import uuid
from assemblyline.al.core.controller import ControllerClient
from assemblyline.al.core.agents import ServiceAgentClient
from al_ui.api_base import api_login, make_api_response
from al_ui.apiv3 import core
SUB_API = 'controller'
controller_api = core.make_subapi_blueprint(SUB_API)
controller_api._doc = "Control processing nodes"
@controller_api.route("/pause/<mac>/", methods=["GET"])
@api_login(require_admin=True)
def pause_tasks(mac, **_):
"""
Ask a node terminate all it's current tasks and stop processing new tasks
Variables:
mac => mac address of the node
Arguments:
None
Data Block:
None
Result example:
{ "message_id": UUID } # UUID to look for in the
# control channel to get the
# result of this request
import copy
import json
from al_ui.apiv3 import core
from al_ui.config import STORAGE
from al_ui.api_base import api_login, make_api_response
from flask import request
from assemblyline.al.common.provisioning import Machine, ProvisioningException
from assemblyline.al.common.provisioning import ServiceAllocation
from assemblyline.al.common.provisioning import ServicePodAllocation
from assemblyline.al.common.provisioning import VmAllocation
from assemblyline.al.common import provisioning
SUB_API = 'provisioning'
provisioning_api = core.make_subapi_blueprint(SUB_API)
provisioning_api._doc = "Manage the different processing nodes"
# noinspection PyTypeChecker,PyUnusedLocal
@provisioning_api.route("/plan/apply/", methods=["POST"])
@api_login(require_admin=True)
def apply_plan(**kwargs):
"""
Applies a provisioning plan to the cluster
Variables:
None
Arguments:
None
from al_ui.config import STORAGE, config, KV_SESSION
from al_ui.http_exceptions import AuthenticationException
from al_ui.site_specific import default_authenticator
from assemblyline.al.common import forge
from al_ui.apiv3 import core
from al_ui.api_base import make_api_response, api_login
from assemblyline.al.common.security import generate_random_secret, load_async_key, get_totp_token
from assemblyline.common.isotime import now
from assemblyline.deployment.getters import get_random_password
SUB_API = 'auth'
Classification = forge.get_classification()
auth_api = core.make_subapi_blueprint(SUB_API)
auth_api._doc = "Allow user to authenticate to the web server"
API_PRIV_MAP = {
"READ": ["R"],
"READ_WRITE": ["R", "W"],
"WRITE": ["W"]
}
@auth_api.route("/apikey/<name>/<priv>/", methods=["GET"])
@api_login(audit=False)
def add_apikey(name, priv, **kwargs):
"""
Add an API Key for the currently logged in user with given privileges
Variables:
from flask import request
from assemblyline.common.concurrency import execute_concurrently
from assemblyline.common.importing import module_attribute_by_name
from al_ui.api_base import api_login, make_api_response
from al_ui.apiv3 import core
from al_ui.config import LOGGER, config
from assemblyline.al.datasource.common import hash_type
SUB_API = 'hash_search'
hash_search_api = core.make_subapi_blueprint(SUB_API)
hash_search_api._doc = "Search hashes through multiple data sources"
class SkipDatasource(Exception):
pass
def create_query_datasource(ds):
def query_datasource(h, u):
return {'error': None, 'items': ds.parse(ds.query(h, **u), **u)}
return query_datasource
sources = {}
# noinspection PyBroadException
try:
for name, settings in config.datasources.iteritems():
name = name.lower()
from assemblyline.common.concurrency import execute_concurrently
from assemblyline.al.service.list_queue_sizes import get_service_queue_length
from al_ui.api_base import api_login, make_api_response
from al_ui.apiv3 import core
from al_ui.config import config, STORAGE
SUB_API = 'dashboard'
dashboard_api = core.make_subapi_blueprint(SUB_API)
dashboard_api._doc = "Display systems health"
EXPIRY_BUCKET_LIST = [
"submission", "file", "alert", "result", "error", "filescore"
]
###########################################################################
# Dashboard APIs
@dashboard_api.route("/expiry/", methods=["GET"])
@api_login(audit=False)
def get_expiry_(**_):
"""
Check each buckets to make sure they don't have expired data that remains.
Returns 'true' for each bucket that is fully expired.
