def setUp(self): prep_db() self.user = CRITsUser.objects(username=TUSER_NAME).first() self.user2 = CRITsUser.objects(username=TUSER2_NAME).first() self.campaign1 = Campaign.objects(name=TCAMPAIGN1).first() self.campaign2 = Campaign.objects(name=TCAMPAIGN2).first() forge_relationship(class_=self.campaign1, right_class=self.campaign2, rel_type=TRELATIONSHIP_TYPE, user=self.user.username, rel_confidence=TRELATIONSHIP_CONFIDENCE)
def setUp(self): prep_db() self.user = CRITsUser.objects(username=TUSER_NAME).first() self.user2 = CRITsUser.objects(username=TUSER2_NAME).first() self.campaign1 = Campaign.objects(name=TCAMPAIGN1).first() self.campaign2 = Campaign.objects(name=TCAMPAIGN2).first() forge_relationship(left_class=self.campaign1, right_class=self.campaign2, rel_type=TRELATIONSHIP_TYPE, analyst=self.user.username, rel_confidence=TRELATIONSHIP_CONFIDENCE)
def handle(self, *args, **options): """ Script execution. """ username = options.get('username') firstname = options.get('firstname') lastname = options.get('lastname') email = options.get('email') sendemail = options.get('sendemail') admin = options.get('admin') organization = options.get('organization') password = self.temp_password() if not username: raise CommandError("Must provide a username.") if not email: raise CommandError("Must provide an email address.") user = CRITsUser.objects(username=username).first() if user: raise CommandError("User '%s' exists in CRITs!" % username) else: user = CRITsUser.create_user(username, password, email) user.first_name = firstname user.last_name = lastname user.is_staff = True user.save() user.organization = organization if admin: user.role = "Administrator" user.save() if sendemail: crits_config = CRITsConfig.objects().first() if crits_config.crits_email_end_tag: subject = "New CRITs User Account" + crits_config.crits_email_subject_tag else: subject = crits_config.crits_email_subject_tag + "New CRITs User Account" body = """You are receiving this email because someone has created a CRITs account for you. If you feel like you have received this in error, please ignore this email. Your account information is below:\n\n """ body += "Username:\t%s\n" % username body += "Password:\t%s\n\n\n" % password body += """You should log in immediately and reset your password.\n Thank you! """ user.email_user(subject, body) self.stdout.write("User '%s' created successfully!" % username) self.stdout.write("\nTemp password: \t%s" % password) self.stdout.write("\n")
def create_general_notification(username, target_users, header, link_url, message, notification_type=NotificationType.ALERT): """ Generate a general notification -- not based on mongo obj. :param obj: The object. :type obj: class which inherits from :class:`crits.core.crits_mongoengine.CritsBaseAttributes` :param username: The user creating the notification. :type username: str :param target_users: The list of users who will get the notification. :type target_users: list(str) :param header: The notification header message. :type header: list(str) :param link_url: A link URL for the header, specify None if there is no link. :type link_url: str :param message: The notification message. :type message: str :param notification_type: The notification type (e.g. alert, error). :type notification_type: str """ if notification_type not in NotificationType.ALL: notification_type = NotificationType.ALERT n = Notification() n.analyst = username n.notification_type = notification_type n.notification = message n.header = header n.link_url = link_url for target_user in target_users: # Check to make sure the user actually exists user = CRITsUser.objects(username=target_user).first() if user is not None: n.users.append(target_user) # don't notify the user creating this notification n.users = [u for u in n.users if u != username] if not len(n.users): return try: n.save() except ValidationError: pass # Signal potentially waiting threads that notification information is available for user in n.users: notification_lock = NotificationLockManager.get_notification_lock(user) notification_lock.acquire() try: notification_lock.notifyAll() finally: notification_lock.release()
