def get_user_info(form): users = UserModel() sessions = SessionModel() if not assert_keys_in_form_exist(form, ['sessionID']): return msg.error_msg("Invalid Session ID.") session_id = form['sessionID'] session = sessions.get_session(session_id) if len(session) == 0: return msg.error_msg("Unable to find the session.") (sessionid, uid, start_time, end_time) = session[0].values() user = users.get_user(uid=uid) if len(user) == 0: return msg.error_msg("Unable to find the user") (uid, name, email, phone, password, major, degree, enable) = user[0].values() return msg.success_msg({ "uid": uid, "name": name, "email": email, "phone": phone, "major": major, "degree": degree })
def delete_session(form): if not assert_keys_in_form_exist(form, ['sessionID']): return msg.error_msg("Please check your request body.") sessions = SessionModel() given_session_id = form['sessionID'] session_founded = sessions.get_session(session_id=given_session_id) if session_founded is None: return msg.error_msg("Failed to find given session") if len(session_founded) == 0: return msg.error_msg("Can't found the session.") if session_founded[0]['end_time'] is not None: return msg.error_msg("This session already canceled.") end_time = datetime.utcnow() res = sessions.end_session(session_id=given_session_id, end_time=end_time) if res is None: return msg.error_msg("Failed to end this session.") return msg.success_msg({ "sessionID": given_session_id, "endTime": str(end_time) })
def add_session(form): if not assert_keys_in_form_exist(form, ['email', 'password']): return msg.error_msg("Please check the inputs.") sessions = SessionModel() users = UserModel() (email, password) = (form['email'], form['password']) users_founded = users.get_user(email=email, password=encrypt(password), enable=True) if users_founded == None: return msg.error_msg("Failed to validate user information.") if len(users_founded) == 0: return msg.error_msg("Invalid email address or password.") uid = users_founded[0]['user_id'] new_session_id = sessions.create_session_id() start_time = datetime.utcnow() res = sessions.start_session(new_session_id, uid, start_time) if res == None: return msg.error_msg("Failed to start a new session.") return msg.success_msg({ "sessionID": new_session_id, "uid": uid, "startTime": str(start_time), "userName": users_founded[0]['name'] })
def add_user(form): users = UserModel() if not assert_keys_in_form_exist( form, ['name', 'email', 'phone', 'password', 'major', 'degree']): return msg.error_msg("Please check your requests.") name = form['name'] email = form['email'] phone = form['phone'] password = form['password'] major = form['major'] degree = form['degree'] if name.strip() == "": return msg.error_msg("Username cannot be empty.") if password.strip() == "": return msg.error_msg("Password cannot be empty.") if len(password) < 6: return msg.error_msg("Password cannot less than 6 character.") if len(name) > 255: return msg.error_msg("Username cannot exceed 255 characters.") if len(password) > 255: return msg.error_msg("Password cannot exceed 255 characters.") findUser = users.get_user(email=email, enable=True) if findUser is None: return msg.error_msg("Failed to find user.") print('findUser', findUser) print(len(findUser)) if len(findUser) != 0: return msg.error_msg("User already exists. (Email already in use)") args = { "Name": name, "Email": email, "Phone": phone, "Password": encrypt(password), "Major": major, "Degree": degree, "Enable": True } res = users.add_user(args) if res is None: return msg.error_msg("Failed to add user.") return msg.success_msg({"msg": "User added successfully."})
def update_user(form): users = UserModel() sessions = SessionModel() if not assert_keys_in_form_exist(form, [ 'sessionID', 'name', 'email', 'phone', 'newPassword', 'major', 'degree' ]): return msg.error_msg("Please check your requests.") name = form['name'] session_id = form['sessionID'] email = form['email'] phone = form['phone'] new_password = form['newPassword'] major = form['major'] degree = form['degree'] if new_password.strip() == "": return msg.error_msg("Password cannot be empty.") if len(name) > 255: return msg.error_msg("Username cannot exceed 255 characters.") if len(new_password) > 255: return msg.error_msg("Password cannot exceed 255 characters.") # Get User according to sessionID session = sessions.get_session(session_id) if len(session) == 0: return msg.error_msg("Unable to find the session.") (sessionid, uid, start_time, end_time) = session[0].values() if end_time is not None: return msg.error_msg("This session already canceled.") args = { "Name": name, "Email": email, "Phone": phone, "Password": encrypt(new_password), "Major": major, "Degree": degree, "UID": uid } ret = users.update_user(args) if ret is None: return msg.error_msg("Failed to update user profile.") return msg.success_msg({})
def get_user_info(form): if not assert_keys_in_form_exist(form, ['sessionID']): return msg.error_msg("Invalid request.") session_id = form['sessionID'] session = Session.get_session(session_id) if len(session) == 0: return msg.error_msg("Unable to find the session.") (sessionid, uid, start_time, end_time) = session[0].values() user = User.get_user(uid=uid) if len(user) == 0: return msg.error_msg("Unable to find the user") (uid, name, email, phone, password, enable) = user[0].values() return msg.success_msg({"uid": uid, "name": name, "email": email, "phone": phone})
