Example #1
0
    def setUp(self):
        """Setup the test database."""
        init_db()

        self.user1 = self._create_user(username=u'test1', set_password=True)
        self.user2 = self._create_user(username=u'test2', set_password=False)

        self.sketch1 = self._create_sketch(
            name=u'Test 1', user=self.user1, acl=True)
        self.sketch2 = self._create_sketch(
            name=u'Test 2', user=self.user1, acl=False)
        self.sketch3 = self._create_sketch(
            name=u'Test 3', user=self.user1, acl=True)

        self.searchindex = self._create_searchindex(
            name=u'test', user=self.user1, acl=True)

        self.timeline = self._create_timeline(
            name=u'Timeline 1', sketch=self.sketch1,
            searchindex=self.searchindex, user=self.user1)

        self.view1 = self._create_view(
            name=u'View 1', sketch=self.sketch1, user=self.user1)
        self.view2 = self._create_view(
            name=u'View 2', sketch=self.sketch2, user=self.user1)
        self.view3 = self._create_view(
            name=u'', sketch=self.sketch1, user=self.user2)

        self.event = self._create_event(
            sketch=self.sketch1, searchindex=self.searchindex, user=self.user1)
Example #2
0
    def setUp(self):
        """Setup the test database."""
        init_db()

        self.user1 = self._create_user(username=u'test1', set_password=True)
        self.user2 = self._create_user(username=u'test2', set_password=False)

        self.sketch1 = self._create_sketch(name=u'Test 1',
                                           user=self.user1,
                                           acl=True)
        self.sketch2 = self._create_sketch(name=u'Test 2',
                                           user=self.user1,
                                           acl=False)

        self.searchindex = self._create_searchindex(name=u'test',
                                                    user=self.user1)

        self.timeline = self._create_timeline(name=u'Timeline 1',
                                              sketch=self.sketch1,
                                              searchindex=self.searchindex,
                                              user=self.user1)

        self.view1 = self._create_view(name=u'View 1',
                                       sketch=self.sketch1,
                                       user=self.user1)
        self.view2 = self._create_view(name=u'View 2',
                                       sketch=self.sketch2,
                                       user=self.user1)
        self.view3 = self._create_view(name=u'',
                                       sketch=self.sketch1,
                                       user=self.user2)

        self.event = self._create_event(sketch=self.sketch1,
                                        searchindex=self.searchindex,
                                        user=self.user1)
Example #3
0
    def setUp(self):
        """Setup the test database."""
        init_db()

        self.user1 = self._create_user(username="******", set_password=True)
        self.user2 = self._create_user(username="******", set_password=False)

        self.group1 = self._create_group(name="test_group1", user=self.user1)
        self.group2 = self._create_group(name="test_group2", user=self.user1)

        self.sketch1 = self._create_sketch(name="Test 1", user=self.user1, acl=True)
        self.sketch2 = self._create_sketch(name="Test 2", user=self.user1, acl=False)
        self.sketch3 = self._create_sketch(name="Test 3", user=self.user1, acl=True)

        self.searchindex = self._create_searchindex(
            name="test", user=self.user1, acl=True
        )
        self.searchindex2 = self._create_searchindex(
            name="test2", user=self.user1, acl=True
        )

        self.timeline = self._create_timeline(
            name="Timeline 1",
            sketch=self.sketch1,
            searchindex=self.searchindex,
            user=self.user1,
        )

        self.view1 = self._create_view(
            name="View 1", sketch=self.sketch1, user=self.user1
        )
        self.view2 = self._create_view(
            name="View 2", sketch=self.sketch2, user=self.user1
        )
        self.view3 = self._create_view(name="", sketch=self.sketch1, user=self.user2)

        self.searchtemplate = self._create_searchtemplate(
            name="template", user=self.user1
        )

        self.event = self._create_event(
            sketch=self.sketch1, searchindex=self.searchindex, user=self.user1
        )

        self.story = self._create_story(sketch=self.sketch1, user=self.user1)
Example #4
0
def create_app(config=None, v2=False):
    """Create the Flask app instance that is used throughout the application.

    Args:
        config: Path to configuration file as a string or an object with config
        directives.
        v2: Temporary flag to indicate to serve the new UI.
            TODO: Remove this when the old UI has been deprecated.

