def parse_comments(self, indicators):
from crits.comments.handlers import get_comments
data = {}
for indicator in indicators:
if self.was_saved(indicator):
obj_id = self.imported[indicator.id_][1].id
obj_type = self.imported[indicator.id_][0]
comments = get_comments(obj_id, obj_type, False)
for rel in getattr(indicator, 'related_indicators', ()):
if rel.item.title in 'CRITs Comment(s)':
data['comment'] = str(rel.item.description)
if rel.item.short_description:
data['url_key'] = str(rel.item.short_description)
else:
data['url_key'] = str(obj_id)
data['private'] = bool(False)
send = True
source_analyst = None
for item in rel.item.producer.contributing_sources:
source_analyst = str(item.identity.name)
for comment in comments:
if comment.edit_date == rel.item.timestamp:
if comment.comment.encode(
'utf-8') == data['comment']:
send = False
if send:
comment_add(data, obj_type, obj_id, None, None,
'taxii', rel.item.timestamp,
source_analyst)
def add_update_comment(request, method, obj_type, obj_id):
"""
Add/update a comment for a top-level object. Should be an AJAX POST.
:param request: Django request object (Required)
:type request: :class:`django.http.HttpRequest`
:param method: If this is a new comment or an update (set to "update").
:type method: str
:param obj_type: The type of the top-level object.
:type obj_type: str
:param obj_id: The ObjectId of the top-level object.
:type obj_id: str
:returns: :class:`django.http.HttpResponse`
"""
if request.method == "POST" and request.is_ajax():
form = AddCommentForm(request.POST)
if form.is_valid():
cleaned_data = form.cleaned_data
subscr = cleaned_data.get('subscribable', False)
analyst = request.user.username
if method == "update":
return comment_update(cleaned_data, obj_type, obj_id, subscr,
analyst)
else:
return comment_add(cleaned_data, obj_type, obj_id, method,
subscr, analyst)
return HttpResponse(json.dumps({
'success': False,
'form': form.as_table()
}),
mimetype="application/json")
return render_to_response("error.html", {'error': 'Expected AJAX/POST'})
def add_update_comment(request, method, obj_type, obj_id):
"""
Add/update a comment for a top-level object. Should be an AJAX POST.
:param request: Django request object (Required)
:type request: :class:`django.http.HttpRequest`
:param method: If this is a new comment or an update (set to "update").
:type method: str
:param obj_type: The type of the top-level object.
:type obj_type: str
:param obj_id: The ObjectId of the top-level object.
:type obj_id: str
:returns: :class:`django.http.HttpResponse`
"""
if request.method == "POST" and request.is_ajax():
form = AddCommentForm(request.POST)
if form.is_valid():
cleaned_data = form.cleaned_data
subscr = cleaned_data.get('subscribable', False)
analyst = request.user.username
if method == "update":
return comment_update(cleaned_data, obj_type, obj_id,
subscr, analyst)
else:
return comment_add(cleaned_data, obj_type, obj_id, method,
subscr, analyst)
return HttpResponse(json.dumps({'success':False,
'form':form.as_table()}),
mimetype="application/json")
return render_to_response("error.html", {'error':'Expected AJAX/POST'})
def obj_create(self, bundle, **kwargs):
"""
Handles creating Comments through the API.
:param bundle: Bundle containing the information to create the Comment.
:type bundle: Tastypie Bundle object.
:returns: HttpResponse.
"""
user = bundle.request.user
comment = bundle.data.get('comment', None)
obj_type = bundle.data.get('object_type', None)
obj_id = bundle.data.get('object_id', None)
content = {'return_code': 1,
'type': 'Comment',
'success': False}
if not obj_type:
content['message'] = 'Must provide an object type.'
self.crits_response(content)
if not obj_id:
content['message'] = 'Must provide an object id.'
self.crits_response(content)
if not comment:
content['message'] = 'Must provide a comment.'
self.crits_response(content)
data = {'comment': comment,
'object_type': obj_type,
'object_id': obj_id,
'url_key': obj_id}
acl = get_acl_object(obj_type)
if user.has_access_to(acl.COMMENTS_ADD):
retVal = comment_add(data, obj_type, obj_id, '', {}, user.username)
else:
message = 'You do not have permission to add comment to type %s.' % obj_type
retVal = False
content['message'] = message
content['success'] = False
content['status_code'] = 1
if retVal and "Comment added successfully!" in retVal.content:
content['success'] = True
content['return_code'] = 0
content['message'] = 'Comment added successfully!'
self.crits_response(content)
def obj_create(self, bundle, **kwargs):
"""
Handles creating Comments through the API.
:param bundle: Bundle containing the information to create the Comment.
:type bundle: Tastypie Bundle object.
:returns: HttpResponse.
