def count_by_type(request): try: if request.method != 'GET': return HttpResponseNotAllowed(['GET']) #認証する user = authentication(request) if user is None: return error(Exception('You have no permission for this operation.')) #返却データ作成 ret_types = [ ('Packages' , StixFiles.objects.count()), ('Campaigns' , StixCampaigns.objects.count()), ('Incidents' , StixIncidents.objects.count()), ('Indicators' , StixIndicators.objects.count()), ('Observables' , StixObservables.objects.count()), ('Threat Actors' , StixThreatActors.objects.count()), ('Exploit Targets' , StixExploitTargets.objects.count()), ('Courses Of Action' , StixCoursesOfAction.objects.count()), ('TTPs' , StixTTPs.objects.count()), ] resp = get_normal_response_json() resp['data'] = [] for ret_type in ret_types: type_,count_ = ret_type d = { 'type' : type_, 'count' : count_ } resp['data'].append(d) return JsonResponse(resp) except Exception as e: traceback.print_exc() return error(e)
def stix_file_l1_info(request,package_id): try: if request.method != 'GET': return HttpResponseNotAllowed(['GET']) #認証する user = authentication(request) if user is None: return error(Exception('You have no permission for this operation.')) #該当するキャッシュを検索する caches = ObservableCaches.objects.filter(package_id=package_id) #返却データを作成する data = [] for cache in caches: r = { 'type' : cache.type, 'value' : cache.value, 'observable_id' : cache.observable_id, } data.append(r) #response data 作成 resp = get_normal_response_json() resp['data'] = data return JsonResponse(resp) except Exception as e: traceback.print_exc() return error(e)
def package_name_list(request): LIMIT_KEY = 'limit' try: if request.method != 'GET': return HttpResponseNotAllowed(['GET']) #認証する user = authentication(request) if user is None: return error(Exception('You have no permission for this operation.')) #全取得 stix_files = StixFiles.objects.filter(Q(is_post_sns__ne=False)).only('package_name','package_id').order_by('package_name') #limit取得 try: limit = int(request.GET[LIMIT_KEY]) except: limit = None #指定があれば上位の指定数だけを返却する if limit is not None: stix_files = stix_files[:limit] rsp_stix_files = [] #返却データ作成 for stix_file in stix_files: rsp_stix_files.append(stix_file.get_rest_api_package_name_info()) resp = get_normal_response_json() resp['data'] = rsp_stix_files return JsonResponse(resp) except Exception as e: traceback.print_exc() return error(e)
def latest_stix_count_by_community(request): LASTEST_DAYS_KEY = 'latest_days' DEFAULT_LATEST_DAYS = 7 try: if request.method != 'GET': return HttpResponseNotAllowed(['GET']) #認証する user = authentication(request) if user is None: return error(Exception('You have no permission for this operation.')) #最新何日からカウントするか取得する try: latest_days = int(request.GET[LASTEST_DAYS_KEY]) except: latest_days = DEFAULT_LATEST_DAYS #返却データ作成 resp = get_normal_response_json() resp['data'] = [] #communityごとにカウントする for community in Communities.objects.all(): count = count_by_community(community,latest_days) d = { 'community' : community.name, 'count' : count } resp['data'].append(d) return JsonResponse(resp) except Exception as e: traceback.print_exc() return error(e)
def matched_packages(request): PACKAGE_ID_KEY = 'package_id' EXACT_KEY = 'exact' SIMILAR_IPV4_KEY = 'similar_ipv4' SIMILAR_DOMAIN_KEY = 'similar_domain' try: if request.method != 'GET': return HttpResponseNotAllowed(['GET']) # 認証する user = authentication(request) if user is None: return error( Exception('You have no permission for this operation.')) package_id = request.GET[PACKAGE_ID_KEY] exact = get_boolean_value(request.GET, EXACT_KEY, True) similar_ipv4 = get_boolean_value(request.GET, SIMILAR_IPV4_KEY, False) similar_domain = get_boolean_value(request.GET, SIMILAR_DOMAIN_KEY, False) ret = get_matched_packages(package_id, exact=exact, similar_ipv4=similar_ipv4, similar_domain=similar_domain) resp = get_normal_response_json() resp['data'] = ret return JsonResponse(resp) except Exception as e: traceback.print_exc() return error(e)
def sighting(request, observed_data_id): # apikey認証 ctirs_auth_user = authentication(request) if ctirs_auth_user is None: return error(Exception('You have no permission for this operation.')) first_seen = get_api_stix_files_v2_sighting_first_seen(request) last_seen = get_api_stix_files_v2_sighting_last_seen(request) count = get_api_stix_files_v2_sighting_count(request) # first_seen, last_seen, optional とも option try: if request.method != 'POST': return HttpResponseNotAllowed(['POST']) # SightingObjects 作成 sighting_id, content = StixSightings.create_by_observed_id( first_seen, last_seen, count, observed_data_id, ctirs_auth_user) resp = get_normal_response_json() d = {} d['sighting_object_id'] = sighting_id d['sighting_object_json'] = content resp['data'] = d return JsonResponse(resp, status=201, safe=False) except Exception as e: traceback.print_exc() return error(e)
def stix_files_id_stix(request, id_): #apikey認証 ctirs_auth_user = authentication(request) if ctirs_auth_user is None: return error(Exception('You have no permission for this operation.')) try: doc = StixFiles.objects.get(id=id_) return JsonResponse(doc.get_rest_api_document_content(), safe=False) except DoesNotExist: return error(Exception('The specified id not found.'))
