def add(template=None): logging_prefix = logger_prefix + "add({}) - ".format(template) log.info(logging_prefix + "Starting") error = None try: form = forms.reportForm(request.form) search_form = forms.searchForm() if request.method == "POST": # trick the form validation into working with our dynamic drop downs for sub_form in form.report_class: sub_form.a_id.choices = fetch_child_data("tpx_classification", sub_form.a_family.data) # convert the field that lists the related_element_choices # choices = [] # rec = json.loads(form.related_element_choices.data) # for k,v in rec.items(): # choices.append((v,k)) if form.validate(): log.info(logging_prefix + "Add Detected") # create a ttp id report_id = str(uuid.uuid4()) # convert the form to ES format form_to_es(form, report_id) # rebuild the form from ES form, editors = es_to_form(report_id) flash( Markup( '<a href="/report/view/' + report_id + '" style="text-decoration:none; color:#3c763d;">New Report Successfully Added. Click here to view this Report</a>' ), "success", ) else: # if there was an error print the error dictionary to the console # temporary help, these should also appear under the form field print(form.errors) elif template: form, editors = es_to_form(template) else: # populate certain fields with default data form.report_class[0].a_family.data = "Actors" form.report_class[0].a_id.choices = fetch_child_data("tpx_classification", "Actors") except Exception as e: error = "There was an error completing your request. Details: {}".format(e) flash(error, "danger") log.exception(logging_prefix + error) form = forms.reportForm() return render_template("report.html", page_title="Add New Report", role="ADD", form=form, search_form=search_form)
def edit(report_id): logging_prefix = logger_prefix + "edit({}) - ".format(report_id) log.info(logging_prefix + "Starting") error = None try: search_form = forms.searchForm() editors = None if request.method == "POST": form = forms.reportForm(request.form) # trick the form validation into working with our dynamic drop downs for sub_form in form.report_class: sub_form.a_id.choices = fetch_child_data("tpx_classification", sub_form.a_family.data) # convert the field that lists the related_element_choices # choices = [] # rec = json.loads(form.related_element_choices.data) # for k,v in rec.items(): # choices.append((v,k)) if form.validate(): log.info(logging_prefix + "Edit Detected") # convert the form to ES format form_to_es(form, report_id) # rebuild the form from ES form, editors = es_to_form(report_id) flash("Report Update Successful!", "success") else: # if there was an error print the error dictionary to the console # temporary help, these should also appear under the form field print(form.errors) else: form, editors = es_to_form(report_id) except Exception as e: error = "There was an error completing your request. Details: {}".format(e) flash(error, "danger") log.exception(logging_prefix + error) form = forms.reportForm() # render the template, passing the variables we need # templates live in the templates folder return render_template( "report.html", page_title="Edit Report", role="EDIT", report_id=report_id, form=form, editors=editors, search_form=search_form, )
def edit(report_id): logging_prefix = logger_prefix + "edit({}) - ".format(report_id) log.info(logging_prefix + "Starting") error = None try: search_form = forms.searchForm() editors = None if request.method == 'POST': form = forms.reportForm(request.form) #trick the form validation into working with our dynamic drop downs for sub_form in form.report_class: sub_form.a_id.choices = fetch_child_data( 'tpx_classification', sub_form.a_family.data) #convert the field that lists the related_element_choices #choices = [] #rec = json.loads(form.related_element_choices.data) #for k,v in rec.items(): #choices.append((v,k)) if form.validate(): log.info(logging_prefix + "Edit Detected") #convert the form to ES format form_to_es(form, report_id) #rebuild the form from ES form, editors = es_to_form(report_id) flash("Report Update Successful!", "success") else: #if there was an error print the error dictionary to the console # temporary help, these should also appear under the form field print(form.errors) else: form, editors = es_to_form(report_id) except Exception as e: error = "There was an error completing your request. Details: {}".format( e) flash(error, 'danger') log.exception(logging_prefix + error) form = forms.reportForm() #render the template, passing the variables we need # templates live in the templates folder return render_template("report.html", page_title="Edit Report", role="EDIT", report_id=report_id, form=form, editors=editors, search_form=search_form)
