def get_language_contents(request, object_ref):
try:
#表示する長さ
object_modified = request.GET['object_modified']
objects = StixLanguageContents.objects.filter(
Q(object_ref=object_ref)
& Q(object_modified=object_modified)).order_by('-modified')
language_contents = []
for o_ in objects:
language_contents.append(o_.object_)
resp = get_normal_response_json()
resp['data'] = language_contents
return JsonResponse(resp)
except Exception as e:
traceback.print_exc()
return error(e)
def attaches(request):
try:
if request.method != 'GET':
return HttpResponseNotAllowed(['GET'])
package_id = get_attaches_package_id(request)
if package_id is None:
return HttpResponseNotFound()
try:
stix_file = StixFiles.objects.get(package_id=package_id)
d = get_return_dictionary_from_stix_file_document(stix_file)
return JsonResponse(d, safe=False)
except DoesNotExist:
return HttpResponseNotFound()
except Exception as e:
import traceback
traceback.print_exc()
return error(e)
def language_contents(request):
try:
if request.method != 'GET':
return HttpResponseNotAllowed(['GET'])
object_ref = request.GET['object_ref']
object_modified = request.GET['object_modified']
objects = StixLanguageContents.objects.filter(
Q(object_ref=object_ref)
& Q(object_modified=object_modified)).order_by('-modified')
language_contents = []
for o_ in objects:
language_contents.append(o_.object_)
resp = get_normal_response_json()
resp['data'] = language_contents
return JsonResponse(resp)
except Exception as e:
traceback.print_exc()
return error(e)
def content(request):
try:
#GET 以外はエラー
if request.method != 'GET':
return HttpResponseNotAllowed(['GET'])
#引数取得
package_id = get_content_original_package_id(request)
if package_id is None:
print '/api/v1/sns/content package_id is None.'
return HttpResponseNotFound()
stix_file = StixFiles.objects.get(package_id=package_id)
return JsonResponse(get_return_dictionary_from_stix_file_document(
stix_file, content=True),
safe=False)
except Exception as e:
import traceback
traceback.print_exc()
return error(e)
def related_packages(request):
try:
if request.method != 'GET':
return HttpResponseNotAllowed(['GET'])
original_package_id = get_comments_original_package_id(request)
if original_package_id is None:
return HttpResponseNotFound()
related_packages_list = []
for stix_file in StixFiles.objects(
related_packages=original_package_id):
related_packages_list.append(
get_return_dictionary_from_stix_file_document(stix_file))
return JsonResponse(related_packages_list, safe=False)
except Exception as e:
import traceback
traceback.print_exc()
return error(e)
def tags(request):
try:
suggest_list = []
if request.method != 'GET':
return HttpResponseNotAllowed(['GET'])
word = request.GET.get('word')
if not word or len(word) < SUGGEST_MIN_LENGTH:
return JsonResponse(suggest_list, safe=False)
if word[0] != '#':
return JsonResponse(suggest_list, safe=False)
tags = Tags.objects.filter(
tag__istartswith=word).order_by('tag').limit(SUGGEST_LIMIT)
for tag in tags:
suggest_list.append(tag.tag)
return JsonResponse(suggest_list, safe=False)
except Exception as e:
import traceback
traceback.print_exc()
return error(e)
def latest_package_list(request):
DEFAULT_LATEST_NUM = 10
try:
if request.method != 'GET':
return HttpResponseNotAllowed(['GET'])
try:
num = int(request.GET['num'])
except BaseException:
num = DEFAULT_LATEST_NUM
resp = get_normal_response_json()
resp['data'] = []
for stix_file in StixFiles.objects.order_by('-produced')[:num]:
resp['data'].append(stix_file.get_rest_api_document_info())
return JsonResponse(resp)
except Exception as e:
traceback.print_exc()
return error(e)
def related_packages(request):
try:
#GET 以外はエラー
if request.method != 'GET':
return HttpResponseNotAllowed(['GET'])
#引数取得
original_package_id = get_comments_original_package_id(request)
if original_package_id is None:
print '/api/v1/sns/related_packages package_id is None.'
