def delete(self, audit_id): """ .. http:delete:: /api/1/issues/1234/justification Remove a justification on an audit issue on a specific item. **Example Request**: .. sourcecode:: http DELETE /api/1/issues/1234/justification HTTP/1.1 Host: example.com Accept: application/json **Example Response**: .. sourcecode:: http HTTP/1.1 202 OK Vary: Accept Content-Type: application/json { "status": "deleted" } :statuscode 202: Accepted :statuscode 401: Authentication Error. Please Login. """ auth, retval = __check_auth__(self.auth_dict) if auth: return retval if not __check_admin__(): return {"Error": "You must be an admin to delete justifications"}, 403 item = ItemAudit.query.filter(ItemAudit.id == audit_id).first() if not item: return {"Error": "Item with audit_id {} not found".format(audit_id)}, 404 item.justified_user_id = None item.justified = False item.justified_date = None item.justification = None db.session.add(item) db.session.commit() return {"status": "deleted"}, 202
def delete(self, account_id): """ .. http:delete:: /api/1/account/1 Delete an account. **Example Request**: .. sourcecode:: http DELETE /api/1/account/1 HTTP/1.1 Host: example.com Accept: application/json **Example Response**: .. sourcecode:: http HTTP/1.1 202 Accepted Vary: Accept Content-Type: application/json { 'status': 'deleted' } :statuscode 202: accepted :statuscode 401: Authentication Error. Please Login. """ auth, retval = __check_auth__(self.auth_dict) if auth: return retval if not __check_admin__(): return {"Error": "You must be an admin to edit accounts"}, 403 # Need to unsubscribe any users first: users = User.query.filter(User.accounts.any(Account.id == account_id)).all() for user in users: user.accounts = [account for account in user.accounts if not account.id == account_id] db.session.add(user) db.session.commit() account = Account.query.filter(Account.id == account_id).first() db.session.delete(account) db.session.commit() return {'status': 'deleted'}, 202
def put(self, as_id): """ .. http:put:: /api/1/auditorsettings/<int ID> Update an AuditorSetting **Example Request**: .. sourcecode:: http PUT /api/1/auditorsettings/1 HTTP/1.1 Host: example.com Accept: application/json, text/javascript { account: "aws-account-name", disabled: false, id: 1, issue: "User with password login.", technology: "iamuser" } **Example Response**: .. sourcecode:: http HTTP/1.1 200 OK Content-Type: application/json :statuscode 200: no error :statuscode 401: Authentication failure. Please login. """ auth, retval = __check_auth__(self.auth_dict) if auth: return retval if not __check_admin__(): return {"Error": "You must be an admin to edit the auditor settings"}, 403 self.reqparse.add_argument('disabled', type=bool, required=True, location='json') args = self.reqparse.parse_args() disabled = args.pop('disabled', None) results = AuditorSettings.query.get(as_id) results.disabled = disabled db.session.add(results) db.session.commit() return 200
def delete(self, item_id): """ .. http:delete:: /api/1/ignorelistentries/123 Delete a ignorelist entry. **Example Request**: .. sourcecode:: http DELETE /api/1/ignorelistentries/123 HTTP/1.1 Host: example.com Accept: application/json **Example Response**: .. sourcecode:: http HTTP/1.1 202 Accepted Vary: Accept Content-Type: application/json { 'status': 'deleted' } :statuscode 202: accepted :statuscode 401: Authentication Error. Please Login. """ auth, retval = __check_auth__(self.auth_dict) if auth: return retval if not __check_admin__(): return {"Error": "You must be an admin to edit the ignore list"}, 403 IgnoreListEntry.query.filter(IgnoreListEntry.id == item_id).delete() db.session.commit() return {'status': 'deleted'}, 202
def put(self, account_id): """ .. http:put:: /api/1/account/1 Edit an existing account. **Example Request**: .. sourcecode:: http PUT /api/1/account/1 HTTP/1.1 Host: example.com Accept: application/json { 'name': 'edited_account' 's3_name': 'edited_account', 'number': '0123456789', 'notes': 'this account is for ...', 'role_name': 'CustomRole', 'active': true, 'third_party': false } **Example Response**: .. sourcecode:: http HTTP/1.1 200 OK Vary: Accept Content-Type: application/json { 'name': 'edited_account' 's3_name': 'edited_account', 'number': '0123456789', 'notes': 'this account is for ...', 'role_name': 'CustomRole', 'active': true, 'third_party': false } :statuscode 200: no error :statuscode 401: Authentication Error. Please Login. """ auth, retval = __check_auth__(self.auth_dict) if auth: return retval if not __check_admin__(): return {"Error": "You must be an admin to edit accounts"}, 403 self.reqparse.add_argument('name', required=False, type=unicode, help='Must provide account name', location='json') self.reqparse.add_argument('s3_name', required=False, type=unicode, help='Will use name if s3_name not provided.', location='json') self.reqparse.add_argument('number', required=False, type=unicode, help='Add the account number if available.', location='json') self.reqparse.add_argument('notes', required=False, type=unicode, help='Add context.', location='json') self.reqparse.add_argument('role_name', required=False, type=unicode, help='Custom role name.', location='json') self.reqparse.add_argument('active', required=False, type=bool, help='Determines whether this account should be interrogated by security monkey.', location='json') self.reqparse.add_argument('third_party', required=False, type=bool, help='Determines whether this account is a known friendly third party account.', location='json') args = self.reqparse.parse_args() account = Account.query.filter(Account.id == account_id).first() if not account: return {'status': 'error. Account ID not found.'