def create_c2dns(): """Create c2dns artifact From Data: domain_name (str), match_type (str), expiration_type (str), expiration_timestamp (date), state(str) Return: c2dns artifact dictionary""" entity = c2dns.C2dns( domain_name=request.json['domain_name'], match_type=request.json['match_type'], expiration_type=request.json['expiration_type'], expiration_timestamp=parser.parse(request.json['expiration_timestamp']) if request.json.get("expiration_type", None) else None, state=verify_state(request.json['state']['state']), created_user_id=current_user.id, modified_user_id=current_user.id, owner_user_id=current_user.id) db.session.add(entity) try: db.session.commit() except exc.IntegrityError: app.logger.error("Duplicate DNS: '%s'" % entity.domain_name) abort(409) except Exception: app.logger.error("Whitelist validation failed.") abort(412, description="Whitelist validation failed.") entity.tags = create_tags_mapping(entity.__tablename__, entity.id, request.json['tags']) dirty = False for name, value_dict in request.json["metadata_values"].iteritems(): if not name or not value_dict: continue m = db.session.query(MetadataMapping).join( Metadata, Metadata.id == MetadataMapping.metadata_id).filter( Metadata.key == name).filter( Metadata.artifact_type == ENTITY_MAPPING["DNS"]).filter( MetadataMapping.artifact_id == entity.id).first() if m: m.value = value_dict["value"] db.session.add(m) dirty = True else: m = db.session.query(Metadata).filter(Metadata.key == name).filter( Metadata.artifact_type == ENTITY_MAPPING["DNS"]).first() db.session.add( MetadataMapping(value=value_dict["value"], metadata_id=m.id, artifact_id=entity.id, created_user_id=current_user.id)) dirty = True if dirty: db.session.commit() return jsonify(entity.to_dict()), 201
def update_c2ip(id): """Update c2ip artifact From Data: ip (str), asn (str), country (str), expiration_timestamp (date), state(str) Return: c2dns artifact dictionary""" entity = c2ip.C2ip.query.get(id) if not entity: abort(404) if not current_user.admin and entity.owner_user_id != current_user.id: abort(403) entity = c2ip.C2ip( ip=request.json['ip'], asn=request.json['asn'], country=request.json['country'], description=request.json.get("description", None), references=request.json.get("references", None), state=verify_state(request.json['state']['state']) if request.json['state'] and 'state' in request.json['state'] else verify_state(request.json['state']), expiration_timestamp=parser.parse(request.json['expiration_timestamp']) if request.json.get( "expiration_timestamp", None) else None, owner_user_id=request.json['owner_user']['id'] if request.json.get("owner_user", None) and request.json[ "owner_user"].get("id", None) else None, id=id, modified_user_id=current_user.id, active=request.json.get("active", entity.active) ) db.session.merge(entity) try: db.session.commit() except exc.IntegrityError: app.logger.error("Duplicate IP: '%s'" % entity.ip) abort(409, description="Duplicate IP: '%s'" % entity.ip) delete_tags_mapping(entity.__tablename__, entity.id) create_tags_mapping(entity.__tablename__, entity.id, request.json['tags']) entity.save_metadata(request.json.get("metadata_values", {})) entity = c2ip.C2ip.query.get(entity.id) return jsonify(entity.to_dict()), 200
def create_c2ip(): """Create c2ip artifact JSON Body: ip (str), asn (str), country (str), expiration_timestamp (date), state(str) Return: c2dns artifact dictionary""" entity = c2ip.C2ip( ip=request.json['ip'], asn=request.json['asn'], country=request.json['country'], description=request.json.get("description", None), references=request.json.get("references", None), state=verify_state(request.json['state']['state']), expiration_timestamp=parser.parse(request.json['expiration_timestamp']) if request.json.get("expiration_timestamp", None) else None, created_user_id=current_user.id, modified_user_id=current_user.id, owner_user_id=current_user.id, active=request.json.get("active", True) ) db.session.add(entity) try: db.session.commit() except exc.IntegrityError: app.logger.error("Duplicate IP: '%s'" % entity.ip) abort(409, description="Duplicate IP: '%s'" % entity.ip) except Exception: app.logger.error("Whitelist validation failed.") abort(412, description="Whitelist validation failed.") entity.tags = create_tags_mapping(entity.__tablename__, entity.id, request.json['tags']) if request.json.get('new_comment', None): create_comment(request.json['new_comment'], ENTITY_MAPPING["IP"], entity.id, current_user.id) entity.save_metadata(request.json.get("metadata_values", {})) return jsonify(entity.to_dict()), 201
