def get_base_path(self): """ Returns the base path for files (as specified in the configuration) """ try: config = self.get_config_value('files', None) if config: return config else: raise HandlerException(u'Value files in handler configuration for {0} is not set'.format(self.__class__.__name__)) except ConfigException as error: raise HandlerException(error)
def get_data(self, reference, definition, parameters): if reference: splitted = reference.value.split('|') rel_path = splitted[0] filename = splitted[1] event = reference.report.event user_can_download = can_user_download(event, self.user) if not user_can_download: raise cherrypy.HTTPError( status=403, message='User is not permitted to download files') base_path = self.get_base_path() if base_path and rel_path: filepath = base_path + '/' + rel_path if isfile(filepath): # create zipfile tmp_path = self.get_base_path() tmp_path += '/' + basename(filepath) + '.zip' # remove file if it should exist try: remove(tmp_path) except OSError: pass # create zip file zip_file = zipfile.ZipFile(tmp_path, mode='w') # TODO: set password for zip file zip_file.write(filepath, arcname=filename) zip_file.close() filename = u'{0}.zip'.format(filename) filename = filename.encode('utf-8') result = serve_file(tmp_path, "application/x-download", "attachment", name=filename) # clean up try: remove(tmp_path) except OSError: pass return result else: raise HandlerException( 'The file was not found in "{0}"'.format(filepath)) else: raise HandlerException('There was an error getting the file') else: return list()
def __init__(self): GenericHandler.__init__(self) url = self.get_config_value('rt_url', None) usr = self.get_config_value('rt_user', None) pwd = self.get_config_value('rt_password', None) if url is None or usr is None or pwd is None: raise HandlerException(u'RT handler is not configured.') self.rt_system = RTTickets(url, usr, pwd)
def get_data(self, attribute, definition, parameters): regex = definition.regex if regex: cb_values = CBValueHandler.__get_cb_values(regex) result = list() for item in cb_values: result.append({'identifier': item, 'name': item}) return result else: raise HandlerException(u'Troubles getting regex')
def get_dest_folder(self, rel_folder): """ Returns the destination folder, and creates it when not existing """ try: dest_path = self.get_base_path() + '/' + rel_folder if not exists(dest_path): makedirs(dest_path) return dest_path except TypeError as error: raise HandlerException(error)
def create_instance(self): """ creates an instantiated object """ # instantiate handler = self.clazz() # check if handler base is implemented if not isinstance(handler, HandlerBase): raise HandlerException((u'{0} does not implement ' + 'HandlerBase').format(self.module_classname)) return handler
def get_tmp_folder(self): """ Returns the temporary folder, and creates it when not existing """ try: tmp_path = self.get_base_path() + '/tmp/' + hasher.hashSHA1('{0}'.format(datetime.utcnow())) if not exists(tmp_path): makedirs(tmp_path) return tmp_path except TypeError as error: raise HandlerException(error)
def __check_vailidity_regex(regex): """ Checks if the regular expression is under the correct form """ val_regex = r'^(?:\^.+\$\|)+(?:\^.+\$)$' valid = ValueValidator.validateRegex(regex, val_regex, '') if not valid: raise HandlerException( ('The regular expression of the definition is invalid.\n' + 'It should be under the form of:\n{0}\n' + 'Please fix the definition before using this definition.' ).format(val_regex))
def controller_factory(self, clazz): if issubclass(clazz, BaseController): classname = clazz.__name__ if classname in RestBaseHandler.controllers: return RestBaseHandler.controllers[classname] # need to create the broker self.logger.debug('Create controller for {0}'.format(clazz)) instance = clazz(self.config) RestBaseHandler.controllers[classname] = instance return instance else: raise HandlerException('Class does not implement BaseController')
def insert(self, obj, user, json): value = json.get('value', None) if value: definition = self.get_main_definition() if isinstance(value, types.StringTypes): values = self.__get_string_attribtues(value) else: values = value if len(values) == 1: value = values[0].strip('\n\r') json['value'] = value attribute = self.create_attribute(obj, definition, user, json) return [attribute], None else: observables = list() related_objects = list() # check if create related objects or observables create_observables = not obj.related_object_parent for value in values: value = value.strip('\n\r') json['value'] = value attribute = self.create_attribute(obj, definition, user, json, False) if create_observables: observable = self.create_observable(attribute) sub_obj = self.create_object(observable, obj.definition, user, obj.to_dict(), True) attribute.object_id = sub_obj.identifier attribute.object = sub_obj sub_obj.attributes.append(attribute) observables.append(observable) else: # create related objects sub_obj = self.create_object(obj.observable, obj.definition, user, obj.to_dict(), False) sub_obj.parent = None sub_obj.parent_id = None attribute.object_id = sub_obj.identifier attribute.object = sub_obj sub_obj.attributes.append(attribute) rel_obj = RelatedObject() rel_obj.parent_id = obj.related_object_parent[0].parent.identifier rel_obj.object = sub_obj related_objects.append(rel_obj) if observables: return observables, None else: return None, related_objects else: raise HandlerException('No value found for handler {0}'.format(self.__class__.__name__))
