2018-05-10 17:15:23 +12:00
# GPO Parser for audit extensions
#
# Copyright (C) Andrew Bartlett <abartlet@samba.org> 2018
# Written by Garming Sam <garming@catalyst.net.nz>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
import codecs
import csv
import io
from io import BytesIO
from xml . etree . ElementTree import Element , SubElement
2018-09-05 12:52:30 +01:00
from samba . compat import PY3
2018-05-10 17:15:23 +12:00
from samba . gp_parse import GPParser
2018-09-05 17:01:17 +01:00
from samba . compat import text_type
2018-05-10 17:15:23 +12:00
# [MS-GPAC] Group Policy Audit Configuration
class GPAuditCsvParser ( GPParser ) :
encoding = ' utf-8 '
header = None
lines = [ ]
def parse ( self , contents ) :
self . lines = [ ]
2018-09-05 14:18:16 +01:00
reader = csv . reader ( codecs . getreader ( self . encoding ) ( BytesIO ( contents ) ) )
2018-05-10 17:15:23 +12:00
2018-09-05 14:18:16 +01:00
self . header = next ( reader )
2018-05-10 17:15:23 +12:00
for row in reader :
line = { }
for i , x in enumerate ( row ) :
line [ self . header [ i ] ] = x
self . lines . append ( line )
# print line
def write_xml ( self , filename ) :
2018-09-05 12:46:44 +01:00
with open ( filename , ' wb ' ) as f :
2018-05-10 17:15:23 +12:00
root = Element ( ' CsvFile ' )
child = SubElement ( root , ' Row ' )
for e in self . header :
value = SubElement ( child , ' Value ' )
value . text = e
for line in self . lines :
child = SubElement ( root , ' Row ' )
2018-05-30 09:43:53 +12:00
for e , title in [ ( line [ x ] , x ) for x in self . header ] :
2018-05-10 17:15:23 +12:00
value = SubElement ( child , ' Value ' )
value . text = e
2018-05-30 09:43:53 +12:00
# Metadata for generalization
if title == ' Policy Target ' and e != ' ' :
value . attrib [ ' user_id ' ] = ' TRUE '
if ( title == ' Setting Value ' and e != ' ' and
( line [ ' Subcategory ' ] == ' RegistryGlobalSacl ' or
line [ ' Subcategory ' ] == ' FileGlobalSacl ' ) ) :
value . attrib [ ' acl ' ] = ' TRUE '
2018-05-10 17:15:23 +12:00
self . write_pretty_xml ( root , f )
# contents = codecs.open(filename, encoding='utf-8').read()
# self.load_xml(fromstring(contents))
def load_xml ( self , root ) :
header = True
self . lines = [ ]
for r in root . findall ( ' Row ' ) :
if header :
header = False
self . header = [ ]
for v in r . findall ( ' Value ' ) :
2018-09-05 17:01:17 +01:00
if not isinstance ( v . text , text_type ) :
v . text = v . text . decode ( self . output_encoding )
self . header . append ( v . text )
2018-05-10 17:15:23 +12:00
else :
line = { }
for i , v in enumerate ( r . findall ( ' Value ' ) ) :
line [ self . header [ i ] ] = v . text if v . text is not None else ' '
2018-09-05 17:01:17 +01:00
if not isinstance ( self . header [ i ] , text_type ) :
line [ self . header [ i ] ] = line [ self . header [ i ] ] . decode ( self . output_encoding )
2018-05-10 17:15:23 +12:00
self . lines . append ( line )
def write_binary ( self , filename ) :
2018-09-05 12:52:30 +01:00
from io import open
with open ( filename , ' w ' , self . encoding ) as f :
# In this case "binary" means "utf-8", so we let Python do that.
2018-05-10 17:15:23 +12:00
writer = csv . writer ( f , quoting = csv . QUOTE_MINIMAL )
writer . writerow ( self . header )
for line in self . lines :
writer . writerow ( [ line [ x ] for x in self . header ] )