mirror of
https://github.com/ail-project/ail-framework.git
synced 2024-11-22 22:27:17 +00:00
Merge branch 'master' into relationships
This commit is contained in:
commit
db29a2be96
4 changed files with 41 additions and 13 deletions
|
@ -762,6 +762,9 @@ def delete_obj_trackers(obj_type, subtype, obj_id):
|
|||
#### TRACKERS ACL ####
|
||||
|
||||
## LEVEL ##
|
||||
def is_tracker_global_level(tracker_uuid):
|
||||
return r_tracker.hget(f'tracker:{tracker_uuid}', 'level') == 1
|
||||
|
||||
def is_tracked_in_global_level(tracked, tracker_type):
|
||||
for tracker_uuid in get_trackers_by_tracked(tracker_type, tracked):
|
||||
tracker = Tracker(tracker_uuid)
|
||||
|
@ -805,6 +808,19 @@ def api_is_allowed_to_edit_tracker(tracker_uuid, user_id):
|
|||
return {"status": "error", "reason": "Access Denied"}, 403
|
||||
return {"uuid": tracker_uuid}, 200
|
||||
|
||||
|
||||
def api_is_allowed_to_access_tracker(tracker_uuid, user_id):
|
||||
if not is_valid_uuid_v4(tracker_uuid):
|
||||
return {"status": "error", "reason": "Invalid uuid"}, 400
|
||||
tracker_creator = r_tracker.hget('tracker:{}'.format(tracker_uuid), 'user_id')
|
||||
if not tracker_creator:
|
||||
return {"status": "error", "reason": "Unknown uuid"}, 404
|
||||
user = User(user_id)
|
||||
if not is_tracker_global_level(tracker_uuid):
|
||||
if not user.is_in_role('admin') and user_id != tracker_creator:
|
||||
return {"status": "error", "reason": "Access Denied"}, 403
|
||||
return {"uuid": tracker_uuid}, 200
|
||||
|
||||
##-- ACL --##
|
||||
|
||||
#### FIX DB #### TODO ###################################################################
|
||||
|
|
|
@ -811,7 +811,7 @@ def crawler_cookiejar_cookie_edit_post():
|
|||
@login_required
|
||||
@login_read_only
|
||||
def crawler_cookiejar_cookie_add():
|
||||
cookiejar_uuid = request.args.get('cookiejar_uuid')
|
||||
cookiejar_uuid = request.args.get('uuid')
|
||||
return render_template("add_cookie.html", cookiejar_uuid=cookiejar_uuid)
|
||||
|
||||
|
||||
|
@ -842,7 +842,7 @@ def crawler_cookiejar_cookie_manual_add_post():
|
|||
if res[1] != 200:
|
||||
return create_json_response(res[0], res[1])
|
||||
|
||||
return redirect(url_for('crawler_splash.crawler_cookiejar_show', cookiejar_uuid=cookiejar_uuid))
|
||||
return redirect(url_for('crawler_splash.crawler_cookiejar_show', uuid=cookiejar_uuid))
|
||||
|
||||
|
||||
@crawler_splash.route('/crawler/cookiejar/cookie/json_add_post', methods=['POST'])
|
||||
|
|
|
@ -145,7 +145,7 @@ def tracked_menu_admin():
|
|||
def show_tracker():
|
||||
user_id = current_user.get_id()
|
||||
tracker_uuid = request.args.get('uuid', None)
|
||||
res = Tracker.api_is_allowed_to_edit_tracker(tracker_uuid, user_id)
|
||||
res = Tracker.api_is_allowed_to_access_tracker(tracker_uuid, user_id)
|
||||
if res[1] != 200: # invalid access
|
||||
return Response(json.dumps(res[0], indent=2, sort_keys=True), mimetype='application/json'), res[1]
|
||||
|
||||
|
@ -159,7 +159,7 @@ def show_tracker():
|
|||
|
||||
tracker = Tracker.Tracker(tracker_uuid)
|
||||
meta = tracker.get_meta(options={'description', 'level', 'mails', 'filters', 'sparkline', 'tags',
|
||||
'user', 'webhook', 'nb_objs'})
|
||||
'user', 'webhooks', 'nb_objs'})
|
||||
|
||||
if meta['type'] == 'yara':
|
||||
yara_rule_content = Tracker.get_yara_rule_content(meta['tracked'])
|
||||
|
@ -300,6 +300,7 @@ def add_tracked_menu():
|
|||
return create_json_response(res[0], res[1])
|
||||
else:
|
||||
return render_template("tracker_add.html",
|
||||
dict_tracker={},
|
||||
all_sources=item_basic.get_all_items_sources(r_list=True),
|
||||
tags_selector_data=Tag.get_tags_selector_data(),
|
||||
all_yara_files=Tracker.get_all_default_yara_files())
|
||||
|
@ -314,6 +315,8 @@ def tracker_edit():
|
|||
