def save(self, *args, **kw):
from alerts.tasks import cache_agents_alert_template
from automation.tasks import generate_agent_checks_task
# get old client if exists
old_client = type(self).objects.get(pk=self.pk) if self.pk else None
super(BaseAuditModel, self).save(*args, **kw)
# check if polcies have changed and initiate task to reapply policies if so
if old_client:
if (
(old_client.server_policy != self.server_policy)
or (old_client.workstation_policy != self.workstation_policy)
or (
old_client.block_policy_inheritance != self.block_policy_inheritance
)
):
generate_agent_checks_task.delay(
client=self.pk,
create_tasks=True,
)
if old_client.alert_template != self.alert_template:
cache_agents_alert_template.delay()
def save(self, *args, **kwargs):
from alerts.tasks import cache_agents_alert_template
from automation.tasks import generate_agent_checks_task
if not self.pk and CoreSettings.objects.exists():
raise ValidationError(
"There can only be one CoreSettings instance")
# for install script
if not self.pk:
try:
self.mesh_site = settings.MESH_SITE
self.mesh_username = settings.MESH_USERNAME
self.mesh_token = settings.MESH_TOKEN_KEY
except:
pass
old_settings = type(self).objects.get(pk=self.pk) if self.pk else None
super(BaseAuditModel, self).save(*args, **kwargs)
# check if server polcies have changed and initiate task to reapply policies if so
if (old_settings and old_settings.server_policy != self.server_policy
) or (old_settings and
old_settings.workstation_policy != self.workstation_policy):
generate_agent_checks_task.delay(all=True, create_tasks=True)
if old_settings and old_settings.alert_template != self.alert_template:
cache_agents_alert_template.delay()
def delete(self, *args, **kwargs):
from automation.tasks import generate_agent_checks_task
agents = list(self.related_agents().only("pk").values_list("pk",
flat=True))
super(BaseAuditModel, self).delete(*args, **kwargs)
generate_agent_checks_task.delay(agents, create_tasks=True)
def post(self, request):
if "policy" in request.data.keys():
from automation.tasks import generate_agent_checks_task
generate_agent_checks_task.delay(policy=request.data["policy"],
create_tasks=True)
return Response("ok")
else:
return notify_error("The request was invalid")
def post(self, request):
from automation.tasks import generate_agent_checks_task
policy = None
agent = None
# Determine if adding check to Policy or Agent
if "policy" in request.data:
policy = get_object_or_404(Policy, id=request.data["policy"])
# Object used for filter and save
parent = {"policy": policy}
else:
agent = get_object_or_404(Agent, pk=request.data["pk"])
parent = {"agent": agent}
script = None
if "script" in request.data["check"]:
script = get_object_or_404(Script,
pk=request.data["check"]["script"])
# set event id to 0 if wildcard because it needs to be an integer field for db
# will be ignored anyway by the agent when doing wildcard check
if (request.data["check"]["check_type"] == "eventlog"
and request.data["check"]["event_id_is_wildcard"]):
request.data["check"]["event_id"] = 0
serializer = CheckSerializer(data=request.data["check"],
partial=True,
context=parent)
serializer.is_valid(raise_exception=True)
new_check = serializer.save(**parent, script=script)
# Generate policy Checks
if policy:
generate_agent_checks_task.delay(policy=policy.pk)
elif agent:
checks = agent.agentchecks.filter( # type: ignore
check_type=new_check.check_type,
managed_by_policy=True)
# Should only be one
duplicate_check = [
check for check in checks if check.is_duplicate(new_check)
]
if duplicate_check:
policy = Check.objects.get(
pk=duplicate_check[0].parent_check).policy
if policy.enforced:
new_check.overriden_by_policy = True
new_check.save()
else:
duplicate_check[0].delete()
return Response(f"{new_check.readable_desc} was added!")
def delete(self, request, pk, sitepk):
from automation.tasks import generate_agent_checks_task
client = get_object_or_404(Client, pk=pk)
agents = Agent.objects.filter(site__client=client)
if not sitepk:
return notify_error(
"There needs to be a site specified to move existing agents to"
)
site = get_object_or_404(Site, pk=sitepk)
agents.update(site=site)
generate_agent_checks_task.delay(all=True, create_tasks=True)
client.delete()
return Response(f"{client.name} was deleted!")
def save(self, *args, **kwargs):
from alerts.tasks import cache_agents_alert_template
from automation.tasks import generate_agent_checks_task
# get old policy if exists
old_policy = type(self).objects.get(pk=self.pk) if self.pk else None
super(BaseAuditModel, self).save(*args, **kwargs)
# generate agent checks only if active and enforced were changed
if old_policy:
if old_policy.active != self.active or old_policy.enforced != self.enforced:
generate_agent_checks_task.delay(
policy=self.pk,
create_tasks=True,
)
if old_policy.alert_template != self.alert_template:
cache_agents_alert_template.delay()
def delete(self, request, pk):
from automation.tasks import generate_agent_checks_task
check = get_object_or_404(Check, pk=pk)
check.delete()
# Policy check deleted
if check.policy:
Check.objects.filter(parent_check=check.pk).delete()
# Re-evaluate agent checks is policy was enforced
if check.policy.enforced:
generate_agent_checks_task.delay(policy=check.policy)
# Agent check deleted
elif check.agent:
check.agent.generate_checks_from_policies()
return Response(f"{check.readable_desc} was deleted!")
def delete(self, request, pk, sitepk):
from automation.tasks import generate_agent_checks_task
site = get_object_or_404(Site, pk=pk)
if site.client.sites.count() == 1:
return notify_error("A client must have at least 1 site.")
agents = Agent.objects.filter(site=site)
if not sitepk:
return notify_error(
"There needs to be a site specified to move the agents to")
agent_site = get_object_or_404(Site, pk=sitepk)
agents.update(site=agent_site)
generate_agent_checks_task.delay(all=True, create_tasks=True)
site.delete()
return Response(f"{site.name} was deleted!")