fix Cb Defense query parameters & implement Mutable model for Cb Defense objects

jgarman · jgarman · commit ecb6e76c72e3 · 2017-06-13T10:59:09.000-04:00
diff --git a/src/cbapi/connection.py b/src/cbapi/connection.py
@@ -223,7 +223,7 @@ def api_json_request(self, method, uri, **kwargs):
         headers = kwargs.pop("headers", {})
         raw_data = None
 
-        if method in ("POST", "PUT"):
+        if method in ("POST", "PUT", "PATCH"):
             if "Content-Type" not in headers:
                 headers["Content-Type"] = "application/json"
                 raw_data = kwargs.pop("data", {})
diff --git a/src/cbapi/defense/__init__.py b/src/cbapi/defense/__init__.py
@@ -2,4 +2,5 @@
 
 from __future__ import absolute_import
 
-from .rest_api import CbDefenseAPI
+from .rest_api import CbDefenseAPI
+from .models import Device, Event
diff --git a/src/cbapi/defense/models.py b/src/cbapi/defense/models.py
@@ -1,9 +1,69 @@
 from ..models import MutableBaseModel, CreatableModelMixin, NewBaseModel
 
+import logging
+import json
+from ..errors import ServerError
 
-class Device(NewBaseModel):
+log = logging.getLogger(__name__)
+
+
+class DefenseMutableModel(MutableBaseModel):
+    _change_object_http_method = "PATCH"
+
+    def _update_object(self):
+        if self.__class__.primary_key in self._dirty_attributes.keys() or self._model_unique_id is None:
+            log.debug("Creating a new {0:s} object".format(self.__class__.__name__))
+            ret = self._cb.api_json_request(self.__class__._new_object_http_method, self.urlobject,
+                                            data=self._info)
+        else:
+            log.debug("Updating {0:s} with unique ID {1:s}".format(self.__class__.__name__, str(self._model_unique_id)))
+            ret = self._cb.api_json_request(self.__class__._change_object_http_method,
+                                            self._build_api_request_uri(), data=self._dirty_attributes)
+
+        return self._refresh_if_needed(ret)
+
+    def _refresh_if_needed(self, request_ret):
+        refresh_required = True
+
+        if request_ret.status_code not in range(200, 300):
+            try:
+                message = json.loads(request_ret.content)[0]
+            except:
+                message = request_ret.content
+
+            raise ServerError(request_ret.status_code, message,
+                              result="Did not update {} record.".format(self.__class__.__name__))
+        else:
+            try:
+                message = request_ret.json()
+                log.debug("Received response: %s" % message)
+                if not isinstance(message, dict):
+                    raise ServerError(request_ret.status_code, message,
+                                      result="Unknown error updating {0:s} record.".format(self.__class__.__name__))
+                else:
+                    if message.get("success", False):
+                        if isinstance(message.get(self.info_key, None), dict):
+                            self._info = message.get(self.info_key)
+                            self._full_init = True
+                            refresh_required = False
+                    else:
+                        # "success" is False
+                        raise ServerError(request_ret.status_code, message.get("message", ""),
+                                          result="Did not update {0:s} record.".format(self.__class__.__name__))
+            except:
+                pass
+
+        self._dirty_attributes = {}
+        if refresh_required:
+            self.refresh()
+        return self._model_unique_id
+
+
+class Device(DefenseMutableModel):
     urlobject = "/integrationServices/v3/device"
     primary_key = "deviceId"
+    info_key = "deviceInfo"
+    swagger_meta_file = "defense/models/deviceInfo.yaml"
 
