class SearchResult(RestBase): def __init__(self): RestBase.__init__(self) self.event = None self.object = None self.observable = None self.attribute = None self.report = None self.reference = None def populate(self, json): item = json['event'] self.event = Event() self.event.populate(item) # Check if not a report if json.get('report', None) or json.get('reference', None): item = json.get('report', None) if item: self.report = Report() self.report.populate(item) item = json.get('reference', None) if item: self.reference = Reference() self.reference.populate(item) else: item = json.get('observable', None) if item: self.observable = Observable() self.observable.populate(item) item = json.get('object', None) if item: self.object = Object() self.object.populate(item) item = json.get('attribute', None) if item: self.attribute = Attribute() self.attribute.populate(item)
def populate(self, json): self.identifier = json.get('identifier', None) self.title = json.get('title', None) self.description = json.get('description', None) self.risk = json.get('risk', 'Undefined').title() self.status = json.get('status', 'Draft').title() self.tlp = json.get('tlp', 'Amber').title() self.analysis = json.get('analysis', 'Unknown').title() self.properties.populate(json.get('properties', Properties('0'))) published = json.get('published', False) if published: if published == '1' or published == 1: published = True elif published == '0' or published == 0: published = True self.properties.is_shareable = published observables = json.get('observables', list()) if observables: for observable in observables: obs = Observable() obs.populate(observable) self.observables.append(obs) indicators = json.get('indicators', list()) if indicators: for indicator in indicators: ind = Indicator() ind.populate(indicator) self.indicators.append(ind) modifier_group = json.get('modifier_group', None) if modifier_group: cg_instance = Group() cg_instance.populate(modifier_group) self.modifier = cg_instance originating_group = json.get('originating_group', None) if originating_group: cg_instance = Group() cg_instance.populate(originating_group) self.originating_group = cg_instance creator_group = json.get('creator_group', None) if creator_group: cg_instance = Group() cg_instance.populate(creator_group) self.creator_group = cg_instance created_at = json.get('created_at', None) if created_at: self.created_at = strings.stringToDateTime(created_at) modified_on = json.get('modified_on', None) if modified_on: self.modified_on = strings.stringToDateTime(modified_on) first_seen = json.get('first_seen', None) if first_seen: self.first_seen = strings.stringToDateTime(first_seen) last_seen = json.get('last_seen', None) if last_seen: self.last_seen = strings.stringToDateTime(last_seen) reports = json.get('reports', None) if reports: for report in reports: report_instacne = Report() report_instacne.populate(report) self.reports.append(report_instacne) comments = json.get('comments', None) if comments: for comment in comments: comment_instacne = Comment() comment_instacne.populate(comment) self.comments.append(comment_instacne) permissions = json.get('groups', None) if permissions: for permission in permissions: event_permission = EventGroupPermission() event_permission.populate(permission)