Ejemplo n.º 1
0
def parse_row_to_bound_object_form(request, rowData, cache):
    """
    Parse a row from mass object upload into an AddObjectForm.

    :param request: The Django request.
    :type request: :class:`django.http.HttpRequest`
    :param rowData: The row data.
    :type rowData: dict
    :param cache: Cached data, typically for performance enhancements
                  during bulk operations.
    :type cache: dict
    :returns: :class:`crits.objects.forms.AddObjectForm`
    """

    bound_form = None

    # TODO fix the hardcoded strings and conversion of types
    # TODO Add common method to convert data to string
    object_type = rowData.get(form_consts.Object.OBJECT_TYPE, "")
    value = rowData.get(form_consts.Object.VALUE, "")
    source = rowData.get(form_consts.Object.SOURCE, "")
    method = rowData.get(form_consts.Object.METHOD, "")
    reference = rowData.get(form_consts.Object.REFERENCE, "")
    otype = rowData.get(form_consts.Object.PARENT_OBJECT_TYPE, "")
    oid = rowData.get(form_consts.Object.PARENT_OBJECT_ID, "")
    is_add_indicator = convert_string_to_bool(
        rowData.get(form_consts.Object.ADD_INDICATOR, "False"))

    all_obj_type_choices = cache.get("object_types")

    if all_obj_type_choices == None:
        all_obj_type_choices = [(c[0], c[0], {
            'datatype': c[1].keys()[0],
            'datatype_value': c[1].values()[0]
        }) for c in get_object_types(False)]
        cache["object_types"] = all_obj_type_choices

    data = {
        'object_type': object_type,
        'value': value,
        'source': source,
        'method': method,
        'reference': reference,
        'otype': otype,
        'oid': oid,
        'add_indicator': is_add_indicator
    }

    bound_form = cache.get("object_form")

    if bound_form == None:
        bound_form = AddObjectForm(request.user, all_obj_type_choices, data)
        cache['object_form'] = bound_form
    else:
        bound_form.data = data

    bound_form.full_clean()

    return bound_form
Ejemplo n.º 2
0
def parse_row_to_bound_object_form(request, rowData, cache):
    """
    Parse a row from mass object upload into an AddObjectForm.

    :param request: The Django request.
    :type request: :class:`django.http.HttpRequest`
    :param rowData: The row data.
    :type rowData: dict
    :param cache: Cached data, typically for performance enhancements
                  during bulk operations.
    :type cache: dict
    :returns: :class:`crits.objects.forms.AddObjectForm`
    """

    bound_form = None

    # TODO fix the hardcoded strings and conversion of types
    # TODO Add common method to convert data to string
    object_type = rowData.get(form_consts.Object.OBJECT_TYPE, "")
    value = rowData.get(form_consts.Object.VALUE, "")
    source = rowData.get(form_consts.Object.SOURCE, "")
    method = rowData.get(form_consts.Object.METHOD, "")
    reference = rowData.get(form_consts.Object.REFERENCE, "")
    otype = rowData.get(form_consts.Object.PARENT_OBJECT_TYPE, "")
    oid = rowData.get(form_consts.Object.PARENT_OBJECT_ID, "")
    is_add_indicator = convert_string_to_bool(rowData.get(form_consts.Object.ADD_INDICATOR, "False"))

    all_obj_type_choices = cache.get("object_types")

    if all_obj_type_choices == None:
        all_obj_type_choices = [(c[0],
                c[0],
                {'datatype':c[1].keys()[0],
                 'datatype_value':c[1].values()[0]}
                ) for c in get_object_types(False)]
        cache["object_types"] = all_obj_type_choices

    data = {
        'object_type': object_type,
        'value': value,
        'source': source,
        'method': method,
        'reference': reference,
        'otype': otype,
        'oid': oid,
        'add_indicator': is_add_indicator
    }

    bound_form = cache.get("object_form")

    if bound_form == None:
        bound_form = AddObjectForm(request.user, all_obj_type_choices, data)
        cache['object_form'] = bound_form
    else:
        bound_form.data = data

    bound_form.full_clean()

    return bound_form
Ejemplo n.º 3
0
Archivo: views.py Proyecto: vsbca/crits
def bulk_add_object(request):
    """
    Bulk add objects.

