コード例 #1
0
ファイル: handlers.py プロジェクト: 0x3a/crits
def remove_attribution(id_, identifier=None, user=None, **kwargs):
    """
    Remove an attributed identifier.

    :param id_: The ObjectId of the Actor.
    :param identifier: The Actor Identifier ObjectId.
    :type identifier: str
    :param user: The user removing this attribution.
    :type user: str
    :returns: dict with keys:
              "success" (boolean),
              "message" (str),
    """

    sources = user_sources(user)
    admin = is_admin(user)
    actor = Actor.objects(id=id_,
                          source__name__in=sources).first()
    if not actor:
        return {'success': False,
                'message': "Could not find actor"}

    actor.remove_attribution(identifier)
    actor.save(username=user)
    actor.reload()
    actor_identifiers = actor.generate_identifiers_list(user)

    html = render_to_string('actor_identifiers_widget.html',
                            {'actor_identifiers': actor_identifiers,
                             'admin': admin,
                             'actor_id': str(actor.id)})

    return {'success': True,
            'message': html}
コード例 #2
0
def remove_action(request, indicator_id):
    """
    Remove an indicator's action. Should be an AJAX POST.

    :param request: Django request object (Required)
    :type request: :class:`django.http.HttpRequest`
    :param indicator_id: The ObjectId of the indicator to update.
    :type indicator_id: str
    :returns: :class:`django.http.HttpResponse`
    """

    if request.method == "POST" and request.is_ajax():
        analyst = request.user.username
        if is_admin(analyst):
            date = datetime.datetime.strptime(request.POST['key'],
                                              settings.PY_DATETIME_FORMAT)
            date = date.replace(microsecond=date.microsecond / 1000 * 1000)
            result = action_remove(indicator_id, date, analyst)
            return HttpResponse(json.dumps(result),
                                mimetype="application/json")
        else:
            error = "You do not have permission to remove this item."
            return render_to_response("error.html", {'error': error},
                                      RequestContext(request))
    return HttpResponse({})
コード例 #3
0
def remove_attribution(id_, identifier=None, user=None, **kwargs):
    """
    Remove an attributed identifier.

    :param id_: The ObjectId of the Actor.
    :param identifier: The Actor Identifier ObjectId.
    :type identifier: str
    :param user: The user removing this attribution.
    :type user: str
    :returns: dict with keys:
              "success" (boolean),
              "message" (str),
    """

    sources = user_sources(user)
    admin = is_admin(user)
    actor = Actor.objects(id=id_, source__name__in=sources).first()
    if not actor:
        return {'success': False, 'message': "Could not find actor"}

    actor.remove_attribution(identifier)
    actor.save(username=user)
    actor.reload()
    actor_identifiers = actor.generate_identifiers_list(user)

    html = render_to_string(
        'actor_identifiers_widget.html', {
            'actor_identifiers': actor_identifiers,
            'admin': admin,
            'actor_id': str(actor.id)
        })

    return {'success': True, 'message': html}
コード例 #4
0
ファイル: views.py プロジェクト: lukw00/crits
def remove_activity(request, indicator_id):
    """
    Remove an indicator's activity. Should be an AJAX POST.

    :param request: Django request object (Required)
    :type request: :class:`django.http.HttpRequest`
    :param indicator_id: The ObjectId of the indicator to update.
    :type indicator_id: str
    :returns: :class:`django.http.HttpResponse`
    """

    if request.method == "POST" and request.is_ajax():
        analyst = request.user.username
        if is_admin(analyst):
            date = datetime.datetime.strptime(request.POST['key'],
                                              settings.PY_DATETIME_FORMAT)
            date = date.replace(microsecond=date.microsecond/1000*1000)
            result = activity_remove(indicator_id, date, analyst)
            return HttpResponse(json.dumps(result),
                                mimetype="application/json")
        else:
            error = "You do not have permission to remove this item."
            return render_to_response("error.html",
                                      {'error': error},
                                      RequestContext(request))
コード例 #5
0
def add_update_action(request, method, indicator_id):
    """
    Add/update an indicator's action. Should be an AJAX POST.

