def add(template=None):
logging_prefix = logger_prefix + "add({}) - ".format(template)
log.info(logging_prefix + "Starting")
error = None
try:
form = forms.reportForm(request.form)
search_form = forms.searchForm()
if request.method == "POST":
# trick the form validation into working with our dynamic drop downs
for sub_form in form.report_class:
sub_form.a_id.choices = fetch_child_data("tpx_classification", sub_form.a_family.data)
# convert the field that lists the related_element_choices
# choices = []
# rec = json.loads(form.related_element_choices.data)
# for k,v in rec.items():
# choices.append((v,k))
if form.validate():
log.info(logging_prefix + "Add Detected")
# create a ttp id
report_id = str(uuid.uuid4())
# convert the form to ES format
form_to_es(form, report_id)
# rebuild the form from ES
form, editors = es_to_form(report_id)
flash(
Markup(
'<a href="/report/view/'
+ report_id
+ '" style="text-decoration:none; color:#3c763d;">New Report Successfully Added. Click here to view this Report</a>'
),
"success",
)
else:
# if there was an error print the error dictionary to the console
# temporary help, these should also appear under the form field
print(form.errors)
elif template:
form, editors = es_to_form(template)
else:
# populate certain fields with default data
form.report_class[0].a_family.data = "Actors"
form.report_class[0].a_id.choices = fetch_child_data("tpx_classification", "Actors")
except Exception as e:
error = "There was an error completing your request. Details: {}".format(e)
flash(error, "danger")
log.exception(logging_prefix + error)
form = forms.reportForm()
return render_template("report.html", page_title="Add New Report", role="ADD", form=form, search_form=search_form)
def edit(report_id):
logging_prefix = logger_prefix + "edit({}) - ".format(report_id)
log.info(logging_prefix + "Starting")
error = None
try:
search_form = forms.searchForm()
editors = None
if request.method == "POST":
form = forms.reportForm(request.form)
# trick the form validation into working with our dynamic drop downs
for sub_form in form.report_class:
sub_form.a_id.choices = fetch_child_data("tpx_classification", sub_form.a_family.data)
# convert the field that lists the related_element_choices
# choices = []
# rec = json.loads(form.related_element_choices.data)
# for k,v in rec.items():
# choices.append((v,k))
if form.validate():
log.info(logging_prefix + "Edit Detected")
# convert the form to ES format
form_to_es(form, report_id)
# rebuild the form from ES
form, editors = es_to_form(report_id)
flash("Report Update Successful!", "success")
else:
# if there was an error print the error dictionary to the console
# temporary help, these should also appear under the form field
print(form.errors)
else:
form, editors = es_to_form(report_id)
except Exception as e:
error = "There was an error completing your request. Details: {}".format(e)
flash(error, "danger")
log.exception(logging_prefix + error)
form = forms.reportForm()
# render the template, passing the variables we need
# templates live in the templates folder
return render_template(
"report.html",
page_title="Edit Report",
role="EDIT",
report_id=report_id,
form=form,
editors=editors,
search_form=search_form,
)
def edit(report_id):
logging_prefix = logger_prefix + "edit({}) - ".format(report_id)
log.info(logging_prefix + "Starting")
error = None
try:
search_form = forms.searchForm()
editors = None
if request.method == 'POST':
form = forms.reportForm(request.form)
#trick the form validation into working with our dynamic drop downs
for sub_form in form.report_class:
sub_form.a_id.choices = fetch_child_data(
'tpx_classification', sub_form.a_family.data)
#convert the field that lists the related_element_choices
#choices = []
#rec = json.loads(form.related_element_choices.data)
#for k,v in rec.items():
#choices.append((v,k))
if form.validate():
log.info(logging_prefix + "Edit Detected")
#convert the form to ES format
form_to_es(form, report_id)
#rebuild the form from ES
form, editors = es_to_form(report_id)
flash("Report Update Successful!", "success")
else:
#if there was an error print the error dictionary to the console
# temporary help, these should also appear under the form field
print(form.errors)
else:
form, editors = es_to_form(report_id)
except Exception as e:
error = "There was an error completing your request. Details: {}".format(
e)
flash(error, 'danger')
log.exception(logging_prefix + error)
form = forms.reportForm()
#render the template, passing the variables we need
# templates live in the templates folder
return render_template("report.html",
page_title="Edit Report",
role="EDIT",