res = Tracker.api_edit_tracker(input_dict, user_id)
|
||||
if res[1] == 200:
|
||||
return redirect(url_for('hunters.show_tracker', uuid=res[0].get('uuid')))
|
||||
else:
|
||||
return create_json_response(res[0], res[1])
|
||||
else:
|
||||
user_id = current_user.get_id()
|
||||
tracker_uuid = request.args.get('uuid', None)
|
||||
|
@ -322,10 +325,16 @@ def tracker_edit():
|
|||
return Response(json.dumps(res[0], indent=2, sort_keys=True), mimetype='application/json'), res[1]
|
||||
|
||||
tracker = Tracker.Tracker(tracker_uuid)
|
||||
dict_tracker = tracker.get_meta(options={'description', 'level', 'mails', 'filters', 'tags', 'webhook'})
|
||||
dict_tracker = tracker.get_meta(options={'description', 'level', 'mails', 'filters', 'tags', 'webhooks'})
|
||||
if dict_tracker['type'] == 'yara':
|
||||
if not Tracker.is_default_yara_rule(dict_tracker['tracked']):
|
||||
dict_tracker['content'] = Tracker.get_yara_rule_content(dict_tracker['tracked'])
|
||||
elif dict_tracker['type'] == 'set':
|
||||
tracked, nb_words = dict_tracker['tracked'].rsplit(';', 1)
|
||||
tracked = tracked.replace(',', ' ')
|
||||
dict_tracker['tracked'] = tracked
|
||||
dict_tracker['nb_words'] = nb_words
|
||||
|
||||
taxonomies_tags, galaxies_tags, custom_tags = Tag.sort_tags_taxonomies_galaxies_customs(dict_tracker['tags'])
|
||||
tags_selector_data = Tag.get_tags_selector_data()
|
||||
tags_selector_data['taxonomies_tags'] = taxonomies_tags
|
||||
|
|
|
@ -75,7 +75,7 @@
|
|||
{# <label class="custom-control-label" for="crypto_obj"><i class="fas fa-coins"></i> Cryptocurrency</label>#}
|
||||
{# </div>#}
|
||||
<div class="custom-control custom-switch mt-1">
|
||||
<input class="custom-control-input" type="checkbox" name="decoded_obj" id="decoded_obj" checked="">
|
||||
<input class="custom-control-input" type="checkbox" name="decoded_obj" id="decoded_obj" {% if not dict_tracker['filters'] or 'decoded' in dict_tracker['filters'] %}checked=""{% endif %}>
|
||||
<label class="custom-control-label" for="decoded_obj"><i class="fas fa-lock-open"></i> Decoded <i class="fas fa-info-circle text-info" data-toggle="tooltip" data-placement="right" title="Content that has been decoded from an encoded format, such as base64"></i></label>
|
||||
</div>
|
||||
{# <div class="custom-control custom-switch mt-1">#}
|
||||
|
@ -83,7 +83,7 @@
|
|||
{# <label class="custom-control-label" for="domain_obj"><i class="fas fa-spider"></i> Domain</label>#}
|
||||
{# </div>#}
|
||||
<div class="custom-control custom-switch mt-1">
|
||||
<input class="custom-control-input" type="checkbox" name="item_obj" id="item_obj" checked="">
|
||||
<input class="custom-control-input" type="checkbox" name="item_obj" id="item_obj" {% if not dict_tracker['filters'] or 'item' in dict_tracker['filters'] %}checked=""{% endif %}>
|
||||
<label class="custom-control-label" for="item_obj"><i class="fas fa-file"></i> Item <i class="fas fa-info-circle text-info" data-toggle="tooltip" data-placement="right" title="Text that has been processed by AIL. It can include various types of extracted information"></i></label>
|
||||
</div>
|
||||
<div class="card border-dark mb-4" id="sources_item_div">
|
||||
|
@ -100,14 +100,14 @@
|
|||
|
||||
|
||||
<div class="custom-control custom-switch mt-1">
|
||||
<input class="custom-control-input" type="checkbox" name="pgp_obj" id="pgp_obj" checked="">
|
||||
<input class="custom-control-input" type="checkbox" name="pgp_obj" id="pgp_obj" {% if not dict_tracker['filters'] or 'pgp' in dict_tracker['filters'] %}checked=""{% endif %}>
|
||||
<label class="custom-control-label" for="pgp_obj"><i class="fas fa-key"></i> PGP <i class="fas fa-info-circle text-info" data-toggle="tooltip" data-placement="right" title="PGP key/block metadata"></i></label>
|
||||
</div>
|
||||