def insert(self, report, user, json): value = json.get('value', None) filename = value.get('name', None) data = value.get('data', None) if isinstance(data, types.DictionaryType): # Workaround for the webfront end data = data.get('data', None) if filename and data: # save file to tmp folder tmp_filename = hashMD5(datetime.utcnow()) binary_data = base64.b64decode(data) tmp_folder = self.get_tmp_folder() tmp_path = tmp_folder + '/' + tmp_filename # create file in tmp file_obj = open(tmp_path, "w") file_obj.write(binary_data) file_obj.close() sha1 = hasher.fileHashSHA1(tmp_path) rel_folder = self.get_rel_folder() dest_path = self.get_dest_folder(rel_folder) + '/' + sha1 # move it to the correct place move(tmp_path, dest_path) # remove temp folder rmtree(dirname(tmp_path)) # create attribtues internal_json = json # mainNone main_definition = self.get_main_definition() internal_json['value'] = rel_folder + '/' + sha1 + '|' + filename main_attribute = self.create_reference(report, main_definition, user, internal_json) # secondary attributes = list() # filename_definition = self.get_reference_definition(CHK_SUM_FILE_NAME) # internal_json['value'] = filename # attribute = self.create_reference(report, filename_definition, user, internal_json) # attributes.append(attribute) return main_attribute, attributes, None else: raise HandlerException( 'Value is invalid format has to be {"name": <name>,"data": <base 64 encoded data> }' )
def update(self, attribute, user, json): raise HandlerException('FileHandler does not support updates')
def get_main_attribute(self, attributes): main_def = self.get_main_definition() for attr in attributes: if attr.definition.uuid == main_def.uuid: return attr raise HandlerException('Main attribute cannot be found')
def __process_attribute(self, method, event, obj, requested_object, details, inflated, json, headers): try: user = self.get_user() if method == 'POST': self.check_if_user_can_add(event) # Get needed handler definition = self.attribute_definition_controller.get_attribute_definitions_by_uuid( json.get('definition_id', None)) handler_instance = self.__get_handler(definition) # set provenace to handler handler_instance.is_rest_insert = self.is_rest_insert(headers) handler_instance.is_owner = self.is_event_owner(event, user) # Ask handler to process the json for the new attributes/observables # param 1 can be either a list of attributes or a list of observables param_1, related_objects = handler_instance.insert( obj, user, json) is_observable = True # checks for param 1: event_permissions = self.get_event_user_permissions( event, self.get_user()) if isinstance(param_1, ListType): if len(param_1) > 0: first_element = param_1[0] if isinstance(first_element, Attribute): is_observable = False elif isinstance(first_element, Object): is_observable = False else: raise RestHandlerException( 'Fist parameter is an empty list for handler {0}'. format(definition.attribute_handler.classname)) else: if not related_objects: is_observable = False raise RestHandlerException( 'Fist parameter and related_objects are not a list or are empty for handler {0}' .format(definition.attribute_handler.classname)) modified_obj = False if is_observable and param_1: # make a composed observable for the observables gotten an the observable of the originating object observable = obj.observable # check if there is already a composed observable on top if there is add the observables try: test_composition = self.observable_controller.get_composition_by_observable( observable) except ControllerNothingFoundException: test_composition = None if test_composition: composed_observable = test_composition else: if obj.attributes or obj.related_objects: # then the references are done differently # the object moves down into an other observable observable.event = None observable.event_id = None # create a new observable new_obs = Observable() new_obs.event = event new_obs.event_id = event.identifier new_obs.parent = event new_obs.parent_id = event.identifier new_obs.dbcode = observable.dbcode self.attribute_controller.set_extended_logging( new_obs, user, event.owner_group, True) composed_observable = ObservableComposition() composed_observable.uuid = uuid4() composed_observable.dbcode = observable.dbcode composed_observable.parent = new_obs new_obs.observable_composition = composed_observable new_obs.observable_composition.observables.append( observable) self.observable_controller.insert_observable( new_obs, user, commit=False) first_obs = param_1.pop(0) first_object = first_obs.object for attr in first_object.attributes: observable.object.attributes.append(attr) else: # if the the object has no attributes and no related objects create a composed observable # if there exists none create composed observable composed_observable = ObservableComposition() composed_observable.uuid = uuid4() composed_observable.dbcode = observable.dbcode composed_observable.parent = observable observable.observable_composition = composed_observable db_user = user = self.attribute_controller.user_broker.get_by_id( user.identifier) for obs in param_1: # enforce that no parent is set obs.event = None obs.event_id = None obs.parent = event obs.parent_id = event.identifier # set extended logging self.attribute_controller.set_extended_logging( obs, db_user, event.owner_group, True) composed_observable.observables.append(obs) if test_composition: self.observable_controller.update_observable_compositon( composed_observable, user, commit=False) else: self.observable_controller.update_observable( observable, user, commit=False) param_1 = composed_observable.parent else: # process the attributes and related objects # get the main attribtue # Check if not elements were attached to the object # TODO: find a way to check if the object has been changed # TODO also check if there are no children attached if True: if param_1: self.attribute_controller.insert_attributes( param_1, user, False, self.is_event_owner(event, user)) self.observable_controller.insert_handler_related_objects( related_objects, user, False, self.is_event_owner(event, user)) else: # attach the related object to the parent object if there is any if obj.related_object_parent: # attach the related objects to the parent object!! parent_obj = self.observable_controller.get_parent_object_by_object( obj) if not obj.attributes: first_relObject = related_objects.pop(0) for attr in first_relObject.object.attributes: attr.object = obj attr.object_id = obj.identifier obj.attributes.append(attr) modified_obj = True for related_object in related_objects: parent_obj.related_objects.append( related_object) self.observable_controller.update_object( parent_obj, user, False) # self.observable_controller.insert_handler_related_objects(related_objects, user, False, self.is_event_owner(event, user)) else: raise RestHandlerException( 'The object is a root object, cannot process this. Please ask for assistance' ) else: raise RestHandlerException( 'The object has been modified by the handler {0} this cannot be' .format(definition.attribute_handler.classname)) # return the attributes and related objects # extract all the attributes to make relations flat_attriutes = self.__get_all_attribtues( param_1, related_objects, is_observable) if modified_obj: is_observable = True param_1 = obj.observable # make relations # TODO: add flag to skip this step self.relations_controller.generate_bulk_attributes_relations( event, flat_attriutes, True) result = self.__make_attribute_insert_return( param_1, related_objects, is_observable, details, inflated, event_permissions, user) return result else: uuid = requested_object['object_uuid'] if method == 'GET': if uuid: attribute = self.attribute_controller.get_attribute_by_uuid( uuid) self.check_item_is_viewable(event, attribute) return attribute.to_dict(details, inflated) else: result = list() for attribute in obj.attributes: if self.is_item_viewable(event, attribute): result.append( attribute.to_dict(details, inflated)) return result else: attribute = self.attribute_controller.get_attribute_by_uuid( uuid) if method == 'PUT': old_attr = attribute self.check_if_event_is_modifiable(event) self.check_item_is_viewable(event, attribute) self.check_if_user_can_set_validate_or_shared( event, old_attr, user, json) definition_uuid = json.get('definition_id', None) if definition_uuid: # check if it still is the same if attribute.definition.uuid != definition_uuid: raise HandlerException( 'It is not possible to change the definition of attribtues' ) handler_instance = self.__get_handler( attribute.definition) handler_instance.is_rest_insert = self.is_rest_insert( headers) handler_instance.is_owner = self.is_event_owner( event, user) # Ask handler to process the json for the new attributes attribute = handler_instance.update( attribute, user, json) if self.is_event_owner(event, user): attribute.properties.is_validated = True attribute.properties.is_proposal = False else: attribute.properties.is_validated = False attribute.properties.is_proposal = True self.logger.info( u'User {0} changed attribute {1} from {2} to {3}'. format(user.username, attribute.identifier, old_attr.value, attribute.value)) # TODO: check if there are no children attached self.attribute_controller.update_attribute( attribute, user, True) return attribute.to_dict(details, inflated) elif method == 'DELETE': self.check_if_event_is_deletable(event) self.check_item_is_viewable(event, attribute) self.attribute_controller.remove_attribute( attribute, user, True) return 'Deleted object' except ValueException as error: raise RestHandlerException(error)
