class SampleResource(BaseResource): schema = SampleSchema() pagination_schema = get_pagination_compatible_schema(SampleSchema) queryset = Sample.objects.get_with_tlp_level_filter query_key_field = 'id' filter_parameters = [ ('ip_address', str), ('ip_address__startswith', str), ('domain', str), ('domain__contains', str), ('domain__startswith', str), ('domain__endswith', str), ('uri', str), ('uri__contains', str), ('uri__startswith', str), ('uri__endswith', str), ('md5sum', str), ('sha1sum', str), ('sha256sum', str), ('sha512sum', str), ('mime_type', str), ('file_names', str), ('file_size__lte', int), ('file_size__gte', int), ('shannon_entropy__lte', float), ('shannon_entropy__gte', float), ('delivery_date__lte', BaseResource._create_date_from_string), ('delivery_date__gte', BaseResource._create_date_from_string), ('first_seen__lte', BaseResource._create_date_from_string), ('first_seen__gte', BaseResource._create_date_from_string), ('tags__all', BaseResource._create_list_from_string), ('_cls', str), ('_cls__startswith', str) ] @privilege_required(AuthenticatedPrivilege()) def get_list(self): """ --- get: description: Get a list of all samples. parameters: - in: query name: md5sum type: string - in: query name: sha1sum type: string - in: query name: sha256sum type: string - in: query name: sha512sum type: string - in: query name: mime_type type: string - in: query name: file_names type: string - in: query name: file_size__lte type: integer - in: query name: file_size_gte type: interger - in: query name: shannon_entropy__lte type: float - in: query name: shannon_entropy__gte type: float - in: query name: delivery_date__lte type: string format: dateTime - in: query name: delivery_date__gte type: string format: dateTime - in: query name: first_seen__lte type: string format: dateTime - in: query name: first_seen__gte type: string format: dateTime - in: query name: tags__all type: string responses: 200: description: A list of samples is returned. schema: SampleSchema """ serialized_samples = [] paginated_samples = self._get_list() for sample in paginated_samples['results']: schema = SchemaMapping.get_schema_for_model_class( sample.__class__.__name__) serialized_samples.append(schema().dump(sample).data) return jsonify({ 'results': serialized_samples, 'next': paginated_samples['next'], 'previous': paginated_samples['previous'] }) @privilege_required(AuthenticatedPrivilege()) def get_detail(self, **kwargs): """ --- get: description: Get a single sample object parameters: - in: path name: id type: string responses: 200: description: The sample is returned. schema: SampleSchema 404: description: No sample with the specified id has been found. """ try: sample = self.queryset().get(id=kwargs['id']) schema = SchemaMapping.get_schema_for_model_class( sample.__class__.__name__) data = schema().dump(sample).data return jsonify(data) except DoesNotExist: return jsonify({ 'error': 'No object with key \'{}\' found'.format(kwargs['id']) }), 404 def post(self): return jsonify({ 'error': 'Posting samples directly to the sample endpoint is not allowed. Instead please use the respective endpoints of each specific sample type.' }), 400 def put(self, **kwargs): return jsonify({ 'error': 'Updating sample objects via the API is not supported yet.' }), 400 @privilege_required(RolePrivilege('admin')) def delete(self, **kwargs): """ --- delete: description: Delete an existing sample object parameters: - in: path name: id type: string responses: 204: description: The object has been deleted. 400: description: The server was not able to delete an object based on the request data. 404: description: No sample with the specified id has been found. """ return super(SampleResource, self).delete(**kwargs) @privilege_required(AuthenticatedPrivilege()) def download_file(self, **kwargs): """ --- get: description: Get the raw file for a file sample object parameters: - in: path name: id type: string responses: 200: description: The raw file is returned. 400: description: There is no file available for this sample. 