def comment_add(cleaned_data, obj_type, obj_id, method, subscr, analyst): """ Add a new comment. :param cleaned_data: Cleaned data from the Django form submission. :type cleaned_data: dict :param obj_type: The top-level object type to add the comment to. :type obj_type: str :param obj_id: The top-level ObjectId to add the comment to. :type obj_id: str :param method: If this is a reply or not (set method to "reply"). :type method: str :param subscr: The subscription information for the top-level object. :type subscr: dict :param analyst: The user adding the comment. :type analyst: str :returns: dict with keys: 'success' (boolean), 'message': (str), 'html' (str) if successful. """ comment = Comment() comment.comment = cleaned_data['comment'] comment.parse_comment() comment.set_parent_object(obj_type, obj_id) if method == "reply": comment.set_parent_comment(cleaned_data['parent_date'], cleaned_data['parent_analyst']) comment.analyst = analyst comment.set_url_key(cleaned_data['url_key']) source = create_embedded_source(name=get_user_organization(analyst), analyst=analyst) comment.source = [source] try: comment.save(username=analyst) # this is silly :( in the comment object the dates are still # accurate to .###### seconds, but in the database are only # accurate to .### seconds. This messes with the template's ability # to compare creation and edit times. comment.reload() comment.comment_to_html() html = render_to_string( 'comments_row_widget.html', { 'comment': comment, 'user': { 'username': analyst }, 'subscription': subscr }) message = "Comment added successfully!" result = {'success': True, 'html': html, 'message': message} except ValidationError, e: result = {'success': False, 'message': e}
def comment_add(cleaned_data, obj_type, obj_id, method, subscr, analyst): """ Add a new comment. :param cleaned_data: Cleaned data from the Django form submission. :type cleaned_data: dict :param obj_type: The top-level object type to add the comment to. :type obj_type: str :param obj_id: The top-level ObjectId to add the comment to. :type obj_id: str :param method: If this is a reply or not (set method to "reply"). :type method: str :param subscr: The subscription information for the top-level object. :type subscr: dict :param analyst: The user adding the comment. :type analyst: str :returns: dict with keys: 'success' (boolean), 'message': (str), 'html' (str) if successful. """ comment = Comment() comment.comment = cleaned_data['comment'] comment.parse_comment() comment.set_parent_object(obj_type, obj_id) if method == "reply": comment.set_parent_comment(cleaned_data['parent_date'], cleaned_data['parent_analyst']) comment.analyst = analyst comment.set_url_key(cleaned_data['url_key']) source = create_embedded_source(name=get_user_organization(analyst), analyst=analyst) comment.source = [source] try: comment.save(username=analyst) # this is silly :( in the comment object the dates are still # accurate to .###### seconds, but in the database are only # accurate to .### seconds. This messes with the template's ability # to compare creation and edit times. comment.reload() comment.comment_to_html() html = render_to_string('comments_row_widget.html', {'comment': comment, 'user': {'username': analyst}, 'subscription': subscr}) message = "Comment added successfully!" result = {'success': True, 'html': html, 'message': message} except ValidationError, e: result = {'success': False, 'message': e}
def dataset_add_update(name, description=None, source=None, method='', reference='', analyst=None, bucket_list=None, ticket=None, is_validate_only=False, cache={}, related_id=None, related_type=None, relationship_type=None): retVal = {} if not source: return {"success" : False, "message" : "Missing source information."} is_item_new = False dataset_object = None cached_results = cache.get(form_consts.Dataset.CACHED_RESULTS) if cached_results != None: dataset_object = cached_results.get(name) else: dataset_object = Dataset.objects(name=name).first() if not dataset_object: dataset_object = Dataset() dataset_object.name = name dataset_object.description = description is_item_new = True if cached_results != None: cached_results[name] = dataset_object if not dataset_object.description: dataset_object.description = description or '' elif dataset_object.description != description: if description: dataset_object.description += "\n" + (description or '') if isinstance(source, basestring): source = [create_embedded_source(source, reference=reference, method=method, analyst=analyst)] if source: for s in source: dataset_object.add_source(s) else: return {"success" : False, "message" : "Missing source information."