def add_tag(defendant_id, body, user):
    """ Add defendant tag
    """
    try:
        tag = Tag.objects.get(**body)
        defendant = Defendant.objects.get(id=defendant_id)

        if defendant.__class__.__name__ != tag.tagType:
            return 400, {'status': 'Bad Request', 'code': 400, 'message': 'Invalid tag for defendant'}

        for defendt in Defendant.objects.filter(customerId=defendant.customerId):

            defendt.tags.add(tag)
            defendt.save()
            for ticket in defendt.ticketDefendant.all():
                database.log_action_on_ticket(
                    ticket=ticket,
                    action='add_tag',
                    user=user,
                    tag_name=tag.name
                )

    except (KeyError, FieldError, IntegrityError, ObjectDoesNotExist, ValueError):
        return 404, {'status': 'Not Found', 'code': 404}

    code, resp = show(defendant_id)
    return code, resp
Example #2
0
    def apply(self, ticket, abuse_report, recipient, category):
        """
            Apply specific answer workflow on given `abuse.models.Ticket`

            :param `abuse.models.Ticket` ticket: A Cerberus ticket instance
            :param `worker.parsing.parsed.ParsedEmail` abuse_report: the email
            :param str recipient: The recipient of the answer
            :param str category: defendant, plaintiff or other
            :return: If the workflow is applied
            :rtype: bool
        """
        ticket.previousStatus = ticket.status
        ticket.status = 'Answered'
        ticket.snoozeStart = None
        ticket.snoozeDuration = None
        ticket.save()

        database.log_action_on_ticket(
            ticket=ticket,
            action='change_status',
            previous_value=ticket.previousStatus,
            new_value=ticket.status,
        )

        # Attach answer to ticket
        ImplementationFactory.instance.get_singleton_of('MailerServiceBase').attach_external_answer(
            ticket,
            abuse_report.provider,
            recipient,
            abuse_report.subject,
            abuse_report.body,
            category,
            attachments=abuse_report.attachments
        )
        return True
Example #3
0
def _attach_report_to_ticket(report, ticket, new_ticket):

    from worker import database

    report.ticket = ticket
    report.status = 'Attached'
    report.save()
    database.log_action_on_ticket(
        ticket=ticket,
        action='attach_report',
        report=report,
        new_ticket=new_ticket
    )
    database.set_ticket_higher_priority(report.ticket)
Example #4
0
def delete(comment_id=None, ticket_id=None, defendant_id=None, user_id=None):
    """ Delete a comment
    """
    if ticket_id:
        TicketComment.objects.filter(ticket=ticket_id, comment=comment_id).delete()
        Comment.objects.filter(id=comment_id).delete()
        user = User.objects.get(id=user_id)
        ticket = Ticket.objects.get(id=ticket_id)
        database.log_action_on_ticket(ticket=ticket, action="delete_comment", user=user)
    elif defendant_id:
        DefendantComment.objects.filter(defendant=defendant_id, comment=comment_id).delete()
        Comment.objects.filter(id=comment_id).delete()

    return 200, {"status": "OK", "code": 200}
Example #5
0
def update(body, comment_id=None, ticket_id=None, user_id=None):
    """ Update comment
    """
    try:
        comment = Comment.objects.get(id=comment_id)
        content = body.pop("comment")
        comment.comment = content
        comment.save()

        if ticket_id:
            user = User.objects.get(id=user_id)
            ticket = Ticket.objects.get(id=ticket_id)
            database.log_action_on_ticket(ticket=ticket, action="update_comment", user=user)

    except KeyError:
        return 400, {"status": "Bad Request", "code": 400, "message": "Missing comment field in body"}

    return show(comment_id)
Example #6
0
def update_user(user_id, body):
    """ Update user infos and permissions
    """
    try:
        user = User.objects.get(id=user_id)
    except ObjectDoesNotExist:
        return 404, {'status': 'Not Found', 'code': 404}

    if 'profiles' in body:
        try:
            _update_permissions(user, body['profiles'])
        except ObjectDoesNotExist:
            return 400, {'status': 'Bad Request', 'code': 400, 'message': 'Invalid category or profile'}