404: description: No sample with the specified id has been found. """ try: sample = self.queryset().get(id=kwargs['id']) if not isinstance(sample, FileSample): return jsonify( {'error': 'There is no file available for this sample'}), 400 else: file = sample.file.read() return file, 200, {'Content-Type': 'application/octet-stream'} except DoesNotExist: return jsonify({ 'error': 'No object with key \'{}\' found'.format(kwargs['id']) }), 404 @privilege_required(AuthenticatedPrivilege()) def submit_file(self): """ --- post: description: Upload a file sample to the MASS server parameters: - in: formData name: file type: file responses: 201: description: The file sample has been uploaded to the MASS server. The metadata of the sample is returned. schema: FileSampleSchema 400: description: No file has been attached to the request or the request is malformed. """ if 'file' not in request.files: return jsonify({'error': 'File payload missing in POST request.'}), 400 else: if 'metadata' in request.form: metadata = json.loads(request.form['metadata']) else: metadata = {} data = {'file': request.files['file']} data.update(metadata) sample = FileSample.create_or_update(**data) sample.save() sample = Sample.objects.get(id=sample.id) schema = SchemaMapping.get_schema_for_model_class( sample.__class__.__name__) return jsonify(schema().dump(sample).data), 201 @privilege_required(AuthenticatedPrivilege()) def submit_ip(self): """ --- post: description: Submit an IP address to the MASS server parameters: - in: body name: body type: string responses: 201: description: The IP address sample has been created on the MASS server. The metadata of the sample is returned. schema: IPSampleSchema 400: description: No IP address has been given or the request is malformed. """ json_data = request.get_json() if not json_data: return jsonify({ 'error': 'No JSON data provided. Make sure to set the content type of your request to: application/json' }), 400 else: sample = IPSample.create_or_update(**json_data) sample.save() schema = SchemaMapping.get_schema_for_model_class( sample.__class__.__name__) return jsonify(schema().dump(sample).data), 201 @privilege_required(AuthenticatedPrivilege()) def submit_domain(self): """ --- post: description: Submit a domain name to the MASS server parameters: - in: body name: body type: string responses: 201: description: The domain name sample has been created on the MASS server. The metadata of the sample is returned. schema: DomainSampleSchema 400: description: No domain name has been given or the request is malformed. """ json_data = request.get_json() if not json_data: return jsonify({ 'error': 'No JSON data provided. Make sure to set the content type of your request to: application/json' }), 400 else: sample = DomainSample.create_or_update(**json_data) sample.save() schema = SchemaMapping.get_schema_for_model_class( sample.__class__.__name__) return jsonify(schema().dump(sample).data), 201 @privilege_required(AuthenticatedPrivilege()) def submit_uri(self): """ --- post: description: Submit a URI to the MASS server parameters: - in: body name: body type: string responses: 201: description: The URI sample has been created on the MASS server. The metadata of the sample is returned. schema: URISampleSchema 400: description: No URI has been given or the request is malformed. """ json_data = request.get_json() if not json_data: return jsonify({ 'error': 'No JSON data provided. Make sure to set the content type of your request to: application/json' }), 400 else: sample = URISample.create_or_update(**json_data) sample.save() schema = SchemaMapping.get_schema_for_model_class( sample.__class__.__name__) return jsonify(schema().dump(sample).data), 201 @privilege_required(AuthenticatedPrivilege()) def reports(self, **kwargs): """ --- get: description: Get the reports associated to the given sample parameters: - in: path name: id type: string responses: 200: description: The list of reports is returned. schema: ReportSchema 404: description: No sample with the specified id has been found. """ try: sample = self.queryset().get(id=kwargs['id']) reports = Report.objects(sample=sample) serialized_result = ReportSchema(many=True).dump(reports) return jsonify({ 'results': serialized_result.data, }) except DoesNotExist: return jsonify({ 'error': 'No object with key \'{}\' found'.format(kwargs['id']) }), 404 @privilege_required(AuthenticatedPrivilege()) def relation_graph(self, **kwargs): """ --- get: description: Get a graph representation of the sample relations of the given sample parameters: - in: path name: id type: string - in: query name: depth type: integer responses: 200: description: The relation graph is returned. 