return HttpResponseNotFound()
l = []
#original_package_id を related_packages リスト要素に含む stix_fileを返却
for stix_file in StixFiles.objects(
related_packages=original_package_id):
l.append(get_return_dictionary_from_stix_file_document(stix_file))
return JsonResponse(l, safe=False)
except Exception as e:
import traceback
traceback.print_exc()
return error(e)
def stix_file_l1_info(request, package_id):
try:
if request.method != 'GET':
return HttpResponseNotAllowed(['GET'])
caches = ObservableCaches.objects.filter(package_id=package_id)
data = []
for cache in caches:
r = {
'type': cache.type,
'value': cache.value,
'observable_id': cache.observable_id,
}
data.append(r)
resp = get_normal_response_json()
resp['data'] = data
return JsonResponse(resp)
except Exception as e:
traceback.print_exc()
return error(e)
def likers(request):
try:
#GET 以外はエラー
if request.method != 'GET':
return HttpResponseNotAllowed(['GET'])
#引数取得
original_package_id = get_comments_original_package_id(request)
if original_package_id is None:
print '/api/v1/sns/likers package_id is None.'
return HttpResponseNotFound()
liker_dict = {}
#original_package_id を related_packages リスト要素に含む stix_fileを返却
for stix_file in StixFiles.objects(
Q(related_packages=original_package_id)
& Q(sns_type=StixFiles.STIP_SNS_TYPE_LIKE)):
liker = stix_file.get_unique_name()
if liker is not None:
if liker_dict.has_key(liker):
liker_dict[liker] += 1
else:
liker_dict[liker] = 1
#original_package_id を related_packages リスト要素に含む stix_fileを返却
for stix_file in StixFiles.objects(
Q(related_packages=original_package_id)
& Q(sns_type=StixFiles.STIP_SNS_TYPE_UNLIKE)):
unliker = stix_file.get_unique_name()
if unliker is not None:
if liker_dict.has_key(unliker):
liker_dict[unliker] -= 1
else:
liker_dict[unliker] = -1
likers = []
for liker, value in liker_dict.iteritems():
if value == 1:
likers.append(liker)
return JsonResponse(likers, safe=False)
except Exception as e:
import traceback
traceback.print_exc()
return error(e)
def content(request):
try:
# GET 以外はエラー
if request.method != 'GET':
return HttpResponseNotAllowed(['GET'])
# 引数取得
package_id = get_content_original_package_id(request)
version = get_content_version(request)
if package_id is None:
print('/api/v1/sns/content package_id is None.')
return HttpResponseNotFound()
stix_file = StixFiles.objects.get(package_id=package_id)
doc = _get_stix_file_document(stix_file)
if not version:
return JsonResponse(doc, safe=False)
if stix_file.version.startswith('1.'):
if version.startswith('2.'):
content = stix_file.get_elevate_21()
doc['content'] = content
doc['version'] = '2.1'
elif stix_file.version == '2.0':
if version == '2.1':
content = stix_file.get_elevate_21()
doc['content'] = content
doc['version'] = '2.1'
elif version.startswith('1.'):
content = stix_file.get_slide_12()
doc['content'] = content
doc['version'] = '1.2'
elif stix_file.version == '2.1':
if version.startswith('1.'):
content = stix_file.get_slide_12()
doc['content'] = content
doc['version'] = '1.2'
return JsonResponse(doc, safe=False)
except Exception as e:
import traceback
traceback.print_exc()
return error(e)
def share_misp(request):
try:
if request.method != 'GET':
return HttpResponseNotAllowed(['GET'])
package_id = get_package_id_from_get_argument(request)
mc = MispUploadAdapterControl()
j = mc.upload_misp(package_id)
event_id = j['Event']['id']
misp_conf = MispAdapter.get()
tmp_url = misp_conf.url
if tmp_url[-1] != '/':
tmp_url += '/'
url = '%sevents/view/%s' % (tmp_url, event_id)
r = {}
r['url'] = url
return JsonResponse(r, safe=False)
except Exception as e:
import traceback
traceback.print_exc()
return error(e)
def latest_stix_count_by_community(request):
LASTEST_DAYS_KEY = 'latest_days'
DEFAULT_LATEST_DAYS = 7
try:
if request.method != 'GET':
return HttpResponseNotAllowed(['GET'])
try:
latest_days = int(request.GET[LASTEST_DAYS_KEY])
except BaseException:
latest_days = DEFAULT_LATEST_DAYS
resp = get_normal_response_json()
resp['data'] = []
for community in Communities.objects.all():
count = count_by_community(community, latest_days)
d = {'community': community.name, 'count': count}
