mirror of https://github.com/CIRCL/AIL-framework
chg: [module extractor] check tracker and retro hunt acl
parent
ce4a1a8df5
commit
cb45e06ebc
|
@ -217,6 +217,15 @@ class Tracker:
|
||||||
ail_orgs.remove_obj_to_org(old_org, 'tracker', self.uuid)
|
ail_orgs.remove_obj_to_org(old_org, 'tracker', self.uuid)
|
||||||
self.set_level(new_level, new_org_uuid)
|
self.set_level(new_level, new_org_uuid)
|
||||||
|
|
||||||
|
def check_level(self, user_org, user_id):
|
||||||
|
level = self.get_level()
|
||||||
|
if level == 1:
|
||||||
|
return True
|
||||||
|
elif level == 0:
|
||||||
|
return self.get_user() == user_id
|
||||||
|
elif level == 2:
|
||||||
|
return self.get_org() == user_org
|
||||||
|
|
||||||
def is_level_user(self):
|
def is_level_user(self):
|
||||||
return self.get_level() == 0
|
return self.get_level() == 0
|
||||||
|
|
||||||
|
@ -1454,7 +1463,7 @@ class RetroHunt:
|
||||||
def get_level(self):
|
def get_level(self):
|
||||||
level = int(self._get_field('level'))
|
level = int(self._get_field('level'))
|
||||||
if not level:
|
if not level:
|
||||||
level = 0
|
level = 1
|
||||||
return int(level)
|
return int(level)
|
||||||
|
|
||||||
def set_level(self, level, org_uuid):
|
def set_level(self, level, org_uuid):
|
||||||
|
@ -1477,6 +1486,13 @@ class RetroHunt:
|
||||||
self.delete_level(old_level)
|
self.delete_level(old_level)
|
||||||
self.set_level(new_level, new_org_uuid)
|
self.set_level(new_level, new_org_uuid)
|
||||||
|
|
||||||
|
def check_level(self, user_org):
|
||||||
|
level = self.get_level()
|
||||||
|
if level == 1:
|
||||||
|
return True
|
||||||
|
elif level == 2:
|
||||||
|
return self.get_org() == user_org
|
||||||
|
|
||||||
## ORG ##
|
## ORG ##
|
||||||
|
|
||||||
def get_creator_org(self):
|
def get_creator_org(self):
|
||||||
|
|
|
@ -14,8 +14,8 @@ sys.path.append(os.environ['AIL_BIN'])
|
||||||
##################################
|
##################################
|
||||||
# Import Project packages
|
# Import Project packages
|
||||||
##################################
|
##################################
|
||||||
|
from lib.ail_users import get_user_org
|
||||||
from lib.objects import ail_objects
|
from lib.objects import ail_objects
|
||||||
from lib.objects.Items import Item
|
|
||||||
from lib.objects.Titles import Title
|
from lib.objects.Titles import Title
|
||||||
from lib import correlations_engine
|
from lib import correlations_engine
|
||||||
from lib import regex_helper
|
from lib import regex_helper
|
||||||
|
@ -140,13 +140,16 @@ def convert_byte_offset_to_string(b_content, offset):
|
||||||
|
|
||||||
# TODO RETRO HUNTS
|
# TODO RETRO HUNTS
|
||||||
# TODO TRACKER TYPE IN UI
|
# TODO TRACKER TYPE IN UI
|
||||||
def get_tracker_match(obj, content):
|
def get_tracker_match(user_org, user_id, obj, content):
|
||||||
extracted = []
|
extracted = []
|
||||||
extracted_yara = []
|
extracted_yara = []
|
||||||
obj_gid = obj.get_global_id()
|
obj_gid = obj.get_global_id()
|
||||||
trackers = Tracker.get_obj_trackers(obj.type, obj.get_subtype(r_str=True), obj.id)
|
trackers = Tracker.get_obj_trackers(obj.type, obj.get_subtype(r_str=True), obj.id)
|
||||||
for tracker_uuid in trackers:
|
for tracker_uuid in trackers:
|
||||||