404: description: No sample with the specified id has been found. """ try: sample = self.queryset().get(id=kwargs['id']) if 'depth' in request.args: sample_relations = GraphFunctions.get_relation_graph( sample, int(request.args['depth'])) else: sample_relations = GraphFunctions.get_relation_graph(sample) serialized_sample_relations = [] for sample_relation in sample_relations: schema = SchemaMapping.get_schema_for_model_class( sample_relation.__class__.__name__) serialized_sample_relations.append( schema().dump(sample_relation).data) return jsonify({'results': serialized_sample_relations}) except DoesNotExist: return jsonify({ 'error': 'No object with key \'{}\' found'.format(kwargs['id']) }), 404
from flask import flash, render_template, redirect, url_for from flask_modular_auth import current_authenticated_entity, privilege_required, RolePrivilege from mass_flask_config.app import app from mass_flask_webui.config import webui_blueprint from mass_flask_webui.forms.login import LoginForm @webui_blueprint.route('/login/', methods=['GET', 'POST']) def login(): if current_authenticated_entity.is_authenticated: return redirect(url_for('.profile')) else: form = LoginForm() if form.validate_on_submit(): app.session_provider.login_entity(form.user) flash('Logged in successfully!', 'success') return redirect(url_for('.profile')) return render_template('login.html', form=form) @webui_blueprint.route('/logout/', methods=['GET']) @privilege_required(RolePrivilege('user')) def logout(): app.session_provider.logout_entity() flash('Logged out successfully!', 'success') return redirect(url_for('mass_flask_webui.index'))
class SampleRelationResource(BaseResource): schema = SampleRelationSchema() pagination_schema = get_pagination_compatible_schema(SampleRelationSchema) queryset = SampleRelation.objects query_key_field = 'id' filter_parameters = [] @privilege_required(AuthenticatedPrivilege()) def get_list(self): """ --- get: description: Get a list of all sample relations. responses: 200: description: A list of sample relations is returned. schema: SampleRelationSchema """ serialized_sample_relations = [] paginated_sample_relations = self._get_list() for sample_relation in paginated_sample_relations['results']: schema = SchemaMapping.get_schema_for_model_class( sample_relation.__class__.__name__) serialized_sample_relations.append( schema().dump(sample_relation).data) return jsonify({ 'results': serialized_sample_relations, 'next': paginated_sample_relations['next'], 'previous': paginated_sample_relations['previous'] }) @privilege_required(AuthenticatedPrivilege()) def get_detail(self, **kwargs): """ --- get: description: Get a single sample relation object parameters: - in: path name: id type: string responses: 200: description: The sample relation is returned. schema: SampleRelationSchema 404: description: No sample relation with the specified id has been found. """ try: sample_relation = self.queryset.get(id=kwargs['id']) schema = SchemaMapping.get_schema_for_model_class( sample_relation.__class__.__name__) return jsonify(schema().dump(sample_relation).data) except DoesNotExist: return jsonify({ 'error': 'No object with key \'{}\' found'.format(kwargs['id']) }), 404 def post(self): return jsonify({ 'error': 'Posting sample relations directly to the sample relation endpoint is not allowed. Instead please use the respective endpoints of each specific relation type.' }), 400 def put(self, **kwargs): return jsonify({ 'error': 'Updating relation objects via the API is not supported yet.' }), 400 @privilege_required(RolePrivilege('admin')) def delete(self, **kwargs): """ --- delete: description: Delete an existing relation object parameters: - in: path name: id type: string responses: 204: description: The object has been deleted. 