resp['data'].append(d)
return JsonResponse(resp)
except Exception as e:
traceback.print_exc()
return error(e)
def package_list(request):
REQUIRED_COMMENT_KEY = 'required_comment'
LIMIT_KEY = 'limit'
ORDER_BY_KEY = 'order_by'
DEFAULT_ORDER_BY = 'package_name'
try:
if request.method != 'GET':
return HttpResponseNotAllowed(['GET'])
required_comment = False
if (REQUIRED_COMMENT_KEY in request.GET):
if request.GET[REQUIRED_COMMENT_KEY].lower() == 'true':
required_comment = True
stix_files = StixFiles.objects.filter()
if (ORDER_BY_KEY in request.GET):
try:
stix_files = stix_files.order_by(request.GET[ORDER_BY_KEY])
except BaseException:
stix_files = stix_files.order_by(DEFAULT_ORDER_BY)
else:
stix_files = stix_files.order_by(DEFAULT_ORDER_BY)
try:
limit = int(request.GET[LIMIT_KEY])
except BaseException:
limit = None
if limit is not None:
stix_files = stix_files[:limit]
rsp_stix_files = []
for stix_file in stix_files:
rsp_stix_files.append(
stix_file.get_rest_api_document_info(required_comment))
resp = get_normal_response_json()
resp['data'] = rsp_stix_files
return JsonResponse(resp)
except Exception as e:
traceback.print_exc()
return error(e)
def comments(request):
try:
# GET 以外はエラー
if request.method != 'GET':
return HttpResponseNotAllowed(['GET'])
# 引数取得
original_package_id = get_comments_original_package_id(request)
if original_package_id is None:
print('/api/v1/sns/comments package_id is None.')
return HttpResponseNotFound()
comments_list = []
# original_package_id を related_packages リスト要素に含み sns_type が comment の stix_fileを返却
for stix_file in StixFiles.objects(
Q(related_packages=original_package_id)
& Q(sns_type=StixFiles.STIP_SNS_TYPE_COMMENT)):
comments_list.append(
get_return_dictionary_from_stix_file_document(stix_file))
return JsonResponse(comments_list, safe=False)
except Exception as e:
import traceback
traceback.print_exc()
return error(e)
def attaches(request):
try:
#GET 以外はエラー
if request.method != 'GET':
return HttpResponseNotAllowed(['GET'])
#引数取得
package_id = get_attaches_package_id(request)
if package_id is None:
print '/api/v1/sns/attaches package_id is None.'
return HttpResponseNotFound()
try:
stix_file = StixFiles.objects.get(package_id=package_id)
d = get_return_dictionary_from_stix_file_document(stix_file)
return JsonResponse(d, safe=False)
except DoesNotExist:
#該当レコードがなかった
print '/api/v1/sns/attaches DoesNotExist (%s)' % (str(package_id))
return HttpResponseNotFound()
except Exception as e:
import traceback
traceback.print_exc()
return error(e)
def package_name_list(request):
LIMIT_KEY = 'limit'
try:
if request.method != 'GET':
return HttpResponseNotAllowed(['GET'])
stix_files = StixFiles.objects.filter(Q(is_post_sns__ne=False)).only(
'package_name', 'package_id').order_by('package_name')
try:
limit = int(request.GET[LIMIT_KEY])
except BaseException:
limit = None
if limit is not None:
stix_files = stix_files[:limit]
rsp_stix_files = []
for stix_file in stix_files:
rsp_stix_files.append(stix_file.get_rest_api_package_name_info())
resp = get_normal_response_json()
resp['data'] = rsp_stix_files
return JsonResponse(resp)
except Exception as e:
traceback.print_exc()
return error(e)
def search_bundle(request):
SEARCH_KEY_OBJECT_ID = 'match[object_id]'
try:
if request.method != 'GET':
return HttpResponseNotAllowed(['GET'])
package_id_list = []
if SEARCH_KEY_OBJECT_ID in request.GET.keys():
object_id = request.GET[SEARCH_KEY_OBJECT_ID]
doc = _get_document(object_id)
package_id_list.append(doc.package_id)
else:
for doc in StixFiles.objects.filter(
version__startswith='2.').order_by('-modified'):
if doc.package_id not in package_id_list:
package_id_list.append(doc.package_id)
resp = get_normal_response_json()
d = {}
d['package_id_list'] = package_id_list
resp['data'] = d
return JsonResponse(resp, safe=False)
except Exception as e:
import traceback
traceback.print_exc()
return error(e)
def package_list_for_sharing_table(request):
try:
if request.method != 'GET':
return HttpResponseNotAllowed(['GET'])
#認証する
user = authentication(request)
if user is None:
return error(Exception('You have no permission for this operation.'))