    :param request: Django request object (Required)
    :type request: :class:`django.http.HttpRequest`
    :param method: Whether we are adding or updating.
    :type method: str ("add", "update")
    :param indicator_id: The ObjectId of the indicator to update.
    :type indicator_id: str
    :returns: :class:`django.http.HttpResponse`
    """

    if request.method == "POST" and request.is_ajax():
        username = request.user.username
        form = IndicatorActionsForm(request.POST)
        if form.is_valid():
            data = form.cleaned_data
            add = {
                'action_type':
                data['action_type'],
                'begin_date':
                data['begin_date'] if data['begin_date'] else '',
                'end_date':
                data['end_date'] if data['end_date'] else '',
                'performed_date':
                data['performed_date'] if data['performed_date'] else '',
                'active':
                data['active'],
                'reason':
                data['reason'],
                'analyst':
                username,
            }
            if method == "add":
                add['date'] = datetime.datetime.now()
                result = action_add(indicator_id, add)
            else:
                date = datetime.datetime.strptime(data['date'],
                                                  settings.PY_DATETIME_FORMAT)
                date = date.replace(microsecond=date.microsecond / 1000 * 1000)
                add['date'] = date
                result = action_update(indicator_id, add)
            if 'object' in result:
                result['html'] = render_to_string(
                    'indicators_action_row_widget.html', {
                        'action': result['object'],
                        'admin': is_admin(username),
                        'indicator_id': indicator_id
                    })
            return HttpResponse(json.dumps(result, default=json_handler),
                                mimetype='application/json')
        else:  #invalid form
            return HttpResponse(json.dumps({
                'success': False,
                'form': form.as_table()
            }),
                                mimetype='application/json')
    return HttpResponse({})
コード例 #6
0
def attribute_actor_identifier(id_,
                               identifier_type,
                               identifier=None,
                               confidence="low",
                               user=None,
                               **kwargs):
    """
    Attribute an Actor Identifier to an Actor in CRITs.

    :param id_: The Actor ObjectId.
    :type id_: str
    :param identifier_type: The Actor Identifier Type.
    :type identifier_type: str
    :param identifier: The Actor Identifier.
    :type identifier: str
    :param user: The user attributing this identifier.
    :type user: str
    :returns: dict with keys:
              "success" (boolean),
              "message" (str),
    """

    sources = user_sources(user)
    admin = is_admin(user)
    actor = Actor.objects(id=id_, source__name__in=sources).first()
    if not actor:
        return {'success': False, 'message': "Could not find actor"}

    c = len(actor.identifiers)
    actor.attribute_identifier(identifier_type, identifier, confidence, user)
    actor.save(username=user)
    actor.reload()
    actor_identifiers = actor.generate_identifiers_list(user)

    if len(actor.identifiers) <= c:
        return {
            'success':
            False,
            'message':
            "Invalid data submitted or identifier is already attributed."
        }

    html = render_to_string(
        'actor_identifiers_widget.html', {
            'actor_identifiers': actor_identifiers,
            'admin': admin,
            'actor_id': str(actor.id)
        })

    return {'success': True, 'message': html}
コード例 #7
0
ファイル: views.py プロジェクト: AInquel/crits
def add_update_action(request, method, indicator_id):
    """
    Add/update an indicator's action. Should be an AJAX POST.

