// <returns>A list of ItemType</returns> public virtual IEnumerable <ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables) { var variableEvaluator = new FileEffectiveRightsVariableEvaluator(variables); var operationEvaluator = new FileEffectiveRightsOperationEvaluator(SystemDataSource, FileProvider); var fileEffectiveRights = (fileeffectiverights_object)objectType; if (fileEffectiveRights.HasVariableDefined()) { var objects = variableEvaluator.ProcessVariables(objectType); return(operationEvaluator.ProcessOperation(objects).ToList()); } return(operationEvaluator.ProcessOperation(fileEffectiveRights).ToList()); }
private IEnumerable <String> processVariables(Definitions.ObjectType objectType, VariablesEvaluated variables) { var userSIDEntity = ((user_sid55_object)objectType).UserSID; bool thereIsNoEvaluatedVariable = ((variables == null) || (variables.VariableValues.Count() == 0)); if (thereIsNoEvaluatedVariable && (string.IsNullOrEmpty(userSIDEntity.var_ref))) { return(new List <String>(new string[] { userSIDEntity.Value })); } var variableEvaluator = new UserSID55EntityVariableEvaluator(objectType, variables); var processedVariables = variableEvaluator.ProcessVariableForAllObjectEntities(); return((processedVariables == null) ? null : processedVariables); }
private IEnumerable<ObjectType> CreateFileObjectWithFilePath(ObjectType fileObject, IEnumerable<string> variablesFromFilePath) { List<ObjectType> fileObjects = new List<ObjectType>(); if (variablesFromFilePath == null) return fileObjects; foreach (string filePath in variablesFromFilePath) { if (String.IsNullOrWhiteSpace(filePath)) continue; ObjectType newFileObject = this.CreateObjectTypeFrom(fileObject, filePath, "", ""); fileObjects.Add(newFileObject); } return fileObjects; }
private IEnumerable <String> processVariables(Definitions.ObjectType objectType, VariablesEvaluated variables) { string groupNameEntityValue = ((group_object)objectType).Group.Value; if ((variables == null) || (variables.VariableValues.Count() == 0)) { return(new List <String>(new string[] { groupNameEntityValue })); } else { var variableEvaluator = new GroupEntityVariableEvaluator(objectType, variables); var processedVariables = variableEvaluator.ProcessVariableForAllObjectEntities(); return((processedVariables == null) ? null : processedVariables); } }
/// <summary> /// Generates concrete items type to collect from object type. /// </summary> public virtual IEnumerable <ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables) { var itemsToCollect = new List <ItemType>(); var variableEvaluator = new RegKeyEffectiveRightsVariableEvaluator(objectType, variables); var hiveValue = variableEvaluator.AllObjectEntities[HiveEntityValue].Value; var processedKeys = variableEvaluator.TryToProcessObjectEntity(KeyEntityName); if (processedKeys != null) { processedKeys = this.OperationEvaluator.ProcessOperationForKeyEntity(objectType, processedKeys.ToArray()); } if (processedKeys == null) { return new ItemType[] { } } ; var processedTrustees = variableEvaluator.TryToProcessObjectEntity(TrusteeSIDEntityName); var trusteeSidEntity = variableEvaluator.AllObjectEntities[TrusteeSIDEntityName]; if (processedTrustees == null) { return new ItemType[] { } } ; foreach (var regKey in processedKeys) { foreach (var sid in processedTrustees) { if (trusteeSidEntity.operation.Equals(OperationEnumeration.equals)) { var newItemToCollect = this.createRegKeyEffectiveRights(hiveValue, regKey, sid); newItemToCollect.status = StatusEnumeration.notcollected; itemsToCollect.Add(newItemToCollect); } else { var alreadyCollectedItems = ObjectCollector.CollectItemsApplyingOperation(hiveValue, regKey, sid, trusteeSidEntity.operation); itemsToCollect.AddRange(alreadyCollectedItems); } } } return(itemsToCollect); }
public AuditEventPolicyProberTest() { this.FakeContext = ProbeHelper.CreateFakeContext(); this.FakeTargetInfo = ProbeHelper.CreateFakeTarget(); this.FakeItemsToCollect = new ItemType[] { new auditeventpolicy_item() }; var fakeAuditEventPolicyItem = new auditeventpolicy_item(); fakeAuditEventPolicyItem.CreateAllEntityItemsWithAuditNoneEventStatus(); fakeAuditEventPolicyItem.detailed_tracking.Value = AuditEventStatus.AUDIT_SUCCESS_FAILURE.ToString(); this.FakeCollectedItems = new CollectedItem[] { ProbeHelper.CreateFakeCollectedItem(fakeAuditEventPolicyItem) }; var objects = new Definitions.ObjectType[] { ProbeHelper.GetDefinitionObjectTypeByID("definitionsSimple", "2100") }; this.FakeCollectInfo = ProbeHelper.CreateFakeCollectInfo(objects, null, null); }
public IEnumerable <String> ProcessVariablesForTypeFilePathEntities(Definitions.ObjectType objectType) { textfilecontent54_object fileContentObj = (textfilecontent54_object)objectType; var variablesFromFilePath = this.EvaluateVariableForEntity(fileContentObj, textfilecontent54_ItemsChoices.filepath); if ((variablesFromFilePath != null) && (variablesFromFilePath.Count() > 0)) { return(variablesFromFilePath); } var variablesFromPath = this.EvaluateVariableForEntity(fileContentObj, textfilecontent54_ItemsChoices.path); var variablesFromFilename = this.EvaluateVariableForEntity(fileContentObj, textfilecontent54_ItemsChoices.filename); return(this.CreateFilePathsListByCombinationOfEntities(variablesFromPath, variablesFromFilename)); }
public virtual IEnumerable <ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated evaluatedVariables) { var textFileContentObject = (textfilecontent54_object)objectType; if (textFileContentObject.HasVariableDefined()) { var variableEvaluator = new TextFileContentEntityVariableEvaluator(evaluatedVariables); var objectTypes = variableEvaluator.ProcessVariables(objectType); return(this.OperationEvaluator.ProcessOperation(objectTypes).ToList()); } else { return(this.OperationEvaluator.ProcessOperation(textFileContentObject).ToList()); } }
private IEnumerable<ObjectType> CreateFileObjectWithoutFilePath(ObjectType fileObject, IEnumerable<string> paths, IEnumerable<string> fileNames) { List<ObjectType> fileObjects = new List<ObjectType>(); foreach (string path in paths) { foreach (string fileName in fileNames) { if (!string.IsNullOrEmpty(path)) { ObjectType newFileObject = this.CreateObjectTypeFrom(fileObject, " ", path, fileName); fileObjects.Add(newFileObject); } } } return fileObjects; }
public IEnumerable<ObjectType> ProcessVariables(ObjectType objectType) { List<ObjectType> fileEffectiveRightObjects = new List<ObjectType>(); fileeffectiverights_object fileEffectiveRights = (fileeffectiverights_object)objectType; IEnumerable<string> fileNames = this.processVariablesFromEntity(fileEffectiveRights,fileeffectiverights_object_ItemsChoices.filename); IEnumerable<string> paths = this.processVariablesFromEntity(fileEffectiveRights,fileeffectiverights_object_ItemsChoices.path); IEnumerable<string> trustee_names = this.processVariablesFromEntity(fileEffectiveRights, fileeffectiverights_object_ItemsChoices.trustee_name); if (this.IsVariablesWasProcessed(fileEffectiveRights,fileNames, paths, trustee_names)) { FileEffectiveRightsObjectTypeFactory factory = new FileEffectiveRightsObjectTypeFactory(); var objectTypes = factory.CreateObjectTypeByCombinationOfEntities(fileEffectiveRights, paths, fileNames, trustee_names); fileEffectiveRightObjects.AddRange(objectTypes); } return fileEffectiveRightObjects; }
public IEnumerable<ObjectType> ProcessVariables(ObjectType objcetType) { textfilecontent_object fileContentObject = (textfilecontent_object)objcetType; List<ObjectType> fileContentObjects = new List<ObjectType>(); IEnumerable<string> variablesFromfileName = this.ProcessVariableForFileName(fileContentObject); IEnumerable<string> variablesFromline = this.ProcessVariableForLine(fileContentObject); IEnumerable<string> variablesFrompath = this.ProcessVariableForPath(fileContentObject); if (this.IsVariablesWasProcessed(variablesFromfileName, variablesFromline, variablesFrompath)) { FileContentObjectTypeFactory factory = new FileContentObjectTypeFactory(); fileContentObjects.AddRange(factory.CreateObjectTypeByCombinationOfEntities(fileContentObject, variablesFromfileName, variablesFromline, variablesFrompath)); } return fileContentObjects; }
