p41275903
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

island: Move file_has_expected_permissions() to file_utils.py 

Rename to `has_expected_permissions()` as
`file_has_expected_permissions()` is now reduntant.

Add unit tests
This commit is contained in:
Mike Salvatore 2021-06-07 14:07:00 -04:00
parent 36314f09ae
commit a45848ce0c
3 changed files with 36 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
monkey/monkey_island/cc/server_utils/file_utils.py
View File

@ -3,3 +3,10 @@ import os
def expand_path(path: str) -> str: def expand_path(path: str) -> str:
return os.path.expandvars(os.path.expanduser(path)) return os.path.expandvars(os.path.expanduser(path))
def has_expected_permissions(path: str, expected_permissions: int) -> bool:
file_mode = os.stat(path).st_mode
file_permissions = file_mode & 0o777
return file_permissions == expected_permissions

10
monkey/monkey_island/cc/services/utils/file_handling.py
View File

@ -1,6 +1,7 @@
import os import os
from common.utils.exceptions import InsecurePermissionsError from common.utils.exceptions import InsecurePermissionsError
from monkey_island.cc.server_utils.file_utils import has_expected_permissions
def ensure_file_existence(file: str) -> None: def ensure_file_existence(file: str) -> None:
@ -9,14 +10,7 @@ def ensure_file_existence(file: str) -> None:
def ensure_file_permissions(file: str) -> None: def ensure_file_permissions(file: str) -> None:
if not file_has_expected_permissions(path=file, expected_permissions="0o400"): if not has_expected_permissions(path=file, expected_permissions="0o400"):
raise InsecurePermissionsError( raise InsecurePermissionsError(
f"{file} has insecure permissions. Required permissions: 400. Exiting." f"{file} has insecure permissions. Required permissions: 400. Exiting."
) )
def file_has_expected_permissions(path: str, expected_permissions: str) -> bool:
file_mode = os.stat(path).st_mode
file_permissions = oct(file_mode & 0o777)
return file_permissions == expected_permissions

27
monkey/tests/unit_tests/monkey_island/cc/server_utils/test_file_utils.py
View File

@ -1,5 +1,7 @@
import os import os
import pytest
from monkey_island.cc.server_utils import file_utils from monkey_island.cc.server_utils import file_utils
@ -15,3 +17,28 @@ def test_expand_vars(patched_home_env):
expected_path = os.path.join(patched_home_env, "test") expected_path = os.path.join(patched_home_env, "test")
assert file_utils.expand_path(input_path) == expected_path assert file_utils.expand_path(input_path) == expected_path
@pytest.mark.skipif(os.name != "posix", reason="Tests Posix (not Windows) permissions.")
def test_has_expected_permissions_true(tmpdir):
file_name = f"{tmpdir}/test"
create_empty_file(file_name)
os.chmod(file_name, 0o754)
assert file_utils.has_expected_permissions(file_name, 0o754)
@pytest.mark.skipif(os.name != "posix", reason="Tests Posix (not Windows) permissions.")
def test_has_expected_permissions_false(tmpdir):
file_name = f"{tmpdir}/test"
create_empty_file(file_name)
os.chmod(file_name, 0o755)
assert not file_utils.has_expected_permissions(file_name, 0o700)
def create_empty_file(file_name):
with open(file_name, "w"):
pass