def add_device(): error = None if request.method == 'POST': _devicename = request.form['devicename'].strip() _description = request.form['description'].strip() _version = request.form['version'].strip() # validate the recieved values if _devicename: # make sure device doesn't exist already try: device = Devices.get(Devices.devicename == _devicename) if device: error = 'Device "' + _devicename + '" already exists' except Devices.DoesNotExist: device = Devices(devicename=_devicename, description=_description, version=_version) device.save() global added_device added_device = { 'object': device, 'deviceid': device.deviceid, 'devicename': _devicename, 'description': _description, 'version': _version } # add a successful completion mark flash('Device "' + _devicename + '" was successfully added.') return redirect(url_for('index')) else: error = 'Enter the required fields' return render_template('add_device.html', error=error)
def add_device(): error = None if request.method == 'POST': _devicename = request.form['devicename'].strip() _description = request.form['description'].strip() _version = request.form['version'].strip() # validate the recieved values if _devicename: # make sure device doesn't exist already try: device = Devices.get(Devices.devicename==_devicename) if device: error = 'Device "' + _devicename + '" already exists' except Devices.DoesNotExist: device = Devices(devicename=_devicename, description=_description, version=_version) device.save() global added_device added_device = {'object': device, 'deviceid': device.deviceid, 'devicename': _devicename, 'description': _description, 'version': _version} # add a successful completion mark flash('Device "' + _devicename + '" was successfully added.') return redirect(url_for('index')) else: error = 'Enter the required fields' return render_template('add_device.html', error=error)
def api_online_devices(request, *, page='1'): check_admin(request) page_index = get_page_index(page) num = yield from Devices.findNumber(selectField='count(id)', where='(%ld - updated_at) < 7' % time.time()) p = Page(num, page_index) if num == 0: return dict(page=p, data=()) devices = yield from Devices.findAll(where='(%ld - updated_at) > 7' % time.time(), orderBy='created_at desc', limit=(p.offset, p.limit)) return dict(page=p, data=devices)
def api_devices(request, *, name, addr, mac): check_admin(request) if not name or not name.strip(): raise APIValueError('name', 'name cannot be empty.') if not addr or not addr.strip(): raise APIValueError('addr', 'addr cannot be empty.') if not mac or not mac.strip(): raise APIValueError('mac', 'mac cannot be empty.') devices = Devices(name=name.strip(), addr=addr.strip(), mac=mac.strip(), updated_at=time.time()) yield from devices.save_or_update() return devices
def edit_devices(): error = None if request.method == 'POST': # check if this is remove vs update POST request action = request.form.getlist('action') if action[0] == 'remove': # read in the content of a present click list_value = request.form.getlist('id') # if list is not empty - content has gone through if len(list_value) > 0: value = int(list_value[0]) # find device and rules associated with it device = Devices.get(Devices.deviceid == value) # recursively - delete all dependencies incl. nullable device.delete_instance(recursive=True, delete_nullable=True) elif action[0] == 'update': # read in the content of a present click list_id_value = request.form.getlist('id') print list_id_value # if list is not empty - content has gone through if len(list_id_value) > 0: id_value = int(list_id_value[0]) print "value is", id_value # find device and rules associated with it device = Devices.get(Devices.deviceid == id_value) list_name_value = request.form.getlist('name') list_descr_value = request.form.getlist('descr') list_ver_value = request.form.getlist('ver') if list_name_value[0] != '': if list_name_value[0] != device.devicename: device.devicename = list_name_value[0] elif list_descr_value[0] != device.description: device.description = list_descr_value[0] elif list_ver_value[0] != device.version: device.version = list_ver_value[0] device.save() else: error = 'Name cannot be empty' else: # list devices entries = [ dict(did=device.deviceid, dname=device.devicename, ddescr=device.description, dver=device.version) for device in Devices.select() ] return render_template('edit_devices.html', error=error, entries=entries)
