Exemple #1
0
def create_rtbh(current_user):
    all_com = db.session.query(Community).all()
    if not all_com:
        insert_initial_communities()

    net_ranges = get_user_nets(current_user["id"])

    json_request_data = request.get_json()
    form = RTBHForm(data=json_request_data, meta={"csrf": False})

    form.community.choices = get_user_communities(current_user["role_ids"])
    form.net_ranges = net_ranges

    if not form.validate():
        form_errors = get_form_errors(form)
        if form_errors:
            return jsonify(form_errors), 400

    model = get_rtbh_model_if_exists(form.data, 1)

    if model:
        model.expires, pref_format = parse_api_time(form.expires.data)
        flash_message = (
            u"Existing RTBH Rule found. Expiration time was updated to new value."
        )
    else:
        expires, pref_format = parse_api_time(form.expires.data)
        model = RTBH(
            ipv4=form.ipv4.data,
            ipv4_mask=form.ipv4_mask.data,
            ipv6=form.ipv6.data,
            ipv6_mask=form.ipv6_mask.data,
            community_id=form.community.data,
            expires=expires,
            comment=quote_to_ent(form.comment.data),
            user_id=current_user["id"],
            rstate_id=get_state_by_time(expires),
        )
        db.session.add(model)
        db.session.commit()
        flash_message = u"RTBH Rule saved"

    # announce routes
    if model.rstate_id == 1:
        route = messages.create_rtbh(model, ANNOUNCE)
        announce_route(route)
    # log changes
    log_route(
        current_user["id"],
        model,
        RULE_TYPES["RTBH"],
        "{} / {}".format(current_user["uuid"], current_user["org"]),
    )

    pref_format = output_date_format(json_request_data, pref_format)
    return jsonify({
        "message": flash_message,
        "rule": model.to_dict(pref_format)
    }), 201
Exemple #2
0
def rtbh_rule():
    all_com = db.session.query(Community).all()
    if not all_com:
        insert_initial_communities()

    net_ranges = get_user_nets(session['user_id'])
    form = RTBHForm(request.form)

    form.community.choices = get_user_communities(session['user_role_ids'])
    form.net_ranges = net_ranges

    if request.method == 'POST' and form.validate():

        model = get_rtbh_model_if_exists(form.data, 1)

        if model:
            model.expires = round_to_ten_minutes(webpicker_to_datetime(form.expires.data))
            flash_message = u'Existing RTBH Rule found. Expiration time was updated to new value.'
        else:

            model = RTBH(
                ipv4=form.ipv4.data,
                ipv4_mask=form.ipv4_mask.data,
                ipv6=form.ipv6.data,
                ipv6_mask=form.ipv6_mask.data,
                community_id=form.community.data,
                expires=round_to_ten_minutes(webpicker_to_datetime(form.expires.data)),
                comment=quote_to_ent(form.comment.data),
                user_id=session['user_id'],
                rstate_id=get_state_by_time(webpicker_to_datetime(form.expires.data))
            )
            db.session.add(model)
            db.session.commit()
            flash_message = u'RTBH Rule saved'

        flash(flash_message, 'alert-success')
        # announce routes
        if model.rstate_id == 1:
            route = messages.create_rtbh(model, constants.ANNOUNCE)
            announce_route(route)
        # log changes
        log_route(session['user_id'], model, RULE_TYPES['RTBH'])

        return redirect(url_for('index'))
    else:
        for field, errors in form.errors.items():
            for error in errors:
                print(u"Error in the %s field - %s" % (
                    getattr(form, field).label.text,
                    error
                ))

    default_expires = datetime.now() + timedelta(days=7)
    form.expires.data = datetime_to_webpicker(default_expires)

    return render_template('forms/rtbh_rule.j2', form=form, action_url=url_for('rules.rtbh_rule'))
Exemple #3
0
def all_communities(current_user):
    """
    Returns RTHB communites allowed for current user
    :param current_user:
    :return: json response
    """

    coms = get_user_communities(current_user["role_ids"])
    if coms:
        return jsonify(coms)
    else:
        return jsonify({"message": "no actions for this user?"}), 404
Exemple #4
0
def group_update():
    """
    update rules
    """
    rule_type = session[constants.TYPE_ARG]
    model_name = DATA_MODELS_NAMED[rule_type]
    form_name = DATA_FORMS_NAMED[rule_type]
    to_update = request.form.getlist('delete-id')
    rules_dict = session[constants.RULES_KEY]
    rule_type = session[constants.TYPE_ARG]
    rule_type_int = constants.RULE_TYPES[rule_type]
    rules = [str(rule) for rule in rules_dict[str(rule_type_int)]]

