def handle(self, *args, **options):
"""
Script Execution.
"""
mall = options.get('mall')
analyst = options.get('analyst')
drop = options.get('drop')
migrate = options.get('migrate')
readonly = options.get('readonly')
uberadmin = options.get('uberadmin')
if mall or drop:
print "Drop protection disabled. Dropping all Roles!"
Role.drop_collection()
if mall or uberadmin:
add_uber_admin_role()
if mall or readonly:
print("Creating Read Only Role")
add_readonly_role()
if mall or analyst:
print("Creating Analyst Role")
add_analyst_role()
if mall or migrate:
print("Migrating Legacy Roles.")
migrate_roles()
else:
print("You must select something. See '-h' for options.")
def handle(self, *args, **options):
"""
Script Execution.
"""
mall = options.get('mall')
analyst = options.get('analyst')
drop = options.get('drop')
migrate = options.get('migrate')
readonly = options.get('readonly')
uberadmin = options.get('uberadmin')
if mall or drop:
print "Drop protection disabled. Dropping all Roles!"
Role.drop_collection()
if mall or uberadmin:
add_uber_admin_role()
if mall or readonly:
print("Creating Read Only Role")
add_readonly_role()
if mall or analyst:
print("Creating Analyst Role")
add_analyst_role()
if mall or migrate:
print("Migrating Legacy Roles.")
migrate_roles()
else:
print("You must select something. See '-h' for options.")
def add_analyst_role():
"""
Add Analyst role to the system. This will always reset the Analyst role
back to the original state if found in the database.
"""
role = Role.objects(name='Analyst').first()
if not role:
role = Role()
role.name = "Analyst"
role.description = "Default Analyst Role"
dont_modify = [
'name', 'schema_version', 'active', 'id', 'description',
'unsupported_attrs'
]
for p in role._data.iterkeys():
if p in settings.CRITS_TYPES.iterkeys():
attr = getattr(role, p)
# Modify the attributes.
for x in attr._data.iterkeys():
if 'delete' not in str(x):
setattr(attr, x, True)
else:
setattr(attr, x, False)
# Set the attribute on the ACL.
setattr(role, p, attr)
elif p == "sources":
for s in getattr(role, p):
for x in s._data.iterkeys():
if x != "name":
setattr(s, x, True)
elif p not in dont_modify:
if p == 'api_interface' or p == 'web_interface' or p == 'script_interface':
setattr(role, p, True)
else:
setattr(role, p, False)
role.save()
def add_analyst_role():
"""
Add Analyst role to the system. This will always reset the Analyst role
back to the original state if found in the database.
"""
role = Role.objects(name='Analyst').first()
if not role:
role = Role()
role.name = "Analyst"
role.description = "Default Analyst Role"
dont_modify = ['name',
'schema_version',
'active',
'id',
'description',
'unsupported_attrs']
for p in role._data.iterkeys():
if p in settings.CRITS_TYPES.iterkeys():
attr = getattr(role, p)
# Modify the attributes.
for x in attr._data.iterkeys():
if 'delete' not in str(x):
setattr(attr, x, True)
else:
setattr(attr, x, False)
# Set the attribute on the ACL.
setattr(role, p, attr)
elif p == "sources":
for s in getattr(role, p):
for x in s._data.iterkeys():
if x != "name":
setattr(s, x, True)
elif p not in dont_modify:
if p == 'api_interface' or p == 'web_interface' or p == 'script_interface':
setattr(role, p, True)
else:
setattr(role, p, False)
role.save()
def add_uber_admin_role(drop=False):
"""
Add UberAdmin role to the system. This will always reset the UberAdmin role
back to the original state if found in the database. If drop is set to True,
all Roles will be removed and the default UberAdmin role will be added.
The 'UberAdmin' role gets full access to *ALL* sources at the time it is
created.
If you wish to change the name of this role, you can change the ADMIN_ROLE
settings variable.
:param drop: Drop collection before adding.
:type drop: boolean
"""
if drop:
print "Drop protection disabled. Dropping all Roles!"
