Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Al 2646 #1756

Open
wants to merge 13 commits into
base: master
Choose a base branch
from
Open

Al 2646 #1756

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
7bcc745
Add a new `poweruser` role type that can do more than a normal user
cccs-rs Jul 10, 2024
d3794da
Add a submission profile configuration for basic user usage
cccs-rs Jul 10, 2024
e49f48b
Omit `runtime_excluded` from ServiceSelection model (unused)
cccs-rs Jul 30, 2024
a8a03ea
Create a SubmissionProfileParams model for submission profiles
cccs-rs Jul 30, 2024
6af6eb0
Add params to Static Analysis profile
cccs-rs Jul 30, 2024
2b9755e
Remove unused submission parameter from v3
cccs-rs Jul 31, 2024
116afd6
Add `generate_alert` and `ttl` as enforced parameters
cccs-rs Jul 31, 2024
f9808e9
Update SubmissionProfileParams model to all be optional fields
cccs-rs Aug 9, 2024
25733c7
Allow users to change some properties of submission profiles
cccs-rs Oct 11, 2024
7a8b82a
Merge branch 'master' into AL-2646
cccs-nr Oct 15, 2024
29dfce2
Merge branch 'master' into AL-2646
cccs-nr Oct 22, 2024
f1be7a4
Allow for configuring core params
cccs-rs Oct 23, 2024
783958a
Merge branch 'master' into AL-2646
cccs-nr Oct 24, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
71 changes: 70 additions & 1 deletion assemblyline/odm/models/config.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,10 @@
from typing import Any, Dict, List

from assemblyline import odm
from assemblyline.common.forge import get_classification
from assemblyline.odm.models.service import EnvironmentVariable
from assemblyline.odm.models.service_delta import DockerConfigDelta
from assemblyline.odm.models.submission import ServiceSelection, DEFAULT_SRV_SEL

AUTO_PROPERTY_TYPE = ['access', 'classification', 'type', 'role', 'remove_role', 'group',
'multi_group', 'api_quota', 'api_daily_quota', 'submission_quota',
Expand All @@ -15,6 +17,7 @@
DEFAULT_SUBMISSION_QUOTA = 5
DEFAULT_ASYNC_SUBMISSION_QUOTA = 0

Classification = get_classification()

@odm.model(index=False, store=False, description="Password Requirement")
class PasswordRequirement(odm.Model):
Expand Down Expand Up @@ -1978,6 +1981,69 @@ class MetadataConfig(odm.Model):
}
}

@odm.model(index=True, store=False, description="Submission Parameters for profile")
class SubmissionProfileParams(odm.Model):
deep_scan = odm.Optional(odm.Boolean(), description="Should a deep scan be performed?")
generate_alert = odm.Optional(odm.Boolean(), description="Should this submission generate an alert?")
ignore_cache = odm.Optional(odm.Boolean(), description="Ignore the cached service results?")
ignore_dynamic_recursion_prevention = odm.Optional(odm.Boolean(),
description="Should we ignore dynamic recursion prevention?")
ignore_filtering = odm.Optional(odm.Boolean(), description="Should we ignore filtering services?")
ignore_size = odm.Optional(odm.Boolean(), description="Ignore the file size limits?")
max_extracted = odm.Optional(odm.Integer(), description="Max number of extracted files")
max_supplementary = odm.Optional(odm.Integer(), description="Max number of supplementary files")
priority = odm.Optional(odm.Integer(), description="Priority of the scan")
services = odm.Optional(odm.Compound(ServiceSelection), description="Service selection")
service_spec = odm.Optional(odm.Mapping(odm.Mapping(odm.Any())), index=False, store=False,
description="Service-specific parameters")
auto_archive = odm.Optional(odm.Boolean(),
description="Does the submission automatically goes into the archive when completed?")
delete_after_archive = odm.Optional(odm.Boolean(),
description="When the submission is archived, should we delete it from hot storage right away?")
ttl = odm.Optional(odm.Integer(), description="Time, in days, to live for this submission")
use_archive_alternate_dtl = odm.Optional(odm.Boolean(),
description="Should we use the alternate dtl while archiving?")

@odm.model(index=False, store=False, description="Configuration for defining submission profiles for basic users")
class SubmissionProfile(odm.Model):
name = odm.Text(description="Submission profile name")
classification = odm.ClassificationString(default=Classification.UNRESTRICTED,
description="Submission profile classification")
params = odm.Compound(SubmissionProfileParams, description="Default submission parameters for profile")
editable_params = odm.Mapping(odm.List(odm.Text()), default={},
description="A list of specific parameters that can be configured. The format of this configuration is `(core|<service_name>).<parameter>`.")

DEFAULT_SUBMISSION_PROFILES = [
{
# Only perform static analysis
"name": "Static Analysis",
"params": {
"services": {
"selected": DEFAULT_SRV_SEL
}
}
},
{
# Perform static analysis along with dynamic analysis
"name": "Dynamic Analysis",
"params": {
"services": {
"selected": DEFAULT_SRV_SEL + ["Dynamic Analysis"]
}
}

},
{
# Perform static analysis along with internet connected services
"name": "Static Analysis with Internet",
"params": {
"services": {
"selected": DEFAULT_SRV_SEL + ["Internet Connected"]
}
}

},
]

@odm.model(index=False, store=False,
description="Default values for parameters for submissions that may be overridden on a per submission basis")
Expand Down Expand Up @@ -2007,6 +2073,8 @@ class Submission(odm.Model):
description="Tag types that show up in the submission summary")
verdicts = odm.Compound(Verdicts, default=DEFAULT_VERDICTS,
description="Minimum score value to get the specified verdict.")
profiles = odm.List(odm.Compound(SubmissionProfile),
description="Submission profiles with preset submission parameters")


DEFAULT_SUBMISSION = {
Expand All @@ -2023,7 +2091,8 @@ class Submission(odm.Model):
'sha256_sources': [],
'file_sources': [],
'tag_types': DEFAULT_TAG_TYPES,
'verdicts': DEFAULT_VERDICTS
'verdicts': DEFAULT_VERDICTS,
'profiles': DEFAULT_SUBMISSION_PROFILES
}


Expand Down
3 changes: 0 additions & 3 deletions assemblyline/odm/models/submission.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,8 +26,6 @@ class ServiceSelection(odm.Model):
description="List of services to rescan when initial run scores as malicious")
resubmit = odm.List(odm.Keyword(), default=DEFAULT_RESUBMIT,
description="Add to service selection when resubmitting")
runtime_excluded = odm.List(odm.Keyword(), default=[], description="List of runtime excluded services")


# Fields in the parameters used to calculate hashes used for result caching
_KEY_HASHED_FIELDS = {
Expand Down Expand Up @@ -67,7 +65,6 @@ class SubmissionParams(odm.Model):
max_extracted = odm.Integer(default=500, description="Max number of extracted files")
max_supplementary = odm.Integer(default=500, description="Max number of supplementary files")
priority = odm.Integer(default=1000, description="Priority of the scan")
profile = odm.Boolean(default=False, description="Should the submission do extra profiling?")
psid = odm.Optional(odm.UUID(), description="Parent submission ID")
quota_item = odm.Boolean(default=False, description="Does this submission count against quota?")
services = odm.Compound(ServiceSelection, default={}, description="Service selection")
Expand Down
5 changes: 4 additions & 1 deletion assemblyline/odm/models/user.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@
("signature_importer", 3),
("viewer", 4),
("submitter", 5),
("custom", 6)
("custom", 6),
])

ROLES = StringTable('ROLES', [
Expand Down Expand Up @@ -52,6 +52,7 @@
("badlist_manage", 32),
("archive_comment", 33),
("assistant_use", 34),
("submission_customize", 35)
])


Expand Down Expand Up @@ -97,6 +98,7 @@
ROLES.retrohunt_run, # Run yara searches
ROLES.badlist_view, # View badlist items
ROLES.badlist_manage, # Manage (add/delete) badlist items
ROLES.submission_customize # Allowed to customize submission properties
}

USER_ROLES = USER_ROLES_BASIC.union({
Expand Down Expand Up @@ -173,6 +175,7 @@
ROLES.submission_create,
ROLES.submission_delete,
ROLES.submission_manage,
ROLES.submission_customize,
ROLES.retrohunt_run,
],
"E": [
Expand Down
4 changes: 4 additions & 0 deletions assemblyline/odm/models/user_settings.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
from assemblyline import odm
from assemblyline.common import forge
from assemblyline.odm.models.config import SubmissionProfileParams
from assemblyline.odm.models.submission import ServiceSelection

Classification = forge.get_classification()
Expand Down Expand Up @@ -34,6 +35,9 @@ class UserSettings(odm.Model):
malicious = odm.Boolean(default=False, description="Is the file submitted already known to be malicious?")
priority = odm.Integer(default=1000, description="Default priority for the submissions")
profile = odm.Boolean(default=False, description="Should the submission do extra profiling?")
preferred_submission_profile = odm.Optional(odm.Text(), description="Preferred submission profile")
submission_profiles = odm.Mapping(odm.Compound(SubmissionProfileParams), default={},
description="Default submission profile settings")
service_spec = odm.Mapping(odm.Mapping(odm.Any()), default={}, description="Default service specific settings")
services = odm.Compound(ServiceSelection, default={}, description="Default service selection")
submission_view = odm.Enum(values=VIEWS, default="report", description="Default view for completed submissions")
Expand Down