├── .gitattributes
├── .gitignore
├── LICENSE
├── README.md
├── docs
    ├── LAUNCHING.md
    ├── PLUGINS.md
    ├── RULES.md
    └── TESTING.md
├── requirements.txt
├── sam
    ├── ConfigEnvy.py
    ├── __init__.py
    ├── common.py
    ├── constants.py
    ├── default.cfg
    ├── errors.py
    ├── httpserver.py
    ├── importers
    │   ├── __init__.py
    │   ├── import_asasyslog.py
    │   ├── import_aws.py
    │   ├── import_base.py
    │   ├── import_netflow.py
    │   ├── import_paloalto.py
    │   ├── import_tcpdump.py
    │   ├── import_tshark.py
    │   └── netflow_collector.py
    ├── integrity.py
    ├── launcher.py
    ├── local
    │   ├── __init__.py
    │   ├── en.py
    │   ├── fr.py
    │   └── rv.py
    ├── models
    │   ├── __init__.py
    │   ├── base.py
    │   ├── datasources.py
    │   ├── details.py
    │   ├── filters.py
    │   ├── links.py
    │   ├── livekeys.py
    │   ├── nodes.py
    │   ├── ports.py
    │   ├── security
    │   │   ├── __init__.py
    │   │   ├── alerts.py
    │   │   ├── anomaly_plugin.py
    │   │   ├── rule.py
    │   │   ├── rule_parser.py
    │   │   ├── rule_template.py
    │   │   ├── rules.py
    │   │   ├── ruling_process.py
    │   │   └── warnings.py
    │   ├── settings.py
    │   ├── strings.py
    │   ├── subscriptions.py
    │   ├── tables.py
    │   ├── upload.py
    │   ├── user.py
    │   └── whois.py
    ├── pages
    │   ├── __init__.py
    │   ├── alerts.py
    │   ├── anomaly_plugin.py
    │   ├── base.py
    │   ├── details.py
    │   ├── links.py
    │   ├── login.py
    │   ├── logout.py
    │   ├── map.py
    │   ├── metadata.py
    │   ├── nodes.py
    │   ├── portinfo.py
    │   ├── rules.py
    │   ├── sec_dashboard.py
    │   ├── settings.py
    │   ├── settings_page.py
    │   ├── stats.py
    │   └── table.py
    ├── preprocess.py
    ├── rule_templates
    │   ├── compromised.yml
    │   ├── compromised_hosts.txt
    │   ├── dos.yml
    │   ├── netscan.yml
    │   ├── portscan.yml
    │   └── suspicious.yml
    ├── server_aggregator.py
    ├── server_collector.py
    ├── server_webserver.py
    ├── sql
    │   ├── default_port_data.json
    │   ├── delete_staging_data.sql
    │   ├── drop_datasource.sql
    │   ├── drop_subscription.sql
    │   ├── profiling.sql
    │   ├── sessions.sql
    │   ├── setup_datasource_mysql.sql
    │   ├── setup_datasource_sqlite.sql
    │   ├── setup_shared_tables_mysql.sql
    │   ├── setup_shared_tables_sqlite.sql
    │   ├── setup_subscription_tables_mysql.sql
    │   ├── setup_subscription_tables_sqlite.sql
    │   └── test_data.sql
    ├── static
    │   ├── css
    │   │   ├── general.css
    │   │   ├── map.css
    │   │   ├── security.css
    │   │   ├── table.css
    │   │   └── timerange.css
    │   ├── img
    │   │   ├── logo_dark.png
    │   │   └── logo_light.png
    │   ├── js
    │   │   ├── jquery-3.1.0.min.js
    │   │   ├── liveUpdate.js
    │   │   ├── local
    │   │   │   ├── en.js
    │   │   │   ├── fr.js
    │   │   │   └── rv.js
    │   │   ├── map.js
    │   │   ├── map_events.js
    │   │   ├── map_links.js
    │   │   ├── map_node.js
    │   │   ├── map_ports.js
    │   │   ├── map_render.js
    │   │   ├── map_selection.js
    │   │   ├── metadata.js
    │   │   ├── security.js
    │   │   ├── settings.js
    │   │   ├── table.js
    │   │   ├── table_filters.js
    │   │   └── timerange.js
    │   ├── nouislider
    │   │   ├── nouislider-dark.css
    │   │   ├── nouislider.css
    │   │   ├── nouislider.min.js
    │   │   └── nouislider.pips.css
    │   └── semantic
    │   │   ├── LICENSE
    │   │   ├── semantic.css
    │   │   ├── semantic.js
    │   │   ├── semantic.min.css
    │   │   ├── semantic.min.js
    │   │   └── themes
    │   │       └── default
    │   │           └── assets
    │   │               ├── fonts
    │   │                   ├── icons.eot
    │   │                   ├── icons.otf
    │   │                   ├── icons.svg
    │   │                   ├── icons.ttf
    │   │                   ├── icons.woff
    │   │                   └── icons.woff2
    │   │               └── images
    │   │                   └── flags.png
    ├── templates
    │   ├── _head.html
    │   ├── _tail.html
    │   ├── en
    │   │   ├── _footer.html
    │   │   ├── _header.html
    │   │   ├── dashboard.html
    │   │   ├── login.html
    │   │   ├── map.html
    │   │   ├── metadata.html
    │   │   ├── settings.html
    │   │   ├── stats.html
    │   │   └── table.html
    │   ├── fr
    │   │   ├── _footer.html
    │   │   ├── _header.html
    │   │   ├── dashboard.html
    │   │   ├── login.html
    │   │   ├── map.html
    │   │   ├── metadata.html
    │   │   ├── settings.html
    │   │   ├── stats.html
    │   │   └── table.html
    │   └── rv
    │   │   ├── _footer.html
    │   │   ├── _header.html
    │   │   ├── dashboard.html
    │   │   ├── login.html
    │   │   ├── map.html
    │   │   ├── metadata.html
    │   │   ├── settings.html
    │   │   ├── stats.html
    │   │   └── table.html
    └── update_portLUT.py
├── setup.cfg
├── setup.py
└── spec
    ├── __init__.py
    ├── browser
        ├── __init__.py
        ├── conftest.py
        ├── manual.py
        ├── test_all_pages.py
        ├── test_dashboard.py
        ├── test_metadata.py
        └── test_settings.py
    ├── javascripts
        ├── helpers
        │   ├── node_tree.js
        │   ├── ports.js
        │   └── test_maker.py
        ├── map_events_spec.js
        ├── map_links_spec.js
        ├── map_node_spec.js
        ├── map_ports_spec.js
        ├── map_render_spec.js
        ├── map_selection_spec.js
        ├── map_spec.js
        ├── metadata_spec.js
        ├── support
        │   └── jasmine.yml
        ├── table_filters_spec.js
        └── timerange_spec.js
    └── python
        ├── __init__.py
        ├── db_connection.py
        ├── dummy_content.txt
        ├── importers
            ├── __init__.py
            ├── nfcapd_test
            ├── test_import_asasyslog.py
            ├── test_import_aws.py
            ├── test_import_base.py
            ├── test_import_netflow.py
            ├── test_import_paloalto.py
            ├── test_import_tcpdump.py
            ├── test_import_tshark.py
            └── test_neflow_collector.py
        ├── mock_router.py
        ├── models
            ├── __init__.py
            ├── security
            │   ├── __init__.py
            │   ├── test_alerts.py
            │   ├── test_anomaly_plugin.py
            │   ├── test_rule.py
            │   ├── test_rule_parser.py
            │   ├── test_rule_template.py
            │   ├── test_rules.py
            │   ├── test_ruling_process.py
            │   └── test_warnings.py
            ├── test_datasources.py
            ├── test_details.py
            ├── test_filters.py
            ├── test_links.py
            ├── test_livekeys.py
            ├── test_nodes.py
            ├── test_ports.py
            ├── test_settings.py
            ├── test_subscriptions.py
            ├── test_tables.py
            ├── test_upload.py
            ├── test_user.py
            └── test_whois.py
        ├── pages
            ├── __init__.py
            ├── test_alerts.py
            ├── test_anomaly_plugin.py
            ├── test_base.py
            ├── test_dashboard.py
            ├── test_details.py
            ├── test_links.py
            ├── test_login.py
            ├── test_logout.py
            ├── test_map.py
            ├── test_metadata.py
            ├── test_nodes.py
            ├── test_portinfo.py
            ├── test_rules.py
            ├── test_settings.py
            ├── test_settings_page.py
            ├── test_stats.py
            └── test_table.py
        ├── plugins
            ├── test_plugin1
            │   ├── __init__.py
            │   ├── models
            │   │   ├── __init__.py
            │   │   └── test_model.py
            │   ├── sam_installer.py
            │   └── sql
            │   │   └── create_test_table.sql
            └── test_plugin2
            │   ├── __init__.py
            │   ├── pages
            │       ├── __init__.py
            │       └── test_url.py
            │   ├── sam_installer.py
            │   └── templates
            │       ├── en
            │           └── test_template.html
            │       └── fr
            │           └── test_template.html
        ├── portlut_mock.csv
        ├── rule_templates
            ├── test_hosts.txt
            └── test_rule.yml
        ├── test_aggregator.py
        ├── test_collector.py
        ├── test_common.py
        ├── test_constants.py
        ├── test_integrity.py
        ├── test_launcher.py
        ├── test_localization.py
        ├── test_server.py
        ├── test_sql.sql
        └── test_update_portLUT.py


/.gitattributes:
--------------------------------------------------------------------------------
 1 | # Set the default behavior, in case people don't have core.autocrlf set.
 2 | * text=auto
 3 | 
 4 | # Explicitly declare text files you want to always be normalized and converted
 5 | # to native line endings on checkout.
 6 | *.py text
 7 | *.html text
 8 | 
 9 | # Declare files that will always have CRLF line endings on checkout.
10 | *.sln text eol=crlf
11 | 
12 | # Denote all files that are truly binary and should not be modified.
13 | *.png binary
14 | *.jpg binary


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
  1 | # Byte-compiled / optimized / DLL files
  2 | __pycache__/
  3 | *.py[cod]
  4 | *$py.class
  5 | 
  6 | # C extensions
  7 | *.so
  8 | 
  9 | # Distribution / packaging
 10 | .Python
 11 | env/
 12 | build/
 13 | develop-eggs/
 14 | dist/
 15 | downloads/
 16 | eggs/
 17 | .eggs/
 18 | lib/
 19 | lib64/
 20 | parts/
 21 | sdist/
 22 | var/
 23 | *.egg-info/
 24 | .installed.cfg
 25 | *.egg
 26 | 
 27 | # PyInstaller
 28 | #  Usually these files are written by a python script from a template
 29 | #  before PyInstaller builds the exe, so as to inject date/other infos into it.
 30 | *.manifest
 31 | *.spec
 32 | 
 33 | # Installer logs
 34 | pip-log.txt
 35 | pip-delete-this-directory.txt
 36 | 
 37 | # Unit test / coverage reports
 38 | htmlcov/
 39 | .tox/
 40 | .coverage
 41 | .coverage.*
 42 | .cache
 43 | nosetests.xml
 44 | coverage.xml
 45 | *,cover
 46 | .hypothesis/
 47 | 
 48 | # Translations
 49 | *.mo
 50 | *.pot
 51 | 
 52 | # Django stuff:
 53 | *.log
 54 | local_settings.py
 55 | 
 56 | # Flask stuff:
 57 | instance/
 58 | .webassets-cache
 59 | 
 60 | # Scrapy stuff:
 61 | .scrapy
 62 | 
 63 | # Sphinx documentation
 64 | docs/_build/
 65 | 
 66 | # PyBuilder
 67 | target/
 68 | 
 69 | # IPython Notebook
 70 | .ipynb_checkpoints
 71 | 
 72 | # pyenv
 73 | .python-version
 74 | 
 75 | # celery beat schedule file
 76 | celerybeat-schedule
 77 | 
 78 | # dotenv
 79 | .env
 80 | 
 81 | # virtualenv
 82 | venv/
 83 | ENV/
 84 | 
 85 | # Spyder project settings
 86 | .spyderproject
 87 | 
 88 | # Rope project settings
 89 | .ropeproject
 90 | 
 91 | # PyCharm project settings
 92 | .idea/
 93 | 
 94 | # database root access
 95 | dbconfig_local.*
 96 | 
 97 | # data dump folder
 98 | data/
 99 | 
100 | temp.*
101 | 
102 | # certificates and keys
103 | *.pem
104 | 
105 | # don't include plugins by default
106 | plugins_omit/


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # SAM - System Architecture Mapper
 2 | 
 3 | SAM is a tool designed to map a network based on the data log of a router.
 4 | It runs as a local python-based server and displays the a map and statistics on the browser.
 5 | 
 6 | Check out the [website](http://www.samapper.com) for details about the project and a demo!
 7 | 
 8 | ## Quickstart (using pip)
 9 | 
10 | install SAM with pip:
11 | 
12 |     pip install samapper
13 |     
14 | Collect network data with tcpdump and run the http server:
15 | 
16 |     sudo tcpdump -i any -f --immediate-mode -l -n -Q inout -tt | samapper --local --whois --format=tcpdump
17 |     
18 |   * tcpdump will probably need to be run with sudo to allow it to capture network traffic from your devices.
19 |   * Only tcpdump format works locally via pipe at the moment.
20 | 
21 | Or, run the http server without collecting data:
22 | 
23 |     samapper --local --whois --format=none
24 | 
25 | 
26 | #### Known issue:
27 | When running samapper in local mode using sqlite (the default) the database will sometimes 
28 | lock up when the collector is inserting and you are viewing the display. If this is happening,
29 | just run the collector for a while, stop it, and run the http server on its own.
30 | 
31 | 
32 | ## Installation (using git)
33 | 
34 | ### Prerequisites
35 | (optional) mysql - database software that will work better for this than sqlite.
36 | 
37 |     apt-get install mysql-server libmysqlclient-dev python python-dev
38 |     
39 | pip - to install python packages
40 | 
41 |     apt-get install python-pip
42 | 
43 | ### Installing
44 | 1. Clone this repository
45 | 2. Run `pip install -r requirements.txt` from within the directory to install necessary packages.
46 | 3. Set environment variables for credentials and settings.  See sam/default.cfg.
47 | 
48 | ```bash
49 | e.g:
50 | export SAM__DATABASE__DBN=mysql
51 | export SAM__DATABASE__USER=root
52 | export SAM__DATABASE__PW=mypassword
53 | ```
54 | 
55 | ### Usage
56 | 
57 | 1. Start the server locally by running: `python -m sam.launcher --target=webserver`  For a more robust deployment, SAM supports the WSGI interface (`python sam/server_webserver.py`) and can be run through a different web server.
58 | 
59 | 2. Create a data source to use in the settings page, or use the default empty data source provided.
60 | 
61 | 3. For static analysis, import your log files into the database by running the following scripts, where log_file is the path to your log file and destination is the name of the data source you wish to fill.
62 | 
63 |       `python -m sam.launcher --target=import --format=<format> --dest=<destination> <log_file>`
64 |       
65 |       Log formats currently supported include:
66 | 
67 |    1. paloalto: The [paloalto syslog](https://www.paloaltonetworks.com/documentation/61/pan-os/pan-os/reports-and-logging/syslog-field-descriptions.html) format is expected.
68 |    2. nfdump: Binary files from **nfcapd** are expected. nfdump must be installed.
69 |    3. asa: Cisco ASA logs, Partial support. Thanks to Emre for contributing. 
70 |    4. aws: AWS VPC Flow logs: Partial support. Thanks to Emre for contributing. [VPC log spec](http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/flow-logs.html#flow-log-records)
71 |    5. tcpdump: Designed to work with live local mode. See quickstart above
72 |    6. tshark: Partial support.
73 | 
74 | 4. For live analysis,
75 |  
76 |    1. On the settings page, choose a data source for your live data to be funneled into then create a Access Key
77 |    2. Edit default.cfg or set an environment variable (SAM__COLLECTOR__UPLOAD_KEY) to your new access key
78 |    3. Start the aggregator (this loads log data into the database) 
79 |       * `python -m sam.launcher --target=aggregator`
80 |    4. Start the collector (this listens to port 514 and translates syslog lines)
81 |       * `python -m sam.launcher --target=collector`
82 |       * You will need priviledges to bind to system port 514.
83 |       * It should print "Testing connection... Succeeded." 
84 |    5. Tell your router to output it's log files to that freshly opened socket.
85 | 
86 | 5. Navigate your browser to localhost:8080 and explore your network!
87 | 


--------------------------------------------------------------------------------
/docs/TESTING.md:
--------------------------------------------------------------------------------
 1 | # Python Unit Tests
 2 | Python unit tests are written for pytest
 3 | They can be run from this directory via the command:
 4 | 
 5 | ```bash
 6 | pytest spec/python/
 7 | ```
 8 | or for more details on a particular test:
 9 | ```bash
10 | pytest -xv spec/python/pages/test_table.py
11 | ```
12 | 
13 | # Javascript Unit Tests
14 | Javascript unit tests are written for use with jasmine. Port specification is optional.
15 | ```bash
16 | jasmine [-p 8888]
17 | ```
18 | Navigate your browser to `http://localhost:8888/` to see the results of the tests. 
19 | Every page refresh runs the tests again.
20 | 
21 | # Browser-based Tests
22 | Browser tests are run in firefox by default, through selenium, controller by python.
23 | 
24 | Selenium must be installed (v3.50 used)
25 | ```bash
26 | pip install selenium
27 | ```
28 | 
29 | Browser controller must be installed as well (and accessible to bash; in the PATH). Firefox driver available here:
30 | 
31 | [https://github.com/mozilla/geckodriver/releases](https://github.com/mozilla/geckodriver/releases)
32 | 
33 | e.g. extract it to `/home/{user}/bin/`
34 | and add that folder to `PATH`
35 | such that `whereis geckodriver` works.
36 | 
37 | run tests as python unit tests in the _browser_ directory:
38 | ```bash
39 | pytest spec/browser/
40 | ```
41 | or for more details on a particular test:
42 | ```bash
43 | pytest -xv spec/browser/test_table.py
44 | ```
45 | 
46 | # Python Code Coverage
47 | This runs the browser and unit tests for python files 
48 | and describes how many statements exist and how many statements were run during the tests. 
49 | 
50 | Javascript, SQL, and other files are not indicated here.
51 | 
52 | Disclaimer: Code coverage here is about as useful an indicator of testing as BMI is for fitness
53 | ```bash
54 | pip install pytest-cov
55 | # from the root project folder (that contains folders 'sam' and 'spec'):
56 | pytest --cov sam spec
57 | ```
58 | 
59 | # Test a rule template
60 | Testing your own custom rule template can be done by using the launcher with the "template" target.  This should provide enough information to make sure a template is ready for use.
61 | 
62 | ```bash
63 | python sam/launcher.py --target=template sam/rule_templates/dos.yml
64 | ```
65 | 
66 | The positive successful output might look something like this:
67 | 
68 | ```
69 | 
70 | ======================================================================
71 | Rule name: High Traffic
72 | Rule type: periodic
73 | Rule subject: dst
74 | Rule inclusions: None
75 | Exposed parameters:
76 | 	(passed) threshold:
77 | 		default: 600
78 | 		regex (valid): ^\d+$
79 | 		label: This rule will trigger on a host if it receives more than this number of inbound connections over a period of 5 minutes.
80 | 		format: text
81 | Action defaults: None
82 | Trigger condition:
83 | 	having conn[links] > $threshold
84 | Translated condition:
85 | 	having ('conn', 'links') > 600
86 | 
87 | Rule SQL: 
88 | SELECT timestamp, dst, COUNT(DISTINCT dst) AS 'src[hosts]', COUNT(DISTINCT port) AS 'conn[ports]', COUNT(DISTINCT protocol) AS 'conn[protocol]', SUM(links) AS 'conn[links]'
89 | FROM s1_ds1_Links
90 | GROUP BY timestamp, dst
91 | HAVING `conn[links]` > '600'
92 | 
93 | Test SQL execution: Success
94 | 
95 | ==========================  Rule is valid  ===========================
96 | ```


--------------------------------------------------------------------------------
/requirements.txt:
--------------------------------------------------------------------------------
1 | MySQL-python>=1.2.5
2 | web.py>=0.38
3 | requests>=2.18
4 | PyYAML>=3.10
5 | pytest>=3.2
6 | jasmine>=2.8
7 | 


--------------------------------------------------------------------------------
/sam/ConfigEnvy.py:
--------------------------------------------------------------------------------
 1 | from ConfigParser import SafeConfigParser
 2 | import os
 3 | 
 4 | 
 5 | class ConfigEnvy(SafeConfigParser, object):
 6 |     default_file_name = 'default.cfg'
 7 | 
 8 |     def __init__(self, namespace, defaults=None, filenames=None):
 9 |         self.namespace = namespace
10 |         super(ConfigEnvy, self).__init__(defaults)
11 |         BASE_PATH = os.path.dirname(__file__)
12 |         default_file_name = os.path.join(BASE_PATH, self.default_file_name)
13 |         if os.path.isfile(default_file_name):
14 |             if filenames:
15 |                 filenames.push(default_file_name)
16 |             else:
17 |                 filenames = default_file_name
18 |         if filenames is not None:
19 |             super(ConfigEnvy, self).read(filenames)
20 | 
21 |     def get(self, section, option, raw=False, vars=None, default=None):
22 |         """Get an option value for a given section.
23 |         Almost like ConfigParser, but look in the Environment variables first
24 |         Env variables take the form <NAMESPACE>__<SECTION>__<OPTION>"""
25 |         env_option = "{}__{}__{}".format(self.namespace, section, option).upper()
26 |         if env_option in os.environ:
27 | 
28 |             return os.environ[env_option]
29 |         else:
30 |             if default is not None:
31 |                 if not self.has_option(section, option):
32 |                     return default
33 |             return super(ConfigEnvy, self).get(section, option, raw, vars)
34 | 
35 |     def items(self, section, raw=False, vars=None):
36 |         prefix = '{}__{}__'.format(self.namespace, section).upper()
37 |         overrides = [(k[len(prefix):].lower(), v) for k, v in os.environ.iteritems() if k.startswith(prefix)]
38 |         pairs = dict(super(ConfigEnvy, self).items(section, raw, vars))
39 |         pairs.update(overrides)
40 |         return pairs.items()
41 | 