Role.drop_collection()
else:
print "Drop protection enabled!\nResetting 'UberAdmin' Role to defaults!"
role = Role.objects(name=settings.ADMIN_ROLE).first()
if not role:
print "Could not find UberAdmin Role. Creating it!"
role = Role()
role.name = settings.ADMIN_ROLE
role.description = "Default role with full system access."
role.add_all_sources()
role.make_all_true()
role.save()
def get_user_role(username):
from crits.core.role import Role
user = get_user_info(username)
roles = Role.objects(name=user.roles[0])
return roles
def get_user_role(username):
from crits.core.role import Role
user = get_user_info(username)
roles = Role.objects(name=user.roles[0])
return roles
def class_from_id(type_, _id):
"""
Return an instantiated class object.
:param type_: The CRITs top-level object type.
:type type_: str
:param _id: The ObjectId to search for.
:type _id: str
:returns: class which inherits from
:class:`crits.core.crits_mongoengine.CritsBaseAttributes`
"""
#Quick fail
if not _id or not type_:
return None
# doing this to avoid circular imports
# make sure it's a string
_id = str(_id)
# Use bson.ObjectId to make sure this is a valid ObjectId, otherwise
# the queries below will raise a ValidationError exception.
if not ObjectId.is_valid(_id.decode('utf8')):
return None
if type_ == 'Actor':
from crits.actors.actor import Actor
return Actor.objects(id=_id).first()
elif type_ == 'Backdoor':
from crits.backdoors.backdoor import Backdoor
return Backdoor.objects(id=_id).first()
elif type_ == 'ActorThreatIdentifier':
from crits.actors.actor import ActorThreatIdentifier
return ActorThreatIdentifier.objects(id=_id).first()
elif type_ == 'Campaign':
from crits.campaigns.campaign import Campaign
return Campaign.objects(id=_id).first()
elif type_ == 'Certificate':
from crits.certificates.certificate import Certificate
return Certificate.objects(id=_id).first()
elif type_ == 'Comment':
from crits.comments.comment import Comment
return Comment.objects(id=_id).first()
elif type_ == 'Domain':
from crits.domains.domain import Domain
return Domain.objects(id=_id).first()
elif type_ == 'Email':
from crits.emails.email import Email
return Email.objects(id=_id).first()
elif type_ == 'Event':
from crits.events.event import Event
return Event.objects(id=_id).first()
elif type_ == 'Exploit':
from crits.exploits.exploit import Exploit
return Exploit.objects(id=_id).first()
elif type_ == 'Indicator':
from crits.indicators.indicator import Indicator
return Indicator.objects(id=_id).first()
elif type_ == 'Action':
from crits.core.crits_mongoengine import Action
return Action.objects(id=_id).first()
elif type_ == 'IP':
from crits.ips.ip import IP
return IP.objects(id=_id).first()
elif type_ == 'PCAP':
from crits.pcaps.pcap import PCAP
return PCAP.objects(id=_id).first()
elif type_ == 'RawData':
from crits.raw_data.raw_data import RawData
return RawData.objects(id=_id).first()
elif type_ == 'RawDataType':
from crits.raw_data.raw_data import RawDataType
return RawDataType.objects(id=_id).first()
elif type_ == 'Role':
from crits.core.role import Role
return Role.objects(id=_id).first()
elif type_ == 'Sample':
from crits.samples.sample import Sample
return Sample.objects(id=_id).first()
elif type_ == 'Signature':
from crits.signatures.signature import Signature
return Signature.objects(id=_id).first()
elif type_ == 'SignatureType':
from crits.signatures.signature import SignatureType
return SignatureType.objects(id=_id).first()
elif type_ == 'SignatureDependency':
from crits.signatures.signature import SignatureDependency
return SignatureDependency.objects(id=_id).first()
elif type_ == 'SourceAccess':
from crits.core.source_access import SourceAccess
return SourceAccess.objects(id=_id).first()
elif type_ == 'Screenshot':
from crits.screenshots.screenshot import Screenshot
return Screenshot.objects(id=_id).first()
elif type_ == 'Target':
from crits.targets.target import Target
return Target.objects(id=_id).first()
else:
return None
def class_from_id(type_, _id):
"""
Return an instantiated class object.
:param type_: The CRITs top-level object type.
