def setUp(self):
prep_db()
self.user = CRITsUser.objects(username=TUSER_NAME).first()
self.user2 = CRITsUser.objects(username=TUSER2_NAME).first()
self.campaign1 = Campaign.objects(name=TCAMPAIGN1).first()
self.campaign2 = Campaign.objects(name=TCAMPAIGN2).first()
forge_relationship(class_=self.campaign1,
right_class=self.campaign2,
rel_type=TRELATIONSHIP_TYPE,
user=self.user.username,
rel_confidence=TRELATIONSHIP_CONFIDENCE)
def setUp(self):
prep_db()
self.user = CRITsUser.objects(username=TUSER_NAME).first()
self.user2 = CRITsUser.objects(username=TUSER2_NAME).first()
self.campaign1 = Campaign.objects(name=TCAMPAIGN1).first()
self.campaign2 = Campaign.objects(name=TCAMPAIGN2).first()
forge_relationship(left_class=self.campaign1,
right_class=self.campaign2,
rel_type=TRELATIONSHIP_TYPE,
analyst=self.user.username,
rel_confidence=TRELATIONSHIP_CONFIDENCE)
def handle(self, *args, **options):
"""
Script execution.
"""
username = options.get('username')
firstname = options.get('firstname')
lastname = options.get('lastname')
email = options.get('email')
sendemail = options.get('sendemail')
admin = options.get('admin')
organization = options.get('organization')
password = self.temp_password()
if not username:
raise CommandError("Must provide a username.")
if not email:
raise CommandError("Must provide an email address.")
user = CRITsUser.objects(username=username).first()
if user:
raise CommandError("User '%s' exists in CRITs!" % username)
else:
user = CRITsUser.create_user(username, password, email)
user.first_name = firstname
user.last_name = lastname
user.is_staff = True
user.save()
user.organization = organization
if admin:
user.role = "Administrator"
user.save()
if sendemail:
crits_config = CRITsConfig.objects().first()
if crits_config.crits_email_end_tag:
subject = "New CRITs User Account" + crits_config.crits_email_subject_tag
else:
subject = crits_config.crits_email_subject_tag + "New CRITs User Account"
body = """You are receiving this email because someone has created a
CRITs account for you. If you feel like you have received this in
error, please ignore this email. Your account information is below:\n\n
"""
body += "Username:\t%s\n" % username
body += "Password:\t%s\n\n\n" % password
body += """You should log in immediately and reset your password.\n
Thank you!
"""
user.email_user(subject, body)
self.stdout.write("User '%s' created successfully!" % username)
self.stdout.write("\nTemp password: \t%s" % password)
self.stdout.write("\n")
def handle(self, *args, **options):
"""
Script execution.
"""
username = options.get('username')
firstname = options.get('firstname')
lastname = options.get('lastname')
email = options.get('email')
sendemail = options.get('sendemail')
admin = options.get('admin')
organization = options.get('organization')
password = self.temp_password()
if not username:
raise CommandError("Must provide a username.")
if not email:
raise CommandError("Must provide an email address.")
user = CRITsUser.objects(username=username).first()
if user:
raise CommandError("User '%s' exists in CRITs!" % username)
else:
user = CRITsUser.create_user(username, password, email)
user.first_name = firstname
user.last_name = lastname
user.is_staff = True
user.save()
user.organization = organization
if admin:
user.role = "Administrator"
user.save()
if sendemail:
crits_config = CRITsConfig.objects().first()
if crits_config.crits_email_end_tag:
subject = "New CRITs User Account" + crits_config.crits_email_subject_tag
else:
subject = crits_config.crits_email_subject_tag + "New CRITs User Account"
body = """You are receiving this email because someone has created a
CRITs account for you. If you feel like you have received this in
error, please ignore this email. Your account information is below:\n\n
"""
body += "Username:\t%s\n" % username
body += "Password:\t%s\n\n\n" % password
body += """You should log in immediately and reset your password.\n
Thank you!
"""
user.email_user(subject, body)
self.stdout.write("User '%s' created successfully!" % username)
self.stdout.write("\nTemp password: \t%s" % password)
self.stdout.write("\n")
def create_general_notification(username,
target_users,
header,
link_url,
message,
notification_type=NotificationType.ALERT):
"""
Generate a general notification -- not based on mongo obj.
:param obj: The object.
:type obj: class which inherits from
:class:`crits.core.crits_mongoengine.CritsBaseAttributes`
:param username: The user creating the notification.
:type username: str
:param target_users: The list of users who will get the notification.
