Ejemplo n.º 1
0
def change_password(request):
    # activeユーザー以外はエラー
    if not request.user.is_active:
        return error_page_inactive(request)

    try:
        replace_dict = get_common_replace_dict(request)
        old_password = get_profile_change_password_old_password(request)
        new_password = get_profile_change_password_new_password(request)
        user = request.user
        # 古いパスワードが正しいかチェック
        if not user.check_password(old_password):
            # 古いパスワードが間違っている
            replace_dict[
                'error_change_password_msg'] = 'Old Password is wrong!!'
            return render(request, 'profile.html', replace_dict)
        # 新しいパスワードに変更
        user.set_password(new_password)
        if user.username == 'admin':
            # build_in account のパスワード変更
            STIPUser.change_build_password(new_password)
        user.is_modified_password = True
        user.save()
        # レンダリング
        return render(request, 'change_password_done.html', replace_dict)
    except Exception:
        # エラーページ
        return error_page(request)
Ejemplo n.º 2
0
def interval(request):
    if request.method != 'GET':
        return error_page_free_format(request, 'invalid method')
    # activeユーザー以外はエラー
    if not request.user.is_active:
        return error_page_inactive(request)
    # is_admin権限なしの場合はエラー
    if not request.user.is_admin:
        return error_page_no_view_permission(request)
    try:
        interval = get_adapter_otx_detail_interval_interval(request)
        print(interval)
        # schedular からジョブを削除
        otx.remove_interval_job()
        # mongo 格納の設定からジョブを削除
        OtxAdapter.remove_internal_job()
        if interval != 0:
            # Mongo の isightAdapter に jobを追加する (設定の保存のみ)
            job = OtxAdapter.add_job(type_=ScheduleJobs.JOB_INTERVAL,
                                     seconds=interval)
            # job 動作追加
            otx.add_job(job)
            info_msg = 'Set Interval %d sec' % (interval)
        else:
            # ジョブの追加をしない
            info_msg = 'Stop a job by interval'
        return otx_common_render(request, info_msg=info_msg)
    except Exception:
        # エラーページ
        return error_page(request)
Ejemplo n.º 3
0
def create(request):
    if request.method != 'POST':
        return error_page_free_format(request, 'invalid method')
    # activeユーザー以外はエラー
    if not request.user.is_active:
        return error_page_inactive(request)
    # is_admin権限なしの場合はエラー
    if not request.user.is_admin:
        return error_page_no_view_permission(request)
    try:
        name = get_configuration_community_create_community_name(request)
        if(name is None or len(name) == 0):
            return error_page_free_format(request, 'No Community Name.')

        # community初期化処理
        try:
            Communities.init_community(name)
        except Exception as e:
            return error_page_free_format(request, e.message)

        # 結果返却
        replace_dict = get_common_replace_dict(request)
        replace_dict['communities'] = Communities.objects.all()
        replace_dict['info_msg'] = 'Create Success!!'
        # レンダリング
        return render(request, 'community.html', replace_dict)
    except Exception:
        # エラーページ
        return error_page(request)
Ejemplo n.º 4
0
def modify(request):
    # POST以外はエラー
    if request.method != 'POST':
        return error_page_free_format(request, 'invalid method')
    # activeユーザー以外はエラー
    if not request.user.is_active:
        return error_page_inactive(request)
    # is_admin権限なしの場合はエラー
    if not request.user.is_admin:
        return error_page_no_view_permission(request)
    # community_id取得
    community_id = get_configuration_community_modify_community_id(request)
    # community_name取得
    community_name = get_configuration_community_modify_community_name(request)
    if ((community_id is None) or (community_name is None)):
        return error_page_free_format(request, 'invalid arguments.')
