Beispiel #1
0
def apimethod_remove_plugin(plugin_file):
    """Removes a custom plugin from the systems"""
    try:
        plugin_path = os.path.join(END_FOLDER, plugin_file)
        if not os.path.isfile(plugin_path):
            raise APIPluginFileNotFound(plugin_file)
        plugin = PluginFile()
        # TODO: make some handy wrapper to combine read and check
        plugin.read(plugin_path, encoding='latin1')
        plugin.check()  # validate and load all the plugins data
        plugin_data = get_plugin_data_for_plugin_id(plugin.plugin_id)
        if plugin_data is not None:
            if plugin_data.plugin_type == PluginDataType.ALIENVAULT_PLUGIN:
                raise APICannotBeRemoved("This is an AlienVault Plugin. It cannot be removed")
        # Remove the sids
        remove_plugin_data(plugin.plugin_id)
        remove_plugin_from_sensors(plugin_path)
        # Remove sql file locally (it's located only on server)
        os.remove(plugin_path + '.sql')
    except Exception as e:
        api_log.error("[apimethod_remove_plugin] {}".format(e))
        if not isinstance(e, APIException):
            raise APICannotBeRemoved("{}".format(e))
        else:
            raise
Beispiel #2
0
def apimethod_remove_plugin(plugin_file):
    """Removes a custom plugin from the systems"""
    try:
        plugin_path = os.path.join(END_FOLDER, plugin_file)
        if not os.path.isfile(plugin_path):
            raise APIPluginFileNotFound(plugin_file)
        plugin = PluginFile()
        # TODO: make some handy wrapper to combine read and check
        plugin.read(plugin_path, encoding='latin1')
        plugin.check()  # validate and load all the plugins data
        plugin_data = get_plugin_data_for_plugin_id(plugin.plugin_id)
        if plugin_data is not None:
            if plugin_data.plugin_type == PluginDataType.ALIENVAULT_PLUGIN:
                raise APICannotBeRemoved(
                    "This is an AlienVault Plugin. It cannot be removed")
        # Remove the sids
        remove_plugin_data(plugin.plugin_id)
        remove_plugin_from_sensors(plugin_path)
        # Remove sql file locally (it's located only on server)
        os.remove(plugin_path + '.sql')
    except Exception as e:
        api_log.error("[apimethod_remove_plugin] {}".format(e))
        if not isinstance(e, APIException):
            raise APICannotBeRemoved("{}".format(e))
        else:
            raise
Beispiel #3
0
class PluginTester(object):
    """
    Plugin Tester class.
    """
    def __init__(self, plugin_file):
        """
        Constructor
        Args:
            plugin_file:The plugin configuration file
        """
        self.__plugin_file_name = plugin_file
        self.__plugin_file = None
        self.__plugin_loaded = False

    def __load_plugin(self):
        self.__plugin_file = PluginFile()
        self.__plugin_file.read(plugin_file=self.__plugin_file_name,
                                encoding='latin1')
        self.__plugin_loaded = True

    def process(self):
        """Processes the plugin checks"""

        if not self.__plugin_loaded:
            self.__load_plugin()
        try:
            data = self.__plugin_file.check()
        except Exception as e:
            api_log.warning("[PluginTester] Cannot check the plugin %s" %
                            str(e))
            raise APICannotCheckPlugin(self.__plugin_file_name)
        return data
Beispiel #4
0
class PluginTester(object):
    """
    Plugin Tester class.
    """

    def __init__(self, plugin_file):
        """
        Constructor
        Args:
            plugin_file:The plugin configuration file
        """
        self.__plugin_file_name = plugin_file
        self.__plugin_file = None
        self.__plugin_loaded = False

    def __load_plugin(self):
        self.__plugin_file = PluginFile()
        self.__plugin_file.read(plugin_file=self.__plugin_file_name, encoding='latin1')
        self.__plugin_loaded = True

    def process(self):
        """Processes the plugin checks"""

        if not self.__plugin_loaded:
            self.__load_plugin()
        try:
            data = self.__plugin_file.check()
        except Exception as e:
            api_log.warning("[PluginTester] Cannot check the plugin %s" % str(e))
            raise APICannotCheckPlugin(self.__plugin_file_name)
        return data
Beispiel #5
0
def apimethod_upload_plugin(plugin_file, vendor, model, version, product_type, overwrite=False):
    """Uploads and verifies a given plugin file"""

    # 1 - check whether the plugin is a valid file or not
    try:
        temporal_plg_path = os.path.join(TEMPORAL_FOLDER, plugin_file)
        plugin_destination_path = os.path.join(END_FOLDER, plugin_file)
        temporal_plg_sql_path = temporal_plg_path + '.sql'
        plugin_asec_path = os.path.join(TEMPORAL_FOLDER, plugin_file)

        # The PluginCheck object will be able to check the syntax of a given plugin
        # return the available set of rules, etc.
        plugin = PluginFile()
        plugin.read(temporal_plg_path, encoding='latin1')
        data = plugin.check()

        data["need_overwrite"] = False
        if data["error_count"] > 0:
            raise APIInvalidPlugin(plugin.get_latest_error_msg())

        if os.path.exists(plugin_destination_path) and not overwrite:
            data["need_overwrite"] = True
            return data

        # Choose what to do: insert or update
        need_to_update = get_plugin_data_for_plugin_id(plugin.plugin_id) and overwrite
        save_plugin_data_func = update_plugin_data if need_to_update else insert_plugin_data