    :param request: Django request object (Required)
    :type request: :class:`django.http.HttpRequest`
    :param method: Whether we are adding or updating.
    :type method: str ("add", "update")
    :param indicator_id: The ObjectId of the indicator to update.
    :type indicator_id: str
    :returns: :class:`django.http.HttpResponse`
    """

    if request.method == "POST" and request.is_ajax():
        username = request.user.username
        form = IndicatorActionsForm(request.POST)
        if form.is_valid():
            data = form.cleaned_data
            add = {
                    'action_type': data['action_type'],
                    'begin_date': data['begin_date'] if data['begin_date'] else '',
                    'end_date': data['end_date'] if data['end_date'] else '',
                    'performed_date': data['performed_date'] if data['performed_date'] else '',
                    'active': data['active'],
                    'reason': data['reason'],
                    'analyst': username
                    }
            if method == "add":
                add['date'] = datetime.datetime.now()
                result = action_add(indicator_id, add)
            else:
                date = datetime.datetime.strptime(data['date'],
                                                         settings.PY_DATETIME_FORMAT)
                date = date.replace(microsecond=date.microsecond/1000*1000)
                add['date'] = date
                result = action_update(indicator_id, add)
            if 'object' in result:
                result['html'] = render_to_string('indicators_action_row_widget.html',
                                                  {'action': result['object'],
                                                   'admin': is_admin(username),
                                                   'indicator_id':indicator_id})
            return HttpResponse(json.dumps(result,
                                           default=json_handler),
                                mimetype='application/json')
        else: #invalid form
            return HttpResponse(json.dumps({'success':False,
                                            'form':form.as_table()}),
                                mimetype='application/json')
    return HttpResponse({})
コード例 #8
0
ファイル: handlers.py プロジェクト: cequencer/crits
def delete_signature_dependency(_id, username=None):
    """
    Delete Signature Dependency from CRITs.
    :param _id: The ObjectID of the signature dependency to delete.
    :param username: The user deleting this Signature dependency.
    :return: bool
    """

    if is_admin(username):
        signature_dependency = SignatureDependency.objects(id=_id).first()
        if signature_dependency:
            signature_dependency.delete(username=username)
            return {'success': True}
        else:
            return {'success': False}
    else:
        return {'success': False}
コード例 #9
0
ファイル: handlers.py プロジェクト: mishley/crits
def delete_signature_dependency(_id, username=None):
    """
    Delete Signature Dependency from CRITs.
    :param _id: The ObjectID of the signature dependency to delete.
    :param username: The user deleting this Signature dependency.
    :return: bool
    """

    if is_admin(username):
        signature_dependency = SignatureDependency.objects(id=_id).first()
        if signature_dependency:
            signature_dependency.delete(username=username)
            return {'success': True}
        else:
            return {'success': False}
    else:
       return {'success': False}
コード例 #10
0
ファイル: handlers.py プロジェクト: asealey/crits
def event_remove(_id, username):
    """
    Remove an event from CRITs.

    :param _id: The ObjectId of the Event to remove.
    :type _id: str
    :param username: The user removing this Event.
    :type username: str
    :returns: dict with keys "success" (boolean) and "message" (str)
    """

    if is_admin(username):
        event = Event.objects(id=_id).first()
        if event:
            event.delete(username=username)
        return {'success':True}
    else:
        return {'success':False,'message': 'Need to be admin'}
コード例 #11
0
ファイル: views.py プロジェクト: mishley/crits
def remove_actor(request, id_):
    """
    Remove an Actor.

    :param request: Django request.
    :type request: :class:`django.http.HttpRequest`
    :param id_: The ObjectId of the Actor to remove.
    :type id_: str
    :returns: :class:`django.http.HttpResponse`
    """

    if request.method == "POST":
        if is_admin(request.user):
            actor_remove(id_, request.user.username)
            return HttpResponseRedirect(reverse("crits.actors.views.actors_listing"))
        error = "You do not have permission to remove this item."
        return render_to_response("error.html", {"error": error}, RequestContext(request))
    return render_to_response("error.html", {"error": "Expected AJAX/POST"}, RequestContext(request))
コード例 #12
0
ファイル: handlers.py プロジェクト: kai5263499/crits
def event_remove(_id, username):
    """
    Remove an event from CRITs.

