def upload(self, body):
""" upload document """
if self._resource_type == ResourceType.DOCUMENTS:
prop = self._resource_properties['document_upload']
elif self._resource_type == ResourceType.SIGNATURES:
prop = self._resource_properties['signature_upload']
else:
self._tc.tcl.error('Upload requested for wrong resource type.')
raise AttributeError(ErrorCodes.e10330.value)
ro = RequestObject()
ro.set_body(body)
ro.set_content_type('application/octet-stream')
ro.set_description('upload document for "{0}"'.format(self._name))
# determine whether the file contents exist using phase (not 100%)
if self.phase == 1:
ro.set_http_method(prop['http_method'])
else:
ro.set_http_method('PUT')
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_request_uri(prop['uri'].format(self._id))
ro.set_resource_pagination(prop['pagination'])
ro.set_resource_type(self._resource_type)
success_callback = lambda request, response: self.set_contents(request.body)
ro.set_success_callback(success_callback)
self._resource_container.add_commit_queue(self.id, ro)
def add_indicator(self, data, indicator_type = None):
""" filter api results by indicator """
# validation indicator
if not SharedMethods.validate_indicator(self.tc._indicators_regex, data):
raise AttributeError(ErrorCodes.e5010.value.format(data))
# get indicator uri attribute
if indicator_type is None:
indicator_type = SharedMethods.get_resource_type(self.tc._indicators_regex, data)
indicator_uri_attribute = ApiProperties.api_properties[indicator_type.name]['uri_attribute']
prop = self._resource_properties['indicator']
ro = RequestObject()
ro.set_description('api filter by indicator id {0}'.format(data))
ro.set_owner_allowed(prop['owner_allowed'])
# TODO: Check this logic
if self._resource_type == ResourceType.INDICATORS:
ro.set_request_uri(prop['uri'], [indicator_uri_attribute, SharedMethods.urlsafe(data)])
else:
ro.set_request_uri(prop['uri'], [SharedMethods.urlsafe(data)])
ro.set_resource_pagination(prop['pagination'])
ro.set_resource_type(indicator_type)
self._add_request_objects(ro)
def filter_associations(self, base_resource_type, identifier):
"""Get victims associated with base resource object
GET /v2/groups/adversaries/747266/victims
GET /v2/indicators/addresses/4.3.2.1/victims
"""
base_properties = ResourceProperties[base_resource_type.name].value()
request_uri = base_properties.base_path + '/'
request_uri += str(identifier)
request_uri += '/victims'
description = 'Get victim associations for {0} resource ({1}).'.format(
base_resource_type.name.lower(), str(identifier))
filter_type = 'victim association'
ro = RequestObject(
filter_type, '{0}|{1}'.format(base_resource_type.name.lower(), identifier))
ro.set_description(description)
ro.set_owner_allowed(False)
ro.set_resource_pagination(True)
ro.set_request_uri(request_uri)
ro.set_resource_type(ResourceType.VICTIMS)
self._add_request_objects(ro)
def default_request_object(self):
""" default request when only a owner filter is provided """
request_object = RequestObject()
request_object.set_description('filter by owner')
request_object.set_http_method(self._resource_properties['base']['http_method'])
request_object.set_owner_allowed(self._resource_properties['base']['owner_allowed'])
request_object.set_request_uri(self._resource_properties['base']['uri'])
request_object.set_resource_pagination(self._resource_properties['base']['pagination'])
request_object.set_resource_type(self._resource_type)
return request_object
def add_tag(self, tag):
""" add a tag to an indicator """
prop = self._resource_properties['tag_add']
ro = RequestObject()
ro.set_description('add tag "{0}" to "{1}"'.format(tag, self._name))
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_request_uri(prop['uri'].format(self._id, self._urlsafe(tag)))
ro.set_resource_pagination(prop['pagination'])
ro.set_resource_type(self._resource_type)
self._resource_container.add_commit_queue(self.id, ro)
def delete_security_label(self, label):
""" set the security label for this indicator """
prop = self._resource_properties['security_label_delete']
ro = RequestObject()
ro.set_description('delete security label "{0}" from {1}'.format(label, self._name))
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_request_uri(prop['uri'].format(
self._id, self._urlsafe(label)))
ro.set_resource_pagination(prop['pagination'])
ro.set_resource_type(self._resource_type)
self._resource_container.add_commit_queue(self.id, ro)
def delete_attribute(self, attr_id):
""" delete attribute from group by id """
prop = self._resource_properties['attribute_delete']
ro = RequestObject()
ro.set_description('delete attribute id {0} from "{1}"'.format(attr_id, self._name))
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_request_uri(prop['uri'].format(