400: description: The server was not able to delete an object based on the request data. 404: description: No relation with the specified id has been found. """ return super(SampleRelationResource, self).delete(**kwargs) @privilege_required(RolePrivilege('admin'), RolePrivilege('analysis_system_instance')) def submit_dropped_by_sample_relation(self): """ --- post: description: Submit a sample relation between a file and a sample to the MASS server parameters: - in: body name: body type: DroppedBySampleRelationSchema responses: 201: description: The relation has been uploaded to the MASS server. The metadata of the sample is returned. schema: DroppedBySampleRelationSchema 400: description: The request is malformed. """ data = request.get_json() schema = DroppedBySampleRelationSchema() sample_relation = schema.load(data).data sample_relation.save() return jsonify(schema.dump(sample_relation).data), 201 @privilege_required(RolePrivilege('admin'), RolePrivilege('analysis_system_instance')) def submit_resolved_by_sample_relation(self): """ --- post: description: Submit a sample relation between a domain and a sample to the MASS server parameters: - in: body name: body type: ResolvedBySampleRelationSchema responses: 201: description: The relation has been uploaded to the MASS server. The metadata of the sample is returned. schema: ResolvedBySampleRelationSchema 400: description: The request is malformed. """ data = request.get_json() schema = ResolvedBySampleRelationSchema() sample_relation = schema.load(data).data sample_relation.save() return jsonify(schema.dump(sample_relation).data), 201 @privilege_required(RolePrivilege('admin'), RolePrivilege('analysis_system_instance')) def submit_contacted_by_sample_relation(self): """ --- post: description: Submit a sample relation between an IP and a sample to the MASS server parameters: - in: body name: body type: ContactedBySampleRelationSchema responses: 201: description: The relation has been uploaded to the MASS server. The metadata of the sample is returned. schema: ContactedBySampleRelationSchema 400: description: The request is malformed. """ data = request.get_json() schema = ContactedBySampleRelationSchema() sample_relation = schema.load(data).data sample_relation.save() return jsonify(schema.dump(sample_relation).data), 201 @privilege_required(RolePrivilege('admin'), RolePrivilege('analysis_system_instance')) def submit_retrieved_by_sample_relation(self): """ --- post: description: Submit a sample relation between a HTTP(S) URL and a sample to the MASS server parameters: - in: body name: body type: RetrievedBySampleRelationSchema responses: 201: description: The relation has been uploaded to the MASS server. The metadata of the sample is returned. schema: RetrievedBySampleRelationSchema 400: description: The request is malformed. """ data = request.get_json() schema = RetrievedBySampleRelationSchema() sample_relation = schema.load(data).data sample_relation.save() return jsonify(schema.dump(sample_relation).data), 201 @privilege_required(RolePrivilege('admin'), RolePrivilege('analysis_system_instance')) def submit_ssdeep_sample_relation(self): """ --- post: description: Submit a sample relation between two sample files. parameters: - in: body name: body type: SsdeepSampleRelationSchema responses: 201: description: The relation has been uploaded to the MASS server. The metadata of the sample is returned. schema: SsdeepSampleRelationSchema 400: description: The request is malformed. """ data = request.get_json() schema = SsdeepSampleRelationSchema() sample_relation = schema.load(data).data sample_relation.save() return jsonify(schema.dump(sample_relation).data), 201
class ReportResource(BaseResource): schema = ReportSchema() pagination_schema = get_pagination_compatible_schema(ReportSchema) queryset = Report.objects query_key_field = 'id' filter_parameters = [] @privilege_required(AuthenticatedPrivilege()) def get_list(self): """ --- get: description: Get a list of all reports. responses: 200: description: A list of reports is returned. schema: ReportSchema """ return super(ReportResource, self).get_list() @privilege_required(AuthenticatedPrivilege()) def get_detail(self, **kwargs): """ --- get: description: Get a single report object parameters: - in: path name: id type: string responses: 200: description: The report is returned. schema: ReportSchema 404: description: No report with the specified id has been found. """ return super(ReportResource, self).get_detail(**kwargs) def post(self): return jsonify({'error': 'Method not allowed for this endpoint.'}), 405 def put(self, **kwargs): return jsonify({'error': 'Method not allowed for this endpoint.'}), 405 @privilege_required(RolePrivilege('admin')) def delete(self, **kwargs): """ --- delete: description: Delete an existing report object parameters: - in: path name: id type: string responses: 204: description: The object has been deleted. 