        # Load plugin SQl into the DB.
        with open(temporal_plg_sql_path) as plugin_raw_sql:
            success, msg = save_plugin_from_raw_sql(plugin_raw_sql.read())
            if not success:
                raise APICannotSavePlugin(msg)

        # Save plugin data.
        success, msg = save_plugin_data_func(plugin.plugin_id,
                                             plugin_name=plugin_file,
                                             vendor=vendor,
                                             model=model,
                                             version=version,
                                             nsids=len(data["rules"]),
                                             product_type=product_type)
        if not success:
            raise APICannotSavePlugin(msg)

        # 2 - Save plugin with the appropriate headers (vendor:model:version)
        if not plugin.save(destination=plugin_destination_path, vendor=vendor, model=model,
                           product_type=product_type, version=version):
            remove_plugin_data(plugin.plugin_id)
            raise APICannotSavePlugin(message=plugin.get_latest_error_msg() or "Cannot save plugin file.")

        # Copy plugin sql file to plugins custom dir
        copy(temporal_plg_sql_path, END_FOLDER)

        # Remove via ansible due to file permissions
        remove_file(['127.0.0.1'], plugin_asec_path)
        remove_file(['127.0.0.1'], plugin_asec_path + '.sql')
        # TODO: Is the plugin fd already in use? What is the next free plugin id?
        # 3 - Synchronize Plugins.
        from celerymethods.tasks.monitor_tasks import monitor_sync_custom_plugins
        # Force synchronization
        job = monitor_sync_custom_plugins.delay()
        if job.id is None:
            raise APICannotSavePlugin("Cannot synchronize the plugin.")
        data["synchronization_job"] = job.id
    except Exception as e:
        api_log.error("[apimethod_upload_plugin] {}".format(str(e)))
        if not isinstance(e, APIException):
            raise APICannotSavePlugin()
        raise

    # The method should return a python dic with the job id (the one that is synchronizing the plugins) and
    # the list of plugin sids for the plugin.
    return data
Beispiel #6
0
def apimethod_upload_plugin(plugin_file,
                            vendor,
                            model,
                            version,
                            product_type,
                            overwrite=False):
    """Uploads and verifies a given plugin file"""

    # 1 - check whether the plugin is a valid file or not
    try:
        temporal_plg_path = os.path.join(TEMPORAL_FOLDER, plugin_file)
        plugin_destination_path = os.path.join(END_FOLDER, plugin_file)
        temporal_plg_sql_path = temporal_plg_path + '.sql'
        plugin_asec_path = os.path.join(TEMPORAL_FOLDER, plugin_file)

        # The PluginCheck object will be able to check the syntax of a given plugin
        # return the available set of rules, etc.
        plugin = PluginFile()
        plugin.read(temporal_plg_path, encoding='latin1')
        data = plugin.check()

        data["need_overwrite"] = False
        if data["error_count"] > 0:
            raise APIInvalidPlugin(plugin.get_latest_error_msg())

        if os.path.exists(plugin_destination_path) and not overwrite:
            data["need_overwrite"] = True
            return data

        # Choose what to do: insert or update
        need_to_update = get_plugin_data_for_plugin_id(
            plugin.plugin_id) and overwrite
        save_plugin_data_func = update_plugin_data if need_to_update else insert_plugin_data

        # Load plugin SQl into the DB.
        with open(temporal_plg_sql_path) as plugin_raw_sql:
            success, msg = save_plugin_from_raw_sql(plugin_raw_sql.read())
            if not success:
                raise APICannotSavePlugin(msg)

        # Save plugin data.
        success, msg = save_plugin_data_func(plugin.plugin_id,
                                             plugin_name=plugin_file,
                                             vendor=vendor,
                                             model=model,
                                             version=version,
                                             nsids=len(data["rules"]),
                                             product_type=product_type)
        if not success:
            raise APICannotSavePlugin(msg)

        # 2 - Save plugin with the appropriate headers (vendor:model:version)
        if not plugin.save(destination=plugin_destination_path,
                           vendor=vendor,
                           model=model,
                           product_type=product_type,
                           version=version):
            remove_plugin_data(plugin.plugin_id)
            raise APICannotSavePlugin(message=plugin.get_latest_error_msg()
                                      or "Cannot save plugin file.")

        # Copy plugin sql file to plugins custom dir
        copy(temporal_plg_sql_path, END_FOLDER)

        # Remove via ansible due to file permissions
        remove_file(['127.0.0.1'], plugin_asec_path)
        remove_file(['127.0.0.1'], plugin_asec_path + '.sql')
        # TODO: Is the plugin fd already in use? What is the next free plugin id?
        # 3 - Synchronize Plugins.
        from celerymethods.tasks.monitor_tasks import monitor_sync_custom_plugins
        # Force synchronization
        job = monitor_sync_custom_plugins.delay()
        if job.id is None:
            raise APICannotSavePlugin("Cannot synchronize the plugin.")
        data["synchronization_job"] = job.id
    except Exception as e:
        api_log.error("[apimethod_upload_plugin] {}".format(str(e)))
        if not isinstance(e, APIException):
            raise APICannotSavePlugin()
        raise

    # The method should return a python dic with the job id (the one that is synchronizing the plugins) and
    # the list of plugin sids for the plugin.
    return data