def update(self, id):
"""Update a user.
.. :quickref: User; Update existing user
Requires the `manage_users` permission.
When succesful, the new user will be returned in the ``user`` field.
Otherwise, an ``errors`` field will list errors.
:form name: full name
:form email: email address
:form groups: comma-delimited list of groups
:form permission_VALUE: specify a value different than ``0`` or ``False``
for all permissions the user should have.
"""
name = request.form.get('name')
email = request.form.get('email').lower()
groups = [g for g in request.form.get('groups', '').split(',') if g]
user = User(get_or_404(User.get_collection(), _id=id))
if not self._valid_form(name, email, groups, user['email']):
return validation_error()
user['name'] = name
user['email'] = email
user['groups'] = groups
user['permissions'] = self.get_permissions(user['permissions'])
user.save()
return redirect({'user': clean_users(user)},
url_for('UsersView:get', id=user['_id']))
def update_priority(module, new_priority):
if not new_priority:
new_priority = '100'
try:
module.update_setting_value('priority', int(new_priority))
except ValueError:
flash('priority must be an integer', 'danger')
return validation_error()
def update_queue(module, new_queue):
if new_queue == '':
flash('queue cannot be empty', 'danger')
return validation_error()
elif module['queue'] != new_queue:
module.update_setting_value('queue', new_queue)
updates = Internals(
get_or_404(Internals.get_collection(), name="updates"))
updates.update_value("last_update", time())
flash(
'Workers will reload once they are done with their current tasks',
'success')
def create(self):
"""Create a user.
.. :quickref: User; Create new user
Requires the `manage_users` permission.
When succesful, the new user will be returned in the ``user`` field.
Otherwise, an ``errors`` field will list errors.
:form name: full name
:form email: email address
:form groups: comma-delimited list of groups
:form permission_VALUE: specify a value different than ``0`` or ``False``
for all permissions the user should have.
"""
name = request.form.get('name')
email = request.form.get('email').lower()
groups = [g for g in request.form.get('groups', '').split(',') if g]
if not self._valid_form(name, email, groups):
return validation_error()
user = User({
'name': name,
'email': email.lower(),
'groups': groups,
'default_sharing': groups,
'permissions': self.get_permissions(),
'enabled': True
})
if not auth_module.create_user(user):
return validation_error()
user.save()
return redirect({'user': clean_users(user)},
url_for('UsersView:index'))
def enable(self, id):
"""Enable a module
.. :quickref: Module; Enable a module
Requires the `manage_modules` permission.
If successful, will return the module in ``module``.
Otherwise, errors will be available in ``errors``.
:param id: id of the module to enable.
"""
module = ModuleInfo(get_or_404(ModuleInfo.get_collection(), _id=id))
if 'error' in module:
flash(
"Cannot enable '{}' because of errors installing dependencies."
.format(module['name']), 'danger')
return validation_error(url_for('ModulesView:index'))
# See if module is properly configured
module_class = get_class(module['path'], module['class'])
module_class.info = module
try:
module_class()
except MissingConfiguration, e:
if e.name:
flash(
"You must configure '{}' before trying to enable '{}'".
format(e.name, module['name']), 'warning')
return validation_error(
url_for('ModulesView:configuration', id=e.id))
else:
flash(
"You must configure '{}' before trying to enable it.".
format(module['name']), 'warning')
return validation_error(
url_for('ModulesView:configure', id=module['_id']))
def configure(self, id):
"""Configure a module.
.. :quickref: Module; Configure a module
Requires the `manage_modules` permission.
For each configuration available, you should set the value in a form
parameter named ``config_NAME``. For boolean values, any value not ``0``
or ``False`` is considered to be ``True``.
If the setting should be an option (be available per analysis), you have
to set ``config_NAME_option`` to any value but ``0`` or ``False``.
If successful, will return the module in ``module``.
Otherwise, errors will be available in ``errors``.
:param id: id of the named configuration.
:form acts_on: comma-delimited list of FAME types this module can act on
(only for Processing modules).
:form triggered_by: comma-delimited list of triggers (only for Processing
modules).