#ajax parameter取得
#表示する長さ
iDisplayLength = int(request.GET['iDisplayLength'])
#表示開始位置インデックス
iDisplayStart = int(request.GET['iDisplayStart'])
#検索文字列
sSearch = request.GET['sSearch']
#ソートする列
sort_col = int(request.GET['iSortCol'])
#ソート順番 (desc指定で降順)
sort_dir = request.GET['sSortDir']
order_query = None
SORT_INDEX_PACKAGE_NAME = 3
#pakcage_name
if sort_col == SORT_INDEX_PACKAGE_NAME:
order_query = 'package_name'
#昇順/降順
if order_query is not None:
#descが降順
if sort_dir == 'desc':
order_query = '-' + order_query
#検索対象のコミュニティリストを検索
community_objects = Communities.objects.filter(name__icontains=sSearch)
#検索
objects = StixFiles.objects.filter(
Q(package_name__icontains=sSearch) |
Q(input_community__in=community_objects)) \
.order_by(order_query)
objects = objects.filter(Q(is_post_sns__ne=False))
#検索結果から表示範囲のデータを抽出する
data = []
for d in objects[iDisplayStart:(iDisplayStart + iDisplayLength)]:
r = {}
r['comment'] = d.comment
r['package_name'] = d.package_name
r['package_id'] = d.package_id
try:
r['input_community'] = d.input_community.name
except:
r['input_community'] = ''
data.append(r)
#response data 作成
r_data = {}
r_data['iTotalRecords'] = StixFiles.objects.count()
r_data['iTotalDisplayRecords'] = objects.count()
r_data['data'] = data
resp = get_normal_response_json()
resp['data'] = r_data
return JsonResponse(resp)
except Exception as e:
traceback.print_exc()
return error(e)
def get_stix_file_document_info(request, id_):
try:
doc = StixFiles.objects.get(id=id_)
return api_root.get_rest_api_document_info(doc)
except Exception:
return api_root.error(Exception('The specified id not found.'))
def delete_stix_file_document_info(id_):
try:
api_root.delete_stix_document(id_=id_)
except Exception as e:
return api_root.error(e)
def post_language_contents(request, object_ref, ctirs_auth_user):
try:
j = json.loads(request.body)
# S-TIP Identity 作成する
stip_identity = _get_stip_identname(request.user)
# bundle 作成
bundle = Bundle(stip_identity)
# 参照元の obejct を取得
object_ = get_object(object_ref)
if object_ is None:
return error(
Exception('No document. (object_ref=%s)' % (object_ref)))
for language_content in j['language_contents']:
selector_str = language_content['selector']
content_value = language_content['content']
language = language_content['language']
try:
selector_elems = selector_str.split('.')
last_elem = object_
# selector の 要素をチェックする
if len(selector_elems) == 1:
# selector が . でつながられていない場合
last_selector = selector_str
last_elem = is_exist_objects(selector_str, last_elem)
else:
# selector が . でつながられている場合は最後までたどる
for selector in selector_elems[:-1]:
last_selector = selector
last_elem = is_exist_objects(selector, last_elem)
if last_elem is None:
raise Exception('selector is invalid: ' +
str(selector_str))
if isinstance(last_elem, list):
# 空要素で初期化し、該当 index の要素だけ上書きする
lc_lists = [''] * len(last_elem)
lc_lists[get_list_index_from_selector(
selector_elems[-1])] = content_value
content = lc_lists
selector = '.'.join(selector_elems[:-1])
elif isinstance(last_elem, dict):
# 空辞書で初期化し、該当 index の要素だけ上書きする
content = {}
content[selector_elems[-1]] = content_value
selector = '.'.join(selector_elems[:-1])
else:
# list ではない
content = content_value
selector = last_selector
except Exception as e:
traceback.print_exc()
raise e
contents = {}
contents[language] = {selector: content}
language_content = LanguageContent(
created_by_ref=stip_identity,
object_ref=object_ref,
object_modified=object_['modified'],
contents=contents)
bundle.objects.append(language_content)
# viaを取得
via = Vias.get_via_rest_api_upload(uploader=ctirs_auth_user.id)
community = Communities.get_default_community()
# stixファイルを一時ファイルに出力
stix_file_path = tempfile.mktemp(suffix='.json')
with open(stix_file_path, 'wb+') as fp:
fp.write(bundle.serialize(indent=4, ensure_ascii=False)).encode()
# 登録処理
regist(stix_file_path, community, via)
resp = get_normal_response_json()
bundle_json = json.loads(str(bundle))
resp['data'] = {'bundle': bundle_json}
return JsonResponse(resp, status=201, safe=False)
except Exception as e:
traceback.print_exc()
return error(e)
def wrap(request, *args, **kwargs):
ctirs_auth_user = api_root.authentication(request)
if ctirs_auth_user is None:
return api_root.error(
Exception('You have no permission for this operation.'))