def stix_files_package_id_stix(request, package_id): # apikey認証 ctirs_auth_user = api_root.authentication(request) if ctirs_auth_user is None: return api_root.error( Exception('You have no permission for this operation.')) try: doc = StixFiles.objects.get(package_id=package_id) return api_root.get_rest_api_document_content(doc) except Exception as e: return api_root.error(e)
def upload_stix_file(request): ctirs_auth_user = api_root.authentication(request) if ctirs_auth_user is None: return api_root.error(Exception('You have no permission for this operation.')) try: via = Vias.get_via_rest_api_upload(uploader=ctirs_auth_user.id) upload_common(request, via) return api_root.get_put_normal_status() except Exception as e: import traceback traceback.print_exc() return api_root.error(e)
def stix_files_package_id_related_packages(request, package_id): # apikey認証 ctirs_auth_user = api_root.authentication(request) if ctirs_auth_user is None: return api_root.error( Exception('You have no permission for this operation.')) try: ret = get_matched_packages(package_id) return JsonResponse(ret, safe=False) except Exception as e: import traceback traceback.print_exc() return api_root.error(e)
def language_contents(request, object_ref): ctirs_auth_user = authentication(request) if not ctirs_auth_user: return error(Exception('You have no permission for this operation.')) try: if request.method == 'GET': return get_language_contents(request, object_ref) elif request.method == 'POST': return post_language_contents(request, object_ref, ctirs_auth_user) else: return HttpResponseNotAllowed(['GET', 'POST']) except Exception as e: return error(e)
def package_list(request): REQUIRED_COMMENT_KEY = 'required_comment' LIMIT_KEY = 'limit' ORDER_BY_KEY = 'order_by' DEFAULT_ORDER_BY = 'package_name' try: if request.method != 'GET': return HttpResponseNotAllowed(['GET']) # 認証する user = authentication(request) if user is None: return error( Exception('You have no permission for this operation.')) required_comment = False if (REQUIRED_COMMENT_KEY in request.GET): if request.GET[REQUIRED_COMMENT_KEY].lower() == 'true': required_comment = True # 全取得 stix_files = StixFiles.objects.filter() # order_by指定があればソートする # それ以外に場合はpackage_nameを辞書順でソートする if (ORDER_BY_KEY in request.GET): try: stix_files = stix_files.order_by(request.GET[ORDER_BY_KEY]) except BaseException: stix_files = stix_files.order_by(DEFAULT_ORDER_BY) else: stix_files = stix_files.order_by(DEFAULT_ORDER_BY) # limit取得 try: limit = int(request.GET[LIMIT_KEY]) except BaseException: limit = None # 指定があれば上位の指定数だけを返却する if limit is not None: stix_files = stix_files[:limit] rsp_stix_files = [] # 返却データ作成 for stix_file in stix_files: rsp_stix_files.append( stix_file.get_rest_api_document_info(required_comment)) resp = get_normal_response_json() resp['data'] = rsp_stix_files return JsonResponse(resp) except Exception as e: traceback.print_exc() return error(e)
def stix_file_stix(request,package_id): try: if request.method != 'GET': return HttpResponseNotAllowed(['GET']) #認証する user = authentication(request) if user is None: return error(Exception('You have no permission for this operation.')) resp = get_normal_response_json() stix_file = StixFiles.objects.get(package_id=package_id) resp['data'] = _get_stix_content_dict(stix_file) return JsonResponse(resp) except Exception as e: traceback.print_exc() return error(e)
def get_stix_files_id(request,package_id): try: #認証する user = authentication(request) if user is None: return error(Exception('You have no permission for this operation.')) #検索 stix_file = StixFiles.objects.get(package_id=package_id) #response data 作成 resp = get_normal_response_json() resp['data'] = stix_file.to_dict() return JsonResponse(resp) except Exception as e: traceback.print_exc() return error(e)
