django-restit 4.2.79__py3-none-any.whl → 4.2.83__py3-none-any.whl

account/models/member.py

@@ -224,11 +224,11 @@ class Member(User, RestModel, MetaDataModel):
 
     @property
     def force_single_session(self):
-        return self.hasPermission("force_single_session")
+        return self.hasPermission("force_single_session", ignore_su=True)
 
     @property
     def email_disabled(self):
-        return self.hasPermission("email_disabled")
+        return self.hasPermission("email_disabled", ignore_su=True)
 
     @property
     def has_totp(self):

account/models/notify.py

@@ -130,6 +130,8 @@ class NotificationRecord(models.Model, RestModel):
 
     @classmethod
     def canSend(cls):
+        if not settings.get("THROTTLE_EMAILS", False):
+            return True
         max_emails_per_minute = settings.get("MAX_EMAILS_PER_MINUTE", 30)
         last_email = NotificationRecord.objects.filter(state=1).last()
         now = datetime.now()
@@ -206,7 +208,7 @@ class NotificationRecord(models.Model, RestModel):
 
     @classmethod
     def _notifyViaEmail(cls, member, subject, message, template, context, 
-                        attachments, from_email=None):
+                        attachments, from_email=settings.DEFAULT_FROM_EMAIL):
         # lets verify the db is working
         if template:
             if context is None:
@@ -215,6 +217,8 @@ class NotificationRecord(models.Model, RestModel):
                 context["body"] = message
             context["unsubscribe_token"] = member.getUUID()
             message = inbox.utils.renderTemplate(template, context)
+        if from_email is None:
+            from_email = settings.DEFAULT_FROM_EMAIL
 
         nr = NotificationMemberRecord(member=member, to_addr=member.email)
         email_record = NotificationRecord(

auditlog/migrations/0002_alter_persistentlog_session.py

@@ -0,0 +1,20 @@
+# Generated by Django 4.2.11 on 2024-05-13 02:34
+
+from django.db import migrations, models
+import django.db.models.deletion
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('sessionlog', '0001_initial'),
+        ('auditlog', '0001_initial'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='persistentlog',
+            name='session',
+            field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, to='sessionlog.sessionlog'),
+        ),
+    ]

{django_restit-4.2.79.dist-info → django_restit-4.2.83.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: django-restit
-Version: 4.2.79
+Version: 4.2.83
 Summary: A Rest Framework for DJANGO
 License: MIT
 Author: Ian Starnes

{django_restit-4.2.79.dist-info → django_restit-4.2.83.dist-info}/RECORD

@@ -28,9 +28,9 @@ account/models/device.py,sha256=TloXvvrx3khF3BeGFuVYn6DhXjOW0AMZb4F9Fl5nBII,5491
 account/models/feeds.py,sha256=vI7fG4ASY1M0Zjke24RdnfDcuWeATl_yR_25jPmT64g,2011
 account/models/group.py,sha256=iDD_oSgswKV_t_gXZuVK80MvICrZZqdANm2jtGtOFy8,21985
 account/models/legacy.py,sha256=zYdtv4LC0ooxPVqWM-uToPwV-lYWQLorSE6p6yn1xDw,2720
-account/models/member.py,sha256=v2cM7g5XoOQi_ZAlGcOcKn24zZCfAFokxUFIqNshDxc,52960
+account/models/member.py,sha256=fzSVVAdbUa1knp1O4JTnYZFYRas7-zDZaOPjZAMCC1Q,52992
 account/models/membership.py,sha256=90EpAhOsGaqphDAkONP6j_qQ0OWSRaQsI8H7E7fgMkE,9249
-account/models/notify.py,sha256=Qzi8gLsVi8nDx8gpL4dyr0MPExYYGIDxZvHFUdCs7H4,15072
+account/models/notify.py,sha256=iAq8tjyqouUelYgsMhWlchYmEAuCsKAyNIr5F8_xUeU,15258
 account/models/passkeys.py,sha256=TJxITUi4DT4_1tW2K7ZlOcRjJuMVl2NtKz7pKQU8-Tw,1516
 account/models/session.py,sha256=ELkWjB_2KXQvPtRPrvuGJpJsqrxCQX_4J53SbqGz_2U,3737
 account/models/settings.py,sha256=gOyRWBVd3BQpjfj_hJPtqX3H46ztyRAFxBrPbv11lQg,2137
@@ -65,6 +65,7 @@ auditlog/cloudwatch.py,sha256=R-B_ByVM3We26YnDoFYIQeWV31CUyS63QTojRAkfWa8,2805
 auditlog/decorators.py,sha256=ZoIv0fhZjxtMEV15NcKijW4xPF5UEScPna60zB3TxZo,6553
 auditlog/middleware.py,sha256=Q4bXg8rnm8y2fMnAsN6ha3Fz6TW8jIzLnvpu4H9SpWE,1537
 auditlog/migrations/0001_initial.py,sha256=X171gKQZIaTO9FGNG1yKTjGSZS0ZjZj5gvimF9-_kks,3309
+auditlog/migrations/0002_alter_persistentlog_session.py,sha256=DkkcIobbHdbniKg5bOlRmiF-Nc4hX55Y6KuQySrCcJ8,541
 auditlog/migrations/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 auditlog/models.py,sha256=skDAiuzR4chC-WNIaH2nm_VVcbnDD6ZtUxBwhk7UY8U,16517
 auditlog/periodic.py,sha256=AUhDeVsZtC47BJ-lklvYEegHoxAzj1RpIvRFSsM7g5E,363
@@ -79,6 +80,7 @@ inbox/migrations/0001_initial.py,sha256=P1OmbSHZGhj3wVBdFKWEzNrPdbyKzR9fFBXP8rhX
 inbox/migrations/0002_alter_message_cc.py,sha256=dsnDHCs1-dFZfSEWJmufBOs5gvNbI7u99kru6fVas0Y,380
 inbox/migrations/0003_attachment_content_type.py,sha256=dh_km90V6R3O0-N2oNTWhWLZZ96MylRgDY7Poua9CZ8,416
 inbox/migrations/0004_mailtemplate.py,sha256=yV51UdsRWmKC5Dy34-h2bXBeYeFtjoWQ7kOw7cuYCQo,1140
+inbox/migrations/0005_alter_mailbox_state.py,sha256=trr-CCLupHQ7e-tjJK08LACdxhCApGMNBTOeWFcyXnI,393
 inbox/migrations/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 inbox/models/__init__.py,sha256=yARvP31nhJGLjqP-U_ONi2OLjiTUFspdH0AlKynt4Y8,174
 inbox/models/bounce.py,sha256=3b_pCKH3gwb3NE8I1XlVI6JeoVmobZyKidsILH-jIRg,2881
@@ -106,18 +108,18 @@ incident/migrations/0011_ticket.py,sha256=Ml5E_Qi4Z0MD89fetoOFOL3rPlVQdjaaDCcFBf
 incident/migrations/0012_rule_match_by.py,sha256=PGclGnnc_8JEsJZ8znoXm-iAC6Y0i2WM6C2cmFgdKlA,372
 incident/migrations/0013_rulecheck_is_required.py,sha256=cL7tOj5XGPpKd2f5BojIKfNJeDB1IL-jGRU6-g-Co5o,387
 incident/migrations/0014_event_group_alter_rulecheck_index.py,sha256=v3gm5k0LVoas27qUDOt7el7YtK4yjFVLeEpuFUCoXaQ,724
+incident/migrations/0015_rule_title_template_alter_incident_state.py,sha256=FPUDhFwqBC39EjeknRT7BPddEf6ExCjsXVb9LMqIn3U,687
 incident/migrations/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 incident/models/__init__.py,sha256=NMphuhb0RTMf7Ov4QkNv7iv6_I8Wtr3xQ54yjX_a31M,209
-incident/models/event.py,sha256=i02lRMdBcjIty5w_wdZnYnW-RNXDANNfnsFouwlDYO8,7414
+incident/models/event.py,sha256=Dw6fUi2tbLeA_ZRDcvGQNFkCkMGMBdtNeaLikXdAyE8,7769
 incident/models/incident.py,sha256=HPbi6J9qm7_-FMjnDUPV9NcbmP_60WU-IO9HJSpoLTY,19360
 incident/models/ossec.py,sha256=eUDRGawzuLWobKEVGKfdZisDnyjS_Hlxi0T_GCSLCCI,2252
-incident/models/rules.py,sha256=SMlDRw_r3fGv-vmRojRLmsklqRRxDcjrSLVBIz-gadA,6884
+incident/models/rules.py,sha256=aRkJ0ZnTv87nAUC1sHVkPExfb3OJ8fgHQIhnCIpIbhQ,7001
 incident/models/ticket.py,sha256=S3kqGQpYLE6Y4M9IKu_60sgW-f592xNr8uufqHnvDoU,2302
 incident/parsers/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-incident/parsers/ossec.py,sha256=8SUma8wb2KmrcgACc6jESD_gXklCsMnKVyY7GrXYrtY,10812
+incident/parsers/ossec.py,sha256=jyJmNBwnQS1tjZMwYhslnCpZviCHXnozv88BPT-ytCw,11592
 incident/periodic.py,sha256=eX1rQK6v65A9ugofTvJPSmAWei6C-3EYgzCMuGZ03jM,381
 incident/rpc.py,sha256=viJt873b8T8SiAq10EM57lF8g7ghyj3ymdkaXzh2Ass,8181
-incident/server.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 incident/templates/email/incident_change.html,sha256=tQYphypwLukkVdwH0TB2Szz2VEJ7GnsfRS3_ZJ-MYeE,13895
 incident/templates/email/incident_msg.html,sha256=MZdKhTddUF2MpiH8Z3RTQEmW_ko1n3ajeZ11KLtiLlU,13780
 incident/templates/email/incident_new.html,sha256=W6nwFQROnyDfMlXub8s02ws4hGnJp16pfgp9xTm_aEc,15185
@@ -133,12 +135,12 @@ location/migrations/0004_remove_address_modified_by_address_group_and_more.py,sh
 location/migrations/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 location/models/__init__.py,sha256=rZhldkoKmoJQXjBAK1IIQn7K_OOJvFtIGOGVl_szqbE,230
 location/models/address.py,sha256=wl0bToZ6VrJP923IIfzWqZY9xyKgla6A-uzj8jQFGRI,3149
-location/models/ip.py,sha256=ZaBFdW1tL1Q3bnS5gIY9SseiQ5xeeP_oyP1hp3czFeA,5984
+location/models/ip.py,sha256=Bl-OlwEXGvKYvYSDBSsnQkeAi4ZTKs1mDt3ddc5rq80,6039
 location/models/legacy.py,sha256=8ROsUSZrjGQkUyXeJvoxPdKAWaKfUH-AL9TIeJb7krg,1994
 location/models/location.py,sha256=01dJPJecbp5orExsIGWOsBC_KkwFRIW0rGDIwyx1r0w,2316
 location/models/track.py,sha256=OdhRL1KVXlPcZkp4S6QpKc7Ctoth8VjwHs_dlZ8XHI4,1474
 location/providers/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-location/providers/iplookup/__init__.py,sha256=t7yiXnEopAN_NZ77k2oHAhfVCmWNDkiCKA8S41jbJv0,727
+location/providers/iplookup/__init__.py,sha256=I0K0HZrluCsBZ1TlGGKnyavEDZ3mT-xfE7Dtq2k-F9k,790
 location/providers/iplookup/abstractapi.py,sha256=gY8eqpjEasZtiBC6nNu960ZGL96FVwNS2JoZuP1GBO4,2419
 location/providers/iplookup/extremeip.py,sha256=QNRGhwXXsOuJL2M-xiI2pFN_6LP2HkqSUpFosu5Q04M,1345
 location/providers/iplookup/geoplugin.py,sha256=RK_6McxHYlVVMVdJ2rCafw-kqMfzMm3g_tJjBwcKXYg,2121
@@ -473,6 +475,7 @@ telephony/phone_util.py,sha256=5NwSBnwBEC3EaeSeN42ggBiAQ00Ujvr6CepDjXLsCyw,5067
 telephony/rpc.py,sha256=PXPDFvgoXkCKlfMzIbt6lYZPay3fcveNj2X4Pjby7p4,3473
 wiki/__init__.py,sha256=AbpHGcgLb-kRsJGnwFEktk7uzpZOCcBY74-YBdrKVGs,1
 wiki/migrations/0001_initial.py,sha256=9jvUyjrbJrbDilRnwzQUPhPV8Xi_olEPBk_N0nycvM0,3606
+wiki/migrations/0002_alter_pagemedia_entry.py,sha256=9CUnfvBmj0D4akCkux7HFuXgw9B9avE8V-iMCm5cjds,485
 wiki/migrations/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 wiki/models/__init__.py,sha256=jE-9r_Hqpyo7ysKu9BschXOn5Zg34wUt894GwJpxA28,132
 wiki/models/faq.py,sha256=nvcEFerllQKT61kIYlasvZzRKwpXyfmQpiqkpHP1V1o,1745
@@ -503,7 +506,7 @@ ws4redis/servers/uwsgi.py,sha256=VyhoCI1DnVFqBiJYHoxqn5Idlf6uJPHvfBKgkjs34mo,172
 ws4redis/settings.py,sha256=K0yBiLUuY81iDM4Yr-k8hbvjn5VVHu5zQhmMK8Dtz0s,1536
 ws4redis/utf8validator.py,sha256=S0OlfjeGRP75aO6CzZsF4oTjRQAgR17OWE9rgZdMBZA,5122
 ws4redis/websocket.py,sha256=R0TUyPsoVRD7Y_oU7w2I6NL4fPwiz5Vl94-fUkZgLHA,14848
-django_restit-4.2.79.dist-info/LICENSE.md,sha256=VHN4hhEeVOoFjtG-5fVv4jesA4SWi0Z-KgOzzN6a1ps,1068
-django_restit-4.2.79.dist-info/METADATA,sha256=7Hya_J4qnHewCMwlz5m2Y2JLnN2b4TpVX2pVekbpjCw,7645
-django_restit-4.2.79.dist-info/WHEEL,sha256=sP946D7jFCHeNz5Iq4fL4Lu-PrWrFsgfLXbbkciIZwg,88
-django_restit-4.2.79.dist-info/RECORD,,
+django_restit-4.2.83.dist-info/LICENSE.md,sha256=VHN4hhEeVOoFjtG-5fVv4jesA4SWi0Z-KgOzzN6a1ps,1068
+django_restit-4.2.83.dist-info/METADATA,sha256=rbSXb9-b2DozTJTvyuPOVSB8x-7l1fWIhCqtR013RVg,7645
+django_restit-4.2.83.dist-info/WHEEL,sha256=sP946D7jFCHeNz5Iq4fL4Lu-PrWrFsgfLXbbkciIZwg,88
+django_restit-4.2.83.dist-info/RECORD,,

inbox/migrations/0005_alter_mailbox_state.py

@@ -0,0 +1,18 @@
+# Generated by Django 4.2.11 on 2024-05-13 02:34
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('inbox', '0004_mailtemplate'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='mailbox',
+            name='state',
+            field=models.IntegerField(db_index=True, default=1),
+        ),
+    ]

incident/migrations/0015_rule_title_template_alter_incident_state.py

@@ -0,0 +1,23 @@
+# Generated by Django 4.2.11 on 2024-05-13 02:34
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('incident', '0014_event_group_alter_rulecheck_index'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='rule',
+            name='title_template',
+            field=models.CharField(default=None, max_length=200, null=True),
+        ),
+        migrations.AlterField(
+            model_name='incident',
+            name='state',
+            field=models.IntegerField(choices=[(0, 'new'), (1, 'opened'), (2, 'paused'), (3, 'ignored'), (4, 'resolved'), (5, 'pending')], default=0),
+        ),
+    ]

incident/models/event.py

@@ -155,7 +155,7 @@ class Event(JSONMetaData, rm.RestModel):
         incident = None
         action_count = 0
         if hit_rule is not None:
-            logger.error(f"RULE HIT: {hit_rule.name}")
+            # logger.error(f"RULE HIT: {hit_rule.name}")
             priority = hit_rule.priority
             if hit_rule.action == "ignore":
                 self.save()
@@ -184,7 +184,13 @@ class Event(JSONMetaData, rm.RestModel):
             if hit_rule is not None and hit_rule.action_after != 0:
                 incident.state = INCIDENT_STATE_PENDING
             # TODO possibly make this smarter?
-            if self.category == "ossec":
+            if hit_rule and hit_rule.title_template and "{" in hit_rule.title_template:
+                try:
+                    incident.description = hit_rule.title_template.format(event=self)
+                except Exception:
+                    logger.exception(hit_rule.title_template)
+                    incident.description = self.description
+            elif self.category == "ossec":
                 incident.description = f"{self.hostname}: {self.description}"
             else:
                 incident.description = self.description

incident/models/rules.py

@@ -43,6 +43,7 @@ class Rule(models.Model, rm.RestModel):
                     "created",
                     "priority",
                     "name",
+                    "title_template",
                     "category",
                     "priority",
                     "action",
@@ -63,6 +64,7 @@ class Rule(models.Model, rm.RestModel):
     modified = models.DateTimeField(auto_now=True)
 
     name = models.CharField(max_length=200)
+    title_template = models.CharField(max_length=200, default=None, null=True)
     # the group the rule gets assigned to when triggered
     group = models.ForeignKey("account.Group", on_delete=models.CASCADE, null=True, default=None)
     # category allows us to limit running rules to only those with a category

incident/parsers/ossec.py

@@ -33,12 +33,21 @@ def parse_nginx_line(line):
     return None
 
 
-def removeNonAscii(input_str):
-    """Remove all non-ASCII characters and escaped byte sequences from the input string."""
-    # Remove escaped byte sequences
-    cleaned_str = re.sub(r'\\x[0-9a-fA-F]{2}', '', input_str)
-    # Remove non-ASCII characters
-    return ''.join(char for char in cleaned_str if 32 <= ord(char) < 128)
+def removeNonAscii(input_str, replacement=''):
+    """
+    Replace all non-ASCII characters and escaped byte sequences in the input string with a specified string.
+    
+    Args:
+    input_str (str): The string to process.
+    replacement (str): The string to use as a replacement for non-ASCII characters and escaped byte sequences.
+
+    Returns:
+    str: The processed string with non-ASCII characters and byte sequences replaced.
+    """
+    # Replace escaped byte sequences with the replacement string
+    cleaned_str = re.sub(r'\\x[0-9a-fA-F]{2}', replacement, input_str)
+    # Replace non-ASCII characters with the replacement string
+    return ''.join(char if (32 <= ord(char) < 128 or char in '\n\r\t') else f"<r{str(ord(char))}>" for char in cleaned_str)
 
 
 def extractURL(text):
@@ -131,8 +140,12 @@ def parse_alert_metadata(alert):
         if match:
             return dict(filename=match.group(1), action="added")
     elif alert.rule_id == "5402":
-        match = re.search(r'(?P<username>\w+) : PWD=(?P<pwd>\S+) ; USER=(?P<user>\w+) ; COMMAND=(?P<command>.+)', alert.text)
-        return match.groupdict()
+        match = re.search(r'(?P<username>[\w-]+) : PWD=(?P<pwd>\S+) ; USER=(?P<user>\w+) ; COMMAND=(?P<command>.+)', alert.text)
+        if match:
+            return match.groupdict()
+        match = re.search(r'(?P<username>[\w-]+) : TTY=(?P<tty>\S+) ; PWD=(?P<pwd>\S+) ; USER=(?P<user>\w+) ; COMMAND=(?P<command>.+)', alert.text)
+        if match:
+            return match.groupdict()
     elif alert.rule_id in ["5501", "5502"]:
         match = re.search(r"session (?P<action>\S+) for user (?P<username>\S+)*", alert.text)
         if match:
@@ -164,6 +177,8 @@ def parse_alert_json(data):
         data = objict.fromJSON(removeNonAscii(data))
     for key in data:
         data[key] = data[key].strip()
+    if data.text:
+        data.text = removeNonAscii(data.text)
     return data
 
 
@@ -239,7 +254,8 @@ def update_by_rule(data, geoip=None):
     elif data.rule_id == "533":
         data.title = f"Network Open Port Change Detected on {data.hostname}"
     elif data.rule_id == "5402":
-        data.title = f"Sudo(user: {data.user}) executed on {data.hostname}"
+        cmd = truncate_str(data.command, 50)
+        data.title = f"Sudo(user: {data.user}) executed '{cmd}' on {data.hostname}"
     elif data.rule_id in ["551", "554"] and data.filename:
         name = truncate_str(data.filename, 50)
         data.title = f"File {data.action.capitalize()} on {data.hostname}: {name}"

location/models/ip.py

@@ -93,6 +93,8 @@ class GeoIP(models.Model, rm.RestModel):
             ip = ip.strip()
         if not geolocate.isIP(ip):
             ip = geolocate.dnsToIP(ip)
+            if ip is None:
+                return None
         subnet = ip[:ip.rfind(".")]
         gip = GeoIP.objects.filter(ip=ip).first()
         if gip is None:

location/providers/iplookup/__init__.py

@@ -32,4 +32,8 @@ def isIP(ip):
 
 
 def dnsToIP(name):
-    return socket.gethostbyname(name)
+    try:
+        return socket.gethostbyname(name)
+    except Exception:
+        pass
+    return None

wiki/migrations/0002_alter_pagemedia_entry.py

@@ -0,0 +1,19 @@
+# Generated by Django 4.2.11 on 2024-05-13 02:34
+
+from django.db import migrations, models
+import django.db.models.deletion
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('wiki', '0001_initial'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='pagemedia',
+            name='entry',
+            field=models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='media_library', to='wiki.page'),
+        ),
+    ]