--------------------------------------------------------------------------------
/sam/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/riolet/SAM/3e372dbf533cf9a08fd5674017a212af16e0224a/sam/__init__.py


--------------------------------------------------------------------------------
/sam/default.cfg:
--------------------------------------------------------------------------------
 1 | # Can be overridden with environment variables.
 2 | # pattern:  "SAM__[section]__[variable]"
 3 | # example:  $ export SAM__DATABASE__PW="secretPassword"
 4 | 
 5 | [database]
 6 | # dbn: (mysql|sqlite)
 7 | dbn = mysql
 8 | # db: for mysql: the name of the database to use;
 9 | # db: for sqlite: the database path
10 | db = samdb
11 | host = localhost
12 | user = root
13 | pw =
14 | port = 3306
15 | 
16 | [subscription]
17 | name = SAM
18 | email = demo@example.com
19 | 
20 | [debug]
21 | #debug = True                                                   ;defaults to False
22 | 
23 | [security]
24 | rule_folder =
25 | live_inspection = True
26 | alert_active = True
27 | alert_severity = 4
28 | alert_label = $rule_name
29 | email_active = False
30 | email_address =
31 | email_subject = [SAM] Rule $rule_name triggered on $subject.
32 | sms_active = False
33 | sms_number =
34 | sms_message = [SAM] Rule $rule_name triggered on $subject.
35 | 
36 | [smtp]
37 | server = smtp.example.com
38 | port = 587
39 | username = account@example.com
40 | password = TopSecretPassword
41 | starttls = True
42 | from = noreply@example.com
43 | 
44 | 
45 | [plugins]
46 | # `root` is the path to your plugins folder.
47 | # It can be absolute or relative to your current directory.
48 | root = plugins/
49 | # `enabled` is a list of plugins to import.
50 | # special keyword 'ALL' can be used to scan the plugin folder
51 | # for subdirectories and attempt to load all of them.
52 | # if more than one, separate them with commas
53 | # example:
54 | #     enabled = plugin1, plugin2
55 | enabled = ALL
56 | 
57 | [access_control]
58 | active = False
59 | login_url = /login
60 | login_target = sam.pages.login.Login_LDAP
61 | login_redirect = /
62 | logout_url = /logout
63 | logout_target = sam.pages.logout.Logout
64 | logout_redirect = /
65 | local_tls = False
66 | local_tls_cert = localhost.cert
67 | local_tls_key = localhost.key
68 | 
69 | [LDAP]
70 | # sample connection string: ldaps://ipa.demo1.freeipa.org/CN=users,CN=accounts,DC=demo1,DC=freeipa,DC=org
71 | connection_string = ldaps://ipa.demo1.freeipa.org/CN=users,CN=accounts,DC=demo1,DC=freeipa,DC=org
72 | 
73 | [collector]
74 | listen_host =
75 | listen_port = 514
76 | target_address = http://localhost:8081
77 | upload_key =
78 | format = paloalto
79 | 
80 | [aggregator]
81 | listen_host = localhost
82 | listen_port = 8081
83 | 
84 | [webserver]
85 | listen_host = 0.0.0.0
86 | listen_port = 8080
87 | 
88 | [local]
89 | dbn = sqlite
90 | db = /tmp/sam_local.db
91 | collector_host = localhost
92 | collector_port = 8082
93 | collector_format = tcpdump
94 | aggregator_host = localhost
95 | aggregator_port = 8081
96 | webserver_host = localhost
97 | webserver_port = 8080
98 | 


--------------------------------------------------------------------------------
/sam/errors.py:
--------------------------------------------------------------------------------
 1 | class SubscriptionMissingError(Exception): pass
 2 | 
 3 | 
 4 | class LoggedOutError(Exception): pass
 5 | 
 6 | 
 7 | class MalformedRequest(Exception):
 8 |     def __init__(self, message=None):
 9 |         if message:
10 |             Exception.__init__(self, message)
11 |         else:
12 |             Exception.__init__(self)
13 | 
14 | 
15 | class RequiredKey(MalformedRequest):
16 |     def __init__(self, name, key, *args, **kwargs):
17 |         self.message = "Missing key: {name} ('{key}') not specified.".format(name=name, key=key)
18 |         MalformedRequest.__init__(self, self.message)
19 | 
20 | 
21 | class AuthenticationError(Exception): pass
22 | 
23 | class IntegrityError(Exception): pass
24 | 


--------------------------------------------------------------------------------
/sam/httpserver.py:
--------------------------------------------------------------------------------
  1 | import os
  2 | import posixpath
  3 | import urllib
  4 | import web
  5 | from sam import constants
  6 | 
  7 | # Overrides and augmentations of classes in web.httpserver
  8 | # Used in server_*.py
  9 | 
 10 | 
 11 | class StaticApp(web.httpserver.StaticApp):
 12 |     def translate_path(self, path):
 13 |         """Translate a /-separated PATH to the local filename syntax.
 14 |         Components that mean special things to the local file system
 15 |         (e.g. drive or directory names) are ignored.  (XXX They should
 16 |         probably be diagnosed.)
 17 |         """
 18 | 
 19 |         # abandon query parameters
 20 |         path = path.split('?', 1)[0]
 21 |         path = path.split('#', 1)[0]
 22 |         # Don't forget explicit trailing slash when normalizing. Issue17324
 23 |         trailing_slash = path.rstrip().endswith('/')
 24 |         path = posixpath.normpath(urllib.unquote(path))
 25 |         words = path.split('/')
 26 |         words = filter(None, words)
 27 | 
 28 |         # This is changed because os.getcwd() will give local files instead of package files.
 29 |         # this is the only change:
 30 |         path = constants.base_path
 31 | 
 32 |         for word in words:
 33 |             if os.path.dirname(word) or word in (os.curdir, os.pardir):
 34 |                 # Ignore components that are not a simple file/directory name
 35 |                 continue
 36 |             path = os.path.join(path, word)
 37 |         if trailing_slash:
 38 |             path += '/'
 39 |         return path
 40 | 
 41 | 
 42 | class PluginStaticApp(web.httpserver.StaticApp):
 43 |     def translate_path(self, path):
 44 |         """Translate a /-separated PATH to the local filename syntax.
 45 | 
 46 |         Components that mean special things to the local file system
 47 |         (e.g. drive or directory names) are ignored.  (XXX They should
 48 |         probably be diagnosed.)
 49 | 
 50 |         """
 51 | 
 52 |         # abandon query parameters
 53 |         path = path.split('?', 1)[0]
 54 |         path = path.split('#', 1)[0]
 55 |         # Don't forget explicit trailing slash when normalizing. Issue17324
 56 |         trailing_slash = path.rstrip().endswith('/')
 57 |         path = posixpath.normpath(urllib.unquote(path))
 58 |         words = path.split('/')
 59 |         words = filter(None, words)
 60 | 
 61 |         # This is changed because os.getcwd() will give local files instead of package files.
 62 |         # this is the only change:
 63 |         path = constants.plugins['root']
 64 | 
 65 |         for word in words:
 66 |             if os.path.dirname(word) or word in (os.curdir, os.pardir):
 67 |                 # Ignore components that are not a simple file/directory name
 68 |                 continue
 69 |             path = os.path.join(path, word)
 70 |         if trailing_slash:
 71 |             path += '/'
 72 |         return path
 73 | 
 74 | 
 75 | class PluginStaticMiddleware:
 76 |     """WSGI middleware for serving static files."""
 77 | 
 78 |     def __init__(self, app):
 79 |         self.app = app
 80 |         self.prefixes = ['/{}/static'.format(plugin) for plugin in constants.plugin_static]
 81 | 
 82 |     def __call__(self, environ, start_response):
 83 |         path = environ.get('PATH_INFO', '')
 84 |         path = self.normpath(path)
 85 |         for plugin_static_dir in self.prefixes:
 86 |             if path.startswith(plugin_static_dir):
 87 |                 return PluginStaticApp(environ, start_response)
 88 |         return self.app(environ, start_response)
 89 | 
 90 |     def normpath(self, path):
 91 |         path2 = posixpath.normpath(urllib.unquote(path))
 92 |         if path.endswith("/"):
 93 |             path2 += "/"
 94 |         return path2
 95 | 
 96 | 
 97 | def runwsgi(func, port):
 98 |     server_addr = web.validip(port)
 99 |     return web.httpserver.runsimple(func, server_addr)
100 | 


--------------------------------------------------------------------------------
/sam/importers/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/riolet/SAM/3e372dbf533cf9a08fd5674017a212af16e0224a/sam/importers/__init__.py


--------------------------------------------------------------------------------
/sam/importers/import_aws.py:
--------------------------------------------------------------------------------
 1 | import sys
 2 | from sam.importers.import_base import BaseImporter
 3 | import datetime
 4 | 
 5 | 
 6 | class AWSImporter(BaseImporter):
 7 |     def translate(self, line, line_num, dictionary):
 8 |         """
 9 |         Converts a given syslog line into a dictionary of (ip, port, ip, port)
10 |         Args:
11 |             line: The syslog line to parse
12 |             line_num: The line number, for error printouts
13 |             dictionary: The dictionary to write key/values pairs into
14 | 
15 |         Returns:
16 |             0 on success and non-zero on error.
17 |         """
18 |         try:
19 |             awsLog = line.split(" ")
20 |             dictionary['src'] = self.ip_to_int(*(awsLog[3].split(".")))
21 |             dictionary['srcport'] = int(awsLog[5])
22 |             dictionary['dst'] = self.ip_to_int(*(awsLog[4].split(".")))
23 |             dictionary['dstport'] = int(awsLog[6])
24 |             dictionary['timestamp'] = datetime.datetime.fromtimestamp((float(awsLog[10])))
25 | 
26 |             # TODO: the following is placeholder.
27 |             #       Needed: test data or spec to read
28 |             dictionary['protocol'] = 'TCP'.upper()
29 |             dictionary['duration'] = '1'
30 |             dictionary['bytes_received'] = '1'
31 |             dictionary['bytes_sent'] = '1'
32 |             dictionary['packets_received'] = '1'
33 |             dictionary['packets_sent'] = '1'
34 |         except:
35 |             return 1
36 |         return 0
37 | 
38 | 
39 | class_ = AWSImporter
40 | 
41 | # If running as a script, begin by executing main.
42 | if __name__ == "__main__":
43 |     sys.stderr.write("Warning: This importer is incomplete and uses empty data for some fields.")
44 |     importer = class_()
45 |     importer.main(sys.argv)
46 | 


--------------------------------------------------------------------------------
/sam/importers/import_tcpdump.py:
--------------------------------------------------------------------------------
 1 | import sys
 2 | import re
 3 | from sam.importers.import_base import BaseImporter
 4 | from datetime import datetime
 5 | import time
 6 | 
 7 | 
 8 | class TCPDumpImporter(BaseImporter):
 9 |     len_finder = re.compile(r'length (\d+)')
10 | 
11 |     def translate(self, line, line_num, dictionary):
12 |         """
13 |         Converts a given syslog line into a dictionary of (ip, port, ip, port)
14 |         Args:
15 |             line: The syslog line to parse
16 |             line_num: The line number, for error printouts
17 |             dictionary: The dictionary to write key/values pairs into
18 | 
19 |         Returns:
20 |             0 on success and non-zero on error.
21 |         """
22 | 
23 |         # from running sudo tcpdump -i eno1 -f --immediate-mode -l -n -Q inout -tt
24 |         # 1491525947.515414 STP 802.1d, Config, Flags [none], bridge-id 8000.f8:32:e4:af:0a:a8.8001, length 43
25 |         # 1491525947.915376 ARP, Request who-has 192.168.10.106 tell 192.168.10.254, length 46
26 |         # 1491525948.268015 IP 192.168.10.113.33060 > 172.217.3.196.443: Flags [P.], seq 256:730, ack 116, win 3818, options [nop,nop,TS val 71847613 ecr 4161606244], length 474
27 |         # 1491525737.317942 IP 192.168.10.254.55943 > 239.255.255.250.1900: UDP, length 449
28 |         a = line.split()
29 |         try:
30 |             timestamp = datetime.fromtimestamp(float(a[0]))
31 |         except:
32 |             timestamp = datetime.fromtimestamp(time.time())
33 | 
34 |         try:
35 |             src_ip_port = a[2].split(".")
36 |             src_port = src_ip_port.pop()
37 |             dst_ip_port = a[4].split(".")
38 |             dst_port = dst_ip_port.pop()
39 | 
40 |             protocol = 'TCP'
41 |             if a[5].startswith('UDP'):
42 |                 protocol = 'UDP'
43 | 
44 |             len_match = TCPDumpImporter.len_finder.search(line)
45 |             if len_match:
46 |                 nBytes = int(len_match.group(1))
47 |             else:
48 |                 nBytes = 1
49 | 
50 |             dictionary['src'] = self.ip_to_int(*src_ip_port)
51 |             dictionary['srcport'] = int(src_port)
52 |             dictionary['dst'] = self.ip_to_int(*dst_ip_port)
53 |             dictionary['dstport'] = int(dst_port.strip(":"))
54 |             dictionary['timestamp'] = timestamp
55 |             dictionary['protocol'] = protocol
56 |             dictionary['duration'] = '1'
57 |             dictionary['bytes_received'] = '0'
58 |             dictionary['bytes_sent'] = nBytes
59 |             dictionary['packets_received'] = '0'
60 |             dictionary['packets_sent'] = '1'
61 | 
62 |             # apply heuristic to direction: lower port is server, higher port is client
63 |             if dictionary['srcport'] < dictionary['dstport']:
64 |                 BaseImporter.reverse_connection(dictionary)
65 | 
66 |         except:
67 |             return 1
68 | 
69 |         if dictionary['timestamp'].year < 2000:
70 |             print("BAD YEAR: {}".format(dictionary['timestamp']))
71 |             print("\t{}".format(line))
72 | 
73 |         return 0
74 | 
75 | 
76 | class_ = TCPDumpImporter
77 | 
78 | # If running as a script, begin by executing main.
79 | if __name__ == "__main__":
80 |     importer = class_()
81 |     importer.main(sys.argv)
82 | 


--------------------------------------------------------------------------------
/sam/local/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/riolet/SAM/3e372dbf533cf9a08fd5674017a212af16e0224a/sam/local/__init__.py


--------------------------------------------------------------------------------
/sam/local/en.py:
--------------------------------------------------------------------------------
 1 | map_title = "Map"
 2 | meta_title = "Host Details"
 3 | stats_title = "Stats"
 4 | table_title = "Table View"
 5 | login_title = "Login"
 6 | settings_title = "Settings"
 7 | dashboard_title = "Dashboard"
 8 | units_role_cc = "client"
 9 | units_role_c = "mostly client"
10 | units_role_cs = "mixed client/server"
11 | units_role_s = "mostly server"
12 | units_role_ss = "server"
13 | units_kilo = "K"
14 | units_mega = "M"
15 | units_giga = "G"
16 | units_bytes = "B"  # bytes
17 | units_kbytes = "KB"
18 | units_mbytes = "MB"
19 | units_gbytes = "GB"
20 | units_tbytes = "TB"
21 | units_bps = "B/s"  # bytes per second
22 | units_kbps = "KB/s"
23 | units_mbps = "MB/s"
24 | units_gbps = "GB/s"
25 | units_tbps = "TB/s"
26 | units_pps = "p/s"  # packets per second
27 | units_kpps = "Kp/s"
28 | units_mpps = "Mp/s"
29 | units_gpps = "Gp/s"
30 | units_tpps = "Tp/s"
31 | stats_udips = "Unique destination IP addresses:"
32 | stats_usips = "Unique source IP addresses:"
33 | stats_uips = "Unique IP addresses:"
34 | stats_ports = "Unique destination ports used:"
35 | stats_sports = "Unique system ports used (0..1023):"
36 | stats_uports = "Unique user ports used (1024..49151):"
37 | stats_pports = "Unique private ports used (49152..65535):"
38 | stats_ports_max = "Max ports for one destination:"
39 | stats_ports_few = "Percent of destinations with fewer than 10 ports: "
40 | stats_conns = "Total Number of distinct connections (node -> node:port) stored:"
41 | stats_conns_many = "Number of distinct connections occurring more than 100 times:"
42 | stats_hosts = "Total hosts recorded"
43 | stats_overall = "Overall"
44 | stats_datasource = "Datasource: {}"
45 | table_col_address = "Address"
46 | table_col_alias = "Hostname"
47 | table_col_conn_in = "Total inbound connections"
48 | table_col_conn_out = "Total outbound connections"
49 | table_col_role = "Role (0 = client, 1 = server)"
50 | table_col_environment = "Environment"
51 | table_col_tags = "Tags"
52 | table_col_bytes = "Bytes handled"
53 | table_col_packets = "Packets handled"
54 | table_col_protocols = "Protocols used"
55 | table_proto_i = "(in)"  # in (inbound)
56 | table_proto_o = "(out)"  # out (outbound)
57 | table_proto_io = "(i/o)"  # in / out
58 | table_spread = "Results: {0} to {1}"
59 | table_spread_none = "No matching results."
60 | meta_none = "No host found at this address"
61 | meta_src = "Source IP"
62 | meta_dst = "Dest. IP"  # Destination IP
63 | meta_port = "Dest. Port"  # Destination Port
64 | meta_ports = "Port Accessed"
65 | meta_links = "Count / Min"
66 | meta_protocols = "Protocols"
67 | meta_sum_bytes = "Sum Bytes"
68 | meta_avg_bytes = "Avg Bytes"
69 | meta_sum_packets = "Sum Packets"
70 | meta_avg_packets = "Avg Packets"
71 | meta_avg_duration = "Avg Duration"
72 | meta_child_ip = "Address"
73 | meta_child_name = "Name"
74 | meta_child_count = "Active Endpoints"
75 | meta_child_ratio = "Role (0=client, 1=server)"
76 | login_LDAP_missing = "LDAP module not installed. Cannot perform login."
77 | login_LDAP_error = "Could not connect to LDAP server: {}. Check configuration."
78 | login_blank_pass = "Password may not be blank."
79 | login_blank_user = "User may not be blank."
80 | login_invalid = "Invalid credentials."
81 | login_failed = "Login failed."
82 | 
83 | 
84 | 
85 | 
86 | 
87 | 
88 | 
89 | 


--------------------------------------------------------------------------------
/sam/local/fr.py:
--------------------------------------------------------------------------------
 1 | map_title = "Map"
 2 | meta_title = "Host Details"
 3 | stats_title = "Stats"
 4 | table_title = "Table View"
 5 | login_title = "Login"
 6 | settings_title = "Settings"
 7 | dashboard_title = "Dashboard"
 8 | units_role_cc = "client"
 9 | units_role_c = "mostly client"
10 | units_role_cs = "mixed client/server"
11 | units_role_s = "mostly server"
12 | units_role_ss = "server"
13 | units_kilo = "K"
14 | units_mega = "M"
15 | units_giga = "G"
16 | units_bytes = "B"  # bytes
17 | units_kbytes = "KB"
18 | units_mbytes = "MB"
19 | units_gbytes = "GB"
20 | units_tbytes = "TB"
21 | units_bps = "B/s"  # bytes per second
22 | units_kbps = "KB/s"
23 | units_mbps = "MB/s"
24 | units_gbps = "GB/s"
25 | units_tbps = "TB/s"
26 | units_pps = "p/s"  # packets per second
27 | units_kpps = "Kp/s"
28 | units_mpps = "Mp/s"
29 | units_gpps = "Gp/s"
30 | units_tpps = "Tp/s"
31 | stats_udips = "Unique destination IP addresses:"
32 | stats_usips = "Unique source IP addresses:"
33 | stats_uips = "Unique IP addresses:"
34 | stats_ports = "Unique destination ports used:"
35 | stats_sports = "Unique system ports used (0..1023):"
36 | stats_uports = "Unique user ports used (1024..49151):"
37 | stats_pports = "Unique private ports used (49152..65535):"
38 | stats_ports_max = "Max ports for one destination:"
39 | stats_ports_few = "Percent of destinations with fewer than 10 ports: "
40 | stats_conns = "Total Number of distinct connections (node -> node:port) stored:"
41 | stats_conns_many = "Number of distinct connections occurring more than 100 times:"
42 | stats_hosts = "Total hosts recorded"
43 | stats_overall = "Overall"
44 | stats_datasource = "Datasource: {}"
45 | table_col_address = "Address"
46 | table_col_alias = "Hostname"
47 | table_col_conn_in = "Total inbound connections"
48 | table_col_conn_out = "Total outbound connections"
49 | table_col_role = "Role (0 = client, 1 = server)"
50 | table_col_environment = "Environment"
51 | table_col_tags = "Tags"
52 | table_col_bytes = "Bytes handled"
53 | table_col_packets = "Packets handled"
54 | table_col_protocols = "Protocols used"
55 | table_proto_i = "(in)"  # in (inbound)
56 | table_proto_o = "(out)"  # out (outbound)
57 | table_proto_io = "(i/o)"  # in / out
58 | table_spread = "Results: {0} to {1}"
59 | table_spread_none = "No matching results."
60 | meta_none = "No host found at this address"
61 | meta_src = "Source IP"
62 | meta_dst = "Dest. IP"  # Destination IP
63 | meta_port = "Dest. Port"  # Destination Port
64 | meta_ports = "Port Accessed"
65 | meta_links = "Count / Min"
66 | meta_protocols = "Protocols"
67 | meta_sum_bytes = "Sum Bytes"
68 | meta_avg_bytes = "Avg Bytes"
69 | meta_sum_packets = "Sum Packets"
70 | meta_avg_packets = "Avg Packets"
71 | meta_avg_duration = "Avg Duration"
72 | meta_child_ip = "Address"
73 | meta_child_name = "Name"
74 | meta_child_count = "Active Endpoints"
75 | meta_child_ratio = "Role (0=client, 1=server)"
76 | login_LDAP_missing = "LDAP module not installed. Cannot perform login."
77 | login_LDAP_error = "Could not connect to LDAP server: {}. Check configuration."
78 | login_blank_pass = "Password may not be blank."
79 | login_blank_user = "User may not be blank."
80 | login_invalid = "Invalid credentials."
81 | login_failed = "Login failed."
82 | 
83 | 
84 | 
85 | 
86 | 
87 | 
88 | 
89 | 


