def submissions(**kwargs):
user = kwargs['user']
group = angular_safe(request.args.get('group', None))
uname = None
if not group:
uname = angular_safe(request.args.get('user', user['uname']))
return custom_render("submissions.html",
uname=uname,
group=group,
**kwargs)
def search(**kwargs):
query = angular_safe(request.args.get('query', None))
search_scope = angular_safe(request.args.get('search_scope', None))
if search_scope == 'all':
search_scope = None
use_archive = angular_safe(request.args.get('use_archive',
"unset")).lower()
if use_archive not in ['false', 'true']:
use_archive = None
return custom_render("search.html",
query=query,
search_scope=search_scope,
use_archive=use_archive,
**kwargs)
def submission_detail(**kwargs):
sid = angular_safe(request.args.get("sid", None))
new = "new" in request.args
if new:
new = 'true'
else:
new = 'false'
return custom_render("submission_detail.html", sid=sid, new=new, **kwargs)
def alerts(*_, **kwargs):
filtering_group_fields = config.core.alerter.filtering_group_fields
non_filtering_group_fields = config.core.alerter.non_filtering_group_fields
possible_group_fields = filtering_group_fields + non_filtering_group_fields
search_filter = angular_safe(request.args.get("filter", "*"))
search_text = search_filter
if search_filter == "":
search_filter = "*"
elif search_filter == "*":
search_text = ""
filter_queries = [
angular_safe(x) for x in request.args.getlist("fq") if x != ""
]
tc = angular_safe(
request.args.get("tc", "4{DAY}".format(**STORAGE.ds.DATE_FORMAT)))
tc_array = [{
"value": "",
"name": "None (slow)"
}, {
"value": "24{HOUR}".format(**STORAGE.ds.DATE_FORMAT),
"name": "24 Hours"
}, {
"value": "4{DAY}".format(**STORAGE.ds.DATE_FORMAT),
"name": "4 Days"
}, {
"value": "7{DAY}".format(**STORAGE.ds.DATE_FORMAT),
"name": "1 Week"
}]
tc_start = angular_safe(request.args.get("tc_start", None))
view_type = angular_safe(request.args.get("view_type", "grouped"))
group_by = angular_safe(
request.args.get("group_by", config.core.alerter.default_group_field))
if group_by not in possible_group_fields:
group_by = config.core.alerter.default_group_field
return custom_render(
"alerts.html",
search_text=search_text,
filter=search_filter,
tc_start=tc_start,
tc=tc,
view_type=view_type,
filter_queries=json.dumps(filter_queries),
group_by=group_by,
filtering_group_fields=json.dumps(filtering_group_fields),
non_filtering_group_fields=json.dumps(non_filtering_group_fields),
tc_array=tc_array,
time_separator=angular_safe(STORAGE.ds.DATE_FORMAT["SEPARATOR"]),
**kwargs)
def alert_detail(*_, **kwargs):
user = kwargs['user']
alert_key = angular_safe(request.args.get("alert_key", None))
if not alert_key:
abort(404)
alert = STORAGE.alert.get(alert_key, as_obj=False)
if user and alert and Classification.is_accessible(
user['classification'], alert['classification']):
return custom_render("alert_detail.html",
alert_key=alert_key,
**kwargs)
else:
abort(403)
def file_viewer(**kwargs):
user = kwargs['user']
sha256 = angular_safe(request.args.get("sha256", None))
if not sha256:
abort(404)
data = STORAGE.file.get(sha256, as_obj=False)
if not data:
abort(404)
if not Classification.is_accessible(user['classification'],
data['classification']):
abort(403)
return custom_render("file_viewer.html", sha256=sha256, **kwargs)
def signature_detail(**kwargs):
user = kwargs['user']
sid = angular_safe(request.args.get("sid", None))
if not sid:
abort(404)
data = STORAGE.signature.get(sid, as_obj=False)
if not data:
abort(404)
if not Classification.is_accessible(
user['classification'],
data.get('classification', Classification.UNRESTRICTED)):
abort(403)
return custom_render("signature_detail.html",
sid=sid,
organisation=ORGANISATION,
**kwargs)
def admin_errors(**kwargs):
query = angular_safe(request.args.get('filter', ""))
return custom_render("admin_errors.html", filter=query, **kwargs)
def report(**kwargs):
sid = angular_safe(request.args.get("sid", None))
return custom_render("report.html", sid=sid, **kwargs)
def login():
ui4_path = request.cookies.get('ui4_path', None)
if ui4_path is not None:
resp = redirect(
redirect_helper(f"{ui4_path}?{request.query_string.decode()}"))
resp.delete_cookie("ui4_path")