self._id, attr_id))
ro.set_resource_pagination(prop['pagination'])
ro.set_resource_type(self._resource_type)
self._resource_container.add_commit_queue(self.id, ro)
def delete_tag(self, tag):
""" delete tag from group """
prop = self._resource_properties['tag_delete']
ro = RequestObject()
ro.set_description('delete tag "{0}" from "{1}"'.format(tag, self._name))
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_request_uri(prop['uri'].format(
self._id, self._urlsafe(tag)))
ro.set_resource_pagination(prop['pagination'])
ro.set_resource_type(self._resource_type)
self._resource_container.add_commit_queue(self.id, ro)
def update_asset(self, asset_id, asset_obj):
""" add a asset to a victim """
prop = self._resource_properties['asset_update']
ro = RequestObject()
ro.set_body(asset_obj.gen_body)
ro.set_description('update asset type {0} with to {1}'.format(asset_obj.resource_type, self._name))
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_request_uri(prop['uri'].format(self._id, asset_obj.uri_attribute, asset_id))
ro.set_resource_pagination(prop['pagination'])
ro.set_resource_type(self._resource_type)
self._resource_container.add_commit_queue(self.id, ro)
def associate_victim(self, resource_id):
""" associate victim from group """
prop = self._resource_properties['association_victim_add']
ro = RequestObject()
ro.set_description('associate victim id {0} from "{1}"'.format(
resource_id, self._name))
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_request_uri(prop['uri'].format(
self._id, resource_id))
ro.set_resource_pagination(prop['pagination'])
ro.set_resource_type(self._resource_type)
self._resource_container.add_commit_queue(self.id, ro)
def add_tag(self, data):
""" """
if not isinstance(data, str):
raise AttributeError(ErrorCodes.e4070.value.format(data))
prop = self._resource_properties['tags']
ro = RequestObject()
ro.set_description('api filter by tag "{0}"'.format(data))
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_resource_pagination(prop['pagination'])
ro.set_request_uri(prop['uri'], [SharedMethods.urlsafe(data)])
ro.set_resource_type(self._resource_type)
self._add_request_objects(ro)
def associate_group(self, resource_type, resource_id):
""" associate a group to group by id """
prop = self._resource_properties['association_group_add']
ro = RequestObject()
ro.set_description('associate group type "{0}" id {1} to "{2}"'.format(
resource_type.name, resource_id, self._name))
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_resource_pagination(prop['pagination'])
group_uri_attribute = ApiProperties.api_properties[resource_type.name]['uri_attribute']
ro.set_request_uri(prop['uri'].format(self._id, group_uri_attribute, resource_id))
ro.set_resource_type(self._resource_type)
self._resource_container.add_commit_queue(self.id, ro)
def associate_indicator(self, indicator_type, indicator):
""" associate a group to group by id """
prop = self._resource_properties['association_indicator_add']
ro = RequestObject()
ro.set_description('associate indicator {0} to "{1}"'.format(
indicator, self._name))
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_resource_pagination(prop['pagination'])
indicator_uri_attribute = ApiProperties.api_properties[indicator_type.name]['uri_attribute']
ro.set_request_uri(prop['uri'].format(indicator_uri_attribute, self._urlsafe(indicator), self.id))
ro.set_resource_type(self._resource_type)
self._resource_container.add_commit_queue(self.id, ro)
def add_victim_id(self, data_int):
""" """
if not isinstance(data_int, int):
raise AttributeError(ErrorCodes.e4090.value.format(data_int))
prop = self._resource_properties['victims']
ro = RequestObject()
ro.set_description('api filter by victim id {0}'.format(data_int))
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_resource_pagination(prop['pagination'])
ro.set_request_uri(prop['uri'], [data_int])
ro.set_resource_type(self._resource_type)
self._add_request_objects(ro)
def delete(self):
""" delete indicator """
prop = self._resource_properties['delete']
ro = RequestObject()
ro.set_description('delete group "{0}".'.format(self._name))
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
if self.owner_name is not None:
ro.set_owner(self.owner_name)
ro.set_request_uri(prop['uri'].format(self._id))
ro.set_resource_pagination(prop['pagination'])
ro.set_resource_type(self.resource_type)
self._tc.api_request(ro)
self.set_phase(3)
def commit(self):
""" commit victim and related assets, associations """
r_id = self.id
ro = RequestObject()
ro.set_body(self.gen_body)
ro.set_resource_type(self.resource_type)
prop = self._resource_properties['add']
ro.set_description('adding batchjob')
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_request_uri(prop['uri'].format(self._id))
