def tc_create_event(name, owner, event_date, tag=None, status=None, description=None): tc = get_client() ro = RequestObject() ro.set_http_method('POST') ro.set_request_uri('/v2/groups/events') body = {'name': name, 'eventDate': event_date, 'status': status} ro.set_body(json.dumps(body)) response = tc.api_request(ro).json() if response.get('status') == 'Success': output = response.get('data', {}).get('event', {}) event_id = output['id'] if description is not None: # Associate Attribute description ro = RequestObject() ro.set_http_method('POST') ro.set_request_uri( '/v2/groups/events/{}/attributes'.format(event_id)) body = { 'type': 'Description', 'value': description, 'displayed': 'true' } ro.set_body(json.dumps(body)) tc.api_request(ro).json() return output else: return_error('Failed to create event')
def log_to_api(self): if len(self.entries) > 0: # make api call ro = RequestObject() ro.set_http_method('POST') ro.set_owner_allowed(True) ro.set_resource_pagination(False) ro.set_request_uri('/v2/logs/app') ro.set_body(dumps(self.entries)) # retrieve and display the results; don't log during api request so we don't end up with duplicate info try: self.tc.api_request(ro, log=False) except RuntimeError as re: # can't really do anything if it fails error_data = { 'levelname': 'ERROR', 'created': time.time(), 'msg': 'API LOGGING FAILURE -- Unable to send log entries to api: {}' .format(self.entries) } lr = makeLogRecord(error_data) self.entries = [] self.emit(lr) self.entries = []
class BulkIndicatorFilterObject(FilterObject): """ """ def __init__(self, base_uri, tcl): """ """ super(BulkIndicatorFilterObject, self).__init__(base_uri, tcl) self._owners = [] # pd('IndicatorFilterObject', header=True) # pd('indicator_type_enum', indicator_type_enum) self._properties = BulkIndicatorsProperties(base_uri=self.base_uri) self._resource_type = self._properties.resource_type # create default request object for filtered request with only owners self._request_object = RequestObject('indicators', 'default') self._request_object.set_http_method(self._properties.http_method) self._request_object.set_owner_allowed(self._properties.base_owner_allowed) self._request_object.set_request_uri(self._properties.base_path) self._request_object.set_resource_pagination(self._properties.resource_pagination) self._request_object.set_resource_type(self._properties.resource_type) # # add_obj filter methods # for method_name in self._properties.filters: # pd('method_name', method_name) method = getattr(FilterMethods, method_name) setattr(self, method_name, types.MethodType(method, self))
class SignatureFilterObject(FilterObject): """ """ def __init__(self, base_uri, tcl): """ """ super(SignatureFilterObject, self).__init__(base_uri, tcl) self._owners = [] # define properties for resource type self._properties = SignaturesProperties(base_uri=self.base_uri) self._resource_type = self._properties.resource_type # create default request object for filtered request with only owners self._request_object = RequestObject('signatures', 'default') self._request_object.set_http_method(self._properties.http_method) self._request_object.set_owner_allowed(self._properties.base_owner_allowed) self._request_object.set_request_uri(self._properties.base_path) self._request_object.set_resource_pagination(self._properties.resource_pagination) self._request_object.set_resource_type(self._properties.resource_type) # # add_obj filter methods # for method_name in self._properties.filters: # special case for download if method_name == 'add_id': method = getattr(FilterMethods, 'add_id_signature') setattr(self, method_name, types.MethodType(method, self)) else: method = getattr(FilterMethods, method_name) setattr(self, method_name, types.MethodType(method, self))