def unsubscribe_from_source(username, source): """ Unsubscribe a user from a source. :param username: The user to query for. :type username: str :param source: The name of the source. :type source: str :returns: dict with keys "success" (boolean) and "message" (str) if failed. """ from crits.core.user import CRITsUser username = str(username) user = CRITsUser.objects(username=username).first() c = 0 for s in user.subscriptions['Source']: if s.name == source: del user.subscriptions['Source'][c] c += 1 try: user.save() return {'success': True} except ValidationError, e: return {'success': False, 'message': e}
def is_user_subscribed_to_source(username, source): """ Determine if the user is subscribed to this source. :param username: The user to query for. :type username: str :param source: The source name. :type source: str :returns: boolean """ if username is None: return False if not hasattr(username, 'username'): from crits.core.user import CRITsUser username = str(username) query = {'username': username, 'subscriptions.Source.name': source} results = CRITsUser.objects(__raw__=query).first() if results is not None: return True else: return False else: for s in username.subscriptions['Source']: if s['name'] == source: return True return False
def is_user_subscribed(username, stype, oid): """ Determine if the user is subscribed to this top-level object. :param username: The user to query for. :type username: str :param stype: The top-level object type. :type stype: str :param oid: The ObjectId of the top-level object. :type oid: str :returns: boolean """ if username is None: return False if not hasattr(username, 'username'): from crits.core.user import CRITsUser username = str(username) query = {'username': username, 'subscriptions.%s.id' % stype: ObjectId(oid)} results = CRITsUser.objects(__raw__=query).first() if results is not None: return True else: return False else: for s in username.subscriptions[stype]: if str(s) == oid: return True return False
def update_user_preference(username, section, values): """ Update a user preference. :param username: The user to query for. :type username: str :param section: The section in their preferences. :type section: str :param values: The values to set. :type values: str, list, dict :returns: dict with keys "success" (boolean) and "message" (str) if failed. """ from crits.core.user import CRITsUser username = str(username) user = CRITsUser.objects(username=username).first() if user: if not section in user.prefs: setattr(user.prefs, section, {}) # Something to think about.. do we want to do a replacement or a merge? setattr(user.prefs, section, values) try: user.save() return {'success': True} except ValidationError, e: return {'success': False, 'message': e}
def handle(self, *args, **options): """ Script Execution. """ # only look for active users who want email notifications users = CRITsUser.objects(is_active=True, prefs__notify__email=True) # only get the unprocessed notifications notifications = Notification.objects(status='new') for user in users: # only include notifications where the user is in the users list and # it wasn't created by them. includes = [ x for x in notifications if user.username in x.users and user.username != x.analyst and x.obj_id != None ] # only send an email if there's something to send if len(includes): email = EmailNotification(username=user.username, email=user.email) for include in includes: email.add_to_body(email.create_notification(include)) email.send_email() # clean up after ourselves usernames = [u.username for u in users] self.process_notifications(notifications, usernames)
def update_user_preference(username, section, values): """ Update a user preference. :param username: The user to query for. :type username: str :param section: The section in their preferences. :type section: str :param values: The values to set. :type values: str, list, dict :returns: dict with keys "success" (boolean) and "message" (str) if failed. """ from crits.core.user import CRITsUser username = str(username) user = CRITsUser.objects(username=username).first() if user: if not section in user.prefs: setattr(user.prefs, section, {}) # Something to think about.. do we want to do a replacement or a merge? setattr(user.prefs, section, values) try: user.save() return {'success': True } except ValidationError, e: return {'success': False, 'message': e}
