def __create_threshold_ticket(data, thres): service = Service.objects.filter(id=data[1]).last() defendant = Defendant.objects.filter(customerId=data[0]).last() ticket = database.create_ticket(defendant, thres.category, service) database.log_action_on_ticket( ticket=ticket, action='create_threshold', threshold_count=thres.threshold, threshold_interval=thres.interval, ) return ticket
def create_ticket(report, denied_by=None, attach_new=False): """ Create a `abuse.models.Ticket` """ ticket = database.create_ticket(report.defendant, report.category, report.service, priority=report.provider.priority, attach_new=attach_new) database.log_action_on_ticket( ticket=ticket, action='attach_report', new_ticket=True, report=report ) if denied_by: user = User.objects.get(id=denied_by) database.log_action_on_ticket( ticket=ticket, action='deny_phishtocheck', user=user, report=report ) return ticket
def _reinject_validated(report, user): trusted = True ticket = None if all((report.defendant, report.category, report.service)): msg = 'Looking for opened ticket for (%s, %s, %s)' Logger.debug(unicode(msg % (report.defendant.customerId, report.category.name, report.service.name))) ticket = database.search_ticket(report.defendant, report.category, report.service) # Checking specific processing workflow for workflow in ReportWorkflowFactory.instance.registered_instances: if workflow.identify(report, ticket, is_trusted=trusted) and workflow.apply(report, ticket, trusted, False): Logger.debug(unicode('Specific workflow %s applied' % (str(workflow.__class__.__name__)))) return # Create ticket if trusted new_ticket = False if not ticket: ticket = database.create_ticket(report.defendant, report.category, report.service, priority=report.provider.priority) new_ticket = True if ticket: report.ticket = Ticket.objects.get(id=ticket.id) report.status = 'Attached' report.save() database.set_ticket_higher_priority(report.ticket) database.log_action_on_ticket( ticket=ticket, action='attach_report', report=report, new_ticket=new_ticket, user=user ) try: __send_ack(report, lang='EN') except MailerServiceException as ex: raise MailerServiceException(ex)
def __create_with_services(abuse_report, filename, services): """ Create report(s), ticket(s), item(s), defendant(s), service(s), attachment(s) in Cerberus :param `ParsedEmail` abuse_report: The `ParsedEmail` :param str filename: The filename of the email :param dict services: The identified service(s) (see adapters/dao/customer/abstract.py) :rtype: list :returns: The list of Cerberus `abuse.models.Report` created """ created_reports = [] for data in services: # For identified (service, defendant, items) tuple report = __create_without_services(abuse_report, filename) created_reports.append(report) report.defendant = data['defendant'] report.service = data['service'] report.save() if report.status == 'Archived': # because autoarchive tag continue _, attach_only, no_phishtocheck = __get_attributes_based_on_tags(report, abuse_report.recipients) __insert_items(report.id, data['items']) # The provider or the way we received the report trusted = True if report.provider.trusted or abuse_report.trusted else False # Looking for existing open ticket for same (service, defendant, category) ticket = None if all((report.defendant, report.category, report.service)): msg = 'Looking for opened ticket for (%s, %s, %s)' Logger.debug(unicode(msg % (report.defendant.customerId, report.category.name, report.service.name))) ticket = database.search_ticket(report.defendant, report.category, report.service) # Checking specific processing workflow is_workflow_applied = False for workflow in ReportWorkflowFactory.instance.registered_instances: if workflow.identify(report, ticket, is_trusted=trusted): is_workflow_applied = workflow.apply(report, ticket, trusted, no_phishtocheck) if is_workflow_applied: database.set_report_specificworkflow_tag(report, str(workflow.__class__.__name__)) Logger.debug(unicode('Specific workflow %s applied' % str(workflow.__class__.__name__))) break if is_workflow_applied: continue # If attach report only and no ticket found, continue if not ticket and attach_only: report.status = 'Archived' report.save() continue # Create ticket if trusted new_ticket = False if not ticket and trusted: ticket = database.create_ticket(report.defendant, report.category, report.service, priority=report.provider.priority) new_ticket = True if ticket: report.ticket = Ticket.objects.get(id=ticket.id) report.status = 'Attached' report.save() database.set_ticket_higher_priority(report.ticket) database.log_action_on_ticket( ticket=ticket, action='attach_report', report=report, new_ticket=new_ticket ) return created_reports
