def campaign_add(request, ctype, objectid): """ Attribute a Campaign to a top-level object. Should be an AJAX POST. :param request: Django request object (Required) :type request: :class:`django.http.HttpRequest` :param ctype: CRITs type for the top-level object. :type ctype: str :param objectid: The ObjectId of the top-level object. :type objectid: str :returns: :class:`django.http.HttpResponse` """ if request.method == "POST" and request.is_ajax(): form = CampaignForm(request.POST) result = {} if form.is_valid(): data = form.cleaned_data campaign = data["name"] confidence = data["confidence"] description = data["description"] related = data["related"] analyst = request.user.username result = campaign_addh(ctype, objectid, campaign, confidence, description, related, analyst) if result["success"]: return HttpResponse(json.dumps(result), mimetype="application/json") result["form"] = form.as_table() result["success"] = False return HttpResponse(json.dumps(result), mimetype="application/json") else: return HttpResponse( json.dumps({"success": False, "message": "Expected AJAX request."}), mimetype="application/json" )
def edit_campaign(request, ctype, objectid): """ Edit an attributed Campaign for a top-level object. Should be an AJAX POST. :param request: Django request object (Required) :type request: :class:`django.http.HttpRequest` :param ctype: CRITs type for the top-level object. :type ctype: str :param objectid: The ObjectId of the top-level object. :type objectid: str :returns: :class:`django.http.HttpResponse` """ user = request.user if request.method == "POST" and request.is_ajax(): form = CampaignForm(request.POST) acl = get_acl_object(ctype) if user.has_access_to(acl.CAMPAIGNS_EDIT): if form.is_valid(): data = form.cleaned_data campaign = data['name'] confidence = data['confidence'] description = data['description'] related = data['related'] analyst = request.user.username try: date = datetime.datetime.strptime(data['date'], settings.PY_DATETIME_FORMAT) except ValueError: date = datetime.datetime.now() result = campaign_edit(ctype, objectid, campaign, confidence, description, date, related, analyst) if result['success']: return HttpResponse(json.dumps(result), content_type="application/json") else: result.update({'form': form.as_table()}) return HttpResponse(json.dumps(result), content_type="application/json") else: return HttpResponse(json.dumps({'success': False, 'form': form.as_table()}), content_type="application/json") else: result ={'success': False, 'message':'User does not have permission to edit Campaign.'} return HttpResponse(json.dumps(result), content_type="application/json") else: return HttpResponse(json.dumps({'success': False}), content_type="application/json")
def campaign_add(request, ctype, objectid): """ Attribute a Campaign to a top-level object. Should be an AJAX POST. :param request: Django request object (Required) :type request: :class:`django.http.HttpRequest` :param ctype: CRITs type for the top-level object. :type ctype: str :param objectid: The ObjectId of the top-level object. :type objectid: str :returns: :class:`django.http.HttpResponse` """ user = request.user if request.method == "POST" and request.is_ajax(): form = CampaignForm(request.POST) result = {} acl = get_acl_object(ctype) if user.has_access_to(acl.CAMPAIGNS_ADD): if form.is_valid(): data = form.cleaned_data campaign = data['name'] confidence = data['confidence'] description = data['description'] related = data['related'] analyst = request.user.username result = campaign_addh(campaign, confidence, description, related, analyst, ctype, objectid, update=False) if result['success']: return HttpResponse(json.dumps(result), content_type="application/json") result['form'] = form.as_table() result['success'] = False return HttpResponse(json.dumps(result), content_type="application/json") else: result['success'] = False result[ 'message'] = 'User does not have permission to add campaign to TLO.' return HttpResponse(json.dumps(result), content_type="application/json") else: return HttpResponse(json.dumps({ 'success': False, 'message': "Expected AJAX request." }), content_type="application/json")