ro.empty_payload()
if self._phase == 1:
# validate all required fields are present
if self.validate:
api_response = self._tc.api_request(ro)
if api_response.headers['content-type'] == 'application/json':
api_response_dict = api_response.json()
if api_response_dict['status'] == 'Success':
r_id = api_response_dict['data']['batchId']
else:
self._tc.tcl.debug('Resource Object'.format(self))
raise RuntimeError('Cannot commit incomplete resource object')
for ro in self._resource_container.commit_queue(self.id):
# if self.owner_name is not None:
# ro.set_owner(self.owner_name)
# replace the id
if self.id != r_id:
request_uri = str(
ro.request_uri.replace(str(self.id), str(r_id)))
ro.set_request_uri(request_uri)
self._tc.tcl.debug('Replacing {0} with {1}'.format(
self.id, str(r_id)))
self._tc.tcl.debug('RO {0}'.format(ro))
api_response2 = self._tc.api_request(ro)
if api_response2.headers['content-type'] == 'application/json':
api_response_dict2 = api_response2.json()
if api_response_dict2['status'] != 'Success':
self._tc.tcl.error('API Request Failure: [{0}]'.format(
ro.description))
self.set_id(r_id)
self.set_phase(0)
# return object
return self
def group_associations(self):
""" retrieve associations for this group. associations are not stored within the object """
prop = self._resource_properties['association_groups']
ro = RequestObject()
ro.set_description('retrieve group associations for {0}'.format(self._name))
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_request_uri(prop['uri'].format(self._id))
# ro.set_owner(self.owner_name)
ro.set_resource_pagination(prop['pagination'])
ro.set_resource_type(self._resource_type)
for item in self._tc.result_pagination(ro)['group']:
yield threatconnect.GroupObject.parse_group(item, api_filter=ro.description, request_uri=ro.request_uri)
def add_threat_id(self, data_int):
""" """
if not isinstance(data_int, int):
raise AttributeError(ErrorCodes.e4080.value.format(data_int))
prop = self._resource_properties['groups']
ro = RequestObject()
ro.set_description('api filter by threat id {0}'.format(data_int))
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_request_uri(prop['uri'], ['threats', data_int])
ro.set_resource_pagination(prop['pagination'])
ro.set_resource_type(self._resource_type)
self._add_request_objects(ro)
def default_request_object(self):
""" default request when only a owner filter is provided """
request_object = RequestObject()
request_object.set_description('filter by owner')
request_object.set_http_method(self._resource_properties['bulk']['http_method'])
request_object.set_owner_allowed(self._resource_properties['bulk']['owner_allowed'])
request_object.set_request_uri(self._resource_properties['bulk']['uri'])
request_object.set_resource_pagination(self._resource_properties['bulk']['pagination'])
request_object.set_resource_type(self._resource_type)
if self.tc._bulk_on_demand:
request_object.add_payload('runNow', True)
return request_object
def add_security_label(self, data):
""" filter api results by security label """
# validation of data input
if not isinstance(data, str):
raise AttributeError(ErrorCodes.e4050.value.format(data))
prop = self._resource_properties['security_labels']
ro = RequestObject()
ro.set_description('api filter by security label "{0}"'.format(data))
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_resource_pagination(prop['pagination'])
ro.set_request_uri(prop['uri'], [SharedMethods.urlsafe(data)])
ro.set_resource_type(self._resource_type)
self._add_request_objects(ro)
def add_threat_id(self, data_int):
""" """
if not isinstance(data_int, int):
raise AttributeError(ErrorCodes.e4080.value.format(data_int))
prop = self._resource_properties['groups']
ro = RequestObject()
ro.set_description('api filter by threat id {0}'.format(data_int))
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_request_uri(prop['uri'], ['threats', data_int])
ro.set_resource_pagination(prop['pagination'])
ro.set_resource_type(self._resource_type)
self._add_request_objects(ro)
def add_asset(self, asset_obj):
""" add a asset to a victim """
prop = self._resource_properties['asset_add']
ro = RequestObject()
ro.set_body(asset_obj.gen_body)
ro.set_description('add asset type {0} with to {1}'.format(
asset_obj.resource_type, self._name))
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_request_uri(prop['uri'].format(self._id,
asset_obj.uri_attribute))
ro.set_resource_pagination(prop['pagination'])
ro.set_resource_type(self._resource_type)
self._resource_container.add_commit_queue(self.id, ro)
def victim_associations(self):
""" retrieve associations for this group. associations are not stored within the object """
prop = self._resource_properties['association_victims']
ro = RequestObject()