def create_ticket_from_phishtocheck(report=None, user=None): """ Create/attach report to ticket + block_url + mail to defendant + email to provider :param int report: The id of the `abuse.models.Report` :param int user: The id of the `abuse.models.User` """ if not isinstance(report, Report): try: report = Report.objects.get(id=report) except (AttributeError, ObjectDoesNotExist, TypeError, ValueError): Logger.error(unicode('Report %d cannot be found in DB. Skipping...' % (report))) return if not isinstance(user, User): try: user = User.objects.get(id=user) except (AttributeError, ObjectDoesNotExist, TypeError, ValueError): Logger.error(unicode('User %d cannot be found in DB. Skipping...' % (user))) return # Create/attach to ticket ticket = database.search_ticket(report.defendant, report.category, report.service) new_ticket = False if not ticket: ticket = database.create_ticket(report.defendant, report.category, report.service, priority=report.provider.priority) new_ticket = True utils.scheduler.enqueue_in( timedelta(seconds=settings.GENERAL_CONFIG['phishing']['wait']), 'ticket.timeout', ticket_id=ticket.id, timeout=3600, ) common.get_temp_proofs(ticket, only_urls=True) report.ticket = ticket report.status = 'Attached' report.save() database.log_action_on_ticket( ticket=ticket, action='attach_report', report=report, new_ticket=new_ticket ) database.log_action_on_ticket( ticket=ticket, action='validate_phishtocheck', user=user, report=report ) # Sending email to provider if settings.TAGS['no_autoack'] not in report.provider.tags.all().values_list('name', flat=True): common.send_email( ticket, [report.provider.email], settings.CODENAMES['ack_received'], acknowledged_report_id=report.id, ) utils.default_queue.enqueue('phishing.block_url_and_mail', ticket_id=ticket.id, report_id=report.id) return ticket
def __create_contact_tickets(services, campaign_name, ip_address, category, email_subject, email_body, user): # Create fake report report_subject = 'Campaign %s for ip %s' % (campaign_name, ip_address) report_body = 'Campaign: %s\nIP Address: %s\n' % (campaign_name, ip_address) filename = hashlib.sha256(report_body.encode('utf-8')).hexdigest() __save_email(filename, report_body) for data in services: # For identified (service, defendant, items) tuple actions = [] # Create report report = Report.objects.create(**{ 'provider': database.get_or_create_provider('mass_contact'), 'receivedDate': datetime.now(), 'subject': report_subject, 'body': report_body, 'category': category, 'filename': filename, 'status': 'Archived', 'defendant': database.get_or_create_defendant(data['defendant']), 'service': database.get_or_create_service(data['service']), }) database.log_new_report(report) # Create item item_dict = {'itemType': 'IP', 'report_id': report.id, 'rawItem': ip_address} item_dict.update(utils.get_reverses_for_item(ip_address, nature='IP')) ReportItem.objects.create(**item_dict) # Create ticket ticket = database.create_ticket( report.defendant, report.category, report.service, priority=report.provider.priority, attach_new=False, ) database.add_mass_contact_tag(ticket, campaign_name) actions.append({'ticket': ticket, 'action': 'create_masscontact', 'campaign_name': campaign_name}) actions.append({'ticket': ticket, 'action': 'change_treatedby', 'new_value': user.username}) report.ticket = ticket report.save() Logger.debug(unicode( 'ticket %d successfully created for (%s, %s)' % (ticket.id, report.defendant.customerId, report.service.name) )) # Send email to defendant __send_mass_contact_email(ticket, email_subject, email_body) actions.append({'ticket': ticket, 'action': 'send_email', 'email': report.defendant.details.email}) # Close ticket/report ticket.resolution = Resolution.objects.get(codename=settings.CODENAMES['fixed_customer']) ticket.previousStatus = ticket.status ticket.status = 'Closed' ticket.save() actions.append({ 'ticket': ticket, 'action': 'change_status', 'previous_value': ticket.previousStatus, 'new_value': ticket.status, 'close_reason': ticket.resolution.codename }) for action in actions: database.log_action_on_ticket(**action)