def delete_stix_files_id(request,package_id): try: #認証する user = authentication(request) if user is None: return error(Exception('You have no permission for this operation.')) #mongoから該当レコード削除 origin_path = StixFiles.delete_by_package_id(package_id) #ファイル削除 if os.path.exists(origin_path) == True: os.remove(origin_path) #response data 作成 return JsonResponse({},status=204) except Exception as e: traceback.print_exc() return error(e)
def communities(request): try: if request.method != 'GET': return HttpResponseNotAllowed(['GET']) #認証する user = authentication(request) if user is None: return error(Exception('You have no permission for this operation.')) resp = get_normal_response_json() resp['data'] = [] for community in Communities.objects.all(): resp['data'].append(community.to_dict()) return JsonResponse(resp) except Exception as e: traceback.print_exc() return error(e)
def get_stix_files(request): # apikey認証 ctirs_auth_user = api_root.authentication(request) if ctirs_auth_user is None: return api_root.error( Exception('You have no permission for this operation.')) l = [] query = {} # community filter community = get_api_get_stix_files_community(request) if community is not None: try: query['input_community'] = Communities.objects.get(name=community) except DoesNotExist: return api_root.error( Exception('The specified community not found.')) # start filter # YYYYMMDDHHMMSS形式 start = get_api_get_stix_files_start(request) if start is not None: try: d = get_datetime_from_argument(start) query['created__gt'] = d except Exception as _: return api_root.error(Exception('Time string format invalid.')) # end filter # YYYYMMDDHHMMSS形式 end = get_api_get_stix_files_end(request) if end is not None: try: d = get_datetime_from_argument(end) query['created__lt'] = d except Exception as _: return api_root.error(Exception('Time string format invalid.')) # 検索 for stix_files in StixFiles.objects.filter(**query): try: l.append(stix_files.get_rest_api_document_info()) except DoesNotExist: pass return JsonResponse(l, safe=False)
def stix_files_package_id(request, package_id): # apikey認証 ctirs_auth_user = api_root.authentication(request) if ctirs_auth_user is None: return api_root.error( Exception('You have no permission for this operation.')) try: if request.method == 'GET': # STIX ファイル情報取得 return get_stix_file_package_id_document_info(request, package_id) elif request.method == 'DELETE': # STIX ファイル情報削除 delete_stix_file_package_id_document_info(package_id) return api_root.get_delete_normal_status() else: return HttpResponseNotAllowed(['GET', 'DELETE']) except Exception as e: return api_root.error(e)
def get_object_main(request, object_id): # apikey認証 ctirs_auth_user = authentication(request) if ctirs_auth_user is None: return error(Exception('You have no permission for this operation.')) try: if request.method != 'GET': return HttpResponseNotAllowed(['GET']) object_ = get_object(object_id) resp = get_normal_response_json() if object_ is None: resp['data'] = None else: resp['data'] = object_ return JsonResponse(resp, status=200, safe=False) except Exception as e: import traceback traceback.print_exc() return error(e)
def stix_file_comment(request,package_id): try: if request.method != 'PUT': return HttpResponseNotAllowed(['PUT']) #認証する user = authentication(request) if user is None: return error(Exception('You have no permission for this operation.')) if request.GET.has_key('comment') == False: return error(Exception('No input comment.')) comment = request.GET['comment'] #検索してコメント保存 stix_file = StixFiles.objects.get(package_id=package_id) stix_file.comment = comment stix_file.save() return JsonResponse({},status=204) except Exception as e: traceback.print_exc() return error(e)
def latest_package_list(request): DEFAULT_LATEST_NUM = 10 try: if request.method != 'GET': return HttpResponseNotAllowed(['GET']) #認証する user = authentication(request) if user is None: return error(Exception('You have no permission for this operation.')) try: num = int(request.GET['num']) except: num = DEFAULT_LATEST_NUM resp = get_normal_response_json() resp['data'] = [] #producedを降順でソート for stix_file in StixFiles.objects.order_by('-produced')[:num]: resp['data'] .append(stix_file.get_rest_api_document_info()) return JsonResponse(resp) except Exception as e: traceback.print_exc() return error(e)