def login(): req = request.get_json() check_params(req, 'email', 'password', 'device_token') user = Users.query.filter_by(email=req['email'], password=sha256(req['password'])).first() if user is None: raise APIException('Sorry you entered the wrong email or password', 404) if user.status._value_ == 'invalid': raise APIException('Email not validated', 405) if user.status._value_ == 'suspended': raise APIException('Your account is suspended', 405) is_token_registered = \ Devices.query.filter_by( token=req['device_token'] ).first() is not None profile_exists = Profiles.query.get(user.id) is not None if profile_exists and not is_token_registered: db.session.add(Devices(user_id=user.id, token=req['device_token'])) db.session.commit() return jsonify({ 'jwt': create_jwt({ 'id': user.id, 'role': 'user', 'exp': req.get('exp', 15) }) }), 200
def show_devices(): entries = [ dict(did=device.deviceid, dname=device.devicename, ddescr=device.description, dver=device.version) for device in Devices.select() ] return render_template('show_devices.html', entries=entries)
def add_device(user_id): req = request.get_json() utils.check_params(req, 'device_token') db.session.add(Devices( user_id = user_id, token = req['device_token'] )) db.session.commit() return jsonify({'message':'Device added successfully'})
def edit_devices(): error = None if request.method == 'POST': # check if this is remove vs update POST request action = request.form.getlist('action') if action[0] == 'remove': # read in the content of a present click list_value = request.form.getlist('id') # if list is not empty - content has gone through if len(list_value) > 0: value = int(list_value[0]) # find device and rules associated with it device = Devices.get(Devices.deviceid == value) # recursively - delete all dependencies incl. nullable device.delete_instance(recursive=True,delete_nullable=True) elif action[0] == 'update': # read in the content of a present click list_id_value = request.form.getlist('id') print list_id_value # if list is not empty - content has gone through if len(list_id_value) > 0: id_value = int(list_id_value[0]) print "value is", id_value # find device and rules associated with it device = Devices.get(Devices.deviceid == id_value) list_name_value = request.form.getlist('name') list_descr_value = request.form.getlist('descr') list_ver_value = request.form.getlist('ver') if list_name_value[0] != '': if list_name_value[0] != device.devicename: device.devicename = list_name_value[0] elif list_descr_value[0] != device.description: device.description = list_descr_value[0] elif list_ver_value[0] != device.version: device.version = list_ver_value[0] device.save() else: error = 'Name cannot be empty' else: # list devices entries = [dict(did=device.deviceid, dname=device.devicename, ddescr=device.description, dver=device.version) for device in Devices.select()] return render_template('edit_devices.html', error=error, entries=entries)
def add_device(user_id): body = request.get_json() check_params(body, 'token') db.session.add(Devices(user_id=user_id, token=body['token'])) db.session.commit() return jsonify({'message': 'Device added successfully'})
def create_bug(id, deviceid, uid): # fetch tester ID via query, feel like there has to be a better way of doing this but i'll revisit this later tester = Tester.objects(uid=int(uid)).first() bug = Bugs(bugid=int(id), device=Devices.objects(deviceid=deviceid).first().id, tester=tester.id) bug.save() tester.update(push__bugs=bug) tester.save() return bug
