def upload_attach(request, email_id):
"""
Upload an attachment for an email.
:param request: Django request object (Required)
:type request: :class:`django.http.HttpRequest`
:param email_id: The ObjectId of the email to upload attachment for.
:type email_id: str
:returns: :class:`django.http.HttpResponse`
"""
analyst = request.user.username
sources = user_sources(analyst)
email = Email.objects(id=email_id, source__name__in=sources).first()
if not email:
error = "Could not find email."
return render_to_response("error.html",
{"error": error},
RequestContext(request))
if request.method == 'POST':
form = EmailAttachForm(request.user.username,
request.POST,
request.FILES)
if form.is_valid():
cleaned_data = form.cleaned_data
reference = cleaned_data['source_reference']
campaign = cleaned_data['campaign']
confidence = cleaned_data['confidence']
source = cleaned_data['source']
bucket_list = cleaned_data.get(form_consts.Common.BUCKET_LIST_VARIABLE_NAME)
ticket = cleaned_data.get(form_consts.Common.TICKET_VARIABLE_NAME)
if request.FILES or 'filename' in request.POST and 'md5' in request.POST:
result = create_email_attachment(email,
cleaned_data,
reference,
source,
analyst,
campaign=campaign,
confidence=confidence,
bucket_list=bucket_list,
ticket=ticket,
files=request.FILES.get('filedata',None),
filename=request.POST.get('filename', None),
md5=request.POST.get('md5', None))
if not result['success']:
return render_to_response("error.html",
{"error": result['message'] },
RequestContext(request))
return HttpResponseRedirect(reverse('crits.emails.views.email_detail',
args=[email_id]))
else:
return render_to_response("error.html",
{"error": '%s' % form.errors },
RequestContext(request))
else:
return HttpResponseRedirect(reverse('crits.emails.views.email_detail',
args=[email_id]))
def upload_attach(request, email_id):
"""
Upload an attachment for an email.
:param request: Django request object (Required)
:type request: :class:`django.http.HttpRequest`
:param email_id: The ObjectId of the email to upload attachment for.
:type email_id: str
:returns: :class:`django.http.HttpResponse`
"""
analyst = request.user.username
sources = user_sources(analyst)
email = Email.objects(id=email_id, source__name__in=sources).first()
if not email:
error = "Could not find email."
return render_to_response("error.html", {"error": error},
RequestContext(request))
if request.method == 'POST':
form = EmailAttachForm(request.user.username, request.POST,
request.FILES)
if form.is_valid():
cleaned_data = form.cleaned_data
reference = cleaned_data['source_reference']
campaign = cleaned_data['campaign']
confidence = cleaned_data['confidence']
source = cleaned_data['source']
bucket_list = cleaned_data.get(
form_consts.Common.BUCKET_LIST_VARIABLE_NAME)
ticket = cleaned_data.get(form_consts.Common.TICKET_VARIABLE_NAME)
if request.FILES or 'filename' in request.POST and 'md5' in request.POST:
result = create_email_attachment(
email,
cleaned_data,
reference,
source,
analyst,
campaign=campaign,
confidence=confidence,
bucket_list=bucket_list,
ticket=ticket,
files=request.FILES.get('filedata', None),
filename=request.POST.get('filename', None),
md5=request.POST.get('md5', None))
if not result['success']:
return render_to_response("error.html",
{"error": result['message']},
RequestContext(request))
return HttpResponseRedirect(
reverse('crits.emails.views.email_detail', args=[email_id]))
else:
return render_to_response("error.html",
{"error": '%s' % form.errors},
RequestContext(request))
else:
return HttpResponseRedirect(
reverse('crits.emails.views.email_detail', args=[email_id]))
def upload_sample(request, event_id):
"""
Upload a sample to associate with this event.
:param request: Django request object (Required)
:type request: :class:`django.http.HttpRequest`
:param event_id: The ObjectId of the event to associate with this sample.
