def parse_row_to_bound_object_form(request, rowData, cache):
"""
Parse a row from mass object upload into an AddObjectForm.
:param request: The Django request.
:type request: :class:`django.http.HttpRequest`
:param rowData: The row data.
:type rowData: dict
:param cache: Cached data, typically for performance enhancements
during bulk operations.
:type cache: dict
:returns: :class:`crits.objects.forms.AddObjectForm`
"""
bound_form = None
# TODO fix the hardcoded strings and conversion of types
# TODO Add common method to convert data to string
object_type = rowData.get(form_consts.Object.OBJECT_TYPE, "")
value = rowData.get(form_consts.Object.VALUE, "")
source = rowData.get(form_consts.Object.SOURCE, "")
method = rowData.get(form_consts.Object.METHOD, "")
reference = rowData.get(form_consts.Object.REFERENCE, "")
otype = rowData.get(form_consts.Object.PARENT_OBJECT_TYPE, "")
oid = rowData.get(form_consts.Object.PARENT_OBJECT_ID, "")
is_add_indicator = convert_string_to_bool(
rowData.get(form_consts.Object.ADD_INDICATOR, "False"))
all_obj_type_choices = cache.get("object_types")
if all_obj_type_choices == None:
all_obj_type_choices = [(c[0], c[0], {
'datatype': c[1].keys()[0],
'datatype_value': c[1].values()[0]
}) for c in get_object_types(False)]
cache["object_types"] = all_obj_type_choices
data = {
'object_type': object_type,
'value': value,
'source': source,
'method': method,
'reference': reference,
'otype': otype,
'oid': oid,
'add_indicator': is_add_indicator
}
bound_form = cache.get("object_form")
if bound_form == None:
bound_form = AddObjectForm(request.user, all_obj_type_choices, data)
cache['object_form'] = bound_form
else:
bound_form.data = data
bound_form.full_clean()
return bound_form
def parse_row_to_bound_object_form(request, rowData, cache):
"""
Parse a row from mass object upload into an AddObjectForm.
:param request: The Django request.
:type request: :class:`django.http.HttpRequest`
:param rowData: The row data.
:type rowData: dict
:param cache: Cached data, typically for performance enhancements
during bulk operations.
:type cache: dict
:returns: :class:`crits.objects.forms.AddObjectForm`
"""
bound_form = None
# TODO fix the hardcoded strings and conversion of types
# TODO Add common method to convert data to string
object_type = rowData.get(form_consts.Object.OBJECT_TYPE, "")
value = rowData.get(form_consts.Object.VALUE, "")
source = rowData.get(form_consts.Object.SOURCE, "")
method = rowData.get(form_consts.Object.METHOD, "")
reference = rowData.get(form_consts.Object.REFERENCE, "")
otype = rowData.get(form_consts.Object.PARENT_OBJECT_TYPE, "")
oid = rowData.get(form_consts.Object.PARENT_OBJECT_ID, "")
is_add_indicator = convert_string_to_bool(rowData.get(form_consts.Object.ADD_INDICATOR, "False"))
all_obj_type_choices = cache.get("object_types")
if all_obj_type_choices == None:
all_obj_type_choices = [(c[0],
c[0],
{'datatype':c[1].keys()[0],
'datatype_value':c[1].values()[0]}
) for c in get_object_types(False)]
cache["object_types"] = all_obj_type_choices
data = {
'object_type': object_type,
'value': value,
'source': source,
'method': method,
'reference': reference,
'otype': otype,
'oid': oid,
'add_indicator': is_add_indicator
}
bound_form = cache.get("object_form")
if bound_form == None:
bound_form = AddObjectForm(request.user, all_obj_type_choices, data)
cache['object_form'] = bound_form
else:
bound_form.data = data
bound_form.full_clean()
return bound_form
def bulk_add_object(request):
"""
Bulk add objects.
:param request: The Django request.
