Analysis time button bug fix

fapolicy_analyzer/ui/policy_rules_admin_page.py

@@ -39,6 +39,8 @@
     GROUPS_LABEL,
     OPEN_FILE_LABEL,
     PARSE_EVENT_LOG_ERROR_MSG,
+    SYSLOG_FORMAT_WARNING,
+    TIME_FORMAT_CONFIG_TITLE,
     USER_LABEL,
     USERS_LABEL,
 )
@@ -50,10 +52,25 @@
 
 gi.require_version("Gtk", "3.0")
 from gi.repository import Gtk  # isort: skip
-import datetime
 import time
 
 
+def time_format_config_dlg():
+
+    dlgTimeFormatConfig = Gtk.Dialog(
+        title=TIME_FORMAT_CONFIG_TITLE
+    )
+    dlgTimeFormatConfig.add_buttons(Gtk.STOCK_OK, Gtk.ResponseType.OK)
+
+    label = Gtk.Label(label=SYSLOG_FORMAT_WARNING)
+    hbox = dlgTimeFormatConfig.get_content_area()
+    label.set_justify(Gtk.Justification.LEFT)
+    hbox.add(label)
+    dlgTimeFormatConfig.show_all()
+    dlgTimeFormatConfig.run()
+    dlgTimeFormatConfig.destroy()
+
+
 class PolicyRulesAdminPage(UIConnectedWidget, UIPage):
     def __init__(self, use_syslog: bool = False, audit_file: Optional[str] = None):
         UIConnectedWidget.__init__(
@@ -137,7 +154,7 @@ def __init__(self, use_syslog: bool = False, audit_file: Optional[str] = None):
         self._time_delay = -1
         self.__time_unit = "2"
         self.__time_number = 1
-
+        self.when_none = 0
         self.__switchers = [
             self.Switcher(
                 self.get_object("userPanel"),
@@ -385,6 +402,7 @@ def __populate_objects(self):
             or self.__selection_state["group"] is not None
         ):
             last_subject = self.__selection_state["subjects"][-1]
+            self.when_none = any([e.when() is None for e in self.__log.by_subject(last_subject)])
             data = list(
                 {
                     e.object.file: {e.rule_id: e.object}
@@ -447,8 +465,7 @@ def exec_primary_data_func():
         ):
             self.__events_loading = False
             self.__log = eventsState.log
-            utc = int(datetime.datetime.utcnow().timestamp())
-            tzdelta = int(time.time()) - utc
+            tzdelta = int(time.localtime().tm_gmtoff)
             if self._time_delay < 0:
                 self.__log.begin(int(time.time()) + tzdelta - 3600)
             else:
@@ -557,6 +574,9 @@ def on_timeSelectBtn_clicked(self, *args):
         def plural(count):
             return "s" if count > 1 else ""
 
+        if self.when_none:
+            time_format_config_dlg()
+
         time_dialog = TimeSelectDialog()
         time_dialog.set_time_unit(self.__time_unit)
         time_dialog.set_time_number(self.__time_number)

fapolicy_analyzer/ui/strings.py

@@ -212,3 +212,13 @@
 ACCESS_ALLOWED_TOOLTIP = _("File access fully allowed")
 ACCESS_PARTIAL_TOOLTIP = _("File access partially allowed")
 ACCESS_DENIED_TOOLTIP = _("File access denied")
+TIME_FORMAT_CONFIG_TITLE = _("Syslog Format Check")
+SYSLOG_FORMAT_WARNING = _(
+    """
+No event time found, time filtering will not work.
+Please update /etc/rsyslog.conf then restart the syslog service.
+
+regexp: "RSYSLOG_TraditionalFileFormat"
+replace: "RSYSLOG_FileFormat"
+    """
+)

locale/fapolicy-analyzer.pot

@@ -7,9 +7,9 @@
 #, fuzzy
 msgid ""
 msgstr ""
-"Project-Id-Version: fapolicy-analyzer 0.0.0+402.gdbfc0a6.dirty\n"
+"Project-Id-Version: fapolicy-analyzer 0.0.0+371.g14d3f45.dirty\n"
 "Report-Msgid-Bugs-To: EMAIL@ADDRESS\n"
-"POT-Creation-Date: 2023-02-28 09:14-0500\n"
+"POT-Creation-Date: 2023-05-04 09:04-0700\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <[email protected]>\n"
@@ -19,15 +19,15 @@ msgstr ""
 "Generated-By: Babel 2.11.0\n"
 
