コード例 #1
0
ファイル: rest_api.py プロジェクト: Potrik98/scirius
    def password(self, request, pk, *args, **kwargs):
        data = request.data.copy()
        scirius_user = self.get_object()

        data['user'] = scirius_user.user.pk
        if request.user.is_superuser:
            pass_serializer = ChangePasswordSuperUserSerializer(data=data)
        else:
            pass_serializer = ChangePasswordSerializer(data=data)
        pass_serializer.is_valid(raise_exception=True)

        if request.user.is_superuser is False:
            if not scirius_user.user.check_password(
                    pass_serializer.validated_data.get('old_password')):
                raise serializers.ValidationError(
                    {'old_password': ['Wrong password']})

        scirius_user.user.set_password(
            pass_serializer.validated_data.get('new_password'))
        scirius_user.user.save()
        scirius_user.save()

        comment = data.pop('comment', None)
        comment_serializer = CommentSerializer(data={'comment': comment})
        comment_serializer.is_valid(raise_exception=True)
        UserAction.create(action_type='edit_user_password',
                          comment=comment_serializer.validated_data['comment'],
                          user=request.user,
                          other_user=scirius_user.user)
        return Response({'password': '******'})
コード例 #2
0
ファイル: rest_api.py プロジェクト: Potrik98/scirius
    def partial_update(self, request, pk, *args, **kwargs):
        if request.user.is_superuser is False:
            for right in (
                    'is_active',
                    'is_staff',
                    'is_superuser',
            ):
                if right in request.data:
                    raise PermissionDenied({
                        right:
                        'You do not have permission to perform this action.'
                    })

        data = request.data.copy()
        comment = data.pop('comment', None)

        instance = self.get_object()
        serializer = self.get_serializer(instance,
                                         data=request.data,
                                         partial=True)
        serializer.is_valid(raise_exception=True)

        comment_serializer = CommentSerializer(data={'comment': comment})
        comment_serializer.is_valid(raise_exception=True)
        UserAction.create(action_type='edit_user',
                          comment=comment_serializer.validated_data['comment'],
                          user=request.user,
                          other_user=serializer.instance.user)
        return super(AccountViewSet, self).update(request,
                                                  pk,
                                                  partial=True,
                                                  *args,
                                                  **kwargs)
コード例 #3
0
ファイル: rest_api.py プロジェクト: Potrik98/scirius
    def token(self, request, *args, **kwargs):
        scirius_user = self.get_object()
        tokens = Token.objects.filter(user=scirius_user.user)
        token = ''

        if request.method == 'GET':
            if len(tokens) > 0:
                token = tokens[0].key
        else:
            if len(tokens) > 0:
                tokens[0].delete()

            token = Token.objects.create(user=scirius_user.user).key

            data = request.data.copy()
            comment = data.pop('comment', None)

            comment_serializer = CommentSerializer(data={'comment': comment})
            comment_serializer.is_valid(raise_exception=True)
            UserAction.create(
                action_type='edit_user_token',
                comment=comment_serializer.validated_data['comment'],
                user=request.user,
                other_user=scirius_user.user)

        return Response({'token': token})
コード例 #4
0
    def post(self, request, format=None):
        suri = Suricata.objects.first()
        try:
            suri.ruleset.update()
        except IOError as e:
            raise serializers.ValidationError(
                {'update_push_all': ['Can not fetch data: %s' % e]})
        suri.generate()
        ret = suri.push()
        suri.updated_date = timezone.now()
        suri.save()

        msg = ['Suricata restart already asked']
        if ret:
            msg = 'ok'
            comment = request.data.get('comment', None)
            comment_serializer = CommentSerializer(data={'comment': comment})
            comment_serializer.is_valid(raise_exception=True)

