Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

IT - WDB - 2532- Test set_agent_groups WDB command #2602

Merged
merged 8 commits into from
Feb 25, 2022
Merged
Show file tree
Hide file tree
Changes from 5 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion deps/wazuh_testing/wazuh_testing/wazuh_db.py
Original file line number Diff line number Diff line change
Expand Up @@ -167,7 +167,7 @@ def clean_agents_from_db():
raise Exception('Unable to clean agents')


def insert_agent_in_db(id=1, name='TestAgent', ip='any', registration_time=0, connection_status=0,
def insert_agent_in_db(id=1, name='TestAgent', ip='any', registration_time=0, connection_status="never_connected",
disconnection_time=0):
"""
Write agent in global.db
Expand All @@ -180,3 +180,4 @@ def insert_agent_in_db(id=1, name='TestAgent', ip='any', registration_time=0, co
query_wdb(update_command)
except Exception:
raise Exception(f"Unable to add agent {id}")

Original file line number Diff line number Diff line change
@@ -0,0 +1,193 @@
---
-
name: "Group Append - Add TestGroup1"
test_case:
-
input: "global set-agent-groups {\"mode\":\"append\",\"sync_status\":\"syncreq\",\"source\":\"remote\",\"data\":[{\"id\":001,\"groups\":[\"TestGroup1\"]}]}"
output: "ok"
agent_id: 1
expected_group: "TestGroup1"
-
name: "Group Append Empty groups - Agent has no groups - No groups added"
test_case:
-
input: "global set-agent-groups {\"mode\":\"append\",\"sync_status\":\"syncreq\",\"source\":\"remote\",\"data\":[{\"id\":002,\"groups\":[]}]}"
output: "err An error occurred during the set of the groups"
agent_id: 2
expected_group: "None"
-
name: "Group Append Empty groups - Agent has default group - No groups affected"
test_case:
-
pre_input: "global set-agent-groups {\"mode\":\"append\",\"sync_status\":\"syncreq\",\"source\":\"remote\",\"data\":[{\"id\":002,\"groups\":[\"default\"]}]}"
input: "global set-agent-groups {\"mode\":\"append\",\"sync_status\":\"syncreq\",\"source\":\"remote\",\"data\":[{\"id\":002,\"groups\":[]}]}"
output: "ok"
agent_id: 2
expected_group: "default"
-
name: "Group Append Add same group twice - Has only one group"
test_case:
-
pre_input: "global set-agent-groups {\"mode\":\"append\",\"sync_status\":\"syncreq\",\"source\":\"remote\",\"data\":[{\"id\":003,\"groups\":[\"TestGroup1\"]}]}"
input: "global set-agent-groups {\"mode\":\"append\",\"sync_status\":\"syncreq\",\"source\":\"remote\",\"data\":[{\"id\":003,\"groups\":[\"TestGroup1\"]}]}"
output: "ok"
agent_id: 3
expected_group: "TestGroup1"
-
name: "Group Append Two groups - Agent Has two groups"
test_case:
-
pre_input: "global set-agent-groups {\"mode\":\"append\",\"sync_status\":\"syncreq\",\"source\":\"remote\",\"data\":[{\"id\":004,\"groups\":[\"TestGroup1\"]}]}"
input: "global set-agent-groups {\"mode\":\"append\",\"sync_status\":\"syncreq\",\"source\":\"remote\",\"data\":[{\"id\":004,\"groups\":[\"TestGroup2\"]}]}"
output: "ok"
agent_id: 4
expected_group: "TestGroup1,TestGroup2"
-
name: "Group Empty-Only - Agent Has no groups. One Group is Added"
test_case:
-
input: "global set-agent-groups {\"mode\":\"empty_only\",\"sync_status\":\"syncreq\",\"source\":\"remote\",\"data\":[{\"id\":005,\"groups\":[\"TestGroup1\"]}]}"
output: "ok"
agent_id: 5
expected_group: "TestGroup1"
-
