class PluginTester(object): """ Plugin Tester class. """ def __init__(self, plugin_file): """ Constructor Args: plugin_file:The plugin configuration file """ self.__plugin_file_name = plugin_file self.__plugin_file = None self.__plugin_loaded = False def __load_plugin(self): self.__plugin_file = PluginFile() self.__plugin_file.read(plugin_file=self.__plugin_file_name, encoding='latin1') self.__plugin_loaded = True def process(self): """Processes the plugin checks""" if not self.__plugin_loaded: self.__load_plugin() try: data = self.__plugin_file.check() except Exception as e: api_log.warning("[PluginTester] Cannot check the plugin %s" % str(e)) raise APICannotCheckPlugin(self.__plugin_file_name) return data
def apimethod_remove_plugin(plugin_file): """Removes a custom plugin from the systems""" try: plugin_path = os.path.join(END_FOLDER, plugin_file) if not os.path.isfile(plugin_path): raise APIPluginFileNotFound(plugin_file) plugin = PluginFile() # TODO: make some handy wrapper to combine read and check plugin.read(plugin_path, encoding='latin1') plugin.check() # validate and load all the plugins data plugin_data = get_plugin_data_for_plugin_id(plugin.plugin_id) if plugin_data is not None: if plugin_data.plugin_type == PluginDataType.ALIENVAULT_PLUGIN: raise APICannotBeRemoved("This is an AlienVault Plugin. It cannot be removed") # Remove the sids remove_plugin_data(plugin.plugin_id) remove_plugin_from_sensors(plugin_path) # Remove sql file locally (it's located only on server) os.remove(plugin_path + '.sql') except Exception as e: api_log.error("[apimethod_remove_plugin] {}".format(e)) if not isinstance(e, APIException): raise APICannotBeRemoved("{}".format(e)) else: raise
def apimethod_remove_plugin(plugin_file): """Removes a custom plugin from the systems""" try: plugin_path = os.path.join(END_FOLDER, plugin_file) if not os.path.isfile(plugin_path): raise APIPluginFileNotFound(plugin_file) plugin = PluginFile() # TODO: make some handy wrapper to combine read and check plugin.read(plugin_path, encoding='latin1') plugin.check() # validate and load all the plugins data plugin_data = get_plugin_data_for_plugin_id(plugin.plugin_id) if plugin_data is not None: if plugin_data.plugin_type == PluginDataType.ALIENVAULT_PLUGIN: raise APICannotBeRemoved( "This is an AlienVault Plugin. It cannot be removed") # Remove the sids remove_plugin_data(plugin.plugin_id) remove_plugin_from_sensors(plugin_path) # Remove sql file locally (it's located only on server) os.remove(plugin_path + '.sql') except Exception as e: api_log.error("[apimethod_remove_plugin] {}".format(e)) if not isinstance(e, APIException): raise APICannotBeRemoved("{}".format(e)) else: raise
def apimethod_upload_plugin(plugin_file, vendor, model, version, product_type, overwrite=False): """Uploads and verifies a given plugin file""" # 1 - check whether the plugin is a valid file or not try: temporal_plg_path = os.path.join(TEMPORAL_FOLDER, plugin_file) plugin_destination_path = os.path.join(END_FOLDER, plugin_file) temporal_plg_sql_path = temporal_plg_path + '.sql' plugin_asec_path = os.path.join(TEMPORAL_FOLDER, plugin_file) # The PluginCheck object will be able to check the syntax of a given plugin # return the available set of rules, etc. plugin = PluginFile() plugin.read(temporal_plg_path, encoding='latin1') data = plugin.check() data["need_overwrite"] = False if data["error_count"] > 0: raise APIInvalidPlugin(plugin.get_latest_error_msg()) if os.path.exists(plugin_destination_path) and not overwrite: data["need_overwrite"] = True return data # Choose what to do: insert or update need_to_update = get_plugin_data_for_plugin_id(plugin.plugin_id) and overwrite save_plugin_data_func = update_plugin_data if need_to_update else insert_plugin_data # Load plugin SQl into the DB. with open(temporal_plg_sql_path) as plugin_raw_sql: success, msg = save_plugin_from_raw_sql(plugin_raw_sql.read()) if not success: raise APICannotSavePlugin(msg) # Save plugin data. success, msg = save_plugin_data_func(plugin.plugin_id, plugin_name=plugin_file, vendor=vendor, model=model, version=version, nsids=len(data["rules"]), product_type=product_type) if