def post(self, request): policy = None agent = None # Determine if adding check to Policy or Agent if "policy" in request.data: policy = get_object_or_404(Policy, id=request.data["policy"]) # Object used for filter and save parent = {"policy": policy} else: agent = get_object_or_404(Agent, pk=request.data["pk"]) parent = {"agent": agent} script = None if "script" in request.data["check"]: script = get_object_or_404(Script, pk=request.data["check"]["script"]) serializer = CheckSerializer(data=request.data["check"], partial=True, context=parent) serializer.is_valid(raise_exception=True) obj = serializer.save(**parent, script=script) # Generate policy Checks if policy: generate_agent_checks_from_policies_task.delay(policypk=policy.pk) elif agent: agent.generate_checks_from_policies() return Response(f"{obj.readable_desc} was added!")
def post(self, request): policy = None agent = None # Determine if adding check to Policy or Agent if "policy" in request.data: policy = get_object_or_404(Policy, id=request.data["policy"]) # Object used for filter and save parent = {"policy": policy} else: agent = get_object_or_404(Agent, pk=request.data["pk"]) parent = {"agent": agent} script = None if "script" in request.data["check"]: script = get_object_or_404(Script, pk=request.data["check"]["script"]) # set event id to 0 if wildcard because it needs to be an integer field for db # will be ignored anyway by the agent when doing wildcard check if (request.data["check"]["check_type"] == "eventlog" and request.data["check"]["event_id_is_wildcard"]): if agent and agent.not_supported(version_added="0.10.2"): return notify_error({ "non_field_errors": "Wildcard is only available in agent 0.10.2 or greater" }) request.data["check"]["event_id"] = 0 serializer = CheckSerializer(data=request.data["check"], partial=True, context=parent) serializer.is_valid(raise_exception=True) obj = serializer.save(**parent, script=script) # Generate policy Checks if policy: generate_agent_checks_from_policies_task.delay(policypk=policy.pk) elif agent: checks = agent.agentchecks.filter(check_type=obj.check_type, managed_by_policy=True) # Should only be one duplicate_check = [ check for check in checks if check.is_duplicate(obj) ] if duplicate_check: policy = Check.objects.get( pk=duplicate_check[0].parent_check).policy if policy.enforced: obj.overriden_by_policy = True obj.save() else: duplicate_check[0].delete() return Response(f"{obj.readable_desc} was added!")
def post(self, request): if "policy" in request.data.keys(): from automation.tasks import generate_agent_checks_from_policies_task generate_agent_checks_from_policies_task.delay( request.data["policy"], create_tasks=True) return Response("ok") else: return notify_error("The request was invalid")
def save(self, *args, **kwargs): from automation.tasks import generate_agent_checks_from_policies_task # get old policy if exists old_policy = type(self).objects.get(pk=self.pk) if self.pk else None super(BaseAuditModel, self).save(*args, **kwargs) # generate agent checks only if active and enforced were changed if old_policy: if old_policy.active != self.active or old_policy.enforced != self.enforced: generate_agent_checks_from_policies_task.delay( policypk=self.pk, create_tasks=True, )
def post(self, request): policy = None agent = None # Determine if adding check to Policy or Agent if "policy" in request.data: policy = get_object_or_404(Policy, id=request.data["policy"]) # Object used for filter and save parent = {"policy": policy} else: agent = get_object_or_404(Agent, pk=request.data["pk"]) parent = {"agent": agent} script = None if "script" in request.data["check"]: script = get_object_or_404(Script, pk=request.data["check"]["script"]) serializer = CheckSerializer(data=request.data["check"], partial=True, context=parent) serializer.is_valid(raise_exception=True) obj = serializer.save(**parent, script=script) # Generate policy Checks if policy: generate_agent_checks_from_policies_task.delay(policypk=policy.pk) elif agent: checks = agent.agentchecks.filter(check_type=obj.check_type, managed_by_policy=True) # Should only be one duplicate_check = [ check for check in checks if check.is_duplicate(obj) ] if duplicate_check: policy = Check.objects.get( pk=duplicate_check[0].parent_check).policy if policy.enforced: obj.overriden_by_policy = True obj.save() else: duplicate_check[0].delete() return Response(f"{obj.readable_desc} was added!")
def delete(self, request, pk): check = get_object_or_404(Check, pk=pk) # Policy check deleted if check.policy: delete_policy_check_task.delay(checkpk=check.pk) # Re-evaluate agent checks is policy was enforced if check.policy.enforced: generate_agent_checks_from_policies_task.delay( policypk=check.policy.pk) # Agent check deleted elif check.agent: check.agent.generate_checks_from_policies() check.delete() return Response(f"{check.readable_desc} was deleted!")