:type target_users: list(str)
:param header: The notification header message.
:type header: list(str)
:param link_url: A link URL for the header, specify None if there is no link.
:type link_url: str
:param message: The notification message.
:type message: str
:param notification_type: The notification type (e.g. alert, error).
:type notification_type: str
"""
if notification_type not in NotificationType.ALL:
notification_type = NotificationType.ALERT
n = Notification()
n.analyst = username
n.notification_type = notification_type
n.notification = message
n.header = header
n.link_url = link_url
for target_user in target_users:
# Check to make sure the user actually exists
user = CRITsUser.objects(username=target_user).first()
if user is not None:
n.users.append(target_user)
# don't notify the user creating this notification
n.users = [u for u in n.users if u != username]
if not len(n.users):
return
try:
n.save()
except ValidationError:
pass
# Signal potentially waiting threads that notification information is available
for user in n.users:
notification_lock = NotificationLockManager.get_notification_lock(user)
notification_lock.acquire()
try:
notification_lock.notifyAll()
finally:
notification_lock.release()
def unsubscribe_from_source(username, source):
"""
Unsubscribe a user from a source.
:param username: The user to query for.
:type username: str
:param source: The name of the source.
:type source: str
:returns: dict with keys "success" (boolean) and "message" (str) if failed.
"""
from crits.core.user import CRITsUser
username = str(username)
user = CRITsUser.objects(username=username).first()
c = 0
for s in user.subscriptions['Source']:
if s.name == source:
del user.subscriptions['Source'][c]
c += 1
try:
user.save()
return {'success': True}
except ValidationError, e:
return {'success': False,
'message': e}
def is_user_subscribed_to_source(username, source):
"""
Determine if the user is subscribed to this source.
:param username: The user to query for.
:type username: str
:param source: The source name.
:type source: str
:returns: boolean
"""
if username is None:
return False
if not hasattr(username, 'username'):
from crits.core.user import CRITsUser
username = str(username)
query = {'username': username, 'subscriptions.Source.name': source}
results = CRITsUser.objects(__raw__=query).first()
if results is not None:
return True
else:
return False
else:
for s in username.subscriptions['Source']:
if s['name'] == source:
return True
return False
def is_user_subscribed(username, stype, oid):
"""
Determine if the user is subscribed to this top-level object.
:param username: The user to query for.
:type username: str
:param stype: The top-level object type.
:type stype: str
:param oid: The ObjectId of the top-level object.
:type oid: str
:returns: boolean
"""
if username is None:
return False
if not hasattr(username, 'username'):
from crits.core.user import CRITsUser
username = str(username)
query = {'username': username, 'subscriptions.%s.id' % stype: ObjectId(oid)}
results = CRITsUser.objects(__raw__=query).first()
if results is not None:
return True
else:
return False
else:
for s in username.subscriptions[stype]:
if str(s) == oid:
return True
return False
def update_user_preference(username, section, values):
"""
Update a user preference.
:param username: The user to query for.
:type username: str
:param section: The section in their preferences.
:type section: str
:param values: The values to set.
:type values: str, list, dict
:returns: dict with keys "success" (boolean) and "message" (str) if failed.
"""
from crits.core.user import CRITsUser
username = str(username)
user = CRITsUser.objects(username=username).first()
if user:
if not section in user.prefs:
setattr(user.prefs, section, {})
# Something to think about.. do we want to do a replacement or a merge?
setattr(user.prefs, section, values)
try:
user.save()
return {'success': True}
except ValidationError, e:
return {'success': False, 'message': e}
def handle(self, *args, **options):
"""
Script Execution.
"""
# only look for active users who want email notifications
users = CRITsUser.objects(is_active=True, prefs__notify__email=True)
# only get the unprocessed notifications
notifications = Notification.objects(status='new')
for user in users:
# only include notifications where the user is in the users list and
# it wasn't created by them.
includes = [
x for x in notifications if user.username in x.users
and user.username != x.analyst and x.obj_id != None
]
# only send an email if there's something to send
if len(includes):
email = EmailNotification(username=user.username,
email=user.email)
for include in includes:
email.add_to_body(email.create_notification(include))
email.send_email()
# clean up after ourselves
usernames = [u.username for u in users]
self.process_notifications(notifications, usernames)
def update_user_preference(username, section, values):
"""
Update a user preference.
:param username: The user to query for.
:type username: str
:param section: The section in their preferences.
:type section: str
:param values: The values to set.
:type values: str, list, dict
:returns: dict with keys "success" (boolean) and "message" (str) if failed.