400: description: The server was not able to delete an object based on the request data. 404: description: No report with the specified id has been found. """ return super(ReportResource, self).delete(**kwargs) @privilege_required(AuthenticatedPrivilege()) def get_json_report_object(self, **kwargs): """ --- get: description: Get the contents of a JSON report object parameters: - in: path name: id type: string - in: path name: object_name type: string responses: 200: description: The JSON report object is returned. 400: description: Invalid request. 404: description: No report with the specified id has been found. """ try: report = self.queryset.get(id=kwargs['id']) obj = report.json_report_objects[kwargs['object_name']] if not obj: return jsonify({ 'error': 'No object with key \'{}\' found'.format( kwargs['object_name']) }), 404 else: file = obj.read() return file, 200, {'Content-Type': 'application/json'} except DoesNotExist: return jsonify({ 'error': 'No object with key \'{}\' found'.format(kwargs['id']) }), 404 @privilege_required(AuthenticatedPrivilege()) def get_raw_report_object(self, **kwargs): """ --- get: description: Get the contents of a raw binary report object parameters: - in: path name: id type: string - in: path name: object_name type: string responses: 200: description: The raw binary report object is returned. 400: description: Invalid request. 404: description: No report with the specified id has been found. """ try: report = self.queryset.get(id=kwargs['id']) obj = report.raw_report_objects[kwargs['object_name']] if not obj: return jsonify({ 'error': 'No object with key \'{}\' found'.format( kwargs['object_name']) }), 404 else: file = obj.read() return file, 200, {'Content-Type': 'binary/octet-stream'} except DoesNotExist: return jsonify({ 'error': 'No object with key \'{}\' found'.format(kwargs['id']) }), 404
class ScheduledAnalysisResource(BaseResource): schema = ScheduledAnalysisSchema() pagination_schema = get_pagination_compatible_schema( ScheduledAnalysisSchema) queryset = ScheduledAnalysis.objects query_key_field = 'id' filter_parameters = [] @privilege_required(RolePrivilege('admin')) def get_list(self): """ --- get: description: Get a list of all scheduled analyses. responses: 200: description: A list of scheduled analyses is returned. schema: ScheduledAnalysisSchema """ return super(ScheduledAnalysisResource, self).get_list() @privilege_required(RolePrivilege('admin'), RolePrivilege('analysis_system_instance')) def get_detail(self, **kwargs): """ --- get: description: Get a single scheduled analysis object parameters: - in: path name: id type: string responses: 200: description: The scheduled analysis is returned. schema: ScheduledAnalysisSchema 404: description: No scheduled analysis with the specified id has been found. """ return super(ScheduledAnalysisResource, self).get_detail(**kwargs) @privilege_required(RolePrivilege('admin')) def post(self): """ --- post: description: Create a new scheduled analysis parameters: - in: body name: body schema: ScheduledAnalysisSchema responses: 201: description: The object has been created. The reply contains the newly created object. schema: ScheduledAnalysisSchema 400: description: The server was not able to create an object based on the request data. """ return super(ScheduledAnalysisResource, self).post() def put(self, **kwargs): return jsonify({'error': 'Method not allowed for this endpoint.'}), 405 @privilege_required(RolePrivilege('admin')) def delete(self, **kwargs): """ --- delete: description: Delete an existing scheduled analysis object parameters: - in: path name: id type: string responses: 204: description: The object has been deleted. 400: description: The server was not able to delete an object based on the request data. 404: description: No scheduled analysis with the specified id has been found. """ return super(ScheduledAnalysisResource, self).delete(**kwargs) @privilege_required(RolePrivilege('admin'), RolePrivilege('analysis_system_instance')) def submit_report(self, **kwargs): """ --- post: description: Submit the report for the specified scheduled analysis parameters: - in: path name: id type: string - in: body name: body schema: ReportSchema responses: 204: description: The report has been submitted. The scheduled analysis object has been deleted. 