def testEmailRawAdd(self):
result = handlers.handle_pasted_eml(EML_DATA, TSRC, None, self.user.username, "Test")
self.assertEqual(result['status'], True)
self.assertEqual(result['data']['x_mailer'],"YahooMailWebService/0.8.121.416")
newdata = ""
for line in EML_DATA.split('\n'):
newdata += line.lstrip() + "\n"
result = handlers.handle_pasted_eml(newdata, TSRC, None, self.user.username, "Test")
self.assertEqual(result['status'], True)
self.assertEqual(result['data']['x_mailer'],"YahooMailWebService/0.8.121.416")
def testEmailRawAdd(self):
result = handlers.handle_pasted_eml(EML_DATA, TSRC, None, self.user,
"Test")
self.assertEqual(result['status'], True)
self.assertEqual(result['data']['x_mailer'],
"YahooMailWebService/0.8.121.416")
newdata = ""
for line in EML_DATA.split('\n'):
newdata += line.lstrip() + "\n"
result = handlers.handle_pasted_eml(newdata, TSRC, None, self.user,
"Test")
self.assertEqual(result['status'], True)
self.assertEqual(result['data']['x_mailer'],
"YahooMailWebService/0.8.121.416")
def obj_create(self, bundle, **kwargs):
"""
Handles creating Emails through the API.
:param bundle: Bundle containing the information to create the Campaign.
:type bundle: Tastypie Bundle object.
:returns: Bundle object.
:raises BadRequest: If a type_ is not provided or creation fails.
"""
analyst = bundle.request.user.username
type_ = bundle.data.get('upload_type', None)
if not type_:
raise BadRequest('You must specify the upload type.')
elif type_ not in ('eml', 'msg', 'raw', 'yaml', 'fields'):
raise BadRequest('Unknown or unsupported upload type.')
# Remove this so it doesn't get included with the fields upload
del bundle.data['upload_type']
result = None
# Extract common information
source = bundle.data.get('source', None)
reference = bundle.data.get('reference', None)
campaign = bundle.data.get('campaign', None)
confidence = bundle.data.get('confidence', None)
if type_ == 'eml':
file_ = bundle.data.get('filedata', None)
if not file_:
raise BadRequest('No file uploaded.')
filedata = file_.read()
result = handle_eml(filedata, source, reference, analyst, 'Upload',
campaign, confidence)
if type_ == 'msg':
raw_email = bundle.data.get('filedata', None)
password = bundle.data.get('password', None)
result = handle_msg(raw_email, source, reference, analyst,
'Upload', password, campaign, confidence)
if type_ == 'raw':
raw_email = bundle.data.get('filedata', None)
result = handle_pasted_eml(raw_email, source, reference, analyst,
'Upload', campaign, confidence)
if type_ == 'yaml':
yaml_data = bundle.data.get('filedata', None)
email_id = bundle.data.get('email_id', None)
save_unsupported = bundle.data.get('save_unsupported', False)
result = handle_yaml(yaml_data, source, reference, analyst,
'Upload', email_id, save_unsupported,
campaign, confidence)
if type_ == 'fields':
fields = bundle.data
result = handle_email_fields(fields, analyst, 'Upload')
if not result:
raise BadRequest('No upload type found.')
if not result['status']:
raise BadRequest(result['reason'])
else:
return bundle
def email_raw_add(request):
"""
Upload an email using Raw. Should be an AJAX POST.