:type request: :class:`django.http.HttpRequest`
:returns: :class:`django.http.HttpResponse`
"""
formdict = form_to_dict(AddObjectForm(request.user))
if request.method == "POST" and request.is_ajax():
acl = get_acl_object(request.POST['otype'])
user = request.user
if user.has_access_to(acl.OBJECTS_ADD):
response = parse_bulk_upload(request,
parse_row_to_bound_object_form,
add_new_handler_object_via_bulk,
formdict)
else:
response = {
'success': False,
'message': 'User does not have permission to add objects'
}
return HttpResponse(json.dumps(response, default=json_handler),
content_type="application/json")
else:
return render_to_response(
'bulk_add_default.html', {
'formdict': formdict,
'title': "Bulk Add Objects",
'table_name': 'object'
}, RequestContext(request))
def bulk_add_object(request):
"""
Bulk add objects.
:param request: The Django request.
:type request: :class:`django.http.HttpRequest`
:returns: :class:`django.http.HttpResponse`
"""
all_obj_type_choices = [(c[0],
c[0],
{'datatype':c[1].keys()[0],
'datatype_value':c[1].values()[0]}
) for c in get_object_types(False, query={'datatype.file':{'$exists':0}})]
formdict = form_to_dict(AddObjectForm(request.user, all_obj_type_choices))
if request.method == "POST" and request.is_ajax():
response = parse_bulk_upload(request, parse_row_to_bound_object_form, add_new_handler_object_via_bulk, formdict)
return HttpResponse(json.dumps(response,
default=json_handler),
mimetype='application/json')
else:
return render_to_response('bulk_add_default.html',
{'formdict': formdict,
'title': "Bulk Add Objects",
'table_name': 'object'},
RequestContext(request))
def validate_and_add_new_handler_object(data, rowData, request, errors,
row_counter, is_validate_only=False,
is_sort_relationships=False,
cache={}, obj=None):
"""
Validate an object and then add it to the database.
:param data: The data for the object.
:type data: dict
:param rowData: Data from the row if using mass object upload.
:type rowData: dict
:param request: The Django request.
:type request: :class:`django.http.HttpRequest`
:param errors: List of existing errors to append to.
:type errors: list
:param row_counter: Which row we are working on (for error tracking).
:type row_counter: int
:param is_validate_only: Only validate.
:type is_validate_only: bool
:param cache: Cached data, typically for performance enhancements
during bulk operations.
:type cache: dict
:returns: tuple of (<result>, <errors>, <retVal>)
"""
result = False
retVal = {}
bound_form = parse_row_to_bound_object_form(request, rowData, cache)
if bound_form.is_valid():
(result,
retVal) = add_new_handler_object(data, rowData, request, obj=obj,
is_validate_only=is_validate_only,
is_sort_relationships=is_sort_relationships)
if not result and 'message' in retVal:
errors.append("%s #%s - %s" % (form_consts.Common.OBJECTS_DATA,
str(row_counter),
retVal['message']))
else:
formdict = cache.get("object_formdict")
if formdict == None:
object_form = AddObjectForm(request.user)
formdict = form_to_dict(object_form)
cache['object_formdict'] = formdict
for name, errorMessages in bound_form.errors.items():
entry = get_field_from_label(name, formdict)
if entry == None:
continue
for message in errorMessages:
errors.append("%s #%s - %s - %s" % (form_consts.Common.OBJECTS_DATA,
str(row_counter),
name,
message))
result = False
return result, errors, retVal
def bulk_add_domain(request):
"""
Bulk add domains via a bulk upload form.
Args:
request: The Django context which contains information about the
session and key/value pairs for the bulk add domains request
Returns:
If the request is not a POST and not a Ajax call then:
Returns a rendered HTML form for a bulk add of domains
If the request is a POST and a Ajax call then:
Returns a response that contains information about the
status of the bulk uploaded domains. This may include information
such as domains that failed or successfully added. This may
also contain helpful status messages about each operation.
"""
formdict = form_to_dict(AddDomainForm(request.user))
user = request.user
if request.method == "POST" and request.is_ajax():
if user.has_access_to(DomainACL.WRITE):
response = process_bulk_add_domain(request, formdict)
else:
response = {
"success": False,
"message": "User does not have permission to add domains."
}
return HttpResponse(json.dumps(response, default=json_handler),
content_type="application/json")
else:
if user.has_access_to(DomainACL.WRITE):
objectformdict = form_to_dict(AddObjectForm(request.user))
return render_to_response(
'bulk_add_default.html', {
'formdict': formdict,
'objectformdict': objectformdict,
'title': "Bulk Add Domains",
'table_name': 'domain',
'local_validate_columns': [form_consts.Domain.DOMAIN_NAME],
'custom_js': "domain_handsontable.js",
'is_bulk_add_objects': True
}, RequestContext(request))
else:
response = {
"success": False,
"message": "User does not have permission to add domains."
}
return HttpResponse(json.dumps(response, default=json_handler),
content_type="application/json")
def bulk_add_domain(request):
"""
Bulk add domains via a bulk upload form.
Args:
request: The Django context which contains information about the
session and key/value pairs for the bulk add domains request
Returns:
If the request is not a POST and not a Ajax call then:
Returns a rendered HTML form for a bulk add of domains
If the request is a POST and a Ajax call then:
Returns a response that contains information about the
status of the bulk uploaded domains. This may include information
such as domains that failed or successfully added. This may
also contain helpful status messages about each operation.
"""
all_obj_type_choices = [(c[0],
c[0],
{'datatype':c[1].keys()[0],
'datatype_value':c[1].values()[0]}
) for c in get_object_types(False)]
formdict = form_to_dict(AddDomainForm(request.user))
if request.method == "POST" and request.is_ajax():
response = process_bulk_add_domain(request, formdict);
return HttpResponse(json.dumps(response,
default=json_handler),
mimetype='application/json')
else:
objectformdict = form_to_dict(AddObjectForm(request.user, all_obj_type_choices))
return render_to_response('bulk_add_default.html',
{'formdict': formdict,
'objectformdict': objectformdict,
'title': "Bulk Add Domains",
'table_name': 'domain',
'local_validate_columns': [form_consts.Domain.DOMAIN_NAME],
'custom_js': "domain_handsontable.js",
'is_bulk_add_objects': True},
RequestContext(request));
def bulk_add_md5_sample(request):
"""
Bulk add samples via a bulk upload form.
Args:
request: The Django context which contains information about the
session and key/value pairs for the bulk add request
Returns:
If the request is not a POST and not a Ajax call then:
Returns a rendered HTML form for a bulk add of domains
If the request is a POST and a Ajax call then:
Returns a response that contains information about the
status of the bulk add. This may include information
such as items that failed or successfully added. This may
also contain helpful status messages about each operation.
"""
formdict = form_to_dict(
UploadFileForm(request.user, request.POST, request.FILES))
objectformdict = form_to_dict(AddObjectForm(request.user))
if request.method == "POST" and request.is_ajax():
response = process_bulk_add_md5_sample(request, formdict)
return HttpResponse(json.dumps(response, default=json_handler),
content_type="application/json")
else:
return render(
request,
'bulk_add_default.html',
{
'formdict': formdict,
'objectformdict': objectformdict,
'title': "Bulk Add Samples",
'table_name': 'sample',
'local_validate_columns': [form_consts.Sample.MD5],
'is_bulk_add_objects': True
},
)
def bulk_add_object(request):
"""
Bulk add objects.
:param request: The Django request.
:type request: :class:`django.http.HttpRequest`
:returns: :class:`django.http.HttpResponse`
"""
formdict = form_to_dict(AddObjectForm(request.user))
if request.method == "POST" and request.is_ajax():
response = parse_bulk_upload(request, parse_row_to_bound_object_form,
add_new_handler_object_via_bulk, formdict)
return HttpResponse(json.dumps(response, default=json_handler),
mimetype='application/json')
else:
return render_to_response(
'bulk_add_default.html', {
'formdict': formdict,
'title': "Bulk Add Objects",
'table_name': 'object'
}, RequestContext(request))
def add_new_object(request):
"""
Add a new object.
:param request: The Django request.
