예제 #1
0
def tc_create_event(name,
                    owner,
                    event_date,
                    tag=None,
                    status=None,
                    description=None):
    tc = get_client()
    ro = RequestObject()
    ro.set_http_method('POST')
    ro.set_request_uri('/v2/groups/events')
    body = {'name': name, 'eventDate': event_date, 'status': status}
    ro.set_body(json.dumps(body))
    response = tc.api_request(ro).json()

    if response.get('status') == 'Success':
        output = response.get('data', {}).get('event', {})
        event_id = output['id']
        if description is not None:
            # Associate Attribute description
            ro = RequestObject()
            ro.set_http_method('POST')
            ro.set_request_uri(
                '/v2/groups/events/{}/attributes'.format(event_id))
            body = {
                'type': 'Description',
                'value': description,
                'displayed': 'true'
            }
            ro.set_body(json.dumps(body))
            tc.api_request(ro).json()

        return output
    else:
        return_error('Failed to create event')
class VictimAssetFilterObject(FilterObject):
    """ """

    def __init__(self, base_uri, tcl, victim_asset_type_enum=None):
        """ """
        super(VictimAssetFilterObject, self).__init__(base_uri, tcl)
        self._owners = []

        # get resource type from indicator type
        if isinstance(victim_asset_type_enum, VictimAssetType):
            # get resource type from indicator type number
            resource_type = ResourceType(victim_asset_type_enum.value)

            # get resource properties from resource type name
            self._properties = ResourceProperties[resource_type.name].value(base_uri=self.base_uri)
        else:
            self._properties = ResourceProperties['VICTIM_ASSETS'].value(base_uri=self.base_uri)

        self._resource_type = self._properties.resource_type

        # create default request object for filtered request with only owners
        self._request_object = RequestObject('victimAssets', 'default')
        self._request_object.set_http_method(self._properties.http_method)
        self._request_object.set_owner_allowed(self._properties.base_owner_allowed)
        self._request_object.set_request_uri(self._properties.base_path)
        self._request_object.set_resource_pagination(self._properties.resource_pagination)
        self._request_object.set_resource_type(self._properties.resource_type)

        #
        # add_obj filter methods
        #
        for method_name in self._properties.filters:
            method = getattr(FilterMethods, method_name)
            setattr(self, method_name, types.MethodType(method, self))
class BulkIndicatorFilterObject(FilterObject):
    """ """

    def __init__(self, base_uri, tcl):
        """ """
        super(BulkIndicatorFilterObject, self).__init__(base_uri, tcl)
        self._owners = []

        # pd('IndicatorFilterObject', header=True)
        # pd('indicator_type_enum', indicator_type_enum)

        self._properties = BulkIndicatorsProperties(base_uri=self.base_uri)
        self._resource_type = self._properties.resource_type

        # create default request object for filtered request with only owners
        self._request_object = RequestObject('indicators', 'default')
        self._request_object.set_http_method(self._properties.http_method)
        self._request_object.set_owner_allowed(self._properties.base_owner_allowed)
        self._request_object.set_request_uri(self._properties.base_path)
        self._request_object.set_resource_pagination(self._properties.resource_pagination)
        self._request_object.set_resource_type(self._properties.resource_type)

        #
        # add_obj filter methods
        #
        for method_name in self._properties.filters:
            # pd('method_name', method_name)
            method = getattr(FilterMethods, method_name)
            setattr(self, method_name, types.MethodType(method, self))
def add_indicator(self, data, indicator_type=None):
    """ filter api results by indicator """
    # validation indicator
    if not SharedMethods.validate_indicator(self.tc._indicators_regex, data):
        raise AttributeError(ErrorCodes.e5010.value.format(data))

    # get indicator uri attribute

    if indicator_type is None:
        indicator_type = SharedMethods.get_resource_type(
            self.tc._indicators_regex, data)
    indicator_uri_attribute = ApiProperties.api_properties[
        indicator_type.name]['uri_attribute']