class BulkFilterObject(FilterObject): """ """ def __init__(self, base_uri, tcl): """ """ super(BulkFilterObject, self).__init__(base_uri, tcl) self._owners = [] # define properties for resource type # self._properties = BulkProperties(base_uri=self.base_uri) self._properties = None self._resource_type = self._properties.resource_type # create default request object for filtered request with only owners self._request_object = RequestObject('groups', 'default') self._request_object.set_http_method(self._properties.http_method) self._request_object.set_owner_allowed( self._properties.base_owner_allowed) self._request_object.set_request_uri(self._properties.base_path) self._request_object.set_resource_pagination( self._properties.resource_pagination) self._request_object.set_resource_type(self._properties.resource_type) # # add_obj filter methods # for method_name in self._properties.filters: method = getattr(IndicatorFilterMethods, method_name) setattr(self, method_name, types.MethodType(method, self))
class VictimAssetFilterObject(FilterObject): """ """ def __init__(self, base_uri, tcl, victim_asset_type_enum=None): """ """ super(VictimAssetFilterObject, self).__init__(base_uri, tcl) self._owners = [] # get resource type from indicator type if isinstance(victim_asset_type_enum, VictimAssetType): # get resource type from indicator type number resource_type = ResourceType(victim_asset_type_enum.value) # get resource properties from resource type name self._properties = ResourceProperties[resource_type.name].value(base_uri=self.base_uri) else: self._properties = ResourceProperties['VICTIM_ASSETS'].value(base_uri=self.base_uri) self._resource_type = self._properties.resource_type # create default request object for filtered request with only owners self._request_object = RequestObject('victimAssets', 'default') self._request_object.set_http_method(self._properties.http_method) self._request_object.set_owner_allowed(self._properties.base_owner_allowed) self._request_object.set_request_uri(self._properties.base_path) self._request_object.set_resource_pagination(self._properties.resource_pagination) self._request_object.set_resource_type(self._properties.resource_type) # # add_obj filter methods # for method_name in self._properties.filters: method = getattr(FilterMethods, method_name) setattr(self, method_name, types.MethodType(method, self))
def load_security_labels(self): """ retrieve attributes for this indicator """ prop = self._resource_properties['load_security_labels'] ro = RequestObject() ro.set_description( 'load security labels for attribute {0} of object {1}'.format( self.id, self._container.id)) ro.set_http_method(prop['http_method']) ro.set_owner_allowed(prop['owner_allowed']) resource_uri = self._container._resource_properties['id']['uri'] try: resource_uri = resource_uri.format(self._container.indicator) except AttributeError: resource_uri = resource_uri.format(self._container.id) ro.set_request_uri(prop['uri'].format(resource_uri, self.id)) ro.set_resource_pagination(prop['pagination']) api_response = self._container._tc.api_request(ro) if api_response.headers['content-type'] == 'application/json': api_response_dict = api_response.json() if api_response_dict['status'] == 'Success': self._security_labels = [] data = api_response_dict['data']['securityLabel'] for item in data: self.__add_security_label(parse_security_label( item)) # add to main resource object
def tc_get_tags(): tc = get_client() ro = RequestObject() ro.set_http_method('GET') ro.set_request_uri('/v2/tags') return tc.api_request(ro).json()
def get_groups_request(group_type): tc = get_client() ro = RequestObject() ro.set_http_method('GET') ro.set_request_uri('/v2/groups/{}'.format(group_type)) return tc.api_request(ro).json()
def tc_get_indicator_types_request(): tc = get_client() ro = RequestObject() ro.set_http_method('GET') ro.set_request_uri('/v2/types/indicatorTypes') return tc.api_request(ro).json()
def get_events_request(): tc = get_client() ro = RequestObject() ro.set_http_method('GET') ro.set_request_uri('/v2/groups/events') return tc.api_request(ro).json()
