class User(odm.Model):
agrees_with_tos = odm.Optional(
odm.Date(index=False, store=False),
description="Date the user agree with terms of service")
api_quota = odm.Integer(
default=10,
store=False,
description="Maximum number of concurrent API requests")
apikeys = odm.Mapping(odm.Compound(ApiKey),
default={},
index=False,
store=False,
description="Mapping of API keys")
apps = odm.Mapping(odm.Compound(Apps),
default={},
index=False,
store=False,
description="Applications with access to the account")
can_impersonate = odm.Boolean(
default=False,
index=False,
store=False,
description="Allowed to query on behalf of others?")
classification = odm.Classification(
is_user_classification=True,
copyto="__text__",
default=Classification.UNRESTRICTED,
description="Maximum classification for the user")
dn = odm.Optional(odm.Keyword(store=False, copyto="__text__"),
description="User's LDAP DN")
email = odm.Optional(odm.Email(copyto="__text__"),
description="User's email address")
groups = odm.List(odm.Keyword(),
copyto="__text__",
default=["USERS"],
description="List of groups the user submits to")
is_active = odm.Boolean(default=True, description="Is the user active?")
name = odm.Keyword(copyto="__text__", description="Full name of the user")
otp_sk = odm.Optional(
odm.Keyword(index=False, store=False),
description="Secret key to generate one time passwords")
password = odm.Keyword(index=False,
store=False,
description="BCrypt hash of the user's password")
submission_quota = odm.Integer(
default=5,
store=False,
description="Maximum number of concurrent submissions")
type = odm.List(odm.Enum(values=USER_TYPES),
default=['user'],
description="Type of user")
security_tokens = odm.Mapping(odm.Keyword(),
index=False,
store=False,
default={},
description="Map of security tokens")
uname = odm.Keyword(copyto="__text__", description="Username")
class UI(odm.Model):
# Allow user to tell in advance the system that a file is malicious
allow_malicious_hinting: bool = odm.Boolean()
# Allow to user to download raw files
allow_raw_downloads: bool = odm.Boolean()
# Allow file submissions via url
allow_url_submissions: bool = odm.Boolean()
# Should API calls be audited and saved to a separate log file?
audit: bool = odm.Boolean()
# Banner message display on the main page (format: {<language_code>: message})
banner: Dict[str, str] = odm.Optional(odm.Mapping(odm.Keyword()))
# Banner message display on the main page (format: {<language_code>: message})
banner_level: str = odm.Enum(
values=["info", "warning", "success", "error"])
# Turn on debugging
debug: bool = odm.Boolean()
# Which encoding will be used
download_encoding = odm.Enum(values=["raw", "cart"])
# Assemblyline admins email address
email: str = odm.Optional(odm.Email())
# Enforce the user's quotas
enforce_quota: bool = odm.Boolean()
# Fully qualified domain name to use for the 2-factor authentication validation
fqdn: str = odm.Text()
# Maximum priority for ingest API
ingest_max_priority: int = odm.Integer()
# Turn on read only mode in the UI
read_only: bool = odm.Boolean()
# Offset of the read only mode for all paging and searches
read_only_offset: str = odm.Keyword(default="")
# Flask secret key to store cookies and stuff
secret_key: str = odm.Keyword()
# Duration of the user session before the user has to login again
session_duration: int = odm.Integer()
# Statistics configuration
statistics: Statistics = odm.Compound(Statistics,
default=DEFAULT_STATISTICS)
# Terms of service
tos: str = odm.Optional(odm.Text())
# Lock out user after accepting the terms of service
tos_lockout: bool = odm.Boolean()
# List of admins to notify when a user gets locked out
tos_lockout_notify: bool = odm.Optional(odm.List(odm.Keyword()))
# Headers that will be used by the url_download method
url_submission_headers: Dict[str, str] = odm.Optional(
odm.Mapping(odm.Keyword()))
# Proxy that will be used by the url_download method
url_submission_proxies: Dict[str, str] = odm.Optional(
odm.Mapping(odm.Keyword()))
# Validate if the session ip matches the ip the session was created from
validate_session_ip: bool = odm.Boolean()
# Validate if the session useragent matches the useragent the session was created with
validate_session_useragent: bool = odm.Boolean()
class User(odm.Model):
agrees_with_tos = odm.Optional(odm.Date(
index=False, store=False)) # Date the user agree with terms of service
api_quota = odm.Integer(
default=10, store=False) # Max number of concurrent API requests
apikeys = odm.Mapping(odm.Compound(ApiKey),
default={},
index=False,
store=False) # Mapping of api keys
can_impersonate = odm.Boolean(
default=False, index=False,
store=False) # Allowed to query on behalf of others
classification = odm.Classification(
is_user_classification=True,
copyto="__text__",
default=Classification.UNRESTRICTED) # Max classification for the user
dn = odm.Optional(odm.Keyword(store=False,
copyto="__text__")) # User ldap DN
email = odm.Optional(odm.Email(copyto="__text__")) # User's email address
groups = odm.List(odm.Keyword(), copyto="__text__",
default=["USERS"]) # List of groups the user submits to
is_active = odm.Boolean(default=True) # is the user active
name = odm.Keyword(copyto="__text__") # Full name of the user
otp_sk = odm.Optional(odm.Keyword(
index=False, store=False)) # Secret key to generate one time passwords
password = odm.Keyword(index=False,
store=False) # BCrypt hash of the user's password
submission_quota = odm.Integer(
default=5, store=False) # Maximum number of concurrent submissions
type = odm.List(odm.Enum(values=USER_TYPES),
default=['user']) # Type of user
security_tokens = odm.Mapping(odm.Keyword(),
index=False,
store=False,
default={}) # Map of security tokens
uname = odm.Keyword(copyto="__text__") # Username
class UI(odm.Model):
alerting_meta: AlertingMeta = odm.Compound(
AlertingMeta,
default=DEFAULT_ALERTING_META,
description="Alerting metadata fields")
allow_malicious_hinting: bool = odm.Boolean(
description=
"Allow user to tell in advance the system that a file is malicious?")