    prop = self._resource_properties['indicator']
    ro = RequestObject()
    ro.set_description('api filter by indicator id {0}'.format(data))
    ro.set_owner_allowed(prop['owner_allowed'])
    # TODO: Check this logic
    if self._resource_type == ResourceType.INDICATORS:
        ro.set_request_uri(
            prop['uri'],
            [indicator_uri_attribute,
             SharedMethods.urlsafe(data)])
    else:
        ro.set_request_uri(prop['uri'], [SharedMethods.urlsafe(data)])
    ro.set_resource_pagination(prop['pagination'])
    ro.set_resource_type(indicator_type)
    self._add_request_objects(ro)
예제 #5
0
    def load_security_labels(self):
        """ retrieve attributes for this indicator """
        prop = self._resource_properties['load_security_labels']
        ro = RequestObject()
        ro.set_description(
            'load security labels for attribute {0} of object {1}'.format(
                self.id, self._container.id))
        ro.set_http_method(prop['http_method'])
        ro.set_owner_allowed(prop['owner_allowed'])
        resource_uri = self._container._resource_properties['id']['uri']
        try:
            resource_uri = resource_uri.format(self._container.indicator)
        except AttributeError:
            resource_uri = resource_uri.format(self._container.id)
        ro.set_request_uri(prop['uri'].format(resource_uri, self.id))
        ro.set_resource_pagination(prop['pagination'])
        api_response = self._container._tc.api_request(ro)

        if api_response.headers['content-type'] == 'application/json':
            api_response_dict = api_response.json()
            if api_response_dict['status'] == 'Success':
                self._security_labels = []
                data = api_response_dict['data']['securityLabel']
                for item in data:
                    self.__add_security_label(parse_security_label(
                        item))  # add to main resource object
예제 #6
0
def tc_get_indicator_types_request():
    tc = get_client()
    ro = RequestObject()
    ro.set_http_method('GET')
    ro.set_request_uri('/v2/types/indicatorTypes')

    return tc.api_request(ro).json()
예제 #7
0
    def filter_associations(self, base_resource_type, identifier):
        """Get victims associated with base resource object
        GET /v2/groups/adversaries/747266/victims

        GET /v2/indicators/addresses/4.3.2.1/victims

        """
        base_properties = ResourceProperties[base_resource_type.name].value()

        request_uri = base_properties.base_path + '/'
        request_uri += str(identifier)
        request_uri += '/victims'

        description = 'Get victim associations for {0} resource ({1}).'.format(
            base_resource_type.name.lower(), str(identifier))

        filter_type = 'victim association'
        ro = RequestObject(
            filter_type, '{0}|{1}'.format(base_resource_type.name.lower(), identifier))
        ro.set_description(description)
        ro.set_owner_allowed(False)
        ro.set_resource_pagination(True)
        ro.set_request_uri(request_uri)
        ro.set_resource_type(ResourceType.VICTIMS)
        self._add_request_objects(ro)
    def upload(self, body):
        """ upload document  """
        if self._resource_type == ResourceType.DOCUMENTS:
            prop = self._resource_properties['document_upload']
        elif self._resource_type == ResourceType.SIGNATURES:
            prop = self._resource_properties['signature_upload']
        else:
            self._tc.tcl.error('Upload requested for wrong resource type.')
            raise AttributeError(ErrorCodes.e10330.value)

        ro = RequestObject()
        ro.set_body(body)
        ro.set_content_type('application/octet-stream')
        ro.set_description('upload document for "{0}"'.format(self._name))
        # determine whether the file contents exist using phase (not 100%)
        if self.phase == 1:
            ro.set_http_method(prop['http_method'])
        else:
            ro.set_http_method('PUT')
        ro.set_owner_allowed(prop['owner_allowed'])
        ro.set_request_uri(prop['uri'].format(self._id))
        ro.set_resource_pagination(prop['pagination'])
        ro.set_resource_type(self._resource_type)
        success_callback = lambda request, response: self.set_contents(request.body)
        ro.set_success_callback(success_callback)
        self._resource_container.add_commit_queue(self.id, ro)
예제 #9
0
def get_events_request():
    tc = get_client()
    ro = RequestObject()
    ro.set_http_method('GET')
    ro.set_request_uri('/v2/groups/events')

    return tc.api_request(ro).json()
예제 #10
0
class BulkFilterObject(FilterObject):
    """ """
    def __init__(self, base_uri, tcl):
        """ """
        super(BulkFilterObject, self).__init__(base_uri, tcl)
        self._owners = []

        # define properties for resource type
        # self._properties = BulkProperties(base_uri=self.base_uri)
        self._properties = None
        self._resource_type = self._properties.resource_type

        # create default request object for filtered request with only owners
        self._request_object = RequestObject('groups', 'default')
        self._request_object.set_http_method(self._properties.http_method)
        self._request_object.set_owner_allowed(
            self._properties.base_owner_allowed)
        self._request_object.set_request_uri(self._properties.base_path)
        self._request_object.set_resource_pagination(
            self._properties.resource_pagination)
        self._request_object.set_resource_type(self._properties.resource_type)