<div class="card border-dark mb-4" id="sources_pgp_div">
|
||||
<div class="card-body">
|
||||
<h6>Filter PGP by subtype:</h6>
|
||||
<div class="custom-control custom-switch mt-1">
|
||||
<input class="custom-control-input" type="checkbox" name="filter_pgp_name" id="filter_pgp_name" checked="">
|
||||
<input class="custom-control-input" type="checkbox" name="filter_pgp_name" id="filter_pgp_name" {% if not dict_tracker['filters'] %}checked=""{% endif %} {% if 'pgp' in dict_tracker['filters'] %}{% if not 'subtypes' in dict_tracker['filters']['pgp'] %}checked=""{% else %}{% if 'name' in dict_tracker['filters']['pgp']['subtypes'] %}checked=""{% endif %}{% endif %}{% endif %}>
|
||||
<label class="custom-control-label" for="filter_pgp_name">
|
||||
<svg height="26" width="26">
|
||||
<g class="nodes">
|
||||
|
@ -119,7 +119,7 @@
|
|||
</label>
|
||||
</div>
|
||||
<div class="custom-control custom-switch mt-1">
|
||||
<input class="custom-control-input" type="checkbox" name="filter_pgp_mail" id="filter_pgp_mail" checked="">
|
||||
<input class="custom-control-input" type="checkbox" name="filter_pgp_mail" id="filter_pgp_mail" {% if not dict_tracker['filters'] %}checked=""{% endif %} {% if 'pgp' in dict_tracker['filters'] %}{% if not 'subtypes' in dict_tracker['filters']['pgp'] %}checked=""{% else %}{% if 'mail' in dict_tracker['filters']['pgp']['subtypes'] %}checked=""{% endif %}{% endif %}{% endif %}>
|
||||
<label class="custom-control-label" for="filter_pgp_mail">
|
||||
<svg height="26" width="26">
|
||||
<g class="nodes">
|
||||
|
@ -133,15 +133,15 @@
|
|||
</div>
|
||||
</div>
|
||||
<div class="custom-control custom-switch mt-1">
|
||||
<input class="custom-control-input" type="checkbox" name="title_obj" id="title_obj" checked="">
|
||||
<input class="custom-control-input" type="checkbox" name="title_obj" id="title_obj" {% if not dict_tracker['filters'] or 'title' in dict_tracker['filters'] %}checked=""{% endif %}>
|
||||
<label class="custom-control-label" for="title_obj"><i class="fas fa-heading"></i> Title <i class="fas fa-info-circle text-info" data-toggle="tooltip" data-placement="right" title="Title that has been extracted from a HTML page"></i></label>
|
||||
</div>
|
||||
<div class="custom-control custom-switch mt-1">
|
||||
<input class="custom-control-input" type="checkbox" name="message_obj" id="message_obj" checked="">
|
||||
<input class="custom-control-input" type="checkbox" name="message_obj" id="message_obj" {% if not dict_tracker['filters'] or 'message' in dict_tracker['filters'] %}checked=""{% endif %}>
|
||||
<label class="custom-control-label" for="message_obj"><i class="fas fa-comment-dots"></i> Message <i class="fas fa-info-circle text-info" data-toggle="tooltip" data-placement="right" title="Messages from Chats"></i></label>
|
||||
</div>
|
||||
<div class="custom-control custom-switch mt-1">
|
||||
<input class="custom-control-input" type="checkbox" name="ocr_obj" id="ocr_obj" checked="">
|
||||
<input class="custom-control-input" type="checkbox" name="ocr_obj" id="ocr_obj" {% if not dict_tracker['filters'] or 'ocr' in dict_tracker['filters'] %}checked=""{% endif %}>
|
||||
<label class="custom-control-label" for="ocr_obj"><i class="fas fa-comment-dots"></i> OCR <i class="fas fa-expand text-info" data-toggle="tooltip" data-placement="right" title="Text extracted from Images"></i></label>
|
||||
</div>
|
||||
|
||||
|
@ -310,6 +310,9 @@ $(document).ready(function(){
|
|||
emptyText: 'Item Sources to track (ALL IF EMPTY)',
|
||||
});
|
||||
|
||||
item_source_input_controller();
|
||||
pgp_source_input_controller();
|
||||
|
||||
$('#tracker_type').on('change', function() {
|
||||
var tracker_type = this.value;
|
||||
if (tracker_type=="word") {
|
||||
|
|
Loading…
Reference in a new issue