tracker = Tracker.Tracker(tracker_uuid)
|
tracker = Tracker.Tracker(tracker_uuid)
|
||||||
|
if not tracker.check_level(user_org, user_id):
|
||||||
|
continue
|
||||||
|
|
||||||
tracker_type = tracker.get_type()
|
tracker_type = tracker.get_type()
|
||||||
# print(tracker_type)
|
# print(tracker_type)
|
||||||
tracked = tracker.get_tracked()
|
tracked = tracker.get_tracked()
|
||||||
|
@ -182,6 +185,9 @@ def get_tracker_match(obj, content):
|
||||||
retro_hunts = Tracker.get_obj_retro_hunts(obj.type, obj.get_subtype(r_str=True), obj.id)
|
retro_hunts = Tracker.get_obj_retro_hunts(obj.type, obj.get_subtype(r_str=True), obj.id)
|
||||||
for retro_uuid in retro_hunts:
|
for retro_uuid in retro_hunts:
|
||||||
retro_hunt = Tracker.RetroHunt(retro_uuid)
|
retro_hunt = Tracker.RetroHunt(retro_uuid)
|
||||||
|
if not retro_hunt.check_level(user_org):
|
||||||
|
continue
|
||||||
|
|
||||||
rule = retro_hunt.get_rule(r_compile=True)
|
rule = retro_hunt.get_rule(r_compile=True)
|
||||||
rule.match(data=content.encode(), callback=_get_yara_match,
|
rule.match(data=content.encode(), callback=_get_yara_match,
|
||||||
which_callbacks=yara.CALLBACK_MATCHES, timeout=30)
|
which_callbacks=yara.CALLBACK_MATCHES, timeout=30)
|
||||||
|
@ -209,23 +215,25 @@ def get_tracker_match(obj, content):
|
||||||
# tag:iban
|
# tag:iban
|
||||||
# tracker:uuid
|
# tracker:uuid
|
||||||
# def extract(obj_id, content=None):
|
# def extract(obj_id, content=None):
|
||||||
def extract(obj_type, subtype, obj_id, content=None):
|
def extract(user_id, obj_type, subtype, obj_id, content=None):
|
||||||
obj = ail_objects.get_object(obj_type, subtype, obj_id)
|
obj = ail_objects.get_object(obj_type, subtype, obj_id)
|
||||||
if not obj.exists():
|
if not obj.exists():
|
||||||
return []
|
return []
|
||||||
obj_gid = obj.get_global_id()
|
obj_gid = obj.get_global_id()
|
||||||
|
|
||||||
|
user_org = get_user_org(user_id)
|
||||||
|
|
||||||
# CHECK CACHE
|
# CHECK CACHE
|
||||||
cached = r_cache.get(f'extractor:cache:{obj_gid}')
|
cached = r_cache.get(f'extractor:cache:{obj_gid}:{user_org}:{user_id}')
|
||||||
# cached = None
|
# cached = None
|
||||||
if cached:
|
if cached:
|
||||||
r_cache.expire(f'extractor:cache:{obj_gid}', 300)
|
r_cache.expire(f'extractor:cache:{obj_gid}:{user_org}:{user_id}', 300)
|
||||||
return json.loads(cached)
|
return json.loads(cached)
|
||||||
|
|
||||||
if not content:
|
if not content:
|
||||||
content = obj.get_content()
|
content = obj.get_content()
|
||||||
|
|
||||||
extracted = get_tracker_match(obj, content)
|
extracted = get_tracker_match(user_org, user_id, obj, content)
|
||||||
|
|
||||||
# print(item.get_tags())
|
# print(item.get_tags())
|
||||||
for tag in obj.get_tags():
|
for tag in obj.get_tags():
|
||||||
|
@ -249,8 +257,8 @@ def extract(obj_type, subtype, obj_id, content=None):
|
||||||
# Save In Cache
|
# Save In Cache
|
||||||
if extracted:
|
if extracted:
|
||||||
extracted_dump = json.dumps(extracted)
|
extracted_dump = json.dumps(extracted)
|
||||||
r_cache.set(f'extractor:cache:{obj_gid}', extracted_dump)
|
r_cache.set(f'extractor:cache:{obj_gid}:{user_org}:{user_id}', extracted_dump)
|
||||||
r_cache.expire(f'extractor:cache:{obj_gid}', 300) # TODO Reduce CACHE ???????????????