allow_raw_downloads: bool = odm.Boolean(
description="Allow user to download raw files?")
allow_zip_downloads: bool = odm.Boolean(
description="Allow user to download files as password protected ZIPs?")
allow_replay: bool = odm.Boolean(
description="Allow users to request replay on another server?")
allow_url_submissions: bool = odm.Boolean(
description="Allow file submissions via url?")
audit: bool = odm.Boolean(
description=
"Should API calls be audited and saved to a separate log file?")
banner: Dict[str, str] = odm.Optional(
odm.Mapping(odm.Keyword()),
description=
"Banner message display on the main page (format: {<language_code>: message})"
)
banner_level: str = odm.Enum(
values=["info", "warning", "success", "error"],
description="Banner message level")
debug: bool = odm.Boolean(description="Enable debugging?")
discover_url: str = odm.Optional(odm.Keyword(), description="Discover URL")
download_encoding = odm.Enum(
values=["raw", "cart"],
description="Which encoding will be used for downloads?")
email: str = odm.Optional(odm.Email(),
description="Assemblyline admins email address")
enforce_quota: bool = odm.Boolean(description="Enforce the user's quotas?")
fqdn: str = odm.Text(
description=
"Fully qualified domain name to use for the 2-factor authentication validation"
)
ingest_max_priority: int = odm.Integer(
description="Maximum priority for ingest API")
read_only: bool = odm.Boolean(
description="Turn on read only mode in the UI")
read_only_offset: str = odm.Keyword(
default="",
description="Offset of the read only mode for all paging and searches")
secret_key: str = odm.Keyword(
description="Flask secret key to store cookies, etc.")
session_duration: int = odm.Integer(
description=
"Duration of the user session before the user has to login again")
statistics: Statistics = odm.Compound(
Statistics,
default=DEFAULT_STATISTICS,
description="Statistics configuration")
tos: str = odm.Optional(odm.Text(), description="Terms of service")
tos_lockout: bool = odm.Boolean(
description="Lock out user after accepting the terms of service?")
tos_lockout_notify: List[str] = odm.Optional(
odm.List(odm.Keyword()),
description="List of admins to notify when a user gets locked out")
url_submission_headers: Dict[str, str] = odm.Optional(
odm.Mapping(odm.Keyword()),
description="Headers used by the url_download method")
url_submission_proxies: Dict[str, str] = odm.Optional(
odm.Mapping(odm.Keyword()),
description="Proxy used by the url_download method")
validate_session_ip: bool = \
odm.Boolean(description="Validate if the session IP matches the IP the session was created from")
validate_session_useragent: bool = \
odm.Boolean(description="Validate if the session useragent matches the useragent the session was created with")
class NetworkEmail(odm.Model):
address = odm.Optional(odm.List(odm.Email(copyto="__text__")))
date = odm.Optional(odm.List(odm.Keyword(copyto="__text__")))
subject = odm.Optional(odm.List(odm.Keyword(copyto="__text__")))
msg_id = odm.Optional(odm.List(odm.Keyword(copyto="__text__")))
class NetworkEmail(odm.Model):
address = odm.Optional(odm.List(odm.Email(copyto="__text__")), description="Email Address")
date = odm.Optional(odm.List(odm.Keyword(copyto="__text__")), description="Date")
subject = odm.Optional(odm.List(odm.Keyword(copyto="__text__")), description="Subject")
msg_id = odm.Optional(odm.List(odm.Keyword(copyto="__text__")), description="Message ID")