 #: fapolicy_analyzer/ui/ancillary_trust_database_admin.py:116
-#: fapolicy_analyzer/ui/system_trust_database_admin.py:135
+#: fapolicy_analyzer/ui/system_trust_database_admin.py:138
 msgid ""
 "File: {trust.path}\n"
 "Size: {trust.size}\n"
 "SHA256: {trust.hash}"
 msgstr ""
 
 #: fapolicy_analyzer/ui/ancillary_trust_database_admin.py:126
-#: fapolicy_analyzer/ui/system_trust_database_admin.py:144
+#: fapolicy_analyzer/ui/system_trust_database_admin.py:147
 msgid ""
 "{fs.stat(trust.path)}\n"
 "SHA256: {fs.sha(trust.path)}"
@@ -56,7 +56,7 @@ msgstr ""
 msgid "Reverting to previous settings in {i+1} seconds"
 msgstr ""
 
-#: fapolicy_analyzer/ui/main_window.py:276
+#: fapolicy_analyzer/ui/main_window.py:302
 msgid ""
 "An error occurred trying to open the session file, "
 "{self.strSessionFilename}"
@@ -120,6 +120,7 @@ msgstr ""
 msgid "Rule"
 msgstr ""
 
+#: fapolicy_analyzer/glade/main_window.glade:159
 #: fapolicy_analyzer/ui/strings.py:37
 msgid "Rules"
 msgstr ""
@@ -193,6 +194,7 @@ msgid "Ancillary Trust Database"
 msgstr ""
 
 #: fapolicy_analyzer/glade/ancillary_trust_database_admin.glade:60
+#: fapolicy_analyzer/glade/main_window.glade:150
 #: fapolicy_analyzer/glade/trust_reconciliation_dialog.glade:41
 #: fapolicy_analyzer/ui/strings.py:74
 msgid "Trust"
@@ -498,12 +500,27 @@ msgstr ""
 msgid "File access denied"
 msgstr ""
 
-#: fapolicy_analyzer/ui/trust_file_list.py:165
+#: fapolicy_analyzer/ui/strings.py:215
+msgid "Syslog Format Check"
+msgstr ""
+
+#: fapolicy_analyzer/ui/strings.py:216
+msgid ""
+"\n"
+"No event time found, time filtering will not work.\n"
+"Please update /etc/rsyslog.conf then restart the syslog service.\n"
+"\n"
+"regexp: \"RSYSLOG_TraditionalFileFormat\"\n"
+"replace: \"RSYSLOG_FileFormat\"\n"
+"    "
+msgstr ""
+
+#: fapolicy_analyzer/ui/trust_file_list.py:170
 #, python-format
 msgid "Loading trust {pct}% complete..."
 msgstr ""
 
-#: fapolicy_analyzer/ui/operations/deploy_changesets_op.py:159
+#: fapolicy_analyzer/ui/operations/deploy_changesets_op.py:143
 msgid "Deploy Changes"
 msgstr ""
 
@@ -519,23 +536,6 @@ msgstr ""
 msgid "informational message(s)"
 msgstr ""
 
-#: fapolicy_analyzer/glade/analyzer_selection_dialog.glade:41
-msgid "Scan System"
-msgstr ""
-
-#: fapolicy_analyzer/glade/analyzer_selection_dialog.glade:55
-#: fapolicy_analyzer/glade/main_window.glade:175
-msgid "Administer Trust Databases"
-msgstr ""
-
-#: fapolicy_analyzer/glade/analyzer_selection_dialog.glade:77
-msgid "Analyzer Selection"
-msgstr ""
-
-#: fapolicy_analyzer/glade/analyzer_selection_dialog.glade:111
-msgid "Analyze From Audit"
-msgstr ""
-
 #: fapolicy_analyzer/glade/ancillary_trust_database_admin.glade:75
 #: fapolicy_analyzer/glade/trust_reconciliation_dialog.glade:54
 msgid "Untrust"
@@ -563,13 +563,13 @@ msgstr ""
 msgid "Deploy Changesets?"
 msgstr ""
 