name: "Group Empty-Only - Agent Has no groups. No new groups added"
test_case:
-
pre_input: "global set-agent-groups {\"mode\":\"empty_only\",\"sync_status\":\"syncreq\",\"source\":\"remote\",\"data\":[{\"id\":006,\"groups\":[\"TestGroup1\"]}]}"
input: "global set-agent-groups {\"mode\":\"empty_only\",\"sync_status\":\"syncreq\",\"source\":\"remote\",\"data\":[{\"id\":006,\"groups\":[\"TestGroup2\"]}]}"
output: "ok"
agent_id: 6
expected_group: "TestGroup1"
-
name: "Group Override - Agent Has one group. New group replaces old group"
test_case:
-
pre_input: "global set-agent-groups {\"mode\":\"override\",\"sync_status\":\"syncreq\",\"source\":\"remote\",\"data\":[{\"id\":007,\"groups\":[\"TestGroup1\"]}]}"
input: "global set-agent-groups {\"mode\":\"override\",\"sync_status\":\"syncreq\",\"source\":\"remote\",\"data\":[{\"id\":007,\"groups\":[\"TestGroup2\"]}]}"
output: "ok"
agent_id: 7
expected_group: "TestGroup2"
-
name: "Group Override - Agent has Group - Pass no new group. Error - groups not affected"
test_case:
-
pre_input: "global set-agent-groups {\"mode\":\"override\",\"sync_status\":\"syncreq\",\"source\":\"remote\",\"data\":[{\"id\":008,\"groups\":[\"TestGroup1\"]}]}"
input: "global set-agent-groups {\"mode\":\"override\",\"sync_status\":\"syncreq\",\"source\":\"remote\",\"data\":[{\"id\":008,\"groups\":[]}]}"
output: "err An error occurred during the set of the groups"
agent_id: 8
expected_group: "TestGroup1"
-
name: "Group Remove - Agent has one Group - Remove the group. Agent has default assigned"
test_case:
-
pre_input: "global set-agent-groups {\"mode\":\"override\",\"sync_status\":\"syncreq\",\"source\":\"remote\",\"data\":[{\"id\":009,\"groups\":[\"TestGroup1\"]}]}"
input: "global set-agent-groups {\"mode\":\"remove\",\"sync_status\":\"syncreq\",\"source\":\"remote\",\"data\":[{\"id\":009,\"groups\":[\"TestGroup1\"]}]}"
output: "ok"
agent_id: 9
expected_group: "default"
-
name: "Group Remove - Agent has TestGroup1 and TestGroup2 - Remove Tesgroup1. Agent has TestGroup2 assigned"
test_case:
-
pre_input: "global set-agent-groups {\"mode\":\"override\",\"sync_status\":\"syncreq\",\"source\":\"remote\",\"data\":[{\"id\":010,\"groups\":[\"TestGroup1\",\"TestGroup2\"]}]}"
input: "global set-agent-groups {\"mode\":\"remove\",\"sync_status\":\"syncreq\",\"source\":\"remote\",\"data\":[{\"id\":010,\"groups\":[\"TestGroup1\"]}]}"
output: "ok"
agent_id: 10
expected_group: "TestGroup2"
-
name: "Group Remove - Agent has no groups - Try remove a group. Agent has default assigned "
test_case:
-
input: "global set-agent-groups {\"mode\":\"remove\",\"sync_status\":\"syncreq\",\"source\":\"remote\",\"data\":[{\"id\":011,\"groups\":[\"TestGroup1\"]}]}"
output: "ok"
agent_id: 11
expected_group: "default"
-
name: "Invalid Mode - use an Invalid mode - no groups added"
test_case:
-
input: "global set-agent-groups {\"mode\":\"wrong_mode\",\"sync_status\":\"syncreq\",\"source\":\"remote\",\"data\":[{\"id\":012,\"groups\":[\"TestGroup1\"]}]}"
output: "err Invalid mode 'wrong_mode' in set_agent_groups command"
agent_id: 12
expected_group: "None"
-
name: "No Mode - No mode is passed - no groups affected"
test_case:
-
input: "global set-agent-groups {\"mode\":\"\",\"sync_status\":\"syncreq\",\"source\":\"remote\",\"data\":[{\"id\":013,\"groups\":[\"TestGroup1\"]}]}"