private IEnumerable <String> processVariables(Definitions.ObjectType objectType, VariablesEvaluated variables) { var trusteeSIDEntityValue = ((sid_sid_object)objectType).TrusteeSID.Value; if ((variables == null) || (variables.VariableValues.Count() == 0)) { return new string[] { trusteeSIDEntityValue } } ; else { var variableEvaluator = new SID_SID_EntityVariableEvaluator(objectType, variables); var processedVariables = variableEvaluator.ProcessVariableForAllObjectEntities(); return((processedVariables == null) ? null : processedVariables.ToList()); } }
private IEnumerable <ItemType> TryToGetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables) { try { var itemsToCollect = this.ItemTypeGenerator.GetItemsToCollect(objectType, variables); if (itemsToCollect.Count() > 0) { return(itemsToCollect); } return(new ItemType[] { }); } catch (Exception ex) { return(new ItemType[] { this.CreateItemTypeWithErrorStatus(ex.Message) }); } }
public void Should_be_possible_to_execute_a_collect_for_RegKeyEffectiveRights_with_referenced_variable_on_key_entity() { var fakeObjects = new Definitions.ObjectType[] { ProbeHelper.GetDefinitionObjectTypeByID("definitionsSimple", "770") }; string fakeVariableValue = @"SOFTWARE\Microsoft\Windows NT\CurrentVersion"; var fakeEvaluatedVariables = VariableHelper.CreateVariableWithOneValue("oval:modulo:obj:770", "oval:modulo:var:770", fakeVariableValue); var fakeCollectInfo = ProbeHelper.CreateFakeCollectInfo(fakeObjects, fakeEvaluatedVariables, null); var fakeCollectedItems = new CollectedItem[] { ProbeHelper.CreateFakeCollectedItem(new regkeyeffectiverights_item()) }; var prober = this.GetMockedRegKeyEffectiveRightsProber(fakeCollectedItems, null); var proberExecutionResult = prober.Execute(FakeContext, FakeTargetInfo, fakeCollectInfo); this.doBasicProbeResultAssert(proberExecutionResult); CollectedObject collectedObject = proberExecutionResult.CollectedObjects.Single(obj => obj.ObjectType.id.Equals("oval:modulo:obj:770")); this.assertCollectedItemsReferences(collectedObject, (IList <ItemType>)collectedObject.SystemData); Assert.AreEqual(1, collectedObject.SystemData.Count, "Unexpected system data count."); this.assertCollectedItemStatus(collectedObject.ObjectType.reference.ElementAt(0), collectedObject.SystemData[0]); }
public IEnumerable <ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables) { var variableId = ((variable_object)objectType).GetItemValue().ToString(); var variableValues = variables.GetVariableValueForVariableId(variableId); if (HasVariableValues(variables.VariableValues)) { var variable = variableValues.FirstOrDefault(var => var.VariableId.Equals(variableId)); if (variable != null && variable.values != null && variable.values.Count() > 0) { return new ItemType[] { this.CreateVariableItem(variableId) } } ; } return(new ItemType[] { }); }
public virtual IEnumerable <ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated evaluatedVariables) { var textFileContentObject = (textfilecontent_object)objectType; var operationEvaluator = new FileContentEntityOperationEvaluator( this.FileContentSystemDataSource, WindowsFileProvider); if (textFileContentObject.HasVariableDefined()) { var fileContentEntityVariableEvaluator = new FileContentEntityVariableEvaluator(evaluatedVariables); var objectTypes = fileContentEntityVariableEvaluator.ProcessVariables((textfilecontent_object)objectType); return(operationEvaluator.ProcessOperation(objectTypes).ToList()); } else { return(operationEvaluator.ProcessOperation(textFileContentObject).ToList()); } }
private static string GetFilepathEntityName(Defs.ObjectType objectType) { var windowsFileObjectType = typeof(OVAL.Definitions.Windows.file_object); var unixFileObjectType = typeof(OVAL.Definitions.Unix.file_object); if (objectType.GetType().Equals(windowsFileObjectType)) { return(file_object_ItemsChoices.filepath.ToString()); } else if (objectType.GetType().Equals(unixFileObjectType)) { return(OVAL.Definitions.Unix.ItemsChoiceType3.filepath.ToString()); } else { throw new ArgumentException(String.Format("This object type '{0}' is not supported.", objectType.GetType().ToString())); } }