    :param request: The Django request.
    :type request: :class:`django.http.HttpRequest`
    :returns: :class:`django.http.HttpResponse`
    """

    formdict = form_to_dict(AddObjectForm(request.user))

    if request.method == "POST" and request.is_ajax():
        acl = get_acl_object(request.POST['otype'])
        user = request.user
        if user.has_access_to(acl.OBJECTS_ADD):
            response = parse_bulk_upload(request,
                                         parse_row_to_bound_object_form,
                                         add_new_handler_object_via_bulk,
                                         formdict)
        else:
            response = {
                'success': False,
                'message': 'User does not have permission to add objects'
            }

        return HttpResponse(json.dumps(response, default=json_handler),
                            content_type="application/json")
    else:
        return render_to_response(
            'bulk_add_default.html', {
                'formdict': formdict,
                'title': "Bulk Add Objects",
                'table_name': 'object'
            }, RequestContext(request))
Ejemplo n.º 4
0
def bulk_add_object(request):
    """
    Bulk add objects.

    :param request: The Django request.
    :type request: :class:`django.http.HttpRequest`
    :returns: :class:`django.http.HttpResponse`
    """

    all_obj_type_choices = [(c[0],
                            c[0],
                            {'datatype':c[1].keys()[0],
                            'datatype_value':c[1].values()[0]}
                            ) for c in get_object_types(False, query={'datatype.file':{'$exists':0}})]

    formdict = form_to_dict(AddObjectForm(request.user, all_obj_type_choices))

    if request.method == "POST" and request.is_ajax():
        response = parse_bulk_upload(request, parse_row_to_bound_object_form, add_new_handler_object_via_bulk, formdict)

        return HttpResponse(json.dumps(response,
                            default=json_handler),
                            mimetype='application/json')
    else:
        return render_to_response('bulk_add_default.html',
                                  {'formdict': formdict,
                                  'title': "Bulk Add Objects",
                                  'table_name': 'object'},
                                  RequestContext(request))
Ejemplo n.º 5
0
def validate_and_add_new_handler_object(data, rowData, request, errors,
                                        row_counter, is_validate_only=False,
                                        is_sort_relationships=False,
                                        cache={}, obj=None):
    """
    Validate an object and then add it to the database.

    :param data: The data for the object.
    :type data: dict
    :param rowData: Data from the row if using mass object upload.
    :type rowData: dict
    :param request: The Django request.
    :type request: :class:`django.http.HttpRequest`
    :param errors: List of existing errors to append to.
    :type errors: list
    :param row_counter: Which row we are working on (for error tracking).
    :type row_counter: int
    :param is_validate_only: Only validate.
    :type is_validate_only: bool
    :param cache: Cached data, typically for performance enhancements
                  during bulk operations.
    :type cache: dict
    :returns: tuple of (<result>, <errors>, <retVal>)
    """

    result = False
    retVal = {}

    bound_form = parse_row_to_bound_object_form(request, rowData, cache)

    if bound_form.is_valid():
        (result,
         retVal) = add_new_handler_object(data, rowData, request, obj=obj,
                                          is_validate_only=is_validate_only,
                                          is_sort_relationships=is_sort_relationships)
        if not result and 'message' in retVal:
            errors.append("%s #%s - %s" % (form_consts.Common.OBJECTS_DATA,
                                           str(row_counter),
                                           retVal['message']))
    else:
        formdict = cache.get("object_formdict")

        if formdict == None:
            object_form = AddObjectForm(request.user)
            formdict = form_to_dict(object_form)
            cache['object_formdict'] = formdict

        for name, errorMessages in bound_form.errors.items():
            entry = get_field_from_label(name, formdict)
            if entry == None:
                continue
            for message in errorMessages:
                errors.append("%s #%s - %s - %s" % (form_consts.Common.OBJECTS_DATA,
                                                    str(row_counter),
                                                    name,
                                                    message))
        result = False

    return result, errors, retVal
Ejemplo n.º 6
0
def bulk_add_domain(request):
    """
    Bulk add domains via a bulk upload form.

