def _objects_get(api_root_name, collection, query):
try:
envelop = {}
envelop['more'] = False
envelop['objects'] = []
objects = []
limit, next_ = _pagination_info(query)
index = 0
remaining, cursor = apply_filter(
query,
_get_can_read_communities(collection))
for stix_object in cursor:
if stix_object.deleted:
continue
envelop['objects'].append(stix_object.object_value)
objects.append(stix_object)
index += 1
remaining -= 1
if index == limit:
if remaining > 0:
envelop['more'] = True
envelop['next'] = str(next_ + limit)
break
response_header = taxii_resp.get_response_header(objects)
return taxii_resp.ok(envelop, response_header=response_header)
except Exception as e:
return taxii_resp.server_error(e)
def _object_get(api_root_name, collection, object_id, query):
try:
envelop = {}
envelop['more'] = False
envelop['objects'] = []
objects = []
can_read_communities = _get_can_read_communities(collection)
if StixObject.objects.filter(object_id=object_id, community__in=can_read_communities).count() == 0:
return taxii_resp.not_found()
query = _set_object_id_in_query(query, object_id)
limit, next_ = _pagination_info(query)
index = 0
remaining, cursor = apply_filter(query, can_read_communities)
for stix_object in cursor:
if stix_object.deleted:
continue
objects.append(stix_object)
envelop['objects'].append(stix_object.object_value)
index += 1
remaining -= 1
if index == limit:
if remaining > 0:
envelop['more'] = True
envelop['next'] = str(next_ + limit)
break
response_header = taxii_resp.get_response_header(objects)
return taxii_resp.ok(envelop, response_header=response_header)
except Exception as e:
return taxii_resp.server_error(e)
def discovery(request):
try:
if not auth_check(request):
return taxii_resp.unauhorized()
payload = Discovery.get_discovery_response()
return taxii_resp.ok(payload)
except Exception as e:
return taxii_resp.server_error(e)
def status(request, api_root_name, status_id):
try:
if not ApiRoot.auth_check(request, api_root_name):
return taxii_resp.unauhorized()
status = Status.objects.get(status_id=status_id)
except Status.DoesNotExist:
return taxii_resp.not_found()
return taxii_resp.ok(status.get_status())
def api_root(request, api_root_name):
try:
if not ApiRoot.auth_check(request, api_root_name):
return taxii_resp.unauhorized()
api_root = ApiRoot.get_api_root(api_root_name)
if api_root:
return taxii_resp.ok(api_root)
return taxii_resp.not_found()
except ApiRoot.DoesNotExist:
return taxii_resp.not_found()
except Exception as e:
return taxii_resp.server_error(e)
def collection(request, api_root_name, collection_id):
try:
if not ApiRoot.auth_check(request, api_root_name):
return taxii_resp.unauhorized()
collection = ApiRoot.get_collection(api_root_name, collection_id)
if collection:
return taxii_resp.ok(collection.get_collection_info())
return taxii_resp.not_found()
except ApiRoot.DoesNotExist:
return taxii_resp.not_found()
except Exception as e:
return taxii_resp.server_error(e)
def collections(request, api_root_name):
try:
if not ApiRoot.auth_check(request, api_root_name):
return taxii_resp.unauhorized()
collections = ApiRoot.get_collections(api_root_name)
if not collections:
return taxii_resp.not_found()
resp = {'collections': collections}
return taxii_resp.ok(resp)
except ApiRoot.DoesNotExist:
return taxii_resp.not_found()
except Exception as e:
return taxii_resp.server_error(e)
def versions(request, api_root_name, collection_id, object_id):
try:
if not ApiRoot.auth_check(request, api_root_name):
return taxii_resp.unauhorized()
collection = ApiRoot.get_collection(api_root_name, collection_id)
if not collection:
return taxii_resp.not_found()
if not collection['can_read']:
return taxii_resp.forbidden()
can_read_communities = _get_can_read_communities(collection)
if StixObject.objects.filter(object_id=object_id, community__in=can_read_communities).count() == 0:
return taxii_resp.not_found()
more = False
query = parse_query(request)
objects = []
versions_list = []
query = _set_object_id_in_query(query, object_id)
limit, next_ = _pagination_info(query)
index = 0
remaining, cursor = apply_filter(query, can_read_communities)
for doc in cursor:
if doc.deleted:
continue
stix_objects = StixObject.objects.filter(
object_id=doc.object_id,
community__in=can_read_communities)
for stix_object in stix_objects:
if not stix_object.deleted:
objects.append(stix_object)
versions_list.append(stix_object.modified)
index += 1
remaining -= 1
if index == limit:
if remaining > 0:
more = True
break
versions = {}
versions['more'] = more
versions['versions'] = versions_list
response_header = taxii_resp.get_response_header(objects)
return taxii_resp.ok(versions, response_header=response_header)
except ApiRoot.DoesNotExist:
return taxii_resp.not_found()
except Exception as e:
return taxii_resp.server_error(e)
def _manifest_get(api_root_name, collection, query):
try:
manifest_records = []
objects = []
limit, next_ = _pagination_info(query)
index = 0
more = False
remaining, manifests = apply_filter(
query,
_get_can_read_communities(collection))
for stix_object in manifests:
if stix_object.deleted:
continue
stix_manifest = StixManifest.objects.get(
object_id=stix_object.object_id)
manifest_record = _get_manifest_record(
stix_object,
stix_manifest.media_types[0])
manifest_records.append(manifest_record)
objects.append(stix_object)
index += 1
remaining -= 1
if index == limit:
if remaining > 0:
more = True
if len(manifest_records) == 0:
return taxii_resp.ok({})
manifest = {}
manifest['more'] = more
manifest['objects'] = manifest_records
response_header = taxii_resp.get_response_header(objects)
return taxii_resp.ok(manifest, response_header=response_header)
except Exception as e:
return taxii_resp.server_error(e)
def _object_delete(api_root_name, collection, object_id, query):
try:
query = _set_object_id_in_query(query, object_id)
_, cursor = apply_filter(
query,
_get_can_write_communities(collection))
for stix_object in cursor:
modified = stix_object.modified
stix_object.deleted = True
stix_object.save()
stix_manifest = StixManifest.objects.get(
object_id=stix_object.object_id)
stix_manifest.deleted_versions.append(modified)
stix_manifest.versions.remove(modified)
if len(stix_manifest.versions) == 0:
stix_manifest.deleted = True
stix_manifest.save()
return taxii_resp.ok({})
except Exception as e:
return taxii_resp.server_error(e)