/// <summary> /// Creates a items to collect from given object type. /// </summary> /// <param name="objectType">Type of the object.</param> /// <returns>A list of ItemType</returns> public virtual IList<ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables) { this.CreateEvaluators(variables); var objectTypes = new Definitions.ObjectType[] { objectType }; if (this.HasVariableDefined(objectType)) { if (objectType is OVAL.Definitions.Unix.file_object) objectTypes = this.FileVariableEvaluator.ProcessVariables((OVAL.Definitions.Unix.file_object)objectType).ToArray(); else objectTypes = this.FileVariableEvaluator.ProcessVariables((OVAL.Definitions.Windows.file_object)objectType).ToArray(); } var itemsToCollect = this.OperationEvaluator.ProcessOperation(objectTypes).ToList(); this.OperationEvaluator = null; this.FileVariableEvaluator = null; return itemsToCollect; }
public virtual IEnumerable <ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables) { var variableEvaluator = new VariableEntityEvaluator(variables); var namespaceEntity = (EntityObjectStringType)((wmi_object)objectType).GetItemValue(wmi_object_ItemsChoices.@namespace); var wqlEntity = (EntityObjectStringType)((wmi_object)objectType).GetItemValue(wmi_object_ItemsChoices.wql); var namespaces = variableEvaluator.EvaluateVariableForEntity(namespaceEntity); var wqls = variableEvaluator.EvaluateVariableForEntity(wqlEntity); var itemsToCollect = new List <ItemType>(); foreach (var ns in namespaces) { foreach (var wql in wqls) { itemsToCollect.Add(this.CreateWmiItem(ns, wql)); } } return(itemsToCollect); }
public IEnumerable<ObjectType> ProcessVariables(ObjectType objectType) { var fileeffectiverights53Object = (fileeffectiverights53_object)objectType; IEnumerable<string> filepaths = null; IEnumerable<string> paths = null; IEnumerable<string> filenames = null; if (fileeffectiverights53Object.IsFilePathDefined()) filepaths = this.EvaluateEntity(fileeffectiverights53Object, fileeffectiverights53_object_ItemsChoices.filepath); else { paths = this.EvaluateEntity(fileeffectiverights53Object, fileeffectiverights53_object_ItemsChoices.path); filenames = this.EvaluateEntity(fileeffectiverights53Object, fileeffectiverights53_object_ItemsChoices.filename, true); } IEnumerable<String> trusteeSIDs = this.EvaluateEntity(fileeffectiverights53Object, fileeffectiverights53_object_ItemsChoices.trustee_sid); var objectFactory = new FileEffectiveRights53ObjectFactory(); return objectFactory.CreateFileObjects(fileeffectiverights53Object, filepaths, paths, filenames, trusteeSIDs); }
public virtual IEnumerable<String> ProcessOperationForTrusteeSidEntity( ObjectType sourceObject, string[] TrusteeSIDsAlreadyProcessed) { this.ConfigureObjectEntities((regkeyeffectiverights53_object)sourceObject); TrusteeSIDsAlreadyProcessed = GetEntityValuesAlreadyProcessed(TrusteeSIDsAlreadyProcessed, TrusteeSIDObjectEntity.Value); List<String> operationResult = new List<String>(); foreach (var trusteeSID in TrusteeSIDsAlreadyProcessed) { if (this.TrusteeSIDObjectEntity.operation == OperationEnumeration.equals) { operationResult.Add(trusteeSID); continue; } operationResult = this.processTrusteeSID(trusteeSID, operationResult.ToArray()); } return operationResult; }
public IEnumerable<ObjectType> ProcessVariables(ObjectType objectType) { var fileAuditedPermissionsObject = (fileauditedpermissions53_object)objectType; string[] filepaths = null; string[] paths = null; string[] filenames = null; if (fileAuditedPermissionsObject.IsFilePathDefined()) filepaths = this.EvaluateEntity(fileAuditedPermissionsObject, fileauditedpermissions53_objectItemsChoices.filepath).ToArray(); else { paths = this.EvaluateEntity(fileAuditedPermissionsObject, fileauditedpermissions53_objectItemsChoices.path).ToArray(); filenames = this.EvaluateEntity(fileAuditedPermissionsObject, fileauditedpermissions53_objectItemsChoices.filename).ToArray(); } var trusteeSIDs = this.EvaluateEntity(fileAuditedPermissionsObject, fileauditedpermissions53_objectItemsChoices.trustee_sid).ToArray(); return new FileAuditedPermissions53ObjectFactory().CreateFileAuditedPermissions53Objects( fileAuditedPermissionsObject, filepaths, paths, filenames, trusteeSIDs); }