    Args:
        request: The Django context which contains information about the
            session and key/value pairs for the bulk add domains request

    Returns:
        If the request is not a POST and not a Ajax call then:
            Returns a rendered HTML form for a bulk add of domains
        If the request is a POST and a Ajax call then:
            Returns a response that contains information about the
            status of the bulk uploaded domains. This may include information
            such as domains that failed or successfully added. This may
            also contain helpful status messages about each operation.
    """

    formdict = form_to_dict(AddDomainForm(request.user))
    user = request.user

    if request.method == "POST" and request.is_ajax():
        if user.has_access_to(DomainACL.WRITE):
            response = process_bulk_add_domain(request, formdict)
        else:
            response = {
                "success": False,
                "message": "User does not have permission to add domains."
            }

        return HttpResponse(json.dumps(response, default=json_handler),
                            content_type="application/json")
    else:
        if user.has_access_to(DomainACL.WRITE):
            objectformdict = form_to_dict(AddObjectForm(request.user))
            return render_to_response(
                'bulk_add_default.html', {
                    'formdict': formdict,
                    'objectformdict': objectformdict,
                    'title': "Bulk Add Domains",
                    'table_name': 'domain',
                    'local_validate_columns': [form_consts.Domain.DOMAIN_NAME],
                    'custom_js': "domain_handsontable.js",
                    'is_bulk_add_objects': True
                }, RequestContext(request))
        else:
            response = {
                "success": False,
                "message": "User does not have permission to add domains."
            }
            return HttpResponse(json.dumps(response, default=json_handler),
                                content_type="application/json")
Ejemplo n.º 7
0
def bulk_add_domain(request):
    """
    Bulk add domains via a bulk upload form.

    Args:
        request: The Django context which contains information about the
            session and key/value pairs for the bulk add domains request

    Returns:
        If the request is not a POST and not a Ajax call then:
            Returns a rendered HTML form for a bulk add of domains
        If the request is a POST and a Ajax call then:
            Returns a response that contains information about the
            status of the bulk uploaded domains. This may include information
            such as domains that failed or successfully added. This may
            also contain helpful status messages about each operation.
    """

    all_obj_type_choices = [(c[0],
                            c[0],
                            {'datatype':c[1].keys()[0],
                            'datatype_value':c[1].values()[0]}
                            ) for c in get_object_types(False)]

    formdict = form_to_dict(AddDomainForm(request.user))

    if request.method == "POST" and request.is_ajax():
        response = process_bulk_add_domain(request, formdict);

        return HttpResponse(json.dumps(response,
                            default=json_handler),
                            mimetype='application/json')
    else:
        objectformdict = form_to_dict(AddObjectForm(request.user, all_obj_type_choices))

        return render_to_response('bulk_add_default.html',
                                 {'formdict': formdict,
                                  'objectformdict': objectformdict,
                                  'title': "Bulk Add Domains",
                                  'table_name': 'domain',
                                  'local_validate_columns': [form_consts.Domain.DOMAIN_NAME],
                                  'custom_js': "domain_handsontable.js",
                                  'is_bulk_add_objects': True},
                                  RequestContext(request));
Ejemplo n.º 8
0
def bulk_add_md5_sample(request):
    """
    Bulk add samples via a bulk upload form.

    Args:
        request: The Django context which contains information about the
            session and key/value pairs for the bulk add request

    Returns:
        If the request is not a POST and not a Ajax call then:
            Returns a rendered HTML form for a bulk add of domains
        If the request is a POST and a Ajax call then:
            Returns a response that contains information about the
            status of the bulk add. This may include information
            such as items that failed or successfully added. This may
            also contain helpful status messages about each operation.
    """

    formdict = form_to_dict(
        UploadFileForm(request.user, request.POST, request.FILES))
    objectformdict = form_to_dict(AddObjectForm(request.user))

    if request.method == "POST" and request.is_ajax():
        response = process_bulk_add_md5_sample(request, formdict)

        return HttpResponse(json.dumps(response, default=json_handler),
                            content_type="application/json")
    else:
        return render(
            request,
            'bulk_add_default.html',
            {
                'formdict': formdict,
                'objectformdict': objectformdict,
                'title': "Bulk Add Samples",
                'table_name': 'sample',
                'local_validate_columns': [form_consts.Sample.MD5],
                'is_bulk_add_objects': True
            },
        )
Ejemplo n.º 9
0
def bulk_add_object(request):
    """
    Bulk add objects.