--------------------------------------------------------------------------------
/sam/local/rv.py:
--------------------------------------------------------------------------------
 1 | map_title = "Pam"
 2 | meta_title = "Tsoh Sliated"
 3 | stats_title = "Stats"
 4 | table_title = "Elbat Weiv"
 5 | login_title = "Nigol"
 6 | settings_title = "Sngittes"
 7 | dashboard_title = "Draobhsad"
 8 | units_role_cc = "tneilc"
 9 | units_role_c = "yltsom tneilc"
10 | units_role_cs = "dexim tneilc/revres"
11 | units_role_s = "yltsom revres"
12 | units_role_ss = "revres"
13 | units_kilo = "K"
14 | units_mega = "M"
15 | units_giga = "G"
16 | units_bytes = "B"  # bytes
17 | units_kbytes = "BK"
18 | units_mbytes = "BM"
19 | units_gbytes = "BG"
20 | units_tbytes = "BT"
21 | units_bps = "B/s"  # bytes per second
22 | units_kbps = "BK/s"
23 | units_mbps = "BM/s"
24 | units_gbps = "BG/s"
25 | units_tbps = "BT/s"
26 | units_pps = "p/s"  # packets per second
27 | units_kpps = "pK/s"
28 | units_mpps = "pM/s"
29 | units_gpps = "pG/s"
30 | units_tpps = "pT/s"
31 | stats_udips = "Euqinu noitanitsed PI sesserdda:"
32 | stats_usips = "Euqinu ecruos PI sesserdda:"
33 | stats_uips = "Euqinu PI sesserdda:"
34 | stats_ports = "Euqinu noitanitsed strop desu:"
35 | stats_sports = "Euqinu metsys strop desu (0..1023):"
36 | stats_uports = "Euqinu resu strop desu (1024..49151):"
37 | stats_pports = "Euqinu etavirp strop desu (49152..65535):"
38 | stats_ports_max = "Xam strop rof eno noitanitsed:"
39 | stats_ports_few = "Tnecrep fo snoitanitsed htiw rewef naht 10 strop: "
40 | stats_conns = "Latot rebmun fo tcnitsid snoitcennoc (edon -> edon:trop) derots:"
41 | stats_conns_many = "Rebmun fo tcnitsid snoitcennoc gnirrucco erom naht 100 semit:"
42 | stats_hosts = "Latot stsoh dedrocer"
43 | stats_overall = "Llarevo"
44 | stats_datasource = "Ecruosatad: {}"
45 | table_col_address = "Sserdda"
46 | table_col_alias = "Enamtsoh"
47 | table_col_conn_in = "Latot dnuobni snoitcennoc"
48 | table_col_conn_out = "Latot fnuobtuo snoitcennoc"
49 | table_col_role = "Elor (0 = tneilc, 1 = revres)"
50 | table_col_environment = "Tnemnorivne"
51 | table_col_tags = "Sgat"
52 | table_col_bytes = "Setyb deldnah"
53 | table_col_packets = "Stekcap deldnah"
54 | table_col_protocols = "Desu Slocotorp"
55 | table_proto_i = "(ni)"  # in (inbound)
56 | table_proto_o = "(tuo)"  # out (outbound)
57 | table_proto_io = "(i/o)"  # in / out
58 | table_spread = "Stluser: {0} ot {1}"
59 | table_spread_none = "On gnihctam stluser."
60 | meta_none = "On tsoh dnuof ta siht sserdda"
61 | meta_src = "Ecruos PI"
62 | meta_dst = "Tsed. PI"
63 | meta_port = "Tsed. Trop"
64 | meta_ports = "Trop Dessecca"
65 | meta_links = "Tnuoc / Nim"
66 | meta_protocols = "Slocotorp"
67 | meta_sum_bytes = "Mus Setyb"
68 | meta_avg_bytes = "Gva Setyb"
69 | meta_sum_packets = "Mus Stekcap"
70 | meta_avg_packets = "Gva Stekcap"
71 | meta_avg_duration = "Gva Noitarud"
72 | meta_child_ip = "Sserdda"
73 | meta_child_name = "Eman"
74 | meta_child_count = "Evitca Stniopdne"
75 | meta_child_ratio = "Elor (0=tneilc, 1=revres)"
76 | login_LDAP_missing = "PADL eludom ton dellatsni. Tonnac mrofrep nigol.."
77 | login_LDAP_error = "Dluoc ton tcennoc ot PADL revres: {}. Kcehc noitarugifnoc."
78 | login_blank_pass = "Drowssap yam ton eb knalb."
79 | login_blank_user = "Resu yam ton eb knalb."
80 | login_invalid = "Dilavni slaitnederc."
81 | login_failed = "Nigol deliaf."
82 | 
83 | 
84 | 
85 | 
86 | 
87 | 
88 | 
89 | 


--------------------------------------------------------------------------------
/sam/models/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/riolet/SAM/3e372dbf533cf9a08fd5674017a212af16e0224a/sam/models/__init__.py


--------------------------------------------------------------------------------
/sam/models/base.py:
--------------------------------------------------------------------------------
 1 | from sam import common, integrity
 2 | 
 3 | 
 4 | class DBPlugin(object):
 5 |     @staticmethod
 6 |     def checkIntegrity(db):
 7 |         """
 8 |         Checks if the database is correct and returns the equivalent to false if db is consistent.
 9 |         if db is healthy, return False, 
10 |             examples: False, 0, [] or {}
11 |         if db is unhealthy return something useful for the fixIntegrity function, such as a list of missing tables
12 |             example: {'missing': ['s1_mytable', 's3_mytable'], 'malformed': ['s2_mytable']} 
13 |         
14 |         :param db: database connection
15 |         :return: False or equivalent iff consistent.
16 |         """
17 |         raise NotImplementedError
18 | 
19 |     @staticmethod
20 |     def fixIntegrity(db, errors):
21 |         """
22 |         
23 |         :param db: database connection 
24 |         :param errors: the result of checkIntegrity function, ideally with helpful info on what to fix.
25 |         :return: True if fixed, False if failed to fix.
26 |         """
27 |         raise NotImplementedError
28 | 
29 |     @staticmethod
30 |     def simple_sub_table_check(*table_format_strings):
31 |         @staticmethod
32 |         def check(db):
33 |             all_tables = set(integrity.get_table_names(db))
34 |             subs = integrity.get_all_subs(db)
35 |             missing = []
36 |             for sub_id in subs:
37 |                 for fstring in table_format_strings:
38 |                     if fstring.format(acct=sub_id) not in all_tables:
39 |                         missing.append(sub_id)
40 | 
41 |             if not missing:
42 |                 return {}
43 |             return {'missing': missing}
44 |         return check
45 | 
46 |     @staticmethod
47 |     def simple_sub_table_fix(**sql_scripts):
48 |         @staticmethod
49 |         def fix(db, errors):
50 |             missing_table_subs = errors['missing']
51 |             for sub_id in missing_table_subs:
52 |                 replacements = {
53 |                     'acct': sub_id
54 |                 }
55 |                 with db.transaction():
56 |                     if db.dbname in sql_scripts:
57 |                         common.exec_sql(db, sql_scripts[db.dbname], replacements)
58 |             return True
59 |         return fix


--------------------------------------------------------------------------------
/sam/models/livekeys.py:
--------------------------------------------------------------------------------
 1 | import os
 2 | import math
 3 | import base64
 4 | import web
 5 | 
 6 | 
 7 | class LiveKeys:
 8 |     table_livekeys = "LiveKeys"
 9 |     table_ds = "Datasources"
10 |     
11 |     def __init__(self, db, subscription):
12 |         """
13 |         :type db: web.DB
14 |         :type subscription: int
15 |         :param db: 
16 |         :param subscription: 
17 |         """
18 |         self.db = db
19 |         self.sub = subscription
20 | 
21 |     @staticmethod
22 |     def b64_url_encode(bytes_string):
23 |         return base64.b64encode(bytes_string, "-_")
24 | 
25 |     @staticmethod
26 |     def generate_salt(length):
27 |         """
28 |         Generate a cryptographically secure random base64 code of the desired length
29 |         :param length: The desired output string length
30 |         :return: A base64 encoded salt
31 |         """
32 |         # base64 stores 6 bits per symbol but os.urandom gives 8 bits per symbol
33 |         bytes_needed = int(math.ceil(length * 6.0 / 8.0))
34 |         random_bytes = os.urandom(bytes_needed)
35 |         encoded = LiveKeys.b64_url_encode(random_bytes)
36 |         return encoded[:length]
37 | 
38 |     def create(self, ds_id):
39 |         key = LiveKeys.generate_salt(24)
40 |         self.db.insert(LiveKeys.table_livekeys, subscription=self.sub, datasource=ds_id, access_key=key)
41 |         return key
42 |     
43 |     def read(self):
44 |         qvars = {
45 |             'sub': self.sub,
46 |         }
47 |         query = """SELECT L.access_key, D.id AS 'ds_id', D.name AS 'datasource', L.subscription
48 |         FROM {table_livekeys} AS `L`
49 |         JOIN {table_datasources} AS `D`
50 |             ON L.subscription = D.subscription AND L.datasource = D.id
51 |         WHERE L.subscription=$sub
52 |         ORDER BY created ASC""".format(table_livekeys=LiveKeys.table_livekeys, table_datasources=LiveKeys.table_ds)
53 |         rows = self.db.query(query, vars=qvars)
54 |         return list(map(dict, rows))
55 | 
56 |     def validate(self, key):
57 |         """
58 |         :rtype: dict or None
59 |         """
60 |         qvars = {
61 |             'key': key
62 |         }
63 |         rows = self.db.select(LiveKeys.table_livekeys, where="access_key = $key", vars=qvars)
64 |         return rows.first()
65 | 
66 |     def delete(self, key):
67 |         qvars = {
68 |             'sub': self.sub,
69 |             'key': key
70 |         }
71 |         num_deleted = self.db.delete(LiveKeys.table_livekeys, where='subscription=$sub AND access_key=$key', vars=qvars)
72 |         return num_deleted
73 | 
74 |     def delete_ds(self, ds_id):
75 |         qvars = {
76 |             'id': ds_id
77 |         }
78 |         num_deleted = self.db.delete(LiveKeys.table_livekeys, where='datasource = $id', vars=qvars)
79 |         return num_deleted
80 | 
81 |     def delete_all(self):
82 |         qvars = {
83 |             'sub': self.sub
84 |         }
85 |         num_deleted = self.db.delete(LiveKeys.table_livekeys, where='subscription=$sub', vars=qvars)
86 |         return num_deleted
87 | 


--------------------------------------------------------------------------------
/sam/models/ports.py:
--------------------------------------------------------------------------------
 1 | import web
 2 | from sam import common
 3 | 
 4 | 
 5 | class Ports:
 6 |     MAX_NAME_LENGTH = 10
 7 |     MAX_DESCRIPTION_LENGTH = 255
 8 | 
 9 |     def __init__(self, db, subscription):
10 |         """
11 |         :type db: web.DB
12 |         :type subscription: int
13 |         """
14 |         self.db = db
15 |         self.sub = subscription
16 |         self.table_ports = "Ports"
17 |         self.table_aliases = "s{acct}_PortAliases".format(acct=self.sub)
18 | 
19 |     def reset(self):
20 |         # delete from table
21 |         query_delete = "DELETE FROM {table_aliases}".format(table_aliases=self.table_aliases)
22 |         self.db.query(query_delete)
23 |         # copy from Ports
24 |         query_insert = "INSERT INTO {table_aliases} (port, protocols, name, description) " \
25 |                        "SELECT port, protocols, name, description " \
26 |                        "FROM {table_ports}".format(
27 |             table_aliases=self.table_aliases, table_ports=self.table_ports)
28 |         self.db.query(query_insert)
29 | 
30 |     def unset(self, port):
31 |         qvars = {
32 |             'pid': port
33 |         }
34 | 
35 |         # delete from table
36 |         query_delete = "DELETE FROM {table_aliases} WHERE port = $pid".format(table_aliases=self.table_aliases)
37 |         self.db.query(query_delete, vars=qvars)
38 |         # copy from Ports
39 |         query_insert = "INSERT INTO {table_aliases} (port, protocols, name, description) " \
40 |                        "SELECT port, protocols, name, description " \
41 |                        "FROM {table_ports} " \
42 |                        "WHERE port = $pid".format(
43 |             table_aliases=self.table_aliases, table_ports=self.table_ports)
44 |         self.db.query(query_insert, vars=qvars)
45 | 
46 |     def get(self, ports):
47 |         if isinstance(ports, list):
48 |             arg = "({0})".format(",".join(map(str, ports)))
49 |         else:
50 |             arg = "({0})".format(ports)
51 | 
52 |         query = """SELECT aliases.port,
53 |     COALESCE(ports.name, '') AS 'name',
54 |     COALESCE(ports.protocols, '') AS 'protocols',
55 |     COALESCE(ports.description, '') AS 'description',
56 |     aliases.active,
57 |     aliases.name AS alias_name,
58 |     aliases.description AS alias_description
59 | FROM {table_aliases} AS `aliases`
60 | LEFT JOIN {table_ports} AS `ports`
61 |     ON ports.port=aliases.port
62 | WHERE aliases.port IN {port_list}
63 | ORDER BY aliases.port ASC""".format(
64 |             table_ports=self.table_ports,
65 |             table_aliases=self.table_aliases,
66 |             port_list=web.reparam(arg, {}))
67 | 
68 |         rows = self.db.query(query, vars={'plist': arg})
69 |         return list(rows)
70 | 
71 |     def set(self, port, updates):
72 |         """
73 |         :type port: int
74 |         :param port: the port to alter
75 |         :type updates: dict[str, str]
76 |         :param updates: dictionary of key-values to set. May include 'alias_name', 'alias_description', 'active'
77 |         :return: 
78 |         """
79 |         formatted_updates = {}
80 | 
81 |         if 'alias_name' in updates:
82 |             formatted_updates['name'] = updates['alias_name'][:self.MAX_NAME_LENGTH]
83 |         if 'alias_description' in updates:
84 |             formatted_updates['description'] = updates['alias_description'][:self.MAX_DESCRIPTION_LENGTH]
85 |         if 'active' in updates:
86 |             formatted_updates['active'] = 1 if str(updates['active']) == '1' else 0
87 | 
88 |         # update PortAliases database of names to include the new information
89 |         exists = list(self.db.select(self.table_aliases, what="1", where={"port": port}))
90 | 
91 |         if formatted_updates:
92 |             if len(exists) == 1:
93 |                 common.db.update(self.table_aliases, {"port": port}, **formatted_updates)
94 |             else:
95 |                 common.db.insert(self.table_aliases, port=port, **formatted_updates)
96 | 


--------------------------------------------------------------------------------
/sam/models/security/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/riolet/SAM/3e372dbf533cf9a08fd5674017a212af16e0224a/sam/models/security/__init__.py


--------------------------------------------------------------------------------
/sam/models/security/warnings.py:
--------------------------------------------------------------------------------
  1 | import os
  2 | import cPickle
  3 | import web
  4 | from sam import constants, integrity, common
  5 | from sam.models import base
  6 | base_path = os.path.dirname(__file__)
  7 | 
  8 | # warning status should be one of "accepted", "rejected", "ignored", "uncategorized"
  9 | 
 10 | 
 11 | class Warnings(base.DBPlugin):
 12 |     TABLE_FORMAT = 's{acct}_ADWarnings'
 13 |     VALID_STATUSES = ("accepted", "rejected", "ignored", "uncategorized")
 14 | 
 15 |     checkIntegrity = base.DBPlugin.simple_sub_table_check(TABLE_FORMAT)
 16 | 
 17 |     fixIntegrity = base.DBPlugin.simple_sub_table_fix(
 18 |         sqlite=os.path.join(constants.base_path, 'sql/create_warnings_sqlite.sql'),
 19 |         mysql=os.path.join(constants.base_path, 'sql/create_warnings_mysql.sql'),
 20 |     )
 21 | 
 22 |     def __init__(self, db, sub_id):
 23 |         """
 24 |         :param db: Database connection
 25 |          :type db: web.DB
 26 |         :param sub_id: subscription id
 27 |          :type sub_id: int
 28 |         """
 29 |         self.db = db
 30 |         self.sub_id = sub_id
 31 |         self.table = Warnings.TABLE_FORMAT.format(acct=self.sub_id)
 32 | 
 33 |     def get_latest_warning_id(self):
 34 |         """
 35 |         :return: The id of the latest (newest) warning known in this database. If db is empty, gives 0.
 36 |          :rtype: int
 37 |         """
 38 |         rows = self.db.select(self.table, what="MAX(warning_id) AS 'latest'")
 39 |         row = rows.first()
 40 |         if row is None or row['latest'] is None:
 41 |             return 0
 42 |         else:
 43 |             return row['latest']
 44 | 
 45 |     def get_warnings(self, show_all=False):
 46 |         what = "id, warning_id, host, log_time, reason, status"
 47 |         if show_all:
 48 |             warnings = self.db.select(self.table, what=what, order="id DESC", limit=50)
 49 |         else:
 50 |             warnings = self.db.select(self.table, what=what, where="status='uncategorized'", order="id DESC", limit=50)
 51 |         return list(warnings)
 52 | 
 53 |     def get_warning(self, warning_id):
 54 |         rows = self.db.select(self.table, where="id=$wid", vars={'wid': warning_id})
 55 |         row = rows.first()
 56 |         if row is None:
 57 |             return None
 58 |         if 'details' in row:
 59 |             row['details'] = cPickle.loads(str(row['details']))
 60 |         return row
 61 | 
 62 |     def _warning_status(self, status):
 63 |         if status.lower() == 'rejected':
 64 |             return 'rejected'
 65 |         elif status.lower() == 'accepted':
 66 |             return "accepted"
 67 |         elif status.lower() == 'ignored':
 68 |             return "ignored"
 69 |         else:
 70 |             return "uncategorized"
 71 | 
 72 |     def insert_warnings(self, wlist):
 73 |         transformed = []
 74 |         for warning in wlist:
 75 |             transformed.append({
 76 |                 'warning_id': warning['id'],
 77 |                 'host': warning['host'],
 78 |                 'log_time': warning['log_time'],
 79 |                 'reason': warning['reason'],
 80 |                 'status': self._warning_status(warning.get('status', 'uncategorized')),
 81 |                 'details': cPickle.dumps(warning['details'])
 82 |             })
 83 |         # insert in chunks of at most 1000
 84 |         n = 0
 85 |         high = len(transformed)
 86 |         while n < high:
 87 |             self.db.multiple_insert(self.table, transformed[n:n+1000])
 88 |             n += 1000
 89 | 
 90 |     def update_status(self, warning_id, status):
 91 |         qvars = {'wid': warning_id}
 92 |         # TODO: allow locking of warning status as in plugin
 93 |         if status.lower() in Warnings.VALID_STATUSES:
 94 |             num_rows_updated = self.db.update(self.table, where="id=$wid", vars=qvars, status=status.lower())
 95 |         else:
 96 |             raise ValueError("invalid status")
 97 |         if num_rows_updated == 0:
 98 |             raise ValueError("Warning # doesn't match any warning.")
 99 |         return num_rows_updated
100 | 


