def jsonAddFilter(self): """ Endpoint for the AJAX request to validate and add a new filter. If valid, the filter is added and a new hash is created and appended to the database file with the current date and time, returning `True`. Otherwise `self.form_error` is returned. """ if self.validate_form(add_filter_form()): text = self.form_result['name'] label = "".join(self.form_result['name'].split(' ')).lower() fq = FilterQuery() fil = Filter(label, text) for f in self.form_result['filter']: cls = f['cls'] attr = f['attribute'] func = f['function'] val = f['value'] if f['value_list'] is not None: val_list = f['value_list'] else: val_list = None fq.add_element(cls, attr, func, val, val_list) fil.query = fq session.add(fil) session.commit() self.write_log(self.dbfile, 'Added a filter called ' + text) return True else: return self.form_error
def addDefaultFilters(self): """ Adds the default filters for the timegraph such as filtering by browser type, group, work hours, Google searches and local files. Gets called when a new case is being set up in `finish_wizard()` in :doc:`caseController`. """ # Add filters for the browsers available, unless only one browser, then a filter on # everything is pointless browsers = Browser.getAll().group_by(Browser.name).all() if len(browsers) > 1: for browser in browsers: f = Filter(u''.join(browser.name.lower().split(' ')), browser.name) fq = FilterQuery() cls = u'Browser' attr = u'name' func = u'Is' val = browser.name fq.add_element(cls, attr, func, val, None) f.query = fq session.add(f) session.flush() # filters for Google searches f = Filter(u'googlesearch', u'Google searches') fq = FilterQuery() params = [(u'URL Parts', u'query', u'Is not', None, None), (u'URL Parts', u'netloc', u'Is not', None, None), (u'URL Parts', u'path', u'Is not', None, None), (u'URL Parts', u'netloc', u'Contains', u'google', None), (u'URL Parts', u'path', u'Contains', u'search', None), ] for entry in params: fq.add_element(*entry) f.query = fq session.add(f) session.flush() # filters for local files accessed files = URL.getFilterBy(scheme="file").all() if files is not None: f = Filter(u'files', u'Local Files') fq = FilterQuery() cls = u'URL Parts' attr = u'scheme' func = u'Is' val = u'file' fq.add_element(cls, attr, func, val, None) f.query = fq session.add(f) session.flush() # filters for different groups groups = Group.getAll().all() if len(groups) > 1: for group in groups: f = Filter(u''.join(group.name.lower().split(' ')), group.name) fq = FilterQuery() cls = u'Group' attr = u'name' func = u'Is' val = group.name fq.add_element(cls, attr, func, val, None) f.query = fq session.add(f) session.flush() # filters for work hours f = Filter(u'workhours', u'Work hours') fq = FilterQuery() five = time(17, 00, 01) nine = time(8, 59, 59) params = [(u'Entry', u'access_time', u'Less than', five, None), (u'Entry', u'access_time', u'Greater than', nine, None), ] for entry in params: fq.add_element(*entry) f.query = fq session.add(f) session.flush() # filters for adverts f = Filter(u'adverts', u'Advert URLs') fq = FilterQuery() fq.add_element(u'URL Parts',u'domain',u'Is not', None, None) fq.add_element(u'URL Parts',u'domain',u'Is in list', None, 'advert_domainnames.txt') f.query = fq session.add(f) session.flush() # filters for Facebook, MySpace, Bebo, twitter, hi5 f = Filter(u'social', u'Social Networking URLs') fq = FilterQuery() fq.add_element(u'URL Parts',u'domain',u'Is not', None, None) fq.add_element(u'URL Parts',u'domain',u'Is in list', None, 'socialmedia.txt') f.query = fq session.add(f) session.flush() # filters for email f = Filter(u'email', u'Web Email') fq = FilterQuery() five = time(17, 00, 01) nine = time(8, 59, 59) params = [(u'Entry', u'url', u'Contains', 'mail', None), (u'URL Parts', u'scheme', u'Is Not', 'file', None), ] for entry in params: fq.add_element(*entry) f.query = fq session.add(f) session.flush() # filters for news f = Filter(u'news', u'News URLs') fq = FilterQuery() fq.add_element(u'URL Parts',u'hostname',u'Is not', None, None) fq.add_element(u'URL Parts',u'hostname',u'Is in list', None, 'news.txt') f.query = fq session.add(f) session.flush()