def post(self, request):
body_data = request.body
user = request.myuser
data = judge_data_complate(body_data)
if not data:
return JsonResponse(code[60004])
try:
task = Task().create_task(data, user)
# 插入任务进度
progress_dict = {
1: "隐蔽攻击源",
2: "收集攻击目标信息",
3: "挖掘漏洞信息",
4: "获取目标访问权限",
5: "隐蔽攻击行为",
6: "实时攻击",
7: "开辟后门",
8: "清除攻击痕迹,销毁攻击源"
}
for k, v in progress_dict.items():
TaskProgress.objects.create(name=v, weight=k, task=task)
user.task_count += 1
user.save()
action_info = f'创建任务: [{data.get("title")}]'
write_sys_log(action_info, user)
CreateDeleteTask().del_user_info_cache()
except Exception:
return JsonResponse(code[20002])
return JsonResponse(code[200])
def create(request):
if request.method == 'POST':
body_data = request.body
myuser = request.myuser
if myuser.user_permission != 1:
return JsonResponse(code[10410])
data = judge_data_complate(body_data)
if not data:
return JsonResponse(code[10001])
name = data.get('username')
f_passwd_f = str(data.get('f_passwd'))
s_passwd_s = str(data.get('s_passwd'))
try:
f_passwd = decode_passwd(f_passwd_f)
s_passwd = decode_passwd(s_passwd_s)
except Exception as e:
return JsonResponse(code[10409])
if f_passwd != s_passwd:
return JsonResponse(code[10003])
try:
flag = UserInfo().create_user(data, s_passwd)
if not flag:
return JsonResponse(code[10002])
except Exception as e:
return JsonResponse(code[10401])
# 签发token
action_info = f'创建用户: [{name}]'
write_sys_log(action_info, myuser)
res_data = code[200]
res_data['token'] = make_token(name).decode()
return JsonResponse(res_data)
else:
return JsonResponse(code[60001])
def post(self, request):
myuser = request.myuser
body_data = request.body
data = judge_data_complate(body_data)
if not data:
return JsonResponse(code[10001])
flag, account = SearchEngine().modify_search_engine(data)
if not flag:
return JsonResponse(code[10406])
action_info = f'修改信息收集账号: [{account}]'
write_sys_log(action_info, myuser)
return JsonResponse(code[200])
def post(self, request):
"""
创建api_key
"""
myuser = request.myuser
body_data = request.body
data = judge_data_complate(body_data)
if not data:
return JsonResponse(code[10001])
account_key = SearchEngine().create_key(data)
action_info = f'创建信息收集账号: [{account_key}]'
write_sys_log(action_info, myuser)
return JsonResponse(code[200])
def get(self, request):
"""
删除api_key
"""
myuser = request.myuser
engine_id = request.GET.get('engine_id')
if not engine_id:
return JsonResponse(code[10004])
flag, account = SearchEngine().delete_engine_info(engine_id)
if not flag:
return JsonResponse(code[10406])
action_info = f'删除信息收集账号: [{account}]'
write_sys_log(action_info, myuser)
return JsonResponse(code[200])
def get(self, request):
try:
myuser = request.myuser
user_id = request.GET.get('user_id')
if not user_id:
return JsonResponse(code[10004])
flag, username = UserInfo().delete_user_info(user_id)
if not flag:
return JsonResponse(code[10402])
action_info = f'删除用户: [{username}]'
write_sys_log(action_info, myuser)
return JsonResponse(code[200])
except Exception as e:
print(e)
return JsonResponse(code[10402])
def get(self, request):
task_id = request.GET.get('task_id')
user = request.myuser
try:
task_obj = Task.objects.get(id=task_id)
if user.user_permission == 1 or task_obj.user_id == user.id:
result = Task().delete_task(task_id)
action_info = f'删除任务: [{task_obj.title}]'
write_sys_log(action_info, user)
if not result:
return JsonResponse(code[20006])
CreateDeleteTask().del_user_info_cache()
return JsonResponse(code[200])
return JsonResponse(code[20009])
except Exception:
return JsonResponse(code[20006])
def post(self, request):
user = request.myuser
body_data = request.body
data = judge_data_complate(body_data)
if not data:
return JsonResponse(code[60004])
try:
result = Task().modify_task(data)
if not result:
return JsonResponse(code[20003])
except Exception as e:
err_info = code[60003]
err_info['info'] = str(e)
return JsonResponse(err_info)
action_info = f'修改任务: [{data.get("title")}]'
write_sys_log(action_info, user)
return JsonResponse(code[200])
def delete_note(cls, note_id, user):
"""note_id 删除笔记"""
try:
note = Note.objects.get(id=note_id)
note_dir = NoteDir.objects.get(id=note.file_dir.id)
content = note.content
delete_note_image(content)
task_id = note_dir.task_id
note.delete()
BackNote().note_id_delete(note_id)
if note.note_premission == 2:
action_info = f'删除笔记: [{note_dir.note_name}]'
write_sys_log(action_info, user)
NoteLog().write_note_action_log(3, note.note_name, user.id,
task_id)
return True
except Exception as e:
return False
def post(self, request):
myuser = request.myuser
body_data = request.body
data = judge_data_complate(body_data)
if not data:
return JsonResponse(code[10001])
try:
flag, username = UserInfo().update_user_info(data)
if not flag:
return JsonResponse(code[10004])
action_info = f'修改用户: [{username}]'
write_sys_log(action_info, myuser)
return JsonResponse(code[200])
except Exception as e:
print(e)
res_data = code[10403]
res_data['info'] = e
return JsonResponse(code[10403])