synapse 2.183.0__py311-none-any.whl → 2.185.0__py311-none-any.whl

synapse/lib/stormlib/stix.py

@@ -486,7 +486,10 @@ _DefaultConfig = {
     },
 }
 
-def _validateConfig(core, config):
+perm_maxsize = ('storm', 'lib', 'stix', 'export', 'maxsize')
+def _validateConfig(runt, config):
+
+    core = runt.snap.core
 
     maxsize = config.get('maxsize', 10000)
 
@@ -506,9 +509,10 @@ def _validateConfig(core, config):
         mesg = f'STIX Bundle config maxsize option must be an integer.'
         raise s_exc.BadConfValu(mesg=mesg)
 
-    if maxsize > 10000:
-        mesg = f'STIX Bundle config maxsize option must be <= 10000.'
-        raise s_exc.BadConfValu(mesg=mesg)
+    if maxsize > 10000 and not runt.allowed(perm_maxsize):
+        permstr = '.'.join(perm_maxsize)
+        mesg = f'Setting STIX export maxsize > 10,000 requires permission: {permstr}'
+        raise s_exc.AuthDeny(mesg=mesg, perm=permstr)
 
     formmaps = config.get('forms')
     if formmaps is None:
@@ -1040,6 +1044,11 @@ class LibStixExport(s_stormtypes.Lib):
     '''
     A Storm Library for exporting to STIX version 2.1 CS02.
     '''
+    _storm_lib_perms = (
+        {'perm': ('storm', 'lib', 'stix', 'export', 'maxsize'), 'gate': 'cortex',
+         'desc': 'Controls the ability to specify a STIX export bundle maxsize of greater than 10,000.'},
+    )
+
     _storm_locals = (  # type: ignore
         {
             'name': 'bundle',
@@ -1172,7 +1181,7 @@ class LibStixExport(s_stormtypes.Lib):
             config = _DefaultConfig
 
         config = await s_stormtypes.toprim(config)
-        _validateConfig(self.runt.snap.core, config)
+        _validateConfig(self.runt, config)
 
         return StixBundle(self, self.runt, config)
 

synapse/lib/stormtypes.py

@@ -1328,6 +1328,22 @@ class LibBase(Lib):
                   ),
                   'returns': {'type': 'list',
                               'desc': 'A list of (<bool>, <prim>) for status and normalized value.', }}},
+        {'name': 'repr', 'desc': '''
+            Attempt to convert a system mode value to a display mode string.
+
+            Examples:
+                Print the Synapse user name for an iden::
+
+                    $lib.print($lib.repr(syn:user, $iden))
+
+         ''',
+         'type': {'type': 'function', '_funcname': '_repr',
+                  'args': (
+                      {'name': 'name', 'type': 'str', 'desc': 'The name of the model type.'},
+                      {'name': 'valu', 'type': 'any', 'desc': 'The value to convert.'},
+                  ),
+                  'returns': {'type': 'str', 'desc': 'A display mode representation of the value.'}}},
+
         {'name': 'debug', 'desc': '''
             True if the current runtime has debugging enabled.
 
@@ -1400,6 +1416,7 @@ class LibBase(Lib):
             'false': False,
             'text': self._text,
             'cast': self._cast,
+            'repr': self._repr,
             'warn': self._warn,
             'print': self._print,
             'raise': self._raise,
@@ -1489,22 +1506,26 @@ class LibBase(Lib):
             mesg = 'Nested type does not support being copied!'
             raise s_exc.BadArg(mesg=mesg) from None
 
+    def _reqTypeByName(self, name):
+        typeitem = self.runt.snap.core.model.type(name)
+        if typeitem is not None:
+            return typeitem
+
+        # If a type cannot be found for the form, see if name is a property
+        # that has a type we can use
+        propitem = self.runt.snap.core.model.prop(name)
+        if propitem is not None:
+            return propitem.type
+
+        mesg = f'No type or prop found for name {name}.'
+        raise s_exc.NoSuchType(mesg=mesg)
+
     @stormfunc(readonly=True)
     async def _cast(self, name, valu):
         name = await toprim(name)
         valu = await toprim(valu)
 
-        typeitem = self.runt.snap.core.model.type(name)
-        if typeitem is None:
-            # If a type cannot be found for the form, see if name is a property
-            # that has a type we can use
-            propitem = self.runt.snap.core.model.prop(name)
-            if propitem is None:
-                mesg = f'No type or prop found for name {name}.'
-                raise s_exc.NoSuchType(mesg=mesg)
-
-            typeitem = propitem.type
-
+        typeitem = self._reqTypeByName(name)
         # TODO an eventual mapping between model types and storm prims
 
         norm, info = typeitem.norm(valu)
@@ -1515,16 +1536,7 @@ class LibBase(Lib):
         name = await toprim(name)
         valu = await toprim(valu)
 
-        typeitem = self.runt.snap.core.model.type(name)
-        if typeitem is None:
-            # If a type cannot be found for the form, see if name is a property
-            # that has a type we can use
-            propitem = self.runt.snap.core.model.prop(name)
-            if propitem is None:
-                mesg = f'No type or prop found for name {name}.'
-                raise s_exc.NoSuchType(mesg=mesg)
-
-            typeitem = propitem.type
+        typeitem = self._reqTypeByName(name)
 
         try:
             norm, info = typeitem.norm(valu)
@@ -1532,6 +1544,13 @@ class LibBase(Lib):
         except s_exc.BadTypeValu:
             return (False, None)
 
+    @stormfunc(readonly=True)
+    async def _repr(self, name, valu):
+        name = await toprim(name)
+        valu = await toprim(valu)
+
+        return self._reqTypeByName(name).repr(valu)
+
     @stormfunc(readonly=True)
     async def _exit(self, mesg=None, **kwargs):
         if mesg:
@@ -1720,7 +1739,7 @@ class LibDict(Lib):
          'type': {'type': 'function', '_funcname': '_has',
                   'args': (
                       {'name': 'valu', 'type': 'dict', 'desc': 'The dictionary being checked.'},
-                      {'name': 'name', 'type': 'str', 'desc': 'The key name to check.'},
+                      {'name': 'key', 'type': 'any', 'desc': 'The key to check.'},
                   ),
                   'returns': {'type': 'boolean', 'desc': 'True if the key is present, false if the key is not present.'}}},
         {'name': 'keys', 'desc': 'Retrieve a list of keys in the specified dictionary.',
@@ -1733,7 +1752,7 @@ class LibDict(Lib):
          'type': {'type': 'function', '_funcname': '_pop',
                   'args': (
                       {'name': 'valu', 'type': 'dict', 'desc': 'The dictionary to operate on.'},
-                      {'name': 'key', 'type': 'str', 'desc': 'The key name of the value to pop.'},
+                      {'name': 'key', 'type': 'any', 'desc': 'The key to pop.'},
                       {'name': 'default', 'type': 'any', 'default': '$lib.undef',
                        'desc': 'Optional default value to return if the key does not exist in the dictionary.'},
                   ),
@@ -1776,10 +1795,11 @@ class LibDict(Lib):
         raise s_exc.BadArg(mesg=mesg)
 
     @stormfunc(readonly=True)
-    async def _has(self, valu, name):
+    async def _has(self, valu, key):
         await self._check_type(valu)
+        key = await toprim(key)
         valu = await toprim(valu)
-        return name in valu
+        return key in valu
 
     @stormfunc(readonly=True)
     async def _keys(self, valu):
@@ -1791,8 +1811,8 @@ class LibDict(Lib):
     async def _pop(self, valu, key, default=undef):
         await self._check_type(valu)
 
+        key = await toprim(key)
         real = await toprim(valu)
-        key = await tostr(key)
 
         if key not in real:
             if default == undef:
@@ -2661,7 +2681,7 @@ class LibBytes(Lib):
                   'returns': {'type': 'list', 'desc': 'A tuple of the file size and sha256 value.', }}},
     )
     _storm_lib_path = ('bytes',)
-    _storm_lib_deprecation = {'eolvers': 'v3.0.0'}
+    _storm_lib_deprecation = {'eolvers': 'v3.0.0', 'mesg': 'Use the corresponding ``$lib.axon`` function.'}
 
     def getObjLocals(self):
         return {
@@ -4808,8 +4828,8 @@ class Dict(Prim):
         name = await toprim(name)
         return self.valu.get(name)
 
-    async def value(self):
-        return {await toprim(k): await toprim(v) for (k, v) in self.valu.items()}
+    async def value(self, use_list=False):
+        return {await toprim(k): await toprim(v, use_list=use_list) for (k, v) in self.valu.items()}
 
     async def stormrepr(self):
         reprs = ["{}: {}".format(await torepr(k), await torepr(v)) for (k, v) in list(self.valu.items())]
@@ -4845,9 +4865,9 @@ class CmdOpts(Dict):
         name = await tostr(name)
         return getattr(self.valu.opts, name, None)
 
-    async def value(self):
+    async def value(self, use_list=False):
         valu = vars(self.valu.opts)
-        return {await toprim(k): await toprim(v) for (k, v) in valu.items()}
+        return {await toprim(k): await toprim(v, use_list=use_list) for (k, v) in valu.items()}
 
     async def iter(self):
         valu = vars(self.valu.opts)
@@ -5193,8 +5213,10 @@ class List(Prim):
         async for item in toiter(valu):
             self.valu.append(item)
 
-    async def value(self):
-        return tuple([await toprim(v) for v in self.valu])
+    async def value(self, use_list=False):
+        if use_list:
+            return [await toprim(v, use_list=use_list) for v in self.valu]
+        return tuple([await toprim(v, use_list=use_list) for v in self.valu])
 
     async def iter(self):
         for item in self.valu:
@@ -9476,7 +9498,7 @@ class CronJob(Prim):
         return job
 
 # These will go away once we have value objects in storm runtime
-async def toprim(valu, path=None):
+async def toprim(valu, path=None, use_list=False):
 
     if isinstance(valu, (str, int, bool, float, bytes, types.AsyncGeneratorType, types.GeneratorType)) or valu is None:
         return valu
@@ -9485,16 +9507,19 @@ async def toprim(valu, path=None):
         retn = []
         for v in valu:
             try:
-                retn.append(await toprim(v))
+                retn.append(await toprim(v, use_list=use_list))
             except s_exc.NoSuchType:
                 pass
-        return tuple(retn)
+
+        if not use_list:
+            return tuple(retn)
+        return retn
 
     if isinstance(valu, dict):
         retn = {}
         for k, v in valu.items():
             try:
-                retn[k] = await toprim(v)
+                retn[k] = await toprim(v, use_list=use_list)
             except s_exc.NoSuchType:
                 pass
         return retn
@@ -9502,6 +9527,9 @@ async def toprim(valu, path=None):
     if isinstance(valu, Number):
         return float(valu.value())
 
+    if isinstance(valu, (Dict, List)):
+        return await valu.value(use_list=use_list)
+
     if isinstance(valu, Prim):
         return await s_coro.ornot(valu.value)
 

synapse/lib/stormwhois.py

@@ -16,6 +16,7 @@ class LibWhois(s_stormtypes.Lib):
 
         Raises:
             StormRuntimeError: If form is not supported in this method.''',
+         'deprecated': {'eolvers': 'v3.0.0', 'mesg': 'Please use the GUID constructor syntax.'},
          'type': {'type': 'function', '_funcname': '_whoisGuid',
                   'args': (
                       {'name': 'props', 'type': 'dict', 'desc': 'Dictionary of properties used to create the form.', },
@@ -31,6 +32,8 @@ class LibWhois(s_stormtypes.Lib):
          }
 
     async def _whoisGuid(self, props, form):
+        s_common.deprecated('$lib.inet.whois.guid()', curv='2.183.0')
+        await self.runt.snap.warnonce('$lib.inet.whois.guid() is deprecated. Use the GUID constructor syntax.')
         form = await s_stormtypes.tostr(form)
         props = await s_stormtypes.toprim(props)
         if form == 'iprec':

synapse/lib/version.py

@@ -223,6 +223,6 @@ def reqVersion(valu, reqver,
 ##############################################################################
 # The following are touched during the release process by bumpversion.
 # Do not modify these directly.
-version = (2, 183, 0)
+version = (2, 185, 0)
 verstring = '.'.join([str(x) for x in version])
-commit = '68e4f3dd36f4ff9dd7818ea2c8180b086092148f'
+commit = 'c2ef0eded02f8ac5f34704a117947f44095f41f4'

synapse/models/doc.py

@@ -0,0 +1,93 @@
+import synapse.exc as s_exc
+import synapse.lib.module as s_module
+
+class DocModule(s_module.CoreModule):
+
+    def getModelDefs(self):
+        return (('doc', {
+            'interfaces': (
+                ('doc:document', {
+
+                    'doc': 'A common interface for documents.',
+
+                    'template': {
+                        'type': 'NEWP',
+                        'document': 'document',
+                        'documents': 'documents'},
+
+                    'props': (
+
+                        ('id', ('str', {'strip': True}), {
+                            'doc': 'The {document} ID.'}),
+
+                        ('name', ('str', {'lower': True, 'onespace': True}), {
+                            'doc': 'The {document} name.'}),
+
+                        ('type', ('{type}', {}), {
+                            'doc': 'The type of {document}.'}),
+
+                        ('text', ('str', {}), {
+                            'doc': 'The text of the {document}.'}),
+
+                        ('file', ('file:bytes', {}), {
+                            'doc': 'The file which contains the {document}.'}),
+
+                        ('created', ('time', {}), {
+                            'doc': 'The time that the {document} was created.'}),
+
+                        ('updated', ('time', {}), {
+                            'doc': 'The time that the {document} was last updated.'}),
+
+                        ('author', ('ps:contact', {}), {
+                            'doc': 'The contact information of the primary author.'}),
+
+                        ('contributors', ('array', {'type': 'ps:contact', 'sorted': True, 'uniq': True}), {
+                            'doc': 'An array of contacts which contributed to the {document}.'}),
+
+                        ('version', ('it:semver', {}), {
+                            'doc': 'The version of the {document}.'}),
+
+                        ('supersedes', ('array', {'type': '$self', 'sorted': True, 'uniq': True}), {
+                            'doc': 'An array of {documents} which are superseded by this {document}.'}),
+                    ),
+                }),
+            ),
+            'types': (
+
+                ('doc:policy:type:taxonomy', ('taxonomy', {}), {
+                    'interfaces': ('meta:taxonomy',),
+                    'doc': 'A taxonomy of policy types.'}),
+
+                ('doc:policy', ('guid', {}), {
+                    'interfaces': ('doc:document',),
+                    'template': {
+                        'document': 'policy',
+                        'documents': 'policies',
+                        'type': 'doc:policy:type:taxonomy'},
+                    'doc': 'Guiding principles used to reach a set of goals.'}),
+
+                ('doc:standard:type:taxonomy', ('taxonomy', {}), {
+                    'interfaces': ('meta:taxonomy',),
+                    'doc': 'A taxonomy of standard types.'}),
+
+                ('doc:standard', ('guid', {}), {
+                    'interfaces': ('doc:document',),
+                    'template': {
+                        'document': 'standard',
+                        'documents': 'standards',
+                        'type': 'doc:standard:type:taxonomy'},
+                    'doc': 'A group of requirements which define how to implement a policy or goal.'}),
+            ),
+            'forms': (
+
+                ('doc:policy:type:taxonomy', {}, ()),
+                ('doc:policy', {}, ()),
+
+                ('doc:standard:type:taxonomy', {}, ()),
+                ('doc:standard', {}, (
+                    ('policy', ('doc:policy', {}), {
+                        'doc': 'The policy which was used to derive the standard.'}),
+                )),
+            ),
+            'edges': (),
+        }),)

synapse/models/infotech.py

@@ -1882,7 +1882,8 @@ class ItModule(s_module.CoreModule):
                         'disp': {'hint': 'text'},
                         'doc': 'The commit message describing the changes in the commit.'}),
 
-                    ('id', ('str', {}), {
+                    # we mirror the interface type options...
+                    ('id', ('str', {'strip': True}), {
                         'doc': 'The version control system specific commit identifier.'}),
 
                     ('created', ('time', {}), {
@@ -2986,6 +2987,9 @@ class ItModule(s_module.CoreModule):
                         'doc': 'The sensor host node that produced the hit.'}),
                     ('version', ('it:semver', {}), {
                         'doc': 'The version of the rule at the time of match.'}),
+
+                    ('dropped', ('bool', {}), {
+                        'doc': 'Set to true if the network traffic was dropped due to the match.'}),
                 )),
 
                 ('it:sec:stix:bundle', {}, (

synapse/models/media.py

@@ -38,7 +38,6 @@ class MediaModule(s_module.CoreModule):
                 ('publisher', ('ou:org', {}), {
                     'doc': 'The organization which published the news.'}),
 
-
                 ('publisher:name', ('ou:name', {}), {
                     'doc': 'The name of the publishing org used to publish the news.'}),
 

synapse/models/orgs.py

@@ -45,6 +45,24 @@ class OuModule(s_module.CoreModule):
                         ),
                     }}),
 
+                ('ou:asset:type:taxonomy', ('taxonomy', {}), {
+                    'interfaces': ('meta:taxonomy',),
+                    'doc': 'An asset type taxonomy.'}),
+
+                ('ou:asset:status:taxonomy', ('taxonomy', {}), {
+                    'interfaces': ('meta:taxonomy',),
+                    'doc': 'An asset status taxonomy.'}),
+
+                ('ou:asset', ('guid', {}), {
+                    'doc': 'A node for tracking assets which belong to an organization.',
+                    'display': {
+                        'columns': (
+                            {'type': 'prop', 'opts': {'name': 'id'}},
+                            {'type': 'prop', 'opts': {'name': 'name'}},
+                            {'type': 'prop', 'opts': {'name': 'org::name'}},
+                        ),
+                    }}),
+
                 ('ou:orgtype', ('taxonomy', {}), {
                     'doc': 'An org type taxonomy.',
                     'interfaces': ('meta:taxonomy',),
@@ -244,10 +262,25 @@ class OuModule(s_module.CoreModule):
                     'interfaces': ('meta:taxonomy',),
                 }),
                 ('ou:jobtitle', ('str', {'lower': True, 'onespace': True}), {
-                    'doc': 'A title for a position within an org.',
-                }),
+                    'doc': 'A title for a position within an org.'}),
+
+                ('ou:enacted:status:taxonomy', ('taxonomy', {}), {
+                    'interfaces': ('meta:taxonomy',),
+                    'doc': 'A taxonomy of enacted statuses.'}),
+
+                ('ou:enacted', ('guid', {}), {
+                    'interfaces': ('proj:task',),
+                    'template': {
+                        'task': 'adoption task'},
+                    'doc': 'An organization enacting a document.'}),
+
+                ('ou:requirement:type:taxonomy', ('taxonomy', {}), {
+                    'interfaces': ('meta:taxonomy',),
+                    'doc': 'A taxonomy of requirement types.'}),
+
                 ('ou:requirement', ('guid', {}), {
                     'doc': 'A specific requirement.'}),
+
             ),
             'edges': (
                 (('ou:campaign', 'uses', 'ou:technique'), {
@@ -341,8 +374,11 @@ class OuModule(s_module.CoreModule):
                         'doc': 'The currency of the econ:price values.',
                     }),
                     ('costs', ('econ:price', {}), {
-                        'doc': 'The costs/expenditures over the period.',
-                    }),
+                        'doc': 'The costs/expenditures over the period.'}),
+
+                    ('budget', ('econ:price', {}), {
+                        'doc': 'The budget allocated for the period.'}),
+
                     ('revenue', ('econ:price', {}), {
                         'doc': 'The gross revenue over the period.',
                     }),
@@ -728,6 +764,52 @@ class OuModule(s_module.CoreModule):
                     ('org', ('ou:org', {}), {}),
                     ('name', ('ou:name', {}), {}),
                 )),
+
+                ('ou:asset:type:taxonomy', {}, ()),
+                ('ou:asset:status:taxonomy', {}, ()),
+                ('ou:asset', {}, (
+                    ('org', ('ou:org', {}), {
+                        'doc': 'The organization which owns the asset.'}),
+
+                    ('id', ('str', {'strip': True}), {
+                        'doc': 'The ID of the asset.'}),
+
+                    ('name', ('str', {'lower': True, 'onespace': True}), {
+                        'doc': 'The name of the assset.'}),
+
+                    ('period', ('ival', {}), {
+                        'doc': 'The period of time when the asset was being tracked.'}),
+
+                    ('status', ('ou:asset:status:taxonomy', {}), {
+                        'doc': 'The current status of the asset.'}),
+
+                    ('type', ('ou:asset:type:taxonomy', {}), {
+                        'doc': 'The asset type.'}),
+
+                    ('priority', ('meta:priority', {}), {
+                        'doc': 'The overall priority of protecting the asset.'}),
+
+                    ('priority:confidentiality', ('meta:priority', {}), {
+                        'doc': 'The priority of protecting the confidentiality of the asset.'}),
+
+                    ('priority:integrity', ('meta:priority', {}), {
+                        'doc': 'The priority of protecting the integrity of the asset.'}),
+
+                    ('priority:availability', ('meta:priority', {}), {
+                        'doc': 'The priority of protecting the availability of the asset.'}),
+
+                    ('node', ('ndef', {}), {
+                        'doc': 'The node which represents the asset.'}),
+
+                    ('place', ('geo:place', {}), {
+                        'doc': 'The place where the asset is deployed.'}),
+
+                    ('owner', ('ps:contact', {}), {
+                        'doc': 'The contact information of the owner or administrator of the asset.'}),
+
+                    ('operator', ('ps:contact', {}), {
+                        'doc': 'The contact information of the user or operator of the asset.'}),
+                )),
                 ('ou:position', {}, (
                     ('org', ('ou:org', {}), {
                         'doc': 'The org which has the position.',
@@ -1211,13 +1293,28 @@ class OuModule(s_module.CoreModule):
                     ('url', ('inet:url', {}), {
                         'doc': 'The contest result website URL.',
                     }),
-                    # TODO duration ('duration'
                 )),
+                ('ou:enacted:status:taxonomy', {}, ()),
+                ('ou:enacted', {}, (
+                    ('org', ('ou:org', {}), {
+                        'doc': 'The organization which is enacting the document.'}),
+
+                    ('doc', ('ndef', {'forms': ('doc:policy', 'doc:standard')}), {
+                        'doc': 'The document enacted by the organization.'}),
+
+                    ('scope', ('ndef', {}), {
+                        'doc': 'The scope of responsbility for the assignee to enact the document.'}),
+                )),
+
+                ('ou:requirement:type:taxonomy', {}, ()),
                 ('ou:requirement', {}, (
 
                     ('name', ('str', {'lower': True, 'onespace': True}), {
                         'doc': 'A name for the requirement.'}),
 
+                    ('type', ('ou:requirement:type:taxonomy', {}), {
+                        'doc': 'The type of requirement.'}),
+
                     ('text', ('str', {}), {
                         'disp': {'hint': 'text'},
                         'doc': 'The text of the stated requirement.'}),