def tc_create_event(name,
owner,
event_date,
tag=None,
status=None,
description=None):
tc = get_client()
ro = RequestObject()
ro.set_http_method('POST')
ro.set_request_uri('/v2/groups/events')
body = {'name': name, 'eventDate': event_date, 'status': status}
ro.set_body(json.dumps(body))
response = tc.api_request(ro).json()
if response.get('status') == 'Success':
output = response.get('data', {}).get('event', {})
event_id = output['id']
if description is not None:
# Associate Attribute description
ro = RequestObject()
ro.set_http_method('POST')
ro.set_request_uri(
'/v2/groups/events/{}/attributes'.format(event_id))
body = {
'type': 'Description',
'value': description,
'displayed': 'true'
}
ro.set_body(json.dumps(body))
tc.api_request(ro).json()
return output
else:
return_error('Failed to create event')
def tc_get_tags():
tc = get_client()
ro = RequestObject()
ro.set_http_method('GET')
ro.set_request_uri('/v2/tags')
return tc.api_request(ro).json()
def add_security_label(self, security_label_name):
""" retrieve attributes for this indicator """
prop = self._resource_properties['add_security_label']
ro = RequestObject()
ro.set_description(
'deleting security label {0} for attribute {1} of object {2}'.
format(security_label_name, self.id, self._container.id))
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
resource_uri = self._container._resource_properties['id']['uri']
try:
resource_uri = resource_uri.format(self._container.indicator)
except AttributeError:
resource_uri = resource_uri.format(self._container.id)
ro.set_request_uri(prop['uri'].format(resource_uri, self.id,
security_label_name))
ro.set_resource_pagination(prop['pagination'])
callback = lambda status: self.__failed_add_security_label(
security_label_name)
ro.set_failure_callback(callback)
self._container._resource_container.add_commit_queue(
self._container.id, ro)
security_label = SecurityLabelObject()
security_label.set_name(security_label_name)
self.__add_security_label(security_label)
def upload(self, body):
""" upload document """
if self._resource_type == ResourceType.DOCUMENTS:
prop = self._resource_properties['document_upload']
elif self._resource_type == ResourceType.SIGNATURES:
prop = self._resource_properties['signature_upload']
else:
self._tc.tcl.error('Upload requested for wrong resource type.')
raise AttributeError(ErrorCodes.e10330.value)
ro = RequestObject()
ro.set_body(body)
ro.set_content_type('application/octet-stream')
ro.set_description('upload document for "{0}"'.format(self._name))
# determine whether the file contents exist using phase (not 100%)
if self.phase == 1:
ro.set_http_method(prop['http_method'])
else:
ro.set_http_method('PUT')
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_request_uri(prop['uri'].format(self._id))
ro.set_resource_pagination(prop['pagination'])
ro.set_resource_type(self._resource_type)
success_callback = lambda request, response: self.set_contents(request.body)
ro.set_success_callback(success_callback)
self._resource_container.add_commit_queue(self.id, ro)
def add_indicator(self, data, indicator_type=None):
""" filter api results by indicator """
# validation indicator
if not SharedMethods.validate_indicator(self.tc._indicators_regex, data):
raise AttributeError(ErrorCodes.e5010.value.format(data))
# get indicator uri attribute
if indicator_type is None:
indicator_type = SharedMethods.get_resource_type(
self.tc._indicators_regex, data)
indicator_uri_attribute = ApiProperties.api_properties[
indicator_type.name]['uri_attribute']
prop = self._resource_properties['indicator']
ro = RequestObject()
ro.set_description('api filter by indicator id {0}'.format(data))
ro.set_owner_allowed(prop['owner_allowed'])
# TODO: Check this logic
if self._resource_type == ResourceType.INDICATORS:
ro.set_request_uri(
prop['uri'],
[indicator_uri_attribute,
SharedMethods.urlsafe(data)])
else:
ro.set_request_uri(prop['uri'], [SharedMethods.urlsafe(data)])
ro.set_resource_pagination(prop['pagination'])
ro.set_resource_type(indicator_type)
self._add_request_objects(ro)
def get_groups_request(group_type):
tc = get_client()
ro = RequestObject()
ro.set_http_method('GET')
ro.set_request_uri('/v2/groups/{}'.format(group_type))
return tc.api_request(ro).json()
def tc_get_indicator_types_request():
tc = get_client()
ro = RequestObject()
ro.set_http_method('GET')
ro.set_request_uri('/v2/types/indicatorTypes')
return tc.api_request(ro).json()
def get_events_request():
tc = get_client()
ro = RequestObject()
ro.set_http_method('GET')
ro.set_request_uri('/v2/groups/events')
return tc.api_request(ro).json()
def __init__(self, base_uri, tcl):
""" """
super(BulkFilterObject, self).__init__(base_uri, tcl)
self._owners = []
# define properties for resource type
# self._properties = BulkProperties(base_uri=self.base_uri)
self._properties = None
self._resource_type = self._properties.resource_type
# create default request object for filtered request with only owners
self._request_object = RequestObject('groups', 'default')
self._request_object.set_http_method(self._properties.http_method)
self._request_object.set_owner_allowed(
self._properties.base_owner_allowed)
self._request_object.set_request_uri(self._properties.base_path)
self._request_object.set_resource_pagination(