def upload(self, body): """ upload document """ if self._resource_type == ResourceType.DOCUMENTS: prop = self._resource_properties['document_upload'] elif self._resource_type == ResourceType.SIGNATURES: prop = self._resource_properties['signature_upload'] else: self._tc.tcl.error('Upload requested for wrong resource type.') raise AttributeError(ErrorCodes.e10330.value) ro = RequestObject() ro.set_body(body) ro.set_content_type('application/octet-stream') ro.set_description('upload document for "{0}"'.format(self._name)) # determine whether the file contents exist using phase (not 100%) if self.phase == 1: ro.set_http_method(prop['http_method']) else: ro.set_http_method('PUT') ro.set_owner_allowed(prop['owner_allowed']) ro.set_request_uri(prop['uri'].format(self._id)) ro.set_resource_pagination(prop['pagination']) ro.set_resource_type(self._resource_type) success_callback = lambda request, response: self.set_contents(request.body) ro.set_success_callback(success_callback) self._resource_container.add_commit_queue(self.id, ro)
def add_security_label(self, security_label_name): """ retrieve attributes for this indicator """ prop = self._resource_properties['add_security_label'] ro = RequestObject() ro.set_description( 'deleting security label {0} for attribute {1} of object {2}'. format(security_label_name, self.id, self._container.id)) ro.set_http_method(prop['http_method']) ro.set_owner_allowed(prop['owner_allowed']) resource_uri = self._container._resource_properties['id']['uri'] try: resource_uri = resource_uri.format(self._container.indicator) except AttributeError: resource_uri = resource_uri.format(self._container.id) ro.set_request_uri(prop['uri'].format(resource_uri, self.id, security_label_name)) ro.set_resource_pagination(prop['pagination']) callback = lambda status: self.__failed_add_security_label( security_label_name) ro.set_failure_callback(callback) self._container._resource_container.add_commit_queue( self._container.id, ro) security_label = SecurityLabelObject() security_label.set_name(security_label_name) self.__add_security_label(security_label)
class BulkFilterObject(FilterObject): """ """ def __init__(self, base_uri, tcl): """ """ super(BulkFilterObject, self).__init__(base_uri, tcl) self._owners = [] # define properties for resource type # self._properties = BulkProperties(base_uri=self.base_uri) self._properties = None self._resource_type = self._properties.resource_type # create default request object for filtered request with only owners self._request_object = RequestObject('groups', 'default') self._request_object.set_http_method(self._properties.http_method) self._request_object.set_owner_allowed(self._properties.base_owner_allowed) self._request_object.set_request_uri(self._properties.base_path) self._request_object.set_resource_pagination(self._properties.resource_pagination) self._request_object.set_resource_type(self._properties.resource_type) # # add_obj filter methods # for method_name in self._properties.filters: method = getattr(IndicatorFilterMethods, method_name) setattr(self, method_name, types.MethodType(method, self))
def tc_owners(): tc = get_client() ro = RequestObject() ro.set_http_method('GET') ro.set_request_uri('/v2/owners') results = tc.api_request(ro) return results.json()
def tc_delete_group(group_id, group_type): tc = get_client() ro = RequestObject() ro.set_http_method('DELETE') ro.set_request_uri('/v2/groups/{}/{}'.format(group_type, group_id)) response = tc.api_request(ro).json() return response['status'] == 'Success'
def associate_indicator_request(indicator_type, indicator, group_type, group_id): tc = get_client() ro = RequestObject() ro.set_http_method('POST') ro.set_request_uri('/v2/indicators/{}/{}/groups/{}/{}'.format( indicator_type, indicator, group_type, group_id)) response = tc.api_request(ro).json() return response
def add_group_tags_request(group_type, group_id, tag_name): tc = get_client() ro = RequestObject() ro.set_http_method('POST') ro.set_request_uri('/v2/groups/{}/{}/tags/{}'.format( group_type, group_id, tag_name)) response = tc.api_request(ro).json() return response.get('status') == 'Success'
