forked from p15670423/monkey
Island: Combine PropCredentials and ConfiguredPropagationCredentials
This commit is contained in:
Mike Salvatore
parent
a684b12dc3
commit
7b1b9053e4
|
|
@ -28,9 +28,6 @@ from monkey_island.cc.resources.blackbox.monkey_blackbox_endpoint import MonkeyB
|
|||
from monkey_island.cc.resources.blackbox.telemetry_blackbox_endpoint import (
|
||||
TelemetryBlackboxEndpoint,
|
||||
)
|
||||
from monkey_island.cc.resources.credentials.configured_propagation_credentials import (
|
||||
ConfiguredPropagationCredentials,
|
||||
)
|
||||
from monkey_island.cc.resources.credentials.propagation_credentials import PropagationCredentials
|
||||
from monkey_island.cc.resources.edge import Edge
|
||||
from monkey_island.cc.resources.exploitations.manual_exploitation import ManualExploitation
|
||||
|
|
@ -188,7 +185,6 @@ def init_restful_endpoints(api: FlaskDIWrapper):
|
|||
api.add_resource(FileUpload)
|
||||
|
||||
api.add_resource(PropagationCredentials)
|
||||
api.add_resource(ConfiguredPropagationCredentials)
|
||||
|
||||
api.add_resource(RemoteRun)
|
||||
api.add_resource(VersionUpdate)
|
||||
|
|
|
|||
|
|
@ -1,28 +0,0 @@
|
|||
import logging
|
||||
|
||||
from flask import jsonify, request
|
||||
|
||||
from common.credentials import Credentials
|
||||
from monkey_island.cc.repository import ICredentialsRepository
|
||||
from monkey_island.cc.resources.AbstractResource import AbstractResource
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
|
||||
class ConfiguredPropagationCredentials(AbstractResource):
|
||||
urls = ["/api/propagation-credentials/configured"]
|
||||
|
||||
def __init__(self, credentials_repository: ICredentialsRepository):
|
||||
self._credentials_repository = credentials_repository
|
||||
|
||||
def get(self):
|
||||
return jsonify(self._credentials_repository.get_configured_credentials())
|
||||
|
||||
def post(self):
|
||||
credentials = Credentials.from_mapping(request.json)
|
||||
self._credentials_repository.save_configured_credentials(credentials)
|
||||
return {}, 204
|
||||
|
||||
def delete(self):
|
||||
self._credentials_repository.remove_configured_credentials()
|
||||
return {}, 204
|
||||
|
|
@ -8,7 +8,11 @@ from monkey_island.cc.resources.AbstractResource import AbstractResource
|
|||
|
||||
|
||||
class PropagationCredentials(AbstractResource):
|
||||
urls = ["/api/propagation-credentials", "/api/propagation-credentials/stolen-credentials"]
|
||||
urls = [
|
||||
"/api/propagation-credentials",
|
||||
"/api/propagation-credentials/configured-credentials",
|
||||
"/api/propagation-credentials/stolen-credentials",
|
||||
]
|
||||
|
||||
def __init__(self, credentials_repository: ICredentialsRepository):
|
||||
self._credentials_repository = credentials_repository
|
||||
|
|
@ -16,7 +20,9 @@ class PropagationCredentials(AbstractResource):
|
|||
def get(self):
|
||||
propagation_credentials = []
|
||||
|
||||
if request.url.endswith("/stolen-credentials"):
|
||||
if request.url.endswith("/configured-credentials"):
|
||||
propagation_credentials = self._credentials_repository.get_configured_credentials()
|
||||
elif request.url.endswith("/stolen-credentials"):
|
||||
propagation_credentials = self._credentials_repository.get_stolen_credentials()
|
||||
else:
|
||||
propagation_credentials = self._credentials_repository.get_all_credentials()
|
||||
|
|
@ -26,7 +32,9 @@ class PropagationCredentials(AbstractResource):
|
|||
def post(self):
|
||||
credentials = [Credentials.from_json(c) for c in request.json]
|
||||
|
||||
if request.url.endswith("/stolen-credentials"):
|
