def post(self, request):
policy = None
agent = None
# Determine if adding check to Policy or Agent
if "policy" in request.data:
policy = get_object_or_404(Policy, id=request.data["policy"])
# Object used for filter and save
parent = {"policy": policy}
else:
agent = get_object_or_404(Agent, pk=request.data["pk"])
parent = {"agent": agent}
script = None
if "script" in request.data["check"]:
script = get_object_or_404(Script,
pk=request.data["check"]["script"])
serializer = CheckSerializer(data=request.data["check"],
partial=True,
context=parent)
serializer.is_valid(raise_exception=True)
obj = serializer.save(**parent, script=script)
# Generate policy Checks
if policy:
generate_agent_checks_from_policies_task.delay(policypk=policy.pk)
elif agent:
agent.generate_checks_from_policies()
return Response(f"{obj.readable_desc} was added!")
def post(self, request):
policy = None
agent = None
# Determine if adding check to Policy or Agent
if "policy" in request.data:
policy = get_object_or_404(Policy, id=request.data["policy"])
# Object used for filter and save
parent = {"policy": policy}
else:
agent = get_object_or_404(Agent, pk=request.data["pk"])
parent = {"agent": agent}
script = None
if "script" in request.data["check"]:
script = get_object_or_404(Script,
pk=request.data["check"]["script"])
# set event id to 0 if wildcard because it needs to be an integer field for db
# will be ignored anyway by the agent when doing wildcard check
if (request.data["check"]["check_type"] == "eventlog"
and request.data["check"]["event_id_is_wildcard"]):
if agent and agent.not_supported(version_added="0.10.2"):
return notify_error({
"non_field_errors":
"Wildcard is only available in agent 0.10.2 or greater"
})
request.data["check"]["event_id"] = 0
serializer = CheckSerializer(data=request.data["check"],
partial=True,
context=parent)
serializer.is_valid(raise_exception=True)
obj = serializer.save(**parent, script=script)
# Generate policy Checks
if policy:
generate_agent_checks_from_policies_task.delay(policypk=policy.pk)
elif agent:
checks = agent.agentchecks.filter(check_type=obj.check_type,
managed_by_policy=True)
# Should only be one
duplicate_check = [
check for check in checks if check.is_duplicate(obj)
]
if duplicate_check:
policy = Check.objects.get(
pk=duplicate_check[0].parent_check).policy
if policy.enforced:
obj.overriden_by_policy = True
obj.save()
else:
duplicate_check[0].delete()
return Response(f"{obj.readable_desc} was added!")
def post(self, request):
if "policy" in request.data.keys():
from automation.tasks import generate_agent_checks_from_policies_task
generate_agent_checks_from_policies_task.delay(
request.data["policy"], create_tasks=True)
return Response("ok")
else:
return notify_error("The request was invalid")
def save(self, *args, **kwargs):
from automation.tasks import generate_agent_checks_from_policies_task
# get old policy if exists
old_policy = type(self).objects.get(pk=self.pk) if self.pk else None
super(BaseAuditModel, self).save(*args, **kwargs)
# generate agent checks only if active and enforced were changed
if old_policy:
if old_policy.active != self.active or old_policy.enforced != self.enforced:
generate_agent_checks_from_policies_task.delay(
policypk=self.pk,
create_tasks=True,
)
def post(self, request):
policy = None
agent = None
# Determine if adding check to Policy or Agent
if "policy" in request.data:
policy = get_object_or_404(Policy, id=request.data["policy"])
# Object used for filter and save
parent = {"policy": policy}
else:
agent = get_object_or_404(Agent, pk=request.data["pk"])
parent = {"agent": agent}
script = None
if "script" in request.data["check"]:
script = get_object_or_404(Script,
pk=request.data["check"]["script"])
serializer = CheckSerializer(data=request.data["check"],
partial=True,
context=parent)
serializer.is_valid(raise_exception=True)
obj = serializer.save(**parent, script=script)
# Generate policy Checks
if policy:
generate_agent_checks_from_policies_task.delay(policypk=policy.pk)
elif agent:
checks = agent.agentchecks.filter(check_type=obj.check_type,
managed_by_policy=True)
# Should only be one
duplicate_check = [
check for check in checks if check.is_duplicate(obj)
]
if duplicate_check:
policy = Check.objects.get(
pk=duplicate_check[0].parent_check).policy
if policy.enforced:
obj.overriden_by_policy = True
obj.save()
else:
duplicate_check[0].delete()
return Response(f"{obj.readable_desc} was added!")
def delete(self, request, pk):
check = get_object_or_404(Check, pk=pk)
# Policy check deleted
if check.policy:
delete_policy_check_task.delay(checkpk=check.pk)
# Re-evaluate agent checks is policy was enforced
if check.policy.enforced:
generate_agent_checks_from_policies_task.delay(
policypk=check.policy.pk)
# Agent check deleted
elif check.agent:
check.agent.generate_checks_from_policies()
check.delete()
return Response(f"{check.readable_desc} was deleted!")