public IEnumerable<ObjectType> ProcessVariables(ObjectType objectType) { var xmlfilecontentObject = (xmlfilecontent_object)objectType; string[] filepaths = null; string[] paths = null; string[] filenames = null; if (xmlfilecontentObject.IsFilePathDefined()) filepaths = this.EvaluateEntity(xmlfilecontentObject, xmlfilecontent_ItemsChoices.filepath).ToArray(); else { paths = this.EvaluateEntity(xmlfilecontentObject, xmlfilecontent_ItemsChoices.path).ToArray(); filenames = this.EvaluateEntity(xmlfilecontentObject, xmlfilecontent_ItemsChoices.filename).ToArray(); } var xpaths = this.EvaluateEntity(xmlfilecontentObject, xmlfilecontent_ItemsChoices.xpath).ToArray(); return new XmlFileContentObjectFactory() .CreateXmlFileContentObjects(xmlfilecontentObject, filepaths, paths, filenames, xpaths); }
public IEnumerable <ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables) { var sapcodeObjectType = (sapcode_object)objectType; var variableEvaluator = new VariableEntityEvaluator(variables); var issues = variableEvaluator.EvaluateVariableForEntity(((EntitySimpleBaseType)sapcodeObjectType.Items[sapcodeObjectType.ItemsElementName.ToList().IndexOf(SapCodeObjectItemsChoices.issue)])); var systemNames = variableEvaluator.EvaluateVariableForEntity(((EntitySimpleBaseType)sapcodeObjectType.Items[sapcodeObjectType.ItemsElementName.ToList().IndexOf(SapCodeObjectItemsChoices.system_name)])); var itemList = new List <ItemType>(); foreach (var systemName in systemNames) { foreach (var issueNumber in issues) { itemList.Add(new sapcode_item() { issue = OvalHelper.CreateItemEntityWithIntegerValue(issueNumber), system_name = OvalHelper.CreateItemEntityWithIntegerValue(systemName) }); } } return(itemList.ToArray()); }
public void Should_be_possible_to_collect_a_GroupSIDObject_with_SET_element_defined() { var objectTypes = new Definitions.ObjectType[] { ProbeHelper.GetDefinitionObjectTypeByID("definitionsWithSet.xml", "oval:modulo:obj:1000") }; var fakeSystemCharacteristics = ProbeHelper.GetOvalSystemCharacteristicsFromFile("system_characteristics_with_sets.xml"); var fakeCollectInfo = ProbeHelper.CreateFakeCollectInfo(objectTypes, null, fakeSystemCharacteristics); var fakeCollectedItem = ProbeHelper.CreateFakeCollectedItem(this.CreateFakeGroupSIDItemType()); var groupSIDProber = new GroupSIDProber(); ProberBehaviorCreator .CreateBehaviorForNormalFlowExecution( groupSIDProber, null, new CollectedItem[] { fakeCollectedItem }); var probeExecutionResult = groupSIDProber.Execute(FakeContext, FakeTargetInfo, fakeCollectInfo); Assert.IsNotNull(probeExecutionResult); Assert.AreEqual(1, probeExecutionResult.CollectedObjects.Count()); var collectedObject = probeExecutionResult.CollectedObjects.ElementAt(0).ObjectType; Assert.AreEqual("oval:modulo:obj:1000", collectedObject.id); Assert.AreEqual(FlagEnumeration.complete, collectedObject.flag); Assert.AreEqual(2, collectedObject.reference.Count()); Assert.AreEqual("1001", collectedObject.reference.ElementAt(0).item_ref); Assert.AreEqual("1002", collectedObject.reference.ElementAt(1).item_ref); var collectedItems = probeExecutionResult.CollectedObjects.ElementAt(0).SystemData; Assert.AreEqual(2, collectedItems.Count); var firstItem = (group_sid_item)collectedItems.ElementAt(0); this.AssertCollectedItem(firstItem, "1001", "S-1-5-32-500", new string[] { "S-1-5-32-500-1", "S-1-5-32-500-2" }); var secondItem = (group_sid_item)collectedItems.ElementAt(1); this.AssertCollectedItem(secondItem, "1002", "S-1-5-32-501", new string[] { "S-1-5-32-501-1", "S-1-5-32-501-2" }); }
private IEnumerable <string> processOperation(Definitions.ObjectType objectType, IEnumerable <String> evalutedVariables) { var trusteeEntity = ((sid_sid_object)objectType).TrusteeSID; var entityOperation = trusteeEntity.operation; var trusteeSIDs = string.IsNullOrEmpty(trusteeEntity.var_ref) ? new string[] { trusteeEntity.Value } : evalutedVariables.ToArray(); var operationResult = new List <String>(); foreach (var trusteeSID in trusteeSIDs) { var valuesToApply = (this.getValuesToApplyOperation(entityOperation, trusteeSID)).ToArray(); if (entityOperation == OperationEnumeration.patternmatch) { operationResult.AddRange(new MultiLevelPatternMatchOperation(FamilyEnumeration.windows).applyPatternMatch(trusteeSID, valuesToApply)); } else { operationResult.AddRange(this.EvaluateOperationsDifferentsOfPatternMatch(entityOperation, trusteeSID, valuesToApply)); } } return(operationResult); }