def language_contents(request): try: if request.method != 'GET': return HttpResponseNotAllowed(['GET']) #認証する user = authentication(request) if user is None: return error(Exception('You have no permission for this operation.')) #表示する長さ object_ref = request.GET['object_ref'] object_modified = request.GET['object_modified'] objects = StixLanguageContents.objects.filter( Q(object_ref=object_ref)& Q(object_modified=object_modified)).order_by('-modified') language_contents = [] for o_ in objects: language_contents.append(o_.object_) resp = get_normal_response_json() resp['data'] = language_contents return JsonResponse(resp) except Exception as e: traceback.print_exc() return error(e)
def wrap(request, *args, **kwargs): ctirs_auth_user = api_root.authentication(request) if ctirs_auth_user is None: return api_root.error( Exception('You have no permission for this operation.')) return f(request, *args, **kwargs)
def l1_info_for_l1table(request): try: if request.method != 'GET': return HttpResponseNotAllowed(['GET']) #認証する user = authentication(request) if user is None: return error(Exception('You have no permission for this operation.')) #ajax parameter取得 #表示する長さ iDisplayLength = int(request.GET['iDisplayLength']) #表示開始位置インデックス iDisplayStart = int(request.GET['iDisplayStart']) #検索文字列 sSearch = request.GET['sSearch'] #ソートする列 sort_col = int(request.GET['iSortCol']) #ソート順番 (desc指定で降順) sort_dir = request.GET['sSortDir'] #alias情報 #存在しない場合は空としてあつかつ try: aliases_str = request.GET['aliases'] alias_lists = json.loads(aliases_str) except: alias_lists = [] order_query = None SORT_INDEX_TYPE = 0 SORT_INDEX_VALUE = 1 SORT_INDEX_PACKAGE_NAME = 2 SORT_INDEX_TILE = 3 SORT_INDEX_DESCRIPTION = 4 SORT_INDEX_TIMESTAMP = 5 #type if sort_col == SORT_INDEX_TYPE: order_query = 'type' #value elif sort_col == SORT_INDEX_VALUE: order_query = 'value' #pacakge_name elif sort_col == SORT_INDEX_PACKAGE_NAME: order_query = 'package_name' #title elif sort_col == SORT_INDEX_TILE: order_query = 'title' #description elif sort_col == SORT_INDEX_DESCRIPTION: order_query = 'description' #timestamp elif sort_col == SORT_INDEX_TIMESTAMP: order_query = 'produced' #昇順/降順 if order_query is not None: #descが降順 if sort_dir == 'desc': order_query = '-' + order_query #query #検索ワードをリスト化 tmp_sSearches = list(set(sSearch.split(' '))) #空要素は取り除く if '' in tmp_sSearches: tmp_sSearches.remove('') #検索リスト作成 sSearches = [] for item in tmp_sSearches: #まず、元の単語は追加する sSearches.append(item) #alias_lists 1つずつチェックする for alias_list in alias_lists: #検索ワードがalias_listにあれば、そのリストに含まれるすべての単語が検索対象 if item in alias_list: sSearches.extend(alias_list) #重複を省く sSearches = list(set(sSearches)) #Filterを作成する filters = Q() #alias含め、その文字列が含まれていたらヒットとする for sSearch in sSearches: filters = filters | Q(type__icontains=sSearch) filters = filters | Q(value__icontains=sSearch) filters = filters | Q(package_name__icontains=sSearch) filters = filters | Q(title__icontains=sSearch) filters = filters | Q(description__icontains=sSearch) #検索 objects = ObservableCaches.objects.filter(filters).order_by(order_query) #検索結果から表示範囲のデータを抽出する data = [] for d in objects[iDisplayStart:(iDisplayStart + iDisplayLength)]: r = {} r['type'] = d.type r['value'] = d.value r['package_name'] = d.package_name r['package_id'] = d.stix_file.package_id r['title'] = d.title r['description'] = d.description r['created'] = str(d.created) r['stix_v2'] = d.stix_file.is_stix_v2() r['observable_id'] = d.observable_id data.append(r) #response data 作成 r_data = {} r_data['iTotalRecords'] = ObservableCaches.objects.count() r_data['iTotalDisplayRecords'] = objects.count() r_data['data'] = data resp = get_normal_response_json() resp['data'] = r_data return JsonResponse(resp) except Exception as e: traceback.print_exc() return error(e)
