new: Submit any file to Pandora (if available)

Fix proposal for #670
2023-04-26 15:40:36 +02:00 · 2023-04-26 15:40:36 +02:00 · 134ccf1acf
parent 952a53038e
commit 134ccf1acf
3 changed files with 51 additions and 6 deletions
--- a/website/web/init.py
+++ b/website/web/init.py
@ -792,9 +792,24 @@ def tree_body_hashes(tree_uuid: str):
    return render_template('tree_body_hashes.html', tree_uuid=tree_uuid, body_hashes=body_hashes)


-@app.route('/tree/<string:tree_uuid>/pandora', methods=['GET'])
+@app.route('/tree/<string:tree_uuid>/pandora', methods=['GET', 'POST'])
 def pandora_submit(tree_uuid: str):
-    filename, content = lookyloo.get_data(tree_uuid)
+    node_uuid = None
+    if request.method == 'POST':
+        input_json = request.get_json(force=True)
+        node_uuid = input_json.get('node_uuid')
+        h_request = input_json.get('ressource_hash')
+    if node_uuid:
+        ressource = lookyloo.get_ressource(tree_uuid, node_uuid, h_request)
+        if ressource:
+            filename, content, mimetype = ressource
+        elif h_request:
+            return {'error': 'Unable to find resource {h_request} in node {node_uuid} of tree {tree_uuid}'}
+        else:
+            return {'error': 'Unable to find resource in node {node_uuid} of tree {tree_uuid}'}
+    else:
+        filename, content = lookyloo.get_data(tree_uuid)
+
    response = lookyloo.pandora.submit_file(content, filename)
    return jsonify(response)

--- a/website/web/templates/hostname_popup.html
+++ b/website/web/templates/hostname_popup.html
@ -9,6 +9,7 @@
 {% from "macros.html" import other_captures_table %}
 {% from "macros.html" import get_ressource_button %}
 {% from "macros.html" import context_form %}
+{% from "macros.html" import pandora_submit %}

 {% block title %}Details for {{ hostnode.name }} {% endblock %}

@ -63,9 +64,17 @@
  });
  </script>
  <script>
-  function submit_pandora(){
+  function submit_pandora(node_uuid, ressource_hash){
+    let data = {};
+    if (node_uuid) {
+        data.node_uuid = node_uuid;
+    };
+    if (ressource_hash) {
+        data.ressource_hash = ressource_hash;
+    };
    fetch("{{ url_for('pandora_submit', tree_uuid=tree_uuid)}}", {
-         method: "GET",
+        method: "POST",
+        body: JSON.stringify(data),
      })
      .then(response => response.json())
      .then(data => {
@ -232,8 +241,7 @@
          {% if url['url_object'].downloaded_filename %}
            {% if has_pandora %}
            <div> Downloaded file: <b>{{url['url_object'].downloaded_filename}}</b> ({{sizeof_fmt(url['url_object'].downloaded_file.getbuffer().nbytes)}})</div>
-            <button id="pandora_submit_button" type="button" class="btn btn-primary" onclick="submit_pandora()">Submit to Pandora</button>
-            <div>After clicking on the button above, a link to the report on Pandora will be copied in your clipboard.</div>
+            {{ pandora_submit() }}
            {% else %}
            <a href="{{ url_for('data', tree_uuid=tree_uuid)}}">
              Download {{url['url_object'].downloaded_filename}}
@ -255,6 +263,9 @@
            Empty body.
            {% else %}
            {{ ressource_legitimacy_details(url['legitimacy'], url['url_object'].body.getbuffer().nbytes) }}
+            {% if has_pandora %}
+            {{ pandora_submit(url['url_object'].uuid) }}
+            {% endif %}
            {% endif %}
            </div>
          {%endif%}
@ -305,6 +316,9 @@
              {% endif %}
              {{ ressource_legitimacy_details(details['legitimacy'], details['body_size']) }}
              </div>
+              {% if has_pandora %}
+              {{ pandora_submit(url['url_object'].uuid, hash) }}
+              {% endif %}
              <div>
                This file {% if details['type'] %}(<b>{{ details['type'] }}</b>){% endif %} can be found <b>{{ details['hash_freq'] }}</b> times
                across all the captures on this lookyloo instance, in <b>{{ details['hash_domains_freq'] }}</b> unique domains.
--- a/website/web/templates/macros.html
+++ b/website/web/templates/macros.html
@ -271,6 +271,22 @@
 </div>
 {% endmacro %}

+
+{% macro pandora_submit(node_uuid, ressource_hash) %}
+<div class="col-sm-8">
+  <button id="pandora_submit_button" type="button" class="btn btn-primary btn-sm" title="open a new tab with the pandora report"
+  {% if node_uuid and ressource_hash %}
+    onclick="submit_pandora('{{node_uuid}}', '{{ressource_hash}}')"
+  {% elif node_uuid %}
+    onclick="submit_pandora('{{node_uuid}}')"
+  {% else %}
+    onclick="submit_pandora()"
+  {% endif %}
+  >Submit to Pandora</button>
+</div>
+{% endmacro %}
+
+
 {% macro popup_icons_response(urlnode, tree_uuid) %}
 <div>
  {% if urlnode.response_cookie %}