     def __init__(self, cb, model_unique_id, initial_data=None):
         super(Device, self).__init__(cb, model_unique_id, initial_data)
diff --git a/src/cbapi/defense/models/deviceInfo.yaml b/src/cbapi/defense/models/deviceInfo.yaml
@@ -0,0 +1,221 @@
+type: object
+properties:
+  osVersion:
+    type: string
+  activationCode:
+    type: string
+  organizationId:
+    type: integer
+    format: int64
+  deviceId:
+    type: integer
+    format: int64
+  deviceSessionId:
+    type: integer
+    format: int64
+  deviceOwnerId:
+    type: integer
+    format: int64
+  deviceGuid:
+    type: string
+    format: uuid
+  email:
+    type: string
+    format: email
+  assignedToId:
+    type: integer
+    format: int64
+  assignedToName:
+    type: string
+  deviceType:
+    type: string
+    x-nullable: true
+    enum:
+      - "MAC"
+      - "WINDOWS"
+  firstName:
+    type: string
+  lastName:
+    type: string
+  middleName:
+    type: string
+  createTime:
+    type: integer
+    format: int64
+  policyId:
+    type: integer
+    format: int64
+  policyName:
+    type: string
+  quarantined:
+    type: boolean
+  targetPriorityType:
+    type: string
+    x-nullable: true
+    enum:
+    - "HIGH"
+    - "LOW"
+    - "MEDIUM"
+    - "MISSION_CRITICAL"
+  lastVirusActivityTime:
+    type: integer
+    format: int64
+  firstVirusActivityTime:
+    type: integer
+    format: int64
+  activationCodeExpiryTime:
+    type: integer
+    format: int64
+  organizationName:
+    type: string
+  sensorVersion:
+    type: string
+  registeredTime:
+    type: integer
+    format: int64
+  lastContact:
+    type: integer
+    format: int64
+  lastReportedTime:
+    type: integer
+    format: int64
+  windowsPlatform:
+    type: string
+    x-nullable: true
+    enum:
+      - "CLIENT_X64"
+      - "CLIENT_X86"
+      - "SERVER_X6"
+      - "SERVER_X86"
+  vdiBaseDevice:
+    type: integer
+    format: int64
+  avStatus:
+    type: array
+    items:
+      type: string
+      x-nullable: true
+      enum:
+        - "AV_ACTIVE"
+        - "AV_BYPASS"
+        - "AV_DEREGISTERED"
+        - "AV_NOT_REGISTERED"
+        - "AV_REGISTERED"
+        - "FULLY_DISABLED"
+        - "FULLY_ENABLED"
+        - "INSTALLED"
+        - "INSTALLED_SERVER"
+        - "NOT_INSTALLED"
+        - "ONACCESS_SCAN_DISABLED"
+        - "ONDEMAND_SCAN_DISABLED"
+        - "ONDEMOND_SCAN_DISABLED"
+        - "PRODUCT_UPDATE_DISABLED"
+        - "SIGNATURE_UPDATE_DISABLED"
+        - "UNINSTALLED"
+        - "UNINSTALLED_SERVER"
+  deregisteredTime:
+    type: integer
+    format: int64
+  sensorStates:
+    type: array
+    items:
+      type: string
+      x-nullable: true
+      enum:
+        - "ACTIVE"
+        - "CSR_ACTION"
+        - "DB_CORRUPTION_DETECTED"
+        - "DRIVER_INIT_ERROR"
+        - "LOOP_DETECTED"
+        - "PANICS_DETECTED"
+        - "REMGR_INIT_ERROR"
+        - "REPUX_ACTION"
+        - "SENSOR_MAINTENANCE"
+        - "SENSOR_RESET_IN_PROGRESS"
+        - "SENSOR_SHUTDOWN"
+        - "SENSOR_UNREGISTERED"
+        - "SENSOR_UPGRADE_IN_PROGRESS"
+        - "UNSUPPORTED_OS"
+        - "WATCHDOG"
+  messages:
+    type: array
+    items:
+      type: object
+      properties:
+        message:
+          type: string
+        time:
+          type: integer
+          format: int64
+  rootedBySensor:
+    type: boolean
+  rootedBySensorTime:
+    type: integer
+    format: int64
+  lastInternalIpAddress:
+    type: string
+  lastExternalIpAddress:
+    type: string
+  lastLocation:
+    type: string
+    x-nullable: true
+    enum:
+      - "OFFSITE"
+      - "ONSITE"
+      - "UNKNOWN"
+  avUpdateServers:
+    type: array
+    items:
+      type: string
+  passiveMode:
+    type: boolean
+  lastResetTime:
+    type: integer
+    format: int64
+  lastShutdownTime:
+    type: integer
+    format: int64
+  scanStatus:
+    type: string
+  scanLastActionTime:
+    type: integer
+    format: int64
+  scanLastCompleteTime:
+    type: integer
+    format: int64
+  linuxKernelVersion:
+    type: string
+  avEngine:
+    type: string
+  avLastScanTime:
+    type: integer
+    format: int64
+  rootedByAnalytics:
+    type: boolean
+  rootedByAnalyticsTime:
+    type: integer
+    format: int64
+  testId:
+    type: integer
+  avMaster:
+    type: boolean
+  uninstalledTime:
+    type: integer
+    format: int64
+  name:
+    type: string
+  status:
+    type: string
+    x-nullable: true
+    enum:
+      - "ACTIVE"
+      - "ALL"
+      - "BYPASS"
+      - "BYPASS_ON"
+      - "DEREGISTERED"
+      - "ERROR"
+      - "INACTIVE"
+      - "PENDING"
+      - "QUARANTINE"
+      - "REGISTERED"
+      - "UNINSTALLED"
diff --git a/src/cbapi/defense/rest_api.py b/src/cbapi/defense/rest_api.py
@@ -7,6 +7,11 @@
 log = logging.getLogger(__name__)
 
 
+def convert_to_kv_pairs(q):
+    k, v = q.split(':', 1)
+    return k, v
+
+
 class CbDefenseAPI(BaseAPI):
     """The main entry point into the Cb Defense API.
 
@@ -69,7 +74,7 @@ def _clone(self):
     def where(self, q):
         """Add a filter to this query.
 
-        :param str q: Query string - see the Enterprise Protection API reference <http://developer.carbonblack.com/reference/enterprise-protection/7.2/rest-api/#searching:ec3e4958451e5256ed16afd222059e6d>`_.
+        :param str q: Query string
         :return: Query object
         :rtype: :py:class:`Query`
         """
@@ -80,17 +85,23 @@ def where(self, q):
     def and_(self, q):
         """Add a filter to this query. Equivalent to calling :py:meth:`where` on this object.
 
-        :param str q: Query string - see the Enterprise Protection API reference <http://developer.carbonblack.com/reference/enterprise-protection/7.2/rest-api/#searching:ec3e4958451e5256ed16afd222059e6d>`_.
+        :param str q: Query string
         :return: Query object
         :rtype: :py:class:`Query`
         """
         return self.where(q)
 
+    def prepare_query(self, args):
+        if self._query:
+            for qe in self._query:
+                k, v = convert_to_kv_pairs(qe)
+                args[k] = v
+
+        return args
+
     def _count(self):
-        # TODO: FIX
         args = {'limit': -1}
-        if self._query:
-            args['q'] = self._query
+        args = self.prepare_query(args)
 
         query_args = convert_query_params(args)
         self._total_results = int(self._cb.get_object(self._doc_class.urlobject, query_parameters=query_args).get("count", 0))
@@ -107,9 +118,7 @@ def _search(self, start=0, rows=0):
         current = start
         numrows = 0
 
-        if self._query:
-            args['q'] = self._query
-
+        args = self.prepare_query(args)
         still_querying = True
 
         while still_querying:
