class DeviceSettings(DeviceSettingsDefaults):
"""Class used to manage an individual device's settings."""
def __init__(self, device_dict):
self.changes = {}
self.data = device_dict
self._destinations = device_dict[u"availableDestinations"]
bs = self.data[u"settings"][u"serviceBackupConfig"][u"backupConfig"][
u"backupSets"]
self.backup_sets = self._extract_backup_sets(bs)
"""List of :class:`BackupSet` objects used to manage this device's backup set configurations."""
@property
def computer_id(self):
"""Identifier of this device. Read-only."""
return self.data[u"computerId"]
@property
def device_id(self):
"""Identifier of this device (alias of `.computer_id`). Read only."""
return self.computer_id
@property
def guid(self):
"""Globally unique identifier of this device. Read-only."""
return self.data[u"guid"]
@property
def org_id(self):
"""Identifier of the organization this device belongs to. Read-only."""
return self.data[u"orgId"]
@property
def user_id(self):
"""Identifier of the user this device belongs to. Read-only."""
return self.data[u"userId"]
@property
def version(self):
"""Latest reported Code42 client version number for this device. Read-only."""
return self.data[u"version"]
@property
def java_memory_heap_max(self):
"""The maximum memory the client will use on its system"""
return self.data[u"settings"][u"javaMemoryHeapMax"]
name = SettingProperty(name=u"name", location=[u"name"])
"""Name for this device."""
external_reference = SettingProperty(name=u"external_reference",
location=[u"computerExtRef"])
"""External reference field for this device."""
notes = SettingProperty(name=u"notes", location=[u"notes"])
"""Notes field for this device."""
def __repr__(self):
return u"<DeviceSettings: guid: {}, name: {}>".format(
self.data[u"guid"], self.data[u"name"])
class OrgSettings(UserDict, object):
"""Class used to manage an Organization's settings."""
def __init__(self, org_settings, t_settings):
self.data = org_settings
self._t_settings = t_settings
self._packets = {}
self.changes = {}
self.device_defaults = DeviceSettingsDefaults(
self.data[u"deviceDefaults"], org_settings=self,
)
@property
def packets(self):
"""The setting packets for any modifications to be posted to the /api/OrgSettings
endpoint.
"""
return list(self._packets.values())
@property
def org_id(self):
"""The identifier for the org."""
return self.data[u"orgId"]
@property
def registration_key(self):
"""The registration key for the org."""
return self.data[u"registrationKey"]
org_name = SettingProperty(u"org_name", [u"orgName"])
"""Name for this Org."""
external_reference = SettingProperty(u"external_reference", [u"orgExtRef"])
"""External reference field for this Org."""
notes = SettingProperty(u"notes", [u"notes"])
"""Notes field for this Org."""
quota_settings_inherited = SettingProperty(
u"quota_settings_inherited", [u"settings", u"isUsingQuotaDefaults"],
)
"""Determines if Org Quota settings (`maximum_user_subscriptions`, `org_backup_quota`,
`user_backup_quota`, `archive_hold_days`) are inherited from parent organization.
Modifying one of the Org Quota attributes automatically sets this attribute to `False`.
"""
archive_hold_days = SettingProperty(
u"archive_hold_days",
[u"settings", u"archiveHoldDays"],
inheritance_attr=u"quota_settings_inherited",
)
"""Number of days backup archives are held in cold storage after deactivation or
destination removal from any devices in this Org.
"""
maximum_user_subscriptions = SettingProperty(
u"maximum_user_subscriptions",
[u"settings", u"maxSeats"],
inheritance_attr=u"quota_settings_inherited",
)
"""Number of users allowed to consume a license in this Org. Set to -1 for unlimited."""
org_backup_quota = SettingProperty(
u"org_backup_quota",
[u"settings", u"maxBytes"],
get_converter=bytes_to_gb,
set_converter=gb_to_bytes,
inheritance_attr=u"quota_settings_inherited",
)
"""Backup storage quota (in GB) for this organization. Set to -1 for unlimited."""
user_backup_quota = SettingProperty(
u"user_backup_quota",
[u"settings", u"defaultUserMaxBytes"],
get_converter=bytes_to_gb,
set_converter=gb_to_bytes,
inheritance_attr=u"quota_settings_inherited",
)
"""Backup storage quota (in GB) for each user in this organization. Set to -1 for
unlimited."""
