def manage_buoy(buo_id, action): """Starts or stops the given buoy.""" if action in [const.BUOY_AC_LAUNCH, const.BUOY_AC_STOP] and \ str(buo_id) in models.get_user_api_keys(current_user.id): bmanager.set_action(buo_id, action, now=True) return jsonify({'status': 200}) else: return jsonify({'status': 404, 'message': 'Wrong params.'})
def manage_key(key_id): """Generates and deletes api keys.""" if request.method == 'POST': if str(key_id) in models.get_user_network_ids(current_user.id): models.generate_api_key(key_id) return jsonify({'status': 200}) else: return jsonify({'status': 404, 'message': 'User has no such network.'}) elif request.method == 'DELETE': if str(key_id) in models.get_user_api_keys(current_user.id): models.clean_api_key(key_id) return jsonify({'status': 200}) else: return jsonify({'status': 404, 'message': 'User has no such key.'})
def dashboard(section, id): """Shows the app's dashboard. """ events, lastkey, alerts, hosts, networks, acls, scans, stats = (None,) * 8 vulns, buoys, faddnet, faddentry, faddhost = (None,) * 5 # Checks if the user can create acl entries or manage scans (nets required) can_acl, can_manage = (False,) * 2 if section != const.SEC_TIMELINE: red_p.unsubscribe(const.CHAN_TIMELINE) if request.method == 'GET': if section == const.SEC_TIMELINE: now = datetime.datetime.now() events = {} for i in range(const.TIMELINE_DAYS): date = now - datetime.timedelta(days=i) tempevents = models.get_user_events_date( current_user.id, date.strftime(const.STRTIME_DATE)) if len(tempevents) > 0: events[date.strftime(const.STRTIME_DATE)] = tempevents lastkey = date.strftime(const.STRTIME_DATE) elif section == const.SEC_ALERTS: faddhost = AddHostForm(prefix='add-host-f') alerts, hosts, vulns = _get_sec_alerts() elif section == const.SEC_NETWORKS: faddnet = AddNetworkForm(prefix='add-net-f') networks = models.get_user_networks(current_user.id) elif section == const.SEC_ACLS: faddentry = AddCALEntryForm(prefix='add-entry-f').new( current_user.id) can_acl = models.get_count_user_networks(current_user.id) > 0 acls = {'W': models.get_entries('W', current_user.id), 'B': models.get_entries('B', current_user.id)} elif section == const.SEC_SCANS: can_manage = models.get_count_user_networks(current_user.id) > 0 if can_manage: buoys = [] for api_id in models.get_user_api_keys(current_user.id): temp = models.get_api_key(api_id) if temp: temp_net = models.get_network(temp['network']) if temp_net: buoys.append({'id': api_id, 'netname': temp_net['name'], 'netid': temp_net['id'], 'status': temp['status'], 'host': temp_net['address'], 'lastscan': temp['lastscan'], 'generated': temp['generated'], 'key': temp['key']}) elif section == const.SEC_STATS: pass else: abort(404) return render_template('dashboard.html', section=section, events=events, lastkey=lastkey, cves=alerts, nets=networks, acls=acls, canacl=can_acl, scans=scans, stats=stats, hosts=hosts, vulns=vulns, faddnet=faddnet, faddentry=faddentry, faddhost=faddhost, can_manage=can_manage, net_buoys=buoys) elif request.method == 'POST': neterrors, entryerrors, entryneterror, entryincon = (False, ) * 4 hosterrors = False if section == const.SEC_NETWORKS: faddnet = AddNetworkForm(request.form, prefix='add-net-f') if faddnet.validate_on_submit(): nname = faddnet.name.data ipaddress = faddnet.ipaddress.data models.set_network(current_user.id, nname, '', '', '', '', ipaddress, '', '', '') else: neterrors = True networks = models.get_user_networks(current_user.id) elif section == const.SEC_ALERTS: faddhost = AddHostForm(request.form, prefix='add-host-f') if faddhost.validate_on_submit(): hname = faddhost.name.data hservices = faddhost.services.data hservices = hservices.split(',') hservs_clean = [x.strip() for x in hservices] models.set_host(current_user.id, hname.strip(), hservs_clean) hosts = models.get_user_hosts(current_user.id) else: hosterrors = True alerts, hosts, vulns = _get_sec_alerts() elif section == const.SEC_ACLS: faddentry = AddCALEntryForm(request.form, prefix='add-entry-f').new( current_user.id) can_acl = models.get_count_user_networks(current_user.id) > 0 networks = faddentry.networks.data mac = (faddentry.mac.data).lower() list_type = faddentry.type.data if faddentry.validate_on_submit() and networks and len(networks) > 0: entryincon = models.save_entry(current_user.id, list_type, '', mac, '', networks) entryincon = not entryincon # the method returned consistent else: entryneterror = len(networks) == 0 entryerrors = True acls = {'W': models.get_entries('W', current_user.id), 'B': models.get_entries('B', current_user.id)} return render_template('dashboard.html', section=section, events=events, lastkey=lastkey, cves=alerts, nets=networks, acls=acls, canacl=can_acl, scans=scans, stats=stats, hosts=hosts, vulns=vulns, faddhost=faddhost, hosterrors=hosterrors, faddnet=faddnet, neterrors=neterrors, faddentry=faddentry, entryerrors=entryerrors, entryneterror=entryneterror, inconsistent=entryincon) elif request.method == 'DELETE': if section == const.SEC_NETWORKS: if id is not None and len(id) > 0: models.delete_network(current_user.id, id) networks = models.get_user_networks(current_user.id) elif section == const.SEC_ALERTS: if id is not None and len(id) > 0: models.delete_host(current_user.id, id) hosts = models.get_user_hosts(current_user.id) elif section == const.SEC_ACLS: if id is not None and len(id) > 0: models.delete_entry(current_user.id, id) acls = {'W': models.get_entries('W', current_user.id), 'B': models.get_entries('B', current_user.id)} return render_template('dashboard.html', section=section, events=events, lastkey=lastkey, cves=alerts, nets=networks, acls=acls, canacl=can_acl, scans=scans, stats=stats, hosts=hosts, vulns=vulns, faddhost=AddHostForm(prefix='add-host-f'), faddnet=AddNetworkForm(prefix='add-net-f'), faddentry=AddCALEntryForm( prefix='add-entry-f').new(current_user.id))