def file_upload(current):
"""Request an upload ticket for commencing file upload."""
upload_request = location.FileUploadRequest.from_json(
current.request.body.getvalue())
return location.FileUploadResponse.from_keywords(
url=blobstore.create_upload_url(
utils.route_api("/control/file_upload_receive",
upload_request=upload_request.to_json(),
client_id=current.client_id),
gs_bucket_name=app_identity.get_default_gcs_bucket_name(
))).to_primitive()
def upload(current, type, flow_id, part=0):
collection_id = utils.new_collection_id()
result = location.BlobUploadSpecs.from_keywords(
url=blobstore.create_upload_url(
utils.route_api("/control/upload_receive",
type=type,
flow_id=flow_id,
collection_id=collection_id,
part=part,
client_id=current.client_id),
gs_bucket_name=app_identity.get_default_gcs_bucket_name(
))).to_primitive()
return result
def manifest(_):
"""Serve the installation manifest to the client."""
result = agent.Manifest.from_keywords(startup=dict(
# Drop progress reports when running this flow.
ticket=dict(location=location.DevNull()),
actions=[
client.StartupAction.from_keywords(rekall_session=dict(live="API"),
location=dict(
__type__="HTTPLocation",
base=utils.route_api(
"control/startup"),
))
]))
return result.to_primitive()
def propose_from_flows(current, flow_ids, labels, approvers, name=None):
"""Launch a hunt from the flows on these labels."""
hunt_id = utils.new_hunt_id()
now = time.time()
also_upload_files = False
result = agent.Flow.from_keywords(
name=name or hunt_id,
flow_id=hunt_id,
created_time=now,
creator=utils.get_current_username(current),
ticket=dict(
location=dict(
__type__="HTTPLocation",
base=utils.route_api('/control/hunt_ticket'),
path_prefix=hunt_id,
)),
)
db = current.db
seen = set()
for flow_id in flow_ids:
row = db(db.flows.flow_id == flow_id).select().first()
if row:
for action in row.flow.actions:
if action.rekall_session.get("also_upload_files"):
also_upload_files = True
if isinstance(action, actions.PluginAction):
action = actions.PluginAction.from_keywords(
plugin=action.plugin,
rekall_session=action.rekall_session,
collection=dict(
__type__="JSONCollection",
location=dict(
__type__="BlobUploader",
base=html.URL(
c="api", f="control", args=['upload'], host=True),
path_template=(
"collection/%s/{part}" % hunt_id),
)),
args=action.args)
# Dedupe identical canned actions.
key = action.to_json()
if key in seen:
continue
seen.add(key)
result.actions.append(action)
if also_upload_files:
result.file_upload = dict(
__type__="FileUploadLocation",
flow_id=hunt_id,
base=html.URL(c="api", f='control/file_upload',
host=True))
# Add the hunt to the hunts table.
db.hunts.insert(
hunt_id=hunt_id,
creator=result.creator,
flow=result,
labels=labels,
state="Proposed",
timestamp=now)
for approver in approvers:
users.send_notifications(
current, approver, "HUNT_APPROVAL_REQUEST", dict(
hunt_id=hunt_id,
user=utils.get_current_username(current)))
audit.log(current, "HuntProposal", hunt_id=hunt_id)
return {}
def launch_canned_flows(current, client_id, name):
db = current.db
row = db(db.canned_flows.name == name).select().first()
if not row:
raise ValueError("There is no canned flow with name '%s'" % name)
also_upload_files = False
flow_id = utils.new_flow_id()
for action in row.flow.actions:
if action.rekall_session.get("also_upload_files"):
also_upload_files = True
action.collection = dict(__type__="JSONCollection",
location=dict(
__type__="BlobUploader",
base=html.URL(c="api",
f="control",
args=['upload'],
host=True),
path_template=("collection/%s/{part}" %
flow_id),
))
flow = agent.Flow.from_keywords(
name=name,
flow_id=flow_id,
created_time=time.time(),
ticket=dict(location=dict(
__type__="HTTPLocation",
base=utils.route_api('/control/ticket'),
path_prefix=flow_id,
)),
actions=row.flow.actions,
)
if also_upload_files:
flow.file_upload = dict(__type__="FileUploadLocation",
flow_id=flow_id,
base=html.URL(c="api",
f='control/file_upload',
host=True))
db.flows.insert(
flow_id=flow_id,
client_id=client_id,
status=agent.FlowStatus.from_keywords(timestamp=time.time(),
client_id=client_id,
flow_id=flow_id,
status="Pending"),
creator=utils.get_current_username(current),
flow=flow,
timestamp=flow.created_time.timestamp,
)
firebase.notify_client(client_id)
audit.log(current,
"FlowLaunchCanned",
flow_id=flow_id,
canned_flow=name,
client_id=client_id)
return {}
def launch_plugin_flow(current, client_id, rekall_session, plugin, plugin_arg):
"""Launch the flow on the client."""
db = current.db
flow_id = utils.new_flow_id()
spec = plugins.RekallAPI(current).get(plugin)
if not spec:
raise ValueError("Unknown plugin")
# Validate both plugin args and session args.
validate_plugin_args(plugin_arg, spec)
validate_plugin_args(rekall_session, plugins.SessionAPI(current))
flow = agent.Flow.from_keywords(
flow_id=flow_id,
created_time=time.time(),
ticket=dict(location=dict(
__type__="HTTPLocation",
base=utils.route_api('/control/ticket'),
path_prefix=flow_id,
)),
actions=[
dict(__type__="PluginAction",
plugin=plugin,
args=plugin_arg,
rekall_session=rekall_session,
collection=dict(__type__="JSONCollection",
location=dict(
__type__="BlobUploader",
base=html.URL(c="api",
f="control",
args=['upload'],
host=True),
path_template=("collection/%s/{part}" %
flow_id),
)))
])
if rekall_session.get("also_upload_files"):
flow.file_upload = dict(__type__="FileUploadLocation",
flow_id=flow_id,
base=html.URL(c="api",
f='control/file_upload',
host=True))
db.flows.insert(
flow_id=flow_id,
client_id=client_id,
status=agent.FlowStatus.from_keywords(timestamp=time.time(),
client_id=client_id,
flow_id=flow_id,
status="Pending"),
creator=utils.get_current_username(current),
flow=flow,
timestamp=flow.created_time.timestamp,
)
firebase.notify_client(client_id)
audit.log(current,
"FlowLaunchPlugin",
flow_id=flow_id,
plugin=plugin,
client_id=client_id)
return {}