--------------------------------------------------------------------------------
/sam/models/settings.py:
--------------------------------------------------------------------------------
 1 | from sam import common
 2 | import web
 3 | import sam.models.datasources
 4 | import numbers
 5 | 
 6 | 
 7 | class Settings:
 8 |     SESSION_KEY = "_settings"
 9 |     TABLE = "Settings"
10 |     
11 |     def __init__(self, db, session, subscription):
12 |         """
13 |         :type db: web.DB
14 |         :type session: dict
15 |         :type subscription: numbers.Integral
16 |         :param db: 
17 |         :param session: 
18 |         :param subscription: 
19 |         """
20 |         self.db = db
21 |         self.sub = subscription
22 |         self.where = web.reparam("subscription=$id", {'id': self.sub})
23 |         self.storage = session
24 | 
25 |     def __getitem__(self, item):
26 |         if not self.storage.get(Settings.SESSION_KEY) or not self.storage[Settings.SESSION_KEY].get(self.sub):
27 |             self.update_cache()
28 |         return self.storage[Settings.SESSION_KEY][self.sub][item]
29 | 
30 |     def __setitem__(self, k, value):
31 |         if not self.storage.get(Settings.SESSION_KEY) or not self.storage[Settings.SESSION_KEY].get(self.sub):
32 |             self.update_cache()
33 |         if k not in self.storage[Settings.SESSION_KEY][self.sub]:
34 |             raise KeyError("Cannot create new keys")
35 |         else:
36 |             # TODO: is there a better way to do this?
37 |             self.set(**{k: value})
38 | 
39 |     def copy(self):
40 |         if not self.storage.get(Settings.SESSION_KEY) or not self.storage[Settings.SESSION_KEY].get(self.sub):
41 |             self.update_cache()
42 |         return self.storage[Settings.SESSION_KEY][self.sub].copy()
43 | 
44 |     def keys(self):
45 |         if not self.storage.get(Settings.SESSION_KEY) or not self.storage[Settings.SESSION_KEY].get(self.sub):
46 |             self.update_cache()
47 |         return self.storage[Settings.SESSION_KEY][self.sub].keys()
48 | 
49 |     def update_cache(self):
50 |         rows = self.db.select(Settings.TABLE, where=self.where, limit=1).first()
51 |         if Settings.SESSION_KEY not in self.storage:
52 |             self.storage[Settings.SESSION_KEY] = {}
53 |         if rows is None:
54 |             self.storage[Settings.SESSION_KEY][self.sub] = {}
55 |         else:
56 |             self.storage[Settings.SESSION_KEY][self.sub] = dict(rows)
57 | 
58 |     def clear_cache(self):
59 |         self.storage[Settings.SESSION_KEY] = {}
60 | 
61 |     def set(self, **kwargs):
62 |         datasources = sam.models.datasources.Datasources(self.db, self.storage, self.sub)
63 |         if 'datasource' in kwargs and kwargs['datasource'] not in datasources.datasources:
64 |             raise ValueError("Invalid DS specified")
65 | 
66 |         common.db.update(Settings.TABLE, self.where, **kwargs)
67 |         self.clear_cache()
68 | 
69 |     def create(self):
70 |         # add default datasource for subscription
71 |         dsModel = sam.models.datasources.Datasources(self.db, {}, self.sub)
72 |         ds_id = dsModel.create_datasource()
73 | 
74 |         self.db.insert(Settings.TABLE, subscription=self.sub, datasource=ds_id)
75 | 
76 |     def delete_subscription(self):
77 |         qvars = {
78 |             'sid': self.sub
79 |         }
80 |         num_deleted = self.db.delete(Settings.TABLE, where='subscription=$sid', vars=qvars)
81 |         return num_deleted
82 | 


--------------------------------------------------------------------------------
/sam/models/strings.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/riolet/SAM/3e372dbf533cf9a08fd5674017a212af16e0224a/sam/models/strings.py


--------------------------------------------------------------------------------
/sam/models/upload.py:
--------------------------------------------------------------------------------
 1 | from sam.importers import import_base
 2 | import importlib
 3 | from sam import preprocess
 4 | import web
 5 | 
 6 | 
 7 | class Uploader(object):
 8 |     def __init__(self, db, subscription, ds, log_format):
 9 |         """
10 |         :type db: web.DB
11 |         :type subscription: int
12 |         :type ds: int
13 |         :type log_format: unicode
14 |         :param db: 
15 |         :param subscription: 
16 |         :param ds: 
17 |         :param log_format: 
18 |         """
19 |         self.db = db
20 |         self.sub = subscription
21 |         self.ds = ds
22 |         self.log_format = log_format.lower()
23 |         self.importer = None
24 |         self.preprocessor = None
25 |         try:
26 |             self.importer = import_base.get_importer(self.log_format, self.sub, self.ds)
27 |         except ImportError:
28 |             self.importer = None
29 | 
30 |     def run_import(self, data):
31 |         if self.importer is None:
32 |             print("No importer. Can't run it.")
33 |             return 0
34 | 
35 |         return self.importer.import_string(data)
36 | 
37 |     def run_prepro(self):
38 |         print("Running preprocessor")
39 |         processor = preprocess.Preprocessor(self.db, self.sub, self.ds)
40 |         processor.run_all()
41 | 
42 |     def import_log(self, data):
43 |         print("Running import script")
44 |         self.run_import(data)
45 |         print("Running preprocessing script")
46 |         self.run_prepro()


--------------------------------------------------------------------------------
/sam/pages/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/riolet/SAM/3e372dbf533cf9a08fd5674017a212af16e0224a/sam/pages/__init__.py


--------------------------------------------------------------------------------
/sam/pages/links.py:
--------------------------------------------------------------------------------
 1 | import re
 2 | import base
 3 | import sam.models.links
 4 | from sam import errors
 5 | from sam import common
 6 | 
 7 | 
 8 | class Links(base.headless):
 9 |     def __init__(self):
10 |         base.Headless.__init__(self)
11 |         self.default_tstart = 1
12 |         self.default_tend = 2**31-1
13 |         self.duration = 1
14 | 
15 |     def decode_get_request(self, data):
16 |         try:
17 |             addresses = data['address'].split(",")
18 |         except KeyError:
19 |             raise errors.RequiredKey('address', 'address')
20 | 
21 |         port = data.get('filter', None)
22 |         if bool(port):
23 |             try:
24 |                 port = int(port)
25 |             except:
26 |                 raise errors.MalformedRequest('Could not read filter "{}"'.format(data.get('filter')))
27 |         else:
28 |             port = None
29 | 
30 |         try:
31 |             tstart = int(data.get('tstart', self.default_tstart))
32 |             tend = int(data.get('tend', self.default_tend))
33 |         except ValueError:
34 |             raise errors.MalformedRequest("Could not read time range ('tstart', 'tend')")
35 | 
36 |         protocol = data.get('protocol', None)
37 |         if protocol and (protocol.upper() == 'ALL' or protocol == ''):
38 |             protocol = None
39 | 
40 |         if 'ds' in data:
41 |             ds_match = re.search('(\d+)', data['ds'])
42 |             if ds_match:
43 |                 ds = int(ds_match.group())
44 |             else:
45 |                 raise errors.MalformedRequest("Could not read data source ('ds')")
46 |         else:
47 |             raise errors.RequiredKey('data source', 'ds')
48 | 
49 |         flat = data.get('flat', 'false').lower() == 'true'
50 | 
51 |         return {'ds': ds,
52 |                 'addresses': addresses,
53 |                 'tstart': tstart,
54 |                 'tend': tend,
55 |                 'port': port,
56 |                 'protocol': protocol,
57 |                 'flat': flat}
58 | 
59 |     def perform_get_command(self, request):
60 |         self.page.require_group('read')
61 |         timerange = (request['tstart'], request['tend'])
62 |         self.duration = int(timerange[1] - timerange[0])
63 |         links = sam.models.links.Links(common.db, self.page.user.viewing, request['ds'])
64 |         return links.get_links(request['addresses'], timerange, request['port'], request['protocol'], request['flat'])
65 | 
66 |     def encode_get_response(self, response):
67 |         seconds = self.duration
68 |         minutes = seconds // 60
69 | 
70 |         # remove duplicate protocol names, normalize values over time
71 |         for address in response.iterkeys():
72 |             for row in response[address]['inputs']:
73 |                 row['protocols'] = ",".join(set(row['protocols'].split(',')))
74 |                 row['links'] /= minutes
75 |                 row['bytes'] /= seconds
76 |                 row['packets'] /= seconds
77 | 
78 |             for row in response[address]['outputs']:
79 |                 row['protocols'] = ",".join(set(row['protocols'].split(',')))
80 |                 row['links'] /= minutes
81 |                 row['bytes'] /= seconds
82 |                 row['packets'] /= seconds
83 |         return response
84 | 


--------------------------------------------------------------------------------
/sam/pages/login.py:
--------------------------------------------------------------------------------
  1 | from sam import constants
  2 | import base
  3 | from sam import errors
  4 | try:
  5 |     import ldap3
  6 |     import ldap3.core.exceptions
  7 |     ldap_loaded = True
  8 | except:
  9 |     ldap_loaded = False
 10 | import web
 11 | 
 12 | 
 13 | class Login_LDAP(base.headed):
 14 |     def __init__(self):
 15 |         super(Login_LDAP, self).__init__(False, True)
 16 |         self.set_title(self.page.strings.login_title)
 17 |         self.styles = ["/static/css/general.css"]
 18 |         self.errors = []
 19 |         self.server_address, self.namespace = self.decode_connection_string(constants.LDAP['connection_string'])
 20 | 
 21 |     # ======== Get
 22 | 
 23 |     def GET(self):
 24 |         if self.page.user.logged_in:
 25 |             raise web.seeother('./map')
 26 |         if not ldap_loaded:
 27 |             print("ERROR: ldap3 library not installed.")
 28 |             print("       install ldap3 with pip:")
 29 |             print("       `pip install ldap3`")
 30 |             return self.render('login', constants.access_control['login_url'], [self.page.strings.login_LDAP_missing])
 31 | 
 32 |         return self.render('login', constants.access_control['login_url'])
 33 | 
 34 |     # ======== Post
 35 | 
 36 |     def decode_post_request(self, data):
 37 |         # read provided user and password
 38 |         password = data.get('password', None)
 39 |         user = data.get('user', None)
 40 |         # validate they exist
 41 |         if password is None or len(password) == 0:
 42 |             self.errors.append(self.page.strings.login_blank_pass)
 43 |         if user is None or len(user) == 0:
 44 |             self.errors.append(self.page.strings.login_blank_user)
 45 | 
 46 |         if self.errors:
 47 |             raise errors.MalformedRequest("Invalid Login information.")
 48 |         return {
 49 |             'user': user,
 50 |             'password': password
 51 |         }
 52 | 
 53 |     @staticmethod
 54 |     def decode_connection_string(cstring):
 55 |         server_address, _, namespace = cstring.rpartition('/')
 56 |         return server_address, namespace
 57 | 
 58 |     def perform_post_command(self, request):
 59 |         # submit credentials to LDAP server.
 60 |         if not ldap_loaded:
 61 |             self.errors.append(self.page.strings.login_LDAP_missing)
 62 |             raise errors.AuthenticationError('LDAP module not installed. Install by `pip install ldap3`.')
 63 |         user = "UID={user},{namespace}".format(user=request['user'], namespace=self.namespace)  # 'uid=admin,cn=users,cn=accounts,dc=demo1,dc=freeipa,dc=org'
 64 |         password = request['password']  # 'Secret123'
 65 |         server = ldap3.Server(self.server_address)
 66 | 
 67 |         try:
 68 |             conn = ldap3.Connection(server, user, password, auto_bind=True)
 69 |             conn.unbind()
 70 |         except ldap3.core.exceptions.LDAPSocketOpenError as e:
 71 |             self.errors.append(self.page.strings.login_LDAP_error.format(e.message))
 72 |             raise errors.AuthenticationError("Invalid Server information.")
 73 |         except ldap3.core.exceptions.LDAPBindError as e:
 74 |             self.errors.append(self.page.strings.login_invalid)
 75 |             raise errors.AuthenticationError("Invalid credentials.")
 76 | 
 77 |         # Assume authenticated at this point.
 78 |         self.page.user.login_simple(user)
 79 |         return True
 80 | 
 81 |     def encode_post_response(self, response):
 82 |         # redirect to home page / map
 83 |         return None
 84 | 
 85 |     def POST(self):
 86 |         """
 87 |         Entry point for POST requests to this endpoint.  Should not need to be overridden
 88 |         except to handle exceptions differently.
 89 |         :return: HTTP response data
 90 |         """
 91 | 
 92 |         try:
 93 |             self.request = self.decode_post_request(self.page.inbound)
 94 |             self.response = self.perform_post_command(self.request)
 95 |             self.outbound = self.encode_post_response(self.response)
 96 |         except Exception as e:
 97 |             print("Error logging in: {}".format(e.message))
 98 |             if not self.errors:
 99 |                 self.errors.append(self.page.strings.login_failed)
100 |             return self.render('login', constants.access_control['login_url'], self.errors)
101 | 
102 |         raise web.seeother('./map')


--------------------------------------------------------------------------------
/sam/pages/logout.py:
--------------------------------------------------------------------------------
 1 | from sam import constants
 2 | from sam.pages import base
 3 | import web
 4 | 
 5 | 
 6 | class Logout(base.headless):
 7 |     def __init__(self):
 8 |         super(Logout, self).__init__()
 9 |         self.logout_redirect = constants.access_control['logout_redirect']
10 | 
11 |     def decode_get_request(self, data):
12 |         if 'logout_redirect' in data:
13 |             self.logout_redirect = data['logout_redirect']
14 | 
15 |     def perform_get_command(self, request):
16 |         self.page.session.kill()
17 | 
18 |     def encode_get_response(self, response):
19 |         raise web.seeother(self.logout_redirect)
20 | 


--------------------------------------------------------------------------------
/sam/pages/map.py:
--------------------------------------------------------------------------------
 1 | from sam.models.datasources import Datasources
 2 | import base
 3 | from sam import common
 4 | 
 5 | 
 6 | class Map(base.headed):
 7 |     def __init__(self):
 8 |         super(Map, self).__init__(True, False)
 9 |         self.set_title(self.page.strings.map_title)
10 |         self.scripts = ['/static/js/map.js',
11 |                         '/static/js/map_node.js',
12 |                         '/static/js/map_links.js',
13 |                         '/static/js/map_selection.js',
14 |                         '/static/js/map_ports.js',
15 |                         '/static/js/map_render.js',
16 |                         '/static/js/map_events.js',
17 |                         '/static/js/timerange.js',
18 |                         '/static/js/liveUpdate.js',
19 |                         '/static/nouislider/nouislider.min.js']
20 |         self.styles = ['/static/css/map.css',
21 |                        '/static/css/timerange.css',
22 |                        '/static/nouislider/nouislider-dark.css',
23 |                        '/static/nouislider/nouislider.pips.css']
24 | 
25 |     # handle HTTP GET requests here.  Name gets value from routing rules above.
26 |     def GET(self):
27 |         self.page.require_group('read')
28 | 
29 |         datasources = Datasources(common.db, self.page.session, self.page.user.viewing)
30 |         dses = [(k, v['name']) for k, v in datasources.datasources.iteritems()]
31 | 
32 |         return self.render('map', dses)
33 | 


--------------------------------------------------------------------------------
/sam/pages/metadata.py:
--------------------------------------------------------------------------------
 1 | import sam.models.nodes
 2 | import sam.models.settings
 3 | import sam.models.datasources
 4 | import base
 5 | from sam import common
 6 | 
 7 | 
 8 | class Metadata(base.headed):
 9 |     def __init__(self):
10 |         super(Metadata, self).__init__(True, False)
11 |         self.set_title(self.page.strings.meta_title)
12 |         self.scripts = ["/static/js/metadata.js",
13 |                         "/static/js/map_ports.js",
14 |                         "/static/js/map_selection.js"]
15 |         self.styles = ["/static/css/general.css"]
16 |         self.datasources = None
17 | 
18 |     def require_dses(self):
19 |         datasourceModel = sam.models.datasources.Datasources(common.db, self.page.session, self.page.user.viewing)
20 |         settingsModel = sam.models.settings.Settings(common.db, self.page.session, self.page.user.viewing)
21 |         datasources = datasourceModel.datasources.copy()
22 |         default_ds = datasources.pop(settingsModel['datasource'])
23 | 
24 |         # a list of data sources, with the default at the head
25 |         self.datasources = [default_ds] + datasources.values()
26 | 
27 |     def GET(self):
28 |         self.page.require_group('read')
29 |         nodesModel = sam.models.nodes.Nodes(common.db, self.page.user.viewing)
30 |         tag_list = nodesModel.get_tag_list()
31 |         env_list = nodesModel.get_env_list()
32 | 
33 |         self.require_dses()
34 | 
35 |         return self.render('metadata', tag_list, env_list, self.datasources)
36 | 


--------------------------------------------------------------------------------
/sam/pages/portinfo.py:
--------------------------------------------------------------------------------
 1 | import base
 2 | import sam.models.ports
 3 | from sam import errors
 4 | from sam import common
 5 | 
 6 | # This class is for getting the aliases for a port number
 7 | 
 8 | 
 9 | class Portinfo(base.headless_post):
10 |     """
11 |     The expected GET data includes:
12 |         'port': comma-seperated list of port numbers
13 |             A request for ports 80, 443, and 8080
14 |             would look like: "80,443,8080"
15 |     :return: A JSON-encoded dictionary where
16 |         the keys are the requested ports and
17 |         the values are dictionaries describing the port's attributes
18 | 
19 |     The expected POST data includes:
20 |         'port': The port to set data upon
21 |         'alias_name': optional, the new short name to give that port
22 |         'alias_description': optional, the new long name to give that port
23 |         'active': optional, (1 or 0) where 1 means use the name and 0 means use the number for display.
24 |     :return: A JSON-encoded dictionary with one key "result" and a value of success or error.
25 |     """
26 | 
27 |     def __init__(self):
28 |         super(Portinfo, self).__init__()
29 |         self.portModel = sam.models.ports.Ports(common.db, self.page.user.viewing)
30 | 
31 |     def decode_get_request(self, data):
32 |         port_string = data.get('port')
33 |         if not port_string:
34 |             raise errors.RequiredKey('port', 'port')
35 |         try:
36 |             ports = [int(port) for port in port_string.split(',') if port]
37 |         except ValueError:
38 |             raise errors.MalformedRequest("Could not read port ('port') number. Use comma delimited list.")
39 | 
40 |         return {'ports': ports}
41 | 
42 |     def perform_get_command(self, request):
43 |         self.page.require_group('read')
44 |         portModel = sam.models.ports.Ports(common.db, self.page.user.viewing)
45 |         ports = portModel.get(request['ports'])
46 |         return ports
47 | 
48 |     def encode_get_response(self, response):
49 |         return {str(i['port']): i for i in response}
50 | 
51 |     def decode_post_request(self, data):
52 |         port_string = data.get('port')
53 |         if not port_string:
54 |             raise errors.RequiredKey('port', 'port')
55 |         try:
56 |             request = {'port': int(port_string)}
57 |         except (ValueError, TypeError):
58 |             raise errors.MalformedRequest("Could not read port ('port') number.")
59 | 
60 |         if 'alias_name' in data:
61 |             request['alias_name'] = data['alias_name']
62 |         if 'alias_description' in data:
63 |             request['alias_description'] = data['alias_description']
64 |         if 'active' in data:
65 |             request['active'] = data['active']
66 | 
67 |         return request
68 | 
69 |     def perform_post_command(self, request):
70 |         self.page.require_group('write')
71 |         port = request.pop('port')
72 |         self.portModel.set(port, request)
73 |         return 'success'
74 | 
75 |     def encode_post_response(self, response):
76 |         return {'result': response}
77 | 


--------------------------------------------------------------------------------
/sam/pages/sec_dashboard.py:
--------------------------------------------------------------------------------
 1 | from sam.pages.base import Headed
 2 | 
 3 | 
 4 | class Dashboard(Headed):
 5 |     def __init__(self):
 6 |         super(Dashboard, self).__init__(True, True)
 7 |         self.set_title(self.page.strings.dashboard_title)
 8 |         self.styles = ['/static/css/general.css',
 9 |                        '/static/nouislider/nouislider.css',
10 |                        '/static/nouislider/nouislider.pips.css',
11 |                        '/static/css/security.css']
12 |         self.scripts = ['/static/nouislider/nouislider.min.js',
13 |                         '/static/js/security.js']
14 | 
15 |     def GET(self):
16 |         return self.render("dashboard")
17 | 