:type type_: str
:param _id: The ObjectId to search for.
:type _id: str
:returns: class which inherits from
:class:`crits.core.crits_mongoengine.CritsBaseAttributes`
"""
#Quick fail
if not _id or not type_:
return None
# doing this to avoid circular imports
from crits.actors.actor import ActorThreatIdentifier, Actor
from crits.backdoors.backdoor import Backdoor
from crits.campaigns.campaign import Campaign
from crits.certificates.certificate import Certificate
from crits.comments.comment import Comment
from crits.core.crits_mongoengine import Action
from crits.core.source_access import SourceAccess
from crits.core.role import Role
from crits.domains.domain import Domain
from crits.emails.email import Email
from crits.events.event import Event
from crits.exploits.exploit import Exploit
from crits.indicators.indicator import Indicator
from crits.ips.ip import IP
from crits.pcaps.pcap import PCAP
from crits.raw_data.raw_data import RawData, RawDataType
from crits.samples.sample import Sample
from crits.screenshots.screenshot import Screenshot
from crits.signatures.signature import Signature, SignatureType, SignatureDependency
from crits.targets.target import Target
# make sure it's a string
_id = str(_id)
# Use bson.ObjectId to make sure this is a valid ObjectId, otherwise
# the queries below will raise a ValidationError exception.
if not ObjectId.is_valid(_id.decode('utf8')):
return None
if type_ == 'Actor':
return Actor.objects(id=_id).first()
elif type_ == 'Backdoor':
return Backdoor.objects(id=_id).first()
elif type_ == 'ActorThreatIdentifier':
return ActorThreatIdentifier.objects(id=_id).first()
elif type_ == 'Campaign':
return Campaign.objects(id=_id).first()
elif type_ == 'Certificate':
return Certificate.objects(id=_id).first()
elif type_ == 'Comment':
return Comment.objects(id=_id).first()
elif type_ == 'Domain':
return Domain.objects(id=_id).first()
elif type_ == 'Email':
return Email.objects(id=_id).first()
elif type_ == 'Event':
return Event.objects(id=_id).first()
elif type_ == 'Exploit':
return Exploit.objects(id=_id).first()
elif type_ == 'Indicator':
return Indicator.objects(id=_id).first()
elif type_ == 'Action':
return Action.objects(id=_id).first()
elif type_ == 'IP':
return IP.objects(id=_id).first()
elif type_ == 'PCAP':
return PCAP.objects(id=_id).first()
elif type_ == 'RawData':
return RawData.objects(id=_id).first()
elif type_ == 'RawDataType':
return RawDataType.objects(id=_id).first()
elif type_ == 'Role':
return Role.objects(id=_id).first()
elif type_ == 'Sample':
return Sample.objects(id=_id).first()
elif type_ == 'Signature':
return Signature.objects(id=_id).first()
elif type_ == 'SignatureType':
return SignatureType.objects(id=_id).first()
elif type_ == 'SignatureDependency':
return SignatureDependency.objects(id=_id).first()
elif type_ == 'SourceAccess':
return SourceAccess.objects(id=_id).first()
elif type_ == 'Screenshot':
return Screenshot.objects(id=_id).first()
elif type_ == 'Target':
return Target.objects(id=_id).first()
else:
return None
def add_uber_admin_role(drop=False):
"""
Add UberAdmin role to the system. This will always reset the UberAdmin role
back to the original state if found in the database. If drop is set to True,
all Roles will be removed and the default UberAdmin role will be added.
The 'UberAdmin' role gets full access to *ALL* sources at the time it is
created.
If you wish to change the name of this role, you can change the ADMIN_ROLE
settings variable.
:param drop: Drop collection before adding.
:type drop: boolean
"""
if drop:
print "Drop protection disabled. Dropping all Roles!"
Role.drop_collection()
else:
print "Drop protection enabled!\nResetting 'UberAdmin' Role to defaults!"
role = Role.objects(name=settings.ADMIN_ROLE).first()
if not role:
print "Could not find UberAdmin Role. Creating it!"
role = Role()
role.name = settings.ADMIN_ROLE
role.description = "Default role with full system access."
role.add_all_sources()
role.make_all_true()
role.save()