"""
from crits.core.user import CRITsUser
username = str(username)
user = CRITsUser.objects(username=username).first()
if user:
if not section in user.prefs:
setattr(user.prefs, section, {})
# Something to think about.. do we want to do a replacement or a merge?
setattr(user.prefs, section, values)
try:
user.save()
return {'success': True }
except ValidationError, e:
return {'success': False,
'message': e}
def change_user_password(username, current_p, new_p, new_p_c):
"""
Change the password for a user.
:param username: The user to query for.
:type username: str
:param current_p: The user's current password.
:type current_p: str
:param new_p: The new password.
:type new_p: str
:param new_p_c: New password confirmation.
:type new_p_c: str
:returns: dict with keys "success" (boolean) and "message" (str) if failed.
"""
if new_p != new_p_c:
return {'success': False, 'message': 'New password confirmation does not match.'}
from crits.core.user import CRITsUser
username = str(username)
user = CRITsUser.objects(username=username).first()
if not user:
return {'success': False, 'message': 'Unknown user.'}
if not user.check_password(current_p):
return {'success': False, 'message': 'Current password invalid.'}
if user.set_password(new_p, username):
return {'success': True, 'message': 'Password Change Successful.'}
else:
from crits.config.config import CRITsConfig
crits_config = CRITsConfig.objects().first()
if crits_config:
regex_desc = crits_config.password_complexity_desc
else:
regex_desc = settings.PASSWORD_COMPLEXITY_DESC
return {'success': False,
'message': 'Password not complex enough: %s' % regex_desc}
def is_user_subscribed_to_source(username, source):
"""
Determine if the user is subscribed to this source.
:param username: The user to query for.
:type username: str
:param source: The source name.
:type source: str
:returns: boolean
"""
if username is None:
return False
if not hasattr(username, 'username'):
from crits.core.user import CRITsUser
username = str(username)
query = {'username': username, 'subscriptions.Source.name': source}
results = CRITsUser.objects(__raw__=query).first()
if results is not None:
return True
else:
return False
else:
for s in username.subscriptions['Source']:
if s['name'] == source:
return True
return False
def is_user_subscribed(username, stype, oid):
"""
Determine if the user is subscribed to this top-level object.
:param username: The user to query for.
:type username: str
:param stype: The top-level object type.
:type stype: str
:param oid: The ObjectId of the top-level object.
:type oid: str
:returns: boolean
"""
if username is None:
return False
if not hasattr(username, 'username'):
from crits.core.user import CRITsUser
username = str(username)
query = {
'username': username,
'subscriptions.%s.id' % stype: ObjectId(oid)
}
results = CRITsUser.objects(__raw__=query).first()
if results is not None:
return True
else:
return False
else:
for s in username.subscriptions[stype]:
if str(s) == oid:
return True
return False
def handle(self, *args, **options):
"""
Script Execution.
"""
# only look for active users who want email notifications
users = CRITsUser.objects(is_active=True,
prefs__notify__email=True)
# only get the unprocessed notifications
notifications = Notification.objects(status='new')
for user in users:
# only include notifications where the user is in the users list and
# it wasn't created by them.
includes = [x for x in notifications if user.username in x.users and user.username != x.analyst and x.obj_id != None]
# only send an email if there's something to send
if len(includes):
email = EmailNotification(username=user.username,
email=user.email)
for include in includes:
email.add_to_body(email.create_notification(include))
email.send_email()
# clean up after ourselves
usernames = [u.username for u in users]
self.process_notifications(notifications, usernames)
def clean_db():
"""
Clean database for test.
"""
user = CRITsUser.objects(username=TUSER_NAME).first()
if user:
user.delete()
user2 = CRITsUser.objects(username=TUSER2_NAME).first()
if user2:
user2.delete()
campaign1 = Campaign.objects(name=TCAMPAIGN1).first()
if campaign1:
campaign1.delete()
campaign2 = Campaign.objects(name=TCAMPAIGN2).first()
if campaign2:
campaign2.delete()
def get_subscribed_users(stype, oid, sources):
"""
Get users subscribed to this top-level object.
:param stype: The top-level object type.
:type stype: str
:param oid: The ObjectId of the top-level object.
:type oid: str
:returns: list
:param sources: A list of sources of the top-level object.
:type sources: list
:returns: list
"""
from crits.core.user import CRITsUser
user_list = []
query = {
'$or': [{
'subscriptions.%s.id' % stype: ObjectId(oid)
}, {
'subscriptions.Source.name': {
'$in': sources
}
}]
}
users = CRITsUser.objects(__raw__=query)
for user in users:
user_list.append(user.username)
return user_list
def change_user_password(username, current_p, new_p, new_p_c):
"""
Change the password for a user.