def campaign_add(request, ctype, objectid): """ Attribute a Campaign to a top-level object. Should be an AJAX POST. :param request: Django request object (Required) :type request: :class:`django.http.HttpRequest` :param ctype: CRITs type for the top-level object. :type ctype: str :param objectid: The ObjectId of the top-level object. :type objectid: str :returns: :class:`django.http.HttpResponse` """ user = request.user if request.method == "POST" and request.is_ajax(): form = CampaignForm(request.POST) result = {} acl = get_acl_object(ctype) if user.has_access_to(acl.CAMPAIGNS_ADD): if form.is_valid(): data = form.cleaned_data campaign = data['name'] confidence = data['confidence'] description = data['description'] related = data['related'] analyst= request.user.username result = campaign_addh(campaign, confidence, description, related, analyst, ctype, objectid, update=False) if result['success']: return HttpResponse(json.dumps(result), content_type="application/json") result['form'] = form.as_table() result['success'] = False return HttpResponse(json.dumps(result), content_type="application/json") else: result['success'] = False result['message'] = 'User does not have permission to add campaign to TLO.' return HttpResponse(json.dumps(result), content_type="application/json") else: return HttpResponse(json.dumps({'success': False, 'message': "Expected AJAX request."}), content_type="application/json")
def edit_campaign(request, ctype, objectid): """ Edit an attributed Campaign for a top-level object. Should be an AJAX POST. :param request: Django request object (Required) :type request: :class:`django.http.HttpRequest` :param ctype: CRITs type for the top-level object. :type ctype: str :param objectid: The ObjectId of the top-level object. :type objectid: str :returns: :class:`django.http.HttpResponse` """ if request.method == "POST" and request.is_ajax(): form = CampaignForm(request.POST) if form.is_valid(): data = form.cleaned_data campaign = data["name"] confidence = data["confidence"] description = data["description"] related = data["related"] analyst = request.user.username try: date = datetime.datetime.strptime(data["date"], settings.PY_DATETIME_FORMAT) except ValueError: date = datetime.datetime.now() result = campaign_edit(ctype, objectid, campaign, confidence, description, date, related, analyst) if result["success"]: return HttpResponse(json.dumps(result), mimetype="application/json") else: result.update({"form": form.as_table()}) return HttpResponse(json.dumps(result), mimetype="application/json") else: return HttpResponse(json.dumps({"success": False, "form": form.as_table()}), mimetype="application/json") else: return HttpResponse(json.dumps({"success": False}), mimetype="application/json")
def get_event_details(event_id, analyst): """ Generate the data to render the Event details template. :param event_id: The ObjectId of the Event to get details for. :type event_id: str :param analyst: The user requesting this information. :type analyst: str :returns: template (str), arguments (dict) """ template = None sources = user_sources(analyst) event = Event.objects(id=event_id, source__name__in=sources).first() if not event: template = "error.html" args = {'error': "ID does not exist or insufficient privs for source"} return template, args event.sanitize("%s" % analyst) campaign_form = CampaignForm() download_form = DownloadFileForm(initial={ "obj_type": 'Event', "obj_id": event_id }) # remove pending notifications for user remove_user_from_notification("%s" % analyst, event.id, 'Event') # subscription subscription = { 'type': 'Event', 'id': event.id, 'subscribed': is_user_subscribed("%s" % analyst, 'Event', event.id), } #objects objects = event.sort_objects() #relationships relationships = event.sort_relationships("%s" % analyst, meta=True) # relationship relationship = {'type': 'Event', 'value': event.id} #comments comments = {'comments': event.get_comments(), 'url_key': event.id} #screenshots screenshots = event.get_screenshots(analyst) # favorites favorite = is_user_favorite("%s" % analyst, 'Event', event.id) # services service_list = get_supported_services('Event') # analysis results service_results = event.get_analysis_results() args = { 'service_list': service_list, 'objects': objects, 'relationships': relationships, 'comments': comments, 'favorite': favorite, 'relationship': relationship, 'subscription': subscription, 'screenshots': screenshots, 'event': event, 'campaign_form': campaign_form, 'service_results': service_results, 'download_form': download_form } return template, args
