def __init__(self, data, *args, **kwargs): rows = OrderedDict() extra_columns = {} for row in data: if row.pk not in rows: rows[row.pk] = { 'username': row.username, 'first_name': row.first_name, 'last_name': row.last_name, 'email': row.email, 'role': row.groups.first(), 'pk': row.pk } # because of AD inactive users, that create User but not SciriusUser try: SciriusUser.objects.get(user=row) except SciriusUser.DoesNotExist: SciriusUser.objects.create(user=row, timezone='UTC') get_middleware_module('common').update_scirius_user_class(row, {}) rows[row.pk]['active'] = '✔' if row.is_active else '✘' # ignore_utf8_check: 10008 10004 if get_middleware_module('common').has_multitenant(): rows[row.pk]['tenants'] = '' if row.sciriususer.has_no_tenant(): rows[row.pk]['tenants'] = 'No tenant\n' if row.sciriususer.has_all_tenants(): rows[row.pk]['tenants'] += 'All tenants' else: rows[row.pk]['tenants'] += '\n'.join(row.sciriususer.get_tenants().values_list('name', flat=True)) extra_columns['tenants'] = tables.Column(verbose_name='Tenants', attrs={'td': {'style': 'white-space:pre-wrap;'}}) super().__init__(data=rows.values(), extra_columns=extra_columns.items(), *args, **kwargs)
def __init__(self, *args, **kwargs): super().__init__(*args, **kwargs) instance = kwargs.get('instance', None) if not get_middleware_module('common').has_multitenant(): self.fields.pop('tenants') self.fields.pop('no_tenant') self.fields.pop('all_tenants') else: self.fields['tenants'].queryset = get_middleware_module( 'common').get_tenants() if instance: self.fields[ 'tenants'].initial = instance.sciriususer.get_tenants() self.fields[ 'all_tenants'].initial = instance.sciriususer.has_all_tenants( ) self.fields[ 'no_tenant'].initial = instance.sciriususer.has_no_tenant( ) self.fields['groups'].queryset = DjangoGroup.objects.order_by('name') if instance: # self.fields['groups'].initial does not work self.initial['groups'] = instance.groups.first( ).pk if instance.groups.count() > 0 else '' self.fields['timezone'].initial = instance.sciriususer.timezone else: self.fields['timezone'].initial = 'UTC' self.initial['groups'] = Group.objects.order_by( '-priority').first()
def create(self, validated_data): user_data = validated_data.pop('user') errors = {} if 'username' not in user_data: errors['username'] = ['This field is required.'] if 'password' not in user_data: errors['password'] = ['This field is required.'] if len(errors) > 0: raise serializers.ValidationError(errors) if 'timezone' not in validated_data: validated_data['timezone'] = 'UTC' if validated_data['timezone'] not in pytz.all_timezones: raise serializers.ValidationError( {'timezone': ['Not a valid choice.']}) password = user_data.pop('password') try: password_validation.validate_password(password=password, user=User) except exceptions.ValidationError as e: raise serializers.ValidationError({'password': [e.message]}) user = User.objects.create(**user_data) user.set_password(password) user.save() sciriususerapp_data = validated_data.pop('sciriususerapp', {}) sciriususer = SciriusUser.objects.create(user=user, **validated_data) get_middleware_module('common').update_scirius_user_class( user, sciriususerapp_data) return sciriususer
def update(self, instance, validated_data): user_data = validated_data.pop('user') user = instance.user for key, value in user_data.items(): if key == 'password': raise PermissionDenied({ 'password': '******' }) if hasattr(user, key): if key != 'role': setattr(user, key, value) else: user.groups.set(value) timezone = validated_data.get('timezone', instance.timezone) if timezone not in pytz.all_timezones: # to avoid deadlock if instance.timezone not in pytz.all_timezones: instance.timezone = 'UTC' instance.save() raise serializers.ValidationError( {'timezone': ['Not a valid choice.']}) instance.timezone = timezone instance.save() user.save() get_middleware_module('common').update_scirius_user_class( user, validated_data) return instance