--------------------------------------------------------------------------------
/sam/pages/settings_page.py:
--------------------------------------------------------------------------------
 1 | import os
 2 | import re
 3 | from sam import constants
 4 | import base
 5 | import sam.models.settings
 6 | import sam.models.datasources
 7 | import sam.models.livekeys
 8 | import sam.models.nodes
 9 | from sam import common
10 | import pprint
11 | 
12 | 
13 | def nice_name(s):
14 |     s = re.sub("([a-z])([A-Z]+)", lambda x: "{0} {1}".format(x.group(1), x.group(2)), s)
15 |     s = s.replace("_", " ")
16 |     s = re.sub("\s+", ' ', s)
17 |     return s.title()
18 | 
19 | 
20 | class SettingsPage(base.headed):
21 |     def __init__(self):
22 |         super(SettingsPage, self).__init__(True, True)
23 |         self.set_title(self.page.strings.settings_title)
24 |         self.styles = ["/static/css/general.css"]
25 |         self.scripts = ["/static/js/settings.js"]
26 |         self.settingsModel = None
27 |         self.dsModel = None
28 |         self.livekeyModel = None
29 |         self.nodes_model = None
30 | 
31 |     @staticmethod
32 |     def get_available_importers():
33 |         files = os.listdir(os.path.join(constants.base_path, "importers"))
34 |         files = filter(lambda x: x.startswith("import_") and x.endswith(".py") and x != "import_base.py", files)
35 |         # remove .py extension
36 |         files = [(f[:-3], nice_name(f[7:-3])) for f in files]
37 |         return files
38 | 
39 |     def get_tags_preview(self):
40 |         tags = self.nodes_model.get_tag_list()
41 |         tags.sort()
42 |         return tags[:10]
43 | 
44 |     def get_envs_preview(self):
45 |         envs = self.nodes_model.get_env_list()
46 |         envs.discard("inherit")
47 |         l_envs = list(envs)
48 |         l_envs.sort()
49 |         return l_envs[:10]
50 | 
51 |     def get_hosts_preview(self):
52 |         hosts = self.nodes_model.get_hostnames_preview()
53 |         hosts.sort()
54 |         return hosts
55 | 
56 |     # handle HTTP GET requests here.  Name gets value from routing rules above.
57 |     def GET(self):
58 |         self.page.require_group('read')
59 |         self.settingsModel = sam.models.settings.Settings(common.db, self.page.session, self.page.user.viewing)
60 |         self.dsModel = sam.models.datasources.Datasources(common.db, self.page.session, self.page.user.viewing)
61 |         self.livekeyModel = sam.models.livekeys.LiveKeys(common.db, self.page.user.viewing)
62 |         self.nodes_model = sam.models.nodes.Nodes(common.db, self.page.user.viewing)
63 | 
64 |         settings = self.settingsModel.copy()
65 |         datasources = self.dsModel.sorted_list()
66 |         importers = self.get_available_importers()
67 |         livekeys = self.livekeyModel.read()
68 |         tags_preview = self.get_tags_preview()
69 |         envs_preview = self.get_envs_preview()
70 |         hosts_preview = self.get_hosts_preview()
71 | 
72 | 
73 |         return self.render('settings', self.page.user, settings, datasources, livekeys, importers, tags_preview, envs_preview, hosts_preview)


--------------------------------------------------------------------------------
/sam/rule_templates/compromised.yml:
--------------------------------------------------------------------------------
 1 | # compromised traffic -- traffic to know infected/bad hosts.
 2 | # trigger an alert on {src} if {dst} in IP_LIST
 3 | ---
 4 | name: Compromised Traffic
 5 | type: immediate
 6 | include:
 7 |   bad_hosts: ./compromised_hosts.txt
 8 | expose:
 9 | actions:
10 |   alert_severity: 8
11 | subject: src
12 | when: dst host in $bad_hosts


--------------------------------------------------------------------------------
/sam/rule_templates/dos.yml:
--------------------------------------------------------------------------------
 1 | # DoS Attack -- unusually high traffic levels connecting to a host.
 2 | # trigger an alert on {dst} if {dst} gets more than $threshold (tcp?) conn/minute
 3 | ---
 4 | name: High Traffic
 5 | type: periodic
 6 | include:
 7 | expose:
 8 |   threshold:
 9 |     label: This rule will trigger on a host if it receives more than this number of inbound connections over a period of 5 minutes.
10 |     format: text
11 |     default: 600
12 |     regex: "^\\d+$"
13 | actions:
14 | subject: dst
15 | when: having conn[links] > $threshold


--------------------------------------------------------------------------------
/sam/rule_templates/netscan.yml:
--------------------------------------------------------------------------------
 1 | # Network Scanning -- Scanning all hosts in a network.
 2 | # trigger an alert on {src} if {src} connects to more than $threshhold distinct hosts / minute
 3 | ---
 4 | name: Network Scanning
 5 | type: periodic
 6 | include:
 7 | expose:
 8 |   threshold:
 9 |     label: This rule will trigger on a host if that host is connecting to more than this number of distinct other hosts over 5 minutes.
10 |     format: text
11 |     default: 600
12 |     regex: "^\\d+$"
13 | actions:
14 | subject: src
15 | when: having dst[hosts] > $threshold


--------------------------------------------------------------------------------
/sam/rule_templates/portscan.yml:
--------------------------------------------------------------------------------
 1 | # Port Scanning -- Scanning through ports on a host.
 2 | # trigger an alert on {src} if {dst} uses more than $threshhold (udp?) distinct ports / minute
 3 | ---
 4 | name: Port Scanning
 5 | type: periodic
 6 | include:
 7 | expose:
 8 |   threshold:
 9 |     label: This rule will flag a host that has connected to other hosts on more than this number of hosts over 5 minutes.
10 |     format: text
11 |     default: 600
12 |     regex: "^\\d+$"
13 | actions:
14 | subject: src
15 | when: protocol udp having conn[ports] >$threshold


--------------------------------------------------------------------------------
/sam/rule_templates/suspicious.yml:
--------------------------------------------------------------------------------
 1 | # suspicious traffic -- traffic that you expect to not have happen.
 2 | # e.g. host1 shouldn't connect to the database on host2.
 3 | # trigger an alert on {src} if [{src}] connects to [{dst}] on [{dest_port}]
 4 | ---
 5 | name: "IP -> IP/Port"
 6 | type: immediate
 7 | include:
 8 | expose:
 9 |   source_ip:
10 |     label: "Flag traffic if Source IP:"
11 |     format: text
12 |     default: 127.0.0.1
13 |     regex: "^([0-9]|[01]?[0-9][0-9]|2[0-4][0-9]|25[0-5])(\\.([0-9]|[01]?[0-9][0-9]|2[0-4][0-9]|25[0-5])){3}$"
14 |   dest_ip:
15 |     label: "...connects to Destination IP:"
16 |     format: text
17 |     default: 80.80.80.80
18 |     regex: "^([0-9]|[01]?[0-9][0-9]|2[0-4][0-9]|25[0-5])(\\.([0-9]|[01]?[0-9][0-9]|2[0-4][0-9]|25[0-5])){3}$"
19 |   port:
20 |     label: "...on this port:"
21 |     format: text
22 |     default: "80, 443"
23 | actions:
24 | subject: src
25 | when: src host $source_ip and dst host $dest_ip and dst port $port


--------------------------------------------------------------------------------
/sam/server_webserver.py:
--------------------------------------------------------------------------------
 1 | import sys
 2 | import os
 3 | import operator
 4 | sys.path.append(os.path.abspath(os.path.join(os.path.dirname(__file__), os.pardir)))  # could be executed from any directory
 5 | from sam import constants
 6 | import web
 7 | from sam import common
 8 | from sam import integrity
 9 | from sam import httpserver
10 | 
11 | 
12 | def check_database():
13 |     # Validate the database format
14 |     if not integrity.check_and_fix_integrity():
15 |         exit(1)
16 | 
17 | 
18 | def create_session(app):
19 |     # Create the session object
20 |     if web.config.get('_session') is None:
21 |         common.session = web.session.Session(app, common.session_store)
22 |         web.config._session = common.session
23 |     else:
24 |         common.session = web.config._session
25 | 
26 | 
27 | def localization_hook():
28 |     default_lang = 'en'  # default language
29 |     lang = None
30 |     path_info = web.ctx.env['PATH_INFO']
31 |     cookie = web.cookies().get("lang")
32 | 
33 |     # try reading language from URL path
34 |     if not lang and path_info[1:3] in constants.supported_languages:
35 |         web.ctx['fullpath'] = web.ctx['fullpath'][3:]
36 |         web.ctx['path'] = web.ctx['path'][3:]
37 |         web.ctx.env['REQUEST_URI'] = web.ctx.env['REQUEST_URI'][3:]
38 |         web.ctx.env['PATH_INFO'] = path_info[3:]
39 |         lang = path_info[1:3]
40 |     # try reading language from cookie
41 |     if not lang and cookie:
42 |         if cookie in constants.supported_languages:
43 |             lang = cookie
44 |     # try reading language from browser
45 |     if not lang and 'HTTP_ACCEPT_LANGUAGE' in web.ctx.env:
46 |         lang_accept = web.ctx.env['HTTP_ACCEPT_LANGUAGE']
47 |         items = [i.partition(';q=') for i in lang_accept.split(",") if i]
48 |         decoded = {k.strip(): (float(v) if len(v) > 0 else 1.0) for k, _, v in items}
49 |         langs = {k: decoded[k] for k in decoded.iterkeys() if k[:2] in constants.supported_languages}
50 |         best = max(langs.iteritems(), key=operator.itemgetter(1))[0]
51 |         if best:
52 |             lang = best[:2]
53 |     # use default language
54 |     if not lang:
55 |         lang = default_lang
56 | 
57 |     web.setcookie("lang", lang, 31536000, common.get_domain(web.ctx.home), False, False, '/')
58 |     common.session['lang'] = lang
59 | 
60 | 
61 | def start_server(port):
62 |     # some of the following lines are commented out because start_wsgi()
63 |     # is run already when this module is loaded
64 |     # TODO: make the above excuse removable
65 |     # common.load_plugins()
66 |     web.httpserver.StaticApp = httpserver.StaticApp
67 |     # constants.init_urls()
68 |     app = web.application(constants.urls, globals())
69 |     #check_database()
70 |     #create_session(app)
71 |     #for hook in constants.plugin_hooks_server_start:
72 |     #    hook()
73 |     app.add_processor(web.loadhook(localization_hook))
74 |     httpserver.runwsgi(app.wsgifunc(httpserver.PluginStaticMiddleware), port)
75 |     for hook in constants.plugin_hooks_server_stop:
76 |         hook()
77 | 
78 | 
79 | def start_wsgi():
80 |     common.load_plugins()
81 |     constants.init_urls()
82 |     app = web.application(constants.urls, globals())
83 |     check_database()
84 |     create_session(app)
85 |     for hook in constants.plugin_hooks_server_start:
86 |         hook()
87 |     app.add_processor(web.loadhook(localization_hook))
88 |     return app.wsgifunc(httpserver.PluginStaticMiddleware)
89 | 
90 | 
91 | # This line must be present for use on wsgi-based servers.
92 | application = start_wsgi()
93 | 


--------------------------------------------------------------------------------
/sam/sql/delete_staging_data.sql:
--------------------------------------------------------------------------------
1 | -- this sql file is responsible for deleting all data from staging tables
2 | 
3 | DELETE FROM s{acct}_ds{id}_StagingLinks;
4 | DELETE FROM s{acct}_ds{id}_Syslog;
5 | 


--------------------------------------------------------------------------------
/sam/sql/drop_datasource.sql:
--------------------------------------------------------------------------------
1 | DROP TABLE IF EXISTS s{acct}_ds{id}_StagingLinks;
2 | DROP TABLE IF EXISTS s{acct}_ds{id}_LinksIn;
3 | DROP TABLE IF EXISTS s{acct}_ds{id}_LinksOut;
4 | DROP TABLE IF EXISTS s{acct}_ds{id}_Links;
5 | DROP TABLE IF EXISTS s{acct}_ds{id}_Syslog;
6 | 


--------------------------------------------------------------------------------
/sam/sql/drop_subscription.sql:
--------------------------------------------------------------------------------
1 | DROP TABLE IF EXISTS s{acct}_Alerts;
2 | DROP TABLE IF EXISTS s{acct}_Rules;
3 | DROP TABLE IF EXISTS s{acct}_PortAliases;
4 | DROP TABLE IF EXISTS s{acct}_Tags;
5 | DROP TABLE IF EXISTS s{acct}_Nodes;
6 | 


--------------------------------------------------------------------------------
/sam/sql/profiling.sql:
--------------------------------------------------------------------------------
 1 | -- DEMO for how to get profiling information from MySQL
 2 | 
 3 | -- 1. Ensure that statement and stage instrumentation is enabled by updating the setup_instruments table.
 4 | -- Some instruments may already be enabled by default.
 5 | UPDATE performance_schema.setup_instruments SET ENABLED = 'YES', TIMED = 'YES'
 6 |   WHERE NAME LIKE '%statement/%';
 7 | UPDATE performance_schema.setup_instruments SET ENABLED = 'YES', TIMED = 'YES'
 8 |   WHERE NAME LIKE '%stage/%';
 9 | 
10 | -- 2. Ensure that events_statements_* and events_stages_* consumers are enabled.
11 | -- Some consumers may already be enabled by default.
12 | UPDATE performance_schema.setup_consumers SET ENABLED = 'YES'
13 |   WHERE NAME LIKE '%events_statements_%';
14 | 
15 | UPDATE performance_schema.setup_consumers SET ENABLED = 'YES'
16 |   WHERE NAME LIKE '%events_stages_%';
17 | 
18 | -- 3. Run the statement that you want to profile.
19 | SELECT * FROM Nodes WHERE 123456789 BETWEEN ipstart AND ipend;
20 | 
21 | -- 4. Find the matching event_id in the history by searching for part of the query string
22 | SELECT EVENT_ID, TRUNCATE(TIMER_WAIT/1000000000000,6) as Duration, SQL_TEXT
23 |   FROM performance_schema.events_statements_history_long
24 |   WHERE SQL_TEXT like '%LIMIT 50;';
25 | 
26 | -- 5. Check out the detailed view to see stages by using the EVENT_ID from step 4.
27 | SELECT event_name AS Stage, TRUNCATE(TIMER_WAIT/1000000000000,6) AS Duration
28 |   FROM performance_schema.events_stages_history_long
29 |   WHERE NESTING_EVENT_ID=31;


--------------------------------------------------------------------------------
/sam/sql/sessions.sql:
--------------------------------------------------------------------------------
1 | CREATE TABLE IF NOT EXISTS sessions (
2 |     session_id char(128) UNIQUE NOT NULL,
3 |     atime timestamp NOT NULL default current_timestamp,
4 |     data text
5 | );


--------------------------------------------------------------------------------
/sam/sql/setup_datasource_mysql.sql:
--------------------------------------------------------------------------------
 1 | CREATE TABLE If NOT EXISTS s{acct}_ds{id}_Syslog
 2 | (entry             INT UNSIGNED NOT NULL AUTO_INCREMENT
 3 | ,src               INT UNSIGNED NOT NULL
 4 | ,srcport           INT NOT NULL
 5 | ,dst               INT UNSIGNED NOT NULL
 6 | ,dstport           INT NOT NULL
 7 | ,timestamp         TIMESTAMP NOT NULL  -- seconds precision
 8 | ,protocol          CHAR(8) NOT NULL
 9 | ,bytes_sent        INT NOT NULL
10 | ,bytes_received    INT
11 | ,packets_sent      INT NOT NULL
12 | ,packets_received  INT
13 | ,duration          INT NOT NULL
14 | ,CONSTRAINT PK{acct}_{id}Syslog PRIMARY KEY (entry)
15 | );
16 | 
17 | -- -----------------------
18 | -- Create the Temp Link tables
19 | -- -----------------------
20 | CREATE TABLE IF NOT EXISTS s{acct}_ds{id}_StagingLinks
21 | (src               INT UNSIGNED NOT NULL
22 | ,dst               INT UNSIGNED NOT NULL
23 | ,port              INT NOT NULL
24 | ,protocol          CHAR(8) NOT NULL
25 | ,timestamp         TIMESTAMP NOT NULL  -- quantized (5-minute) precision
26 | ,links             INT DEFAULT 1
27 | ,bytes_sent        INT NOT NULL
28 | ,bytes_received    INT
29 | ,packets_sent      INT NOT NULL
30 | ,packets_received  INT
31 | ,duration          INT NOT NULL
32 | ,CONSTRAINT PK{acct}_{id}tLinks PRIMARY KEY (src, dst, port, protocol, timestamp)
33 | );
34 | 
35 | -- -----------------------
36 | -- Create the Link tables
37 | -- -----------------------
38 | CREATE TABLE IF NOT EXISTS s{acct}_ds{id}_Links
39 | (src               INT UNSIGNED NOT NULL
40 | ,dst               INT UNSIGNED NOT NULL
41 | ,port              INT NOT NULL
42 | ,protocol          CHAR(8) NOT NULL
43 | ,timestamp         TIMESTAMP NOT NULL  -- quantized (5-minute) precision
44 | ,links             INT DEFAULT 1 NOT NULL
45 | ,bytes_sent        INT NOT NULL
46 | ,bytes_received    INT
47 | ,packets_sent      INT NOT NULL
48 | ,packets_received  INT
49 | ,duration          INT NOT NULL
50 | ,CONSTRAINT PK{acct}_{id}Links PRIMARY KEY (src, dst, port, protocol, timestamp)
51 | );
52 | 
53 | CREATE TABLE IF NOT EXISTS s{acct}_ds{id}_LinksIn
54 | (src_start         INT UNSIGNED NOT NULL
55 | ,src_end           INT UNSIGNED NOT NULL
56 | ,dst_start         INT UNSIGNED NOT NULL
57 | ,dst_end           INT UNSIGNED NOT NULL
58 | ,protocols         VARCHAR(1024)
59 | ,port              INT NOT NULL
60 | ,timestamp         TIMESTAMP NOT NULL  -- quantized (5-minute) precision
61 | ,links             INT DEFAULT 1
62 | ,bytes             INT NOT NULL
63 | ,packets           INT NOT NULL
64 | ,CONSTRAINT PK{acct}_{id}LinksIn PRIMARY KEY (src_start, src_end, dst_start, dst_end, port, timestamp)
65 | ,CONSTRAINT FK{acct}_{id}LinksInSrc FOREIGN KEY (src_start, src_end) REFERENCES s{acct}_Nodes (ipstart, ipend)
66 | ,CONSTRAINT FK{acct}_{id}LinksInDst FOREIGN KEY (dst_start, dst_end) REFERENCES s{acct}_Nodes (ipstart, ipend)
67 | );
68 | 
69 | CREATE TABLE IF NOT EXISTS s{acct}_ds{id}_LinksOut
70 | (src_start         INT UNSIGNED NOT NULL
71 | ,src_end           INT UNSIGNED NOT NULL
72 | ,dst_start         INT UNSIGNED NOT NULL
73 | ,dst_end           INT UNSIGNED NOT NULL
74 | ,protocols         VARCHAR(1024)
75 | ,port              INT NOT NULL
76 | ,timestamp         TIMESTAMP NOT NULL  -- quantized (5-minute) precision
77 | ,links             INT DEFAULT 1
78 | ,bytes             INT NOT NULL
79 | ,packets           INT NOT NULL
80 | ,CONSTRAINT PK{acct}_{id}LinksOut PRIMARY KEY (src_start, src_end, dst_start, dst_end, port, timestamp)
81 | ,CONSTRAINT FK{acct}_{id}LinksOutSrc FOREIGN KEY (src_start, src_end) REFERENCES s{acct}_Nodes (ipstart, ipend)
82 | ,CONSTRAINT FK{acct}_{id}LinksOutDst FOREIGN KEY (dst_start, dst_end) REFERENCES s{acct}_Nodes (ipstart, ipend)
83 | );
84 | 


--------------------------------------------------------------------------------
/sam/sql/setup_datasource_sqlite.sql:
--------------------------------------------------------------------------------
 1 | CREATE TABLE If NOT EXISTS s{acct}_ds{id}_Syslog
 2 | (entry             INTEGER NOT NULL PRIMARY KEY
 3 | ,src               INT UNSIGNED NOT NULL
 4 | ,srcport           INT NOT NULL
 5 | ,dst               INT UNSIGNED NOT NULL
 6 | ,dstport           INT NOT NULL
 7 | ,timestamp         TIMESTAMP NOT NULL
 8 | ,protocol          CHAR(8) NOT NULL
 9 | ,bytes_sent        INT NOT NULL
10 | ,bytes_received    INT
11 | ,packets_sent      INT NOT NULL
12 | ,packets_received  INT
13 | ,duration          INT NOT NULL
14 | );
15 | 
16 | -- -----------------------
17 | -- Create the Temp Link tables
18 | -- -----------------------
19 | CREATE TABLE IF NOT EXISTS s{acct}_ds{id}_StagingLinks
20 | (src               INT UNSIGNED NOT NULL
21 | ,dst               INT UNSIGNED NOT NULL
22 | ,port              INT NOT NULL
23 | ,protocol          CHAR(8) NOT NULL
24 | ,timestamp         TIMESTAMP NOT NULL
25 | ,links             INT DEFAULT 1
26 | ,bytes_sent        INT NOT NULL
27 | ,bytes_received    INT
28 | ,packets_sent      INT NOT NULL
29 | ,packets_received  INT
30 | ,duration          INT NOT NULL
31 | ,CONSTRAINT PK{acct}_{id}tLinks PRIMARY KEY (src, dst, port, protocol, timestamp)
32 | );
33 | 
34 | -- -----------------------
35 | -- Create the Link tables
36 | -- -----------------------
37 | CREATE TABLE IF NOT EXISTS s{acct}_ds{id}_Links
38 | (src               INT UNSIGNED NOT NULL
39 | ,dst               INT UNSIGNED NOT NULL
40 | ,port              INT NOT NULL
41 | ,protocol          CHAR(8) NOT NULL
42 | ,timestamp         TIMESTAMP NOT NULL
43 | ,links             INT DEFAULT 1 NOT NULL
44 | ,bytes_sent        INT NOT NULL
45 | ,bytes_received    INT
46 | ,packets_sent      INT NOT NULL
47 | ,packets_received  INT
48 | ,duration          INT NOT NULL
49 | ,CONSTRAINT PK{acct}_{id}Links PRIMARY KEY (src, dst, port, protocol, timestamp)
50 | );
51 | 
52 | CREATE TABLE IF NOT EXISTS s{acct}_ds{id}_LinksIn
53 | (src_start         INT UNSIGNED NOT NULL
54 | ,src_end           INT UNSIGNED NOT NULL
55 | ,dst_start         INT UNSIGNED NOT NULL
56 | ,dst_end           INT UNSIGNED NOT NULL
57 | ,protocols         VARCHAR(1024)
58 | ,port              INT NOT NULL
59 | ,timestamp         TIMESTAMP NOT NULL
60 | ,links             INT DEFAULT 1
61 | ,bytes             INT NOT NULL
62 | ,packets           INT NOT NULL
63 | ,CONSTRAINT PK{acct}_{id}LinksIn PRIMARY KEY (src_start, src_end, dst_start, dst_end, port, timestamp)
64 | ,CONSTRAINT FK{acct}_{id}LinksInSrc FOREIGN KEY (src_start, src_end) REFERENCES s{acct}_Nodes (ipstart, ipend)
65 | ,CONSTRAINT FK{acct}_{id}LinksInDst FOREIGN KEY (dst_start, dst_end) REFERENCES s{acct}_Nodes (ipstart, ipend)
66 | );
67 | 
68 | CREATE TABLE IF NOT EXISTS s{acct}_ds{id}_LinksOut
69 | (src_start         INT UNSIGNED NOT NULL
70 | ,src_end           INT UNSIGNED NOT NULL
71 | ,dst_start         INT UNSIGNED NOT NULL
72 | ,dst_end           INT UNSIGNED NOT NULL
73 | ,protocols         VARCHAR(1024)
74 | ,port              INT NOT NULL
75 | ,timestamp         TIMESTAMP NOT NULL
76 | ,links             INT DEFAULT 1
77 | ,bytes             INT NOT NULL
78 | ,packets           INT NOT NULL
79 | ,CONSTRAINT PK{acct}_{id}LinksOut PRIMARY KEY (src_start, src_end, dst_start, dst_end, port, timestamp)
80 | ,CONSTRAINT FK{acct}_{id}LinksOutSrc FOREIGN KEY (src_start, src_end) REFERENCES s{acct}_Nodes (ipstart, ipend)
81 | ,CONSTRAINT FK{acct}_{id}LinksOutDst FOREIGN KEY (dst_start, dst_end) REFERENCES s{acct}_Nodes (ipstart, ipend)
82 | );
83 | 