/// <summary> /// Creates a items to collect from given object type. /// </summary> /// <param name="objectType">Type of the object.</param> /// <returns>A list of ItemType</returns> public virtual IList <ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables) { this.CreateEvaluators(variables); var objectTypes = new Definitions.ObjectType[] { objectType }; if (this.HasVariableDefined(objectType)) { if (objectType is OVAL.Definitions.Unix.file_object) { objectTypes = this.FileVariableEvaluator.ProcessVariables((OVAL.Definitions.Unix.file_object)objectType).ToArray(); } else { objectTypes = this.FileVariableEvaluator.ProcessVariables((OVAL.Definitions.Windows.file_object)objectType).ToArray(); } } var itemsToCollect = this.OperationEvaluator.ProcessOperation(objectTypes).ToList(); this.OperationEvaluator = null; this.FileVariableEvaluator = null; return(itemsToCollect); }
/// <summary> /// Executes a normal collect, using the system datasource for data collecting. /// </summary> /// <param name="ovalComponent">The oval component.</param> /// <param name="collectInfo">The collect info.</param> /// <param name="id">The id parameter is 'a sequencial number controlled by external scope.</param> /// <returns></returns> private CollectedObject ProcessCollect(Definitions.ObjectType ovalComponent, CollectInfo collectInfo, ProbeResultBuilder probeResultBuilder, ref int id) { CollectedObject collectedObject = null; var allItemsToCollect = this.TryToGetItemsToCollect(ovalComponent, collectInfo.Variables); if (allItemsToCollect.Count() > 0) { collectedObject = new CollectedObject(ovalComponent.id); foreach (var itemToCollect in allItemsToCollect) { var collectedItems = ObjectCollector.CollectDataForSystemItem(itemToCollect); foreach (var collectedItem in collectedItems) { var itemType = probeResultBuilder.GetItemType(collectedItem.ItemType); if (itemType == null) { collectedItem.ItemType.id = id.ToString(); id++; } else { collectedItem.ItemType = itemType; } collectedObject.AddItemToSystemData(collectedItem.ItemType); var variables = collectInfo.GetVariableValueForOvalComponent(collectedObject.ObjectType.id); collectedObject.AddVariableReference(variables); ExecutionLogBuilder.AddDetailInformation(collectedItem.ExecutionLog); } } collectedObject.UpdateCollectedObjectStatus(); } return(collectedObject); }
public virtual IEnumerable <ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables) { var processedGroupSIDs = this.processVariables(objectType, variables); if (processedGroupSIDs == null) { return(null); } processedGroupSIDs = this.ApplyOperations(objectType, processedGroupSIDs); var itemsToCollect = new List <ItemType>(); foreach (var groupSID in processedGroupSIDs) { var newItemToCollect = new group_sid_item() { group_sid = OvalHelper.CreateItemEntityWithStringValue(groupSID) }; itemsToCollect.Add(newItemToCollect); } return(itemsToCollect); }
private ItemType CreateFileEffectiveRightsItemTypeWithError(Definitions.ObjectType objectType, string message) { var fileobject = (fileeffectiverights53_object)objectType; var path = string.Empty; var filepath = string.Empty; var filename = string.Empty; var trustee = fileobject.GetItemValue(fileeffectiverights53_object_ItemsChoices.trustee_sid).ToString(); if (fileobject.IsFilePathDefined()) { filepath = fileobject.GetItemValue(fileeffectiverights53_object_ItemsChoices.filepath).ToString(); path = System.IO.Path.GetDirectoryName(filepath); filename = System.IO.Path.GetFileName(filepath); } else { path = fileobject.GetItemValue(fileeffectiverights53_object_ItemsChoices.path).ToString(); filename = fileobject.GetItemValue(fileeffectiverights53_object_ItemsChoices.filename).ToString(); } return (CreateFileEffectiveRightsItemTypeFactory() .CreateFileItemTypesWithError(path, filename, trustee, message, StatusEnumeration.error)); }
protected override OVAL.Definitions.set GetSetElement(Definitions.ObjectType objectType) { return(((smf_object)objectType).GetSetElement()); }