:type request: :class:`django.http.HttpRequest`
:returns: :class:`django.http.HttpResponse`
"""
if request.method == 'POST':
analyst = "%s" % request.user
user = request.user
result = ""
message = ""
my_type = request.POST['otype']
acl = get_acl_object(my_type)
if user.has_access_to(acl.OBJECTS_ADD):
form = AddObjectForm(user,
request.POST,
request.FILES)
if not form.is_valid() and 'value' not in request.FILES:
message = "Invalid Form: %s" % form.errors
form = form.as_table()
response = json.dumps({'message': message,
'form': form,
'success': False})
if request.is_ajax():
return HttpResponse(response, content_type="application/json")
else:
return render_to_response("file_upload_response.html",
{'response':response},
RequestContext(request))
source = request.POST['source_name']
oid = request.POST['oid']
object_type = request.POST['object_type']
method = request.POST['source_method']
reference = request.POST['source_reference']
tlp = request.POST['source_tlp']
add_indicator = request.POST.get('add_indicator', None)
data = None
# if it was a file upload, handle the file appropriately
if 'value' in request.FILES:
data = request.FILES['value']
value = request.POST.get('value', None)
if isinstance(value, basestring):
value = value.strip()
results = add_object(my_type,
oid,
object_type,
source,
method,
reference,
tlp,
user.username,
value=value,
file_=data,
add_indicator=add_indicator,
is_sort_relationships=True)
else:
results = {'success':False,
'message':'User does not have permission to add object'}
if results['success']:
subscription = {
'type': my_type,
'id': oid
}
if results.get('relationships', None):
relationship = {'type': my_type,
'value': oid}
relationships = results['relationships']
html = render_to_string('objects_listing_widget.html',
{'objects': results['objects'],
'relationships': relationships,
'subscription': subscription},
RequestContext(request))
result = {'success': True,
'html': html,
'message': results['message']}
rel_msg = render_to_string('relationships_listing_widget.html',
{'relationship': relationship,
'nohide': True,
'relationships': relationships},
RequestContext(request))
result['rel_made'] = True
result['rel_msg'] = rel_msg
else:
html = render_to_string('objects_listing_widget.html',
{'objects': results['objects'],
'subscription': subscription},
RequestContext(request))
result = {'success': True,
'html': html,
'message': results['message']}
else:
message = "Error adding object: %s" % results['message']
result = {'success': False, 'message': message}
if request.is_ajax():
return HttpResponse(json.dumps(result),
content_type="application/json")
else:
return render_to_response("file_upload_response.html",
{'response': json.dumps(result)},
RequestContext(request))
else:
error = "Expected POST"
return render_to_response("error.html",
{"error" : error },
RequestContext(request))
def add_new_object(request):
"""
Add a new object.
:param request: The Django request.
:type request: :class:`django.http.HttpRequest`
:returns: :class:`django.http.HttpResponse`
"""
if request.method == 'POST':
analyst = "%s" % request.user
user = request.user
result = ""
message = ""
my_type = request.POST['otype']
acl = get_acl_object(my_type)
if user.has_access_to(acl.OBJECTS_ADD):
form = AddObjectForm(user, request.POST, request.FILES)
if not form.is_valid() and 'value' not in request.FILES:
message = "Invalid Form: %s" % form.errors
form = form.as_table()
response = json.dumps({
'message': message,
'form': form,
'success': False
})
if request.is_ajax():
return HttpResponse(response,
content_type="application/json")
else:
return render_to_response("file_upload_response.html",
{'response': response},
RequestContext(request))
source = request.POST['source_name']
oid = request.POST['oid']
object_type = request.POST['object_type']
method = request.POST['source_method']
reference = request.POST['source_reference']
tlp = request.POST['source_tlp']
add_indicator = request.POST.get('add_indicator', None)
data = None
# if it was a file upload, handle the file appropriately
if 'value' in request.FILES:
data = request.FILES['value']
value = request.POST.get('value', None)
if isinstance(value, basestring):
value = value.strip()
results = add_object(my_type,
oid,
object_type,
source,
method,
reference,
tlp,
user.username,
value=value,
file_=data,
add_indicator=add_indicator,
is_sort_relationships=True)
else:
results = {
'success': False,
'message': 'User does not have permission to add object'
}
if results['success']:
subscription = {'type': my_type, 'id': oid}
if results.get('relationships', None):
relationship = {'type': my_type, 'value': oid}
relationships = results['relationships']
html = render_to_string(
'objects_listing_widget.html', {
'objects': results['objects'],
'relationships': relationships,
'subscription': subscription
}, RequestContext(request))
result = {
'success': True,
'html': html,
'message': results['message']
}
rel_msg = render_to_string(
'relationships_listing_widget.html', {
'relationship': relationship,
'nohide': True,
'relationships': relationships
}, RequestContext(request))
result['rel_made'] = True
result['rel_msg'] = rel_msg
else:
html = render_to_string('objects_listing_widget.html', {
'objects': results['objects'],
'subscription': subscription
}, RequestContext(request))
result = {
'success': True,
'html': html,
'message': results['message']
}
else:
message = "Error adding object: %s" % results['message']
result = {'success': False, 'message': message}
if request.is_ajax():
return HttpResponse(json.dumps(result),
content_type="application/json")
else:
return render_to_response("file_upload_response.html",
{'response': json.dumps(result)},
RequestContext(request))
else:
error = "Expected POST"
return render_to_response("error.html", {"error": error},
RequestContext(request))
def bulk_add_object_inline(request):
"""
Bulk add objects inline.
