2022-08-05 15:39:12 +02:00
|
|
|
import json
|
2023-07-13 16:13:01 +02:00
|
|
|
from pyfaup.faup import Faup
|
2022-08-05 15:39:12 +02:00
|
|
|
from mattermostdriver import Driver
|
|
|
|
from ._utils import utils
|
|
|
|
|
|
|
|
misperrors = {'error': 'Error'}
|
|
|
|
|
|
|
|
# config fields that your code expects from the site admin
|
|
|
|
moduleconfig = {
|
|
|
|
'params': {
|
|
|
|
'mattermost_hostname': {
|
|
|
|
'type': 'string',
|
2023-07-13 16:13:01 +02:00
|
|
|
'description': 'The Mattermost domain or URL',
|
2022-08-05 15:39:12 +02:00
|
|
|
'value': 'example.mattermost.com',
|
|
|
|
},
|
|
|
|
'bot_access_token': {
|
|
|
|
'type': 'string',
|
|
|
|
'description': 'Access token generated when you created the bot account',
|
|
|
|
},
|
|
|
|
'channel_id': {
|
|
|
|
'type': 'string',
|
|
|
|
'description': 'The channel you added the bot to',
|
|
|
|
},
|
|
|
|
'message_template': {
|
|
|
|
'type': 'large_string',
|
|
|
|
'description': 'The template to be used to generate the message to be posted',
|
|
|
|
'value': 'The **template** will be rendered using *Jinja2*!',
|
2024-02-19 15:45:19 +01:00
|
|
|
'jinja_supported': True,
|
2022-08-05 15:39:12 +02:00
|
|
|
},
|
|
|
|
},
|
|
|
|
# Blocking modules break the exection of the current of action
|
|
|
|
'blocking': False,
|
|
|
|
# Indicates whether parts of the data passed to this module should be filtered. Filtered data can be found under the `filteredItems` key
|
|
|
|
'support_filters': True,
|
|
|
|
# Indicates whether the data passed to this module should be compliant with the MISP core format
|
|
|
|
'expect_misp_core_format': False,
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
# returns either "boolean" or "data"
|
|
|
|
# Boolean is used to simply signal that the execution has finished.
|
|
|
|
# For blocking modules the actual boolean value determines whether we break execution
|
|
|
|
returns = 'boolean'
|
|
|
|
|
2024-08-12 11:23:10 +02:00
|
|
|
moduleinfo = {
|
|
|
|
'version': '0.1',
|
|
|
|
'author': 'Sami Mokaddem',
|
|
|
|
'description': 'Simplistic module to send message to a Mattermost channel.',
|
|
|
|
'module-type': ['action'],
|
|
|
|
'name': 'Mattermost',
|
|
|
|
'logo': '',
|
|
|
|
'requirements': [],
|
|
|
|
'features': '',
|
|
|
|
'references': [],
|
|
|
|
'input': '',
|
|
|
|
'output': ''
|
|
|
|
}
|
2022-08-05 15:39:12 +02:00
|
|
|
|
2023-07-13 16:13:01 +02:00
|
|
|
f = Faup()
|
2022-08-05 15:39:12 +02:00
|
|
|
|
2024-08-12 11:23:10 +02:00
|
|
|
|
2022-08-05 15:39:12 +02:00
|
|
|
def createPost(request):
|
|
|
|
params = request['params']
|
2023-07-13 16:13:01 +02:00
|
|
|
f.decode(params['mattermost_hostname'])
|
|
|
|
parsedURL = f.get()
|
2022-08-05 15:39:12 +02:00
|
|
|
mm = Driver({
|
2023-07-13 16:13:01 +02:00
|
|
|
'url': parsedURL['host'],
|
2022-08-05 15:39:12 +02:00
|
|
|
'token': params['bot_access_token'],
|
2023-07-13 16:13:01 +02:00
|
|
|
'scheme': parsedURL['scheme'] if parsedURL['scheme'] is not None else 'https',
|
2022-08-05 15:39:12 +02:00
|
|
|
'basepath': '/api/v4',
|
2023-07-13 16:13:01 +02:00
|
|
|
'port': int(parsedURL['port']) if parsedURL['port'] is not None else 443,
|
2022-08-05 15:39:12 +02:00
|
|
|
})
|
|
|
|
mm.login()
|
|
|
|
|
|
|
|
data = {}
|
|
|
|
if 'matchingData' in request:
|
|
|
|
data = request['matchingData']
|
|
|
|
else:
|
|
|
|
data = request['data']
|
|
|
|
|
|
|
|
if params['message_template']:
|
|
|
|
message = utils.renderTemplate(data, params['message_template'])
|
|
|
|
else:
|
|
|
|
message = '```\n{}\n```'.format(json.dumps(data))
|
|
|
|
|
|
|
|
mm.posts.create_post(options={
|
|
|
|
'channel_id': params['channel_id'],
|
|
|
|
'message': message
|
|
|
|
})
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
|
|
def handler(q=False):
|
|
|
|
if q is False:
|
|
|
|
return False
|
|
|
|
request = json.loads(q)
|
|
|
|
createPost(request)
|
|
|
|
r = {"data": True}
|
|
|
|
return r
|
|
|
|
|
|
|
|
|
|
|
|
def introspection():
|
|
|
|
modulesetup = {}
|
|
|
|
try:
|
|
|
|
modulesetup['config'] = moduleconfig
|
|
|
|
except NameError:
|
|
|
|
pass
|
|
|
|
return modulesetup
|
|
|
|
|
|
|
|
|
|
|
|
def version():
|
|
|
|
moduleinfo['config'] = moduleconfig
|
|
|
|
return moduleinfo
|