django-restit 4.1.61__py3-none-any.whl → 4.1.62__py3-none-any.whl

account/rpc/group.py

@@ -3,6 +3,7 @@ from rest import views as rv
 from account.models import Group, Membership, Member, GroupFeed, MemberFeed
 from taskqueue import models as tq
 
+
 @rd.url(r'^group$')
 @rd.url(r'^group/$')  # required for legacy support
 @rd.url(r'^group/(?P<pk>\d+)$')

{django_restit-4.1.61.dist-info → django_restit-4.1.62.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: django-restit
-Version: 4.1.61
+Version: 4.1.62
 Summary: A Rest Framework for DJANGO
 License: MIT
 Author: Ian Starnes

{django_restit-4.1.61.dist-info → django_restit-4.1.62.dist-info}/RECORD

@@ -33,7 +33,7 @@ account/periodic.py,sha256=imh9C-oQVhfw7GX3RRHYuC6DIreGbXrQM35A8C4UjOE,876
 account/rpc/__init__.py,sha256=L_AqHC0WbgUgLoqvNz6pY0E34eqh7sRaX77I6TxhRZ4,152
 account/rpc/auth.py,sha256=8CgXsbNZLeBcd5MHpdL29z9E8PYUcKX_zYpTPX_Pa-0,12516
 account/rpc/device.py,sha256=fbbZFp3cUdhVXvD7gVFOqFWj4hKS3bjZKD_aF5fQxd8,2852
-account/rpc/group.py,sha256=IHg0o4r0XcwsT8Ur5kTdjHc-91BNqk6atEeOpSd7cAc,3447
+account/rpc/group.py,sha256=dUIZGArPgnKafL7F44f7Qum5EAskWcjj64Haqlkbdb8,3448
 account/rpc/member.py,sha256=oKdXSGhQ7AOPTwisZ5RvHhQ1SdZoXWlBQY0lIlDXJY0,1150
 account/rpc/notify.py,sha256=Q2YWejP36egeF060Hih5uX4Psv_B8NWlLLPi7iDYlIw,3344
 account/rpc/oauth.py,sha256=-BW38HjYwSQhOs31ubnBxO0yCKVpczEMoHq54NC9uOU,2610
@@ -89,16 +89,19 @@ incident/migrations/0006_delete_eventmetadata.py,sha256=buSEY_TmmXi9ShPFxB74Os2q
 incident/migrations/0007_event_metadata.py,sha256=syxcM4gIcBwSjcpdU69CXq5dGS1Gu8OodZtPJFDpY5U,414
 incident/migrations/0008_incident_action_sent_incident_hostname_and_more.py,sha256=N2D47E9k4PxOo-9C72gqYkb6K0GqVIO4PkvdnWlrSuA,903
 incident/migrations/0009_incident_reporter_ip.py,sha256=JOrTGBPJw9g7cg--HH3zqnbsMowjNSgzxJTrKojcPJA,473
+incident/migrations/0010_incident_category_incident_component_id.py,sha256=FGRHnWJOPeKl5ko17L7rkERrLeyGCWET7sFmZbTB-YQ,631
+incident/migrations/0011_ticket.py,sha256=Ml5E_Qi4Z0MD89fetoOFOL3rPlVQdjaaDCcFBfOuwd4,2142
 incident/migrations/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-incident/models/__init__.py,sha256=adTSOSVrYJgHD4hZNJJjFj_M1QZbpwhZZQiIzanUKA8,167
-incident/models/event.py,sha256=OPrNMGxc19daM4tgAzZHK1FLcwWYUXHrXcENz8vb19U,6666
-incident/models/incident.py,sha256=O3uJSFqVWS0jVFDkYluw1OvmDqJhZ2_1Tl8tPTHtlKk,12652
+incident/models/__init__.py,sha256=NMphuhb0RTMf7Ov4QkNv7iv6_I8Wtr3xQ54yjX_a31M,209
+incident/models/event.py,sha256=5cbtIQwY2DTBR9PkQX9jKIWtzbFb69BLMOUdWieMrVw,6772
+incident/models/incident.py,sha256=xOtlGyc6TxOoCEtHU1bdSYFBnjfDGhzT2C0YFklfwmY,13059
 incident/models/ossec.py,sha256=pWMqcuTRxPFTEF-OZQSMn7YpNEE9mfsI4GMhWWjJs5I,2187
 incident/models/rules.py,sha256=67fbtEDfznxCYb-B89417lgYesN12PzmY25WBF_65a8,5300
+incident/models/ticket.py,sha256=S3kqGQpYLE6Y4M9IKu_60sgW-f592xNr8uufqHnvDoU,2302
 incident/parsers/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 incident/parsers/ossec.py,sha256=4_7Tpr_XBK8HerGSbdrOrAOAtbRvRE7WZ2Xedo3kp8g,5724
 incident/periodic.py,sha256=3YatKLLzoM9Q-3QXaIPtVIytLRCZt-7-IaD4tvKKGjg,723
-incident/rpc.py,sha256=kNUVrZDm_BoZQq3bVoOZJwMJX1nQJYLjkAy7EvPPLd4,5074
+incident/rpc.py,sha256=YkGXzE0AbrqRXlK9jZjE2VypT8mhcbVc49Yndr_c4BQ,5209
 incident/templates/email/incident_change.html,sha256=O_5ocWTsnqmmOuQhAtXEiE4rWecnZnJjoKU4MwV6ILo,14178
 incident/templates/email/incident_new.html,sha256=IPX3CqIrvdrZSn13_jlR6sEb0If8ftvUrUpkzC5G2Gc,15173
 incident/templates/email/incident_plain.html,sha256=iTjdej6K9SO9Or5byX-0kc7c_BdSZWVgA301T03IyDk,14343
@@ -347,7 +350,7 @@ pushit/utils.py,sha256=IeTCGa-164nmB1jIsK1lu1O1QzUhS3BKfuXHGjCW-ck,2121
 rest/.gitignore,sha256=TbEvWRMnAiajCTOdhiNrd9eeCAaIjRp9PRjE_VkMM5g,118
 rest/README.md,sha256=V3ETc-cJu8PZIbKr9xSe_pA4JEUpC8Dhw4bQeVCDJPw,5460
 rest/RemoteEvents.py,sha256=nL46U7AuxIrlw2JunphR1tsXyqi-ep_gD9CYGpYbNgE,72
-rest/__init__.py,sha256=falbHeBLZY_QULrYiHkhBxH_L_JpUbZf34Jk8pD9Sss,121
+rest/__init__.py,sha256=lB3bhQFmMA43cbx4GDWsoIIKZiruByPaff8EG57nMVM,121
 rest/arc4.py,sha256=y644IbF1ec--e4cUJ3KEYsewTCITK0gmlwa5mJruFC0,1967
 rest/cache.py,sha256=1Qg0rkaCJCaVP0-l5hZg2CIblTdeBSlj_0fP6vlKUpU,83
 rest/crypto/__init__.py,sha256=Tl0U11rgj1eBYqd6OXJ2_XSdNLumW_JkBZnaJqI6Ldw,72
@@ -478,7 +481,7 @@ ws4redis/servers/uwsgi.py,sha256=VyhoCI1DnVFqBiJYHoxqn5Idlf6uJPHvfBKgkjs34mo,172
 ws4redis/settings.py,sha256=K0yBiLUuY81iDM4Yr-k8hbvjn5VVHu5zQhmMK8Dtz0s,1536
 ws4redis/utf8validator.py,sha256=S0OlfjeGRP75aO6CzZsF4oTjRQAgR17OWE9rgZdMBZA,5122
 ws4redis/websocket.py,sha256=R0TUyPsoVRD7Y_oU7w2I6NL4fPwiz5Vl94-fUkZgLHA,14848
-django_restit-4.1.61.dist-info/LICENSE.md,sha256=VHN4hhEeVOoFjtG-5fVv4jesA4SWi0Z-KgOzzN6a1ps,1068
-django_restit-4.1.61.dist-info/METADATA,sha256=7J6XsNZANcimd41J98qQ9AJ3AFtveMmQeljDE8ez0wc,7573
-django_restit-4.1.61.dist-info/WHEEL,sha256=Zb28QaM1gQi8f4VCBhsUklF61CTlNYfs9YAZn-TOGFk,88
-django_restit-4.1.61.dist-info/RECORD,,
+django_restit-4.1.62.dist-info/LICENSE.md,sha256=VHN4hhEeVOoFjtG-5fVv4jesA4SWi0Z-KgOzzN6a1ps,1068
+django_restit-4.1.62.dist-info/METADATA,sha256=mdO3BNZQMo_z4xhhJdcVrlAaRCMaZ65wMh0uFwAEOv4,7573
+django_restit-4.1.62.dist-info/WHEEL,sha256=Zb28QaM1gQi8f4VCBhsUklF61CTlNYfs9YAZn-TOGFk,88
+django_restit-4.1.62.dist-info/RECORD,,

incident/migrations/0010_incident_category_incident_component_id.py

@@ -0,0 +1,23 @@
+# Generated by Django 4.1.4 on 2023-11-20 03:38
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('incident', '0009_incident_reporter_ip'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='incident',
+            name='category',
+            field=models.CharField(db_index=True, default=None, max_length=124, null=True),
+        ),
+        migrations.AddField(
+            model_name='incident',
+            name='component_id',
+            field=models.IntegerField(blank=True, db_index=True, default=None, null=True),
+        ),
+    ]

incident/migrations/0011_ticket.py

@@ -0,0 +1,38 @@
+# Generated by Django 4.1.4 on 2023-11-20 03:51
+
+from django.db import migrations, models
+import django.db.models.deletion
+import rest.models.base
+import rest.models.metadata
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('account', '0016_authsession_buid'),
+        ('incident', '0010_incident_category_incident_component_id'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='Ticket',
+            fields=[
+                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('created', models.DateTimeField(auto_now_add=True)),
+                ('modified', models.DateTimeField(auto_now=True)),
+                ('category', models.CharField(db_index=True, max_length=200)),
+                ('priority', models.IntegerField(db_index=True, default=10)),
+                ('title', models.CharField(max_length=200)),
+                ('description', models.TextField()),
+                ('status', models.CharField(db_index=True, default=None, max_length=32, null=True)),
+                ('state', models.IntegerField(default=0)),
+                ('component', models.CharField(db_index=True, default=None, max_length=200, null=True)),
+                ('component_id', models.IntegerField(blank=True, db_index=True, default=None, null=True)),
+                ('assigned_to', models.ForeignKey(default=None, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='tickets', to='account.member')),
+                ('created_by', models.ForeignKey(default=None, null=True, on_delete=django.db.models.deletion.CASCADE, related_name='+', to='account.member')),
+                ('group', models.ForeignKey(default=None, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='tickets', to='account.group')),
+                ('incident', models.ForeignKey(default=None, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='tickets', to='incident.incident')),
+            ],
+            bases=(models.Model, rest.models.base.RestModel, rest.models.metadata.MetaDataModel),
+        ),
+    ]

incident/models/__init__.py

@@ -2,3 +2,4 @@ from .rules import *  # noqa: F401, F403
 from .incident import *  # noqa: F401, F403
 from .event import *  # noqa: F401, F403
 from .ossec import *  # noqa: F401, F403
+from .ticket import *  # noqa: F401, F403

incident/models/event.py

@@ -161,7 +161,10 @@ class Event(JSONMetaData, rm.RestModel):
             incident = Incident(
                 rule=hit_rule, priority=priority,
                 reporter_ip=self.reporter_ip,
-                component=self.category, hostname=self.hostname)
+                category=self.category,
+                component=self.component, 
+                component_id=self.component_id,
+                hostname=self.hostname)
             if hit_rule is not None:
                 incident.group = hit_rule.group
             # TODO possibly make this smarter?

incident/models/incident.py

@@ -52,7 +52,12 @@ class Incident(models.Model, rm.RestModel, rm.MetaDataModel):
     modified = models.DateTimeField(auto_now=True)
 
     description = models.CharField(max_length=200)
+
+    category = models.CharField(max_length=124, null=True, default=None, db_index=True)
+
     component = models.CharField(max_length=200, null=True, default=None, db_index=True)
+    component_id = models.IntegerField(null=True, blank=True, default=None, db_index=True)
+
     hostname = models.CharField(max_length=200, null=True, default=None, db_index=True)
     reporter_ip = models.CharField(max_length=16, blank=True, null=True, default=None, db_index=True)
 
@@ -68,7 +73,15 @@ class Incident(models.Model, rm.RestModel, rm.MetaDataModel):
     @property
     def first_event(self):
         return self.events.first()
-    
+
+    def shouldTriggerAction(self):
+        count = self.events.all().count()
+        aa = self.rule.action_after
+        if aa>= 0:
+            return aa == count-1
+        aa = abs(self.rule.action_after)
+        return (count % aa) == 0
+
     def triggerAction(self, force=False):
         if self.rule is None:
             if self.action_sent is None:
@@ -82,7 +95,7 @@ class Incident(models.Model, rm.RestModel, rm.MetaDataModel):
         #     return
         # only do query if not 0
         logger.info("triggerAction", self.rule.action)
-        if force or self.rule.action_after == 0 or self.rule.action_after < self.events.all().count():
+        if force or self.shouldTriggerAction():
             logger.info(f"triggering incident action: {self.rule.action}")
             self.triggerAsyncNotify()
             if self.rule.action is None or self.rule.action == "notify":
@@ -99,7 +112,9 @@ class Incident(models.Model, rm.RestModel, rm.MetaDataModel):
             pk=self.pk,
             created=time.mktime(self.created.timetuple()),
             description=self.description,
+            category=self.category,
             component=self.component,
+            component_id=self.component_id,
             hostname=self.hostname)
         if self.rule is not None:
             msg["rule"] = self.rule.name
@@ -188,7 +203,7 @@ class Incident(models.Model, rm.RestModel, rm.MetaDataModel):
             for k, v in self._changed__.items():
                 nv = self.getFieldValue(k)
                 notes.append(f"{k} changed from {v} to {nv}")
-            note = "\n".join(notes)
+            note = "\n<br>".join(notes)
 
         h = IncidentHistory(
             parent=self,
@@ -260,18 +275,16 @@ class Incident(models.Model, rm.RestModel, rm.MetaDataModel):
         # calculate our bundle start time
         when = datetime.now() - timedelta(minutes=rule.bundle)
         q = objict(rule=rule, created__gte=when)
-        if rule.bundle_by == 1:
+        if rule.bundle_by in [2, 3, 5]:
+            if event.component_id:
+                q.component = event.component
+                q.component_id = event.component_id
+        if rule.bundle_by in [1, 3, 7]:
             q.hostname = event.hostname
-        elif rule.bundle_by == 2:
-            q.component = event.category
-        elif rule.bundle_by == 3:
-            q.hostname = event.hostname
-            q.component = event.category
-        elif rule.bundle_by == 4:
-            q.reporter_ip = event.reporter_ip
-        elif rule.bundle_by == 5:
+        elif rule.bundle_by in [4, 5, 8]:
             q.reporter_ip = event.reporter_ip
-            q.component = event.category
+        elif rule.bundle_by in [6, 7, 8]:
+            q.category = event.category
         return Incident.objects.filter(**q).last()
 
     @classmethod

incident/models/ticket.py

@@ -0,0 +1,65 @@
+from django.db import models
+from django.conf import settings
+
+from rest import models as rm
+from rest import helpers as rh
+
+
+class Ticket(models.Model, rm.RestModel, rm.MetaDataModel):
+    class RestMeta:
+        SEARCH_FIELDS = ["title", "description"]
+        CAN_DELETE = True
+        VIEW_PERMS = ["view_tickets"]
+        GRAPHS = {
+            "default": {
+                "extra": ["metadata"],
+                "graphs": {
+                    "group": "basic",
+                    "created_by": "basic",
+                    "assigned_to": "basic",
+                    "incident": "basic"
+                },
+            },
+            "detailed": {
+                "graphs": {
+                    "group": "basic",
+                    "created_by": "basic",
+                    "assigned_to": "basic",
+                    "incident": "basic",
+                    "generic__component": "basic"
+                },
+            },
+        }
+
+    created = models.DateTimeField(auto_now_add=True)
+    modified = models.DateTimeField(auto_now=True)
+
+    group = models.ForeignKey(
+        "account.Group", on_delete=models.SET_NULL, 
+        related_name="tickets",
+        null=True, default=None)
+    assigned_to = models.ForeignKey(
+        "account.Member", on_delete=models.SET_NULL, 
+        related_name="tickets",
+        null=True, default=None)
+    created_by = models.ForeignKey(
+        "account.Member", on_delete=models.CASCADE,
+        related_name="+",
+        null=True, default=None)
+
+    # if category is null then this will run on all events?
+    category = models.CharField(max_length=200, db_index=True)
+    priority = models.IntegerField(default=10, db_index=True)  # 1-10, 1 being the highest
+
+    title = models.CharField(max_length=200)
+    description = models.TextField()
+
+    status = models.CharField(max_length=32, default=None, null=True, db_index=True)
+    state = models.IntegerField(default=0)  # how many incidents before firing action
+
+    incident = models.ForeignKey(
+        "incident.Incident", null=True, default=None, 
+        related_name="tickets", on_delete=models.SET_NULL)
+
+    component = models.CharField(max_length=200, null=True, default=None, db_index=True)
+    component_id = models.IntegerField(null=True, blank=True, default=None, db_index=True)

incident/rpc.py

@@ -158,3 +158,9 @@ def rest_firewall_block(request):
         return rv.restPermissionDenied(request)
     Task.Publish("incident", f"firewall_{action}", dict(ip=ip), channel="tq_broadcast")
     return rv.restStatus(request, True)
+
+
+@rd.url('ticket')
+@rd.url('ticket/<int:pk>')
+def rest_on_ticket(request, pk=None):
+    return am.Ticket.on_rest_request(request, pk)

rest/__init__.py

@@ -1,4 +1,4 @@
 from .uberdict import UberDict  # noqa: F401
 from .settings_helper import settings  # noqa: F401
 
-__version__ = "4.1.61"
+__version__ = "4.1.62"