mirror of
https://github.com/ail-project/ail-framework.git
synced 2024-11-26 15:57:16 +00:00
chg: [module extractor] check tracker and retro hunt acl
This commit is contained in:
parent
ce4a1a8df5
commit
cb45e06ebc
4 changed files with 37 additions and 13 deletions
|
@ -217,6 +217,15 @@ class Tracker:
|
|||
ail_orgs.remove_obj_to_org(old_org, 'tracker', self.uuid)
|
||||
self.set_level(new_level, new_org_uuid)
|
||||
|
||||
def check_level(self, user_org, user_id):
|
||||
level = self.get_level()
|
||||
if level == 1:
|
||||
return True
|
||||
elif level == 0:
|
||||
return self.get_user() == user_id
|
||||
elif level == 2:
|
||||
return self.get_org() == user_org
|
||||
|
||||
def is_level_user(self):
|
||||
return self.get_level() == 0
|
||||
|
||||
|
@ -1454,7 +1463,7 @@ class RetroHunt:
|
|||
def get_level(self):
|
||||
level = int(self._get_field('level'))
|
||||
if not level:
|
||||
level = 0
|
||||
level = 1
|
||||
return int(level)
|
||||
|
||||
def set_level(self, level, org_uuid):
|
||||
|
@ -1477,6 +1486,13 @@ class RetroHunt:
|
|||
self.delete_level(old_level)
|
||||
self.set_level(new_level, new_org_uuid)
|
||||
|
||||
def check_level(self, user_org):
|
||||
level = self.get_level()
|
||||
if level == 1:
|
||||
return True
|
||||
elif level == 2:
|
||||
return self.get_org() == user_org
|
||||
|
||||
## ORG ##
|
||||
|
||||
def get_creator_org(self):
|
||||
|
|
|
@ -14,8 +14,8 @@ sys.path.append(os.environ['AIL_BIN'])
|
|||
##################################
|
||||
# Import Project packages
|
||||
##################################
|
||||
from lib.ail_users import get_user_org
|
||||
from lib.objects import ail_objects
|
||||
from lib.objects.Items import Item
|
||||
from lib.objects.Titles import Title
|
||||
from lib import correlations_engine
|
||||
from lib import regex_helper
|
||||
|
@ -140,13 +140,16 @@ def convert_byte_offset_to_string(b_content, offset):
|
|||
|
||||
# TODO RETRO HUNTS
|
||||
# TODO TRACKER TYPE IN UI
|
||||
def get_tracker_match(obj, content):
|
||||
def get_tracker_match(user_org, user_id, obj, content):
|
||||
extracted = []
|
||||
extracted_yara = []
|
||||
obj_gid = obj.get_global_id()
|
||||
trackers = Tracker.get_obj_trackers(obj.type, obj.get_subtype(r_str=True), obj.id)
|
||||
for tracker_uuid in trackers:
|
||||
tracker = Tracker.Tracker(tracker_uuid)
|
||||
if not tracker.check_level(user_org, user_id):
|
||||
continue
|
||||
|
||||
tracker_type = tracker.get_type()
|
||||
# print(tracker_type)
|
||||
tracked = tracker.get_tracked()
|
||||
|
@ -182,6 +185,9 @@ def get_tracker_match(obj, content):
|
|||
retro_hunts = Tracker.get_obj_retro_hunts(obj.type, obj.get_subtype(r_str=True), obj.id)
|
||||
for retro_uuid in retro_hunts:
|
||||
retro_hunt = Tracker.RetroHunt(retro_uuid)
|
||||
if not retro_hunt.check_level(user_org):
|
||||
continue
|
||||
|
||||
rule = retro_hunt.get_rule(r_compile=True)
|
||||
rule.match(data=content.encode(), callback=_get_yara_match,
|
||||
which_callbacks=yara.CALLBACK_MATCHES, timeout=30)
|
||||
|
@ -209,23 +215,25 @@ def get_tracker_match(obj, content):
|
|||
# tag:iban
|
||||
# tracker:uuid
|
||||
# def extract(obj_id, content=None):
|
||||
def extract(obj_type, subtype, obj_id, content=None):
|
||||
def extract(user_id, obj_type, subtype, obj_id, content=None):
|
||||
