def tc_create_event(name, owner, event_date, tag=None, status=None, description=None): tc = get_client() ro = RequestObject() ro.set_http_method('POST') ro.set_request_uri('/v2/groups/events') body = {'name': name, 'eventDate': event_date, 'status': status} ro.set_body(json.dumps(body)) response = tc.api_request(ro).json() if response.get('status') == 'Success': output = response.get('data', {}).get('event', {}) event_id = output['id'] if description is not None: # Associate Attribute description ro = RequestObject() ro.set_http_method('POST') ro.set_request_uri( '/v2/groups/events/{}/attributes'.format(event_id)) body = { 'type': 'Description', 'value': description, 'displayed': 'true' } ro.set_body(json.dumps(body)) tc.api_request(ro).json() return output else: return_error('Failed to create event')
def tc_get_tags(): tc = get_client() ro = RequestObject() ro.set_http_method('GET') ro.set_request_uri('/v2/tags') return tc.api_request(ro).json()
def add_security_label(self, security_label_name): """ retrieve attributes for this indicator """ prop = self._resource_properties['add_security_label'] ro = RequestObject() ro.set_description( 'deleting security label {0} for attribute {1} of object {2}'. format(security_label_name, self.id, self._container.id)) ro.set_http_method(prop['http_method']) ro.set_owner_allowed(prop['owner_allowed']) resource_uri = self._container._resource_properties['id']['uri'] try: resource_uri = resource_uri.format(self._container.indicator) except AttributeError: resource_uri = resource_uri.format(self._container.id) ro.set_request_uri(prop['uri'].format(resource_uri, self.id, security_label_name)) ro.set_resource_pagination(prop['pagination']) callback = lambda status: self.__failed_add_security_label( security_label_name) ro.set_failure_callback(callback) self._container._resource_container.add_commit_queue( self._container.id, ro) security_label = SecurityLabelObject() security_label.set_name(security_label_name) self.__add_security_label(security_label)
def upload(self, body): """ upload document """ if self._resource_type == ResourceType.DOCUMENTS: prop = self._resource_properties['document_upload'] elif self._resource_type == ResourceType.SIGNATURES: prop = self._resource_properties['signature_upload'] else: self._tc.tcl.error('Upload requested for wrong resource type.') raise AttributeError(ErrorCodes.e10330.value) ro = RequestObject() ro.set_body(body) ro.set_content_type('application/octet-stream') ro.set_description('upload document for "{0}"'.format(self._name)) # determine whether the file contents exist using phase (not 100%) if self.phase == 1: ro.set_http_method(prop['http_method']) else: ro.set_http_method('PUT') ro.set_owner_allowed(prop['owner_allowed']) ro.set_request_uri(prop['uri'].format(self._id)) ro.set_resource_pagination(prop['pagination']) ro.set_resource_type(self._resource_type) success_callback = lambda request, response: self.set_contents(request.body) ro.set_success_callback(success_callback) self._resource_container.add_commit_queue(self.id, ro)
def add_indicator(self, data, indicator_type=None): """ filter api results by indicator """ # validation indicator if not SharedMethods.validate_indicator(self.tc._indicators_regex, data): raise AttributeError(ErrorCodes.e5010.value.format(data)) # get indicator uri attribute if indicator_type is None: indicator_type = SharedMethods.get_resource_type( self.tc._indicators_regex, data) indicator_uri_attribute = ApiProperties.api_properties[ indicator_type.name]['uri_attribute'] prop = self._resource_properties['indicator'] ro = RequestObject() ro.set_description('api filter by indicator id {0}'.format(data)) ro.set_owner_allowed(prop['owner_allowed']) # TODO: Check this logic if self._resource_type == ResourceType.INDICATORS: ro.set_request_uri( prop['uri'], [indicator_uri_attribute, SharedMethods.urlsafe(data)]) else: ro.set_request_uri(prop['uri'], [SharedMethods.urlsafe(data)]) ro.set_resource_pagination(prop['pagination']) ro.set_resource_type(indicator_type) self._add_request_objects(ro)