def view(report_id): logging_prefix = logger_prefix + "view({}) - ".format(report_id) log.info(logging_prefix + "Starting") editors = None try: form, editors = es_to_form(report_id) search_form = forms.searchForm() except Exception as e: error = "There was an error completing your request. Details: {}".format(e) flash(error, "danger") log.exception(logging_prefix + error) form = forms.reportForm() # render the template, passing the variables we need # templates live in the templates folder return render_template( "report.html", page_title="View Report", role="VIEW", report_id=report_id, form=form, editors=editors, search_form=search_form, )
def view(report_id): logging_prefix = logger_prefix + "view({}) - ".format(report_id) log.info(logging_prefix + "Starting") editors = None try: form, editors = es_to_form(report_id) search_form = forms.searchForm() except Exception as e: error = "There was an error completing your request. Details: {}".format( e) flash(error, 'danger') log.exception(logging_prefix + error) form = forms.reportForm() #render the template, passing the variables we need # templates live in the templates folder return render_template("report.html", page_title="View Report", role="VIEW", report_id=report_id, form=form, editors=editors, search_form=search_form)
def es_to_form(report_id): form = forms.reportForm() # get the values from ES results = get_es().get(ES_PREFIX + "threat_reports", doc_type="report", id=report_id) # store certain fields from ES, so this form can be used in an update form.doc_index.data = results["_index"] form.doc_type.data = results["_type"] report_data = results["_source"] form.report_name.data = report_data["name"] form.report_id.data = report_data["identifier"] form.report_occurred_at.data = datetime.strptime(report_data["created_s"], "%Y-%m-%dT%H:%M:%S") form.report_description.data = report_data["description"] form.report_criticality.data = report_data["criticality"] idx = 0 for entry in range(len(form.report_class.entries)): form.report_class.pop_entry() for i in multikeysort(report_data["classification"], ["family", "id"]): report_class_form = forms.TPXClassificationForm() report_class_form.a_family = i["family"] report_class_form.a_id = i["id"] form.report_class.append_entry(report_class_form) # set the options since this select is dynamic form.report_class[idx].a_id.choices = fetch_child_data("tpx_classification", i["family"]) idx += 1 form.report_tlp.data = int(report_data["tlp"]) for entry in range(len(form.report_sections.entries)): form.report_sections.pop_entry() for i in multikeysort(report_data["section"], ["order"]): report_section_form = forms.ReportSectionsForm() report_section_form.title = i["title"] report_section_form.tlp = i["tlp"] report_section_form.text = i["content"] form.report_sections.append_entry(report_section_form) form.report_source_reliability.data = report_data["source_reliability"] form.report_info_reliability.data = report_data["info_reliability"] for entry in range(len(form.report_sources.entries)): form.report_sources.pop_entry() for i in sorted(report_data["source"]): report_source_form = forms.ReportSourcesForm() report_source_form.source = i form.report_sources.append_entry(report_source_form) """ Related element """ for entry in range(len(form.report_actors.entries)): form.report_actors.pop_entry() if report_data["related_actor"]: idx = 0 for i in multikeysort(report_data["related_actor"], ["name", "id"]): sub_form = forms.RelatedActorsForm() sub_form.data = i["id"] + ":::" + i["name"] has_related_elements = False idx2 = 0 for entry in range(len(sub_form.related_elements.entries)): sub_form.related_elements.pop_entry() for j in multikeysort(report_data["related_element_choices"], ["display_text"]): sub_sub_form = forms.ElementObservablesFrom() sub_form.related_elements.append_entry(sub_sub_form) is_related = j["value"] in i["elements"] sub_form.related_elements[idx2].element = is_related sub_form.related_elements[idx2].element_value = j["value"] sub_form.related_elements[idx2].element_text = j["display_text"] if is_related: has_related_elements = True idx2 += 1 form.report_actors.append_entry(sub_form) form.report_actors[idx].has_related_elements.data = has_related_elements idx += 1 else: sub_form = forms.RelatedActorsForm() sub_form.data = "_NONE_" form.report_actors.append_entry(sub_form) for entry in range(len(form.report_reports.entries)): form.report_reports.pop_entry() if report_data["related_report"]: idx = 0 for i in multikeysort(report_data["related_report"], ["name", "id"]): sub_form = forms.RelatedReportsForm() sub_form.data = i["id"] + ":::" + i["name"] has_related_elements = False idx2 = 0 for entry in range(len(sub_form.related_elements.entries)): sub_form.related_elements.pop_entry() for j in multikeysort(report_data["related_element_choices"], ["display_text"]): sub_sub_form = forms.ElementObservablesFrom() sub_form.related_elements.append_entry(sub_sub_form) is_related = j["value"] in i["elements"] sub_form.related_elements[idx2].element = is_related sub_form.related_elements[idx2].element_value = j["value"] sub_form.related_elements[idx2].element_text = j["display_text"] if is_related: has_related_elements = True idx2 += 1 form.report_reports.append_entry(sub_form) form.report_reports[idx].has_related_elements.data = has_related_elements idx += 1 else: sub_form = forms.RelatedReportsForm() sub_form.data = "_NONE_" form.report_reports.append_entry(sub_form) for entry in range(len(form.report_ttps.entries)): form.report_ttps.pop_entry() if report_data["related_ttp"]: idx = 0 for i in multikeysort(report_data["related_ttp"], ["name", "id"]): sub_form = forms.RelatedTTPsForm() sub_form.data = i["id"] + ":::" + i["name"] has_related_elements = False idx2 = 0 for entry in range(len(sub_form.related_elements.entries)): sub_form.related_elements.pop_entry() for j in multikeysort(report_data["related_element_choices"], ["display_text"]): sub_sub_form = forms.ElementObservablesFrom() sub_form.related_elements.append_entry(sub_sub_form) is_related = j["value"] in i["elements"] sub_form.related_elements[idx2].element = is_related sub_form.related_elements[idx2].element_value = j["value"] sub_form.related_elements[idx2].element_text = j["display_text"] if is_related: has_related_elements = True idx2 += 1 form.report_ttps.append_entry(sub_form) form.report_ttps[idx].has_related_elements.data = has_related_elements idx += 1 else: sub_form = forms.RelatedTTPsForm() sub_form.data = "_NONE_" form.report_ttps.append_entry(sub_form) # convert editor dictionary of ids and times to names and times editors = get_editor_names(get_mysql(), report_data["editor"]) return form, editors
def add(template=None): logging_prefix = logger_prefix + "add({}) - ".format(template) log.info(logging_prefix + "Starting") error = None try: form = forms.reportForm(request.form) search_form = forms.searchForm() if request.method == 'POST': #trick the form validation into working with our dynamic drop downs for sub_form in form.report_class: sub_form.a_id.choices = fetch_child_data( 'tpx_classification', sub_form.a_family.data) #convert the field that lists the related_element_choices #choices = [] #rec = json.loads(form.related_element_choices.data) #for k,v in rec.items(): #choices.append((v,k)) if form.validate(): log.info(logging_prefix + "Add Detected") #create a ttp id report_id = str(uuid.uuid4()) #convert the form to ES format form_to_es(form, report_id) #rebuild the form from ES form, editors = es_to_form(report_id) flash( Markup( '<a href="/report/view/' + report_id + '" style="text-decoration:none; color:#3c763d;">New Report Successfully Added. Click here to view this Report</a>' ), "success") else: #if there was an error print the error dictionary to the console # temporary help, these should also appear under the form field print(form.errors) elif template: form, editors = es_to_form(template) else: #populate certain fields with default data form.report_class[0].a_family.data = 'Actors' form.report_class[0].a_id.choices = fetch_child_data( 'tpx_classification', 'Actors') except Exception as e: error = "There was an error completing your request. Details: {}".format( e) flash(error, 'danger') log.exception(logging_prefix + error) form = forms.reportForm() return render_template("report.html", page_title="Add New Report", role="ADD", form=form, search_form=search_form)
def es_to_form(report_id): form = forms.reportForm() #get the values from ES results = get_es().get(ES_PREFIX + "threat_reports", doc_type="report", id=report_id) #store certain fields from ES, so this form can be used in an update form.doc_index.data = results['_index'] form.doc_type.data = results['_type'] report_data = results['_source'] form.report_name.data = report_data['name'] form.report_id.data = report_data['identifier'] form.report_occurred_at.data = datetime.strptime(report_data['created_s'], "%Y-%m-%dT%H:%M:%S") form.report_description.data = report_data['description'] form.report_criticality.data = report_data['criticality'] idx = 0 for entry in range(len(form.report_class.entries)): form.report_class.pop_entry() for i in multikeysort(report_data['classification'], ['family', 