def update(self, id): """Update a user. .. :quickref: User; Update existing user Requires the `manage_users` permission. When succesful, the new user will be returned in the ``user`` field. Otherwise, an ``errors`` field will list errors. :form name: full name :form email: email address :form groups: comma-delimited list of groups :form permission_VALUE: specify a value different than ``0`` or ``False`` for all permissions the user should have. """ name = request.form.get('name') email = request.form.get('email').lower() groups = [g for g in request.form.get('groups', '').split(',') if g] user = User(get_or_404(User.get_collection(), _id=id)) if not self._valid_form(name, email, groups, user['email']): return validation_error() user['name'] = name user['email'] = email user['groups'] = groups user['permissions'] = self.get_permissions(user['permissions']) user.save() return redirect({'user': clean_users(user)}, url_for('UsersView:get', id=user['_id']))
def update_priority(module, new_priority): if not new_priority: new_priority = '100' try: module.update_setting_value('priority', int(new_priority)) except ValueError: flash('priority must be an integer', 'danger') return validation_error()
def update_queue(module, new_queue): if new_queue == '': flash('queue cannot be empty', 'danger') return validation_error() elif module['queue'] != new_queue: module.update_setting_value('queue', new_queue) updates = Internals( get_or_404(Internals.get_collection(), name="updates")) updates.update_value("last_update", time()) flash( 'Workers will reload once they are done with their current tasks', 'success')
def create(self): """Create a user. .. :quickref: User; Create new user Requires the `manage_users` permission. When succesful, the new user will be returned in the ``user`` field. Otherwise, an ``errors`` field will list errors. :form name: full name :form email: email address :form groups: comma-delimited list of groups :form permission_VALUE: specify a value different than ``0`` or ``False`` for all permissions the user should have. """ name = request.form.get('name') email = request.form.get('email').lower() groups = [g for g in request.form.get('groups', '').split(',') if g] if not self._valid_form(name, email, groups): return validation_error() user = User({ 'name': name, 'email': email.lower(), 'groups': groups, 'default_sharing': groups, 'permissions': self.get_permissions(), 'enabled': True }) if not auth_module.create_user(user): return validation_error() user.save() return redirect({'user': clean_users(user)}, url_for('UsersView:index'))
def enable(self, id): """Enable a module .. :quickref: Module; Enable a module Requires the `manage_modules` permission. If successful, will return the module in ``module``. Otherwise, errors will be available in ``errors``. :param id: id of the module to enable. """ module = ModuleInfo(get_or_404(ModuleInfo.get_collection(), _id=id)) if 'error' in module: flash( "Cannot enable '{}' because of errors installing dependencies." .format(module['name']), 'danger') return validation_error(url_for('ModulesView:index')) # See if module is properly configured module_class = get_class(module['path'], module['class']) module_class.info = module try: module_class() except MissingConfiguration, e: if e.name: flash( "You must configure '{}' before trying to enable '{}'". format(e.name, module['name']), 'warning') return validation_error( url_for('ModulesView:configuration', id=e.id)) else: flash( "You must configure '{}' before trying to enable it.". format(module['name']), 'warning') return validation_error( url_for('ModulesView:configure', id=module['_id']))
def configure(self, id): """Configure a module. .. :quickref: Module; Configure a module Requires the `manage_modules` permission. For each configuration available, you should set the value in a form parameter named ``config_NAME``. For boolean values, any value not ``0`` or ``False`` is considered to be ``True``. If the setting should be an option (be available per analysis), you have to set ``config_NAME_option`` to any value but ``0`` or ``False``. If successful, will return the module in ``module``. Otherwise, errors will be available in ``errors``. :param id: id of the named configuration. :form acts_on: comma-delimited list of FAME types this module can act on (only for Processing modules). :form triggered_by: comma-delimited list of triggers (only for Processing modules). :form queue: name of the queue to use for this module (only for Processing modules). """ module = ModuleInfo(get_or_404(ModuleInfo.get_collection(), _id=id)) if request.method == "POST": if module['type'] == 'Processing': if 'acts_on' in request.form: module.update_setting_value( 'acts_on', request.form.get('acts_on', '')) if 'triggered_by' in request.form: module.update_setting_value( 'triggered_by', request.form.get('triggered_by', '')) if 'queue' in request.form: new_queue = request.form.get('queue') if module['queue'] == '': flash('queue cannot be empty', 'danger') return validation_error() else: if module['queue'] != new_queue: module.update_setting_value('queue', new_queue) updates = Internals( get_or_404(Internals.get_collection(), name="updates")) updates.update_value("last_update", time()) flash( 'Workers will reload once they are done with their current tasks', 'success') errors = update_config(module['config'], options=(module['type'] == 'Processing')) if errors is not None: return errors module.save() dispatcher.reload() return redirect({'module': clean_modules(module)}, url_for('ModulesView:index')) else: return render({'module': clean_modules(module)}, 'modules/module_configuration.html')
def post(self): """Create a new analysis. .. :quickref: Analysis; Create an analysis Launch a new analysis. You have to specify on which object this analysis will be made, by specifying one of: * ``file_id`` for an existing object * ``file`` for file uploads * ``url`` * ``hash`` if VirusTotal sample retrieval is enabled. You should also supply all enabled analysis options with the name ``options[OPTION_NAME]``. For boolean options, any value different than ``0`` or ``False`` means the option is enabled. If the submitted object already exists (and ``file_id`` was not specified), the response will be a file object. When a new analysis was successfuly created, the analysis object will be returned, in the ``analysis`` field. If there was error in your submission, they will be returned in the ``errors`` field. **Example request**:: headers = { 'Accept': "application/json", 'X-API-KEY': FAME_API_KEY } with open(filepath, 'rb') as f: params = { 'options[allow_internet_access]': "on", 'options[analysis_time]': "300", 'groups': "cert" } files = { 'file': f } r = requests.post(ENDPOINT, data=params, files=files, headers=headers) :form string file_id: (optional) the id of the object on which this analysis should run. :form file file: (optional) file to analyze. :form string url: (optional) url to analyze. :form string hash: (optional) hash to analyze. :form string module: (optional) the name of the target module. :form string groups: a comma-separated list of groups that will have access to this analysis. :form string comment: comment to add to this object. :form string option[*]: value of each enabled option. """ file_id = request.form.get('file_id') modules = filter(None, request.form.get('modules', '').split(',')) groups = request.form.get('groups', '').split(',') comment = request.form.get('comment', '') options = get_options() if options is None: return validation_error() valid_submission = self._validate_form(groups, modules, options) if not valid_submission: return validation_error() if file_id is not None: f = File(get_or_404(current_user.files, _id=file_id)) analysis = { 'analysis': f.analyze(groups, current_user['_id'], modules, options) } return redirect( analysis, url_for('AnalysesView:get', id=analysis['analysis']['_id'])) else: # When this is a new submission, validate the comment if not self._validate_comment(comment): return validation_error() f = self._get_object_to_analyze() if f is not None: f.add_owners(set(current_user['groups']) & set(groups)) if comment: f.add_comment(current_user['_id'], comment) if f.existing: f.add_groups(groups) flash( "File already exists, so the analysis was not launched." ) return redirect(clean_files(f), url_for('FilesView:get', id=f['_id'])) else: analysis = { 'analysis': clean_analyses( f.analyze(groups, current_user['_id'], modules, options)) } analysis['analysis']['file'] = clean_files(f) return redirect( analysis, url_for('AnalysesView:get', id=analysis['analysis']['_id'])) else: return render_template('analyses/new.html', options=dispatcher.options)