    :param _id: The ObjectId of the Event to remove.
    :type _id: str
    :param username: The user removing this Event.
    :type username: str
    :returns: dict with keys "success" (boolean) and "message" (str)
    """

    if is_admin(username):
        event = Event.objects(id=_id).first()
        if event:
            event.delete(username=username)
        return {'success': True}
    else:
        return {'success': False, 'message': 'Need to be admin'}
コード例 #13
0
ファイル: views.py プロジェクト: echodaemon/crits
def add_update_action(request, method, indicator_id):
    """
    Add/update an indicator's action. Should be an AJAX POST.

    :param request: Django request object (Required)
    :type request: :class:`django.http.HttpRequest`
    :param method: Whether we are adding or updating.
    :type method: str ("add", "update")
    :param indicator_id: The ObjectId of the indicator to update.
    :type indicator_id: str
    :returns: :class:`django.http.HttpResponse`
    """

    if request.method == "POST" and request.is_ajax():
        username = request.user.username
        form = IndicatorActionsForm(request.POST)
        if form.is_valid():
            data = form.cleaned_data
            add = {
                "action_type": data["action_type"],
                "begin_date": data["begin_date"] if data["begin_date"] else "",
                "end_date": data["end_date"] if data["end_date"] else "",
                "performed_date": data["performed_date"] if data["performed_date"] else "",
                "active": data["active"],
                "reason": data["reason"],
                "analyst": username,
            }
            if method == "add":
                add["date"] = datetime.datetime.now()
                result = action_add(indicator_id, add)
            else:
                date = datetime.datetime.strptime(data["date"], settings.PY_DATETIME_FORMAT)
                date = date.replace(microsecond=date.microsecond / 1000 * 1000)
                add["date"] = date
                result = action_update(indicator_id, add)
            if "object" in result:
                result["html"] = render_to_string(
                    "indicators_action_row_widget.html",
                    {"action": result["object"], "admin": is_admin(username), "indicator_id": indicator_id},
                )
            return HttpResponse(json.dumps(result, default=json_handler), mimetype="application/json")
        else:  # invalid form
            return HttpResponse(json.dumps({"success": False, "form": form.as_table()}), mimetype="application/json")
    return HttpResponse({})
コード例 #14
0
def remove_ip(request):
    """
    Remove an IP address. Should be an AJAX POST.

    :param request: Django request.
    :type request: :class:`django.http.HttpRequest`
    :returns: :class:`django.http.HttpResponse`
    """

    if request.method == "POST" and request.is_ajax():
        if is_admin(request.user):
            result = ip_remove(request.POST['key'], request.user.username)
            return HttpResponse(json.dumps(result),
                                content_type="application/json")
        error = 'You do not have permission to remove this item.'
        return render_to_response("error.html", {'error': error},
                                  RequestContext(request))
    return render_to_response('error.html', {'error': 'Expected AJAX/POST'},
                              RequestContext(request))
コード例 #15
0
ファイル: handlers.py プロジェクト: 0x3a/crits
def attribute_actor_identifier(id_, identifier_type, identifier=None,
                               confidence="low", user=None, **kwargs):
    """
    Attribute an Actor Identifier to an Actor in CRITs.

    :param id_: The Actor ObjectId.
    :type id_: str
    :param identifier_type: The Actor Identifier Type.
    :type identifier_type: str
    :param identifier: The Actor Identifier.
    :type identifier: str
    :param user: The user attributing this identifier.
    :type user: str
    :returns: dict with keys:
              "success" (boolean),
              "message" (str),
    """

    sources = user_sources(user)
    admin = is_admin(user)
    actor = Actor.objects(id=id_,
                          source__name__in=sources).first()
    if not actor:
        return {'success': False,
                'message': "Could not find actor"}

    c = len(actor.identifiers)
    actor.attribute_identifier(identifier_type, identifier, confidence, user)
    actor.save(username=user)
    actor.reload()
    actor_identifiers = actor.generate_identifiers_list(user)

    if len(actor.identifiers) <= c:
        return {'success': False,
                'message': "Invalid data submitted or identifier is already attributed."}

    html = render_to_string('actor_identifiers_widget.html',
                            {'actor_identifiers': actor_identifiers,
                             'admin': admin,
                             'actor_id': str(actor.id)})

    return {'success': True,
            'message': html}
コード例 #16
0
ファイル: handlers.py プロジェクト: 971sec/crits
def exploit_remove(id_, username):
    """
    Remove an Exploit from CRITs.

