diff --git a/var/www/Flask_server.py b/var/www/Flask_server.py index 5990ff6b..09f9ff41 100755 --- a/var/www/Flask_server.py +++ b/var/www/Flask_server.py @@ -34,6 +34,7 @@ import Flask_config # Import Role_Manager from Role_Manager import create_user_db, check_password_strength +from Role_Manager import login_admin, login_analyst def flask_init(): # # TODO: move this to update @@ -211,7 +212,15 @@ def logout(): logout_user() return redirect(url_for('login')) +# role error template +@app.route('/role', methods=['POST', 'GET']) +@login_required +def role(): + return render_template("error/403.html"), 403 + @app.route('/searchbox/') +@login_required +@login_analyst def searchbox(): return render_template("searchbox.html") diff --git a/var/www/modules/PasteSubmit/Flask_PasteSubmit.py b/var/www/modules/PasteSubmit/Flask_PasteSubmit.py index 8a1ffaab..85ca57e2 100644 --- a/var/www/modules/PasteSubmit/Flask_PasteSubmit.py +++ b/var/www/modules/PasteSubmit/Flask_PasteSubmit.py @@ -6,6 +6,8 @@ ''' import redis from flask import Flask, render_template, jsonify, request, Blueprint, url_for, redirect + +from Role_Manager import login_admin, login_analyst from flask_login import login_required import unicodedata @@ -275,6 +277,7 @@ def hive_create_case(hive_tlp, threat_level, hive_description, hive_case_title, @PasteSubmit.route("/PasteSubmit/", methods=['GET']) @login_required +@login_analyst def PasteSubmit_page(): #active taxonomies active_taxonomies = r_serv_tags.smembers('active_taxonomies') @@ -288,6 +291,7 @@ def PasteSubmit_page(): @PasteSubmit.route("/PasteSubmit/submit", methods=['POST']) @login_required +@login_analyst def submit(): #paste_name = request.form['paste_name'] @@ -398,6 +402,7 @@ def submit(): @PasteSubmit.route("/PasteSubmit/submit_status", methods=['GET']) @login_required +@login_analyst def submit_status(): UUID = request.args.get('UUID') @@ -465,6 +470,7 @@ def submit_status(): @PasteSubmit.route("/PasteSubmit/create_misp_event", methods=['POST']) @login_required +@login_analyst def create_misp_event(): distribution = int(request.form['misp_data[Event][distribution]']) @@ -488,6 +494,7 @@ def create_misp_event(): @PasteSubmit.route("/PasteSubmit/create_hive_case", methods=['POST']) @login_required +@login_analyst def create_hive_case(): hive_tlp = int(request.form['hive_tlp']) @@ -511,6 +518,7 @@ def create_hive_case(): @PasteSubmit.route("/PasteSubmit/edit_tag_export") @login_required +@login_analyst def edit_tag_export(): misp_auto_events = r_serv_db.get('misp:auto-events') hive_auto_alerts = r_serv_db.get('hive:auto-alerts') @@ -576,6 +584,7 @@ def edit_tag_export(): @PasteSubmit.route("/PasteSubmit/tag_export_edited", methods=['POST']) @login_required +@login_analyst def tag_export_edited(): tag_enabled_misp = request.form.getlist('tag_enabled_misp') tag_enabled_hive = request.form.getlist('tag_enabled_hive') @@ -601,30 +610,35 @@ def tag_export_edited(): @PasteSubmit.route("/PasteSubmit/enable_misp_auto_event") @login_required +@login_analyst def enable_misp_auto_event(): r_serv_db.set('misp:auto-events', 1) return edit_tag_export() @PasteSubmit.route("/PasteSubmit/disable_misp_auto_event") @login_required +@login_analyst def disable_misp_auto_event(): r_serv_db.set('misp:auto-events', 0) return edit_tag_export() @PasteSubmit.route("/PasteSubmit/enable_hive_auto_alert") @login_required +@login_analyst def enable_hive_auto_alert(): r_serv_db.set('hive:auto-alerts', 1) return edit_tag_export() @PasteSubmit.route("/PasteSubmit/disable_hive_auto_alert") @login_required +@login_analyst def disable_hive_auto_alert(): r_serv_db.set('hive:auto-alerts', 0) return edit_tag_export() @PasteSubmit.route("/PasteSubmit/add_push_tag") @login_required +@login_analyst def add_push_tag(): tag = request.args.get('tag') if tag is not None: @@ -643,6 +657,7 @@ def add_push_tag(): @PasteSubmit.route("/PasteSubmit/delete_push_tag") @login_required +@login_analyst def delete_push_tag(): tag = request.args.get('tag') diff --git a/var/www/modules/Tags/Flask_Tags.py b/var/www/modules/Tags/Flask_Tags.py index f68491e6..8ab81297 100644 --- a/var/www/modules/Tags/Flask_Tags.py +++ b/var/www/modules/Tags/Flask_Tags.py @@ -222,7 +222,7 @@ def update_tag_last_seen(tag, tag_first_seen, tag_last_seen): @Tags.route("/tags/", methods=['GET']) @login_required -@login_admin +@login_analyst def Tags_page(): date_from = request.args.get('date_from') date_to = request.args.get('date_to') @@ -357,6 +357,7 @@ def Tags_page(): @Tags.route("/Tags/get_all_tags") @login_required +@login_analyst def get_all_tags(): all_tags = r_serv_tags.smembers('list_tags') @@ -380,6 +381,7 @@ def get_all_tags(): @Tags.route("/Tags/get_all_tags_taxonomies") @login_required +@login_analyst def get_all_tags_taxonomies(): taxonomies = Taxonomies() @@ -398,6 +400,7 @@ def get_all_tags_taxonomies(): @Tags.route("/Tags/get_all_tags_galaxies") @login_required +@login_analyst def get_all_tags_galaxy(): active_galaxies = r_serv_tags.smembers('active_galaxies') @@ -412,6 +415,7 @@ def get_all_tags_galaxy(): @Tags.route("/Tags/get_tags_taxonomie") @login_required +@login_analyst def get_tags_taxonomie(): taxonomie = request.args.get('taxonomie') @@ -439,6 +443,7 @@ def get_tags_taxonomie(): @Tags.route("/Tags/get_tags_galaxy") @login_required +@login_analyst def get_tags_galaxy(): galaxy = request.args.get('galaxy') @@ -460,6 +465,7 @@ def get_tags_galaxy(): @Tags.route("/Tags/remove_tag") @login_required +@login_analyst def remove_tag(): #TODO verify input @@ -492,6 +498,7 @@ def confirm_tag(): @Tags.route("/Tags/tag_validation") @login_required +@login_analyst def tag_validation(): path = request.args.get('paste') @@ -513,6 +520,7 @@ def tag_validation(): @Tags.route("/Tags/addTags") @login_required +@login_analyst def addTags(): tags = request.args.get('tags') @@ -563,6 +571,7 @@ def addTags(): @Tags.route("/Tags/taxonomies") @login_required +@login_analyst def taxonomies(): active_taxonomies = r_serv_tags.smembers('active_taxonomies') @@ -600,6 +609,7 @@ def taxonomies(): @Tags.route("/Tags/edit_taxonomie") @login_required +@login_analyst def edit_taxonomie(): taxonomies = Taxonomies() @@ -649,6 +659,7 @@ def edit_taxonomie(): @Tags.route("/Tags/disable_taxonomie") @login_required +@login_analyst def disable_taxonomie(): taxonomies = Taxonomies() @@ -670,6 +681,7 @@ def disable_taxonomie(): @Tags.route("/Tags/active_taxonomie") @login_required +@login_analyst def active_taxonomie(): taxonomies = Taxonomies() @@ -690,6 +702,7 @@ def active_taxonomie(): @Tags.route("/Tags/edit_taxonomie_tag") @login_required +@login_analyst def edit_taxonomie_tag(): taxonomies = Taxonomies() @@ -733,6 +746,7 @@ def edit_taxonomie_tag(): @Tags.route("/Tags/galaxies") @login_required +@login_analyst def galaxies(): active_galaxies = r_serv_tags.smembers('active_galaxies') @@ -780,6 +794,7 @@ def galaxies(): @Tags.route("/Tags/edit_galaxy") @login_required +@login_analyst def edit_galaxy(): id = request.args.get('galaxy') @@ -848,6 +863,7 @@ def edit_galaxy(): @Tags.route("/Tags/active_galaxy") @login_required +@login_analyst def active_galaxy(): id = request.args.get('galaxy') @@ -893,6 +909,7 @@ def active_galaxy(): @Tags.route("/Tags/disable_galaxy") @login_required +@login_analyst def disable_galaxy(): id = request.args.get('galaxy') @@ -914,6 +931,7 @@ def disable_galaxy(): @Tags.route("/Tags/edit_galaxy_tag") @login_required +@login_analyst def edit_galaxy_tag(): arg1 = request.args.getlist('tag_enabled') @@ -987,6 +1005,7 @@ def edit_galaxy_tag(): @Tags.route("/Tags/tag_galaxy_info") @login_required +@login_analyst def tag_galaxy_info(): galaxy = request.args.get('galaxy') diff --git a/var/www/modules/dashboard/Flask_dashboard.py b/var/www/modules/dashboard/Flask_dashboard.py index 0bbcccac..160d9edb 100644 --- a/var/www/modules/dashboard/Flask_dashboard.py +++ b/var/www/modules/dashboard/Flask_dashboard.py @@ -13,6 +13,8 @@ import flask from Date import Date from flask import Flask, render_template, jsonify, request, Blueprint, url_for + +from Role_Manager import login_admin, login_analyst from flask_login import login_required # ============ VARIABLES ============ @@ -111,11 +113,13 @@ def datetime_from_utc_to_local(utc_str): @dashboard.route("/_logs") @login_required +@login_analyst def logs(): return flask.Response(event_stream(), mimetype="text/event-stream") @dashboard.route("/_get_last_logs_json") @login_required +@login_analyst def get_last_logs_json(): date = datetime.datetime.now().strftime("%Y%m%d") @@ -158,12 +162,14 @@ def get_last_logs_json(): @dashboard.route("/_stuff", methods=['GET']) @login_required +@login_analyst def stuff(): return jsonify(row1=get_queues(r_serv)) @dashboard.route("/") @login_required +@login_analyst def index(): default_minute = cfg.get("Flask", "minute_processed_paste") threshold_stucked_module = cfg.getint("Module_ModuleInformation", "threshold_stucked_module") diff --git a/var/www/modules/hashDecoded/Flask_hashDecoded.py b/var/www/modules/hashDecoded/Flask_hashDecoded.py index 83ce54b8..a3537b1a 100644 --- a/var/www/modules/hashDecoded/Flask_hashDecoded.py +++ b/var/www/modules/hashDecoded/Flask_hashDecoded.py @@ -17,6 +17,7 @@ from hashlib import sha256 import requests from flask import Flask, render_template, jsonify, request, Blueprint, redirect, url_for, send_file +from Role_Manager import login_admin, login_analyst from flask_login import login_required # ============ VARIABLES ============ @@ -476,6 +477,7 @@ def correlation_graph_node_json(correlation_type, type_id, key_id): # ============= ROUTES ============== @hashDecoded.route("/hashDecoded/all_hash_search", methods=['POST']) @login_required +@login_analyst def all_hash_search(): date_from = request.form.get('date_from') date_to = request.form.get('date_to') @@ -486,6 +488,7 @@ def all_hash_search(): @hashDecoded.route("/hashDecoded/", methods=['GET']) @login_required +@login_analyst def hashDecoded_page(): date_from = request.args.get('date_from') date_to = request.args.get('date_to') @@ -604,6 +607,7 @@ def hashDecoded_page(): @hashDecoded.route('/hashDecoded/hash_by_type') @login_required +@login_analyst def hash_by_type(): type = request.args.get('type') type = 'text/plain' @@ -612,6 +616,7 @@ def hash_by_type(): @hashDecoded.route('/hashDecoded/hash_hash') @login_required +@login_analyst def hash_hash(): hash = request.args.get('hash') return render_template('hash_hash.html') @@ -619,6 +624,7 @@ def hash_hash(): @hashDecoded.route('/hashDecoded/showHash') @login_required +@login_analyst def showHash(): hash = request.args.get('hash') #hash = 'e02055d3efaad5d656345f6a8b1b6be4fe8cb5ea' @@ -673,6 +679,7 @@ def showHash(): @hashDecoded.route('/hashDecoded/downloadHash') @login_required +@login_analyst def downloadHash(): hash = request.args.get('hash') # sanitize hash @@ -710,6 +717,7 @@ def downloadHash(): @hashDecoded.route('/hashDecoded/hash_by_type_json') @login_required +@login_analyst def hash_by_type_json(): type = request.args.get('type') @@ -744,6 +752,7 @@ def hash_by_type_json(): @hashDecoded.route('/hashDecoded/decoder_type_json') @login_required +@login_analyst def decoder_type_json(): date_from = request.args.get('date_from') date_to = request.args.get('date_to') @@ -800,6 +809,7 @@ def decoder_type_json(): @hashDecoded.route('/hashDecoded/top5_type_json') @login_required +@login_analyst def top5_type_json(): date_from = request.args.get('date_from') date_to = request.args.get('date_to') @@ -859,6 +869,7 @@ def top5_type_json(): @hashDecoded.route('/hashDecoded/daily_type_json') @login_required +@login_analyst def daily_type_json(): date = request.args.get('date') @@ -879,6 +890,7 @@ def daily_type_json(): @hashDecoded.route('/hashDecoded/range_type_json') @login_required +@login_analyst def range_type_json(): date_from = request.args.get('date_from') date_to = request.args.get('date_to') @@ -936,6 +948,7 @@ def range_type_json(): @hashDecoded.route('/hashDecoded/hash_graph_line_json') @login_required +@login_analyst def hash_graph_line_json(): hash = request.args.get('hash') date_from = request.args.get('date_from') @@ -966,6 +979,7 @@ def hash_graph_line_json(): @hashDecoded.route('/hashDecoded/hash_graph_node_json') @login_required +@login_analyst def hash_graph_node_json(): hash = request.args.get('hash') @@ -1034,6 +1048,7 @@ def hash_graph_node_json(): @hashDecoded.route('/hashDecoded/hash_types') @login_required +@login_analyst def hash_types(): date_from = 20180701 date_to = 20180706 @@ -1042,6 +1057,7 @@ def hash_types(): @hashDecoded.route('/hashDecoded/send_file_to_vt_js') @login_required +@login_analyst def send_file_to_vt_js(): hash = request.args.get('hash') @@ -1066,6 +1082,7 @@ def send_file_to_vt_js(): @hashDecoded.route('/hashDecoded/update_vt_result') @login_required +@login_analyst def update_vt_result(): hash = request.args.get('hash') @@ -1102,6 +1119,8 @@ def update_vt_result(): ############################ PGPDump ############################ @hashDecoded.route('/decoded/pgp_by_type_json') ## TODO: REFRACTOR +@login_required +@login_analyst def pgp_by_type_json(): type_id = request.args.get('type_id') date_from = request.args.get('date_from') @@ -1146,6 +1165,8 @@ def pgp_by_type_json(): ############################ Correlation ############################ @hashDecoded.route("/correlation/pgpdump", methods=['GET']) +@login_required +@login_analyst def pgpdump_page(): date_from = request.args.get('date_from') date_to = request.args.get('date_to') @@ -1156,6 +1177,8 @@ def pgpdump_page(): return res @hashDecoded.route("/correlation/cryptocurrency", methods=['GET']) +@login_required +@login_analyst def cryptocurrency_page(): date_from = request.args.get('date_from') date_to = request.args.get('date_to') @@ -1166,6 +1189,8 @@ def cryptocurrency_page(): return res @hashDecoded.route("/correlation/all_pgpdump_search", methods=['POST']) +@login_required +@login_analyst def all_pgpdump_search(): date_from = request.form.get('date_from') date_to = request.form.get('date_to') @@ -1174,6 +1199,8 @@ def all_pgpdump_search(): return redirect(url_for('hashDecoded.pgpdump_page', date_from=date_from, date_to=date_to, type_id=type_id, show_decoded_files=show_decoded_files)) @hashDecoded.route("/correlation/all_cryptocurrency_search", methods=['POST']) +@login_required +@login_analyst def all_cryptocurrency_search(): date_from = request.form.get('date_from') date_to = request.form.get('date_to') @@ -1182,6 +1209,8 @@ def all_cryptocurrency_search(): return redirect(url_for('hashDecoded.cryptocurrency_page', date_from=date_from, date_to=date_to, type_id=type_id, show_decoded_files=show_decoded_files)) @hashDecoded.route('/correlation/show_pgpdump') +@login_required +@login_analyst def show_pgpdump(): type_id = request.args.get('type_id') key_id = request.args.get('key_id') @@ -1189,36 +1218,48 @@ def show_pgpdump(): @hashDecoded.route('/correlation/show_cryptocurrency') +@login_required +@login_analyst def show_cryptocurrency(): type_id = request.args.get('type_id') key_id = request.args.get('key_id') return show_correlation('cryptocurrency', type_id, key_id) @hashDecoded.route('/correlation/cryptocurrency_range_type_json') +@login_required +@login_analyst def cryptocurrency_range_type_json(): date_from = request.args.get('date_from') date_to = request.args.get('date_to') return correlation_type_range_type_json('cryptocurrency', date_from, date_to) @hashDecoded.route('/correlation/pgpdump_range_type_json') +@login_required +@login_analyst def pgpdump_range_type_json(): date_from = request.args.get('date_from') date_to = request.args.get('date_to') return correlation_type_range_type_json('pgpdump', date_from, date_to) @hashDecoded.route('/correlation/pgpdump_graph_node_json') +@login_required +@login_analyst def pgpdump_graph_node_json(): type_id = request.args.get('type_id') key_id = request.args.get('key_id') return correlation_graph_node_json('pgpdump', type_id, key_id) @hashDecoded.route('/correlation/cryptocurrency_graph_node_json') +@login_required +@login_analyst def cryptocurrency_graph_node_json(): type_id = request.args.get('type_id') key_id = request.args.get('key_id') return correlation_graph_node_json('cryptocurrency', type_id, key_id) @hashDecoded.route('/correlation/pgpdump_graph_line_json') +@login_required +@login_analyst def pgpdump_graph_line_json(): type_id = request.args.get('type_id') key_id = request.args.get('key_id') @@ -1251,6 +1292,8 @@ def correlation_graph_line_json(correlation_type, type_id, key_id, date_from, da return jsonify() @hashDecoded.route('/correlation/cryptocurrency_graph_line_json') +@login_required +@login_analyst def cryptocurrency_graph_line_json(): type_id = request.args.get('type_id') key_id = request.args.get('key_id') diff --git a/var/www/modules/hiddenServices/Flask_hiddenServices.py b/var/www/modules/hiddenServices/Flask_hiddenServices.py index 09d1df1f..12fe3177 100644 --- a/var/www/modules/hiddenServices/Flask_hiddenServices.py +++ b/var/www/modules/hiddenServices/Flask_hiddenServices.py @@ -12,6 +12,8 @@ import time import json from pyfaup.faup import Faup from flask import Flask, render_template, jsonify, request, send_file, Blueprint, redirect, url_for + +from Role_Manager import login_admin, login_analyst from flask_login import login_required from Date import Date @@ -241,6 +243,7 @@ def delete_auto_crawler(url): @hiddenServices.route("/crawlers/", methods=['GET']) @login_required +@login_analyst def dashboard(): crawler_metadata_onion = get_crawler_splash_status('onion') crawler_metadata_regular = get_crawler_splash_status('regular') @@ -255,18 +258,15 @@ def dashboard(): crawler_metadata_regular=crawler_metadata_regular, statDomains_onion=statDomains_onion, statDomains_regular=statDomains_regular) -@hiddenServices.route("/hiddenServices/2", methods=['GET']) -@login_required -def hiddenServices_page_test(): - return render_template("Crawler_index.html") - @hiddenServices.route("/crawlers/manual", methods=['GET']) @login_required +@login_analyst def manual(): return render_template("Crawler_Splash_manual.html", crawler_enabled=crawler_enabled) @hiddenServices.route("/crawlers/crawler_splash_onion", methods=['GET']) @login_required +@login_analyst def crawler_splash_onion(): type = 'onion' last_onions = get_last_domains_crawled(type) @@ -285,6 +285,7 @@ def crawler_splash_onion(): @hiddenServices.route("/crawlers/Crawler_Splash_last_by_type", methods=['GET']) @login_required +@login_analyst def Crawler_Splash_last_by_type(): type = request.args.get('type') # verify user input @@ -309,6 +310,7 @@ def Crawler_Splash_last_by_type(): @hiddenServices.route("/crawlers/blacklisted_domains", methods=['GET']) @login_required +@login_analyst def blacklisted_domains(): blacklist_domain = request.args.get('blacklist_domain') unblacklist_domain = request.args.get('unblacklist_domain') @@ -344,6 +346,7 @@ def blacklisted_domains(): @hiddenServices.route("/crawler/blacklist_domain", methods=['GET']) @login_required +@login_analyst def blacklist_domain(): domain = request.args.get('domain') type = request.args.get('type') @@ -366,6 +369,7 @@ def blacklist_domain(): @hiddenServices.route("/crawler/unblacklist_domain", methods=['GET']) @login_required +@login_analyst def unblacklist_domain(): domain = request.args.get('domain') type = request.args.get('type') @@ -388,6 +392,7 @@ def unblacklist_domain(): @hiddenServices.route("/crawlers/create_spider_splash", methods=['POST']) @login_required +@login_analyst def create_spider_splash(): url = request.form.get('url_to_crawl') automatic = request.form.get('crawler_type') @@ -475,6 +480,7 @@ def create_spider_splash(): @hiddenServices.route("/crawlers/auto_crawler", methods=['GET']) @login_required +@login_analyst def auto_crawler(): nb_element_to_display = 100 try: @@ -528,6 +534,7 @@ def auto_crawler(): @hiddenServices.route("/crawlers/remove_auto_crawler", methods=['GET']) @login_required +@login_analyst def remove_auto_crawler(): url = request.args.get('url') page = request.args.get('page') @@ -538,6 +545,7 @@ def remove_auto_crawler(): @hiddenServices.route("/crawlers/crawler_dashboard_json", methods=['GET']) @login_required +@login_analyst def crawler_dashboard_json(): crawler_metadata_onion = get_crawler_splash_status('onion') @@ -555,6 +563,7 @@ def crawler_dashboard_json(): # # TODO: refractor @hiddenServices.route("/hiddenServices/last_crawled_domains_with_stats_json", methods=['GET']) @login_required +@login_analyst def last_crawled_domains_with_stats_json(): last_onions = r_serv_onion.lrange('last_onion', 0 ,-1) list_onion = [] @@ -605,6 +614,7 @@ def last_crawled_domains_with_stats_json(): @hiddenServices.route("/hiddenServices/get_onions_by_daterange", methods=['POST']) @login_required +@login_analyst def get_onions_by_daterange(): date_from = request.form.get('date_from') date_to = request.form.get('date_to') @@ -617,6 +627,7 @@ def get_onions_by_daterange(): @hiddenServices.route("/hiddenServices/show_domains_by_daterange", methods=['GET']) @login_required +@login_analyst def show_domains_by_daterange(): date_from = request.args.get('date_from') date_to = request.args.get('date_to') @@ -722,6 +733,7 @@ def show_domains_by_daterange(): @hiddenServices.route("/crawlers/show_domain", methods=['GET']) @login_required +@login_analyst def show_domain(): domain = request.args.get('domain') epoch = request.args.get('epoch') @@ -805,6 +817,8 @@ def show_domain(): domain_tags=domain_tags, screenshot=screenshot) @hiddenServices.route("/crawlers/download_domain", methods=['GET']) +@login_required +@login_analyst def download_domain(): domain = request.args.get('domain') epoch = request.args.get('epoch') @@ -857,6 +871,7 @@ def download_domain(): @hiddenServices.route("/hiddenServices/onion_son", methods=['GET']) @login_required +@login_analyst def onion_son(): onion_domain = request.args.get('onion_domain') @@ -868,6 +883,7 @@ def onion_son(): # ============= JSON ============== @hiddenServices.route("/hiddenServices/domain_crawled_7days_json", methods=['GET']) @login_required +@login_analyst def domain_crawled_7days_json(): type = 'onion' ## TODO: # FIXME: 404 error @@ -887,6 +903,7 @@ def domain_crawled_7days_json(): @hiddenServices.route('/hiddenServices/domain_crawled_by_type_json') @login_required +@login_analyst def domain_crawled_by_type_json(): current_date = request.args.get('date') type = request.args.get('type') diff --git a/var/www/modules/rawSkeleton/Flask_rawSkeleton.py b/var/www/modules/rawSkeleton/Flask_rawSkeleton.py index fe6e1f66..d767a83c 100644 --- a/var/www/modules/rawSkeleton/Flask_rawSkeleton.py +++ b/var/www/modules/rawSkeleton/Flask_rawSkeleton.py @@ -6,6 +6,8 @@ ''' import redis from flask import Flask, render_template, jsonify, request, Blueprint + +from Role_Manager import login_admin, login_analyst from flask_login import login_required # ============ VARIABLES ============ @@ -24,6 +26,7 @@ def one(): @rawSkeleton.route("/rawSkeleton/", methods=['GET']) @login_required +@login_analyst def skeleton_page(): return render_template("rawSkeleton.html") diff --git a/var/www/modules/search/Flask_search.py b/var/www/modules/search/Flask_search.py index 866c0bfc..67a518fb 100644 --- a/var/www/modules/search/Flask_search.py +++ b/var/www/modules/search/Flask_search.py @@ -10,6 +10,8 @@ import os import datetime import flask from flask import Flask, render_template, jsonify, request, Blueprint + +from Role_Manager import login_admin, login_analyst from flask_login import login_required import Paste @@ -95,6 +97,7 @@ def to_iso_date(timestamp): @searches.route("/search", methods=['POST']) @login_required +@login_analyst def search(): query = request.form['query'] q = [] @@ -183,6 +186,7 @@ def search(): @searches.route("/get_more_search_result", methods=['POST']) @login_required +@login_analyst def get_more_search_result(): query = request.form['query'] q = [] diff --git a/var/www/modules/sentiment/Flask_sentiment.py b/var/www/modules/sentiment/Flask_sentiment.py index 