    try:
        c = Communities.objects.get(id=community_id)
        c.name = community_name
        c.save()
        # communityトップページ返却
        return redirect('/configuration/community/')
    except Exception:
        # エラーページ
        return error_page(request)
Ejemplo n.º 5
0
def add_webhook(request):
    # POST以外はエラー
    if request.method != 'GET':
        return error_page_free_format(request, 'invalid method')
    # activeユーザー以外はエラー
    if not request.user.is_active:
        return error_page_inactive(request)
    # is_admin権限なしの場合はエラー
    if not request.user.is_admin:
        return error_page_no_view_permission(request)
    # community_id取得
    community_id = get_configuration_community_add_webhook_community_id(request)
    # url取得
    url = get_configuration_community_add_webhook_url(request)
    if ((community_id is None) or (url is None)):
        return error_page_free_format(request, 'invalid arguments.')
    try:
        # webhook作成
        webhook = Webhooks()
        webhook.url = url
        webhook.save()
        # communityに追加
        c = Communities.objects.get(id=community_id)
        c.webhooks.append(webhook)
        c.save()
        replace_dict = get_common_replace_dict(request)
        replace_dict['community'] = c
        # レンダリング
        return render(request, 'community_detail.html', replace_dict)
    except Exception:
        # エラーページ
        return error_page(request)
Ejemplo n.º 6
0
def interval(request, taxii_id):
    if request.method != 'GET':
        return error_page_free_format(request, 'invalid method')
    if not request.user.is_active:
        return error_page_inactive(request)
    if not request.user.is_admin:
        return error_page_no_view_permission(request)
    try:
        interval = get_configuartion_taxii_client_detail_interval_interval(request)
        taxii_client = TaxiiClients.objects.get(id=taxii_id)
        client = Client(taxii_client=taxii_client)
        client.remove_interval_job()
        taxii_client.interval_schedule_job = None
        taxii_client.save()
        if interval != 0:
            schedule_job = taxii_client.add_job(type_=ScheduleJobs.JOB_INTERVAL, seconds=interval)
            client.add_job(schedule_job)
        replace_dict = get_common_replace_dict(request)
        replace_dict['client'] = taxii_client
        if interval != 0:
            replace_dict['interval_info_msg'] = 'Set Interval %d sec' % (interval)
        else:
            replace_dict['interval_info_msg'] = 'Stop a job by interval'
        return render(request, 'configuration_taxii_client_detail.html', replace_dict)
    except Exception:
        return error_page(request)
Ejemplo n.º 7
0
def get(request):
    if request.method != 'GET':
        return error_page_free_format(request, 'invalid method')
    # activeユーザー以外はエラー
    if not request.user.is_active:
        return error_page_inactive(request)
    try:
        start_str = get_adapter_isight_get_start_time(request)
        end_str = get_adapter_isight_get_end_time(request)
        try:
            start_time = _get_epoch_time(start_str)
        except BaseException:
            # parse不能時は指定なしと同義
            start_time = None
        try:
            end_time = _get_epoch_time(end_str)
        except BaseException:
            # parse不能時は指定なしと同義
            end_time = None
        count = isight.get_isight_stix(start_time=start_time, end_time=end_time)
        # レンダリング
        replace_dict = get_replace_dict()
        replace_dict['info_msg_get'] = 'Get by iSight Partners Adapter successfully!! (Get %d stix files.)' % (count)
        return render(request, 'isight.html', replace_dict)
    except Exception:
        # エラーページ
        return error_page(request)
Ejemplo n.º 8
0
def modify(request):
    if request.method != 'POST':
        return error_page_free_format(request, 'invalid method')
    # activeユーザー以外はエラー
    if not request.user.is_active:
        return error_page_inactive(request)
    # is_admin権限なしの場合はエラー
    if not request.user.is_admin:
        return error_page_no_view_permission(request)
    try:
        community_root_dir = get_configuration_system_communirty_root_dir(
            request)
        suffix_list_file_path = get_configuration_system_suffix_list_file_path(
            request)
        http_proxy = get_configuration_system_http_proxy(request)
        https_proxy = get_configuration_system_https_proxy(request)
        # Config更新
        System.objects.modify(community_root_dir, suffix_list_file_path,
                              http_proxy, https_proxy)
        # レンダリング
        replace_dict = get_success_replace_dict(request)
        replace_dict['info_msg'] = 'Modify Success!!'