-#: fapolicy_analyzer/glade/confirm_deployment_dialog.glade:87
+#: fapolicy_analyzer/glade/confirm_deployment_dialog.glade:102
 msgid ""
 "Are you sure you wish to deploy your changes to the fapolicyd?\n"
 "This will update fapolicyd and restart the service."
 msgstr ""
 
-#: fapolicy_analyzer/glade/confirm_deployment_dialog.glade:127
+#: fapolicy_analyzer/glade/confirm_deployment_dialog.glade:142
 msgid ""
 "\"Save As...\" fapolicyd data and configuration to archive prior to "
 "deployment."
@@ -600,52 +600,56 @@ msgstr ""
 msgid "_File"
 msgstr ""
 
-#. Presents option to load prior sessions tmp file (if it exists.)
-#: fapolicy_analyzer/glade/main_window.glade:105
-msgid "Restore"
+#: fapolicy_analyzer/glade/main_window.glade:109
+msgid "Analyze"
 msgstr ""
 
-#: fapolicy_analyzer/glade/main_window.glade:148
-msgid "_Tool"
+#: fapolicy_analyzer/glade/main_window.glade:119
+msgid "Syslog"
 msgstr ""
 
-#: fapolicy_analyzer/glade/main_window.glade:158
-msgid "Analyze From Syslog"
+#: fapolicy_analyzer/glade/main_window.glade:128
+msgid "Debug Log"
 msgstr ""
 
-#: fapolicy_analyzer/glade/main_window.glade:167
-msgid "Analyze From Debug Log"
+#: fapolicy_analyzer/glade/main_window.glade:140
+msgid "_Tool"
 msgstr ""
 
-#: fapolicy_analyzer/glade/main_window.glade:184
-msgid "Administer Rules"
+#: fapolicy_analyzer/glade/main_window.glade:168
+msgid "Profiler"
 msgstr ""
 
-#: fapolicy_analyzer/glade/main_window.glade:193
-msgid "Profile Executable"
+#: fapolicy_analyzer/glade/main_window.glade:181
+msgid "Daemon"
 msgstr ""
 
-#: fapolicy_analyzer/glade/main_window.glade:206
-msgid "System"
+#: fapolicy_analyzer/glade/main_window.glade:213
+msgid "Session"
 msgstr ""
 
-#: fapolicy_analyzer/glade/main_window.glade:239
+#. Presents option to load prior sessions tmp file (if it exists.)
+#: fapolicy_analyzer/glade/main_window.glade:233
+msgid "Restore"
+msgstr ""
+
+#: fapolicy_analyzer/glade/main_window.glade:266
 msgid "_Help"
 msgstr ""
 
-#: fapolicy_analyzer/glade/main_window.glade:249
+#: fapolicy_analyzer/glade/main_window.glade:276
 msgid "User Guide"
 msgstr ""
 
-#: fapolicy_analyzer/glade/main_window.glade:312
+#: fapolicy_analyzer/glade/main_window.glade:339
 msgid "fapolicyd:"
 msgstr ""
 
 #: fapolicy_analyzer/glade/notification.glade:46
 msgid "x"
 msgstr ""
 
-#: fapolicy_analyzer/glade/policy_rules_admin_page.glade:53
+#: fapolicy_analyzer/glade/policy_rules_admin_page.glade:41
 msgid "Showing events since "
 msgstr ""
 
@@ -689,6 +693,18 @@ msgstr ""
 msgid "Rules View"
 msgstr ""
 
+#: fapolicy_analyzer/glade/rules_difference_dialog.glade:23
+msgid "Rule Differences"
+msgstr ""
+
+#: fapolicy_analyzer/glade/rules_difference_dialog.glade:74
+msgid "Previous Rules"
+msgstr ""
+
+#: fapolicy_analyzer/glade/rules_difference_dialog.glade:113
+msgid "New Rules"
+msgstr ""
+
 #: fapolicy_analyzer/glade/rules_status_info.glade:55
 msgid "Status Information"
 msgstr ""