def get_groups_request(group_type): tc = get_client() ro = RequestObject() ro.set_http_method('GET') ro.set_request_uri('/v2/groups/{}'.format(group_type)) return tc.api_request(ro).json()
def tc_get_indicator_types_request(): tc = get_client() ro = RequestObject() ro.set_http_method('GET') ro.set_request_uri('/v2/types/indicatorTypes') return tc.api_request(ro).json()
def get_events_request(): tc = get_client() ro = RequestObject() ro.set_http_method('GET') ro.set_request_uri('/v2/groups/events') return tc.api_request(ro).json()
def __init__(self, base_uri, tcl): """ """ super(BulkFilterObject, self).__init__(base_uri, tcl) self._owners = [] # define properties for resource type # self._properties = BulkProperties(base_uri=self.base_uri) self._properties = None self._resource_type = self._properties.resource_type # create default request object for filtered request with only owners self._request_object = RequestObject('groups', 'default') self._request_object.set_http_method(self._properties.http_method) self._request_object.set_owner_allowed( self._properties.base_owner_allowed) self._request_object.set_request_uri(self._properties.base_path) self._request_object.set_resource_pagination( self._properties.resource_pagination) self._request_object.set_resource_type(self._properties.resource_type) # # add_obj filter methods # for method_name in self._properties.filters: method = getattr(IndicatorFilterMethods, method_name) setattr(self, method_name, types.MethodType(method, self))
def load_security_labels(self): """ retrieve attributes for this indicator """ prop = self._resource_properties['load_security_labels'] ro = RequestObject() ro.set_description( 'load security labels for attribute {0} of object {1}'.format( self.id, self._container.id)) ro.set_http_method(prop['http_method']) ro.set_owner_allowed(prop['owner_allowed']) resource_uri = self._container._resource_properties['id']['uri'] try: resource_uri = resource_uri.format(self._container.indicator) except AttributeError: resource_uri = resource_uri.format(self._container.id) ro.set_request_uri(prop['uri'].format(resource_uri, self.id)) ro.set_resource_pagination(prop['pagination']) api_response = self._container._tc.api_request(ro) if api_response.headers['content-type'] == 'application/json': api_response_dict = api_response.json() if api_response_dict['status'] == 'Success': self._security_labels = [] data = api_response_dict['data']['securityLabel'] for item in data: self.__add_security_label(parse_security_label( item)) # add to main resource object
def log_to_api(self): if len(self.entries) > 0: # make api call ro = RequestObject() ro.set_http_method('POST') ro.set_owner_allowed(True) ro.set_resource_pagination(False) ro.set_request_uri('/v2/logs/app') ro.set_body(dumps(self.entries)) # retrieve and display the results; don't log during api request so we don't end up with duplicate info try: self.tc.api_request(ro, log=False) except RuntimeError as re: # can't really do anything if it fails error_data = { 'levelname': 'ERROR', 'created': time.time(), 'msg': 'API LOGGING FAILURE -- Unable to send log entries to api: {}' .format(self.entries) } lr = makeLogRecord(error_data) self.entries = [] self.emit(lr) self.entries = []
def tc_owners(): tc = get_client() ro = RequestObject() ro.set_http_method('GET') ro.set_request_uri('/v2/owners') results = tc.api_request(ro) return results.json()
def tc_delete_group(group_id, group_type): tc = get_client() ro = RequestObject() ro.set_http_method('DELETE') ro.set_request_uri('/v2/groups/{}/{}'.format(group_type, group_id)) response = tc.api_request(ro).json() return response['status'] == 'Success'
def add_group_tags_request(group_type, group_id, tag_name): tc = get_client() ro = RequestObject() ro.set_http_method('POST') ro.set_request_uri('/v2/groups/{}/{}/tags/{}'.format( group_type, group_id, tag_name)) response = tc.api_request(ro).json() return response.get('status') == 'Success'