return f(request, *args, **kwargs)
def get_stix_file_package_id_document_info(request, package_id):
try:
doc = StixFiles.objects.get(package_id=package_id)
return api_root.get_rest_api_document_info(doc)
except Exception as _:
return api_root.error(Exception('The specified id not found.'))
def delete_stix_file_package_id_document_info(package_id):
try:
api_root.delete_stix_document(package_id=package_id)
except Exception as e:
return api_root.error(e)
def feeds(request):
try:
# GET 以外はエラー
if request.method != 'GET':
return HttpResponseNotAllowed(['GET'])
# 引数取得
start_time = get_feeds_start_time(request)
last_feed = get_feeds_last_feed(request)
range_big_datetime = get_feeds_range_big_datetime(
request) # 期間範囲指定の大きい方(新しい方)。この時間を含む
range_small_datetime = get_feeds_range_small_datetime(
request) # 期間範囲指定の小さい方(古い方)。この時間を含む
user_id = get_feeds_user_id(request)
instance = get_feeds_instance(request)
content = get_feeds_content(request)
query_string = request.GET.get(key='query_string', default=None)
# index は 0 開始
index = get_feeds_index(request)
size = get_feeds_size(request) # 指定なし時は size = -1
# 返却条件は SNS に返却
QQ = Q(is_post_sns__ne=False)
if last_feed is not None:
# last_feed の指定があった場合 (last_feed より新しい投稿を返却)
QQ &= Q(produced__gt=last_feed)
else:
# last_feed の指定がない場合 (start_timeを最新として古い投稿を返却)
QQ &= Q(produced__lte=start_time)
# range_big_datetime 指定あり
# 最大より古く(<=)
if range_big_datetime is not None:
QQ &= Q(produced__lte=range_big_datetime)
# range_small_datetime 指定あり
# 最小より新しい(>=)
if range_small_datetime is not None:
QQ &= Q(produced__gte=range_small_datetime)
# package_name か post に query_string が含まれているか (大文字小文字区別せず)
if query_string is not None:
# 空白スペース区切りで分割
query_strings = query_string.split(' ')
# 空白スペース区切りで検索文字列が指定されていない場合(検索対象: 投稿/タイトル/ユーザ名/スクリーン名)
if len(query_strings) == 1:
QQ &= (Q(package_name__icontains=query_strings[0])
| Q(post__icontains=query_strings[0])
| Q(sns_user_name__icontains=query_strings[0])
| Q(sns_screen_name__icontains=query_strings[0]))
else:
f_flag = True
for q in query_strings:
if f_flag:
# 空白スペース区切りの場合(検索対象: 投稿/タイトル/ユーザ名/スクリーン名)
query = Q(package_name__icontains=q) | Q(
post__icontains=q) | Q(
sns_user_name__icontains=q) | Q(
sns_screen_name__icontains=q)
f_flag = False
else:
query &= Q(package_name__icontains=q) | Q(
post__icontains=q) | Q(
sns_user_name__icontains=q) | Q(
sns_screen_name__icontains=q)
QQ &= (query)
# user_id が指定の場合はその user_id の投稿のみを抽出
from ctirs.models.rs.models import STIPUser
if user_id is not None:
stip_user = STIPUser.objects.get(id=user_id)
QQ &= (
# SNS 産 STIX なら instance 名とユーザ名が一致した
(Q(is_created_by_sns=True)
& Q(sns_user_name=stip_user.username)
& Q(sns_instance=instance)) |
# SNS 産以外の STIX なら ユーザ名が一致した
(Q(is_created_by_sns__ne=True)
& Q(sns_user_name=stip_user.username)))
else:
# 未定の場合は存在している STIP_USER だけ有効
stip_users = STIPUser.objects.only('id')
stip_user_list = []
for stip_user in stip_users:
stip_user_list.append(stip_user.id)
stip_users_vias = Vias.objects.filter(uploader__in=stip_user_list)
QQ & Q(via__in=stip_users_vias)
# count = 0
feeds_list = []
stix_files = StixFiles.objects(QQ).order_by('-produced').skip(
index).timeout(False)
# サイズ指定がある場合は limit 設定
if size != -1:
stix_files = stix_files.limit(size)
# 指定された数値分 StixFiles から取得する(produced順にソートする かつ is_post_sns が False以外 かつ version が 2.0 以外)
# for stix_file in StixFiles.objects(QQ).order_by('-produced').all().timeout(False):
for stix_file in stix_files:
feeds_list.append(
get_return_dictionary_from_stix_file_document(stix_file,
content=content))
r = {}
r['feeds'] = feeds_list