def matched_packages(request): PACKAGE_ID_KEY = 'package_id' EXACT_KEY = 'exact' SIMILAR_IPV4_KEY = 'similar_ipv4' SIMILAR_DOMAIN_KEY = 'similar_domain' try: if request.method != 'GET': return HttpResponseNotAllowed(['GET']) #認証する user = authentication(request) if user is None: return error(Exception('You have no permission for this operation.')) package_id = request.GET[PACKAGE_ID_KEY] exact = get_boolean_value(request.GET,EXACT_KEY,True) similar_ipv4 = get_boolean_value(request.GET,SIMILAR_IPV4_KEY,False) similar_domain = get_boolean_value(request.GET,SIMILAR_DOMAIN_KEY,False) exact_dict = {} similar_ipv4_dict = {} similar_domain_dict = {} package_id_list = [] #exact match情報取得 if exact == True: infos = _get_exact_matched_info(package_id) for info in infos: key = info.package_id package_id_list.append(key) if exact_dict.has_key(key) == False: exact_dict[key] = 1 else: exact_dict[key] += 1 #IPv4 類似度情報取得 if similar_ipv4 == True: infos = _get_similar_ipv4(package_id) for info in infos: cache = info['cache'] key = cache.package_id package_id_list.append(key) if similar_ipv4_dict.has_key(key) == False: similar_ipv4_dict[key] = 1 else: similar_ipv4_dict[key] += 1 #domain 類似度情報取得 if similar_domain == True: infos = _get_similar_domain(package_id) for info in infos: cache = info['cache'] key = cache.package_id package_id_list.append(key) if similar_domain_dict.has_key(key) == False: similar_domain_dict[key] = 1 else: similar_domain_dict[key] += 1 #返却データ作成 #package_id の set を作成(重複を省くため) package_id_set = list(set(package_id_list)) ret = [] for p_id in package_id_set: d = {} d['package_id'] = p_id d['package_name'] = StixFiles.objects.get(package_id = p_id).package_name if exact == True: d['exact'] = 0 if exact_dict.has_key(p_id)== False else exact_dict[p_id] if ((similar_ipv4 == True) or (similar_domain == True)): s_dict = { 'ipv4' : 0 if similar_ipv4_dict.has_key(p_id)== False else similar_ipv4_dict[p_id], 'domain': 0 if similar_domain_dict.has_key(p_id)== False else similar_domain_dict[p_id]} d['similar'] = s_dict ret.append(d) resp = get_normal_response_json() resp['data'] = ret return JsonResponse(resp) except Exception as e: traceback.print_exc() return error(e)
def contents_and_edges(request): PACKAGE_ID_KEY = 'package_id' COMPARED_PACKAGE_IDS_KEY = 'compared_package_ids' EXACT_KEY = 'exact' SIMILAR_IPV4_KEY = 'similar_ipv4' SIMILAR_DOMAIN_KEY = 'similar_domain' try: if request.method != 'GET': return HttpResponseNotAllowed(['GET']) #認証する user = authentication(request) if user is None: return error(Exception('You have no permission for this operation.')) package_id = request.GET[PACKAGE_ID_KEY] compared_package_ids = request.GET.getlist(COMPARED_PACKAGE_IDS_KEY) exact = get_boolean_value(request.GET,EXACT_KEY,True) similar_ipv4 = get_boolean_value(request.GET,SIMILAR_IPV4_KEY,False) similar_domain = get_boolean_value(request.GET,SIMILAR_DOMAIN_KEY,False) edges = [] if exact == True: #exact match情報取得 #end_infos には compared_package_ids候補が格納される end_infos = _get_exact_matched_info(package_id) for end_info in end_infos: #compared_package_ids に含まれていない package_id はskip if end_info.package_id not in compared_package_ids: continue #終点情報 end_node = { 'package_id' : end_info.package_id, 'node_id' : end_info.node_id } #検索対象となるコレクションを取得 if hasattr(end_info,'start_collection') == True: #start_collection 指定がある場合はそのコレクションから collection = end_info.start_collection else: #指定がない場合は end_info と同じ collection = type(end_info) #コレクションから終点情報に合致する始点を検索 if collection != IndicatorV2Caches: #IndicatorV2Caches 以外 start_caches = collection.objects.filter( package_id=package_id, type=end_info.type, value=end_info.value) else: #IndicatorV2Caches start_caches = collection.objects.filter( package_id=package_id, pattern=end_info.pattern) #開始位置情報と線情報を格納する for start_cache in