} if bucket_list: dataset_object.add_bucket_list(bucket_list, analyst) if ticket: dataset_object.add_ticket(ticket, analyst) related_obj = None if related_id: related_obj = class_from_id(related_type, related_id) if not related_obj: retVal['success'] = False retVal['message'] = 'Related Object not found.' return retVal resp_url = reverse('cripts.datasets.views.email_address_detail', args=[dataset_object.name]) if is_validate_only == False: dataset_object.save(username=analyst) #set the URL for viewing the new data if is_item_new == True: # Update the email stats counts = mongo_connector(settings.COL_COUNTS) count_stats = counts.find_one({'name': 'counts'}) if not count_stats or ('counts' not in count_stats): count_stats = {'counts':{}} if 'Datasets' not in count_stats['counts']: count_stats['counts']['Datasets'] = 0 else: count_stats['counts']['Datasets'] = count_stats['counts']['Datasets'] + 1 counts.update({'name': "counts"}, {'$set': {'counts': count_stats['counts']}}, upsert=True) retVal['message'] = ('Success! Click here to view the new Dataset: ' '<a href="%s">%s</a>' % (resp_url, dataset_object.name)) else: message = ('Updated existing Dataset: ' '<a href="%s">%s</a>' % (resp_url, dataset_object.name)) retVal['message'] = message retVal['status'] = form_consts.Status.DUPLICATE retVal['warning'] = message elif is_validate_only == True: if dataset_object.id != None and is_item_new == False: message = ('Warning: Dataset already exists: ' '<a href="%s">%s</a>' % (resp_url, dataset_object.name)) retVal['message'] = message retVal['status'] = form_consts.Status.DUPLICATE retVal['warning'] = message if related_obj and email_object and relationship_type: relationship_type=RelationshipTypes.inverse(relationship=relationship_type) dataset_object.add_relationship(related_obj, relationship_type, analyst=analyst, get_rels=False) dataset_object.save(username=analyst) # run dataset triage if is_item_new and is_validate_only == False: dataset_object.reload() run_triage(dataset_object, analyst) retVal['success'] = True retVal['object'] = dataset_object return retVal
def email_address_add_update(address, description=None, source=None, method='', reference='', analyst=None, datasets=None, bucket_list=None, ticket=None, is_validate_only=False, cache={}, related_id=None, related_type=None, relationship_type=None): retVal = {} if not source: return {"success" : False, "message" : "Missing source information."} # Parse out the e-mail address. Return an error if it looks invalid, (aka missing the @, has whitespace, etc) try: if ' ' in address: raise ValueError local_name, domain_part = address.strip().split('@', 1) if len(local_name) == 0 or len(domain_part) == 0: raise ValueError # lowercase the domain name and recreate the e-mail address address = '@'.join([local_name, domain_part.lower()]) except ValueError: return {'success': False, 'message': "Invalid Email Address Format"} is_item_new = False email_object = None cached_results = cache.get(form_consts.EmailAddress.CACHED_RESULTS) if cached_results != None: email_object = cached_results.get(address) else: email_object = EmailAddress.objects(address=address).first() if not email_object: email_object = EmailAddress() email_object.address = address email_object.description = description email_object.local_name = local_name email_object.domain = domain_part.lower() is_item_new = True if cached_results != None: cached_results[address] = email_object if not email_object.description: email_object.description = description or '' elif email_object.description != description: if description: email_object.description += "\n" + (description or '') if isinstance(source, basestring): source = [create_embedded_source(source, reference=reference, method=method, analyst=analyst)] if source: for s in source: email_object.add_source(s) else: return {"success" : False, "message" : "Missing source information."