def create_c2dns():
"""Create c2dns artifact
From Data: domain_name (str), match_type (str), expiration_type (str), expiration_timestamp (date), state(str)
Return: c2dns artifact dictionary"""
entity = c2dns.C2dns(
domain_name=request.json['domain_name'],
match_type=request.json['match_type'],
expiration_type=request.json['expiration_type'],
expiration_timestamp=parser.parse(request.json['expiration_timestamp'])
if request.json.get("expiration_type", None) else None,
state=verify_state(request.json['state']['state']),
created_user_id=current_user.id,
modified_user_id=current_user.id,
owner_user_id=current_user.id)
db.session.add(entity)
try:
db.session.commit()
except exc.IntegrityError:
app.logger.error("Duplicate DNS: '%s'" % entity.domain_name)
abort(409)
except Exception:
app.logger.error("Whitelist validation failed.")
abort(412, description="Whitelist validation failed.")
entity.tags = create_tags_mapping(entity.__tablename__, entity.id,
request.json['tags'])
dirty = False
for name, value_dict in request.json["metadata_values"].iteritems():
if not name or not value_dict:
continue
m = db.session.query(MetadataMapping).join(
Metadata, Metadata.id == MetadataMapping.metadata_id).filter(
Metadata.key == name).filter(
Metadata.artifact_type == ENTITY_MAPPING["DNS"]).filter(
MetadataMapping.artifact_id == entity.id).first()
if m:
m.value = value_dict["value"]
db.session.add(m)
dirty = True
else:
m = db.session.query(Metadata).filter(Metadata.key == name).filter(
Metadata.artifact_type == ENTITY_MAPPING["DNS"]).first()
db.session.add(
MetadataMapping(value=value_dict["value"],
metadata_id=m.id,
artifact_id=entity.id,
created_user_id=current_user.id))
dirty = True
if dirty:
db.session.commit()
return jsonify(entity.to_dict()), 201
def update_c2ip(id):
"""Update c2ip artifact
From Data: ip (str), asn (str), country (str), expiration_timestamp (date), state(str)
Return: c2dns artifact dictionary"""
entity = c2ip.C2ip.query.get(id)
if not entity:
abort(404)
if not current_user.admin and entity.owner_user_id != current_user.id:
abort(403)
entity = c2ip.C2ip(
ip=request.json['ip'],
asn=request.json['asn'],
country=request.json['country'],
description=request.json.get("description", None),
references=request.json.get("references", None),
state=verify_state(request.json['state']['state']) if request.json['state'] and 'state' in request.json['state']
else verify_state(request.json['state']),
expiration_timestamp=parser.parse(request.json['expiration_timestamp']) if request.json.get(
"expiration_timestamp", None) else None,
owner_user_id=request.json['owner_user']['id'] if request.json.get("owner_user", None) and request.json[
"owner_user"].get("id", None) else None,
id=id,
modified_user_id=current_user.id,
active=request.json.get("active", entity.active)
)
db.session.merge(entity)
try:
db.session.commit()
except exc.IntegrityError:
app.logger.error("Duplicate IP: '%s'" % entity.ip)
abort(409, description="Duplicate IP: '%s'" % entity.ip)
delete_tags_mapping(entity.__tablename__, entity.id)
create_tags_mapping(entity.__tablename__, entity.id, request.json['tags'])
entity.save_metadata(request.json.get("metadata_values", {}))
entity = c2ip.C2ip.query.get(entity.id)
return jsonify(entity.to_dict()), 200
def create_c2ip():
"""Create c2ip artifact
JSON Body: ip (str), asn (str), country (str), expiration_timestamp (date), state(str)
Return: c2dns artifact dictionary"""
entity = c2ip.C2ip(
ip=request.json['ip'],
asn=request.json['asn'],
country=request.json['country'],
description=request.json.get("description", None),
references=request.json.get("references", None),
state=verify_state(request.json['state']['state']),
expiration_timestamp=parser.parse(request.json['expiration_timestamp'])
if request.json.get("expiration_timestamp", None) else None,
created_user_id=current_user.id,
modified_user_id=current_user.id,
owner_user_id=current_user.id,
active=request.json.get("active", True)
)
db.session.add(entity)
try:
db.session.commit()
except exc.IntegrityError:
app.logger.error("Duplicate IP: '%s'" % entity.ip)
abort(409, description="Duplicate IP: '%s'" % entity.ip)
except Exception:
app.logger.error("Whitelist validation failed.")
abort(412, description="Whitelist validation failed.")