--------------------------------------------------------------------------------
/sam/sql/setup_shared_tables_mysql.sql:
--------------------------------------------------------------------------------
 1 | -- track subscriptions
 2 | CREATE TABLE IF NOT EXISTS Subscriptions
 3 | (subscription   INTEGER NOT NULL AUTO_INCREMENT PRIMARY KEY
 4 | ,email          VARCHAR(254) NOT NULL UNIQUE
 5 | ,name           TEXT NOT NULL
 6 | ,plan           TEXT NOT NULL
 7 | ,groups         TEXT NOT NULL
 8 | ,active         BOOL NOT NULL DEFAULT FALSE
 9 | ,plugins        TEXT
10 | );
11 | 
12 | -- Listing of datasources to use
13 | CREATE TABLE IF NOT EXISTS Datasources
14 | (id             INTEGER NOT NULL AUTO_INCREMENT
15 | ,subscription   INTEGER NOT NULL
16 | ,name           VARCHAR(255) NOT NULL DEFAULT "default"
17 | ,ar_active      TINYINT(1) NOT NULL DEFAULT 0
18 | ,ar_interval    INT NOT NULL DEFAULT 300
19 | ,flat           TINYINT(1) NOT NULL DEFAULT 0
20 | ,CONSTRAINT `PK_ids` PRIMARY KEY (`id`)
21 | ,CONSTRAINT `FK_sds` FOREIGN KEY (`subscription`) REFERENCES `Subscriptions` (`subscription`)
22 | );
23 | 
24 | -- User Settings
25 | CREATE TABLE IF NOT EXISTS Settings
26 | (subscription   INTEGER NOT NULL PRIMARY KEY
27 | ,datasource     INT NOT NULL
28 | ,color_node     INT UNSIGNED NOT NULL DEFAULT 0x5555CC
29 | ,color_bg       INT UNSIGNED NOT NULL DEFAULT 0xAAFFDD
30 | ,color_tcp      INT UNSIGNED NOT NULL DEFAULT 0x5555CC
31 | ,color_udp      INT UNSIGNED NOT NULL DEFAULT 0xCC5555
32 | ,color_label    INT UNSIGNED NOT NULL DEFAULT 0x000000
33 | ,color_label_bg INT UNSIGNED NOT NULL DEFAULT 0xFFFFFF
34 | ,color_error    INT UNSIGNED NOT NULL DEFAULT 0x996666
35 | ,CONSTRAINT `FK_dss` FOREIGN KEY (`datasource`) REFERENCES `Datasources` (`id`)
36 | ,CONSTRAINT `FK_ss` FOREIGN KEY (`subscription`) REFERENCES `Subscriptions` (`subscription`)
37 | );
38 | 
39 | -- Default Look-Up-Table for ports
40 | CREATE TABLE IF NOT EXISTS Ports
41 | (port              INT UNSIGNED NOT NULL PRIMARY KEY
42 | ,protocols         TEXT
43 | ,name              VARCHAR(10) NOT NULL DEFAULT ""
44 | ,description       VARCHAR(255) NOT NULL DEFAULT ""
45 | );
46 | 
47 | -- Key table for live updates
48 | CREATE TABLE IF NOT EXISTS LiveKeys
49 | (access_key     CHAR(24) PRIMARY KEY
50 | ,subscription   INTEGER NOT NULL
51 | ,datasource     INT NOT NULL
52 | ,created        TIMESTAMP DEFAULT NOW()
53 | ,CONSTRAINT `FK_lks` FOREIGN KEY (`subscription`) REFERENCES `Subscriptions` (`subscription`)
54 | ,CONSTRAINT `FK_lkd` FOREIGN KEY (`datasource`) REFERENCES `Datasources` (`id`)
55 | );
56 | 


--------------------------------------------------------------------------------
/sam/sql/setup_shared_tables_sqlite.sql:
--------------------------------------------------------------------------------
 1 | -- track subscriptions
 2 | CREATE TABLE IF NOT EXISTS Subscriptions
 3 | (subscription   INTEGER NOT NULL PRIMARY KEY
 4 | ,email          VARCHAR(254) NOT NULL UNIQUE
 5 | ,name           TEXT NOT NULL
 6 | ,plan           TEXT NOT NULL
 7 | ,groups         TEXT NOT NULL
 8 | ,active         BOOL NOT NULL DEFAULT FALSE
 9 | ,plugins        TEXT
10 | );
11 | 
12 | -- Listing of datasources to use
13 | CREATE TABLE IF NOT EXISTS Datasources
14 | (id             INTEGER NOT NULL PRIMARY KEY
15 | ,subscription   INTEGER NOT NULL
16 | ,name           VARCHAR(255) NOT NULL DEFAULT "default"
17 | ,ar_active      TINYINT(1) NOT NULL DEFAULT 0
18 | ,ar_interval    INT NOT NULL DEFAULT 300
19 | ,flat           TINYINT(1) NOT NULL DEFAULT 0
20 | ,CONSTRAINT `FK_sds` FOREIGN KEY (`subscription`) REFERENCES `Subscriptions` (`subscription`)
21 | );
22 | 
23 | -- User Settings
24 | CREATE TABLE IF NOT EXISTS Settings
25 | (subscription   INTEGER NOT NULL PRIMARY KEY
26 | ,datasource     INT NOT NULL
27 | ,color_node     INT UNSIGNED NOT NULL DEFAULT 0x5555CC
28 | ,color_bg       INT UNSIGNED NOT NULL DEFAULT 0xAAFFDD
29 | ,color_tcp      INT UNSIGNED NOT NULL DEFAULT 0x5555CC
30 | ,color_udp      INT UNSIGNED NOT NULL DEFAULT 0xCC5555
31 | ,color_label    INT UNSIGNED NOT NULL DEFAULT 0x000000
32 | ,color_label_bg INT UNSIGNED NOT NULL DEFAULT 0xFFFFFF
33 | ,color_error    INT UNSIGNED NOT NULL DEFAULT 0x996666
34 | ,CONSTRAINT `FK_dss` FOREIGN KEY (`datasource`) REFERENCES `Datasources` (`id`)
35 | ,CONSTRAINT `FK_ss` FOREIGN KEY (`subscription`) REFERENCES `Subscriptions` (`subscription`)
36 | );
37 | 
38 | -- Default Look-Up-Table for ports
39 | CREATE TABLE IF NOT EXISTS Ports
40 | (port              INT UNSIGNED NOT NULL PRIMARY KEY
41 | ,protocols         TEXT
42 | ,name              VARCHAR(10) NOT NULL DEFAULT ""
43 | ,description       VARCHAR(255) NOT NULL DEFAULT ""
44 | );
45 | 
46 | -- Key table for live updates
47 | CREATE TABLE IF NOT EXISTS LiveKeys
48 | (access_key     CHAR(24) PRIMARY KEY
49 | ,subscription   INTEGER NOT NULL
50 | ,datasource     INT NOT NULL
51 | ,created        INTEGER DEFAULT (strftime('%s', 'now'))
52 | ,CONSTRAINT `FK_lks` FOREIGN KEY (`subscription`) REFERENCES `Subscriptions` (`subscription`)
53 | ,CONSTRAINT `FK_lkd` FOREIGN KEY (`datasource`) REFERENCES `Datasources` (`id`)
54 | );
55 | 


--------------------------------------------------------------------------------
/sam/sql/setup_subscription_tables_mysql.sql:
--------------------------------------------------------------------------------
 1 | -- Create the Nodes table
 2 | CREATE TABLE IF NOT EXISTS s{acct}_Nodes
 3 | (ipstart           INT UNSIGNED NOT NULL
 4 | ,ipend             INT UNSIGNED NOT NULL
 5 | ,subnet            INT NOT NULL
 6 | ,alias             VARCHAR(96)
 7 | ,env               VARCHAR(64)
 8 | ,x                 FLOAT(12,3) DEFAULT 0
 9 | ,y                 FLOAT(12,3) DEFAULT 0
10 | ,radius            FLOAT(12,3) DEFAULT 2000
11 | ,CONSTRAINT PK{acct}Nodes PRIMARY KEY (ipstart, ipend)
12 | ,INDEX nenv (env)
13 | );
14 | 
15 | 
16 | -- Create the table of tags
17 | CREATE TABLE IF NOT EXISTS s{acct}_Tags
18 | (ipstart           INT UNSIGNED NOT NULL
19 | ,ipend             INT UNSIGNED NOT NULL
20 | ,tag               VARCHAR(32)
21 | ,CONSTRAINT PK{acct}Tags PRIMARY KEY (ipstart, ipend, tag)
22 | ,CONSTRAINT FK{acct}Tags FOREIGN KEY (ipstart, ipend) REFERENCES s{acct}_Nodes (ipstart, ipend)
23 | );
24 | 
25 | -- Create the table for port aliases
26 | CREATE TABLE IF NOT EXISTS s{acct}_PortAliases
27 | (port              INT UNSIGNED NOT NULL
28 | ,protocols         TEXT
29 | ,active            BOOL NOT NULL DEFAULT TRUE
30 | ,name              VARCHAR(10) NOT NULL DEFAULT ""
31 | ,description       VARCHAR(255) NOT NULL DEFAULT ""
32 | ,CONSTRAINT PK{acct}PortAliases PRIMARY KEY (port)
33 | );
34 | 
35 | -- Create the table for security rules (params)
36 | CREATE TABLE IF NOT EXISTS s{acct}_Rules
37 | (id                INT UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY
38 | ,rule_path         VARCHAR(256) NOT NULL
39 | ,active            BOOL NOT NULL
40 | ,name              VARCHAR(64) NOT NULL
41 | ,description       TEXT NOT NULL
42 | ,params            TEXT NOT NULL
43 | );
44 | 
45 | -- Create the table for security alerts
46 | CREATE TABLE IF NOT EXISTS s{acct}_Alerts
47 | (id                INT UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY
48 | ,ipstart           INT UNSIGNED NOT NULL
49 | ,ipend             INT UNSIGNED NOT NULL
50 | ,log_time          INT UNSIGNED NOT NULL
51 | ,report_time       INT UNSIGNED NOT NULL
52 | ,severity          TINYINT(1) NOT NULL
53 | ,viewed            TINYINT(1) NOT NULL DEFAULT 0
54 | ,label             VARCHAR(32) NOT NULL
55 | ,rule_id           INT UNSIGNED
56 | ,rule_name         VARCHAR(64)
57 | ,details           TEXT
58 | );
59 | 
60 | -- Create the table for Anomaly Detection
61 | CREATE TABLE IF NOT EXISTS s{acct}_ADWarnings
62 | (id                INT UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY
63 | ,warning_id        INT UNSIGNED NOT NULL UNIQUE
64 | ,host              INT UNSIGNED NOT NULL
65 | ,log_time          INT UNSIGNED NOT NULL
66 | ,reason            TEXT NOT NULL
67 | ,status            VARCHAR(32) NOT NULL  -- should be one of "accepted", "rejected", "ignored", "uncategorized"
68 | ,details           TEXT
69 | );
70 | 


--------------------------------------------------------------------------------
/sam/sql/setup_subscription_tables_sqlite.sql:
--------------------------------------------------------------------------------
 1 | -- Create the Nodes table
 2 | CREATE TABLE IF NOT EXISTS s{acct}_Nodes
 3 | (ipstart           INT UNSIGNED NOT NULL
 4 | ,ipend             INT UNSIGNED NOT NULL
 5 | ,subnet            INT NOT NULL
 6 | ,alias             VARCHAR(96)
 7 | ,env               VARCHAR(64)
 8 | ,x                 FLOAT(12,3) DEFAULT 0
 9 | ,y                 FLOAT(12,3) DEFAULT 0
10 | ,radius            FLOAT(12,3) DEFAULT 2000
11 | ,CONSTRAINT PK{acct}Nodes PRIMARY KEY (ipstart, ipend)
12 | );
13 | 
14 | CREATE INDEX IF NOT EXISTS nenv ON s{acct}_Nodes (env);
15 | 
16 | -- Create the table of tags
17 | CREATE TABLE IF NOT EXISTS s{acct}_Tags
18 | (ipstart           INT UNSIGNED NOT NULL
19 | ,ipend             INT UNSIGNED NOT NULL
20 | ,tag               VARCHAR(32)
21 | ,CONSTRAINT PK{acct}Tags PRIMARY KEY (ipstart, ipend, tag)
22 | ,CONSTRAINT FK{acct}Tags FOREIGN KEY (ipstart, ipend) REFERENCES s{acct}_Nodes (ipstart, ipend)
23 | );
24 | 
25 | -- Create the table for port aliases
26 | CREATE TABLE IF NOT EXISTS s{acct}_PortAliases
27 | (port              INT UNSIGNED NOT NULL
28 | ,protocols         TEXT
29 | ,active            BOOL NOT NULL DEFAULT TRUE
30 | ,name              VARCHAR(10) NOT NULL DEFAULT ""
31 | ,description       VARCHAR(255) NOT NULL DEFAULT ""
32 | ,CONSTRAINT PK{acct}PortAliases PRIMARY KEY (port)
33 | );
34 | 
35 | -- Create the table for security rules (params)
36 | CREATE TABLE IF NOT EXISTS s{acct}_Rules
37 | (id                INTEGER NOT NULL PRIMARY KEY
38 | ,rule_path         VARCHAR(256) NOT NULL
39 | ,active            BOOL NOT NULL
40 | ,name              VARCHAR(64) NOT NULL
41 | ,description       TEXT NOT NULL
42 | ,params            TEXT NOT NULL
43 | );
44 | 
45 | -- Create the table for security alerts
46 | CREATE TABLE IF NOT EXISTS s{acct}_Alerts
47 | (id                INTEGER NOT NULL PRIMARY KEY
48 | ,ipstart           INT UNSIGNED NOT NULL
49 | ,ipend             INT UNSIGNED NOT NULL
50 | ,log_time          INT UNSIGNED NOT NULL
51 | ,report_time       INT UNSIGNED NOT NULL
52 | ,severity          TINYINT(1) NOT NULL
53 | ,viewed            TINYINT(1) NOT NULL DEFAULT 0
54 | ,label             VARCHAR(32) NOT NULL
55 | ,rule_id           INT UNSIGNED
56 | ,rule_name         VARCHAR(64)
57 | ,details           TEXT
58 | );
59 | 
60 | -- Create the table for Anomaly Detection
61 | CREATE TABLE IF NOT EXISTS s{acct}_ADWarnings
62 | (id                INTEGER NOT NULL PRIMARY KEY
63 | ,warning_id        INT UNSIGNED NOT NULL UNIQUE
64 | ,host              INT UNSIGNED NOT NULL
65 | ,log_time          INT UNSIGNED NOT NULL
66 | ,reason            TEXT NOT NULL
67 | ,status            VARCHAR(32) NOT NULL  -- should be one of "accepted", "rejected", "ignored", "uncategorized"
68 | ,details           TEXT
69 | );
70 | 


--------------------------------------------------------------------------------
/sam/sql/test_data.sql:
--------------------------------------------------------------------------------
1 | $def with (acct, dsid)
2 | 
3 | -- INSERT INTO ...


--------------------------------------------------------------------------------
/sam/static/css/general.css:
--------------------------------------------------------------------------------
  1 | body {
  2 |     background-color: #F7F7F7;
  3 |     font-size: 100%;
  4 | }
  5 | 
  6 | .langlink {
  7 |   padding: 0 0.9em 0 1em;
  8 |   margin: 0;
  9 | }
 10 | .langlink + .langlink {
 11 |   border-left: 1px solid white;
 12 | }
 13 | 
 14 | #navbar {
 15 |   border-radius: 0;
 16 |   background-color: #142230;
 17 | }
 18 | 
 19 | #ds_tab_contents .tab.segment {
 20 |     margin-top: 0em;
 21 |     margin-bottom: 0em;
 22 |     position: relative;
 23 |     /*padding: 0;*/
 24 |     background: #E0E0E0 !important;
 25 | }
 26 | #ds_tab_contents button {
 27 |   margin: -1em 0em;
 28 | }
 29 | 
 30 | #ds_tabs .item i.on{
 31 |     display: none;
 32 | }
 33 | #ds_tabs .item i.off{
 34 |     display: inherit;
 35 | }
 36 | 
 37 | #ds_tabs .active.item i.on{
 38 |     display: inherit;
 39 | }
 40 | #ds_tabs .active.item i.off{
 41 |     display: none;
 42 | }
 43 | #ds_tabs .tablabel {
 44 |   cursor: pointer;
 45 | }
 46 | #ds_tabs button {
 47 |   margin: .666em;
 48 | }
 49 | #ds_tabs .active.item .tablabel{
 50 |   font-weight: 700;
 51 | }
 52 | #ds_tabs .active.item .tablabel:after{
 53 |     content: " (default)";
 54 |     display: inline;
 55 | }
 56 | #ds_tabs td {
 57 |   padding: 0;
 58 | }
 59 | 
 60 | .datasources .four.wide.column {
 61 |     padding-right: 0em;
 62 | }
 63 | .datasources .twelve.wide.column {
 64 |     padding-left: 0em;
 65 | }
 66 | 
 67 | .ui.modal .form {
 68 |     margin-left: 1em;
 69 | }
 70 | 
 71 | /* excluded features */
 72 | .disabled.item {
 73 |     color: rgba(0, 0, 0, 0.4);
 74 | }
 75 | 
 76 | .ui.footer.segment {
 77 |     margin: 5em 0em 0em;
 78 |     padding: 5em 0em;
 79 | }
 80 | 
 81 | div.ui.message.transition {
 82 |     position: fixed;
 83 |     bottom: 10px;
 84 |     right: 10px;
 85 |     z-index: 10;
 86 | }
 87 | 
 88 | div.ui.inverted.footer.segment {
 89 |   background: #142230;
 90 | }
 91 | 
 92 | .meta_del h4{
 93 |   margin-top: 2em;
 94 |   margin-bottom: 0.5em;
 95 | }
 96 | 
 97 | input {
 98 |   background: #F2F4F5 !important;
 99 | }
100 | 
101 | div.group {
102 |   display: inline;
103 |   margin: 0;
104 |   border: 0;
105 |   padding: 0;
106 | }