} if bucket_list: email_object.add_bucket_list(bucket_list, analyst) if ticket: email_object.add_ticket(ticket, analyst) related_obj = None if related_id: related_obj = class_from_id(related_type, related_id) if not related_obj: retVal['success'] = False retVal['message'] = 'Related Object not found.' return retVal resp_url = reverse('cripts.email_addresses.views.email_address_detail', args=[email_object.address]) if is_validate_only == False: email_object.save(username=analyst) #set the URL for viewing the new data if is_item_new == True: # Update the email stats counts = mongo_connector(settings.COL_COUNTS) count_stats = counts.find_one({'name': 'counts'}) if not count_stats or ('counts' not in count_stats): count_stats = {'counts':{}} if 'Email Addresses' not in count_stats['counts']: count_stats['counts']['Email Addresses'] = 0 else: count_stats['counts']['Email Addresses'] = count_stats['counts']['Email Addresses'] + 1 counts.update({'name': "counts"}, {'$set': {'counts': count_stats['counts']}}, upsert=True) retVal['message'] = ('Success! Click here to view the new Email: ' '<a href="%s">%s</a>' % (resp_url, email_object.address)) else: message = ('Updated existing Email: ' '<a href="%s">%s</a>' % (resp_url, email_object.address)) retVal['message'] = message retVal['status'] = form_consts.Status.DUPLICATE retVal['warning'] = message elif is_validate_only == True: if email_object.id != None and is_item_new == False: message = ('Warning: Email already exists: ' '<a href="%s">%s</a>' % (resp_url, email_object.address)) retVal['message'] = message retVal['status'] = form_consts.Status.DUPLICATE retVal['warning'] = message if related_obj and email_object and relationship_type: relationship_type=RelationshipTypes.inverse(relationship=relationship_type) email_object.add_relationship(related_obj, relationship_type, analyst=analyst, get_rels=False) email_object.save(username=analyst) # run email triage if is_item_new and is_validate_only == False: email_object.reload() run_triage(email_object, analyst) retVal['success'] = True retVal['object'] = email_object return retVal
def add_new_event(title, description, event_type, source, method, reference, date, analyst, bucket_list=None, ticket=None, related_id=None, related_type=None, relationship_type=None): """ Add a new Event to CRIPTs. :param title: Event title. :type title: str :param description: Event description. :type description: str :param event_type: Event type. :type event_type: str :param source: The source which provided this information. :type source: str :param method: THe method of acquiring this information. :type method: str :param reference: Reference to this data. :type reference: str :param date: Date of acquiring this data. :type date: datetime.datetime :param analyst: The user adding this Event. :type analyst: str :param bucket_list: The bucket(s) to associate with this Event. :type: str :param ticket: Ticket to associate with this event. :type ticket: str :param related_id: ID of object to create relationship with :type related_id: str :param related_type: Type of object to create relationship with :type related_type: str :param relationship_type: Type of relationship to create. :type relationship_type: str :returns: dict with keys "success" (boolean) and "message" (str) """ result = dict() if not source: return {'success': False, 'message': "Missing source information."} event = Event() event.title = title event.description = description event.set_event_type(event_type) s = create_embedded_source(name=source, reference=reference, method=method, analyst=analyst, date=date) event.add_source(s) if bucket_list: event.add_bucket_list(bucket_list, analyst) if ticket: event.add_ticket(ticket, analyst) related_obj = None if related_id: related_obj = class_from_id(related_type, related_id) if not related_obj: retVal['success'] = False retVal['message'] = 'Related Object not found.' return retVal try: event.save(username=analyst) if related_obj and event and relationship_type: relationship_type = RelationshipTypes.inverse( relationship=relationship_type) event.add_relationship(related_obj, relationship_type, analyst=analyst, get_rels=False) event.save(username=analyst) # run event triage event.reload() run_triage(event, analyst) message = ('<div>Success! Click here to view the new event: <a href=' '"%s">%s</a></div>' % (reverse('cripts.events.views.view_event', args=[event.id ]), title)) result = { 'success': True, 'message': message, 'id': str(event.id), 'object': event } except ValidationError, e: result = {'success': False, 'message': e}
