def setAttribute(self, attr, value, sessionData=None):
if not sessionData or db.fieldACLAccess(
sessionData, self.acl, attr, accessType="write"):
if attr == "customSearch":
value = helpers.unicodeEscapeDict(value)
return super(_ingaGetScanUp,
self).setAttribute(attr, value, sessionData=sessionData)
def run(self, data, persistentData, actionResult):
if not hasattr(self, "plain_apiToken"):
self.plain_apiToken = auth.getPasswordFromENC(self.apiToken)
queryString = helpers.evalString(self.queryString, {"data": data})
facetsString = helpers.evalString(self.facetsString, {"data": data})
sapi = shodan._shodanapi(self.plain_apiToken)
response = sapi.hostSearch(queryString, facetsString)
responseData = response.text
if response.status_code == 200:
responseData = json.loads(responseData)
for x, responseDataItem in enumerate(responseData["matches"]):
responseData["matches"][x] = helpers.unicodeEscapeDict(
responseDataItem)
try:
responseData["matches"][x]["ssl"]["cert"]["serial"] = str(
responseDataItem["ssl"]["cert"]["serial"])
except:
pass
actionResult["result"] = True
actionResult["rc"] = response.status_code
actionResult["data"] = responseData
return actionResult
def updateModelObject(modelName, objectID):
class_ = loadModel(modelName)
if class_:
data = json.loads(api.request.data)
if data["action"] == "update":
updateItemsList = []
changeLog = {}
data = data["data"]
_class = class_.classObject()().getAsClass(
api.g["sessionData"], id=objectID)
if len(_class) == 1:
_class = _class[0]
# Builds list of permitted ACL
access, accessIDs, adminBypass = db.ACLAccess(
api.g["sessionData"], _class.acl, "write")
if access:
for dataKey, dataValue in data.items():
fieldAccessPermitted = True
# Checking if sessionData is permitted field level access
if _class.acl and not adminBypass:
fieldAccessPermitted = db.fieldACLAccess(
api.g["sessionData"], _class.acl,
dataKey, "write")
if fieldAccessPermitted:
# _id is a protected mongodb object and cant be updated
if dataKey != "_id":
if hasattr(_class, dataKey):
changeLog[dataKey] = {}
changeLog[dataKey][
"currentValue"] = getattr(
_class, dataKey)
if type(getattr(_class,
dataKey)) is str:
if dataValue:
if _class.setAttribute(
dataKey,
str(dataValue),
sessionData=api.
g["sessionData"]):
updateItemsList.append(
dataKey)
changeLog[dataKey][
"newValue"] = getattr(
_class,
dataKey)
elif type(getattr(_class,
dataKey)) is int:
try:
if _class.setAttribute(
dataKey,
int(dataValue),
sessionData=api.
g["sessionData"]):
updateItemsList.append(
dataKey)
changeLog[dataKey][
"newValue"] = getattr(
_class,
dataKey)
except ValueError:
if _class.setAttribute(
dataKey,
0,
sessionData=api.
g["sessionData"]):
updateItemsList.append(
dataKey)
changeLog[dataKey][
"newValue"] = getattr(
_class,
dataKey)
elif type(getattr(
_class, dataKey)) is float:
try:
if _class.setAttribute(
dataKey,
float(dataValue),
sessionData=api.
g["sessionData"]):
updateItemsList.append(
dataKey)
changeLog[dataKey][
"newValue"] = getattr(
_class,
dataKey)
except ValueError:
if _class.setAttribute(
dataKey,
0,
sessionData=api.
g["sessionData"]):
updateItemsList.append(
dataKey)
changeLog[dataKey][
"newValue"] = getattr(
_class,
dataKey)
elif type(getattr(
_class, dataKey)) is bool:
# Convert string object to bool
if type(dataValue) is str:
if dataValue.lower(
) == "true":
dataValue = True
else:
dataValue = False
if _class.setAttribute(
dataKey,
dataValue,
sessionData=api.
g["sessionData"]):
updateItemsList.append(
dataKey)
changeLog[dataKey][
"newValue"] = getattr(
_class, dataKey)
elif type(getattr(
_class,
dataKey)) is dict or type(
getattr(
_class,
dataKey)) is list:
if dataValue:
if _class.setAttribute(
dataKey,
json.loads(
dataValue),
sessionData=api.
