def _convert_dict_to_results(input_results):

    import phantom.app as phantom

    from phantom.action_result import ActionResult

    action_results = []
    for i, item in enumerate(input_results):
        r = ActionResult()
        setattr(r, '_ActionResult__status_code', item['status'] == phantom.APP_SUCCESS_STR and phantom.APP_SUCCESS or phantom.APP_ERROR)
        setattr(r, '_ActionResult__status_message', item['message'])
        r.get_data().extend(item['data'])
        r.set_summary(item['summary'])
        r.set_param(item['parameter'])
        r.offset = i
        action_results.append(r)

    return action_results
    def _list_tickets(self, param):

        # Create the action result
        action_result = self.add_action_result(ActionResult(param))

        # Create RT session
        if phantom.is_fail(self._create_rt_session(action_result)):
            return action_result.get_status()

        queue = param.get(RT_JSON_QUEUE, DEFAULT_QUEUE)
        query = param.get(RT_JSON_QUERY, '').strip()

        if query and not query.startswith('AND'):
            query = ' AND {0}'.format(query)

        # Set up the query
        query = "Queue='{0}'{1}".format(queue, query)

        # Query the device for the list of tickets
        ret_val, resp_text = self._make_rest_call("search/ticket",
                                                  action_result,
                                                  params={'query': query})

        if phantom.is_fail(ret_val):
            return ret_val

        if 'No matching results.' in resp_text:
            return action_result.set_status(phantom.APP_SUCCESS,
                                            'Query returned no results')

        # Get ticket ID for each line in response
        tickets = [x.split(':')[0] for x in resp_text.strip().split('\n')[2:]]

        if tickets and "Invalid query" in tickets[0]:
            return action_result.set_status(
                phantom.APP_ERROR,
                'Given query is invalid. Details:\n\n{0}'.format(resp_text))

        # Tickets will be a list of tuples, where the first element will be the ticket ID and the second element will be the subject
        for ticket in tickets:

            ar = ActionResult()

            if phantom.is_fail(self._get_ticket_details(ticket, ar)):
                self.debug_print(
                    'Could not get ticket details for ID {0}: {1}'.format(
                        ticket, ar.get_message()))
                continue

            action_result.add_data(ar.get_data()[0])

        action_result.set_summary({RT_TOTAL_ISSUES: len(tickets)})

        return action_result.set_status(phantom.APP_SUCCESS)
Exemple #3
0
    def _whois_object(self, param, json_key):

        self.debug_print("param", param)

        # Add an action result to the App Run
        action_result = ActionResult(dict(param))
        self.add_action_result(action_result)

        input_object = param[json_key]

        try:
            self._parsed_whois_domain(input_object, action_result)
        except Exception as e:
            self.debug_print(e)

        try:
            if not action_result.get_status() == phantom.APP_SUCCESS:
                self._regular_whois_domain(input_object, action_result)
        except Exception as e:
            message = 'Error while querying input_object'
            action_result.set_status(phantom.APP_ERROR, message, e)
            return action_result.get_status()

        if (phantom.is_fail(action_result.get_status())):
            return action_result.get_status()

        data = action_result.get_data()

        if (not data):
            return action_result.get_status()

        response = data[0]

        if response and 'registrant' in response:
            # get the registrant
            summary = {'organization': response['registrant']}
            if 'parsed_whois' in response:
                contacts = response['parsed_whois'].get('contacts', {})
                if type(contacts) == list:
                    registrant = contacts[0]
                else:
                    registrant = contacts.get('registrant')
                summary['city'] = registrant.get('city')
                summary['country'] = registrant.get('country')
                action_result.update_summary(summary)

        return action_result.get_status()