def upload_topo(api, request, id_):
if not api.user:
raise AuthError()
if request.method == 'POST':
form = UploadScenarioInfoForm(request.POST, request.FILES)
if form.is_valid():
f = request.FILES['topologyfile']
file_content = f.read()
api.scenario_modify(id_, {'topology_info_json': file_content})
return redirect("scenario_info", id_=id_)
else:
return render(
request, "form.html", {
'form':
form,
"heading":
"Edit Scenario %s" % id_,
'message_before':
"Here you can upload a topology file to update the topology info of the scenario."
})
else:
form = UploadScenarioInfoForm()
return render(
request, "form.html", {
'form':
form,
"heading":
"Edit Scenario %s" % id_,
'message_before':
"Here you can upload a topology file to update the topology info of the scenario."
})
def info(api, request, id): #@ReservedAssignment
if not api.user:
raise AuthError()
info = api.topology_info(id)
#Load Tutorial.
tutorial_state = {'enabled': False}
#Legacy Tutorial saves (#TODO: remove this in the next release)
tut_stat = None
tut_url = None
allow_tutorial = True
if info['attrs'].has_key('_tutorial_disabled'):
allow_tutorial = not info['attrs']['_tutorial_disabled']
if allow_tutorial:
if info['attrs'].has_key('_tutorial_url'):
tut_url = info['attrs']['_tutorial_url']
if info['attrs'].has_key('_tutorial_status'):
tut_stat = info['attrs']['_tutorial_status']
tutorial_state = {
'enabled': True,
'url': tut_url,
'step': tut_stat,
'data': {}
}
#New Tutorial saves. These have higher preference than the legacy ones
if info['attrs'].has_key('_tutorial_state'):
tutorial_state = info['attrs']['_tutorial_state']
return _display(api, request, info, tutorial_state)
def list(api, request, show_all=False, organization=None):
if not api.user:
raise AuthError()
toplist = api.topology_list(showAll=show_all, organization=organization)
orgas = api.organization_list()
for top in toplist:
top['attrs']['tutorial_enabled'] = (
top['attrs'].has_key('_tutorial_url')
and not (top['attrs']['_tutorial_disabled'] if top['attrs'].
has_key('_tutorial_disabled') else False) #old tutorials
) or (top['attrs']['_tutorial_state']['enabled'] if
(top['attrs'].has_key('_tutorial_state')
and top['attrs']['_tutorial_state'].has_key('enabled')) else
top['attrs'].has_key('_tutorial_state') #new tutorials
)
top['processed'] = {
'timeout_critical':
top['timeout'] - time.time() <
serverInfo()['topology_timeout']['warning']
}
return render(
request, "topology/list.html", {
'top_list': toplist,
'organization': organization,
'orgas': orgas,
'show_all': show_all
})
def list(api, request, with_flag=None, organization=True):
if not api.user:
raise AuthError()
organization_description = None
if organization is True:
organization = api.user.organization
if organization:
organization_description = api.organization_info(
organization)['description']
accs = api.account_list(organization=organization)
orgas = api.organization_list()
flags = api.account_flags()
flag_categories = api.account_flag_categories()
if with_flag:
acclist_new = []
for acc in accs:
if with_flag in acc['flags']:
acclist_new.append(acc)
accs = acclist_new
for acc in accs:
acc['flags_name'] = mark_safe(u'\n'.join(
render_account_flag_fixedlist(api,
acc['flags'],
flags=flags,
flag_categories=flag_categories)))
return render(
request, "account/list.html", {
'accounts': accs,
'orgas': orgas,
'with_flag': with_flag,
'organization': organization,
'organization_description': organization_description
})
def element(api, request, id): #@ReservedAssignment
if not api.user:
raise AuthError()
usage = api.element_usage(id)
return render(request, "main/usage.html", {
'usage': json.dumps(usage),
'name': 'Element #%d' % int(id)
})
def topology(api, request, id): #@ReservedAssignment
if not api.user:
raise AuthError()
usage = api.topology_usage(id)
return render(request, "main/usage.html", {
'usage': json.dumps(usage),
'name': 'Topology #%s' % id
})
def dump_export(api, request, source, dump_id,data=False):
if not api.user:
raise AuthError()
dump = api.errordump_info(source,dump_id,data)
filename = re.sub('[^\w\-_\. :]', '_', source.lower() + "__" + dump_id ) + ".errordump.json"
response = HttpResponse(json.orig.dumps(dump, indent = 2), content_type="application/json")
response['Content-Disposition'] = 'attachment; filename="' + filename + '"'
return response
def organization(api, request, name): #@ReservedAssignment
if not api.user:
raise AuthError()
usage = api.organization_usage(name)
return render(request, "main/usage.html", {
'usage': json.dumps(usage),
'name': 'Organization %s' % name
})
def host(api, request, name): #@ReservedAssignment
if not api.user:
raise AuthError()
usage = api.host_usage(name)
return render(request, "main/usage.html", {