        #
        # add_obj filter methods
        #
        for method_name in self._properties.filters:
            method = getattr(IndicatorFilterMethods, method_name)
            setattr(self, method_name, types.MethodType(method, self))
예제 #11
0
    def log_to_api(self):
        if len(self.entries) > 0:
            # make api call
            ro = RequestObject()
            ro.set_http_method('POST')
            ro.set_owner_allowed(True)
            ro.set_resource_pagination(False)
            ro.set_request_uri('/v2/logs/app')
            ro.set_body(dumps(self.entries))

            # retrieve and display the results; don't log during api request so we don't end up with duplicate info
            try:
                self.tc.api_request(ro, log=False)
            except RuntimeError as re:
                # can't really do anything if it fails
                error_data = {
                    'levelname':
                    'ERROR',
                    'created':
                    time.time(),
                    'msg':
                    'API LOGGING FAILURE -- Unable to send log entries to api: {}'
                    .format(self.entries)
                }
                lr = makeLogRecord(error_data)
                self.entries = []
                self.emit(lr)

            self.entries = []
def add_indicator(self, data, indicator_type = None):
    """ filter api results by indicator """
    # validation indicator
    if not SharedMethods.validate_indicator(self.tc._indicators_regex, data):
        raise AttributeError(ErrorCodes.e5010.value.format(data))

    # get indicator uri attribute

    if indicator_type is None:
        indicator_type = SharedMethods.get_resource_type(self.tc._indicators_regex, data)
    indicator_uri_attribute = ApiProperties.api_properties[indicator_type.name]['uri_attribute']



    prop = self._resource_properties['indicator']
    ro = RequestObject()
    ro.set_description('api filter by indicator id {0}'.format(data))
    ro.set_owner_allowed(prop['owner_allowed'])
    # TODO: Check this logic
    if self._resource_type == ResourceType.INDICATORS:
        ro.set_request_uri(prop['uri'], [indicator_uri_attribute, SharedMethods.urlsafe(data)])
    else:
        ro.set_request_uri(prop['uri'], [SharedMethods.urlsafe(data)])
    ro.set_resource_pagination(prop['pagination'])
    ro.set_resource_type(indicator_type)
    self._add_request_objects(ro)
예제 #13
0
    def add_security_label(self, security_label_name):
        """ retrieve attributes for this indicator """
        prop = self._resource_properties['add_security_label']
        ro = RequestObject()
        ro.set_description(
            'deleting security label {0} for attribute {1} of object {2}'.
            format(security_label_name, self.id, self._container.id))
        ro.set_http_method(prop['http_method'])
        ro.set_owner_allowed(prop['owner_allowed'])
        resource_uri = self._container._resource_properties['id']['uri']
        try:
            resource_uri = resource_uri.format(self._container.indicator)
        except AttributeError:
            resource_uri = resource_uri.format(self._container.id)
        ro.set_request_uri(prop['uri'].format(resource_uri, self.id,
                                              security_label_name))
        ro.set_resource_pagination(prop['pagination'])
        callback = lambda status: self.__failed_add_security_label(
            security_label_name)
        ro.set_failure_callback(callback)
        self._container._resource_container.add_commit_queue(
            self._container.id, ro)

        security_label = SecurityLabelObject()
        security_label.set_name(security_label_name)
        self.__add_security_label(security_label)
def add_id(self, data_int, asset_id=None):
    """ """
    resource_type = ResourceType(self._resource_type.value - 5)
    properties = ResourceProperties[resource_type.name].value()
    if asset_id is not None:
        # resource_type = ResourceType(self._resource_type.value - 5)
        # properties = ResourceProperties[resource_type.name].value()
        uri_data = [data_int, asset_id]
    else:
        # properties = self._properties
        uri_data = [data_int]

    # validation of data input
    if not isinstance(data_int, int):
        self.add_error(ErrorCodes.e4020.value.format(data_int))
        self._error = True
    else:
        filter_type = 'id'
        if asset_id is not None:
            filter_values = '{0}-{1}'.format(data_int, asset_id)
        else:
            filter_values = data_int
        ro = RequestObject(filter_type, filter_values)
        ro.set_owner_allowed(properties.id_owner_allowed)
        ro.set_resource_pagination(properties.resource_pagination)
        ro.set_request_uri(properties.id_path, uri_data)
        ro.set_resource_type(properties.resource_type)
        self._add_request_objects(ro)
예제 #15
0
class BulkFilterObject(FilterObject):
    """ """
    def __init__(self, base_uri, tcl):
        """ """
        super(BulkFilterObject, self).__init__(base_uri, tcl)
        self._owners = []