def add_group_security_label_request(group_type, group_id, security_label): tc = get_client() ro = RequestObject() ro.set_http_method('POST') ro.set_request_uri('/v2/groups/{}/{}/securityLabels/{}'.format( group_type, group_id, security_label)) response = tc.api_request(ro).json() return response.get('status') == 'Success'
def add_tag(self, tag): """ add a tag to an indicator """ prop = self._resource_properties['tag_add'] ro = RequestObject() ro.set_description('add tag "{0}" to "{1}"'.format(tag, self._name)) ro.set_http_method(prop['http_method']) ro.set_owner_allowed(prop['owner_allowed']) ro.set_request_uri(prop['uri'].format(self._id, self._urlsafe(tag))) ro.set_resource_pagination(prop['pagination']) ro.set_resource_type(self._resource_type) self._resource_container.add_commit_queue(self.id, ro)
def default_request_object(self): """ default request when only a owner filter is provided """ request_object = RequestObject() request_object.set_description('filter by owner') request_object.set_http_method(self._resource_properties['base']['http_method']) request_object.set_owner_allowed(self._resource_properties['base']['owner_allowed']) request_object.set_request_uri(self._resource_properties['base']['uri']) request_object.set_resource_pagination(self._resource_properties['base']['pagination']) request_object.set_resource_type(self._resource_type) return request_object
def tc_get_indicators_by_tag(tag, owner): tc = get_client() ro = RequestObject() ro.set_http_method('GET') cmd = '/v2/tags/{}/indicators'.format(tag) if owner is not None: cmd += '?owner={}'.format(owner) ro.set_request_uri(cmd) return tc.api_request(ro).json()
def default_request_object(self): """ default request when no filters are provided """ resource_properties = ApiProperties.api_properties[self._resource_type.name]['properties'] # create default request object for non-filtered requests request_object = RequestObject() request_object.set_http_method(resource_properties['base']['http_method']) request_object.set_owner_allowed(resource_properties['base']['owner_allowed']) request_object.set_request_uri(resource_properties['base']['uri']) request_object.set_resource_pagination(resource_properties['base']['pagination']) request_object.set_resource_type(self._resource_type) return request_object
def delete_security_label(self, label): """ set the security label for this indicator """ prop = self._resource_properties['security_label_delete'] ro = RequestObject() ro.set_description('delete security label "{0}" from {1}'.format(label, self._name)) ro.set_http_method(prop['http_method']) ro.set_owner_allowed(prop['owner_allowed']) ro.set_request_uri(prop['uri'].format( self._id, self._urlsafe(label))) ro.set_resource_pagination(prop['pagination']) ro.set_resource_type(self._resource_type) self._resource_container.add_commit_queue(self.id, ro)
def update_asset(self, asset_id, asset_obj): """ add a asset to a victim """ prop = self._resource_properties['asset_update'] ro = RequestObject() ro.set_body(asset_obj.gen_body) ro.set_description('update asset type {0} with to {1}'.format(asset_obj.resource_type, self._name)) ro.set_http_method(prop['http_method']) ro.set_owner_allowed(prop['owner_allowed']) ro.set_request_uri(prop['uri'].format(self._id, asset_obj.uri_attribute, asset_id)) ro.set_resource_pagination(prop['pagination']) ro.set_resource_type(self._resource_type) self._resource_container.add_commit_queue(self.id, ro)
def delete_attribute(self, attr_id): """ delete attribute from group by id """ prop = self._resource_properties['attribute_delete'] ro = RequestObject() ro.set_description('delete attribute id {0} from "{1}"'.format(attr_id, self._name)) ro.set_http_method(prop['http_method']) ro.set_owner_allowed(prop['owner_allowed']) ro.set_request_uri(prop['uri'].format( self._id, attr_id)) ro.set_resource_pagination(prop['pagination']) ro.set_resource_type(self._resource_type) self._resource_container.add_commit_queue(self.id, ro)