400: description: The server was not able to process the request based on the request data. 404: description: No scheduled analysis with the specified id has been found. """ try: scheduled_analysis = self.queryset.get(id=kwargs['id']) if 'metadata' not in request.form: return jsonify( {'error': 'JSON metadata missing in POST request.'}), 400 else: data = json.loads(request.form['metadata']) data['json_report_objects'] = {} data['raw_report_objects'] = {} parsed_report = ReportSchema().load(data, partial=True) if parsed_report.errors: return jsonify(parsed_report.errors), 400 report = parsed_report.data report.sample = scheduled_analysis.sample report.analysis_system = scheduled_analysis.analysis_system_instance.analysis_system for key, f in request.files.items(): if f.mimetype == "application/json": report.add_json_report_object(f) else: report.add_raw_report_object(f) report.save() scheduled_analysis.delete() return jsonify(ReportSchema().dump(report).data), 201 except DoesNotExist: return jsonify({ 'error': 'No object with key \'{}\' found'.format(kwargs['id']) }), 404
class AnalysisRequestResource(BaseResource): schema = AnalysisRequestSchema() pagination_schema = get_pagination_compatible_schema(AnalysisRequestSchema) queryset = AnalysisRequest.objects query_key_field = 'id' filter_parameters = [] @privilege_required(RolePrivilege('admin')) def get_list(self): """ --- get: description: Get a list of all analysis requests. responses: 200: description: A list of analysis requests is returned. schema: AnalysisRequestSchema """ return super(AnalysisRequestResource, self).get_list() @privilege_required(RolePrivilege('admin')) def get_detail(self, **kwargs): """ --- get: description: Get a single analysis request object parameters: - in: path name: id type: string responses: 200: description: The analysis request is returned. schema: AnalysisRequestSchema 404: description: No analysis request with the specified id has been found. """ return super(AnalysisRequestResource, self).get_detail(**kwargs) @privilege_required(RolePrivilege('admin')) def post(self): """ --- post: description: Create a new analysis request parameters: - in: body name: body schema: AnalysisRequestSchema responses: 201: description: The object has been created. The reply contains the newly created object. schema: AnalysisRequestSchema 400: description: The server was not able to create an object based on the request data. """ return super(AnalysisRequestResource, self).post() @privilege_required(RolePrivilege('admin')) def put(self, **kwargs): """ --- put: description: Update an existing analysis request object parameters: - in: path name: id type: string - in: body name: body schema: AnalysisRequestSchema responses: 200: description: The object has been updated. The reply contains the updated object. schema: AnalysisRequestSchema 400: description: The server was not able to update an object based on the request data. 404: description: No analysis request with the specified id has been found. """ return super(AnalysisRequestResource, self).put(**kwargs) @privilege_required(RolePrivilege('admin')) def delete(self, **kwargs): """ --- delete: description: Delete an existing analysis request object parameters: - in: path name: id type: string responses: 204: description: The object has been deleted. 400: description: The server was not able to delete an object based on the request data. 404: description: No analysis request with the specified id has been found. """ return super(AnalysisRequestResource, self).delete(**kwargs)
from mass_flask_core import models from mass_flask_config.app import db from mass_flask_core.models import AnalysisSystem, AnalysisSystemInstance, InstanceAPIKey, User from mass_flask_webui.config import webui_blueprint def _get_db_statistics(): result = [] for name, obj in inspect.getmembers(models): if inspect.isclass(obj) and issubclass(obj, db.Document): result.append((name, obj.objects.count())) return result @webui_blueprint.route('/admin/', methods=['GET']) @privilege_required(RolePrivilege('admin')) def admin(): _get_db_statistics() return render_template('admin/admin.html', database_statistics=_get_db_statistics()) @webui_blueprint.route('/admin/analysis_systems/', methods=['GET', 'POST']) @privilege_required(RolePrivilege('admin')) def admin_analysis_systems(): if request.method == 'POST': _process_analysis_system_action() analysis_systems = AnalysisSystem.objects() for system in analysis_systems: system.instances = AnalysisSystemInstance.objects( analysis_system=system.id)