        # define properties for resource type
        # self._properties = BulkProperties(base_uri=self.base_uri)
        self._properties = None
        self._resource_type = self._properties.resource_type

        # create default request object for filtered request with only owners
        self._request_object = RequestObject('groups', 'default')
        self._request_object.set_http_method(self._properties.http_method)
        self._request_object.set_owner_allowed(self._properties.base_owner_allowed)
        self._request_object.set_request_uri(self._properties.base_path)
        self._request_object.set_resource_pagination(self._properties.resource_pagination)
        self._request_object.set_resource_type(self._properties.resource_type)

        #
        # add_obj filter methods
        #
        for method_name in self._properties.filters:
            method = getattr(IndicatorFilterMethods, method_name)
            setattr(self, method_name, types.MethodType(method, self))
예제 #16
0
class SignatureFilterObject(FilterObject):
    """ """
    def __init__(self, base_uri, tcl):
        """ """
        super(SignatureFilterObject, self).__init__(base_uri, tcl)
        self._owners = []

        # define properties for resource type
        self._properties = SignaturesProperties(base_uri=self.base_uri)
        self._resource_type = self._properties.resource_type

        # create default request object for filtered request with only owners
        self._request_object = RequestObject('signatures', 'default')
        self._request_object.set_http_method(self._properties.http_method)
        self._request_object.set_owner_allowed(self._properties.base_owner_allowed)
        self._request_object.set_request_uri(self._properties.base_path)
        self._request_object.set_resource_pagination(self._properties.resource_pagination)
        self._request_object.set_resource_type(self._properties.resource_type)

        #
        # add_obj filter methods
        #
        for method_name in self._properties.filters:
            # special case for download
            if method_name == 'add_id':
                method = getattr(FilterMethods, 'add_id_signature')
                setattr(self, method_name, types.MethodType(method, self))
            else:
                method = getattr(FilterMethods, method_name)
                setattr(self, method_name, types.MethodType(method, self))
예제 #17
0
def tc_get_tags():
    tc = get_client()
    ro = RequestObject()
    ro.set_http_method('GET')
    ro.set_request_uri('/v2/tags')

    return tc.api_request(ro).json()
예제 #18
0
def get_groups_request(group_type):
    tc = get_client()
    ro = RequestObject()
    ro.set_http_method('GET')
    ro.set_request_uri('/v2/groups/{}'.format(group_type))

    return tc.api_request(ro).json()
예제 #19
0
def tc_delete_group(group_id, group_type):
    tc = get_client()
    ro = RequestObject()
    ro.set_http_method('DELETE')
    ro.set_request_uri('/v2/groups/{}/{}'.format(group_type, group_id))
    response = tc.api_request(ro).json()

    return response['status'] == 'Success'
예제 #20
0
def tc_owners():
    tc = get_client()
    ro = RequestObject()
    ro.set_http_method('GET')
    ro.set_request_uri('/v2/owners')
    results = tc.api_request(ro)

    return results.json()
예제 #21
0
def add_group_security_label_request(group_type, group_id, security_label):
    tc = get_client()
    ro = RequestObject()
    ro.set_http_method('POST')
    ro.set_request_uri('/v2/groups/{}/{}/securityLabels/{}'.format(
        group_type, group_id, security_label))

    response = tc.api_request(ro).json()

    return response.get('status') == 'Success'
예제 #22
0
def associate_indicator_request(indicator_type, indicator, group_type,
                                group_id):
    tc = get_client()
    ro = RequestObject()
    ro.set_http_method('POST')
    ro.set_request_uri('/v2/indicators/{}/{}/groups/{}/{}'.format(
        indicator_type, indicator, group_type, group_id))
    response = tc.api_request(ro).json()

    return response
예제 #23
0
def add_group_tags_request(group_type, group_id, tag_name):
    tc = get_client()
    ro = RequestObject()
    ro.set_http_method('POST')
    ro.set_request_uri('/v2/groups/{}/{}/tags/{}'.format(
        group_type, group_id, tag_name))

    response = tc.api_request(ro).json()