def get_event_details(event_id, user): """ Generate the data to render the Event details template. :param event_id: The ObjectId of the Event to get details for. :type event_id: str :param user: The user requesting this information. :type user: str :returns: template (str), arguments (dict) """ template = None sources = user_sources(user) event = Event.objects(id=event_id, source__name__in=sources).first() if not user.check_source_tlp(event): event = None if not event: template = "error.html" args = {'error': "ID does not exist or insufficient privs for source"} return template, args event.sanitize("%s" % user) campaign_form = CampaignForm() download_form = DownloadFileForm(initial={ "obj_type": 'Event', "obj_id": event_id }) # remove pending notifications for user remove_user_from_notification("%s" % user, event.id, 'Event') # subscription subscription = { 'type': 'Event', 'id': event.id, 'subscribed': is_user_subscribed("%s" % user, 'Event', event.id), } #objects objects = event.sort_objects() #relationships relationships = event.sort_relationships("%s" % user, meta=True) # Get count of related Events for each related Indicator for ind in relationships.get('Indicator', []): count = Event.objects(relationships__object_id=ind['id'], source__name__in=sources).count() ind['rel_ind_events'] = count # Get count of related Events for each related Sample for smp in relationships.get('Sample', []): count = Event.objects(relationships__object_id=smp['id'], source__name__in=sources).count() smp['rel_smp_events'] = count # relationship relationship = {'type': 'Event', 'value': event.id} #comments comments = {'comments': event.get_comments(), 'url_key': event.id} #screenshots screenshots = event.get_screenshots(user) # favorites favorite = is_user_favorite("%s" % user, 'Event', event.id) # services service_list = get_supported_services('Event') # analysis results service_results = event.get_analysis_results() args = { 'service_list': service_list, 'objects': objects, 'relationships': relationships, 'comments': comments, 'favorite': favorite, 'relationship': relationship, 'subscription': subscription, 'screenshots': screenshots, 'event': event, 'campaign_form': campaign_form, 'service_results': service_results, 'download_form': download_form, 'EventACL': EventACL } return template, args
def get_indicator_details(indicator_id, analyst): """ Generate the data to render the Indicator details template. :param indicator_id: The ObjectId of the Indicator to get details for. :type indicator_id: str :param analyst: The user requesting this information. :type analyst: str :returns: template (str), arguments (dict) """ template = None users_sources = user_sources(analyst) indicator = Indicator.objects(id=indicator_id, source__name__in=users_sources).first() if not indicator: error = ("Either this indicator does not exist or you do " "not have permission to view it.") template = "error.html" args = {'error': error} return template, args forms = {} forms['new_action'] = IndicatorActionsForm(initial={ 'analyst': analyst, 'active': "off", 'date': datetime.datetime.now() }) forms['new_activity'] = IndicatorActivityForm( initial={ 'analyst': analyst, 'date': datetime.datetime.now() }) forms['new_campaign'] = CampaignForm() #'date': datetime.datetime.now(), forms['new_source'] = SourceForm(analyst, initial={'date': datetime.datetime.now()}) forms['download_form'] = DownloadFileForm(initial={ "obj_type": 'Indicator', "obj_id": indicator_id }) indicator.sanitize("%s" % analyst) # remove pending notifications for user remove_user_from_notification("%s" % analyst, indicator_id, 'Indicator') # subscription subscription = { 'type': 'Indicator', 'id': indicator_id, 'subscribed': is_user_subscribed("%s" % analyst, 'Indicator', indicator_id), } # relationship relationship = { 'type': 'Indicator', 'value': indicator_id, } #objects objects = indicator.sort_objects() #relationships relationships = indicator.sort_relationships("%s" % analyst, meta=True) #comments comments = {'comments': indicator.get_comments(), 'url_key': indicator_id} # favorites favorite = is_user_favorite("%s" % analyst, 'Indicator', indicator.id) # services manager = crits.service_env.manager service_list = manager.get_supported_services('Indicator', True) args = { 'objects': objects, 'relationships': relationships, 'comments': comments, 'relationship': relationship, 'subscription': subscription, "indicator": indicator, "forms": forms, "indicator_id": indicator_id, 'service_list': service_list, 'favorite': favorite, 'rt_url': settings.RT_URL } return template, args