:param username: The user to query for.
:type username: str
:param current_p: The user's current password.
:type current_p: str
:param new_p: The new password.
:type new_p: str
:param new_p_c: New password confirmation.
:type new_p_c: str
:returns: dict with keys "success" (boolean) and "message" (str) if failed.
"""
if new_p != new_p_c:
return {'success': False, 'message': 'New password confirmation does not match.'}
from crits.core.user import CRITsUser
username = str(username)
user = CRITsUser.objects(username=username).first()
if not user:
return {'success': False, 'message': 'Unknown user.'}
if not user.check_password(current_p):
return {'success': False, 'message': 'Current password invalid.'}
if user.set_password(new_p, username):
return {'success': True, 'message': 'Password Change Successful.'}
else:
from crits.config.config import CRITsConfig
crits_config = CRITsConfig.objects().first()
if crits_config:
regex_desc = crits_config.password_complexity_desc
else:
regex_desc = settings.PASSWORD_COMPLEXITY_DESC
return {'success': False,
'message': 'Password not complex enough: %s' % regex_desc}
def clean_db():
"""
Clean database for test.
"""
user = CRITsUser.objects(username=TUSER_NAME).first()
if user:
user.delete()
user2 = CRITsUser.objects(username=TUSER2_NAME).first()
if user2:
user2.delete()
campaign1 = Campaign.objects(name=TCAMPAIGN1).first()
if campaign1:
campaign1.delete()
campaign2 = Campaign.objects(name=TCAMPAIGN2).first()
if campaign2:
campaign2.delete()
def unsubscribe_from_source(username, source):
"""
Unsubscribe a user from a source.
:param username: The user to query for.
:type username: str
:param source: The name of the source.
:type source: str
:returns: dict with keys "success" (boolean) and "message" (str) if failed.
"""
from crits.core.user import CRITsUser
username = str(username)
user = CRITsUser.objects(username=username).first()
c = 0
for s in user.subscriptions['Source']:
if s.name == source:
del user.subscriptions['Source'][c]
c += 1
try:
user.save()
return {'success': True}
except ValidationError, e:
return {'success': False,
'message': e}
def unsubscribe_user(username, stype, oid):
"""
Unsubscribe a user from this top-level object.
:param username: The user to query for.
:type username: str
:param stype: The top-level object type.
:type stype: str
:param oid: The ObjectId of the top-level object.
:type oid: str
:returns: dict with keys "success" (boolean) and "message" (str) if failed.
"""
from crits.core.user import CRITsUser
username = str(username)
user = CRITsUser.objects(username=username).first()
for s in user.subscriptions[stype]:
if str(s._id) == oid:
user.subscriptions[stype].remove(s)
break
try:
user.save()
return {'success': True}
except ValidationError, e:
return {'success': False,
'message': e}
def subscribe_user(username, stype, oid):
"""
Subscribe a user to this top-level object.
:param username: The user to query for.
:type username: str
:param stype: The top-level object type.
:type stype: str
:param oid: The ObjectId of the top-level object.
:type oid: str
:returns: dict with keys "success" (boolean) and "message" (str) if failed.
"""
from crits.core.user import CRITsUser
from crits.core.user import EmbeddedSubscription
username = str(username)
es = EmbeddedSubscription()
es._id = oid
user = CRITsUser.objects(username=username).first()
if stype in user.subscriptions:
user.subscriptions[stype].append(es)
else:
user.subscriptions[stype] = [es]
try:
user.save()
return {'success': True}
except ValidationError, e:
return {'success': False, 'message': e}
def unsubscribe_user(username, stype, oid):
"""
Unsubscribe a user from this top-level object.
:param username: The user to query for.
:type username: str
:param stype: The top-level object type.
:type stype: str
:param oid: The ObjectId of the top-level object.
:type oid: str
:returns: dict with keys "success" (boolean) and "message" (str) if failed.
"""
from crits.core.user import CRITsUser
username = str(username)
user = CRITsUser.objects(username=username).first()
for s in user.subscriptions[stype]:
if str(s._id) == oid:
user.subscriptions[stype].remove(s)
break
try:
user.save()
return {'success': True}
except ValidationError, e:
return {'success': False, 'message': e}
def get_subscribed_users(stype, oid, sources):
"""
Get users subscribed to this top-level object.
:param stype: The top-level object type.
:type stype: str
:param oid: The ObjectId of the top-level object.