def validate(self, data): from scirius.utils import get_middleware_module if data.get('action', '') == 'threshold': self.validate_rule_postprocessing(data, self.partial) else: get_middleware_module('common').validate_rule_postprocessing( data, self.partial, self) return data
def to_dict(self, json_compatible=False): from scirius.utils import get_middleware_module tenants = [] if self.has_all_tenants(): tenants = get_middleware_module( 'common').get_tenants().values_list('pk', flat=True) else: tenants = self.get_tenants() if not isinstance(tenants, (list, tuple)): tenants = tenants.values_list('pk', flat=True) if json_compatible: tenants = list(tenants) res = { "pk": self.pk, "timezone": self.timezone, "username": self.user.username, "first_name": self.user.first_name, "last_name": self.user.last_name, "is_active": self.user.is_active, "email": self.user.email, "date_joined": self.user.date_joined if not json_compatible else self.user.date_joined.isoformat(), "perms": [ 'rules.{}'.format(item[0]) for item in self.user.groups.values_list('permissions__codename') ], "role": self.user.groups.first().name, "no_tenant": self.has_no_tenant(), "all_tenant": self.has_all_tenants(), "tenants": tenants } if get_middleware_module('common').has_extra_auth(): res.update({ 'group': Group.objects.filter(group__user=self.user).first().ldap_group }) return res
def loginview(request, target): if request.method == 'POST': form = LoginForm(request.POST) if not form.is_valid(): # All validation rules pass form = LoginForm() context = {'form': form, 'error': 'Invalid form'} return scirius_render(request, 'accounts/login.html', context) username = form.cleaned_data['username'] password = form.cleaned_data['password'] user = authenticate(username=username, password=password) if user is not None: if user.is_active: login(request, user) try: sciriususer = SciriusUser.objects.get(user=user) sciriususer.sciriususerapp except (SciriusUser.DoesNotExist, AttributeError): SciriusUser.objects.get_or_create( user=user, defaults={'timezone': 'UTC'}) get_middleware_module('common').update_scirius_user_class( user, form.cleaned_data) if not form.cleaned_data['persistent']: request.session.set_expiry(0) logger = logging.getLogger('authentication') logger.info("Successful login for '%s' from '%s'", username, get_client_ip(request)) UserAction.create(action_type='login', user=user, force_insert=True) return redirect("/" + target) else: form = LoginForm() context = {'form': form, 'error': 'Disabled account'} logger = logging.getLogger('authentication') logger.error( "Invalid login attempt for disabled account '%s' from '%s'", username, get_client_ip(request)) return scirius_render(request, 'accounts/login.html', context) else: form = LoginForm() context = {'form': form, 'error': 'Invalid login'} logger = logging.getLogger('authentication') logger.error("Invalid login attempt for '%s' from '%s'", username, get_client_ip(request)) return scirius_render(request, 'accounts/login.html', context) else: form = LoginForm() context = {'form': form} return scirius_render(request, 'accounts/login.html', context)
def to_representation(self, instance): if not instance.options: from scirius.utils import get_middleware_module instance = get_middleware_module( 'common').update_processing_filter_action_options(instance) return super(RuleProcessingFilterSerializer, self).to_representation(instance)
def __init__(self, data, *args, **kwargs): rows = OrderedDict() extra_columns = {} # Superuser group has all custom permissions # => Usefull to get our custom permissions permissions = Permission.objects.filter(group__name='Superuser') for row in data: if row.pk not in rows: rows[row.pk] = { 'name': row.name, 'pk': row.pk } if get_middleware_module('common').has_extra_auth(): rows[row.pk]['priority'] = str(row.group.priority) extra_columns['priority'] = tables.Column(verbose_name='Priority') rows[row.pk]['ldap_group'] = row.group.ldap_group extra_columns['ldap_group'] = tables.Column(verbose_name='LDAP Group') for permission in permissions: if row.permissions.filter(pk=permission.pk).count() > 0: rows[row.pk][permission.codename] = '✔' # ignore_utf8_check: 10008 10004 else: rows[row.pk][permission.codename] = '✘' # ignore_utf8_check: 10008 10004 extra_columns[permission.codename] = tables.Column(verbose_name=permission.name) super().__init__(data=rows.values(), extra_columns=extra_columns.items(), *args, **kwargs)