            UserAction.create(
                action_type='update_push_all',
                user=request.user,
                ruleset=suri.ruleset,
                comment=comment_serializer.validated_data['comment'])
        return Response({'update_push_all': msg})
コード例 #5
0
ファイル: rest_api.py プロジェクト: StamusNetworks/scirius
    def post(self, request, format=None):
        suri = Suricata.objects.first()
        try:
            suri.ruleset.update()
        except IOError as e:
            raise serializers.ValidationError({'update_push_all': ['Can not fetch data: %s' % e]})
        suri.generate()
        ret = suri.push()
        suri.updated_date = timezone.now()
        suri.save()

        msg = ['Suricata restart already asked']
        if ret:
            msg = 'ok'
            comment = request.data.get('comment', None)
            comment_serializer = CommentSerializer(data={'comment': comment})
            comment_serializer.is_valid(raise_exception=True)

            UserAction.create(
                    action_type='update_push_all',
                    user=request.user,
                    ruleset=suri.ruleset,
                    comment=comment_serializer.validated_data['comment']
            )
        return Response({'update_push_all': msg})
コード例 #6
0
ファイル: rest_api.py プロジェクト: Potrik98/scirius
    def destroy(self, request, *args, **kwargs):
        old_user = self.get_object()
        # Do not need to copy 'request.data' and pop 'comment'
        # because we are not using serializer there
        comment = request.data.get('comment', None)
        comment_serializer = CommentSerializer(data={'comment': comment})
        comment_serializer.is_valid(raise_exception=True)

        UserAction.create(action_type='delete_user',
                          user=request.user,
                          old_user=old_user.user,
                          comment=comment_serializer.validated_data['comment'])
        return super(AccountViewSet, self).destroy(request, *args, **kwargs)
コード例 #7
0
    def update(self, request, pk, *args, **kwargs):
        data = request.data.copy()
        comment = data.pop('comment', None)

        instance = self.get_object()
        serializer = self.get_serializer(instance,
                                         data=request.data,
                                         partial=False)
        serializer.is_valid(raise_exception=True)

        comment_serializer = CommentSerializer(data={'comment': comment})
        comment_serializer.is_valid(raise_exception=True)
        UserAction.create(action_type='edit_user',
                          comment=comment_serializer.validated_data['comment'],
                          user=request.user,
                          other_user=serializer.instance.user)
        return super(AccountViewSet, self).update(request, pk, *args, **kwargs)
コード例 #8
0
ファイル: rest_api.py プロジェクト: Potrik98/scirius
    def create(self, request, *args, **kwargs):
        data = request.data.copy()
        comment = data.pop('comment', None)

        serializer = AccountSerializer(data=data)
        serializer.is_valid(raise_exception=True)
        serializer.save()

        comment_serializer = CommentSerializer(data={'comment': comment})
        comment_serializer.is_valid(raise_exception=True)
        UserAction.create(action_type='create_user',
                          comment=comment_serializer.validated_data['comment'],
                          user=request.user,
                          new_user=serializer.instance.user)
        headers = self.get_success_headers(serializer.data)
        return Response(serializer.data,
                        headers=headers,
                        status=status.HTTP_201_CREATED)
コード例 #9
0
    def destroy(self, request, *args, **kwargs):
        from rules.rest_api import CommentSerializer
        comment_serializer = CommentSerializer(data=request.data)
        comment_serializer.is_valid(raise_exception=True)

        UserAction.create(
                action_type='delete_rule_filter',
                comment=comment_serializer.validated_data.get('comment'),
                user=request.user,
                rule_filter=self.get_object()
        )

        index = self.get_object().index
        response = super(RuleProcessingFilterViewSet, self).destroy(request, *args, **kwargs)

        # Update index values
        RuleProcessingFilter.objects.filter(index__gt=index).update(index=models.F('index') - 1)
        return response
コード例 #10
0
    def destroy(self, request, *args, **kwargs):
        from rules.rest_api import CommentSerializer
        comment_serializer = CommentSerializer(data=request.data)
        comment_serializer.is_valid(raise_exception=True)

        UserAction.create(
                action_type='delete_rule_filter',
                comment=comment_serializer.validated_data.get('comment'),
                user=request.user,
                rule_filter=self.get_object()
        )

        index = self.get_object().index
        response = super(RuleProcessingFilterViewSet, self).destroy(request, *args, **kwargs)

        # Update index values
        RuleProcessingFilter.objects.filter(index__gt=index).update(index=models.F('index') - 1)
        return response