From 7b1b9053e45b163efb57999db1e4dc57c81b2569 Mon Sep 17 00:00:00 2001 From: Mike Salvatore Date: Mon, 11 Jul 2022 14:49:06 -0400 Subject: [PATCH] Island: Combine PropCredentials and ConfiguredPropagationCredentials --- monkey/monkey_island/cc/app.py | 4 -- .../configured_propagation_credentials.py | 28 ------------ .../credentials/propagation_credentials.py | 18 ++++++-- ...test_configured_propagation_credentials.py | 43 ------------------- .../test_propagation_credentials.py | 42 ++++++++++++------ 5 files changed, 42 insertions(+), 93 deletions(-) delete mode 100644 monkey/monkey_island/cc/resources/credentials/configured_propagation_credentials.py delete mode 100644 monkey/tests/unit_tests/monkey_island/cc/resources/credentials/test_configured_propagation_credentials.py diff --git a/monkey/monkey_island/cc/app.py b/monkey/monkey_island/cc/app.py index 7d053fa25..590d86f18 100644 --- a/monkey/monkey_island/cc/app.py +++ b/monkey/monkey_island/cc/app.py @@ -28,9 +28,6 @@ from monkey_island.cc.resources.blackbox.monkey_blackbox_endpoint import MonkeyB from monkey_island.cc.resources.blackbox.telemetry_blackbox_endpoint import ( TelemetryBlackboxEndpoint, ) -from monkey_island.cc.resources.credentials.configured_propagation_credentials import ( - ConfiguredPropagationCredentials, -) from monkey_island.cc.resources.credentials.propagation_credentials import PropagationCredentials from monkey_island.cc.resources.edge import Edge from monkey_island.cc.resources.exploitations.manual_exploitation import ManualExploitation @@ -188,7 +185,6 @@ def init_restful_endpoints(api: FlaskDIWrapper): api.add_resource(FileUpload) api.add_resource(PropagationCredentials) - api.add_resource(ConfiguredPropagationCredentials) api.add_resource(RemoteRun) api.add_resource(VersionUpdate) diff --git a/monkey/monkey_island/cc/resources/credentials/configured_propagation_credentials.py b/monkey/monkey_island/cc/resources/credentials/configured_propagation_credentials.py deleted file mode 100644 index fcb6839b3..000000000 --- a/monkey/monkey_island/cc/resources/credentials/configured_propagation_credentials.py +++ /dev/null @@ -1,28 +0,0 @@ -import logging - -from flask import jsonify, request - -from common.credentials import Credentials -from monkey_island.cc.repository import ICredentialsRepository -from monkey_island.cc.resources.AbstractResource import AbstractResource - -logger = logging.getLogger(__name__) - - -class ConfiguredPropagationCredentials(AbstractResource): - urls = ["/api/propagation-credentials/configured"] - - def __init__(self, credentials_repository: ICredentialsRepository): - self._credentials_repository = credentials_repository - - def get(self): - return jsonify(self._credentials_repository.get_configured_credentials()) - - def post(self): - credentials = Credentials.from_mapping(request.json) - self._credentials_repository.save_configured_credentials(credentials) - return {}, 204 - - def delete(self): - self._credentials_repository.remove_configured_credentials() - return {}, 204 diff --git a/monkey/monkey_island/cc/resources/credentials/propagation_credentials.py b/monkey/monkey_island/cc/resources/credentials/propagation_credentials.py index 0c8b65988..e60478930 100644 --- a/monkey/monkey_island/cc/resources/credentials/propagation_credentials.py +++ b/monkey/monkey_island/cc/resources/credentials/propagation_credentials.py @@ -8,7 +8,11 @@ from monkey_island.cc.resources.AbstractResource import AbstractResource class PropagationCredentials(AbstractResource): - urls = ["/api/propagation-credentials", "/api/propagation-credentials/stolen-credentials"] + urls = [ + "/api/propagation-credentials", + "/api/propagation-credentials/configured-credentials", + "/api/propagation-credentials/stolen-credentials", + ] def __init__(self, credentials_repository: ICredentialsRepository): self._credentials_repository = credentials_repository @@ -16,7 +20,9 @@ class PropagationCredentials(AbstractResource): def get(self): propagation_credentials = [] - if request.url.endswith("/stolen-credentials"): + if request.url.endswith("/configured-credentials"): + propagation_credentials = self._credentials_repository.get_configured_credentials() + elif request.url.endswith("/stolen-credentials"): propagation_credentials = self._credentials_repository.get_stolen_credentials() else: propagation_credentials = self._credentials_repository.get_all_credentials() @@ -26,7 +32,9 @@ class PropagationCredentials(AbstractResource): def post(self): credentials = [Credentials.from_json(c) for c in request.json] - if request.url.endswith("/stolen-credentials"): + if request.url.endswith("/configured-credentials"): + self._credentials_repository.save_configured_credentials(credentials) + elif request.url.endswith("/stolen-credentials"): self._credentials_repository.save_stolen_credentials(credentials) else: return {}, HTTPStatus.METHOD_NOT_ALLOWED @@ -34,7 +42,9 @@ class PropagationCredentials(AbstractResource): return {}, HTTPStatus.NO_CONTENT def delete(self): - if request.url.endswith("/stolen-credentials"): + if request.url.endswith("/configured-credentials"): + self._credentials_repository.remove_configured_credentials() + elif request.url.endswith("/stolen-credentials"): self._credentials_repository.remove_stolen_credentials() else: return {}, HTTPStatus.METHOD_NOT_ALLOWED diff --git a/monkey/tests/unit_tests/monkey_island/cc/resources/credentials/test_configured_propagation_credentials.py b/monkey/tests/unit_tests/monkey_island/cc/resources/credentials/test_configured_propagation_credentials.py deleted file mode 100644 index 5b4844fee..000000000 --- a/monkey/tests/unit_tests/monkey_island/cc/resources/credentials/test_configured_propagation_credentials.py +++ /dev/null @@ -1,43 +0,0 @@ -import json - -from tests.data_for_tests.propagation_credentials import ( - PROPAGATION_CREDENTIALS_1, - PROPAGATION_CREDENTIALS_2, -) -from tests.unit_tests.monkey_island.conftest import get_url_for_resource - -from monkey_island.cc.resources.credentials.configured_propagation_credentials import ( - ConfiguredPropagationCredentials, -) - - -def test_configured_propagation_credentials_endpoint_get(flask_client): - configured_propagation_credentials_url = get_url_for_resource(ConfiguredPropagationCredentials) - - resp = flask_client.get(configured_propagation_credentials_url) - - assert resp.status_code == 200 - actual_propagation_credentials = json.loads(resp.data) - assert len(actual_propagation_credentials) == 2 - - # TODO: delete the removal of monkey_guid key when the serialization of credentials - del actual_propagation_credentials[0]["monkey_guid"] - assert actual_propagation_credentials[0] == PROPAGATION_CREDENTIALS_1 - del actual_propagation_credentials[1]["monkey_guid"] - assert actual_propagation_credentials[1] == PROPAGATION_CREDENTIALS_2 - - -def test_configured_propagation_credentials_endpoint_post(flask_client): - configured_propagation_credentials_url = get_url_for_resource(ConfiguredPropagationCredentials) - - resp = flask_client.post(configured_propagation_credentials_url, json=PROPAGATION_CREDENTIALS_1) - - assert resp.status_code == 204 - - -def test_configured_propagation_credentials_endpoint_delete(flask_client): - configured_propagation_credentials_url = get_url_for_resource(ConfiguredPropagationCredentials) - - resp = flask_client.delete(configured_propagation_credentials_url) - - assert resp.status_code == 204 diff --git a/monkey/tests/unit_tests/monkey_island/cc/resources/credentials/test_propagation_credentials.py b/monkey/tests/unit_tests/monkey_island/cc/resources/credentials/test_propagation_credentials.py index a6750b80d..cf70edcfc 100644 --- a/monkey/tests/unit_tests/monkey_island/cc/resources/credentials/test_propagation_credentials.py +++ b/monkey/tests/unit_tests/monkey_island/cc/resources/credentials/test_propagation_credentials.py @@ -1,5 +1,6 @@ import json from http import HTTPStatus +from typing import Sequence import pytest from tests.common import StubDIContainer @@ -16,7 +17,8 @@ from monkey_island.cc.repository import ICredentialsRepository from monkey_island.cc.resources.credentials.propagation_credentials import PropagationCredentials ALL_CREDENTIALS_URL = PropagationCredentials.urls[0] -STOLEN_CREDENTIALS_URL = PropagationCredentials.urls[1] +CONFIGURED_CREDENTIALS_URL = PropagationCredentials.urls[1] +STOLEN_CREDENTIALS_URL = PropagationCredentials.urls[2] @pytest.fixture @@ -53,12 +55,22 @@ def test_propagation_credentials_endpoint_get(flask_client, credentials_reposito assert PROPAGATION_CREDENTIALS_4 in actual_propagation_credentials -def test_propagation_credentials_endpoint__get_stolen(flask_client, credentials_repository): - credentials_repository.save_stolen_credentials( - [PROPAGATION_CREDENTIALS_1, PROPAGATION_CREDENTIALS_2] +def pre_populate_repository( + url: str, credentials_repository: ICredentialsRepository, credentials: Sequence[Credentials] +): + if "configured" in url: + credentials_repository.save_configured_credentials(credentials) + else: + credentials_repository.save_stolen_credentials(credentials) + + +@pytest.mark.parametrize("url", [CONFIGURED_CREDENTIALS_URL, STOLEN_CREDENTIALS_URL]) +def test_propagation_credentials_endpoint__get_stolen(flask_client, credentials_repository, url): + pre_populate_repository( + url, credentials_repository, [PROPAGATION_CREDENTIALS_1, PROPAGATION_CREDENTIALS_2] ) - resp = flask_client.get(STOLEN_CREDENTIALS_URL) + resp = flask_client.get(url) actual_propagation_credentials = Credentials.from_json_array(resp.text) assert resp.status_code == HTTPStatus.OK @@ -67,11 +79,12 @@ def test_propagation_credentials_endpoint__get_stolen(flask_client, credentials_ assert actual_propagation_credentials[1] == PROPAGATION_CREDENTIALS_2 -def test_propagation_credentials_endpoint__post_stolen(flask_client, credentials_repository): - credentials_repository.save_stolen_credentials([PROPAGATION_CREDENTIALS_1]) +@pytest.mark.parametrize("url", [CONFIGURED_CREDENTIALS_URL, STOLEN_CREDENTIALS_URL]) +def test_propagation_credentials_endpoint__post_stolen(flask_client, credentials_repository, url): + pre_populate_repository(url, credentials_repository, [PROPAGATION_CREDENTIALS_1]) resp = flask_client.post( - STOLEN_CREDENTIALS_URL, + url, json=[ Credentials.to_json(PROPAGATION_CREDENTIALS_2), Credentials.to_json(PROPAGATION_CREDENTIALS_3), @@ -79,7 +92,7 @@ def test_propagation_credentials_endpoint__post_stolen(flask_client, credentials ) assert resp.status_code == HTTPStatus.NO_CONTENT - resp = flask_client.get(STOLEN_CREDENTIALS_URL) + resp = flask_client.get(url) retrieved_propagation_credentials = Credentials.from_json_array(resp.text) assert resp.status_code == HTTPStatus.OK @@ -89,14 +102,15 @@ def test_propagation_credentials_endpoint__post_stolen(flask_client, credentials assert PROPAGATION_CREDENTIALS_3 in retrieved_propagation_credentials -def test_stolen_propagation_credentials_endpoint_delete(flask_client, credentials_repository): - credentials_repository.save_stolen_credentials( - [PROPAGATION_CREDENTIALS_1, PROPAGATION_CREDENTIALS_2] +@pytest.mark.parametrize("url", [CONFIGURED_CREDENTIALS_URL, STOLEN_CREDENTIALS_URL]) +def test_stolen_propagation_credentials_endpoint_delete(flask_client, credentials_repository, url): + pre_populate_repository( + url, credentials_repository, [PROPAGATION_CREDENTIALS_1, PROPAGATION_CREDENTIALS_2] ) - resp = flask_client.delete(STOLEN_CREDENTIALS_URL) + resp = flask_client.delete(url) assert resp.status_code == HTTPStatus.NO_CONTENT - resp = flask_client.get(STOLEN_CREDENTIALS_URL) + resp = flask_client.get(url) assert len(json.loads(resp.text)) == 0