def change_user_password(username, current_p, new_p, new_p_c): """ Change the password for a user. :param username: The user to query for. :type username: str :param current_p: The user's current password. :type current_p: str :param new_p: The new password. :type new_p: str :param new_p_c: New password confirmation. :type new_p_c: str :returns: dict with keys "success" (boolean) and "message" (str) if failed. """ if new_p != new_p_c: return {'success': False, 'message': 'New password confirmation does not match.'} from crits.core.user import CRITsUser username = str(username) user = CRITsUser.objects(username=username).first() if not user: return {'success': False, 'message': 'Unknown user.'} if not user.check_password(current_p): return {'success': False, 'message': 'Current password invalid.'} if user.set_password(new_p, username): return {'success': True, 'message': 'Password Change Successful.'} else: from crits.config.config import CRITsConfig crits_config = CRITsConfig.objects().first() if crits_config: regex_desc = crits_config.password_complexity_desc else: regex_desc = settings.PASSWORD_COMPLEXITY_DESC return {'success': False, 'message': 'Password not complex enough: %s' % regex_desc}
def is_user_subscribed(username, stype, oid): """ Determine if the user is subscribed to this top-level object. :param username: The user to query for. :type username: str :param stype: The top-level object type. :type stype: str :param oid: The ObjectId of the top-level object. :type oid: str :returns: boolean """ if username is None: return False if not hasattr(username, 'username'): from crits.core.user import CRITsUser username = str(username) query = { 'username': username, 'subscriptions.%s.id' % stype: ObjectId(oid) } results = CRITsUser.objects(__raw__=query).first() if results is not None: return True else: return False else: for s in username.subscriptions[stype]: if str(s) == oid: return True return False
def handle(self, *args, **options): """ Script Execution. """ # only look for active users who want email notifications users = CRITsUser.objects(is_active=True, prefs__notify__email=True) # only get the unprocessed notifications notifications = Notification.objects(status='new') for user in users: # only include notifications where the user is in the users list and # it wasn't created by them. includes = [x for x in notifications if user.username in x.users and user.username != x.analyst and x.obj_id != None] # only send an email if there's something to send if len(includes): email = EmailNotification(username=user.username, email=user.email) for include in includes: email.add_to_body(email.create_notification(include)) email.send_email() # clean up after ourselves usernames = [u.username for u in users] self.process_notifications(notifications, usernames)
def clean_db(): """ Clean database for test. """ user = CRITsUser.objects(username=TUSER_NAME).first() if user: user.delete() user2 = CRITsUser.objects(username=TUSER2_NAME).first() if user2: user2.delete() campaign1 = Campaign.objects(name=TCAMPAIGN1).first() if campaign1: campaign1.delete() campaign2 = Campaign.objects(name=TCAMPAIGN2).first() if campaign2: campaign2.delete()
def get_subscribed_users(stype, oid, sources): """ Get users subscribed to this top-level object. :param stype: The top-level object type. :type stype: str :param oid: The ObjectId of the top-level object. :type oid: str :returns: list :param sources: A list of sources of the top-level object. :type sources: list :returns: list """ from crits.core.user import CRITsUser user_list = [] query = { '$or': [{ 'subscriptions.%s.id' % stype: ObjectId(oid) }, { 'subscriptions.Source.name': { '$in': sources } }] } users = CRITsUser.objects(__raw__=query) for user in users: user_list.append(user.username) return user_list
def unsubscribe_user(username, stype, oid): """ Unsubscribe a user from this top-level object. :param username: The user to query for. :type username: str :param stype: The top-level object type. :type stype: str :param oid: The ObjectId of the top-level object. :type oid: str :returns: dict with keys "success" (boolean) and "message" (str) if failed. """ from crits.core.user import CRITsUser username = str(username) user = CRITsUser.objects(username=username).first() for s in user.subscriptions[stype]: if str(s._id) == oid: user.subscriptions[stype].remove(s) break try: user.save() return {'success': True} except ValidationError, e: return {'success': False, 'message': e}
