def campaign_add(request, ctype, objectid):
"""
Attribute a Campaign to a top-level object. Should be an AJAX POST.
:param request: Django request object (Required)
:type request: :class:`django.http.HttpRequest`
:param ctype: CRITs type for the top-level object.
:type ctype: str
:param objectid: The ObjectId of the top-level object.
:type objectid: str
:returns: :class:`django.http.HttpResponse`
"""
if request.method == "POST" and request.is_ajax():
form = CampaignForm(request.POST)
result = {}
if form.is_valid():
data = form.cleaned_data
campaign = data["name"]
confidence = data["confidence"]
description = data["description"]
related = data["related"]
analyst = request.user.username
result = campaign_addh(ctype, objectid, campaign, confidence, description, related, analyst)
if result["success"]:
return HttpResponse(json.dumps(result), mimetype="application/json")
result["form"] = form.as_table()
result["success"] = False
return HttpResponse(json.dumps(result), mimetype="application/json")
else:
return HttpResponse(
json.dumps({"success": False, "message": "Expected AJAX request."}), mimetype="application/json"
)
def edit_campaign(request, ctype, objectid):
"""
Edit an attributed Campaign for a top-level object. Should be an AJAX POST.
:param request: Django request object (Required)
:type request: :class:`django.http.HttpRequest`
:param ctype: CRITs type for the top-level object.
:type ctype: str
:param objectid: The ObjectId of the top-level object.
:type objectid: str
:returns: :class:`django.http.HttpResponse`
"""
user = request.user
if request.method == "POST" and request.is_ajax():
form = CampaignForm(request.POST)
acl = get_acl_object(ctype)
if user.has_access_to(acl.CAMPAIGNS_EDIT):
if form.is_valid():
data = form.cleaned_data
campaign = data['name']
confidence = data['confidence']
description = data['description']
related = data['related']
analyst = request.user.username
try:
date = datetime.datetime.strptime(data['date'],
settings.PY_DATETIME_FORMAT)
except ValueError:
date = datetime.datetime.now()
result = campaign_edit(ctype,
objectid,
campaign,
confidence,
description,
date,
related,
analyst)
if result['success']:
return HttpResponse(json.dumps(result),
content_type="application/json")
else:
result.update({'form': form.as_table()})
return HttpResponse(json.dumps(result),
content_type="application/json")
else:
return HttpResponse(json.dumps({'success': False,
'form': form.as_table()}),
content_type="application/json")
else:
result ={'success': False,
'message':'User does not have permission to edit Campaign.'}
return HttpResponse(json.dumps(result),
content_type="application/json")
else:
return HttpResponse(json.dumps({'success': False}),
content_type="application/json")
def campaign_add(request, ctype, objectid):
"""
Attribute a Campaign to a top-level object. Should be an AJAX POST.
:param request: Django request object (Required)
:type request: :class:`django.http.HttpRequest`
:param ctype: CRITs type for the top-level object.
:type ctype: str
:param objectid: The ObjectId of the top-level object.
:type objectid: str
:returns: :class:`django.http.HttpResponse`
"""
user = request.user
if request.method == "POST" and request.is_ajax():
form = CampaignForm(request.POST)
result = {}
acl = get_acl_object(ctype)
if user.has_access_to(acl.CAMPAIGNS_ADD):
if form.is_valid():
data = form.cleaned_data
campaign = data['name']
confidence = data['confidence']
description = data['description']
related = data['related']
analyst = request.user.username
result = campaign_addh(campaign,
confidence,
description,
related,
analyst,
ctype,
objectid,
update=False)
if result['success']:
return HttpResponse(json.dumps(result),
content_type="application/json")
result['form'] = form.as_table()
result['success'] = False
return HttpResponse(json.dumps(result),
content_type="application/json")
else:
result['success'] = False
result[
'message'] = 'User does not have permission to add campaign to TLO.'
return HttpResponse(json.dumps(result),
content_type="application/json")
else:
return HttpResponse(json.dumps({
'success': False,
'message': "Expected AJAX request."
}),
content_type="application/json")
def campaign_add(request, ctype, objectid):
"""
Attribute a Campaign to a top-level object. Should be an AJAX POST.
:param request: Django request object (Required)
:type request: :class:`django.http.HttpRequest`
:param ctype: CRITs type for the top-level object.