report_id=report_id,
form=form,
editors=editors,
search_form=search_form)
def view(report_id):
logging_prefix = logger_prefix + "view({}) - ".format(report_id)
log.info(logging_prefix + "Starting")
editors = None
try:
form, editors = es_to_form(report_id)
search_form = forms.searchForm()
except Exception as e:
error = "There was an error completing your request. Details: {}".format(e)
flash(error, "danger")
log.exception(logging_prefix + error)
form = forms.reportForm()
# render the template, passing the variables we need
# templates live in the templates folder
return render_template(
"report.html",
page_title="View Report",
role="VIEW",
report_id=report_id,
form=form,
editors=editors,
search_form=search_form,
)
def view(report_id):
logging_prefix = logger_prefix + "view({}) - ".format(report_id)
log.info(logging_prefix + "Starting")
editors = None
try:
form, editors = es_to_form(report_id)
search_form = forms.searchForm()
except Exception as e:
error = "There was an error completing your request. Details: {}".format(
e)
flash(error, 'danger')
log.exception(logging_prefix + error)
form = forms.reportForm()
#render the template, passing the variables we need
# templates live in the templates folder
return render_template("report.html",
page_title="View Report",
role="VIEW",
report_id=report_id,
form=form,
editors=editors,
search_form=search_form)
def es_to_form(report_id):
form = forms.reportForm()
# get the values from ES
results = get_es().get(ES_PREFIX + "threat_reports", doc_type="report", id=report_id)
# store certain fields from ES, so this form can be used in an update
form.doc_index.data = results["_index"]
form.doc_type.data = results["_type"]
report_data = results["_source"]
form.report_name.data = report_data["name"]
form.report_id.data = report_data["identifier"]
form.report_occurred_at.data = datetime.strptime(report_data["created_s"], "%Y-%m-%dT%H:%M:%S")
form.report_description.data = report_data["description"]
form.report_criticality.data = report_data["criticality"]
idx = 0
for entry in range(len(form.report_class.entries)):
form.report_class.pop_entry()
for i in multikeysort(report_data["classification"], ["family", "id"]):
report_class_form = forms.TPXClassificationForm()
report_class_form.a_family = i["family"]
report_class_form.a_id = i["id"]
form.report_class.append_entry(report_class_form)
# set the options since this select is dynamic
form.report_class[idx].a_id.choices = fetch_child_data("tpx_classification", i["family"])
idx += 1
form.report_tlp.data = int(report_data["tlp"])
for entry in range(len(form.report_sections.entries)):
form.report_sections.pop_entry()
for i in multikeysort(report_data["section"], ["order"]):
report_section_form = forms.ReportSectionsForm()
report_section_form.title = i["title"]
report_section_form.tlp = i["tlp"]
report_section_form.text = i["content"]
form.report_sections.append_entry(report_section_form)
form.report_source_reliability.data = report_data["source_reliability"]
form.report_info_reliability.data = report_data["info_reliability"]
for entry in range(len(form.report_sources.entries)):
form.report_sources.pop_entry()
for i in sorted(report_data["source"]):
report_source_form = forms.ReportSourcesForm()
report_source_form.source = i
form.report_sources.append_entry(report_source_form)
"""
Related element
"""
for entry in range(len(form.report_actors.entries)):
form.report_actors.pop_entry()
if report_data["related_actor"]:
idx = 0
for i in multikeysort(report_data["related_actor"], ["name", "id"]):
sub_form = forms.RelatedActorsForm()
sub_form.data = i["id"] + ":::" + i["name"]
has_related_elements = False
idx2 = 0
for entry in range(len(sub_form.related_elements.entries)):
sub_form.related_elements.pop_entry()
for j in multikeysort(report_data["related_element_choices"], ["display_text"]):
sub_sub_form = forms.ElementObservablesFrom()
sub_form.related_elements.append_entry(sub_sub_form)
is_related = j["value"] in i["elements"]
sub_form.related_elements[idx2].element = is_related
sub_form.related_elements[idx2].element_value = j["value"]
sub_form.related_elements[idx2].element_text = j["display_text"]
if is_related:
has_related_elements = True
idx2 += 1
form.report_actors.append_entry(sub_form)
form.report_actors[idx].has_related_elements.data = has_related_elements
idx += 1
else:
sub_form = forms.RelatedActorsForm()
sub_form.data = "_NONE_"
form.report_actors.append_entry(sub_form)
for entry in range(len(form.report_reports.entries)):
form.report_reports.pop_entry()
if report_data["related_report"]:
idx = 0
for i in multikeysort(report_data["related_report"], ["name", "id"]):
