mirror of https://github.com/MISP/misp-dashboard
chg: [authentication] require authorization on hidden endpoints.
parent
88cc920bd3
commit
9c028e697f
34
server.py
34
server.py
|
@ -400,6 +400,7 @@ def trendings():
|
||||||
''' INDEX '''
|
''' INDEX '''
|
||||||
|
|
||||||
@app.route("/_logs")
|
@app.route("/_logs")
|
||||||
|
@login_required
|
||||||
def logs():
|
def logs():
|
||||||
if request.accept_mimetypes.accept_json or request.method == 'POST':
|
if request.accept_mimetypes.accept_json or request.method == 'POST':
|
||||||
key = 'Attribute'
|
key = 'Attribute'
|
||||||
|
@ -418,6 +419,7 @@ def logs():
|
||||||
return Response(stream_with_context(event_stream_log()), mimetype="text/event-stream")
|
return Response(stream_with_context(event_stream_log()), mimetype="text/event-stream")
|
||||||
|
|
||||||
@app.route("/_maps")
|
@app.route("/_maps")
|
||||||
|
@login_required
|
||||||
def maps():
|
def maps():
|
||||||
if request.accept_mimetypes.accept_json or request.method == 'POST':
|
if request.accept_mimetypes.accept_json or request.method == 'POST':
|
||||||
key = 'Map'
|
key = 'Map'
|
||||||
|
@ -427,6 +429,7 @@ def maps():
|
||||||
return Response(event_stream_maps(), mimetype="text/event-stream")
|
return Response(event_stream_maps(), mimetype="text/event-stream")
|
||||||
|
|
||||||
@app.route("/_get_log_head")
|
@app.route("/_get_log_head")
|
||||||
|
@login_required
|
||||||
def getLogHead():
|
def getLogHead():
|
||||||
return json.dumps(LogItem('').get_head_row())
|
return json.dumps(LogItem('').get_head_row())
|
||||||
|
|
||||||
|
@ -460,6 +463,7 @@ def event_stream_maps():
|
||||||
''' GEO '''
|
''' GEO '''
|
||||||
|
|
||||||
@app.route("/_getTopCoord")
|
@app.route("/_getTopCoord")
|
||||||
|
@login_required
|
||||||
def getTopCoord():
|
def getTopCoord():
|
||||||
try:
|
try:
|
||||||
date = datetime.datetime.fromtimestamp(float(request.args.get('date')))
|
date = datetime.datetime.fromtimestamp(float(request.args.get('date')))
|
||||||
|
@ -469,6 +473,7 @@ def getTopCoord():
|
||||||
return jsonify(data)
|
return jsonify(data)
|
||||||
|
|
||||||
@app.route("/_getHitMap")
|
@app.route("/_getHitMap")
|
||||||
|
@login_required
|
||||||
def getHitMap():
|
def getHitMap():
|
||||||
try:
|
try:
|
||||||
date = datetime.datetime.fromtimestamp(float(request.args.get('date')))
|
date = datetime.datetime.fromtimestamp(float(request.args.get('date')))
|
||||||
|
@ -478,6 +483,7 @@ def getHitMap():
|
||||||
return jsonify(data)
|
return jsonify(data)
|
||||||
|
|
||||||
@app.route("/_getCoordsByRadius")
|
@app.route("/_getCoordsByRadius")
|
||||||
|
@login_required
|
||||||
def getCoordsByRadius():
|
def getCoordsByRadius():
|
||||||
try:
|
try:
|
||||||
dateStart = datetime.datetime.fromtimestamp(float(request.args.get('dateStart')))
|
dateStart = datetime.datetime.fromtimestamp(float(request.args.get('dateStart')))
|
||||||
|
@ -494,14 +500,17 @@ def getCoordsByRadius():
|
||||||
''' CONTRIB '''
|
''' CONTRIB '''
|
||||||
|
|
||||||
@app.route("/_getLastContributors")
|
@app.route("/_getLastContributors")
|
||||||
|
@login_required
|
||||||
def getLastContributors():
|
def getLastContributors():
|
||||||
return jsonify(contributor_helper.getLastContributorsFromRedis())
|
return jsonify(contributor_helper.getLastContributorsFromRedis())
|
||||||
|
|
||||||
@app.route("/_eventStreamLastContributor")
|
@app.route("/_eventStreamLastContributor")
|
||||||
|
@login_required
|
||||||
def getLastContributor():
|
def getLastContributor():
|
||||||
return Response(eventStreamLastContributor(), mimetype="text/event-stream")
|
return Response(eventStreamLastContributor(), mimetype="text/event-stream")
|
||||||
|
|
||||||
@app.route("/_eventStreamAwards")
|
@app.route("/_eventStreamAwards")
|
||||||
|
@login_required
|
||||||
def getLastStreamAwards():
|
def getLastStreamAwards():
|
||||||
return Response(eventStreamAwards(), mimetype="text/event-stream")
|
return Response(eventStreamAwards(), mimetype="text/event-stream")
|
||||||
|
|
||||||
|
@ -539,6 +548,7 @@ def eventStreamAwards():
|
||||||
subscriber_lastAwards.unsubscribe()
|
subscriber_lastAwards.unsubscribe()
|
||||||
|
|
||||||
@app.route("/_getTopContributor")
|
@app.route("/_getTopContributor")
|
||||||
|
@login_required
|
||||||
def getTopContributor(suppliedDate=None, maxNum=100):
|
def getTopContributor(suppliedDate=None, maxNum=100):
|
||||||
if suppliedDate is None:
|
if suppliedDate is None:
|
||||||
try:
|
try:
|
||||||
|
@ -552,6 +562,7 @@ def getTopContributor(suppliedDate=None, maxNum=100):
|
||||||
return jsonify(data)
|
return jsonify(data)
|
||||||
|
|
||||||
@app.route("/_getFameContributor")
|
@app.route("/_getFameContributor")
|
||||||
|
@login_required
|
||||||
def getFameContributor():
|
def getFameContributor():
|
||||||
try:
|
try:
|
||||||
date = datetime.datetime.fromtimestamp(float(request.args.get('date')))
|
date = datetime.datetime.fromtimestamp(float(request.args.get('date')))
|
||||||
|
@ -562,6 +573,7 @@ def getFameContributor():
|
||||||
return getTopContributor(suppliedDate=date, maxNum=10)
|
return getTopContributor(suppliedDate=date, maxNum=10)
|
||||||
|
|
||||||
@app.route("/_getFameQualContributor")
|
@app.route("/_getFameQualContributor")
|
||||||
|
@login_required
|
||||||
def getFameQualContributor():
|
def getFameQualContributor():
|
||||||
try:
|
try:
|
||||||
date = datetime.datetime.fromtimestamp(float(request.args.get('date')))
|
date = datetime.datetime.fromtimestamp(float(request.args.get('date')))
|
||||||
|
@ -572,10 +584,12 @@ def getFameQualContributor():
|
||||||
return getTopContributor(suppliedDate=date, maxNum=10)
|
return getTopContributor(suppliedDate=date, maxNum=10)
|
||||||
|
|
||||||
@app.route("/_getTop5Overtime")
|
@app.route("/_getTop5Overtime")
|
||||||
|
@login_required
|
||||||
def getTop5Overtime():
|
def getTop5Overtime():
|
||||||
return jsonify(contributor_helper.getTop5OvertimeFromRedis())
|
return jsonify(contributor_helper.getTop5OvertimeFromRedis())
|
||||||
|
|
||||||
@app.route("/_getOrgOvertime")
|
@app.route("/_getOrgOvertime")
|
||||||
|
@login_required
|
||||||
def getOrgOvertime():
|
def getOrgOvertime():
|
||||||
try:
|
try:
|
||||||
org = request.args.get('org')
|
org = request.args.get('org')
|
||||||
|
@ -584,6 +598,7 @@ def getOrgOvertime():
|
||||||
return jsonify(contributor_helper.getOrgOvertime(org))
|
return jsonify(contributor_helper.getOrgOvertime(org))
|
||||||
|
|
||||||
@app.route("/_getCategPerContrib")
|
@app.route("/_getCategPerContrib")
|
||||||
|
@login_required
|
||||||
def getCategPerContrib():
|
def getCategPerContrib():
|
||||||
try:
|
try:
|
||||||
date = datetime.datetime.fromtimestamp(float(request.args.get('date')))
|
date = datetime.datetime.fromtimestamp(float(request.args.get('date')))
|
||||||
|
@ -593,6 +608,7 @@ def getCategPerContrib():
|
||||||
return jsonify(contributor_helper.getCategPerContribFromRedis(date))
|
return jsonify(contributor_helper.getCategPerContribFromRedis(date))
|
||||||
|
|
||||||
@app.route("/_getLatestAwards")
|
@app.route("/_getLatestAwards")
|
||||||
|
@login_required
|
||||||
def getLatestAwards():
|
def getLatestAwards():
|
||||||
try:
|
try:
|
||||||
date = datetime.datetime.fromtimestamp(float(request.args.get('date')))
|
date = datetime.datetime.fromtimestamp(float(request.args.get('date')))
|
||||||
|
@ -602,10 +618,12 @@ def getLatestAwards():
|
||||||
return jsonify(contributor_helper.getLastAwardsFromRedis())
|
return jsonify(contributor_helper.getLastAwardsFromRedis())
|
||||||
|
|
||||||
@app.route("/_getAllOrg")
|
@app.route("/_getAllOrg")
|
||||||
|
@login_required
|
||||||
def getAllOrg():
|
def getAllOrg():
|
||||||
return jsonify(contributor_helper.getAllOrgFromRedis())
|
return jsonify(contributor_helper.getAllOrgFromRedis())
|
||||||
|
|
||||||
@app.route("/_getOrgRank")
|
@app.route("/_getOrgRank")
|
||||||
|
@login_required
|
||||||
def getOrgRank():
|
def getOrgRank():
|
||||||
try:
|
try:
|
||||||
org = request.args.get('org')
|
org = request.args.get('org')
|
||||||
|
@ -614,6 +632,7 @@ def getOrgRank():
|
||||||
return jsonify(contributor_helper.getCurrentOrgRankFromRedis(org))
|
return jsonify(contributor_helper.getCurrentOrgRankFromRedis(org))
|
||||||
|
|
||||||
@app.route("/_getContributionOrgStatus")
|
@app.route("/_getContributionOrgStatus")
|
||||||
|
@login_required
|
||||||
def getContributionOrgStatus():
|
def getContributionOrgStatus():
|
||||||
try:
|
try:
|
||||||
org = request.args.get('org')
|
org = request.args.get('org')
|
||||||
|
@ -622,6 +641,7 @@ def getContributionOrgStatus():
|
||||||
return jsonify(contributor_helper.getCurrentContributionStatus(org))
|
return jsonify(contributor_helper.getCurrentContributionStatus(org))
|
||||||
|
|
||||||
@app.route("/_getHonorBadges")
|
@app.route("/_getHonorBadges")
|
||||||
|
@login_required
|
||||||
def getHonorBadges():
|
def getHonorBadges():
|
||||||
try:
|
try:
|
||||||
org = request.args.get('org')
|
org = request.args.get('org')
|
||||||
|
@ -630,6 +650,7 @@ def getHonorBadges():
|
||||||
return jsonify(contributor_helper.getOrgHonorBadges(org))
|
return jsonify(contributor_helper.getOrgHonorBadges(org))
|
||||||
|
|
||||||
@app.route("/_getTrophies")
|
@app.route("/_getTrophies")
|
||||||
|
@login_required
|
||||||
def getTrophies():
|
def getTrophies():
|
||||||
try:
|
try:
|
||||||
org = request.args.get('org')
|
org = request.args.get('org')
|
||||||
|
@ -639,6 +660,7 @@ def getTrophies():
|
||||||
|
|
||||||
@app.route("/_getAllOrgsTrophyRanking")
|
@app.route("/_getAllOrgsTrophyRanking")
|
||||||
@app.route("/_getAllOrgsTrophyRanking/<string:categ>")
|
@app.route("/_getAllOrgsTrophyRanking/<string:categ>")
|
||||||
|
@login_required
|
||||||
def getAllOrgsTrophyRanking(categ=None):
|
def getAllOrgsTrophyRanking(categ=None):
|
||||||
return jsonify(contributor_helper.getAllOrgsTrophyRanking(categ))
|
return jsonify(contributor_helper.getAllOrgsTrophyRanking(categ))
|
||||||
|
|
||||||
|
@ -646,6 +668,7 @@ def getAllOrgsTrophyRanking(categ=None):
|
||||||
''' USERS '''
|
''' USERS '''
|
||||||
|
|
||||||
@app.route("/_getUserLogins")
|
@app.route("/_getUserLogins")
|
||||||
|
@login_required
|
||||||
def getUserLogins():
|
def getUserLogins():
|
||||||
try:
|
try:
|
||||||
date = datetime.datetime.fromtimestamp(float(request.args.get('date')))
|
date = datetime.datetime.fromtimestamp(float(request.args.get('date')))
|
||||||
|
@ -657,10 +680,12 @@ def getUserLogins():
|
||||||
return jsonify(data)
|
return jsonify(data)
|
||||||
|
|
||||||
@app.route("/_getAllLoggedOrg")
|
@app.route("/_getAllLoggedOrg")
|
||||||
|
@login_required
|
||||||
def getAllLoggedOrg():
|
def getAllLoggedOrg():
|
||||||
return jsonify(users_helper.getAllOrg())
|
return jsonify(users_helper.getAllOrg())
|
||||||
|
|
||||||
@app.route("/_getTopOrglogin")
|
@app.route("/_getTopOrglogin")
|
||||||
|
@login_required
|
||||||
def getTopOrglogin():
|
def getTopOrglogin():
|
||||||
try:
|
try:
|
||||||
date = datetime.datetime.fromtimestamp(float(request.args.get('date')))
|
date = datetime.datetime.fromtimestamp(float(request.args.get('date')))
|
||||||
|
@ -671,6 +696,7 @@ def getTopOrglogin():
|
||||||
return jsonify(data)
|
return jsonify(data)
|
||||||
|
|
||||||
@app.route("/_getLoginVSCOntribution")
|
@app.route("/_getLoginVSCOntribution")
|
||||||
|
@login_required
|
||||||
def getLoginVSCOntribution():
|
def getLoginVSCOntribution():
|
||||||
try:
|
try:
|
||||||
date = datetime.datetime.fromtimestamp(float(request.args.get('date')))
|
date = datetime.datetime.fromtimestamp(float(request.args.get('date')))
|
||||||
|
@ -681,6 +707,7 @@ def getLoginVSCOntribution():
|
||||||
return jsonify(data)
|
return jsonify(data)
|
||||||
|
|
||||||
@app.route("/_getUserLoginsAndContribOvertime")
|
@app.route("/_getUserLoginsAndContribOvertime")
|
||||||
|
@login_required
|
||||||
def getUserLoginsAndContribOvertime():
|
def getUserLoginsAndContribOvertime():
|
||||||
try:
|
try:
|
||||||
date = datetime.datetime.fromtimestamp(float(request.args.get('date')))
|
date = datetime.datetime.fromtimestamp(float(request.args.get('date')))
|
||||||
|
@ -693,6 +720,7 @@ def getUserLoginsAndContribOvertime():
|
||||||
|
|
||||||
''' TRENDINGS '''
|
''' TRENDINGS '''
|
||||||
@app.route("/_getTrendingEvents")
|
@app.route("/_getTrendingEvents")
|
||||||
|
@login_required
|
||||||
def getTrendingEvents():
|
def getTrendingEvents():
|
||||||
try:
|
try:
|
||||||
dateS = datetime.datetime.fromtimestamp(float(request.args.get('dateS')))
|
dateS = datetime.datetime.fromtimestamp(float(request.args.get('dateS')))
|
||||||
|
@ -706,6 +734,7 @@ def getTrendingEvents():
|
||||||
return jsonify(data)
|
return jsonify(data)
|
||||||
|
|
||||||
@app.route("/_getTrendingCategs")
|
@app.route("/_getTrendingCategs")
|
||||||
|
@login_required
|
||||||
def getTrendingCategs():
|
def getTrendingCategs():
|
||||||
try:
|
try:
|
||||||
dateS = datetime.datetime.fromtimestamp(float(request.args.get('dateS')))
|
dateS = datetime.datetime.fromtimestamp(float(request.args.get('dateS')))
|
||||||
|
@ -719,6 +748,7 @@ def getTrendingCategs():
|
||||||
return jsonify(data)
|
return jsonify(data)
|
||||||
|
|
||||||
@app.route("/_getTrendingTags")
|
@app.route("/_getTrendingTags")
|
||||||
|
@login_required
|
||||||
def getTrendingTags():
|
def getTrendingTags():
|
||||||
try:
|
try:
|
||||||
dateS = datetime.datetime.fromtimestamp(float(request.args.get('dateS')))
|
dateS = datetime.datetime.fromtimestamp(float(request.args.get('dateS')))
|
||||||
|
@ -732,6 +762,7 @@ def getTrendingTags():
|
||||||
return jsonify(data)
|
return jsonify(data)
|
||||||
|
|
||||||
@app.route("/_getTrendingSightings")
|
@app.route("/_getTrendingSightings")
|
||||||
|
@login_required
|
||||||
def getTrendingSightings():
|
def getTrendingSightings():
|
||||||
try:
|
try:
|
||||||
dateS = datetime.datetime.fromtimestamp(float(request.args.get('dateS')))
|
dateS = datetime.datetime.fromtimestamp(float(request.args.get('dateS')))
|
||||||
|
@ -744,6 +775,7 @@ def getTrendingSightings():
|
||||||
return jsonify(data)
|
return jsonify(data)
|
||||||
|
|
||||||
@app.route("/_getTrendingDisc")
|
@app.route("/_getTrendingDisc")
|
||||||
|
@login_required
|
||||||
def getTrendingDisc():
|
def getTrendingDisc():
|
||||||
try:
|
try:
|
||||||
dateS = datetime.datetime.fromtimestamp(float(request.args.get('dateS')))
|
dateS = datetime.datetime.fromtimestamp(float(request.args.get('dateS')))
|
||||||
|
@ -757,6 +789,7 @@ def getTrendingDisc():
|
||||||
return jsonify(data)
|
return jsonify(data)
|
||||||
|
|
||||||
@app.route("/_getTypeaheadData")
|
@app.route("/_getTypeaheadData")
|
||||||
|
@login_required
|
||||||
def getTypeaheadData():
|
def getTypeaheadData():
|
||||||
try:
|
try:
|
||||||
dateS = datetime.datetime.fromtimestamp(float(request.args.get('dateS')))
|
dateS = datetime.datetime.fromtimestamp(float(request.args.get('dateS')))
|
||||||
|
@ -769,6 +802,7 @@ def getTypeaheadData():
|
||||||
return jsonify(data)
|
return jsonify(data)
|
||||||
|
|
||||||
@app.route("/_getGenericTrendingOvertime")
|
@app.route("/_getGenericTrendingOvertime")
|
||||||
|
@login_required
|
||||||
def getGenericTrendingOvertime():
|
def getGenericTrendingOvertime():
|
||||||
try:
|
try:
|
||||||
dateS = datetime.datetime.fromtimestamp(float(request.args.get('dateS')))
|
dateS = datetime.datetime.fromtimestamp(float(request.args.get('dateS')))
|
||||||
|
|
Loading…
Reference in New Issue