Column("value", TEXT, "Policy value"),
])
implementation("tizen/policy@genPolicy")
+implementation_update("tizen/policy@updatePolicy")
examples([
"select * from policy where name = 'bluetooth'",
+ "update policy set value = 1 where name = 'bluetooth'",
])
#include <osquery/notification.h>
#include <osquery/logger.h>
+#include <policyd/core/policy-manager.h>
+
using namespace osquery;
class ManagerTests : public testing::Test {};
EXPECT_EQ(rows.size(), 1);
}
+TEST_F(ManagerTests, test_manager_execute_policy_update) {
+ auto& manager = policyd::PolicyManager::Instance();
+ manager.enroll("admin", 0);
+
+ std::string query = "SELECT * FROM policy WHERE name = 'bluetooth'";
+ auto rows = OsqueryManager::execute(query);
+ /// Initial policy value
+ EXPECT_EQ(rows[0]["value"], std::to_string(1));
+
+ query = "UPDATE policy SET value = '3' WHERE name = 'bluetooth'";
+ rows = OsqueryManager::execute(query);
+ EXPECT_EQ(rows.size(), 0);
+
+ query = "SELECT * FROM policy WHERE name = 'bluetooth'";
+ rows = OsqueryManager::execute(query);
+ /// Initial policy value
+ EXPECT_EQ(rows[0]["value"], std::to_string(3));
+
+ manager.disenroll("admin", 0);
+}
+
TEST_F(ManagerTests, test_manager_subscribe) {
int called = 0;
auto callback = [&](const Row& row) {
STATIC $<TARGET_OBJECTS:osquery_generated_tables>
$<TARGET_OBJECTS:osquery_sqlite>
${${TARGET_OSQUERY_LIB}_SRCS})
-TARGET_LINK_LIBRARIES(${TARGET_OSQUERY_LIB} ${${TARGET_OSQUERY_LIB}_DEPS}
- ${TARGET_POLICYD_LIB})
+
+TARGET_LINK_LIBRARIES(${TARGET_OSQUERY_LIB} ${${TARGET_OSQUERY_LIB}_DEPS})
+
+IF(DEFINED GBS_BUILD)
+TARGET_LINK_LIBRARIES(${TARGET_OSQUERY_LIB} ${TARGET_POLICYD_LIB})
+ENDIF(DEFINED GBS_BUILD)
+
SET_TARGET_PROPERTIES(${TARGET_OSQUERY_LIB} PROPERTIES OUTPUT_NAME ${TARGET_OSQUERY_LIB})
ADD_EXECUTABLE(${TARGET_OSQUERY_TEST} main/tests.cpp
sqlite_module_map[table_name].xEof = tables::sqlite::xEof;
sqlite_module_map[table_name].xColumn = tables::sqlite::xColumn;
sqlite_module_map[table_name].xRowid = tables::sqlite::xRowid;
+ sqlite_module_map[table_name].xUpdate = tables::sqlite::xUpdate;
// Allow the table to receive INSERT/UPDATE/DROP events if it is
// implemented from an extension and is overwriting the right methods
return results;
} catch (...) {
-// TODO(Sangwan): Resolve duplicated "ERROR" macro with DPM
-// LOG(ERROR) << "Exception occured";
+ Row r;
+ return { r };
+}
+
+QueryData updatePolicy(QueryContext& context, const PluginRequest& request) try {
+ if (request.count("json_value_array") == 0)
+ throw std::runtime_error("Wrong request format. Not found json value.");
+
+ std::string str = request.at("json_value_array");
+ rapidjson::Document document;
+ document.Parse(str.c_str());
+ if (document.HasParseError() || !document.IsArray())
+ throw std::runtime_error("Cannot parse request.");
+
+ if (document.Size() != 2)
+ throw std::runtime_error("Wrong request format.");
+
+ std::string name = document[0].GetString();
+ int value = std::stoi(document[1].GetString());
+
+ /// TODO(Sangwan): Get admin name from policyd
+ auto& manager = PolicyManager::Instance();
+ manager.set(name, PolicyValue(value), "admin");
+
+ Row r;
+ r["status"] = "success";
+ return { r };
+} catch (...) {
Row r;
return { r };
}
self.header = ""
self.impl = ""
self.function = ""
+ self.function_update = ""
self.class_name = ""
self.description = ""
self.attributes = {}
header=self.header,
impl=self.impl,
function=self.function,
+ function_update=self.function_update,
class_name=self.class_name,
attributes=self.attributes,
examples=self.examples,
table.table_name, BIGINT)))
sys.exit(1)
+# patched
+def implementation_update(impl_string, generator=False):
+ if impl_string is None:
+ table.function_update = ""
+ else:
+ filename, function_update = impl_string.split("@")
+ class_parts = function_update.split("::")[::-1]
+ function_update = class_parts[0]
+ class_name = class_parts[1] if len(class_parts) > 1 else ""
+ impl = "%s.cpp" % filename
+ table.impl = impl
+ table.function_update = function_update
+ table.class_name = class_name
+ table.generator = generator
def main():
parser = argparse.ArgumentParser(
void {{function}}(RowYield& yield, QueryContext& context);
{% elif strongly_typed_rows %}\
osquery::TableRows {{function}}(QueryContext& context);
+
+/// patch start
+{% if function_update != "" %}\
+osquery::QueryData {{function_update}}(QueryContext& context,
+ const PluginRequest& request);
+/// patch end
+
+{% endif %}\
+
{% else %}\
osquery::QueryData {{function}}(QueryContext& context);
+
+/// patch start
+{% if function_update != "" %}\
+osquery::QueryData {{function_update}}(QueryContext& context,
+ const PluginRequest& request);
+/// patch end
+
{% endif %}\
+
+{% endif %}\
+
{% else %}
class {{class_name}} {
public:
{% endif %}
return results;
}
+
+/// patch start
+{% if function_update != "" %}\
+ QueryData update(QueryContext& context,
+ const PluginRequest& request) override {
+ return tables::{{function_update}}(context, request);
+ }
+{% endif %}\
+/// patch end
+
{% endif %}\
};