}, 404 account.name = args['name'] account.s3_name = args['s3_name'] account.number = args['number'] account.notes = args['notes'] account.role_name = args['role_name'] account.active = args['active'] account.third_party = args['third_party'] db.session.add(account) db.session.commit() db.session.refresh(account) marshaled_account = marshal(account.__dict__, ACCOUNT_FIELDS) marshaled_account['auth'] = self.auth_dict return marshaled_account, 200
def put(self, item_id): """ .. http:get:: /api/1/ignorelistentries/<int:id> Update the ignorelist entry with the given ID. **Example Request**: .. sourcecode:: http PUT /api/1/ignorelistentries/123 HTTP/1.1 Host: example.com Accept: application/json, text/javascript { "id": 123, "prefix": "noisy_", "notes": "Security Monkey shouldn't track noisy_* objects", "technology": "securitygroup" } **Example Response**: .. sourcecode:: http HTTP/1.1 200 OK Vary: Accept Content-Type: application/json { "id": 123, "prefix": "noisy_", "notes": "Security Monkey shouldn't track noisy_* objects", "technology": "securitygroup", auth: { authenticated: true, user: "******" } } :statuscode 200: no error :statuscode 404: item with given ID not found :statuscode 401: Authentication failure. Please login. """ auth, retval = __check_auth__(self.auth_dict) if auth: return retval if not __check_admin__(): return {"Error": "You must be an admin to edit the ignore list"}, 403 self.reqparse.add_argument('prefix', required=True, type=unicode, help='A prefix must be provided which matches the objects you wish to ignore.', location='json') self.reqparse.add_argument('notes', required=False, type=unicode, help='Add context.', location='json') self.reqparse.add_argument('technology', required=True, type=unicode, help='Network CIDR required.', location='json') args = self.reqparse.parse_args() prefix = args['prefix'] technology = args.get('technology', True) notes = args.get('notes', None) result = IgnoreListEntry.query.filter(IgnoreListEntry.id == item_id).first() if not result: return {"status": "Whitelist entry with the given ID not found."}, 404 result.prefix = prefix result.notes = notes technology = Technology.query.filter(Technology.name == technology).first() if not technology: return {"status": "Could not find a technology with the given name"}, 500 result.tech_id = technology.id db.session.add(result) db.session.commit() db.session.refresh(result) whitelistentry_marshaled = marshal(result.__dict__, IGNORELIST_FIELDS) whitelistentry_marshaled['technology'] = result.technology.name whitelistentry_marshaled['auth'] = self.auth_dict return whitelistentry_marshaled, 200
def post(self): """ .. http:post:: /api/1/ignorelistentries Create a new CIDR whitelist entry. **Example Request**: .. sourcecode:: http POST /api/1/ignorelistentries HTTP/1.1 Host: example.com Accept: application/json { "prefix": "noisy_", "notes": "Security Monkey shouldn't track noisy_* objects", "technology": "securitygroup" } **Example Response**: .. sourcecode:: http HTTP/1.1 201 Created Vary: Accept Content-Type: application/json { "id": 123, "prefix": "noisy_", "notes": "Security Monkey shouldn't track noisy_* objects", "technology": "securitygroup" } :statuscode 201: created :statuscode 401: Authentication Error. Please Login. """ auth, retval = __check_auth__(self.auth_dict) if auth: return retval if not __check_admin__(): return {"Error": "You must be an admin to edit the ignore list"}, 403 self.reqparse.add_argument('prefix', required=True, type=unicode, help='A prefix must be provided which matches the objects you wish to ignore.', location='json') self.reqparse.add_argument('notes', required=False, type=unicode, help='Add context.', location='json') self.reqparse.add_argument('technology', required=True, type=unicode, help='Network CIDR required.', location='json') args = self.reqparse.parse_args() prefix = args['prefix'] technology = args.get('technology', True) notes = args.get('notes', None) entry = IgnoreListEntry() entry.prefix = prefix if notes: entry.notes = notes technology = Technology.query.filter(Technology.name == technology).first() if not technology: return {"status": "Could not find a technology with the given name"}, 500 entry.tech_id = technology.id db.session.add(entry) db.session.commit() db.session.refresh(entry) ignorelistentry_marshaled = marshal(entry.__dict__, IGNORELIST_FIELDS) ignorelistentry_marshaled['technology'] = entry.technology.name ignorelistentry_marshaled['auth'] = self.auth_dict return ignorelistentry_marshaled, 201
