Description

• A new parameter named "analysis.citrix_rdp_support" was added to the config table
• the config value is plumbed through to the PostLocalGroups post processing handler
• all of the CanRDP sauce is in FetchCanRDPEntityBitmapForComputer which has been extended to account for computers where Citrix is installed. it essentially makes an additional step of finding all entities that are members of the Direct Access Users group via direct or nested membership and intersects those entities with the entities that have CanRDP privileges through the old attack path (which was membership through the Remote Desktop Users Group)

Motivation and Context

This PR addresses: BED-4611

The exiting logic for creating post processed CanRDP edges did not take into account computers which have Citrix. This changeset introduces a config parameter for Citrix and extends the CanRDP edge creation logic with extra goodness when turned on.

How Has This Been Tested?

• integration tests have been added. the harnesses are beautiful please go enjoy the svg's to get a sense of the different logic paths

Screenshots (optional):

Types of changes

• Chore (a change that does not modify the application functionality)
• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)
• Database Migrations

Checklist:

• I have met the contributing prerequisites
  • Assigned myself to this PR
  • Added the appropriate labels
  • Associated an issue: Issues and Pull Requests README #672
  • Read the Contributing guide: https:/SpecterOps/BloodHound/wiki/Contributing
• I have ensured that related documentation is up-to-date
  • Open API docs
  • Code comments (GoDocs / JSDocs)
• I have followed proper test practices
  • Added/updated tests to cover my changes
  • All new and existing tests passed