    :param id_: The ObjectId of the Exploit to remove.
    :type id_: str
    :param username: The user removing this Exploit.
    :type username: str
    :returns: dict with keys "success" (boolean) and "message" (str) if failed.
    """

    if is_admin(username):
        exploit = Exploit.objects(id=id_).first()
        if exploit:
            exploit.delete(username=username)
            return {'success': True}
        else:
            return {'success': False, 'message': 'Could not find Exploit.'}
    else:
        return {'success': False, 'message': 'Must be an admin to remove'}
コード例 #17
0
def ip_remove(ip_id, username):
    """
    Remove an IP from CRITs.

    :param ip_id: The ObjectId of the IP to remove.
    :type ip_id: str
    :param username: The user removing this IP.
    :type username: str
    :returns: dict with keys "success" (boolean) and "message" (str) if failed.
    """

    if is_admin(username):
        ip = IP.objects(id=ip_id).first()
        if ip:
            ip.delete(username=username)
            return {'success': True}
        else:
            return {'success':False, 'message':'Could not find IP.'}
    else:
        return {'success':False, 'message': 'Must be an admin to remove'}
コード例 #18
0
ファイル: handlers.py プロジェクト: jhuapl-marti/marti
def backdoor_remove(id_, username):
    """
    Remove a Backdoor from CRITs.

    :param id_: The ObjectId of the Backdoor to remove.
    :type id_: str
    :param username: The user removing this Backdoor.
    :type username: str
    :returns: dict with keys "success" (boolean) and "message" (str) if failed.
    """

    if is_admin(username):
        backdoor = Backdoor.objects(id=id_).first()
        if backdoor:
            backdoor.delete(username=username)
            return {'success': True}
        else:
            return {'success': False, 'message': 'Could not find Backdoor.'}
    else:
        return {'success': False, 'message': 'Must be an admin to remove'}
コード例 #19
0
ファイル: handlers.py プロジェクト: Lambdanaut/crits
def ip_remove(ip_id, username):
    """
    Remove an IP from CRITs.

    :param ip_id: The ObjectId of the IP to remove.
    :type ip_id: str
    :param username: The user removing this IP.
    :type username: str
    :returns: dict with keys "success" (boolean) and "message" (str) if failed.
    """

    if is_admin(username):
        ip = IP.objects(id=ip_id).first()
        if ip:
            ip.delete(username=username)
            return {'success': True}
        else:
            return {'success':False, 'message':'Could not find IP.'}
    else:
        return {'success':False, 'message': 'Must be an admin to remove'}
コード例 #20
0
ファイル: handlers.py プロジェクト: brentonchang/crits-1
def delete_cert(md5, username=None):
    """
    Delete a Certificate.

    :param md5: The MD5 of the Certificate to delete.
    :type md5: str
    :param username: The user deleting the certificate.
    :type username: str
    :returns: True, False
    """

    if is_admin(username):
        cert = Certificate.objects(md5=md5).first()
        if cert:
            cert.delete(username=username)
            return True
        else:
            return False
    else:
        return False
コード例 #21
0
ファイル: handlers.py プロジェクト: mishley/crits
def delete_signature(_id, username=None):
    """
    Delete Signature from CRITs.

    :param _id: The ObjectId of the Signature to delete.
    :type _id: str
    :param username: The user deleting this Signature.
    :type username: str
    :returns: bool
    """

    if is_admin(username):
        signature = Signature.objects(id=_id).first()
        if signature:
            signature.delete(username=username)
            return True
        else:
            return False
    else:
        return False
コード例 #22
0
def delete_raw_data(_id, username=None):
    """
    Delete RawData from CRITs.