    return response.get('status') == 'Success'
예제 #24
0
def tc_get_indicators_by_tag(tag, owner):
    tc = get_client()
    ro = RequestObject()
    ro.set_http_method('GET')
    cmd = '/v2/tags/{}/indicators'.format(tag)
    if owner is not None:
        cmd += '?owner={}'.format(owner)

    ro.set_request_uri(cmd)

    return tc.api_request(ro).json()
예제 #25
0
    def default_request_object(self):
        """ default request when only a owner filter is provided """
        request_object = RequestObject()
        request_object.set_description('filter by owner')
        request_object.set_http_method(self._resource_properties['base']['http_method'])
        request_object.set_owner_allowed(self._resource_properties['base']['owner_allowed'])
        request_object.set_request_uri(self._resource_properties['base']['uri'])
        request_object.set_resource_pagination(self._resource_properties['base']['pagination'])
        request_object.set_resource_type(self._resource_type)

        return request_object
예제 #26
0
 def default_request_object(self):
     """ default request when no filters are provided """
     resource_properties = ApiProperties.api_properties[self._resource_type.name]['properties']
     # create default request object for non-filtered requests
     request_object = RequestObject()
     request_object.set_http_method(resource_properties['base']['http_method'])
     request_object.set_owner_allowed(resource_properties['base']['owner_allowed'])
     request_object.set_request_uri(resource_properties['base']['uri'])
     request_object.set_resource_pagination(resource_properties['base']['pagination'])
     request_object.set_resource_type(self._resource_type)
     return request_object
 def add_tag(self, tag):
     """ add a tag to an indicator """
     prop = self._resource_properties['tag_add']
     ro = RequestObject()
     ro.set_description('add tag "{0}" to "{1}"'.format(tag, self._name))
     ro.set_http_method(prop['http_method'])
     ro.set_owner_allowed(prop['owner_allowed'])
     ro.set_request_uri(prop['uri'].format(self._id, self._urlsafe(tag)))
     ro.set_resource_pagination(prop['pagination'])
     ro.set_resource_type(self._resource_type)
     self._resource_container.add_commit_queue(self.id, ro)
 def delete_attribute(self, attr_id):
     """ delete attribute from group by id """
     prop = self._resource_properties['attribute_delete']
     ro = RequestObject()
     ro.set_description('delete attribute id {0} from "{1}"'.format(attr_id, self._name))
     ro.set_http_method(prop['http_method'])
     ro.set_owner_allowed(prop['owner_allowed'])
     ro.set_request_uri(prop['uri'].format(
         self._id, attr_id))
     ro.set_resource_pagination(prop['pagination'])
     ro.set_resource_type(self._resource_type)
     self._resource_container.add_commit_queue(self.id, ro)
 def update_asset(self, asset_id, asset_obj):
     """ add a asset to a victim """
     prop = self._resource_properties['asset_update']
     ro = RequestObject()
     ro.set_body(asset_obj.gen_body)
     ro.set_description('update asset type {0} with to {1}'.format(asset_obj.resource_type, self._name))
     ro.set_http_method(prop['http_method'])
     ro.set_owner_allowed(prop['owner_allowed'])
     ro.set_request_uri(prop['uri'].format(self._id, asset_obj.uri_attribute, asset_id))
     ro.set_resource_pagination(prop['pagination'])
     ro.set_resource_type(self._resource_type)
     self._resource_container.add_commit_queue(self.id, ro)
 def delete_security_label(self, label):
     """ set the security label for this indicator """
     prop = self._resource_properties['security_label_delete']
     ro = RequestObject()
     ro.set_description('delete security label "{0}" from {1}'.format(label, self._name))
     ro.set_http_method(prop['http_method'])
     ro.set_owner_allowed(prop['owner_allowed'])
     ro.set_request_uri(prop['uri'].format(
         self._id, self._urlsafe(label)))
     ro.set_resource_pagination(prop['pagination'])
     ro.set_resource_type(self._resource_type)
     self._resource_container.add_commit_queue(self.id, ro)
 def delete_tag(self, tag):
     """ delete tag from group """
     prop = self._resource_properties['tag_delete']
     ro = RequestObject()
     ro.set_description('delete tag "{0}" from "{1}"'.format(tag, self._name))
     ro.set_http_method(prop['http_method'])
     ro.set_owner_allowed(prop['owner_allowed'])
     ro.set_request_uri(prop['uri'].format(
         self._id, self._urlsafe(tag)))
     ro.set_resource_pagination(prop['pagination'])
     ro.set_resource_type(self._resource_type)
     self._resource_container.add_commit_queue(self.id, ro)
def add_indicator(self, data, data_type_enum=None):
    """ """
    if data_type_enum is None:
        # use indicator value to get the resource type
        data_type_enum = _get_resource_type(data)
    else:
        # indicator type provided
        if isinstance(data_type_enum, IndicatorType):
            data_type_enum = ResourceType(data_type_enum.value)

    error = False
    # validation indicator
    if not validate_indicator(data):
        self.add_error(ErrorCodes.e5010.value.format(data))
        self._error = True
        error = True