:type event_id: str
:returns: :class:`django.http.HttpResponse`, :class:`django.http.HttpResponse`
"""
if request.method == 'POST': # and request.is_ajax():
form = EmailAttachForm(request.user.username,
request.POST,
request.FILES)
if form.is_valid():
cleaned_data = form.cleaned_data
analyst = request.user.username
filedata = request.FILES.get('filedata', None)
filename = request.POST.get('filename', None)
md5 = request.POST.get('md5', None)
results = add_sample_for_event(event_id,
cleaned_data,
analyst,
filedata=filedata,
filename=filename,
md5=md5)
if results['success']:
return HttpResponseRedirect(
reverse('crits.events.views.view_event', args=[event_id])
)
else:
return render_to_response("error.html",
{"error": results['error']},
RequestContext(request))
else:
return render_to_response("error.html",
{"error": '%s' % form.errors},
RequestContext(request))
else:
return HttpResponseRedirect(reverse('crits.events.views.view_event',
args=[event_id]))
def upload_sample(request, event_id):
"""
Upload a sample to associate with this event.
:param request: Django request object (Required)
:type request: :class:`django.http.HttpRequest`
:param event_id: The ObjectId of the event to associate with this sample.
:type event_id: str
:returns: :class:`django.http.HttpResponse`, :class:`django.http.HttpResponse`
"""
if request.method == 'POST': # and request.is_ajax():
form = EmailAttachForm(request.user.username, request.POST,
request.FILES)
if form.is_valid():
cleaned_data = form.cleaned_data
analyst = request.user.username
filedata = request.FILES.get('filedata', None)
filename = request.POST.get('filename', None)
md5 = request.POST.get('md5', None)
results = add_sample_for_event(event_id,
cleaned_data,
analyst,
filedata=filedata,
filename=filename,
md5=md5)
if results['success']:
return HttpResponseRedirect(
reverse('crits.events.views.view_event', args=[event_id]))
else:
return render_to_response("error.html",
{"error": results['error']},
RequestContext(request))
else:
return render_to_response("error.html",
{"error": '%s' % form.errors},
RequestContext(request))
else:
return HttpResponseRedirect(
reverse('crits.events.views.view_event', args=[event_id]))
def upload_child(request, parent_md5):
"""
Upload a new child sample.
:param request: Django request object (Required)
:type request: :class:`django.http.HttpRequest`
:param parent_md5: The MD5 of the parent sample.
:type parent_md5: str
:returns: :class:`django.http.HttpResponse`
"""
new_samples = []
if request.method == "POST":
form = EmailAttachForm(request.user.username, request.POST, request.FILES)
if form.is_valid():
if request.FILES or 'filename' in request.POST and 'md5' in request.POST:
# Child samples inherit all of the sources of the parent.
parent = Sample.objects(md5=parent_md5).first()
if not parent:
return render_to_response('error.html',
{'error': "Unable to find parent."},
RequestContext(request))
source = parent.source
campaign_name = request.POST['campaign']
confidence = request.POST['confidence']
parent.campaign.append(EmbeddedCampaign(name=campaign_name, confidence=confidence, analyst=request.user.username))
campaigns = parent.campaign
try:
if request.FILES:
new_samples = handle_uploaded_file(request.FILES["filedata"],
source,
None,
form.cleaned_data["file_format"],
form.cleaned_data["password"],
user=request.user.username,
campaign=campaigns,
parent_md5=parent_md5,
bucket_list=form.cleaned_data[form_consts.Common.BUCKET_LIST_VARIABLE_NAME],
ticket=form.cleaned_data[form_consts.Common.TICKET_VARIABLE_NAME])
else:
filename = request.POST['filename'].strip()
md5= request.POST['md5'].strip().lower()
if not filename or not md5:
error = "Need a file, or a filename and an md5."
return render_to_response('error.html',
{'error': error},
RequestContext(request))
else:
new_samples = handle_uploaded_file(None,
source,
None,
form.cleaned_data["file_format"],
form.cleaned_data["password"],
user=request.user.username,
campaign=campaigns,
parent_md5=parent_md5,
filename=filename,
bucket_list=form.cleaned_data[form_consts.Common.BUCKET_LIST_VARIABLE_NAME],
ticket=form.cleaned_data[form_consts.Common.TICKET_VARIABLE_NAME],
md5=md5)
except ZipFileError, zfe:
return render_to_response('error.html',
{'error': zfe.value},
RequestContext(request))
else:
return render_to_response('error.html',
{'error': "Need a file, or a filename and an md5."},
RequestContext(request))
else:
return render_to_response('error.html',
{'error': 'form error'},
RequestContext(request))
def get_event_details(event_id, analyst):
"""
Generate the data to render the Event details template.