web_restore_admin_limit = SettingProperty(
u"web_restore_admin_limit", [u"settings", u"webRestoreAdminLimitMb"]
)
"""Limit (in MB) to amount of data restorable by admin users via web restore."""
web_restore_user_limit = SettingProperty(
u"web_restore_user_limit", [u"settings", u"webRestoreUserLimitMb"]
)
"""Limit (in MB) to amount of data restorable by non-admin users via web restore."""
reporting_settings_inherited = SettingProperty(
u"reporting_settings_inherited", [u"settings", u"isUsingReportingDefaults"],
)
"""Determines if Org Reporting settings (`backup_warning_email_days`,
`backup_critical_email_days', `backup_alert_recipient_emails`) are inherited from
parent organization.
Modifying one of the Org Reporting attributes automatically sets this attribute to
`False`.
"""
backup_warning_email_days = SettingProperty(
u"backup_warning_email_days",
[u"settings", u"warnInDays"],
inheritance_attr=u"reporting_settings_inherited",
)
"""The number of days devices in this org can go without any backup before "warning"
alerts get sent to org admins.
"""
backup_critical_email_days = SettingProperty(
u"backup_critical_email_days",
[u"settings", u"alertInDays"],
inheritance_attr=u"reporting_settings_inherited",
)
"""The number of days devices in this org can go without any backup before "critical"
alerts get sent to org admins.
"""
backup_alert_recipient_emails = SettingProperty(
u"backup_alert_recipient_emails",
[u"settings", u"recipients"],
set_converter=to_list,
inheritance_attr=u"reporting_settings_inherited",
)
"""List of email addresses that organization backup alert emails get sent to (org
admin users get these automatically).
"""
_endpoint_monitoring_enabled = TSettingProperty(
u"endpoint_monitoring_enabled",
u"org-securityTools-enable",
get_converter=str_to_bool,
set_converter=bool_to_str,
)
_aed_enabled = TSettingProperty(
u"aed_enabled",
u"device_advancedExfiltrationDetection_enabled",
get_converter=str_to_bool,
set_converter=bool_to_str,
)
_removable_media_enabled = TSettingProperty(
u"removable_media_enabled",
u"org-securityTools-device-detection-enable",
get_converter=str_to_bool,
set_converter=bool_to_str,
)
_cloud_sync_enabled = TSettingProperty(
u"cloud_sync_enabled",
u"org-securityTools-cloud-detection-enable",
get_converter=str_to_bool,
set_converter=bool_to_str,
)
_browser_and_applications_enabled = TSettingProperty(
u"browser_and_applications_enabled",
u"org-securityTools-open-file-detection-enable",
get_converter=str_to_bool,
set_converter=bool_to_str,
)
_file_metadata_collection_enabled = TSettingProperty(
u"file_metadata_collection_enabled",
u"device_fileForensics_enabled",
get_converter=str_to_bool,
set_converter=bool_to_str,
)
_printer_detection_enabled = TSettingProperty(
u"printer_detection_enabled",
u"org_securityTools_printer_detection_enable",
get_converter=str_to_bool,
set_converter=bool_to_str,
)
@property
def endpoint_monitoring_enabled(self):
"""Determines if endpoint monitoring settings are enabled for this org.
Disabling this property also disables "removable media", "cloud sync",
"browser and application monitoring" and "printer detection" properties.
"""
return self._endpoint_monitoring_enabled
@endpoint_monitoring_enabled.setter
def endpoint_monitoring_enabled(self, val):
self._endpoint_monitoring_enabled = val
self._aed_enabled = val
if not val:
self._cloud_sync_enabled = val
self._browser_and_applications_enabled = val
self._removable_media_enabled = val
self._printer_detection_enabled = val
@property
def endpoint_monitoring_removable_media_enabled(self):
"""Determines if removable media endpoint monitoring event capturing is enabled
for this org.
"""
return self._removable_media_enabled
@endpoint_monitoring_removable_media_enabled.setter
def endpoint_monitoring_removable_media_enabled(self, value):
if value:
self.endpoint_monitoring_enabled = value
self._removable_media_enabled = value
@property
def endpoint_monitoring_cloud_sync_enabled(self):
"""Determines if cloud sync endpoint monitoring event capturing is enabled
for this org.