        # Unassigned tickets no more allowed
        cats = AbusePermission.objects.filter(user=user).values_list('category', flat=True).distinct()
        for ticket in Ticket.objects.filter(treatedBy=user):
            if ticket.category_id not in cats:
                database.log_action_on_ticket(
                    ticket=ticket,
                    action='change_treatedby',
                    new_value=user.username
                )
                ticket.treatedBy = None
                ticket.save()
        body.pop('profiles', None)

    try:
        body.pop('id', None)
        if 'role' in body:
            if not Operator.objects.filter(user=user).exists():
                role = Role.objects.get(codename=body['role'])
                Operator.objects.create(user=user, role=role)
            elif body['role'] != user.operator.role.codename:
                user.operator.role = Role.objects.get(codename=body['role'])
                user.operator.save()
            body.pop('role')
        User.objects.filter(pk=user.pk).update(**body)
    except (KeyError, ValueError, FieldError, FieldDoesNotExist, IntegrityError, ObjectDoesNotExist):
        return 400, {'status': 'Bad Request', 'code': 400, 'message': 'Invalid fields in body'}

    code, resp = get_users_infos(user=user_id)
    return code, resp
Example #7
0
def create(body, ticket_id=None, defendant_id=None, user_id=None):
    """ Create a comment
    """
    try:
        content = body.pop("comment")
    except KeyError:
        return 400, {"status": "Bad Request", "code": 400, "message": "Missing comment field in body"}

    comment = Comment.objects.create(comment=content, user_id=user_id)

    if ticket_id:
        TicketComment.objects.create(ticket_id=ticket_id, comment_id=comment.id)
        user = User.objects.get(id=user_id)
        ticket = Ticket.objects.get(id=ticket_id)
        database.log_action_on_ticket(ticket=ticket, action="add_comment", user=user)
    elif defendant_id:
        DefendantComment.objects.create(defendant_id=defendant_id, comment_id=comment.id)

    return show(comment.id)
def remove_tag(defendant_id, tag_id, user):
    """ Remove defendant tag
    """
    try:
        tag = Tag.objects.get(id=tag_id)
        defendant = Defendant.objects.get(id=defendant_id)

        for defendt in Defendant.objects.filter(customerId=defendant.customerId):
            defendt.tags.remove(tag)
            defendt.save()

            for ticket in defendt.ticketDefendant.all():
                database.log_action_on_ticket(
                    ticket=ticket,
                    action='remove_tag',
                    user=user,
                    tag_name=tag.name
                )

    except (ObjectDoesNotExist, FieldError, IntegrityError, ValueError):
        return 404, {'status': 'Not Found', 'code': 404}

    code, resp = show(defendant_id)
    return code, resp
Example #9
0
    def apply(self, report, ticket, is_trusted=False, no_phishtocheck=False):
        """
            Apply specific workflow on given `abuse.models.Report`

            :param `abuse.models.Report` report: A Cerberus report instance
            :param `abuse.models.Ticket` ticket: A Cerberus ticket instance
            :param bool is_trusted: If the report is trusted
            :param bool no_phishtocheck: if the report does not need PhishToCheck
            :return: If the workflow is applied
            :rtype: bool
        """
        from worker import common, database

        ticket = database.create_ticket(
            report.defendant,
            report.category,
            report.service,
            attach_new=False
        )
        database.log_action_on_ticket(
            ticket=ticket,
            action='attach_report',
            report=report,
            new_ticket=True
        )

        # Add proof
        content = regexp.ACNS_PROOF.search(report.body).group()

        for email in re.findall(regexp.EMAIL, content):  # Remove potentially sensitive emails
            content = content.replace(email, '*****@*****.**')

        Proof.objects.create(
            content=content,
            ticket=ticket,
        )

        # Send emails to provider/defendant (template, email, lang)
        templates = [
            (settings.CODENAMES['ack_received'], report.provider.email, 'EN'),
            (settings.CODENAMES['first_alert'], report.defendant.details.email, report.defendant.details.lang),
        ]
        for codename, email, lang in templates:
            common.send_email(
                ticket,
                [email],
                codename,
                lang=lang,
                acknowledged_report_id=report.id,
            )

        # Close ticket
        ImplementationFactory.instance.get_singleton_of('MailerServiceBase').close_thread(ticket)
        resolution = Resolution.objects.get(codename=settings.CODENAMES['forward_acns'])
        ticket.resolution = resolution
        ticket.previousStatus = ticket.status
        ticket.status = 'Closed'
        ticket.update = False
        ticket.save()
        database.log_action_on_ticket(
            ticket=ticket,
            action='change_status',
            previous_value=ticket.previousStatus,
            new_value=ticket.status,
            close_reason=resolution.codename
        )
        report.ticket = Ticket.objects.get(id=ticket.id)
        report.status = 'Archived'
        report.save()
        database.set_ticket_higher_priority(report.ticket)
        return True
Example #10
0
    def apply(self, report, ticket, is_trusted=False, no_phishtocheck=False):
        """
            Apply specific workflow on given `abuse.models.Report`