:param event_id: The ObjectId of the Event to get details for.
:type event_id: str
:param analyst: The user requesting this information.
:type analyst: str
:returns: template (str), arguments (dict)
"""
template = None
sources = user_sources(analyst)
event = Event.objects(id=event_id, source__name__in=sources).first()
if not event:
template = "error.html"
args = {'error': "ID does not exist or insufficient privs for source"}
return template, args
event.sanitize("%s" % analyst)
campaign_form = CampaignForm()
upload_form = EmailAttachForm(analyst)
download_form = DownloadFileForm(initial={
"obj_type": 'Event',
"obj_id": event_id
})
# remove pending notifications for user
remove_user_from_notification("%s" % analyst, event.id, 'Event')
# subscription
subscription = {
'type': 'Event',
'id': event.id,
'subscribed': is_user_subscribed("%s" % analyst, 'Event', event.id),
}
#objects
objects = event.sort_objects()
#relationships
relationships = event.sort_relationships("%s" % analyst, meta=True)
# relationship
relationship = {'type': 'Event', 'value': event.id}
#comments
comments = {'comments': event.get_comments(), 'url_key': event.id}
# favorites
favorite = is_user_favorite("%s" % analyst, 'Event', event.id)
# services
manager = crits.service_env.manager
service_list = manager.get_supported_services('Event', True)
args = {
'service_list': service_list,
'objects': objects,
'relationships': relationships,
'comments': comments,
'favorite': favorite,
'relationship': relationship,
'subscription': subscription,
'event': event,
'campaign_form': campaign_form,
'upload_form': upload_form,
'download_form': download_form
}
return template, args
def upload_child(request, parent_md5):
"""
Upload a new child sample.
:param request: Django request object (Required)
:type request: :class:`django.http.HttpRequest`
:param parent_md5: The MD5 of the parent sample.
:type parent_md5: str
:returns: :class:`django.http.HttpResponse`
"""
new_samples = []
if request.method == "POST":
form = EmailAttachForm(request.user.username, request.POST,
request.FILES)
if form.is_valid():
if request.FILES or 'filename' in request.POST and 'md5' in request.POST:
# Child samples inherit all of the sources of the parent.
parent = Sample.objects(md5=parent_md5).first()
if not parent:
return render_to_response(
'error.html', {'error': "Unable to find parent."},
RequestContext(request))
source = parent.source
campaign_name = request.POST['campaign']
confidence = request.POST['confidence']
parent.campaign.append(
EmbeddedCampaign(name=campaign_name,
confidence=confidence,
analyst=request.user.username))
campaigns = parent.campaign
try:
if request.FILES:
new_samples = handle_uploaded_file(
request.FILES["filedata"],
source,
None,
form.cleaned_data["file_format"],
form.cleaned_data["password"],
user=request.user.username,
campaign=campaigns,
parent_md5=parent_md5,
bucket_list=form.cleaned_data[
form_consts.Common.BUCKET_LIST_VARIABLE_NAME],
ticket=form.cleaned_data[
form_consts.Common.TICKET_VARIABLE_NAME])
else:
filename = request.POST['filename'].strip()
md5 = request.POST['md5'].strip().lower()
if not filename or not md5:
error = "Need a file, or a filename and an md5."
return render_to_response('error.html',
{'error': error},
RequestContext(request))
else:
new_samples = handle_uploaded_file(
None,
source,
None,
form.cleaned_data["file_format"],
form.cleaned_data["password"],
user=request.user.username,
campaign=campaigns,
parent_md5=parent_md5,
filename=filename,
bucket_list=form.cleaned_data[
form_consts.Common.
BUCKET_LIST_VARIABLE_NAME],
ticket=form.cleaned_data[
form_consts.Common.TICKET_VARIABLE_NAME],
md5=md5)
except ZipFileError, zfe:
return render_to_response('error.html',
{'error': zfe.value},
RequestContext(request))
else:
return render_to_response(
'error.html',
{'error': "Need a file, or a filename and an md5."},
RequestContext(request))
else:
return render_to_response('error.html', {'error': 'form error'},
RequestContext(request))
