django-restit 4.2.179__py3-none-any.whl → 4.2.180__py3-none-any.whl

account/models/member.py

@@ -357,7 +357,7 @@ class Member(User, RestModel, MetaDataModel):
             self.log("login_blocked", "password has expired", request, method="login", level=31)
             if throw_exception:
                 raise PermissionDeniedException(
-                    "password expired", 412,
+                    f"{self.username} password expired", 412,
                     component="account.Member", component_id=self.id)
             return False
         return True

{django_restit-4.2.179.dist-info → django_restit-4.2.180.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.3
 Name: django-restit
-Version: 4.2.179
+Version: 4.2.180
 Summary: A Rest Framework for DJANGO
 License: MIT
 Author: Ian Starnes

{django_restit-4.2.179.dist-info → django_restit-4.2.180.dist-info}/RECORD

@@ -31,7 +31,7 @@ account/models/device.py,sha256=8D-Sbv9PZWAnX6UVpp1lNJ03P24fknNnN1VOhqY7RVg,6306
 account/models/feeds.py,sha256=vI7fG4ASY1M0Zjke24RdnfDcuWeATl_yR_25jPmT64g,2011
 account/models/group.py,sha256=Pmm6G5Qb9C-OQ70xUxp5M1_PAg1DtvUxb5WFFW-WmOY,22909
 account/models/legacy.py,sha256=zYdtv4LC0ooxPVqWM-uToPwV-lYWQLorSE6p6yn1xDw,2720
-account/models/member.py,sha256=xlX0yqE3yFwPaZkcdU4e3g3yTommHimsLG8wBp09x90,55376
+account/models/member.py,sha256=xkVpADfnKkUEIg8EDy7OU077c0e5ZGEQKYvcwhGzXd0,55393
 account/models/membership.py,sha256=90EpAhOsGaqphDAkONP6j_qQ0OWSRaQsI8H7E7fgMkE,9249
 account/models/notify.py,sha256=YKYEXT56i98b7-ydLt5UuEVOqW7lipQMi-KuiPhcSwY,15627
 account/models/passkeys.py,sha256=lObapudvL--ABSTZTIELmYvHE3dPF0tO_KmuYk0ZJXc,1699
@@ -115,7 +115,7 @@ incident/migrations/0015_rule_title_template_alter_incident_state.py,sha256=FPUD
 incident/migrations/0016_rule_notify_template.py,sha256=4WGdMxiELujLIy9bzHovHWbAORupodN1Ty3vsy3mLjg,425
 incident/migrations/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 incident/models/__init__.py,sha256=NMphuhb0RTMf7Ov4QkNv7iv6_I8Wtr3xQ54yjX_a31M,209
-incident/models/event.py,sha256=JEUdVUxqz2nRcfGC2GHo3baIg5JntK5cSL6_MesFLeA,7967
+incident/models/event.py,sha256=skhnH4q80XkxcXNo1JNTAF1SzSLUssB3_mjtFX_xxw0,8864
 incident/models/incident.py,sha256=oxwLDJYGmk26zf7AD_e7nKcoJw3gXibjrX3DlByNAT8,22580
 incident/models/ossec.py,sha256=g7cc2vYdYEB8zomohwqbo0ekyPt1v_qA67y35sBn2YY,2244
 incident/models/rules.py,sha256=PPp8oJDW1gop9i_21lhP50qgt_TrdWErp2mYqZCMfd4,7065
@@ -380,7 +380,7 @@ pushit/utils.py,sha256=IeTCGa-164nmB1jIsK1lu1O1QzUhS3BKfuXHGjCW-ck,2121
 rest/.gitignore,sha256=TbEvWRMnAiajCTOdhiNrd9eeCAaIjRp9PRjE_VkMM5g,118
 rest/README.md,sha256=V3ETc-cJu8PZIbKr9xSe_pA4JEUpC8Dhw4bQeVCDJPw,5460
 rest/RemoteEvents.py,sha256=nL46U7AuxIrlw2JunphR1tsXyqi-ep_gD9CYGpYbNgE,72
-rest/__init__.py,sha256=wfYI2fFctsIeYnQP9m01ZTnkw31NpQQDKrhgfS_4Kgw,122
+rest/__init__.py,sha256=01ohdi9tNjAEK-JvD5T6Orp2UIBd3QpmjM5PeLM8DU4,122
 rest/arc4.py,sha256=y644IbF1ec--e4cUJ3KEYsewTCITK0gmlwa5mJruFC0,1967
 rest/cache.py,sha256=1Qg0rkaCJCaVP0-l5hZg2CIblTdeBSlj_0fP6vlKUpU,83
 rest/crypto/__init__.py,sha256=Tl0U11rgj1eBYqd6OXJ2_XSdNLumW_JkBZnaJqI6Ldw,72
@@ -388,7 +388,7 @@ rest/crypto/aes.py,sha256=NOVRBRSHCV-om68YpGySWWG-4kako3iEVjq8hxZWPUU,4372
 rest/crypto/privpub.py,sha256=_FioylVcbMmDP80yPYjURmafEiDmEAMkskbc7WF10ac,4082
 rest/crypto/util.py,sha256=agFN2OCPHC70tHNGWrMkkZX4Tt_Ty6imoKEMdTkZpKA,4514
 rest/datem.py,sha256=qbkgDpTVbxpnS4hRm_GnyRo9Gk7nRJbH-tJqxm172mo,13152
-rest/decorators.py,sha256=AuB4agpog587CUsF8HkAZiHDfs_pueb2rdxXZD7dUUE,15327
+rest/decorators.py,sha256=1lLbjxSHbGgJlFkDQ3QqOPaLpBRZK0dw2OMrLnAT9XQ,15382
 rest/encryption.py,sha256=x6Kiez0tVqfxK26MSsRL3k8OS05ni1gEX2aj3I0S9V0,788
 rest/errors.py,sha256=uKwG9OkLme36etabqK54DMjMQc1fgEoUIAUxXa7WFQw,612
 rest/extra/__init__.py,sha256=YzmNsch5H5FFLkUK9mIAKyoRK_rJCA9HGb0kubp4h30,54
@@ -494,11 +494,11 @@ wiki/models/faq.py,sha256=nvcEFerllQKT61kIYlasvZzRKwpXyfmQpiqkpHP1V1o,1745
 wiki/models/page.py,sha256=uIu-jVdf1Y9qXKbb5k15-8RLTltyTtoXobZJFcx8_0A,8836
 wiki/models/revision.py,sha256=St5-vz8SGvogsDL6jTWqHLE23PS5mp9iA0DUt3hWTsU,729
 wiki/periodic.py,sha256=t-UgXJIug-OLslJM_r03-5WrNKj39TxrvfuNFjVAhDs,334
-wiki/renderers/__init__.py,sha256=lLEoJvjU3ezXwBGcjleKk_kMyNeMD9MpfBlEiKayEiM,461
+wiki/renderers/__init__.py,sha256=si9LdyUtGWbazsddEt7HY9Fl3iJYAeI_Hu9qf1J154I,682
 wiki/renderers/mistune/__init__.py,sha256=baClLWELOwy5n8UUFi7qmoFBU6QaeegD-wRNZ7fIW_w,84
 wiki/renderers/mistune/highlight.py,sha256=BosglMQUxc_KVbLapQ4gCt6rCc0rAF1vCtUR7R1Ad4c,1264
 wiki/renderers/mistune/math.py,sha256=dgQpH9CIDiqyESphoK5XUVFxK5Yb5VhEIoLgjp3Vtcs,1901
-wiki/renderers/mistune/media.py,sha256=SYwjhX6_DKfqJ00yLxfKrIHu6JnnwKnroqRm6ySDMfY,2688
+wiki/renderers/mistune/media.py,sha256=wV7VYfKxhlfhxPAmpL28COXvhRQ1eQulPgV6hBYACF8,2747
 wiki/renderers/mistune/meta.py,sha256=1lry9m-4wiwsivWnqYHYjwmGv91BGUSB7niJuZ1Xx54,805
 wiki/renderers/mistune/task_list.py,sha256=Ex0gUPX_d9jtbPbnEEktlqAJsM6wIt5Md2wsltX7LIY,1889
 wiki/renderers/mistune/toc.py,sha256=TKGiuMVpKqzDGUx5bAjJYpZIzG6n3wTjtuBdBc-TM_8,2302
@@ -518,7 +518,7 @@ ws4redis/servers/uwsgi.py,sha256=VyhoCI1DnVFqBiJYHoxqn5Idlf6uJPHvfBKgkjs34mo,172
 ws4redis/settings.py,sha256=KKq00EwoGnz1yLwCZr5Dfoq2izivmAdsNEEM4EhZwN4,1610
 ws4redis/utf8validator.py,sha256=S0OlfjeGRP75aO6CzZsF4oTjRQAgR17OWE9rgZdMBZA,5122
 ws4redis/websocket.py,sha256=R0TUyPsoVRD7Y_oU7w2I6NL4fPwiz5Vl94-fUkZgLHA,14848
-django_restit-4.2.179.dist-info/LICENSE.md,sha256=VHN4hhEeVOoFjtG-5fVv4jesA4SWi0Z-KgOzzN6a1ps,1068
-django_restit-4.2.179.dist-info/METADATA,sha256=Pmxj3TIYbIsFJEZzboR6iygMixbAjdnCGvBbqg2eTLA,7714
-django_restit-4.2.179.dist-info/WHEEL,sha256=IYZQI976HJqqOpQU6PHkJ8fb3tMNBFjg-Cn-pwAbaFM,88
-django_restit-4.2.179.dist-info/RECORD,,
+django_restit-4.2.180.dist-info/LICENSE.md,sha256=VHN4hhEeVOoFjtG-5fVv4jesA4SWi0Z-KgOzzN6a1ps,1068
+django_restit-4.2.180.dist-info/METADATA,sha256=PtXqvmNGrzGdzNKLZvdYKbY_oKYMWZQ54JtWVWk03z8,7714
+django_restit-4.2.180.dist-info/WHEEL,sha256=IYZQI976HJqqOpQU6PHkJ8fb3tMNBFjg-Cn-pwAbaFM,88
+django_restit-4.2.180.dist-info/RECORD,,

incident/models/event.py

@@ -129,85 +129,135 @@ class Event(JSONMetaData, rm.RestModel):
             value = value[:80] + "..."
         self.description = value
 
-    def on_rest_pre_save(self, request):
+
+    def on_rest_created(self, request):
+        # Record metrics if enabled
+        if INCIDENT_EVENT_METRICS:
+            self._record_event_metrics()
+
+        self._update_properties(request)
+        # Process rules and create incident if needed
+        hit_rule = self.runRules()
+        incident = self._process_rules_and_create_incident(hit_rule)
+
+        if incident is None:
+            # No incident needed based on rules
+            return
+
+        # Update incident metadata
+        self.incident = incident
+        self.save()
+
+        # Record incident metrics if enabled
+        if INCIDENT_METRICS:
+            self._record_incident_metrics()
+
+        # Trigger any incident actions
+        try:
+            incident.triggerAction()
+        except Exception:
+            logger.exception()
+
+    def _update_properties(self, request):
+        # make sure hostname is set
         if self.hostname is None:
             self.hostname = settings.HOSTNAME
+
+        # Update properties
+        self.setProperty("level", self.level)
+        self.setProperty("category", self.category)
         if not self.getProperty("hostname", None):
             self.setProperty("hostname", self.hostname)
-        self.setProperty("category", self.category)
+
+        # lookup IP
         if request and request.DATA.get("ip_lookup", field_type=bool):
             self.reporter_ip = request.ip
             self.lookupIP(request.ip)
 
-    def on_rest_saved(self, request, is_new=False):
-        if not is_new:
-            return
-        if INCIDENT_EVENT_METRICS:
-            if self.hostname:
-                metrics.metric(f"incident_evt_{self.hostname}", category="incident_events", min_granularity="hourly")
-            metrics.metric("incident_evt", min_granularity=INCIDENT_EVENT_GRANULARITY)
+    def _record_event_metrics(self):
+        """Record event metrics"""
+        if self.hostname:
+            metrics.metric(
+                f"incident_evt_{self.hostname}",
+                category="incident_events",
+                min_granularity="hourly"
+            )
+        metrics.metric(
+            "incident_evt",
+            min_granularity=INCIDENT_EVENT_GRANULARITY
+        )
 
-        self.setProperty("level", self.level)
-        if request is not None:
-            self.reporter_ip = request.ip
-        # run through rules for the category
-        hit_rule = self.runRules()
-        priority = 10
-        incident = None
-        action_count = 0
+    def _record_incident_metrics(self):
+        """Record incident metrics"""
+        if self.hostname:
+            metrics.metric(
+                f"incidents_{self.hostname}",
+                category="incidents",
+                min_granularity="hourly"
+            )
+        metrics.metric(
+            "incidents",
+            min_granularity=INCIDENT_EVENT_GRANULARITY
+        )
+
+    def _process_rules_and_create_incident(self, hit_rule):
+        """Process rules and create incident if needed"""
         if hit_rule is not None:
-            # logger.error(f"RULE HIT: {hit_rule.name}")
-            priority = hit_rule.priority
+            # Handle rule matches
             if hit_rule.action == "ignore":
                 self.save()
-                return
+                return None
+
             if hit_rule.bundle > 0:
-                incident = Incident.getBundled(rule=hit_rule, event=self)
+                return Incident.getBundled(rule=hit_rule, event=self)
 
         elif self.level >= EVENT_TO_INCIDENT_LEVEL:
-            # we ignore levels 4 and higher if they did not create a rule
+            # Ignore high levels without rules
             self.save()
-            # logger.info(f"ignore event {self.pk} {self.description}")
-            return
+            return None
 
-        # always create an incident
-        if incident is None:
-            incident = Incident(
-                rule=hit_rule, priority=priority,
-                reporter_ip=self.reporter_ip,
-                category=self.category,
-                group=self.group,
-                component=self.component,
-                component_id=self.component_id,
-                hostname=self.hostname)
-            if self.group is None and hit_rule is not None:
-                incident.group = hit_rule.group
-            if hit_rule is not None and hit_rule.action_after != 0:
-                incident.state = INCIDENT_STATE_PENDING
-            # TODO possibly make this smarter?
-            if hit_rule and hit_rule.title_template and "{" in hit_rule.title_template:
-                try:
-                    incident.description = hit_rule.title_template.format(event=self)
-                except Exception:
-                    logger.exception(hit_rule.title_template)
-                    incident.description = self.description
-            elif self.category == "ossec":
-                incident.description = f"{self.hostname}: {self.description}"
-                incident.save()
-                incident.updateAbuseInfo()
-            else:
+        # Create new incident
+        return self._create_incident(hit_rule)
+
+    def _create_incident(self, hit_rule):
+        """Create a new incident"""
+        incident = Incident(
+            rule=hit_rule,
+            priority=hit_rule.priority if hit_rule else 10,
+            reporter_ip=self.reporter_ip,
+            category=self.category,
+            group=self.group,
+            component=self.component,
+            component_id=self.component_id,
+            hostname=self.hostname
+        )
+
+        # Set incident group from rule if needed
+        if self.group is None and hit_rule is not None:
+            incident.group = hit_rule.group
+
+        # Set pending state if rule requires
+        if hit_rule is not None and hit_rule.action_after != 0:
+            incident.state = INCIDENT_STATE_PENDING
+
+        # Set description based on rules and category
+        self._set_incident_description(incident, hit_rule)
+
+        incident.save()
+        incident.updateMeta(self)
+        return incident
+
+    def _set_incident_description(self, incident, hit_rule):
+        """Set the incident description"""
+        if hit_rule and hit_rule.title_template and "{" in hit_rule.title_template:
+            try:
+                incident.description = hit_rule.title_template.format(event=self)
+            except Exception:
+                logger.exception(hit_rule.title_template)
                 incident.description = self.description
+        elif self.category == "ossec":
+            incident.description = f"{self.hostname}: {self.description}"
             incident.save()
-            incident.updateMeta(self)
-        self.incident = incident
-        self.save()
-        if INCIDENT_METRICS:
-            # we want to track any incidents, including bundles
-            if self.hostname:
-                metrics.metric(f"incidents_{self.hostname}", category="incidents", min_granularity="hourly")
-            metrics.metric("incidents", min_granularity=INCIDENT_EVENT_GRANULARITY)
-
-        try:
-            incident.triggerAction()
-        except Exception:
-            logger.exception()
+            incident.updateAbuseInfo()
+        else:
+            incident.description = self.description

rest/__init__.py

@@ -1,4 +1,4 @@
 from .uberdict import UberDict  # noqa: F401
 from .settings_helper import settings  # noqa: F401
 
-__version__ = "4.2.179"
+__version__ = "4.2.180"

rest/decorators.py

@@ -62,7 +62,7 @@ def rest_error_catcher(func, request, *args, **kwargs):
                 metrics.metric(f"rest_call_{slug_path}", category="rest_calls", min_granularity=REST_METRICS_GRANULARITY)
         return func(request, *args, **kwargs)
     except PermissionDeniedException as err:
-        return rv.restPermissionDenied(request, err.reason, err.code)
+        return rv.restPermissionDenied(request, err.reason, err.code, component=err.component, component_id=err.component_id)
     except RestError as err:
         rh.log_exception("REST ERROR", request.path, err.reason)
         if settings.get("REST_ERROR_METRICS", True):
@@ -437,4 +437,3 @@ def periodic(minute=None, hour=None, day=None, month=None, weekday=None, tz=None
         inner_func.is_periodic = True
         return inner_func
     return decorator
-

wiki/renderers/__init__.py

@@ -2,14 +2,23 @@ from .mistune.highlight import HighlightMixin
 from .mistune.toc import TocMixin
 from .mistune.media import MediaMixin
 import mistune
+import re
+
 try:
     HTMLRenderer = mistune.HTMLRenderer
 except Exception:
     HTMLRenderer = mistune.Renderer
 
 
+def slugify(text):
+    return re.sub(r'\W+', '-', text.strip().lower()).strip('-')
+
 class WikiRenderer(TocMixin, HighlightMixin, MediaMixin, HTMLRenderer):
     def __init__(self, *args, **kwargs):
         # self.enable_math()
         self.reset_toc()
         super(WikiRenderer, self).__init__(*args, **kwargs)
+
+    def heading(self, text, level):
+        slug = slugify(text)
+        return f'<h{level} id="{slug}">{text}</h{level}>\n'

wiki/renderers/mistune/media.py

@@ -48,10 +48,11 @@ class MediaMixin(object):
         params = {"href":href}
         if title:
             params["title"] = title
-        if label:
-            params["download"] = label
-        if not href.startswith("http"):
+
+        if not href.startswith("http") and not href.startswith("#"):
             params["data-action"] = "local_page"
+        elif label and href.startswith("http"):
+            params["download"] = label
         flat_params = ' '.join("{}='{}'".format(key,val) for (key,val) in list(params.items()))
         return """<a {}>{}</a>""".format(flat_params, (text or link))
 
@@ -87,4 +88,3 @@ class MediaMixin(object):
 
         flat_params = ' '.join("{}='{}'".format(key,val) for (key,val) in list(params.items()))
         return '<img {} />'.format(flat_params)
-