:param request: The Django request.
:type request: :class:`django.http.HttpRequest`
:returns: :class:`django.http.HttpResponse`
"""
formdict = form_to_dict(AddObjectForm(request.user))
if request.method == "POST" and request.is_ajax():
user = request.user
acl = get_acl_object(request.POST['otype'])
if user.has_access_to(acl.OBJECTS_ADD):
response = parse_bulk_upload(request,
parse_row_to_bound_object_form,
add_new_handler_object_via_bulk,
formdict)
secondary_data_array = response.get('secondary')
if secondary_data_array:
latest_secondary_data = secondary_data_array[-1]
class_type = class_from_id(latest_secondary_data['type'],
latest_secondary_data['id'])
subscription = {
'type': latest_secondary_data['type'],
'id': latest_secondary_data['id'],
'value': latest_secondary_data['id']
}
object_listing_html = render_to_string(
'objects_listing_widget.html', {
'objects': class_type.sort_objects(),
'subscription': subscription
}, RequestContext(request))
response['html'] = object_listing_html
is_relationship_made = False
for secondary_data in secondary_data_array:
if secondary_data.get('relationships'):
is_relationship_made = True
break
if is_relationship_made == True:
rel_html = render_to_string(
'relationships_listing_widget.html', {
'relationship':
subscription,
'relationships':
class_type.sort_relationships(request.user,
meta=True)
}, RequestContext(request))
response['rel_msg'] = rel_html
response['rel_made'] = True
return HttpResponse(json.dumps(response, default=json_handler),
content_type="application/json")
else:
is_prevent_initial_table = request.GET.get('isPreventInitialTable',
False)
is_use_item_source = request.GET.get('useItemSource', False)
if is_use_item_source == True or is_use_item_source == "true":
otype = request.GET.get('otype')
oid = request.GET.get('oid')
# Get the item with the type and ID from the database
obj = class_from_id(otype, oid)
if obj:
source_field_name = get_source_field_for_class(otype)
if source_field_name:
# If the item has a source, then use the source value
# to set as the default source
if hasattr(obj, "source"):
source_field = get_field_from_label("source", formdict)
earliest_source = None
earliest_date = None
# Get the earliest source, compared by date
for source in obj.source:
for source_instance in source.instances:
if earliest_source == None or source_instance.date < earliest_date:
earliest_date = source_instance.date
earliest_source = source
if earliest_source:
source_field['initial'] = earliest_source.name
return render_to_response(
'bulk_add_object_inline.html', {
'formdict': formdict,
'title': "Bulk Add Objects",
'is_prevent_initial_table': is_prevent_initial_table,
'table_name': 'object_inline'
}, RequestContext(request))
def add_new_object(request):
"""
Add a new object.
:param request: The Django request.