def __process_reference(self, method, event, report, requested_object, details, inflated, json, headers): try: user = self.get_user() if method == 'POST': self.check_if_user_can_add(event) # Get needed handler definition = self.report_controller.get_reference_definitions_by_uuid( json.get('definition_id', None)) handler_instance = self.__get_handler(definition) handler_instance.is_rest_insert = self.is_rest_insert(headers) handler_instance.is_owner = self.is_event_owner(event, user) # Ask handler to process the json for the new attributes reference, additional_references, related_reports = handler_instance.insert( report, user, json) # Check if not elements were attached to the object # TODO: find a way to check if the object has been changed # TODO also check if there are no children attached if True: self.report_controller.insert_reference( reference, additional_references, user, False, self.is_event_owner(event, user)) if related_reports: raise NotImplementedException( 'Related reports returned for handler {0} but the processing is not' .format(definition.attribute_handler.classname)) self.report_controller.insert_handler_reports( related_reports, user, True, self.is_event_owner(event, user)) else: raise RestHandlerException( 'The object has been modified by the handler {0} this cannot be' .format(definition.attribute_handler.classname)) # Return the generated references as json result_references = list() result_references.append(reference.to_dict(details, inflated)) if additional_references: for additional_reference in additional_references: result_references.append( additional_reference.to_dict(details, inflated)) result_reports = list() if related_reports: for related_object in related_reports: result_reports.append( related_object.to_dict(details, inflated)) return { 'references': result_references, 'related_reports': result_reports } else: uuid = requested_object['object_uuid'] if method == 'GET': if uuid: reference = self.report_controller.get_reference_by_uuid( uuid) self.check_item_is_viewable(event, reference) return reference.to_dict(details, inflated) else: result = list() for reference in report.references: if self.is_item_viewable(event, reference): result.append( reference.to_dict(details, inflated)) return result else: reference = self.report_controller.get_reference_by_uuid( uuid) if method == 'PUT': old_ref = reference self.check_if_event_is_modifiable(event) self.check_item_is_viewable(event, reference) definition_uuid = json.get('definition_id', None) if definition_uuid: # check if it still is the same if not reference.definition.uuid == definition_uuid: raise HandlerException( 'It is not possible to change the definition of references' ) handler_instance = self.__get_handler( reference.definition) handler_instance.is_rest_insert = self.is_rest_insert( headers) handler_instance.is_owner = self.is_event_owner( event, user) self.check_if_user_can_set_validate_or_shared( event, old_ref, user, json) # Ask handler to process the json for the new attributes reference = handler_instance.update( reference, user, json) self.logger.info( u'User {0} changed reference {1} from {2} to {3}'. format(user.username, old_ref.identifier, old_ref.value, reference.value)) # TODO: check if there are no children attached self.report_controller.update_reference( reference, user, True) return reference.to_dict(details, inflated) elif method == 'DELETE': self.check_if_event_is_deletable(event) self.check_item_is_viewable(event, reference) self.report_controller.remove_reference( reference, user, True) return 'Deleted object' except ValueException as error: raise RestHandlerException(error)
def insert(self, obj, user, json): value = json.get('value', None) filename = value.get('name', None) data = value.get('data', None) if isinstance(data, types.DictionaryType): # Workaround for the webfront end data = data.get('data', None) if filename and data: # save file to tmp folder tmp_filename = hashMD5(datetime.utcnow()) binary_data = base64.b64decode(data) tmp_folder = self.get_tmp_folder() tmp_path = tmp_folder + '/' + tmp_filename # create file in tmp file_obj = open(tmp_path, "w") file_obj.write(binary_data) file_obj.close() sha1 = hasher.fileHashSHA1(tmp_path) rel_folder = self.get_rel_folder() dest_path = self.get_dest_folder(rel_folder) + '/' + sha1 # move it to the correct place move(tmp_path, dest_path) # remove temp folder rmtree(dirname(tmp_path)) # create attribtues internal_json = json # main main_definition = self.get_main_definition() internal_json['value'] = rel_folder + '/' + sha1 attributes = list() main_attribute = self.create_attribute(obj, main_definition, user, internal_json) # secondary filename_definition = self.get_attriute_definition(CHK_SUM_FILE_NAME) internal_json['value'] = filename attribute = self.create_attribute(obj, filename_definition, user, internal_json) attributes.append(attribute) sha1_definition = self.get_attriute_definition(CHK_SUM_HASH_SHA1) internal_json['value'] = sha1 attribute = self.create_attribute(obj, sha1_definition, user, internal_json) attributes.append(attribute) # set parent for attribtue in attributes: attribtue.parent = main_attribute obj_def = self.get_object_definition(CHK_SUM_ARTEFACT) childobj = self.create_object(obj.observable, obj_def, user, {}, False) rel_obj = RelatedObject() rel_obj.parent = obj rel_obj.parent_id = obj.identifier rel_obj.object = childobj childobj.attributes.append(main_attribute) # attributes.append(main_attribute) childobjs = list() childobjs.append(rel_obj) return attributes, childobjs else: raise HandlerException('Value is invalid format has to be {"name": <name>,"data": <base 64 encoded data> }')