Create data directory on Island initialisation

CHANGELOG.md

@@ -33,6 +33,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 - Improved the structure of unit tests by scoping fixtures only to relevant modules
   instead of having a one huge fixture file, improved and renamed the directory
   structure of unit tests and unit test infrastructure. #1178
+- Create/check data directory on Island init. #1170
 
 ### Removed
 - Relevant dead code as reported by Vulture. #1149

appimage/run_appimage.sh

@@ -3,20 +3,12 @@
 PYTHON_CMD="$APPDIR"/opt/python3.7/bin/python3.7
 DOT_MONKEY="$HOME"/.monkey_island/
 
-configure_default_server() {
-    if [ ! -f "$DOT_MONKEY"/server_config.json ]; then
-        cp "$APPDIR"/usr/src/monkey_island/cc/server_config.json.standard "$DOT_MONKEY"/server_config.json
-    fi
-}
-
 # shellcheck disable=SC2174
 mkdir --mode=0700 --parents "$DOT_MONKEY"
 
 DB_DIR="$DOT_MONKEY"/db
 mkdir --parents "$DB_DIR"
 
-configure_default_server
-
 cd "$APPDIR"/usr/src || exit 1
 ./monkey_island/bin/mongodb/bin/mongod --dbpath "$DB_DIR" &
 ${PYTHON_CMD} ./monkey_island.py --server-config "$DOT_MONKEY"/server_config.json

monkey/monkey_island.py

@@ -7,7 +7,9 @@
 import json  # noqa: E402
 import os  # noqa: E402
 
+import monkey_island.cc.environment.server_config_generator as server_config_generator  # noqa: E402
 from monkey_island import config_loader  # noqa: E402
+from monkey_island.cc.environment.data_dir_generator import create_data_dir  # noqa: E402
 from monkey_island.cc.server_utils.island_logger import setup_logging  # noqa: E402
 
 if "__main__" == __name__:
@@ -16,10 +18,15 @@
     # This is here in order to catch EVERYTHING, some functions are being called on
     # imports, so the log init needs to be first.
     try:
-        server_config_path = os.path.expanduser(island_args.server_config)
+        if island_args.server_config:
+            server_config_path = os.path.expanduser(island_args.server_config)
+        else:
+            server_config_path = server_config_generator.create_default_server_config_file()
 
         config = config_loader.load_server_config_from_file(server_config_path)
 
+        create_data_dir(config["data_dir"], True)
+
         setup_logging(config["data_dir"], config["log_level"])
 
     except OSError as ex:
@@ -32,4 +39,4 @@
 
     from monkey_island.cc.main import main  # noqa: E402
 
-    main(config["data_dir"], island_args.setup_only, island_args.server_config)
+    main(config["data_dir"], island_args.setup_only, server_config_path)

monkey/monkey_island/cc/arg_parser.py

@@ -1,7 +1,5 @@
 from dataclasses import dataclass
 
-from monkey_island.cc.server_utils.consts import DEFAULT_SERVER_CONFIG_PATH
-
 
 @dataclass
 class IslandArgs:
@@ -25,10 +23,7 @@ def parse_cli_args() -> IslandArgs:
         "compiling/packaging Islands.",
     )
     parser.add_argument(
-        "--server-config",
-        action="store",
-        help="The path to the server configuration file.",
-        default=DEFAULT_SERVER_CONFIG_PATH,
+        "--server-config", action="store", help="The path to the server configuration file."
     )
     args = parser.parse_args()
 

monkey/monkey_island/cc/environment/data_dir_generator.py

@@ -0,0 +1,14 @@
+import os
+
+from monkey_island.cc.environment.utils import is_windows_os
+from monkey_island.cc.environment.windows_permissions import set_full_folder_access
+
+
+def create_data_dir(data_dir: str, create_parent_dirs: bool) -> None:
+    if not os.path.isdir(data_dir):
+        if create_parent_dirs:
+            os.makedirs(data_dir, mode=0o700)
+        else:
+            os.mkdir(data_dir, mode=0o700)
+        if is_windows_os():  # `mode=0o700` doesn't work on Windows
+            set_full_folder_access(folder_path=data_dir)

