def __create_threshold_ticket(data, thres):
service = Service.objects.filter(id=data[1]).last()
defendant = Defendant.objects.filter(customerId=data[0]).last()
ticket = database.create_ticket(defendant, thres.category, service)
database.log_action_on_ticket(
ticket=ticket,
action='create_threshold',
threshold_count=thres.threshold,
threshold_interval=thres.interval,
)
return ticket
def create_ticket(report, denied_by=None, attach_new=False):
"""
Create a `abuse.models.Ticket`
"""
ticket = database.create_ticket(report.defendant, report.category, report.service, priority=report.provider.priority, attach_new=attach_new)
database.log_action_on_ticket(
ticket=ticket,
action='attach_report',
new_ticket=True,
report=report
)
if denied_by:
user = User.objects.get(id=denied_by)
database.log_action_on_ticket(
ticket=ticket,
action='deny_phishtocheck',
user=user,
report=report
)
return ticket
def _reinject_validated(report, user):
trusted = True
ticket = None
if all((report.defendant, report.category, report.service)):
msg = 'Looking for opened ticket for (%s, %s, %s)'
Logger.debug(unicode(msg % (report.defendant.customerId, report.category.name, report.service.name)))
ticket = database.search_ticket(report.defendant, report.category, report.service)
# Checking specific processing workflow
for workflow in ReportWorkflowFactory.instance.registered_instances:
if workflow.identify(report, ticket, is_trusted=trusted) and workflow.apply(report, ticket, trusted, False):
Logger.debug(unicode('Specific workflow %s applied' % (str(workflow.__class__.__name__))))
return
# Create ticket if trusted
new_ticket = False
if not ticket:
ticket = database.create_ticket(report.defendant, report.category, report.service, priority=report.provider.priority)
new_ticket = True
if ticket:
report.ticket = Ticket.objects.get(id=ticket.id)
report.status = 'Attached'
report.save()
database.set_ticket_higher_priority(report.ticket)
database.log_action_on_ticket(
ticket=ticket,
action='attach_report',
report=report,
new_ticket=new_ticket,
user=user
)
try:
__send_ack(report, lang='EN')
except MailerServiceException as ex:
raise MailerServiceException(ex)
def __create_with_services(abuse_report, filename, services):
"""
Create report(s), ticket(s), item(s), defendant(s), service(s), attachment(s) in Cerberus
:param `ParsedEmail` abuse_report: The `ParsedEmail`
:param str filename: The filename of the email
:param dict services: The identified service(s) (see adapters/dao/customer/abstract.py)
:rtype: list
:returns: The list of Cerberus `abuse.models.Report` created
"""
created_reports = []
for data in services: # For identified (service, defendant, items) tuple
report = __create_without_services(abuse_report, filename)
created_reports.append(report)
report.defendant = data['defendant']
report.service = data['service']
report.save()
if report.status == 'Archived': # because autoarchive tag
continue
_, attach_only, no_phishtocheck = __get_attributes_based_on_tags(report, abuse_report.recipients)
__insert_items(report.id, data['items'])
# The provider or the way we received the report
trusted = True if report.provider.trusted or abuse_report.trusted else False
# Looking for existing open ticket for same (service, defendant, category)
ticket = None
if all((report.defendant, report.category, report.service)):
msg = 'Looking for opened ticket for (%s, %s, %s)'
Logger.debug(unicode(msg % (report.defendant.customerId, report.category.name, report.service.name)))
ticket = database.search_ticket(report.defendant, report.category, report.service)
# Checking specific processing workflow
is_workflow_applied = False
for workflow in ReportWorkflowFactory.instance.registered_instances:
if workflow.identify(report, ticket, is_trusted=trusted):
is_workflow_applied = workflow.apply(report, ticket, trusted, no_phishtocheck)
if is_workflow_applied:
database.set_report_specificworkflow_tag(report, str(workflow.__class__.__name__))
Logger.debug(unicode('Specific workflow %s applied' % str(workflow.__class__.__name__)))
break
if is_workflow_applied:
continue
# If attach report only and no ticket found, continue
if not ticket and attach_only:
report.status = 'Archived'
report.save()
continue
# Create ticket if trusted
new_ticket = False
if not ticket and trusted:
ticket = database.create_ticket(report.defendant, report.category, report.service, priority=report.provider.priority)