def delete_user(form): users = UserModel() sessions = SessionModel() if not assert_keys_in_form_exist(form, ['sessionID', 'password']): return msg.error_msg("Please check the inputs.") password = form['password'] session_id = form['sessionID'] # Get User according to sessionID session = sessions.get_session(session_id) if len(session) == 0: return msg.error_msg("Unable to find the session.") (sessionid, uid, start_time, end_time) = session[0].values() if end_time is not None: return msg.error_msg("Expired SessionID") # Verify password if password.strip() == "": return msg.error_msg("Password cannot be empty.") findUser = users.get_user(uid=uid, password=encrypt(password), enable=True) if findUser is None: return msg.error_msg("Failed to find user.") if len(findUser) == 0: return msg.error_msg("Wrong password.") # Delete User ret = users.delete_user(uid) if ret is None: return msg.error_msg("Failed to delete user.") # Revoke all sessions sessions.end_session(uid=uid) return msg.success_msg({"uid": uid, "sessionID": session_id})
def add_event(form): userEvents = UserEvents() if not assert_keys_in_form_exist(form, ['uid', 'eventID', 'data', 'createdAt']): return msg.error_msg("Invalid request body.") uid = form['uid'] event_id = form['eventID'] event_data = form['data'] timestamp = form['createdAt'] res = userEvents.addEvent(uid=uid, eventID=event_id, data=str(event_data), timestamp=timestamp) if res == None: return msg.error_msg("Failed to add event.") return msg.success_msg({"msg": "Event added successfully."})
def update_user(form): if not assert_keys_in_form_exist(form, ['sessionID', 'name', 'email', 'phone', 'newPassword']): return msg.error_msg("Invalid request.") name = form['name'] session_id = form['sessionID'] email = form['email'] phone = form['phone'] new_password = form['newPassword'] if new_password.strip() == "": return msg.error_msg("Password cannot be empty.") if len(name) > 255: return msg.error_msg("Username cannot exceed 255 characters.") if len(new_password) > 255: return msg.error_msg("Password cannot exceed 255 characters.") # Get User according to sessionID session = Session.get_session(session_id) if len(session) == 0: return msg.error_msg("Unable to find the session.") (sessionid, uid, start_time, end_time) = session[0].values() args = { "Name": name, "Email": email, "Phone": phone, "Password": encrypt(new_password), "UID": uid } ret = User.update_user(args) if ret is None: return msg.error_msg("Failed to update user profile.") return msg.success_msg({})
def add_user(form): if not assert_keys_in_form_exist(form, ['name', 'email', 'phone', 'password']): return msg.error_msg("Invalid request.") name = form['name'] email = form['email'] phone = form['phone'] password = form['password'] if password.strip() == "": return msg.error_msg("Password cannot be empty.") if len(name) > 255: return msg.error_msg("Username cannot exceed 255 characters.") if len(password) > 255: return msg.error_msg("Password cannot exceed 255 characters.") findUser = User.get_user(email=email, enable=True) if findUser is None: return msg.error_msg("Failed to find user.") if len(findUser) != 0: return msg.error_msg("User already exists.") args = { "Name": name, "Email": email, "Phone": phone, "Password": encrypt(password), "Enable": True } res = User.add_user(args) if res is None: return msg.error_msg("Failed to add user.") return msg.success_msg({"msg": "User added successfully."})
def add_session(form): if not assert_keys_in_form_exist(form, ['email', 'password']): return msg.error_msg("Invalid request.") (email, password) = (form['email'], form['password']) users_founded = User.get_user(email=email, password=encrypt(password), enable=True) if users_founded is None: return msg.error_msg("Failed to validate user information.") if len(users_founded) == 0: return msg.error_msg("Invalid email address or password.") uid = users_founded[0]['user_id'] new_session_id = Session.create_session_id() start_time = datetime.utcnow() res = Session.start_session(new_session_id, uid, start_time) if res is None: return msg.error_msg("Failed to start a new session.") return msg.success_msg({"sessionID": new_session_id, "uid": uid, "startTime": str(start_time)})
def get_abnormal(): abnormal = behavior_controller.get_abnormal(request.json) return msg.success_msg(abnormal)
def get_behavior(): behavior = behavior_controller.get_behavior(request.json) return msg.success_msg(behavior)
def load_behavior(form): if not assert_keys_in_form_exist(form, ['endpointID', 'startDate', 'endDate']): return msg.error_msg("Invalid request.") startdate = form['startDate'] enddate = form['endDate'] eid = form['endpointID'] try: ts_tr = format_daterange((startdate, enddate)) raw_data = ES.load(WINLOGBEAT_INDEX, '_doc', args={ 'bool': { 'must': { 'match': { 'host.hostname': eid } }, 'filter': { 'range': { '@timestamp': { 'gte': ts_tr[0], 'lte': ts_tr[1] } } } } }) behavior_list = [] for _, e in raw_data.iterrows(): eid = str(e['winlog']['event_id']) func = SysmonData.eventid_behavior_mappings(eid) if func: try: props = [ en.split(': ')[1] for en in e['message'].split('\n')[1:] ] mid = encode_md5(e['winlog']['computer_name']) behav = func(eid, mid, props) behavior_list.append(behav) except Exception as e: log_error('Error: {} {}-{}'.format(e, eid, repr(props))) if behavior_list: ES.insert_behaviors('raw', behavior_list) # Detect abnormal behaviors attck_techs = attck.load_attcks(ATTCK_YAML) abnormals = rule.filter_abnormal_behaviors(behavior_list, attck_techs) if abnormals: ES.insert_behaviors('abnormal', abnormals) except Exception as e: log_error(e) return msg.error_msg("Fail to update bahavior.") return msg.success_msg({})