start_caches: start_node = { 'package_id' : package_id, 'node_id' : start_cache.node_id } edge ={ 'edge_type' : EXACT_EDGE_TYPE, 'start_node' : start_node, 'end_node' : end_node } edges.append(edge) if similar_ipv4 == True: #similar ipv4情報取得 end_infos = _get_similar_ipv4(package_id) for end_info in end_infos: #compared_package_ids に含まれていない package_id はskip end_cache = end_info['cache'] if end_cache.package_id not in compared_package_ids: continue #終点情報 end_node = { 'package_id' : end_cache.package_id, 'node_id' : end_cache.node_id } #IPの値を取得 source_value = end_info['source_value'] #終点情報に類似する始点を検索 start_caches = ObservableCaches.objects.filter( package_id=package_id, type=end_cache.type, value=source_value) for start_cache in start_caches: #始点情報 start_node = { 'package_id' : package_id, 'node_id' : start_cache.node_id } #IPv4 similarity計測 edge_type = _get_ipv4_similarity_type(start_cache,end_cache) edge ={ 'edge_type' : edge_type, 'start_node' : start_node, 'end_node' : end_node } edges.append(edge) if similar_domain == True: #similar domain情報取得 end_infos = _get_similar_domain(package_id) for end_info in end_infos: #compared_package_ids に含まれていない package_id はskip end_cache = end_info['cache'] if end_cache.package_id not in compared_package_ids: continue #終点情報 end_node = { 'package_id' : end_cache.package_id, 'node_id' : end_cache.node_id } #IPの値を取得 source_value = end_info['source_value'] #終点情報に類似する始点を検索 start_caches = ObservableCaches.objects.filter( package_id=package_id, type=end_cache.type, value=source_value) for start_cache in start_caches: edge_type = _get_domain_similarity_type(start_cache,end_cache) if edge_type is None: continue #始点情報 start_node = { 'package_id' : package_id, 'node_id' : start_cache.node_id } #domain domain計測 edge ={ 'edge_type' : edge_type, 'start_node' : start_node, 'end_node' : end_node } edges.append(edge) #contents作成 contents = [] #pacakge_id指定分 contents.append(_get_contents_item(package_id)) #compared_package_ids指定分 for compared_package_id in compared_package_ids: contents.append(_get_contents_item(compared_package_id)) #返却データ作成 data = {} data['contents'] = contents data['edges'] = edges resp = get_normal_response_json() resp['data'] = data return JsonResponse(resp) except Exception as e: traceback.print_exc() return error(e)
def package_list_for_sharing_table(request): try: if request.method != 'GET': return HttpResponseNotAllowed(['GET']) #認証する user = authentication(request) if user is None: return error(Exception('You have no permission for this operation.')) #ajax parameter取得 #表示する長さ iDisplayLength = int(request.GET['iDisplayLength']) #表示開始位置インデックス iDisplayStart = int(request.GET['iDisplayStart']) #検索文字列 sSearch = request.GET['sSearch'] #ソートする列 sort_col = int(request.GET['iSortCol']) #ソート順番 (desc指定で降順) sort_dir = request.GET['sSortDir'] order_query = None SORT_INDEX_PACKAGE_NAME = 3 #pakcage_name if sort_col == SORT_INDEX_PACKAGE_NAME: order_query = 'package_name' #昇順/降順 if order_query is not None: #descが降順 if sort_dir == 'desc': order_query = '-' + order_query #検索対象のコミュニティリストを検索 community_objects = Communities.objects.filter(name__icontains=sSearch) #検索 objects = StixFiles.objects.filter( Q(package_name__icontains=sSearch) | Q(input_community__in=community_objects)) \ .order_by(order_query) objects = objects.filter(Q(is_post_sns__ne=False)) #検索結果から表示範囲のデータを抽出する data = [] for d in objects[iDisplayStart:(iDisplayStart + iDisplayLength)]: r = {} r['comment'] = d.comment r['package_name'] = d.package_name r['package_id'] = d.package_id try: r['input_community'] = d.input_community.name except: r['input_community'] = '' data.append(r) #response data 作成 r_data = {} r_data['iTotalRecords'] = StixFiles.objects.count() r_data['iTotalDisplayRecords'] = objects.count() r_data['data'] = data resp = get_normal_response_json() resp['data'] = r_data return JsonResponse(resp) except Exception as e: traceback.print_exc() return error(e)