entity.tags = create_tags_mapping(entity.__tablename__, entity.id, request.json['tags'])
if request.json.get('new_comment', None):
create_comment(request.json['new_comment'],
ENTITY_MAPPING["IP"],
entity.id,
current_user.id)
entity.save_metadata(request.json.get("metadata_values", {}))
return jsonify(entity.to_dict()), 201
def update_c2dns(id):
"""Update c2dns artfifact
From Data: domain_name (str), match_type (str), expiration_type (str), expiration_timestamp (date), state(str)
Return: c2dns artifact dictionary"""
entity = c2dns.C2dns.query.get(id)
if not entity:
abort(404)
if not current_user.admin and entity.owner_user_id != current_user.id:
abort(403)
entity = c2dns.C2dns(
state=verify_state(request.json['state']['state'])
if request.json['state'] and 'state' in request.json['state'] else
verify_state(request.json['state']),
domain_name=request.json['domain_name'],
match_type=request.json['match_type'],
expiration_type=request.json['expiration_type'],
expiration_timestamp=parser.parse(request.json['expiration_timestamp'])
if request.json.get("expiration_timestamp", None) else None,
id=id,
owner_user_id=request.json['owner_user']['id']
if request.json.get("owner_user", None)
and request.json["owner_user"].get("id", None) else None,
modified_user_id=current_user.id)
db.session.merge(entity)
try:
db.session.commit()
except exc.IntegrityError:
app.logger.error("Duplicate DNS: '%s'" % (entity.domain_name))
abort(409)
create_tags_mapping(entity.__tablename__, entity.id,
request.json['addedTags'])
delete_tags_mapping(entity.__tablename__, entity.id,
request.json['removedTags'])
dirty = False
for name, value_dict in request.json["metadata_values"].iteritems():
if not name or not value_dict:
continue
m = db.session.query(MetadataMapping).join(
Metadata, Metadata.id == MetadataMapping.metadata_id).filter(
Metadata.key == name).filter(
Metadata.artifact_type == ENTITY_MAPPING["DNS"]).filter(
MetadataMapping.artifact_id == entity.id).first()
if m:
m.value = value_dict["value"]
db.session.add(m)
dirty = True
else:
m = db.session.query(Metadata).filter(Metadata.key == name).filter(
Metadata.artifact_type == ENTITY_MAPPING["DNS"]).first()
db.session.add(
MetadataMapping(value=value_dict["value"],
metadata_id=m.id,
artifact_id=entity.id,
created_user_id=current_user.id))
dirty = True
if dirty:
db.session.commit()
entity = c2dns.C2dns.query.get(entity.id)
return jsonify(entity.to_dict()), 200
def batch_update(batch, artifact, session, include_tags=True):
category = dict()
fields_to_update = dict()
if 'description' in batch and batch['description']:
fields_to_update['description'] = batch['description']
if 'expiration_timestamp' in batch and batch[
'expiration_timestamp'] and hasattr(artifact,
'expiration_timestamp'):
fields_to_update['expiration_timestamp'] = batch[
'expiration_timestamp']
if 'category' in batch and batch['category'] and hasattr(
artifact, 'category'):
fields_to_update['category'] = batch['category']['category'] \
if batch['category'] and 'category' in batch['category'] \
else None
category_entity = CfgCategoryRangeMapping.query \
.filter(CfgCategoryRangeMapping.category == fields_to_update['category']) \
.first()
category['id'] = category_entity.id
if category_entity and not category_entity.current:
category['current'] = category_entity.range_min
else:
category['current'] = category_entity.current
if category_entity.current + 1 > category_entity.range_max:
abort(400)
if 'state' in batch and batch['state']:
fields_to_update['state'] = verify_state(batch['state']['state']) \
if batch['state'] and 'state' in batch['state'] \
else verify_state(batch['state'])
if 'owner_user' in batch and batch['owner_user']:
fields_to_update['owner_user_id'] = batch['owner_user']['id'] \
if batch.get("owner_user", None) and batch["owner_user"].get("id", None) \
else None
artifact_events_to_update = []
for batch_id in batch['ids']:
entity = artifact.query.get(batch_id)
if not entity:
abort(404)
if not current_user.admin and entity.owner_user_id != current_user.id:
abort(403)
if 'category' in fields_to_update and fields_to_update['category'] and hasattr(artifact, 'eventid') and \
entity.category != fields_to_update['category']:
category['current'] = category['current'] + 1
artifact_events_to_update.append({
'event_id': category['current'],
'artifact_id': batch_id
})
if fields_to_update and 'ids' in batch and batch['ids']:
session.execute(
artifact.__table__.update().values(fields_to_update).where(
artifact.id.in_(batch['ids'])))
for artifact_events_to_update in artifact_events_to_update:
session.execute(artifact.__table__.update().values({
'eventid':
artifact_events_to_update['event_id']
}).where(artifact.id == artifact_events_to_update['artifact_id']))
if category:
update_cfg_category_range_mapping_current(category['id'],
category['current'])
session.commit()
if include_tags and 'tags' in batch and batch['tags']:
batch_create_tags_mapping(artifact.__tablename__, batch['ids'],
batch['tags'])
return jsonify(''), 200