class AnalysisSystemInstanceResource(BaseResource): schema = AnalysisSystemInstanceSchema() pagination_schema = get_pagination_compatible_schema( AnalysisSystemInstanceSchema) queryset = AnalysisSystemInstance.objects query_key_field = 'uuid' filter_parameters = [] @privilege_required(AuthenticatedPrivilege()) def get_list(self): """ --- get: description: Get a list of all analysis system instances. responses: 200: description: A list of analysis system instances is returned. schema: AnalysisSystemInstanceSchema """ return super(AnalysisSystemInstanceResource, self).get_list() @privilege_required(AuthenticatedPrivilege()) def get_detail(self, **kwargs): """ --- get: description: Get a single analysis system instance object parameters: - in: path name: uuid type: string responses: 200: description: The analysis system instance is returned. schema: AnalysisSystemInstanceSchema 404: description: No analysis system instance with the specified uuid has been found. """ return super(AnalysisSystemInstanceResource, self).get_detail(**kwargs) @privilege_required(RolePrivilege('admin')) def post(self): """ --- post: description: Create a new analysis system instance parameters: - in: body name: body schema: AnalysisSystemInstanceSchema responses: 201: description: The object has been created. The reply contains the newly created object. schema: AnalysisSystemInstanceSchema 400: description: The server was not able to create an object based on the request data. """ return super(AnalysisSystemInstanceResource, self).post() @privilege_required(RolePrivilege('admin')) def put(self, **kwargs): """ --- put: description: Update an existing analysis system instance object parameters: - in: path name: uuid type: string - in: body name: body schema: AnalysisSystemInstanceSchema responses: 200: description: The object has been updated. The reply contains the updated object. schema: AnalysisSystemInstanceSchema 400: description: The server was not able to update an object based on the request data. 404: description: No analysis system with the specified uuid has been found. """ return super(AnalysisSystemInstanceResource, self).put(**kwargs) @privilege_required(RolePrivilege('admin')) def delete(self, **kwargs): """ --- delete: description: Delete an existing analysis system instance object parameters: - in: path name: uuid type: string responses: 204: description: The object has been deleted. 400: description: The server was not able to delete an object based on the request data. 404: description: No analysis system instance with the specified uuid has been found. """ return super(AnalysisSystemInstanceResource, self).delete(**kwargs) @privilege_required(RolePrivilege('admin'), RolePrivilege('analysis_system_instance')) def scheduled_analyses(self, **kwargs): """ --- get: description: Get the scheduled analyses of a specific analysis system instance object parameters: - in: path name: uuid type: string responses: 200: description: The list of scheduled analyses is returned. schema: ScheduledAnalysisSchema 404: description: No analysis system instance with the specified uuid has been found. """ if kwargs['uuid'] is None: return jsonify({ 'error': 'Parameter \'{}\' must be specified'.format( self.query_key_field) }), 400 elif (isinstance(current_authenticated_entity._get_current_object(), AnalysisSystemInstance) and current_authenticated_entity.uuid == kwargs['uuid']) \ or (isinstance(current_authenticated_entity._get_current_object(), User) and current_authenticated_entity.is_admin): analysis_system_instance = AnalysisSystemInstance.objects.get( uuid=kwargs['uuid']) if not analysis_system_instance: return jsonify({ 'error': 'No object with key \'{}\' found'.format( kwargs[self.query_key_field]) }), 404 analysis_system_instance.update_last_seen() scheduled_analyses = ScheduledAnalysis.objects( analysis_system_instance=analysis_system_instance) serialized_result = ScheduledAnalysisSchema( many=True).dump(scheduled_analyses) return jsonify({ 'results': serialized_result.data, }) else: return jsonify({ 'error': 'Analysis instance \'{}\' not found'.format( kwargs[self.query_key_field]) }), 404