    # validation resource type
    if not isinstance(data_type_enum, ResourceType):
        self.add_error(ErrorCodes.e5011.value.format(data_type_enum))
        self._error = True
        error = True

    if not error:
        # get properties for indicator
        # (e.g ADDRESSES is 515 and ADDRESS is 510.
        indicator_resource_type = ResourceType(data_type_enum.value - 5)
        indicator_properties = ResourceProperties[indicator_resource_type.name].value()
        indicator_type = indicator_properties.resource_uri_attribute

        # determine properties
        indicator_resources = [
            'INDICATORS', 'ADDRESSES', 'EMAIL_ADDRESSES', 'FILES', 'HOSTS', 'URLS']
        if self._properties.resource_type.name in indicator_resources:
            # if the resource type is one of the above use the properties of that indicator
            properties = indicator_properties
        else:
            # otherwise use the properties of the resource
            properties = self._properties

        # url
        if data_type_enum == ResourceType.URLS:
            data = urllib.quote(data, safe='~')

        filter_type = data_type_enum.name.lower()

        ro = RequestObject(filter_type, data)
        ro.set_owner_allowed(properties.indicator_owner_allowed)
        ro.set_resource_pagination(properties.resource_pagination)
        ro.set_request_uri(
            properties.indicator_path, [indicator_type, data])
        ro.set_resource_type(properties.resource_type)
        self._add_request_objects(ro)
예제 #33
0
class VictimFilterObject(FilterObject):
    """ """
    def __init__(self, base_uri, tcl):
        """ """
        super(VictimFilterObject, self).__init__(base_uri, tcl)
        self._owners = []

        # define properties for resource type
        self._properties = VictimsProperties(base_uri=self.base_uri)
        self._resource_type = self._properties.resource_type

        # create default request object for filtered request with only owners
        self._request_object = RequestObject('victims', 'default')
        self._request_object.set_http_method(self._properties.http_method)
        self._request_object.set_owner_allowed(self._properties.base_owner_allowed)
        self._request_object.set_request_uri(self._properties.base_path)
        self._request_object.set_resource_pagination(self._properties.resource_pagination)
        self._request_object.set_resource_type(self._properties.resource_type)

        #
        # add_obj filter methods
        #
        for method_name in self._properties.filters:
            method = getattr(FilterMethods, method_name)
            setattr(self, method_name, types.MethodType(method, self))

    # special case for indicator associations
    def filter_associations(self, base_resource_type, identifier):
        """Get victims associated with base resource object
        GET /v2/groups/adversaries/747266/victims

        GET /v2/indicators/addresses/4.3.2.1/victims

        """
        base_properties = ResourceProperties[base_resource_type.name].value()

        request_uri = base_properties.base_path + '/'
        request_uri += str(identifier)
        request_uri += '/victims'

        description = 'Get victim associations for {0} resource ({1}).'.format(
            base_resource_type.name.lower(), str(identifier))

        filter_type = 'victim association'
        ro = RequestObject(
            filter_type, '{0}|{1}'.format(base_resource_type.name.lower(), identifier))
        ro.set_description(description)
        ro.set_owner_allowed(False)
        ro.set_resource_pagination(True)
        ro.set_request_uri(request_uri)
        ro.set_resource_type(ResourceType.VICTIMS)
        self._add_request_objects(ro)
예제 #34
0
def add_victim_id(self, data_int):
    """ """
    if not isinstance(data_int, int):
        raise AttributeError(ErrorCodes.e4090.value.format(data_int))

