Merge remote-tracking branch 'upstream/master'

Merging new pymisp changes
2016-03-31 09:13:04 +01:00 · 2016-03-31 09:13:04 +01:00 · c88096ab5d
parent 9e8f81aafe f54e92ab81
commit c88096ab5d
6 changed files with 39 additions and 15 deletions
--- a/examples/copy_list.py
+++ b/examples/copy_list.py
@ -1,4 +1,4 @@
-#!/usr/bin/python
+#!/usr/bin/env python
 # -*- coding: utf-8 -*-

 import sys
--- a/examples/create_events.py
+++ b/examples/create_events.py
@ -16,7 +16,7 @@ def init(url, key):
    return PyMISP(url, key, True, 'json')

 if __name__ == '__main__':
-    parser = argparse.ArgumentParser(description='Send malware sample to MISP.')
+    parser = argparse.ArgumentParser(description='Create an event on MISP.')
    parser.add_argument("-d", "--distrib", type=int, help="The distribution setting used for the attributes and for the newly created event, if relevant. [0-3].")
    parser.add_argument("-i", "--info", help="Used to populate the event info field if no event ID supplied.")
    parser.add_argument("-a", "--analysis", type=int, help="The analysis level of the newly created event, if applicatble. [0-2]")
--- a/examples/get_network_activity.py
+++ b/examples/get_network_activity.py
@ -1,4 +1,4 @@
-#!/usr/bin/python
+#!/usr/bin/env python
 # -*- coding: utf-8 -*-

 """
--- a/pymisp/init.py
+++ b/pymisp/init.py
@ -1,3 +1,3 @@
-__version__ = '2.2'
+__version__ = '2.3'

 from .api import PyMISP, PyMISPError, NewEventError, NewAttributeError, MissingDependency, NoURL, NoKey
--- a/pymisp/api.py
+++ b/pymisp/api.py
@ -237,7 +237,6 @@ class PyMISP(object):
        else:
            return session.post(url, data=event)

-
    def update_event(self, event_id, event, force_out=None):
        """
            Update an event
@ -270,7 +269,6 @@ class PyMISP(object):
        url = urljoin(self.root_url, 'attributes/{}'.format(attribute_id))
        return session.delete(url)

-
    # ##############################################
    # ######### Event handling (Json only) #########
    # ##############################################
@ -310,7 +308,7 @@ class PyMISP(object):
            distribution = int(distribution)
        # If None: take the default value of the event
        if distribution not in [None, 0, 1, 2, 3, 5]:
-            raise NewAttributeError('{} is invalid, the distribution has to be in 0, 1, 2, 3 or None'.format(distribution))
+            raise NewAttributeError('{} is invalid, the distribution has to be in 0, 1, 2, 3, 5 or None'.format(distribution))
        if distribution is not None:
            to_return['distribution'] = distribution

@ -572,7 +570,7 @@ class PyMISP(object):
    def prepare_attribute(self, event_id, distribution, to_ids, category, info,
                          analysis, threat_level_id):
        to_post = {'request': {}}
-        authorized_categs = ['Payload delivery', 'Artifacts dropped', 'Payload Installation', 'External Analysis']
+        authorized_categs = ['Payload delivery', 'Artifacts dropped', 'Payload Installation', 'External Analysis', 'Antivirus detection']

        if event_id is not None:
            try:
@ -624,6 +622,31 @@ class PyMISP(object):
        response = session.post(url, data=json.dumps(to_post))
        return self._check_response(response)

+    def upload_attachment(self, filename, filepath, event_id, distribution, to_ids,
+                          category, info, analysis, threat_level_id):
+        to_post = self.prepare_attribute(event_id, distribution, to_ids, category,
+                                         info, analysis, threat_level_id)
+        to_post['request']['files'] = [{'filename': filename, 'data': self._encode_file_to_upload(filepath)}]
+        return self._upload_sample(to_post)
+
+    def upload_attachmentlist(self, filepaths, event_id, distribution, to_ids, category,
+                              info, analysis, threat_level_id):
+        to_post = self.prepare_attribute(event_id, distribution, to_ids, category,
+                                         info, analysis, threat_level_id)
+        files = []
+        for path in filepaths:
+            if not os.path.isfile(path):
+                continue
+            files.append({'filename': os.path.basename(path), 'data': self._encode_file_to_upload(path)})
+        to_post['request']['files'] = files
+        return self._upload_sample(to_post)
+
+    def _upload_attachment(self, to_post):
+        session = self.__prepare_session('json')
+        url = urljoin(self.root_url, 'events/upload_attachment')
+        response = session.post(url, data=json.dumps(to_post))
+        return self._check_response(response)
+
    # ############################
    # ######## Proposals #########
    # ############################
@ -912,6 +935,7 @@ class PyMISP(object):
        response = session.get(url)
        return response
    # ############## Deprecated (Pure XML API should not be used) ##################
+
    @deprecated
    def download_all(self):
        """