ro.set_description('retrieve victim associations for {0}'.format(self._name))
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_owner(self.owner_name)
ro.set_request_uri(prop['uri'].format(self._id))
ro.set_resource_pagination(prop['pagination'])
ro.set_resource_type(self._resource_type)
for item in self._tc.result_pagination(ro, 'victim'):
yield parse_victim(item, api_filter=ro.description, request_uri=ro.request_uri)
def update_attribute(self, attr_id, attr_value):
""" update indicator attribute by id """
prop = self._resource_properties['attribute_update']
ro = RequestObject()
ro.set_body(json.dumps({'value': attr_value}))
ro.set_description('update attribute id {0} with value "{1}" on "{2}"'.format(
attr_id, attr_value, self._name))
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_request_uri(prop['uri'].format(self._id, attr_id))
ro.set_resource_pagination(prop['pagination'])
ro.set_resource_type(self._resource_type)
self._resource_container.add_commit_queue(self.id, ro)
def download_errors(self):
prop = self._resource_properties['batch_error_download']
ro = RequestObject()
ro.set_description('download errors for batchjob {0}'.format(self._id))
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_request_uri(prop['uri'].format(self._id))
ro.set_resource_pagination(prop['pagination'])
ro.set_resource_type(self._resource_type)
api_response = self._tc.api_request(ro)
if api_response.headers['content-type'] in ['application/octet-stream', 'text/plain']:
self.set_errors(api_response.content)
def disassociate_group(self, resource_type, resource_id):
""" disassociate group from group """
prop = self._resource_properties['association_group_delete']
ro = RequestObject()
ro.set_description('disassociate group type {0} id {1} from "{2}"'.format(
resource_type.name, resource_id, self._name))
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
group_uri_attribute = ApiProperties.api_properties[resource_type.name]['uri_attribute']
ro.set_request_uri(prop['uri'].format(
self._id, group_uri_attribute, resource_id))
ro.set_resource_pagination(prop['pagination'])
ro.set_resource_type(self._resource_type)
self._resource_container.add_commit_queue(self.id, ro)
def indicator_associations(self):
""" retrieve associations for this victim. associations are not stored within the object """
prop = self._resource_properties['association_indicators']
ro = RequestObject()
ro.set_description('retrieve indicator associations for {0}'.format(self._name))
ro.set_http_method(prop['http_method'])
# ro.set_owner(self.owner_name)
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_request_uri(prop['uri'].format(self._id))
ro.set_resource_pagination(prop['pagination'])
ro.set_resource_type(self._resource_type)
for item in self._tc.result_pagination(ro, 'indicator'):
yield threatconnect.IndicatorObject.parse_indicator(
item, api_filter=ro.description, request_uri=ro.request_uri)
def retrieve_mine(self):
""" retrieve owner mine """
prop = ApiProperties.api_properties['OWNERS']['properties']['mine']
ro = RequestObject()
ro.set_description('load owner mine')
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_resource_pagination(prop['pagination'])
ro.set_request_uri(prop['uri'])
ro.set_resource_type(ResourceType.OWNERS)
data_set = self.tc.api_response_handler(self, ro)
for obj in data_set:
self.add_obj(obj)
def default_request_object(self):
""" default request when only a owner filter is provided """
request_object = RequestObject()
request_object.set_description('filter by owner')
request_object.set_http_method(
self._resource_properties['base']['http_method'])
request_object.set_owner_allowed(
self._resource_properties['base']['owner_allowed'])
request_object.set_request_uri(
self._resource_properties['base']['uri'])
request_object.set_resource_pagination(
self._resource_properties['base']['pagination'])
request_object.set_resource_type(self._resource_type)
return request_object
def upload(self, body):
""" upload batch job """
prop = self._resource_properties['batch_job_upload']
ro = RequestObject()
ro.set_body(body)
ro.set_content_type('application/octet-stream')
ro.set_description('upload batch job for "{0}"'.format(self._id))
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_request_uri(prop['uri'].format(self._id))
ro.set_resource_pagination(prop['pagination'])
ro.set_resource_type(self._resource_type)
ro.empty_payload()
self._resource_container.add_commit_queue(self.id, ro)
def add_email_id(self, data_int):
""" filter api results by email id """
# validation of data input
if not isinstance(data_int, int):
raise AttributeError(ErrorCodes.e4020.value.format(data_int))
prop = self._resource_properties['groups']
ro = RequestObject()
ro.set_description('api filter by email id {0}'.format(data_int))