"""
return self._cloud_sync_enabled
@endpoint_monitoring_cloud_sync_enabled.setter
def endpoint_monitoring_cloud_sync_enabled(self, value):
if value:
self.endpoint_monitoring_enabled = value
self._cloud_sync_enabled = value
@property
def endpoint_monitoring_browser_and_applications_enabled(self):
"""Determines if browser and other application activity endpoint monitoring
event capturing is enabled for this org.
"""
return self._browser_and_applications_enabled
@endpoint_monitoring_browser_and_applications_enabled.setter
def endpoint_monitoring_browser_and_applications_enabled(self, value):
if value:
self.endpoint_monitoring_enabled = value
self._browser_and_applications_enabled = value
@property
def endpoint_monitoring_printer_detection_enabled(self):
"""Determines if printer endpoint monitoring event capturing is enabled for this
org.
"""
return self._printer_detection_enabled
@endpoint_monitoring_printer_detection_enabled.setter
def endpoint_monitoring_printer_detection_enabled(self, value):
if value:
self.endpoint_monitoring_enabled = value
self._printer_detection_enabled = value
@property
def endpoint_monitoring_file_metadata_collection_enabled(self):
"""Determines if file metadata collection is enabled for this org."""
return self._file_metadata_collection_enabled
@endpoint_monitoring_file_metadata_collection_enabled.setter
def endpoint_monitoring_file_metadata_collection_enabled(self, value):
if value:
self.endpoint_monitoring_enabled = value
self._file_metadata_collection_enabled = value
endpoint_monitoring_file_metadata_scan_enabled = TSettingProperty(
u"file_metadata_scan_enabled",
u"device_fileForensics_scan_enabled",
get_converter=str_to_bool,
set_converter=bool_to_str,
)
"""Determines if file metadata collection regular full scans are enabled for this
org.
"""
endpoint_monitoring_file_metadata_ingest_scan_enabled = TSettingProperty(
u"file_metadata_ingest_scan_enabled",
u"device_fileForensics_enqueue_scan_events_during_ingest",
get_converter=str_to_bool,
set_converter=bool_to_str,
)
"""Determines if file metadata collection does an initial full scan when first
enabled on devices.
"""
endpoint_monitoring_background_priority_enabled = TSettingProperty(
u"background_priority_enabled",
u"device_background_priority_enabled",
get_converter=str_to_bool,
set_converter=bool_to_str,
)
"""Determines if devices in this org have reduced priority in some IO bound tasks.
If enabled, devices may see improved general device performance at the expense of
some Code42 backup/security tasks taking longer.
"""
endpoint_monitoring_custom_applications_win = TSettingProperty(
u"custom_monitored_applications_win",
u"device_org_winAppActivity_binaryWhitelist",
get_converter=comma_separated_to_list,
set_converter=to_comma_separated,
)
"""List of additional applications the Code42 client monitors for file exfiltration
activity.
See `Support Documentation <https://support.code42.com/Administrator/Cloud/Configuring/Customize_applications_monitored_for_file_exfiltration>`__
for more details.
"""
endpoint_monitoring_custom_applications_mac = TSettingProperty(
u"custom_monitored_applications_mac",
u"device_org_macAppActivity_binaryWhitelist",
get_converter=comma_separated_to_list,
set_converter=to_comma_separated,
)
"""List of additional applications the Code42 client monitors for file exfiltration
activity.
See `Support Documentation <https://support.code42.com/Administrator/Cloud/Configuring/Customize_applications_monitored_for_file_exfiltration>`__
for more details.
"""
endpoint_monitoring_file_metadata_collection_exclusions = TSettingProperty(
u"file_metadata_collection_exclusions",
u"device_fileForensics_fileExclusions_org",
)
"""File types and file paths to exclude from file metadata collection.
See `Support Documentation <https://support.code42.com/Administrator/Cloud/Configuring/File_Metadata_Collection_exclusions>`__
for more details on the shape of the body this setting expects.