        return render(request, 'system.html', replace_dict)
    except Exception:
        # エラーページ
        return error_page(request)
Ejemplo n.º 9
0
def modify(request):
    if request.method != 'POST':
        return error_page_free_format(request,'invalid method')
    #activeユーザー以外はエラー
    if request.user.is_active == False:
        return error_page_inactive(request)
    try:
        url = get_adapter_misp_modify_url(request)
        apikey = get_adapter_misp_modify_apikey(request)
        stix_id_prefix = get_adapter_misp_modify_stix_id_prefix(request)
        print 'stix_id_prefix'
        identity = get_adapter_misp_modify_identity(request)
        community_id = get_adapter_misp_modify_community_id(request)
        uploader_id = int(get_adapter_misp_modify_uploader_id(request))
        published_only = get_adapter_misp_get_published_only(request)
        #設定更新
        #url は sheme と fqdn 名までなので END_POINT を追加する
        MispAdapter.modify_settings(url,apikey,stix_id_prefix,identity,community_id,uploader_id,published_only)
        #レンダリング
        replace_dict = get_replace_dict()
        replace_dict['info_msg_modify'] = 'Modify Success!!'
        return render(request,'misp.html',replace_dict)
    except Exception:
        #エラーページ
        return error_page(request)
Ejemplo n.º 10
0
def get(request):
    if request.method != 'GET':
        return error_page_free_format(request,'invalid method')
    #activeユーザー以外はエラー
    if request.user.is_active == False:
        return error_page_inactive(request)
    try:
        start_str = get_adapter_misp_get_start_date(request)
        end_str = get_adapter_misp_get_end_date(request)
        try:
            start_date = _get_datetime_from_str(start_str)
        except:
            #parse不能時は指定なしと同義
            start_date = None
        try:
            end_date = _get_datetime_from_str(end_str)
        except:
            #parse不能時は指定なしと同義
            end_date = None
        count = misp.get_misp_stix(from_dt=start_date,to_dt=end_date,identity=MispAdapter.get().identity)
        #レンダリング
        replace_dict = get_replace_dict()
        replace_dict['info_msg_get'] =  'Get by Misp Adapter successfully!! (Get %d stix files.)' % (count)
        return render(request,'misp.html',replace_dict)
    except Exception:
        #エラーページ
        return error_page(request)
Ejemplo n.º 11
0
def start(request, id_):
    if not request.user.is_active:
        return error_page_inactive(request)
    if not request.user.is_admin:
        return error_page_no_view_permission(request)
    protocol_version = get_protocol_version(request)
    start = get_datetime_from_string(get_start_start(request))
    end = get_datetime_from_string(get_start_end(request))
    try:
        replace_dict = get_common_replace_dict(request)
        if protocol_version.startswith('1.'):
            taxii_client = TaxiiClients.objects.get(id=id_)
            replace_dict['taxii'] = taxii_client
            cl = Client(taxii_client=taxii_client)
        elif protocol_version.startswith('2.'):
            taxii2_client = Taxii2Clients.objects.get(id=id_)
            replace_dict['taxii'] = taxii2_client
            cl = Client(taxii2_client=taxii2_client)
        else:
            raise Exception('Invalid taxii protocol version.')

        if cl._can_read:
            cl.set_start_time(start)
            cl.set_end_time(end)
            count = cl.poll()
            replace_dict[
                'info_msg'] = 'Poll end successfully!! (Get %d stix files.)' % (
                    count)
        else:
            replace_dict['error_msg'] = 'This collection is not for polling'
        return render(request, 'poll_detail.html', replace_dict)
    except Exception:
        return error_page(request)
Ejemplo n.º 12
0
def delete_webhook(request):
    # POST以外はエラー
    if request.method != 'GET':
        return error_page_free_format(request, 'invalid method')
    # activeユーザー以外はエラー
    if not request.user.is_active:
        return error_page_inactive(request)
    # is_admin権限なしの場合はエラー
    if not request.user.is_admin:
        return error_page_no_view_permission(request)
    # community_id取得
    community_id = get_configuration_community_delete_webhook_community_id(request)
    # webhook_id取得
    webhook_id = get_configuration_community_delete_webhook_webhook_id(request)
    if ((community_id is None) or (webhook_id is None)):
        return error_page_free_format(request, 'invalid arguments.')
