+++ /dev/null
-# *Programming interface for client*
-
-# Type-safe getter API
-## Senario #1 Get process informations
-### Check Processes Struct
-```cpp
-// api/schema/processes.h
-struct Processes {
- int pid;
- std::string name;
- std::string path;
- std::string cmdline;
-/// ...
- std::string user_time;
- std::string system_time;
- std::string start_time;
-};
-```
-
-### Use Properties API
-```cpp
-#include <property.h>
-#include <schema/processes.h>
-
-Properties<Processes> processes;
-for (auto& p : processes) {
- std::cout << p[&Processes::pid] << std::endl;
- std::cout << p[&Processes::name] << std::endl;
- std::cout << p[&Processes::path] << std::endl;
- std::cout << p[&Processes::cmdline] << std::endl;
- std::cout << p[&Processes::uid] << std::endl;
- std::cout << p[&Processes::gid] << std::endl;
- std::cout << p[&Processes::euid] << std::endl;
- std::cout << p[&Processes::egid] << std::endl;
-}
-```
-
-## Senario #2 Get system time
-### Check Time Struct
-```cpp
-// api/schema/time.h
-struct Time {
- int hour;
- int minutes;
- int seconds;
-};
-```
-### Use Property API
-```cpp
-Property<Time> time;
-std::cout << time[&Time::hour] << std::endl;
-std::cout << time[&Time::minutes] << std::endl;
-std::cout << time[&Time::seconds] << std::endl;
-```
----
-
-# Osquery F/W API
-## #1. Query execution
-### Check smack table schema
-| name | type |
-|---|---|
-| subject_label | TEXT |
-| object_label | TEXT |
-| access_type | TEXT |
-| permission | TEXT |
-
-### Use OsqueryManager to get smack information
-```cpp
-using namespace osquerypp;
-
-// 1. Write query as std::string
-std::string query = "SELECT subject_label, object_label FROM smack WHERE access_type = 'read'";
-
-// 2. Execute query by using OsqueryManager
-auto rows = OsqueryManager::execute(query);
-
-// 3. Get result
-for (const auto& row : rows) {
- std::string slabel = row["subject_label"];
- std::string olabel = row["object_label];
-}
-```
-
-## #2. Event subscription
-### Check smack_deny_events table schema
-- The name of the event table ends with *_events.
-| name | type |
-|---|---|
-| action | TEXT |
-| subject_label | TEXT |
-| object_label | TEXT |
-| access_type | TEXT |
-| permission | TEXT |
-| requested | TEXT |
-| pid | INTEGER |
-
-### Use OsqueryManager to subscribe smack-deny-events
-```cpp
-using namespace osquerypp;
-
-// 1. Write callback function
-auto onDeny = [&](const EventContext& ec, const Row& row)
-{
- // get data of event table
- std::cout << row["action"] << std::endl;
- std::cout << row["permission"] << std::endl;
- std::cout << row["subject_label"] << std::endl;
- std::cout << row["object_label"] << std::endl;
-}
-
-// 2. Register callback with event_table by using OsqueryManager
-OsqueryManager::subscribe("smack_deny_events", onDeny);
-```
+++ /dev/null
-/*
- * Copyright (c) 2019 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-
-/**
- * @file property.h
- * @brief Provides type-safe getter method
- */
-
-
-#pragma once
-
-#include <map>
-#include <stdexcept>
-#include <string>
-#include <vector>
-
-namespace vist {
-
-/// TBD: Consider error handling.