output: "err Invalid mode '' in set_agent_groups command"
agent_id: 13
expected_group: "None"
-
name: "sync_status Synced - Assign a group using Synced Sync Status - agent has TestGroup1 assigned"
test_case:
-
input: "global set-agent-groups {\"mode\":\"append\",\"sync_status\":\"synced\",\"source\":\"remote\",\"data\":[{\"id\":014,\"groups\":[\"TestGroup1\"]}]}"
output: "ok"
agent_id: 14
expected_group: "TestGroup1"
-
name: "Wrong sync_status - Assign a group using and invalid Sync_Status - agent has no group"
test_case:
-
input: "global set-agent-groups {\"mode\":\"append\",\"sync_status\":\"wrong_status\",\"source\":\"remote\",\"data\":[{\"id\":015,\"groups\":[\"TestGroup1\"]}]}"
output: "err An error occurred during the set of the groups"
agent_id: 15
expected_group: "None"
-
name: "No sync_status - Assign a group using and empty Sync_Status field - agent has no group assigned"
test_case:
-
input: "global set-agent-groups {\"mode\":\"append\",\"sync_status\":\"\",\"source\":\"remote\",\"data\":[{\"id\":016,\"groups\":[\"TestGroup1\"]}]}"
output: "err An error occurred during the set of the groups"
agent_id: 16
expected_group: "None"
-
name: "Missing Fields - Assign a group using without data field - agent has no group assigned"
test_case:
-
input: "global set-agent-groups {\"mode\":\"append\",\"sync_status\":\"syncreq\",\"source\":\"remote\"}"
output: "err Invalid JSON data, missing required fields"
agent_id: 16
expected_group: "None"
-
name: "Missing Fields - Assign a group using without data groups field - agent has no group assigned"
test_case:
-
input: "global set-agent-groups {\"mode\":\"append\",\"sync_status\":\"syncreq\",\"source\":\"remote\",\"data\":[{\"id\":016}]}"
output: "err An error occurred during the set of the groups"
agent_id: 16
expected_group: "None"
-
name: "Missing Fields - Assign a group using without data id field - agent has no group assigned"
test_case:
-
input: "global set-agent-groups {\"mode\":\"append\",\"sync_status\":\"syncreq\",\"source\":\"remote\",\"data\":[{\"groups\":[\"TestGroup1\"]}]}"
output: "err An error occurred during the set of the groups"
agent_id: 16
expected_group: "None"
-
name: "Missing Fields - Assign a group using without source field - agent has TestGroup1 assigned"
test_case:
-
input: "global set-agent-groups {\"mode\":\"append\",\"sync_status\":\"syncreq\",\"data\":[{\"id\":016,\"groups\":[\"TestGroup1\"]}]}"
output: "ok"
agent_id: 16
expected_group: "TestGroup1"
-
name: "Missing Fields - Assign a group using without mode field - agent has no group assigned"
test_case:
-
input: "global set-agent-groups {\"sync_status\":\"syncreq\",\"source\":\"remote\",\"data\":[{\"id\":017,\"groups\":[\"TestGroup1\"]}]}"
output: "err Invalid JSON data, missing required fields"
agent_id: 17
expected_group: "None"
-
name: "Missing Fields - Assign a group using without sync_status field - agent has TestGroup1 assigned"
test_case:
-
input: "global set-agent-groups {\"mode\":\"append\",\"source\":\"remote\",\"data\":[{\"id\":018,\"groups\":[\"TestGroup1\"]}]}"
output: "ok"
agent_id: 18
expected_group: "TestGroup1"
Original file line number Diff line number Diff line change
@@ -0,0 +1,158 @@
'''
copyright: Copyright (C) 2015-2022, Wazuh Inc.

