df removal and TLP fixing (#2230)

mlodic · web-flow · commit 294f234319c5 · 2024-03-28T14:53:33.000+01:00
diff --git a/api_app/analyzers_manager/file_analyzers/dragonfly.py b/api_app/analyzers_manager/file_analyzers/dragonfly.py
diff --git a/api_app/analyzers_manager/migrations/0073_remove_dragonfly_analyzer.py b/api_app/analyzers_manager/migrations/0073_remove_dragonfly_analyzer.py
@@ -0,0 +1,25 @@
+from django.db import migrations
+
+
+def migrate(apps, schema_editor):
+    PythonModule = apps.get_model("api_app", "PythonModule")
+    pm = PythonModule.objects.get(
+        module="dragonfly.DragonflyEmulation",
+        base_path="api_app.analyzers_manager.file_analyzers",
+    )
+    pm.analyzerconfigs.all().delete()
+    pm.delete()
+
+
+def reverse_migrate(apps, schema_editor):
+    pass
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("api_app", "0062_alter_parameter_python_module"),
+        ("analyzers_manager", "0072_analyzer_config_tweetfeed"),
+    ]
+    operations = [
+        migrations.RunPython(migrate, reverse_migrate),
+    ]
diff --git a/api_app/analyzers_manager/migrations/0074_adjust_maximum_tlp.py b/api_app/analyzers_manager/migrations/0074_adjust_maximum_tlp.py
@@ -0,0 +1,133 @@
+from django.db import migrations
+
+from api_app.choices import TLP
+
+
+def migrate(apps, schema_editor):
+    PythonModule = apps.get_model("api_app", "PythonModule")
+
+    pm = PythonModule.objects.get(
+        module="bgp_ranking.BGPRanking",
+        base_path="api_app.analyzers_manager.observable_analyzers",
+    )
+    for analyzer in pm.analyzerconfigs.all():
+        analyzer.maximum_tlp = TLP.AMBER
+        analyzer.save()
+
+    pm = PythonModule.objects.get(
+        module="feodo_tracker.Feodo_Tracker",
+        base_path="api_app.analyzers_manager.observable_analyzers",
+    )
+    for analyzer in pm.analyzerconfigs.all():
+        analyzer.maximum_tlp = TLP.RED
+        analyzer.save()
+
+    pm = PythonModule.objects.get(
+        module="mmdb_server.MmdbServer",
+        base_path="api_app.analyzers_manager.observable_analyzers",
+    )
+    for analyzer in pm.analyzerconfigs.all():
+        analyzer.maximum_tlp = TLP.AMBER
+        analyzer.save()
+
+    pm = PythonModule.objects.get(
+        module="phoneinfoga_scan.Phoneinfoga",
+        base_path="api_app.analyzers_manager.observable_analyzers",
+    )
+    for analyzer in pm.analyzerconfigs.all():
+        analyzer.maximum_tlp = TLP.AMBER
+        analyzer.save()
+
+    pm = PythonModule.objects.get(
+        module="tweetfeeds.TweetFeeds",
+        base_path="api_app.analyzers_manager.observable_analyzers",
+    )
+    for analyzer in pm.analyzerconfigs.all():
+        analyzer.maximum_tlp = TLP.RED
+        analyzer.save()
+
+    pm = PythonModule.objects.get(
+        module="validin.Validin",
+        base_path="api_app.analyzers_manager.observable_analyzers",
+    )
+    for analyzer in pm.analyzerconfigs.all():
+        analyzer.maximum_tlp = TLP.AMBER
+        analyzer.save()
+
+    pm = PythonModule.objects.get(
+        module="zippy_scan.ZippyAnalyser",
+        base_path="api_app.analyzers_manager.file_analyzers",
+    )
+    for analyzer in pm.analyzerconfigs.all():
+        analyzer.maximum_tlp = TLP.RED
+        analyzer.save()
+
+
+def reverse_migrate(apps, schema_editor):
+    PythonModule = apps.get_model("api_app", "PythonModule")
+
+    pm = PythonModule.objects.get(
+        module="bgp_ranking.BGPRanking",
+        base_path="api_app.analyzers_manager.observable_analyzers",
+    )
+    for analyzer in pm.analyzerconfigs.all():
+        analyzer.maximum_tlp = TLP.CLEAR
+        analyzer.save()
+
+    pm = PythonModule.objects.get(
+        module="feodo_tracker.Feodo_Tracker",
+        base_path="api_app.analyzers_manager.observable_analyzers",
+    )
+    for analyzer in pm.analyzerconfigs.all():
+        analyzer.maximum_tlp = TLP.CLEAR
+        analyzer.save()
+
+    pm = PythonModule.objects.get(
+        module="mmdb_server.MmdbServer",
+        base_path="api_app.analyzers_manager.observable_analyzers",
+    )
+    for analyzer in pm.analyzerconfigs.all():
+        analyzer.maximum_tlp = TLP.CLEAR
+        analyzer.save()
+
+    pm = PythonModule.objects.get(
+        module="phoneinfoga_scan.Phoneinfoga",
+        base_path="api_app.analyzers_manager.observable_analyzers",
+    )
+    for analyzer in pm.analyzerconfigs.all():
+        analyzer.maximum_tlp = TLP.CLEAR
+        analyzer.save()
+
+    pm = PythonModule.objects.get(
+        module="tweetfeeds.TweetFeeds",
+        base_path="api_app.analyzers_manager.observable_analyzers",
+    )
+    for analyzer in pm.analyzerconfigs.all():
+        analyzer.maximum_tlp = TLP.CLEAR
+        analyzer.save()
+
+    pm = PythonModule.objects.get(
+        module="validin.Validin",
+        base_path="api_app.analyzers_manager.observable_analyzers",
+    )
+    for analyzer in pm.analyzerconfigs.all():
+        analyzer.maximum_tlp = TLP.CLEAR
+        analyzer.save()
+
+    pm = PythonModule.objects.get(
+        module="zippy_scan.ZippyAnalyser",
+        base_path="api_app.analyzers_manager.file_analyzers",
+    )
+    for analyzer in pm.analyzerconfigs.all():
+        analyzer.maximum_tlp = TLP.CLEAR
+        analyzer.save()
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("api_app", "0062_alter_parameter_python_module"),
+        ("analyzers_manager", "0073_remove_dragonfly_analyzer"),
+    ]
+    operations = [
+        migrations.RunPython(migrate, reverse_migrate),
+    ]
diff --git a/api_app/analyzers_manager/observable_analyzers/tweetfeeds.py b/api_app/analyzers_manager/observable_analyzers/tweetfeeds.py
@@ -20,7 +20,7 @@ class TweetFeeds(ObservableAnalyzer):
 
