def check_if_owner(self, event): user = self.get_user() owner = is_event_owner(event, user) if not owner: raise cherrypy.HTTPError( 403, 'User/group {0}/{1} does not own event {2}'.format( user.username, user.group.name, event.identifier))
def __pull(self, item): if item.server_details: # do the sync only for this server if item.server_details.type == 'MISP': # set the parameters for misp self.misp_converter.api_key = item.server_details.user.api_key self.misp_converter.api_url = item.server_details.baseurl self.misp_converter.tag = item.server_details.name # fetch one event from misp misp_event_xml = self.misp_converter.get_xml_event( item.event_uuid) # make insert/merge try: self.misp_ctrl.ins_merg_event(item.server_details, misp_event_xml, item.server_details.user, self.user) self.process_controller.process_finished_success( item, self.user) except MISPAdapterException as error: raise SchedulerException(error) # TODO dump xml or log it in browser elif item.server_details.type.lower() == 'ce1sus': self.ce1sus_adapter.server_details = item.server_details self.ce1sus_adapter.login() rem_json = self.ce1sus_adapter.get_event_by_uuid( item.event_uuid, True, True, True, True) # check if event exists try: event = self.event_controller.get_event_by_uuid( item.event_uuid) # merge the event fetched owner = is_event_owner(event, item.server_details.user) event = self.ce1sus_adapter.assembler.update_event( event, rem_json, item.server_details.user, owner, True) self.__insert_provenance_report(event, item.server_details) self.event_controller.update_event(self.user, event, True, True) except ControllerNothingFoundException: event = self.ce1sus_adapter.assembler.assemble_event( rem_json, item.server_details.user, True, True, False) event.properties.is_validated = False self.__insert_provenance_report(event, item.server_details) self.event_controller.insert_event(self.user, event, True, True) except ControllerException as error: self.ce1sus_adapter.logout() raise SchedulerException(error) self.ce1sus_adapter.logout() self.process_controller.process_finished_success( item, self.user) pass else: raise SchedulerException('Server type {0} is unkown'.format( item.server_details.type)) else: # do the sync for all servers which are pull servers pass
def check_if_user_can_add(self, event): user = self.get_user() result = is_event_owner(event, user) if not result: result = self.is_user_allowed_to_perform(event, 'can_add', user) if not result: result = self.is_user_allowed_to_perform( event, 'can_propose', user) if not result: raise cherrypy.HTTPError( 403, 'User {0}/{1} can not add contents to event {2}'.format( user.username, user.group.name, event.identifier))
def is_event_owner(self, event, user): self.logger.debug( u'Checking if user/group {0}/{1} owns event {2}'.format( user.username, user.group.name, event.identifier)) result = is_event_owner(event, user) if result: self.logger.info(u'User/group {0}/{1} owns of event {2}'.format( user.username, user.group.name, event.identifier)) else: self.logger.info( u'User/group {0}/{1} does not own of event {2}'.format( user.username, user.group.name, event.identifier)) return result
def update_event(self, event, complete=False, inflated=False): url = '/event/{0}'.format(event.uuid) url = self.__set_complete_inflated(url, complete, inflated) event_permissions = self.event_controller.get_event_user_permissions( event, self.server_details.user) json = self.__request(url, 'PUT', data=event.to_dict(True, True, event_permissions, self.server_details.user)) owner = is_event_owner(event, self.server_details.user) event = self.assembler.update_event(event, json, self.server_details.user, owner, True) return event
def __push(self, item): if item.server_details: # do the sync only for this server if item.server_details.type == 'MISP': event = self.event_controller.get_event_by_uuid( item.event_uuid) self.__push_misp(item, event) elif item.server_details.type == 'Ce1sus': self.ce1sus_adapter.server_details = item.server_details self.ce1sus_adapter.login() event = self.event_controller.get_event_by_uuid( item.event_uuid) try: try: rem_event = self.ce1sus_adapter.get_event_by_uuid( item.event_uuid, False, False, False, False) self.__insert_provenance_report( event, item.server_details) owner = is_event_owner(event, item.server_details.user) event = self.ce1sus_adapter.assembler.update_event( event, rem_event, item.server_details.user, owner, True) self.__insert_provenance_report( event, item.server_details) self.ce1sus_adapter.update_event(event, True, True) except Ce1susAdapterNothingFoundException: event.properties.validated = False self.__insert_provenance_report( event, item.server_details) self.ce1sus_adapter.insert_event(event, True, True) self.process_controller.process_finished_success( item, item.server_details.user) except (BrokerException, ControllerException, Ce1susAdapterException) as error: raise SchedulerException(error) finally: self.ce1sus_adapter.logout() else: raise SchedulerException('Server type {0} is unkown'.format( item.server_details.type)) else: # do the sync for all servers which are push servers pass