obj = ail_objects.get_object(obj_type, subtype, obj_id)
|
||||
if not obj.exists():
|
||||
return []
|
||||
obj_gid = obj.get_global_id()
|
||||
|
||||
user_org = get_user_org(user_id)
|
||||
|
||||
# CHECK CACHE
|
||||
cached = r_cache.get(f'extractor:cache:{obj_gid}')
|
||||
cached = r_cache.get(f'extractor:cache:{obj_gid}:{user_org}:{user_id}')
|
||||
# cached = None
|
||||
if cached:
|
||||
r_cache.expire(f'extractor:cache:{obj_gid}', 300)
|
||||
r_cache.expire(f'extractor:cache:{obj_gid}:{user_org}:{user_id}', 300)
|
||||
return json.loads(cached)
|
||||
|
||||
if not content:
|
||||
content = obj.get_content()
|
||||
|
||||
extracted = get_tracker_match(obj, content)
|
||||
extracted = get_tracker_match(user_org, user_id, obj, content)
|
||||
|
||||
# print(item.get_tags())
|
||||
for tag in obj.get_tags():
|
||||
|
@ -249,8 +257,8 @@ def extract(obj_type, subtype, obj_id, content=None):
|
|||
# Save In Cache
|
||||
if extracted:
|
||||
extracted_dump = json.dumps(extracted)
|
||||
r_cache.set(f'extractor:cache:{obj_gid}', extracted_dump)
|
||||
r_cache.expire(f'extractor:cache:{obj_gid}', 300) # TODO Reduce CACHE ???????????????
|
||||
r_cache.set(f'extractor:cache:{obj_gid}:{user_org}:{user_id}', extracted_dump)
|
||||
r_cache.expire(f'extractor:cache:{obj_gid}:{user_org}:{user_id}', 300) # TODO Reduce CACHE ???????????????
|
||||
|
||||
return extracted
|
||||
|
||||
|
|
|
@ -10,7 +10,7 @@ import sys
|
|||
import json
|
||||
|
||||
from flask import Flask, render_template, jsonify, request, Blueprint, redirect, url_for, Response, abort
|
||||
from flask_login import login_required
|
||||
from flask_login import login_required, current_user
|
||||
|
||||
# Import Role_Manager
|
||||
from Role_Manager import login_admin, login_analyst, login_read_only
|
||||
|
@ -236,7 +236,7 @@ def objects_message():
|
|||
else:
|
||||
message = message[0]
|
||||
languages = Language.get_translation_languages()
|
||||
extracted = module_extractor.extract('message', '', message['id'], content=message['content'])
|
||||
extracted = module_extractor.extract(current_user.get_user_id(), 'message', '', message['id'], content=message['content'])
|
||||
extracted_matches = module_extractor.get_extracted_by_match(extracted)
|
||||
message['extracted'] = extracted
|
||||
message['extracted_matches'] = extracted_matches
|
||||
|
|
|
@ -10,7 +10,7 @@ import os
|
|||
import sys
|
||||
|
||||
from flask import Flask, render_template, jsonify, request, Blueprint, redirect, url_for, Response, abort, send_file, send_from_directory
|
||||
from flask_login import login_required
|
||||
from flask_login import login_required, current_user
|
||||
|
||||
# Import Role_Manager
|
||||
from Role_Manager import login_admin, login_analyst, login_read_only, no_cache
|
||||
|
@ -85,7 +85,7 @@ def showItem(): # # TODO: support post
|
|||
else:
|
||||
meta['investigations'] = []
|
||||
|
||||
extracted = module_extractor.extract('item', '', item.id, content=meta['content'])
|
||||
extracted = module_extractor.extract(current_user.get_user_id(), 'item', '', item.id, content=meta['content'])
|
||||
extracted_matches = module_extractor.get_extracted_by_match(extracted)
|
||||
|
||||
return render_template("show_item.html", bootstrap_label=bootstrap_label,
|
||||
|
|
Loading…
Reference in a new issue