Exemple #1
0
def campaign_ttp(request, cid):
    """
    Add/edit/remove a TTP from a Campaign. Should be an AJAX POST.

    :param request: Django request object (Required)
    :type request: :class:`django.http.HttpRequest`
    :param cid: The ObjectId of the Campaign.
    :type cid: str
    :returns: :class:`django.http.HttpResponse`
    """

    if request.method == "POST" and request.is_ajax():
        action = request.POST["action"]
        analyst = request.user.username
        if action == "add":
            result = add_ttp(cid, request.POST["ttp"], analyst)
        elif action == "edit":
            result = edit_ttp(cid, request.POST["old_ttp"], request.POST["new_ttp"], analyst)
        elif action == "remove":
            result = remove_ttp(cid, request.POST["ttp"], analyst)
        else:
            result = {"success": False, "message": "Invalid action."}
        if "campaign" in result:
            campaign = result["campaign"]
            html = render_to_string(
                "campaign_ttps_data_widget.html", {"campaign_detail": campaign}, RequestContext(request)
            )
            del result["campaign"]
            result["html"] = html
        return HttpResponse(json.dumps(result), mimetype="application/json")
    else:
        return render_to_response("error.html", {"error": "Expected AJAX POST."}, RequestContext(request))
Exemple #2
0
def campaign_ttp(request, cid):
    """
    Add/edit/remove a TTP from a Campaign. Should be an AJAX POST.

    :param request: Django request object (Required)
    :type request: :class:`django.http.HttpRequest`
    :param cid: The ObjectId of the Campaign.
    :type cid: str
    :returns: :class:`django.http.HttpResponse`
    """

    if request.method == "POST" and request.is_ajax():
        action = request.POST['action']
        analyst = request.user.username
        if action == "add":
            result = add_ttp(cid, request.POST['ttp'], analyst)
        elif action == "edit":
            result = edit_ttp(cid, request.POST['old_ttp'],
                              request.POST['new_ttp'], analyst)
        elif action == "remove":
            result = remove_ttp(cid, request.POST['ttp'], analyst)
        else:
            result = {'success': False, 'message': "Invalid action."}
        if 'campaign' in result:
            campaign = result['campaign']
            html = render_to_string('campaign_ttps_data_widget.html',
                                    {'campaign_detail': campaign},
                                    RequestContext(request))
            del result['campaign']
            result['html'] = html
        return HttpResponse(json.dumps(result), mimetype="application/json")
    else:
        return render_to_response("error.html",
                                  {"error": 'Expected AJAX POST.'},
                                  RequestContext(request))
Exemple #3
0
def campaign_ttp(request, cid):
    """
    Add/edit/remove a TTP from a Campaign. Should be an AJAX POST.

    :param request: Django request object (Required)
    :type request: :class:`django.http.HttpRequest`
    :param cid: The ObjectId of the Campaign.
    :type cid: str
    :returns: :class:`django.http.HttpResponse`
    """

    if request.method == "POST" and request.is_ajax():
        action = request.POST['action']
        user = request.user
        if action == "add":
            if user.has_access_to(CampaignACL.TTPS_ADD):
                result = add_ttp(cid, request.POST['ttp'], user.username)
            else:
                result = {
                    "success": False,
                    "message": "User does not have permission to add TTPs."
                }
        elif action == "edit":
            if user.has_access_to(CampaignACL.TTPS_EDIT):
                result = edit_ttp(cid, request.POST['old_ttp'],
                                  request.POST['new_ttp'], user.username)
            else:
                result = {
                    "success": False,
                    "message": "User does not have permission to modify TTPs."
                }

        elif action == "remove":
            if user.has_access_to(CampaignACL.TTPS_DELETE):
                result = remove_ttp(cid, request.POST['ttp'], user.username)
            else:
                result = {
                    "success": False,
                    "message": "User does not have permission to remove TTPs."
                }
        else:
            result = {'success': False, 'message': "Invalid action."}
        if 'campaign' in result:
            campaign = result['campaign']
            html = render_to_string('campaign_ttps_data_widget.html',
                                    {'campaign_detail': campaign},
                                    request=request)
            del result['campaign']
            result['html'] = html
        return HttpResponse(json.dumps(result),
                            content_type="application/json")
    else:
        return render(request, "error.html", {"error": 'Expected AJAX POST.'})
Exemple #4
0
def campaign_ttp(request, cid):
    """
    Add/edit/remove a TTP from a Campaign. Should be an AJAX POST.

    :param request: Django request object (Required)
    :type request: :class:`django.http.HttpRequest`
    :param cid: The ObjectId of the Campaign.
    :type cid: str
    :returns: :class:`django.http.HttpResponse`
    """

    if request.method == "POST" and request.is_ajax():
        action = request.POST['action']
        user = request.user
        if action == "add":
            if user.has_access_to(CampaignACL.TTPS_ADD):
                result = add_ttp(cid, request.POST['ttp'], user.username)
            else:
                result = {"success":False,
                          "message":"User does not have permission to add TTPs."}
        elif action == "edit":
            if user.has_access_to(CampaignACL.TTPS_EDIT):
                result = edit_ttp(cid, request.POST['old_ttp'],
                                request.POST['new_ttp'],
                                user.username)
            else:
                result = {"success":False,
                          "message":"User does not have permission to modify TTPs."}

        elif action == "remove":
            if user.has_access_to(CampaignACL.TTPS_DELETE):
                result = remove_ttp(cid, request.POST['ttp'],
                                    user.username)
            else:
                result = {"success":False,
                          "message":"User does not have permission to remove TTPs."}
        else:
            result = {'success': False, 'message': "Invalid action."}
        if 'campaign' in result:
            campaign = result['campaign']
            html = render_to_string('campaign_ttps_data_widget.html',
                                    {'campaign_detail': campaign},
                                    RequestContext(request))
            del result['campaign']
            result['html'] = html
        return HttpResponse(json.dumps(result), content_type="application/json")
    else:
        return render_to_response("error.html",
                                  {"error": 'Expected AJAX POST.'},
                                  RequestContext(request))