#!/usr/bin/env python3 # -*- coding: utf-8 -*- # Licensed to the Apache Software Foundation (ASF) under one or more # contributor license agreements. See the NOTICE file distributed with # this work for additional information regarding copyright ownership. # The ASF licenses this file to You under the Apache License, Version 2.0 # (the "License"); you may not use this file except in compliance with # the License. You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. ######################################################################## # OPENAPI-URI: /api/rules ######################################################################## # delete: # requestBody: # content: # application/json: # schema: # $ref: '#/components/schemas/Ruleset' # description: Removes a rule entry # required: true # responses: # '200': # content: # application/json: # schema: # $ref: '#/components/schemas/ActionCompleted' # description: Removal successful # default: # content: # application/json: # schema: # $ref: '#/components/schemas/Error' # description: unexpected error # security: # - cookieAuth: [] # summary: Remove a rule entry # get: # responses: # '200': # content: # application/json: # schema: # $ref: '#/components/schemas/Empty' # description: 200 response # default: # content: # application/json: # schema: # $ref: '#/components/schemas/Error' # description: unexpected error # security: # - cookieAuth: [] # summary: Displays the current ruleset entries # put: # requestBody: # content: # application/json: # schema: # $ref: '#/components/schemas/Ruleset' # description: Ruleset to add/modify # required: true # responses: # '200': # content: # application/json: # schema: # $ref: '#/components/schemas/ActionCompleted' # description: Ruleset added # default: # content: # application/json: # schema: # $ref: '#/components/schemas/Error' # description: unexpected error # summary: Adds or overrides a ruleset # ######################################################################## """ This is the ruleset handler for Blocky/2 """ import json import re import time import bcrypt import hashlib import plugins.worker import uuid def run(API, environ, indata, session): global WHITE_CACHE, WHITE_TS method = environ['REQUEST_METHOD'] # Adding a new entry? if method == "PUT": rid = indata.get('rid') submitter = environ.get('HTTP_PROXY_USER', 'Admin') name = indata.get('name') rtype = indata.get('type') span = indata.get('span') limit = indata.get('limit') query = indata.get('query') # all good? Okay, add the entry then entry = { 'name': name, 'type': rtype, 'query': query, 'span': span, 'limit': limit } if not rid: rid = str(uuid.uuid4()) plugins.worker.addnote(session.DB, 'manual', "%s made a new ruleset %s (%s)" % (submitter, rid, name)) else: plugins.worker.addnote(session.DB, 'manual', "%s updated ruleset %s (%s)" % (submitter, rid, name)) session.DB.ES.index(index=session.DB.dbname, doc_type = 'rule', id = rid, body = entry, refresh = 'wait_for') yield json.dumps({"message": "Ruleset added!"}) return # Delete an entry if method == "DELETE": rid = indata.get('rid') submitter = environ.get('HTTP_PROXY_USER', 'Admin') if re.match(r"^[-a-f0-9]+$", rid): if session.DB.ES.exists(index=session.DB.dbname, doc_type='rule', id = rid): doc = session.DB.ES.get(index=session.DB.dbname, doc_type='rule', id = rid)['_source'] plugins.worker.addnote(session.DB, 'manual', "Ruleset %s (%s) removed by %s" % (rid, doc.get('name', '??'), submitter)) session.DB.ES.delete(index=session.DB.dbname, doc_type='rule', id = rid, refresh = 'wait_for') yield json.dumps({"message": "Entry removed"}) return yield API.exception(400, "Invalid rule ID passed!") # Display the current ruleset entries if method == "GET": rules = [] res = session.DB.ES.search( index=session.DB.dbname, doc_type="rule", size = 5000, body = { 'query': { 'match_all': {} } } ) for hit in res['hits']['hits']: doc = hit['_source'] doc['rid'] = hit['_id'] rules.append(doc) JSON_OUT = { 'rules': rules } yield json.dumps(JSON_OUT) return # Finally, if we hit a method we don't know, balk! yield API.exception(400, "I don't know this request method!!")