sub_form = forms.RelatedReportsForm()
sub_form.data = i["id"] + ":::" + i["name"]
has_related_elements = False
idx2 = 0
for entry in range(len(sub_form.related_elements.entries)):
sub_form.related_elements.pop_entry()
for j in multikeysort(report_data["related_element_choices"], ["display_text"]):
sub_sub_form = forms.ElementObservablesFrom()
sub_form.related_elements.append_entry(sub_sub_form)
is_related = j["value"] in i["elements"]
sub_form.related_elements[idx2].element = is_related
sub_form.related_elements[idx2].element_value = j["value"]
sub_form.related_elements[idx2].element_text = j["display_text"]
if is_related:
has_related_elements = True
idx2 += 1
form.report_reports.append_entry(sub_form)
form.report_reports[idx].has_related_elements.data = has_related_elements
idx += 1
else:
sub_form = forms.RelatedReportsForm()
sub_form.data = "_NONE_"
form.report_reports.append_entry(sub_form)
for entry in range(len(form.report_ttps.entries)):
form.report_ttps.pop_entry()
if report_data["related_ttp"]:
idx = 0
for i in multikeysort(report_data["related_ttp"], ["name", "id"]):
sub_form = forms.RelatedTTPsForm()
sub_form.data = i["id"] + ":::" + i["name"]
has_related_elements = False
idx2 = 0
for entry in range(len(sub_form.related_elements.entries)):
sub_form.related_elements.pop_entry()
for j in multikeysort(report_data["related_element_choices"], ["display_text"]):
sub_sub_form = forms.ElementObservablesFrom()
sub_form.related_elements.append_entry(sub_sub_form)
is_related = j["value"] in i["elements"]
sub_form.related_elements[idx2].element = is_related
sub_form.related_elements[idx2].element_value = j["value"]
sub_form.related_elements[idx2].element_text = j["display_text"]
if is_related:
has_related_elements = True
idx2 += 1
form.report_ttps.append_entry(sub_form)
form.report_ttps[idx].has_related_elements.data = has_related_elements
idx += 1
else:
sub_form = forms.RelatedTTPsForm()
sub_form.data = "_NONE_"
form.report_ttps.append_entry(sub_form)
# convert editor dictionary of ids and times to names and times
editors = get_editor_names(get_mysql(), report_data["editor"])
return form, editors
def add(template=None):
logging_prefix = logger_prefix + "add({}) - ".format(template)
log.info(logging_prefix + "Starting")
error = None
try:
form = forms.reportForm(request.form)
search_form = forms.searchForm()
if request.method == 'POST':
#trick the form validation into working with our dynamic drop downs
for sub_form in form.report_class:
sub_form.a_id.choices = fetch_child_data(
'tpx_classification', sub_form.a_family.data)
#convert the field that lists the related_element_choices
#choices = []
#rec = json.loads(form.related_element_choices.data)
#for k,v in rec.items():
#choices.append((v,k))
if form.validate():
log.info(logging_prefix + "Add Detected")
#create a ttp id
report_id = str(uuid.uuid4())
#convert the form to ES format
form_to_es(form, report_id)
#rebuild the form from ES
form, editors = es_to_form(report_id)
flash(
Markup(
'<a href="/report/view/' + report_id +
'" style="text-decoration:none; color:#3c763d;">New Report Successfully Added. Click here to view this Report</a>'
), "success")
else:
#if there was an error print the error dictionary to the console
# temporary help, these should also appear under the form field
print(form.errors)
elif template:
form, editors = es_to_form(template)
else:
#populate certain fields with default data
form.report_class[0].a_family.data = 'Actors'
form.report_class[0].a_id.choices = fetch_child_data(
'tpx_classification', 'Actors')
except Exception as e:
error = "There was an error completing your request. Details: {}".format(
e)
flash(error, 'danger')
log.exception(logging_prefix + error)
form = forms.reportForm()
return render_template("report.html",
page_title="Add New Report",
role="ADD",
form=form,
search_form=search_form)
def es_to_form(report_id):
form = forms.reportForm()
#get the values from ES
results = get_es().get(ES_PREFIX + "threat_reports",
doc_type="report",
id=report_id)
#store certain fields from ES, so this form can be used in an update
form.doc_index.data = results['_index']
form.doc_type.data = results['_type']
report_data = results['_source']
form.report_name.data = report_data['name']
form.report_id.data = report_data['identifier']
form.report_occurred_at.data = datetime.strptime(report_data['created_s'],
"%Y-%m-%dT%H:%M:%S")
form.report_description.data = report_data['description']
form.report_criticality.data = report_data['criticality']
idx = 0
for entry in range(len(form.report_class.entries)):
form.report_class.pop_entry()
for i in multikeysort(report_data['classification'], ['family', 'id']):