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_request_uri(prop['uri'], ['emails', data_int])
ro.set_resource_pagination(prop['pagination'])
ro.set_resource_type(self._resource_type)
self._add_request_objects(ro)
def add_email_id(self, data_int):
""" filter api results by email id """
# validation of data input
if not isinstance(data_int, int):
raise AttributeError(ErrorCodes.e4030.value.format(data_int))
prop = self._resource_properties['groups']
ro = RequestObject()
ro.set_description('api filter by email id {0}'.format(data_int))
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_request_uri(prop['uri'], ['emails', data_int])
ro.set_resource_pagination(prop['pagination'])
ro.set_resource_type(self._resource_type)
self._add_request_objects(ro)
def retrieve_mine(self):
""" retrieve owner mine """
prop = ApiProperties.api_properties['OWNERS']['properties']['mine']
ro = RequestObject()
ro.set_description('load owner mine')
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_resource_pagination(prop['pagination'])
ro.set_request_uri(prop['uri'])
ro.set_resource_type(ResourceType.OWNERS)
data_set = self.tc.api_response_handler(self, ro)
for obj in data_set:
self.add_obj(obj)
def download_request(self):
""" """
# build request object
request_object = RequestObject(self._drd['name1'], self._drd['name2_method']())
request_object.set_content_type(self._drd['content_type'])
request_object.set_description(
self._drd['description'].format(self._drd['identifier_method']()))
request_object.set_http_method(self._drd['http_method'])
request_object.set_request_uri(
self._drd['request_uri_path'].format(self._drd['identifier_method']()))
request_object.set_owner_allowed(self._drd['owner_allowed'])
request_object.set_resource_pagination(self._drd['resource_pagination'])
request_object.set_resource_type(self._drd['resource_type'])
return request_object
def upload(self, body):
""" upload batch job """
prop = self._resource_properties['batch_job_upload']
ro = RequestObject()
ro.set_body(body)
ro.set_content_type('application/octet-stream')
ro.set_description('upload batch job for "{0}"'.format(self._id))
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_request_uri(prop['uri'].format(self._id))
ro.set_resource_pagination(prop['pagination'])
ro.set_resource_type(self._resource_type)
ro.empty_payload()
self._resource_container.add_commit_queue(self.id, ro)
def default_request_object(self):
""" default request when only a owner filter is provided """
request_object = RequestObject()
request_object.set_description('filter by owner')
request_object.set_http_method(self._resource_properties['base']['http_method'])
request_object.set_owner_allowed(self._resource_properties['base']['owner_allowed'])
request_object.set_request_uri(self._resource_properties['base']['uri'])
request_object.set_resource_pagination(self._resource_properties['base']['pagination'])
request_object.set_resource_type(self._resource_type)
# modified since is only support on base (/v2/indicator) api call
if self._modified_since is not None:
request_object.set_modified_since(self._modified_since)
request_object.set_description('Indicator Owner Filter modified since {0}'.format(self._modified_since))
return request_object
def indicator_associations(self):
""" retrieve associations for this group. associations are not stored within the object """
prop = self._resource_properties['association_indicators']
ro = RequestObject()
ro.set_description('retrieve indicator associations for {0}'.format(self._name))
ro.set_owner(self.owner_name)
ro.set_http_method(prop['http_method'])
ro.set_owner(self.owner_name)
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_request_uri(prop['uri'].format(self._id))
ro.set_resource_pagination(prop['pagination'])
ro.set_resource_type(self._resource_type)
for item in self._tc.result_pagination(ro, 'indicator'):
yield threatconnect.IndicatorObject.parse_indicator(
item, api_filter=ro.description, request_uri=ro.request_uri, indicators_regex=self._tc._indicators_regex)
def download_errors(self):
prop = self._resource_properties['batch_error_download']
ro = RequestObject()
ro.set_description('download errors for batchjob {0}'.format(self._id))
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_request_uri(prop['uri'].format(self._id))
ro.set_resource_pagination(prop['pagination'])
ro.set_resource_type(self._resource_type)
api_response = self._tc.api_request(ro)
if api_response.headers['content-type'] in [
'application/octet-stream', 'text/plain'
]:
self.set_errors(api_response.content)
def commit(self):
""" commit victim and related assets, associations """
r_id = self.id
ro = RequestObject()
ro.set_body(self.gen_body)
ro.set_resource_type(self.resource_type)