private void checkObjectType(ObjectType objectType) { if (!(objectType is user_sid55_object)) throw new Exception(string.Format("[UserSID55EntityVariableEvaluator] - The type of object is invalid: '{0}'.", objectType.ToString())); }
protected override set GetSetElement(Definitions.ObjectType objectType) { var setElement = ((textfilecontent54_object)objectType).GetItemValue(textfilecontent54_ItemsChoices.set); return((Definitions.set)setElement); }
public GroupSIDEntityVariableEvaluator(ObjectType objectType, VariablesEvaluated evaluatedVariables) : base(objectType, evaluatedVariables) { base.AllObjectEntities = new Dictionary<string, EntityObjectStringType>(); base.AllObjectEntities.Add("group_sid", ((group_sid_object)objectType).GetGroupSIDEntity()); }
protected override set GetSetElement(Definitions.ObjectType objectType) { return(((user_object)objectType).GetSetEntity()); }
private ObjectType CreateObjectTypeFrom(ObjectType fileObject, string filePath, string path, string fileName) { //EntityObjectStringType filePathFrom = (EntityObjectStringType) fileObject.GetItemValue(file_object_ItemsChoices.filepath); //EntityObjectStringType pathFrom = (EntityObjectStringType) fileObject.GetItemValue(file_object_ItemsChoices.path); //EntityObjectStringType fileNameFrom = (EntityObjectStringType)fileObject.GetItemValue(file_object_ItemsChoices.filename); var filePathFrom = (EntityObjectStringType)GetFileEntity(fileObject, "filepath"); var pathFrom = (EntityObjectStringType)GetFileEntity(fileObject, "path"); var fileNameFrom = (EntityObjectStringType)GetFileEntity(fileObject, "filename"); EntityObjectStringType newfilePath = null; EntityObjectStringType newPath = null; EntityObjectStringType newFileName = null; //if (fileObject.IsFilePathSet()) if (filePathFrom != null) { newfilePath = this.CreateObjectStringTypeFrom(filePathFrom); newfilePath.Value = !string.IsNullOrEmpty(filePath) ? filePath : newfilePath.Value; } else { newPath = this.CreateObjectStringTypeFrom(pathFrom); newPath.Value = !string.IsNullOrEmpty(path) ? path : newPath.Value; if (fileNameFrom == null) { newFileName = new EntityObjectStringType() { Value = string.Empty }; } else { newFileName = this.CreateObjectStringTypeFrom(fileNameFrom); newFileName.Value = fileName == null ? newFileName.Value : fileName; } } if (fileObject is OVAL.Definitions.Unix.file_object) return this.CreateUnixFileObject(newfilePath, newPath, newFileName); return this.CreateFileObject(newfilePath,newPath, newFileName); }
protected override Definitions.set GetSetElement(Definitions.ObjectType objectType) { return((Definitions.set)((file_object)objectType).GetItemValue(ItemsChoiceType3.set)); }
public IEnumerable <ItemType> GetItemsToCollect(Definitions.ObjectType objectType, VariablesEvaluated variables) { return(new ItemType[] { new family_item() }); }
protected override set GetSetElement(Definitions.ObjectType objectType) { var setElement = ((group_sid_object)objectType).Items.FirstOrDefault(); return(setElement is set ? (set)setElement : null); }
private void AssertObjectEntityFromSourceObject(ObjectType createdObjectType, string entityName, ObjectType sourceObjectType) { var entityToAssert = ((fileeffectiverights53_object)createdObjectType).GetAllObjectEntities()[entityName]; var sourceEntity = ((fileeffectiverights53_object)sourceObjectType).GetAllObjectEntities()[entityName]; Assert.AreEqual(sourceEntity.Value, entityToAssert.Value, string.Format("Unexpected object entity value ('{0}') was found after variable evaluation.", entityName)); }