Created by Wazuh, Inc. <info@wazuh.com>.

This program is free software; you can redistribute it and/or modify it under the terms of GPLv2

type: integration

brief: Wazuh-db is the daemon in charge of the databases with all the Wazuh persistent information, exposing a socket
to receive requests and provide information. The Wazuh core uses list-based databases to store information
related to agent keys, and FIM/Rootcheck event data.
This test checks the usage of the set_agent_groups command used for changing the agent's group data and for the
cluster's database sync procedures.

tier: 0

modules:
- wazuh_db

components:
- manager

daemons:
- wazuh-db

os_platform:
- linux

os_version:
- Arch Linux
- Amazon Linux 2
- Amazon Linux 1
- CentOS 8
- CentOS 7
- CentOS 6
- Ubuntu Focal
- Ubuntu Bionic
- Ubuntu Xenial
- Ubuntu Trusty
- Debian Buster
- Debian Stretch
- Debian Jessie
- Debian Wheezy
- Red Hat 8
- Red Hat 7
- Red Hat 6

references:
- https://documentation.wazuh.com/current/user-manual/reference/daemons/wazuh-db.html

tags:
- wazuh_db
'''
import os
import time
import pytest
import yaml
from wazuh_testing.tools import WAZUH_PATH
from wazuh_testing.wazuh_db import query_wdb, insert_agent_in_db
from wazuh_testing.tools.services import delete_dbs

# Marks
pytestmark = [pytest.mark.linux, pytest.mark.tier(level=0), pytest.mark.server]

# Configurations
test_data_path = os.path.join(os.path.dirname(os.path.realpath(__file__)), 'data')
messages_file = os.path.join(test_data_path, 'set_agent_groups.yaml')
module_tests = []
with open(messages_file) as f:
module_tests.append((yaml.safe_load(f), messages_file.split('_')[0]))

log_monitor_paths = []
wdb_path = os.path.join(os.path.join(WAZUH_PATH, 'queue', 'db', 'wdb'))
receiver_sockets_params = [(wdb_path, 'AF_UNIX', 'TCP')]
monitored_sockets_params = [('wazuh-db', None, True)]
receiver_sockets= None # Set in the fixtures


#Fixtures
@pytest.fixture(scope='module')
def remove_database(request):
yield
delete_dbs()


# Tests
@pytest.mark.parametrize('test_case',
[case['test_case'] for module_data in module_tests for case in module_data[0]],
ids=[f"{module_name}: {case['name']}"
for module_data, module_name in module_tests
for case in module_data]
)
def test_set_agent_groups(remove_database, configure_sockets_environment, connect_to_sockets_module, test_case):
'''
description: Check that every input message using the 'set_agent_groups' command in wazuh-db socket generates
the proper output to wazuh-db socket. To do this, it performs a query to the socket with a command
taken from the list of test_cases's 'input' field, and compare the result with the test_case's
'output' and 'expected_group' fields.

wazuh_min_version: 4.4.0

parameters:
- restart_wazuh:
type: fixture
brief: Reset the 'ossec.log' file and start a new monitor.
- configure_sockets_environment:
type: fixture
brief: Configure environment for sockets and MITM.
- connect_to_sockets_module:
type: fixture
brief: Module scope version of 'connect_to_sockets' fixture.
- test_case:
type: fixture
brief: List of test_case stages (dicts with input, output and agent_id and expected_groups keys).

assertions:
- Verify that the socket response matches the expected output.
- Verify that the agent has the expected_group assigned.

input_description:
- Test cases are defined in the set_agent_groups.yaml file. This file contains the command to insert the agentes
groups, with different modes and combinations, as well as the expected outputs and results.

expected_output:
- f"Assertion Error - expected {output}, but got {response}"
- 'Unable to add agent'
- 'did not recieve expected groups in Agent.'

tags:
- wazuh_db
- wdb_socket
'''

case_data = test_case[0]
output = case_data["output"]
agent_id= case_data["agent_id"]

# Insert test Agent
response = insert_agent_in_db(id=agent_id, connection_status="disconnected", registration_time=str(time.time()))

# Apply preconditions
if 'pre_input' in case_data:
query_wdb(case_data['pre_input'])

# Add tested group
response = query_wdb(case_data["input"])

# validate output
assert response == output, f"Assertion Error - expected {output}, but got {response}"

# get agent data and validate agent's groups
response = query_wdb(f'global get-agent-info {agent_id}')

if case_data["expected_group"] == 'None' and 'err' in output:
assert 'group' not in response[0], "Agent has groups data and it was expecting no group data"
else:
assert case_data["expected_group"] == response[0]['group'], "did not recieve expected groups in Agent."
Deblintrake09 marked this conversation as resolved.
Show resolved Hide resolved