def is_user_allowed_set_share(self, event, old_instance, user, json): properties = json.get('properties', None) if properties: shared = properties.get('shared', None) if shared is not None: if is_event_owner(event, user): return True else: if old_instance.originating_group.identifier == user.group_id: # User owns instance return True else: if old_instance.properties.is_shareable == shared: return True else: self.logger.info( u'User/group {0}/{1} has no right to share elements of event {2}' .format(user.username, user.group.name, event.identifier)) return False return True
def get_event_user_permissions(self, event, user): try: user = self.user_broker.getUserByUserName(user.username) # If is admin => give all rights the same is valid for the owenr isowner = is_event_owner(event, user) if isowner: permissions = EventPermissions('0') permissions.set_all() return permissions else: permissions = self.event_broker.get_event_user_permissions( event, user) if hasattr(permissions, 'permissions'): permissions = permissions.permissions return permissions else: return None except NothingFoundException as error: # The group was not associated to the event self.logger.debug(error) # if the event is still not visible the event has to have a lower or equal tlp level user_tlp = user.group.tlp_lvl result = event.tlp_level_id >= user_tlp if result: # Get the defaults for this group usr_grp = user.group permissions = usr_grp.default_permissions else: permissions = EventPermissions('0') return permissions except BrokerException as error: permissions = EventPermissions('0') return permissions
def to_dict(self, complete=True, inflated=False, event_permissions=None, user=None): if inflated: observables = list() for observable in self.get_observables_for_permissions(event_permissions, user): observables.append(observable.to_dict(complete, inflated, event_permissions, user)) observables_count = len(observables) indicators = list() for indicator in self.get_indicators_for_permissions(event_permissions, user): indicators.append(indicator.to_dict(complete, inflated, event_permissions, user)) indicators_count = len(indicators) reports = list() for report in self.get_reports_for_permissions(event_permissions, user): reports.append(report.to_dict(complete, inflated, event_permissions, user)) reports_count = len(reports) else: observables = None # observables_count = self.observables_count_for_permissions(event_permissions) observables_count = -1 reports = None # reports_count = self.reports_count_for_permissions(event_permissions) reports_count = -1 indicators = None indicators_count = -1 if complete: comments = list() if is_event_owner(self, user): for comment in self.comments: comments.append(comment.to_dict()) groups = list() for group in self.groups: groups.append(group.to_dict(complete, False)) result = {'identifier': self.convert_value(self.uuid), 'int_id': self.convert_value(self.identifier), 'title': self.convert_value(self.title), 'description': self.convert_value(self.description), 'last_publish_date': self.convert_value(self.last_publish_date), 'risk': self.convert_value(self.risk), 'status': self.convert_value(self.status), 'tlp': self.convert_value(self.tlp), 'analysis': self.convert_value(self.analysis), 'creator_group': self.creator_group.to_dict(complete, False), 'modifier_group': self.modifier.group.to_dict(complete, False), 'originating_group': self.originating_group.to_dict(complete, False), 'created_at': self.convert_value(self.created_at), 'published': self.convert_value(self.properties.is_shareable), 'modified_on': self.convert_value(self.modified_on), 'reports': reports, 'reports_count': reports_count, 'first_seen': self.convert_value(None), 'last_seen': self.convert_value(None), 'observables': observables, 'observables_count': observables_count, 'indicators': indicators, 'indicators_count': indicators_count, 'comments': comments, 'properties': self.properties.to_dict(), 'groups': groups, 'last_seen': self.convert_value(self.last_seen), 'first_seen': self.convert_value(self.first_seen) } else: result = {'identifier': self.convert_value(self.uuid), 'int_id': self.convert_value(self.identifier), 'title': self.convert_value(self.title), 'created_at': self.convert_value(self.created_at), 'published': self.convert_value(self.properties.is_shareable), 'modified_on': self.convert_value(self.modified_on), 'observables': observables, 'observables_count': observables_count, 'indicators': indicators, 'indicators_count': indicators_count, 'reports': reports, 'reports_count': reports_count, 'risk': self.convert_value(self.risk), 'status': self.convert_value(self.status), 'tlp': self.convert_value(self.tlp), 'analysis': self.convert_value(self.analysis), 'creator_group': self.creator_group.to_dict(complete, False), 'modifier_group': self.modifier.group.to_dict(complete, False), 'originating_group': self.originating_group.to_dict(complete, False), 'last_seen': self.convert_value(self.last_seen), 'first_seen': self.convert_value(self.first_seen), 'comments': None, 'properties': self.properties.to_dict() } return result