|
6 | 6 | from assemblyline.common import forge |
7 | 7 | from assemblyline.common.isotime import now_as_iso |
8 | 8 | from assemblyline.odm.messages.changes import Operation |
9 | | -from assemblyline.odm.models.signature import DEPLOYED_STATUSES, STALE_STATUSES, DRAFT_STATUSES |
10 | 9 | from assemblyline.odm.models.user import ROLES |
11 | 10 | from assemblyline.remote.datatypes.hash import Hash |
12 | 11 | from assemblyline.remote.datatypes.lock import Lock |
@@ -219,59 +218,19 @@ def change_status(signature_id, status, **kwargs): |
219 | 218 | { "success" : true } #If saving the rule was a success or not |
220 | 219 | """ |
221 | 220 | user = kwargs['user'] |
222 | | - possible_statuses = DEPLOYED_STATUSES + DRAFT_STATUSES |
223 | | - if status not in possible_statuses: |
224 | | - return make_api_response("", |
225 | | - f"You cannot apply the status {status} on yara rules.", |
226 | | - 403) |
227 | | - |
228 | | - data = STORAGE.signature.get(signature_id, as_obj=False) |
229 | | - if data: |
230 | | - if not Classification.is_accessible(user['classification'], |
231 | | - data.get('classification', Classification.UNRESTRICTED)): |
232 | | - return make_api_response("", "You are not allowed change status on this signature", 403) |
233 | | - |
234 | | - if data['status'] in STALE_STATUSES and status not in DRAFT_STATUSES: |
235 | | - return make_api_response("", |
236 | | - f"Only action available while signature in {data['status']} " |
237 | | - f"status is to change signature to a DRAFT status. ({', '.join(DRAFT_STATUSES)})", |
238 | | - 403) |
239 | | - |
240 | | - if data['status'] in DEPLOYED_STATUSES and status in DRAFT_STATUSES: |
241 | | - return make_api_response("", |
242 | | - f"You cannot change the status of signature {signature_id} from " |
243 | | - f"{data['status']} to {status}.", 403) |
244 | | - |
245 | | - today = now_as_iso() |
246 | | - uname = user['uname'] |
247 | | - |
248 | | - if status not in ['DISABLED', 'INVALID', 'TESTING']: |
249 | | - query = f"status:{status} AND signature_id:{data['signature_id']} AND NOT id:{signature_id}" |
250 | | - others_operations = [ |
251 | | - ('SET', 'last_modified', today), |
252 | | - ('SET', 'state_change_date', today), |
253 | | - ('SET', 'state_change_user', uname), |
254 | | - ('SET', 'status', 'DISABLED') |
255 | | - ] |
256 | | - STORAGE.signature.update_by_query(query, others_operations) |
257 | | - |
258 | | - operations = [ |
259 | | - ('SET', 'last_modified', today), |
260 | | - ('SET', 'state_change_date', today), |
261 | | - ('SET', 'state_change_user', uname), |
262 | | - ('SET', 'status', status) |
263 | | - ] |
264 | | - |
265 | | - success = STORAGE.signature.update(signature_id, operations) |
| 221 | + try: |
| 222 | + success, data = CLIENT.change_status(signature_id, status, user) |
266 | 223 | signature_event_sender.send(data['type'], { |
267 | 224 | 'signature_id': signature_id, |
268 | 225 | 'signature_type': data['type'], |
269 | 226 | 'source': data['source'], |
270 | 227 | 'operation': Operation.Modified |
271 | 228 | }) |
272 | 229 | return make_api_response({"success": success}) |
273 | | - else: |
274 | | - return make_api_response("", f"Signature not found. ({signature_id})", 404) |
| 230 | + except (ValueError, PermissionError) as e: |
| 231 | + make_api_response("", str(e), 403) |
| 232 | + except FileNotFoundError as e: |
| 233 | + make_api_response("", str(e), 404) |
275 | 234 |
|
276 | 235 |
|
277 | 236 | @signature_api.route("/<signature_id>/", methods=["DELETE"]) |
|
0 commit comments