g["sessionData"]):
updateItemsList.append(
dataKey)
changeLog[dataKey][
"newValue"] = getattr(
_class,
dataKey)
# Commit back to database
if updateItemsList:
_class.update(updateItemsList)
# Adding audit record
if "_id" in api.g["sessionData"]:
audit._audit().add(
"model", "update", {
"_id":
api.g["sessionData"]["_id"],
"objects":
helpers.unicodeEscapeDict(
changeLog)
})
else:
audit._audit().add(
"model", "update", {
"objects":
helpers.unicodeEscapeDict(
changeLog)
})
return {}, 200
else:
return {}, 403
return {}, 404
def setConductFlow(conductID, flowID):
# List of attributes that are prevented from updating - this needs to be made more dynamic and part of class design
unsafeUpdateList = [
"_id", "classID", "lastCheck", "lastRun", "lastResult", "workerID",
"startCheck"
]
conductObj = conduct._conduct().query(api.g["sessionData"],
id=conductID)["results"]
conductObj = conductObj[0]
conductObj = conduct._conduct().getAsClass(api.g["sessionData"],
id=conductObj["_id"])
if len(conductObj) == 1:
conductObj = conductObj[0]
else:
return {}, 404
flow = [x for x in conductObj.flow if x["flowID"] == flowID]
if len(flow) == 1:
flow = flow[0]
data = json.loads(api.request.data)
modelFlowObject = None
# Check if the modelType and object are unchanged
if "type" in flow:
if flow["type"] == "trigger":
modelFlowObject = trigger._trigger().getAsClass(
api.g["sessionData"],
id=flow["{0}{1}".format(flow["type"], "ID")])
if len(modelFlowObject) == 1:
modelFlowObject = modelFlowObject[0]
modelFlowObjectType = "trigger"
if flow["type"] == "action":
modelFlowObject = action._action().getAsClass(
api.g["sessionData"],
id=flow["{0}{1}".format(flow["type"], "ID")])
if len(modelFlowObject) == 1:
modelFlowObject = modelFlowObject[0]
modelFlowObjectType = "action"
# Was it possible to load an existing object
if modelFlowObject:
# Check that the object model is still the same
if modelFlowObject.classID == data["newClassID"]:
# Get flow object correct class
_class = model._model().getAsClass(
api.g["sessionData"], id=modelFlowObject.classID)
if len(_class) == 1:
_class = _class[0]
_class = _class.classObject()
else:
return {}, 404
modelFlowObject = _class().getAsClass(
api.g["sessionData"], id=modelFlowObject._id)
if len(modelFlowObject) == 1:
modelFlowObject = modelFlowObject[0]
else:
return {}, 404
else:
modelFlowObject = None
# New object required
if not modelFlowObject:
_class = model._model().getAsClass(api.g["sessionData"],
id=data["newClassID"])
if _class:
_class = _class[0].classObject()
# Bug exists as name value is not requried by db class but is for core models - this could result in an error if new model is added that does not accept name within new function override
newFlowObjectID = _class().new(flow["flowID"]).inserted_id
# Working out by bruteforce which type this is ( try and load it by parent class and check for error) - get on trigger if it does not exist will return None
modelFlowObjectType = "action"
if len(trigger._trigger().getAsClass(api.g["sessionData"],
id=newFlowObjectID)) > 0:
modelFlowObjectType = "trigger"
modelFlowObject = _class().getAsClass(api.g["sessionData"],
id=newFlowObjectID)
if len(modelFlowObject) == 1:
modelFlowObject = modelFlowObject[0]
else:
return {}, 404
modelFlowObject.acl = {
"ids": [{
"accessID": api.g["sessionData"]["primaryGroup"],
"read": True,
"write": True,
"delete": True
}]
}
modelFlowObject.update(["acl"])
# Set conduct flow to correct type and objectID
flow["type"] = modelFlowObjectType
flow["{0}{1}".format(modelFlowObjectType,
"ID")] = str(newFlowObjectID)
conductObj.update(["flow"], sessionData=api.g["sessionData"])
# Updating new or existing modeFlowObject
if modelFlowObject:
updateItemsList = []
changeLog = {}
# Getting schema information so types can be set correctly
class_ = model._model().getAsClass(api.g["sessionData"],
id=modelFlowObject.classID)
if class_:
_class = modelFlowObject
# Builds list of permitted ACL
access, accessIDs, adminBypass = db.ACLAccess(
api.g["sessionData"], _class.acl, "write")
if access:
for dataKey, dataValue in data.items():
fieldAccessPermitted = True
# Checking if sessionData is permitted field level access
if _class.acl and not adminBypass:
fieldAccessPermitted = db.fieldACLAccess(
api.g["sessionData"], _class.acl, dataKey,
"write")
if fieldAccessPermitted:
# Change update database entry _id
if dataKey not in unsafeUpdateList:
if hasattr(_class, dataKey):
changeLog[dataKey] = {}
changeLog[dataKey][
"currentValue"] = getattr(
_class, dataKey)
if type(getattr(_class, dataKey)) is str:
if dataValue:
if _class.setAttribute(
dataKey,
str(dataValue),
sessionData=api.
g["sessionData"]):
updateItemsList.append(dataKey)
changeLog[dataKey][
"newValue"] = getattr(
_class, dataKey)
elif type(getattr(_class, dataKey)) is int:
try:
if _class.setAttribute(
dataKey,
int(dataValue),
sessionData=api.
g["sessionData"]):
updateItemsList.append(dataKey)
changeLog[dataKey][
"newValue"] = getattr(
_class, dataKey)
except ValueError:
if _class.setAttribute(
dataKey,
0,
sessionData=api.