def delete_tag(self, tag): """ delete tag from group """ prop = self._resource_properties['tag_delete'] ro = RequestObject() ro.set_description('delete tag "{0}" from "{1}"'.format(tag, self._name)) ro.set_http_method(prop['http_method']) ro.set_owner_allowed(prop['owner_allowed']) ro.set_request_uri(prop['uri'].format( self._id, self._urlsafe(tag))) ro.set_resource_pagination(prop['pagination']) ro.set_resource_type(self._resource_type) self._resource_container.add_commit_queue(self.id, ro)
class VictimFilterObject(FilterObject): """ """ def __init__(self, base_uri, tcl): """ """ super(VictimFilterObject, self).__init__(base_uri, tcl) self._owners = [] # define properties for resource type self._properties = VictimsProperties(base_uri=self.base_uri) self._resource_type = self._properties.resource_type # create default request object for filtered request with only owners self._request_object = RequestObject('victims', 'default') self._request_object.set_http_method(self._properties.http_method) self._request_object.set_owner_allowed(self._properties.base_owner_allowed) self._request_object.set_request_uri(self._properties.base_path) self._request_object.set_resource_pagination(self._properties.resource_pagination) self._request_object.set_resource_type(self._properties.resource_type) # # add_obj filter methods # for method_name in self._properties.filters: method = getattr(FilterMethods, method_name) setattr(self, method_name, types.MethodType(method, self)) # special case for indicator associations def filter_associations(self, base_resource_type, identifier): """Get victims associated with base resource object GET /v2/groups/adversaries/747266/victims GET /v2/indicators/addresses/4.3.2.1/victims """ base_properties = ResourceProperties[base_resource_type.name].value() request_uri = base_properties.base_path + '/' request_uri += str(identifier) request_uri += '/victims' description = 'Get victim associations for {0} resource ({1}).'.format( base_resource_type.name.lower(), str(identifier)) filter_type = 'victim association' ro = RequestObject( filter_type, '{0}|{1}'.format(base_resource_type.name.lower(), identifier)) ro.set_description(description) ro.set_owner_allowed(False) ro.set_resource_pagination(True) ro.set_request_uri(request_uri) ro.set_resource_type(ResourceType.VICTIMS) self._add_request_objects(ro)
def associate_group(self, resource_type, resource_id): """ associate a group to group by id """ prop = self._resource_properties['association_group_add'] ro = RequestObject() ro.set_description('associate group type "{0}" id {1} to "{2}"'.format( resource_type.name, resource_id, self._name)) ro.set_http_method(prop['http_method']) ro.set_owner_allowed(prop['owner_allowed']) ro.set_resource_pagination(prop['pagination']) group_uri_attribute = ApiProperties.api_properties[resource_type.name]['uri_attribute'] ro.set_request_uri(prop['uri'].format(self._id, group_uri_attribute, resource_id)) ro.set_resource_type(self._resource_type) self._resource_container.add_commit_queue(self.id, ro)
def associate_victim(self, resource_id): """ associate victim from group """ prop = self._resource_properties['association_victim_add'] ro = RequestObject() ro.set_description('associate victim id {0} from "{1}"'.format( resource_id, self._name)) ro.set_http_method(prop['http_method']) ro.set_owner_allowed(prop['owner_allowed']) ro.set_request_uri(prop['uri'].format( self._id, resource_id)) ro.set_resource_pagination(prop['pagination']) ro.set_resource_type(self._resource_type) self._resource_container.add_commit_queue(self.id, ro)
