def setUp(self):
"""Setup the test database."""
init_db()
self.user1 = self._create_user(username=u'test1', set_password=True)
self.user2 = self._create_user(username=u'test2', set_password=False)
self.sketch1 = self._create_sketch(
name=u'Test 1', user=self.user1, acl=True)
self.sketch2 = self._create_sketch(
name=u'Test 2', user=self.user1, acl=False)
self.sketch3 = self._create_sketch(
name=u'Test 3', user=self.user1, acl=True)
self.searchindex = self._create_searchindex(
name=u'test', user=self.user1, acl=True)
self.timeline = self._create_timeline(
name=u'Timeline 1', sketch=self.sketch1,
searchindex=self.searchindex, user=self.user1)
self.view1 = self._create_view(
name=u'View 1', sketch=self.sketch1, user=self.user1)
self.view2 = self._create_view(
name=u'View 2', sketch=self.sketch2, user=self.user1)
self.view3 = self._create_view(
name=u'', sketch=self.sketch1, user=self.user2)
self.event = self._create_event(
sketch=self.sketch1, searchindex=self.searchindex, user=self.user1)
def setUp(self):
"""Setup the test database."""
init_db()
self.user1 = self._create_user(username=u'test1', set_password=True)
self.user2 = self._create_user(username=u'test2', set_password=False)
self.sketch1 = self._create_sketch(name=u'Test 1',
user=self.user1,
acl=True)
self.sketch2 = self._create_sketch(name=u'Test 2',
user=self.user1,
acl=False)
self.searchindex = self._create_searchindex(name=u'test',
user=self.user1)
self.timeline = self._create_timeline(name=u'Timeline 1',
sketch=self.sketch1,
searchindex=self.searchindex,
user=self.user1)
self.view1 = self._create_view(name=u'View 1',
sketch=self.sketch1,
user=self.user1)
self.view2 = self._create_view(name=u'View 2',
sketch=self.sketch2,
user=self.user1)
self.view3 = self._create_view(name=u'',
sketch=self.sketch1,
user=self.user2)
self.event = self._create_event(sketch=self.sketch1,
searchindex=self.searchindex,
user=self.user1)
def setUp(self):
"""Setup the test database."""
init_db()
self.user1 = self._create_user(username="******", set_password=True)
self.user2 = self._create_user(username="******", set_password=False)
self.group1 = self._create_group(name="test_group1", user=self.user1)
self.group2 = self._create_group(name="test_group2", user=self.user1)
self.sketch1 = self._create_sketch(name="Test 1", user=self.user1, acl=True)
self.sketch2 = self._create_sketch(name="Test 2", user=self.user1, acl=False)
self.sketch3 = self._create_sketch(name="Test 3", user=self.user1, acl=True)
self.searchindex = self._create_searchindex(
name="test", user=self.user1, acl=True
)
self.searchindex2 = self._create_searchindex(
name="test2", user=self.user1, acl=True
)
self.timeline = self._create_timeline(
name="Timeline 1",
sketch=self.sketch1,
searchindex=self.searchindex,
user=self.user1,
)
self.view1 = self._create_view(
name="View 1", sketch=self.sketch1, user=self.user1
)
self.view2 = self._create_view(
name="View 2", sketch=self.sketch2, user=self.user1
)
self.view3 = self._create_view(name="", sketch=self.sketch1, user=self.user2)
self.searchtemplate = self._create_searchtemplate(
name="template", user=self.user1
)
self.event = self._create_event(
sketch=self.sketch1, searchindex=self.searchindex, user=self.user1
)
self.story = self._create_story(sketch=self.sketch1, user=self.user1)
def create_app(config=None, v2=False):
"""Create the Flask app instance that is used throughout the application.
Args:
config: Path to configuration file as a string or an object with config
directives.
v2: Temporary flag to indicate to serve the new UI.
TODO: Remove this when the old UI has been deprecated.
Returns:
Application object (instance of flask.Flask).