    Returns:
        Application object (instance of flask.Flask).
    """
    template_folder = "frontend/dist"
    static_folder = "frontend/dist"

    # Serve the new UI.
    # This is still experimental and will be broken and have missing features.
    if v2:
        template_folder = "frontend-ng/dist"
        static_folder = "frontend-ng/dist"

    app = Flask(__name__,
                template_folder=template_folder,
                static_folder=static_folder)

    if not config:
        # Where to find the config file
        default_path = "/etc/timesketch/timesketch.conf"
        # Fall back to legacy location of the config file
        legacy_path = "/etc/timesketch.conf"
        if os.path.isfile(default_path):
            config = default_path
        else:
            config = legacy_path

    if isinstance(config, six.text_type):
        os.environ["TIMESKETCH_SETTINGS"] = config
        try:
            app.config.from_envvar("TIMESKETCH_SETTINGS")

            if "EMAIL_USER_WHITELIST" in app.config:
                sys.stderr.write(
                    "Warning, EMAIL_USER_WHITELIST has been deprecated. "
                    "Please update timesketch.conf.")
        except IOError:
            sys.stderr.write(
                "Config file {0} does not exist.\n".format(config))
            sys.exit()
    else:
        app.config.from_object(config)

    # Make sure that SECRET_KEY is configured.
    if not app.config["SECRET_KEY"]:
        sys.stderr.write("ERROR: Secret key not present. "
                         "Please update your configuration.\n"
                         "To generate a key you can use openssl:\n\n"
                         "$ openssl rand -base64 32\n\n")
        sys.exit()

    # Support old style config using Elasticsearch as backend.
    # TODO: Deprecate the old ELASTIC_* config in 2023.
    if not app.config.get("OPENSEARCH_HOST"):
        sys.stderr.write("Deprecated config field found: ELASTIC_HOST. "
                         "Update your config to use OPENSEARCH_HOST.\n")
        app.config["OPENSEARCH_HOST"] = app.config.get("ELASTIC_HOST")

    if not app.config.get("OPENSEARCH_PORT"):
        sys.stderr.write("Deprecated config field found: ELASTIC_PORT. "
                         "Update your config to use OPENSEARCH_PORT.\n")
        app.config["OPENSEARCH_PORT"] = app.config.get("ELASTIC_PORT")

    # Plaso version that we support
    if app.config["UPLOAD_ENABLED"]:
        try:
            # pylint: disable=import-outside-toplevel
            from plaso import __version__ as plaso_version

            app.config["PLASO_VERSION"] = plaso_version
        except ImportError:
            pass

    # Setup the database.
    configure_engine(app.config["SQLALCHEMY_DATABASE_URI"])
    db = init_db()

    # Alembic migration support:
    # http://alembic.zzzcomputing.com/en/latest/
    migrate = Migrate()
    migrate.init_app(app, db)

    # Register blueprints. Blueprints are a way to organize your Flask
    # Flask application. See this for more information:
    # http://flask.pocoo.org/docs/latest/blueprints/
    app.register_blueprint(spa_views)
    app.register_blueprint(auth_views)

    # Setup URL routes for the API.
    api_v1 = Api(app, prefix="/api/v1")
    for route in V1_API_ROUTES:
        api_v1.add_resource(*route)

    # Register error handlers
    # pylint: disable=unused-variable
    @app.errorhandler(ApiHTTPError)
    def handle_api_http_error(error):
        """Error handler for API HTTP errors.

        Returns:
            HTTP response object (instance of flask.wrappers.Response)
        """
        return error.build_response()

    # Setup the login manager.
    login_manager = LoginManager()
    login_manager.init_app(app)
    login_manager.login_view = "user_views.login"

    # This is used by the flask_login extension.
    # pylint: disable=unused-variable
    @login_manager.user_loader
    def load_user(user_id):
        """Based on a user_id (database primary key for a user) this function
        loads a user from the database. It is used by the Flask-Login extension
        to setup up the session for the user.

        Args:
            user_id: Integer primary key for the user.

        Returns:
            A user object (Instance of timesketch.models.user.User).
        """
        return User.query.get(user_id)

    # Setup CSRF protection for the whole application
    CSRFProtect(app)

    return app
Example #5
0
def create_app(config=None):
    """Create the Flask app instance that is used throughout the application.

    Args:
        config: Path to configuration file as a string or an object with config
        directives.

    Returns:
        Application object (instance of flask.Flask).
    """
    template_folder = 'frontend/dist'
    static_folder = 'frontend/dist'

    app = Flask(__name__,
                template_folder=template_folder,
                static_folder=static_folder)

    if not config:
        # Where to find the config file
        default_path = '/etc/timesketch/timesketch.conf'
        # Fall back to legacy location of the config file
        legacy_path = '/etc/timesketch.conf'
        if os.path.isfile(default_path):
            config = default_path
        else:
            config = legacy_path

    if isinstance(config, six.text_type):
        os.environ['TIMESKETCH_SETTINGS'] = config
        try:
            app.config.from_envvar('TIMESKETCH_SETTINGS')
        except IOError:
            sys.stderr.write(
                'Config file {0} does not exist.\n'.format(config))
            sys.exit()
    else:
        app.config.from_object(config)