:param request: Django request object (Required)
:type request: :class:`django.http.HttpRequest`
:returns: :class:`django.http.HttpResponse`
"""
fields_form = EmailRawUploadForm(request.user, request.POST)
json_reply = {
'form': fields_form.as_table(),
'success': False,
'message': ""
}
if request.method != "POST":
message = "Must submit via POST"
if request.is_ajax():
json_reply['message'] = message
return HttpResponse(json.dumps(json_reply), mimetype="application/json")
else:
return render_to_response('error.html', {'error': message}, RequestContext(request))
if not fields_form.is_valid():
message = "Form is invalid."
if request.is_ajax():
json_reply['message'] = message
return HttpResponse(json.dumps(json_reply), mimetype="application/json")
else:
return render_to_response('error.html', {'error': message}, RequestContext(request))
method = "Raw Upload"
if fields_form.cleaned_data['source_method']:
method = method + " - " + fields_form.cleaned_data['source_method']
obj = handle_pasted_eml(fields_form.cleaned_data['raw_email'],
fields_form.cleaned_data['source'],
fields_form.cleaned_data['source_reference'],
request.user.username,
method,
campaign=fields_form.cleaned_data['campaign'],
confidence=fields_form.cleaned_data['campaign_confidence'],
bucket_list=fields_form.cleaned_data['bucket_list'],
ticket=fields_form.cleaned_data['ticket'])
if not obj['status']:
if request.is_ajax():
json_reply['message'] = obj['reason']
return HttpResponse(json.dumps(json_reply), mimetype="application/json")
else:
return render_to_response('error.html', {'error': obj['reason']}, RequestContext(request))
if request.is_ajax():
json_reply['success'] = True
del json_reply['form']
json_reply['message'] = 'Email uploaded successfully. <a href="%s">View email.</a>' % reverse('crits.emails.views.email_detail', args=[obj['object'].id])
return HttpResponse(json.dumps(json_reply), mimetype="application/json")
else:
return HttpResponseRedirect(reverse('crits.emails.views.email_detail', args=[obj['object'].id]))
def email_raw_add(request):
"""
Upload an email using Raw. Should be an AJAX POST.
:param request: Django request object (Required)
:type request: :class:`django.http.HttpRequest`
:returns: :class:`django.http.HttpResponse`
"""
fields_form = EmailRawUploadForm(request.user, request.POST)
json_reply = {"form": fields_form.as_table(), "success": False, "message": ""}
if request.method != "POST":
message = "Must submit via POST"
if request.is_ajax():
json_reply["message"] = message
return HttpResponse(json.dumps(json_reply), mimetype="application/json")
else:
return render_to_response("error.html", {"error": message}, RequestContext(request))
if not fields_form.is_valid():
message = "Form is invalid."
if request.is_ajax():
json_reply["message"] = message
return HttpResponse(json.dumps(json_reply), mimetype="application/json")
else:
return render_to_response("error.html", {"error": message}, RequestContext(request))
method = "Raw Upload"
if fields_form.cleaned_data["source_method"]:
method = method + " - " + fields_form.cleaned_data["source_method"]
obj = handle_pasted_eml(
fields_form.cleaned_data["raw_email"],
fields_form.cleaned_data["source"],
fields_form.cleaned_data["source_reference"],
request.user.username,
method,
campaign=fields_form.cleaned_data["campaign"],
confidence=fields_form.cleaned_data["campaign_confidence"],
)
if not obj["status"]:
if request.is_ajax():
json_reply["message"] = obj["reason"]
return HttpResponse(json.dumps(json_reply), mimetype="application/json")
else:
return render_to_response("error.html", {"error": obj["reason"]}, RequestContext(request))
if request.is_ajax():
json_reply["success"] = True
del json_reply["form"]
json_reply["message"] = 'Email uploaded successfully. <a href="%s">View email.</a>' % reverse(
"crits.emails.views.email_detail", args=[obj["object"].id]
)
return HttpResponse(json.dumps(json_reply), mimetype="application/json")
else:
return HttpResponseRedirect(reverse("crits.emails.views.email_detail", args=[obj["object"].id]))
def email_raw_add(request):
"""
Upload an email using Raw. Should be an AJAX POST.