"""
user = bundle.request.user
comment = bundle.data.get('comment', None)
obj_type = bundle.data.get('object_type', None)
obj_id = bundle.data.get('object_id', None)
content = {'return_code': 1, 'type': 'Comment', 'success': False}
if not obj_type:
content['message'] = 'Must provide an object type.'
self.crits_response(content)
if not obj_id:
content['message'] = 'Must provide an object id.'
self.crits_response(content)
if not comment:
content['message'] = 'Must provide a comment.'
self.crits_response(content)
data = {
'comment': comment,
'object_type': obj_type,
'object_id': obj_id,
'url_key': obj_id
}
acl = get_acl_object(obj_type)
if user.has_access_to(acl.COMMENTS_ADD):
retVal = comment_add(data, obj_type, obj_id, '', {}, user.username)
else:
message = 'You do not have permission to add comment to type %s.' % obj_type
retVal = False
content['message'] = message
content['success'] = False
content['status_code'] = 1
if retVal and "Comment added successfully!" in retVal.content:
content['success'] = True
content['return_code'] = 0
content['message'] = 'Comment added successfully!'
self.crits_response(content)
def add_update_comment(request, method, obj_type, obj_id):
"""
Add/update a comment for a top-level object. Should be an AJAX POST.
:param request: Django request object (Required)
:type request: :class:`django.http.HttpRequest`
:param method: If this is a new comment or an update (set to "update").
:type method: str
:param obj_type: The type of the top-level object.
:type obj_type: str
:param obj_id: The ObjectId of the top-level object.
:type obj_id: str
:returns: :class:`django.http.HttpResponse`
"""
if request.method == "POST" and request.is_ajax():
form = AddCommentForm(request.POST)
if form.is_valid():
cleaned_data = form.cleaned_data
subscr = cleaned_data.get('subscribable', False)
user = request.user
acl = get_acl_object(obj_type)
if method == "update":
if user.has_access_to(acl.COMMENTS_EDIT):
return comment_update(cleaned_data, obj_type, obj_id,
subscr, user.username)
else:
result = {"success":False,
"message":"User does not have permission to edit comments."}
return HttpResponse(json.dumps(result),
content_type="application/json")
else:
if user.has_access_to(acl.COMMENTS_ADD):
return comment_add(cleaned_data, obj_type, obj_id, method,
subscr, user.username)
else:
result = {"success":False,
"message":"User does not have permission to add comments."}
return HttpResponse(json.dumps(result),
content_type="application/json")
return HttpResponse(json.dumps({'success':False,
'form':form.as_table()}),
content_type="application/json")
return render_to_response("error.html", {'error':'Expected AJAX/POST'})
def obj_create(self, bundle, **kwargs):
"""
Handles creating Comments through the API.
:param bundle: Bundle containing the information to create the Comment.
:type bundle: Tastypie Bundle object.
:returns: HttpResponse.
"""
analyst = bundle.request.user.username
comment = bundle.data.get('comment', None)
obj_type = bundle.data.get('object_type', None)
obj_id = bundle.data.get('object_id', None)
content = {'return_code': 1,
'type': 'Comment',
'success': False}
if not obj_type:
content['message'] = 'Must provide an object type.'
self.crits_response(content)
if not obj_id:
content['message'] = 'Must provide an object id.'
self.crits_response(content)
if not comment:
content['message'] = 'Must provide a comment.'
self.crits_response(content)
data = {'comment': comment,
'object_type': obj_type,
'object_id': obj_id,
'url_key': obj_id}
retVal = comment_add(data, obj_type, obj_id, '', {}, analyst)
if "Comment added successfully!" in retVal.content:
content['success'] = True
content['return_code'] = 0
content['message'] = 'Comment added successfully!'
self.crits_response(content)
def obj_create(self, bundle, **kwargs):
"""
Handles creating Comments through the API.
:param bundle: Bundle containing the information to create the Comment.
:type bundle: Tastypie Bundle object.
:returns: HttpResponse.
"""
analyst = bundle.request.user.username
comment = bundle.data.get('comment', None)
obj_type = bundle.data.get('object_type', None)
obj_id = bundle.data.get('object_id', None)
content = {'return_code': 1, 'type': 'Comment', 'success': False}
if not obj_type:
content['message'] = 'Must provide an object type.'
self.crits_response(content)
if not obj_id:
content['message'] = 'Must provide an object id.'
self.crits_response(content)
if not comment:
content['message'] = 'Must provide a comment.'
self.crits_response(content)
data = {
'comment': comment,
'object_type': obj_type,
'object_id': obj_id,
'url_key': obj_id
}
retVal = comment_add(data, obj_type, obj_id, '', {}, analyst)
if "Comment added successfully!" in retVal.content:
content['success'] = True
content['return_code'] = 0
content['message'] = 'Comment added successfully!'
self.crits_response(content)