    :param request: The Django request.
    :type request: :class:`django.http.HttpRequest`
    :returns: :class:`django.http.HttpResponse`
    """

    formdict = form_to_dict(AddObjectForm(request.user))

    if request.method == "POST" and request.is_ajax():
        response = parse_bulk_upload(request, parse_row_to_bound_object_form,
                                     add_new_handler_object_via_bulk, formdict)

        return HttpResponse(json.dumps(response, default=json_handler),
                            mimetype='application/json')
    else:
        return render_to_response(
            'bulk_add_default.html', {
                'formdict': formdict,
                'title': "Bulk Add Objects",
                'table_name': 'object'
            }, RequestContext(request))
Ejemplo n.º 10
0
def add_new_object(request):
    """
    Add a new object.

    :param request: The Django request.
    :type request: :class:`django.http.HttpRequest`
    :returns: :class:`django.http.HttpResponse`
    """

    if request.method == 'POST':
        analyst = "%s" % request.user
        user = request.user
        result = ""
        message = ""
        my_type = request.POST['otype']
        acl = get_acl_object(my_type)
        if user.has_access_to(acl.OBJECTS_ADD):
            form = AddObjectForm(user,
                                 request.POST,
                                 request.FILES)
            if not form.is_valid() and 'value' not in request.FILES:
                message = "Invalid Form: %s" % form.errors
                form = form.as_table()
                response = json.dumps({'message': message,
                                       'form': form,
                                       'success': False})
                if request.is_ajax():
                    return HttpResponse(response, content_type="application/json")
                else:
                    return render_to_response("file_upload_response.html",
                                              {'response':response},
                                              RequestContext(request))
            source = request.POST['source_name']
            oid = request.POST['oid']
            object_type = request.POST['object_type']
            method = request.POST['source_method']
            reference = request.POST['source_reference']
            tlp = request.POST['source_tlp']

            add_indicator = request.POST.get('add_indicator', None)
            data = None
            # if it was a file upload, handle the file appropriately
            if 'value' in request.FILES:
                data = request.FILES['value']
            value = request.POST.get('value', None)
            if isinstance(value, basestring):
                value = value.strip()
            results = add_object(my_type,
                                 oid,
                                 object_type,
                                 source,
                                 method,
                                 reference,
                                 tlp,
                                 user.username,
                                 value=value,
                                 file_=data,
                                 add_indicator=add_indicator,
                                 is_sort_relationships=True)

        else:
            results = {'success':False,
                       'message':'User does not have permission to add object'}
        if results['success']:
            subscription = {
                'type': my_type,
                'id': oid
            }

            if results.get('relationships', None):
                relationship = {'type': my_type,
                                'value': oid}
                relationships = results['relationships']

                html = render_to_string('objects_listing_widget.html',
                                        {'objects': results['objects'],
                                         'relationships': relationships,
                                         'subscription': subscription},
                                        RequestContext(request))
                result = {'success': True,
                          'html': html,
                          'message': results['message']}

                rel_msg  = render_to_string('relationships_listing_widget.html',
                                            {'relationship': relationship,
                                             'nohide': True,
                                             'relationships': relationships},
                                            RequestContext(request))
                result['rel_made'] = True
                result['rel_msg'] = rel_msg
            else:
                html = render_to_string('objects_listing_widget.html',
                                        {'objects': results['objects'],
                                         'subscription': subscription},
                                        RequestContext(request))
                result = {'success': True,
                          'html': html,
                          'message': results['message']}
        else:
            message = "Error adding object: %s" % results['message']
            result = {'success': False, 'message': message}
        if request.is_ajax():
            return HttpResponse(json.dumps(result),
                                content_type="application/json")
        else:
            return render_to_response("file_upload_response.html",
                                      {'response': json.dumps(result)},
                                      RequestContext(request))
    else:
        error = "Expected POST"
        return render_to_response("error.html",
                                  {"error" : error },
                                  RequestContext(request))
Ejemplo n.º 11
0
Archivo: views.py Proyecto: vsbca/crits
def add_new_object(request):
    """
    Add a new object.