g["sessionData"]):
updateItemsList.append(dataKey)
changeLog[dataKey][
"newValue"] = getattr(
_class, dataKey)
elif type(getattr(_class,
dataKey)) is float:
try:
if _class.setAttribute(
dataKey,
float(dataValue),
sessionData=api.
g["sessionData"]):
updateItemsList.append(dataKey)
changeLog[dataKey][
"newValue"] = getattr(
_class, dataKey)
except ValueError:
if _class.setAttribute(
dataKey,
0,
sessionData=api.
g["sessionData"]):
updateItemsList.append(dataKey)
changeLog[dataKey][
"newValue"] = getattr(
_class, dataKey)
elif type(getattr(_class,
dataKey)) is bool:
if _class.setAttribute(
dataKey,
bool(dataValue),
sessionData=api.
g["sessionData"]):
updateItemsList.append(dataKey)
changeLog[dataKey][
"newValue"] = getattr(
_class, dataKey)
elif type(getattr(
_class, dataKey)) is dict or type(
getattr(_class,
dataKey)) is list:
if dataValue:
if _class.setAttribute(
dataKey,
json.loads(dataValue),
sessionData=api.
g["sessionData"]):
updateItemsList.append(dataKey)
changeLog[dataKey][
"newValue"] = getattr(
_class, dataKey)
# Commit back to database
if updateItemsList:
_class.update(updateItemsList,
sessionData=api.g["sessionData"])
# Adding audit record
if "_id" in api.g["sessionData"]:
audit._audit().add(
"model", "update", {
"_id": api.g["sessionData"]["_id"],
"objects":
helpers.unicodeEscapeDict(changeLog)
})
else:
audit._audit().add("model", "update", {
"objects":
helpers.unicodeEscapeDict(changeLog)
})
return {"type": modelFlowObjectType}, 200
else:
return {}, 403
return {}, 404
def run(self, data, persistentData, actionResult):
# Is this a clear event passed by the occurrence clear notifier?
if "clearOccurrence" in data:
actionResult["result"] = True
actionResult["rc"] = 205
return actionResult
elif "000000000001010000000000" in str(self._id):
actionResult["result"] = True
actionResult["rc"] = 201
actionResult[
"msg"] = "Occurrence ran within codify, always results in 201 created"
return actionResult
match = "{0}-{1}".format(
self._id,
helpers.evalString(self.occurrenceMatchString, {"data": data}))
# Check for existing occurrence matches
foundOccurrence = cache.globalCache.get("occurrenceCacheMatch",
match,
getOccurrenceObject,
customCacheTime=self.lullTime,
nullUpdate=True)
if foundOccurrence == None:
# Raising new occurrence and assuming the database took the object as expected
newOccurrence = occurrence._occurrence().bulkNew(
self, match, helpers.unicodeEscapeDict(data), self.acl,
self.bulkClass)
cache.globalCache.insert("occurrenceCacheMatch", match,
newOccurrence)
logging.debug(
"Occurrence Created async, actionID='{0}'".format(self._id), 7)
actionResult["result"] = True
actionResult["rc"] = 201
try:
persistentData["plugin"]["occurrence"].append(newOccurrence)
except:
persistentData["plugin"]["occurrence"] = [newOccurrence]
arrayIndex = len(persistentData["plugin"]["occurrence"]) - 1
actionResult["occurrenceIndex"] = arrayIndex
return actionResult
else:
if foundOccurrence._id != "":
# Checking if we should only update db when less than half lullTime is left ( reduced db load )
if self.dbSlowUpdate and (int(time.time()) -
foundOccurrence.lastOccurrenceTime
) < self.lullTime / 2:
actionResult["result"] = True
actionResult["rc"] = 302
return actionResult
# Updating existing occurrences
foundOccurrence.lastOccurrenceTime = int(time.time())
foundOccurrence.lullTime = (
foundOccurrence.lastOccurrenceTime + self.lullTime)
foundOccurrence.lullTimeExpired = self.lullTimeExpiredCount
foundOccurrence.bulkUpdate(
["lastOccurrenceTime", "lullTime", "lullTimeExpired"],
self.bulkClass)
actionResult["data"]["occurrenceData"] = foundOccurrence.data
logging.debug(
"Occurrence Updated, occurrenceID='{0}' actionID='{1}'".
format(foundOccurrence._id, self._id), 7)
actionResult["result"] = True
actionResult["rc"] = 302
try:
persistentData["plugin"]["occurrence"].append(
foundOccurrence)
except:
persistentData["plugin"]["occurrence"] = [foundOccurrence]
arrayIndex = len(persistentData["plugin"]["occurrence"]) - 1
actionResult["occurrenceIndex"] = arrayIndex
return actionResult
else:
logging.debug(
"Occurrence Update Failed - NO ID, actionID='{0}'".format(
self._id), 7)
actionResult["result"] = False
actionResult["rc"] = 500
return actionResult
def getStatistics(self, xyStatisticsDict):
query = {"_id": db.ObjectId(self._id)}
doc = self._dbCollection.find_one(query)
return helpers.unicodeEscapeDict(doc["statistics"])