:type request: :class:`django.http.HttpRequest`
:returns: :class:`django.http.HttpResponse`
"""
if request.method == 'POST':
analyst = "%s" % request.user
result = ""
message = ""
my_type = request.POST['otype']
all_obj_type_choices = [(c[0],
c[0],
{'datatype':c[1].keys()[0],
'datatype_value':c[1].values()[0]}
) for c in get_object_types(False)]
form = AddObjectForm(analyst,
all_obj_type_choices,
request.POST,
request.FILES)
if not form.is_valid() and not 'value' in request.FILES:
message = "Invalid Form: %s" % form.errors
form = form.as_table()
response = json.dumps({'message': message,
'form': form,
'success': False})
if request.is_ajax():
return HttpResponse(response, mimetype="application/json")
else:
return render_to_response("file_upload_response.html",
{'response':response},
RequestContext(request))
source = request.POST['source']
oid = request.POST['oid']
ot_array = request.POST['object_type'].split(" - ")
object_type = ot_array[0]
name = ot_array[1] if len(ot_array) == 2 else ot_array[0]
method = request.POST['method']
reference = request.POST['reference']
add_indicator = request.POST.get('add_indicator', None)
data = None
# if it was a file upload, handle the file appropriately
if 'value' in request.FILES:
data = request.FILES['value']
value = request.POST.get('value', None)
if isinstance(value, basestring):
value = value.strip()
results = add_object(my_type,
oid,
object_type,
name,
source,
method,
reference,
analyst,
value=value,
file_=data,
add_indicator=add_indicator,
is_sort_relationships=True)
if results['success']:
subscription = {
'type': my_type,
'id': oid
}
if results.get('relationships', None):
relationship = {'type': my_type,
'value': oid}
relationships = results['relationships']
html = render_to_string('objects_listing_widget.html',
{'objects': results['objects'],
'relationships': relationships,
'subscription': subscription},
RequestContext(request))
result = {'success': True,
'html': html,
'message': results['message']}
rel_msg = render_to_string('relationships_listing_widget.html',
{'relationship': relationship,
'nohide': True,
'relationships': relationships},
RequestContext(request))
result['rel_made'] = True
result['rel_msg'] = rel_msg
else:
html = render_to_string('objects_listing_widget.html',
{'objects': results['objects'],
'subscription': subscription},
RequestContext(request))
result = {'success': True,
'html': html,
'message': results['message']}
else:
message = "Error adding object: %s" % results['message']
result = {'success': False, 'message': message}
if request.is_ajax():
return HttpResponse(json.dumps(result),
mimetype="application/json")
else:
return render_to_response("file_upload_response.html",
{'response': json.dumps(result)},
RequestContext(request))
else:
error = "Expected POST"
return render_to_response("error.html",
{"error" : error },
RequestContext(request))
def add_new_object(request):
"""
Add a new object.
:param request: The Django request.
:type request: :class:`django.http.HttpRequest`
:returns: :class:`django.http.HttpResponse`
"""
if request.method == "POST":
analyst = "%s" % request.user
result = ""
message = ""
my_type = request.POST["otype"]
all_obj_type_choices = [
(c[0], c[0], {"datatype": c[1].keys()[0], "datatype_value": c[1].values()[0]})
for c in get_object_types(False)
]
form = AddObjectForm(analyst, all_obj_type_choices, request.POST, request.FILES)
if not form.is_valid() and not "value" in request.FILES:
message = "Invalid Form: %s" % form.errors
form = form.as_table()
response = json.dumps({"message": message, "form": form, "success": False})
if request.is_ajax():
return HttpResponse(response, mimetype="application/json")
else:
return render_to_response("file_upload_response.html", {"response": response}, RequestContext(request))
source = request.POST["source"]
oid = request.POST["oid"]
ot_array = request.POST["object_type"].split(" - ")
object_type = ot_array[0]
name = ot_array[1] if len(ot_array) == 2 else ot_array[0]
method = request.POST["method"]
reference = request.POST["reference"]
add_indicator = request.POST.get("add_indicator", None)
data = None
# if it was a file upload, handle the file appropriately
if "value" in request.FILES:
data = request.FILES["value"]
value = request.POST.get("value", None)
if isinstance(value, basestring):
value = value.strip()
results = add_object(
my_type,
oid,
object_type,
name,
source,
method,