prop = self._resource_properties['add']
ro.set_description('adding batchjob')
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_request_uri(prop['uri'].format(self._id))
ro.empty_payload()
if self._phase == 1:
# validate all required fields are present
if self.validate:
api_response = self._tc.api_request(ro)
if api_response.headers['content-type'] == 'application/json':
api_response_dict = api_response.json()
if api_response_dict['status'] == 'Success':
r_id = api_response_dict['data']['batchId']
else:
self._tc.tcl.debug('Resource Object'.format(self))
raise RuntimeError('Cannot commit incomplete resource object')
for ro in self._resource_container.commit_queue(self.id):
# if self.owner_name is not None:
# ro.set_owner(self.owner_name)
# replace the id
if self.id != r_id:
request_uri = str(ro.request_uri.replace(str(self.id), str(r_id)))
ro.set_request_uri(request_uri)
self._tc.tcl.debug('Replacing {0} with {1}'.format(self.id, str(r_id)))
self._tc.tcl.debug('RO {0}'.format(ro))
api_response2 = self._tc.api_request(ro)
if api_response2.headers['content-type'] == 'application/json':
api_response_dict2 = api_response2.json()
if api_response_dict2['status'] != 'Success':
self._tc.tcl.error('API Request Failure: [{0}]'.format(ro.description))
self.set_id(r_id)
self.set_phase(0)
# return object
return self
def default_request_object(self):
""" default request when no filters are provided """
resource_properties = ApiProperties.api_properties[self._resource_type.name]['properties']
# create default request object for non-filtered requests
request_object = RequestObject()
request_object.set_http_method(resource_properties['base']['http_method'])
request_object.set_owner_allowed(resource_properties['base']['owner_allowed'])
request_object.set_request_uri(resource_properties['base']['uri'])
request_object.set_resource_pagination(resource_properties['base']['pagination'])
request_object.set_resource_type(self._resource_type)
# modified since is only support on base (/v2/indicator) api call
if self._modified_since is not None:
request_object.set_modified_since(self._modified_since)
request_object.set_description('Owner Filter modified since {0}'.format(self._modified_since))
return request_object
def add_indicator(self, data):
""" """
# validation indicator
if not SharedMethods.validate_indicator(self.tc._indicators_regex, data):
raise AttributeError(ErrorCodes.e5010.value.format(data))
# get indicator uri attribute
indicator_type = SharedMethods.get_resource_type(self.tc._indicators_regex, data)
indicator_uri_attribute = ApiProperties.api_properties[indicator_type.name]['uri_attribute']
prop = self._resource_properties['indicators']
ro = RequestObject()
ro.set_description('api filter by indicator id {0}'.format(data))
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_request_uri(prop['uri'], [indicator_uri_attribute, SharedMethods.urlsafe(data)])
ro.set_resource_pagination(prop['pagination'])
ro.set_resource_type(self._resource_type)
self._add_request_objects(ro)
def load_tags(self):
""" retrieve tags for this group """
prop = self._resource_properties['tags_load']
ro = RequestObject()
ro.set_description('load tags for {0}'.format(self._name))
ro.set_http_method(prop['http_method'])
ro.set_owner(self.owner_name)
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_request_uri(prop['uri'].format(self._id))
ro.set_resource_pagination(prop['pagination'])
ro.set_resource_type(self._resource_type)
api_response = self._tc.api_request(ro)
if api_response.headers['content-type'] == 'application/json':
api_response_dict = api_response.json()
if api_response_dict['status'] == 'Success':
data = api_response_dict['data']['tag']
for item in data:
self._resource_obj.add_tag(parse_tag(item)) # add to main resource object
def default_request_object(self):
""" default request when only a owner filter is provided """
request_object = RequestObject()
request_object.set_description('filter by owner')
request_object.set_http_method(
self._resource_properties['bulk']['http_method'])
request_object.set_owner_allowed(
self._resource_properties['bulk']['owner_allowed'])
request_object.set_request_uri(
self._resource_properties['bulk']['uri'])
request_object.set_resource_pagination(
self._resource_properties['bulk']['pagination'])
request_object.set_resource_type(self._resource_type)
request_object.set_stream(True)
if self.tc._bulk_on_demand:
request_object.add_payload('runNow', True)
return request_object
def delete_security_label(self, security_label_name):
""" retrieve attributes for this indicator """
prop = self._resource_properties['delete_security_label']
ro = RequestObject()
ro.set_description(
'deleting security label {0} for attribute {1} of object {2}'.