def associate_indicator(self, indicator_type, indicator): """ associate a group to group by id """ prop = self._resource_properties['association_indicator_add'] ro = RequestObject() ro.set_description('associate indicator {0} to "{1}"'.format( indicator, self._name)) ro.set_http_method(prop['http_method']) ro.set_owner_allowed(prop['owner_allowed']) ro.set_resource_pagination(prop['pagination']) indicator_uri_attribute = ApiProperties.api_properties[indicator_type.name]['uri_attribute'] ro.set_request_uri(prop['uri'].format(indicator_uri_attribute, self._urlsafe(indicator), self.id)) ro.set_resource_type(self._resource_type) self._resource_container.add_commit_queue(self.id, ro)
def group_associations(self): """ retrieve associations for this group. associations are not stored within the object """ prop = self._resource_properties['association_groups'] ro = RequestObject() ro.set_description('retrieve group associations for {0}'.format(self._name)) ro.set_http_method(prop['http_method']) ro.set_owner_allowed(prop['owner_allowed']) ro.set_request_uri(prop['uri'].format(self._id)) # ro.set_owner(self.owner_name) ro.set_resource_pagination(prop['pagination']) ro.set_resource_type(self._resource_type) for item in self._tc.result_pagination(ro)['group']: yield threatconnect.GroupObject.parse_group(item, api_filter=ro.description, request_uri=ro.request_uri)
def add_threat_id(self, data_int): """ """ if not isinstance(data_int, int): raise AttributeError(ErrorCodes.e4080.value.format(data_int)) prop = self._resource_properties['groups'] ro = RequestObject() ro.set_description('api filter by threat id {0}'.format(data_int)) ro.set_http_method(prop['http_method']) ro.set_owner_allowed(prop['owner_allowed']) ro.set_request_uri(prop['uri'], ['threats', data_int]) ro.set_resource_pagination(prop['pagination']) ro.set_resource_type(self._resource_type) self._add_request_objects(ro)
def download_errors(self): prop = self._resource_properties['batch_error_download'] ro = RequestObject() ro.set_description('download errors for batchjob {0}'.format(self._id)) ro.set_http_method(prop['http_method']) ro.set_owner_allowed(prop['owner_allowed']) ro.set_request_uri(prop['uri'].format(self._id)) ro.set_resource_pagination(prop['pagination']) ro.set_resource_type(self._resource_type) api_response = self._tc.api_request(ro) if api_response.headers['content-type'] in ['application/octet-stream', 'text/plain']: self.set_errors(api_response.content)
def commit(self): """ commit victim and related assets, associations """ r_id = self.id ro = RequestObject() ro.set_body(self.gen_body) ro.set_resource_type(self.resource_type) prop = self._resource_properties['add'] ro.set_description('adding batchjob') ro.set_http_method(prop['http_method']) ro.set_owner_allowed(prop['owner_allowed']) ro.set_request_uri(prop['uri'].format(self._id)) ro.empty_payload() if self._phase == 1: # validate all required fields are present if self.validate: api_response = self._tc.api_request(ro) if api_response.headers['content-type'] == 'application/json': api_response_dict = api_response.json() if api_response_dict['status'] == 'Success': r_id = api_response_dict['data']['batchId'] else: self._tc.tcl.debug('Resource Object'.format(self)) raise RuntimeError('Cannot commit incomplete resource object') for ro in self._resource_container.commit_queue(self.id): # if self.owner_name is not None: # ro.set_owner(self.owner_name) # replace the id if self.id != r_id: request_uri = str( ro.request_uri.replace(str(self.id), str(r_id))) ro.set_request_uri(request_uri) self._tc.tcl.debug('Replacing {0} with {1}'.format( self.id, str(r_id))) self._tc.tcl.debug('RO {0}'.format(ro)) api_response2 = self._tc.api_request(ro) if api_response2.headers['content-type'] == 'application/json': api_response_dict2 = api_response2.json() if api_response_dict2['status'] != 'Success': self._tc.tcl.error('API Request Failure: [{0}]'.format( ro.description)) self.set_id(r_id) self.set_phase(0) # return object return self