    # Make sure that SECRET_KEY is configured.
    if not app.config['SECRET_KEY']:
        sys.stderr.write('ERROR: Secret key not present. '
                         'Please update your configuration.\n'
                         'To generate a key you can use openssl:\n\n'
                         '$ openssl rand -base64 32\n\n')
        sys.exit()

    # Plaso version that we support
    if app.config['UPLOAD_ENABLED']:
        try:
            from plaso import __version__ as plaso_version
            app.config['PLASO_VERSION'] = plaso_version
        except ImportError:
            sys.stderr.write('Upload is enabled, but Plaso is not installed.')

    # Setup the database.
    configure_engine(app.config['SQLALCHEMY_DATABASE_URI'])
    db = init_db()

    # Alembic migration support:
    # http://alembic.zzzcomputing.com/en/latest/
    migrate = Migrate()
    migrate.init_app(app, db)

    # Register blueprints. Blueprints are a way to organize your Flask
    # Flask application. See this for more information:
    # http://flask.pocoo.org/docs/latest/blueprints/
    app.register_blueprint(spa_views)
    app.register_blueprint(auth_views)

    # Setup URL routes for the API.
    api_v1 = Api(app, prefix='/api/v1')
    for route in V1_API_ROUTES:
        api_v1.add_resource(*route)

    # Register error handlers
    # pylint: disable=unused-variable
    @app.errorhandler(ApiHTTPError)
    def handle_api_http_error(error):
        """Error handler for API HTTP errors.

        Returns:
            HTTP response object (instance of flask.wrappers.Response)
        """
        return error.build_response()

    # Setup the login manager.
    login_manager = LoginManager()
    login_manager.init_app(app)
    login_manager.login_view = 'user_views.login'

    # This is used by the flask_login extension.
    # pylint: disable=unused-variable
    @login_manager.user_loader
    def load_user(user_id):
        """Based on a user_id (database primary key for a user) this function
        loads a user from the database. It is used by the Flask-Login extension
        to setup up the session for the user.

        Args:
            user_id: Integer primary key for the user.

        Returns:
            A user object (Instance of timesketch.models.user.User).
        """
        return User.query.get(user_id)

    # Setup CSRF protection for the whole application
    CSRFProtect(app)

    return app
Example #6
0
def create_app(config=None):
    """Create the Flask app instance that is used throughout the application.

    Args:
        config: Path to configuration file as a string or an object with config
        directives.

    Returns:
        Application object (instance of flask.Flask).
    """
    # Setup the Flask app and load the config.
    app = Flask(__name__, template_folder='templates', static_folder='static')

    if not config:
        config = '/etc/timesketch.conf'

    if isinstance(config, six.text_type):
        os.environ['TIMESKETCH_SETTINGS'] = config
        try:
            app.config.from_envvar('TIMESKETCH_SETTINGS')
        except IOError:
            sys.stderr.write(
                'Config file {0} does not exist.\n'.format(config))
            sys.exit()
    else:
        app.config.from_object(config)

    # Make sure that SECRET_KEY is configured.
    if not app.config['SECRET_KEY']:
        sys.stderr.write('ERROR: Secret key not present. '
                         'Please update your configuration.\n'
                         'To generate a key you can use openssl:\n\n'
                         '$ openssl rand -base64 32\n\n')
        sys.exit()

    # Plaso version that we support
    if app.config['UPLOAD_ENABLED']:
        try:
            from plaso import __version__ as plaso_version
        except ImportError:
            sys.stderr.write('Upload is enabled, but Plaso is not installed.')
            sys.exit()
        app.config['PLASO_VERSION'] = plaso_version

    # Setup the database.
    configure_engine(app.config['SQLALCHEMY_DATABASE_URI'])
    db = init_db()

    # Alembic migration support:
    # http://alembic.zzzcomputing.com/en/latest/
    migrate = Migrate()
    migrate.init_app(app, db)

    # Register blueprints. Blueprints are a way to organize your Flask
    # Flask application. See this for more information:
    # http://flask.pocoo.org/docs/latest/blueprints/
    app.register_blueprint(auth_views)
    app.register_blueprint(home_views)
    app.register_blueprint(sketch_views)

    # Setup URL routes for the API.
    api_v1 = Api(app, prefix='/api/v1')
    for route in V1_API_ROUTES:
        api_v1.add_resource(*route)

    # Register error handlers
    # pylint: disable=unused-variable
    @app.errorhandler(ApiHTTPError)
    def handle_api_http_error(error):
        """Error handler for API HTTP errors.

