def edit_item(category, item):
if request.method == 'GET':
return render('edititem.html',
category=category,
item=item,
name=item.name,
highlight=item.highlight,
url=item.url)
elif request.method == 'POST':
name = request.form['name']
highlight = request.form['highlight']
url = request.form['url']
if valid_item(name, url, highlight):
item.name = name
item.highlight = highlight
item.url = url
session.commit()
flash("Edited item %s!" % item.name)
return redirect(
url_for('show_item', category_id=category.id, item_id=item.id))
else:
error = "Complete info please!"
return render('edititem.html',
category=category,
item=item,
name=name,
highlight=highlight,
url=url,
error=error)
def upload_query_result_count(request, scn_id):
user = request.client_user_object
user_id = user.user_id
org = request.client_organization_object
org_namespace_name = org.organization_namespace_name
this_scenario = session.query(Scenario).filter(Scenario.scn_id==scn_id).all()[0]
scn_name = this_scenario.scn_name
scn_name_lower = scn_name.lower()
if request.method == 'POST':
query_result_count = request.form.get('query_result_count')
## decode JSON
count_decoded = json.loads(query_result_count)
## insert count data into problem count table
row_count = count_decoded['rowCount']
new_count_query = """INSERT INTO {namespace_name}.iqp_problem_count
(Problem_Time, Scn_ID, Problem_Count)
VALUES ((select extract(epoch from now())), {scn_id}, {row_count})
""".format(namespace_name=org_namespace_name, scn_id=scn_id, row_count=row_count)
new_count_s = text(new_count_query)
session.execute(new_count_s)
## commit all changes to db
session.commit()
return render_template('welcome.html')
def new_item(category):
if request.method == 'GET':
return render('newitem.html', category=category)
elif request.method == 'POST':
name = request.form['name']
highlight = request.form['highlight']
url = request.form['url']
if valid_item(name, url, highlight):
user_id = login_session['user_id']
item = Item(name=name,
highlight=highlight,
url=url,
user_id=user_id,
category_id=category.id)
session.add(item)
session.commit()
flash("Newed item %s!" % item.name)
return redirect(
url_for('show_item', category_id=category.id, item_id=item.id))
else:
error = "Complete info please!"
return render('newitem.html',
category=category,
name=name,
highlight=highlight,
url=url,
error=error)
def update(cls, id, form):
m = session.query(cls).filter_by(id=id).first()
for name, value in form.items():
setattr(m, name, value)
session.add(m)
session.commit()
def load_initial_values():
opts = ForemanOptions("%d %b %Y %H:%M:%S", r"C:\Foreman",
"DateNumericIncrement", "NumericIncrement",
"A Large Company", "Investigations")
session.add(opts)
session.flush()
session.commit()
def create_admin_user():
admin = User("administrator",
"changeme",
"The",
"Administrator",
config.get('admin', 'admin_email'),
validated=True)
session.add(admin)
session.flush()
admin_role = UserRoles(admin, "Administrator", False)
session.add(admin_role)
session.flush()
for role in UserRoles.roles:
if role != "Administrator":
new_role = UserRoles(admin, role, True)
session.add(new_role)
session.flush()
admin.add_change(admin)
session.flush()
session.commit()
return admin
def authorized(oauth_token):
"""
authorized: update user table and login session
Args:
oauth_token (str): access token from oauth server
Returns:
return homepage
"""
state = request.args.get('state')
if state != login_session['state']:
response = make_response(json.dumps('Invalid state parameter.'), 401)
response.headers['Content-Type'] = 'application/json'
return response
login_session['access_token'] = oauth_token
data = github.get('user')
email = data['email']
name = data['name']
user = session.query(User).filter_by(email=email).first()
if not user:
user = User(name=name, email=email)
session.add(user)
user.name = name
session.commit()
login_session['user_id'] = user.id
flash("Logged in as %s!" % name)
return redirect(url_for('show_home'))
def load_initial_values_test():
opts = ForemanOptions("%d %b %Y %H:%M:%S", r"C:\Foreman", "FromList", "NumericIncrement", "Wordwide Forensics Inc",
"Investigations & Digital Forensics Department", c_leading_zeros=3,
t_leading_zeros=2,
c_list_location=path.abspath(path.join(ROOT_DIR, "utils", "test_case_names.txt")))
session.add(opts)
session.flush()
session.commit()
def new(cls, form):
m = cls()
for name, value in form.items():
setattr(m, name, value)
session.add(m)
session.commit()
return m
def delete_item(category, item):
if request.method == 'GET':
return render('deleteitem.html', category=category, item=item)
elif request.method == 'POST':
session.delete(item)
session.commit()
flash("Deleted item %s!" % item.name)
return redirect(url_for('show_items', category_id=category.id))
def downgrade():
'''
'''
try:
# Remove OptionsData.fetch_id Column:
session.execute('ALTER TABLE options_data DROP COLUMN fetch_id;')
session.execute('DROP TABLE options_fetch;')
session.commit()
except:
print traceback.format_exc()
session.rollback()
def delete_category(category):
if request.method == 'GET':
return render('deletecategory.html', category=category)
elif request.method == 'POST':
items = category.items
if items:
for item in items:
session.delete(item)
session.delete(category)
session.commit()
flash("Deleted category %s!" % category.name)
return redirect(url_for('show_categories'))
def setpermissions3(request):
user = request.client_user_object
user_id = user.user_id
if request.method == 'POST':
selectedsubcategory_ids = request.form.getlist('subcategory')
session.query(AppPermission).filter(AppPermission.user_id==user_id).delete()
for selectedsubcategory_id in selectedsubcategory_ids:
selectedsubcategory = session.query(SubCategory).filter(SubCategory.subcategory_id==selectedsubcategory_id)
newapppermission = AppPermission(user_id, selectedsubcategory_id)
session.add(newapppermission)
session.commit()
else:
return redirect(url_for('setpermissions'))
return render_template('setpermissions3.html')
def create_test_authorisers(admin):
u1 = User("presleye", "password", "Elvis", "Presley", "*****@*****.**", validated=True)
u2 = User("johne", "password", "Elton", "John", "*****@*****.**", validated=True)
u3 = User("sinatraf", "password", "Frank", "Sinatra", "*****@*****.**", validated=True)
u4 = User("lennoxa", "password", "Annie", "Lennox", "*****@*****.**", validated=True)
session.add(u1)
session.add(u2)
session.add(u3)
session.add(u4)
session.flush()
u1.add_change(admin)
u2.add_change(admin)
u3.add_change(admin)
u4.add_change(admin)
session.flush()
session.commit()
authorisers = [u1, u2, u3, u4]
job_types = ["Head of Department", "Team Lead"]
for u in authorisers:
job = randint(0,1)
team = randint(0,5)
u.job_title = job_types[job]
u.team = Team.get_all().all()[team]
u.add_change(admin)
ur1 = UserRoles(u, "Investigator", True)
ur2 = UserRoles(u, "QA", True)
ur3 = UserRoles(u, "Case Manager", True)
ur4 = UserRoles(u, "Requester", True)
ur5 = UserRoles(u, "Authoriser", False)
ur6 = UserRoles(u, "Administrator", True)
session.add(ur1)
session.add(ur2)
session.add(ur3)
session.add(ur4)
session.add(ur5)
session.add(ur6)
session.flush()
ur1.add_change(admin)
ur2.add_change(admin)
ur3.add_change(admin)
ur4.add_change(admin)
ur5.add_change(admin)
ur6.add_change(admin)
session.flush()
session.commit()
print "4 Authorisers added to Foreman."
return authorisers
def upload_query_result_data(request, scn_id):
user = request.client_user_object
user_id = user.user_id
org = request.client_organization_object
org_namespace_name = org.organization_namespace_name
this_scenario = session.query(Scenario).filter(Scenario.scn_id==scn_id).all()[0]
scn_name = this_scenario.scn_name
scn_name_lower = scn_name.lower()
if request.method == 'POST':
query_result_data = request.form.get('query_result_data')
## decode JSON
data_decoded = json.loads(query_result_data)
## get column names for table
column_names_query = """SELECT DISTINCT column_name
FROM INFORMATION_SCHEMA.COLUMNS
WHERE table_name = '{scn_name_lower}'
AND table_schema = '{namespace_name}'
""".format(namespace_name=org_namespace_name, scn_name_lower=scn_name_lower)
column_names_s = text(column_names_query)
column_names_result = session.execute(column_names_s).fetchall()
column_names = [row[0] for row in column_names_result]
if len(column_names) > 0:
## insert all data into the new table
def columnValueIfExists(columnName):
if columnName not in field_values:
return "null"
elif field_values[columnName] == '\x00':
return "null"
else:
return "'" + field_values[columnName].replace("'", "''") + "'"
rows = data_decoded['rows']
for row in rows:
field_values = row['fieldValues']
column_names_string = ','.join([columnName for columnName in column_names])
column_values_string = ','.join([columnValueIfExists(columnName) for columnName in column_names])
## make insert statement
insert_query = """INSERT INTO {namespace_name}.{scn_name_lower}""".format(namespace_name=org_namespace_name, scn_name_lower=scn_name_lower)
insert_query = insert_query + """({column_names_string}) VALUES""".format(column_names_string=column_names_string)
insert_query = insert_query + "(" + column_values_string + ")"
insert_s = text(insert_query)
session.execute(insert_s)
## commit all changes to db
session.commit()
return render_template('welcome.html')
def load_initial_values_test():
opts = ForemanOptions("%d %b %Y %H:%M:%S",
r"C:\Foreman",
"FromList",
"NumericIncrement",
"Wordwide Forensics Inc",
"Investigations & Digital Forensics Department",
c_leading_zeros=3,
t_leading_zeros=2,
c_list_location=path.abspath(
path.join(ROOT_DIR, "utils",
"test_case_names.txt")))
session.add(opts)
session.flush()
session.commit()
def edit_category(category):
if request.method == 'GET':
return render('editcategory.html', category=category, name=category.name,
description=category.description)
elif request.method == 'POST':
name = request.form['name']
description = request.form['description']
if valid_category(name, description):
category.name = name
category.description = description
session.commit()
flash("Edited category %s!" % category.name)
return redirect(url_for("show_items", category_id=category.id))
else:
error = "Complete info please!"