    prop = self._resource_properties['victims']
    ro = RequestObject()
    ro.set_description('api filter by victim id {0}'.format(data_int))
    ro.set_owner_allowed(prop['owner_allowed'])
    ro.set_resource_pagination(prop['pagination'])
    ro.set_request_uri(prop['uri'], [data_int])
    ro.set_resource_type(self._resource_type)
    self._add_request_objects(ro)
 def associate_indicator(self, indicator_type, indicator):
     """ associate a group to group by id """
     prop = self._resource_properties['association_indicator_add']
     ro = RequestObject()
     ro.set_description('associate indicator {0} to "{1}"'.format(
         indicator, self._name))
     ro.set_http_method(prop['http_method'])
     ro.set_owner_allowed(prop['owner_allowed'])
     ro.set_resource_pagination(prop['pagination'])
     indicator_uri_attribute = ApiProperties.api_properties[indicator_type.name]['uri_attribute']
     ro.set_request_uri(prop['uri'].format(indicator_uri_attribute, self._urlsafe(indicator), self.id))
     ro.set_resource_type(self._resource_type)
     self._resource_container.add_commit_queue(self.id, ro)
 def associate_victim(self, resource_id):
     """ associate victim from group """
     prop = self._resource_properties['association_victim_add']
     ro = RequestObject()
     ro.set_description('associate victim id {0} from "{1}"'.format(
         resource_id, self._name))
     ro.set_http_method(prop['http_method'])
     ro.set_owner_allowed(prop['owner_allowed'])
     ro.set_request_uri(prop['uri'].format(
         self._id, resource_id))
     ro.set_resource_pagination(prop['pagination'])
     ro.set_resource_type(self._resource_type)
     self._resource_container.add_commit_queue(self.id, ro)
 def associate_group(self, resource_type, resource_id):
     """ associate a group to group by id """
     prop = self._resource_properties['association_group_add']
     ro = RequestObject()
     ro.set_description('associate group type "{0}" id {1} to "{2}"'.format(
         resource_type.name, resource_id, self._name))
     ro.set_http_method(prop['http_method'])
     ro.set_owner_allowed(prop['owner_allowed'])
     ro.set_resource_pagination(prop['pagination'])
     group_uri_attribute = ApiProperties.api_properties[resource_type.name]['uri_attribute']
     ro.set_request_uri(prop['uri'].format(self._id, group_uri_attribute, resource_id))
     ro.set_resource_type(self._resource_type)
     self._resource_container.add_commit_queue(self.id, ro)
예제 #38
0
def add_tag(self, data):
    """ """
    if not isinstance(data, str):
        raise AttributeError(ErrorCodes.e4070.value.format(data))

    prop = self._resource_properties['tags']
    ro = RequestObject()
    ro.set_description('api filter by tag "{0}"'.format(data))
    ro.set_owner_allowed(prop['owner_allowed'])
    ro.set_resource_pagination(prop['pagination'])
    ro.set_request_uri(prop['uri'], [SharedMethods.urlsafe(data)])
    ro.set_resource_type(self._resource_type)
    self._add_request_objects(ro)
    def group_associations(self):
        """ retrieve associations for this group. associations are not stored within the object """
        prop = self._resource_properties['association_groups']
        ro = RequestObject()
        ro.set_description('retrieve group associations for {0}'.format(self._name))
        ro.set_http_method(prop['http_method'])
        ro.set_owner_allowed(prop['owner_allowed'])
        ro.set_request_uri(prop['uri'].format(self._id))
        # ro.set_owner(self.owner_name)
        ro.set_resource_pagination(prop['pagination'])
        ro.set_resource_type(self._resource_type)

        for item in self._tc.result_pagination(ro)['group']:
            yield threatconnect.GroupObject.parse_group(item, api_filter=ro.description, request_uri=ro.request_uri)
def add_threat_id(self, data_int):
    """ """
    if not isinstance(data_int, int):
        raise AttributeError(ErrorCodes.e4080.value.format(data_int))

    prop = self._resource_properties['groups']
    ro = RequestObject()
    ro.set_description('api filter by threat id {0}'.format(data_int))
    ro.set_http_method(prop['http_method'])
    ro.set_owner_allowed(prop['owner_allowed'])
    ro.set_request_uri(prop['uri'], ['threats', data_int])
    ro.set_resource_pagination(prop['pagination'])
    ro.set_resource_type(self._resource_type)
    self._add_request_objects(ro)
 def delete(self):
     """ delete indicator """
     prop = self._resource_properties['delete']
     ro = RequestObject()
     ro.set_description('delete group "{0}".'.format(self._name))
     ro.set_http_method(prop['http_method'])
     ro.set_owner_allowed(prop['owner_allowed'])
     if self.owner_name is not None:
         ro.set_owner(self.owner_name)
     ro.set_request_uri(prop['uri'].format(self._id))
     ro.set_resource_pagination(prop['pagination'])
     ro.set_resource_type(self.resource_type)
     self._tc.api_request(ro)
     self.set_phase(3)
    def victim_associations(self):
        """ retrieve associations for this group. associations are not stored within the object """
        prop = self._resource_properties['association_victims']
        ro = RequestObject()
        ro.set_description('retrieve victim associations for {0}'.format(self._name))
        ro.set_http_method(prop['http_method'])
        ro.set_owner_allowed(prop['owner_allowed'])
        ro.set_owner(self.owner_name)
        ro.set_request_uri(prop['uri'].format(self._id))
        ro.set_resource_pagination(prop['pagination'])
        ro.set_resource_type(self._resource_type)

