Esempio n. 1
0
def add_results(object_type, object_id, analysis_id, result, type_, subtype,
               analyst):
    """
    Add multiple results to an analysis task.

    :param object_type: The top-level object type.
    :type object_type: str
    :param object_id: The ObjectId to search for.
    :type object_id: str
    :param analysis_id: The ID of the task to update.
    :type analysis_id: str
    :param result: The list of result to append.
    :type result: list of str
    :param type_: The list of result types.
    :type type_: list of str
    :param subtype: The list of result subtypes.
    :type subtype: list of str
    :param analyst: The user updating the results.
    :type analyst: str
    :returns: dict with keys "success" (boolean) and "message" (str) if failed.
    """

    res = {'success': False}
    if not object_type or not object_id or not analysis_id:
        res['message'] = "Must supply object id/type and analysis id."
        return res

    # Validate user can add service results to this TLO.
    klass = class_from_type(object_type)
    sources = user_sources(analyst)
    obj = klass.objects(id=object_id, source__name__in=sources).first()
    if not obj:
        res['message'] = "Could not find object to add results to."
        return res

    if not(result and type_ and subtype):
        res['message'] = "Need a result, type, and subtype to add a result."
        return res

    if not(len(result) == len(type_) == len(subtype)):
        res['message'] = "result, type, and subtype need to be the same length."
        return res

    # Update analysis results
    final_list = []
    for key, r in enumerate(result):
        final = {}
        final['subtype'] = subtype[key]
        final['result'] = r
        tmp = ast.literal_eval(type_[key])
        for k in tmp:
            final[k] = tmp[k]
        final_list.append(final)

    ar = AnalysisResult.objects(analysis_id=analysis_id).first()
    if ar:
        AnalysisResult.objects(id=ar.id).update_one(push_all__results=final_list)
        
    res['success'] = True
    return res
Esempio n. 2
0
def migrate_analysis_results(self):
    from cripts.services.analysis_result import (AnalysisResult,
                                                 AnalysisConfig,
                                                 EmbeddedAnalysisResultLog)
    old_results = getattr(self.unsupported_attrs, 'analysis', None)
    if old_results:
        for result in old_results:
            ar = AnalysisResult()
            ar.analysis_id = result.get('id')
            if ar.analysis_id:
                del result['id']
            config = result.get('config', {})
            ar.config = AnalysisConfig(**config)
            if 'config' in result:
                del result['config']
            logs = result.get('log', None)
            if logs:
                for l in logs:
                    le = EmbeddedAnalysisResultLog(**l)
                    ar.log.append(le)
                del result['log']
            ar.merge(arg_dict=result)
            ar.object_type = self._meta['cripts_type']
            ar.object_id = str(self.id)
            ar.save()
    try:
        del self.unsupported_attrs['analysis']
    except:
        pass
Esempio n. 3
0
def migrate_analysis_results(self):
    from cripts.services.analysis_result import AnalysisResult, AnalysisConfig, EmbeddedAnalysisResultLog

    old_results = getattr(self.unsupported_attrs, "analysis", None)
    if old_results:
        for result in old_results:
            ar = AnalysisResult()
            ar.analysis_id = result.get("id")
            if ar.analysis_id:
                del result["id"]
            config = result.get("config", {})
            ar.config = AnalysisConfig(**config)
            if "config" in result:
                del result["config"]
            logs = result.get("log", None)
            if logs:
                for l in logs:
                    le = EmbeddedAnalysisResultLog(**l)
                    ar.log.append(le)
                del result["log"]
            ar.merge(arg_dict=result)
            ar.object_type = self._meta["cripts_type"]
            ar.object_id = str(self.id)
            ar.save()
    try:
        del self.unsupported_attrs["analysis"]
    except:
        pass
Esempio n. 4
0
def delete_analysis(task_id, analyst):
    """
    Delete analysis results.
    """

    ar = AnalysisResult.objects(id=task_id).first()
    if ar:
        ar.delete(username=analyst)
Esempio n. 5
0
def add_log(object_type, object_id, analysis_id, log_message, level, analyst):
    """
    Add a log entry to an analysis task.