'usage': json.dumps(usage),
'name': 'Host %s' % name
})
def connection(api, request, id): #@ReservedAssignment
if not api.user:
raise AuthError()
usage = api.connection_usage(id)
return render(request, "main/usage.html", {
'usage': json.dumps(usage),
'name': 'Connection #%s' % id
})
def account(api, request, id): #@ReservedAssignment
if not api.user:
raise AuthError()
usage = api.account_usage(id)
return render(request, "main/usage.html", {
'usage': json.dumps(usage),
'name': 'Account %s' % id
})
def download_topo(api, request, id_):
if not api.user:
raise AuthError()
scenario = api.scenario_info(id_)
topo_json = scenario["topology_info_json"]
filename = re.sub('[^\w\-_\. ]', '_', scenario["name"].lower().replace(
" ", "_")) + "__" + id_ + ".tomato4.json"
response = HttpResponse(topo_json, content_type="application/json")
response['Content-Disposition'] = 'attachment; filename="' + filename + '"'
return response
def info(api, request, id): # @ReservedAssignment
if not api.user:
raise AuthError()
info = api.topology_info(id)
#Load Tutorial.
tutorial_state = {'enabled': False}
if info.has_key('_tutorial_state'):
tutorial_state = info['_tutorial_state']
return _display(api, request, info, tutorial_state)
def export(api, request, id):
if not api.user:
raise AuthError()
top = api.topology_export(id)
filename = re.sub('[^\w\-_\. ]', '_',
top['topology']['name'].lower().replace(
" ", "_")) + "__" + id + ".tomato4.json"
response = HttpResponse(json.orig.dumps(top, indent=2),
content_type="application/json")
response['Content-Disposition'] = 'attachment; filename="' + filename + '"'
return response
def accept(api, request, id):
if not api.user:
raise AuthError()
user = api.account_info(id)
flags = user["flags"]
for flag in ["new_account", "over_quota"]:
if flag in flags:
flags.remove(flag)
api.account_modify(id, attrs={"flags": flags})
api.account_send_notification(id, subject="Account activated", message="Your account has been activated by an administrator. Now you are ready to start your first topology. Please see the tutorials to learn how to use ToMaTo.", from_support=True)
return HttpResponseRedirect(reverse("tomato.account.info", kwargs={"id": id}))
def list_(api, request, show):
if api.user:
user = api.user.name
else:
raise AuthError()
scenario_list = api.scenario_list(user, show)
return render(request, "scenario/list.html", {
'scenario_list': scenario_list,
'show': show,
})
def list(api, request, with_flag=None, organization=True):
if not api.user:
raise AuthError()
organization_label = None
if organization is True:
organization = api.user.organization
if organization:
organization_label = api.organization_info(organization)['label']
accs = api.account_list(organization=organization, with_flag=with_flag)
orgas = api.organization_list()
flag_config = api.account_flag_configuration()
for acc in accs:
acc['flags_name'] = mark_safe(u'\n'.join(render_account_flag_fixedlist(api,acc['flags'], flag_config=flag_config)))
return render(request, "account/list.html", {'accounts': accs, 'orgas': orgas, 'with_flag': with_flag, 'organization':organization, 'organization_label':organization_label})
def info(api, request, id=None):
if not api.user:
raise AuthError()
user = api.account_info(id) if id else api.user.data
organization = api.organization_info(user["organization"])
user["reason"] = user.get("_reason")
flags = []
for flag in user["flags"] or []:
if flag in userflags.flags:
flags.append(userflags.flags[flag])
else:
flags.append(flag+" (unknown flag)")
flaglist = mark_safe(u'\n'.join(render_account_flag_fixedlist(api, user['flags'] or [])))
return render(request, "account/info.html", {"account": user, "organization": organization, "flags": flags, 'flaglist': flaglist})
def import_(api, request):
if not api.user:
raise AuthError()
if request.method == 'POST':
form = ImportTopologyForm(request.POST, request.FILES)
if form.is_valid():
f = request.FILES['topologyfile']
topology_structure = json.load(f)
id_, _, _, errors = api.topology_import(topology_structure)
api.topology_modify(id_, {'_initialized': True})
if errors != []:
errors = [
"%s %s: failed to set %s=%r, %s" %
(type_, cid, key, val, err)
for type_, cid, key, val, err in errors
]
note = "Errors occured during import:\n" + "\n".join(errors)
t = api.topology_info(id_)
if t['attrs'].has_key('_notes') and t['attrs']['_notes']:
note += "\n__________\nOriginal Notes:\n" + t['attrs'][
'_notes']
api.topology_modify(id_, {
'_notes': note,
'_notes_autodisplay': True
})
return redirect("tomato.topology.info", id=id_)
else:
return render(
request, "form.html", {
'form':
form,
"heading":
"Import Topology",
'message_before':
"Here you can import a topology file which you have previously exported from the Editor."