"""
endpoint_monitoring_file_exfiltration_detection_exclusions = TSettingProperty(
u"file_exfiltration_detection_exclusions",
u"org_securityTools_detection_monitoring_exclusions",
)
"""File types and file paths to exclude from file exfiltration detection.
See `Support Documentation <https://support.code42.com/Administrator/Cloud/Configuring/Endpoint_monitoring#ExcludePaths>`__
for more details on the shape of the body this setting expects.
"""
web_restore_enabled = TSettingProperty(
u"web_restore_enabled",
u"device_webRestore_enabled",
get_converter=str_to_bool,
set_converter=bool_to_str,
)
"""Determines if web restores are enabled for devices in this org."""
def __repr__(self):
return u"<OrgSettings: org_id: {}, name: '{}'>".format(
self.data[u"orgId"], self.data[u"orgName"]
)
def __str__(self):
return str(self.data)
class DeviceSettingsDefaults(UserDict, object):
"""Class used for managing an Organization's Device Default settings. Also acts as a
base class for `DeviceSettings` to manage individual device settings."""
def __init__(self, device_dict, org_settings):
self.data = device_dict
self._org_settings = org_settings
self.changes = org_settings.changes
self._destinations = org_settings.data[u"settings"][u"destinations"]
self.data[u"settings"] = {
u"serviceBackupConfig": self.data[u"serviceBackupConfig"]
}
bs = self.data[u"serviceBackupConfig"][u"backupConfig"][u"backupSets"]
self.backup_sets = self._extract_backup_sets(bs)
def _extract_backup_sets(self, backup_sets):
if isinstance(backup_sets, dict): # number of sets are locked
backup_sets = backup_sets["backupSet"]
if isinstance(backup_sets,
dict): # there's only one set configured
return [BackupSet(self, backup_sets)]
elif isinstance(backup_sets, list):
return [BackupSet(self, bs) for bs in backup_sets]
else:
raise Py42Error(
"Unable to extract backup sets: {}".format(backup_sets))
else:
return [BackupSet(self, bs) for bs in backup_sets]
@property
def available_destinations(self):
"""Returns a dict of destinations available to be used by devices. Dict keys are
destination guids and values are destination names.
"""
return {d[u"guid"]: d[u"destinationName"] for d in self._destinations}
warning_email_enabled = SettingProperty(
name=u"warning_email_enabled",
location=[u"settings", u"serviceBackupConfig", u"warningEmailEnabled"],
get_converter=str_to_bool,
set_converter=bool_to_str,
)
"""Determines if backup "warning" threshold email alerts are configured for this device."""
critical_email_enabled = SettingProperty(
name=u"critical_email_enabled",
location=[u"settings", u"serviceBackupConfig", u"severeEmailEnabled"],
get_converter=str_to_bool,
set_converter=bool_to_str,
)
"""Determines if backup "critical" threshold email alerts are configured for this device."""
warning_alert_days = SettingProperty(
name=u"warning_alert_days",
location=[u"settings", u"serviceBackupConfig", u"minutesUntilWarning"],
get_converter=minutes_to_days,
set_converter=days_to_minutes,
)
"""The number of days a device can go without any backup activity before
"warning" alert threshold is passed.
"""
critical_alert_days = SettingProperty(
name=u"critical_alert_days",
location=[u"settings", u"serviceBackupConfig", u"minutesUntilSevere"],
get_converter=minutes_to_days,
set_converter=days_to_minutes,
)
"""The number of days a device can go without any backup activity before "warning"
alert threshold is passed.
"""
backup_status_email_enabled = SettingProperty(
name=u"backup_status_email_enabled",
location=[
u"settings", u"serviceBackupConfig", u"backupStatusEmailEnabled"
],
get_converter=str_to_bool,
set_converter=bool_to_str,
)
"""Determines if the regularly scheduled backup status email is enabled."""
backup_status_email_frequency_days = SettingProperty(
name=u"backup_status_email_frequency_days",
location=[
u"settings",
u"serviceBackupConfig",
u"backupStatusEmailFreqInMinutes",
],
get_converter=minutes_to_days,
set_converter=days_to_minutes,
)
"""Determines the frequency of the regularly scheduled backup status email."""
def __repr__(self):
return u"<DeviceSettingsDefaults: org_id: {}>".format(
self._org_settings.org_id)