Added the plugin builder feature

alienvault-api/alienvault-api-core/src/ansiblemethods/sensor/plugin.py

@@ -233,3 +233,21 @@ def ansible_check_plugin_integrity(system_ip):
 
     return rc, output
 
+def ansible_move_plugin_files(filename):
+    """
+    """
+    system_ip="127.0.0.1"
+    command = "/usr/bin/plugin_service " + filename
+
+    try:
+        response = ansible.run_module(host_list=[system_ip], module="command", use_sudo="True", args=command)
+    except Exception, exc:
+        error_msg = "Ansible Error: An error occurred while moving files: %s" % str(exc)
+        api_log.error(error_msg)
+        return False, error_msg
+
+    (success, msg) = ansible_is_valid_response(system_ip, response)
+    if success:
+        return success, response['contacted'][system_ip]['stdout']
+    else:
+        return success, msg

alienvault-api/alienvault-api-core/src/apimethods/plugin/plugin.py

@@ -30,7 +30,7 @@
 # Functions to deal with custom plugins.
 
 import os
-from shutil import copy
+from shutil import copy, move
 from os.path import splitext, basename
 
 import api_log
@@ -55,6 +55,7 @@
     APIInvalidPlugin,
     APIPluginFileNotFound,
     APICannotBeRemoved,
+    APICannotCheckPlugin
 )
 from ansiblemethods.sensor.detector import (
     get_sensor_detectors,
@@ -64,11 +65,15 @@
     disable_plugin_globally,
     disable_plugin_per_assets,
 )
+
+from ansiblemethods.sensor.plugin import ansible_move_plugin_files
 from ansiblemethods.helper import remove_file
 
 TEMPORAL_FOLDER = "/var/lib/asec/plugins/"
 PLUGINS_FOLDER = "/etc/ossim/agent/plugins/"
 END_FOLDER = "/etc/alienvault/plugins/custom/"
+PLUGIN_UPLOAD_FOLDER = "/usr/share/ossim/www/av_plugin/views/plugin_builder/upload/"
+LOG_FOLDER = "/var/log/customlog/"
 
 
 def apimethod_get_plugin_list():
@@ -165,6 +170,82 @@ def apimethod_upload_plugin(plugin_file, vendor, model, version, product_type, o
     # the list of plugin sids for the plugin.
     return data
 
+
+def apimethod_save_plugin(plugin_file,plugin_id,vendor,model,version,product_type,nsids):
+    """Move the uploaded file from upload folder to PLUGINS_FOLDER
+    Args:
+        plugin_file (str) = The plugin you want to download
+    Returns:
+        Returns the content of the given plugin file
+    """
+    try:
+        plugin_src_path = os.path.join(PLUGIN_UPLOAD_FOLDER, plugin_file+'.cfg')
+        sql_src_path = os.path.join(PLUGIN_UPLOAD_FOLDER, plugin_file+'.sql')
+
+        # if not (os.path.isfile(plugin_src_path) or os.path.isfile(sql_src_path)):
+        #     raise APIPluginFileNotFound(plugin_src_path)
+        plugin_f=plugin_file+".cfg"
+        plugin_s=plugin_file+".sql"
+
+        # success1, movedcfg = copy(plugin_src_path, END_FOLDER)
+        # success2, movedsql = copy(sql_src_path, END_FOLDER)
+
+        success, msg = ansible_move_plugin_files(plugin_file)
+
+        if success:
+
+            # Remove via ansible due to file permissions
+            # remove_file(['127.0.0.1'], plugin_src_path)
+            # remove_file(['127.0.0.1'], sql_src_path)
+
+            temporal_plg_path = os.path.join(END_FOLDER, plugin_file)
+            temporal_plg_sql_path = temporal_plg_path + '.sql'
+
+            # Load plugin SQl into the DB.
+            with open(temporal_plg_sql_path) as plugin_raw_sql:
+                success, msg = save_plugin_from_raw_sql(plugin_raw_sql.read())
+                if not success:
+                    raise APICannotSavePlugin(msg)
+
+            # Save plugin data.
+            success, msg = insert_plugin_data(plugin_id,
+                                                plugin_name=plugin_f,
+                                                vendor=vendor,
+                                                model=model,
+                                                version=version,
+                                                nsids=nsids,
+                                                product_type=product_type)
+            if not success:
+                raise APICannotSavePlugin(msg)
+        else:
+            raise APICannotCheckPlugin(msg)
+
+
+    except Exception as e:
+        raise APIPluginFileNotFound(e)
+    return True
+
+
+def apimethod_download_plugin(plugin_file):
+    """Returns the content of a given plugin file
+    Args:
+        plugin_file (str) = The plugin you want to download
+    Returns:
+        Returns the content of the given plugin file
+    """
+    try:
+        plugin_path = "{}{}".format(END_FOLDER, plugin_file)
+        if not os.path.isfile(plugin_path):
+            plugin_path = "{}{}".format(PLUGINS_FOLDER, plugin_file)
+            if not os.path.isfile(plugin_path):
+                raise APIPluginFileNotFound(plugin_file)
+        with open(plugin_path) as plugin_file:
+            data = plugin_file.read()
+    except:
+        raise
+    return data
+
+
 def remove_plugin_from_sensors(plugin_file):
     """ Disable and remove custom plugin from all systems.
     Args:
@@ -229,21 +310,4 @@ def apimethod_remove_plugin(plugin_file):
             raise
 
 
-def apimethod_download_plugin(plugin_file):
-    """Returns the content of a given plugin file
-    Args:
-        plugin_file (str) = The plugin you want to download
-    Returns:
-        Returns the content of the given plugin file
-    """
-    try:
-        plugin_path = "{}{}".format(END_FOLDER, plugin_file)
-        if not os.path.isfile(plugin_path):
-            plugin_path = "{}{}".format(PLUGINS_FOLDER, plugin_file)
-            if not os.path.isfile(plugin_path):
-                raise APIPluginFileNotFound(plugin_file)
-        with open(plugin_path) as plugin_file:
-            data = plugin_file.read()
-    except:
-        raise
-    return data
+

alienvault-api/alienvault-api/src/blueprints/plugin/plugin.py

@@ -39,7 +39,8 @@
     apimethod_get_plugin_list,
     apimethod_upload_plugin,
     apimethod_download_plugin,
-    apimethod_remove_plugin
+    apimethod_remove_plugin,
+    apimethod_save_plugin
 )
 from apiexceptions import APIException
 
@@ -115,3 +116,25 @@ def remove():
     except APIException as e:
         return make_error_from_exception(e)
     return make_ok()
+
+@blueprint.route('/save', methods=['POST'])
+@admin_permission.require(http_exception=403)
+@accepted_url({'plugin_file': str,'plugin_id': str,'vendor': str,'model': str,'version': str,'product_type': str,'nsids': str})
+def save():
+    try:
+        plugin_file = request.form['plugin_file']
+        plugin_id = request.form['plugin_id']
+        vendor = request.form['vendor']
+        model = request.form['model']
+        version = request.form['version']
+        product_type = request.form['product_type']
+        nsids = request.form['nsids']
+
+        result = apimethod_save_plugin(plugin_file=plugin_file,plugin_id=plugin_id,vendor=vendor,model=model,version=version,product_type=product_type,nsids=nsids)
+
+        # response = make_response(data)
+        # response.headers["Content-Disposition"] = "attachment; filename={}".format(plugin_file)
+    except APIException as e:
+        return make_error_from_exception(e)
+    return make_ok(contents=result)
+