2018-11-28 22:51:00 +01:00
|
|
|
"""Functions for working with STIX2 object markings."""
|
2017-06-09 20:21:42 +02:00
|
|
|
|
2017-08-24 18:47:14 +02:00
|
|
|
from stix2 import exceptions
|
2017-06-09 20:21:42 +02:00
|
|
|
from stix2.markings import utils
|
2017-09-01 22:37:49 +02:00
|
|
|
from stix2.utils import new_version
|
2017-06-09 20:21:42 +02:00
|
|
|
|
|
|
|
|
|
|
|
def get_markings(obj):
|
|
|
|
"""
|
2017-07-13 13:57:01 +02:00
|
|
|
Get all object level markings from the given SDO or SRO object.
|
2017-06-09 20:21:42 +02:00
|
|
|
|
|
|
|
Args:
|
2017-07-13 13:57:01 +02:00
|
|
|
obj: A SDO or SRO object.
|
2017-06-09 20:21:42 +02:00
|
|
|
|
|
|
|
Returns:
|
2017-08-24 18:47:14 +02:00
|
|
|
list: Marking identifiers contained in the SDO or SRO. Empty list if no
|
2017-07-13 13:57:01 +02:00
|
|
|
markings are present in `object_marking_refs`.
|
2017-06-09 20:21:42 +02:00
|
|
|
|
|
|
|
"""
|
2018-06-30 00:38:04 +02:00
|
|
|
return obj.get('object_marking_refs', [])
|
2017-06-09 20:21:42 +02:00
|
|
|
|
|
|
|
|
|
|
|
def add_markings(obj, marking):
|
|
|
|
"""
|
2017-11-09 16:10:19 +01:00
|
|
|
Append an object level marking to the object_marking_refs collection.
|
2017-06-09 20:21:42 +02:00
|
|
|
|
|
|
|
Args:
|
2017-07-13 13:57:01 +02:00
|
|
|
obj: A SDO or SRO object.
|
|
|
|
marking: identifier or list of identifiers to apply SDO or SRO object.
|
2017-06-09 20:21:42 +02:00
|
|
|
|
2017-08-24 18:47:14 +02:00
|
|
|
Returns:
|
|
|
|
A new version of the given SDO or SRO with specified markings added.
|
2017-06-09 20:21:42 +02:00
|
|
|
|
|
|
|
"""
|
2017-10-02 18:28:47 +02:00
|
|
|
marking = utils.convert_to_marking_list(marking)
|
2017-06-09 20:21:42 +02:00
|
|
|
|
2018-06-30 00:38:04 +02:00
|
|
|
object_markings = set(obj.get('object_marking_refs', []) + marking)
|
2017-06-09 20:21:42 +02:00
|
|
|
|
2018-03-02 16:21:51 +01:00
|
|
|
return new_version(obj, object_marking_refs=list(object_markings), allow_custom=True)
|
2017-06-09 20:21:42 +02:00
|
|
|
|
|
|
|
|
|
|
|
def remove_markings(obj, marking):
|
|
|
|
"""
|
2017-11-09 16:10:19 +01:00
|
|
|
Remove an object level marking from the object_marking_refs collection.
|
2017-06-09 20:21:42 +02:00
|
|
|
|
|
|
|
Args:
|
2017-07-13 13:57:01 +02:00
|
|
|
obj: A SDO or SRO object.
|
|
|
|
marking: identifier or list of identifiers that apply to the
|
|
|
|
SDO or SRO object.
|
2017-06-09 20:21:42 +02:00
|
|
|
|
|
|
|
Raises:
|
2017-08-24 18:47:14 +02:00
|
|
|
MarkingNotFoundError: If markings to remove are not found on
|
|
|
|
the provided SDO or SRO.
|
|
|
|
|
|
|
|
Returns:
|
|
|
|
A new version of the given SDO or SRO with specified markings removed.
|
2017-06-09 20:21:42 +02:00
|
|
|
|
|
|
|
"""
|
2017-10-02 18:28:47 +02:00
|
|
|
marking = utils.convert_to_marking_list(marking)
|
2017-06-09 20:21:42 +02:00
|
|
|
|
2018-06-30 00:38:04 +02:00
|
|
|
object_markings = obj.get('object_marking_refs', [])
|
2017-06-09 20:21:42 +02:00
|
|
|
|
|
|
|
if not object_markings:
|
2017-07-13 13:57:01 +02:00
|
|
|
return obj
|
2017-06-09 20:21:42 +02:00
|
|
|
|
2018-06-30 00:38:04 +02:00
|
|
|
if any(x not in obj['object_marking_refs'] for x in marking):
|
2017-08-24 18:47:14 +02:00
|
|
|
raise exceptions.MarkingNotFoundError(obj, marking)
|
2017-06-09 20:21:42 +02:00
|
|
|
|
2017-08-21 19:57:01 +02:00
|
|
|
new_markings = [x for x in object_markings if x not in marking]
|
|
|
|
if new_markings:
|
2018-03-02 17:32:07 +01:00
|
|
|
return new_version(obj, object_marking_refs=new_markings, allow_custom=True)
|
2017-08-21 19:57:01 +02:00
|
|
|
else:
|
2018-03-02 17:32:07 +01:00
|
|
|
return new_version(obj, object_marking_refs=None, allow_custom=True)
|
2017-06-09 20:21:42 +02:00
|
|
|
|
|
|
|
|
|
|
|
def set_markings(obj, marking):
|
|
|
|
"""
|
2017-11-09 16:10:19 +01:00
|
|
|
Remove all object level markings and append new object level markings to
|
2017-06-09 20:21:42 +02:00
|
|
|
the collection. Refer to `clear_markings` and `add_markings` for details.
|
|
|
|
|
|
|
|
Args:
|
2017-07-13 13:57:01 +02:00
|
|
|
obj: A SDO or SRO object.
|
|
|
|
marking: identifier or list of identifiers to apply in the
|
|
|
|
SDO or SRO object.
|
2017-06-09 20:21:42 +02:00
|
|
|
|
2017-08-24 18:47:14 +02:00
|
|
|
Returns:
|
|
|
|
A new version of the given SDO or SRO with specified markings removed
|
|
|
|
and new ones added.
|
|
|
|
|
2017-06-09 20:21:42 +02:00
|
|
|
"""
|
2017-07-13 13:57:01 +02:00
|
|
|
return add_markings(clear_markings(obj), marking)
|
2017-06-09 20:21:42 +02:00
|
|
|
|
|
|
|
|
|
|
|
def clear_markings(obj):
|
|
|
|
"""
|
2017-11-09 16:10:19 +01:00
|
|
|
Remove all object level markings from the object_marking_refs collection.
|
2017-06-09 20:21:42 +02:00
|
|
|
|
|
|
|
Args:
|
2017-07-13 13:57:01 +02:00
|
|
|
obj: A SDO or SRO object.
|
2017-06-09 20:21:42 +02:00
|
|
|
|
2017-08-24 18:47:14 +02:00
|
|
|
Returns:
|
|
|
|
A new version of the given SDO or SRO with object_marking_refs cleared.
|
|
|
|
|
2017-06-09 20:21:42 +02:00
|
|
|
"""
|
2018-03-02 17:32:07 +01:00
|
|
|
return new_version(obj, object_marking_refs=None, allow_custom=True)
|
2017-06-09 20:21:42 +02:00
|
|
|
|
|
|
|
|
|
|
|
def is_marked(obj, marking=None):
|
|
|
|
"""
|
2017-11-09 16:10:19 +01:00
|
|
|
Check if SDO or SRO is marked by any marking or by specific marking(s).
|
2017-06-09 20:21:42 +02:00
|
|
|
|
|
|
|
Args:
|
2017-07-13 13:57:01 +02:00
|
|
|
obj: A SDO or SRO object.
|
2017-06-09 20:21:42 +02:00
|
|
|
marking: identifier or list of marking identifiers that apply to the
|
2017-07-13 13:57:01 +02:00
|
|
|
SDO or SRO object.
|
2017-06-09 20:21:42 +02:00
|
|
|
|
|
|
|
Returns:
|
2017-07-13 13:57:01 +02:00
|
|
|
bool: True if SDO or SRO has object level markings. False otherwise.
|
2017-06-09 20:21:42 +02:00
|
|
|
|
|
|
|
Note:
|
2017-07-13 13:57:01 +02:00
|
|
|
When an identifier or list of identifiers is provided, if ANY of the
|
|
|
|
provided marking refs match, True is returned.
|
2017-06-09 20:21:42 +02:00
|
|
|
|
|
|
|
"""
|
2017-10-02 18:28:47 +02:00
|
|
|
marking = utils.convert_to_marking_list(marking)
|
2018-06-30 00:38:04 +02:00
|
|
|
object_markings = obj.get('object_marking_refs', [])
|
2017-06-09 20:21:42 +02:00
|
|
|
|
|
|
|
if marking:
|
|
|
|
return any(x in object_markings for x in marking)
|
|
|
|
else:
|
|
|
|
return bool(object_markings)
|