return JsonResponse(r, safe=False)
except Exception as e:
import traceback
traceback.print_exc()
return error(e)
def l1_info_for_l1table(request):
try:
if request.method != 'GET':
return HttpResponseNotAllowed(['GET'])
iDisplayLength = int(request.GET['iDisplayLength'])
iDisplayStart = int(request.GET['iDisplayStart'])
sSearch = request.GET['sSearch']
sort_col = int(request.GET['iSortCol'])
sort_dir = request.GET['sSortDir']
try:
aliases_str = request.GET['aliases']
alias_lists = json.loads(aliases_str)
except BaseException:
alias_lists = []
order_query = None
SORT_INDEX_TYPE = 0
SORT_INDEX_VALUE = 1
SORT_INDEX_PACKAGE_NAME = 2
SORT_INDEX_TILE = 3
SORT_INDEX_DESCRIPTION = 4
SORT_INDEX_TIMESTAMP = 5
if sort_col == SORT_INDEX_TYPE:
order_query = 'type'
elif sort_col == SORT_INDEX_VALUE:
order_query = 'value'
elif sort_col == SORT_INDEX_PACKAGE_NAME:
order_query = 'package_name'
elif sort_col == SORT_INDEX_TILE:
order_query = 'title'
elif sort_col == SORT_INDEX_DESCRIPTION:
order_query = 'description'
elif sort_col == SORT_INDEX_TIMESTAMP:
order_query = 'produced'
if order_query is not None:
if sort_dir == 'desc':
order_query = '-' + order_query
tmp_sSearches = list(set(sSearch.split(' ')))
if '' in tmp_sSearches:
tmp_sSearches.remove('')
sSearches = []
for item in tmp_sSearches:
sSearches.append(item)
for alias_list in alias_lists:
if item in alias_list:
sSearches.extend(alias_list)
sSearches = list(set(sSearches))
filters = Q()
for sSearch in sSearches:
filters = filters | Q(type__icontains=sSearch)
filters = filters | Q(value__icontains=sSearch)
filters = filters | Q(package_name__icontains=sSearch)
filters = filters | Q(title__icontains=sSearch)
filters = filters | Q(description__icontains=sSearch)
objects = ObservableCaches.objects.filter(filters).order_by(
order_query)
data = []
for d in objects[iDisplayStart:(iDisplayStart + iDisplayLength)]:
r = {}
r['type'] = d.type
r['value'] = d.value
r['package_name'] = d.package_name
r['package_id'] = d.stix_file.package_id
r['title'] = d.title
r['description'] = d.description
r['created'] = str(d.created)
r['stix_v2'] = d.stix_file.is_stix_v2()
r['observable_id'] = d.observable_id
data.append(r)
r_data = {}
r_data['iTotalRecords'] = ObservableCaches.objects.count()
r_data['iTotalDisplayRecords'] = objects.count()
r_data['data'] = data
resp = get_normal_response_json()
resp['data'] = r_data
return JsonResponse(resp)
except Exception as e:
traceback.print_exc()
return error(e)
def query(request):
try:
# GET 以外はエラー
if request.method != 'GET':
return HttpResponseNotAllowed(['GET'])
# 引数取得
size = get_feeds_size(request) # 指定なし時は size = -1
query_string = get_query_query_string(request)
# query_string 未指定時は空リスト返却
if query_string is None:
r = {}
r['feeds'] = []
return JsonResponse(r, safe=False)
# 返却条件は SNS に返却 かつ version 2.0 以外
QQ = Q(is_post_sns__ne=False) & Q(version__ne='2.0')
# 空白スペース区切りで分割
query_strings = query_string.split(' ')
# 空白スペース区切りで検索文字列が指定されていない場合(検索対象: 投稿/タイトル/ユーザ名/スクリーン名)(大文字小文字区別せず)
if len(query_strings) == 1:
QQ &= (Q(package_name__icontains=query_strings[0])
| Q(post__icontains=query_strings[0])
| Q(sns_user_name__icontains=query_strings[0])
| Q(sns_screen_name__icontains=query_strings[0]))
else:
f_flag = True
for q in query_strings:
if f_flag:
# 空白スペース区切りの場合(検索対象: 投稿/タイトル/ユーザ名/スクリーン名)(大文字小文字区別せず)
query = Q(package_name__icontains=q) | Q(
post__icontains=q) | Q(sns_user_name__icontains=q) | Q(
sns_screen_name__icontains=q)
f_flag = False
else:
query &= Q(package_name__icontains=q) | Q(
post__icontains=q) | Q(sns_user_name__icontains=q) | Q(
sns_screen_name__icontains=q)