:type oid: str
:returns: list
:param sources: A list of sources of the top-level object.
:type sources: list
:returns: list
"""
from crits.core.user import CRITsUser
user_list = []
query = { '$or': [
{'subscriptions.%s.id' % stype: ObjectId(oid)},
{'subscriptions.Source.name': { '$in': sources }}
]
}
users = CRITsUser.objects(__raw__=query)
for user in users:
user_list.append(user.username)
return user_list
def subscribe_user(username, stype, oid):
"""
Subscribe a user to this top-level object.
:param username: The user to query for.
:type username: str
:param stype: The top-level object type.
:type stype: str
:param oid: The ObjectId of the top-level object.
:type oid: str
:returns: dict with keys "success" (boolean) and "message" (str) if failed.
"""
from crits.core.user import CRITsUser
from crits.core.user import EmbeddedSubscription
username = str(username)
es = EmbeddedSubscription()
es._id = oid
user = CRITsUser.objects(username=username).first()
if stype in user.subscriptions:
user.subscriptions[stype].append(es)
else:
user.subscriptions[stype] = [es]
try:
user.save()
return {'success': True}
except ValidationError, e:
return {'success': False,
'message': e}
def setUp(self):
prep_db()
self.factory = RequestFactory()
self.user = CRITsUser.objects(username=TUSER_NAME).first()
self.user.sources.append(TSRC)
self.user.save()
# Add a test email
handlers.handle_eml(EML_DATA, TSRC, None, self.user, "Test")
def setUp(self):
prep_db()
self.factory = RequestFactory()
self.user = CRITsUser.objects(username=TUSER_NAME).first()
self.user.sources.append(TSRC)
self.user.save()
# Add a test email
handlers.handle_eml(EML_DATA, TSRC, None, self.user.username, "Test")
def start_pyew_shell(request, id_, token):
# Make sure we can find pyew
svc = CRITsService.objects(name='Pyew').first()
if not svc:
text = "\nPyew not found"
request.ws_stream.send_message(base64.b64encode(text), binary=False)
sys.exit(1)
sc = svc.config
pyew = str(sc['pyew'])
if not os.path.exists(pyew):
text = "\nPyew not found"
request.ws_stream.send_message(base64.b64encode(text), binary=False)
sys.exit(1)
# Find CRITs user by token
query = {'unsupported_attrs.pyew_token': token}
user = CRITsUser.objects(__raw__=query).first()
if not user:
text = "\nCould not validate user"
request.ws_stream.send_message(base64.b64encode(text), binary=False)
sys.exit(1)
# Remove this one-time use token
ua = user.unsupported_attrs
delattr(ua, 'pyew_token')
user.unsupported_attrs = ua
try:
user.save()
except:
pass
# Make sure we have a sample to work with that this user has access to
sample = Sample.objects(id=id_,
source__name__in=user.get_sources_list()).first()
if not sample:
text = "\nNo Sample found"
request.ws_stream.send_message(base64.b64encode(text), binary=False)
sys.exit(1)
sample_data = sample.filedata.read()
if not sample_data:
text = "\nCould not get Sample from GridFS: %s" % id_
request.ws_stream.send_message(base64.b64encode(text), binary=False)
sys.exit(1)
# write Sample to disk
# temp_sample is the sample to read
try:
temp_sample = tempfile.NamedTemporaryFile(delete=False)
sample_name = temp_sample.name
temp_sample.write(sample_data)
temp_sample.close()
except Exception, e:
text = "\nError writing file to disk: %s" % e
request.ws_stream.send_message(base64.b64encode(text), binary=False)
sys.exit(1)
def create_general_notification(
username, target_users, header, link_url, message, notification_type=NotificationType.ALERT
):
"""
Generate a general notification -- not based on mongo obj.
:param obj: The object.
:type obj: class which inherits from
:class:`crits.core.crits_mongoengine.CritsBaseAttributes`
:param username: The user creating the notification.
:type username: str
:param target_users: The list of users who will get the notification.
:type target_users: list(str)
:param header: The notification header message.
:type header: list(str)
:param link_url: A link URL for the header, specify None if there is no link.
:type link_url: str
:param message: The notification message.
:type message: str
:param notification_type: The notification type (e.g. alert, error).