def post(self, audit_id): """ .. http:post:: /api/1/issues/1234/justification Justify an audit issue on a specific item. **Example Request**: .. sourcecode:: http POST /api/1/issues/1234/justification HTTP/1.1 Host: example.com Accept: application/json { 'justification': 'I promise not to abuse this.' } **Example Response**: .. sourcecode:: http HTTP/1.1 201 OK Vary: Accept Content-Type: application/json { "result": { "justification": "I promise not to abuse this.", "issue": "Example Issue", "notes": "Example Notes", "score": 0, "item_id": 11890, "justified_user": "******", "justified": true, "justified_date": "2014-06-19 21:45:58.779168", "id": 1234 }, "auth": { "authenticated": true, "user": "******" } } :statuscode 201: no error :statuscode 401: Authentication Error. Please Login. """ auth, retval = __check_auth__(self.auth_dict) if auth: return retval if not __check_admin__(): return {"Error": "You must be an admin to justify issues"}, 403 self.reqparse.add_argument('justification', required=False, type=str, help='Must provide justification', location='json') args = self.reqparse.parse_args() item = ItemAudit.query.filter(ItemAudit.id == audit_id).first() if not item: return {"Error": "Item with audit_id {} not found".format(audit_id)}, 404 item.justified_user_id = current_user.id item.justified = True item.justified_date = datetime.datetime.utcnow() item.justification = args['justification'] db.session.add(item) db.session.commit() db.session.refresh(item) retdict = {'auth': self.auth_dict} if item.user: retdict['result'] = dict( marshal(item.__dict__, AUDIT_FIELDS).items() + {"justified_user": item.user.email}.items()) else: retdict['result'] = dict( marshal(item.__dict__, AUDIT_FIELDS).items() + {"justified_user": None}.items()) return retdict, 200
def put(self, item_id): """ .. http:get:: /api/1/whitelistcidrs/<int:id> Update the whitelist entry with the given ID. **Example Request**: .. sourcecode:: http PUT /api/1/whitelistcidrs/123 HTTP/1.1 Host: example.com Accept: application/json, text/javascript { "id": 123, "name": "Corp", "notes": "Corporate Network - New", "cidr": "2.2.0.0/16" } **Example Response**: .. sourcecode:: http HTTP/1.1 200 OK Vary: Accept Content-Type: application/json { "id": 123, "name": "Corp", "notes": "Corporate Network - New", "cidr": "2.2.0.0/16", auth: { authenticated: true, user: "******" } } :statuscode 200: no error :statuscode 404: item with given ID not found :statuscode 401: Authentication failure. Please login. """ auth, retval = __check_auth__(self.auth_dict) if auth: return retval if not __check_admin__(): return {"Error": "You must be an admin to edit the whitelist"}, 403 self.reqparse.add_argument( "name", required=True, type=unicode, help="Must provide account name", location="json" ) self.reqparse.add_argument("cidr", required=True, type=unicode, help="Network CIDR required.", location="json") self.reqparse.add_argument("notes", required=False, type=unicode, help="Add context.", location="json") args = self.reqparse.parse_args() name = args["name"] cidr = args.get("cidr", True) notes = args.get("notes", None) result = NetworkWhitelistEntry.query.filter(NetworkWhitelistEntry.id == item_id).first() if not result: return {"status": "Whitelist entry with the given ID not found."}, 404 result.name = name result.cidr = cidr result.notes = notes db.session.add(result) db.session.commit() db.session.refresh(result) whitelistentry_marshaled = marshal(result.__dict__, WHITELIST_FIELDS) whitelistentry_marshaled["auth"] = self.auth_dict return whitelistentry_marshaled, 200
def post(self): """ .. http:post:: /api/1/whitelistcidrs Create a new CIDR whitelist entry. **Example Request**: .. sourcecode:: http POST /api/1/whitelistcidrs HTTP/1.1 Host: example.com Accept: application/json { "name": "Corp", "notes": "Corporate Network", "cidr": "1.2.3.4/22" } **Example Response**: .. sourcecode:: http HTTP/1.1 201 Created Vary: Accept Content-Type: application/json { "id": 123, "name": "Corp", "notes": "Corporate Network", "cidr": "1.2.3.4/22" } :statuscode 201: created :statuscode 401: Authentication Error. Please Login. """ auth, retval = __check_auth__(self.auth_dict) if auth: return retval if not __check_admin__(): return {"Error": "You must be an admin to change the whitelist"}, 403 self.reqparse.add_argument( "name", required=True, type=unicode, help="Must provide account name", location="json" ) self.reqparse.add_argument("cidr", required=True, type=unicode, help="Network CIDR required.", location="json") self.reqparse.add_argument("notes", required=False, type=unicode, help="Add context.", location="json") args = self.reqparse.parse_args() name = args["name"] cidr = args.get("cidr", True) notes = args.get("notes", None) whitelist_entry = NetworkWhitelistEntry() whitelist_entry.name = name whitelist_entry.cidr = cidr if notes: whitelist_entry.notes = notes db.session.add(whitelist_entry) db.session.commit() db.session.refresh(whitelist_entry) whitelistentry_marshaled = marshal(whitelist_entry.__dict__, WHITELIST_FIELDS) whitelistentry_marshaled["auth"] = self.auth_dict return whitelistentry_marshaled, 201