"""
template_folder = "frontend/dist"
static_folder = "frontend/dist"
# Serve the new UI.
# This is still experimental and will be broken and have missing features.
if v2:
template_folder = "frontend-ng/dist"
static_folder = "frontend-ng/dist"
app = Flask(__name__,
template_folder=template_folder,
static_folder=static_folder)
if not config:
# Where to find the config file
default_path = "/etc/timesketch/timesketch.conf"
# Fall back to legacy location of the config file
legacy_path = "/etc/timesketch.conf"
if os.path.isfile(default_path):
config = default_path
else:
config = legacy_path
if isinstance(config, six.text_type):
os.environ["TIMESKETCH_SETTINGS"] = config
try:
app.config.from_envvar("TIMESKETCH_SETTINGS")
if "EMAIL_USER_WHITELIST" in app.config:
sys.stderr.write(
"Warning, EMAIL_USER_WHITELIST has been deprecated. "
"Please update timesketch.conf.")
except IOError:
sys.stderr.write(
"Config file {0} does not exist.\n".format(config))
sys.exit()
else:
app.config.from_object(config)
# Make sure that SECRET_KEY is configured.
if not app.config["SECRET_KEY"]:
sys.stderr.write("ERROR: Secret key not present. "
"Please update your configuration.\n"
"To generate a key you can use openssl:\n\n"
"$ openssl rand -base64 32\n\n")
sys.exit()
# Support old style config using Elasticsearch as backend.
# TODO: Deprecate the old ELASTIC_* config in 2023.
if not app.config.get("OPENSEARCH_HOST"):
sys.stderr.write("Deprecated config field found: ELASTIC_HOST. "
"Update your config to use OPENSEARCH_HOST.\n")
app.config["OPENSEARCH_HOST"] = app.config.get("ELASTIC_HOST")
if not app.config.get("OPENSEARCH_PORT"):
sys.stderr.write("Deprecated config field found: ELASTIC_PORT. "
"Update your config to use OPENSEARCH_PORT.\n")
app.config["OPENSEARCH_PORT"] = app.config.get("ELASTIC_PORT")
# Plaso version that we support
if app.config["UPLOAD_ENABLED"]:
try:
# pylint: disable=import-outside-toplevel
from plaso import __version__ as plaso_version
app.config["PLASO_VERSION"] = plaso_version
except ImportError:
pass
# Setup the database.
configure_engine(app.config["SQLALCHEMY_DATABASE_URI"])
db = init_db()
# Alembic migration support:
# http://alembic.zzzcomputing.com/en/latest/
migrate = Migrate()
migrate.init_app(app, db)
# Register blueprints. Blueprints are a way to organize your Flask
# Flask application. See this for more information:
# http://flask.pocoo.org/docs/latest/blueprints/
app.register_blueprint(spa_views)
app.register_blueprint(auth_views)
# Setup URL routes for the API.
api_v1 = Api(app, prefix="/api/v1")
for route in V1_API_ROUTES:
api_v1.add_resource(*route)
# Register error handlers
# pylint: disable=unused-variable
@app.errorhandler(ApiHTTPError)
def handle_api_http_error(error):
"""Error handler for API HTTP errors.
Returns:
HTTP response object (instance of flask.wrappers.Response)
"""
return error.build_response()
# Setup the login manager.
login_manager = LoginManager()
login_manager.init_app(app)
login_manager.login_view = "user_views.login"
# This is used by the flask_login extension.
# pylint: disable=unused-variable
@login_manager.user_loader
def load_user(user_id):
"""Based on a user_id (database primary key for a user) this function
loads a user from the database. It is used by the Flask-Login extension
to setup up the session for the user.
Args:
user_id: Integer primary key for the user.
Returns:
A user object (Instance of timesketch.models.user.User).
"""
return User.query.get(user_id)
# Setup CSRF protection for the whole application
CSRFProtect(app)
return app
def create_app(config=None):
"""Create the Flask app instance that is used throughout the application.
Args:
config: Path to configuration file as a string or an object with config
directives.
Returns:
Application object (instance of flask.Flask).
"""
template_folder = 'frontend/dist'
static_folder = 'frontend/dist'
app = Flask(__name__,
template_folder=template_folder,
static_folder=static_folder)
if not config:
# Where to find the config file
default_path = '/etc/timesketch/timesketch.conf'
# Fall back to legacy location of the config file
legacy_path = '/etc/timesketch.conf'
if os.path.isfile(default_path):
config = default_path
else:
config = legacy_path
if isinstance(config, six.text_type):
os.environ['TIMESKETCH_SETTINGS'] = config
try:
app.config.from_envvar('TIMESKETCH_SETTINGS')
except IOError:
sys.stderr.write(
'Config file {0} does not exist.\n'.format(config))
sys.exit()
else:
app.config.from_object(config)
# Make sure that SECRET_KEY is configured.
if not app.config['SECRET_KEY']:
sys.stderr.write('ERROR: Secret key not present. '
'Please update your configuration.\n'
'To generate a key you can use openssl:\n\n'
'$ openssl rand -base64 32\n\n')
sys.exit()
# Plaso version that we support
if app.config['UPLOAD_ENABLED']:
try:
from plaso import __version__ as plaso_version
app.config['PLASO_VERSION'] = plaso_version
except ImportError:
sys.stderr.write('Upload is enabled, but Plaso is not installed.')