:type notification_type: str
"""
if notification_type not in NotificationType.ALL:
notification_type = NotificationType.ALERT
n = Notification()
n.analyst = username
n.notification_type = notification_type
n.notification = message
n.header = header
n.link_url = link_url
for target_user in target_users:
# Check to make sure the user actually exists
user = CRITsUser.objects(username=target_user).first()
if user is not None:
n.users.append(target_user)
# don't notify the user creating this notification
n.users = [u for u in n.users if u != username]
if not len(n.users):
return
try:
n.save()
except ValidationError:
pass
# Signal potentially waiting threads that notification information is available
for user in n.users:
notification_lock = NotificationLockManager.get_notification_lock(user)
notification_lock.acquire()
try:
notification_lock.notifyAll()
finally:
notification_lock.release()
def toggle_user_preference(username, section, setting, is_enabled=False):
"""
Enables/Disables the target user preference
:param username: The username that the preference toggle is for.
:type username: str
:param section: The section name where the preference is stored.
:type section: str
:param setting: The name of the setting within the section of the preference.
:type setting: str
:param is_enabled: An optional default value if the preference does not exist.
:type is_enabled: str
:returns: "success" (boolean), "message" (str) if failed,
"state" (boolean) if successful
"""
from crits.core.user import CRITsUser
username = str(username)
user = CRITsUser.objects(username=username).first()
if user:
# Split the preference option into subtrees on '.'
otree = setting.split(".")
param = otree.pop()
if not section in user.prefs:
setattr(user.prefs, section, {})
opt = user.prefs[section]
if len(otree):
for subsect in otree:
if not subsect in opt:
opt[subsect] = {}
opt = opt[subsect]
else:
opt = opt[subsect]
if (not param in opt):
# if the preference doesn't exist, then try the fallback default value
if is_enabled == True:
opt[param] = False
else:
opt[param] = True
else:
# the preference exists, so use it
if (not opt[param]):
opt[param] = True
else:
opt[param] = False
try:
user.save()
return {'success': True,
'state': opt[param] }
except ValidationError, e:
return {'success': False,
'message': e}
def toggle_user_preference(username, section, setting, is_enabled=False):
"""
Enables/Disables the target user preference
:param username: The username that the preference toggle is for.
:type username: str
:param section: The section name where the preference is stored.
:type section: str
:param setting: The name of the setting within the section of the preference.
:type setting: str
:param is_enabled: An optional default value if the preference does not exist.
:type is_enabled: str
:returns: "success" (boolean), "message" (str) if failed,
"state" (boolean) if successful
"""
from crits.core.user import CRITsUser
username = str(username)
user = CRITsUser.objects(username=username).first()
if user:
# Split the preference option into subtrees on '.'
otree = setting.split(".")
param = otree.pop()
if not section in user.prefs:
setattr(user.prefs, section, {})
opt = user.prefs[section]
if len(otree):
for subsect in otree:
if not subsect in opt:
opt[subsect] = {}
opt = opt[subsect]
else:
opt = opt[subsect]
if (not param in opt):
# if the preference doesn't exist, then try the fallback default value
if is_enabled == True:
opt[param] = False
else:
opt[param] = True
else:
# the preference exists, so use it
if (not opt[param]):
opt[param] = True
else:
opt[param] = False
try:
user.save()
return {'success': True,
'state': opt[param] }
except ValidationError, e:
return {'success': False,
'message': e}
def start_pyew_shell(request, id_, token):
# Make sure we can find pyew
sc = manager.get_config('Pyew')
pyew = str(sc['pyew'])
if not os.path.exists(pyew):
text = "\nPyew not found"
request.ws_stream.send_message(base64.b64encode(text),
binary=False)
sys.exit(1)
# Find CRITs user by token
query = {'unsupported_attrs.pyew_token': token}
user = CRITsUser.objects(__raw__=query).first()
if not user:
text = "\nCould not validate user"
request.ws_stream.send_message(base64.b64encode(text),
binary=False)
sys.exit(1)
# Remove this one-time use token
ua = user.unsupported_attrs
delattr(ua, 'pyew_token')
user.unsupported_attrs = ua
try:
user.save()
except:
pass
# Make sure we have a sample to work with that this user has access to
sample = Sample.objects(id=id_, source__name__in=user.sources).first()
if not sample:
text = "\nNo Sample found"
request.ws_stream.send_message(base64.b64encode(text),
binary=False)
sys.exit(1)
sample_data = sample.filedata.read()
if not sample_data:
text = "\nCould not get Sample from GridFS: %s" % id_
request.ws_stream.send_message(base64.b64encode(text),
binary=False)
sys.exit(1)
# write Sample to disk
# temp_sample is the sample to read
try:
temp_sample = tempfile.NamedTemporaryFile(delete=False)
sample_name = temp_sample.name
temp_sample.write(sample_data)
temp_sample.close()
except Exception, e:
text = "\nError writing file to disk: %s" % e
request.ws_stream.send_message(base64.b64encode(text),
binary=False)
sys.exit(1)
def AddUser(self):
self.user = CRITsUser.create_user(username=TUSER_NAME,
password=TUSER_PASS,
email=TUSER_EMAIL,
)
self.assertEqual(self.user.username, TUSER_NAME)
self.assertTrue(TUSER_PASS_HASH_RE.match(self.user.password))
self.user.first_name = TUSER_FNAME
self.user.last_name = TUSER_LNAME
self.user.save()
def clean_db():
"""
Clean database for test.