monkey/monkey_island/cc/environment/environment_config.py

@@ -2,10 +2,8 @@
 
 import json
 import os
-from pathlib import Path
 from typing import Dict, List
 
-import monkey_island.cc.environment.server_config_generator as server_config_generator
 from monkey_island.cc.environment.user_creds import UserCreds
 from monkey_island.cc.resources.auth.auth_user import User
 from monkey_island.cc.resources.auth.user_store import UserStore
@@ -24,8 +22,6 @@ def __init__(self, file_path):
     def _load_from_file(self, file_path):
         file_path = os.path.expanduser(file_path)
 
-        if not Path(file_path).is_file():
-            server_config_generator.create_default_config_file(file_path)
         with open(file_path, "r") as f:
             config_content = f.read()
 

monkey/monkey_island/cc/environment/server_config_generator.py

@@ -1,8 +1,21 @@
+import os
 from pathlib import Path
 
-from monkey_island.cc.server_utils.consts import DEFAULT_DEVELOP_SERVER_CONFIG_PATH
+from monkey_island.cc.environment.data_dir_generator import create_data_dir
+from monkey_island.cc.server_utils.consts import (
+    DEFAULT_DATA_DIR,
+    DEFAULT_DEVELOP_SERVER_CONFIG_PATH,
+    DEFAULT_SERVER_CONFIG_PATH,
+)
 
 
-def create_default_config_file(path):
+def create_default_server_config_file() -> str:
+    if not os.path.isfile(DEFAULT_SERVER_CONFIG_PATH):
+        create_data_dir(DEFAULT_DATA_DIR, False)
+        write_default_server_config_to_file(DEFAULT_SERVER_CONFIG_PATH)
+    return DEFAULT_SERVER_CONFIG_PATH
+
+
+def write_default_server_config_to_file(path: str) -> None:
     default_config = Path(DEFAULT_DEVELOP_SERVER_CONFIG_PATH).read_text()
     Path(path).write_text(default_config)

monkey/monkey_island/cc/environment/utils.py

@@ -0,0 +1,5 @@
+import sys
+
+
+def is_windows_os() -> bool:
+    return sys.platform.startswith("win")

monkey/monkey_island/cc/environment/windows_permissions.py

@@ -0,0 +1,34 @@
+from monkey_island.cc.environment.utils import is_windows_os
+
+if is_windows_os():
+    import ntsecuritycon
+    import win32api
+    import win32con
+    import win32security
+
+
+def set_full_folder_access(folder_path: str) -> None:
+    user = get_user_pySID_object()
+
+    security_descriptor = win32security.GetFileSecurity(
+        folder_path, win32security.DACL_SECURITY_INFORMATION
+    )
+    dacl = win32security.ACL()
+    dacl.AddAccessAllowedAce(
+        win32security.ACL_REVISION,
+        ntsecuritycon.FILE_ALL_ACCESS,
+        user,
+    )
+    security_descriptor.SetSecurityDescriptorDacl(1, dacl, 0)
+    win32security.SetFileSecurity(
+        folder_path, win32security.DACL_SECURITY_INFORMATION, security_descriptor
+    )
+
+
+def get_user_pySID_object():
+    # get current user's name
+    username = win32api.GetUserNameEx(win32con.NameSamCompatible)
+    # pySID object for the current user
+    user, _, _ = win32security.LookupAccountName("", username)
+
+    return user

monkey/monkey_island/cc/models/__init__.py

@@ -1,16 +1,24 @@
 from mongoengine import connect
 
-import monkey_island.cc.environment.environment_singleton as env_singleton
+# Needed so that a server_config.json file exists at the default path,
+# otherwise, unit tests will error while importing `env_singleton` below.
+from monkey_island.cc.environment.server_config_generator import (  # noqa: E402
+    create_default_server_config_file,
+)
+
+create_default_server_config_file()
+
+import monkey_island.cc.environment.environment_singleton as env_singleton  # noqa: E402
 