def dataset_add_update(name, description=None, source=None, method='', reference='', analyst=None, bucket_list=None, ticket=None, is_validate_only=False, cache={}, related_id=None, related_type=None, relationship_type=None): retVal = {} if not source: return {"success" : False, "message" : "Missing source information."} is_item_new = False dataset_object = None cached_results = cache.get(form_consts.Dataset.CACHED_RESULTS) if cached_results != None: dataset_object = cached_results.get(name) else: dataset_object = Dataset.objects(name=name).first() if not dataset_object: dataset_object = Dataset() dataset_object.name = name dataset_object.description = description is_item_new = True if cached_results != None: cached_results[name] = dataset_object if not dataset_object.description: dataset_object.description = description or '' elif dataset_object.description != description: if description: dataset_object.description += "\n" + (description or '') if isinstance(source, basestring): source = [create_embedded_source(source, reference=reference, method=method, analyst=analyst)] if source: for s in source: dataset_object.add_source(s) else: return {"success" : False, "message" : "Missing source information."} if bucket_list: dataset_object.add_bucket_list(bucket_list, analyst) if ticket: dataset_object.add_ticket(ticket, analyst) related_obj = None if related_id: related_obj = class_from_id(related_type, related_id) if not related_obj: retVal['success'] = False retVal['message'] = 'Related Object not found.' return retVal resp_url = reverse('cripts.datasets.views.dataset_detail', args=[dataset_object.name]) if is_validate_only == False: dataset_object.save(username=analyst) #set the URL for viewing the new data if is_item_new == True: # Update the dataset stats counts = mongo_connector(settings.COL_COUNTS) count_stats = counts.find_one({'name': 'counts'}) if not count_stats or ('counts' not in count_stats): count_stats = {'counts':{}} if 'Datasets' not in count_stats['counts']: count_stats['counts']['Datasets'] = 0 else: count_stats['counts']['Datasets'] = count_stats['counts']['Datasets'] + 1 counts.update({'name': "counts"}, {'$set': {'counts': count_stats['counts']}}, upsert=True) retVal['message'] = ('Success! Click here to view the new Dataset: ' '<a href="%s">%s</a>' % (resp_url, dataset_object.name)) else: message = ('Updated existing Dataset: ' '<a href="%s">%s</a>' % (resp_url, dataset_object.name)) retVal['message'] = message retVal['status'] = form_consts.Status.DUPLICATE retVal['warning'] = message elif is_validate_only == True: if dataset_object.id != None and is_item_new == False: message = ('Warning: Dataset already exists: ' '<a href="%s">%s</a>' % (resp_url, dataset_object.name)) retVal['message'] = message retVal['status'] = form_consts.Status.DUPLICATE retVal['warning'] = message if related_obj and email_object and relationship_type: relationship_type=RelationshipTypes.inverse(relationship=relationship_type) dataset_object.add_relationship(related_obj, relationship_type, analyst=analyst, get_rels=False) dataset_object.save(username=analyst) # run dataset triage if is_item_new and is_validate_only == False: dataset_object.reload() run_triage(dataset_object, analyst) retVal['success'] = True retVal['object'] = dataset_object return retVal
def email_address_add_update(address, description=None, source=None, method='', reference='', analyst=None, datasets=None, bucket_list=None, ticket=None, is_validate_only=False, cache={}, related_id=None, related_type=None, relationship_type=None): retVal = {} if not source: return {"success": False, "message": "Missing source information."} # Parse out the e-mail address. Return an error if it looks invalid, (aka missing the @, has whitespace, etc) try: if ' ' in address: raise ValueError local_name, domain_part = address.strip().split('@', 1) if len(local_name) == 0 or len(domain_part) == 0: raise ValueError # lowercase the domain name and recreate the e-mail address address = '@'.join([local_name, domain_part.lower()]) except ValueError: return {'success': False, 'message': "Invalid Email Address Format"} is_item_new = False email_object = None cached_results = cache.get(form_consts.EmailAddress.CACHED_RESULTS) if cached_results != None: email_object = cached_results.get(address) else: email_object = EmailAddress.objects(address=address).first() if not email_object: email_object = EmailAddress() email_object.address = address email_object.description = description email_object.local_name = local_name email_object.domain = domain_part.lower() is_item_new = True if cached_results != None: cached_results[address] = email_object if not email_object.description: email_object.description = description or '' elif email_object.description != description: if description: email_object.description += "\n" + (description or '') if isinstance(source, basestring): source = [ create_embedded_source(source, reference=reference, method=method, analyst=analyst) ] if source: for s in source: email_object.add_source(s) else: return {"success": False, "message": "Missing source information."