:type ctype: str
:param objectid: The ObjectId of the top-level object.
:type objectid: str
:returns: :class:`django.http.HttpResponse`
"""
user = request.user
if request.method == "POST" and request.is_ajax():
form = CampaignForm(request.POST)
result = {}
acl = get_acl_object(ctype)
if user.has_access_to(acl.CAMPAIGNS_ADD):
if form.is_valid():
data = form.cleaned_data
campaign = data['name']
confidence = data['confidence']
description = data['description']
related = data['related']
analyst= request.user.username
result = campaign_addh(campaign,
confidence,
description,
related,
analyst,
ctype,
objectid,
update=False)
if result['success']:
return HttpResponse(json.dumps(result),
content_type="application/json")
result['form'] = form.as_table()
result['success'] = False
return HttpResponse(json.dumps(result),
content_type="application/json")
else:
result['success'] = False
result['message'] = 'User does not have permission to add campaign to TLO.'
return HttpResponse(json.dumps(result),
content_type="application/json")
else:
return HttpResponse(json.dumps({'success': False,
'message': "Expected AJAX request."}),
content_type="application/json")
def edit_campaign(request, ctype, objectid):
"""
Edit an attributed Campaign for a top-level object. Should be an AJAX POST.
:param request: Django request object (Required)
:type request: :class:`django.http.HttpRequest`
:param ctype: CRITs type for the top-level object.
:type ctype: str
:param objectid: The ObjectId of the top-level object.
:type objectid: str
:returns: :class:`django.http.HttpResponse`
"""
if request.method == "POST" and request.is_ajax():
form = CampaignForm(request.POST)
if form.is_valid():
data = form.cleaned_data
campaign = data["name"]
confidence = data["confidence"]
description = data["description"]
related = data["related"]
analyst = request.user.username
try:
date = datetime.datetime.strptime(data["date"], settings.PY_DATETIME_FORMAT)
except ValueError:
date = datetime.datetime.now()
result = campaign_edit(ctype, objectid, campaign, confidence, description, date, related, analyst)
if result["success"]:
return HttpResponse(json.dumps(result), mimetype="application/json")
else:
result.update({"form": form.as_table()})
return HttpResponse(json.dumps(result), mimetype="application/json")
else:
return HttpResponse(json.dumps({"success": False, "form": form.as_table()}), mimetype="application/json")
else:
return HttpResponse(json.dumps({"success": False}), mimetype="application/json")
def get_event_details(event_id, analyst):
"""
Generate the data to render the Event details template.
:param event_id: The ObjectId of the Event to get details for.
:type event_id: str
:param analyst: The user requesting this information.
:type analyst: str
:returns: template (str), arguments (dict)
"""
template = None
sources = user_sources(analyst)
event = Event.objects(id=event_id, source__name__in=sources).first()
if not event:
template = "error.html"
args = {'error': "ID does not exist or insufficient privs for source"}
return template, args
event.sanitize("%s" % analyst)
campaign_form = CampaignForm()
download_form = DownloadFileForm(initial={
"obj_type": 'Event',
"obj_id": event_id
})
# remove pending notifications for user
remove_user_from_notification("%s" % analyst, event.id, 'Event')
# subscription
subscription = {
'type': 'Event',
'id': event.id,
'subscribed': is_user_subscribed("%s" % analyst, 'Event', event.id),
}
#objects
objects = event.sort_objects()
#relationships
relationships = event.sort_relationships("%s" % analyst, meta=True)
# relationship
relationship = {'type': 'Event', 'value': event.id}
#comments
comments = {'comments': event.get_comments(), 'url_key': event.id}
#screenshots
screenshots = event.get_screenshots(analyst)
# favorites
favorite = is_user_favorite("%s" % analyst, 'Event', event.id)
# services
service_list = get_supported_services('Event')
# analysis results
service_results = event.get_analysis_results()
args = {
'service_list': service_list,
'objects': objects,
'relationships': relationships,
'comments': comments,
'favorite': favorite,
'relationship': relationship,
'subscription': subscription,
'screenshots': screenshots,
'event': event,
'campaign_form': campaign_form,
'service_results': service_results,
'download_form': download_form
}
return template, args
def get_event_details(event_id, user):
"""
Generate the data to render the Event details template.
:param event_id: The ObjectId of the Event to get details for.
:type event_id: str
:param user: The user requesting this information.
