def update_action_rule( request: ActionRulesRequest, old_name: str, ) -> ActionRulesResponse: """ Updates an action rule. """ logger.info("old_name: %s", old_name) logger.info("request: %s", request) error_message = "" if ActionRule.exists(request.action_rule.name): try: hmaconfig.update_config(request.action_rule) except Exception as e: error_message = "Unexpected error." handle_unexpected_error(e) elif ActionRule.exists(old_name): try: hmaconfig.create_config(request.action_rule) hmaconfig.delete_config_by_type_and_name( "ActionRule", old_name) except Exception as e: error_message = "Unexpected error." handle_unexpected_error(e) else: error_message = f"An action rule named '{request.action_rule.name}' or '{old_name}' does not exist." logger.warning( "An attempt was made to update an action rule named either '%s' or '%s' but neither exist.", request.action_rule.name, old_name, ) response.status = 500 return ActionRulesResponse(error_message)
def get_action_rules() -> t.List[ActionRule]: """ TODO Research caching rules for a short bit of time (1 min? 5 min?) use @lru_cache to implement Returns the ActionRule objects stored in the config repository. Each ActionRule will have the following attributes: MustHaveLabels, MustNotHaveLabels, ActionLabel. """ return ActionRule.get_all()
def get_action_rules() -> ActionRulesResponse: """ Returns all action rules. """ error_message = "" action_rules = [] try: action_rules = ActionRule.get_all() logger.info("action_rules: %s", action_rules) except Exception as e: error_message = "Unexpected error." handle_unexpected_error(e) return ActionRulesResponse(error_message, action_rules)
def get_example_action_event(): enqueue_mini_castle_for_review_action_label = ActionLabel( TestContentModels.TEST_ACTION_LABEL) action_rules = [ ActionRule( name="Enqueue Mini-Castle for Review", action_label=enqueue_mini_castle_for_review_action_label, must_have_labels=set([ ClassificationLabel("true_positive"), ]), must_not_have_labels=set(), ), ] banked_signal = BankedSignal( banked_content_id="4169895076385542", bank_id="303636684709969", bank_source="te", ) banked_signal.add_classification("true_positive") action_performer = WebhookPostActionPerformer( name="EnqueueForReview", url="https://webhook.site/ff7ebc37-514a-439e-9a03-46f86989e195", headers='{"Connection":"keep-alive"}', # monitoring page: # https://webhook.site/#!/ff7ebc37-514a-439e-9a03-46f86989e195 ) action_message = ActionMessage( content_key=TestContentModels.TEST_CONTENT_ID, content_hash= "361da9e6cf1b72f5cea0344e5bb6e70939f4c70328ace762529cac704297354a", matching_banked_signals=[banked_signal], action_label=enqueue_mini_castle_for_review_action_label, action_rules=action_rules, ) return ActionEvent( content_id=action_message.content_key, performed_at=TestContentModels.TEST_TIME, action_label=action_message.action_label.value, action_performer=action_performer.to_aws_json(), action_rules=[ rule.to_aws_json() for rule in action_message.action_rules ], ) # .write_to_table(table)
def set_up_test(self, action_hook_url="http://httpstat.us/404"): """ Set up/Create the following: - Dataset (Privacy Group Config) - Test Action (Action Performer Config) - Test Action Rule (Action Rule Config) Method is idempotent because the API will error when trying to create configs that already exist. """ # Possible it already exists which is fine. self.create_dataset_config( privacy_group_id=self.PRIVACY_GROUP_ID, privacy_group_name="Test Sample Set", ) action_performer = WebhookPostActionPerformer( name=self.ACTION_NAME, url=action_hook_url, headers='{"this-is-a":"test-header"}', ) self.create_action( action_performer=action_performer, ) action_rule = ActionRule( name=f"{self.ACTION_RULE_PREFIX}{self.ACTION_CLASSIFICATION_LABEL}", action_label=ActionLabel(self.ACTION_NAME), must_have_labels=set( [ ClassificationLabel(self.ACTION_CLASSIFICATION_LABEL), ] ), must_not_have_labels=set(), ) self.create_action_rule( action_rule=action_rule, )
