#!/usr/bin/env python
# -*- coding: utf-8 -*-
from pymisp import ExpandedPyMISP
from keys import misp_url, misp_key, misp_verifycert
import argparse
if __name__ == '__main__':
parser = argparse.ArgumentParser(description='Delete the user with the given id. Keep in mind that disabling users (by setting the disabled flag via an edit) is always prefered to keep user associations to events intact.')
parser.add_argument("-i", "--user_id", help="The id of the user you want to delete.")
args = parser.parse_args()
misp = ExpandedPyMISP(misp_url, misp_key, misp_verifycert)
print(misp.delete_user(args.user_id))
class MISPInstance():
def __init__(self, params):
self.initial_user_connector = ExpandedPyMISP(params['url'],
params['key'],
ssl=False,
debug=False)
# Git pull
self.initial_user_connector.update_misp()
# Set the default role (id 3 on the VM is normal user)
self.initial_user_connector.set_default_role(3)
# Restart workers
self.initial_user_connector.restart_workers()
if not fast_mode:
# Load submodules
self.initial_user_connector.update_object_templates()
self.initial_user_connector.update_galaxies()
self.initial_user_connector.update_noticelists()
self.initial_user_connector.update_warninglists()
self.initial_user_connector.update_taxonomies()
self.initial_user_connector.toggle_global_pythonify()
# Create organisation
organisation = MISPOrganisation()
organisation.name = params['orgname']
self.test_org = self.initial_user_connector.add_organisation(
organisation)
print(self.test_org.name, self.test_org.uuid)
# Create Site admin in new org
user = MISPUser()
user.email = params['email_site_admin']
user.org_id = self.test_org.id
user.role_id = 1 # Site admin
self.test_site_admin = self.initial_user_connector.add_user(user)
self.site_admin_connector = ExpandedPyMISP(
params['url'],
self.test_site_admin.authkey,
ssl=False,
debug=False)
self.site_admin_connector.toggle_global_pythonify()
# Create org admin
user = MISPUser()
user.email = params['email_admin']
user.org_id = self.test_org.id
user.role_id = 2 # Org admin
self.test_org_admin = self.site_admin_connector.add_user(user)
self.org_admin_connector = ExpandedPyMISP(params['url'],
self.test_org_admin.authkey,
ssl=False,
debug=False)
self.org_admin_connector.toggle_global_pythonify()
# Create user
user = MISPUser()
user.email = params['email_user']
user.org_id = self.test_org.id
self.test_usr = self.org_admin_connector.add_user(user)
self.user_connector = ExpandedPyMISP(params['url'],
self.test_usr.authkey,
ssl=False,
debug=False)
self.user_connector.toggle_global_pythonify()
# Setup external_baseurl
self.site_admin_connector.set_server_setting(
'MISP.external_baseurl', params['external_baseurl'], force=True)
# Setup baseurl
self.site_admin_connector.set_server_setting('MISP.baseurl',
params['url'],
force=True)
# Setup host org
self.site_admin_connector.set_server_setting('MISP.host_org_id',
self.test_org.id)
self.external_base_url = params['external_baseurl']
self.sync = []
self.sync_servers = []
def __repr__(self):
return f'<{self.__class__.__name__}(external={self.external_base_url})'
def create_sync_user(self, organisation):
sync_org = self.site_admin_connector.add_organisation(organisation)
short_org_name = sync_org.name.lower().replace(' ', '-')
user = MISPUser()
user.email = f"sync_user@{short_org_name}.local"
user.org_id = sync_org.id
user.role_id = 5 # Org admin
sync_user = self.site_admin_connector.add_user(user)
sync_user_connector = ExpandedPyMISP(
self.site_admin_connector.root_url,
sync_user.authkey,
ssl=False,
debug=False)
sync_server_config = sync_user_connector.get_sync_config(
pythonify=True)
self.sync.append((sync_org, sync_user, sync_server_config))
def create_sync_server(self, name, server):
server = self.site_admin_connector.import_server(server)
server.self_signed = True
server.pull = True # Not automatic, but allows to do a pull
server = self.site_admin_connector.update_server(server)
r = self.site_admin_connector.test_server(server)
if r['status'] != 1:
raise Exception(f'Sync test failed: {r}')
self.sync_servers.append(server)
def cleanup(self):
for org, user, _ in self.sync:
self.site_admin_connector.delete_user(
user) # Delete user from other org
self.site_admin_connector.delete_organisation(org)
# Delete sync servers
for server in self.site_admin_connector.servers():