--------------------------------------------------------------------------------
/sam/static/css/map.css:
--------------------------------------------------------------------------------
  1 | body, html {
  2 |     width: 100%;
  3 |     height: 100%;
  4 |     margin: 0;
  5 | }
  6 | 
  7 | #navbar {
  8 |   border-radius: 0;
  9 |   background-color: #142230;
 10 | }
 11 | 
 12 | #output {
 13 |     position: absolute;
 14 |     bottom: 0;
 15 |     width: 100%;
 16 |     padding: 0;
 17 | }
 18 | 
 19 | #canvas {
 20 |     position: absolute;
 21 |     left: 0;
 22 |     top: 0;
 23 |     width: 100%;
 24 |     height: 100%;
 25 |     z-index: -1;
 26 | }
 27 | 
 28 | #sel_bar {
 29 |     position: absolute;
 30 |     right: 20px;
 31 |     top: 20px;
 32 |     padding: 10px 0 0 0;
 33 |     margin: 0;
 34 |     z-index: 1;
 35 |     min-width: 200px;
 36 |     width: 25%;
 37 |     min-width: 300px;
 38 |     border-radius: 4px;
 39 |     box-shadow: rgba(34, 36, 38, 0.15) 0px 1px 2px 0px;
 40 |     box-sizing: border-box;
 41 |     display: block;
 42 |     border: 1px solid rgba(0, 0, 0, 0.1);
 43 |     background-color: white;
 44 |     overflow-y: hidden;
 45 |     overflow-x: hidden;
 46 | }
 47 | 
 48 | #selectionInfo div.content {
 49 |     max-height: 500px;
 50 |     overflow-y: auto;
 51 | }
 52 | 
 53 | h4 {
 54 |     text-align: center;
 55 |     padding: 0px;
 56 |     margin: 0px;
 57 | }
 58 | h5 {
 59 |     padding: 0em 0em 1em 0em;
 60 |     margin: 0em;
 61 |     text-align: center;
 62 |     font-style: italic;
 63 |     font-weight: normal;
 64 | }
 65 | 
 66 | div.ui.message.transition {
 67 |     position: fixed;
 68 |     bottom: 10px;
 69 |     right: 10px;
 70 | }
 71 | 
 72 | /* settings panel css */
 73 | 
 74 | #time_box p {
 75 |     margin: 0;
 76 | }
 77 | 
 78 | #pulltab {
 79 |   background-color: #2A3F54;
 80 |   box-shadow: inset 2px 0 2px #124;
 81 |   display: inline-block;
 82 |   margin-top: 0.5em;
 83 |   border-radius: 0 0.25em 0.25em 0;
 84 |   z-index: 103;
 85 | }
 86 | 
 87 | #pulltab a {
 88 |   display: inline-block;
 89 |   color: rgba(255,255,255,.9);
 90 |   font-size: 1.5rem;
 91 |   padding: 0.4em 0.0em 0.4em 0em;
 92 | }
 93 | 
 94 | #pulltab a:hover {
 95 | 	background: rgba(255,255,255,.08);
 96 | 	color: #fff;
 97 | }
 98 | 
 99 | #sidebar {
100 |   color: rgba(255,255,255,.9);
101 |   border-radius: 0;
102 | }
103 | 
104 | #sidebar .segment {
105 |   border-radius: 0;
106 |   padding: 0;
107 |   width: 100%;
108 |   height: 100%;
109 |   overflow-y: auto;
110 |   overflow-x: hidden;
111 | }
112 | 
113 | #mapconfig .content {
114 |   padding: 0.5em 0em 0.5em 1.0em;
115 |   background: rgba(255,255,255,0.05);
116 | }
117 | 
118 | #sidebar label {
119 |   margin-top: 1em;
120 |   display: block;
121 |   color: rgba(255,255,255,0.5);
122 | }
123 | 
124 | #mapconfig .title {
125 |   margin: 0.5em 0 0 0;
126 |   border: 1px solid rgba(255,255,255,0.1);
127 |   border-radius: .25em;
128 | }
129 | 
130 | #mapconfig .title:hover {
131 | 	background: rgba(255,255,255,.1);
132 | 	color: #fff;
133 | }
134 | 
135 | #mapconfig .textinput, #time_box {
136 |   margin: 0 0.5em;
137 | }
138 | 
139 | #mapconfig input {
140 |   display: block;
141 | }
142 | 
143 | #sidebar input {
144 |   background-color: #142230;
145 |   color: rgba(255,255,255,0.75);
146 |   margin: 0.2em 0;
147 |   padding: 0.4em;
148 | }
149 | 
150 | #sidebar div.input:focus {
151 |   background-color: #F2F5F7;
152 | }
153 | 
154 | #sidebar .input .label {
155 |   background-color: #8f9ead;
156 |   margin: 0.2em 0;
157 |   padding: 0.4em;
158 |   width: 4em;
159 | }
160 | 
161 | #sidebar div.divider {
162 |   height: 0.5em;
163 | }
164 | 


--------------------------------------------------------------------------------
/sam/static/css/security.css:
--------------------------------------------------------------------------------
  1 | .severe1 {
  2 |     color: #AACCFF;
  3 | }
  4 | .severe2 {
  5 |     color: #AADDDD;
  6 | }
  7 | .severe3 {
  8 |     color: #8BD8AA;
  9 | }
 10 | .severe4 {
 11 |     color: #99CC88;
 12 | }
 13 | .severe5 {
 14 |     color: #ADA463;
 15 | }
 16 | .severe6 {
 17 |     color: #D27D3F;
 18 | }
 19 | .severe7 {
 20 |     color: #F7551A;
 21 | }
 22 | .severe8 {
 23 |     color: #FF0000;
 24 | }
 25 | 
 26 | .alertfilter label{
 27 |     display: block;
 28 | }
 29 | 
 30 | .alertfilter div{
 31 |     display: block;
 32 | }
 33 | 
 34 | .alertfilter {
 35 |     display: inline-block;
 36 |     margin-right: 1em;
 37 | }
 38 | 
 39 | .scrollbox {
 40 |     margin-top: 1em;
 41 |     max-height: 20em;
 42 |     overflow-y: scroll;
 43 |     border-top: 1px solid rgba(0, 0, 0, 0.1);
 44 |     border-bottom: 1px solid rgba(0, 0, 0, 0.1);
 45 | }
 46 | 
 47 | #alert_details h3{
 48 |     display: inline;
 49 | }
 50 | 
 51 | #alert_details_desc {
 52 |     margin-top: 1.0em;
 53 | }
 54 | 
 55 | .rail .sticky {
 56 |   padding-top: 14px;
 57 | }
 58 | 
 59 | .segment .ui.grid {
 60 |   margin-top: 1em;
 61 |   margin-bottom: 1em;
 62 | }
 63 | 
 64 | #slider-date {
 65 |   margin-bottom: 2em;
 66 | }
 67 | 
 68 | #slider-date.noUi-horizontal {
 69 | 	height: 9px;
 70 | }
 71 | #slider-date.noUi-horizontal .noUi-handle {
 72 | 	width: 18px;
 73 | 	height: 28px;
 74 | 	left: -9px;
 75 | 	top: -6px;
 76 | }
 77 | #slider-date.noUi-vertical {
 78 | 	width: 18px;
 79 | }
 80 | #slider-date.noUi-vertical .noUi-handle {
 81 | 	width: 28px;
 82 | 	height: 34px;
 83 | 	left: -6px;
 84 | 	top: -17px;
 85 | }
 86 | 
 87 | /* Handle stripes;
 88 |  */
 89 | #slider-date .noUi-handle:before,
 90 | #slider-date .noUi-handle:after {
 91 | 	height: 14px;
 92 | 	width: 1px;
 93 | 	left: 6px;
 94 | 	top: 6px;
 95 | }
 96 | #slider-date .noUi-handle:after {
 97 | 	left: 10px;
 98 | }
 99 | #slider-date.noUi-vertical .noUi-handle:before,
100 | #slider-date.noUi-vertical .noUi-handle:after {
101 | 	width: 14px;
102 | 	height: 1px;
103 | 	left: 6px;
104 | 	top: 14px;
105 | }
106 | #slider-date.noUi-vertical .noUi-handle:after {
107 | 	top: 17px;
108 | }
109 | 
110 | .ad_active, .ad_inactive {
111 |   width: 5em;
112 | }
113 | 
114 | #ad_active label {
115 |   display: inline-block;
116 | }
117 | 
118 | #ad_active .ad_active {
119 |   display: none;
120 | }
121 | #ad_active .ad_inactive {
122 |   display: inline-block;
123 | }
124 | #ad_active.checked .ad_active {
125 |   display: inline-block;
126 | }
127 | #ad_active.checked .ad_inactive {
128 |   display: none;
129 | }
130 | 
131 | .ui.three.tiny.statistics {
132 |   margin-bottom: -1em;
133 | }
134 | 
135 | #ad_table_body .inverted.grey.button {
136 |   color: #888;
137 | }


--------------------------------------------------------------------------------
/sam/static/css/table.css:
--------------------------------------------------------------------------------
 1 | #filters label.inline {
 2 |   display: inline;
 3 | }
 4 | 
 5 | .hspacer {
 6 |   display: inline-block;
 7 |   width: 5em;
 8 | }
 9 | 
10 | #filters .dropdown.icon {
11 |     margin:  -0.7857em;
12 |     padding: 0.4857em;
13 | }
14 | 
15 | #filters .input input {
16 |     margin:  0.35em 0.5em 0.35em 0.5em;
17 |     padding: 0.3em  2.1em 0.3em  0.5em;
18 |     min-height: 2em;
19 | }
20 | 
21 | #filters .selection.dropdown {
22 |     margin:  0.35em 0.5em 0.35em 0.5em;
23 |     padding: 0.3em  2.1em 0.3em  1em;
24 |     min-height: 2em;
25 | }
26 | 
27 | #filters .multiple.selection.dropdown {
28 |     margin:  0.35em 0.5em 0.35em 0.5em;
29 |     padding: 0.1em  2.1em 0.1em  0.2em;
30 |     min-height: 2em;
31 | }
32 | 
33 | #filters .multiple.search .dropdown.icon {
34 |     margin:  -0.7857em;
35 |     padding: 0.7857em;
36 | }
37 | 
38 | div.ui.message.transition {
39 |     position: fixed;
40 |     bottom: 10px;
41 |     right: 10px;
42 | }


--------------------------------------------------------------------------------
/sam/static/css/timerange.css:
--------------------------------------------------------------------------------
 1 | .slider-box {
 2 |     overflow-x: hidden;
 3 |     overflow-y: hidden;
 4 |     height: 4.0em;
 5 |     padding: 0 1.2em;
 6 | }
 7 | .slider-box > div {
 8 |     margin-top: 0.5em;
 9 | }
10 | 


--------------------------------------------------------------------------------
/sam/static/img/logo_dark.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/riolet/SAM/3e372dbf533cf9a08fd5674017a212af16e0224a/sam/static/img/logo_dark.png


--------------------------------------------------------------------------------
/sam/static/img/logo_light.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/riolet/SAM/3e372dbf533cf9a08fd5674017a212af16e0224a/sam/static/img/logo_light.png


--------------------------------------------------------------------------------
/sam/static/js/liveUpdate.js:
--------------------------------------------------------------------------------
 1 | // Timing variables
 2 | var MILLIS_PER_SEC = 1000;
 3 | var updateTimer = null;
 4 | 
 5 | //Turn autoupdate on or off based on config setting.
 6 | function setAutoUpdate() {
 7 |   if (controller.autorefresh == true && updateTimer === null) { //timer is not running
 8 |     updateTimer = window.setInterval(updateCall,Math.abs(MILLIS_PER_SEC * controller.autorefresh_period));
 9 |   } else if (controller.autorefresh == false && updateTimer !== null) { //timer has been turned off
10 |     window.clearInterval(updateTimer);
11 |     updateTimer = null;
12 |   }
13 | }
14 | 
15 | function updateTimeConfig(newRange) {
16 |   "use strict";
17 |   let stickyStart = config.tstart === config.tmin;
18 |   let stickyEnd = config.tend === config.tmax;
19 |   if (newRange.min == newRange.max) {
20 |     //if the newRange is zero, decrease the min by 5 minutes to indicate a range.
21 |     //  and since there's only 5 minutes, set the start/end to match.
22 |     config.tmin = newRange.min - 300;
23 |     config.tmax = newRange.max;
24 |     config.tstart = config.tmax - 300;
25 |     config.tend = config.tmax;
26 |   } else {
27 |     //newRange is at least 5 minutes
28 |     // should anything stick, or is the range different?
29 |     let sticky = config.tmin === newRange.min || config.tmax === newRange.max;
30 |     config.tmin = newRange.min;
31 |     config.tmax = newRange.max;
32 |     if (sticky && stickyEnd) {
33 |       config.tend = config.tmax;
34 |     } else if (config.tend < config.tmin + 300 || config.tend > config.tmax) {
35 |       config.tend = config.tmax;
36 |     }
37 |     if (sticky && stickyStart) {
38 |       config.tstart = config.tmin;
39 |     } else if (config.tstart < config.tmin || config.tstart > config.tmax - 300) {
40 |       config.tstart = config.tend - 300;
41 |     }
42 |   }
43 |   //console.log("config time:", config.tmin % 10000, "<=", config.tstart % 10000, "<=", config.tend % 10000, "<=", config.tmax % 10000);
44 | }
45 | 
46 | 
47 | //The actual json calls that are executed when the update triggers
48 | function updateCall() {
49 |   //get time range,
50 |   controller.GET_timerange(controller.dsid, function (range) {
51 |     // TODO: some redundant code here, with the default callback for GET_timerange...
52 |     updateTimeConfig(range);
53 | 
54 |     slider_init();
55 |     nodes.GET_request(null, null);
56 |   });
57 | }


--------------------------------------------------------------------------------
/sam/static/nouislider/nouislider-dark.css:
--------------------------------------------------------------------------------
  1 | 
  2 | /* Functional styling;
  3 |  * These styles are required for noUiSlider to function.
  4 |  * You don't need to change these rules to apply your design.
  5 |  */
  6 | .noUi-target,
  7 | .noUi-target * {
  8 | -webkit-touch-callout: none;
  9 | -webkit-user-select: none;
 10 | -ms-touch-action: none;
 11 | 	touch-action: none;
 12 | -ms-user-select: none;
 13 | -moz-user-select: none;
 14 | 	user-select: none;
 15 | -moz-box-sizing: border-box;
 16 | 	box-sizing: border-box;
 17 | }
 18 | .noUi-target {
 19 | 	position: relative;
 20 | 	direction: ltr;
 21 | }
 22 | .noUi-base {
 23 | 	width: 100%;
 24 | 	height: 100%;
 25 | 	position: relative;
 26 | 	z-index: 1; /* Fix 401 */
 27 | }
 28 | .noUi-origin {
 29 | 	position: absolute;
 30 | 	right: 0;
 31 | 	top: 0;
 32 | 	left: 0;
 33 | 	bottom: 0;
 34 | }
 35 | .noUi-handle {
 36 | 	position: relative;
 37 | 	z-index: 1;
 38 | }
 39 | .noUi-stacking .noUi-handle {
 40 | /* This class is applied to the lower origin when
 41 |    its values is > 50%. */
 42 | 	z-index: 10;
 43 | }
 44 | .noUi-state-tap .noUi-origin {
 45 | -webkit-transition: left 0.3s, top 0.3s;
 46 | 	transition: left 0.3s, top 0.3s;
 47 | }
 48 | .noUi-state-drag * {
 49 | 	cursor: inherit !important;
 50 | }
 51 | 
 52 | /* Painting and performance;
 53 |  * Browsers can paint handles in their own layer.
 54 |  */
 55 | .noUi-base,
 56 | .noUi-handle {
 57 | 	-webkit-transform: translate3d(0,0,0);
 58 | 	transform: translate3d(0,0,0);
 59 | }
 60 | 
 61 | /* Slider size and handle placement;
 62 |  */
 63 | .noUi-horizontal {
 64 | 	height: 9px;
 65 | }
 66 | .noUi-horizontal .noUi-handle {
 67 | 	width: 18px;
 68 | 	height: 28px;
 69 | 	left: -9px;
 70 | 	top: -6px;
 71 | }
 72 | .noUi-vertical {
 73 | 	width: 18px;
 74 | }
 75 | .noUi-vertical .noUi-handle {
 76 | 	width: 28px;
 77 | 	height: 34px;
 78 | 	left: -6px;
 79 | 	top: -17px;
 80 | }
 81 | 
 82 | /* Styling;
 83 |  */
 84 | .noUi-background {
 85 | 	background: #425668;
 86 | 	box-shadow: inset 0 1px 3px #000, 0 3px 6px -5px #000;
 87 | }
 88 | .noUi-connect {
 89 | 	background: #8099af;
 90 | 	box-shadow: inset 0 0 3px rgba(51,51,51,0.45);
 91 | -webkit-transition: background 450ms;
 92 | 	transition: background 450ms;
 93 | }
 94 | .noUi-origin {
 95 | 	border-radius: 2px;
 96 | }
 97 | .noUi-target {
 98 | 	border-radius: 4px;
 99 | 	border: 0px solid #667f96;
100 | 	box-shadow: inset 0 1px 3px #000, 0 3px 6px -5px #000;
101 | }
102 | .noUi-target.noUi-connect {
103 | 	box-shadow: inset 0 0 3px rgba(51,51,51,0.45), 0 3px 6px -5px #BBB;
104 | }
105 | 
106 | /* Handles and cursors;
107 |  */
108 | .noUi-draggable {
109 | 	cursor: w-resize;
110 | }
111 | .noUi-vertical .noUi-draggable {
112 | 	cursor: n-resize;
113 | }
114 | .noUi-handle {
115 | 	border: 1px solid #8c9dad;
116 | 	border-radius: 3px;
117 | 	background: #c3ced8;
118 | 	cursor: default;
119 | 	box-shadow: inset 0 1px 7px #8c9dad,
120 | 				0 3px 6px -3px #000;
121 | }
122 | .noUi-active {
123 | 	box-shadow: inset 0 1px 7px #8c9dad,
124 | 				0 3px 6px -3px #000;
125 | }
126 | 
127 | /* Handle stripes;
128 |  */
129 | .noUi-handle:before,
130 | .noUi-handle:after {
131 | 	content: "";
132 | 	display: block;
133 | 	position: absolute;
134 | 	height: 14px;
135 | 	width: 1px;
136 | 	background: #8c9dad;
137 | 	left: 6px;
138 | 	top: 6px;
139 | }
140 | .noUi-handle:after {
141 | 	left: 10px;
142 | }
143 | .noUi-vertical .noUi-handle:before,
144 | .noUi-vertical .noUi-handle:after {
145 | 	width: 14px;
146 | 	height: 1px;
147 | 	left: 6px;
148 | 	top: 14px;
149 | }
150 | .noUi-vertical .noUi-handle:after {
151 | 	top: 17px;
152 | }
153 | 
154 | /* Disabled state;
155 |  */
156 | [disabled].noUi-connect,
157 | [disabled] .noUi-connect {
158 | 	background: #B8B8B8;
159 | }
160 | [disabled].noUi-origin,
161 | [disabled] .noUi-handle {
162 | 	cursor: not-allowed;
163 | }
164 | 


--------------------------------------------------------------------------------
/sam/static/nouislider/nouislider.css:
--------------------------------------------------------------------------------
  1 | 
  2 | /* Functional styling;
  3 |  * These styles are required for noUiSlider to function.
  4 |  * You don't need to change these rules to apply your design.
  5 |  */
  6 | .noUi-target,
  7 | .noUi-target * {
  8 | -webkit-touch-callout: none;
  9 | -webkit-user-select: none;
 10 | -ms-touch-action: none;
 11 | 	touch-action: none;
 12 | -ms-user-select: none;
 13 | -moz-user-select: none;
 14 | 	user-select: none;
 15 | -moz-box-sizing: border-box;
 16 | 	box-sizing: border-box;
 17 | }
 18 | .noUi-target {
 19 | 	position: relative;
 20 | 	direction: ltr;
 21 | }
 22 | .noUi-base {
 23 | 	width: 100%;
 24 | 	height: 100%;
 25 | 	position: relative;
 26 | 	z-index: 1; /* Fix 401 */
 27 | }
 28 | .noUi-origin {
 29 | 	position: absolute;
 30 | 	right: 0;
 31 | 	top: 0;
 32 | 	left: 0;
 33 | 	bottom: 0;
 34 | }
 35 | .noUi-handle {
 36 | 	position: relative;
 37 | 	z-index: 1;
 38 | }
 39 | .noUi-stacking .noUi-handle {
 40 | /* This class is applied to the lower origin when
 41 |    its values is > 50%. */
 42 | 	z-index: 10;
 43 | }
 44 | .noUi-state-tap .noUi-origin {
 45 | -webkit-transition: left 0.3s, top 0.3s;
 46 | 	transition: left 0.3s, top 0.3s;
 47 | }
 48 | .noUi-state-drag * {
 49 | 	cursor: inherit !important;
 50 | }
 51 | 
 52 | /* Painting and performance;
 53 |  * Browsers can paint handles in their own layer.
 54 |  */
 55 | .noUi-base,
 56 | .noUi-handle {
 57 | 	-webkit-transform: translate3d(0,0,0);
 58 | 	transform: translate3d(0,0,0);
 59 | }
 60 | 
 61 | /* Slider size and handle placement;
 62 |  */
 63 | .noUi-horizontal {
 64 | 	height: 18px;
 65 | }
 66 | .noUi-horizontal .noUi-handle {
 67 | 	width: 34px;
 68 | 	height: 28px;
 69 | 	left: -17px;
 70 | 	top: -6px;
 71 | }
 72 | .noUi-vertical {
 73 | 	width: 18px;
 74 | }
 75 | .noUi-vertical .noUi-handle {
 76 | 	width: 28px;
 77 | 	height: 34px;
 78 | 	left: -6px;
 79 | 	top: -17px;
 80 | }
 81 | 
 82 | /* Styling;
 83 |  */
 84 | .noUi-background {
 85 | 	background: #FAFAFA;
 86 | 	box-shadow: inset 0 1px 1px #f0f0f0;
 87 | }
 88 | .noUi-connect {
 89 | 	background: #3FB8AF;
 90 | 	box-shadow: inset 0 0 3px rgba(51,51,51,0.45);
 91 | -webkit-transition: background 450ms;
 92 | 	transition: background 450ms;
 93 | }
 94 | .noUi-origin {
 95 | 	border-radius: 2px;
 96 | }
 97 | .noUi-target {
 98 | 	border-radius: 4px;
 99 | 	border: 1px solid #D3D3D3;
100 | 	box-shadow: inset 0 1px 1px #F0F0F0, 0 3px 6px -5px #BBB;
101 | }
102 | .noUi-target.noUi-connect {
103 | 	box-shadow: inset 0 0 3px rgba(51,51,51,0.45), 0 3px 6px -5px #BBB;
104 | }
105 | 
106 | /* Handles and cursors;
107 |  */
108 | .noUi-draggable {
109 | 	cursor: w-resize;
110 | }
111 | .noUi-vertical .noUi-draggable {
112 | 	cursor: n-resize;
113 | }
114 | .noUi-handle {
115 | 	border: 1px solid #D9D9D9;
116 | 	border-radius: 3px;
117 | 	background: #FFF;
118 | 	cursor: default;
119 | 	box-shadow: inset 0 0 1px #FFF,
120 | 				inset 0 1px 7px #EBEBEB,
121 | 				0 3px 6px -3px #BBB;
122 | }
123 | .noUi-active {
124 | 	box-shadow: inset 0 0 1px #FFF,
125 | 				inset 0 1px 7px #DDD,
126 | 				0 3px 6px -3px #BBB;
127 | }
128 | 
129 | /* Handle stripes;
130 |  */
131 | .noUi-handle:before,
132 | .noUi-handle:after {
133 | 	content: "";
134 | 	display: block;
135 | 	position: absolute;
136 | 	height: 14px;
137 | 	width: 1px;
138 | 	background: #E8E7E6;
139 | 	left: 14px;
140 | 	top: 6px;
141 | }
142 | .noUi-handle:after {
143 | 	left: 17px;
144 | }
145 | .noUi-vertical .noUi-handle:before,
146 | .noUi-vertical .noUi-handle:after {
147 | 	width: 14px;
148 | 	height: 1px;
149 | 	left: 6px;
150 | 	top: 14px;
151 | }
152 | .noUi-vertical .noUi-handle:after {
153 | 	top: 17px;
154 | }
155 | 
156 | /* Disabled state;
157 |  */
158 | [disabled].noUi-connect,
159 | [disabled] .noUi-connect {
160 | 	background: #B8B8B8;
161 | }
162 | [disabled].noUi-origin,
163 | [disabled] .noUi-handle {
164 | 	cursor: not-allowed;
165 | }
166 | 