-template <typename T>
-class Property {
-public:
- using KeyValuePair = std::map<std::string, std::string>;
-
- explicit Property();
- explicit Property(KeyValuePair&&);
-
- template<typename Struct, typename Member>
- Member at(Member Struct::*) const;
-
- template<typename Struct, typename Member>
- Member operator[](Member Struct::*) const;
-
- inline std::size_t size() const { return data.size(); }
-
-private:
- KeyValuePair data;
-};
-
-
-template <typename T>
-class Properties {
-public:
- explicit Properties();
-
- /// Make iteratable
- using Iter = typename std::vector<Property<T>>::iterator;
- using CIter = typename std::vector<Property<T>>::const_iterator;
-
- inline Iter begin() { return datas.begin(); }
- inline CIter begin() const { return datas.cbegin(); }
- inline Iter end() { return datas.end(); }
- inline CIter end() const { return datas.end(); }
-
- inline std::size_t size() const { return datas.size(); }
-
-private:
- std::vector<Property<T>> datas;
-};
-
-} // namespace vist
+++ /dev/null
-/*
- * Copyright (c) 2019 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-
-/**
- * @file processes.h
- * @brief The scheme of processes (sync with osquery/tables/spec/x/processes.table)
- */
-
-
-#pragma once
-
-#include <string>
-
-struct Processes {
- long long int pid;
- std::string name;
- std::string path;
- std::string cmdline;
- long long int uid;
- long long int gid;
- long long int euid;
- long long int egid;
- int on_disk;
- long long int resident_size;
- long long int parent;
-};
+++ /dev/null
-/*
- * Copyright (c) 2019 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-
-/**
- * @file time.h
- * @brief The scheme of time (sync with osquery/tables/spec/time.table)
- */
-
-
-#pragma once
-
-struct Time {
- int hour;
- int minutes;
- int seconds;
-};
ADD_SUBDIRECTORY(client)
ADD_SUBDIRECTORY(common)
ADD_SUBDIRECTORY(notification)
-ADD_SUBDIRECTORY(property)
ADD_SUBDIRECTORY(service)
ADD_LIBRARY(${TARGET_VIST_LIB} STATIC ${${TARGET_VIST_LIB}_SRCS})
# See the License for the specific language governing permissions and
# limitations under the License
-ADD_VIST_LIBRARY(vist_client query.cpp)
+ADD_VIST_LIBRARY(vist_client query.cpp
+ virtual-table.cpp)
FILE(GLOB CLIENT_TESTS "tests/*.cpp")
ADD_VIST_TEST(${CLIENT_TESTS})
--- /dev/null
+/*
+ * Copyright (c) 2019 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+
+/**
+ * @file processes.h
+ * @brief The scheme of processes (sync with osquery/tables/spec/x/processes.table)
+ */
+
+
+#pragma once
+
+#include <string>
+
+struct Processes {
+ long long int pid;
+ std::string name;
+ std::string path;
+ std::string cmdline;
+ long long int uid;
+ long long int gid;
+ long long int euid;
+ long long int egid;
+ int on_disk;
+ long long int resident_size;
+ long long int parent;
+};
--- /dev/null
+/*
+ * Copyright (c) 2019 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+
+/**
+ * @file time.h
+ * @brief The scheme of time (sync with osquery/tables/spec/time.table)
+ */
+
+
+#pragma once
+
+struct Time {
+ int hour;
+ int minutes;
+ int seconds;
+};
--- /dev/null
+/*
+ * Copyright (c) 2019 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+#include <gtest/gtest.h>
+
+#include <osquery/logger.h>
+
+#include "../virtual-table.h"
+
+#include "../schema/time.h"
+#include "../schema/processes.h"
+
+using namespace osquery;
+using namespace vist;
+
