def create_alias(request): request.session.set_expiry(SESSION_EXPIRY) if request.method != 'POST': return error_page_free_format(request, 'invalid method') error_ = check_allow_configuration_alias_view(request) if error_ is not None: return error_ try: pid = get_configuration_alias_id(request) setting_alias = get_configuration_alias_create_alias(request) if (setting_alias is None or len(setting_alias) == 0): return error_page_free_format(request, 'No Alias.') if (len(setting_alias) > 10240): return error_page_free_format(request, 'Exceeded the max length of Alias.') # alias作成 stip_user = request.user Aliases.objects.create(setting_alias, stip_user, pid) replace_dict = get_common_replace_dict(request) replace_dict['aliases'] = Aliases.objects.filter(user=stip_user) replace_dict['info_msg'] = 'Create or Modify Success!!' # レンダリング return render(request, 'alias.html', replace_dict) except Exception: # エラーページ return error_page(request)
def stix_upload(request): request.session.set_expiry(SESSION_EXPIRY) error_ = check_allow_sharing_view(request) if error_ is not None: return error_ try: # post以外はエラー if request.method != 'POST': # エラー画面 raise Exception('Invalid HTTP Method') package_name = get_sharing_upload_package_name(request) if (len(package_name) > 100): return error_page_free_format( request, 'Exceeded the max length of Package name.') community_id = get_sharing_upload_vendor_id(request) if (community_id is not None and len(community_id) > 100): return error_page_free_format( request, 'Exceeded the max length of Vendor id.') stixes = get_sharing_stix(request) # Ctirsクラスのインスタンスを作成 ctirs = Ctirs(request) ctirs.post_stix_files(community_id, package_name, stixes[0]) # レンダリング(sharingのトップページ) return sharing_view_top(request, 'Upload Success!!') except Exception: return error_page(request)
def delete_taxii(request): request.session.set_expiry(SESSION_EXPIRY) stip_user = request.user # GET以外はエラー if request.method != 'GET': return error_page_free_format(request, 'invalid method') # activeユーザー以外はエラー if not stip_user.is_active: return HttpResponseForbidden('Your account is inactivate.') # adminユーザ以外はエラー if not stip_user.is_admin: return HttpResponseForbidden('You have no permission.') error_ = check_allow_configuration_view(request) if error_ is not None: return error_ try: display_name = get_configuration_taxii_delete_display_name(request) if(display_name is None or len(display_name) == 0): return error_page_free_format(request, 'No Display Name.') taxii = Taxii.objects.get(name=display_name) print(Config.objects.get().default_taxii) if Config.objects.get().default_taxii == taxii: return error_page_free_format(request, 'Cannot Delete A Default Taxii Setting.') taxii.delete() replace_dict = get_common_replace_dict(request) replace_dict['taxiis'] = Taxii.objects.all() replace_dict['info_msg'] = 'Delete Success!!' # レンダリング return render(request, 'taxii.html', replace_dict) except Exception: # エラーページ return error_page(request)
def stix_data_csv_download(request): request.session.set_expiry(SESSION_EXPIRY) error_ = check_allow_sharing_view(request) if error_ is not None: return error_ try: # requestから値取得 package_id = get_sharing_csv_download_package_id(request) if (package_id is None or len(package_id) == 0): return error_page_free_format(request, 'No package_id.') l1_type_list = get_package_l1_info(request, package_id) # ファイルの中身を作成する contents = '' for l1_list in l1_type_list: type_, l_ = l1_list for value in l_: contents += '%s,%s\n' % (type_, value) # ダウンロードファイル名を生成 filename = package_id + '_observables.csv' # CSVデータをStringIO化する output = io.StringIO() output.write(contents) # response作成 response = HttpResponse(output.getvalue(), content_type='text/csv') response['Content-Disposition'] = 'attachment; filename=%s' % ( filename) return response except Exception: return error_page(request)
def system_modify(request): request.session.set_expiry(SESSION_EXPIRY) stip_user = request.user # POST以外はエラー if request.method != 'POST': return error_page_free_format(request, 'invalid method') # activeユーザー以外はエラー if not stip_user.is_active: return HttpResponseForbidden('Your account is inactivate.') # adminユーザ以外はエラー if not stip_user.is_admin: return HttpResponseForbidden('You have no permission.') error_ = check_allow_configuration_view(request) if error_ is not None: return error_ try: default_taxii_name = get_configuration_system_default_taxii(request) path_sharing_policy_specifications = get_configuration_system_sharing_policy_specifications(request) path_bootstrap_css_dir = get_configuration_system_bootstrap_css_dir(request) rs_host = get_configuration_system_rs_host(request) # エラー発生時に更新前のデータを取得 replace_dict = get_success_replace_dict(request) if(len(default_taxii_name) > 100): replace_dict['error_msg'] = 'Exceeded the max length of Default Taxii.' return render(request, 'system.html', replace_dict) if(path_sharing_policy_specifications is None or len(path_sharing_policy_specifications) == 0): replace_dict['error_msg'] = 'No Sharing Policy Specifications File Path.' return render(request, 'system.html', replace_dict) if(len(path_sharing_policy_specifications) > 