format(security_label_name, self.id, self._container.id))
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
resource_uri = self._container._resource_properties['id']['uri']
try:
resource_uri = resource_uri.format(self._container.indicator)
except AttributeError:
resource_uri = resource_uri.format(self._container.id)
ro.set_request_uri(prop['uri'].format(resource_uri, self.id,
security_label_name))
ro.set_resource_pagination(prop['pagination'])
self._container._resource_container.add_commit_queue(
self._container.id, ro)
def download(self):
""" download document """
if self._resource_type == ResourceType.DOCUMENTS:
prop = self._resource_properties['document_download']
elif self._resource_type == ResourceType.SIGNATURES:
prop = self._resource_properties['signature_download']
else:
self._tc.tcl.error('Download requested for wrong resource type.')
raise AttributeError(ErrorCodes.e10320.value)
ro = RequestObject()
ro.set_description('download {0} for "{1}"'.format(self.resource_type.name.lower(), self._name))
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_request_uri(prop['uri'].format(self._id))
ro.set_resource_pagination(prop['pagination'])
ro.set_resource_type(self._resource_type)
api_response = self._tc.api_request(ro)
if api_response.headers['content-type'] in ['application/octet-stream', 'text/plain']:
self.set_contents(api_response.content)
def retrieve_members(self):
""" retrieve owner members """
prop = ApiProperties.api_properties['OWNERS']['properties']['members']
ro = RequestObject()
ro.set_description('load owner members')
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_resource_pagination(prop['pagination'])
ro.set_request_uri(prop['uri'])
ro.set_resource_type(ResourceType.OWNER_MEMBERS)
api_response = self.tc.api_request(ro)
members = []
if api_response.headers['content-type'] == 'application/json':
api_response_dict = api_response.json()
if api_response_dict['status'] == 'Success':
data = api_response_dict['data']['user']
for item in data:
members.append(parse_member(item))
return members # if class is called directly
def add_attribute(self, attr_type, attr_value, attr_displayed='true'):
""" add an attribute to a group """
prop = self._resource_properties['attribute_add']
ro = RequestObject()
ro.set_body(json.dumps({
'type': attr_type,
'value': attr_value,
'displayed': attr_displayed}))
ro.set_description('add attribute type "{0}" with value "{1}" to "{2}"'.format(
attr_type, attr_value, self._name))
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_request_uri(prop['uri'].format(self._id))
ro.set_resource_pagination(prop['pagination'])
ro.set_resource_type(self._resource_type)
callback = lambda status: self.__add_attribute_failure(attr_type, attr_value)
ro.set_failure_callback(callback)
self._resource_container.add_commit_queue(self.id, ro)
attribute = AttributeObject(self)
attribute.set_type(attr_type)
attribute.set_value(attr_value)
attribute.set_displayed(attr_displayed)
self._resource_obj.add_attribute(attribute)
def commit(self):
""" commit victim and related assets, associations """
r_id = self.id
ro = RequestObject()
ro.set_body(self.gen_body)
if self.owner_name is not None:
ro.set_owner(self.owner_name)
ro.set_resource_type(self.resource_type)
if self.phase == 1:
prop = self._resource_properties['add']
ro.set_description('adding group "{0}".'.format(self._name))
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_request_uri(prop['uri'].format(self._id))
ro.set_resource_pagination(prop['pagination'])
# validate all required fields are present
if self.validate:
api_response = self._tc.api_request(ro)
if api_response.headers['content-type'] == 'application/json':
api_response_dict = api_response.json()
if api_response_dict['status'] == 'Success':
resource_key = ApiProperties.api_properties[
self.resource_type.name]['resource_key']
r_id = api_response_dict['data'][resource_key]['id']
else:
self._tc.tcl.debug('Resource Object'.format(self))
raise AttributeError(ErrorCodes.e10040.value)
elif self.phase == 2:
prop = self._resource_properties['update']
ro.set_description('update indicator "{0}".'.format(self._name))
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_request_uri(prop['uri'].format(self._id))
ro.set_resource_pagination(prop['pagination'])
api_response = self._tc.api_request(ro)
if api_response.headers['content-type'] == 'application/json':
api_response_dict = api_response.json()
if api_response_dict['status'] != 'Success':
self._tc.tcl.error('API Request Failure: [{0}]'.format(
ro.description))
# submit all attributes, tags or associations
for ro in self._resource_container.commit_queue(self.id):
# if self.owner_name is not None:
# ro.set_owner(self.owner_name)
# replace the id
if self.phase == 1 and self.id != r_id:
request_uri = str(
ro.request_uri.replace(str(self.id), str(r_id)))
ro.set_request_uri(request_uri)
self._tc.tcl.debug('Replacing {0} with {1}'.format(
self.id, str(r_id)))
self._tc.tcl.debug('RO {0}'.format(ro))
api_response2 = self._tc.api_request(ro)
if api_response2.headers['content-type'] == 'application/json':
api_response_dict2 = api_response2.json()
if api_response_dict2['status'] != 'Success':
self._tc.tcl.error('API Request Failure: [{0}]'.format(
ro.description))
self.set_id(r_id)
self._resource_container.clear_commit_queue_id(self.id)
self.set_phase(0)
# return object
return self
def commit(self):