    :param _id: The ObjectId of the RawData to delete.
    :type _id: str
    :param username: The user deleting this RawData.
    :type username: str
    :returns: bool
    """

    if is_admin(username):
        raw_data = RawData.objects(id=_id).first()
        if raw_data:
            raw_data.delete(username=username)
            return True
        else:
            return False
    else:
        return False
コード例 #23
0
def exploit_remove(id_, username):
    """
    Remove an Exploit from CRITs.

    :param id_: The ObjectId of the Exploit to remove.
    :type id_: str
    :param username: The user removing this Exploit.
    :type username: str
    :returns: dict with keys "success" (boolean) and "message" (str) if failed.
    """

    if is_admin(username):
        exploit = Exploit.objects(id=id_).first()
        if exploit:
            exploit.delete(username=username)
            return {'success': True}
        else:
            return {'success': False, 'message': 'Could not find Exploit.'}
    else:
        return {'success': False, 'message': 'Must be an admin to remove'}
コード例 #24
0
ファイル: handlers.py プロジェクト: optionstvm/crits
def delete_raw_data(_id, username=None):
    """
    Delete RawData from CRITs.

    :param _id: The ObjectId of the RawData to delete.
    :type _id: str
    :param username: The user deleting this RawData.
    :type username: str
    :returns: bool
    """

    if is_admin(username):
        raw_data = RawData.objects(id=_id).first()
        if raw_data:
            raw_data.delete(username=username)
            return True
        else:
            return False
    else:
        return False
コード例 #25
0
ファイル: handlers.py プロジェクト: davidhdz/crits
def delete_pcap(pcap_md5, username=None):
    """
    Delete a PCAP.

    :param pcap_md5: The MD5 of the PCAP to delete.
    :type pcap_md5: str
    :param username: The user deleting the pcap.
    :type username: str
    :returns: True, False
    """

    if is_admin(username):
        pcap = PCAP.objects(md5=pcap_md5).first()
        if pcap:
            pcap.delete(username=username)
            return True
        else:
            return False
    else:
        return False
コード例 #26
0
ファイル: handlers.py プロジェクト: cequencer/crits
def delete_signature(_id, username=None):
    """
    Delete Signature from CRITs.

    :param _id: The ObjectId of the Signature to delete.
    :type _id: str
    :param username: The user deleting this Signature.
    :type username: str
    :returns: bool
    """

    if is_admin(username):
        signature = Signature.objects(id=_id).first()
        if signature:
            signature.delete(username=username)
            return True
        else:
            return False
    else:
        return False
コード例 #27
0
ファイル: handlers.py プロジェクト: optionstvm/crits
def delete_cert(md5, username=None):
    """
    Delete a Certificate.

    :param md5: The MD5 of the Certificate to delete.
    :type md5: str
    :param username: The user deleting the certificate.
    :type username: str
    :returns: True, False
    """

    if is_admin(username):
        cert = Certificate.objects(md5=md5).first()
        if cert:
            cert.delete(username=username)
            return True
        else:
            return False
    else:
        return False
コード例 #28
0
def indicator_remove(_id, username):
    """
    Remove an Indicator from CRITs.

    :param _id: The ObjectId of the indicator to remove.
    :type _id: str
    :param username: The user removing the indicator.
    :type username: str
    :returns: dict with keys "success" (boolean) and "message" (list) if failed.
    """

    if is_admin(username):
        indicator = Indicator.objects(id=_id).first()
        if indicator:
            indicator.delete(username=username)
            return {'success': True}
        else:
            return {'success': False, 'message': ['Cannot find Indicator']}
    else:
        return {'success': False, 'message': ['Must be an admin to delete']}
コード例 #29
0
ファイル: handlers.py プロジェクト: 0x3a/crits
def actor_remove(id_, username):
    """
    Remove an Actor from CRITs.

