in itchef/cookbooks/cpe_applocker/libraries/applocker_helpers.rb [93:165]
def xml_to_hash(xml)
policy = {
'Appx' => { 'rules' => [] },
'Dll' => { 'rules' => [] },
'Exe' => { 'rules' => [] },
'Msi' => { 'rules' => [] },
'Script' => { 'rules' => [] },
}
xml.root.children.each do |elem|
next unless elem.is_a?(Nokogiri::XML::Element)
policy[elem['Type']]['mode'] = elem['EnforcementMode']
elem.children.each do |rule|
next unless APPLOCKER_TYPE_MAP.key? rule.node_name
type = APPLOCKER_TYPE_MAP[rule.name]
pol_rule = {
'type' => type,
'name' => rule['Name'],
'id' => rule['Id'],
'action' => rule['Action'],
'description' => rule['Description'],
'user_or_group_sid' => rule['UserOrGroupSid'],
}
conditions = []
rule.children.each do |app_conditions|
app_conditions.children.each do |condition|
case type
when 'path'
next if condition['Path'].nil?
conditions << { 'path' => condition['Path'] }
when 'hash'
condition.children.each do |filehash|
next if filehash['Data'].nil?
conditions << {
'type' => filehash['Type'],
'data' => filehash['Data'],
'file_name' => filehash['SourceFileName'],
'file_length' => filehash['SourceFileLength'],
}
end
when 'certificate'
next if condition['PublisherName'].nil?
bin_publisher = {
'publisher' => condition['PublisherName'],
'product_name' => condition['ProductName'],
'binary_name' => condition['BinaryName'],
}
condition.children.each do |binver|
next if binver['LowSection'].nil?
bin_publisher['binary_version'] = {}
bin_publisher['binary_version']['low'] = binver['LowSection']
bin_publisher['binary_version']['high'] = binver[
'HighSection'
]
end
conditions << bin_publisher
end
end
end
pol_rule['conditions'] = conditions
policy[elem['Type']]['rules'] << pol_rule
end
end
policy
end