def indicator_from_header_field(request, email_id): """ Create an indicator from a header field. Should be an AJAX POST. :param request: Django request object (Required) :type request: :class:`django.http.HttpRequest` :param email_id: The ObjectId of the email to get the header from. :type email_id: str :returns: :class:`django.http.HttpResponse` """ if request.method == "POST" and request.is_ajax(): if 'type' in request.POST: header_field = request.POST.get('field') header_type = request.POST.get('type') analyst = request.user.username sources = user_sources(analyst) email = Email.objects(id=email_id, source__name__in=sources).first() if not email: result = {'success': False, 'message': "Could not find email."} else: result = create_indicator_from_header_field( email, header_field, header_type, analyst, request) else: result = {'success': False, 'message': "Type is a required value."} return HttpResponse(json.dumps(result), mimetype="application/json") else: return render_to_response('error.html', {'error': "Expected AJAX POST"}, RequestContext(request))
def indicator_from_header_field(request, email_id): """ Create an indicator from a header field. Should be an AJAX POST. :param request: Django request object (Required) :type request: :class:`django.http.HttpRequest` :param email_id: The ObjectId of the email to get the header from. :type email_id: str :returns: :class:`django.http.HttpResponse` """ if request.method == "POST" and request.is_ajax(): if "type" in request.POST: header_field = request.POST["type"] analyst = request.user.username sources = user_sources(analyst) email = Email.objects(id=email_id, source__name__in=sources).first() if not email: result = {"success": False, "message": "Could not find email."} else: if header_field in ("from_address, sender, reply_to"): ind_type = "Address - e-mail" elif header_field in ("originating_ip", "x_originating_ip"): ind_type = "Address - ipv4-addr" else: ind_type = "String" result = create_indicator_from_header_field(email, header_field, ind_type, analyst, request) else: result = {"success": False, "message": "Type is a required value."} return HttpResponse(json.dumps(result), mimetype="application/json") else: return render_to_response("error.html", {"error": "Expected AJAX POST"}, RequestContext(request))
def indicator_from_header_field(request, email_id): """ Create an indicator from a header field. Should be an AJAX POST. :param request: Django request object (Required) :type request: :class:`django.http.HttpRequest` :param email_id: The ObjectId of the email to get the header from. :type email_id: str :returns: :class:`django.http.HttpResponse` """ if request.method == "POST" and request.is_ajax(): if 'type' in request.POST: header_field = request.POST.get('field') header_type = request.POST.get('type') analyst = request.user.username sources = user_sources(analyst) email = Email.objects(id=email_id, source__name__in=sources).first() if not email: result = { 'success': False, 'message': "Could not find email." } else: result = create_indicator_from_header_field(email, header_field, header_type, analyst, request) else: result = { 'success': False, 'message': "Type is a required value." } return HttpResponse(json.dumps(result), content_type="application/json") else: return render_to_response('error.html', {'error': "Expected AJAX POST"}, RequestContext(request))