kolide · directionless · Oct 14, 2020 · Oct 13, 2020 · Oct 13, 2020 · Oct 13, 2020
diff --git a/pkg/dataflatten/flatten.go b/pkg/dataflatten/flatten.go
@@ -91,10 +91,6 @@ func WithNestedPlist() FlattenOpts {
 // WithLogger sets the logger to use
 func WithLogger(logger log.Logger) FlattenOpts {
 	return func(fl *Flattener) {
-		if logger == nil {
-			return
-		}
-
 		fl.logger = logger
 	}
 }
@@ -103,10 +99,11 @@ func WithLogger(logger log.Logger) FlattenOpts {
 // re-writing arrays into maps, and for filtering. See "Query
 // Specification" for docs.
 func WithQuery(q []string) FlattenOpts {
+	if q == nil || len(q) == 0 {
+		return func(_ *Flattener) {}
+	}
+
 	return func(fl *Flattener) {
-		if q == nil || len(q) == 0 {
-			return
-		}
 		fl.query = q
 	}
 }

diff --git a/pkg/osquery/tables/dataflattentable/tables.go b/pkg/osquery/tables/dataflattentable/tables.go
@@ -82,7 +82,7 @@ func (t *Table) generate(ctx context.Context, queryContext table.QueryContext) (
 		}
 
 		for _, filePath := range filePaths {
-			for _, dataQuery := range tablehelpers.GetConstraints(queryContext, "query", tablehelpers.WithDefaults("")) {
+			for _, dataQuery := range tablehelpers.GetConstraints(queryContext, "query", tablehelpers.WithDefaults("*")) {
 				subresults, err := t.generatePath(filePath, dataQuery)
 				if err != nil {
 					return results, errors.Wrapf(err, "generating for path %s with query", filePath)

diff --git a/pkg/osquery/tables/ioreg/ioreg.go b/pkg/osquery/tables/ioreg/ioreg.go
@@ -104,7 +104,7 @@ func (t *Table) generate(ctx context.Context, queryContext table.QueryContext) (
 								continue
 							}
 
-							for _, dataQuery := range tablehelpers.GetConstraints(queryContext, "query", tablehelpers.WithDefaults("")) {
+							for _, dataQuery := range tablehelpers.GetConstraints(queryContext, "query", tablehelpers.WithDefaults("*")) {
 								// Finally, an inner loop
 
 								ioregOutput, err := t.execIoreg(ctx, ioregArgs)

diff --git a/pkg/osquery/tables/profiles/profiles.go b/pkg/osquery/tables/profiles/profiles.go
@@ -62,7 +62,7 @@ func (t *Table) generate(ctx context.Context, queryContext table.QueryContext) (
 	for _, command := range tablehelpers.GetConstraints(queryContext, "command", tablehelpers.WithAllowedCharacters("abcdefghijklmnopqrstuvwxyz"), tablehelpers.WithDefaults("show")) {
 		for _, profileType := range tablehelpers.GetConstraints(queryContext, "type", tablehelpers.WithAllowedCharacters("abcdefghijklmnopqrstuvwxyz"), tablehelpers.WithDefaults("")) {
 			for _, user := range tablehelpers.GetConstraints(queryContext, "user", tablehelpers.WithAllowedCharacters(userAllowedCharacters), tablehelpers.WithDefaults("_all")) {
-				for _, dataQuery := range tablehelpers.GetConstraints(queryContext, "query", tablehelpers.WithDefaults("")) {
+				for _, dataQuery := range tablehelpers.GetConstraints(queryContext, "query", tablehelpers.WithDefaults("*")) {
 
 					profileArgs := []string{command, "-output", "stdout-xml"}
 

diff --git a/pkg/osquery/tables/pwpolicy/pwpolicy.go b/pkg/osquery/tables/pwpolicy/pwpolicy.go
@@ -33,6 +33,7 @@ type Table struct {
 	client    *osquery.ExtensionManagerClient
 	logger    log.Logger
 	tableName string
+	execCC    func(context.Context, string, ...string) *exec.Cmd
 }
 
 func TablePlugin(client *osquery.ExtensionManagerClient, logger log.Logger) *table.Plugin {
@@ -45,6 +46,7 @@ func TablePlugin(client *osquery.ExtensionManagerClient, logger log.Logger) *tab
 		client:    client,
 		logger:    logger,
 		tableName: "kolide_pwpolicy",
+		execCC:    exec.CommandContext,
 	}
 
 	return table.NewPlugin(t.tableName, columns, t.generate)
@@ -60,7 +62,7 @@ func (t *Table) generate(ctx context.Context, queryContext table.QueryContext) (
 			pwpolicyArgs = append(pwpolicyArgs, "-u", pwpolicyUsername)
 		}
 