    :param object_type: The top-level object type.
    :type object_type: str
    :param object_id: The ObjectId to search for.
    :type object_id: str
    :param analysis_id: The ID of the task to update.
    :type analysis_id: str
    :param log_message: The log entry to append.
    :type log_message: dict
    :param level: The log level.
    :type level: str
    :param analyst: The user updating the log.
    :type analyst: str
    :returns: dict with keys "success" (boolean) and "message" (str) if failed.
    """

    results = {'success': False}
    if not object_type or not object_id or not analysis_id:
        results['message'] = "Must supply object id/type and analysis id."
        return results

    # Validate user can add service results to this TLO.
    klass = class_from_type(object_type)
    sources = user_sources(analyst)
    obj = klass.objects(id=object_id, source__name__in=sources).first()
    if not obj:
        results['message'] = "Could not find object to add results to."
        return results

    # Update analysis log
    le = EmbeddedAnalysisResultLog()
    le.message = log_message
    le.level = level
    le.datetime = str(datetime.datetime.now())
    ar = AnalysisResult.objects(analysis_id=analysis_id).first()
    if ar:
        AnalysisResult.objects(id=ar.id).update_one(push__log=le)
        results['success'] = True
    else:
        results['message'] = "Could not find task to add log to."
    return results
Esempio n. 6
0
def finish_task(object_type, object_id, analysis_id, status, analyst):
    """
    Finish a task by setting its status to "completed" and setting the finish
    date.

    :param object_type: The top-level object type.
    :type object_type: str
    :param object_id: The ObjectId to search for.
    :type object_id: str
    :param analysis_id: The ID of the task to update.
    :type analysis_id: str
    :param status: The status of the task.
    :type status: str ("error", "completed")
    :param analyst: The user updating the log.
    :type analyst: str
    :returns: dict with keys "success" (boolean) and "message" (str) if failed.
    """

    results = {'success': False}
    if not status:
        status = "completed"
    if status not in ('error', 'completed'):
        status = "completed"
    if not object_type or not object_id or not analysis_id:
        results['message'] = "Must supply object id/type and analysis id."
        return results

    # Validate user can add service results to this TLO.
    klass = class_from_type(object_type)
    sources = user_sources(analyst)
    obj = klass.objects(id=object_id, source__name__in=sources).first()
    if not obj:
        results['message'] = "Could not find object to add results to."
        return results

    # Update analysis log
    date = str(datetime.datetime.now())
    ar = AnalysisResult.objects(analysis_id=analysis_id).first()
    if ar:
        AnalysisResult.objects(id=ar.id).update_one(set__status=status,
                                                    set__finish_date=date)
    results['success'] = True
    return results
Esempio n. 7
0
def refresh_services(request, cripts_type, identifier):
    """
    Refresh the Analysis tab with the latest information.
    """

    response = {}

    # Verify user can see results.
    sources = user_sources(request.user.username)
    klass = class_from_type(cripts_type)
    if not klass:
        msg = 'Could not find object to refresh!'
        response['success'] = False
        response['html'] = msg
        return HttpResponse(json.dumps(response),
                            content_type="application/json")
    if hasattr(klass, 'source'):
        obj = klass.objects(id=identifier, source__name__in=sources).first()
    else:
        obj = klass.objects(id=identifier).first()
    if not obj:
        msg = 'Could not find object to refresh!'
        response['success'] = False
        response['html'] = msg
        return HttpResponse(json.dumps(response),
                            content_type="application/json")

    # Get analysis results.
    results = AnalysisResult.objects(object_type=cripts_type,
                                     object_id=identifier)

    relationship = {'type': cripts_type, 'value': identifier}

    subscription = {'type': cripts_type, 'id': identifier}

    service_list = get_supported_services(cripts_type)

    response['success'] = True
    response['html'] = render_to_string(
        "services_analysis_listing.html", {
            'relationship': relationship,
            'subscription': subscription,
            'service_results': results,
            'cripts_type': cripts_type,
            'identifier': identifier,
            'service_list': service_list
        }, RequestContext(request))

    return HttpResponse(json.dumps(response), content_type="application/json")
Esempio n. 8
0
def refresh_services(request, cripts_type, identifier):
    """
    Refresh the Analysis tab with the latest information.
    """

    response = {}

    # Verify user can see results.
    sources = user_sources(request.user.username)
    klass = class_from_type(cripts_type)
    if not klass:
        msg = 'Could not find object to refresh!'
        response['success'] = False
        response['html'] = msg
        return HttpResponse(json.dumps(response), content_type="application/json")
    if hasattr(klass, 'source'):
        obj = klass.objects(id=identifier,source__name__in=sources).first()
    else:
        obj = klass.objects(id=identifier).first()
    if not obj:
        msg = 'Could not find object to refresh!'
        response['success'] = False
        response['html'] = msg
        return HttpResponse(json.dumps(response), content_type="application/json")