100): replace_dict['error_msg'] = 'Exceeded the max length of Sharing Policy Specifications File Path.' return render(request, 'system.html', replace_dict) if(rs_host is None or len(rs_host) == 0): replace_dict['error_msg'] = 'No RS: Host.' return render(request, 'system.html', replace_dict) if(path_bootstrap_css_dir is None or len(path_bootstrap_css_dir) == 0): replace_dict['error_msg'] = 'No Bootstrap CSS Directory.' return render(request, 'system.html', replace_dict) if(len(path_bootstrap_css_dir) > 100): replace_dict['error_msg'] = 'Exceeded the max length of Bootstrap CSS Directory.' return render(request, 'system.html', replace_dict) # Config更新 Config.objects.modify_system(default_taxii_name, path_sharing_policy_specifications, path_bootstrap_css_dir, rs_host) # データ更新後のデータを取得 replace_dict = get_success_replace_dict(request) # レンダリング replace_dict['info_msg'] = 'Modify Success!!' return render(request, 'system.html', replace_dict) except Exception: # エラーページ return error_page(request)
def delete_alias(request): request.session.set_expiry(SESSION_EXPIRY) if request.method != 'GET': return error_page_free_format(request, 'invalid method') error_ = check_allow_configuration_alias_view(request) if error_ is not None: return error_ try: pid = get_configuration_alias_id(request) if (pid is None or len(pid) == 0): return error_page_free_format(request, 'No Id.') stip_user = request.user alias = Aliases.objects.get(pk=pid, user=stip_user) alias.delete() replace_dict = get_common_replace_dict(request) replace_dict['aliases'] = Aliases.objects.filter(user=stip_user) replace_dict['info_msg'] = 'Delete Success!!' # レンダリング return render(request, 'alias.html', replace_dict) except Exception: # エラーページ return error_page(request)
def system_view_top(request): request.session.set_expiry(SESSION_EXPIRY) stip_user = request.user # GET以外はエラー if request.method != 'GET': return error_page_free_format(request, 'invalid method') # activeユーザー以外はエラー if not stip_user.is_active: return HttpResponseForbidden('Your account is inactivate.') # adminユーザ以外はエラー if not stip_user.is_admin: return HttpResponseForbidden('You have no permission.') error_ = check_allow_configuration_view(request) if error_ is not None: return error_ try: # レンダリング return render(request, 'system.html', get_success_replace_dict(request)) except Exception: # エラーページ return error_page(request)
def create_taxii(request): request.session.set_expiry(SESSION_EXPIRY) stip_user = request.user # POST以外はエラー if request.method != 'POST': return error_page_free_format(request, 'invalid method') # activeユーザー以外はエラー if not stip_user.is_active: return HttpResponseForbidden('Your account is inactivate.') # adminユーザ以外はエラー if not stip_user.is_admin: return HttpResponseForbidden('You have no permission.') error_ = check_allow_configuration_view(request) if error_ is not None: return error_ try: setting_name = get_configuration_taxii_create_display_name(request) if(setting_name is None or len(setting_name) == 0): return error_page_free_format(request, 'No Display Name.') if(len(setting_name) > 100): return error_page_free_format(request, 'Exceeded the max length of Display Name.') address = get_configuration_taxii_create_address(request) if(address is None or len(address) == 0): return error_page_free_format(request, 'No Address.') if(len(address) > 100): return error_page_free_format(request, 'Exceeded the max length of Address.') try: port = get_configuration_taxii_create_port(request) if(port < 0 or port > 65535): return error_page_free_format(request, 'Invalid port.') except ValueError: return error_page_free_format(request, 'Invalid port.') path = get_configuration_taxii_create_path(request) if(path is None or len(path) == 0): return error_page_free_format(request, 'No Path.') if(len(path) > 100): return error_page_free_format(request, 'Exceeded the max length of Path.') collection = get_configuration_taxii_create_collection(request) if(collection is None or len(collection) == 0): return error_page_free_format(request, 'No Collection.') if(len(collection) > 100): return error_page_free_format(request, 'Exceeded the max length of Collection.') login_id = get_configuration_taxii_create_login_id(request) if(login_id is None or len(login_id) == 0): return error_page_free_format(request, 'No Login ID.') if(len(login_id) > 100): return error_page_free_format(request, 'Exceeded the max length of Login ID.') login_password = get_configuration_taxii_create_login_password(request) if(len(login_password) > 100): return error_page_free_format(request, 'Exceeded the max length of Login Password.') ssl = get_configuration_taxii_create_ssl(request) # taxii作成 Taxii.objects.create(setting_name, address=address, port=port, ssl=ssl, path=path, collection=collection, login_id=login_id, login_password=login_password) replace_dict = get_common_replace_dict(request) replace_dict['taxiis'] = Taxii.objects.all() replace_dict['info_msg'] = 'Create or Modify Success!!' # レンダリング return render(request, 'taxii.html', replace_dict) except Exception: # エラーページ return error_page(request)