'id']): report_class_form = forms.TPXClassificationForm() report_class_form.a_family = i['family'] report_class_form.a_id = i['id'] form.report_class.append_entry(report_class_form) #set the options since this select is dynamic form.report_class[idx].a_id.choices = fetch_child_data( 'tpx_classification', i['family']) idx += 1 form.report_tlp.data = int(report_data['tlp']) for entry in range(len(form.report_sections.entries)): form.report_sections.pop_entry() for i in multikeysort(report_data['section'], ['order']): report_section_form = forms.ReportSectionsForm() report_section_form.title = i['title'] report_section_form.tlp = i['tlp'] report_section_form.text = i['content'] form.report_sections.append_entry(report_section_form) form.report_source_reliability.data = report_data["source_reliability"] form.report_info_reliability.data = report_data["info_reliability"] for entry in range(len(form.report_sources.entries)): form.report_sources.pop_entry() for i in sorted(report_data['source']): report_source_form = forms.ReportSourcesForm() report_source_form.source = i form.report_sources.append_entry(report_source_form) ''' Related element ''' for entry in range(len(form.report_actors.entries)): form.report_actors.pop_entry() if report_data['related_actor']: idx = 0 for i in multikeysort(report_data['related_actor'], ['name', 'id']): sub_form = forms.RelatedActorsForm() sub_form.data = i['id'] + ":::" + i['name'] has_related_elements = False idx2 = 0 for entry in range(len(sub_form.related_elements.entries)): sub_form.related_elements.pop_entry() for j in multikeysort(report_data['related_element_choices'], ['display_text']): sub_sub_form = forms.ElementObservablesFrom() sub_form.related_elements.append_entry(sub_sub_form) is_related = (j['value'] in i['elements']) sub_form.related_elements[idx2].element = is_related sub_form.related_elements[idx2].element_value = j['value'] sub_form.related_elements[idx2].element_text = j[ 'display_text'] if is_related: has_related_elements = True idx2 += 1 form.report_actors.append_entry(sub_form) form.report_actors[ idx].has_related_elements.data = has_related_elements idx += 1 else: sub_form = forms.RelatedActorsForm() sub_form.data = "_NONE_" form.report_actors.append_entry(sub_form) for entry in range(len(form.report_reports.entries)): form.report_reports.pop_entry() if report_data['related_report']: idx = 0 for i in multikeysort(report_data['related_report'], ['name', 'id']): sub_form = forms.RelatedReportsForm() sub_form.data = i['id'] + ":::" + i['name'] has_related_elements = False idx2 = 0 for entry in range(len(sub_form.related_elements.entries)): sub_form.related_elements.pop_entry() for j in multikeysort(report_data['related_element_choices'], ['display_text']): sub_sub_form = forms.ElementObservablesFrom() sub_form.related_elements.append_entry(sub_sub_form) is_related = (j['value'] in i['elements']) sub_form.related_elements[idx2].element = is_related sub_form.related_elements[idx2].element_value = j['value'] sub_form.related_elements[idx2].element_text = j[ 'display_text'] if is_related: has_related_elements = True idx2 += 1 form.report_reports.append_entry(sub_form) form.report_reports[ idx].has_related_elements.data = has_related_elements idx += 1 else: sub_form = forms.RelatedReportsForm() sub_form.data = "_NONE_" form.report_reports.append_entry(sub_form) for entry in range(len(form.report_ttps.entries)): form.report_ttps.pop_entry() if report_data['related_ttp']: idx = 0 for i in multikeysort(report_data['related_ttp'], ['name', 'id']): sub_form = forms.RelatedTTPsForm() sub_form.data = i['id'] + ":::" + i['name'] has_related_elements = False idx2 = 0 for entry in range(len(sub_form.related_elements.entries)): sub_form.related_elements.pop_entry() for j in multikeysort(report_data['related_element_choices'], ['display_text']): sub_sub_form = forms.ElementObservablesFrom() sub_form.related_elements.append_entry(sub_sub_form) is_related = (j['value'] in i['elements']) sub_form.related_elements[idx2].element = is_related sub_form.related_elements[idx2].element_value = j['value'] sub_form.related_elements[idx2].element_text = j[ 'display_text'] if is_related: has_related_elements = True idx2 += 1 form.report_ttps.append_entry(sub_form) form.report_ttps[ idx].has_related_elements.data = has_related_elements idx += 1 else: sub_form = forms.RelatedTTPsForm() sub_form.data = "_NONE_" form.report_ttps.append_entry(sub_form) #convert editor dictionary of ids and times to names and times editors = get_editor_names(get_mysql(), report_data['editor']) return form, editors