def _get_temp_file(cls, referred_url, content):
file_ = AttachFile()
# URL の最後をファイル名とする
try:
up = urllib.parse.urlparse(referred_url)
file_name = up.path.split('/')[-1]
except BaseException:
file_name = 'undefined'
file_.file_name = file_name
# file_path は一時ファイル名から
_, file_.file_path = tempfile.mkstemp()
with open(file_.file_path, 'wb') as fp:
fp.write(content)
return file_
def save_attach_file(filename, content, id_):
attach_file = AttachFile()
attach_file.file_name = filename
# attach格納ディレクトリ作成
attach_root_dir = get_attach_root_dir_path()
if not os.path.exists(attach_root_dir):
os.makedirs(attach_root_dir)
attach_dir = get_attach_dir_path(id_)
if not os.path.exists(attach_dir):
os.makedirs(attach_dir)
# 一時ファイルに保存
_, tmp_file_path = tempfile.mkstemp(dir=attach_dir)
with open(tmp_file_path, 'wb+') as fp:
# content.read()はstr
fp.write(content.read())
# MD5値取得
with open(tmp_file_path, 'rb') as fp:
v = fp.read()
md5 = hashlib.md5(v).hexdigest()
# rename
file_path = attach_dir + md5
os.rename(tmp_file_path, file_path)
# ファイルパスを保存
attach_file.file_path = file_path
attach_file.save()
return attach_file
def get_attached_files(receive_data):
files_for_stip_post = {}
files_for_cti_extractor = []
if 'files' in receive_data:
# 添付ファイルあり
files = receive_data['files']
for file_ in files:
# attached_files 情報
file_path = file_['url_private']
file_name = file_['name']
resp = get_attached_file_from_slack(file_path)
uploaded_file = SimpleUploadedFile(file_name, resp.content)
files_for_stip_post[file_name] = uploaded_file
# django_files 情報
attach_file = AttachFile()
attach_file.file_name = file_name
_, tmp_file_path = tempfile.mkstemp()
attach_file.file_path = tmp_file_path
with open(attach_file.file_path, 'wb') as fp:
fp.write(resp.content)
files_for_cti_extractor.append(attach_file)
return files_for_cti_extractor, files_for_stip_post
def confirm_indicator(request):
# 添付ファイルごとに AttachFile を作成し list に格納
files = []
for f in request.FILES.values():
attach_file = AttachFile()
attach_file.file_name = f.name
_, tmp_file_path = tempfile.mkstemp()
attach_file.file_path = tmp_file_path
with open(attach_file.file_path, 'wb') as fp:
fp.write(f.read())
files.append(attach_file)
# attach_confirm があるか
if KEY_ATTACH_CONFIRM in request.POST:
s = request.POST[KEY_ATTACH_CONFIRM]
if (s.lower() == 'true'):
attach_confirm = True
else:
attach_confirm = False
else:
attach_confirm = True
# stix2 の投稿可?
stix2 = is_stix2_post(request)
# posts 取得
posts = []
if stix2:
# STIX2.x の場合は post が複数ある
if KEY_STIX2_CONTENTS in request.POST:
stix2_contents = json.loads(request.POST[KEY_STIX2_CONTENTS])
for stix2_content in stix2_contents:
posts.append(stix2_content['content'])
else:
# STIX1.x の場合は post が 1 つのみ
if KEY_POST in request.POST:
post = request.POST[KEY_POST]
else:
post = ''
posts.append(post)
# referred_url取得
if KEY_REFERRED_URL in request.POST:
referred_url = request.POST[KEY_REFERRED_URL]
if len(referred_url) == 0:
referred_url = None
else:
referred_url = None
if attach_confirm:
# threat_actors list を取得する
ta_list = get_threat_actors_list(request)
# white_list list を取得する
white_list = get_white_list(request)
# STIX element を取得する
confirm_indicators, confirm_ets, confirm_tas = Extractor.get_stix_element(
files, referred_url, posts, ta_list, white_list,
request.user.sns_profile.scan_csv,
request.user.sns_profile.scan_pdf,
request.user.sns_profile.scan_post,
request.user.sns_profile.scan_txt)
else:
# attach_confrim 指定なし
# pending
pass
# 添付ファイル削除
for file_ in files:
try:
os.remove(file_.file_path)
except BaseException:
pass
data = {}
data[KEY_INDICATORS] = get_json_from_extractor(confirm_indicators)
data[KEY_TTPS] = get_json_from_extractor(confirm_ets)
data[KEY_TAS] = get_json_from_extractor(confirm_tas)
return JsonResponse(data)