def jsonAddFilter(self):
"""
Endpoint for the AJAX request to validate and add a new filter. If valid, the filter
is added and a new hash is created and appended to the database file with the current
date and time, returning `True`. Otherwise `self.form_error` is returned.
"""
if self.validate_form(add_filter_form()):
text = self.form_result['name']
label = "".join(self.form_result['name'].split(' ')).lower()
fq = FilterQuery()
fil = Filter(label, text)
for f in self.form_result['filter']:
cls = f['cls']
attr = f['attribute']
func = f['function']
val = f['value']
if f['value_list'] is not None:
val_list = f['value_list']
else:
val_list = None
fq.add_element(cls, attr, func, val, val_list)
fil.query = fq
session.add(fil)
session.commit()
self.write_log(self.dbfile, 'Added a filter called ' + text)
return True
else:
return self.form_error
def addDefaultFilters(self):
"""
Adds the default filters for the timegraph such as filtering by browser type,
group, work hours, Google searches and local files. Gets called when a new case
is being set up in `finish_wizard()` in :doc:`caseController`.
"""
# Add filters for the browsers available, unless only one browser, then a filter on
# everything is pointless
browsers = Browser.getAll().group_by(Browser.name).all()
if len(browsers) > 1:
for browser in browsers:
f = Filter(u''.join(browser.name.lower().split(' ')), browser.name)
fq = FilterQuery()
cls = u'Browser'
attr = u'name'
func = u'Is'
val = browser.name
fq.add_element(cls, attr, func, val, None)
f.query = fq
session.add(f)
session.flush()
# filters for Google searches
f = Filter(u'googlesearch', u'Google searches')
fq = FilterQuery()
params = [(u'URL Parts', u'query', u'Is not', None, None),
(u'URL Parts', u'netloc', u'Is not', None, None),
(u'URL Parts', u'path', u'Is not', None, None),
(u'URL Parts', u'netloc', u'Contains', u'google', None),
(u'URL Parts', u'path', u'Contains', u'search', None),
]
for entry in params:
fq.add_element(*entry)
f.query = fq
session.add(f)
session.flush()
# filters for local files accessed
files = URL.getFilterBy(scheme="file").all()
if files is not None:
f = Filter(u'files', u'Local Files')
fq = FilterQuery()
cls = u'URL Parts'
attr = u'scheme'
func = u'Is'
val = u'file'
fq.add_element(cls, attr, func, val, None)
f.query = fq
session.add(f)
session.flush()
# filters for different groups
groups = Group.getAll().all()
if len(groups) > 1:
for group in groups:
f = Filter(u''.join(group.name.lower().split(' ')), group.name)
fq = FilterQuery()
cls = u'Group'
attr = u'name'
func = u'Is'
val = group.name
fq.add_element(cls, attr, func, val, None)
f.query = fq
session.add(f)
session.flush()
# filters for work hours
f = Filter(u'workhours', u'Work hours')
fq = FilterQuery()
five = time(17, 00, 01)
nine = time(8, 59, 59)
params = [(u'Entry', u'access_time', u'Less than', five, None),
(u'Entry', u'access_time', u'Greater than', nine, None),
]
for entry in params:
fq.add_element(*entry)
f.query = fq
session.add(f)
session.flush()
# filters for adverts
f = Filter(u'adverts', u'Advert URLs')
fq = FilterQuery()
fq.add_element(u'URL Parts',u'domain',u'Is not', None, None)
fq.add_element(u'URL Parts',u'domain',u'Is in list', None, 'advert_domainnames.txt')
f.query = fq
session.add(f)
session.flush()
# filters for Facebook, MySpace, Bebo, twitter, hi5
f = Filter(u'social', u'Social Networking URLs')
fq = FilterQuery()
fq.add_element(u'URL Parts',u'domain',u'Is not', None, None)
fq.add_element(u'URL Parts',u'domain',u'Is in list', None, 'socialmedia.txt')
f.query = fq
session.add(f)
session.flush()
# filters for email
f = Filter(u'email', u'Web Email')
fq = FilterQuery()
five = time(17, 00, 01)
nine = time(8, 59, 59)
params = [(u'Entry', u'url', u'Contains', 'mail', None),
(u'URL Parts', u'scheme', u'Is Not', 'file', None),
]
for entry in params:
fq.add_element(*entry)
f.query = fq
session.add(f)
session.flush()
# filters for news
f = Filter(u'news', u'News URLs')
fq = FilterQuery()
fq.add_element(u'URL Parts',u'hostname',u'Is not', None, None)
fq.add_element(u'URL Parts',u'hostname',u'Is in list', None, 'news.txt')
f.query = fq
session.add(f)
session.flush()