def delete_action_rule(name: str) -> ActionRulesResponse: """ Deletes an action rule. """ logger.info("name: %s", name) error_message = "" if ActionRule.exists(name): try: hmaconfig.delete_config_by_type_and_name("ActionRule", name) except Exception as e: error_message = "Unexpected error." handle_unexpected_error(e) else: error_message = f"An action rule named '{name}' does not exist." logger.warning( "An attempt was made to delete an action rule named '%s' that does not exist.", name, ) response.status = 500 return ActionRulesResponse(error_message)
def test_action_message_serialization_and_deserialization(self): enqueue_mini_castle_for_review_action_label = ActionLabel( "EnqueueMiniCastleForReview") action_rules = [ ActionRule( name="Enqueue Mini-Castle for Review", action_label=enqueue_mini_castle_for_review_action_label, must_have_labels=set([ BankIDClassificationLabel("303636684709969"), ClassificationLabel("true_positive"), ]), must_not_have_labels=set( [BankedContentIDClassificationLabel("3364504410306721")]), ), ] banked_signal = BankedSignal( banked_content_id="4169895076385542", bank_id="303636684709969", bank_source="te", ) banked_signal.add_classification("true_positive") action_message = ActionMessage( content_key="images/mini-castle.jpg", content_hash= "361da9e6cf1b72f5cea0344e5bb6e70939f4c70328ace762529cac704297354a", matching_banked_signals=[banked_signal], action_label=enqueue_mini_castle_for_review_action_label, action_rules=action_rules, ) action_message_aws_json = action_message.to_aws_json() action_message_2 = ActionMessage.from_aws_json(action_message_aws_json) self.assertEqual(action_message_2.action_label, enqueue_mini_castle_for_review_action_label)
def create_action_rule( self, action_rule: ActionRule, ): # Need to give the api a json like dict object (just like is used in aws) self.api.create_action_rule(action_rule.to_aws())
def from_dict(cls, d: dict) -> "ActionRulesRequest": ar = ActionRule.from_aws(d["action_rule"]) logger.debug("Deserialized ActionRule: %s", ar) return cls(ar)
def test_get_action_labels(self): enqueue_for_review_action_label = ActionLabel("EnqueueForReview") bank_id = "12345" banked_signal_without_foo = BankedSignal("67890", bank_id, "Test") banked_signal_without_foo.add_classification("Bar") banked_signal_without_foo.add_classification("Xyz") banked_signal_with_foo = BankedSignal("67890", bank_id, "Test") banked_signal_with_foo.add_classification("Foo") banked_signal_with_foo.add_classification("Bar") banked_signal_with_foo.add_classification("Xyz") match_message_without_foo = MatchMessage( "key", "hash", [banked_signal_without_foo] ) match_message_with_foo = MatchMessage("key", "hash", [banked_signal_with_foo]) action_rules = [ ActionRule( enqueue_for_review_action_label.value, enqueue_for_review_action_label, set([BankIDClassificationLabel(bank_id)]), set([ClassificationLabel("Foo")]), ) ] action_label_to_action_rules: t.Dict[ ActionLabel, t.List[ActionRule] ] = get_actions_to_take(match_message_without_foo, action_rules) assert len(action_label_to_action_rules) == 1 self.assertIn( enqueue_for_review_action_label, action_label_to_action_rules, "enqueue_for_review_action_label should be in action_label_to_action_rules", ) action_label_to_action_rules = get_actions_to_take( match_message_with_foo, action_rules ) assert len(action_label_to_action_rules) == 0 enqueue_mini_castle_for_review_action_label = ActionLabel( "EnqueueMiniCastleForReview" ) enqueue_sailboat_for_review_action_label = ActionLabel( "EnqueueSailboatForReview" ) action_rules = [ ActionRule( name="Enqueue Mini-Castle for Review", action_label=enqueue_mini_castle_for_review_action_label, must_have_labels=set( [ BankIDClassificationLabel("303636684709969"), ClassificationLabel("true_positive"), ] ), must_not_have_labels=set( [BankedContentIDClassificationLabel("3364504410306721")] ), ), ActionRule( name="Enqueue Sailboat for Review", action_label=enqueue_sailboat_for_review_action_label, must_have_labels=set( [ BankIDClassificationLabel("303636684709969"), ClassificationLabel("true_positive"), BankedContentIDClassificationLabel("3364504410306721"), ] ), must_not_have_labels=set(), ), ] mini_castle_banked_signal = BankedSignal( banked_content_id="4169895076385542", bank_id="303636684709969", bank_source="te", ) mini_castle_banked_signal.add_classification("true_positive") mini_castle_match_message = MatchMessage( content_key="images/mini-castle.jpg", content_hash="361da9e6cf1b72f5cea0344e5bb6e70939f4c70328ace762529cac704297354a", matching_banked_signals=[mini_castle_banked_signal], ) sailboat_banked_signal = BankedSignal( banked_content_id="3364504410306721", bank_id="303636684709969", bank_source="te", ) sailboat_banked_signal.add_classification("true_positive") sailboat_match_message = MatchMessage( content_key="images/sailboat-mast-and-sun.jpg", content_hash="388ff5e1084efef10096df9cb969296dff2b04d67a94065ecd292129ef6b1090", matching_banked_signals=[sailboat_banked_signal], ) action_label_to_action_rules = get_actions_to_take( mini_castle_match_message, action_rules ) assert len(action_label_to_action_rules) == 1 self.assertIn( enqueue_mini_castle_for_review_action_label, action_label_to_action_rules, "enqueue_mini_castle_for_review_action_label should be in action_label_to_action_rules", ) action_label_to_action_rules = get_actions_to_take( sailboat_match_message, action_rules ) assert len(action_label_to_action_rules) == 1 self.assertIn( enqueue_sailboat_for_review_action_label, action_label_to_action_rules, "enqueue_sailboat_for_review_action_label should be in action_label_to_action_rules", )
TODO implement Evaluates a collection of action_labels against some yet to be defined configuration (and possible business login) to produce """ return [ThreatExchangeReactionLabel("SAW_THIS_TOO")] if __name__ == "__main__": # For basic debugging action_rules = [ ActionRule( name="Enqueue Mini-Castle for Review", action_label=ActionLabel("EnqueueMiniCastleForReview"), must_have_labels=set([ BankIDClassificationLabel("303636684709969"), ClassificationLabel("true_positive"), ]), must_not_have_labels=set( [BankedContentIDClassificationLabel("3364504410306721")]), ), ] banked_signal = BankedSignal( "4169895076385542", "303636684709969", "te", ) banked_signal.add_classification("true_positive") match_message = MatchMessage("key", "hash", [banked_signal])
def load_defaults(_args): """ Load a hardcoded set of defaults which are useful in testing """ # Could also put the default on the class, but seems too fancy configs = [ ThreatExchangeConfig( name="303636684709969", fetcher_active=True, privacy_group_name="Test Config 1", write_back=True, in_use=True, description="test description", matcher_active=True, ), ThreatExchangeConfig( name="258601789084078", fetcher_active=True, privacy_group_name="Test Config 2", write_back=True, in_use=True, description="test description", matcher_active=True, ), WebhookPostActionPerformer( name="EnqueueForReview", url="https://webhook.site/ff7ebc37-514a-439e-9a03-46f86989e195", headers='{"Connection":"keep-alive"}', # monitoring page: # https://webhook.site/#!/ff7ebc37-514a-439e-9a03-46f86989e195 ), WebhookPostActionPerformer( name="EnqueueMiniCastleForReview", url="https://webhook.site/01cef721-bdcc-4681-8430-679c75659867", headers='{"Connection":"keep-alive"}', # monitoring page: # https://webhook.site/#!/01cef721-bdcc-4681-8430-679c75659867 ), WebhookPostActionPerformer( name="EnqueueSailboatForReview", url="https://webhook.site/fa5c5ad5-f5cc-4692-bf03-a03a4ae3f714", headers='{"Connection":"keep-alive"}', # monitoring page: # https://webhook.site/#!/fa5c5ad5-f5cc-4692-bf03-a03a4ae3f714 ), ActionRule( name="Enqueue Mini-Castle for Review", action_label=ActionLabel("EnqueueMiniCastleForReview"), must_have_labels=set([ BankIDClassificationLabel("303636684709969"), ClassificationLabel("true_positive"), ]), must_not_have_labels=set( [BankedContentIDClassificationLabel("3364504410306721")]), ), ActionRule( name="Enqueue Sailboat for Review", action_label=ActionLabel("EnqueueSailboatForReview"), must_have_labels=set([ BankIDClassificationLabel("303636684709969"), ClassificationLabel("true_positive"), BankedContentIDClassificationLabel("3364504410306721"), ]), must_not_have_labels=set(), ), ] for config in configs: # Someday maybe can do filtering or something, I dunno # Add try catch block to avoid test failure try: hmaconfig.create_config(config) except ClientError as e: if e.response["Error"][ "Code"] == "ConditionalCheckFailedException": print( "Can't insert duplicated config, " + e.response["Error"]["Message"], ) else: raise print(config)