        for item in self._tc.result_pagination(ro, 'victim'):
            yield parse_victim(item, api_filter=ro.description, request_uri=ro.request_uri)
    def update_attribute(self, attr_id, attr_value):
        """ update indicator attribute by id """
        prop = self._resource_properties['attribute_update']
        ro = RequestObject()
        ro.set_body(json.dumps({'value': attr_value}))
        ro.set_description('update attribute id {0} with value "{1}" on "{2}"'.format(
            attr_id, attr_value, self._name))
        ro.set_http_method(prop['http_method'])
        ro.set_owner_allowed(prop['owner_allowed'])
        ro.set_request_uri(prop['uri'].format(self._id, attr_id))
        ro.set_resource_pagination(prop['pagination'])
        ro.set_resource_type(self._resource_type)

        self._resource_container.add_commit_queue(self.id, ro)
    def download_errors(self):
        prop = self._resource_properties['batch_error_download']

        ro = RequestObject()
        ro.set_description('download errors for batchjob {0}'.format(self._id))
        ro.set_http_method(prop['http_method'])
        ro.set_owner_allowed(prop['owner_allowed'])
        ro.set_request_uri(prop['uri'].format(self._id))
        ro.set_resource_pagination(prop['pagination'])
        ro.set_resource_type(self._resource_type)
        api_response = self._tc.api_request(ro)

        if api_response.headers['content-type'] in ['application/octet-stream', 'text/plain']:
            self.set_errors(api_response.content)
def add_threat_id(self, data_int):
    """ """
    if not isinstance(data_int, int):
        raise AttributeError(ErrorCodes.e4080.value.format(data_int))

    prop = self._resource_properties['groups']
    ro = RequestObject()
    ro.set_description('api filter by threat id {0}'.format(data_int))
    ro.set_http_method(prop['http_method'])
    ro.set_owner_allowed(prop['owner_allowed'])
    ro.set_request_uri(prop['uri'], ['threats', data_int])
    ro.set_resource_pagination(prop['pagination'])
    ro.set_resource_type(self._resource_type)
    self._add_request_objects(ro)
def add_tag(self, data):
    """ """
    properties = self._properties
    if not isinstance(data, str):
        self.add_error(ErrorCodes.e4080.value.format(data))
        self._error = True
    else:
        filter_type = 'tag'
        ro = RequestObject(filter_type, data)
        ro.set_owner_allowed(properties.tag_owner_allowed)
        ro.set_resource_pagination(properties.resource_pagination)
        ro.set_request_uri(properties.tag_path, [data])
        ro.set_resource_type(properties.resource_type)
        self._add_request_objects(ro)
def add_security_label(self, data):
    """ filter api results by security label """
    # validation of data input
    if not isinstance(data, str):
        raise AttributeError(ErrorCodes.e4050.value.format(data))

    prop = self._resource_properties['security_labels']
    ro = RequestObject()
    ro.set_description('api filter by security label "{0}"'.format(data))
    ro.set_owner_allowed(prop['owner_allowed'])
    ro.set_resource_pagination(prop['pagination'])
    ro.set_request_uri(prop['uri'], [SharedMethods.urlsafe(data)])
    ro.set_resource_type(self._resource_type)
    self._add_request_objects(ro)
def add_security_label(self, data):
    """ filter api results by security label """
    # validation of data input
    if not isinstance(data, str):
        raise AttributeError(ErrorCodes.e4050.value.format(data))

    prop = self._resource_properties['security_labels']
    ro = RequestObject()
    ro.set_description('api filter by security label "{0}"'.format(data))
    ro.set_owner_allowed(prop['owner_allowed'])
    ro.set_resource_pagination(prop['pagination'])
    ro.set_request_uri(prop['uri'], [SharedMethods.urlsafe(data)])
    ro.set_resource_type(self._resource_type)
    self._add_request_objects(ro)