return render('editcategory.html', category=category, name=name, description=description, error=error)
def setpermissions2(request):
user = request.client_user_object
user_id = user.user_id
if request.method == 'POST':
selectedcategory_ids = request.form.getlist('category')
session.query(AppFamilyPermission).filter(AppFamilyPermission.user_id==user_id).delete()
for selectedcategory_id in selectedcategory_ids:
selectedcategory = session.query(Category).filter(Category.category_id==selectedcategory_id)
newappfamilypermission = AppFamilyPermission(user_id, selectedcategory_id)
session.add(newappfamilypermission)
session.commit()
categories = session.query(Category).filter(Category.category_id.in_(selectedcategory_ids)).order_by(Category.category_display_order.asc()).all()
subcategories = session.query(SubCategory, Category).join(Category, Category.category_id == SubCategory.category_id).all()
else:
return redirect(url_for('setpermissions'))
return render_template('setpermissions2.html', categories=categories, subcategories=subcategories)
def new_category():
if request.method == 'GET':
return render('newcategory.html')
elif request.method == 'POST':
name = request.form['name']
description = request.form['description']
if valid_category(name, description):
user_id = login_session['user_id']
category = Category(name=name, description=description, user_id=user_id)
session.add(category)
session.commit()
flash("Newed category %s!" % category.name)
return redirect(url_for("show_items", category_id=category.id))
else:
error = "Complete info please!"
return render('newcategory.html', name=name, description=description, error=error)
def upgrade():
'''
'''
# Add OptionsData.fetch_id Foreign Key, and Create Index on the Column:
try:
# This should create the options_fetch table:
print 'Creating Table options_data...'
Base.metadata.create_all(engine)
session.execute('''
ALTER TABLE options_data
ADD COLUMN fetch_id INTEGER
REFERENCES options_fetch(id);
''')
session.execute('''
CREATE INDEX idx_options_data_fetch_id ON options_data(fetch_id);
''')
fetches = _getgroups(cutoff=3)
for time, tradableid, _ in fetches:
print 'Adding OptionsFetch(%s, %s)...' % (time, tradableid)
session.execute(
"INSERT INTO options_fetch (tradable_id, time) values (%s, '%s');"
% (tradableid, time))
session.flush()
# Now that each of the options fetches has an id, we want to update the
# FK's on the options data table:
tradables = tradablesmapping()
fetches = session.execute(
'SELECT id, tradable_id, time FROM options_fetch;')
for id, tradableid, time in fetches:
print 'Adding options_data.fetch_id FK For Fetch %s..' % id
session.execute(
"UPDATE options_data SET fetch_id = %s WHERE time = '%s';" %
(id, time))
session.flush()
_check()
session.commit()
except:
print traceback.format_exc()
session.rollback()
def get_ties(self):
self.driver.get('http://tieba.baidu.com/i/i/my_tie')
tables = self.driver.find_elements_by_tag_name('table')
for table in tables:
bar_tag = table.find_element_by_class_name(
'nowrap').find_element_by_tag_name('a')
bar_name = bar_tag.text[:-1]
bars = session.query(Bar).filter(Bar.name == bar_name).all()
if len(bars) == 0:
bar = Bar(name=bar_name)
else:
bar = bars[0]
tie_tag = table.find_element_by_class_name(
'wrap').find_element_by_tag_name('a')
tie_url = tie_tag.get_attribute('href')
tie = Tie(url=tie_url, bar_id=bar.id, bar=bar)
session.add(tie)
session.commit()
def save(self):
if not self.id:
record_query = session.query(Record)
record_query = record_query.filter(
Record.date_time == self.date_time
)
kk = record_query.one_or_none()
if kk:
return kk
session.add(self)
session.commit()
return self
def create_admin_user():
admin = User("administrator", "changeme", "The", "Administrator", config.get('admin', 'admin_email'),
validated=True)
session.add(admin)
session.flush()
admin_role = UserRoles(admin, "Administrator", False)
session.add(admin_role)
session.flush()
for role in UserRoles.roles:
if role != "Administrator":
new_role = UserRoles(admin, role, True)
session.add(new_role)
session.flush()
admin.add_change(admin)
session.flush()
session.commit()
return admin
def upload_query_result_structure(request, scn_id):
user = request.client_user_object
user_id = user.user_id
org = request.client_organization_object
org_namespace_name = org.organization_namespace_name
this_scenario = session.query(Scenario).filter(Scenario.scn_id==scn_id).all()[0]
scn_name = this_scenario.scn_name
scn_name_lower = scn_name.lower()
if request.method == 'POST':
def columnTypeIfExists(dataType):
if dataType not in oracleToPostgresDataTypes:
return "varchar"
else:
return oracleToPostgresDataTypes[dataType]
## get get argument
query_result_structure = request.form.get('query_result_structure')
## decode JSON back into python list
structure_decoded = json.loads(query_result_structure)
## drop old table in user namespace if it exists
droptable_query = """DROP TABLE IF EXISTS {namespace_name}.{scn_name_lower}
""".format(namespace_name=org_namespace_name, scn_name_lower=scn_name_lower)
droptable_s = text(droptable_query)
session.execute(droptable_s)
## create new table in user namespace
columns = structure_decoded['columns']
column_definition_string = ','.join([column['name'] + ' ' + columnTypeIfExists(column['type']) for column in columns])
newtable_query = """CREATE TABLE {namespace_name}.{scn_name_lower} (
""".format(namespace_name=org_namespace_name, scn_name_lower=scn_name_lower)
newtable_query = newtable_query + column_definition_string + """)"""
newtable_s = text(newtable_query)
session.execute(newtable_s)
## commit all changes to db
session.commit()
return render_template('welcome.html')
def create_test_tasks(case, investigators, rand_user, i, progress=True):
task_types = TaskType.get_all()
numTasks = i
inv = case.principle_case_manager
for x in range(0, numTasks):
task_type = task_types[x]
task_name = ForemanOptions.get_next_task_name(case)
task_background = generate_task_background(task_type.task_type, rand_user)
new_task = Task(case, task_type, task_name, case.principle_case_manager, background=task_background)
session.add(new_task)
print "\tTask added to Case."
session.flush()
new_task.add_change(case.principle_case_manager)
if progress is True:
new_task.set_status(TaskStatus.QUEUED, case.principle_case_manager)
if progress is True and (x >= 1 or case.status == CaseStatus.ARCHIVED or case.status == CaseStatus.CLOSED):
new_task.set_status(TaskStatus.ALLOCATED, case.principle_case_manager)
inv = investigators[x]
qa = investigators[(x+1) % i]
u = UserTaskRoles(inv, new_task, UserTaskRoles.PRINCIPLE_INVESTIGATOR)
u1 = UserTaskRoles(qa, new_task, UserTaskRoles.PRINCIPLE_QA)
session.add(u)
session.add(u1)
session.flush()
u.add_change(case.principle_case_manager)
u1.add_change(case.principle_case_manager)
session.commit()
if x % 3 == 0:
inv2 = investigators[(x+2) % i]
u2 = UserTaskRoles(inv2, new_task, UserTaskRoles.SECONDARY_INVESTIGATOR)
session.add(u2)
session.flush()
u2.add_change(case.principle_case_manager)
session.commit()
else:
inv2 = None
if x % 3 == 1:
qa2 = investigators[(x+3) % i]
u3 = UserTaskRoles(qa2, new_task, UserTaskRoles.SECONDARY_QA)
session.add(u3)
session.flush()
u3.add_change(case.principle_case_manager)
session.commit()
if x >= 2 or case.status == CaseStatus.ARCHIVED or case.status == CaseStatus.CLOSED:
new_task.set_status(TaskStatus.PROGRESS, new_task.principle_investigator)
if x >= 3 or case.status == CaseStatus.ARCHIVED or case.status == CaseStatus.CLOSED:
new_task.set_status(TaskStatus.QA, new_task.principle_investigator)
if x >= 4 or case.status == CaseStatus.ARCHIVED or case.status == CaseStatus.CLOSED:
new_task.pass_QA("Well done, case work looks fine.", new_task.principle_QA)
if new_task.secondary_QA:
new_task.pass_QA("I agree, all looks good. QA pass.", new_task.secondary_QA)
if x >= 5 or case.status == CaseStatus.ARCHIVED or case.status == CaseStatus.CLOSED:
new_task.set_status(TaskStatus.COMPLETE, new_task.principle_investigator)
if case.status == CaseStatus.ARCHIVED or case.status == CaseStatus.CLOSED:
new_task.set_status(TaskStatus.CLOSED, case.principle_case_manager)
return inv
def create_evidence(case, inv, rand_user, num):
numEvidence = num % 3
ref = 1
for i in range(0, numEvidence):
evi = EvidenceType.get_evidence_types()[num]
e = Evidence(case, case.case_name + "-SCH-20140228-HDD_00" + str(ref), evi,
"Hard drive from {}'s main machine".format(rand_user),
case.requester.fullname, "Main Evidence Cabinet",
case.principle_case_manager, "B0000"+str(i), True)
ref += 1
session.add(e)
print "\tEvidence added to case."
e.add_change(case.principle_case_manager)
session.flush()
e.create_qr_code()
e.check_in(inv.fullname, inv, now, "Initial check in to the storage cabinet")
photo_location = path.abspath(path.join(ROOT_DIR, "files", "evidence_photos", str(e.id)))
shutil.copy(path.join(ROOT_DIR, "static", "example_images", "evidence_example (1).jpg"), photo_location)
upload = EvidencePhotoUpload(inv.id, e.id, "evidence_example (1).jpg", "A comment", "Image")
session.add(upload)
session.commit()
def create_evidence(case, inv, rand_user):
numEvidence = randint(0,2)
ref = 1
for i in range(0, numEvidence):
bagno = str(randint(100, 999))
now = datetime.now()
evi = EvidenceType.get_evidence_types()[randint(0, len(EvidenceType.get_evidence_types()) - 1)]
e = Evidence(case, "SCH-20140228-HDD_00"+str(ref), evi,
"Hard drive from {}'s main machine".format(rand_user),
case.requester.fullname, "Main Evidence Cabinet",
case.principle_case_manager, "B000"+bagno, True)
ref += 1
session.add(e)
print "\tEvidence added to case."
e.add_change(case.principle_case_manager)
session.flush()
e.create_qr_code()
e.check_in(inv.fullname, inv, now, "Initial check in to the storage cabinet")
try:
mkdir(path.abspath(path.join(ROOT_DIR, "files", "evidence_photos")))
except:
pass
photo_location = path.abspath(path.join(ROOT_DIR, "files", "evidence_photos", str(e.id)))
try:
stat(photo_location)
except:
mkdir(photo_location)
amount = randint(1, 3)
for x in xrange(0, amount):
rand1 = randint(1, 9)
shutil.copy(path.join(ROOT_DIR, "static", "example_images", "evidence_example ({}).jpg".format(rand1)),
photo_location)
upload = EvidencePhotoUpload(inv.id, e.id, "evidence_example ({}).jpg".format(rand1), "A comment", "Image " + str(x))
session.add(upload)
session.commit()
def load_initial_values():
opts = ForemanOptions("%d %b %Y %H:%M:%S %Z", r"C:\Foreman", "DateNumericIncrement", "NumericIncrement", "A Large Company",
"Investigations")
session.add(opts)
session.flush()
session.commit()
dep = Department("Forensics Department")
session.add(dep)
session.commit()
t = Team("Forensics Team", dep)
session.add(t)
session.commit()
def load_initial_values_test():
opts = ForemanOptions("%d %b %Y %H:%M:%S", r"C:\Foreman", "FromList", "NumericIncrement", "Wordwide Forensics Inc",
"Investigations & Digital Forensics Department", c_leading_zeros=3,
t_leading_zeros=2,
c_list_location=path.abspath(path.join(ROOT_DIR, "utils", "test_case_names.txt")))
session.add(opts)
session.flush()
session.commit()
deps = [('IT Security', ['Investigations & Digital Forensics', 'CERT Team', 'Security Operations Centre']),
('Human Resources', ['HR Complaints']), ('Internal Audit', ['Fraud Prevention', 'Investigations']),
('Legal', ['Litigation'])]
for department, teams in deps:
dep = Department(department)
session.add(dep)
session.commit()
for team in teams:
t = Team(team, dep)
session.add(t)
session.commit()
def create_test_investigators(admin):
u1 = User("holmess",
"password",
"Sherlock",
"Holmes",
"*****@*****.**",
validated=True)
u2 = User("barnabyt",
"password",
"Tom",
"Barnaby",
"*****@*****.**",
validated=True)
u3 = User("wexfordr",
"password",
"Reginald",
"Wexford",
"*****@*****.**",
validated=True)
u4 = User("bergeracj",
"password",
"Jim",
"Bergerac",
"*****@*****.**",
validated=True)
u5 = User("cagneyc",
"password",
"Christine",
"Cagney",
"*****@*****.**",
validated=True)
u6 = User("columbof",
"password",
"Frank",
"Columbo",
"*****@*****.**",
validated=True)
u7 = User("poiroth",
"password",
"Hercule",
"Poirot",
"*****@*****.**",
validated=True)
u8 = User("frostj",
"password",
"Jack",
"Frost",
"*****@*****.**",
validated=True)
u9 = User("huntg",
"password",
"Gene",
"Hunt",
"*****@*****.**",
validated=True)
u10 = User("lunds",
"password",
"Sarah",
"Lund",
"*****@*****.**",
validated=True)
u11 = User("mcnultyj",
"password",
"Jimmy",
"McNulty",
"*****@*****.**",
validated=True)
u12 = User("montalbanos",
"password",
"Salvo",
"Montalbano",
"*****@*****.**",
validated=True)
u13 = User("morsee",
"password",
"Endeavour",
"Morse",
"*****@*****.**",
validated=True)
u14 = User("rebusj",
"password",
"John",
"Rebus",
"*****@*****.**",
validated=True)
u15 = User("taylorm",
"password",
"Mac",
"Taylor",
"*****@*****.**",
validated=True)
session.add(u1)
session.add(u2)
session.add(u3)
session.add(u4)
session.add(u5)
session.add(u6)
session.add(u7)
session.add(u8)
session.add(u9)
session.add(u10)
session.add(u11)
session.add(u12)
session.add(u13)
session.add(u14)
session.add(u15)
session.flush()
u1.add_change(admin)
u2.add_change(admin)
u3.add_change(admin)
u4.add_change(admin)
u5.add_change(admin)
u6.add_change(admin)
u7.add_change(admin)
u8.add_change(admin)
u9.add_change(admin)
u10.add_change(admin)
u11.add_change(admin)
u12.add_change(admin)
u13.add_change(admin)
u14.add_change(admin)
u15.add_change(admin)
session.flush()
session.commit()
investigators = [
u1, u2, u3, u4, u5, u6, u7, u8, u9, u10, u11, u12, u13, u14, u15
]
for u in investigators:
sen = randint(0, 5)
if sen == 5:
u.job_title = "Forensic Investigations Manager"
elif sen == 3 or sen == 4:
u.job_title = "Senior Forensic Investigator"
else:
u.job_title = "Forensic Investigator"
u.team = "Investigations & Digital Forensics"
u.department = "IT Security"
u.add_change(u)
ur1 = UserRoles(u, "Investigator", False)
ur2 = UserRoles(u, "QA", False)
ur3 = UserRoles(u, "Case Manager", True)
ur4 = UserRoles(u, "Requester", True)
ur5 = UserRoles(u, "Authoriser", True)
ur6 = UserRoles(u, "Administrator", True)
session.add(ur1)
session.add(ur2)
session.add(ur3)
session.add(ur4)
session.add(ur5)
session.add(ur6)
session.flush()
ur1.add_change(admin)
ur2.add_change(admin)
ur3.add_change(admin)
ur4.add_change(admin)
ur5.add_change(admin)
ur6.add_change(admin)
session.flush()
session.commit()
print "15 Investigators added to Foreman."
return investigators
def create_test_cases(case_managers, requestors, investigators):
backgrounds = [
"""Employee {} has been accused of harassment and bullying. Please conduct an investigation into the
matter. """,
"""It is believed that employee {} has been surfing inappropriate websites during their lunch break.
Please provide a report on their internet activities and anything else that may be required.""",
"""We believe that employee {} has a virus on their workstation <>.
The IDS system has picked up on unusually high volumes of encrypted internet traffic. Please quarantine this
machine and investigate the malware. """,
"""All emails between the employee {} and the external company '[]' to be searched, as well as all documents on
the employee home drives and network drives searched for any connections with this company.""",
"""An employee {} is leaving the firm next week and has sent out a large number of emails with attachments.
We suspect this might be business related data; but they have encrypted the attachments so we cannot tell.
Please conduct an investigation into all emails sent outwith the firm as well as any printing activity and
removable media activity. """,
"""Employee {} is suspected to be involved with fraudulent activity. Please investigate their machine to find
any user-made documents.""",
"""Employee {} is on gardening leave, however a colleague suspects they have logged in remotely from home.
Please investigate all user access logs to ascertain if this is true. """,
"""Employee {} has complained to the help-desk that a virus has encrypted all her files. Please investigate is
this is Cryptolocker or similar and if we can recover the files.""",
"""Employee {} has sent an encrypted file to her personal email address and the email was labeled "confidential".
Please retrieve this email and password crack the contents.""",
"""Unusual activity - file edits, name changes, deletions, has occurred on the drive (). Please investigate this
activity. """
]
justifications = [
"This case is required by the Legal department as part of a civil case where disclosure of information is required.",
"This case is required as policy dictates any gross misconduct must be investigated by the internal forensics team.",
"This project is justified as it has been approved by the CEO."
]
network_locations = [
'shared', 'logs', 'team', 'uploads', 'management', 'presentations',
'important', 'records'
]
companies = [
'Babbleopia', 'topiczoom', 'Avaba', 'Yombee', 'Dynanti', 'Yavu',
'Jumpverse', 'LampConstructor', 'LawFieldz'
]
random_users = [
'Madalene Kuta', 'Margarite Singley', 'Rodger Ruzicka',
'Kamilah Moriarity', 'Eleni Brwon', 'Kayce Linquist', 'Sanora Kocher',
'Eldridge Alaniz', 'Ivan Guard', 'Trevor Parramore', 'Thea Wiles',
'Gayla Bomgardner', 'Arvilla Cun', 'Tara Marse', 'Leona Dhillon',
'Lidia Joo', 'Shaunte Frieden', 'Margareta Beauchamp', 'Kai Carnley',
'Kelsey Proffit', 'Pauline Strout', 'Krystin Viola', 'Tammie Funchess',
'Callie Doris', 'Zenobia Fralick', 'Max Kittle', 'Calvin Mcfalls',
'Ted Duwe', 'Melanie Pittsley', 'Galen Howton', 'Beulah Colgan',
'Faith Goin', 'Adelia Horiuchi', 'Karma Mader', 'Johnathan Mcnulty',
'Brandon Zuniga', 'Freddie Clune', 'Shani Santee', 'Ann Ackerman',
'Rodrigo Vanscyoc', 'Garrett Trudel', 'Stephenie Hurla',
'Travis Yokum', 'Clara Borkholder', 'Olin Kyles', 'Heriberto Slye',
'Ashley Tweed', 'Shanell Sikora', 'Karissa Pompei', 'Gema Shears'
]
print "Adding 50 cases:"
for i in xrange(0, 50):
case_manager = case_managers[randint(0, len(case_managers) - 1)]
justification = justifications[randint(0, len(justifications) - 1)]
background = backgrounds[randint(0, len(backgrounds) - 1)]
rand_user = random_users[randint(0, len(random_users) - 1)]
background = background.replace("{}", rand_user)
background = background.replace(
"[]", companies[randint(0,
len(companies) - 1)])
background = background.replace(
"<>", "CORPWORKPC" + str(randint(1000, 9999)))
background = background.replace(
"()",
path.join(
"\\corporatenetwork",
network_locations[randint(0,
len(network_locations) - 1)],
network_locations[randint(0,
len(network_locations) - 1)]))
classification = CaseClassification.get_classifications()[randint(
0,
len(CaseClassification.get_classifications()) - 1)]
case_type = CaseType.get_case_types()[randint(
0,
len(CaseType.get_case_types()) - 1)]
private = randint(0, 10)
if private <= 1:
is_private = True
else:
is_private = False
new_case = Case(ForemanOptions.get_next_case_name(),
case_manager,
background=background,
reference=None,
private=is_private,
location=None,
classification=classification,
case_type=case_type,
justification=justification)
session.add(new_case)
session.flush()
new_case.add_change(case_manager)
session.commit()
requestor = requestors[randint(0, len(requestors) - 1)]
n = UserCaseRoles(requestor, new_case, UserCaseRoles.REQUESTER)
n.add_change(case_manager)
n1 = UserCaseRoles(case_manager, new_case,
UserCaseRoles.PRINCIPLE_CASE_MANAGER)
n1.add_change(case_manager)
have_secondary_case_manager = randint(0, 1)
if have_secondary_case_manager == 1:
case_manager_2 = case_managers[randint(0, len(case_managers) - 1)]
while case_manager_2.id == case_manager.id:
case_manager_2 = case_managers[randint(0,
len(case_managers) - 1)]
n1 = UserCaseRoles(case_manager_2, new_case,
UserCaseRoles.SECONDARY_CASE_MANAGER)
n1.add_change(case_manager)
session.flush()
rand = randint(0, 6)
if rand >= 2:
new_case.set_status(CaseStatus.OPEN,
new_case.principle_case_manager)
if rand >= 5:
new_case.set_status(CaseStatus.CLOSED,
new_case.principle_case_manager)
if rand >= 6:
new_case.set_status(CaseStatus.ARCHIVED,
new_case.principle_case_manager)
print "Case added to Foreman."
if rand >= 1:
inv = create_test_tasks(new_case, investigators, rand_user)
create_evidence(new_case, inv, rand_user)
session.commit()
def register(request):
c = request.client_session
if request.method == 'POST':
email = request.form.get('email')
email = escape(email)
password = request.form.get('password')
password = escape(password)
confirmpassword = request.form.get('confirmpassword')
confirmpassword = escape(confirmpassword)
firstname = request.form.get('firstname')
firstname = escape(firstname)
lastname = request.form.get('lastname')
lastname = escape(lastname)
companyname = request.form.get('companyname')
companyname = escape(companyname)
if password == confirmpassword:
## assign organizatio or create new one
this_organization_result = session.query(Organization).filter(Organization.organization_name==companyname).all()
if len(this_organization_result)>0:
this_organization = this_organization_result[0]
this_organization_id = this_organization.organization_id
else:
org_uuid = uuid.uuid1().hex
namespace_name = companyname.strip().replace(' ', '') + org_uuid
namespace_name = namespace_name.lower()
new_organization = Organization(companyname, namespace_name)
session.add(new_organization)
query = """CREATE SCHEMA {u_namespace_name}
""".format(u_namespace_name=namespace_name)
s = text(query)
session.execute(s)
## create count table in user namespace
query = """CREATE TABLE {u_namespace_name}.iqp_problem_count (
Problem_Time integer,
Scn_ID integer references IQP_Scenarios(Scn_ID),
Problem_Count integer,
PRIMARY KEY (Problem_Time, Scn_ID)
)
""".format(u_namespace_name=namespace_name)
s = text(query)
session.execute(s)
## create recent problem count view
query = """CREATE VIEW {u_namespace_name}.IQP_Problem_Count_Recent AS
SELECT recent.problem_time, fulltable.scn_id, fulltable.problem_count
FROM {u_namespace_name}.iqp_problem_count fulltable
JOIN (
SELECT MAX(t1.problem_time) as problem_time, t1.scn_id
FROM {u_namespace_name}.iqp_problem_count t1
GROUP BY scn_id) recent
ON recent.problem_time = fulltable.problem_time
AND recent.scn_id = fulltable.scn_id
""".format(u_namespace_name=namespace_name)
s = text(query)
session.execute(s)
## create previous problem count view
query = """CREATE VIEW {u_namespace_name}.IQP_Problem_Count_Prev AS
SELECT prev.problem_time, fulltable.scn_id, fulltable.problem_count
FROM {u_namespace_name}.iqp_problem_count fulltable
JOIN (
SELECT MAX(fulltable.problem_time) as problem_time, fulltable.scn_id
FROM {u_namespace_name}.iqp_problem_count fulltable
JOIN (
SELECT MAX(t1.problem_time) as problem_time, t1.scn_id
FROM {u_namespace_name}.iqp_problem_count t1
GROUP BY scn_id) prev
ON prev.scn_id = fulltable.scn_id
WHERE prev.problem_time > fulltable.problem_time
GROUP BY fulltable.scn_id
) prev
ON prev.problem_time = fulltable.problem_time
AND prev.scn_id = fulltable.scn_id
""".format(u_namespace_name=namespace_name)
s = text(query)
session.execute(s)
this_organization = new_organization
## commit changes
session.commit()
this_organization_id = this_organization.organization_id
## create new user
hashedpassword = hashlib.md5(password).hexdigest()
new_user = User(email, hashedpassword, '0', firstname, lastname, this_organization_id, '0')
session.add(new_user)
## commit changes
session.commit()
## set user id in cookie
c["user_id"] = new_user.user_id
c.modified
return redirect(url_for('overview'))
return render_template('register.html')
def save(self):
session.add(self)
session.commit()
def load_initial_values():
opts = ForemanOptions("%d %b %Y %H:%M:%S", r"C:\Foreman", "DateNumericIncrement", "NumericIncrement", "A Large Company",
"Investigations")
session.add(opts)
session.flush()
session.commit()
new_task.set_status(TaskStatus.ALLOCATED,
case.principle_case_manager)
rand = randint(0, 1)
inv = investigators[randint(0, len(investigators) - 1)]
qa = investigators[randint(0, len(investigators) - 1)]
while qa.id == inv.id:
qa = investigators[randint(0, len(investigators) - 1)]
u = UserTaskRoles(inv, new_task,
UserTaskRoles.PRINCIPLE_INVESTIGATOR)
u1 = UserTaskRoles(qa, new_task, UserTaskRoles.PRINCIPLE_QA)
session.add(u)
session.add(u1)
session.flush()
u.add_change(case.principle_case_manager)
u1.add_change(case.principle_case_manager)
session.commit()
second_inv = randint(0, 1)
if second_inv == 1:
inv2 = investigators[randint(0, len(investigators) - 1)]
while inv2.id == inv.id or inv2.id == qa.id:
inv2 = investigators[randint(0, len(investigators) - 1)]
u2 = UserTaskRoles(inv2, new_task,
UserTaskRoles.SECONDARY_INVESTIGATOR)
session.add(u2)
session.flush()
u2.add_change(case.principle_case_manager)
session.commit()
else:
inv2 = None
def create_test_investigators(admin):
u1 = User("holmess", "password", "Sherlock", "Holmes", "*****@*****.**", validated=True)
u2 = User("barnabyt", "password", "Tom", "Barnaby", "*****@*****.**", validated=True)
u3 = User("wexfordr", "password", "Reginald", "Wexford", "*****@*****.**", validated=True)
u4 = User("bergeracj", "password", "Jim", "Bergerac", "*****@*****.**", validated=True)
u5 = User("cagneyc", "password", "Christine", "Cagney", "*****@*****.**", validated=True)
u6 = User("columbof", "password", "Frank", "Columbo", "*****@*****.**", validated=True)
u7 = User("poiroth", "password", "Hercule", "Poirot", "*****@*****.**", validated=True)
u8 = User("frostj", "password", "Jack", "Frost", "*****@*****.**", validated=True)
u9 = User("huntg", "password", "Gene", "Hunt", "*****@*****.**", validated=True)
u10 = User("lunds", "password", "Sarah", "Lund", "*****@*****.**", validated=True)
u11 = User("mcnultyj", "password", "Jimmy", "McNulty", "*****@*****.**", validated=True)
u12 = User("montalbanos", "password", "Salvo", "Montalbano", "*****@*****.**", validated=True)
u13 = User("morsee", "password", "Endeavour", "Morse", "*****@*****.**", validated=True)
u14 = User("rebusj", "password", "John", "Rebus", "*****@*****.**", validated=True)
u15 = User("taylorm", "password", "Mac", "Taylor", "*****@*****.**", validated=True)
session.add(u1)
session.add(u2)
session.add(u3)
session.add(u4)
session.add(u5)
session.add(u6)
session.add(u7)
session.add(u8)
session.add(u9)
session.add(u10)
session.add(u11)
session.add(u12)
session.add(u13)
session.add(u14)
session.add(u15)
session.flush()
u1.add_change(admin)
u2.add_change(admin)
u3.add_change(admin)
u4.add_change(admin)
u5.add_change(admin)
u6.add_change(admin)
u7.add_change(admin)
u8.add_change(admin)
u9.add_change(admin)
u10.add_change(admin)
u11.add_change(admin)
u12.add_change(admin)
u13.add_change(admin)
u14.add_change(admin)
u15.add_change(admin)
session.flush()
session.commit()
investigators = [u1, u2, u3, u4, u5, u6, u7, u8, u9, u10, u11, u12, u13, u14, u15]
managers=[]
for u in investigators:
sen = randint(0,5)
if sen == 5:
u.job_title = "Forensic Investigations Manager"
managers.append(u)
elif sen == 3 or sen == 4:
u.job_title = "Senior Forensic Investigator"
else:
u.job_title = "Forensic Investigator"
u.team = Team.get_filter_by(team='Investigations & Digital Forensics').first()
u.add_change(admin)
ur1 = UserRoles(u, "Investigator", False)
ur2 = UserRoles(u, "QA", False)
ur3 = UserRoles(u, "Case Manager", True)
ur4 = UserRoles(u, "Requester", True)
ur5 = UserRoles(u, "Authoriser", True)
ur6 = UserRoles(u, "Administrator", True)
session.add(ur1)
session.add(ur2)
session.add(ur3)
session.add(ur4)
session.add(ur5)
session.add(ur6)
session.flush()
ur1.add_change(admin)
ur2.add_change(admin)
ur3.add_change(admin)
ur4.add_change(admin)
ur5.add_change(admin)
ur6.add_change(admin)
session.flush()
session.commit()
for inv in investigators:
if inv in managers:
inv.manager = admin
else:
inv.manager = admin
if len(managers) > 1:
inv.manager = managers[randint(0, len(managers)-1)]
print "15 Investigators added to Foreman."
return investigators
def create_test_tasks(case, investigators, rand_user):
task_types = TaskType.get_all().all()
numTasks = randint(1, 6)
inv = case.principle_case_manager
for i in range(0, numTasks):
task_type = task_types[randint(0, len(task_types)-1)]
task_name = ForemanOptions.get_next_task_name(case)
task_background = generate_task_background(task_type.task_type, rand_user)
today = datetime.now()
difference = today - case.creation_date
date = case.creation_date + timedelta(days=randint(0, difference.days))
new_task = Task(case, task_type, task_name, case.principle_case_manager, background=task_background, date=date)
session.add(new_task)
print "\tTask added to Case."
session.flush()
new_task.add_change(case.principle_case_manager)
new_task.set_status(TaskStatus.QUEUED, case.principle_case_manager)
rand = randint(0, 10)
if rand > 2 or case.status == CaseStatus.ARCHIVED or case.status == CaseStatus.CLOSED:
new_task.set_status(TaskStatus.ALLOCATED, case.principle_case_manager)
rand = randint(0, 1)
inv = investigators[randint(0, len(investigators) - 1)]
qa = investigators[randint(0, len(investigators) - 1)]
while qa.id == inv.id:
qa = investigators[randint(0, len(investigators) - 1)]
u = UserTaskRoles(inv, new_task, UserTaskRoles.PRINCIPLE_INVESTIGATOR)
u1 = UserTaskRoles(qa, new_task, UserTaskRoles.PRINCIPLE_QA)
session.add(u)
session.add(u1)
session.flush()
u.add_change(case.principle_case_manager)
u1.add_change(case.principle_case_manager)
session.commit()
second_inv = randint(0,1)
if second_inv == 1:
inv2 = investigators[randint(0, len(investigators) - 1)]
while inv2.id == inv.id or inv2.id == qa.id:
inv2 = investigators[randint(0, len(investigators) - 1)]
u2 = UserTaskRoles(inv2, new_task, UserTaskRoles.SECONDARY_INVESTIGATOR)
session.add(u2)
session.flush()
u2.add_change(case.principle_case_manager)
session.commit()
else:
inv2 = None
second_qa= randint(0,1)
if second_qa == 1:
qa2 = investigators[randint(0, len(investigators) - 1)]
while qa2.id == inv.id or (inv2 is not None and qa2.id == inv2.id) or qa2.id == qa.id:
qa2 = investigators[randint(0, len(investigators) - 1)]
u3 = UserTaskRoles(qa2, new_task, UserTaskRoles.SECONDARY_QA)
session.add(u3)
session.flush()
u3.add_change(case.principle_case_manager)
session.commit()
if rand == 1 or case.status == CaseStatus.ARCHIVED or case.status == CaseStatus.CLOSED:
new_task.set_status(TaskStatus.PROGRESS, new_task.principle_investigator)
rand = randint(0, 1)
rand1 = randint(0, 1)
if rand1 == 1:
d = path.join(TaskUpload.ROOT, TaskUpload.DEFAULT_FOLDER, str(new_task.case_id) + "_" + str(new_task.id))
if not path.exists(d):
mkdir(d)
with open(path.join(d, "example_upload.txt"), "w") as f:
f.write("The ACPO guidelines!")
upload = TaskUpload(inv.id, new_task.id, new_task.case_id, "example_upload.txt",
"Added to remind other investigators of the ACPO guidelines", "ACPO Guidelines")
session.add(upload)
session.commit()
if rand == 1 or case.status == CaseStatus.ARCHIVED or case.status == CaseStatus.CLOSED:
new_task.set_status(TaskStatus.QA, new_task.principle_investigator)
rand = randint(0, 1)
if rand == 1 or case.status == CaseStatus.ARCHIVED or case.status == CaseStatus.CLOSED:
new_task.pass_QA("Well done, case work looks fine.", new_task.principle_QA)
if new_task.secondary_QA:
new_task.pass_QA("I agree, all looks good. QA pass.", new_task.secondary_QA)
#new_task.set_status(TaskStatus.DELIVERY, new_task.principle_QA)
rand = randint(0, 1)
if rand == 1 or case.status == CaseStatus.ARCHIVED or case.status == CaseStatus.CLOSED:
new_task.set_status(TaskStatus.COMPLETE, new_task.principle_investigator)
if case.status == CaseStatus.ARCHIVED or case.status == CaseStatus.CLOSED:
new_task.set_status(TaskStatus.CLOSED, case.principle_case_manager)
return inv
def create_test_cases(case_managers, requestors, investigators, authorisers):
backgrounds = [
"""Employee {} has been accused of harassment and bullying. Please conduct an investigation into the
matter. """,
"""It is believed that employee {} has been surfing inappropriate websites during their lunch break.
Please provide a report on their internet activities and anything else that may be required.""",
"""We believe that employee {} has a virus on their workstation <>.
The IDS system has picked up on unusually high volumes of encrypted internet traffic. Please quarantine this
machine and investigate the malware. """,
"""All emails between the employee {} and the external company '[]' to be searched, as well as all documents on
the employee home drives and network drives searched for any connections with this company.""",
"""An employee {} is leaving the firm next week and has sent out a large number of emails with attachments.
We suspect this might be business related data; but they have encrypted the attachments so we cannot tell.
Please conduct an investigation into all emails sent outwith the firm as well as any printing activity and
removable media activity. """,
"""Employee {} is suspected to be involved with fraudulent activity. Please investigate their machine to find
any user-made documents.""",
"""Employee {} is on gardening leave, however a colleague suspects they have logged in remotely from home.
Please investigate all user access logs to ascertain if this is true. """,
"""Employee {} has complained to the help-desk that a virus has encrypted all her files. Please investigate is
this is Cryptolocker or similar and if we can recover the files.""",
"""Employee {} has sent an encrypted file to her personal email address and the email was labeled "confidential".
Please retrieve this email and password crack the contents.""",
"""Unusual activity - file edits, name changes, deletions, has occurred on the drive (). Please investigate this
activity. """]
justifications = [
"This case is required by the Legal department as part of a civil case where disclosure of information is required.",
"This case is required as policy dictates any gross misconduct must be investigated by the internal forensics team.",
"This project is justified as it has been approved by the CEO."]
network_locations = ['shared', 'logs', 'team', 'uploads', 'management', 'presentations', 'important', 'records']
companies = ['Babbleopia', 'topiczoom', 'Avaba', 'Yombee', 'Dynanti', 'Yavu', 'Jumpverse', 'LampConstructor',
'LawFieldz']
random_users = ['Madalene Kuta','Margarite Singley','Rodger Ruzicka','Kamilah Moriarity',
'Eleni Brwon','Kayce Linquist', 'Sanora Kocher','Eldridge Alaniz','Ivan Guard',
'Trevor Parramore','Thea Wiles','Gayla Bomgardner','Arvilla Cun', 'Tara Marse',
'Leona Dhillon','Lidia Joo','Shaunte Frieden','Margareta Beauchamp',
'Kai Carnley','Kelsey Proffit','Pauline Strout','Krystin Viola','Tammie Funchess',
'Callie Doris', 'Zenobia Fralick', 'Max Kittle','Calvin Mcfalls', 'Ted Duwe',
'Melanie Pittsley','Galen Howton', 'Beulah Colgan', 'Faith Goin', 'Adelia Horiuchi',
'Karma Mader', 'Johnathan Mcnulty','Brandon Zuniga', 'Freddie Clune', 'Shani Santee',
'Ann Ackerman','Rodrigo Vanscyoc','Garrett Trudel','Stephenie Hurla','Travis Yokum',
'Clara Borkholder','Olin Kyles', 'Heriberto Slye','Ashley Tweed','Shanell Sikora',
'Karissa Pompei','Gema Shears']
print "Adding 50 cases:"
for i in xrange(0, 50):
case_manager = case_managers[randint(0, len(case_managers) - 1)]
requestor = requestors[randint(0, len(requestors) - 1)]
justification = justifications[randint(0, len(justifications) - 1)]
background = backgrounds[randint(0, len(backgrounds) - 1)]
rand_user = random_users[randint(0, len(random_users) - 1)]
background = background.replace("{}", rand_user)
background = background.replace("[]", companies[randint(0, len(companies) - 1)])
background = background.replace("<>", "CORPWORKPC" + str(randint(1000, 9999)))
background = background.replace("()", path.join("\\corporatenetwork",
network_locations[randint(0, len(network_locations) - 1)],
network_locations[randint(0, len(network_locations) - 1)]))
classification = CaseClassification.get_classifications()[
randint(0, len(CaseClassification.get_classifications()) - 1)]
case_type = CaseType.get_case_types()[randint(0, len(CaseType.get_case_types()) - 1)]
private = randint(0,10)
if private <= 1:
is_private = True
else:
is_private = False
created = datetime.now() - timedelta(days=randint(0,100), hours=randint(0,23), seconds=randint(0,59),
minutes=randint(0,59))
new_case = Case(ForemanOptions.get_next_case_name(), requestor, background=background, reference=None,
private=is_private, location=None, classification=classification, case_type=case_type,
justification=justification, created=created)
session.add(new_case)
session.flush()
new_case.add_change(requestor)
session.commit()
n = UserCaseRoles(requestor, new_case, UserCaseRoles.REQUESTER)
session.add(n)
auth = authorisers[randint(0, len(authorisers) - 1)]
a = UserCaseRoles(auth, new_case, UserCaseRoles.AUTHORISER)
session.add(a)
new_case.authorise(auth, "Case Creation", "PENDING")
n.add_change(requestor)
a.add_change(requestor)
n1 = UserCaseRoles(case_manager, new_case, UserCaseRoles.PRINCIPLE_CASE_MANAGER)
session.add(n1)
n1.add_change(case_manager)
have_secondary_case_manager = randint(0, 1)
if have_secondary_case_manager == 1:
case_manager_2 = case_managers[randint(0, len(case_managers) - 1)]
while case_manager_2.id == case_manager.id:
case_manager_2 = case_managers[randint(0, len(case_managers) - 1)]
n1 = UserCaseRoles(case_manager_2, new_case, UserCaseRoles.SECONDARY_CASE_MANAGER)
session.add(n1)
n1.add_change(case_manager)
session.flush()
rand = randint(0, 6)
if rand >= 1:
new_case.authorise(auth, "Looks acceptable. Please go ahead.", "AUTH")
else:
if randint(0,1) == 0:
new_case.authorise(auth, "I don't think this meets our requirements.", "NOAUTH")
if new_case.authorised.case_authorised != "NOAUTH":
if rand >=2:
new_case.set_status(CaseStatus.OPEN, new_case.principle_case_manager)
inv = create_test_tasks(new_case, investigators, rand_user)
create_evidence(new_case, inv, rand_user)
if rand >= 5:
new_case.set_status(CaseStatus.CLOSED, new_case.principle_case_manager)
if rand >= 6:
new_case.set_status(CaseStatus.ARCHIVED, new_case.principle_case_manager)
print "Case added to Foreman."
session.commit()
def create_test_cases(case_managers, requestors, investigators):
backgrounds = [
"""Employee {} has been accused of harassment and bullying. Please conduct an investigation into the
matter. """,
"""It is believed that employee {} has been surfing inappropriate websites during their lunch break.
Please provide a report on their internet activities and anything else that may be required.""",
"""We believe that employee {} has a virus on their workstation RFHSHFS35eee.
The IDS system has picked up on unusually high volumes of encrypted internet traffic. Please quarantine this
machine and investigate the malware. """,
"""All emails between the employee {} and the external company 'Avaba' to be searched, as well as all documents on
the employee home drives and network drives searched for any connections with this company.""",
"""An employee {} is leaving the firm next week and has sent out a large number of emails with attachments.
We suspect this might be business related data; but they have encrypted the attachments so we cannot tell.
Please conduct an investigation into all emails sent outwith the firm as well as any printing activity and
removable media activity. """,
"""Employee {} is suspected to be involved with fraudulent activity. Please investigate their machine to find
any user-made documents.""",
"""Employee {} is on gardening leave, however a colleague suspects they have logged in remotely from home.
Please investigate all user access logs to ascertain if this is true. """,
"""Employee {} has complained to the help-desk that a virus has encrypted all her files. Please investigate is
this is Cryptolocker or similar and if we can recover the files.""",
"""Employee {} has sent an encrypted file to her personal email address and the email was labeled "confidential".
Please retrieve this email and password crack the contents.""",
"""Unusual activity - file edits, name changes, deletions, has occurred on the drive //share01/network/001. Please investigate this
activity. """]
justifications = [
"This case is required by the Legal department as part of a civil case where disclosure of information is required.",
"This case is required as policy dictates any gross misconduct must be investigated by the internal forensics team.",
"This project is justified as it has been approved by the CEO."]
random_users = ['Madalene Kuta','Margarite Singley','Rodger Ruzicka','Kamilah Moriarity',
'Eleni Brwon','Kayce Linquist', 'Sanora Kocher','Eldridge Alaniz','Ivan Guard',
'Trevor Parramore','Thea Wiles','Gayla Bomgardner','Arvilla Cun', 'Tara Marse',
'Leona Dhillon','Lidia Joo','Shaunte Frieden','Margareta Beauchamp',
'Kai Carnley','Kelsey Proffit','Pauline Strout','Krystin Viola','Tammie Funchess',
'Callie Doris', 'Zenobia Fralick', 'Max Kittle','Calvin Mcfalls', 'Ted Duwe',
'Melanie Pittsley','Galen Howton', 'Beulah Colgan', 'Faith Goin', 'Adelia Horiuchi',
'Karma Mader', 'Johnathan Mcnulty','Brandon Zuniga', 'Freddie Clune', 'Shani Santee',
'Ann Ackerman','Rodrigo Vanscyoc','Garrett Trudel','Stephenie Hurla','Travis Yokum',
'Clara Borkholder','Olin Kyles', 'Heriberto Slye','Ashley Tweed','Shanell Sikora',
'Karissa Pompei','Gema Shears']
print "Adding 10 cases:"
for i in xrange(0, 10):
case_manager = case_managers[i]
justification = justifications[i%3]
background = backgrounds[i]
rand_user = random_users[i]
background = background.replace("{}", rand_user)
classification = "Confidential"
case_type = CaseType.get_case_types()[i%6]
private = i%2
if private == 0:
is_private = True
else:
is_private = False
new_case = Case(ForemanOptions.get_next_case_name(), case_manager, background=background, reference=None,
private=is_private, location=None, classification=classification, case_type=case_type,
justification=justification)
session.add(new_case)
session.flush()
new_case.add_change(case_manager)
session.commit()
requestor = requestors[i]
n = UserCaseRoles(requestor, new_case, UserCaseRoles.REQUESTER)
n.add_change(case_manager)
n1 = UserCaseRoles(case_manager, new_case, UserCaseRoles.PRINCIPLE_CASE_MANAGER)
n1.add_change(case_manager)
if i%2 == 0:
case_manager_2 = case_managers[(i+1)%10]
n1 = UserCaseRoles(case_manager_2, new_case, UserCaseRoles.SECONDARY_CASE_MANAGER)
n1.add_change(case_manager)
session.flush()
if i%4 == 1 and i != 9:
new_case.set_status(CaseStatus.OPEN, new_case.principle_case_manager)
if i%4 == 2:
new_case.set_status(CaseStatus.CLOSED, new_case.principle_case_manager)
if i%4 == 3:
new_case.set_status(CaseStatus.ARCHIVED, new_case.principle_case_manager)
print "Case added to Foreman."
if i < 9:
inv = create_test_tasks(new_case, investigators, rand_user, i if i > 4 else 4)
else:
create_test_tasks(new_case, investigators, rand_user, 1, progress=False)
create_evidence(new_case, inv, rand_user, i)
session.commit()
def create_test_case_managers(admin):
u1 = User("gatesw", "password", "Bill", "Gates", "*****@*****.**", validated=True)
u2 = User("heluc", "password", "Carlos", "Helu", "*****@*****.**", middle="Slim", validated=True)
u3 = User("geonaa", "password", "Amancio", "Gaona", "*****@*****.**", validated=True)
u4 = User("buffettw", "password", "Warren", "Buffett", "*****@*****.**", validated=True)
u5 = User("desmaraisj", "password", "Jacqueline", "Desmarais", "*****@*****.**", validated=True)
u6 = User("ellisonl", "password", "Larry", "Ellison", "*****@*****.**", validated=True)
u7 = User("kochc", "password", "Charles", "Koch", "*****@*****.**", validated=True)
u8 = User("kochd", "password", "David", "Koch", "*****@*****.**", validated=True)
u9 = User("adelson", "password", "Sheldon", "Adelson", "*****@*****.**", validated=True)
u10 = User("walton", "password", "Christy", "Walton", "*****@*****.**", validated=True)
session.add(u1)
session.add(u2)
session.add(u3)
session.add(u4)
session.add(u5)
session.add(u6)
session.add(u7)
session.add(u8)
session.add(u9)
session.add(u10)
session.flush()
u1.add_change(admin)
u2.add_change(admin)
u3.add_change(admin)
u4.add_change(admin)
u5.add_change(admin)
u6.add_change(admin)
u7.add_change(admin)
u8.add_change(admin)
u9.add_change(admin)
u10.add_change(admin)
session.flush()
session.commit()
case_managers = [u1, u2, u3, u4, u5, u6, u7, u8, u9, u10]
managers = []
for u in case_managers:
sen = randint(0,5)
if sen == 5:
u.job_title = "Forensic Case Manager Lead"
managers.append(u)
elif sen == 3 or sen == 4:
u.job_title = "Senior Forensic Case Manager"
else:
u.job_title = "Forensic Case Manager"
u.team = Team.get_filter_by(team='Investigations & Digital Forensics').first()
u.add_change(admin)
ur1 = UserRoles(u, "Investigator", True)
ur2 = UserRoles(u, "QA", True)
ur3 = UserRoles(u, "Case Manager", False)
ur4 = UserRoles(u, "Requester", True)
ur5 = UserRoles(u, "Authoriser", True)
ur6 = UserRoles(u, "Administrator", True)
session.add(ur1)
session.add(ur2)
session.add(ur3)
session.add(ur4)
session.add(ur5)
session.add(ur6)
session.flush()
ur1.add_change(admin)
ur2.add_change(admin)
ur3.add_change(admin)
ur4.add_change(admin)
ur5.add_change(admin)
ur6.add_change(admin)
session.flush()
session.commit()
for inv in case_managers:
if inv in managers:
inv.manager = admin
else:
inv.manager = admin
if len(managers) > 1:
inv.manager = managers[randint(0, len(managers)-1)]
print "10 Case Managers added to Foreman."
return case_managers
def delete(cls, id):
m = session.query(cls).filter_by(id=id).first()
session.delete(m)
session.commit()
def create_test_requestors(admin):
u1 = User("mayweatherf",
"password",
"Floyd",
"Mayweather",
"*****@*****.**",
validated=True)
u2 = User("ronaldoc",
"password",
"Cristiano",
"Ronaldo",
"*****@*****.**",
middle="Slim",
validated=True)
u3 = User("jamesl",
"password",
"LeBron",
"James",
"*****@*****.**",
validated=True)
u4 = User("messil",
"password",
"Lionel",
"Messi",
"*****@*****.**",
validated=True)
u5 = User("bryantk",
"password",
"Kobe",
"Bryant",
"*****@*****.**",
validated=True)
u6 = User("woodst",
"password",
"Tiger",
"Woods",
"*****@*****.**",
validated=True)
u7 = User("federerr",
"password",
"Roger",
"Federer",
"*****@*****.**",
validated=True)
u8 = User("mickelsonp",
"password",
"Phil",
"Mickelson",
"*****@*****.**",
validated=True)
u9 = User("nadalr",
"password",
"Rafael",
"Nadal",
"*****@*****.**",
validated=True)
u10 = User("ryanm",
"password",
"Matt",
"Ryan",
"*****@*****.**",
validated=True)
session.add(u1)
session.add(u2)
session.add(u3)
session.add(u4)
session.add(u5)
session.add(u6)
session.add(u7)
session.add(u8)
session.add(u9)
session.add(u10)
session.flush()
u1.add_change(admin)
u2.add_change(admin)
u3.add_change(admin)
u4.add_change(admin)
u5.add_change(admin)
u6.add_change(admin)
u7.add_change(admin)
u8.add_change(admin)
u9.add_change(admin)
u10.add_change(admin)
session.flush()
session.commit()
requestors = [u1, u2, u3, u4, u5, u6, u7, u8, u9, u10]
job_types = [("Fraud Investigator", "Fraud Prevention", "Financial Audit"),
("HR Investigator", "HR Complaints", "Human Resources"),
("First Responder", "Incident Response", "IT Security"),
("Litigation Analyst", "Litigation", "Legal"),
("IT Security Consultant", "CERT Team", "IT Security"),
("Investigation Analyst", "Internal Investigations",
"Internal Audit")]
for u in requestors:
job = randint(0, 5)
u.job_title = job_types[job][0]
u.team = job_types[job][1]
u.department = job_types[job][2]
u.add_change(u)
ur1 = UserRoles(u, "Investigator", True)
ur2 = UserRoles(u, "QA", True)
ur3 = UserRoles(u, "Case Manager", True)
ur4 = UserRoles(u, "Requester", False)
ur5 = UserRoles(u, "Authoriser", True)
ur6 = UserRoles(u, "Administrator", True)
session.add(ur1)
session.add(ur2)
session.add(ur3)
session.add(ur4)
session.add(ur5)
session.add(ur6)
session.flush()
ur1.add_change(admin)
ur2.add_change(admin)
ur3.add_change(admin)
ur4.add_change(admin)
ur5.add_change(admin)
ur6.add_change(admin)
session.flush()
session.commit()
print "10 Requestors added to Foreman."
return requestors
def scenario(request, c_name, sc_name, s_name):
user = request.client_user_object
user_id = user.user_id
org = request.client_organization_object
org_namespace_name = org.organization_namespace_name
args = json.dumps(request.args)
categories = (session.query(Category)
.join(
AppFamilyPermission,
Category.category_id
== AppFamilyPermission.category_id)
.filter(AppFamilyPermission.user_id == user_id)
.order_by(Category.category_display_order.asc()))
sub_categories = (session.query(SubCategory)
.join(
AppPermission,
SubCategory.subcategory_id
== AppPermission.subcategory_id)
.filter(AppPermission.user_id == user_id))
breadcrumbs = (session.query(Category, SubCategory, Scenario)
.join(SubCategory, Category.category_id
== SubCategory.category_id)
.join(Scenario, SubCategory.subcategory_id
== Scenario.subcategory_id)
.filter(Category.category_name==c_name)
.filter(SubCategory.subcategory_name==sc_name)
.filter(Scenario.scn_name==s_name).all()[0])
scenario = (session.query(Scenario)
.filter(Scenario.scn_name==s_name)
.all()[0])
scn_short_des = scenario.scn_short_description
scenario_id = scenario.scn_id
s_name_lower = s_name.lower()
groupby = request.args.get('groupby')
if groupby:
clicks_count_query = (
"""select insert_clicks({s_id},'{name}');"""
.format(s_id = scenario_id,name = groupby))
count_query = text(clicks_count_query)
insert = session.execute(count_query).fetchall()
session.commit()
query1 = (
"""select frequent_column_name from scenario_clicks_count
where scn_id = {s_id} order by frequency_number
desc limit 5;""".format(s_id = scenario_id))
s1 = text(query1)
scenario_data_column_names_ordered1 = session.execute(s1).fetchall()
query2 = (""" select column_name from INFORMATION_SCHEMA.COLUMNS
where column_name not in (
select frequent_column_name from scenario_clicks_count
where scn_id = {s_id} order by frequency_number desc limit 5)
and table_name = '{scen_name_lower}'
and table_schema = '{namespace_name}' order by column_name;"""
.format(
namespace_name=org_namespace_name,
scen_name_lower=s_name_lower.lower(),
s_id=scenario_id))
s2 = text(query2)
scenario_data_column_names_ordered2 = session.execute(s2).fetchall()
return render_template(
'scenario.html',
categories=categories,
sub_categories=sub_categories,
breadcrumbs=breadcrumbs,
scn_des=scn_short_des,
scenario_name=s_name,
scenario_data_column_names1=scenario_data_column_names_ordered1,
scenario_data_column_names2=scenario_data_column_names_ordered2,
user=user,
args=args)
def create_test_requestors(admin):
u1 = User("mayweatherf", "password", "Floyd", "Mayweather", "*****@*****.**", validated=True)
u2 = User("ronaldoc", "password", "Cristiano", "Ronaldo", "*****@*****.**", middle="Slim",
validated=True)
u3 = User("jamesl", "password", "LeBron", "James", "*****@*****.**", validated=True)
u4 = User("messil", "password", "Lionel", "Messi", "*****@*****.**", validated=True)
u5 = User("bryantk", "password", "Kobe", "Bryant", "*****@*****.**", validated=True)
u6 = User("woodst", "password", "Tiger", "Woods", "*****@*****.**", validated=True)
u7 = User("federerr", "password", "Roger", "Federer", "*****@*****.**", validated=True)
u8 = User("mickelsonp", "password", "Phil", "Mickelson", "*****@*****.**", validated=True)
u9 = User("nadalr", "password", "Rafael", "Nadal", "*****@*****.**", validated=True)
u10 = User("ryanm", "password", "Matt", "Ryan", "*****@*****.**", validated=True)
session.add(u1)
session.add(u2)
session.add(u3)
session.add(u4)
session.add(u5)
session.add(u6)
session.add(u7)
session.add(u8)
session.add(u9)
session.add(u10)
session.flush()
u1.add_change(admin)
u2.add_change(admin)
u3.add_change(admin)
u4.add_change(admin)
u5.add_change(admin)
u6.add_change(admin)
u7.add_change(admin)
u8.add_change(admin)
u9.add_change(admin)
u10.add_change(admin)
session.flush()
session.commit()
requestors = [u1, u2, u3, u4, u5, u6, u7, u8, u9, u10]
job_types = [("Fraud Investigator", "Fraud Prevention", "Financial Audit"),
("HR Investigator", "HR Complaints", "Human Resources"),
("First Responder", "Incident Response", "IT Security"),
("Litigation Analyst", "Litigation", "Legal"),
("IT Security Consultant", "CERT Team", "IT Security"),
("Investigation Analyst", "Internal Investigations", "Internal Audit")]
for u in requestors:
job = randint(0,5)
u.job_title = job_types[job][0]
u.team = job_types[job][1]
u.department = job_types[job][2]
u.add_change(u)
ur1 = UserRoles(u, "Investigator", True)
ur2 = UserRoles(u, "QA", True)
ur3 = UserRoles(u, "Case Manager", True)
ur4 = UserRoles(u, "Requester", False)
ur5 = UserRoles(u, "Authoriser", True)
ur6 = UserRoles(u, "Administrator", True)
session.add(ur1)
session.add(ur2)
session.add(ur3)
session.add(ur4)
session.add(ur5)
session.add(ur6)
session.flush()
ur1.add_change(admin)
ur2.add_change(admin)
ur3.add_change(admin)
ur4.add_change(admin)
ur5.add_change(admin)
ur6.add_change(admin)
session.flush()
session.commit()
print "10 Requestors added to Foreman."
return requestors
def create_test_case_managers(admin):
u1 = User("gatesw",
"password",
"Bill",
"Gates",
"*****@*****.**",
validated=True)
u2 = User("heluc",
"password",
"Carlos",
"Helu",
"*****@*****.**",
middle="Slim",
validated=True)
u3 = User("geonaa",
"password",
"Amancio",
"Gaona",
"*****@*****.**",
validated=True)
u4 = User("buffettw",
"password",
"Warren",
"Buffett",
"*****@*****.**",
validated=True)
u5 = User("desmaraisj",
"password",
"Jacqueline",
"Desmarais",
"*****@*****.**",
validated=True)
u6 = User("ellisonl",
"password",
"Larry",
"Ellison",
"*****@*****.**",
validated=True)
u7 = User("kochc",
"password",
"Charles",
"Koch",
"*****@*****.**",
validated=True)
u8 = User("kochd",
"password",
"David",
"Koch",
"*****@*****.**",
validated=True)
u9 = User("adelson",
"password",
"Sheldon",
"Adelson",
"*****@*****.**",
validated=True)
u10 = User("walton",
"password",
"Christy",
"Walton",
"*****@*****.**",
validated=True)
session.add(u1)
session.add(u2)
session.add(u3)
session.add(u4)
session.add(u5)
session.add(u6)
session.add(u7)
session.add(u8)
session.add(u9)
session.add(u10)
session.flush()
u1.add_change(admin)
u2.add_change(admin)
u3.add_change(admin)
u4.add_change(admin)
u5.add_change(admin)
u6.add_change(admin)
u7.add_change(admin)
u8.add_change(admin)
u9.add_change(admin)
u10.add_change(admin)
session.flush()
session.commit()
case_managers = [u1, u2, u3, u4, u5, u6, u7, u8, u9, u10]
for u in case_managers:
sen = randint(0, 5)
if sen == 5:
u.job_title = "Forensic Case Manager Lead"
elif sen == 3 or sen == 4:
u.job_title = "Senior Forensic Case Manager"
else:
u.job_title = "Forensic Case Manager"
u.team = "Investigations & Digital Forensics"
u.department = "IT Security"
u.add_change(u)
ur1 = UserRoles(u, "Investigator", True)
ur2 = UserRoles(u, "QA", True)
ur3 = UserRoles(u, "Case Manager", False)
ur4 = UserRoles(u, "Requester", True)
ur5 = UserRoles(u, "Authoriser", True)
ur6 = UserRoles(u, "Administrator", True)
session.add(ur1)
session.add(ur2)
session.add(ur3)
session.add(ur4)
session.add(ur5)
session.add(ur6)
session.flush()
ur1.add_change(admin)
ur2.add_change(admin)
ur3.add_change(admin)
ur4.add_change(admin)
ur5.add_change(admin)
ur6.add_change(admin)
session.flush()
session.commit()
print "10 Case Managers added to Foreman."
return case_managers
def create_test_requestors(admin):
u1 = User("mayweatherf", "password", "Floyd", "Mayweather", "*****@*****.**", validated=True)
u2 = User("ronaldoc", "password", "Cristiano", "Ronaldo", "*****@*****.**", middle="Slim",
validated=True)
u3 = User("jamesl", "password", "LeBron", "James", "*****@*****.**", validated=True)
u4 = User("messil", "password", "Lionel", "Messi", "*****@*****.**", validated=True)
u5 = User("bryantk", "password", "Kobe", "Bryant", "*****@*****.**", validated=True)
u6 = User("woodst", "password", "Tiger", "Woods", "*****@*****.**", validated=True)
u7 = User("federerr", "password", "Roger", "Federer", "*****@*****.**", validated=True)
u8 = User("mickelsonp", "password", "Phil", "Mickelson", "*****@*****.**", validated=True)
u9 = User("nadalr", "password", "Rafael", "Nadal", "*****@*****.**", validated=True)
u10 = User("ryanm", "password", "Matt", "Ryan", "*****@*****.**", validated=True)
session.add(u1)
session.add(u2)
session.add(u3)
session.add(u4)
session.add(u5)
session.add(u6)
session.add(u7)
session.add(u8)
session.add(u9)
session.add(u10)
session.flush()
u1.add_change(admin)
u2.add_change(admin)
u3.add_change(admin)
u4.add_change(admin)
u5.add_change(admin)
u6.add_change(admin)
u7.add_change(admin)
u8.add_change(admin)
u9.add_change(admin)
u10.add_change(admin)
session.flush()
session.commit()
requestors = [u1, u2, u3, u4, u5, u6, u7, u8, u9, u10]
job_types = ["Investigator", "Analyst", "Consultant"]
for u in requestors:
job = randint(0,2)
team = randint(0,5)
u.job_title = job_types[job]
u.team = Team.get_all().all()[team]
u.add_change(admin)
ur1 = UserRoles(u, "Investigator", True)
ur2 = UserRoles(u, "QA", True)
ur3 = UserRoles(u, "Case Manager", True)
ur4 = UserRoles(u, "Requester", False)
ur5 = UserRoles(u, "Authoriser", True)
ur6 = UserRoles(u, "Administrator", True)
session.add(ur1)
session.add(ur2)
session.add(ur3)
session.add(ur4)
session.add(ur5)
session.add(ur6)
session.flush()
ur1.add_change(admin)
ur2.add_change(admin)
ur3.add_change(admin)
ur4.add_change(admin)
ur5.add_change(admin)
ur6.add_change(admin)
session.flush()
session.commit()
print "10 Requestors added to Foreman."
return requestors