# phase 0 (no action) -> don't validate and don't POST group, only POST items in commit queue.
# phase 1 (add) -> validate before POST group, only POST items in commit queue if group POST succeeded.
# phase 2 (update) -> don't validate before PUT group, POST/PUT items in commit queue.
""" commit group and related associations, attributes, security labels and tags """
r_id = self.id
ro = RequestObject()
ro.set_body(self.gen_body)
if self.owner_name is not None:
ro.set_owner(self.owner_name)
ro.set_resource_type(self.resource_type)
if self.phase == 1:
prop = self._resource_properties['add']
ro.set_description('adding group "{0}".'.format(self._name))
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_request_uri(prop['uri'].format(self._id))
ro.set_resource_pagination(prop['pagination'])
if self.validate:
api_response = self._tc.api_request(ro)
if api_response.headers['content-type'] == 'application/json':
api_response_dict = api_response.json()
if api_response_dict['status'] == 'Success':
resource_key = ApiProperties.api_properties[self.resource_type.name]['resource_key']
r_id = api_response_dict['data'][resource_key]['id']
else:
self._tc.tcl.debug('Resource Object'.format(self))
raise AttributeError(ErrorCodes.e10040.value)
elif self.phase == 2:
prop = self._resource_properties['update']
ro.set_description('update group "{0}".'.format(self._name))
ro.set_http_method(prop['http_method'])
ro.set_owner_allowed(prop['owner_allowed'])
ro.set_request_uri(prop['uri'].format(self._id))
ro.set_resource_pagination(prop['pagination'])
api_response = self._tc.api_request(ro)
if api_response.headers['content-type'] == 'application/json':
api_response_dict = api_response.json()
if api_response_dict['status'] != 'Success':
self._tc.tcl.error('API Request Failure: [{0}]'.format(ro.description))
# validate all required fields are present
if r_id is not None:
#
# commit all associations, attributes, tags, etc
#
for ro in self._resource_container.commit_queue(self.id):
if self.owner_name is not None:
ro.set_owner(self.owner_name)
# replace the id
if self.phase == 1 and self.id != r_id:
request_uri = str(ro.request_uri.replace(str(self.id), str(r_id)))
ro.set_request_uri(request_uri)
self._tc.tcl.debug('Replacing {0} with {1}'.format(self.id, str(r_id)))
api_response2 = self._tc.api_request(ro)
if 'content-type' in api_response2.headers:
if api_response2.headers['content-type'] == 'application/json':
api_response_dict2 = api_response2.json()
if api_response_dict2['status'] != 'Success':
self._tc.tcl.error('API Request Failure: [{0}]'.format(ro.description))
else:
if ro.success_callback is not None:
ro.success_callback(ro, api_response2)
elif api_response2.headers['content-type'] == 'application/octet-stream':
if api_response2.status_code in [200, 201, 202]:
self.set_contents(ro.body)
if ro.success_callback is not None:
ro.success_callback(ro, api_response2)
else:
# upload PUT response
if api_response2.status_code in [200, 201, 202]:
self.set_contents(ro.body)
if ro.success_callback is not None:
ro.success_callback(ro, api_response2)
# clear the commit queue
self._resource_container.clear_commit_queue_id(self.id)
self.set_id(r_id)
# clear phase
self.set_phase(0)
if self._reload_attributes:
self.load_attributes(automatically_reload=True)
# return object
return self