:form queue: name of the queue to use for this module (only for Processing
modules).
"""
module = ModuleInfo(get_or_404(ModuleInfo.get_collection(), _id=id))
if request.method == "POST":
if module['type'] == 'Processing':
if 'acts_on' in request.form:
module.update_setting_value(
'acts_on', request.form.get('acts_on', ''))
if 'triggered_by' in request.form:
module.update_setting_value(
'triggered_by', request.form.get('triggered_by', ''))
if 'queue' in request.form:
new_queue = request.form.get('queue')
if module['queue'] == '':
flash('queue cannot be empty', 'danger')
return validation_error()
else:
if module['queue'] != new_queue:
module.update_setting_value('queue', new_queue)
updates = Internals(
get_or_404(Internals.get_collection(),
name="updates"))
updates.update_value("last_update", time())
flash(
'Workers will reload once they are done with their current tasks',
'success')
errors = update_config(module['config'],
options=(module['type'] == 'Processing'))
if errors is not None:
return errors
module.save()
dispatcher.reload()
return redirect({'module': clean_modules(module)},
url_for('ModulesView:index'))
else:
return render({'module': clean_modules(module)},
'modules/module_configuration.html')
def post(self):
"""Create a new analysis.
.. :quickref: Analysis; Create an analysis
Launch a new analysis. You have to specify on which object this analysis
will be made, by specifying one of:
* ``file_id`` for an existing object
* ``file`` for file uploads
* ``url``
* ``hash`` if VirusTotal sample retrieval is enabled.
You should also supply all enabled analysis options with the name
``options[OPTION_NAME]``. For boolean options, any value different than
``0`` or ``False`` means the option is enabled.
If the submitted object already exists (and ``file_id`` was not specified),
the response will be a file object. When a new analysis was successfuly
created, the analysis object will be returned, in the ``analysis`` field.
If there was error in your submission, they will be returned in the
``errors`` field.
**Example request**::
headers = {
'Accept': "application/json",
'X-API-KEY': FAME_API_KEY
}
with open(filepath, 'rb') as f:
params = {
'options[allow_internet_access]': "on",
'options[analysis_time]': "300",
'groups': "cert"
}
files = {
'file': f
}
r = requests.post(ENDPOINT, data=params, files=files, headers=headers)
:form string file_id: (optional) the id of the object on which this analysis should run.
:form file file: (optional) file to analyze.
:form string url: (optional) url to analyze.
:form string hash: (optional) hash to analyze.
:form string module: (optional) the name of the target module.
:form string groups: a comma-separated list of groups that will have access to this analysis.
:form string comment: comment to add to this object.
:form string option[*]: value of each enabled option.
"""
file_id = request.form.get('file_id')
modules = filter(None, request.form.get('modules', '').split(','))
groups = request.form.get('groups', '').split(',')
comment = request.form.get('comment', '')
options = get_options()
if options is None:
return validation_error()
valid_submission = self._validate_form(groups, modules, options)
if not valid_submission:
return validation_error()
if file_id is not None:
f = File(get_or_404(current_user.files, _id=file_id))
analysis = {
'analysis':
f.analyze(groups, current_user['_id'], modules, options)
}
return redirect(
analysis,
url_for('AnalysesView:get', id=analysis['analysis']['_id']))
else:
# When this is a new submission, validate the comment
if not self._validate_comment(comment):
return validation_error()
f = self._get_object_to_analyze()
if f is not None:
f.add_owners(set(current_user['groups']) & set(groups))
if comment:
f.add_comment(current_user['_id'], comment)
if f.existing:
f.add_groups(groups)
flash(
"File already exists, so the analysis was not launched."
)
return redirect(clean_files(f),
url_for('FilesView:get', id=f['_id']))
else:
analysis = {
'analysis':
clean_analyses(
f.analyze(groups, current_user['_id'], modules,
options))
}
analysis['analysis']['file'] = clean_files(f)
return redirect(
analysis,
url_for('AnalysesView:get',
id=analysis['analysis']['_id']))
else:
return render_template('analyses/new.html',
options=dispatcher.options)
