def settings(**kwargs): forced = 'forced' in request.args if forced: forced = 'true' else: forced = 'false' return custom_render("settings.html", forced=forced, **kwargs)
def submission_detail(**kwargs): sid = angular_safe(request.args.get("sid", None)) new = "new" in request.args if new: new = 'true' else: new = 'false' return custom_render("submission_detail.html", sid=sid, new=new, **kwargs)
def kibana_dashboard(**kwargs): dash = angular_safe(request.args.get('dash', None)) if not dash: abort(404) return custom_render("kibana-dash.html", dash=dash, padding={ True: 70, False: 50 }[kwargs['user']['c12n_enforcing']], **kwargs)
def submissions(**kwargs): user = kwargs['user'] group = angular_safe(request.args.get('group', None)) uname = None if not group: uname = angular_safe(request.args.get('user', user['uname'])) return custom_render("submissions.html", uname=uname, group=group, **kwargs)
def tos(**kwargs): if config.ui.get("tos", None) is not None: kwargs['menu'] = None agreed_date = kwargs['user'].get('agrees_with_tos', None) if agreed_date: agreed_date = iso_to_local(agreed_date)[:19] tos_raw = Markup(markdown.markdown(config.ui.tos)) return custom_render("terms.html", tos=tos_raw, agreed_date=agreed_date, **kwargs) else: return redirect(redirect_helper("/"))
def admin_build_doc(**kwargs): def _list_files(): fmap = OrderedDict() flist = [] for root, dirnames, filenames in os.walk(config.ui.install_path): for filename in fnmatch.filter(filenames, '*.md'): file_path = os.path.join(root, filename) file_path = file_path.replace(config.ui.install_path, "") if file_path.startswith("/"): file_path = file_path[1:] flist.append(file_path) pkg_root, fname = file_path.replace("/opt/al/pkg/", "").split(os.sep, 1) if pkg_root not in fmap: fmap[pkg_root] = [] fmap[pkg_root].append(fname) for key in fmap.keys(): fmap[key] = sorted(fmap[key]) return fmap, flist file_map, file_list = _list_files() raw = None content = "" my_file = angular_safe(request.args.get("fname", None)) if my_file and my_file in file_list: data = codecs.open(os.path.join(config.ui.install_path, my_file), "rb", "utf-8").read() content = markdown.markdown(data) basedir = os.path.dirname(my_file) content = Markup( re.sub(r'href="(?!(http|ftp))', r'href="documentation.html?fname=%s/' % basedir, content)) if my_file == "assemblyline/docs/markdown_documentation_example.md": raw = data return custom_render("admin_documentation.html", content=content, raw=raw, file_map=file_map, fname=my_file, **kwargs)
def search_help(**kwargs): field_list = { k: sorted([(x, y) for x, y in v.iteritems()]) for k, v in STORAGE.generate_field_list(False).iteritems() } lookup = { "text_ws": "whitespace separated text", "text_ws_dsplit": "dot and whitespace separated text", "text_general": "tokenized text", "text_fuzzy": "separated fuzzy patterns", } return custom_render("search_help.html", field_list=field_list, lookup=lookup, **kwargs)
def alert_detail(*_, **kwargs): user = kwargs['user'] alert_key = angular_safe(request.args.get("alert_key", None)) if not alert_key: abort(404) alert = STORAGE.get_alert(alert_key) if user and alert and Classification.is_accessible( user['classification'], alert['classification']): return custom_render("alert_detail.html", alert_key=alert_key, **kwargs) else: abort(403)
def alerts(*_, **kwargs): filtering_group_fields = config.core.alerter.filtering_group_fields non_filtering_group_fields = config.core.alerter.non_filtering_group_fields possible_group_fields = filtering_group_fields + non_filtering_group_fields search_filter = angular_safe(request.args.get("filter", "*")) if search_filter: search_filter = search_filter.replace("\\", "\\\\") search_filter = search_filter.replace("'", "\\'") search_text = search_filter if search_filter == "": search_filter = "*" elif search_filter == "*": search_text = "" filter_queries = [ angular_safe(x) for x in request.args.getlist("fq") if x != "" ] time_slice = angular_safe(request.args.get("time_slice", "4DAY")) start_time = angular_safe(request.args.get("start_time", None)) view_type = angular_safe(request.args.get("view_type", "grouped")) group_by = angular_safe( request.args.get("group_by", config.core.alerter.default_group_field)) if group_by not in possible_group_fields: group_by = config.core.alerter.default_group_field temp = time_slice.replace("HOUR", "").replace("MINUTE", "").replace("DAY", "").replace("WEEK", "")\ .replace("YEAR", "") if time_slice != "": try: int(temp) except Exception: time_slice = "4DAY" return custom_render( "alerts.html", search_text=search_text, filter=search_filter, start_time=start_time, time_slice=time_slice, view_type=view_type, filter_queries=json.dumps(filter_queries), group_by=group_by, filtering_group_fields=json.dumps(filtering_group_fields), non_filtering_group_fields=json.dumps(non_filtering_group_fields), **kwargs)