QQ &= (query)
stix_files = set([])
# Query
for stix_file in StixFiles.objects(QQ).order_by('-produced').timeout(
False):
stix_files.add(stix_file)
# ObservableCache から query_string を含む StixFile の set を作成
for observable_cache in ObservableCaches.objects.filter(
Q(value__icontains=query_string)):
stix_file = StixFiles.objects.get(
package_id=observable_cache.package_id)
stix_files.add(stix_file)
# 時間でソートする
stix_files = sorted(list(stix_files),
key=lambda s: s.produced,
reverse=True)
# サイズ指定がある場合は上位から指定sizeを取得
if size != -1:
stix_files = stix_files[:size]
# 返却データ作成
feeds_list = []
for stix_file in stix_files:
feeds_list.append(
get_return_dictionary_from_stix_file_document(stix_file,
content=content))
r = {}
r['feeds'] = feeds_list
return JsonResponse(r, safe=False)
except Exception as e:
import traceback
traceback.print_exc()
return error(e)
def contents_and_edges(request):
PACKAGE_ID_KEY = 'package_id'
COMPARED_PACKAGE_IDS_KEY = 'compared_package_ids'
EXACT_KEY = 'exact'
SIMILAR_IPV4_KEY = 'similar_ipv4'
SIMILAR_DOMAIN_KEY = 'similar_domain'
try:
if request.method != 'GET':
return HttpResponseNotAllowed(['GET'])
package_id = request.GET[PACKAGE_ID_KEY]
compared_package_ids = request.GET.getlist(COMPARED_PACKAGE_IDS_KEY)
exact = get_boolean_value(request.GET, EXACT_KEY, True)
similar_ipv4 = get_boolean_value(request.GET, SIMILAR_IPV4_KEY, False)
similar_domain = get_boolean_value(request.GET, SIMILAR_DOMAIN_KEY,
False)
edges = []
fuzzy_infos = _get_fuzzy_matched_info(package_id)
for fuzzy_info in fuzzy_infos:
if fuzzy_info.end_node['package_id'] not in compared_package_ids:
continue
start_node = fuzzy_info.start_node
end_node = fuzzy_info.end_node
edge = {
'edge_type': fuzzy_info.reason['title'],
'start_node': start_node,
'end_node': end_node,
'reason': fuzzy_info.reason,
}
edges.append(edge)
if exact:
end_infos = _get_exact_matched_info(package_id)
for end_info in end_infos:
if end_info.package_id not in compared_package_ids:
continue
end_node = {
'package_id': end_info.package_id,
'node_id': end_info.node_id
}
if hasattr(end_info, 'start_collection'):
collection = end_info.start_collection
else:
collection = type(end_info)
if collection == IndicatorV2Caches:
start_caches = collection.objects.filter(
package_id=package_id, pattern=end_info.pattern)
elif collection == LabelCaches:
start_caches = collection.objects.filter(
package_id=package_id, label__iexact=end_info.label)
elif collection == CustomObjectCaches:
if hasattr(end_info, 'start_type'):
start_type = end_info.start_type
else:
start_type = end_info.type
start_caches = collection.objects.filter(
package_id=package_id,
type=start_type,
value=end_info.value)
else:
start_caches = collection.objects.filter(
package_id=package_id,
type=end_info.type,
value=end_info.value)
for start_cache in start_caches:
start_node = {
'package_id': package_id,
'node_id': start_cache.node_id
}
edge = {
'edge_type': EXACT_EDGE_TYPE,
'start_node': start_node,
'end_node': end_node
}
edges.append(edge)
if similar_ipv4:
end_infos = _get_similar_ipv4(package_id)
for end_info in end_infos:
end_cache = end_info['cache']
if end_cache.package_id not in compared_package_ids:
continue
end_node = {
'package_id': end_cache.package_id,
'node_id': end_cache.node_id
}
source_value = end_info['source_value']
start_caches = ObservableCaches.objects.filter(
package_id=package_id,
type=end_cache.type,
value=source_value)
for start_cache in start_caches:
start_node = {
'package_id': package_id,
'node_id': start_cache.node_id
}
edge_type = _get_ipv4_similarity_type(