+class VirtualTableTests : public testing::Test {};
+
+TEST_F(VirtualTableTests, time_row_at) {
+ Time result = { -1, -1, -1 };
+
+ VirtualRow<Time> time;
+ result.hour = time.at(&Time::hour);
+ result.minutes = time.at(&Time::minutes);
+ result.seconds = time.at(&Time::seconds);
+
+ /// Once query execution
+ LOG(INFO) << "[Test] time table:";
+ LOG(INFO) << "\t hour: " << result.hour;
+ LOG(INFO) << "\t minutes: " << result.minutes;
+ LOG(INFO) << "\t seconds: " << result.seconds;
+
+ /// Each query execution
+ LOG(INFO) << "[Test] time table:";
+ LOG(INFO) << "\t hour: " << VirtualRow<Time>().at(&Time::hour);
+ LOG(INFO) << "\t minutes: " << VirtualRow<Time>().at(&Time::minutes);
+ LOG(INFO) << "\t seconds: " << VirtualRow<Time>().at(&Time::seconds);
+
+ EXPECT_NE(result.hour, -1);
+ EXPECT_NE(result.minutes, -1);
+ EXPECT_NE(result.seconds, -1);
+}
+
+TEST_F(VirtualTableTests, time_row_arry_op) {
+ Time result = { -1, -1, -1 };
+
+ VirtualRow<Time> time;
+ result.hour = time[&Time::hour];
+ result.minutes = time[&Time::minutes];
+ result.seconds = time[&Time::seconds];
+
+ /// Once query execution
+ LOG(INFO) << "[Test] time table:";
+ LOG(INFO) << "\t hour: " << result.hour;
+ LOG(INFO) << "\t minutes: " << result.minutes;
+ LOG(INFO) << "\t seconds: " << result.seconds;
+
+ EXPECT_NE(result.hour, -1);
+ EXPECT_NE(result.minutes, -1);
+ EXPECT_NE(result.seconds, -1);
+}
+
+TEST_F(VirtualTableTests, processes_table) {
+ Processes result;
+ VirtualTable<Processes> processes;
+ EXPECT_TRUE(processes.size() > 0);
+
+ for(auto& p : processes) {
+ EXPECT_TRUE(p.size() > 0);
+ result.pid = p.at(&Processes::pid);
+ result.name = p.at(&Processes::name);
+ result.path = p.at(&Processes::path);
+ result.cmdline = p.at(&Processes::cmdline);
+ result.uid = p.at(&Processes::uid);
+ result.gid = p.at(&Processes::gid);
+ result.euid = p.at(&Processes::euid);
+ result.egid = p.at(&Processes::egid);
+ result.on_disk = p.at(&Processes::on_disk);
+ result.parent = p.at(&Processes::parent);
+
+ LOG(INFO) << "[Test] Processes table:";
+ LOG(INFO) << "\t pid: " << result.pid;
+ LOG(INFO) << "\t name: " << result.name;
+ LOG(INFO) << "\t path: " << result.path;
+ LOG(INFO) << "\t cmdline: " << result.cmdline;
+ LOG(INFO) << "\t uid: " << result.uid;
+ LOG(INFO) << "\t gid: " << result.gid;
+ LOG(INFO) << "\t euid: " << result.euid;
+ LOG(INFO) << "\t egid: " << result.egid;
+ LOG(INFO) << "\t on_disk: " << result.on_disk;
+ LOG(INFO) << "\t parent: " << result.parent;
+ }
+}
--- /dev/null
+/*
+ * Copyright (c) 2019 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+/*
+ * @file virtual-table.cpp
+ * @author Sangwan Kwon (sangwan.kwon@samsung.com)
+ * @brief Implementation of virtual object
+ */
+
+#include "virtual-table.h"
+#include "query.h"
+
+#include "schema/time.h"
+#include "schema/processes.h"
+
+#include <osquery/logger.h>
+
+#include <tsqb.hxx>
+
+#include <boost/lexical_cast.hpp>
+
+namespace {
+
+using namespace tsqb;
+auto time = make_table("time",
+ make_column("hour", &Time::hour),
+ make_column("minutes", &Time::minutes),
+ make_column("seconds", &Time::seconds));
+
+auto processes = make_table("processes",
+ make_column("pid", &Processes::pid),
+ make_column("name", &Processes::name),
+ make_column("path", &Processes::path),
+ make_column("cmdline", &Processes::cmdline),
+ make_column("uid", &Processes::uid),
+ make_column("gid", &Processes::gid),