reference,
analyst,
value=value,
file_=data,
add_indicator=add_indicator,
is_sort_relationships=True,
)
if results["success"]:
subscription = {"type": my_type, "id": oid}
if results.get("relationships", None):
relationship = {"type": my_type, "value": oid}
relationships = results["relationships"]
html = render_to_string(
"objects_listing_widget.html",
{"objects": results["objects"], "relationships": relationships, "subscription": subscription},
RequestContext(request),
)
result = {"success": True, "html": html, "message": results["message"]}
rel_msg = render_to_string(
"relationships_listing_widget.html",
{"relationship": relationship, "nohide": True, "relationships": relationships},
RequestContext(request),
)
result["rel_made"] = True
result["rel_msg"] = rel_msg
else:
html = render_to_string(
"objects_listing_widget.html",
{"objects": results["objects"], "subscription": subscription},
RequestContext(request),
)
result = {"success": True, "html": html, "message": results["message"]}
else:
message = "Error adding object: %s" % results["message"]
result = {"success": False, "message": message}
if request.is_ajax():
return HttpResponse(json.dumps(result), mimetype="application/json")
else:
return render_to_response(
"file_upload_response.html", {"response": json.dumps(result)}, RequestContext(request)
)
else:
error = "Expected POST"
return render_to_response("error.html", {"error": error}, RequestContext(request))
def add_new_object(request):
"""
Add a new object.
:param request: The Django request.
:type request: :class:`django.http.HttpRequest`
:returns: :class:`django.http.HttpResponse`
"""
if request.method == 'POST':
analyst = "%s" % request.user
result = ""
message = ""
my_type = request.POST['otype']
all_obj_type_choices = [(c[0],
c[0],
{'datatype':c[1].keys()[0],
'datatype_value':c[1].values()[0]}
) for c in get_object_types(False)]
form = AddObjectForm(analyst,
all_obj_type_choices,
request.POST,
request.FILES)
if not form.is_valid() and not 'value' in request.FILES:
message = "Invalid Form: %s" % form.errors
form = form.as_table()
response = json.dumps({'message': message,
'form': form,
'success': False})
if request.is_ajax():
return HttpResponse(response, mimetype="application/json")
else:
return render_to_response("file_upload_response.html",
{'response':response},
RequestContext(request))
source = request.POST['source']
oid = request.POST['oid']
ot_array = request.POST['object_type'].split(" - ")
object_type = ot_array[0]
name = ot_array[1] if len(ot_array) == 2 else ot_array[0]
method = request.POST['method']
reference = request.POST['reference']
add_indicator = request.POST.get('add_indicator', None)
data = None
# if it was a file upload, handle the file appropriately
if 'value' in request.FILES:
data = request.FILES['value']
value = request.POST.get('value', None)
if isinstance(value, basestring):
value = value.strip()
results = add_object(my_type,
oid,
object_type,
name,
source,
method,
reference,
analyst,
value=value,
file_=data,
add_indicator=add_indicator,
is_sort_relationships=True)
if results['success']:
subscription = {
'type': my_type,
'id': oid
}
if results.get('relationships', None):
relationship = {'type': my_type,
'value': oid}
relationships = results['relationships']
html = render_to_string('objects_listing_widget.html',
{'objects': results['objects'],
'relationships': relationships,
'subscription': subscription},
RequestContext(request))
result = {'success': True,
'html': html,
'message': results['message']}
rel_msg = render_to_string('relationships_listing_widget.html',
{'relationship': relationship,
'nohide': True,
'relationships': relationships},
RequestContext(request))
result['rel_made'] = True
result['rel_msg'] = rel_msg
else:
html = render_to_string('objects_listing_widget.html',
{'objects': results['objects'],
'subscription': subscription},
RequestContext(request))
result = {'success': True,
'html': html,
'message': results['message']}
else:
message = "Error adding object: %s" % results['message']
result = {'success': False, 'message': message}
if request.is_ajax():
return HttpResponse(json.dumps(result),
mimetype="application/json")
else:
return render_to_response("file_upload_response.html",
{'response': json.dumps(result)},
RequestContext(request))
else:
error = "Expected POST"
return render_to_response("error.html",
{"error" : error },
RequestContext(request))