    :param request: The Django request.
    :type request: :class:`django.http.HttpRequest`
    :returns: :class:`django.http.HttpResponse`
    """

    if request.method == 'POST':
        analyst = "%s" % request.user
        user = request.user
        result = ""
        message = ""
        my_type = request.POST['otype']
        acl = get_acl_object(my_type)
        if user.has_access_to(acl.OBJECTS_ADD):
            form = AddObjectForm(user, request.POST, request.FILES)
            if not form.is_valid() and 'value' not in request.FILES:
                message = "Invalid Form: %s" % form.errors
                form = form.as_table()
                response = json.dumps({
                    'message': message,
                    'form': form,
                    'success': False
                })
                if request.is_ajax():
                    return HttpResponse(response,
                                        content_type="application/json")
                else:
                    return render_to_response("file_upload_response.html",
                                              {'response': response},
                                              RequestContext(request))
            source = request.POST['source_name']
            oid = request.POST['oid']
            object_type = request.POST['object_type']
            method = request.POST['source_method']
            reference = request.POST['source_reference']
            tlp = request.POST['source_tlp']

            add_indicator = request.POST.get('add_indicator', None)
            data = None
            # if it was a file upload, handle the file appropriately
            if 'value' in request.FILES:
                data = request.FILES['value']
            value = request.POST.get('value', None)
            if isinstance(value, basestring):
                value = value.strip()
            results = add_object(my_type,
                                 oid,
                                 object_type,
                                 source,
                                 method,
                                 reference,
                                 tlp,
                                 user.username,
                                 value=value,
                                 file_=data,
                                 add_indicator=add_indicator,
                                 is_sort_relationships=True)

        else:
            results = {
                'success': False,
                'message': 'User does not have permission to add object'
            }
        if results['success']:
            subscription = {'type': my_type, 'id': oid}

            if results.get('relationships', None):
                relationship = {'type': my_type, 'value': oid}
                relationships = results['relationships']

                html = render_to_string(
                    'objects_listing_widget.html', {
                        'objects': results['objects'],
                        'relationships': relationships,
                        'subscription': subscription
                    }, RequestContext(request))
                result = {
                    'success': True,
                    'html': html,
                    'message': results['message']
                }

                rel_msg = render_to_string(
                    'relationships_listing_widget.html', {
                        'relationship': relationship,
                        'nohide': True,
                        'relationships': relationships
                    }, RequestContext(request))
                result['rel_made'] = True
                result['rel_msg'] = rel_msg
            else:
                html = render_to_string('objects_listing_widget.html', {
                    'objects': results['objects'],
                    'subscription': subscription
                }, RequestContext(request))
                result = {
                    'success': True,
                    'html': html,
                    'message': results['message']
                }
        else:
            message = "Error adding object: %s" % results['message']
            result = {'success': False, 'message': message}
        if request.is_ajax():
            return HttpResponse(json.dumps(result),
                                content_type="application/json")
        else:
            return render_to_response("file_upload_response.html",
                                      {'response': json.dumps(result)},
                                      RequestContext(request))
    else:
        error = "Expected POST"
        return render_to_response("error.html", {"error": error},
                                  RequestContext(request))
Ejemplo n.º 12
0
Archivo: views.py Proyecto: vsbca/crits
def bulk_add_object_inline(request):
    """
    Bulk add objects inline.