+ make_column("euid", &Processes::euid),
+ make_column("egid", &Processes::egid),
+ make_column("on_disk", &Processes::on_disk),
+ make_column("parent", &Processes::parent));
+
+auto db = make_database("db", time, processes);
+
+} // anonymous namespace
+
+namespace vist {
+
+template <typename T>
+VirtualRow<T>::VirtualRow()
+{
+ auto results = Query::Execute(db.selectAll<T>());
+ if (results.size() > 0)
+ this->data = std::move(results[0]);
+}
+
+template <typename T>
+VirtualRow<T>::VirtualRow(KeyValuePair&& kvp) : data(std::move(kvp))
+{
+}
+
+template <typename T>
+template<typename Struct, typename Member>
+Member VirtualRow<T>::at(Member Struct::* field) const
+{
+ if (this->data.size() == 0)
+ throw std::runtime_error("Data is not exist.");
+
+ std::string key = db.getColumnName(field);
+ if (key.empty())
+ throw std::runtime_error("Key is not exist.");
+
+ /// Convert "table.column" to "column"
+ std::size_t pos = key.find(".");
+ if (pos != std::string::npos && pos != key.size() - 1)
+ key = key.substr(pos + 1);
+
+ std::string value = this->data.at(key);
+ if (value.empty()) {
+ LOG(ERROR) << "The value of key[" << key << "] is not exist.";
+ return Member();
+ }
+
+ try {
+ return boost::lexical_cast<Member>(value);
+ } catch (...) {
+ LOG(ERROR) << "Failed to casting [key]: " << key;
+ return Member();
+ }
+}
+
+template <typename T>
+template<typename Struct, typename Member>
+Member VirtualRow<T>::operator[](Member Struct::*field) const
+{
+ return this->at(field);
+}
+
+template <typename T>
+VirtualTable<T>::VirtualTable()
+{
+ auto results = Query::Execute(db.selectAll<T>());
+ for (auto& r : results)
+ this->dataset.emplace_back(VirtualRow<T>(std::move(r)));
+}
+
+/// Explicit instantiation
+template class VirtualTable<Time>;
+template class VirtualRow<Time>;
+template int VirtualRow<Time>::at(int Time::*) const;
+template int VirtualRow<Time>::operator[](int Time::*) const;
+
+template class VirtualTable<Processes>;
+template class VirtualRow<Processes>;
+template int VirtualRow<Processes>::at(int Processes::*) const;
+template int VirtualRow<Processes>::operator[](int Processes::*) const;
+template long long int VirtualRow<Processes>::at(long long int Processes::*) const;
+template long long int VirtualRow<Processes>::operator[](long long int Processes::*) const;
+template std::string VirtualRow<Processes>::at(std::string Processes::*) const;
+template std::string VirtualRow<Processes>::operator[](std::string Processes::*) const;
+
+} // namespace vist
--- /dev/null
+/*
+ * Copyright (c) 2019 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+#pragma once
+
+#include <map>
+#include <stdexcept>
+#include <string>
+#include <vector>
+
+namespace vist {
+
+template <typename T>
+class VirtualRow final {
+public:
+ using KeyValuePair = std::map<std::string, std::string>;
+
+ explicit VirtualRow();
+ explicit VirtualRow(KeyValuePair&&);
+
+ template<typename Struct, typename Member>
+ Member at(Member Struct::*) const;
+
+ template<typename Struct, typename Member>
+ Member operator[](Member Struct::*) const;
+
+ inline std::size_t size() const { return data.size(); }
+
+private:
+ KeyValuePair data;
+};
+
+
+template <typename T>
+class VirtualTable final {
+public:
+ explicit VirtualTable();
+
+ /// Make iteratable
+ using Iter = typename std::vector<VirtualRow<T>>::iterator;
+ using CIter = typename std::vector<VirtualRow<T>>::const_iterator;