not success: raise APICannotSavePlugin(msg) # 2 - Save plugin with the appropriate headers (vendor:model:version) if not plugin.save(destination=plugin_destination_path, vendor=vendor, model=model, product_type=product_type, version=version): remove_plugin_data(plugin.plugin_id) raise APICannotSavePlugin(message=plugin.get_latest_error_msg() or "Cannot save plugin file.") # Copy plugin sql file to plugins custom dir copy(temporal_plg_sql_path, END_FOLDER) # Remove via ansible due to file permissions remove_file(['127.0.0.1'], plugin_asec_path) remove_file(['127.0.0.1'], plugin_asec_path + '.sql') # TODO: Is the plugin fd already in use? What is the next free plugin id? # 3 - Synchronize Plugins. from celerymethods.tasks.monitor_tasks import monitor_sync_custom_plugins # Force synchronization job = monitor_sync_custom_plugins.delay() if job.id is None: raise APICannotSavePlugin("Cannot synchronize the plugin.") data["synchronization_job"] = job.id except Exception as e: api_log.error("[apimethod_upload_plugin] {}".format(str(e))) if not isinstance(e, APIException): raise APICannotSavePlugin() raise # The method should return a python dic with the job id (the one that is synchronizing the plugins) and # the list of plugin sids for the plugin. return data
def apimethod_upload_plugin(plugin_file, vendor, model, version, product_type, overwrite=False): """Uploads and verifies a given plugin file""" # 1 - check whether the plugin is a valid file or not try: temporal_plg_path = os.path.join(TEMPORAL_FOLDER, plugin_file) plugin_destination_path = os.path.join(END_FOLDER, plugin_file) temporal_plg_sql_path = temporal_plg_path + '.sql' plugin_asec_path = os.path.join(TEMPORAL_FOLDER, plugin_file) # The PluginCheck object will be able to check the syntax of a given plugin # return the available set of rules, etc. plugin = PluginFile() plugin.read(temporal_plg_path, encoding='latin1') data = plugin.check() data["need_overwrite"] = False if data["error_count"] > 0: raise APIInvalidPlugin(plugin.get_latest_error_msg()) if os.path.exists(plugin_destination_path) and not overwrite: data["need_overwrite"] = True return data # Choose what to do: insert or update need_to_update = get_plugin_data_for_plugin_id( plugin.plugin_id) and overwrite save_plugin_data_func = update_plugin_data if need_to_update else insert_plugin_data # Load plugin SQl into the DB. with open(temporal_plg_sql_path) as plugin_raw_sql: success, msg = save_plugin_from_raw_sql(plugin_raw_sql.read()) if not success: raise APICannotSavePlugin(msg) # Save plugin data. success, msg = save_plugin_data_func(plugin.plugin_id, plugin_name=plugin_file, vendor=vendor, model=model, version=version, nsids=len(data["rules"]), product_type=product_type) if not success: raise APICannotSavePlugin(msg) # 2 - Save plugin with the appropriate headers (vendor:model:version) if not plugin.save(destination=plugin_destination_path, vendor=vendor, model=model, product_type=product_type, version=version): remove_plugin_data(plugin.plugin_id) raise APICannotSavePlugin(message=plugin.get_latest_error_msg() or "Cannot save plugin file.") # Copy plugin sql file to plugins custom dir copy(temporal_plg_sql_path, END_FOLDER) # Remove via ansible due to file permissions remove_file(['127.0.0.1'], plugin_asec_path) remove_file(['127.0.0.1'], plugin_asec_path + '.sql') # TODO: Is the plugin fd already in use? What is the next free plugin id? # 3 - Synchronize Plugins. from celerymethods.tasks.monitor_tasks import monitor_sync_custom_plugins # Force synchronization job = monitor_sync_custom_plugins.delay() if job.id is None: raise APICannotSavePlugin("Cannot synchronize the plugin.") data["synchronization_job"] = job.id except Exception as e: api_log.error("[apimethod_upload_plugin] {}".format(str(e))) if not isinstance(e, APIException): raise APICannotSavePlugin() raise # The method should return a python dic with the job id (the one that is synchronizing the plugins) and # the list of plugin sids for the plugin. return data