new_ticket = True
if ticket:
report.ticket = Ticket.objects.get(id=ticket.id)
report.status = 'Attached'
report.save()
database.set_ticket_higher_priority(report.ticket)
database.log_action_on_ticket(
ticket=ticket,
action='attach_report',
report=report,
new_ticket=new_ticket
)
return created_reports
def create_ticket_from_phishtocheck(report=None, user=None):
"""
Create/attach report to ticket + block_url + mail to defendant + email to provider
:param int report: The id of the `abuse.models.Report`
:param int user: The id of the `abuse.models.User`
"""
if not isinstance(report, Report):
try:
report = Report.objects.get(id=report)
except (AttributeError, ObjectDoesNotExist, TypeError, ValueError):
Logger.error(unicode('Report %d cannot be found in DB. Skipping...' % (report)))
return
if not isinstance(user, User):
try:
user = User.objects.get(id=user)
except (AttributeError, ObjectDoesNotExist, TypeError, ValueError):
Logger.error(unicode('User %d cannot be found in DB. Skipping...' % (user)))
return
# Create/attach to ticket
ticket = database.search_ticket(report.defendant, report.category, report.service)
new_ticket = False
if not ticket:
ticket = database.create_ticket(report.defendant, report.category, report.service, priority=report.provider.priority)
new_ticket = True
utils.scheduler.enqueue_in(
timedelta(seconds=settings.GENERAL_CONFIG['phishing']['wait']),
'ticket.timeout',
ticket_id=ticket.id,
timeout=3600,
)
common.get_temp_proofs(ticket, only_urls=True)
report.ticket = ticket
report.status = 'Attached'
report.save()
database.log_action_on_ticket(
ticket=ticket,
action='attach_report',
report=report,
new_ticket=new_ticket
)
database.log_action_on_ticket(
ticket=ticket,
action='validate_phishtocheck',
user=user,
report=report
)
# Sending email to provider
if settings.TAGS['no_autoack'] not in report.provider.tags.all().values_list('name', flat=True):
common.send_email(
ticket,
[report.provider.email],
settings.CODENAMES['ack_received'],
acknowledged_report_id=report.id,
)
utils.default_queue.enqueue('phishing.block_url_and_mail', ticket_id=ticket.id, report_id=report.id)
return ticket
def __create_contact_tickets(services, campaign_name, ip_address, category, email_subject, email_body, user):
# Create fake report
report_subject = 'Campaign %s for ip %s' % (campaign_name, ip_address)
report_body = 'Campaign: %s\nIP Address: %s\n' % (campaign_name, ip_address)
filename = hashlib.sha256(report_body.encode('utf-8')).hexdigest()
__save_email(filename, report_body)
for data in services: # For identified (service, defendant, items) tuple
actions = []
# Create report
report = Report.objects.create(**{
'provider': database.get_or_create_provider('mass_contact'),
'receivedDate': datetime.now(),
'subject': report_subject,
'body': report_body,
'category': category,
'filename': filename,
'status': 'Archived',
'defendant': database.get_or_create_defendant(data['defendant']),
'service': database.get_or_create_service(data['service']),
})
database.log_new_report(report)
# Create item
item_dict = {'itemType': 'IP', 'report_id': report.id, 'rawItem': ip_address}
item_dict.update(utils.get_reverses_for_item(ip_address, nature='IP'))
ReportItem.objects.create(**item_dict)
# Create ticket
ticket = database.create_ticket(
report.defendant,
report.category,
report.service,
priority=report.provider.priority,
attach_new=False,
)
database.add_mass_contact_tag(ticket, campaign_name)
actions.append({'ticket': ticket, 'action': 'create_masscontact', 'campaign_name': campaign_name})
actions.append({'ticket': ticket, 'action': 'change_treatedby', 'new_value': user.username})
report.ticket = ticket
report.save()
Logger.debug(unicode(
'ticket %d successfully created for (%s, %s)' % (ticket.id, report.defendant.customerId, report.service.name)
))
# Send email to defendant
__send_mass_contact_email(ticket, email_subject, email_body)
actions.append({'ticket': ticket, 'action': 'send_email', 'email': report.defendant.details.email})
# Close ticket/report
ticket.resolution = Resolution.objects.get(codename=settings.CODENAMES['fixed_customer'])
ticket.previousStatus = ticket.status
ticket.status = 'Closed'
ticket.save()
actions.append({
'ticket': ticket,
'action': 'change_status',
'previous_value': ticket.previousStatus,
'new_value': ticket.status,
'close_reason': ticket.resolution.codename
})
for action in actions:
database.log_action_on_ticket(**action)