return resp
registration_key = request.args.get('registration_key', None)
avatar = None
oauth_token = ''
oauth_error = ''
username = ''
oauth_validation = config.auth.oauth.enabled and 'code' in request.args and 'state' in request.args
oauth_provider = request.args.get('provider', None)
up_login = config.auth.internal.enabled or config.auth.ldap.enabled
next_url = angular_safe(
request.args.get('next', request.cookies.get('next_url', "/")))
if "login.html" in next_url or "logout.html" in next_url:
next_url = "/"
if registration_key and config.auth.internal.signup.enabled:
try:
signup_queue = get_signup_queue(registration_key)
members = signup_queue.members()
signup_queue.delete()
if members:
user_info = members[0]
user = User(user_info)
username = user.uname
STORAGE.user.save(username, user)
except (KeyError, ValueError):
pass
if config.auth.oauth.enabled:
providers = str([
name for name, p in config.auth.oauth.providers.items()
if p['client_id'] and p['client_secret']
])
if oauth_validation:
oauth = current_app.extensions.get(
'authlib.integrations.flask_client')
provider = oauth.create_client(oauth_provider)
if provider:
# noinspection PyBroadException
try:
# Test oauth access token
token = provider.authorize_access_token()
oauth_provider_config = config.auth.oauth.providers[
oauth_provider]
# Get user data
resp = provider.get(oauth_provider_config.user_get)
if resp.ok:
user_data = resp.json()
# Add group data if API is configured for it
if oauth_provider_config.user_groups:
resp_grp = provider.get(
oauth_provider_config.user_groups)
if resp_grp.ok:
groups = resp_grp.json()
if oauth_provider_config.user_groups_data_field:
groups = groups[oauth_provider_config.
user_groups_data_field]
if oauth_provider_config.user_groups_name_field:
groups = [
x[oauth_provider_config.
user_groups_name_field]
for x in groups
]
user_data['groups'] = groups
data = parse_profile(user_data, oauth_provider_config)
has_access = data.pop('access', False)
if has_access:
oauth_avatar = data.pop('avatar', None)
# Find if user already exists
users = STORAGE.user.search(
f"email:{data['email']}",
fl="uname",
as_obj=False)['items']
if users:
cur_user = STORAGE.user.get(
users[0]['uname'], as_obj=False) or {}
# Do not update username and password from the current user
data['uname'] = cur_user.get(
'uname', data['uname'])
data['password'] = cur_user.get(
'password', data['password'])
else:
if data['uname'] != data['email']:
# Username was computed using a regular expression, lets make sure we don't
# assign the same username to two users
res = STORAGE.user.search(
f"uname:{data['uname']}",
rows=0,
as_obj=False)
if res['total'] > 0:
cnt = res['total']
new_uname = f"{data['uname']}{cnt}"
while STORAGE.user.get(
new_uname) is not None:
cnt += 1
new_uname = f"{data['uname']}{cnt}"
data['uname'] = new_uname
cur_user = {}
username = data['uname']
# Make sure the user exists in AL and is in sync
if (not cur_user and oauth_provider_config.auto_create) or \
(cur_user and oauth_provider_config.auto_sync):
# Update the current user
cur_user.update(data)
# Save avatar
if oauth_avatar:
avatar = fetch_avatar(
oauth_avatar, provider,
oauth_provider_config)
if avatar:
STORAGE.user_avatar.save(
username, avatar)
# Save updated user
STORAGE.user.save(username, cur_user)
if cur_user:
if avatar is None:
avatar = STORAGE.user_avatar.get(
username
) or "/static/images/user_default.png"
oauth_token = hashlib.sha256(
str(token).encode(
"utf-8",
errors='replace')).hexdigest()
get_token_store(username).add(oauth_token)
else:
oauth_validation = False
avatar = None
username = ''
oauth_error = "User auto-creation is disabled"
else:
oauth_validation = False
oauth_error = "This user is not allowed access to the system"
except Exception as _:
oauth_validation = False
oauth_error = "Invalid oAuth2 token, try again"
else:
providers = str([])
return custom_render("login.html",
next=next_url,
avatar=avatar,
username=username,
oauth_error=oauth_error,
oauth_token=oauth_token,
providers=providers,
signup=config.auth.internal.enabled
and config.auth.internal.signup.enabled,
oauth_validation=str(oauth_validation).lower(),
up_login=str(up_login).lower())