def list_devicerules(): # select device devices = [ dict(did=device.deviceid, dname=device.devicename) for device in Devices.select() ] # select token tokens = [ dict(tid=each.tokenid, tname=each.token) for each in Tokens.select() ] return render_template('list_devicerules.html', entries=[devices, tokens])
def create_tester_device(uid, deviceid): tester = Tester.objects(uid=int(uid)).first() device = Devices.objects(deviceid=int(deviceid)).first() if device in tester.devices: pass else: try: tester.update(push__devices=device) tester.save() except Exception as ex: print(ex) return TesterDevices(device=device.id, tester=tester.id)
def generate(): params_list = params.split(',') if int(params_list[0]) == 0 and int(params_list[1]) == 0: db_query = [dict(rid=drule.ruleid, did=Devices.get(Devices.deviceid==drule.deviceid.deviceid).devicename, tid=Tokens.get(Tokens.tokenid==drule.tokenid.tokenid).token, rule=drule.ruleline, condition=drule.cond, config=drule.configcommand) for drule in Devicerules.select()] elif int(params_list[0]) == 0: db_query = [dict(rid=drule.ruleid, did=Devices.get(Devices.deviceid==drule.deviceid.deviceid).devicename, tid=Tokens.get(Tokens.tokenid==drule.tokenid.tokenid).token, rule=drule.ruleline, condition=drule.cond, config=drule.configcommand) for drule in Devicerules.select().where(Devicerules.tokenid==params_list[1])] elif int(params_list[1]) == 0: db_query = [dict(rid=drule.ruleid, did=Devices.get(Devices.deviceid==drule.deviceid.deviceid).devicename, tid=Tokens.get(Tokens.tokenid==drule.tokenid.tokenid).token, rule=drule.ruleline, condition=drule.cond, config=drule.configcommand) for drule in Devicerules.select().where(Devicerules.deviceid==params_list[0])] else: db_query = [dict(rid=drule.ruleid, did=Devices.get(Devices.deviceid==drule.deviceid.deviceid).devicename, tid=Tokens.get(Tokens.tokenid==drule.tokenid.tokenid).token, rule=drule.ruleline, condition=drule.cond, config=drule.configcommand) for drule in Devicerules.select().where(Devicerules.deviceid==params_list[0], Devicerules.tokenid==params_list[1])] table_start = '<table class="table table-condensed"><tr><th>Device</th><th>Token</th><th>Rule line</th><th>Condition</th><th>Configuration command</th></tr>' q = '' for each in db_query: q += '<tr>' q += '<td>' + str(each.get('did')) + '</td>' q += '<td>' + str(each.get('tid')) + '</td>' q += '<td>' + str(each.get('rule')) + '</td>' q += '<td>' + str(each.get('condition')) + '</td>' q += '<td>' + str(each.get('config')) + '</td>' q += '</tr>' table_end = '</table>' res = table_start + q + table_end yield res
def register_profile(user_id): prof = Profiles.query.get(user_id) if prof is not None: raise APIException( 'A profile already exists with "id": ' + user_id, 400) req = request.get_json() utils.check_params(req, 'first_name', 'last_name', 'device_token') prof_data = { 'first_name': req['first_name'], 'last_name': req['last_name'], 'nickname': req.get('nickname'), 'hendon_url': req.get('hendon_url') } # Create user at Poker Society if there is none, get back pokersociety_id user = Users.query.get(user_id) resp = requests.post( os.environ['POKERSOCIETY_HOST'] + '/swapprofit/user', json={ 'api_token': utils.sha256(os.environ['POKERSOCIETY_API_TOKEN']), 'email': user.email, 'password': user.password, **prof_data }) if not resp.ok: raise APIException('Error creating user in Poker Society', 500) data = resp.json() db.session.add( Profiles(id=user_id, pokersociety_id=data['pokersociety_id'], **prof_data)) db.session.add(Devices(user_id=user_id, token=req['device_token'])) db.session.add(Transactions(user_id=user_id, coins=5)) db.session.commit() return jsonify({'message': 'ok'}), 200
