def check_perm(*args, **kwargs): if 'report' in kwargs: code, resp = GeneralController.check_perms(method=request.method, user=g.user, report=kwargs['report']) if code != 200: return code, resp if 'ticket' in kwargs: code, resp = GeneralController.check_perms(method=request.method, user=g.user, ticket=kwargs['ticket']) if code != 200: return code, resp if 'defendant' in kwargs and request.method != 'GET': code, resp = GeneralController.check_perms(method=request.method, user=g.user, defendant=kwargs['defendant']) if code != 200: return code, resp return func(*args, **kwargs)
def bulk_delete(body, user, method): """ Delete infos from multiple tickets """ if not body.get('reports') or not body.get('properties'): transaction.rollback() return 400, {'status': 'Bad Request', 'code': 400, 'message': 'Missing reports or properties in body'} try: reports = Report.objects.filter(id__in=list(body['reports'])) except (TypeError, ValueError): transaction.rollback() return 400, {'status': 'Bad Request', 'code': 400, 'message': 'Invalid report(s) id'} for report in reports: code, resp = GeneralController.check_perms(method=method, user=user, ticket=report.id) if code != 200: transaction.rollback() return code, resp # Update tags try: if 'tags' in body['properties'] and isinstance(body['properties']['tags'], list): for report in reports: for tag in body['properties']['tags']: code, resp = remove_tag(report.id, tag['id']) if code != 200: transaction.rollback() return code, resp except (KeyError, TypeError, ValueError): transaction.rollback() return 400, {'status': 'Bad Request', 'code': 400, 'message': 'Invalid or missing tag(s) id'} transaction.commit() return 200, {'status': 'OK', 'code': 200, 'message': 'Report(s) successfully updated'}
def post_mass_contact(): """ Massively contact defendants based on ip addresses list **Example request**: .. sourcecode:: http POST /api/mass-contact HTTP/1.1 Content-Type: application/json { "ips": ["1.2.3.4", "5.6.7.8.9], "campaignName": "ntp_amp_mars_2016", "category": "Network Attack" "email": { "subject": "blah", "body": "blah blah", } } :reqjson list ips: The list of involved ip addresses :reqjson str category: The category of the campaign :reqjson str campaignName: The name of the campaign :reqjson dict email: The email to send (containing 'subject' and 'body') :status 200: when campaign is successfully created :status 400: when parameters are missing or invalid """ body = request.get_json() code, resp = GeneralController.post_mass_contact(body, g.user) return code, resp
def get_logged_user(): """ Get infos for logged user """ valid, ret = GeneralController.get_users_infos(user=g.user.id) if not valid: return 400, {'status': 'Bad Request', 'code': 400, 'message': ret} else: return 200, ret
def search(): """ Search on tickets and reports Filtering is possible through "filters" query string : filters=%7B"type":"reports"%7D&page=1 JSON double encoded format """ if 'filters' in request.args: code, resp = GeneralController.search(filters=request.args['filters'], user=g.user) return code, resp
def auth(): """ Check user/password and returns token if valid """ if settings.API.get('forwarded_host'): try: if not request.environ['HTTP_X_FORWARDED_HOST'] == settings.API['forwarded_host']: return 400, {'status': 'Bad Request', 'code': 400, 'message': 'Invalid HTTP_X_FORWARDED_HOST'} except KeyError: return 400, {'status': 'Bad Request', 'code': 400, 'message': 'Missing HTTP_X_FORWARDED_HOST'} body = request.get_json() authenticated, ret = GeneralController.auth(body) if authenticated: return 200, ret else: return 401, {'status': 'Unauthorized', 'code': 401, 'message': ret}
def bulk_add(body, user, method): """ Update multiple reports """ if not body.get('reports') or not body.get('properties'): transaction.rollback() return 400, {'status': 'Bad Request', 'code': 400, 'message': 'Missing reports or properties in body'} try: reports = Report.objects.filter(id__in=list(body['reports'])) except (TypeError, ValueError): transaction.rollback() return 400, {'status': 'Bad Request', 'code': 400, 'message': 'Invalid report(s) id'} for report in reports: code, resp = GeneralController.check_perms(method=method, user=user, report=report.id) if code != 200: transaction.rollback() return code, resp if 'status' in body['properties'] and body['properties']['status'].lower() not in STATUS: transaction.rollback() return 400, {'status': 'Bad Request', 'code': 400, 'message': 'Status not supported'} # Update tags if 'tags' in body['properties'] and isinstance(body['properties']['tags'], list): for report in reports: for tag in body['properties']['tags']: code, resp = add_tag(report.id, tag) if code != 200: transaction.rollback() return code, resp valid_fields = ['category', 'status', 'ticket'] properties = {k: v for k, v in body['properties'].iteritems() if k in valid_fields} # Update general fields for report in reports: code, resp = update(report.id, properties, user) if code != 200: transaction.rollback() return code, resp transaction.commit() return 200, {'status': 'OK', 'code': 200, 'message': 'Report(s) successfully updated'}
def get_all_ticket_resolutions(): """ Get all abuse status """ return 200, GeneralController.get_ticket_resolutions()
def monitor(): """ Get api Infos """ GeneralController.monitor() return 200, {'status': 'OK', 'code': 200}
def get_cerberus_roles(): """ List all Cerberus `abuse.models.Role` """ code, resp = GeneralController.get_roles() return code, resp
def get_ip_report_count(ip_addr=None): """ Get hits for an ip """ code, resp = GeneralController.get_ip_report_count(ip=ip_addr) return code, resp
def get_mass_contact(): """ List all created mass-contact campaigns """ code, resp = GeneralController.get_mass_contact(filters=request.args.get('filters')) return code, resp
def get_toolbar(): """ Get Abuse toolbar """ code, resp = GeneralController.toolbar(user=g.user) return code, resp
def get_dashboard(): """ Get Abuse dashboard """ code, resp = GeneralController.dashboard(user=g.user) return code, resp
def delete_ticket_resolution(resolution=None): """ Get all abuse status """ code, resp = GeneralController.delete_ticket_resolution(resolution) return code, resp
def get_status(model=None): """ Get status list for ticket or report """ return 200, GeneralController.status(model=model)
def get_profiles(): """ Get Abuse profiles """ code, resp = GeneralController.get_profiles() return code, resp
def update_ticket_resolution(resolution=None): """ Get all abuse status """ body = request.get_json() code, resp = GeneralController.update_ticket_resolution(resolution, body) return code, resp
def logout(): """ Logout user """ code, resp = GeneralController.logout(request) return code, resp
def get_all_status(): """ Get all abuse status """ return 200, GeneralController.status()
def update_user(user=None): """ Update user infos """ body = request.get_json() code, resp = GeneralController.update_user(user, body) return code, resp
def get_user(user=None): """ Get infos for a user """ code, resp = GeneralController.get_users_infos(user=user) return code, resp
def get_users_infos(): """ Get users infos """ code, resp = GeneralController.get_users_infos() return code, resp
def get_user_notifications(): """ Get user notifications """ code, resp = GeneralController.get_notifications(g.user) return code, resp
def add_ticket_resolution(): """ Get all abuse status """ body = request.get_json() code, resp = GeneralController.add_ticket_resolution(body) return code, resp