def delete(self): """ delete indicator """ prop = self._resource_properties['delete'] ro = RequestObject() ro.set_description('delete group "{0}".'.format(self._name)) ro.set_http_method(prop['http_method']) ro.set_owner_allowed(prop['owner_allowed']) if self.owner_name is not None: ro.set_owner(self.owner_name) ro.set_request_uri(prop['uri'].format(self._id)) ro.set_resource_pagination(prop['pagination']) ro.set_resource_type(self.resource_type) self._tc.api_request(ro) self.set_phase(3)
def update_attribute(self, attr_id, attr_value): """ update indicator attribute by id """ prop = self._resource_properties['attribute_update'] ro = RequestObject() ro.set_body(json.dumps({'value': attr_value})) ro.set_description('update attribute id {0} with value "{1}" on "{2}"'.format( attr_id, attr_value, self._name)) ro.set_http_method(prop['http_method']) ro.set_owner_allowed(prop['owner_allowed']) ro.set_request_uri(prop['uri'].format(self._id, attr_id)) ro.set_resource_pagination(prop['pagination']) ro.set_resource_type(self._resource_type) self._resource_container.add_commit_queue(self.id, ro)
def victim_associations(self): """ retrieve associations for this group. associations are not stored within the object """ prop = self._resource_properties['association_victims'] ro = RequestObject() ro.set_description('retrieve victim associations for {0}'.format(self._name)) ro.set_http_method(prop['http_method']) ro.set_owner_allowed(prop['owner_allowed']) ro.set_owner(self.owner_name) ro.set_request_uri(prop['uri'].format(self._id)) ro.set_resource_pagination(prop['pagination']) ro.set_resource_type(self._resource_type) for item in self._tc.result_pagination(ro, 'victim'): yield parse_victim(item, api_filter=ro.description, request_uri=ro.request_uri)
def add_threat_id(self, data_int): """ """ if not isinstance(data_int, int): raise AttributeError(ErrorCodes.e4080.value.format(data_int)) prop = self._resource_properties['groups'] ro = RequestObject() ro.set_description('api filter by threat id {0}'.format(data_int)) ro.set_http_method(prop['http_method']) ro.set_owner_allowed(prop['owner_allowed']) ro.set_request_uri(prop['uri'], ['threats', data_int]) ro.set_resource_pagination(prop['pagination']) ro.set_resource_type(self._resource_type) self._add_request_objects(ro)
def default_request_object(self): """ default request when only a owner filter is provided """ request_object = RequestObject() request_object.set_description('filter by owner') request_object.set_http_method(self._resource_properties['bulk']['http_method']) request_object.set_owner_allowed(self._resource_properties['bulk']['owner_allowed']) request_object.set_request_uri(self._resource_properties['bulk']['uri']) request_object.set_resource_pagination(self._resource_properties['bulk']['pagination']) request_object.set_resource_type(self._resource_type) if self.tc._bulk_on_demand: request_object.add_payload('runNow', True) return request_object
def retrieve_mine(self): """ retrieve owner mine """ prop = ApiProperties.api_properties['OWNERS']['properties']['mine'] ro = RequestObject() ro.set_description('load owner mine') ro.set_http_method(prop['http_method']) ro.set_owner_allowed(prop['owner_allowed']) ro.set_resource_pagination(prop['pagination']) ro.set_request_uri(prop['uri']) ro.set_resource_type(ResourceType.OWNERS) data_set = self.tc.api_response_handler(self, ro) for obj in data_set: self.add_obj(obj)
def add_email_id(self, data_int): """ filter api results by email id """ # validation of data input if not isinstance(data_int, int): raise AttributeError(ErrorCodes.e4020.value.format(data_int)) prop = self._resource_properties['groups'] ro = RequestObject() ro.set_description('api filter by email id {0}'.format(data_int)) ro.set_http_method(prop['http_method']) ro.set_owner_allowed(prop['owner_allowed']) ro.set_request_uri(prop['uri'], ['emails', data_int]) ro.set_resource_pagination(prop['pagination']) ro.set_resource_type(self._resource_type) self._add_request_objects(ro)