def fill_entry(d, public_ip): port_status = "" MAC_address = "" Manufacturer = "" Service_info = "" OS_details = "" warnings = "" if (d.get("Port_status") == None): port_status = "none" else: port_status = d['Port_status'] if (d.get("MAC_address") == None): MAC_address = "none" else: MAC_address = d['MAC_address'] if (d.get("Manufacturer") == None): Manufacturer = "none" else: Manufacturer = d['Manufacturer'] if (d.get("Service_info") == None): Service_info = "none" else: Service_info = d['Service_info'] if (d.get("OS_details") == None): OS_details = "none" else: OS_details = d['OS_details'] if (d.get("warning") == None): warnings = "none" else: warnings = d['warning'] new_device = Devices(public_ip, d['IP_address'], port_status, MAC_address, Manufacturer, Service_info, OS_details, d['open_ports'], warnings) return (new_device)
def login(): req = request.get_json() check_params(req, 'email', 'password', 'device_token') print(os.environ['API_HOST']) user = Users.query.filter_by( email=req['email'], password=sha256(req['password']) ).first() if user is None: raise APIException('Sorry you entered the wrong email or password', 404) if user.status._value_ == 'invalid': raise APIException('Email not validated', 405) if user.status._value_ == 'suspended': raise APIException('Your account is suspended', 405) is_token_registered = \ Devices.query.filter_by( token=req['device_token'] ).first() is not None profile_exists = Profiles.query.get( user.id ) is not None if profile_exists and not is_token_registered: db.session.add( Devices( user_id = user.id, token = req['device_token'] )) db.session.commit() now = datetime.utcnow() identity = { 'id': user.id, 'role': 'user', 'exp': now + timedelta(days=60), 'sub': user.id, 'nbf': now, } print(identity) return jsonify({ 'jwt': jwt.encode(identity, os.environ['JWT_SECRET_KEY'], algorithm='HS256') }), 200
def register_profile(user_id): prof = Profiles.query.get(user_id) if prof is not None: raise APIException( 'A profile already exists with "id": ' + user_id, 400) req = request.get_json() utils.check_params(req, 'first_name', 'last_name', 'device_token') db.session.add( Profiles(id=user_id, first_name=req['first_name'], last_name=req['last_name'], nickname=req.get('nickname'), hendon_url=req.get('hendon_url'))) db.session.add(Devices(user_id=user_id, token=req['device_token'])) db.session.add(Transactions(user_id=user_id, coins=5)) db.session.commit() return jsonify({'message': 'ok'}), 200
def test_add_device_to_devices_table_insert_success(self): devices = Devices(deviceUdid=self.deviceUdid) devices.add_device_to_devices_table() self.assertIs(devices.pk, 1)
def show_devices(): entries = [dict(did=device.deviceid, dname=device.devicename, ddescr=device.description, dver=device.version) for device in Devices.select()] return render_template('show_devices.html', entries=entries)
def list_devicerules(): # select device devices = [dict(did=device.deviceid, dname=device.devicename) for device in Devices.select()] # select token tokens = [dict(tid=each.tokenid, tname=each.token) for each in Tokens.select()] return render_template('list_devicerules.html', entries=[devices, tokens])
def generate(): params_list = params.split(',') if int(params_list[0]) == 0 and int(params_list[1]) == 0: db_query = [ dict(rid=drule.ruleid, did=Devices.get(Devices.deviceid == drule.deviceid.deviceid).devicename, tid=Tokens.get( Tokens.tokenid == drule.tokenid.tokenid).token, rule=drule.ruleline, condition=drule.cond, config=drule.configcommand) for drule in Devicerules.select() ] elif int(params_list[0]) == 0: db_query = [ dict(rid=drule.ruleid, did=Devices.get(Devices.deviceid == drule.deviceid.deviceid).devicename, tid=Tokens.get( Tokens.tokenid == drule.tokenid.tokenid).token, rule=drule.ruleline, condition=drule.cond, config=drule.configcommand) for drule in Devicerules.select().where( Devicerules.tokenid == params_list[1]) ] elif int(params_list[1]) == 0: db_query = [ dict(rid=drule.ruleid, did=Devices.get(Devices.deviceid == drule.deviceid.deviceid).devicename, tid=Tokens.get( Tokens.tokenid == drule.tokenid.tokenid).token, rule=drule.ruleline, condition=drule.cond, config=drule.configcommand) for drule in Devicerules.select().where( Devicerules.deviceid == params_list[0]) ] else: db_query = [ dict(rid=drule.ruleid, did=Devices.get(Devices.deviceid == drule.deviceid.deviceid).devicename, tid=Tokens.get( Tokens.tokenid == drule.tokenid.tokenid).token, rule=drule.ruleline, condition=drule.cond, config=drule.configcommand) for drule in Devicerules.select().where( Devicerules.deviceid == params_list[0], Devicerules.tokenid == params_list[1]) ] table_start = '<table class="table table-condensed"><tr><th>Device</th><th>Token</th><th>Rule line</th><th>Condition</th><th>Configuration command</th></tr>' q = '' for each in db_query: q += '<tr>' q += '<td>' + str(each.get('did')) + '</td>' q += '<td>' + str(each.get('tid')) + '</td>' q += '<td>' + str(each.get('rule')) + '</td>' q += '<td>' + str(each.get('condition')) + '</td>' q += '<td>' + str(each.get('config')) + '</td>' q += '</tr>' table_end = '</table>' res = table_start + q + table_end yield res
def test_add_device_to_devices_table_duplicate_skip_insert(self): devices = Devices(deviceUdid=self.deviceUdid) devices.add_device_to_devices_table() self.assertIs(devices.pk, 1) devices.add_device_to_devices_table() self.assertIs(devices.pk, 1)
# buildDB.sql scripts automated in sql alchemy timestamp = time.time() current_date_timestamp = datetime.datetime.fromtimestamp(timestamp).strftime( '%Y-%m-%d %H:%M:%S') session = Session() nextTime = datetime.datetime.now() + datetime.timedelta(minutes=90) startTimeafter30Min = datetime.datetime.strftime(nextTime, "%Y-%m-%d %H:%M:%S") # inserting in Devices tables objects = [ Devices(deviceID="3", name='user', types='user', ipv4='100.0.0.105', ipv6='100.0.0.105', mac='0283ea6e1fe0'), Devices(deviceID="1", name='attacker', types='user', ipv4='100.0.0.103', ipv6='100.0.0.103', mac='024089e25896'), Devices(deviceID="2", name='qvm', types='qvm', ipv4='100.0.0.104', ipv6='100.0.0.104', mac='02744a0ec85d') ]
def create_device(id, description): return Devices(deviceid=int(id), description=description)
import time from models import Devices, Users,Qvm, Servers, SwitchDevices, Switches # buildDB.sql scripts automated in sql alchemy timestamp = time.time() current_date_timestamp = datetime.datetime.fromtimestamp(timestamp).strftime('%Y-%m-%d %H:%M:%S') session = Session() nextTime = datetime.datetime.now() + datetime.timedelta(minutes = 90) startTimeafter30Min = datetime.datetime.strftime(nextTime, "%Y-%m-%d %H:%M:%S") # inserting in Devices tables objects = [ Devices(deviceID="1", name='user1', types='user', ipv4='10.0.0.107', ipv6='10.0.0.107', mac='0283ea6e1fe0'), Devices(deviceID="2", name='user2', types='user', ipv4='10.0.0.109', ipv6='10.0.0.109', mac='0245dbc7d81f'), Devices(deviceID="3", name='attacker1', types='user', ipv4='10.0.0.108', ipv6='10.0.0.108', mac='024089e25896'), Devices(deviceID="4", name='attacker2', types='user', ipv4='10.0.0.110', ipv6='10.0.0.110', mac='0243b69c46be'), Devices(deviceID="5", name='attacker3', types='user', ipv4='10.0.0.106', ipv6='10.0.0.106', mac='026c160681b5'), Devices(deviceID="6", name='qvm', types='qvm', ipv4='10.0.0.105', ipv6='10.0.0.105', mac='02744a0ec85d') ] session.bulk_save_objects(objects) session.commit() # inserting in Users tables objects = [ Users(userUID="1", username='******', ipAddressuserIP='10.0.0.107',connectionStartTime=current_date_timestamp,connectionStopTime=None), Users(userUID="2", username='******', ipAddressuserIP='10.0.0.109',connectionStartTime=startTimeafter30Min,connectionStopTime=None), Users(userUID="3", username='******', ipAddressuserIP='10.0.0.108',connectionStartTime=current_date_timestamp,connectionStopTime=None), Users(userUID="4", username='******', ipAddressuserIP='10.0.0.110',connectionStartTime=startTimeafter30Min,connectionStopTime=None),