def apimethod_remove_plugin(plugin_file):
"""Removes a custom plugin from the systems"""
try:
plugin_path = os.path.join(END_FOLDER, plugin_file)
if not os.path.isfile(plugin_path):
raise APIPluginFileNotFound(plugin_file)
plugin = PluginFile()
# TODO: make some handy wrapper to combine read and check
plugin.read(plugin_path, encoding='latin1')
plugin.check() # validate and load all the plugins data
plugin_data = get_plugin_data_for_plugin_id(plugin.plugin_id)
if plugin_data is not None:
if plugin_data.plugin_type == PluginDataType.ALIENVAULT_PLUGIN:
raise APICannotBeRemoved("This is an AlienVault Plugin. It cannot be removed")
# Remove the sids
remove_plugin_data(plugin.plugin_id)
remove_plugin_from_sensors(plugin_path)
# Remove sql file locally (it's located only on server)
os.remove(plugin_path + '.sql')
except Exception as e:
api_log.error("[apimethod_remove_plugin] {}".format(e))
if not isinstance(e, APIException):
raise APICannotBeRemoved("{}".format(e))
else:
raise
class PluginTester(object):
"""
Plugin Tester class.
"""
def __init__(self, plugin_file):
"""
Constructor
Args:
plugin_file:The plugin configuration file
"""
self.__plugin_file_name = plugin_file
self.__plugin_file = None
self.__plugin_loaded = False
def __load_plugin(self):
self.__plugin_file = PluginFile()
self.__plugin_file.read(plugin_file=self.__plugin_file_name,
encoding='latin1')
self.__plugin_loaded = True
def process(self):
"""Processes the plugin checks"""
if not self.__plugin_loaded:
self.__load_plugin()
try:
data = self.__plugin_file.check()
except Exception as e:
api_log.warning("[PluginTester] Cannot check the plugin %s" %
str(e))
raise APICannotCheckPlugin(self.__plugin_file_name)
return data
class PluginTester(object):
"""
Plugin Tester class.
"""
def __init__(self, plugin_file):
"""
Constructor
Args:
plugin_file:The plugin configuration file
"""
self.__plugin_file_name = plugin_file
self.__plugin_file = None
self.__plugin_loaded = False
def __load_plugin(self):
self.__plugin_file = PluginFile()
self.__plugin_file.read(plugin_file=self.__plugin_file_name, encoding='latin1')
self.__plugin_loaded = True
def process(self):
"""Processes the plugin checks"""
if not self.__plugin_loaded:
self.__load_plugin()
try:
data = self.__plugin_file.check()
except Exception as e:
api_log.warning("[PluginTester] Cannot check the plugin %s" % str(e))
raise APICannotCheckPlugin(self.__plugin_file_name)
return data
def apimethod_remove_plugin(plugin_file):
"""Removes a custom plugin from the systems"""
try:
plugin_path = os.path.join(END_FOLDER, plugin_file)
if not os.path.isfile(plugin_path):
raise APIPluginFileNotFound(plugin_file)
plugin = PluginFile()
# TODO: make some handy wrapper to combine read and check
plugin.read(plugin_path, encoding='latin1')
plugin.check() # validate and load all the plugins data
plugin_data = get_plugin_data_for_plugin_id(plugin.plugin_id)
if plugin_data is not None:
if plugin_data.plugin_type == PluginDataType.ALIENVAULT_PLUGIN:
raise APICannotBeRemoved(
"This is an AlienVault Plugin. It cannot be removed")
# Remove the sids
remove_plugin_data(plugin.plugin_id)
remove_plugin_from_sensors(plugin_path)
# Remove sql file locally (it's located only on server)
os.remove(plugin_path + '.sql')
except Exception as e:
api_log.error("[apimethod_remove_plugin] {}".format(e))
if not isinstance(e, APIException):
raise APICannotBeRemoved("{}".format(e))
else:
raise
def __load_plugin(self):
self.__plugin_file = PluginFile()
self.__plugin_file.read(plugin_file=self.__plugin_file_name,
encoding='latin1')
self.__plugin_loaded = True
def apimethod_upload_plugin(plugin_file, vendor, model, version, product_type, overwrite=False):
"""Uploads and verifies a given plugin file"""
# 1 - check whether the plugin is a valid file or not
try:
temporal_plg_path = os.path.join(TEMPORAL_FOLDER, plugin_file)
plugin_destination_path = os.path.join(END_FOLDER, plugin_file)
temporal_plg_sql_path = temporal_plg_path + '.sql'
plugin_asec_path = os.path.join(TEMPORAL_FOLDER, plugin_file)
# The PluginCheck object will be able to check the syntax of a given plugin
# return the available set of rules, etc.
plugin = PluginFile()
plugin.read(temporal_plg_path, encoding='latin1')
data = plugin.check()
data["need_overwrite"] = False
if data["error_count"] > 0:
raise APIInvalidPlugin(plugin.get_latest_error_msg())
if os.path.exists(plugin_destination_path) and not overwrite:
data["need_overwrite"] = True
return data
# Choose what to do: insert or update
need_to_update = get_plugin_data_for_plugin_id(plugin.plugin_id) and overwrite
save_plugin_data_func = update_plugin_data if need_to_update else insert_plugin_data