# Setup the database.
configure_engine(app.config['SQLALCHEMY_DATABASE_URI'])
db = init_db()
# Alembic migration support:
# http://alembic.zzzcomputing.com/en/latest/
migrate = Migrate()
migrate.init_app(app, db)
# Register blueprints. Blueprints are a way to organize your Flask
# Flask application. See this for more information:
# http://flask.pocoo.org/docs/latest/blueprints/
app.register_blueprint(spa_views)
app.register_blueprint(auth_views)
# Setup URL routes for the API.
api_v1 = Api(app, prefix='/api/v1')
for route in V1_API_ROUTES:
api_v1.add_resource(*route)
# Register error handlers
# pylint: disable=unused-variable
@app.errorhandler(ApiHTTPError)
def handle_api_http_error(error):
"""Error handler for API HTTP errors.
Returns:
HTTP response object (instance of flask.wrappers.Response)
"""
return error.build_response()
# Setup the login manager.
login_manager = LoginManager()
login_manager.init_app(app)
login_manager.login_view = 'user_views.login'
# This is used by the flask_login extension.
# pylint: disable=unused-variable
@login_manager.user_loader
def load_user(user_id):
"""Based on a user_id (database primary key for a user) this function
loads a user from the database. It is used by the Flask-Login extension
to setup up the session for the user.
Args:
user_id: Integer primary key for the user.
Returns:
A user object (Instance of timesketch.models.user.User).
"""
return User.query.get(user_id)
# Setup CSRF protection for the whole application
CSRFProtect(app)
return app
def create_app(config=None):
"""Create the Flask app instance that is used throughout the application.
Args:
config: Path to configuration file as a string or an object with config
directives.
Returns:
Application object (instance of flask.Flask).
"""
# Setup the Flask app and load the config.
app = Flask(__name__, template_folder='templates', static_folder='static')
if not config:
config = '/etc/timesketch.conf'
if isinstance(config, six.text_type):
os.environ['TIMESKETCH_SETTINGS'] = config
try:
app.config.from_envvar('TIMESKETCH_SETTINGS')
except IOError:
sys.stderr.write(
'Config file {0} does not exist.\n'.format(config))
sys.exit()
else:
app.config.from_object(config)
# Make sure that SECRET_KEY is configured.
if not app.config['SECRET_KEY']:
sys.stderr.write('ERROR: Secret key not present. '
'Please update your configuration.\n'
'To generate a key you can use openssl:\n\n'
'$ openssl rand -base64 32\n\n')
sys.exit()
# Plaso version that we support
if app.config['UPLOAD_ENABLED']:
try:
from plaso import __version__ as plaso_version
except ImportError:
sys.stderr.write('Upload is enabled, but Plaso is not installed.')
sys.exit()
app.config['PLASO_VERSION'] = plaso_version
# Setup the database.
configure_engine(app.config['SQLALCHEMY_DATABASE_URI'])
db = init_db()
# Alembic migration support:
# http://alembic.zzzcomputing.com/en/latest/
migrate = Migrate()
migrate.init_app(app, db)
# Register blueprints. Blueprints are a way to organize your Flask
# Flask application. See this for more information:
# http://flask.pocoo.org/docs/latest/blueprints/
app.register_blueprint(auth_views)
app.register_blueprint(home_views)
app.register_blueprint(sketch_views)
# Setup URL routes for the API.
api_v1 = Api(app, prefix='/api/v1')
for route in V1_API_ROUTES:
api_v1.add_resource(*route)
# Register error handlers
# pylint: disable=unused-variable
@app.errorhandler(ApiHTTPError)
def handle_api_http_error(error):
"""Error handler for API HTTP errors.