Variables:
None
Arguments:
None
from uuid import uuid4
from flask import request
from assemblyline.common import identify
from assemblyline.common.isotime import now_as_iso
from assemblyline.al.common import forge
from assemblyline.al.common.queue import NamedQueue, MultiQueue
from al_ui.apiv3 import core
from al_ui.config import TEMP_SUBMIT_DIR, STORAGE
from al_ui.api_base import api_login, make_api_response
from al_ui.helper.user import remove_ui_specific_options
config = forge.get_config()
SUB_API = 'ingest'
ingest_api = core.make_subapi_blueprint(SUB_API)
ingest_api._doc = "Ingest files for large volume processing"
ingest = MultiQueue(host=config.core.redis.persistent.host,
port=config.core.redis.persistent.port,
db=config.core.redis.persistent.db)
# noinspection PyUnusedLocal
@ingest_api.route("/get_message/<notification_queue>/", methods=["GET"])
@api_login(required_priv=['R'])
def get_message(notification_queue, **kwargs):
"""
Get one message on the specified notification queue
Variables:
from flask import request
from al_ui.apiv3 import core
from al_ui.api_base import api_login, make_api_response
from al_ui.config import STORAGE
from al_ui.helper.result import format_result
from al_ui.http_exceptions import AccessDeniedException
from assemblyline.al.common import forge
config = forge.get_config()
SUB_API = 'service'
service_api = core.make_subapi_blueprint(SUB_API)
service_api._doc = "Manage the different services"
@service_api.route("/<servicename>/", methods=["PUT"])
@api_login(require_admin=True)
def add_service(servicename, **_):
"""
Add a service configuration
Variables:
servicename => Name of the service to add
Arguments:
None
Data Block:
{'accepts': '(archive|executable|java|android)/.*',
'category': 'Extraction',
'classpath': 'al_services.alsvc_extract.Extract',
from copy import deepcopy
from flask import request
from assemblyline.al.common.heuristics import list_all_heuristics
from al_ui.apiv3 import core
from assemblyline.al.common import forge
from al_ui.config import STORAGE
from al_ui.api_base import api_login, make_api_response
SUB_API = 'heuristics'
Classification = forge.get_classification()
heuristics_api = core.make_subapi_blueprint(SUB_API)
heuristics_api._doc = "View the different heuristics of the system"
HEUR, HEUR_MAP = list_all_heuristics(STORAGE.list_services())
@heuristics_api.route("/<heuristic_id>/", methods=["GET"])
@api_login()
def get_heuristic(heuristic_id, **kwargs):
"""
Get a specific heuristic's detail from the system
Variables:
heuristic_id => ID of the heuristic
Arguments:
None
from flask import request
from riak import RiakError
from assemblyline.al.common import forge
config = forge.get_config()
from al_ui.api_base import api_login, make_api_response
from al_ui.apiv3 import core
from al_ui.config import STORAGE
from al_ui.helper.result import format_result
SUB_API = 'submission'
Classification = forge.get_classification()
submission_api = core.make_subapi_blueprint(SUB_API)
submission_api._doc = "Perform operations on system submissions"
@submission_api.route("/<sid>/", methods=["DELETE"])
@api_login()
def delete_submission(sid, **kwargs):
"""
INCOMPLETE
Delete a submission as well as all related
files, results and errors
Variables:
sid => Submission ID to be deleted
Arguments:
from assemblyline.common.isotime import iso_to_epoch
from assemblyline.al.common import forge
from assemblyline.al.common.remote_datatypes import ExclusionWindow
from assemblyline.al.common.transport.local import TransportLocal
from al_ui.api_base import api_login, make_api_response, make_file_response
from al_ui.apiv3 import core
from al_ui.config import LOGGER, STORAGE, ORGANISATION, YARA_PARSER
SUB_API = 'signature'
Classification = forge.get_classification()
config = forge.get_config()
signature_api = core.make_subapi_blueprint(SUB_API)
signature_api._doc = "Perform operations on signatures"
@signature_api.route("/add/", methods=["PUT"])
@api_login(audit=False, required_priv=['W'])
def add_signature(**kwargs):
"""
Add a signature to the system and assigns it a new ID
WARNING: If two person call this method at exactly the
same time, they might get the same ID.
Variables:
None
Arguments:
import uuid
from flask import request
from al_ui.apiv3 import core
from al_ui.api_base import api_login, make_api_response
from al_ui.config import STORAGE, CLASSIFICATION
from riak import RiakError
SUB_API = 'workflow'
workflow_api = core.make_subapi_blueprint(SUB_API)
workflow_api._doc = "Manage the different workflows of the system"
@workflow_api.route("/", methods=["PUT"])
@api_login()
def add_workflow(**_):
"""
Add a workflow to the system
Variables:
None
Arguments:
None
Data Block:
{
"name": "Workflow name", # Name of the workflow
"classification": "", # Max classification for workflow
"label": ['label1'], # Labels for the workflow
import os
import uuid
from assemblyline.al.common import forge
from assemblyline.al.common.bundling import create_bundle as bundle_create, import_bundle as bundle_import,\
SubmissionNotFound, BundlingException, SubmissionAlreadyExist, IncompleteBundle
from al_ui.apiv3 import core
from al_ui.config import STORAGE
from al_ui.api_base import api_login, make_api_response, stream_file_response
from flask import request
SUB_API = 'bundle'
Classification = forge.get_classification()
bundle_api = core.make_subapi_blueprint(SUB_API)
bundle_api._doc = "Create and restore submission bundles"
WORKING_DIR = "/tmp/al_ui"
# noinspection PyBroadException
@bundle_api.route("/create/<sid>/", methods=["GET"])
@api_login(required_priv=['R'])
def create_bundle(sid, **kwargs):
"""
Creates a bundle containing the submission results and the associated files
Variables:
sid => ID of the submission to create the bundle for