def subscribe_user(username, stype, oid): """ Subscribe a user to this top-level object. :param username: The user to query for. :type username: str :param stype: The top-level object type. :type stype: str :param oid: The ObjectId of the top-level object. :type oid: str :returns: dict with keys "success" (boolean) and "message" (str) if failed. """ from crits.core.user import CRITsUser from crits.core.user import EmbeddedSubscription username = str(username) es = EmbeddedSubscription() es._id = oid user = CRITsUser.objects(username=username).first() if stype in user.subscriptions: user.subscriptions[stype].append(es) else: user.subscriptions[stype] = [es] try: user.save() return {'success': True} except ValidationError, e: return {'success': False, 'message': e}
def get_subscribed_users(stype, oid, sources): """ Get users subscribed to this top-level object. :param stype: The top-level object type. :type stype: str :param oid: The ObjectId of the top-level object. :type oid: str :returns: list :param sources: A list of sources of the top-level object. :type sources: list :returns: list """ from crits.core.user import CRITsUser user_list = [] query = { '$or': [ {'subscriptions.%s.id' % stype: ObjectId(oid)}, {'subscriptions.Source.name': { '$in': sources }} ] } users = CRITsUser.objects(__raw__=query) for user in users: user_list.append(user.username) return user_list
def setUp(self): prep_db() self.factory = RequestFactory() self.user = CRITsUser.objects(username=TUSER_NAME).first() self.user.sources.append(TSRC) self.user.save() # Add a test email handlers.handle_eml(EML_DATA, TSRC, None, self.user, "Test")
def setUp(self): prep_db() self.factory = RequestFactory() self.user = CRITsUser.objects(username=TUSER_NAME).first() self.user.sources.append(TSRC) self.user.save() # Add a test email handlers.handle_eml(EML_DATA, TSRC, None, self.user.username, "Test")
def start_pyew_shell(request, id_, token): # Make sure we can find pyew svc = CRITsService.objects(name='Pyew').first() if not svc: text = "\nPyew not found" request.ws_stream.send_message(base64.b64encode(text), binary=False) sys.exit(1) sc = svc.config pyew = str(sc['pyew']) if not os.path.exists(pyew): text = "\nPyew not found" request.ws_stream.send_message(base64.b64encode(text), binary=False) sys.exit(1) # Find CRITs user by token query = {'unsupported_attrs.pyew_token': token} user = CRITsUser.objects(__raw__=query).first() if not user: text = "\nCould not validate user" request.ws_stream.send_message(base64.b64encode(text), binary=False) sys.exit(1) # Remove this one-time use token ua = user.unsupported_attrs delattr(ua, 'pyew_token') user.unsupported_attrs = ua try: user.save() except: pass # Make sure we have a sample to work with that this user has access to sample = Sample.objects(id=id_, source__name__in=user.get_sources_list()).first() if not sample: text = "\nNo Sample found" request.ws_stream.send_message(base64.b64encode(text), binary=False) sys.exit(1) sample_data = sample.filedata.read() if not sample_data: text = "\nCould not get Sample from GridFS: %s" % id_ request.ws_stream.send_message(base64.b64encode(text), binary=False) sys.exit(1) # write Sample to disk # temp_sample is the sample to read try: temp_sample = tempfile.NamedTemporaryFile(delete=False) sample_name = temp_sample.name temp_sample.write(sample_data) temp_sample.close() except Exception, e: text = "\nError writing file to disk: %s" % e request.ws_stream.send_message(base64.b64encode(text), binary=False) sys.exit(1)
def create_general_notification( username, target_users, header, link_url, message, notification_type=NotificationType.ALERT ): """ Generate a general notification -- not based on mongo obj. :param obj: The object. :type obj: class which inherits from :class:`crits.core.crits_mongoengine.CritsBaseAttributes` :param username: The user creating the notification. :type username: str :param target_users: The list of users who will get the notification. :type target_users: list(str) :param header: The notification header message. :type header: list(str) :param link_url: A link URL for the header, specify None if there is no link. :type link_url: str :param message: The notification message. :type message: str :param notification_type: The notification type (e.g. alert, error). :type notification_type: str """ if notification_type not in NotificationType.ALL: notification_type = NotificationType.ALERT n = Notification() n.analyst = username n.notification_type = notification_type n.notification = message n.header = header n.link_url = link_url for target_user in target_users: # Check to make sure the user actually exists user = CRITsUser.objects(username=target_user).first() if user is not None: n.users.append(target_user) # don't notify the user creating this notification n.users = [u for u in n.users if u != username] if not len(n.users): return try: n.save() except ValidationError: pass # Signal potentially waiting threads that notification information is available for user in n.users: notification_lock = NotificationLockManager.get_notification_lock(user) notification_lock.acquire() try: notification_lock.notifyAll() finally: notification_lock.release()