    :param request: The Django request.
    :type request: :class:`django.http.HttpRequest`
    :returns: :class:`django.http.HttpResponse`
    """

    formdict = form_to_dict(AddObjectForm(request.user))

    if request.method == "POST" and request.is_ajax():
        user = request.user
        acl = get_acl_object(request.POST['otype'])

        if user.has_access_to(acl.OBJECTS_ADD):
            response = parse_bulk_upload(request,
                                         parse_row_to_bound_object_form,
                                         add_new_handler_object_via_bulk,
                                         formdict)

            secondary_data_array = response.get('secondary')
            if secondary_data_array:
                latest_secondary_data = secondary_data_array[-1]
                class_type = class_from_id(latest_secondary_data['type'],
                                           latest_secondary_data['id'])

                subscription = {
                    'type': latest_secondary_data['type'],
                    'id': latest_secondary_data['id'],
                    'value': latest_secondary_data['id']
                }

                object_listing_html = render_to_string(
                    'objects_listing_widget.html', {
                        'objects': class_type.sort_objects(),
                        'subscription': subscription
                    }, RequestContext(request))

                response['html'] = object_listing_html

                is_relationship_made = False
                for secondary_data in secondary_data_array:
                    if secondary_data.get('relationships'):
                        is_relationship_made = True
                        break

                if is_relationship_made == True:
                    rel_html = render_to_string(
                        'relationships_listing_widget.html', {
                            'relationship':
                            subscription,
                            'relationships':
                            class_type.sort_relationships(request.user,
                                                          meta=True)
                        }, RequestContext(request))

                    response['rel_msg'] = rel_html
                    response['rel_made'] = True

        return HttpResponse(json.dumps(response, default=json_handler),
                            content_type="application/json")
    else:
        is_prevent_initial_table = request.GET.get('isPreventInitialTable',
                                                   False)
        is_use_item_source = request.GET.get('useItemSource', False)

        if is_use_item_source == True or is_use_item_source == "true":
            otype = request.GET.get('otype')
            oid = request.GET.get('oid')

            # Get the item with the type and ID from the database
            obj = class_from_id(otype, oid)

            if obj:
                source_field_name = get_source_field_for_class(otype)
                if source_field_name:

                    # If the item has a source, then use the source value
                    # to set as the default source
                    if hasattr(obj, "source"):
                        source_field = get_field_from_label("source", formdict)
                        earliest_source = None
                        earliest_date = None

                        # Get the earliest source, compared by date
                        for source in obj.source:
                            for source_instance in source.instances:
                                if earliest_source == None or source_instance.date < earliest_date:
                                    earliest_date = source_instance.date
                                    earliest_source = source

                        if earliest_source:
                            source_field['initial'] = earliest_source.name

        return render_to_response(
            'bulk_add_object_inline.html', {
                'formdict': formdict,
                'title': "Bulk Add Objects",
                'is_prevent_initial_table': is_prevent_initial_table,
                'table_name': 'object_inline'
            }, RequestContext(request))
Ejemplo n.º 13
0
def add_new_object(request):
    """
    Add a new object.

    :param request: The Django request.
    :type request: :class:`django.http.HttpRequest`
    :returns: :class:`django.http.HttpResponse`
    """

    if request.method == 'POST':
        analyst = "%s" % request.user
        result = ""
        message = ""
        my_type = request.POST['otype']
        all_obj_type_choices = [(c[0],
                                 c[0],
                                 {'datatype':c[1].keys()[0],
                                  'datatype_value':c[1].values()[0]}
                                 ) for c in get_object_types(False)]
        form = AddObjectForm(analyst,
                             all_obj_type_choices,
                             request.POST,
                             request.FILES)
        if not form.is_valid() and not 'value' in request.FILES:
            message = "Invalid Form: %s" % form.errors
            form = form.as_table()
            response = json.dumps({'message': message,
                                   'form': form,
                                   'success': False})
            if request.is_ajax():
                return HttpResponse(response, mimetype="application/json")
            else:
                return render_to_response("file_upload_response.html",
                                          {'response':response},
                                          RequestContext(request))
        source = request.POST['source']
        oid = request.POST['oid']
        ot_array = request.POST['object_type'].split(" - ")
        object_type = ot_array[0]
        name = ot_array[1] if len(ot_array) == 2 else ot_array[0]
        method = request.POST['method']
        reference = request.POST['reference']
        add_indicator = request.POST.get('add_indicator', None)
        data = None
        # if it was a file upload, handle the file appropriately
        if 'value' in request.FILES:
            data = request.FILES['value']
        value = request.POST.get('value', None)
        if isinstance(value, basestring):
            value = value.strip()
        results = add_object(my_type,
                             oid,
                             object_type,
                             name,
                             source,
                             method,
                             reference,
                             analyst,
                             value=value,
                             file_=data,
                             add_indicator=add_indicator,
                             is_sort_relationships=True)
        if results['success']:
            subscription = {
                'type': my_type,
                'id': oid
            }