+
+ inline Iter begin() { return dataset.begin(); }
+ inline CIter begin() const { return dataset.cbegin(); }
+ inline Iter end() { return dataset.end(); }
+ inline CIter end() const { return dataset.end(); }
+
+ inline std::size_t size() const { return dataset.size(); }
+
+private:
+ std::vector<VirtualRow<T>> dataset;
+};
+
+} // namespace vist
+++ /dev/null
-# Copyright (c) 2019 Samsung Electronics Co., Ltd All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License
-
-ADD_VIST_LIBRARY(property property.cpp)
-
-FILE(GLOB PROPERTY_TESTS "tests/*.cpp")
-ADD_VIST_TEST(${PROPERTY_TESTS})
+++ /dev/null
-/*
- * Copyright (c) 2019 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-/*
- * @file property.cpp
- * @author Sangwan Kwon (sangwan.kwon@samsung.com)
- * @brief Implementation of Property
- */
-
-#include <property.h>
-
-#include <schema/time.h>
-#include <schema/processes.h>
-
-#include "../service/vist.h"
-
-#include <osquery/logger.h>
-
-#include <tsqb.hxx>
-
-#include <boost/lexical_cast.hpp>
-
-namespace {
-
-using namespace tsqb;
-auto time = make_table("time",
- make_column("hour", &Time::hour),
- make_column("minutes", &Time::minutes),
- make_column("seconds", &Time::seconds));
-
-auto processes = make_table("processes",
- make_column("pid", &Processes::pid),
- make_column("name", &Processes::name),
- make_column("path", &Processes::path),
- make_column("cmdline", &Processes::cmdline),
- make_column("uid", &Processes::uid),
- make_column("gid", &Processes::gid),
- make_column("euid", &Processes::euid),
- make_column("egid", &Processes::egid),
- make_column("on_disk", &Processes::on_disk),
- make_column("parent", &Processes::parent));
-
-auto db = make_database("db", time, processes);
-
-} // anonymous namespace
-
-namespace vist {
-
-template <typename T>
-Property<T>::Property()
-{
- auto results = Vist::Query(db.selectAll<T>());
- if (results.size() > 0)
- this->data = std::move(results[0]);
-}
-
-template <typename T>
-Property<T>::Property(KeyValuePair&& kvp) : data(std::move(kvp))
-{
-}
-
-template <typename T>
-template<typename Struct, typename Member>
-Member Property<T>::at(Member Struct::* field) const
-{
- if (this->data.size() == 0)
- throw std::runtime_error("Data is not exist.");
-
- std::string key = db.getColumnName(field);
- if (key.empty())
- throw std::runtime_error("Key is not exist.");
-
- /// Convert "table.column" to "column"
- std::size_t pos = key.find(".");
- if (pos != std::string::npos && pos != key.size() - 1)
- key = key.substr(pos + 1);
-
- std::string value = this->data.at(key);
- if (value.empty()) {
- LOG(ERROR) << "The value of key[" << key << "] is not exist.";
- return Member();
- }
-
- try {
- return boost::lexical_cast<Member>(value);
- } catch (...) {
- LOG(ERROR) << "Failed to casting [key]: " << key;
- return Member();
- }
-}
-
-template <typename T>
-template<typename Struct, typename Member>
-Member Property<T>::operator[](Member Struct::*field) const
-{
- return this->at(field);
-}
-
-template <typename T>
-Properties<T>::Properties()
-{
- auto results = Vist::Query(db.selectAll<T>());
- for (auto& r : results)
- this->datas.emplace_back(Property<T>(std::move(r)));
-}
-
-/// Explicit instantiation
-template class Property<Time>;
-template class Properties<Time>;
-template int Property<Time>::at(int Time::*) const;
-template int Property<Time>::operator[](int Time::*) const;