def check_perms(request, view, required_groups, no_tenant_check=False): if request.user.is_anonymous: return False if get_middleware_module('common').has_multitenant(): # bypass tenant check on some ViewSet that does not handle tenants if not getattr(view, 'no_tenant_check', False) and not no_tenant_check: if {'rules.events_view', 'rules.events_edit'} & set(required_groups): tenant = request.query_params.get('tenant', -1) try: tenant = int(tenant) except (ValueError, TypeError): return False if tenant in (-1, 0): if not request.user.sciriususer.has_no_tenant(): return False elif tenant > 0: if not request.user.sciriususer.has_all_tenants(): if tenant not in request.user.sciriususer.get_tenants().values_list('pk', flat=True): return False for group in required_groups: if request.user.has_perm(group): return True return False
def to_internal_value(self, data): from scirius.utils import get_middleware_module options = data.get('options') action = data.get('action') action_options_serializer = get_middleware_module('common').update_processing_filter_action_options_serializer(ACTION_OPTIONS_SERIALIZER) serializer = action_options_serializer.get(action) if serializer: serializer = serializer(data=options, context=self.context) try: serializer.is_valid(raise_exception=True) except serializers.ValidationError as e: raise serializers.ValidationError({'options': [e.detail]}) options = serializer.validated_data else: if options: raise serializers.ValidationError({'options': ['Action "%s" does not accept options.' % action]}) options = {} if not isinstance(serializer, serializers.ModelSerializer): if self.partial: if 'options' in data: data['options'] = options else: data['options'] = options else: self.option_serializer = serializer data.pop('options', None) return super(RuleProcessingFilterSerializer, self).to_internal_value(data)
def _qfilter(self): if self.qfilter: return self.qfilter query_filter = get_middleware_module('common').es_query_string(self.request) if self.request and 'qfilter' in self.request.GET: query_filter += ' AND ' + self.request.GET['qfilter'] return query_filter
def __init__(self, *args, **kwargs): source = kwargs.get('instance', None) super(SourceForm, self).__init__(*args, **kwargs) from scirius.utils import get_middleware_module choices = get_middleware_module('common').update_source_content_type( Source.CONTENT_TYPE, source) self.fields['datatype'] = forms.ChoiceField(choices=choices)
def __init__(self, *args, **kwargs): super().__init__(*args, **kwargs) self.fields['permissions'].queryset = DjangoGroup.objects.filter( name='Superuser').first().permissions self.fields['permissions'].choices = DjangoGroup.objects.filter( name='Superuser').first().permissions.order_by('pk').values_list( 'pk', 'name') self.mapping = dict( DjangoGroup.objects.filter( name='Superuser').first().permissions.values_list( 'pk', 'codename')) if not get_middleware_module('common').has_extra_auth(): self.fields.pop('ldap_group') self.fields.pop('priority') instance = kwargs.get('instance', None) if instance: self.initial['permissions'] = instance.permissions.values_list( 'pk', flat=True) self.initial['name'] = instance.name self.initial['ldap_group'] = instance.group.ldap_group if get_middleware_module('common').has_extra_auth(): priority = Group.objects.aggregate( Max('priority'))['priority__max'] if not instance: priority += 1 self.fields['priority'].widget = forms.NumberInput( attrs={ 'max': priority, 'min': len(self.DEFAULT_GROUPS) }) self.fields[ 'priority'].initial = instance.group.priority if instance else priority # Put the comment field at the end of the self.fields ordered dict comment = self.fields.pop('comment') self.fields['comment'] = comment if instance: if instance.name in self.DEFAULT_GROUPS: for key in self.fields.keys(): if key not in ('ldap_group', 'comment'): self.fields[key].disabled = True
def test_actions(self, request): from scirius.utils import get_middleware_module fields_serializer = RuleProcessingTestActionsSerializer( data=request.data) fields_serializer.is_valid(raise_exception=True) capabilities = get_middleware_module( 'common').get_processing_actions_capabilities( fields_serializer.validated_data.get('fields')) return Response({'actions': capabilities})
def test(self, request): from scirius.utils import get_middleware_module fields_serializer = RuleProcessingTestSerializer(data=request.data) fields_serializer.is_valid(raise_exception=True) capabilities = get_middleware_module( 'common').get_processing_filter_capabilities( fields_serializer.validated_data['fields'], fields_serializer.validated_data['action']) return Response(capabilities)
def __init__(self, *args, **kwargs): super(AddSourceForm, self).__init__(*args, **kwargs) if 'rulesets' in self.fields: self.fields['rulesets'].required = False from scirius.utils import get_middleware_module choices = get_middleware_module('common').update_source_content_type( Source.CONTENT_TYPE) self.fields['datatype'] = forms.ChoiceField(choices=choices)
def update_groups(sender, user, ldap_user, **kwargs): ''' Update LDAP group each time a LDAP user login into scirius ''' from scirius.utils import get_middleware_module nb_items_max = 100 filters = models.Q() group = None stop_idx = len(ldap_user.group_dns) for idx, ldap_group in enumerate(ldap_user.group_dns, 1): filters |= models.Q(ldap_group__iexact=ldap_group) if idx % nb_items_max == 0 or idx == stop_idx: found_group = Group.objects.filter(filters).order_by( 'priority').first() filters = models.Q() if found_group: if not group: group = found_group if group.priority > found_group.priority: group = found_group user.save() user.groups.clear() try: sciriususer = SciriusUser.objects.get(user=user) sciriususerapp = sciriususer.sciriususerapp if sciriususerapp.is_from_ldap is False: sciriususerapp.is_from_ldap = True sciriususerapp.save() except (SciriusUser.DoesNotExist, AttributeError): SciriusUser.objects.get_or_create(user=user, defaults={'timezone': 'UTC'}) get_middleware_module('common').update_scirius_user_class( user, {'is_from_ldap': True}) if group is not None: user.groups.add(group.group)
def save(self, commit=True): if not commit: raise NotImplementedError( 'This method does not support "commit=False"') instance = super().save() try: sciriususer = instance.sciriususer sciriususer.timezone = self.cleaned_data['timezone'] except AttributeError: sciriususer = SciriusUser.objects.create( user=instance, timezone=self.cleaned_data['timezone'], ) instance.save() get_middleware_module('common').update_scirius_user_class( instance, self.cleaned_data) return instance
def to_internal_value(self, data): data = data.copy() timezone = data.pop('timezone', None) user_serializer = UserSerializer(data=data) user_serializer.is_valid(raise_exception=True) res = {'user': user_serializer.validated_data} if timezone is not None: res['timezone'] = timezone if 'tenants' in data: if not isinstance(data['tenants'], (list, tuple)): raise serializers.ValidationError( {'tenants': ['Wrong format: it should be "[1, 4]"']}) all_tenants = get_middleware_module( 'common').get_tenants().values_list('pk', flat=True) for tenant in data['tenants']: if tenant not in all_tenants: raise serializers.ValidationError( {'tenants': ['pk "{}" does not exist'.format(tenant)]}) for item in ('no_tenant', 'all_tenants'): if item in data: if not isinstance(data[item], bool): raise serializers.ValidationError( {item: ['boolean value requested']}) if self.instance: res.update({ 'sciriususerapp': { 'tenants': data.get( 'tenants', self.instance.get_tenants().values_list('pk', flat=True)), 'no_tenant': data.get('no_tenant', self.instance.has_no_tenant()), 'all_tenants': data.get('all_tenants', self.instance.has_all_tenants()) } }) else: res.update({ 'sciriususerapp': { 'tenants': data.get('tenants', []), 'no_tenant': data.get('no_tenant', False), 'all_tenants': data.get('all_tenants', False) } }) return res
def __init__(self, *args, **kwargs): super(RulesetForm, self).__init__(*args, **kwargs) from scirius.utils import get_middleware_module sourceatversion = SourceAtVersion.objects.exclude( source__datatype__in=get_middleware_module( 'common').custom_source_datatype(True)) self.fields['sources'].queryset = sourceatversion self.fields['action'].choices = Ruleset.get_transformation_choices( key=Transformation.ACTION) self.fields['lateral'].choices = Ruleset.get_transformation_choices( key=Transformation.LATERAL) self.fields['target'].choices = Ruleset.get_transformation_choices( key=Transformation.TARGET)
def to_representation(self, instance): data = super().to_representation(instance) user = data.pop('user', None) if user is not None: user.pop('password', None) data.update(user) role = instance.user.groups.first() data['role'] = role.name if role else '' if get_middleware_module('common').has_multitenant(): data['tenants'] = instance.get_tenants().values_list('pk', flat=True) data['no_tenant'] = instance.has_no_tenant() data['all_tenants'] = instance.has_all_tenants() return data
def list_accounts(request): template = 'accounts/accounts_list.html' mapping = {'User': UserTable, 'Role': GroupTable} klasses = (User, DjangoGroup) data = { 'User': { 'size': 0, 'content': None, 'annotate': { 'role': F('groups__name') }, 'order_by': ('groups__group__priority', '-username') }, 'Role': { 'size': 0, 'content': None, 'order_by': ('group__priority', ) } } conf = tables.RequestConfig(request) for klass in klasses: klass_name = klass.__name__ if klass != DjangoGroup else 'Role' objects = klass.objects.all() if 'annotate' in data[klass_name]: objects = objects.annotate(**data[klass_name]['annotate']) objects = objects.order_by(*data[klass_name]['order_by']) data[klass_name]['content'] = conf.configure( mapping[klass_name](objects)) data[klass_name]['size'] = objects.count() context = { 'objects': data, 'extra_auth': get_middleware_module('common').has_extra_auth() } return scirius_render(request, template, context)
def get_no_tenant_idx(): from scirius.utils import get_middleware_module if get_middleware_module('common').has_multitenant(): return 0 return -1
def _es_bool_clauses(self): if self.request: return get_middleware_module('common').es_bool_clauses(self.request) return ''
def _render_template(self, tmpl, dictionary, ignore_middleware=False): hosts_list = ['*'] qfilter = None if self.request: if 'hosts' in self.request.GET: hosts_list = self.request.GET['hosts'].split(',') else: if 'hosts' in dictionary: hosts_list = dictionary['hosts'].split(',') if 'qfilter' in self.request.GET: qfilter = self.request.GET['qfilter'] else: if 'qfilter' in dictionary: qfilter = dictionary['qfilter'] hosts = None hosts_filter = None hosts = [] for host in hosts_list: if host != '*': host = json.dumps(host).replace('"', '\\"') host = mark_safe(host) hosts.append(host) if hosts == ['*']: # use _exists_ in case analyze_wildcard is false hosts_filter = '_exists_:%s' % settings.ELASTICSEARCH_HOSTNAME else: hosts_filter = ['%s:%s' % (settings.ELASTICSEARCH_HOSTNAME, h) for h in hosts] hosts_filter = mark_safe('(%s)' % ' '.join(hosts_filter)) query_filter = get_middleware_module('common').es_query_string(self.request) if qfilter is not None: query_filter += ' AND ' + qfilter if query_filter: # dump as json but remove quotes since the quotes are already set in templates query_filter = mark_safe(json.dumps(query_filter)[1:-1]) if ignore_middleware: bool_clauses = '' else: bool_clauses = get_middleware_module('common').es_bool_clauses(self.request) templ = Template(tmpl) context = Context(dictionary) context.update({ 'hosts': hosts, 'hosts_filter': hosts_filter, 'keyword': settings.ELASTICSEARCH_KEYWORD, 'hostname': settings.ELASTICSEARCH_HOSTNAME, 'timestamp': settings.ELASTICSEARCH_TIMESTAMP, 'from_date': self._from_date(dictionary), 'to_date': mark_safe(self._to_date(dictionary, es_format=True)), # mark quotes around "now" as safe 'query_filter': query_filter, 'bool_clauses': bool_clauses, 'interval': unicode(self._interval(dictionary)) + 'ms' }) return bytearray(templ.render(context), encoding="utf-8")
class AccountSerializer(serializers.ModelSerializer): user = UserSerializer(required=True, partial=True) timezone = serializers.ChoiceField(required=True, choices=TIMEZONES) role = serializers.CharField(required=True, source='user.groups') no_tenant = serializers.BooleanField(required=False) all_tenants = serializers.BooleanField(required=False) tenants = serializers.PrimaryKeyRelatedField( source='sciriususerapp.tenants', queryset=get_middleware_module('common').get_tenants(), many=True) class Meta: model = SciriusUser fields = ('pk', 'user', 'timezone', 'role', 'no_tenant', 'all_tenants', 'tenants') def to_representation(self, instance): data = super().to_representation(instance) user = data.pop('user', None) if user is not None: user.pop('password', None) data.update(user) role = instance.user.groups.first() data['role'] = role.name if role else '' if get_middleware_module('common').has_multitenant(): data['tenants'] = instance.get_tenants().values_list('pk', flat=True) data['no_tenant'] = instance.has_no_tenant() data['all_tenants'] = instance.has_all_tenants() return data def to_internal_value(self, data): data = data.copy() timezone = data.pop('timezone', None) user_serializer = UserSerializer(data=data) user_serializer.is_valid(raise_exception=True) res = {'user': user_serializer.validated_data} if timezone is not None: res['timezone'] = timezone if 'tenants' in data: if not isinstance(data['tenants'], (list, tuple)): raise serializers.ValidationError( {'tenants': ['Wrong format: it should be "[1, 4]"']}) all_tenants = get_middleware_module( 'common').get_tenants().values_list('pk', flat=True) for tenant in data['tenants']: if tenant not in all_tenants: raise serializers.ValidationError( {'tenants': ['pk "{}" does not exist'.format(tenant)]}) for item in ('no_tenant', 'all_tenants'): if item in data: if not isinstance(data[item], bool): raise serializers.ValidationError( {item: ['boolean value requested']}) if self.instance: res.update({ 'sciriususerapp': { 'tenants': data.get( 'tenants', self.instance.get_tenants().values_list('pk', flat=True)), 'no_tenant': data.get('no_tenant', self.instance.has_no_tenant()), 'all_tenants': data.get('all_tenants', self.instance.has_all_tenants()) } }) else: res.update({ 'sciriususerapp': { 'tenants': data.get('tenants', []), 'no_tenant': data.get('no_tenant', False), 'all_tenants': data.get('all_tenants', False) } }) return res def create(self, validated_data): user_data = validated_data.pop('user') errors = {} if 'username' not in user_data: errors['username'] = ['This field is required.'] if 'password' not in user_data: errors['password'] = ['This field is required.'] if len(errors) > 0: raise serializers.ValidationError(errors) if 'timezone' not in validated_data: validated_data['timezone'] = 'UTC' if validated_data['timezone'] not in pytz.all_timezones: raise serializers.ValidationError( {'timezone': ['Not a valid choice.']}) password = user_data.pop('password') try: password_validation.validate_password(password=password, user=User) except exceptions.ValidationError as e: raise serializers.ValidationError({'password': [e.message]}) user = User.objects.create(**user_data) user.set_password(password) user.save() sciriususerapp_data = validated_data.pop('sciriususerapp', {}) sciriususer = SciriusUser.objects.create(user=user, **validated_data) get_middleware_module('common').update_scirius_user_class( user, sciriususerapp_data) return sciriususer def update(self, instance, validated_data): user_data = validated_data.pop('user') user = instance.user for key, value in user_data.items(): if key == 'password': raise PermissionDenied({ 'password': '******' }) if hasattr(user, key): if key != 'role': setattr(user, key, value) else: user.groups.set(value) timezone = validated_data.get('timezone', instance.timezone) if timezone not in pytz.all_timezones: # to avoid deadlock if instance.timezone not in pytz.all_timezones: instance.timezone = 'UTC' instance.save() raise serializers.ValidationError( {'timezone': ['Not a valid choice.']}) instance.timezone = timezone instance.save() user.save() get_middleware_module('common').update_scirius_user_class( user, validated_data) return instance
def validate(self, data): from scirius.utils import get_middleware_module get_middleware_module('common').validate_rule_postprocessing( data, self.partial) return data
def test_actions(self, request): from scirius.utils import get_middleware_module fields_serializer = RuleProcessingTestActionsSerializer(data=request.data) fields_serializer.is_valid(raise_exception=True) capabilities = get_middleware_module('common').get_processing_actions_capabilities(fields_serializer.validated_data.get('fields')) return Response({'actions': capabilities})
def test(self, request): from scirius.utils import get_middleware_module fields_serializer = RuleProcessingTestSerializer(data=request.data) fields_serializer.is_valid(raise_exception=True) capabilities = get_middleware_module('common').get_processing_filter_capabilities(fields_serializer.validated_data['fields'], fields_serializer.validated_data['action']) return Response(capabilities)
def validate(self, data): from scirius.utils import get_middleware_module get_middleware_module('common').validate_rule_postprocessing(data, self.partial) return data
def get_tenants(self): if not hasattr(self, 'sciriususerapp'): from scirius.utils import get_middleware_module return get_middleware_module('common').get_tenants( empty_queryset=True) return self.sciriususerapp.tenants.all()
def _render_template(self, tmpl, _dictionary, ignore_middleware=False): dictionary = es_string_escape(_dictionary) hosts = ['*'] qfilter = None if self.request: if 'hosts' in self.request.GET: hosts = es_string_escape(self.request.GET['hosts']).split(',') else: if 'hosts' in dictionary: hosts = dictionary['hosts'].split(',') if 'qfilter' in self.request.GET: qfilter = es_string_escape(self.request.GET['qfilter']) else: if 'qfilter' in dictionary: qfilter = dictionary['qfilter'] hosts_filter = None if hosts == ['*']: # use _exists_ in case analyze_wildcard is false hosts_filter = '_exists_:%s' % settings.ELASTICSEARCH_HOSTNAME else: hosts_filter = [ '%s:%s' % (settings.ELASTICSEARCH_HOSTNAME, h) for h in hosts ] hosts_filter = mark_safe('(%s)' % ' '.join(hosts_filter)) query_filter = get_middleware_module('common').es_query_string( self.request) if qfilter is not None: query_filter += ' AND ' + qfilter query_filter = mark_safe(query_filter) if ignore_middleware: bool_clauses = '' else: bool_clauses = get_middleware_module('common').es_bool_clauses( self.request) templ = Template(tmpl) context = Context(dictionary) context.update({ 'hosts': hosts, 'hosts_filter': hosts_filter, 'keyword': settings.ELASTICSEARCH_KEYWORD, 'hostname': settings.ELASTICSEARCH_HOSTNAME, 'timestamp': settings.ELASTICSEARCH_TIMESTAMP, 'from_date': self._from_date(dictionary), 'to_date': mark_safe(self._to_date( dictionary, es_format=True)), # mark quotes around "now" as safe 'query_filter': query_filter, 'bool_clauses': bool_clauses, 'interval': str(self._interval(dictionary)) + 'ms' }) return bytearray(templ.render(context), encoding="utf-8")