def update_user(id_):
"""API Update user account."""
user = User.query.get_or_404(id_)
data = request.get_json() or {}
if 'username' in data and data['username'] != user.username and \
User.query.filter_by(username=data['username']).first():
return bad_request('please use a different username')
if 'email' in data and data['email'] != user.email and User.query.filter_by(email=data['email']).first():
return bad_request('please use a different email address')
user.from_dict(data, new_user=False)
db.session.commit()
return jsonify(user.to_dict())
def create_group() -> object:
"""API create new group call."""
data = request.get_json() or {}
if 'group_name' not in data:
return bad_request('must include group_name field')
if Groups.query.filter_by(name=data['group_name']).first():
return bad_request('please use a different group_name')
group = Groups(name=data['group_name'])
group.from_dict(data)
db.session.add(group)
db.session.commit()
response = jsonify(group.to_dict())
response.status_code = 201
return response
def update_group(group_id):
"""API update group call."""
group = Groups.query.get_or_404(group_id)
data = request.get_json() or {}
if 'name' in data and data['name'] != group.name and \
Groups.query.filter_by(name=data['name']).first():
return bad_request('please use a different group_name')
group.from_dict(data)
db.session.commit()
return jsonify(group.to_dict())
def upload_file():
"""API Create new user."""
data = request.get_json() or {}
if 'file' not in data:
return bad_request('must have file in fields')
file_hash = create_upload_file(data.file, os.path.join(current_app.UPLOAD_FOLDER))
file_upload = FileUpload
file_upload.from_dict(data=data)
response = jsonify(file_upload.to_dict())
response.status_code = 201
response.headers['Location'] = url_for('api.upload_file', md5_hash=file_hash)
return response
def create_user():
"""API Create new user."""
data = request.get_json() or {}
if 'username' not in data or 'email' not in data or 'password' not in data:
return bad_request('must include username, email and password fields')
new_user = data['username']
current_user = User.query.filter_by(username=new_user).first()
new_email = data['email']
current_email = User.query.filter_by(email=new_email).first()
if current_user:
return bad_request('please use a different username')
if current_email:
return bad_request('please use a different email address')
user = User(username=new_user, email=new_email)
user.set_password(data['password'])
db.session.add(user)
db.session.commit()
user.from_dict(data, new_user=True)
response = jsonify(user.to_dict())
response.status_code = 201
return response
def update_ids_rule_list(_id):
"""API Update Yara Rule."""
if request.method == "POST":
ids_plugin_rule = IDSRules.query.filter_by(id=_id).first()
data = request.form
if 'ids_plugin_list_name' in data and data['ids_plugin_list_name'] != ids_plugin_rule.ids_plugin_list_name and \
IDSRules.query.filter_by(ids_plugin_list_name=data['ids_plugin_list_name']).first():
return bad_request('Please use a different IDS_Plugin rule list name.')
current_app.mongo.db.aucr.delete_one({"filename": ids_plugin_rule.ids_plugin_list_name})
data = {"filename": data["ids_plugin_list_name"], "fileobj": data["ids_rules"]}
current_app.mongo.db.aucr.insert_one(data)
ids_plugin_rule.from_dict(data)
db.session.commit()
return jsonify(ids_plugin_rule.to_dict())
def create_ids_rule_list():
"""API Update IDS Rule."""
if request.method == "POST":
data = request.form
if 'ids_plugin_list_name' in data and data['ids_plugin_list_name'] != data.ids_plugin_list_name and \
IDSRules.query.filter_by(ids_plugin_list_name=data['ids_plugin_list_name']).first():
return bad_request('Please use a different IDS_Plugin rule list name.')
data_mongo = {"filename": data["ids_plugin_list_name"], "fileobj": data["ids_rules"]}
current_app.mongo.db.aucr.insert_one(data_mongo)
new_ids_rule_list = IDSRules(created_by=int(data["created_by"]), group_access=int(data["group_access"]),
ids_plugin_list_name=str(data["ids_plugin_list_name"]),
created_time_stamp=udatetime.utcnow(), modify_time_stamp=udatetime.utcnow())
db.session.add(new_ids_rule_list)
db.session.commit()
return jsonify(new_ids_rule_list.to_dict())
def update_yara_rule_list(_id):
"""API Update Yara Rule."""
if request.method == "POST":
yara_rule = YaraRules.query.filter_by(id=_id).first()
data = request.form
if 'yara_rule_list' in data and data['yara_rule_list'] != yara_rule.yara_rule_list and \
YaraRules.query.filter_by(yara_rule_list=data['yara_rule_list']).first():
return bad_request('Please use a different yara rule list name.')
current_app.mongo.db.aucr.delete_one(
{"filename": yara_rule.yara_list_name})
data = {
"filename": data["yara_list_name"],
"fileobj": data["yara_rules"]
}
current_app.mongo.db.aucr.insert_one(data)
yara_rule.from_dict(data)
db.session.commit()
return jsonify(yara_rule.to_dict())
def create_yara_rule_list():
"""API Update Yara Rule."""
if request.method == "POST":
data = request.form
if 'yara_rule_list' in data and data['yara_rule_list'] != data.yara_rule_list and \
YaraRules.query.filter_by(yara_rule_list=data['yara_rule_list']).first():
return bad_request('Please use a different yara rule list name.')
data_mongo = {
"filename": data["yara_list_name"],
"fileobj": data["yara_rules"]
}
current_app.mongo.db.aucr.insert_one(data_mongo)
new_yara = YaraRules(created_by=int(data["created_by"]),
group_access=int(data["group_access"]),
yara_list_name=str(data["yara_list_name"]),
created_time_stamp=udatetime.utcnow(),
modify_time_stamp=udatetime.utcnow())
db.session.add(new_yara)
db.session.commit()
return jsonify(new_yara.to_dict())