-		for _, dataQuery := range tablehelpers.GetConstraints(queryContext, "query", tablehelpers.WithDefaults("")) {
+		for _, dataQuery := range tablehelpers.GetConstraints(queryContext, "query", tablehelpers.WithDefaults("*")) {
 			pwPolicyOutput, err := t.execPwpolicy(ctx, pwpolicyArgs)
 			if err != nil {
 				level.Info(t.logger).Log("msg", "pwpolicy failed", "err", err)
@@ -100,7 +102,7 @@ func (t *Table) execPwpolicy(ctx context.Context, args []string) ([]byte, error)
 	ctx, cancel := context.WithTimeout(ctx, 30*time.Second)
 	defer cancel()
 
-	cmd := exec.CommandContext(ctx, pwpolicyPath, args...)
+	cmd := t.execCC(ctx, pwpolicyPath, args...)
 	cmd.Stdout = &stdout
 	cmd.Stderr = &stderr
 

diff --git a/pkg/osquery/tables/pwpolicy/pwpolicy_test.go b/pkg/osquery/tables/pwpolicy/pwpolicy_test.go
@@ -0,0 +1,74 @@
+//+build darwin
+
+package pwpolicy
+
+import (
+	"context"
+	"os/exec"
+	"path"
+	"testing"
+
+	"github.com/go-kit/kit/log"
+	"github.com/kolide/launcher/pkg/osquery/tables/tablehelpers"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+)
+
+func TestQueries(t *testing.T) {
+	t.Parallel()
+
+	var tests = []struct {
+		name        string
+		file        string
+		queryClause []string
+		len         int
+		err         bool
+	}{
+		{
+			name: "no data, just languages",
+			file: path.Join("testdata", "empty.output"),
+			len:  41,
+		},
+		{
+			file: path.Join("testdata", "test1.output"),
+			len:  148,
+		},
+		{
+			file:        path.Join("testdata", "test1.output"),
+			queryClause: []string{"policyCategoryAuthentication"},
+			len:         8,
+		},
+	}
+
+	for _, tt := range tests {
+		testTable := &Table{
+			logger: log.NewNopLogger(),
+			execCC: execFaker(tt.file),
+		}
+
+		testName := tt.file + "/" + tt.name
+		t.Run(testName, func(t *testing.T) {
+			mockQC := tablehelpers.MockQueryContext(map[string][]string{
+				"query": tt.queryClause,
+			})
+
+			rows, err := testTable.generate(context.TODO(), mockQC)
+
+			if tt.err {
+				require.Error(t, err)
+				return
+			}
+
+			require.NoError(t, err)
+
+			assert.Equal(t, tt.len, len(rows))
+		})
+	}
+
+}
+
+func execFaker(filename string) func(context.Context, string, ...string) *exec.Cmd {
+	return func(ctx context.Context, _ string, _ ...string) *exec.Cmd {
+		return exec.CommandContext(ctx, "/bin/cat", filename)
+	}
+}
diff --git a/pkg/osquery/tables/pwpolicy/testdata/empty.output b/pkg/osquery/tables/pwpolicy/testdata/empty.output
@@ -0,0 +1,98 @@
+Getting global account policies
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>policyCategoryPasswordContent</key>
+	<array>
+		<dict>
+			<key>policyContent</key>
+			<string>policyAttributePassword matches '.{4,}+'</string>
+			<key>policyContentDescription</key>
+			<dict>
+				<key>Dutch</key>
+				<string>Voer een wachtwoord van vier of meer tekens in.</string>
+				<key>English</key>
+				<string>Enter a password that is four characters or more.</string>
+				<key>French</key>
+				<string>Saisissez un mot de passe comportant au moins quatre caractères.</string>
+				<key>German</key>
+				<string>Gib ein Passwort ein, das aus mindestens vier Zeichen besteht.</string>
+				<key>Italian</key>