            :param `abuse.models.Report` report: A Cerberus report instance
            :param `abuse.models.Ticket` ticket: A Cerberus ticket instance
            :param bool is_trusted: If the report is trusted
            :param bool no_phishtocheck: if the report does not need PhishToCheck
            :return: If the workflow is applied
            :rtype: bool
        """
        from worker import common, database

        new_ticket = False
        if not ticket:  # Create ticket
            ticket = database.create_ticket(
                report.defendant,
                report.category,
                report.service,
                attach_new=True
            )
            new_ticket = True
            utils.scheduler.enqueue_in(
                timedelta(seconds=settings.GENERAL_CONFIG['copyright']['wait']),
                'ticket.timeout',
                ticket_id=ticket.id,
                timeout=3600,
            )
            ticket_snooze = settings.GENERAL_CONFIG['copyright']['wait']
            ticket.previousStatus = ticket.status
            ticket.status = 'WaitingAnswer'
            ticket.snoozeDuration = ticket_snooze
            ticket.snoozeStart = datetime.now()
            ticket.save()

        database.log_action_on_ticket(
            ticket=ticket,
            action='attach_report',
            report=report,
            new_ticket=new_ticket,
        )

        # Send emails to provider/defendant (template, email, lang)

        ticket.proof.all().delete()

        # Add proof
        content = report.body

        for email in re.findall(regexp.EMAIL, content):  # Remove potentially sensitive emails
            content = content.replace(email, '*****@*****.**')

        Proof.objects.create(
            content=content,
            ticket=ticket,
        )

        # Send emails
        templates = [
            (settings.CODENAMES['ack_received'], report.provider.email, 'EN'),
            (settings.CODENAMES['first_alert'], report.defendant.details.email, report.defendant.details.lang),
        ]
        for codename, email, lang in templates:
            common.send_email(
                ticket,
                [email],
                codename,
                lang=lang,
                acknowledged_report_id=report.id,
            )

        report.ticket = Ticket.objects.get(id=ticket.id)
        report.status = 'Attached'
        report.save()
        database.set_ticket_higher_priority(report.ticket)

        return True
Example #11
0
    def apply(self, ticket, abuse_report, recipient, category):
        """
            Apply specific answer workflow on given `abuse.models.Ticket`

            :param `abuse.models.Ticket` ticket: A Cerberus ticket instance
            :param `worker.parsing.parsed.ParsedEmail` abuse_report: the email
            :param str recipient: The recipient of the answer
            :param str category: defendant, plaintiff or other
            :return: If the workflow is applied
            :rtype: bool
        """
        emails = ImplementationFactory.instance.get_singleton_of('MailerServiceBase').get_emails(ticket)
        emails = [email for email in emails if email.category.lower() == 'defendant']
        tried_emails = [email.recipient for email in emails]

        email_to_resend = None
        for email in reversed(emails):
            if email.body.strip() in abuse_report.body.strip():
                email_to_resend = email
                break

        if any((not email_to_resend,
                not ticket.defendant.details.spareEmail,
                ticket.defendant.details.spareEmail in tried_emails,
                ticket.defendant.details.spareEmail == ticket.defendant.details.email)):  # Set to alarm
            ticket.previousStatus = ticket.status
            ticket.status = 'Alarm'
            ticket.snoozeStart = None
            ticket.snoozeDuration = None
            ticket.save()

            database.log_action_on_ticket(
                ticket=ticket,
                action='change_status',
                previous_value=ticket.previousStatus,
                new_value=ticket.status,
            )
        else:  # Retry
            ImplementationFactory.instance.get_singleton_of('MailerServiceBase').send_email(
                ticket,
                ticket.defendant.details.spareEmail,
                email_to_resend.subject,
                email_to_resend.body,
                email_to_resend.category
            )
            database.log_action_on_ticket(
                ticket=ticket,
                action='send_email',
                email=email
            )

        # Attach answer to ticket
        ImplementationFactory.instance.get_singleton_of('MailerServiceBase').attach_external_answer(
            ticket,
            abuse_report.provider,
            recipient,
            abuse_report.subject,
            abuse_report.body,
            category
        )
        return True