def update_c2dns(id): """Update c2dns artfifact From Data: domain_name (str), match_type (str), expiration_type (str), expiration_timestamp (date), state(str) Return: c2dns artifact dictionary""" entity = c2dns.C2dns.query.get(id) if not entity: abort(404) if not current_user.admin and entity.owner_user_id != current_user.id: abort(403) entity = c2dns.C2dns( state=verify_state(request.json['state']['state']) if request.json['state'] and 'state' in request.json['state'] else verify_state(request.json['state']), domain_name=request.json['domain_name'], match_type=request.json['match_type'], expiration_type=request.json['expiration_type'], expiration_timestamp=parser.parse(request.json['expiration_timestamp']) if request.json.get("expiration_timestamp", None) else None, id=id, owner_user_id=request.json['owner_user']['id'] if request.json.get("owner_user", None) and request.json["owner_user"].get("id", None) else None, modified_user_id=current_user.id) db.session.merge(entity) try: db.session.commit() except exc.IntegrityError: app.logger.error("Duplicate DNS: '%s'" % (entity.domain_name)) abort(409) create_tags_mapping(entity.__tablename__, entity.id, request.json['addedTags']) delete_tags_mapping(entity.__tablename__, entity.id, request.json['removedTags']) dirty = False for name, value_dict in request.json["metadata_values"].iteritems(): if not name or not value_dict: continue m = db.session.query(MetadataMapping).join( Metadata, Metadata.id == MetadataMapping.metadata_id).filter( Metadata.key == name).filter( Metadata.artifact_type == ENTITY_MAPPING["DNS"]).filter( MetadataMapping.artifact_id == entity.id).first() if m: m.value = value_dict["value"] db.session.add(m) dirty = True else: m = db.session.query(Metadata).filter(Metadata.key == name).filter( Metadata.artifact_type == ENTITY_MAPPING["DNS"]).first() db.session.add( MetadataMapping(value=value_dict["value"], metadata_id=m.id, artifact_id=entity.id, created_user_id=current_user.id)) dirty = True if dirty: db.session.commit() entity = c2dns.C2dns.query.get(entity.id) return jsonify(entity.to_dict()), 200
def batch_update(batch, artifact, session, include_tags=True): category = dict() fields_to_update = dict() if 'description' in batch and batch['description']: fields_to_update['description'] = batch['description'] if 'expiration_timestamp' in batch and batch[ 'expiration_timestamp'] and hasattr(artifact, 'expiration_timestamp'): fields_to_update['expiration_timestamp'] = batch[ 'expiration_timestamp'] if 'category' in batch and batch['category'] and hasattr( artifact, 'category'): fields_to_update['category'] = batch['category']['category'] \ if batch['category'] and 'category' in batch['category'] \ else None category_entity = CfgCategoryRangeMapping.query \ .filter(CfgCategoryRangeMapping.category == fields_to_update['category']) \ .first() category['id'] = category_entity.id if category_entity and not category_entity.current: category['current'] = category_entity.range_min else: category['current'] = category_entity.current if category_entity.current + 1 > category_entity.range_max: abort(400) if 'state' in batch and batch['state']: fields_to_update['state'] = verify_state(batch['state']['state']) \ if batch['state'] and 'state' in batch['state'] \ else verify_state(batch['state']) if 'owner_user' in batch and batch['owner_user']: fields_to_update['owner_user_id'] = batch['owner_user']['id'] \ if batch.get("owner_user", None) and batch["owner_user"].get("id", None) \ else None artifact_events_to_update = [] for batch_id in batch['ids']: entity = artifact.query.get(batch_id) if not entity: abort(404) if not current_user.admin and entity.owner_user_id != current_user.id: abort(403) if 'category' in fields_to_update and fields_to_update['category'] and hasattr(artifact, 'eventid') and \ entity.category != fields_to_update['category']: category['current'] = category['current'] + 1 artifact_events_to_update.append({ 'event_id': category['current'], 'artifact_id': batch_id }) if fields_to_update and 'ids' in batch and batch['ids']: session.execute( artifact.__table__.update().values(fields_to_update).where( artifact.id.in_(batch['ids']))) for artifact_events_to_update in artifact_events_to_update: session.execute(artifact.__table__.update().values({ 'eventid': artifact_events_to_update['event_id'] }).where(artifact.id == artifact_events_to_update['artifact_id'])) if category: update_cfg_category_range_mapping_current(category['id'], category['current']) session.commit() if include_tags and 'tags' in batch and batch['tags']: batch_create_tags_mapping(artifact.__tablename__, batch['ids'], batch['tags']) return jsonify(''), 200