def indicator_associations(self): """ retrieve associations for this victim. associations are not stored within the object """ prop = self._resource_properties['association_indicators'] ro = RequestObject() ro.set_description('retrieve indicator associations for {0}'.format(self._name)) ro.set_http_method(prop['http_method']) # ro.set_owner(self.owner_name) ro.set_owner_allowed(prop['owner_allowed']) ro.set_request_uri(prop['uri'].format(self._id)) ro.set_resource_pagination(prop['pagination']) ro.set_resource_type(self._resource_type) for item in self._tc.result_pagination(ro, 'indicator'): yield threatconnect.IndicatorObject.parse_indicator( item, api_filter=ro.description, request_uri=ro.request_uri)
def upload(self, body): """ upload batch job """ prop = self._resource_properties['batch_job_upload'] ro = RequestObject() ro.set_body(body) ro.set_content_type('application/octet-stream') ro.set_description('upload batch job for "{0}"'.format(self._id)) ro.set_http_method(prop['http_method']) ro.set_owner_allowed(prop['owner_allowed']) ro.set_request_uri(prop['uri'].format(self._id)) ro.set_resource_pagination(prop['pagination']) ro.set_resource_type(self._resource_type) ro.empty_payload() self._resource_container.add_commit_queue(self.id, ro)
def download_request(self): """ """ # build request object request_object = RequestObject(self._drd['name1'], self._drd['name2_method']()) request_object.set_content_type(self._drd['content_type']) request_object.set_description( self._drd['description'].format(self._drd['identifier_method']())) request_object.set_http_method(self._drd['http_method']) request_object.set_request_uri( self._drd['request_uri_path'].format(self._drd['identifier_method']())) request_object.set_owner_allowed(self._drd['owner_allowed']) request_object.set_resource_pagination(self._drd['resource_pagination']) request_object.set_resource_type(self._drd['resource_type']) return request_object
def default_request_object(self): """ default request when only a owner filter is provided """ request_object = RequestObject() request_object.set_description('filter by owner') request_object.set_http_method(self._resource_properties['base']['http_method']) request_object.set_owner_allowed(self._resource_properties['base']['owner_allowed']) request_object.set_request_uri(self._resource_properties['base']['uri']) request_object.set_resource_pagination(self._resource_properties['base']['pagination']) request_object.set_resource_type(self._resource_type) # modified since is only support on base (/v2/indicator) api call if self._modified_since is not None: request_object.set_modified_since(self._modified_since) request_object.set_description('Indicator Owner Filter modified since {0}'.format(self._modified_since)) return request_object
class BulkIndicators(Resource): """ """ def __init__(self, tc_obj): """ """ super(BulkIndicators, self).__init__(tc_obj) self._filter_class = BulkIndicatorFilterObject self._modified_since = None # set properties properties = BulkIndicatorsProperties(base_uri=self.base_uri) self._resource_type = properties.resource_type # create default request object for non-filtered requests self._request_object = RequestObject('bulk_indicators', 'default') self._request_object.set_http_method(properties.http_method) self._request_object.set_owner_allowed(properties.base_owner_allowed) self._request_object.set_request_uri(properties.base_path) self._request_object.set_resource_pagination(properties.resource_pagination) self._request_object.set_resource_type(properties.resource_type) @property def csv(self): """ """ headers = [ 'confidence', 'dateAdded', 'id', 'indicator', 'lastModified', 'ownerName', 'rating', 'type', 'webLink'] csv_output = io.BytesIO() csv_data = csv.writer(csv_output, delimiter=',', quotechar='"', quoting=csv.QUOTE_NONNUMERIC) csv_data.writerow(headers) for obj in self._objects: csv_row = [ obj.get_confidence(), obj.get_date_added(), obj.get_id(), obj.get_indicator(), obj.get_last_modified(), obj.get_owner_name(), obj.get_rating(), obj.get_type(), obj.get_web_link(), ] csv_data.writerow(csv_row) for row in csv_output.getvalue().split('\r\n'): yield row