"""
src = SourceAccess.objects(name=TSRC).first()
if src:
src.delete()
user = CRITsUser.objects(username=TUSER_NAME).first()
if user:
user.delete()
def AddUser(self):
self.user = CRITsUser.create_user(username=TUSER_NAME,
password=TUSER_PASS,
email=TUSER_EMAIL,
)
self.assertEqual(self.user.username, TUSER_NAME)
self.assertTrue(TUSER_PASS_HASH_RE.match(self.user.password))
self.user.first_name = TUSER_FNAME
self.user.last_name = TUSER_LNAME
self.user.save()
def get_user_role(username):
"""
Get the user role.
:param username: The user to lookup.
:type username: str
:returns: str
"""
from crits.core.user import CRITsUser
username = str(username)
user = CRITsUser.objects(username=username).first()
return user.role
def get_user_email_notification(username):
"""
Get user email notification preference.
:param username: The user to query for.
:type username: str
:returns: str
"""
from crits.core.user import CRITsUser
username = str(username)
user = CRITsUser.objects(username=username).first()
return user.get_preference('notify', 'email', False)
def prep_db():
"""
Prep database for test.
"""
clean_db()
# Add User
user = CRITsUser.create_user(
username=TUSER_NAME,
password=TUSER_PASS,
email=TUSER_EMAIL,
)
user.save()
user2 = CRITsUser.create_user(
username=TUSER2_NAME,
password=TUSER2_PASS,
email=TUSER2_EMAIL,
)
user2.save()
campaign1 = Campaign(name=TCAMPAIGN1)
campaign1.save(username=user.username)
campaign2 = Campaign(name=TCAMPAIGN2)
campaign2.save(username=user.username)
def get_user_subscriptions(username):
"""
Get user subscriptions.
:param username: The user to query for.
:type username: str
:returns: list
"""
from crits.core.user import CRITsUser
username = str(username)
user = CRITsUser.objects(username=username).first()
return user.subscriptions
def get_user_email_notification(username):
"""
Get user email notification preference.
:param username: The user to query for.
:type username: str
:returns: str
"""
from crits.core.user import CRITsUser
username = str(username)
user = CRITsUser.objects(username=username).first()
return user.get_preference('notify', 'email', False)
def get_user_role(username):
"""
Get the user role.
:param username: The user to lookup.
:type username: str
:returns: str
"""
from crits.core.user import CRITsUser
username = str(username)
user = CRITsUser.objects(username=username).first()
return user.role
def _get_api_keys(config, analyst):
if config.get('distribution_url', ''):
user = CRITsUser.objects(username=analyst).only('api_keys').first()
if not user:
return [] # XXX: Raise exception?
api_keys = [(k.api_key, k.name) for k in user.api_keys]
if not api_keys: # XXX: and distributed
return [] # XXX: Raise exception?
else:
api_keys = []
return api_keys
def prep_db():
"""
Prep database for test.
"""
clean_db()
# Add User
user = CRITsUser.create_user(
username=TUSER_NAME,
password=TUSER_PASS,
email=TUSER_EMAIL,
)
user.save()
user2 = CRITsUser.create_user(
username=TUSER2_NAME,
password=TUSER2_PASS,
email=TUSER2_EMAIL,
)
user2.save()
campaign1 = Campaign(name=TCAMPAIGN1)
campaign1.save(username=user.username)
campaign2 = Campaign(name=TCAMPAIGN2)
campaign2.save(username=user.username)
def prep_db():
"""
Prep database for test.
"""
clean_db()
# Add User
user = CRITsUser.create_user(username=TUSER_NAME, password=TUSER_PASS, email=TUSER_EMAIL)
user.save()
# Add Source
add_new_source(TSRC, TUSER_NAME)
# Add Data Type
add_new_signature_type(TDT, TUSER_NAME)
def _get_api_keys(config, analyst):
if config.get('distribution_url', ''):
user = CRITsUser.objects(username=analyst).only('api_keys').first()
if not user:
return [] # XXX: Raise exception?
api_keys = [(k.api_key, k.name) for k in user.api_keys]
if not api_keys: # XXX: and distributed
return [] # XXX: Raise exception?
else:
api_keys = []
return api_keys
def get_user_subscriptions(username):
"""
Get user subscriptions.