} if bucket_list: email_object.add_bucket_list(bucket_list, analyst) if ticket: email_object.add_ticket(ticket, analyst) related_obj = None if related_id: related_obj = class_from_id(related_type, related_id) if not related_obj: retVal['success'] = False retVal['message'] = 'Related Object not found.' return retVal resp_url = reverse('cripts.email_addresses.views.email_address_detail', args=[email_object.address]) if is_validate_only == False: email_object.save(username=analyst) #set the URL for viewing the new data if is_item_new == True: # Update the email stats counts = mongo_connector(settings.COL_COUNTS) count_stats = counts.find_one({'name': 'counts'}) if not count_stats or ('counts' not in count_stats): count_stats = {'counts': {}} if 'Email Addresses' not in count_stats['counts']: count_stats['counts']['Email Addresses'] = 0 else: count_stats['counts']['Email Addresses'] = count_stats[ 'counts']['Email Addresses'] + 1 counts.update({'name': "counts"}, {'$set': { 'counts': count_stats['counts'] }}, upsert=True) retVal['message'] = ('Success! Click here to view the new Email: ' '<a href="%s">%s</a>' % (resp_url, email_object.address)) else: message = ('Updated existing Email: ' '<a href="%s">%s</a>' % (resp_url, email_object.address)) retVal['message'] = message retVal['status'] = form_consts.Status.DUPLICATE retVal['warning'] = message elif is_validate_only == True: if email_object.id != None and is_item_new == False: message = ('Warning: Email already exists: ' '<a href="%s">%s</a>' % (resp_url, email_object.address)) retVal['message'] = message retVal['status'] = form_consts.Status.DUPLICATE retVal['warning'] = message if related_obj and email_object and relationship_type: relationship_type = RelationshipTypes.inverse( relationship=relationship_type) email_object.add_relationship(related_obj, relationship_type, analyst=analyst, get_rels=False) email_object.save(username=analyst) # run email triage if is_item_new and is_validate_only == False: email_object.reload() run_triage(email_object, analyst) retVal['success'] = True retVal['object'] = email_object return retVal
def add_new_event(title, description, event_type, source, method, reference, date, analyst, bucket_list=None, ticket=None, related_id=None, related_type=None, relationship_type=None): """ Add a new Event to CRIPTs. :param title: Event title. :type title: str :param description: Event description. :type description: str :param event_type: Event type. :type event_type: str :param source: The source which provided this information. :type source: str :param method: THe method of acquiring this information. :type method: str :param reference: Reference to this data. :type reference: str :param date: Date of acquiring this data. :type date: datetime.datetime :param analyst: The user adding this Event. :type analyst: str :param bucket_list: The bucket(s) to associate with this Event. :type: str :param ticket: Ticket to associate with this event. :type ticket: str :param related_id: ID of object to create relationship with :type related_id: str :param related_type: Type of object to create relationship with :type related_type: str :param relationship_type: Type of relationship to create. :type relationship_type: str :returns: dict with keys "success" (boolean) and "message" (str) """ result = dict() if not source: return {'success': False, 'message': "Missing source information."} event = Event() event.title = title event.description = description event.set_event_type(event_type) s = create_embedded_source(name=source, reference=reference, method=method, analyst=analyst, date=date) event.add_source(s) if bucket_list: event.add_bucket_list(bucket_list, analyst) if ticket: event.add_ticket(ticket, analyst) related_obj = None if related_id: related_obj = class_from_id(related_type, related_id) if not related_obj: retVal['success'] = False retVal['message'] = 'Related Object not found.' return retVal try: event.save(username=analyst) if related_obj and event and relationship_type: relationship_type=RelationshipTypes.inverse(relationship=relationship_type) event.add_relationship(related_obj, relationship_type, analyst=analyst, get_rels=False) event.save(username=analyst) # run event triage event.reload() run_triage(event, analyst) message = ('<div>Success! Click here to view the new event: <a href=' '"%s">%s</a></div>' % (reverse('cripts.events.views.view_event', args=[event.id]), title)) result = {'success': True, 'message': message, 'id': str(event.id), 'object': event} except ValidationError, e: result = {'success': False, 'message': e}