    # Get analysis results.
    results = AnalysisResult.objects(object_type=cripts_type,
                                     object_id=identifier)

    relationship = {'type': cripts_type,
                    'value': identifier}

    subscription = {'type': cripts_type,
                    'id': identifier}

    service_list = get_supported_services(cripts_type)

    response['success'] = True
    response['html'] = render_to_string("services_analysis_listing.html",
                                        {'relationship': relationship,
                                         'subscription': subscription,
                                         'service_results': results,
                                         'cripts_type': cripts_type,
                                         'identifier': identifier,
                                         'service_list': service_list},
                                        RequestContext(request))

    return HttpResponse(json.dumps(response), content_type="application/json")
Esempio n. 9
0
def insert_analysis_results(task):
    """
    Insert analysis results for this task.
    """

    ar = AnalysisResult()
    tdict = task.to_dict()
    tdict['analysis_id'] = tdict['id']
    del tdict['id']
    ar.merge(arg_dict=tdict)
    ar.save()
Esempio n. 10
0
def analysis_result(request, analysis_id):
    """
    Get the TLO type and object_id and redirect to the details page for that
    TLO.

    :param request: Django request object (Required)
    :type request: :class:`django.http.HttpRequest`
    :param analysis_id: The ObjectId of the AnalysisResult
    :type analysis_id: str
    :returns: :class:`django.http.HttpResponse`
    """

    ar = AnalysisResult.objects(id=analysis_id).first()
    if ar:
        return HttpResponseRedirect(reverse('cripts.core.views.details',
                                            args=(ar.object_type,ar.object_id)))
    else:
        return render_to_response('error.html',
                                  {'error': "No TLO found to redirect to."})
Esempio n. 11
0
def analysis_result(request, analysis_id):
    """
    Get the TLO type and object_id and redirect to the details page for that
    TLO.

    :param request: Django request object (Required)
    :type request: :class:`django.http.HttpRequest`
    :param analysis_id: The ObjectId of the AnalysisResult
    :type analysis_id: str
    :returns: :class:`django.http.HttpResponse`
    """

    ar = AnalysisResult.objects(id=analysis_id).first()
    if ar:
        return HttpResponseRedirect(
            reverse('cripts.core.views.details',
                    args=(ar.object_type, ar.object_id)))
    else:
        return render_to_response('error.html',
                                  {'error': "No TLO found to redirect to."})
Esempio n. 12
0
def update_analysis_results(task):
    """
    Update analysis results for this task.
    """

    # If the task does not currently exist for the given sample in the
    # database, add it.

    found = False
    ar = AnalysisResult.objects(analysis_id=task.task_id).first()
    if ar:
        found = True

    if not found:
        logger.warning("Tried to update a task that didn't exist.")
        insert_analysis_results(task)
    else:
        # Otherwise, update it.
        tdict = task.to_dict()
        tdict['analysis_id'] = tdict['id']
        del tdict['id']

        #TODO: find a better way to do this.
        new_dict = {}
        for k in tdict.iterkeys():
            new_dict['set__%s' % k] = tdict[k]
        try:
            AnalysisResult.objects(id=ar.id).update_one(**new_dict)
        except Exception as e: # assume bad data in 'results'
            task.status = 'error'
            new_dict['set__results'] = []
            le = EmbeddedAnalysisResultLog()
            le.message = 'DB Update Failed: %s' % e
            le.level = 'error'
            le.datetime = str(datetime.datetime.now())
            new_dict['set__log'].append(le)
            try:
                AnalysisResult.objects(id=ar.id).update_one(**new_dict)
            except: # don't know what's wrong, try writing basic log only
                AnalysisResult.objects(id=ar.id).update_one(set__log=[le])