14904558..af6c220c 100644 --- a/var/www/modules/sentiment/Flask_sentiment.py +++ b/var/www/modules/sentiment/Flask_sentiment.py @@ -10,6 +10,8 @@ import calendar from Date import Date import flask from flask import Flask, render_template, jsonify, request, Blueprint + +from Role_Manager import login_admin, login_analyst from flask_login import login_required import Paste @@ -41,12 +43,14 @@ def get_date_range(num_day): @sentiments.route("/sentiment_analysis_trending/") @login_required +@login_analyst def sentiment_analysis_trending(): return render_template("sentiment_analysis_trending.html") @sentiments.route("/sentiment_analysis_getplotdata/", methods=['GET']) @login_required +@login_analyst def sentiment_analysis_getplotdata(): # Get the top providers based on number of pastes oneHour = 60*60 @@ -98,6 +102,7 @@ def sentiment_analysis_getplotdata(): @sentiments.route("/sentiment_analysis_plot_tool/") @login_required +@login_analyst def sentiment_analysis_plot_tool(): return render_template("sentiment_analysis_plot_tool.html") @@ -105,6 +110,7 @@ def sentiment_analysis_plot_tool(): @sentiments.route("/sentiment_analysis_plot_tool_getdata/", methods=['GET']) @login_required +@login_analyst def sentiment_analysis_plot_tool_getdata(): getProviders = request.args.get('getProviders') diff --git a/var/www/modules/settings/Flask_settings.py b/var/www/modules/settings/Flask_settings.py index 8a5fb776..09d5597d 100644 --- a/var/www/modules/settings/Flask_settings.py +++ b/var/www/modules/settings/Flask_settings.py @@ -7,7 +7,8 @@ from flask import Flask, render_template, jsonify, request, Blueprint, redirect, url_for from flask_login import login_required, current_user -from Role_Manager import login_admin, login_analyst, create_user_db, edit_user_db, delete_user_db, check_password_strength +from Role_Manager import login_admin, login_analyst +from Role_Manager import create_user_db, edit_user_db, delete_user_db, check_password_strength import json import secrets @@ -104,6 +105,7 @@ def get_all_roles(): @settings.route("/settings/", methods=['GET']) @login_required +@login_analyst def settings_page(): git_metadata = get_git_metadata() current_version = r_serv_db.get('ail:version') @@ -114,18 +116,21 @@ def settings_page(): @settings.route("/settings/edit_profile", methods=['GET']) @login_required +@login_analyst def edit_profile(): user_metadata = get_user_metadata(current_user.get_id()) return render_template("edit_profile.html", user_metadata=user_metadata) @settings.route("/settings/new_token", methods=['GET']) @login_required +@login_analyst def new_token(): generate_new_token(current_user.get_id()) return redirect(url_for('settings.edit_profile')) @settings.route("/settings/new_token_user", methods=['GET']) @login_required +@login_admin def new_token_user(): user_id = request.args.get('user_id') if r_serv_db.exists('user_metadata:{}'.format(user_id)): @@ -134,6 +139,7 @@ def new_token_user(): @settings.route("/settings/create_user", methods=['GET']) @login_required +@login_admin def create_user(): user_id = request.args.get('user_id') role = None @@ -146,6 +152,7 @@ def create_user(): @settings.route("/settings/create_user_post", methods=['POST']) @login_required +@login_admin def create_user_post(): email = request.form.get('username') role = request.form.get('user_role') @@ -190,6 +197,7 @@ def create_user_post(): @settings.route("/settings/users_list", methods=['GET']) @login_required +@login_admin def users_list(): all_users = get_users_metadata(get_all_users()) new_user = request.args.get('new_user') @@ -202,12 +210,14 @@ def users_list(): @settings.route("/settings/edit_user", methods=['GET']) @login_required +@login_admin def edit_user(): user_id = request.args.get('user_id') return redirect(url_for('settings.create_user', user_id=user_id)) @settings.route("/settings/delete_user", methods=['GET']) @login_required +@login_admin def delete_user(): user_id = request.args.get('user_id') delete_user_db(user_id) @@ -216,6 +226,7 @@ def delete_user(): @settings.route("/settings/get_background_update_stats_json", methods=['GET']) @login_required +@login_analyst def get_background_update_stats_json(): # handle :end, error update_stats = {} diff --git a/var/www/modules/showpaste/Flask_showpaste.py b/var/www/modules/showpaste/Flask_showpaste.py index dafba343..fb990bbf 100644 --- a/var/www/modules/showpaste/Flask_showpaste.py +++ b/var/www/modules/showpaste/Flask_showpaste.py @@ -9,6 +9,8 @@ import json import os import flask from flask import Flask, render_template, jsonify, request, Blueprint, make_response, Response, send_from_directory, redirect, url_for + +from Role_Manager import login_admin, login_analyst from flask_login import login_required import difflib @@ -383,18 +385,21 @@ def show_item_min(requested_path , content_range=0): @showsavedpastes.route("/showsavedpaste/") #completely shows the paste in a new tab @login_required +@login_analyst def showsavedpaste(): requested_path = request.args.get('paste', '') return showpaste(0, requested_path) @showsavedpastes.route("/showsaveditem_min/") #completely shows the paste in a new tab @login_required +@login_analyst def showsaveditem_min(): requested_path = request.args.get('paste', '') return show_item_min(requested_path) @showsavedpastes.route("/showsavedrawpaste/") #shows raw @login_required +@login_analyst def showsavedrawpaste(): requested_path = request.args.get('paste', '') paste = Paste.Paste(requested_path) @@ -403,6 +408,7 @@ def showsavedrawpaste(): @showsavedpastes.route("/showpreviewpaste/") @login_required +@login_analyst def showpreviewpaste(): num = request.args.get('num', '') requested_path = request.args.get('paste', '') @@ -411,6 +417,7 @@ def showpreviewpaste(): @showsavedpastes.route("/getmoredata/") @login_required +@login_analyst def getmoredata(): requested_path = request.args.get('paste', '') paste = Paste.Paste(requested_path) @@ -420,6 +427,7 @@ def getmoredata(): @showsavedpastes.route("/showDiff/") @login_required +@login_analyst def showDiff(): s1 = request.args.get('s1', '') s2 = request.args.get('s2', '') @@ -437,11 +445,13 @@ def showDiff(): @showsavedpastes.route('/screenshot/') @login_required +@login_analyst def screenshot(filename): return send_from_directory(SCREENSHOT_FOLDER, filename+'.png', as_attachment=True) @showsavedpastes.route('/send_file_to_vt/', methods=['POST']) @login_required +@login_analyst def send_file_to_vt(): b64_path = request.form['b64_path'] paste = request.form['paste'] diff --git a/var/www/modules/terms/Flask_terms.py b/var/www/modules/terms/Flask_terms.py index fd42ec4d..f3b8c7de 100644 --- a/var/www/modules/terms/Flask_terms.py +++ b/var/www/modules/terms/Flask_terms.py @@ -11,6 +11,8 @@ import datetime import calendar import flask from flask import Flask, render_template, jsonify, request, Blueprint, url_for, redirect + +from Role_Manager import login_admin, login_analyst from flask_login import login_required import re @@ -146,6 +148,7 @@ def save_tag_to_auto_push(list_tag): @terms.route("/terms_management/") @login_required +@login_analyst def terms_management(): per_paste = request.args.get('per_paste') if per_paste == "1" or per_paste is None: @@ -265,6 +268,7 @@ def terms_management(): @terms.route("/terms_management_query_paste/") @login_required +@login_analyst def terms_management_query_paste(): term = request.args.get('term') paste_info = [] @@ -298,6 +302,7 @@ def terms_management_query_paste(): @terms.route("/terms_management_query/") @login_required +@login_analyst def terms_management_query(): TrackedTermsDate_Name = "TrackedTermDate" BlackListTermsDate_Name = "BlackListTermDate" @@ -321,6 +326,7 @@ def terms_management_query(): @terms.route("/terms_management_action/", methods=['GET']) @login_required +@login_analyst def terms_management_action(): today = datetime.datetime.now() today = today.replace(microsecond=0) @@ -447,6 +453,7 @@ def terms_management_action(): @terms.route("/terms_management/delete_terms_tags", methods=['POST']) @login_required +@login_analyst def delete_terms_tags(): term = request.form.get('term') tags_to_delete = request.form.getlist('tags_to_delete') @@ -460,6 +467,7 @@ def delete_terms_tags(): @terms.route("/terms_management/delete_terms_email", methods=['GET']) @login_required +@login_analyst def delete_terms_email(): term = request.args.get('term') email = request.args.get('email') @@ -473,6 +481,7 @@ def delete_terms_email(): @terms.route("/terms_plot_tool/") @login_required +@login_analyst def terms_plot_tool(): term = request.args.get('term') if term is not None: @@ -483,6 +492,7 @@ def terms_plot_tool(): @terms.route("/terms_plot_tool_data/") @login_required +@login_analyst def terms_plot_tool_data(): oneDay = 60*60*24 range_start = datetime.datetime.utcfromtimestamp(int(float(request.args.get('range_start')))) if request.args.get('range_start') is not None else 0; @@ -514,6 +524,7 @@ def terms_plot_tool_data(): @terms.route("/terms_plot_top/") @login_required +@login_analyst def terms_plot_top(): per_paste = request.args.get('per_paste') per_paste = per_paste if per_paste is not None else 1 @@ -522,6 +533,7 @@ def terms_plot_top(): @terms.route("/terms_plot_top_data/") @login_required +@login_analyst def terms_plot_top_data(): oneDay = 60*60*24 today = datetime.datetime.now() @@ -569,11 +581,13 @@ def terms_plot_top_data(): @terms.route("/credentials_tracker/") @login_required +@login_analyst def credentials_tracker(): return render_template("credentials_tracker.html") @terms.route("/credentials_management_query_paste/", methods=['GET', 'POST']) @login_required +@login_analyst def credentials_management_query_paste(): cred = request.args.get('cred') allPath = request.json['allPath'] @@ -598,6 +612,7 @@ def credentials_management_query_paste(): @terms.route("/credentials_management_action/", methods=['GET']) @login_required +@login_analyst def cred_management_action(): supplied = request.args.get('term') diff --git a/var/www/modules/trendingcharts/Flask_trendingcharts.py b/var/www/modules/trendingcharts/Flask_trendingcharts.py index bad6a353..a037e171 100644 --- a/var/www/modules/trendingcharts/Flask_trendingcharts.py +++ b/var/www/modules/trendingcharts/Flask_trendingcharts.py @@ -9,6 +9,8 @@ import datetime from Date import Date import flask from flask import Flask, render_template, jsonify, request, Blueprint + +from Role_Manager import login_admin, login_analyst from flask_login import login_required # ============ VARIABLES ============ @@ -38,6 +40,7 @@ def get_date_range(num_day): @trendings.route("/_progressionCharts", methods=['GET']) @login_required +@login_analyst def progressionCharts(): attribute_name = request.args.get('attributeName') trending_name = request.args.get('trendingName') @@ -64,6 +67,7 @@ def progressionCharts(): @trendings.route("/wordstrending/") @login_required +@login_analyst def wordstrending(): default_display = cfg.get("Flask", "default_display") return render_template("Wordstrending.html", default_display = default_display) @@ -71,6 +75,7 @@ def wordstrending(): @trendings.route("/protocolstrending/") @login_required +@login_analyst def protocolstrending(): default_display = cfg.get("Flask", "default_display") return render_template("Protocolstrending.html", default_display = default_display) @@ -78,6 +83,7 @@ def protocolstrending(): @trendings.route("/trending/") @login_required +@login_analyst def trending(): default_display = cfg.get("Flask", "default_display") return render_template("Trending.html", default_display = default_display) diff --git a/var/www/modules/trendingmodules/Flask_trendingmodules.py b/var/www/modules/trendingmodules/Flask_trendingmodules.py index a53066b9..80646ecb 100644 --- a/var/www/modules/trendingmodules/Flask_trendingmodules.py +++ b/var/www/modules/trendingmodules/Flask_trendingmodules.py @@ -9,6 +9,8 @@ import datetime from Date import Date import flask from flask import Flask, render_template, jsonify, request, Blueprint + +from Role_Manager import login_admin, login_analyst from flask_login import login_required # ============ VARIABLES ============ @@ -51,6 +53,7 @@ def get_date_range(num_day): @trendingmodules.route("/_moduleCharts", methods=['GET']) @login_required +@login_analyst def modulesCharts(): keyword_name = request.args.get('keywordName') module_name = request.args.get('moduleName') @@ -78,6 +81,7 @@ def modulesCharts(): @trendingmodules.route("/_providersChart", methods=['GET']) @login_required +@login_analyst def providersChart(): keyword_name = request.args.get('keywordName') module_name = request.args.get('moduleName') @@ -125,6 +129,7 @@ def providersChart(): @trendingmodules.route("/moduletrending/") @login_required +@login_analyst def moduletrending(): return render_template("Moduletrending.html") diff --git a/var/www/templates/error/403.html b/var/www/templates/error/403.html new file mode 100644 index 00000000..e90433ba --- /dev/null +++ b/var/www/templates/error/403.html @@ -0,0 +1,49 @@ + + + + + 403 - AIL + + + + + + + + +{% include 'nav_bar.html' %} + +
+
+
+

403 Forbidden

+
+
+
+
+
+
+
+                                  ,d8       ,a8888a,     ad888888b,
+                                ,d888     ,8P"'  `"Y8,  d8"     "88
+                              ,d8" 88    ,8P        Y8,         a8P
+                            ,d8"   88    88          88      aad8"
+                          ,d8"     88    88          88      ""Y8,
+                          8888888888888  `8b        d8'         "8b
+                                   88     `8ba,  ,ad8'  Y8,     a88
+                                   88       "Y8888P"     "Y888888P'
+
+88888888888                       88           88           88           88
+88                                88           ""           88           88
+88                                88                        88           88
+88aaaaa   ,adPPYba,   8b,dPPYba,  88,dPPYba,   88   ,adPPYb,88   ,adPPYb,88   ,adPPYba,  8b,dPPYba,
+88"""""  a8"     "8a  88P'   "Y8  88P'    "8a  88  a8"    `Y88  a8"    `Y88  a8P_____88  88P'   `"8a
+88       8b       d8  88          88       d8  88  8b       88  8b       88  8PP"""""""  88       88
+88       "8a,   ,a8"  88          88b,   ,a8"  88  "8a,   ,d88  "8a,   ,d88  "8b,   ,aa  88       88
+88        `"YbbdP"'   88          8Y"Ybbd8"'   88   `"8bbdP"Y8   `"8bbdP"Y8   `"Ybbd8"'  88       88
+
+
+ + + +