|
r_cache.expire(f'extractor:cache:{obj_gid}:{user_org}:{user_id}', 300) # TODO Reduce CACHE ???????????????
|
||||||
|
|
||||||
return extracted
|
return extracted
|
||||||
|
|
||||||
|
|
|
@ -10,7 +10,7 @@ import sys
|
||||||
import json
|
import json
|
||||||
|
|
||||||
from flask import Flask, render_template, jsonify, request, Blueprint, redirect, url_for, Response, abort
|
from flask import Flask, render_template, jsonify, request, Blueprint, redirect, url_for, Response, abort
|
||||||
from flask_login import login_required
|
from flask_login import login_required, current_user
|
||||||
|
|
||||||
# Import Role_Manager
|
# Import Role_Manager
|
||||||
from Role_Manager import login_admin, login_analyst, login_read_only
|
from Role_Manager import login_admin, login_analyst, login_read_only
|
||||||
|
@ -236,7 +236,7 @@ def objects_message():
|
||||||
else:
|
else:
|
||||||
message = message[0]
|
message = message[0]
|
||||||
languages = Language.get_translation_languages()
|
languages = Language.get_translation_languages()
|
||||||
extracted = module_extractor.extract('message', '', message['id'], content=message['content'])
|
extracted = module_extractor.extract(current_user.get_user_id(), 'message', '', message['id'], content=message['content'])
|
||||||
extracted_matches = module_extractor.get_extracted_by_match(extracted)
|
extracted_matches = module_extractor.get_extracted_by_match(extracted)
|
||||||
message['extracted'] = extracted
|
message['extracted'] = extracted
|
||||||
message['extracted_matches'] = extracted_matches
|
message['extracted_matches'] = extracted_matches
|
||||||
|
|
|
@ -10,7 +10,7 @@ import os
|
||||||
import sys
|
import sys
|
||||||
|
|
||||||
from flask import Flask, render_template, jsonify, request, Blueprint, redirect, url_for, Response, abort, send_file, send_from_directory
|
from flask import Flask, render_template, jsonify, request, Blueprint, redirect, url_for, Response, abort, send_file, send_from_directory
|
||||||
from flask_login import login_required
|
from flask_login import login_required, current_user
|
||||||
|
|
||||||
# Import Role_Manager
|
# Import Role_Manager
|
||||||
from Role_Manager import login_admin, login_analyst, login_read_only, no_cache
|
from Role_Manager import login_admin, login_analyst, login_read_only, no_cache
|
||||||
|
@ -85,7 +85,7 @@ def showItem(): # # TODO: support post
|
||||||
else:
|
else:
|
||||||
meta['investigations'] = []
|
meta['investigations'] = []
|
||||||
|
|
||||||
extracted = module_extractor.extract('item', '', item.id, content=meta['content'])
|
extracted = module_extractor.extract(current_user.get_user_id(), 'item', '', item.id, content=meta['content'])
|
||||||
extracted_matches = module_extractor.get_extracted_by_match(extracted)
|
extracted_matches = module_extractor.get_extracted_by_match(extracted)
|
||||||
|
|
||||||
return render_template("show_item.html", bootstrap_label=bootstrap_label,
|
return render_template("show_item.html", bootstrap_label=bootstrap_label,
|
||||||
|
|
Loading…
Reference in New Issue