Enhance ThreatReport model, add sensor_group_operations example script

jgarman · jgarman · commit c1a46d93c335 · 2016-07-07T12:16:52.000-04:00
diff --git a/examples/response/sensor_group_operations.py b/examples/response/sensor_group_operations.py
@@ -0,0 +1,112 @@
+#!/usr/bin/env python
+#
+
+import sys
+from cbapi.response.models import SensorGroup, Site
+from cbapi.example_helpers import build_cli_parser, get_cb_response_object
+from cbapi.errors import ServerError
+import logging
+
+log = logging.getLogger(__name__)
+
+
+def list_sensor_groups(cb, parser, args):
+    for g in cb.select(SensorGroup):
+        print(g)
+        print("")
+
+
+def add_sensor_group(cb, parser, args):
+    g = cb.create(SensorGroup)
+
+    if args.site_name:
+        site = cb.select(Site).where("name:{0}".format(args.site_name)).first()
+        if not site:
+            print("Could not find site named {0}".format(args.site_name))
+            return 1
+    elif args.site_id:
+        site = cb.select(Site).where("id:{0}".format(args.site_id)).first()
+        if not site:
+            print("Could not find site ID {0}".format(args.site_id))
+            return 1
+    else:
+        # Just pick the first site by the lowest ID
+        site = min(cb.select(Site), key=lambda x: x.id)
+
+    g.name = args.new_group_name
+    g.site = site
+
+    try:
+        g.save()
+    except ServerError as se:
+        print("Received HTTP error {0} when attempting to add sensor group: {1}".format(se.error_code, str(se)))
+    except Exception as e:
+        print("Could not add sensor group: {0:s}".format(str(e)))
+    else:
+        log.debug("New Sensor Group: {0:s}".format(str(g)))
+        print("Added sensor group. New sensor group ID is {0:d}".format(g.id))
+
+
+def delete_sensor_group(cb, parser, args):
+    try:
+        if args.id:
+            attempted_to_find = "ID of {0:d}".format(args.id)
+            groups = [cb.select(SensorGroup, args.id, force_init=True)]
+        else:
+            attempted_to_find = "name {0:s}".format(args.groupname)
+            groups = cb.select(SensorGroup).where("name:{0:s}".format(args.groupname))[::]
+            if not len(groups):
+                raise Exception("No sensor groups match")
+    except Exception as e:
+        print("Could not find sensor group with {0:s}: {1:s}".format(attempted_to_find, str(e)))
+        return
+
+    num_matching_sensor_groups = len(groups)
+    if num_matching_sensor_groups > 1 and not args.force:
+        print("{0:d} sensor groups match {1:s} and --force not specified. No action taken.".format(num_matching_sensor_groups,
+                                                                                           attempted_to_find))
+        return
+
+    for g in groups:
+        try:
+            g.delete()
+        except Exception as e:
+            print("Could not delete sensor group with {0:s}: {1:s}".format(attempted_to_find, str(e)))
+        else:
+            print("Deleted sensor group id {0:d} with name {1:s}".format(g.id, g.name))
+
+
+def main():
+    parser = build_cli_parser()
+    commands = parser.add_subparsers(help="Sensor Group commands", dest="command_name")
+
+    list_command = commands.add_parser("list", help="List all configured sensor groups")
+
+    add_command = commands.add_parser("add", help="Add new sensor group")
+    add_command.add_argument("-n", "--name", action="store", help="Sensor group name", required=True,
+                             dest="new_group_name")
+    site_group = add_command.add_mutually_exclusive_group(required=False)
+    site_group.add_argument("-s", "--site", action="store", help="Site name", dest="site_name")
+    site_group.add_argument("-i", "--site-id", action="store", help="Site ID", dest="site_id")
+
+    del_command = commands.add_parser("delete", help="Delete sensor groups")
+    del_sensor_group_specifier = del_command.add_mutually_exclusive_group(required=True)
+    del_sensor_group_specifier.add_argument("-i", "--id", type=int, help="ID of sensor group to delete")
+    del_sensor_group_specifier.add_argument("-n", "--name", help="Name of sensor group to delete. Specify --force to delete"
+                                    " multiple sensor groups that have the same name", dest="groupname")
+    del_command.add_argument("--force", help="If NAME matches multiple sensor groups, delete all matching sensor groups",
+                             action="store_true", default=False)
+
+    args = parser.parse_args()
+    cb = get_cb_response_object(args)
+
+    if args.command_name == "list":
+        return list_sensor_groups(cb, parser, args)
+    elif args.command_name == "add":
+        return add_sensor_group(cb, parser, args)
+    elif args.command_name == "delete":
+        return delete_sensor_group(cb, parser, args)
+
+
+if __name__ == "__main__":
+    sys.exit(main())
diff --git a/src/cbapi/response/models.py b/src/cbapi/response/models.py
@@ -114,8 +114,8 @@ def _query_implementation(cls, cb):
         return SimpleQuery(cls, cb)
 
     def _parse(self, info):
-        if len(info) != 1:
-            raise ApiError("Expecting Site response to be array of size 1")
+        if info is None or len(info) != 1:
+            raise ObjectNotFoundError(uri=self._build_api_request_uri())
         return info[0]
 
     @property
@@ -343,7 +343,10 @@ def _query_implementation(cls, cb):
 
     def _parse(self, obj):
         # for some reason, these are returned as an array of size one
-        return obj[0]
+        if obj and len(obj):
+            return obj[0]
+        else:
+            raise ObjectNotFoundError(uri=self._build_api_request_uri())
 
     @property
     def sensors(self):
@@ -615,11 +618,30 @@ def tag_info(self, tag_name):
         return self._tags.get(tag_name, {})
 
 
-class ThreatReport(MutableModel):
+class ThreatReport(MutableBaseModel):
     urlobject = '/api/v1/threat_report'
+    primary_key = "_internal_id"
+
+    @property
+    def _model_unique_id(self):
+        feed_id = getattr(self, "feed_id")
+        report_id = getattr(self, "id")
+
+        if feed_id and report_id:
+            return "{0}:{1}".format(feed_id, report_id)
+        else:
+            return None
+
+    def disable(self):
+        self.is_ignored = True
+        self.save()
+
+    def enable(self):
+        self.is_ignored = False
+        self.save()
 
     @classmethod
-    def new_object(cls, cb, item):
+    def new_object(cls, cb, item, **kwargs):
         return cb.select(ThreatReport, "%s:%s" % (item["feed_id"], item["id"]), initial_data=item)
 
     def _build_api_request_uri(self):
@@ -640,9 +662,6 @@ def __init__(self, cb, full_id, initial_data=None):
     def feed(self):
         return self._join(Feed, "feed_id")
 
-    def _set_model_unique_id(self):
-        self._model_unique_id = "%s:%s" % (self.feed_id, self.id)
-
     def _update_object(self):
         update_content = { "ids": { str(self.feed_id): [str(self.id)] }, "updates": {}}
         for k in self._dirty_attributes.keys():
@@ -675,9 +694,6 @@ def _update_object(self):
             except:
                 self.refresh()
 
-        if not self._model_unique_id:
-            self._set_model_unique_id()
-
         self._dirty_attributes = {}
         return self._model_unique_id
 