def associate_indicator_request(indicator_type, indicator, group_type, group_id): tc = get_client() ro = RequestObject() ro.set_http_method('POST') ro.set_request_uri('/v2/indicators/{}/{}/groups/{}/{}'.format( indicator_type, indicator, group_type, group_id)) response = tc.api_request(ro).json() return response
def add_group_security_label_request(group_type, group_id, security_label): tc = get_client() ro = RequestObject() ro.set_http_method('POST') ro.set_request_uri('/v2/groups/{}/{}/securityLabels/{}'.format( group_type, group_id, security_label)) response = tc.api_request(ro).json() return response.get('status') == 'Success'
def __init__(self, tc_obj): """ """ super(Bulk, self).__init__(tc_obj) self._filter_class = BulkFilterObject # set properties # properties = BulkProperties(base_uri=self.base_uri) # self._resource_type = properties.resource_type # create default request object for non-filtered requests self._request_object = RequestObject('bulk', 'default')
def add_tag(self, tag): """ add a tag to an indicator """ prop = self._resource_properties['tag_add'] ro = RequestObject() ro.set_description('add tag "{0}" to "{1}"'.format(tag, self._name)) ro.set_http_method(prop['http_method']) ro.set_owner_allowed(prop['owner_allowed']) ro.set_request_uri(prop['uri'].format(self._id, self._urlsafe(tag))) ro.set_resource_pagination(prop['pagination']) ro.set_resource_type(self._resource_type) self._resource_container.add_commit_queue(self.id, ro)
def default_request_object(self): """ default request when no filters are provided """ resource_properties = ApiProperties.api_properties[self._resource_type.name]['properties'] # create default request object for non-filtered requests request_object = RequestObject() request_object.set_http_method(resource_properties['base']['http_method']) request_object.set_owner_allowed(resource_properties['base']['owner_allowed']) request_object.set_request_uri(resource_properties['base']['uri']) request_object.set_resource_pagination(resource_properties['base']['pagination']) request_object.set_resource_type(self._resource_type) return request_object
def tc_get_indicators_by_tag(tag, owner): tc = get_client() ro = RequestObject() ro.set_http_method('GET') cmd = '/v2/tags/{}/indicators'.format(tag) if owner is not None: cmd += '?owner={}'.format(owner) ro.set_request_uri(cmd) return tc.api_request(ro).json()
def default_request_object(self): """ default request when only a owner filter is provided """ request_object = RequestObject() request_object.set_description('filter by owner') request_object.set_http_method(self._resource_properties['base']['http_method']) request_object.set_owner_allowed(self._resource_properties['base']['owner_allowed']) request_object.set_request_uri(self._resource_properties['base']['uri']) request_object.set_resource_pagination(self._resource_properties['base']['pagination']) request_object.set_resource_type(self._resource_type) return request_object
def delete_attribute(self, attr_id): """ delete attribute from group by id """ prop = self._resource_properties['attribute_delete'] ro = RequestObject() ro.set_description('delete attribute id {0} from "{1}"'.format(attr_id, self._name)) ro.set_http_method(prop['http_method']) ro.set_owner_allowed(prop['owner_allowed']) ro.set_request_uri(prop['uri'].format( self._id, attr_id)) ro.set_resource_pagination(prop['pagination']) ro.set_resource_type(self._resource_type) self._resource_container.add_commit_queue(self.id, ro)
def delete_security_label(self, label): """ set the security label for this indicator """ prop = self._resource_properties['security_label_delete'] ro = RequestObject() ro.set_description('delete security label "{0}" from {1}'.format(label, self._name)) ro.set_http_method(prop['http_method']) ro.set_owner_allowed(prop['owner_allowed']) ro.set_request_uri(prop['uri'].format( self._id, self._urlsafe(label))) ro.set_resource_pagination(prop['pagination']) ro.set_resource_type(self._resource_type) self._resource_container.add_commit_queue(self.id, ro)