def login(): if request.environ.get("HTTP_X_REMOTE_CERT_VERIFIED", "FAILURE") == "SUCCESS": dn = ",".join( request.environ.get("HTTP_X_REMOTE_DN").split("/")[::-1][:-1]) else: dn = "" avatar = None username = '' alternate_login = '******' if dn: u_list = STORAGE.advanced_search('user', 'dn:"%s"' % dn, args=[('fl', '_yz_rk') ])['response']['docs'] if len(u_list): username = u_list[0]['_yz_rk'] avatar = STORAGE.get_user_avatar( username) or "/static/images/user_default.png" alternate_login = '******' else: try: username = dn.rsplit('CN=', 1)[1] except IndexError: username = dn avatar = "/static/images/user_default.png" alternate_login = '******' if config.auth.get('encrypted_login', True): public_key = STORAGE.get_blob('id_rsa.pub') if not public_key: public_key, private_key = generate_async_keys( key_size=config.ui.get('rsa_key_size', 2048)) STORAGE.save_blob('id_rsa.pub', public_key) STORAGE.save_blob('id_rsa', private_key) else: public_key = None next_url = angular_safe(request.args.get('next', "/")) return custom_render("login.html", next=next_url, public_key=public_key, avatar=avatar, username=username, alternate_login=alternate_login)
def file_viewer(**kwargs): user = kwargs['user'] srl = angular_safe(request.args.get("srl", None)) if not srl: abort(404) data = STORAGE.get_file(srl) if not data: abort(404) if not Classification.is_accessible(user['classification'], data['classification']): abort(403) return custom_render("file_viewer.html", srl=srl, **kwargs)
def signature_detail(**kwargs): user = kwargs['user'] sid = angular_safe(request.args.get("sid", None)) rev = angular_safe(request.args.get("rev", None)) if not sid or not rev: abort(404) data = STORAGE.get_signature("%sr.%s" % (sid, rev)) if not data: abort(404) if not Classification.is_accessible( user['classification'], data['meta'].get( 'classification', Classification.UNRESTRICTED)): abort(403) return custom_render("signature_detail.html", sid=sid, rev=rev, organisation=ORGANISATION, **kwargs)
def admin_services(**kwargs): return custom_render("admin_service_configs.html", **kwargs)
def admin_seed(**kwargs): return custom_render("admin_seed.html", **kwargs)
def admin_provisioning(**kwargs): return custom_render("admin_provisioning.html", **kwargs)
def admin_profiles(**kwargs): return custom_render("admin_profiles.html", **kwargs)
def admin_hosts(**kwargs): return custom_render("admin_hosts.html", **kwargs)
def signatures(**kwargs): return custom_render("signatures.html", org=ORGANISATION, **kwargs)
def admin_vm(**kwargs): return custom_render("admin_virtual_machines.html", **kwargs)
def workflows(**kwargs): return custom_render("workflows.html", **kwargs)
def yara_help(**kwargs): return custom_render("yara_standard.html", **kwargs)
def search(**kwargs): query = angular_safe(request.args.get('query', None)) if query: query = query.replace("\\", "\\\\") query = query.replace("'", "\\'") return custom_render("search.html", query=query, **kwargs)
def account(**kwargs): return custom_render("account.html", **kwargs)
def services(**kwargs): return custom_render("services.html", **kwargs)
def admin_site_map(**kwargs): return custom_render("admin_site_map.html", **kwargs)
def logout(**_): return custom_render("logout.html", )
def admin_user(**kwargs): return custom_render("admin_users.html", **kwargs)
def admin_errors(**kwargs): query = angular_safe(request.args.get('filter', "")) if query: query = query.replace("\\", "\\\\") query = query.replace("'", "\\'") return custom_render("admin_errors.html", filter=query, **kwargs)
def submit(**kwargs): show_tos = config.ui.get("tos", None) is not None return custom_render("submit.html", show_tos=show_tos, **kwargs)
def signature_statistics(*_, **kwargs): return custom_render("signature_statistics.html", **kwargs)