            if results.get('relationships', None):
                relationship = {'type': my_type,
                                'value': oid}
                relationships = results['relationships']

                html = render_to_string('objects_listing_widget.html',
                                        {'objects': results['objects'],
                                         'relationships': relationships,
                                         'subscription': subscription},
                                        RequestContext(request))
                result = {'success': True,
                          'html': html,
                          'message': results['message']}

                rel_msg  = render_to_string('relationships_listing_widget.html',
                                            {'relationship': relationship,
                                             'nohide': True,
                                             'relationships': relationships},
                                            RequestContext(request))
                result['rel_made'] = True
                result['rel_msg'] = rel_msg
            else:
                html = render_to_string('objects_listing_widget.html',
                                        {'objects': results['objects'],
                                         'subscription': subscription},
                                        RequestContext(request))
                result = {'success': True,
                          'html': html,
                          'message': results['message']}
        else:
            message = "Error adding object: %s" % results['message']
            result = {'success': False, 'message': message}
        if request.is_ajax():
            return HttpResponse(json.dumps(result),
                                mimetype="application/json")
        else:
            return render_to_response("file_upload_response.html",
                                      {'response': json.dumps(result)},
                                      RequestContext(request))
    else:
        error = "Expected POST"
        return render_to_response("error.html",
                                  {"error" : error },
                                  RequestContext(request))
Ejemplo n.º 14
0
def add_new_object(request):
    """
    Add a new object.

    :param request: The Django request.
    :type request: :class:`django.http.HttpRequest`
    :returns: :class:`django.http.HttpResponse`
    """

    if request.method == "POST":
        analyst = "%s" % request.user
        result = ""
        message = ""
        my_type = request.POST["otype"]
        all_obj_type_choices = [
            (c[0], c[0], {"datatype": c[1].keys()[0], "datatype_value": c[1].values()[0]})
            for c in get_object_types(False)
        ]
        form = AddObjectForm(analyst, all_obj_type_choices, request.POST, request.FILES)
        if not form.is_valid() and not "value" in request.FILES:
            message = "Invalid Form: %s" % form.errors
            form = form.as_table()
            response = json.dumps({"message": message, "form": form, "success": False})
            if request.is_ajax():
                return HttpResponse(response, mimetype="application/json")
            else:
                return render_to_response("file_upload_response.html", {"response": response}, RequestContext(request))
        source = request.POST["source"]
        oid = request.POST["oid"]
        ot_array = request.POST["object_type"].split(" - ")
        object_type = ot_array[0]
        name = ot_array[1] if len(ot_array) == 2 else ot_array[0]
        method = request.POST["method"]
        reference = request.POST["reference"]
        add_indicator = request.POST.get("add_indicator", None)
        data = None
        # if it was a file upload, handle the file appropriately
        if "value" in request.FILES:
            data = request.FILES["value"]
        value = request.POST.get("value", None)
        if isinstance(value, basestring):
            value = value.strip()
        results = add_object(
            my_type,
            oid,
            object_type,
            name,
            source,
            method,
            reference,
            analyst,
            value=value,
            file_=data,
            add_indicator=add_indicator,
            is_sort_relationships=True,
        )
        if results["success"]:
            subscription = {"type": my_type, "id": oid}

            if results.get("relationships", None):
                relationship = {"type": my_type, "value": oid}
                relationships = results["relationships"]

                html = render_to_string(
                    "objects_listing_widget.html",
                    {"objects": results["objects"], "relationships": relationships, "subscription": subscription},
                    RequestContext(request),
                )
                result = {"success": True, "html": html, "message": results["message"]}