    # redirect bad request
    if not set(to_update).issubset(set(rules)):
        flash(u'You can edit these rules!', 'alert-danger')
        return redirect(
            url_for('dashboard.index',
                    rtype=session[constants.TYPE_ARG],
                    rstate=session[constants.RULE_ARG],
                    sort=session[constants.SORT_ARG],
                    squery=session[constants.SEARCH_ARG],
                    order=session[constants.ORDER_ARG]))

    # populate the form
    session['group-update'] = to_update
    form = form_name(request.form)
    form.net_ranges = get_user_nets(session['user_id'])
    if rule_type_int > 2:
        form.action.choices = [
            (g.id, g.name) for g in db.session.query(Action).order_by('name')
        ]
    if rule_type_int == 1:
        form.community.choices = get_user_communities(session['user_role_ids'])

    form.expires.data = datetime_to_webpicker(datetime.now())
    for field in form:
        if field.name not in ['expires', 'csrf_token', 'comment']:
            field.render_kw = {'disabled': 'disabled'}

    action_url = url_for('rules.group_update_save', rule_type=rule_type_int)

    return render_template(DATA_TEMPLATES[rule_type_int],
                           form=form,
                           action_url=action_url,
                           editing=True,
                           title="Group Update")
Exemple #5
0
def reactivate_rule(rule_type, rule_id):
    """
    Set new time for the rule of given type identified by id
    :param rule_type: string - type of rule
    :param rule_id: integer - id of the rule
    """
    model_name = DATA_MODELS[rule_type]
    form_name = DATA_FORMS[rule_type]

    model = db.session.query(model_name).get(rule_id)
    form = form_name(request.form, obj=model)
    form.net_ranges = get_user_nets(session['user_id'])

    if rule_type > 2:
        form.action.choices = [(g.id, g.name)
                               for g in db.session.query(Action).order_by('name')]
        form.action.data = model.action_id

    if rule_type == 1:
        form.community.choices = get_user_communities(session['user_role_ids'])
        form.community.data = model.community_id

    if rule_type == 4:
        form.protocol.data = model.protocol

    if rule_type == 6:
        form.next_header.data = model.next_header

    # do not need to validate - all is readonly
    if request.method == 'POST':
        # set new expiration date
        model.expires = round_to_ten_minutes(webpicker_to_datetime(form.expires.data))
        # set again the active state
        model.rstate_id = get_state_by_time(webpicker_to_datetime(form.expires.data))
        model.comment = form.comment.data
        db.session.commit()
        flash(u'Rule successfully updated', 'alert-success')

        route_model = ROUTE_MODELS[rule_type]

        if model.rstate_id == 1:
            # announce route
            route = route_model(model, constants.ANNOUNCE)
            announce_route(route)
            # log changes
            log_route(session['user_id'], model, rule_type)
        else:
            # withdraw route
            route = route_model(model, constants.WITHDRAW)
            announce_route(route)
            # log changes
            log_withdraw(session['user_id'], route, rule_type, model.id)

        return redirect(url_for('dashboard.index',
                                rtype=session[constants.TYPE_ARG],
                                rstate=session[constants.RULE_ARG],
                                sort=session[constants.SORT_ARG],
                                squery=session[constants.SEARCH_ARG],
                                order=session[constants.ORDER_ARG]))
    else:
        flash_errors(form)

    form.expires.data = datetime_to_webpicker(model.expires)
    for field in form:
        if field.name not in ['expires', 'csrf_token', 'comment']:
            field.render_kw = {'disabled': 'disabled'}

    action_url = url_for('rules.reactivate_rule', rule_type=rule_type, rule_id=rule_id)

    return render_template(DATA_TEMPLATES[rule_type], form=form, action_url=action_url, editing=True, title="Update")