def toggle_user_preference(username, section, setting, is_enabled=False): """ Enables/Disables the target user preference :param username: The username that the preference toggle is for. :type username: str :param section: The section name where the preference is stored. :type section: str :param setting: The name of the setting within the section of the preference. :type setting: str :param is_enabled: An optional default value if the preference does not exist. :type is_enabled: str :returns: "success" (boolean), "message" (str) if failed, "state" (boolean) if successful """ from crits.core.user import CRITsUser username = str(username) user = CRITsUser.objects(username=username).first() if user: # Split the preference option into subtrees on '.' otree = setting.split(".") param = otree.pop() if not section in user.prefs: setattr(user.prefs, section, {}) opt = user.prefs[section] if len(otree): for subsect in otree: if not subsect in opt: opt[subsect] = {} opt = opt[subsect] else: opt = opt[subsect] if (not param in opt): # if the preference doesn't exist, then try the fallback default value if is_enabled == True: opt[param] = False else: opt[param] = True else: # the preference exists, so use it if (not opt[param]): opt[param] = True else: opt[param] = False try: user.save() return {'success': True, 'state': opt[param] } except ValidationError, e: return {'success': False, 'message': e}
def start_pyew_shell(request, id_, token): # Make sure we can find pyew sc = manager.get_config('Pyew') pyew = str(sc['pyew']) if not os.path.exists(pyew): text = "\nPyew not found" request.ws_stream.send_message(base64.b64encode(text), binary=False) sys.exit(1) # Find CRITs user by token query = {'unsupported_attrs.pyew_token': token} user = CRITsUser.objects(__raw__=query).first() if not user: text = "\nCould not validate user" request.ws_stream.send_message(base64.b64encode(text), binary=False) sys.exit(1) # Remove this one-time use token ua = user.unsupported_attrs delattr(ua, 'pyew_token') user.unsupported_attrs = ua try: user.save() except: pass # Make sure we have a sample to work with that this user has access to sample = Sample.objects(id=id_, source__name__in=user.sources).first() if not sample: text = "\nNo Sample found" request.ws_stream.send_message(base64.b64encode(text), binary=False) sys.exit(1) sample_data = sample.filedata.read() if not sample_data: text = "\nCould not get Sample from GridFS: %s" % id_ request.ws_stream.send_message(base64.b64encode(text), binary=False) sys.exit(1) # write Sample to disk # temp_sample is the sample to read try: temp_sample = tempfile.NamedTemporaryFile(delete=False) sample_name = temp_sample.name temp_sample.write(sample_data) temp_sample.close() except Exception, e: text = "\nError writing file to disk: %s" % e request.ws_stream.send_message(base64.b64encode(text), binary=False) sys.exit(1)
def AddUser(self): self.user = CRITsUser.create_user(username=TUSER_NAME, password=TUSER_PASS, email=TUSER_EMAIL, ) self.assertEqual(self.user.username, TUSER_NAME) self.assertTrue(TUSER_PASS_HASH_RE.match(self.user.password)) self.user.first_name = TUSER_FNAME self.user.last_name = TUSER_LNAME self.user.save()
def clean_db(): """ Clean database for test. """ src = SourceAccess.objects(name=TSRC).first() if src: src.delete() user = CRITsUser.objects(username=TUSER_NAME).first() if user: user.delete()
def get_user_role(username): """ Get the user role. :param username: The user to lookup. :type username: str :returns: str """ from crits.core.user import CRITsUser username = str(username) user = CRITsUser.objects(username=username).first() return user.role
def get_user_email_notification(username): """ Get user email notification preference. :param username: The user to query for. :type username: str :returns: str """ from crits.core.user import CRITsUser username = str(username) user = CRITsUser.objects(username=username).first() return user.get_preference('notify', 'email', False)