-from .command_control_channel import CommandControlChannel  # noqa: F401
+from .command_control_channel import CommandControlChannel  # noqa: F401, E402
 
 # Order of importing matters here, for registering the embedded and referenced documents before
 # using them.
-from .config import Config  # noqa: F401
-from .creds import Creds  # noqa: F401
-from .monkey import Monkey  # noqa: F401
-from .monkey_ttl import MonkeyTtl  # noqa: F401
-from .pba_results import PbaResults  # noqa: F401
+from .config import Config  # noqa: F401, E402
+from .creds import Creds  # noqa: F401, E402
+from .monkey import Monkey  # noqa: F401, E402
+from .monkey_ttl import MonkeyTtl  # noqa: F401, E402
+from .pba_results import PbaResults  # noqa: F401, E402
 
 connect(
     db=env_singleton.env.mongo_db_name,

monkey/monkey_island/cc/server_utils/consts.py

@@ -1,14 +1,29 @@
 import os
 
+from monkey_island.cc.environment.utils import is_windows_os
+
 __author__ = "itay.mizeretz"
 
+
+def get_default_data_dir() -> str:
+    if is_windows_os():
+        return r"%AppData%\monkey_island"
+    else:
+        return r"$HOME/.monkey_island"
+
+
+SERVER_CONFIG_FILENAME = "server_config.json"
+
 MONKEY_ISLAND_ABS_PATH = os.path.join(os.getcwd(), "monkey_island")
+
+DEFAULT_DATA_DIR = os.path.expandvars(get_default_data_dir())
+
 DEFAULT_MONKEY_TTL_EXPIRY_DURATION_IN_SECONDS = 60 * 5
 
-DEFAULT_SERVER_CONFIG_PATH = os.path.join(MONKEY_ISLAND_ABS_PATH, "cc", "server_config.json")
+DEFAULT_SERVER_CONFIG_PATH = os.path.expandvars(
+    os.path.join(DEFAULT_DATA_DIR, SERVER_CONFIG_FILENAME)
+)
 
 DEFAULT_DEVELOP_SERVER_CONFIG_PATH = os.path.join(
-    MONKEY_ISLAND_ABS_PATH, "cc", "server_config.json.develop"
+    MONKEY_ISLAND_ABS_PATH, "cc", f"{SERVER_CONFIG_FILENAME}.develop"
 )
-
-DEFAULT_DATA_DIR = os.path.join(MONKEY_ISLAND_ABS_PATH, "cc")

monkey/tests/unit_tests/monkey_island/cc/environment/test_environment_config.py

@@ -93,15 +93,3 @@ def test_get_users(standard_with_credentials):
     assert users[0].id == 1
     assert users[0].username == "test"
     assert users[0].secret == "abcdef"
-
-
-def test_generate_default_file(config_file):
-    environment_config = EnvironmentConfig(config_file)
-
-    assert os.path.isfile(config_file)
-
-    assert environment_config.server_config == "password"
-    assert environment_config.deployment == "develop"
-    assert environment_config.user_creds.username == ""
-    assert environment_config.user_creds.password_hash == ""
-    assert environment_config.aws is None

monkey/tests/unit_tests/monkey_island/cc/test_consts.py

@@ -5,8 +5,8 @@
 
 def test_default_server_config_file_path():
     if platform.system() == "Windows":
-        server_file_path = consts.MONKEY_ISLAND_ABS_PATH + r"\cc\server_config.json"
+        server_file_path = f"{consts.DEFAULT_DATA_DIR}\\{consts.SERVER_CONFIG_FILENAME}"
     else:
-        server_file_path = consts.MONKEY_ISLAND_ABS_PATH + "/cc/server_config.json"
+        server_file_path = f"{consts.DEFAULT_DATA_DIR}/{consts.SERVER_CONFIG_FILENAME}"
 
     assert consts.DEFAULT_SERVER_CONFIG_PATH == server_file_path