self._properties.resource_pagination)
self._request_object.set_resource_type(self._properties.resource_type)
#
# add_obj filter methods
#
for method_name in self._properties.filters:
method = getattr(IndicatorFilterMethods, method_name)
setattr(self, method_name, types.MethodType(method, self))
def load_security_labels(self):
""" retrieve attributes for this indicator """
prop = self._resource_properties['load_security_labels']
ro = RequestObject()
ro.set_description(
'load security labels for attribute {0} of object {1}'.format(
self.id, self._container.id))
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
resource_uri = self._container._resource_properties['id']['uri']
try:
resource_uri = resource_uri.format(self._container.indicator)
except AttributeError:
resource_uri = resource_uri.format(self._container.id)
ro.set_request_uri(prop['uri'].format(resource_uri, self.id))
ro.set_resource_pagination(prop['pagination'])
api_response = self._container._tc.api_request(ro)
if api_response.headers['content-type'] == 'application/json':
api_response_dict = api_response.json()
if api_response_dict['status'] == 'Success':
self._security_labels = []
data = api_response_dict['data']['securityLabel']
for item in data:
self.__add_security_label(parse_security_label(
item)) # add to main resource object
def log_to_api(self):
if len(self.entries) > 0:
# make api call
ro = RequestObject()
ro.set_http_method('POST')
ro.set_owner_allowed(True)
ro.set_resource_pagination(False)
ro.set_request_uri('/v2/logs/app')
ro.set_body(dumps(self.entries))
# retrieve and display the results; don't log during api request so we don't end up with duplicate info
try:
self.tc.api_request(ro, log=False)
except RuntimeError as re:
# can't really do anything if it fails
error_data = {
'levelname':
'ERROR',
'created':
time.time(),
'msg':
'API LOGGING FAILURE -- Unable to send log entries to api: {}'
.format(self.entries)
}
lr = makeLogRecord(error_data)
self.entries = []
self.emit(lr)
self.entries = []
def tc_owners():
tc = get_client()
ro = RequestObject()
ro.set_http_method('GET')
ro.set_request_uri('/v2/owners')
results = tc.api_request(ro)
return results.json()
def tc_delete_group(group_id, group_type):
tc = get_client()
ro = RequestObject()
ro.set_http_method('DELETE')
ro.set_request_uri('/v2/groups/{}/{}'.format(group_type, group_id))
response = tc.api_request(ro).json()
return response['status'] == 'Success'
def add_group_tags_request(group_type, group_id, tag_name):
tc = get_client()
ro = RequestObject()
ro.set_http_method('POST')
ro.set_request_uri('/v2/groups/{}/{}/tags/{}'.format(
group_type, group_id, tag_name))
response = tc.api_request(ro).json()
return response.get('status') == 'Success'
def associate_indicator_request(indicator_type, indicator, group_type,
group_id):
tc = get_client()
ro = RequestObject()
ro.set_http_method('POST')
ro.set_request_uri('/v2/indicators/{}/{}/groups/{}/{}'.format(
indicator_type, indicator, group_type, group_id))
response = tc.api_request(ro).json()
return response
def add_group_security_label_request(group_type, group_id, security_label):
tc = get_client()
ro = RequestObject()
ro.set_http_method('POST')
ro.set_request_uri('/v2/groups/{}/{}/securityLabels/{}'.format(
group_type, group_id, security_label))
response = tc.api_request(ro).json()
return response.get('status') == 'Success'
def __init__(self, tc_obj):
""" """
super(Bulk, self).__init__(tc_obj)
self._filter_class = BulkFilterObject
# set properties
# properties = BulkProperties(base_uri=self.base_uri)
# self._resource_type = properties.resource_type
# create default request object for non-filtered requests
self._request_object = RequestObject('bulk', 'default')
def add_tag(self, tag):
""" add a tag to an indicator """
prop = self._resource_properties['tag_add']
ro = RequestObject()
ro.set_description('add tag "{0}" to "{1}"'.format(tag, self._name))
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_request_uri(prop['uri'].format(self._id, self._urlsafe(tag)))
ro.set_resource_pagination(prop['pagination'])
ro.set_resource_type(self._resource_type)
self._resource_container.add_commit_queue(self.id, ro)
def default_request_object(self):
""" default request when no filters are provided """
resource_properties = ApiProperties.api_properties[self._resource_type.name]['properties']
# create default request object for non-filtered requests
request_object = RequestObject()
request_object.set_http_method(resource_properties['base']['http_method'])
request_object.set_owner_allowed(resource_properties['base']['owner_allowed'])
request_object.set_request_uri(resource_properties['base']['uri'])
request_object.set_resource_pagination(resource_properties['base']['pagination'])
request_object.set_resource_type(self._resource_type)
return request_object
def tc_get_indicators_by_tag(tag, owner):
tc = get_client()
ro = RequestObject()
ro.set_http_method('GET')
cmd = '/v2/tags/{}/indicators'.format(tag)
if owner is not None:
cmd += '?owner={}'.format(owner)
ro.set_request_uri(cmd)
return tc.api_request(ro).json()
def default_request_object(self):
""" default request when only a owner filter is provided """
request_object = RequestObject()