report_class_form = forms.TPXClassificationForm()
report_class_form.a_family = i['family']
report_class_form.a_id = i['id']
form.report_class.append_entry(report_class_form)
#set the options since this select is dynamic
form.report_class[idx].a_id.choices = fetch_child_data(
'tpx_classification', i['family'])
idx += 1
form.report_tlp.data = int(report_data['tlp'])
for entry in range(len(form.report_sections.entries)):
form.report_sections.pop_entry()
for i in multikeysort(report_data['section'], ['order']):
report_section_form = forms.ReportSectionsForm()
report_section_form.title = i['title']
report_section_form.tlp = i['tlp']
report_section_form.text = i['content']
form.report_sections.append_entry(report_section_form)
form.report_source_reliability.data = report_data["source_reliability"]
form.report_info_reliability.data = report_data["info_reliability"]
for entry in range(len(form.report_sources.entries)):
form.report_sources.pop_entry()
for i in sorted(report_data['source']):
report_source_form = forms.ReportSourcesForm()
report_source_form.source = i
form.report_sources.append_entry(report_source_form)
'''
Related element
'''
for entry in range(len(form.report_actors.entries)):
form.report_actors.pop_entry()
if report_data['related_actor']:
idx = 0
for i in multikeysort(report_data['related_actor'], ['name', 'id']):
sub_form = forms.RelatedActorsForm()
sub_form.data = i['id'] + ":::" + i['name']
has_related_elements = False
idx2 = 0
for entry in range(len(sub_form.related_elements.entries)):
sub_form.related_elements.pop_entry()
for j in multikeysort(report_data['related_element_choices'],
['display_text']):
sub_sub_form = forms.ElementObservablesFrom()
sub_form.related_elements.append_entry(sub_sub_form)
is_related = (j['value'] in i['elements'])
sub_form.related_elements[idx2].element = is_related
sub_form.related_elements[idx2].element_value = j['value']
sub_form.related_elements[idx2].element_text = j[
'display_text']
if is_related:
has_related_elements = True
idx2 += 1
form.report_actors.append_entry(sub_form)
form.report_actors[
idx].has_related_elements.data = has_related_elements
idx += 1
else:
sub_form = forms.RelatedActorsForm()
sub_form.data = "_NONE_"
form.report_actors.append_entry(sub_form)
for entry in range(len(form.report_reports.entries)):
form.report_reports.pop_entry()
if report_data['related_report']:
idx = 0
for i in multikeysort(report_data['related_report'], ['name', 'id']):
sub_form = forms.RelatedReportsForm()
sub_form.data = i['id'] + ":::" + i['name']
has_related_elements = False
idx2 = 0
for entry in range(len(sub_form.related_elements.entries)):
sub_form.related_elements.pop_entry()
for j in multikeysort(report_data['related_element_choices'],
['display_text']):
sub_sub_form = forms.ElementObservablesFrom()
sub_form.related_elements.append_entry(sub_sub_form)
is_related = (j['value'] in i['elements'])
sub_form.related_elements[idx2].element = is_related
sub_form.related_elements[idx2].element_value = j['value']
sub_form.related_elements[idx2].element_text = j[
'display_text']
if is_related:
has_related_elements = True
idx2 += 1
form.report_reports.append_entry(sub_form)
form.report_reports[
idx].has_related_elements.data = has_related_elements
idx += 1
else:
sub_form = forms.RelatedReportsForm()
sub_form.data = "_NONE_"
form.report_reports.append_entry(sub_form)
for entry in range(len(form.report_ttps.entries)):
form.report_ttps.pop_entry()
if report_data['related_ttp']:
idx = 0
for i in multikeysort(report_data['related_ttp'], ['name', 'id']):
sub_form = forms.RelatedTTPsForm()
sub_form.data = i['id'] + ":::" + i['name']
has_related_elements = False
idx2 = 0
for entry in range(len(sub_form.related_elements.entries)):
sub_form.related_elements.pop_entry()
for j in multikeysort(report_data['related_element_choices'],
['display_text']):
sub_sub_form = forms.ElementObservablesFrom()
sub_form.related_elements.append_entry(sub_sub_form)
is_related = (j['value'] in i['elements'])
sub_form.related_elements[idx2].element = is_related
sub_form.related_elements[idx2].element_value = j['value']
sub_form.related_elements[idx2].element_text = j[
'display_text']
if is_related:
has_related_elements = True
idx2 += 1
form.report_ttps.append_entry(sub_form)
form.report_ttps[
idx].has_related_elements.data = has_related_elements
idx += 1
else:
sub_form = forms.RelatedTTPsForm()
sub_form.data = "_NONE_"
form.report_ttps.append_entry(sub_form)
#convert editor dictionary of ids and times to names and times
editors = get_editor_names(get_mysql(), report_data['editor'])
return form, editors