:param username: The user to query for.
:type username: str
:returns: list
"""
from crits.core.user import CRITsUser
username = str(username)
user = CRITsUser.objects(username=username).first()
return user.subscriptions
def setUp(self):
prep_db()
self.factory = RequestFactory()
self.user = CRITsUser.objects(username=TUSER_NAME).first()
self.user.sources.append(TSRC)
self.user.save()
# Add a test signature
title = SIGNATURE_TITLE
description = SIGNATURE_DESCRIPTION
data = SIGNATURE_DATA
data_type = TDT
source_name = TSRC
user = TUSER_NAME
(status) = handlers.handle_signature_file(data, source_name, user, description, title, data_type)
def pyew_tokenize(request):
user = CRITsUser.objects(username=request.user.username).first()
if not user:
data = {"token": None}
allowed_chars = "abcdefghijklmnopqrstuvwxyz" "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
token = get_random_string(128, allowed_chars=allowed_chars)
user.pyew_token = token
try:
user.save()
data = {"token": token}
except:
data = {"token": None}
return HttpResponse(json.dumps(data), content_type="application/json")
def clean_db():
"""
Clean up the DB after testing.
"""
src = SourceAccess.objects(name=TSRC).first()
if src:
src.delete()
user = CRITsUser.objects(username=TUSER_NAME).first()
if user:
user.delete()
TestObject.drop_collection()
TestSourceObject.drop_collection()
CRITsConfig.drop_collection()
def clean_db():
"""
Clean up the DB after testing.
"""
src = SourceAccess.objects(name=TSRC).first()
if src:
src.delete()
user = CRITsUser.objects(username=TUSER_NAME).first()
if user:
user.delete()
TestObject.drop_collection()
TestSourceObject.drop_collection()
CRITsConfig.drop_collection()
def setUp(self):
prep_db()
self.factory = RequestFactory()
self.user = CRITsUser.objects(username=TUSER_NAME).first()
self.user.save()
# Add a test domain
data = {
'domain_reference': DOM_REF,
'domain_source': DOM_SRC,
'domain_method': DOM_METH,
'domain': DOMAIN,
}
errors = []
(result, errors, retVal) = handlers.add_new_domain(data, self, errors)
def pyew_tokenize(request):
user = CRITsUser.objects(username=request.user.username).first()
if not user:
data = {'token': None}
allowed_chars = ('abcdefghijklmnopqrstuvwxyz'
'ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789')
token = get_random_string(128, allowed_chars=allowed_chars)
user.pyew_token = token
try:
user.save()
data = {'token': token}
except:
data = {'token': None}
return HttpResponse(json.dumps(data), content_type="application/json")
def get_user_info(username=None):
"""
Get information for a specific user.
:param username: The user to get info for.
:type username: str
:returns: :class:`crits.core.user.CRITsUser`
"""
from crits.core.user import CRITsUser
if username is not None:
username = str(username)
return CRITsUser.objects(username=username).first()
else:
return username
def get_user_list():
"""
Get a list of users. Sort the list alphabetically and do not include
subscriptions.
:returns: list
"""
from crits.core.user import CRITsUser
users = CRITsUser.objects().order_by('+username').exclude('subscriptions')
user_list = []
user_list.append({'username': "", 'sources': [], 'role': ""})
for user in users:
user_list.append(user)
return user_list
def get_user_info(username=None):
"""
Get information for a specific user.
:param username: The user to get info for.
:type username: str
:returns: :class:`crits.core.user.CRITsUser`
"""
from crits.core.user import CRITsUser
if username is not None:
username = str(username)
return CRITsUser.objects(username=username).first()
else:
return username
def prep_db():
"""
Prep database for test.
"""
clean_db()
# Add Source
add_new_source(TSRC, "RandomUser")
# Add User
user = CRITsUser.create_user(
username=TUSER_NAME,
password=TUSER_PASS,
email=TUSER_EMAIL,
)
user.save()
def get_user_organization(username):
"""
Get the organization for a user.
:param username: The user to lookup.
:type username: str
:returns: str
"""
from crits.core.user import CRITsUser
username = str(username)
user = CRITsUser.objects(username=username).first()
if user:
return user.organization
else:
return settings.COMPANY_NAME