start_cache, end_cache)
edge = {
'edge_type': edge_type,
'start_node': start_node,
'end_node': end_node
}
edges.append(edge)
if similar_domain:
end_infos = _get_similar_domain(package_id)
for end_info in end_infos:
end_cache = end_info['cache']
if end_cache.package_id not in compared_package_ids:
continue
end_node = {
'package_id': end_cache.package_id,
'node_id': end_cache.node_id
}
source_value = end_info['source_value']
start_caches = ObservableCaches.objects.filter(
package_id=package_id,
type=end_cache.type,
value=source_value)
for start_cache in start_caches:
edge_type = _get_domain_similarity_type(
start_cache, end_cache)
if edge_type is None:
continue
start_node = {
'package_id': package_id,
'node_id': start_cache.node_id
}
edge = {
'edge_type': edge_type,
'start_node': start_node,
'end_node': end_node
}
edges.append(edge)
contents = []
contents.append(_get_contents_item(package_id))
for compared_package_id in compared_package_ids:
contents.append(_get_contents_item(compared_package_id))
data = {}
data['contents'] = contents
data['edges'] = edges
resp = get_normal_response_json()
resp['data'] = data
return JsonResponse(resp)
except Exception as e:
traceback.print_exc()
return error(e)
def feeds(request):
try:
#GET 以外はエラー
if request.method != 'GET':
return HttpResponseNotAllowed(['GET'])
#引数取得
start_time = get_feeds_start_time(request)
last_feed = get_feeds_last_feed(request)
range_big_datetime = get_feeds_range_big_datetime(
request) #期間範囲指定の大きい方(新しい方)。この時間を含む
range_small_datetime = get_feeds_range_small_datetime(
request) #期間範囲指定の小さい方(古い方)。この時間を含む
user_id = get_feeds_user_id(request)
instance = get_feeds_instance(request)
content = get_feeds_content(request)
#index は 0 開始
index = get_feeds_index(request)
size = get_feeds_size(request) #指定なし時は size = -1
#返却条件は SNS に返却 かつ version 2.0 / 2.1 以外
QQ = Q(is_post_sns__ne=False) & Q(version__ne='2.0') & Q(
version__ne='2.1')
if last_feed is not None:
#last_feed の指定があった場合 (last_feed より新しい投稿を返却)
QQ &= Q(produced__gt=last_feed)
else:
#last_feed の指定がない場合 (start_timeを最新として古い投稿を返却)
QQ &= Q(produced__lt=start_time)
#range_big_datetime 指定あり
#最大より古く(<=)
if range_big_datetime is not None:
QQ &= Q(produced__lte=range_big_datetime)
#range_small_datetime 指定あり
#最小より新しい(>=)
if range_small_datetime is not None:
QQ &= Q(produced__gte=range_small_datetime)
#user_id が指定の場合はその user_id の投稿のみを抽出
from ctirs.models.rs.models import STIPUser
if user_id is not None:
stip_user = STIPUser.objects.get(id=user_id)
QQ &= (
#SNS 産 STIX なら instance 名とユーザ名が一致した
(Q(is_created_by_sns=True)
& Q(sns_user_name=stip_user.username)
& Q(sns_instance=instance)) |
#SNS 産以外の STIX なら ユーザ名が一致した
(Q(is_created_by_sns__ne=True)
& Q(sns_user_name=stip_user.username)))
else:
#未定の場合は存在している STIP_USER だけ有効
stip_users = STIPUser.objects.only('id')
stip_user_list = []
for stip_user in stip_users:
stip_user_list.append(stip_user.id)
stip_users_vias = Vias.objects.filter(uploader__in=stip_user_list)
QQ & Q(via__in=stip_users_vias)
#count = 0
l = []
stix_files = StixFiles.objects(QQ).order_by('-produced').skip(
index).timeout(False)
#サイズ指定がある場合は limit 設定
if size != -1:
stix_files = stix_files.limit(size)
#指定された数値分 StixFiles から取得する(produced順にソートする かつ is_post_sns が False以外 かつ version が 2.0 以外)
#for stix_file in StixFiles.objects(QQ).order_by('-produced').all().timeout(False):
for stix_file in stix_files:
l.append(
get_return_dictionary_from_stix_file_document(stix_file,
content=content))
r = {}
r['feeds'] = l
return JsonResponse(r, safe=False)
except Exception as e:
import traceback
traceback.print_exc()
return error(e)