public void Should_be_possible_to_execute_a_collect_for_RegKeyEffectiveRights_with_referenced_variable_on_key_entity() { var fakeObjects = new Definitions.ObjectType[] { ProbeHelper.GetDefinitionObjectTypeByID("definitionsSimple", "770") }; string fakeVariableValue = @"SOFTWARE\Microsoft\Windows NT\CurrentVersion"; var fakeEvaluatedVariables = VariableHelper.CreateVariableWithOneValue("oval:modulo:obj:770", "oval:modulo:var:770", fakeVariableValue); var fakeCollectInfo = ProbeHelper.CreateFakeCollectInfo(fakeObjects, fakeEvaluatedVariables, null); var fakeCollectedItems = new CollectedItem[] { ProbeHelper.CreateFakeCollectedItem(new regkeyeffectiverights_item()) }; var prober = this.GetMockedRegKeyEffectiveRightsProber(fakeCollectedItems, null); var proberExecutionResult = prober.Execute(FakeContext, FakeTargetInfo, fakeCollectInfo); this.doBasicProbeResultAssert(proberExecutionResult); CollectedObject collectedObject = proberExecutionResult.CollectedObjects.Single(obj => obj.ObjectType.id.Equals("oval:modulo:obj:770")); this.assertCollectedItemsReferences(collectedObject, (IList<ItemType>)collectedObject.SystemData); Assert.AreEqual(1, collectedObject.SystemData.Count, "Unexpected system data count."); this.assertCollectedItemStatus(collectedObject.ObjectType.reference.ElementAt(0), collectedObject.SystemData[0]); }
public ObjectEntityVariableEvaluator(ObjectType objectType, VariablesEvaluated variablesEvaluated) { this.ObjectType = objectType; this.Variables = variablesEvaluated; }
private object GetFileEntity(ObjectType fileObject, string entityName) { if (fileObject is OVAL.Definitions.Unix.file_object) { var unixFilepath = (OVAL.Definitions.Unix.file_object)fileObject; if (entityName.Equals("filepath")) return unixFilepath.GetItemValue(OVAL.Definitions.Unix.ItemsChoiceType3.filepath); if (entityName.Equals("path")) return unixFilepath.GetItemValue(OVAL.Definitions.Unix.ItemsChoiceType3.path); if (entityName.Equals("filename")) return unixFilepath.GetItemValue(OVAL.Definitions.Unix.ItemsChoiceType3.filename); return null; } if (entityName.Equals("filepath")) return ((file_object)fileObject).GetItemValue(file_object_ItemsChoices.filepath); if (entityName.Equals("path")) return ((file_object)fileObject).GetItemValue(file_object_ItemsChoices.path); if (entityName.Equals("filename")) return ((file_object)fileObject).GetItemValue(file_object_ItemsChoices.filename); return null; }
public AccessTokenVariableEvaluator(ObjectType objectType, VariablesEvaluated variablesEvaluated) : base(objectType, variablesEvaluated) { base.AllObjectEntities = ((accesstoken_object)objectType).GetAllObjectEntities(); }
public UserProberTests() { var fakeObjects = new Definitions.ObjectType[] { new UserObjectFactory().NewObject("guest") }; this.FakeCollectInfo = ProbeHelper.CreateFakeCollectInfo(fakeObjects, null, null); }
protected override Definitions.set GetSetElement(Definitions.ObjectType objectType) { return(null); }
public void Should_be_possible_to_collect_a_GroupSIDObject_with_SET_element_defined() { var objectTypes = new Definitions.ObjectType[] { ProbeHelper.GetDefinitionObjectTypeByID("definitionsWithSet.xml", "oval:modulo:obj:1000") }; var fakeSystemCharacteristics = ProbeHelper.GetOvalSystemCharacteristicsFromFile("system_characteristics_with_sets.xml"); var fakeCollectInfo = ProbeHelper.CreateFakeCollectInfo(objectTypes, null, fakeSystemCharacteristics); var fakeCollectedItem = ProbeHelper.CreateFakeCollectedItem(this.CreateFakeGroupSIDItemType()); var groupSIDProber = new GroupSIDProber(); ProberBehaviorCreator .CreateBehaviorForNormalFlowExecution( groupSIDProber, null, new CollectedItem[] { fakeCollectedItem }); var probeExecutionResult = groupSIDProber.Execute(FakeContext, FakeTargetInfo, fakeCollectInfo); Assert.IsNotNull(probeExecutionResult); Assert.AreEqual(1, probeExecutionResult.CollectedObjects.Count()); var collectedObject = probeExecutionResult.CollectedObjects.ElementAt(0).ObjectType; Assert.AreEqual("oval:modulo:obj:1000", collectedObject.id); Assert.AreEqual(FlagEnumeration.complete, collectedObject.flag); Assert.AreEqual(2, collectedObject.reference.Count()); Assert.AreEqual("1001", collectedObject.reference.ElementAt(0).item_ref); Assert.AreEqual("1002", collectedObject.reference.ElementAt(1).item_ref); var collectedItems = probeExecutionResult.CollectedObjects.ElementAt(0).SystemData; Assert.AreEqual(2, collectedItems.Count); var firstItem = (group_sid_item)collectedItems.ElementAt(0); this.AssertCollectedItem(firstItem, "1001", "S-1-5-32-500", new string[] { "S-1-5-32-500-1", "S-1-5-32-500-2" }); var secondItem = (group_sid_item)collectedItems.ElementAt(1); this.AssertCollectedItem(secondItem, "1002", "S-1-5-32-501", new string[] { "S-1-5-32-501-1", "S-1-5-32-501-2" }); }