||||
if request.url.endswith("/configured-credentials"):
|
||||
self._credentials_repository.save_configured_credentials(credentials)
|
||||
elif request.url.endswith("/stolen-credentials"):
|
||||
self._credentials_repository.save_stolen_credentials(credentials)
|
||||
else:
|
||||
return {}, HTTPStatus.METHOD_NOT_ALLOWED
|
||||
|
|
@ -34,7 +42,9 @@ class PropagationCredentials(AbstractResource):
|
|||
return {}, HTTPStatus.NO_CONTENT
|
||||
|
||||
def delete(self):
|
||||
if request.url.endswith("/stolen-credentials"):
|
||||
if request.url.endswith("/configured-credentials"):
|
||||
self._credentials_repository.remove_configured_credentials()
|
||||
elif request.url.endswith("/stolen-credentials"):
|
||||
self._credentials_repository.remove_stolen_credentials()
|
||||
else:
|
||||
return {}, HTTPStatus.METHOD_NOT_ALLOWED
|
||||
|
|
|
|||
|
|
@ -1,43 +0,0 @@
|
|||
import json
|
||||
|
||||
from tests.data_for_tests.propagation_credentials import (
|
||||
PROPAGATION_CREDENTIALS_1,
|
||||
PROPAGATION_CREDENTIALS_2,
|
||||
)
|
||||
from tests.unit_tests.monkey_island.conftest import get_url_for_resource
|
||||
|
||||
from monkey_island.cc.resources.credentials.configured_propagation_credentials import (
|
||||
ConfiguredPropagationCredentials,
|
||||
)
|
||||
|
||||
|
||||
def test_configured_propagation_credentials_endpoint_get(flask_client):
|
||||
configured_propagation_credentials_url = get_url_for_resource(ConfiguredPropagationCredentials)
|
||||
|
||||
resp = flask_client.get(configured_propagation_credentials_url)
|
||||
|
||||
assert resp.status_code == 200
|
||||
actual_propagation_credentials = json.loads(resp.data)
|
||||
assert len(actual_propagation_credentials) == 2
|
||||
|
||||
# TODO: delete the removal of monkey_guid key when the serialization of credentials
|
||||
del actual_propagation_credentials[0]["monkey_guid"]
|
||||
assert actual_propagation_credentials[0] == PROPAGATION_CREDENTIALS_1
|
||||
del actual_propagation_credentials[1]["monkey_guid"]
|
||||
assert actual_propagation_credentials[1] == PROPAGATION_CREDENTIALS_2
|
||||
|
||||
|
||||
def test_configured_propagation_credentials_endpoint_post(flask_client):
|
||||
configured_propagation_credentials_url = get_url_for_resource(ConfiguredPropagationCredentials)
|
||||
|
||||
resp = flask_client.post(configured_propagation_credentials_url, json=PROPAGATION_CREDENTIALS_1)
|
||||
|
||||
assert resp.status_code == 204
|
||||
|
||||
|
||||
def test_configured_propagation_credentials_endpoint_delete(flask_client):
|
||||
configured_propagation_credentials_url = get_url_for_resource(ConfiguredPropagationCredentials)
|
||||
|
||||
resp = flask_client.delete(configured_propagation_credentials_url)
|
||||
|
||||
assert resp.status_code == 204
|
||||
|
|
@ -1,5 +1,6 @@
|
|||
import json
|
||||
from http import HTTPStatus
|
||||
from typing import Sequence
|
||||
|
||||
import pytest
|
||||
from tests.common import StubDIContainer
|
||||
|
|
@ -16,7 +17,8 @@ from monkey_island.cc.repository import ICredentialsRepository
|
|||
from monkey_island.cc.resources.credentials.propagation_credentials import PropagationCredentials
|
||||
|
||||
ALL_CREDENTIALS_URL = PropagationCredentials.urls[0]
|
||||
STOLEN_CREDENTIALS_URL = PropagationCredentials.urls[1]
|
||||
CONFIGURED_CREDENTIALS_URL = PropagationCredentials.urls[1]
|
||||
STOLEN_CREDENTIALS_URL = PropagationCredentials.urls[2]
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
|
|
@ -53,12 +55,22 @@ def test_propagation_credentials_endpoint_get(flask_client, credentials_reposito
|
|||