    try:
        # Webhookドキュメント取得
        w = Webhooks.objects.get(id=webhook_id)
        # communityドキュメント取得
        c = Communities.objects.get(id=community_id)
        # webhooksリストからwebhookを削除
        c.webhooks.remove(w)
        c.save()
        replace_dict = get_common_replace_dict(request)
        replace_dict['community'] = c
        # レンダリング
        return render(request, 'community_detail.html', replace_dict)
    except Exception:
        # エラーページ
        return error_page(request)
Ejemplo n.º 13
0
def create(request, taxii_id):
    if request.method != 'POST':
        return error_page_free_format(request, 'invalid method')
    #activeユーザー以外はエラー
    if request.user.is_active == False:
        return error_page_inactive(request)
    #is_admin権限なしの場合はエラー
    if request.user.is_admin == False:
        return error_page_no_view_permission(request)
    try:
        time = get_configuartion_taxii_client_detail_create_time(request)
        #mongoからtaxii_client情報を取得
        taxii_client = TaxiiClients.objects.get(id=taxii_id)
        #Cron設定
        times = time.split(':')
        schedule_job = taxii_client.add_job(type_=ScheduleJobs.JOB_CRON,
                                            hour=times[0],
                                            minute=times[1],
                                            second=times[2])
        #job追加
        client = Client(taxii_id=taxii_id)
        client.add_job(schedule_job)

        replace_dict = get_common_replace_dict(request)
        replace_dict['client'] = taxii_client
        #レンダリング
        return render(request, 'configuration_taxii_client_detail.html',
                      replace_dict)
    except Exception:
        #エラーページ
        return error_page(request)
Ejemplo n.º 14
0
def modify(request, taxii_id):
    # activeユーザー以外はエラー
    if not request.user.is_active:
        return error_page_inactive(request)
    # is_admin権限なしの場合はエラー
    if not request.user.is_admin:
        return error_page_no_view_permission(request)
    try:
        collection_name = get_configuartion_taxii_server_detail_collection_name(
            request)
        arg_information_sources = get_configuartion_taxii_server_detail_information_sources(
            request)
        taxii_server = TaxiiServers.objects.get(id=taxii_id)
        taxii_server.collection_name = collection_name
        information_sources = []
        for arg_information_source in arg_information_sources:
            d = InformationSources.objects.get(id=arg_information_source)
            information_sources.append(d)
        taxii_server.information_sources = information_sources
        taxii_server.save()
        # TXS restart
        restart_taxii_server()
        replace_dict = get_taxii_server_detail_common_replace_dict(
            request, taxii_id)
        replace_dict['info_msg'] = 'Modify & Restart Success!!'
        # レンダリング
        return render(request, 'configuration_taxii_server_detail.html',
                      replace_dict)
    except Exception:
        # エラーページ
        return error_page(request)
Ejemplo n.º 15
0
def remove(request, taxii_id, job_id):
    if request.method != 'GET':
        return error_page_free_format(request, 'invalid method')
    #activeユーザー以外はエラー
    if request.user.is_active == False:
        return error_page_inactive(request)
    #is_admin権限なしの場合はエラー
    if request.user.is_admin == False:
        return error_page_no_view_permission(request)
    try:
        #mongoのtaxii_client情報から該当job_idを削除
        taxii_client = TaxiiClients.objects.get(id=taxii_id)
        taxii_client.remove_job(job_id)
        #job停止
        client = Client(taxii_id=taxii_id)
        client.remove_job(job_id)
        replace_dict = get_common_replace_dict(request)
        #mongoからtaxii_client情報を取得
        replace_dict['client'] = TaxiiClients.objects.get(id=taxii_id)
        #レンダリング
        return render(request, 'configuration_taxii_client_detail.html',
                      replace_dict)
    except Exception:
        #エラーページ
        return error_page(request)
Ejemplo n.º 16
0
def create(request):
    if request.method != 'POST':
        return error_page_free_format(request, 'invalid method')
    # activeユーザー以外はエラー
    if not request.user.is_active:
        return error_page_inactive(request)
    # is_admin権限なしの場合はエラー
    if not request.user.is_admin:
        return error_page_no_view_permission(request)
    try:
        time = get_adapter_otx_detail_create_time(request)
        if time is None:
            return error_page_free_format(request, 'Invalid Time format.')