    :param id_: The ObjectId of the Actor to remove.
    :type id_: str
    :param username: The user removing this Actor.
    :type username: str
    :returns: dict with keys "success" (boolean) and "message" (str) if failed.
    """

    if is_admin(username):
        actor = Actor.objects(id=id_).first()
        if actor:
            actor.delete(username=username)
            return {'success': True}
        else:
            return {'success': False, 'message': 'Could not find Actor.'}
    else:
        return {'success': False, 'message': 'Must be an admin to remove'}
コード例 #30
0
ファイル: handlers.py プロジェクト: asealey/crits
def delete_pcap(pcap_md5, username=None):
    """
    Delete a PCAP.

    :param pcap_md5: The MD5 of the PCAP to delete.
    :type pcap_md5: str
    :param username: The user deleting the pcap.
    :type username: str
    :returns: True, False
    """

    if is_admin(username):
        pcap = PCAP.objects(md5=pcap_md5).first()
        if pcap:
            pcap.delete(username=username)
            return True
        else:
            return False
    else:
        return False
コード例 #31
0
ファイル: handlers.py プロジェクト: gbartz/crits
def indicator_remove(_id, username):
    """
    Remove an Indicator from CRITs.

    :param _id: The ObjectId of the indicator to remove.
    :type _id: str
    :param username: The user removing the indicator.
    :type username: str
    :returns: dict with keys "success" (boolean) and "message" (list) if failed.
    """

    if is_admin(username):
        indicator = Indicator.objects(id=_id).first()
        if indicator:
            indicator.delete(username=username)
            return {'success': True}
        else:
            return {'success': False, 'message': ['Cannot find Indicator']}
    else:
        return {'success': False, 'message': ['Must be an admin to delete']}
コード例 #32
0
ファイル: views.py プロジェクト: chewytek/crits
def remove_backdoor(request, id_):
    """
    Remove a Backdoor.

    :param request: Django request.
    :type request: :class:`django.http.HttpRequest`
    :param id_: The ObjectId of the Backdoor to remove.
    :type id_: str
    :returns: :class:`django.http.HttpResponse`
    """

    if request.method == "POST":
        if is_admin(request.user):
            backdoor_remove(id_, request.user.username)
            return HttpResponseRedirect(
                reverse('crits.backdoors.views.backdoors_listing'))
        error = 'You do not have permission to remove this item.'
        return render_to_response("error.html", {'error': error},
                                  RequestContext(request))
    return render_to_response('error.html', {'error': 'Expected AJAX/POST'},
                              RequestContext(request))
コード例 #33
0
ファイル: views.py プロジェクト: 971sec/crits
def remove_ip(request):
    """
    Remove an IP address. Should be an AJAX POST.

    :param request: Django request.
    :type request: :class:`django.http.HttpRequest`
    :returns: :class:`django.http.HttpResponse`
    """

    if request.method == "POST" and request.is_ajax():
        if is_admin(request.user):
            result = ip_remove(request.POST['key'],
                               request.user.username)
            return HttpResponse(json.dumps(result),
                                content_type="application/json")
        error = 'You do not have permission to remove this item.'
        return render_to_response("error.html",
                                  {'error': error},
                                  RequestContext(request))
    return render_to_response('error.html',
                              {'error':'Expected AJAX/POST'},
                              RequestContext(request))
コード例 #34
0
ファイル: views.py プロジェクト: 971sec/crits
def remove_exploit(request, id_):
    """
    Remove a Exploit.

    :param request: Django request.
    :type request: :class:`django.http.HttpRequest`
    :param id_: The ObjectId of the Exploit to remove.
    :type id_: str
    :returns: :class:`django.http.HttpResponse`
    """

    if request.method == "POST":
        if is_admin(request.user):
            exploit_remove(id_, request.user.username)
            return HttpResponseRedirect(reverse('crits.exploits.views.exploits_listing'))
        error = 'You do not have permission to remove this item.'
        return render_to_response("error.html",
                                  {'error': error},
                                  RequestContext(request))
    return render_to_response('error.html',
                              {'error':'Expected AJAX/POST'},
                              RequestContext(request))