:param request: Django request object (Required)
:type request: :class:`django.http.HttpRequest`
:returns: :class:`django.http.HttpResponse`
"""
raw_form = EmailRawUploadForm(request.user, request.POST)
user = request.user
json_reply = {'form': raw_form.as_table(), 'success': False}
if request.method != "POST":
message = "Must submit via POST"
else:
if not raw_form.is_valid():
message = "Form is invalid."
elif not user.has_access_to(EmailACL.WRITE):
message = "User does not have permission to add email."
else:
form_data = raw_form.cleaned_data
method = "Raw Upload"
if form_data['source_method']:
method = method + " - " + form_data['source_method']
result = handle_pasted_eml(
form_data['raw_email'], form_data['source_name'],
form_data['source_reference'], form_data['source_method'],
form_data['source_tlp'], user, form_data['campaign'],
form_data['campaign_confidence'], form_data['bucket_list'],
form_data['ticket'], form_data['related_id'],
form_data['related_type'], form_data['relationship_type'])
if result['status']:
redirect = reverse('crits-emails-views-email_detail',
args=[result['object'].id])
if not request.is_ajax():
return HttpResponseRedirect(redirect)
json_reply['success'] = True
del json_reply['form']
message = 'Email uploaded successfully'
if result.get('reason'):
message += ', but %s' % result['reason']
message += ('. <a href="%s">View email.</a>' % redirect)
else:
message = result['reason']
if request.is_ajax():
json_reply['message'] = message
return HttpResponse(json.dumps(json_reply),
content_type="application/json")
else:
return render(request, 'error.html', {'error': message})
def obj_create(self, bundle, **kwargs):
"""
Handles creating Emails through the API.
:param bundle: Bundle containing the information to create the Campaign.
:type bundle: Tastypie Bundle object.
:returns: HttpResponse.
"""
analyst = bundle.request.user.username
type_ = bundle.data.get('upload_type', None)
content = {'return_code': 1,
'type': 'Email',
'message': ''}
if not type_:
content['message'] = 'You must specify the upload type.'
self.crits_response(content)
elif type_ not in ('eml', 'msg', 'raw', 'yaml', 'fields'):
content['message'] = 'Unknown or unsupported upload type.'
self.crits_response(content)
# Remove this so it doesn't get included with the fields upload
del bundle.data['upload_type']
result = None
# Extract common information
source = bundle.data.get('source', None)
method = bundle.data.get('method', '')
reference = bundle.data.get('reference', None)
campaign = bundle.data.get('campaign', None)
confidence = bundle.data.get('confidence', None)
if method:
method = " - " + method
if type_ == 'eml':
file_ = bundle.data.get('filedata', None)
if not file_:
content['message'] = 'No file uploaded.'
self.crits_response(content)
filedata = file_.read()
result = handle_eml(filedata, source, reference,
analyst, 'EML Upload' + method, campaign,
confidence)
if type_ == 'msg':
raw_email = bundle.data.get('filedata', None)
password = bundle.data.get('password', None)
result = handle_msg(raw_email,
source,
reference,
analyst,
'Outlook MSG Upload' + method,
password,
campaign,
confidence)
if type_ == 'raw':
raw_email = bundle.data.get('filedata', None)
result = handle_pasted_eml(raw_email,
source,
reference,
analyst,
'Raw Upload' + method,
campaign,
confidence)
if type_ == 'yaml':
yaml_data = bundle.data.get('filedata', None)
email_id = bundle.data.get('email_id', None)
save_unsupported = bundle.data.get('save_unsupported', False)
result = handle_yaml(yaml_data,
source,
reference,
analyst,
'YAML Upload' + method,
email_id,
save_unsupported,
campaign,
confidence)
if type_ == 'fields':
fields = bundle.data
# Strip these so they don't get put in unsupported_attrs.
del fields['username']
del fields['api_key']
result = handle_email_fields(fields,
analyst,
'Fields Upload')
if result.get('message'):
content['message'] = result.get('message')
if result.get('reason'):
content['message'] += result.get('reason')
if result.get('obj_id'):
content['id'] = result.get('obj_id', '')
elif result.get('object'):
content['id'] = str(result.get('object').id)
if content.get('id'):
url = reverse('api_dispatch_detail',
kwargs={'resource_name': 'emails',
'api_name': 'v1',
'pk': content.get('id')})
content['url'] = url
if result['status']:
content['return_code'] = 0
self.crits_response(content)
def email_raw_add(request):
"""
Upload an email using Raw. Should be an AJAX POST.