def delete_tag(self, tag): """ delete tag from group """ prop = self._resource_properties['tag_delete'] ro = RequestObject() ro.set_description('delete tag "{0}" from "{1}"'.format(tag, self._name)) ro.set_http_method(prop['http_method']) ro.set_owner_allowed(prop['owner_allowed']) ro.set_request_uri(prop['uri'].format( self._id, self._urlsafe(tag))) ro.set_resource_pagination(prop['pagination']) ro.set_resource_type(self._resource_type) self._resource_container.add_commit_queue(self.id, ro)
def add_tag(self, data): """ """ if not isinstance(data, str): raise AttributeError(ErrorCodes.e4070.value.format(data)) prop = self._resource_properties['tags'] ro = RequestObject() ro.set_description('api filter by tag "{0}"'.format(data)) ro.set_owner_allowed(prop['owner_allowed']) ro.set_resource_pagination(prop['pagination']) ro.set_request_uri(prop['uri'], [SharedMethods.urlsafe(data)]) ro.set_resource_type(self._resource_type) self._add_request_objects(ro)
def add_victim_id(self, data_int): """ """ if not isinstance(data_int, int): raise AttributeError(ErrorCodes.e4090.value.format(data_int)) prop = self._resource_properties['victims'] ro = RequestObject() ro.set_description('api filter by victim id {0}'.format(data_int)) ro.set_owner_allowed(prop['owner_allowed']) ro.set_resource_pagination(prop['pagination']) ro.set_request_uri(prop['uri'], [data_int]) ro.set_resource_type(self._resource_type) self._add_request_objects(ro)
def associate_group(self, resource_type, resource_id): """ associate a group to group by id """ prop = self._resource_properties['association_group_add'] ro = RequestObject() ro.set_description('associate group type "{0}" id {1} to "{2}"'.format( resource_type.name, resource_id, self._name)) ro.set_http_method(prop['http_method']) ro.set_owner_allowed(prop['owner_allowed']) ro.set_resource_pagination(prop['pagination']) group_uri_attribute = ApiProperties.api_properties[resource_type.name]['uri_attribute'] ro.set_request_uri(prop['uri'].format(self._id, group_uri_attribute, resource_id)) ro.set_resource_type(self._resource_type) self._resource_container.add_commit_queue(self.id, ro)
def associate_indicator(self, indicator_type, indicator): """ associate a group to group by id """ prop = self._resource_properties['association_indicator_add'] ro = RequestObject() ro.set_description('associate indicator {0} to "{1}"'.format( indicator, self._name)) ro.set_http_method(prop['http_method']) ro.set_owner_allowed(prop['owner_allowed']) ro.set_resource_pagination(prop['pagination']) indicator_uri_attribute = ApiProperties.api_properties[indicator_type.name]['uri_attribute'] ro.set_request_uri(prop['uri'].format(indicator_uri_attribute, self._urlsafe(indicator), self.id)) ro.set_resource_type(self._resource_type) self._resource_container.add_commit_queue(self.id, ro)
def associate_victim(self, resource_id): """ associate victim from group """ prop = self._resource_properties['association_victim_add'] ro = RequestObject() ro.set_description('associate victim id {0} from "{1}"'.format( resource_id, self._name)) ro.set_http_method(prop['http_method']) ro.set_owner_allowed(prop['owner_allowed']) ro.set_request_uri(prop['uri'].format( self._id, resource_id)) ro.set_resource_pagination(prop['pagination']) ro.set_resource_type(self._resource_type) self._resource_container.add_commit_queue(self.id, ro)
def add_security_label(self, data): """ filter api results by security label """ # validation of data input if not isinstance(data, str): raise AttributeError(ErrorCodes.e4050.value.format(data)) prop = self._resource_properties['security_labels'] ro = RequestObject() ro.set_description('api filter by security label "{0}"'.format(data)) ro.set_owner_allowed(prop['owner_allowed']) ro.set_resource_pagination(prop['pagination']) ro.set_request_uri(prop['uri'], [SharedMethods.urlsafe(data)]) ro.set_resource_type(self._resource_type) self._add_request_objects(ro)