        Returns:
            HTTP response object (instance of flask.wrappers.Response)
        """
        return error.build_response()

    # Setup the login manager.
    login_manager = LoginManager()
    login_manager.init_app(app)
    login_manager.login_view = 'user_views.login'

    # This is used by the flask_login extension.
    # pylint: disable=unused-variable
    @login_manager.user_loader
    def load_user(user_id):
        """Based on a user_id (database primary key for a user) this function
        loads a user from the database. It is used by the Flask-Login extension
        to setup up the session for the user.

        Args:
            user_id: Integer primary key for the user.

        Returns:
            A user object (Instance of timesketch.models.user.User).
        """
        return User.query.get(user_id)

    # Setup CSRF protection for the whole application
    CSRFProtect(app)

    return app
Example #7
0
def create_app(config=None):
    """Create the Flask app instance that is used throughout the application.

    Args:
        config: Path to configuration file as a string or an object with config
        directives.

    Returns:
        Application object (instance of flask.Flask).
    """
    # Setup the Flask app and load the config.
    app = Flask(
        __name__, template_folder=u'ui/templates', static_folder=u'ui/static')

    if not config:
        config = u'/etc/timesketch.conf'

    if isinstance(config, unicode):
        os.environ[u'TIMESKETCH_SETTINGS'] = config
        try:
            app.config.from_envvar(u'TIMESKETCH_SETTINGS')
        except IOError:
            sys.stderr.write(
                u'Config file {0} does not exist.\n'.format(config))
            sys.exit()
    else:
        app.config.from_object(config)

    # Make sure that SECRET_KEY is configured.
    if not app.config[u'SECRET_KEY']:
        sys.stderr.write(u'ERROR: Secret key not present. '
                         u'Please update your configuration.\n'
                         u'To generate a key you can use openssl:\n\n'
                         u'$ openssl rand -base64 32\n\n')
        sys.exit()

    # Setup the database.
    configure_engine(app.config[u'SQLALCHEMY_DATABASE_URI'])
    db = init_db()

    # Alembic migration support:
    # http://alembic.zzzcomputing.com/en/latest/
    migrate = Migrate()
    migrate.init_app(app, db)

    # Register blueprints. Blueprints are a way to organize your Flask
    # Flask application. See this for more information:
    # http://flask.pocoo.org/docs/latest/blueprints/
    app.register_blueprint(user_views)
    app.register_blueprint(home_views)
    app.register_blueprint(sketch_views)
    app.register_blueprint(story_views)

    # Setup URL routes for the API.
    api_v1 = Api(app, prefix=u'/api/v1')
    api_v1.add_resource(SketchListResource, u'/sketches/')
    api_v1.add_resource(SketchResource, u'/sketches/<int:sketch_id>/')
    api_v1.add_resource(
        AggregationResource, u'/sketches/<int:sketch_id>/aggregation/')
    api_v1.add_resource(ExploreResource, u'/sketches/<int:sketch_id>/explore/')
    api_v1.add_resource(EventResource, u'/sketches/<int:sketch_id>/event/')
    api_v1.add_resource(
        EventAnnotationResource, u'/sketches/<int:sketch_id>/event/annotate/')
    api_v1.add_resource(ViewListResource, u'/sketches/<int:sketch_id>/views/')
    api_v1.add_resource(
        ViewResource, u'/sketches/<int:sketch_id>/views/<int:view_id>/')
    api_v1.add_resource(UploadFileResource, u'/upload/')
    api_v1.add_resource(TaskResource, u'/tasks/')
    api_v1.add_resource(
        StoryListResource, u'/sketches/<int:sketch_id>/stories/')
    api_v1.add_resource(
        StoryResource, u'/sketches/<int:sketch_id>/stories/<int:story_id>/')

    # Register error handlers
    # pylint: disable=unused-variable
    @app.errorhandler(ApiHTTPError)
    def handle_api_http_error(error):
        """Error handler for API HTTP errors.

        Returns:
            HTTP response object (instance of flask.wrappers.Response)
        """
        return error.build_response()

    # Setup the login manager.
    login_manager = LoginManager()
    login_manager.init_app(app)
    login_manager.login_view = u'user_views.login'

    # This is used by the flask_login extension.
    # pylint: disable=unused-variable
    @login_manager.user_loader
    def load_user(user_id):
        """Based on a user_id (database primary key for a user) this function
        loads a user from the database. It is used by the Flask-Login extension
        to setup up the session for the user.

        Args:
            user_id: Integer primary key for the user.

        Returns:
            A user object (Instance of timesketch.models.user.User).
        """
        return User.query.get(user_id)

    # Setup CSRF protection for the whole application
    CsrfProtect(app)

    return app