assemblyline-core 4.5.0.dev6__tar.gz → 4.5.0.dev7__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of assemblyline-core might be problematic. Click here for more details.

Files changed (88) hide show
  1. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/PKG-INFO +1 -1
  2. assemblyline-core-4.5.0.dev7/assemblyline_core/VERSION +1 -0
  3. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/signature_client.py +44 -1
  4. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core.egg-info/PKG-INFO +1 -1
  5. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/test/test_signature_client.py +10 -8
  6. assemblyline-core-4.5.0.dev6/assemblyline_core/VERSION +0 -1
  7. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/LICENCE.md +0 -0
  8. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/README.md +0 -0
  9. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/__init__.py +0 -0
  10. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/alerter/__init__.py +0 -0
  11. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/alerter/processing.py +0 -0
  12. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/alerter/run_alerter.py +0 -0
  13. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/archiver/__init__.py +0 -0
  14. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/archiver/run_archiver.py +0 -0
  15. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/badlist_client.py +0 -0
  16. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/dispatching/__init__.py +0 -0
  17. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/dispatching/__main__.py +0 -0
  18. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/dispatching/client.py +0 -0
  19. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/dispatching/dispatcher.py +0 -0
  20. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/dispatching/schedules.py +0 -0
  21. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/dispatching/timeout.py +0 -0
  22. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/expiry/__init__.py +0 -0
  23. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/expiry/run_expiry.py +0 -0
  24. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/ingester/__init__.py +0 -0
  25. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/ingester/__main__.py +0 -0
  26. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/ingester/constants.py +0 -0
  27. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/ingester/ingester.py +0 -0
  28. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/metrics/__init__.py +0 -0
  29. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/metrics/es_metrics.py +0 -0
  30. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/metrics/heartbeat_formatter.py +0 -0
  31. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/metrics/helper.py +0 -0
  32. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/metrics/metrics_server.py +0 -0
  33. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/metrics/run_heartbeat_manager.py +0 -0
  34. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/metrics/run_metrics_aggregator.py +0 -0
  35. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/metrics/run_statistics_aggregator.py +0 -0
  36. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/plumber/__init__.py +0 -0
  37. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/plumber/run_plumber.py +0 -0
  38. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/replay/__init__.py +0 -0
  39. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/replay/client.py +0 -0
  40. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/replay/creator/__init__.py +0 -0
  41. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/replay/creator/run.py +0 -0
  42. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/replay/creator/run_worker.py +0 -0
  43. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/replay/loader/__init__.py +0 -0
  44. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/replay/loader/run.py +0 -0
  45. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/replay/loader/run_worker.py +0 -0
  46. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/replay/replay.py +0 -0
  47. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/safelist_client.py +0 -0
  48. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/scaler/__init__.py +0 -0
  49. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/scaler/collection.py +0 -0
  50. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/scaler/controllers/__init__.py +0 -0
  51. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/scaler/controllers/docker_ctl.py +0 -0
  52. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/scaler/controllers/interface.py +0 -0
  53. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/scaler/controllers/kubernetes_ctl.py +0 -0
  54. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/scaler/run_scaler.py +0 -0
  55. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/scaler/scaler_server.py +0 -0
  56. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/server_base.py +0 -0
  57. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/submission_client.py +0 -0
  58. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/tasking_client.py +0 -0
  59. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/updater/__init__.py +0 -0
  60. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/updater/helper.py +0 -0
  61. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/updater/run_updater.py +0 -0
  62. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/vacuum/__init__.py +0 -0
  63. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/vacuum/crawler.py +0 -0
  64. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/vacuum/department_map.py +0 -0
  65. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/vacuum/safelist.py +0 -0
  66. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/vacuum/stream_map.py +0 -0
  67. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/vacuum/worker.py +0 -0
  68. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/workflow/__init__.py +0 -0
  69. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/workflow/run_workflow.py +0 -0
  70. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core.egg-info/SOURCES.txt +0 -0
  71. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core.egg-info/dependency_links.txt +0 -0
  72. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core.egg-info/requires.txt +0 -0
  73. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core.egg-info/top_level.txt +0 -0
  74. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/setup.cfg +0 -0
  75. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/setup.py +0 -0
  76. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/test/test_alerter.py +0 -0
  77. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/test/test_badlist_client.py +0 -0
  78. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/test/test_dispatcher.py +0 -0
  79. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/test/test_expiry.py +0 -0
  80. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/test/test_plumber.py +0 -0
  81. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/test/test_replay.py +0 -0
  82. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/test/test_safelist_client.py +0 -0
  83. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/test/test_scaler.py +0 -0
  84. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/test/test_scheduler.py +0 -0
  85. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/test/test_simulation.py +0 -0
  86. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/test/test_vacuum.py +0 -0
  87. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/test/test_worker_ingest.py +0 -0
  88. {assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/test/test_worker_submit.py +0 -0
{assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: assemblyline-core
3
- Version: 4.5.0.dev6
3
+ Version: 4.5.0.dev7
4
4
  Summary: Assemblyline 4 - Core components
5
5
  Home-page: https://github.com/CybercentreCanada/assemblyline-core/
6
6
  Author: CCCS Assemblyline development team
assemblyline-core-4.5.0.dev7/assemblyline_core/VERSION ADDED
@@ -0,0 +1 @@
1
+ 4.5.0.dev7
{assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core/signature_client.py RENAMED
@@ -1,11 +1,12 @@
1
1
  import logging
2
2
 
3
3
  from assemblyline.common import forge
4
- from assemblyline.common.isotime import iso_to_epoch
4
+ from assemblyline.common.isotime import iso_to_epoch, now_as_iso
5
5
  from assemblyline.common.memory_zip import InMemoryZip
6
6
  from assemblyline.datastore.helper import AssemblylineDatastore
7
7
  from assemblyline.odm.messages.changes import Operation
8
8
  from assemblyline.odm.models.service import SIGNATURE_DELIMITERS
9
+ from assemblyline.odm.models.signature import DEPLOYED_STATUSES, STALE_STATUSES, DRAFT_STATUSES
9
10
 
10
11
 
11
12
  DEFAULT_DELIMITER = "\n\n"
@@ -133,6 +134,48 @@ class SignatureClient:
133
134
 
134
135
  return {"success": 0, "errors": [], "skipped": skip_list}
135
136
 
137
+ def change_status(self, signature_id, status, user={}):
138
+ possible_statuses = DEPLOYED_STATUSES + DRAFT_STATUSES
139
+ if status not in possible_statuses:
140
+ raise ValueError(f"You cannot apply the status {status} on yara rules.")
141
+
142
+ data = self.datastore.signature.get(signature_id, as_obj=False)
143
+ if data:
144
+ if user and not CLASSIFICATION.is_accessible(user['classification'],
145
+ data.get('classification', CLASSIFICATION.UNRESTRICTED)):
146
+ raise PermissionError("You are not allowed change status on this signature")
147
+
148
+ if data['status'] in STALE_STATUSES and status not in DRAFT_STATUSES:
149
+ raise ValueError(f"Only action available while signature in {data['status']} "
150
+ f"status is to change signature to a DRAFT status. ({', '.join(DRAFT_STATUSES)})")
151
+
152
+ if data['status'] in DEPLOYED_STATUSES and status in DRAFT_STATUSES:
153
+ raise ValueError(f"You cannot change the status of signature {signature_id} from "
154
+ f"{data['status']} to {status}.")
155
+
156
+ today = now_as_iso()
157
+ uname = user.get('uname')
158
+
159
+ if status not in ['DISABLED', 'INVALID', 'TESTING']:
160
+ query = f"status:{status} AND signature_id:{data['signature_id']} AND NOT id:{signature_id}"
161
+ others_operations = [
162
+ ('SET', 'last_modified', today),
163
+ ('SET', 'state_change_date', today),
164
+ ('SET', 'state_change_user', uname),
165
+ ('SET', 'status', 'DISABLED')
166
+ ]
167
+ self.datastore.signature.update_by_query(query, others_operations)
168
+
169
+ operations = [
170
+ ('SET', 'last_modified', today),
171
+ ('SET', 'state_change_date', today),
172
+ ('SET', 'state_change_user', uname),
173
+ ('SET', 'status', status)
174
+ ]
175
+
176
+ return self.datastore.signature.update(signature_id, operations), data
177
+ raise FileNotFoundError(f"Signature not found. ({signature_id})")
178
+
136
179
  def download(self, query=None, access=None) -> bytes:
137
180
  if not query:
138
181
  query = "*"
{assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/assemblyline_core.egg-info/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: assemblyline-core
3
- Version: 4.5.0.dev6
3
+ Version: 4.5.0.dev7
4
4
  Summary: Assemblyline 4 - Core components
5
5
  Home-page: https://github.com/CybercentreCanada/assemblyline-core/
6
6
  Author: CCCS Assemblyline development team
{assemblyline-core-4.5.0.dev6 → assemblyline-core-4.5.0.dev7}/test/test_signature_client.py RENAMED
@@ -4,16 +4,18 @@ import pytest
4
4
 
5
5
  from assemblyline.odm.models.signature import Signature
6
6
  from assemblyline.odm.randomizer import random_model_obj
7
- from assemblyline.odm.random_data import create_signatures, wipe_signatures
7
+ from assemblyline.odm.random_data import create_signatures, wipe_signatures, create_users, wipe_users
8
8
  from assemblyline_core.signature_client import SignatureClient
9
9
 
10
10
 
11
11
  @pytest.fixture(scope="module")
12
12
  def client(datastore_connection):
13
13
  try:
14
+ create_users(datastore_connection)
14
15
  create_signatures(datastore_connection)
15
16
  yield SignatureClient(datastore_connection)
16
17
  finally:
18
+ wipe_users(datastore_connection)
17
19
  wipe_signatures(datastore_connection)
18
20
 
19
21
 
@@ -32,11 +34,11 @@ def test_add_update_signature(client):
32
34
  added_sig = client.datastore.signature.get(key, as_obj=False)
33
35
  assert data == added_sig
34
36
 
35
- # Change the signature status
36
- assert client.datastore.signature.update(key,
37
- operations=[(client.datastore.signature.UPDATE_SET, "status", "DISABLED")])
37
+ # Change the signature status as a user
38
+ success, _ = client.change_status(key, "DISABLED", client.datastore.user.get('user', as_obj=False))
39
+ assert success
38
40
 
39
- # Update signature data
41
+ # Update signature data as an internal component
40
42
  new_sig_data = "NEW SIGNATURE DATA"
41
43
  data['data'] = new_sig_data
42
44
  success, key, _ = client.add_update(data)
@@ -44,7 +46,7 @@ def test_add_update_signature(client):
44
46
  assert expected_key == key
45
47
  modded_sig = client.datastore.signature.get(key, as_obj=False)
46
48
  assert modded_sig["data"] == new_sig_data
47
- # Was state kept?
49
+ # Was state kept from user setting?
48
50
  assert "DISABLED" == modded_sig.pop('status')
49
51
 
50
52
 
@@ -74,8 +76,8 @@ def test_add_update_signature_many(client):
74
76
  assert data == added_sig
75
77
 
76
78
  # Change the signature status
77
- assert client.datastore.signature.update(key,
78
- operations=[(client.datastore.signature.UPDATE_SET, "status", "DISABLED")])
79
+ success, _ = client.change_status(key, "DISABLED", client.datastore.user.get('user', as_obj=False))
80
+ assert success
79
81
 
80
82
  # Update signature data
81
83
  new_sig_data = "NEW SIGNATURE DATA"
assemblyline-core-4.5.0.dev6/assemblyline_core/VERSION DELETED
@@ -1 +0,0 @@
1
- 4.5.0.dev6