Returns:
HTTP response object (instance of flask.wrappers.Response)
"""
return error.build_response()
# Setup the login manager.
login_manager = LoginManager()
login_manager.init_app(app)
login_manager.login_view = 'user_views.login'
# This is used by the flask_login extension.
# pylint: disable=unused-variable
@login_manager.user_loader
def load_user(user_id):
"""Based on a user_id (database primary key for a user) this function
loads a user from the database. It is used by the Flask-Login extension
to setup up the session for the user.
Args:
user_id: Integer primary key for the user.
Returns:
A user object (Instance of timesketch.models.user.User).
"""
return User.query.get(user_id)
# Setup CSRF protection for the whole application
CSRFProtect(app)
return app
def create_app(config=None):
"""Create the Flask app instance that is used throughout the application.
Args:
config: Path to configuration file as a string or an object with config
directives.
Returns:
Application object (instance of flask.Flask).
"""
# Setup the Flask app and load the config.
app = Flask(
__name__, template_folder=u'ui/templates', static_folder=u'ui/static')
if not config:
config = u'/etc/timesketch.conf'
if isinstance(config, unicode):
os.environ[u'TIMESKETCH_SETTINGS'] = config
try:
app.config.from_envvar(u'TIMESKETCH_SETTINGS')
except IOError:
sys.stderr.write(
u'Config file {0} does not exist.\n'.format(config))
sys.exit()
else:
app.config.from_object(config)
# Make sure that SECRET_KEY is configured.
if not app.config[u'SECRET_KEY']:
sys.stderr.write(u'ERROR: Secret key not present. '
u'Please update your configuration.\n'
u'To generate a key you can use openssl:\n\n'
u'$ openssl rand -base64 32\n\n')
sys.exit()
# Setup the database.
configure_engine(app.config[u'SQLALCHEMY_DATABASE_URI'])
db = init_db()
# Alembic migration support:
# http://alembic.zzzcomputing.com/en/latest/
migrate = Migrate()
migrate.init_app(app, db)
# Register blueprints. Blueprints are a way to organize your Flask
# Flask application. See this for more information:
# http://flask.pocoo.org/docs/latest/blueprints/
app.register_blueprint(user_views)
app.register_blueprint(home_views)
app.register_blueprint(sketch_views)
app.register_blueprint(story_views)
# Setup URL routes for the API.
api_v1 = Api(app, prefix=u'/api/v1')
api_v1.add_resource(SketchListResource, u'/sketches/')
api_v1.add_resource(SketchResource, u'/sketches/<int:sketch_id>/')
api_v1.add_resource(
AggregationResource, u'/sketches/<int:sketch_id>/aggregation/')
api_v1.add_resource(ExploreResource, u'/sketches/<int:sketch_id>/explore/')
api_v1.add_resource(EventResource, u'/sketches/<int:sketch_id>/event/')
api_v1.add_resource(
EventAnnotationResource, u'/sketches/<int:sketch_id>/event/annotate/')
api_v1.add_resource(ViewListResource, u'/sketches/<int:sketch_id>/views/')
api_v1.add_resource(
ViewResource, u'/sketches/<int:sketch_id>/views/<int:view_id>/')
api_v1.add_resource(UploadFileResource, u'/upload/')
api_v1.add_resource(TaskResource, u'/tasks/')
api_v1.add_resource(
StoryListResource, u'/sketches/<int:sketch_id>/stories/')
api_v1.add_resource(
StoryResource, u'/sketches/<int:sketch_id>/stories/<int:story_id>/')
# Register error handlers
# pylint: disable=unused-variable
@app.errorhandler(ApiHTTPError)
def handle_api_http_error(error):
"""Error handler for API HTTP errors.
Returns:
HTTP response object (instance of flask.wrappers.Response)
"""
return error.build_response()
# Setup the login manager.
login_manager = LoginManager()
login_manager.init_app(app)
login_manager.login_view = u'user_views.login'
# This is used by the flask_login extension.
# pylint: disable=unused-variable
@login_manager.user_loader
def load_user(user_id):
"""Based on a user_id (database primary key for a user) this function
loads a user from the database. It is used by the Flask-Login extension
to setup up the session for the user.
Args:
user_id: Integer primary key for the user.
Returns:
A user object (Instance of timesketch.models.user.User).
"""
return User.query.get(user_id)
# Setup CSRF protection for the whole application
CsrfProtect(app)
return app