def actor_tags_modify(request): """ Update tags for Actors based on a type of tag. :param request: Django request. :type request: :class:`django.http.HttpRequest` :returns: :class:`django.http.HttpResponseRedirect` """ if request.method == "POST" and request.is_ajax(): tag_type = request.POST.get('tag_type', None) id_ = request.POST.get('oid', None) tags = request.POST.get('tags', None) user = request.user.username if not tag_type: return HttpResponse(json.dumps({ 'success': False, 'message': 'Need a tag type.' }), mimetype="application/json") result = update_actor_tags(id_, tag_type, tags, user) return HttpResponse(json.dumps(result), mimetype="application/json") else: error = "Expected AJAX POST" return render_to_response("error.html", {"error": error}, RequestContext(request))
def actor_tags_modify(request): """ Update tags for Actors based on a type of tag. :param request: Django request. :type request: :class:`django.http.HttpRequest` :returns: :class:`django.http.HttpResponseRedirect` """ if request.method == "POST" and request.is_ajax(): tag_type = request.POST.get('tag_type', None) actor_id = request.POST.get('oid', None) tags = request.POST.get('tags', None) username = request.user.username if not tag_type: return HttpResponse(json.dumps({'success': False, 'message': 'Need a tag type.'}), mimetype="application/json") result = update_actor_tags(actor_id, tag_type, tags, username) return HttpResponse(json.dumps(result), mimetype="application/json") else: error = "Expected AJAX POST" return render_to_response("error.html", {"error" : error }, RequestContext(request))
def parse_threat_actors(self, threat_actors): """ Parse list of Threat Actors. :param threat_actors: List of STIX ThreatActors. :type threat_actors: List of STIX ThreatActors. """ from stix.threat_actor import ThreatActor analyst = self.source_instance.analyst for threat_actor in threat_actors: # for each STIX ThreatActor try: # create CRITs Actor from ThreatActor if isinstance(threat_actor, ThreatActor): name = str(threat_actor.title) description = str(threat_actor.description) res = add_new_actor(name=name, description=description, source=[self.source], analyst=analyst) if res['success']: sl = ml = tl = il = [] for s in threat_actor.sophistications: v = get_crits_actor_tags(str(s.value)) if v: sl.append(v) update_actor_tags(res['id'], 'ActorSophistication', sl, analyst) for m in threat_actor.motivations: v = get_crits_actor_tags(str(m.value)) if v: ml.append(v) update_actor_tags(res['id'], 'ActorMotivation', ml, analyst) for t in threat_actor.types: v = get_crits_actor_tags(str(t.value)) if v: tl.append(v) update_actor_tags(res['id'], 'ActorThreatType', tl, analyst) for i in threat_actor.intended_effects: v = get_crits_actor_tags(str(i.value)) if v: il.append(v) update_actor_tags(res['id'], 'ActorIntendedEffect', il, analyst) obj = Actor.objects(id=res['id']).first() self.imported[threat_actor.id_] = ( Actor._meta['crits_type'], obj) else: self.failed.append( (res['message'], type(threat_actor).__name__, "")) # note for display in UI except Exception, e: self.failed.append((e.message, type(threat_actor).__name__, "")) # note for display in UI
def parse_threat_actors(self, threat_actors): """ Parse list of Threat Actors. :param threat_actors: List of STIX ThreatActors. :type threat_actors: List of STIX ThreatActors. """ from stix.threat_actor import ThreatActor analyst = self.source_instance.analyst for threat_actor in threat_actors: # for each STIX ThreatActor try: # create CRITs Actor from ThreatActor if isinstance(threat_actor, ThreatActor): name = str(threat_actor.title) description = str(threat_actor.description) res = add_new_actor(name=name, description=description, source=[self.source], analyst=analyst) if res['success']: sl = ml = tl = il = [] for s in threat_actor.sophistications: sl.append(str(s.value)) update_actor_tags(res['id'], 'ActorSophistication', sl, analyst) for m in threat_actor.motivations: ml.append(str(m.value)) update_actor_tags(res['id'], 'ActorMotivation', ml, analyst) for t in threat_actor.types: tl.append(str(t.value)) update_actor_tags(res['id'], 'ActorThreatType', tl, analyst) for i in threat_actor.intended_effects: il.append(str(i.value)) update_actor_tags(res['id'], 'ActorIntendedEffect', il, analyst) obj = Actor.objects(id=res['id']).first() self.imported.append((Actor._meta['crits_type'], obj)) else: self.failed.append((res['message'], type(threat_actor).__name__, "")) # note for display in UI except Exception, e: self.failed.append((e.message, type(threat_actor).__name__, "")) # note for display in UI
def actor_tags_modify(request): """ Update tags for Actors based on a type of tag. :param request: Django request. :type request: :class:`django.http.HttpRequest` :returns: :class:`django.http.HttpResponseRedirect` """ if request.method == "POST" and request.is_ajax(): request.user._setup() user = request.user tag_type = request.POST.get('tag_type', None) id_ = request.POST.get('oid', None) tags = request.POST.get('tags', None) if not tag_type: return HttpResponse(json.dumps({ 'success': False, 'message': 'Need a tag type.' }), mimetype="application/json") # Get the appropriate permission to look up if tag_type == 'ActorMotivation': perm_needed = ActorACL.MOTIVATIONS_EDIT elif tag_type == 'ActorIntendedEffect': perm_needed = ActorACL.INTENDED_EFFECTS_EDIT elif tag_type == 'ActorSophistication': perm_needed = ActorACL.SOPHISTICATIONS_EDIT elif tag_type == 'ActorThreatType': perm_needed = ActorACL.THREAT_TYPES_EDIT if user.has_access_to(perm_needed): result = update_actor_tags(id_, tag_type, tags, request.user) else: result = { 'success': False, 'message': 'User does not have permssion to modify tag.' } return HttpResponse(json.dumps(result), content_type="application/json") else: error = "Expected AJAX POST" return render_to_response("error.html", {"error": error}, RequestContext(request))
def actor_tags_modify(request): """ Update tags for Actors based on a type of tag. :param request: Django request. :type request: :class:`django.http.HttpRequest` :returns: :class:`django.http.HttpResponseRedirect` """ if request.method == "POST" and request.is_ajax(): request.user._setup() user = request.user tag_type = request.POST.get('tag_type', None) id_ = request.POST.get('oid', None) tags = request.POST.get('tags', None) if not tag_type: return HttpResponse(json.dumps({'success': False, 'message': 'Need a tag type.'}), mimetype="application/json") # Get the appropriate permission to look up if tag_type=='ActorMotivation': perm_needed=ActorACL.MOTIVATIONS_EDIT elif tag_type=='ActorIntendedEffect': perm_needed=ActorACL.INTENDED_EFFECTS_EDIT elif tag_type=='ActorSophistication': perm_needed=ActorACL.SOPHISTICATIONS_EDIT elif tag_type=='ActorThreatType': perm_needed=ActorACL.THREAT_TYPES_EDIT if user.has_access_to(perm_needed): result = update_actor_tags(id_, tag_type, tags, request.user) else: result = {'success':False, 'message':'User does not have permssion to modify tag.'} return HttpResponse(json.dumps(result), content_type="application/json") else: error = "Expected AJAX POST" return render_to_response("error.html", {"error" : error }, RequestContext(request))