        times = time.split(':')
        # 数値変換チェック
        try:
            int(times[0])
            int(times[1])
            int(times[2])
        except ValueError:
            return error_page_free_format(request, 'Invalid Time format.')
        # Cron設定
        # job追加
        job = OtxAdapter.add_job(type_=ScheduleJobs.JOB_CRON,
                                 hour=times[0],
                                 minute=times[1],
                                 second=times[2])
        otx.add_job(job)
    except Exception:
        # エラーページ
        return error_page(request)
    return otx_common_render(request)
Ejemplo n.º 17
0
def get(request):
    if request.method != 'GET':
        return error_page_free_format(request, 'invalid method')
    #activeユーザー以外はエラー
    if request.user.is_active == False:
        return error_page_inactive(request)
    try:
        start_str = get_adapter_otx_get_start(request)
        try:
            start = datetime.datetime.strptime(
                start_str,
                '%Y/%m/%d %H:%M:%S').replace(tzinfo=pytz.utc).isoformat()
        except:
            #parse不能時は指定なしと同義
            start = None
        count = otx.get_otx_stix(start)
        #レンダリング
        replace_dict = get_replace_dict()
        replace_dict[
            'info_msg_get'] = 'Get by OTX Adapter successfully!! (Get %d stix files.)' % (
                count)
        return render(request, 'otx.html', replace_dict)
    except Exception:
        #エラーページ
        return error_page(request)
Ejemplo n.º 18
0
def top(request):
    if not request.user.is_active:
        return error_page_inactive(request)
    if not request.user.is_admin:
        return error_page_no_view_permission(request)
    try:
        replace_dict = _get_taxii2_client_common_replace_dict(request)
        return render(request, 'taxii2_client.html', replace_dict)
    except Exception:
        return error_page(request)
Ejemplo n.º 19
0
def top(request, taxii_id):
    if not request.user.is_active:
        return error_page_inactive(request)
    if not request.user.is_admin:
        return error_page_no_view_permission(request)
    try:
        replace_dict = get_taxii_server_detail_common_replace_dict(request, taxii_id)
        return render(request, 'configuration_taxii_server_detail.html', replace_dict)
    except Exception:
        return error_page(request)
Ejemplo n.º 20
0
def top(request, taxii_id):
    if not request.user.is_active:
        return error_page_inactive(request)
    if not request.user.is_admin:
        return error_page_no_view_permission(request)
    try:
        replace_dict = get_common_replace_dict(request)
        replace_dict['client'] = TaxiiClients.objects.get(id=taxii_id)
        return render(request, 'configuration_taxii_client_detail.html', replace_dict)
    except Exception:
        return error_page(request)
Ejemplo n.º 21
0
def top(request):
    # activeユーザー以外はエラー
    if not request.user.is_active:
        return error_page_inactive(request)
    try:
        replace_dict = get_common_replace_dict(request)
        replace_dict['communities'] = Communities.objects.all()
        # レンダリング
        return render(request, 'upload.html', replace_dict)
    except Exception:
        # エラーページ
        return error_page(request)
Ejemplo n.º 22
0
def top(request):
    if not request.user.is_active:
        return error_page_inactive(request)
    if not request.user.is_admin:
        return error_page_no_view_permission(request)
    try:
        replace_dict = get_common_replace_dict(request)
        replace_dict['taxii_clients'] = TaxiiClients.objects.all()
        replace_dict['taxii2_clients'] = Taxii2Clients.objects.all()
        return render(request, 'poll.html', replace_dict)
    except Exception:
        return error_page(request)
Ejemplo n.º 23
0
def detail(request, id_):
    # activeユーザー以外はエラー
    if not request.user.is_active:
        return error_page_inactive(request)
    try:
        replace_dict = get_common_replace_dict(request)
        replace_dict['taxii'] = TaxiiClients.objects.get(id=id_)
        # レンダリング
        return render(request, 'poll_detail.html', replace_dict)
    except Exception:
        # エラーページ
        return error_page(request)
Ejemplo n.º 24
0
def top(request):
    # activeユーザー以外はエラー
    if not request.user.is_active:
        return error_page_inactive(request)
    try:
        replace_dict = get_common_replace_dict(request)
        replace_dict['taxii_clients'] = TaxiiClients.objects.all()
        # レンダリング
        return render(request, 'poll.html', replace_dict)
    except Exception:
        # エラーページ
        return error_page(request)
Ejemplo n.º 25
0
def top(request, msg=None):
    # activeユーザー以外はエラー
    if not request.user.is_active:
        return error_page_inactive(request)
    try:
        replace_dict = get_common_replace_dict(request)
        if msg is not None:
            replace_dict['error_change_password_msg'] = msg
        # レンダリング
        return render(request, 'profile.html', replace_dict)
    except Exception:
        # エラーページ
        return error_page(request)
Ejemplo n.º 26
0
def top(request):
    #activeユーザー以外はエラー
    if request.user.is_active == False:
        return error_page_inactive(request)
    #is_admin権限なしの場合はエラー
    if request.user.is_admin == False:
        return error_page_no_view_permission(request)
    try:
        #レンダリング
        return render(request, 'mongo.html', get_success_replace_dict(request))
    except Exception:
        #エラーページ
        return error_page(request)
Ejemplo n.º 27
0
def top(request):
    #activeユーザー以外はエラー
    if request.user.is_active == False:
        return error_page_inactive(request)
    #is_admin権限なしの場合はエラー
    if request.user.is_admin == False:
        return error_page_no_view_permission(request)
    try:
        replace_dict = get_taxii_client_common_replace_dict(request)
        #レンダリング
        return render(request,'taxii_client.html',replace_dict)
    except Exception:
        #エラーページ
        return error_page(request)
Ejemplo n.º 28
0
def top(request):
    # activeユーザー以外はエラー
    if not request.user.is_active:
        return error_page_inactive(request)
    # is_admin権限なしの場合はエラー
    if not request.user.is_admin:
        return error_page_no_view_permission(request)
    try:
        # レンダリング
        replace_dict = get_replace_dict()
        return render(request, 'otx.html', replace_dict)
    except Exception:
        # エラーページ
        return error_page(request)
Ejemplo n.º 29
0
def otx_common_render(request, info_msg=None, error_msg=None):
    try:
        replace_dict = get_common_replace_dict(request)
        # mongoからotx情報を取得
        oa = OtxAdapter.get()
        replace_dict['otx'] = oa
        if info_msg is not None:
            replace_dict['interval_info_msg'] = info_msg
        if error_msg is not None:
            replace_dict['interval_error_msg'] = error_msg
        # レンダリング
        return render(request, 'otx_detail.html', replace_dict)
    except Exception:
        # エラーページ
        return error_page(request)
Ejemplo n.º 30
0
def remove(request, job_id):
    if request.method != 'GET':
        return error_page_free_format(request, 'invalid method')
    # activeユーザー以外はエラー
    if not request.user.is_active:
        return error_page_inactive(request)
    # is_admin権限なしの場合はエラー
    if not request.user.is_admin:
        return error_page_no_view_permission(request)
    try:
        otx.remove_job(job_id)
    except Exception:
        # エラーページ
        return error_page(request)
    return otx_common_render(request)