# Load plugin SQl into the DB.
with open(temporal_plg_sql_path) as plugin_raw_sql:
success, msg = save_plugin_from_raw_sql(plugin_raw_sql.read())
if not success:
raise APICannotSavePlugin(msg)
# Save plugin data.
success, msg = save_plugin_data_func(plugin.plugin_id,
plugin_name=plugin_file,
vendor=vendor,
model=model,
version=version,
nsids=len(data["rules"]),
product_type=product_type)
if not success:
raise APICannotSavePlugin(msg)
# 2 - Save plugin with the appropriate headers (vendor:model:version)
if not plugin.save(destination=plugin_destination_path, vendor=vendor, model=model,
product_type=product_type, version=version):
remove_plugin_data(plugin.plugin_id)
raise APICannotSavePlugin(message=plugin.get_latest_error_msg() or "Cannot save plugin file.")
# Copy plugin sql file to plugins custom dir
copy(temporal_plg_sql_path, END_FOLDER)
# Remove via ansible due to file permissions
remove_file(['127.0.0.1'], plugin_asec_path)
remove_file(['127.0.0.1'], plugin_asec_path + '.sql')
# TODO: Is the plugin fd already in use? What is the next free plugin id?
# 3 - Synchronize Plugins.
from celerymethods.tasks.monitor_tasks import monitor_sync_custom_plugins
# Force synchronization
job = monitor_sync_custom_plugins.delay()
if job.id is None:
raise APICannotSavePlugin("Cannot synchronize the plugin.")
data["synchronization_job"] = job.id
except Exception as e:
api_log.error("[apimethod_upload_plugin] {}".format(str(e)))
if not isinstance(e, APIException):
raise APICannotSavePlugin()
raise
# The method should return a python dic with the job id (the one that is synchronizing the plugins) and
# the list of plugin sids for the plugin.
return data
def apimethod_upload_plugin(plugin_file,
vendor,
model,
version,
product_type,
overwrite=False):
"""Uploads and verifies a given plugin file"""
# 1 - check whether the plugin is a valid file or not
try:
temporal_plg_path = os.path.join(TEMPORAL_FOLDER, plugin_file)
plugin_destination_path = os.path.join(END_FOLDER, plugin_file)
temporal_plg_sql_path = temporal_plg_path + '.sql'
plugin_asec_path = os.path.join(TEMPORAL_FOLDER, plugin_file)
# The PluginCheck object will be able to check the syntax of a given plugin
# return the available set of rules, etc.
plugin = PluginFile()
plugin.read(temporal_plg_path, encoding='latin1')
data = plugin.check()
data["need_overwrite"] = False
if data["error_count"] > 0:
raise APIInvalidPlugin(plugin.get_latest_error_msg())
if os.path.exists(plugin_destination_path) and not overwrite:
data["need_overwrite"] = True
return data
# Choose what to do: insert or update
need_to_update = get_plugin_data_for_plugin_id(
plugin.plugin_id) and overwrite
save_plugin_data_func = update_plugin_data if need_to_update else insert_plugin_data
# Load plugin SQl into the DB.
with open(temporal_plg_sql_path) as plugin_raw_sql:
success, msg = save_plugin_from_raw_sql(plugin_raw_sql.read())
if not success:
raise APICannotSavePlugin(msg)
# Save plugin data.
success, msg = save_plugin_data_func(plugin.plugin_id,
plugin_name=plugin_file,
vendor=vendor,
model=model,
version=version,
nsids=len(data["rules"]),
product_type=product_type)
if not success:
raise APICannotSavePlugin(msg)
# 2 - Save plugin with the appropriate headers (vendor:model:version)
if not plugin.save(destination=plugin_destination_path,
vendor=vendor,
model=model,
product_type=product_type,
version=version):
remove_plugin_data(plugin.plugin_id)
raise APICannotSavePlugin(message=plugin.get_latest_error_msg()
or "Cannot save plugin file.")
# Copy plugin sql file to plugins custom dir
copy(temporal_plg_sql_path, END_FOLDER)
# Remove via ansible due to file permissions
remove_file(['127.0.0.1'], plugin_asec_path)
remove_file(['127.0.0.1'], plugin_asec_path + '.sql')
# TODO: Is the plugin fd already in use? What is the next free plugin id?
# 3 - Synchronize Plugins.
from celerymethods.tasks.monitor_tasks import monitor_sync_custom_plugins
# Force synchronization
job = monitor_sync_custom_plugins.delay()
if job.id is None:
raise APICannotSavePlugin("Cannot synchronize the plugin.")
data["synchronization_job"] = job.id
except Exception as e:
api_log.error("[apimethod_upload_plugin] {}".format(str(e)))
if not isinstance(e, APIException):
raise APICannotSavePlugin()
raise
# The method should return a python dic with the job id (the one that is synchronizing the plugins) and
# the list of plugin sids for the plugin.
return data
def __load_plugin(self):
self.__plugin_file = PluginFile()
self.__plugin_file.read(plugin_file=self.__plugin_file_name, encoding='latin1')
self.__plugin_loaded = True