def prep_db(): """ Prep database for test. """ clean_db() # Add User user = CRITsUser.create_user( username=TUSER_NAME, password=TUSER_PASS, email=TUSER_EMAIL, ) user.save() user2 = CRITsUser.create_user( username=TUSER2_NAME, password=TUSER2_PASS, email=TUSER2_EMAIL, ) user2.save() campaign1 = Campaign(name=TCAMPAIGN1) campaign1.save(username=user.username) campaign2 = Campaign(name=TCAMPAIGN2) campaign2.save(username=user.username)
def get_user_subscriptions(username): """ Get user subscriptions. :param username: The user to query for. :type username: str :returns: list """ from crits.core.user import CRITsUser username = str(username) user = CRITsUser.objects(username=username).first() return user.subscriptions
def _get_api_keys(config, analyst): if config.get('distribution_url', ''): user = CRITsUser.objects(username=analyst).only('api_keys').first() if not user: return [] # XXX: Raise exception? api_keys = [(k.api_key, k.name) for k in user.api_keys] if not api_keys: # XXX: and distributed return [] # XXX: Raise exception? else: api_keys = [] return api_keys
def prep_db(): """ Prep database for test. """ clean_db() # Add User user = CRITsUser.create_user(username=TUSER_NAME, password=TUSER_PASS, email=TUSER_EMAIL) user.save() # Add Source add_new_source(TSRC, TUSER_NAME) # Add Data Type add_new_signature_type(TDT, TUSER_NAME)
def setUp(self): prep_db() self.factory = RequestFactory() self.user = CRITsUser.objects(username=TUSER_NAME).first() self.user.sources.append(TSRC) self.user.save() # Add a test signature title = SIGNATURE_TITLE description = SIGNATURE_DESCRIPTION data = SIGNATURE_DATA data_type = TDT source_name = TSRC user = TUSER_NAME (status) = handlers.handle_signature_file(data, source_name, user, description, title, data_type)
def pyew_tokenize(request): user = CRITsUser.objects(username=request.user.username).first() if not user: data = {"token": None} allowed_chars = "abcdefghijklmnopqrstuvwxyz" "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789" token = get_random_string(128, allowed_chars=allowed_chars) user.pyew_token = token try: user.save() data = {"token": token} except: data = {"token": None} return HttpResponse(json.dumps(data), content_type="application/json")
def clean_db(): """ Clean up the DB after testing. """ src = SourceAccess.objects(name=TSRC).first() if src: src.delete() user = CRITsUser.objects(username=TUSER_NAME).first() if user: user.delete() TestObject.drop_collection() TestSourceObject.drop_collection() CRITsConfig.drop_collection()
def setUp(self): prep_db() self.factory = RequestFactory() self.user = CRITsUser.objects(username=TUSER_NAME).first() self.user.save() # Add a test domain data = { 'domain_reference': DOM_REF, 'domain_source': DOM_SRC, 'domain_method': DOM_METH, 'domain': DOMAIN, } errors = [] (result, errors, retVal) = handlers.add_new_domain(data, self, errors)
def pyew_tokenize(request): user = CRITsUser.objects(username=request.user.username).first() if not user: data = {'token': None} allowed_chars = ('abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789') token = get_random_string(128, allowed_chars=allowed_chars) user.pyew_token = token try: user.save() data = {'token': token} except: data = {'token': None} return HttpResponse(json.dumps(data), content_type="application/json")
def get_user_info(username=None): """ Get information for a specific user. :param username: The user to get info for. :type username: str :returns: :class:`crits.core.user.CRITsUser` """ from crits.core.user import CRITsUser if username is not None: username = str(username) return CRITsUser.objects(username=username).first() else: return username
def get_user_list(): """ Get a list of users. Sort the list alphabetically and do not include subscriptions. :returns: list """ from crits.core.user import CRITsUser users = CRITsUser.objects().order_by('+username').exclude('subscriptions') user_list = [] user_list.append({'username': "", 'sources': [], 'role': ""}) for user in users: user_list.append(user) return user_list
def prep_db(): """ Prep database for test. """ clean_db() # Add Source add_new_source(TSRC, "RandomUser") # Add User user = CRITsUser.create_user( username=TUSER_NAME, password=TUSER_PASS, email=TUSER_EMAIL, ) user.save()
def get_user_organization(username): """ Get the organization for a user. :param username: The user to lookup. :type username: str :returns: str """ from crits.core.user import CRITsUser username = str(username) user = CRITsUser.objects(username=username).first() if user: return user.organization else: return settings.COMPANY_NAME