-
-template class Property<Processes>;
-template class Properties<Processes>;
-template int Property<Processes>::at(int Processes::*) const;
-template int Property<Processes>::operator[](int Processes::*) const;
-template long long int Property<Processes>::at(long long int Processes::*) const;
-template long long int Property<Processes>::operator[](long long int Processes::*) const;
-template std::string Property<Processes>::at(std::string Processes::*) const;
-template std::string Property<Processes>::operator[](std::string Processes::*) const;
-
-} // namespace vist
+++ /dev/null
-/*
- * Copyright (c) 2019 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-#include <gtest/gtest.h>
-
-#include <osquery/logger.h>
-
-#include <property.h>
-
-#include <schema/time.h>
-#include <schema/processes.h>
-
-using namespace osquery;
-using namespace vist;
-
-class PropertyTests : public testing::Test {};
-
-TEST_F(PropertyTests, property) {
- Time result = { -1, -1, -1 };
-
- Property<Time> time;
- result.hour = time.at(&Time::hour);
- result.minutes = time.at(&Time::minutes);
- result.seconds = time.at(&Time::seconds);
-
- /// Once query execution
- LOG(INFO) << "[Test] time table:";
- LOG(INFO) << "\t hour: " << result.hour;
- LOG(INFO) << "\t minutes: " << result.minutes;
- LOG(INFO) << "\t seconds: " << result.seconds;
-
- /// Each query execution
- LOG(INFO) << "[Test] time table:";
- LOG(INFO) << "\t hour: " << Property<Time>().at(&Time::hour);
- LOG(INFO) << "\t minutes: " << Property<Time>().at(&Time::minutes);
- LOG(INFO) << "\t seconds: " << Property<Time>().at(&Time::seconds);
-
- EXPECT_NE(result.hour, -1);
- EXPECT_NE(result.minutes, -1);
- EXPECT_NE(result.seconds, -1);
-}
-
-TEST_F(PropertyTests, propertyArrayOp) {
- Time result = { -1, -1, -1 };
-
- Property<Time> time;
- result.hour = time[&Time::hour];
- result.minutes = time[&Time::minutes];
- result.seconds = time[&Time::seconds];
-
- /// Once query execution
- LOG(INFO) << "[Test] time table:";
- LOG(INFO) << "\t hour: " << result.hour;
- LOG(INFO) << "\t minutes: " << result.minutes;
- LOG(INFO) << "\t seconds: " << result.seconds;
-
- EXPECT_NE(result.hour, -1);
- EXPECT_NE(result.minutes, -1);
- EXPECT_NE(result.seconds, -1);
-}
-
-TEST_F(PropertyTests, propertiesProcesses) {
- Processes result;
- Properties<Processes> processes;
- EXPECT_TRUE(processes.size() > 0);
-
- for(auto& p : processes) {
- EXPECT_TRUE(p.size() > 0);
- result.pid = p.at(&Processes::pid);
- result.name = p.at(&Processes::name);
- result.path = p.at(&Processes::path);
- result.cmdline = p.at(&Processes::cmdline);
- result.uid = p.at(&Processes::uid);
- result.gid = p.at(&Processes::gid);
- result.euid = p.at(&Processes::euid);
- result.egid = p.at(&Processes::egid);
- result.on_disk = p.at(&Processes::on_disk);
- result.parent = p.at(&Processes::parent);
-
- LOG(INFO) << "[Test] Processes table:";
- LOG(INFO) << "\t pid: " << result.pid;
- LOG(INFO) << "\t name: " << result.name;
- LOG(INFO) << "\t path: " << result.path;
- LOG(INFO) << "\t cmdline: " << result.cmdline;
- LOG(INFO) << "\t uid: " << result.uid;
- LOG(INFO) << "\t gid: " << result.gid;
- LOG(INFO) << "\t euid: " << result.euid;
- LOG(INFO) << "\t egid: " << result.egid;
- LOG(INFO) << "\t on_disk: " << result.on_disk;
- LOG(INFO) << "\t parent: " << result.parent;
- }
-}
projects / platform / core / security / vist.git / commitdiff