+				<string>Inserisci una password di quattro o più caratteri.</string>
+				<key>Japanese</key>
+				<string>4文字以上のパスワードを入力してください。</string>
+				<key>Spanish</key>
+				<string>Introduce una contraseña que tenga como mínimo cuatro caracteres.</string>
+				<key>ar</key>
+				<string>أدخل كلمة سر لا تقل عن أربعة أحرف أو رموز.</string>
+				<key>ca</key>
+				<string>Introdueix una contrasenya que tingui quatre caràcters o més.</string>
+				<key>cs</key>
+				<string>Zadejte heslo o minimální délce čtyři znaky.</string>
+				<key>da</key>
+				<string>Skriv en adgangskode på mindst fire tegn.</string>
+				<key>el</key>
+				<string>Εισαγάγετε ένα συνθηματικό που περιέχει τέσσερις ή περισσότερους χαρακτήρες.</string>
+				<key>en_AU</key>
+				<string>Enter a password that is four characters or more.</string>
+				<key>en_GB</key>
+				<string>Enter a password that is four characters or more.</string>
+				<key>es_419</key>
+				<string>Ingresa una contraseña de cuatro caracteres o más.</string>
+				<key>fi</key>
+				<string>Kirjoita salasana, jossa on vähintään neljä merkkiä.</string>
+				<key>fr_CA</key>
+				<string>Saisissez un mot de passe comportant au moins quatre caractères.</string>
+				<key>he</key>
+				<string>הקש/י סיסמה בת ארבעה תווים או יותר.</string>
+				<key>hi</key>
+				<string>चार वर्णों वाला या उससे बड़ा पासवर्ड दर्ज करें।</string>
+				<key>hr</key>
+				<string>Unesite lozinku od četiri ili više znakova.</string>
+				<key>hu</key>
+				<string>Adjon meg egy legalább négy karakterből álló jelszót.</string>
+				<key>id</key>
+				<string>Masukkan kata sandi yang terdiri dari empat karakter atau lebih.</string>
+				<key>ko</key>
+				<string>4자 이상의 암호를 입력하십시오.</string>
+				<key>ms</key>
+				<string>Masukkan kata laluan yang mengandungi empat atau lebih aksara.</string>
+				<key>no</key>
+				<string>Angi et passord på minst fire tegn.</string>
+				<key>pl</key>
+				<string>Podaj hasło składające się z co najmniej czterech znaków.</string>
+				<key>pt</key>
+				<string>Digite uma senha com quatro ou mais caracteres.</string>
+				<key>pt_PT</key>
+				<string>Digite uma palavra‑passe com pelo menos quatro caracteres.</string>
+				<key>ro</key>
+				<string>Introduceți o parolă de minimum patru caractere.</string>
+				<key>ru</key>
+				<string>Введите пароль, состоящий из четырех или более символов.</string>
+				<key>sk</key>
+				<string>Zadajte heslo obsahujúce najmenej štyri znaky.</string>
+				<key>sv</key>
+				<string>Ange ett lösenord som är minst fyra tecken långt.</string>
+				<key>th</key>
+				<string>ป้อนรหัสผ่านที่มีอักขระอย่างน้อยสี่ตัว</string>
+				<key>tr</key>
+				<string>En az dört karakter uzunluğunda bir parola girin.</string>
+				<key>uk</key>
+				<string>Введіть пароль зі щонайменше чотирьох символів.</string>
+				<key>vi</key>
+				<string>Nhập mật khẩu dài 4 ký tự trở lên.</string>
+				<key>zh_CN</key>
+				<string>输入不少于 4 个字符的密码。</string>
+				<key>zh_HK</key>
+				<string>輸入一個四位或更多字元的密碼。</string>
+				<key>zh_TW</key>
+				<string>輸入 4 個字元或更長的密碼。</string>
+			</dict>
+			<key>policyIdentifier</key>
+			<string>com.apple.defaultpasswordpolicy.fde</string>
+		</dict>
+	</array>
+</dict>
+</plist>
+