self.site_admin_connector.delete_server(server)
# Delete users
self.org_admin_connector.delete_user(self.test_usr.id)
self.site_admin_connector.delete_user(self.test_org_admin.id)
self.initial_user_connector.delete_user(self.test_site_admin.id)
# Delete org
self.initial_user_connector.delete_organisation(self.test_org.id)
# Make sure the instance is back to a clean state
if self.initial_user_connector.events():
raise Exception(
f'Events still on the instance {self.external_base_url}')
if self.initial_user_connector.attributes():
raise Exception(
f'Attributes still on the instance {self.external_base_url}')
if self.initial_user_connector.attribute_proposals():
raise Exception(
f'AttributeProposals still on the instance {self.external_base_url}'
)
if self.initial_user_connector.sightings():
raise Exception(
f'Sightings still on the instance {self.external_base_url}')
if self.initial_user_connector.servers():
raise Exception(
f'Servers still on the instance {self.external_base_url}')
if self.initial_user_connector.sharing_groups():
raise Exception(
f'SharingGroups still on the instance {self.external_base_url}'
)
if len(self.initial_user_connector.organisations()) > 1:
raise Exception(
f'Organisations still on the instance {self.external_base_url}'
)
if len(self.initial_user_connector.users()) > 1:
raise Exception(
f'Users still on the instance {self.external_base_url}')
class MISPInstance():
def __init__(self, params):
self.site_admin_connector = ExpandedPyMISP(params['url'],
params['key'],
ssl=False,
debug=False)
# Set the default role (id 3 on the VM is normal user)
self.site_admin_connector.set_default_role(3)
if not fast_mode:
# Git pull
self.site_admin_connector.update_misp()
# Load submodules
self.site_admin_connector.update_object_templates()
self.site_admin_connector.update_galaxies()
self.site_admin_connector.update_noticelists()
self.site_admin_connector.update_warninglists()
self.site_admin_connector.update_taxonomies()
self.site_admin_connector.toggle_global_pythonify()
# Create organisation
organisation = MISPOrganisation()
organisation.name = params['orgname']
self.test_org = self.site_admin_connector.add_organisation(
organisation)
print(self.test_org.name, self.test_org.uuid)
# Create org admin
user = MISPUser()
user.email = params['email_admin']
user.org_id = self.test_org.id
user.role_id = 2 # Org admin
self.test_admin = self.site_admin_connector.add_user(user)
self.org_admin_connector = ExpandedPyMISP(params['url'],
self.test_admin.authkey,
ssl=False,
debug=False)
self.org_admin_connector.toggle_global_pythonify()
# Create user
user = MISPUser()
user.email = params['email_user']
user.org_id = self.test_org.id
self.test_usr = self.org_admin_connector.add_user(user)
self.usr_connector = ExpandedPyMISP(params['url'],
self.test_admin.authkey,
ssl=False,
debug=False)
self.usr_connector.toggle_global_pythonify()
# Setup external_baseurl
self.site_admin_connector.set_server_setting(
'MISP.external_baseurl', params['external_baseurl'], force=True)
self.external_base_url = params['external_baseurl']
self.sync = []
def create_sync_user(self, organisation):
sync_org = self.site_admin_connector.add_organisation(organisation)
short_org_name = sync_org.name.lower().replace(' ', '-')
user = MISPUser()
user.email = f"sync_user@{short_org_name}.local"
user.org_id = sync_org.id
user.role_id = 5 # Org admin
sync_user = self.site_admin_connector.add_user(user)
self.sync.append((sync_org, sync_user, self.external_base_url))
def create_sync_server(self, name, remote_url, authkey, organisation):
server = MISPServer()
server.name = name
server.self_signed = True
server.url = remote_url
server.authkey = authkey
server.remote_org_id = organisation.id
server = self.site_admin_connector.add_server(server)
r = self.site_admin_connector.test_server(server)
print(r)
def cleanup(self):
for org, user, remote_url in self.sync:
self.site_admin_connector.delete_user(
user) # Delete user from other org
self.site_admin_connector.delete_organisation(org)
# Delete sync servers
for server in self.site_admin_connector.servers():
self.site_admin_connector.delete_server(server)
# Delete users
self.org_admin_connector.delete_user(self.test_usr.id)
self.site_admin_connector.delete_user(self.test_admin.id)
# Delete org
self.site_admin_connector.delete_organisation(self.test_org.id)