                rel_msg = render_to_string(
                    "relationships_listing_widget.html",
                    {"relationship": relationship, "nohide": True, "relationships": relationships},
                    RequestContext(request),
                )
                result["rel_made"] = True
                result["rel_msg"] = rel_msg
            else:
                html = render_to_string(
                    "objects_listing_widget.html",
                    {"objects": results["objects"], "subscription": subscription},
                    RequestContext(request),
                )
                result = {"success": True, "html": html, "message": results["message"]}
        else:
            message = "Error adding object: %s" % results["message"]
            result = {"success": False, "message": message}
        if request.is_ajax():
            return HttpResponse(json.dumps(result), mimetype="application/json")
        else:
            return render_to_response(
                "file_upload_response.html", {"response": json.dumps(result)}, RequestContext(request)
            )
    else:
        error = "Expected POST"
        return render_to_response("error.html", {"error": error}, RequestContext(request))
Ejemplo n.º 15
0
Archivo: views.py Proyecto: 0x3a/crits
def add_new_object(request):
    """
    Add a new object.

    :param request: The Django request.
    :type request: :class:`django.http.HttpRequest`
    :returns: :class:`django.http.HttpResponse`
    """

    if request.method == 'POST':
        analyst = "%s" % request.user
        result = ""
        message = ""
        my_type = request.POST['otype']
        all_obj_type_choices = [(c[0],
                                 c[0],
                                 {'datatype':c[1].keys()[0],
                                  'datatype_value':c[1].values()[0]}
                                 ) for c in get_object_types(False)]
        form = AddObjectForm(analyst,
                             all_obj_type_choices,
                             request.POST,
                             request.FILES)
        if not form.is_valid() and not 'value' in request.FILES:
            message = "Invalid Form: %s" % form.errors
            form = form.as_table()
            response = json.dumps({'message': message,
                                   'form': form,
                                   'success': False})
            if request.is_ajax():
                return HttpResponse(response, mimetype="application/json")
            else:
                return render_to_response("file_upload_response.html",
                                          {'response':response},
                                          RequestContext(request))
        source = request.POST['source']
        oid = request.POST['oid']
        ot_array = request.POST['object_type'].split(" - ")
        object_type = ot_array[0]
        name = ot_array[1] if len(ot_array) == 2 else ot_array[0]
        method = request.POST['method']
        reference = request.POST['reference']
        add_indicator = request.POST.get('add_indicator', None)
        data = None
        # if it was a file upload, handle the file appropriately
        if 'value' in request.FILES:
            data = request.FILES['value']
        value = request.POST.get('value', None)
        if isinstance(value, basestring):
            value = value.strip()
        results = add_object(my_type,
                             oid,
                             object_type,
                             name,
                             source,
                             method,
                             reference,
                             analyst,
                             value=value,
                             file_=data,
                             add_indicator=add_indicator,
                             is_sort_relationships=True)
        if results['success']:
            subscription = {
                'type': my_type,
                'id': oid
            }

            if results.get('relationships', None):
                relationship = {'type': my_type,
                                'value': oid}
                relationships = results['relationships']

                html = render_to_string('objects_listing_widget.html',
                                        {'objects': results['objects'],
                                         'relationships': relationships,
                                         'subscription': subscription},
                                        RequestContext(request))
                result = {'success': True,
                          'html': html,
                          'message': results['message']}

                rel_msg  = render_to_string('relationships_listing_widget.html',
                                            {'relationship': relationship,
                                             'nohide': True,
                                             'relationships': relationships},
                                            RequestContext(request))
                result['rel_made'] = True
                result['rel_msg'] = rel_msg
            else:
                html = render_to_string('objects_listing_widget.html',
                                        {'objects': results['objects'],
                                         'subscription': subscription},
                                        RequestContext(request))
                result = {'success': True,
                          'html': html,
                          'message': results['message']}
        else:
            message = "Error adding object: %s" % results['message']
            result = {'success': False, 'message': message}
        if request.is_ajax():
            return HttpResponse(json.dumps(result),
                                mimetype="application/json")
        else:
            return render_to_response("file_upload_response.html",
                                      {'response': json.dumps(result)},
                                      RequestContext(request))
    else:
        error = "Expected POST"
        return render_to_response("error.html",
                                  {"error" : error },
                                  RequestContext(request))