def export(): provider = Provider() search = provider.search() logs = provider.dns_logs() users = provider.users() # Prepare names and variables. filename = str(int(time.time())) + '.csv' download_filename = "snitch_logs_" + filename save_results_as = users.get_user_data_path(current_user.id, filename=filename) # Perform the search. results = search.search_from_request(request, paginate=False, method='get') rows = results['results'] # Export to disk. if not logs.save_results_csv(rows, save_results_as, overwrite=True): flash('Could not generate CSV file.', 'error') return redirect(url_for('logs.index')) # And download. return send_file(save_results_as, attachment_filename=download_filename, as_attachment=True)
def zone_create_from_log(query_log_id): provider = Provider() logging = provider.dns_logs() zones = provider.dns_zones() log = logging.get(query_log_id) if not log: flash('Could not retrieve log record', 'error') return redirect(url_for('home.index')) if log.dns_zone_id > 0: # This means that the zone exists. if not zones.can_access(log.dns_zone_id, current_user.id): # This error is misleading on purpose to prevent zone enumeration. Not that it's important by meh. flash('Could not retrieve log record', 'error') return redirect(url_for('home.index')) flash('Zone already exists', 'error') return redirect(url_for('dns.zone_view', dns_zone_id=log.dns_zone_id)) zone = zones.new(log.domain, True, False, False, current_user.id, update_old_logs=True) if isinstance(zone, list): for error in zone: flash(error, 'error') return redirect(url_for('dns.zone_edit', dns_zone_id=0)) flash('Zone created', 'success') return redirect(url_for('dns.zone_view', dns_zone_id=zone.id))
def zone_restriction_create_from_log(query_log_id): provider = Provider() logging = provider.dns_logs() zones = provider.dns_zones() restrictions = provider.dns_restrictions() log = logging.get(query_log_id) if not log: flash('Could not retrieve log record', 'error') return redirect(url_for('home.index')) if log.dns_zone_id > 0: # This means that the zone exists. if not zones.can_access(log.dns_zone_id, current_user.id): # This error is misleading on purpose to prevent zone enumeration. Not that it's important by meh. flash('Could not retrieve log record', 'error') return redirect(url_for('home.index')) zone = zones.get(log.dns_zone_id) if not zone: flash('Could not load zone', 'error') return redirect(url_for('home.index')) else: # There's a chance that the dns_zone_id equals to zero but the domain exists. This can happen if the zone was # created from the log files, as the IDs aren't updated after a domain is created (after it's been logged). zone = zones.find(log.domain, user_id=current_user.id) if not zone: # If we still can't find it, create it. zone = zones.new(log.domain, True, True, False, current_user.id) if isinstance(zone, list): for error in zone: flash(error, 'error') return redirect(url_for('home.index')) # One last check as it may have been loaded by domain. if not zones.can_access(zone.id, current_user.id): # This error is misleading on purpose to prevent zone enumeration. Not that it's important by meh. flash('Could not retrieve log record', 'error') return redirect(url_for('home.index')) # At this point we should have a valid zone object. First check if the restriction exists. restriction = restrictions.find(zone_id=zone.id, ip_range=log.source_ip, type=2) if not restriction: # Doesn't exist - create it. restriction = restrictions.create(zone_id=zone.id) # Now update and save. restriction = restrictions.save(restriction, zone.id, log.source_ip, 2, True) flash('Restriction rule created', 'success') return redirect(url_for('dns.zone_restrictions', dns_zone_id=zone.id))
def update(self, user_id, type_name, zone_id=None, domain=None): provider = Provider() zones = provider.dns_zones() notifications = provider.notifications() logs = provider.dns_logs() zone = zones.get(zone_id, user_id) if zone_id is not None else zones.find( domain, user_id=user_id) if not zone: return self.send_not_found_response() type = notifications.types.get(name=type_name) if not type: return self.send_error_response( 5006, 'Invalid type: {0}'.format(type_name), '') notification_provider = notifications.providers.get(type_name) if not notification_provider: return self.send_error_response( 5006, 'Internal Error: Invalid provider', '') elif not notification_provider.enabled: return self.send_error_response( 5009, 'Notification provider is disabled', '') subscription = zone.notifications.get(type.name) if not subscription: return self.send_error_response( 5007, 'Invalid notification subscription', '') data = self.get_json([]) if not data: return self.send_error_response(5008, 'No data sent', '') if 'enabled' in data: subscription.enabled = True if data['enabled'] else False # We need to set the last query log id as well. subscription.last_query_log_id = logs.get_last_log_id(zone.id) if 'data' in data: if type.name == 'email': subscription.data = self.__get_valid_emails(data['data']) else: subscription.data = data['data'].strip() subscription.save() return self.get(user_id, type_name, zone_id=zone.id)
def zone_notifications_save(dns_zone_id): provider = Provider() zones = provider.dns_zones() logs = provider.dns_logs() notifications = provider.notifications() if not zones.can_access(dns_zone_id, current_user.id): flash('Access Denied', 'error') return redirect(url_for('home.index')) zone = zones.get(dns_zone_id) if not zone: flash('Zone not found', 'error') return redirect(url_for('home.index')) max_id = logs.get_last_log_id(zone.id) for type in ['email', 'webpush', 'slack', 'teams']: enabled = True if int(request.form.get(type, 0)) == 1 else False notifications.save_zone_subscription(zone.id, type, enabled=enabled, last_query_log_id=max_id) flash('Notification preferences saved', 'success') return redirect(url_for('dns.zone_notifications', dns_zone_id=dns_zone_id))