assert PROPAGATION_CREDENTIALS_4 in actual_propagation_credentials
|
||||
|
||||
|
||||
def test_propagation_credentials_endpoint__get_stolen(flask_client, credentials_repository):
|
||||
credentials_repository.save_stolen_credentials(
|
||||
[PROPAGATION_CREDENTIALS_1, PROPAGATION_CREDENTIALS_2]
|
||||
def pre_populate_repository(
|
||||
url: str, credentials_repository: ICredentialsRepository, credentials: Sequence[Credentials]
|
||||
):
|
||||
if "configured" in url:
|
||||
credentials_repository.save_configured_credentials(credentials)
|
||||
else:
|
||||
credentials_repository.save_stolen_credentials(credentials)
|
||||
|
||||
|
||||
@pytest.mark.parametrize("url", [CONFIGURED_CREDENTIALS_URL, STOLEN_CREDENTIALS_URL])
|
||||
def test_propagation_credentials_endpoint__get_stolen(flask_client, credentials_repository, url):
|
||||
pre_populate_repository(
|
||||
url, credentials_repository, [PROPAGATION_CREDENTIALS_1, PROPAGATION_CREDENTIALS_2]
|
||||
)
|
||||
|
||||
resp = flask_client.get(STOLEN_CREDENTIALS_URL)
|
||||
resp = flask_client.get(url)
|
||||
actual_propagation_credentials = Credentials.from_json_array(resp.text)
|
||||
|
||||
assert resp.status_code == HTTPStatus.OK
|
||||
|
|
@ -67,11 +79,12 @@ def test_propagation_credentials_endpoint__get_stolen(flask_client, credentials_
|
|||
assert actual_propagation_credentials[1] == PROPAGATION_CREDENTIALS_2
|
||||
|
||||
|
||||
def test_propagation_credentials_endpoint__post_stolen(flask_client, credentials_repository):
|
||||
credentials_repository.save_stolen_credentials([PROPAGATION_CREDENTIALS_1])
|
||||
@pytest.mark.parametrize("url", [CONFIGURED_CREDENTIALS_URL, STOLEN_CREDENTIALS_URL])
|
||||
def test_propagation_credentials_endpoint__post_stolen(flask_client, credentials_repository, url):
|
||||
pre_populate_repository(url, credentials_repository, [PROPAGATION_CREDENTIALS_1])
|
||||
|
||||
resp = flask_client.post(
|
||||
STOLEN_CREDENTIALS_URL,
|
||||
url,
|
||||
json=[
|
||||
Credentials.to_json(PROPAGATION_CREDENTIALS_2),
|
||||
Credentials.to_json(PROPAGATION_CREDENTIALS_3),
|
||||
|
|
@ -79,7 +92,7 @@ def test_propagation_credentials_endpoint__post_stolen(flask_client, credentials
|
|||
)
|
||||
assert resp.status_code == HTTPStatus.NO_CONTENT
|
||||
|
||||
resp = flask_client.get(STOLEN_CREDENTIALS_URL)
|
||||
resp = flask_client.get(url)
|
||||
retrieved_propagation_credentials = Credentials.from_json_array(resp.text)
|
||||
|
||||
assert resp.status_code == HTTPStatus.OK
|
||||
|
|
@ -89,14 +102,15 @@ def test_propagation_credentials_endpoint__post_stolen(flask_client, credentials
|
|||
assert PROPAGATION_CREDENTIALS_3 in retrieved_propagation_credentials
|
||||
|
||||
|
||||
def test_stolen_propagation_credentials_endpoint_delete(flask_client, credentials_repository):
|
||||
credentials_repository.save_stolen_credentials(
|
||||
[PROPAGATION_CREDENTIALS_1, PROPAGATION_CREDENTIALS_2]
|
||||
@pytest.mark.parametrize("url", [CONFIGURED_CREDENTIALS_URL, STOLEN_CREDENTIALS_URL])
|
||||
def test_stolen_propagation_credentials_endpoint_delete(flask_client, credentials_repository, url):
|
||||
pre_populate_repository(
|
||||
url, credentials_repository, [PROPAGATION_CREDENTIALS_1, PROPAGATION_CREDENTIALS_2]
|
||||
)
|
||||
resp = flask_client.delete(STOLEN_CREDENTIALS_URL)
|
||||
resp = flask_client.delete(url)
|
||||
assert resp.status_code == HTTPStatus.NO_CONTENT
|
||||
|
||||
resp = flask_client.get(STOLEN_CREDENTIALS_URL)
|
||||
resp = flask_client.get(url)
|
||||
assert len(json.loads(resp.text)) == 0
|
||||
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue