synapse 2.186.0__py311-none-any.whl → 2.188.0__py311-none-any.whl

synapse/lib/stormtypes.py

@@ -3816,13 +3816,13 @@ class Queue(StormType):
                   'args': (
                       {'name': 'item', 'type': 'prim', 'desc': 'The item being put into the queue.', },
                   ),
-                  'returns': {'type': 'null', }}},
+                  'returns': {'type': 'int', 'desc': 'The queue offset of the item.'}}},
         {'name': 'puts', 'desc': 'Put multiple items into the Queue.',
          'type': {'type': 'function', '_funcname': '_methQueuePuts',
                   'args': (
                       {'name': 'items', 'type': 'list', 'desc': 'The items to put into the Queue.', },
                   ),
-                  'returns': {'type': 'null', }}},
+                  'returns': {'type': 'int', 'desc': 'The queue offset of the first item.'}}},
         {'name': 'gets', 'desc': 'Get multiple items from the Queue as a iterator.',
          'type': {'type': 'function', '_funcname': '_methQueueGets',
                   'args': (
@@ -6130,14 +6130,14 @@ class Node(Prim):
          'type': {'type': 'function', '_funcname': '_methNodeAddEdge',
                   'args': (
                       {'name': 'verb', 'type': 'str', 'desc': 'The edge verb to add.'},
-                      {'name': 'iden', 'type': 'str', 'desc': 'The node id of the destination node.'},
+                      {'name': 'iden', 'type': 'str', 'desc': 'The node iden of the destination node.'},
                   ),
                   'returns': {'type': 'null', }}},
         {'name': 'delEdge', 'desc': 'Remove a light-weight edge.',
          'type': {'type': 'function', '_funcname': '_methNodeDelEdge',
                   'args': (
                       {'name': 'verb', 'type': 'str', 'desc': 'The edge verb to remove.'},
-                      {'name': 'iden', 'type': 'str', 'desc': 'The node id of the destination node to remove.'},
+                      {'name': 'iden', 'type': 'str', 'desc': 'The node iden of the destination node to remove.'},
                   ),
                   'returns': {'type': 'null', }}},
         {'name': 'globtags', 'desc': 'Get a list of the tag components from a Node which match a tag glob expression.',
@@ -6827,11 +6827,11 @@ class Layer(Prim):
                   'returns': {'name': 'Yields', 'type': 'list',
                               'desc': 'Yields messages describing any index inconsistencies.', }}},
         {'name': 'getStorNode', 'desc': '''
-            Retrieve the raw storage node for the specified node id.
+            Retrieve the raw storage node for the specified node iden.
             ''',
          'type': {'type': 'function', '_funcname': 'getStorNode',
                   'args': (
-                      {'name': 'nodeid', 'type': 'str', 'desc': 'The hex string of the node id.'},
+                      {'name': 'nodeid', 'type': 'str', 'desc': 'The hex string of the node iden.'},
                   ),
                   'returns': {'type': 'dict', 'desc': 'The storage node dictionary.', }}},
         {'name': 'liftByProp', 'desc': '''
@@ -6897,7 +6897,7 @@ class Layer(Prim):
                               'desc': 'Yields (<n1iden>, <verb>, <n2iden>) tuples', }}},
 
         {'name': 'getEdgesByN1', 'desc': '''
-            Yield (verb, n2iden) tuples for any light edges in the layer for the source node id.
+            Yield (verb, n2iden) tuples for any light edges in the layer for the source node iden.
 
             Example:
                 Iterate the N1 edges for ``$node``::
@@ -6909,13 +6909,13 @@ class Layer(Prim):
             ''',
          'type': {'type': 'function', '_funcname': 'getEdgesByN1',
                   'args': (
-                      {'name': 'nodeid', 'type': 'str', 'desc': 'The hex string of the node id.'},
+                      {'name': 'nodeid', 'type': 'str', 'desc': 'The hex string of the node iden.'},
                   ),
                   'returns': {'name': 'Yields', 'type': 'list',
                               'desc': 'Yields (<verb>, <n2iden>) tuples', }}},
 
         {'name': 'getEdgesByN2', 'desc': '''
-            Yield (verb, n1iden) tuples for any light edges in the layer for the target node id.
+            Yield (verb, n1iden) tuples for any light edges in the layer for the target node iden.
 
             Example:
                 Iterate the N2 edges for ``$node``::
@@ -6926,10 +6926,26 @@ class Layer(Prim):
             ''',
          'type': {'type': 'function', '_funcname': 'getEdgesByN2',
                   'args': (
-                      {'name': 'nodeid', 'type': 'str', 'desc': 'The hex string of the node id.'},
+                      {'name': 'nodeid', 'type': 'str', 'desc': 'The hex string of the node iden.'},
                   ),
                   'returns': {'name': 'Yields', 'type': 'list',
                               'desc': 'Yields (<verb>, <n1iden>) tuples', }}},
+        {'name': 'getNodeData', 'desc': '''
+            Yield (name, valu) tuples for any node data in the layer for the target node iden.
+
+            Example:
+                Iterate the node data for ``$node``::
+
+                    for ($name, $valu) in $layer.getNodeData($node.iden()) {
+                        $lib.print(`{$name} = {$valu}`)
+                    }
+            ''',
+         'type': {'type': 'function', '_funcname': 'getNodeData',
+                  'args': (
+                      {'name': 'nodeid', 'type': 'str', 'desc': 'The hex string of the node iden.'},
+                  ),
+                  'returns': {'name': 'Yields', 'type': 'list',
+                              'desc': 'Yields (<name>, <valu>) tuples', }}},
     )
     _storm_typename = 'layer'
     _ismutable = False
@@ -6986,6 +7002,7 @@ class Layer(Prim):
             'getStorNodesByForm': self.getStorNodesByForm,
             'getEdgesByN1': self.getEdgesByN1,
             'getEdgesByN2': self.getEdgesByN2,
+            'getNodeData': self.getNodeData,
             'getMirrorStatus': self.getMirrorStatus,
         }
 
@@ -7355,6 +7372,15 @@ class Layer(Prim):
         async for item in layr.iterNodeEdgesN2(s_common.uhex(nodeid)):
             yield item
 
+    @stormfunc(readonly=True)
+    async def getNodeData(self, nodeid):
+        nodeid = await tostr(nodeid)
+        layriden = self.valu.get('iden')
+        await self.runt.reqUserCanReadLayer(layriden)
+        layr = self.runt.snap.core.getLayer(layriden)
+        async for item in layr.iterNodeData(s_common.uhex(nodeid)):
+            yield item
+
     @stormfunc(readonly=True)
     async def _methLayerGet(self, name, defv=None):
         return self.valu.get(name, defv)
@@ -7519,6 +7545,9 @@ class View(Prim):
         {'name': 'parent', 'desc': 'The parent View. Will be ``$lib.null`` if the view is not a fork.', 'type': 'str'},
         {'name': 'triggers', 'desc': 'The ``trigger`` objects associated with the ``view``.',
          'type': 'list', },
+        {'name': 'children', 'desc': 'Yield Views which are children of this View.',
+         'type': {'type': 'function', '_funcname': '_methGetChildren',
+                  'returns': {'name': 'yields', 'type': 'view', 'desc': 'Child Views.', }}},
         {'name': 'set', 'desc': '''
             Set a view configuration option.
 
@@ -7806,6 +7835,7 @@ class View(Prim):
             'merge': self._methViewMerge,
             'detach': self.detach,
             'addNode': self.addNode,
+            'children': self._methGetChildren,
             'getEdges': self._methGetEdges,
             'wipeLayer': self._methWipeLayer,
             'swapLayer': self._methSwapLayer,
@@ -7941,6 +7971,12 @@ class View(Prim):
         async for valu in view.iterPropValues(propname):
             yield valu
 
+    @stormfunc(readonly=True)
+    async def _methGetChildren(self):
+        view = self._reqView()
+        async for child in view.children():
+            yield View(self.runt, await child.pack(), path=self.path)
+
     @stormfunc(readonly=True)
     async def _methGetEdges(self, verb=None):
         verb = await toprim(verb)
@@ -9584,7 +9620,7 @@ def fromprim(valu, path=None, basetypes=True):
 
     return valu
 
-async def tostor(valu):
+async def tostor(valu, isndef=False):
 
     if isinstance(valu, Number):
         return str(valu.value())
@@ -9607,6 +9643,9 @@ async def tostor(valu):
                 pass
         return retn
 
+    if isndef and isinstance(valu, s_node.Node):
+        return valu.ndef
+
     return await toprim(valu)
 
 async def tocmprvalu(valu):
@@ -9650,6 +9689,9 @@ async def tostr(valu, noneok=False):
         if isinstance(valu, bytes):
             return valu.decode('utf8', 'surrogatepass')
 
+        if isinstance(valu, s_node.Node):
+            return valu.repr()
+
         return str(valu)
     except Exception as e:
         mesg = f'Failed to make a string from {valu!r}.'

synapse/lib/version.py

@@ -223,6 +223,6 @@ def reqVersion(valu, reqver,
 ##############################################################################
 # The following are touched during the release process by bumpversion.
 # Do not modify these directly.
-version = (2, 186, 0)
+version = (2, 188, 0)
 verstring = '.'.join([str(x) for x in version])
-commit = 'ffa4abc52513d4b8ac592496322227eed9e07dc5'
+commit = '6d1f734406234e3750c72f5bf299f89a13d0825a'

synapse/lib/view.py

@@ -1315,6 +1315,14 @@ class View(s_nexus.Pusher):  # type: ignore
 
                 todo.append(child)
 
+    async def children(self):
+        for view in list(self.core.views.values()):
+            if view.parent != self:
+                await asyncio.sleep(0)
+                continue
+
+            yield view
+
     async def insertParentFork(self, useriden, name=None):
         '''
         Insert a new View between a forked View and its parent.
@@ -1614,9 +1622,7 @@ class View(s_nexus.Pusher):  # type: ignore
         if trig is not None:
             return self.triggers.get(tdef['iden']).pack()
 
-        gate = self.core.auth.getAuthGate(tdef['iden'])
-        if gate is not None:
-            raise s_exc.DupIden(mesg='An AuthGate with this iden already exists')
+        self.core.auth.reqNoAuthGate(tdef['iden'])
 
         user = self.core.auth.user(tdef['user'])
         await self.core.getStormQuery(tdef['storm'])

synapse/models/base.py

@@ -107,6 +107,19 @@ class BaseModule(s_module.CoreModule):
 
                 ('meta:sophistication', ('int', {'enums': sophenums}), {
                     'doc': 'A sophistication score with named values: very low, low, medium, high, and very high.'}),
+
+                ('meta:aggregate:type:taxonomy', ('taxonomy', {}), {
+                    'interfaces': ('meta:taxonomy',),
+                    'doc': 'A type of item being counted in aggregate.'}),
+
+                ('meta:aggregate', ('guid', {}), {
+                    'display': {
+                        'columns': (
+                            {'type': 'prop', 'opts': {'name': 'type'}},
+                            {'type': 'prop', 'opts': {'name': 'count'}},
+                        ),
+                    },
+                    'doc': 'A node which represents an aggregate count of a specific type.'}),
             ),
             'interfaces': (
                 ('meta:taxonomy', {
@@ -285,6 +298,20 @@ class BaseModule(s_module.CoreModule):
                         'doc': 'An external identifier for the rule.'}),
                 )),
 
+                ('meta:aggregate:type:taxonomy', {}, ()),
+                ('meta:aggregate', {}, (
+
+                    ('type', ('meta:aggregate:type:taxonomy', {}), {
+                        'ex': 'casualties.civilian',
+                        'doc': 'The type of items being counted in aggregate.'}),
+
+                    ('time', ('time', {}), {
+                        'doc': 'The time that the count was computed.'}),
+
+                    ('count', ('int', {}), {
+                        'doc': 'The number of items counted in aggregate.'}),
+                )),
+
                 ('graph:cluster', {}, (
                     ('name', ('str', {'lower': True}), {
                         'doc': 'A human friendly name for the cluster.'}),

synapse/models/files.py

@@ -284,6 +284,16 @@ class FileModule(s_module.CoreModule):
                     'doc': 'A parent file that fully contains the specified child file.',
                 }),
 
+                ('file:attachment', ('guid', {}), {
+                    'display': {
+                        'columns': (
+                            {'type': 'prop', 'opts': {'name': 'name'}},
+                            {'type': 'prop', 'opts': {'name': 'file'}},
+                            {'type': 'prop', 'opts': {'name': 'text'}},
+                        ),
+                    },
+                    'doc': 'A file attachment.'}),
+
                 ('file:archive:entry', ('guid', {}), {
                     'doc': 'An archive entry representing a file and metadata within a parent archive file.'}),
 
@@ -601,6 +611,18 @@ class FileModule(s_module.CoreModule):
                     }),
                 )),
 
+                ('file:attachment', {}, (
+
+                    ('name', ('file:path', {}), {
+                        'doc': 'The name of the attached file.'}),
+
+                    ('text', ('str', {}), {
+                        'doc': 'Any text associated with the file such as alt-text for images.'}),
+
+                    ('file', ('file:bytes', {}), {
+                        'doc': 'The file which was attached.'}),
+                )),
+
                 ('file:archive:entry', {}, (
 
                     ('parent', ('file:bytes', {}), {

synapse/models/inet.py

@@ -1369,6 +1369,9 @@ class InetModule(s_module.CoreModule):
                         'doc': 'A username string.'
                     }),
 
+                    ('inet:service:object', ('ndef', {'interfaces': ('inet:service:object',)}), {
+                        'doc': 'An ndef type including all forms which implement the inet:service:object interface.'}),
+
                     ('inet:search:query', ('guid', {}), {
                         'interfaces': ('inet:service:action',),
                         'doc': 'An instance of a search query issued to a search engine.',
@@ -1530,6 +1533,14 @@ class InetModule(s_module.CoreModule):
                         'interfaces': ('inet:service:object',),
                         'doc': 'An account within a service platform. Accounts may be instance specific.'}),
 
+                    ('inet:service:relationship:type:taxonomy', ('taxonomy', {}), {
+                        'interfaces': ('meta:taxonomy',),
+                        'doc': 'A service object relationship type taxonomy.'}),
+
+                    ('inet:service:relationship', ('guid', {}), {
+                        'interfaces': ('inet:service:object',),
+                        'doc': 'A relationship between two service objects.'}),
+
                     ('inet:service:permission:type:taxonomy', ('taxonomy', {}), {
                         'interfaces': ('meta:taxonomy',),
                         'doc': 'A permission type taxonomy.'}),
@@ -1588,6 +1599,10 @@ class InetModule(s_module.CoreModule):
                         'interfaces': ('meta:taxonomy',),
                         'doc': 'A message type taxonomy.'}),
 
+                    ('inet:service:emote', ('guid', {}), {
+                        'interfaces': ('inet:service:object',),
+                        'doc': 'An emote or reaction by an account.'}),
+
                     ('inet:service:access', ('guid', {}), {
                         'interfaces': ('inet:service:action',),
                         'doc': 'Represents a user access request to a service resource.'}),
@@ -2015,8 +2030,11 @@ class InetModule(s_module.CoreModule):
                             'doc': 'The guid of the destination process.'
                         }),
                         ('dst:exe', ('file:bytes', {}), {
-                            'doc': 'The file (executable) that received the connection.'
-                        }),
+                            'doc': 'The file (executable) that received the connection.'}),
+
+                        ('dst:txfiles', ('array', {'type': 'file:attachment', 'sorted': True, 'uniq': True}), {
+                            'doc': 'An array of files sent by the destination host.'}),
+
                         ('dst:txcount', ('int', {}), {
                             'doc': 'The number of packets sent by the destination host.'
                         }),
@@ -2049,8 +2067,11 @@ class InetModule(s_module.CoreModule):
                             'doc': 'The guid of the source process.'
                         }),
                         ('src:exe', ('file:bytes', {}), {
-                            'doc': 'The file (executable) that created the connection.'
-                        }),
+                            'doc': 'The file (executable) that created the connection.'}),
+
+                        ('src:txfiles', ('array', {'type': 'file:attachment', 'sorted': True, 'uniq': True}), {
+                            'doc': 'An array of files sent by the source host.'}),
+
                         ('src:txcount', ('int', {}), {
                             'doc': 'The number of packets sent by the source host.'
                         }),
@@ -3586,6 +3607,20 @@ class InetModule(s_module.CoreModule):
                             'doc': 'Current profile details associated with the account.'}),
                     )),
 
+                    ('inet:service:relationship:type:taxonomy', {}, ()),
+                    ('inet:service:relationship', {}, (
+
+                        ('source', ('inet:service:object', {}), {
+                            'doc': 'The source object.'}),
+
+                        ('target', ('inet:service:object', {}), {
+                            'doc': 'The target object.'}),
+
+                        ('type', ('inet:service:relationship:type:taxonomy', {}), {
+                            'ex': 'follows',
+                            'doc': 'The type of relationship between the source and the target.'}),
+                    )),
+
                     ('inet:service:group', {}, ( # inet:service:object
 
                         ('id', ('str', {'strip': True}), {
@@ -3743,6 +3778,16 @@ class InetModule(s_module.CoreModule):
                             'doc': 'The file which was attached to the message.'}),
                     )),
 
+                    ('inet:service:emote', {}, (
+
+                        ('about', ('inet:service:object', {}), {
+                            'doc': 'The node that the emote is about.'}),
+
+                        ('text', ('str', {'strip': True}), {
+                            'ex': ':partyparrot:',
+                            'doc': 'The unicode or emote text of the reaction.'}),
+                    )),
+
                     ('inet:service:channel', {}, (
 
                         ('name', ('str', {'onespace': True, 'lower': True}), {

synapse/models/infotech.py

@@ -18,10 +18,10 @@ import synapse.lib.version as s_version
 
 logger = logging.getLogger(__name__)
 
-# This is the regular expression pattern for CPE2.2. It's kind of a hybrid
+# This is the regular expression pattern for CPE 2.2. It's kind of a hybrid
 # between compatible binding and preferred binding. Differences are here:
 # - Use only the list of percent encoded values specified by preferred binding.
-#   This is to ensure it converts properly to CPE2.3.
+#   This is to ensure it converts properly to CPE 2.3.
 # - Add tilde (~) to the UNRESERVED list which removes the need to specify the
 #   PACKED encoding specifically.
 ALPHA = '[A-Za-z]'
@@ -60,6 +60,14 @@ COMPONENT_LIST = f'''
 cpe22_regex = regex.compile(f'cpe:/{COMPONENT_LIST}', regex.VERBOSE | regex.IGNORECASE)
 cpe23_regex = regex.compile(s_scrape._cpe23_regex, regex.VERBOSE | regex.IGNORECASE)
 
+def isValidCpe22(text):
+    rgx = cpe22_regex.fullmatch(text)
+    return rgx is not None
+
+def isValidCpe23(text):
+    rgx = cpe23_regex.fullmatch(text)
+    return rgx is not None
+
 def cpesplit(text):
     part = ''
     parts = []
@@ -251,9 +259,20 @@ class Cpe22Str(s_types.Str):
     def _normPyStr(self, valu):
 
         text = valu.lower()
+
         if text.startswith('cpe:/'):
+
+            if not isValidCpe22(text):
+                mesg = 'CPE 2.2 string appears to be invalid.'
+                raise s_exc.BadTypeValu(mesg=mesg, valu=valu)
+
             parts = chopCpe22(text)
         elif text.startswith('cpe:2.3:'):
+
+            if not isValidCpe23(text):
+                mesg = 'CPE 2.3 string appears to be invalid.'
+                raise s_exc.BadTypeValu(mesg=mesg, valu=valu)
+
             parts = cpesplit(text[8:])
         else:
             mesg = 'CPE 2.2 string is expected to start with "cpe:/"'
@@ -261,8 +280,7 @@ class Cpe22Str(s_types.Str):
 
         v2_2 = zipCpe22(parts)
 
-        rgx = cpe22_regex.match(v2_2)
-        if rgx is None or rgx.group() != v2_2:
+        if not isValidCpe22(v2_2): # pragma: no cover
             mesg = 'CPE 2.2 string appears to be invalid.'
             raise s_exc.BadTypeValu(mesg=mesg, valu=valu)
 
@@ -330,6 +348,12 @@ class Cpe23Str(s_types.Str):
     def _normPyStr(self, valu):
         text = valu.lower()
         if text.startswith('cpe:2.3:'):
+
+            # Validate the CPE 2.3 string immediately
+            if not isValidCpe23(text):
+                mesg = 'CPE 2.3 string appears to be invalid.'
+                raise s_exc.BadTypeValu(mesg=mesg, valu=valu)
+
             parts = cpesplit(text[8:])
             if len(parts) > 11:
                 mesg = f'CPE 2.3 string has {len(parts)} fields, expected up to 11.'
@@ -346,6 +370,10 @@ class Cpe23Str(s_types.Str):
                     v2_2[idx] = ''
                     continue
 
+                if idx in (PART_IDX_PART, PART_IDX_LANG) and part == '-':
+                    v2_2[idx] = ''
+                    continue
+
                 part = fsb_unescape(part)
                 v2_2[idx] = uri_quote(part)
 
@@ -357,12 +385,22 @@ class Cpe23Str(s_types.Str):
                 v2_2[PART_IDX_OTHER]
             )
 
-            v2_2 = v2_2[:7]
+            v2_2 = zipCpe22(v2_2[:7])
+
+            # Now validate the downconvert
+            if not isValidCpe22(v2_2): # pragma: no cover
+                mesg = 'Invalid CPE 2.3 to CPE 2.2 conversion.'
+                raise s_exc.BadTypeValu(mesg=mesg, valu=valu, v2_2=v2_2)
 
             parts = [fsb_unescape(k) for k in parts]
 
         elif text.startswith('cpe:/'):
 
+            # Validate the CPE 2.2 string immediately
+            if not isValidCpe22(text):
+                mesg = 'CPE 2.2 string appears to be invalid.'
+                raise s_exc.BadTypeValu(mesg=mesg, valu=valu)
+
             v2_2 = text
             # automatically normalize CPE 2.2 format to CPE 2.3
             parts = chopCpe22(text)
@@ -408,24 +446,15 @@ class Cpe23Str(s_types.Str):
 
             v2_3 = 'cpe:2.3:' + ':'.join(escaped)
 
+            # Now validate the upconvert
+            if not isValidCpe23(v2_3): # pragma: no cover
+                mesg = 'Invalid CPE 2.2 to CPE 2.3 conversion.'
+                raise s_exc.BadTypeValu(mesg=mesg, valu=valu, v2_3=v2_3)
+
         else:
             mesg = 'CPE 2.3 string is expected to start with "cpe:2.3:"'
             raise s_exc.BadTypeValu(valu=valu, mesg=mesg)
 
-        rgx = cpe23_regex.match(v2_3)
-        if rgx is None or rgx.group() != v2_3:
-            mesg = 'CPE 2.3 string appears to be invalid.'
-            raise s_exc.BadTypeValu(mesg=mesg, valu=valu)
-
-        if isinstance(v2_2, list):
-            cpe22 = zipCpe22(v2_2)
-        else:
-            cpe22 = v2_2
-
-        rgx = cpe22_regex.match(cpe22)
-        if rgx is None or rgx.group() != cpe22:
-            v2_2 = None
-
         subs = {
             'part': parts[PART_IDX_PART],
             'vendor': parts[PART_IDX_VENDOR],
@@ -438,11 +467,9 @@ class Cpe23Str(s_types.Str):
             'target_sw': parts[PART_IDX_TARGET_SW],
             'target_hw': parts[PART_IDX_TARGET_HW],
             'other': parts[PART_IDX_OTHER],
+            'v2_2': v2_2,
         }
 
-        if v2_2 is not None:
-            subs['v2_2'] = v2_2
-
         return v2_3, {'subs': subs}
 
 class SemVer(s_types.Int):

synapse/models/orgs.py

@@ -249,8 +249,24 @@ class OuModule(s_module.CoreModule):
                     'doc': 'Vital statistics about an org for a given time period.',
                 }),
                 ('ou:opening', ('guid', {}), {
-                    'doc': 'A job/work opening within an org.',
-                }),
+                    'doc': 'A job/work opening within an org.'}),
+
+                ('ou:candidate:method:taxonomy', ('taxonomy', {}), {
+                    'interfaces': ('meta:taxonomy',),
+                    'doc': 'A taxonomy of methods by which a candidate came under consideration.'}),
+
+                ('ou:candidate', ('guid', {}), {
+                    'doc': 'A candidate being considered for a role within an organization.',
+                    'display': {
+                        'columns': (
+                            {'type': 'prop', 'opts': {'name': 'contact::name'}},
+                            {'type': 'prop', 'opts': {'name': 'contact::email'}},
+                            {'type': 'prop', 'opts': {'name': 'submitted'}},
+                            {'type': 'prop', 'opts': {'name': 'org::name'}},
+                            {'type': 'prop', 'opts': {'name': 'opening::jobtitle'}},
+                        ),
+                    }}),
+
                 ('ou:jobtype', ('taxonomy', {}), {
                     'ex': 'it.dev.python',
                     'doc': 'A taxonomy of job types.',
@@ -287,6 +303,8 @@ class OuModule(s_module.CoreModule):
                     'doc': 'The campaign used the technique.'}),
                 (('ou:org', 'uses', 'ou:technique'), {
                     'doc': 'The org uses the technique.'}),
+                (('risk:vuln', 'uses', 'ou:technique'), {
+                    'doc': 'The vulnerability uses the technique.'}),
 
                 (('ou:org', 'uses', None), {
                     'doc': 'The ou:org makes use of the target node.'}),
@@ -354,6 +372,44 @@ class OuModule(s_module.CoreModule):
                     }),
                     # TODO a way to encode/normalize requirements.
                 )),
+                ('ou:candidate:method:taxonomy', {}, ()),
+                ('ou:candidate', {}, (
+
+                    ('org', ('ou:org', {}), {
+                        'doc': 'The organization considering the candidate.'}),
+
+                    ('contact', ('ps:contact', {}), {
+                        'doc': 'The contact information of the candidate.'}),
+
+                    ('method', ('ou:candidate:method:taxonomy', {}), {
+                        'doc': 'The method by which the candidate came under consideration.'}),
+
+                    ('submitted', ('time', {}), {
+                        'doc': 'The time the candidate was submitted for consideration.'}),
+
+                    ('intro', ('str', {'strip': True}), {
+                        'doc': 'An introduction or cover letter text submitted by the candidate.'}),
+
+                    ('resume', ('file:bytes', {}), {
+                        'doc': "The candidate's resume or CV."}),
+
+                    ('opening', ('ou:opening', {}), {
+                        'doc': 'The opening that the candidate is being considered for.'}),
+
+                    ('agent', ('ps:contact', {}), {
+                        'doc': 'The contact information of an agent who advocates for the candidate.'}),
+
+                    ('recruiter', ('ps:contact', {}), {
+                        'doc': 'The contact information of a recruiter who works on behalf of the organization.'}),
+
+                    ('attachments', ('array', {'type': 'file:attachment', 'sorted': True, 'uniq': True}), {
+                        'doc': 'An array of additional files submitted by the candidate.'}),
+
+                    # TODO: doc:questionare / responses
+                    # TODO: :skills=[<ps:skill>]? vs :contact -> ps:proficiency?
+                    # TODO: proj:task to track evaluation of the candidate?
+
+                )),
                 ('ou:vitals', {}, (
 
                     ('asof', ('time', {}), {
@@ -876,6 +932,12 @@ class OuModule(s_module.CoreModule):
                     ('names', ('array', {'type': 'ou:industryname', 'uniq': True, 'sorted': True}), {
                         'doc': 'An array of alternative names for the industry.'}),
 
+                    ('reporter', ('ou:org', {}), {
+                        'doc': 'The organization reporting on the industry.'}),
+
+                    ('reporter:name', ('ou:name', {}), {
+                        'doc': 'The name of the organization reporting on the industry.'}),
+
                     ('subs', ('array', {'type': 'ou:industry', 'split': ',', 'uniq': True, 'sorted': True}), {
                         'deprecated': True,
                         'doc': 'Deprecated. Please use ou:industry:type taxonomy.'}),

synapse/models/proj.py

@@ -16,10 +16,9 @@ class ProjectModule(s_module.CoreModule):
 
     async def initCoreModule(self):
         self.model.form('proj:project').onAdd(self._onAddProj)
-        self.model.form('proj:project').onDel(self._onDelProj)
 
     async def _onAddProj(self, node):
-        # ref counts on authgates?
+        # TODO: remove all storm:project authgates in 3.x migration
         gateiden = node.ndef[1]
 
         await self.core.auth.addAuthGate(node.ndef[1], 'storm:project')
@@ -29,10 +28,6 @@ class ProjectModule(s_module.CoreModule):
         rule = (True, ('project', 'admin'))
         await node.snap.user.addRule(rule, gateiden=gateiden)
 
-    async def _onDelProj(self, node):
-        gateiden = node.ndef[1]
-        await self.core.auth.delAuthGate(gateiden)
-
     def getModelDefs(self):
         return (