:type user: str
:returns: template (str), arguments (dict)
"""
template = None
sources = user_sources(user)
event = Event.objects(id=event_id, source__name__in=sources).first()
if not user.check_source_tlp(event):
event = None
if not event:
template = "error.html"
args = {'error': "ID does not exist or insufficient privs for source"}
return template, args
event.sanitize("%s" % user)
campaign_form = CampaignForm()
download_form = DownloadFileForm(initial={
"obj_type": 'Event',
"obj_id": event_id
})
# remove pending notifications for user
remove_user_from_notification("%s" % user, event.id, 'Event')
# subscription
subscription = {
'type': 'Event',
'id': event.id,
'subscribed': is_user_subscribed("%s" % user, 'Event', event.id),
}
#objects
objects = event.sort_objects()
#relationships
relationships = event.sort_relationships("%s" % user, meta=True)
# Get count of related Events for each related Indicator
for ind in relationships.get('Indicator', []):
count = Event.objects(relationships__object_id=ind['id'],
source__name__in=sources).count()
ind['rel_ind_events'] = count
# Get count of related Events for each related Sample
for smp in relationships.get('Sample', []):
count = Event.objects(relationships__object_id=smp['id'],
source__name__in=sources).count()
smp['rel_smp_events'] = count
# relationship
relationship = {'type': 'Event', 'value': event.id}
#comments
comments = {'comments': event.get_comments(), 'url_key': event.id}
#screenshots
screenshots = event.get_screenshots(user)
# favorites
favorite = is_user_favorite("%s" % user, 'Event', event.id)
# services
service_list = get_supported_services('Event')
# analysis results
service_results = event.get_analysis_results()
args = {
'service_list': service_list,
'objects': objects,
'relationships': relationships,
'comments': comments,
'favorite': favorite,
'relationship': relationship,
'subscription': subscription,
'screenshots': screenshots,
'event': event,
'campaign_form': campaign_form,
'service_results': service_results,
'download_form': download_form,
'EventACL': EventACL
}
return template, args
def get_indicator_details(indicator_id, analyst):
"""
Generate the data to render the Indicator details template.
:param indicator_id: The ObjectId of the Indicator to get details for.
:type indicator_id: str
:param analyst: The user requesting this information.
:type analyst: str
:returns: template (str), arguments (dict)
"""
template = None
users_sources = user_sources(analyst)
indicator = Indicator.objects(id=indicator_id,
source__name__in=users_sources).first()
if not indicator:
error = ("Either this indicator does not exist or you do "
"not have permission to view it.")
template = "error.html"
args = {'error': error}
return template, args
forms = {}
forms['new_action'] = IndicatorActionsForm(initial={
'analyst': analyst,
'active': "off",
'date': datetime.datetime.now()
})
forms['new_activity'] = IndicatorActivityForm(
initial={
'analyst': analyst,
'date': datetime.datetime.now()
})
forms['new_campaign'] = CampaignForm() #'date': datetime.datetime.now(),
forms['new_source'] = SourceForm(analyst,
initial={'date': datetime.datetime.now()})
forms['download_form'] = DownloadFileForm(initial={
"obj_type": 'Indicator',
"obj_id": indicator_id
})
indicator.sanitize("%s" % analyst)
# remove pending notifications for user
remove_user_from_notification("%s" % analyst, indicator_id, 'Indicator')
# subscription
subscription = {
'type':
'Indicator',
'id':
indicator_id,
'subscribed':
is_user_subscribed("%s" % analyst, 'Indicator', indicator_id),
}
# relationship
relationship = {
'type': 'Indicator',
'value': indicator_id,
}
#objects
objects = indicator.sort_objects()
#relationships
relationships = indicator.sort_relationships("%s" % analyst, meta=True)
#comments
comments = {'comments': indicator.get_comments(), 'url_key': indicator_id}
# favorites
favorite = is_user_favorite("%s" % analyst, 'Indicator', indicator.id)
# services
manager = crits.service_env.manager
service_list = manager.get_supported_services('Indicator', True)
args = {
'objects': objects,
'relationships': relationships,
'comments': comments,
'relationship': relationship,
'subscription': subscription,
"indicator": indicator,
"forms": forms,
"indicator_id": indicator_id,
'service_list': service_list,
'favorite': favorite,
'rt_url': settings.RT_URL
}
return template, args
