empayre/fleet
14
0
Fork 0
mirror of https://github.com/empayre/fleet.git synced 2024-11-07 01:15:22 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
2d3e5c11cb
fleet/server/service/service_fim_test.go
John Murphy d5f9fcaeb2 Added FIM support (#1548) 
This PR adds support for file integrity monitoring. This is done by providing a simplified API that can be used to PATCH/GET FIM configurations. There is also code to build the FIM configuration to send back to osquery. Each PATCH request, if successful, replaces Fleet's existing FIM configuration. For example:

curl -X "PATCH" "https://localhost:8080/api/v1/kolide/fim" \
     -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZXNzaW9uX2tleSI6IkVhaFhvZWswMGtWSEdaTTNCWndIMnhpYWxkNWZpcVFDR2hEcW1HK2UySmRNOGVFVE1DeTNTaUlFWmhZNUxhdW1ueFZDV2JiR1Bwdm5TKzdyK3NJUzNnPT0ifQ.SDCHAUA1vTuWGjXtcQds2GZLM27HAAiOUhR4WvgvTNY" \
     -H "Content-Type: application/json; charset=utf-8" \
     -d $'{
  "interval": 500,
  "file_paths": {
    "etc": [
      "/etc/%%"
    ],
    "users": [
      "/Users/%/Library/%%",
      "/Users/%/Documents/%%"
    ],
    "usr": [
      "/usr/bin/%%"
    ]
  }
}'
2017-08-18 10:37:33 -05:00

90 lines
2.0 KiB
Go
Raw Blame History

package service
import (
"context"
"testing"
"github.com/kolide/fleet/server/kolide"
"github.com/kolide/fleet/server/mock"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
)
func TestGetFIMService(t *testing.T) {
ds := &mock.Store{
AppConfigStore: mock.AppConfigStore{
AppConfigFunc: func() (*kolide.AppConfig, error) {
config := &kolide.AppConfig{
FIMInterval: 300,
}
return config, nil
},
},
FileIntegrityMonitoringStore: mock.FileIntegrityMonitoringStore{
FIMSectionsFunc: func() (kolide.FIMSections, error) {
result := kolide.FIMSections{
"etc": []string{
"/etc/config/%%",
"/etc/zipp",
},
}
return result, nil
},
},
}
svc := service{
ds: ds,
}
resp, err := svc.GetFIM(context.Background())
require.Nil(t, err)
require.NotNil(t, resp)
assert.Equal(t, resp.Interval, uint(300))
paths, ok := resp.FilePaths["etc"]
require.True(t, ok)
assert.Len(t, paths, 2)
}
func TestUpdateFIM(t *testing.T) {
ds := &mock.Store{
AppConfigStore: mock.AppConfigStore{
AppConfigFunc: func() (*kolide.AppConfig, error) {
config := &kolide.AppConfig{
FIMInterval: 300,
}
return config, nil
},
SaveAppConfigFunc: func(_ *kolide.AppConfig) error {
return nil
},
},
FileIntegrityMonitoringStore: mock.FileIntegrityMonitoringStore{
ClearFIMSectionsFunc: func() error {
return nil
},
NewFIMSectionFunc: func(fs *kolide.FIMSection, _ ...kolide.OptionalArg) (*kolide.FIMSection, error) {
fs.ID = 1
return fs, nil
},
},
}
svc := service{
ds: ds,
}
fim := kolide.FIMConfig{
Interval: uint(300),
FilePaths: kolide.FIMSections{
"etc": []string{
"/etc/config/%%",
"/etc/zipp",
},
},
}
err := svc.ModifyFIM(context.Background(), fim)
require.Nil(t, err)
assert.True(t, ds.NewFIMSectionFuncInvoked)
assert.True(t, ds.ClearFIMSectionsFuncInvoked)
assert.True(t, ds.AppConfigFuncInvoked)
assert.True(t, ds.SaveAppConfigFuncInvoked)
}
Reference in New Issue View Git Blame Copy Permalink