:param request: Django request object (Required)
:type request: :class:`django.http.HttpRequest`
:returns: :class:`django.http.HttpResponse`
"""
raw_form = EmailRawUploadForm(request.user, request.POST)
user = request.user
json_reply = {
'form': raw_form.as_table(),
'success': False
}
if request.method != "POST":
message = "Must submit via POST"
else:
if not raw_form.is_valid():
message = "Form is invalid."
elif not user.has_access_to(EmailACL.WRITE):
message = "User does not have permission to add email."
else:
form_data = raw_form.cleaned_data
method = "Raw Upload"
if form_data['source_method']:
method = method + " - " + form_data['source_method']
result = handle_pasted_eml(form_data['raw_email'],
form_data['source_name'],
form_data['source_reference'],
form_data['source_method'],
form_data['source_tlp'],
request.user,
form_data['campaign'],
form_data['campaign_confidence'],
form_data['bucket_list'],
form_data['ticket'],
form_data['related_id'],
form_data['related_type'],
form_data['relationship_type'])
if result['status']:
redirect = reverse('crits.emails.views.email_detail',
args=[result['object'].id])
if not request.is_ajax():
return HttpResponseRedirect(redirect)
json_reply['success'] = True
del json_reply['form']
message = 'Email uploaded successfully'
if result.get('reason'):
message += ', but %s' % result['reason']
message += ('. <a href="%s">View email.</a>' % redirect)
else:
message = result['reason']
if request.is_ajax():
json_reply['message'] = message
return HttpResponse(json.dumps(json_reply),
content_type="application/json")
else:
return render_to_response('error.html',
{'error': message},
RequestContext(request))
def obj_create(self, bundle, **kwargs):
"""
Handles creating Emails through the API.
:param bundle: Bundle containing the information to create the Campaign.
:type bundle: Tastypie Bundle object.
:returns: Bundle object.
:raises BadRequest: If a type_ is not provided or creation fails.
"""
analyst = bundle.request.user.username
type_ = bundle.data.get('upload_type', None)
if not type_:
raise BadRequest('You must specify the upload type.')
elif type_ not in ('eml', 'msg', 'raw', 'yaml', 'fields'):
raise BadRequest('Unknown or unsupported upload type.')
# Remove this so it doesn't get included with the fields upload
del bundle.data['upload_type']
result = None
# Extract common information
source = bundle.data.get('source', None)
reference = bundle.data.get('reference', None)
campaign = bundle.data.get('campaign', None)
confidence = bundle.data.get('confidence', None)
if type_ == 'eml':
file_ = bundle.data.get('filedata', None)
if not file_:
raise BadRequest('No file uploaded.')
filedata = file_.read()
result = handle_eml(filedata, source, reference,
analyst, 'Upload', campaign,
confidence)
if type_ == 'msg':
raw_email = bundle.data.get('filedata', None)
password = bundle.data.get('password', None)
result = handle_msg(raw_email,
source,
reference,
analyst,
'Upload',
password,
campaign,
confidence)
if type_ == 'raw':
raw_email = bundle.data.get('filedata', None)
result = handle_pasted_eml(raw_email,
source,
reference,
analyst,
'Upload',
campaign,
confidence)
if type_ == 'yaml':
yaml_data = bundle.data.get('filedata', None)
email_id = bundle.data.get('email_id', None)
save_unsupported = bundle.data.get('save_unsupported', False)
result = handle_yaml(yaml_data,
source,
reference,
analyst,
'Upload',
email_id,
save_unsupported,
campaign,
confidence)
if type_ == 'fields':
fields = bundle.data
result = handle_email_fields(fields,
analyst,
'Upload')
if not result:
raise BadRequest('No upload type found.')
if not result['status']:
raise BadRequest(result['reason'])
else:
return bundle