Merge branch 'master' of github.com:CIRCL/PyMISP

2015-02-17 16:32:50 +01:00 · 2015-02-17 16:32:50 +01:00 · 0c906f69ed
parent 94c756fd21 59254c8246
commit 0c906f69ed
2 changed files with 65 additions and 14 deletions
--- a/28
+++ b/28
@ -0,0 +1,28 @@
+Copyright (c) 2013, 2014 Raphaël Vinot
+Copyright (c) 2013, 2014 Alexandre Dulaunoy
+Copyright (c) 2013, 2014 CIRCL - Computer Incident Response Center Luxembourg
+                         (c/o smile, security made in Lëtzebuerg, Groupement
+                         d'Intérêt Economique)
+Copyright (c)       2014 Koen Van Impe
+
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+    1. Redistributions of source code must retain the above copyright notice,
+       this list of conditions and the following disclaimer.
+    2. Redistributions in binary form must reproduce the above copyright notice,
+       this list of conditions and the following disclaimer in the documentation
+       and/or other materials provided with the distribution.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+OF THE POSSIBILITY OF SUCH DAMAGE.
--- a/pymisp/api.py
+++ b/pymisp/api.py
@ -3,6 +3,8 @@

 """ Python API using the REST interface of MISP """

+import json
+import datetime
 import requests


@ -46,6 +48,15 @@ class PyMISP(object):
             'content-type': 'text/' + out})
        return session

+    def __query(self, session, path, query):
+        if query.get('error') is not None:
+            return query
+        url = self.rest.format(path)
+        query = {'request': query}
+        print json.dumps(query)
+        r = session.post(url, data=json.dumps(query))
+        return r.json()
+
    # ############### REST API ################

    def get_index(self):
@ -121,7 +132,8 @@ class PyMISP(object):
        return to_return

    def search(self, values=None, not_values=None, type_attribute=None,
-               category=None, org=None, tags=None, not_tags=None):
+               category=None, org=None, tags=None, not_tags=None, date_from=None,
+               date_to=None):
        """
            Search via the Rest API

@ -132,25 +144,36 @@ class PyMISP(object):
            :param org: Org reporting the event
            :param tags: Tags to search for
            :param not_tags: Tags *not* to search for
+            :param date_from: First date
+            :param date_to: Last date

        """
-        search = self.url + '/restSearch/download/{}/{}/{}/{}/{}'
        val = self.__prepare_rest_search(values, not_values).replace('/', '|')
        tag = self.__prepare_rest_search(tags, not_tags).replace(':', ';')
-        if len(val) == 0:
-            val = 'null'
-        if len(tag) == 0:
-            tag = 'null'
-        if type_attribute is None:
-            type_attribute = 'null'
-        if category is None:
-            category = 'null'
-        if org is None:
-            org = 'null'
+        query = {}
+        if len(val) != 0:
+            query['value'] = val
+        if len(tag) != 0:
+            query['tags'] = tag
+        if type_attribute is not None:
+            query['type'] = type_attribute
+        if category is not None:
+            query['category'] = category
+        if org is not None:
+            query['org'] = org
+        if date_from is not None:
+            if isinstance(date_from, datetime.date) or isinstance(date_to, datetime.datetime):
+                query['from'] = date_from.strftime('%Y-%m-%d')
+            else:
+                query['from'] = date_from
+        if date_to is not None:
+            if isinstance(date_to, datetime.date) or isinstance(date_to, datetime.datetime):
+                query['to'] = date_to.strftime('%Y-%m-%d')
+            else:
+                query['to'] = date_to

        session = self.__prepare_session()
-        return session.get(search.format(val, type_attribute,
-                                         category, org, tag))
+        return self.__query(session, 'restSearch/download', query)

    def get_attachement(self, event_id):
        """