request_object.set_description('filter by owner')
request_object.set_http_method(self._resource_properties['base']['http_method'])
request_object.set_owner_allowed(self._resource_properties['base']['owner_allowed'])
request_object.set_request_uri(self._resource_properties['base']['uri'])
request_object.set_resource_pagination(self._resource_properties['base']['pagination'])
request_object.set_resource_type(self._resource_type)
return request_object
def delete_attribute(self, attr_id):
""" delete attribute from group by id """
prop = self._resource_properties['attribute_delete']
ro = RequestObject()
ro.set_description('delete attribute id {0} from "{1}"'.format(attr_id, self._name))
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_request_uri(prop['uri'].format(
self._id, attr_id))
ro.set_resource_pagination(prop['pagination'])
ro.set_resource_type(self._resource_type)
self._resource_container.add_commit_queue(self.id, ro)
def delete_security_label(self, label):
""" set the security label for this indicator """
prop = self._resource_properties['security_label_delete']
ro = RequestObject()
ro.set_description('delete security label "{0}" from {1}'.format(label, self._name))
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_request_uri(prop['uri'].format(
self._id, self._urlsafe(label)))
ro.set_resource_pagination(prop['pagination'])
ro.set_resource_type(self._resource_type)
self._resource_container.add_commit_queue(self.id, ro)
def delete_tag(self, tag):
""" delete tag from group """
prop = self._resource_properties['tag_delete']
ro = RequestObject()
ro.set_description('delete tag "{0}" from "{1}"'.format(tag, self._name))
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_request_uri(prop['uri'].format(
self._id, self._urlsafe(tag)))
ro.set_resource_pagination(prop['pagination'])
ro.set_resource_type(self._resource_type)
self._resource_container.add_commit_queue(self.id, ro)
def add_tag(self, data):
""" """
if not isinstance(data, str):
raise AttributeError(ErrorCodes.e4070.value.format(data))
prop = self._resource_properties['tags']
ro = RequestObject()
ro.set_description('api filter by tag "{0}"'.format(data))
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_resource_pagination(prop['pagination'])
ro.set_request_uri(prop['uri'], [SharedMethods.urlsafe(data)])
ro.set_resource_type(self._resource_type)
self._add_request_objects(ro)
def add_victim_id(self, data_int):
""" """
if not isinstance(data_int, int):
raise AttributeError(ErrorCodes.e4090.value.format(data_int))
prop = self._resource_properties['victims']
ro = RequestObject()
ro.set_description('api filter by victim id {0}'.format(data_int))
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_resource_pagination(prop['pagination'])
ro.set_request_uri(prop['uri'], [data_int])
ro.set_resource_type(self._resource_type)
self._add_request_objects(ro)
def associate_group(self, resource_type, resource_id):
""" associate a group to group by id """
prop = self._resource_properties['association_group_add']
ro = RequestObject()
ro.set_description('associate group type "{0}" id {1} to "{2}"'.format(
resource_type.name, resource_id, self._name))
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_resource_pagination(prop['pagination'])
group_uri_attribute = ApiProperties.api_properties[resource_type.name]['uri_attribute']
ro.set_request_uri(prop['uri'].format(self._id, group_uri_attribute, resource_id))
ro.set_resource_type(self._resource_type)
self._resource_container.add_commit_queue(self.id, ro)
def associate_indicator(self, indicator_type, indicator):
""" associate a group to group by id """
prop = self._resource_properties['association_indicator_add']
ro = RequestObject()
ro.set_description('associate indicator {0} to "{1}"'.format(
indicator, self._name))
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_resource_pagination(prop['pagination'])
indicator_uri_attribute = ApiProperties.api_properties[indicator_type.name]['uri_attribute']
ro.set_request_uri(prop['uri'].format(indicator_uri_attribute, self._urlsafe(indicator), self.id))
ro.set_resource_type(self._resource_type)
self._resource_container.add_commit_queue(self.id, ro)
def associate_victim(self, resource_id):
""" associate victim from group """
prop = self._resource_properties['association_victim_add']
ro = RequestObject()
ro.set_description('associate victim id {0} from "{1}"'.format(
resource_id, self._name))
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_request_uri(prop['uri'].format(
self._id, resource_id))
ro.set_resource_pagination(prop['pagination'])
ro.set_resource_type(self._resource_type)
self._resource_container.add_commit_queue(self.id, ro)
def add_security_label(self, data):
""" filter api results by security label """
# validation of data input
if not isinstance(data, str):
raise AttributeError(ErrorCodes.e4050.value.format(data))
prop = self._resource_properties['security_labels']
ro = RequestObject()
ro.set_description('api filter by security label "{0}"'.format(data))
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_resource_pagination(prop['pagination'])
ro.set_request_uri(prop['uri'], [SharedMethods.urlsafe(data)])
ro.set_resource_type(self._resource_type)
self._add_request_objects(ro)