     url = "https://api.tweetfeed.live/v1/"
     filter1: str = ""
-    time: str
+    time: str = ""
 
     @classmethod
     def location(cls) -> Tuple[str, str]:
diff --git a/api_app/migrations/0062_alter_parameter_python_module.py b/api_app/migrations/0062_alter_parameter_python_module.py
@@ -0,0 +1,22 @@
+# Generated by Django 4.2.11 on 2024-03-28 11:41
+
+import django.db.models.deletion
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("api_app", "0061_job_depth_analysis"),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name="parameter",
+            name="python_module",
+            field=models.ForeignKey(
+                on_delete=django.db.models.deletion.CASCADE,
+                related_name="parameters",
+                to="api_app.pythonmodule",
+            ),
+        ),
+    ]
diff --git a/api_app/models.py b/api_app/models.py
@@ -645,7 +645,7 @@ class Parameter(models.Model):
     is_secret = models.BooleanField(db_index=True)
     required = models.BooleanField(null=False)
     python_module = models.ForeignKey(
-        PythonModule, related_name="parameters", on_delete=models.PROTECT
+        PythonModule, related_name="parameters", on_delete=models.CASCADE
     )
 
     class Meta:
diff --git a/requirements/project-requirements.txt b/requirements/project-requirements.txt
@@ -67,7 +67,6 @@ quark-engine==24.2.1
 speakeasy-emulator==1.5.9
 telfhash==0.9.8
 yara-python==4.5.0
-pydragonfly==0.1.0
 greynoise==2.1.0
 XLMMacroDeobfuscator[secure]==0.2.3
 thinkst-zippy==0.1.2

Original file line number	Diff line number	Diff line change
`@@ -645,7 +645,7 @@ class Parameter(models.Model):`
`645`	`645`	`is_secret = models.BooleanField(db_index=True)`
`646`	`646`	`required = models.BooleanField(null=False)`
`647`	`647`	`python_module = models.ForeignKey(`
`648`		`- PythonModule, related_name="parameters", on_delete=models.PROTECT`
	`648`	`+ PythonModule, related_name="parameters", on_delete=models.CASCADE`
`649`	`649`	`)`
`650`	`650`
`651`	`651`	`class Meta:`