})
else:
form = ImportTopologyForm()
return render(
request, "form.html", {
'form':
form,
"heading":
"Import Topology",
'message_before':
"Here you can import a topology file which you have previously exported from the Editor."
})
def edit(api, request, id):
if not api.user:
raise AuthError()
user = api.account_info(id)
if request.method == 'POST':
form = AccountChangeForm(api, request.REQUEST)
if form.is_valid():
data = form.cleaned_data
if not api.user.isAdmin(data["organization"]):
del data["flags"]
del data["organization"]
del data["name"]
del data["password2"]
if not data["password"]:
del data["password"]
send_mail = data.get("send_mail", False)
if "send_mail" in data:
del data["send_mail"]
if 'flags' in data:
old_flags = api.account_info(id)['flags']
newflags = {}
for flag in api.account_flags().iterkeys():
if flag in data['flags']:
if flag not in old_flags:
newflags[flag] = True
else:
if flag in old_flags:
newflags[flag] = False
data['flags'] = newflags
api.account_modify(id, attrs=data)
if send_mail:
api.account_send_notification(id, subject="Account modified", message="Your account has been modified by an administrator. Please check your account details for the changes.", from_support=True)
request.session["user"].updateData(api)
return HttpResponseRedirect(reverse("tomato.account.info", kwargs={"id": id}))
else:
data = user.copy()
data["send_mail"] = user["id"] != api.user.id
form = AccountChangeForm(api, data)
return render(request, "form.html", {"account": user, "form": form, "heading":"Edit Account "+user["id"]})
def list_(api, request):
if not api.user:
raise AuthError()
ss_list = api.security_software_list()
return render(request, "security_resources/security_software_list.html",
{'ss_list': ss_list})
def list_(api, request):
if not api.user:
raise AuthError()
vul_list = api.vulnerability_list()
return render(request, "security_resources/vulnerability_list.html", {'vul_list': vul_list})
def list_(api, request):
if not api.user:
raise AuthError()
mc_list = api.malicious_code_list()
return render(request, "security_resources/malicious_code_list.html" , {'mc_list': mc_list})
def create(api, request):
if not api.user:
raise AuthError()
info = api.topology_create()
api.topology_modify(info['id'], {'_initialized': False})
return redirect("tomato.topology.info", id=info["id"])
def initial_parse(self, raw):
if raw.get('type') != 'message_new':
raise ValueError('wrong event type')
if not checkpw(raw.get('secret', '').encode('utf8'), self.secret):
raise AuthError('wrong secret')
msg = raw.get('object', {}).get('message')
if not msg:
raise ValueError('no object')
carousel = raw.get('object', {}).get('client_info',
{}).get('carousel', False)
text = msg.get('text', '')
_id = self.get_sender(raw)
if text == '!!' and self.last[_id] is not None:
msg = self.last[_id]
text = msg.get('text', '')
else:
self.last[_id] = msg
text = self.aliases.get(text, text)
parsed = self.parse_text(text)
args = []
if parsed['args']:
args.append({'type': 'text', 'text': parsed['args']})
for att in msg.get('attachments'):
_dict = None
if att['type'] == 'photo':
photo = att['photo']
_dict = {
'type': 'vk_attachment',
'content': 'photo',
'attachment': f"photo{photo['owner_id']}_{photo['id']}",
'raw': photo
}
elif att['type'] == 'doc':
d = att['doc']
s = f"doc{d['owner_id']}_{d['id']}"
if 'access_key' in d:
s += '_' + d['access_key']
_dict = {
'type': 'vk_attachment',
'content': 'document',
'attachment': s,
'raw': d
}
if _dict:
args.append(_dict)
special = {'vk_upload': {}}
if carousel and (len(parsed['ids']) > 1 or 'all' in parsed['ids']):
special['photo_processing'] = {
'aspect_ratio': [13, 8],
'max_dim': 1536
}
return {
'action': parsed['action'],
'ids': parsed['ids'],
'room': parsed['room'],
'args': args,
'excepts': parsed['excepts'],
'special': special
}