--------------------------------------------------------------------------------
/sam/static/nouislider/nouislider.pips.css:
--------------------------------------------------------------------------------
 1 | 
 2 | /* Base;
 3 |  *
 4 |  */
 5 | .noUi-pips,
 6 | .noUi-pips * {
 7 | -moz-box-sizing: border-box;
 8 | 	box-sizing: border-box;
 9 | }
10 | .noUi-pips {
11 | 	position: absolute;
12 | 	color: #999;
13 | }
14 | 
15 | /* Values;
16 |  *
17 |  */
18 | .noUi-value {
19 | 	position: absolute;
20 | 	text-align: center;
21 | }
22 | .noUi-value-sub {
23 | 	color: #ccc;
24 | 	font-size: 10px;
25 | }
26 | 
27 | /* Markings;
28 |  *
29 |  */
30 | .noUi-marker {
31 | 	position: absolute;
32 | 	background: #CCC;
33 | }
34 | .noUi-marker-sub {
35 | 	background: #AAA;
36 | }
37 | .noUi-marker-large {
38 | 	background: #AAA;
39 | }
40 | 
41 | /* Horizontal layout;
42 |  *
43 |  */
44 | .noUi-pips-horizontal {
45 | 	padding: 10px 0;
46 | 	height: 80px;
47 | 	top: 100%;
48 | 	left: 0;
49 | 	width: 100%;
50 | }
51 | .noUi-value-horizontal {
52 | 	-webkit-transform: translate3d(-50%,50%,0);
53 | 	transform: translate3d(-50%,50%,0);
54 | }
55 | 
56 | .noUi-marker-horizontal.noUi-marker {
57 | 	margin-left: -1px;
58 | 	width: 2px;
59 | 	height: 5px;
60 | }
61 | .noUi-marker-horizontal.noUi-marker-sub {
62 | 	height: 10px;
63 | }
64 | .noUi-marker-horizontal.noUi-marker-large {
65 | 	height: 15px;
66 | }
67 | 
68 | /* Vertical layout;
69 |  *
70 |  */
71 | .noUi-pips-vertical {
72 | 	padding: 0 10px;
73 | 	height: 100%;
74 | 	top: 0;
75 | 	left: 100%;
76 | }
77 | .noUi-value-vertical {
78 | 	-webkit-transform: translate3d(0,-50%,0);
79 | 	transform: translate3d(0,-50%,0);
80 | 	padding-left: 25px;
81 | }
82 | 
83 | .noUi-marker-vertical.noUi-marker {
84 | 	width: 5px;
85 | 	height: 2px;
86 | 	margin-top: -1px;
87 | }
88 | .noUi-marker-vertical.noUi-marker-sub {
89 | 	width: 10px;
90 | }
91 | .noUi-marker-vertical.noUi-marker-large {
92 | 	width: 15px;
93 | }
94 | 


--------------------------------------------------------------------------------
/sam/static/semantic/LICENSE:
--------------------------------------------------------------------------------
 1 | The MIT License (MIT)
 2 | 
 3 | Copyright (c) 2015 Semantic Org
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 | 
23 | 


--------------------------------------------------------------------------------
/sam/static/semantic/themes/default/assets/fonts/icons.eot:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/riolet/SAM/3e372dbf533cf9a08fd5674017a212af16e0224a/sam/static/semantic/themes/default/assets/fonts/icons.eot


--------------------------------------------------------------------------------
/sam/static/semantic/themes/default/assets/fonts/icons.otf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/riolet/SAM/3e372dbf533cf9a08fd5674017a212af16e0224a/sam/static/semantic/themes/default/assets/fonts/icons.otf


--------------------------------------------------------------------------------
/sam/static/semantic/themes/default/assets/fonts/icons.ttf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/riolet/SAM/3e372dbf533cf9a08fd5674017a212af16e0224a/sam/static/semantic/themes/default/assets/fonts/icons.ttf


--------------------------------------------------------------------------------
/sam/static/semantic/themes/default/assets/fonts/icons.woff:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/riolet/SAM/3e372dbf533cf9a08fd5674017a212af16e0224a/sam/static/semantic/themes/default/assets/fonts/icons.woff


--------------------------------------------------------------------------------
/sam/static/semantic/themes/default/assets/fonts/icons.woff2:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/riolet/SAM/3e372dbf533cf9a08fd5674017a212af16e0224a/sam/static/semantic/themes/default/assets/fonts/icons.woff2


--------------------------------------------------------------------------------
/sam/static/semantic/themes/default/assets/images/flags.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/riolet/SAM/3e372dbf533cf9a08fd5674017a212af16e0224a/sam/static/semantic/themes/default/assets/images/flags.png


--------------------------------------------------------------------------------
/sam/templates/_head.html:
--------------------------------------------------------------------------------
 1 | $def with (title, lang, stylesheets=[], scripts=[])
 2 | <!DOCTYPE html>
 3 | <html lang="$lang">
 4 | <head>
 5 |     <meta charset="utf-8"/>
 6 |     <link type="text/css" rel="stylesheet" href="/static/semantic/semantic.css">
 7 |     $for sheet in stylesheets:
 8 |         <link type="text/css" rel="stylesheet" href="$sheet">
 9 |     <script src="/static/js/jquery-3.1.0.min.js"></script>
10 |     <script src="/static/semantic/semantic.js"></script>
11 |     <script src="/static/js/local/$(lang).js"></script>
12 |     $for script in scripts:
13 |         <script src="$script"></script>
14 |     <title>$title</title>
15 | </head>
16 | <body>
17 | 


--------------------------------------------------------------------------------
/sam/templates/_tail.html:
--------------------------------------------------------------------------------
 1 | <script type="text/javascript">
 2 | window.onload = function () {
 3 |     //enable header dropdown
 4 |     $$(document.getElementById("support_menu")).dropdown({
 5 |       on: 'hover'
 6 |     });
 7 | 
 8 |     if (typeof(init) === "function") {
 9 |         init();
10 |     }
11 | };
12 | </script>
13 | </body>
14 | </html>


--------------------------------------------------------------------------------
/sam/templates/en/_footer.html:
--------------------------------------------------------------------------------
 1 | $def with (lang_links)
 2 | <div id="footer" class="ui inverted vertical footer segment">
 3 |   <div class="ui center aligned container">
 4 |     <div class="ui stackable inverted divided grid">
 5 |       <div class="eight wide column">
 6 |         <p>SAM is an open source project licensed under the <a href="https://github.com/riolet/SAM/blob/master/LICENSE">GPL</a></p>
 7 |         <p>Copyright &copy; 2017.</p>
 8 |         <p>
 9 |         $for lang, link in lang_links.iteritems():
10 |           <a class="langlink" href="$link">$lang</a>
11 |         </p>
12 |       </div>
13 |       <div class="eight wide column">
14 |         <img src="/static/img/logo_dark.png" class="ui centered image" width="80px" height="80px">
15 |       </div>
16 |     </div>
17 |   </div>
18 | </div>


--------------------------------------------------------------------------------
/sam/templates/en/_header.html:
--------------------------------------------------------------------------------
 1 | $def with (menuItems, selected, user, debug, path, login, language)
 2 | <div class="ui inverted main menu" id="navbar">
 3 |     <div class="header item">
 4 |         <a id="link_home" href="/"><img class="logo ui middle aligned spaced image" width="32px" height="32px" src="/static/img/logo_light.png">Systems Architecture Mapper</a>
 5 |     </div>
 6 |     $for menuItem in menuItems:
 7 |         $ active = ''
 8 |         $if menuItem['name']==selected:
 9 |             $ active = 'active'
10 |         $if user.any_group(set(menuItem['group'].split())):
11 |             <a class="navlink item $active" href="$menuItem['link']">
12 |                 <i class="$menuItem['icon'] icon"></i>
13 |                 $menuItem['name']
14 |             </a>
15 |     <div class="ui simple float right item">
16 |         <a class="langlink" href="$language[1]">$language[0]</a>
17 |     $if login['active']:
18 |         $if user.logged_in:
19 |             <div class="ui simple dropdown item">
20 |                 <i class="user icon"></i>
21 |                 $if user.name:
22 |                     $user.name
23 |                 $else:
24 |                     $user.email
25 |                 <i class="dropdown icon"></i>
26 |                 <div class="menu">
27 |                     <a class="item" href="$login['logout_url']">Log out</a>
28 |                 </div>
29 |             </div>
30 |         $else:
31 |             <a class="right floated item $active" href="$login['login_url']">
32 |                 <i class="user icon"></i>
33 |                 Log in
34 |             </a>
35 |     </div>
36 | </div>


--------------------------------------------------------------------------------
/sam/templates/en/login.html:
--------------------------------------------------------------------------------
 1 | $def with (login_path, server_errors=None)
 2 | <style>
 3 | body > .grid {
 4 |   height: 100%;
 5 | }
 6 | .header .image {
 7 |   margin-top: -100px;
 8 | }
 9 | .column {
10 |   max-width: 450px;
11 | }
12 | .footer {
13 |   position: absolute;
14 |   bottom: 0px;
15 |   width: 100%;
16 |   z-order: -1;
17 | }
18 | </style>
19 | <script>
20 |   let server_errors = [
21 |     $for error in server_errors or []:
22 |       "$error",
23 |   ];
24 | 
25 |   $$(document)
26 |   .ready(function() {
27 |     $$('.ui.form').form();
28 |     if (server_errors && server_errors.length > 0) {
29 |       $$('.form').form('add errors', server_errors)
30 |     }
31 |   });
32 | </script>
33 | <div class="ui middle aligned center aligned grid">
34 |   <div class="column">
35 |     <h2 class="ui teal image header">
36 |       <img src="/static/img/logo_dark.png" class="image">
37 |       <div class="content">
38 |         System Architecture Mapper
39 |       </div>
40 |     </h2>
41 |     <form class="ui large attached form" method="POST" action="$login_path">
42 |       <div class="ui stacked segment">
43 |         <p>Authorization Required</p>
44 |         <div class="field">
45 |           <div class="ui left icon input">
46 |             <i class="user icon"></i>
47 |             <input type="text" name="user" placeholder="User">
48 |           </div>
49 |         </div>
50 |         <div class="field">
51 |           <div class="ui left icon input">
52 |             <i class="lock icon"></i>
53 |             <input type="password" name="password" placeholder="Password">
54 |           </div>
55 |         </div>
56 |         <!--
57 |         <div class="field">
58 |           <div class="ui checkbox">
59 |             <input id="remember_me" type="checkbox" name="remember" value="True">
60 |             <label for="remember_me">Remember me</label>
61 |           </div>
62 |         </div>
63 |         -->
64 |         <div class="ui fluid large teal submit button">Login</div>
65 |       </div>
66 |       <div class="ui error message"></div>
67 |     </form>
68 |   </div>
69 | </div>


--------------------------------------------------------------------------------
/sam/templates/en/stats.html:
--------------------------------------------------------------------------------
 1 | $def with (segments)
 2 | $# "$def with (arg1, ...)" MUST be the first line. See template.py for details
 3 | <div class="ui container">
 4 |   <h1 class="ui center aligned header">Usage Stats</h1>
 5 |   $for segment, stats in segments:
 6 |   <div class="ui stacked segment">
 7 |     <h3 class="header">$segment</h3>
 8 |     <table class="ui very compact collapsing striped definition table">
 9 |       <tbody>
10 |       $for k, v in stats:
11 |         <tr>
12 |           <td>$k</td>
13 |           <td>$v</td>
14 |         </tr>
15 |       </tbody>
16 |     </table>
17 |   </div>
18 | </div>
19 | 
20 | <!-- Demo data warning -->
21 | <div id="demo_msg" class="ui message transition hidden">
22 |   <i class="close icon"></i>
23 |   <div class="header">
24 |     Demonstration
25 |   </div>
26 |   <p>This is a subset of real network data, anonymized for privacy. The database is read-only and changes will not be saved.</p>
27 | </div>
28 | 
29 | <script type="text/javascript">
30 | function init() {
31 |   console.log("init called");
32 |   // for "demo data" message box
33 |   if (window.location.pathname.substr(1,4) === "demo") {
34 |     let msgbox = document.getElementById("demo_msg");
35 |     $$(msgbox).transition("fade");
36 |   }
37 | }
38 | </script>


--------------------------------------------------------------------------------
/sam/templates/fr/_footer.html:
--------------------------------------------------------------------------------
 1 | $def with (lang_links)
 2 | <div id="footer" class="ui inverted vertical footer segment">
 3 |   <div class="ui center aligned container">
 4 |     <div class="ui stackable inverted divided grid">
 5 |       <div class="eight wide column">
 6 |         <p>SAM is an open source project licensed under the <a href="https://github.com/riolet/SAM/blob/master/LICENSE">GPL</a></p>
 7 |         <p>Copyright &copy; 2017.</p>
 8 |         <p>
 9 |         $for lang, link in lang_links.iteritems():
10 |           <a class="langlink" href="$link">$lang</a>
11 |         </p>
12 |       </div>
13 |       <div class="eight wide column">
14 |         <img src="/static/img/logo_dark.png" class="ui centered image" width="80px" height="80px">
15 |       </div>
16 |     </div>
17 |   </div>
18 | </div>


--------------------------------------------------------------------------------
/sam/templates/fr/_header.html:
--------------------------------------------------------------------------------
 1 | $def with (menuItems, selected, user, debug, path, login, language)
 2 | <div class="ui inverted main menu" id="navbar">
 3 |     <div class="header item">
 4 |         <a id="link_home" href="/"><img class="logo ui middle aligned spaced image" width="32px" height="32px" src="/static/img/logo_light.png">Systems Architecture Mapper</a>
 5 |     </div>
 6 |     $for menuItem in menuItems:
 7 |         $ active = ''
 8 |         $if menuItem['name']==selected:
 9 |             $ active = 'active'
10 |         $if user.any_group(set(menuItem['group'].split())):
11 |             <a class="navlink item $active" href="$menuItem['link']">
12 |                 <i class="$menuItem['icon'] icon"></i>
13 |                 $menuItem['name']
14 |             </a>
15 |     <div class="ui simple float right item">
16 |         <a class="langlink" href="$language[1]">$language[0]</a>
17 |     $if login['active']:
18 |         $if user.logged_in:
19 |             <div class="ui simple dropdown item">
20 |                 <i class="user icon"></i>
21 |                 $if user.name:
22 |                     $user.name
23 |                 $else:
24 |                     $user.email
25 |                 <i class="dropdown icon"></i>
26 |                 <div class="menu">
27 |                     <a class="item" href="$login['logout_url']">Log out</a>
28 |                 </div>
29 |             </div>
30 |         $else:
31 |             <a class="right floated item $active" href="$login['login_url']">
32 |                 <i class="user icon"></i>
33 |                 Log in
34 |             </a>
35 |     </div>
36 | </div>


--------------------------------------------------------------------------------
/sam/templates/fr/login.html:
--------------------------------------------------------------------------------
 1 | $def with (login_path, server_errors=None)
 2 | <style>
 3 | body > .grid {
 4 |   height: 100%;
 5 | }
 6 | .header .image {
 7 |   margin-top: -100px;
 8 | }
 9 | .column {
10 |   max-width: 450px;
11 | }
12 | .footer {
13 |   position: absolute;
14 |   bottom: 0px;
15 |   width: 100%;
16 |   z-order: -1;
17 | }
18 | </style>
19 | <script>
20 |   let server_errors = [
21 |     $for error in server_errors or []:
22 |       "$error",
23 |   ];
24 | 
25 |   $$(document)
26 |   .ready(function() {
27 |     $$('.ui.form').form();
28 |     if (server_errors && server_errors.length > 0) {
29 |       $$('.form').form('add errors', server_errors)
30 |     }
31 |   });
32 | </script>
33 | <div class="ui middle aligned center aligned grid">
34 |   <div class="column">
35 |     <h2 class="ui teal image header">
36 |       <img src="/static/img/logo_dark.png" class="image">
37 |       <div class="content">
38 |         System Architecture Mapper
39 |       </div>
40 |     </h2>
41 |     <form class="ui large attached form" method="POST" action="$login_path">
42 |       <div class="ui stacked segment">
43 |         <p>Authorization Required</p>
44 |         <div class="field">
45 |           <div class="ui left icon input">
46 |             <i class="user icon"></i>
47 |             <input type="text" name="user" placeholder="User">
48 |           </div>
49 |         </div>
50 |         <div class="field">
51 |           <div class="ui left icon input">
52 |             <i class="lock icon"></i>
53 |             <input type="password" name="password" placeholder="Password">
54 |           </div>
55 |         </div>
56 |         <!--
57 |         <div class="field">
58 |           <div class="ui checkbox">
59 |             <input id="remember_me" type="checkbox" name="remember" value="True">
60 |             <label for="remember_me">Remember me</label>
61 |           </div>
62 |         </div>
63 |         -->
64 |         <div class="ui fluid large teal submit button">Login</div>
65 |       </div>
66 |       <div class="ui error message"></div>
67 |     </form>
68 |   </div>
69 | </div>


--------------------------------------------------------------------------------
/sam/templates/fr/stats.html:
--------------------------------------------------------------------------------
 1 | $def with (segments)
 2 | $# "$def with (arg1, ...)" MUST be the first line. See template.py for details
 3 | <div class="ui container">
 4 |   <h1 class="ui center aligned header">Usage Stats</h1>
 5 |   $for segment, stats in segments:
 6 |   <div class="ui stacked segment">
 7 |     <h3 class="header">$segment</h3>
 8 |     <table class="ui very compact collapsing striped definition table">
 9 |       <tbody>
10 |       $for k, v in stats:
11 |         <tr>
12 |           <td>$k</td>
13 |           <td>$v</td>
14 |         </tr>
15 |       </tbody>
16 |     </table>
17 |   </div>
18 | </div>
19 | 
20 | <!-- Demo data warning -->
21 | <div id="demo_msg" class="ui message transition hidden">
22 |   <i class="close icon"></i>
23 |   <div class="header">
24 |     Demonstration
25 |   </div>
26 |   <p>This is a subset of real network data, anonymized for privacy. The database is read-only and changes will not be saved.</p>
27 | </div>
28 | 
29 | <script type="text/javascript">
30 | function init() {
31 |   console.log("init called");
32 |   // for "demo data" message box
33 |   if (window.location.pathname.substr(1,4) === "demo") {
34 |     let msgbox = document.getElementById("demo_msg");
35 |     $$(msgbox).transition("fade");
36 |   }
37 | }
38 | </script>


--------------------------------------------------------------------------------
/sam/templates/rv/_footer.html:
--------------------------------------------------------------------------------
 1 | $def with (lang_links)
 2 | <div id="footer" class="ui inverted vertical footer segment">
 3 |   <div class="ui center aligned container">
 4 |     <div class="ui stackable inverted divided grid">
 5 |       <div class="eight wide column">
 6 |         <p>MAS si na nepo ecruos tcejorp desnecil rednu eth <a href="https://github.com/riolet/SAM/blob/master/LICENSE">LPG</a></p>
 7 |         <p>thgirypoC &copy; 2017.</p>
 8 |         <p>
 9 |         $for lang, link in lang_links.iteritems():
10 |           <a class="langlink" href="$link">$lang</a>
11 |         </p>
12 |       </div>
13 |       <div class="eight wide column">
14 |         <img src="/static/img/logo_dark.png" class="ui centered image" width="80px" height="80px">
15 |       </div>
16 |     </div>
17 |   </div>
18 | </div>


--------------------------------------------------------------------------------
/sam/templates/rv/_header.html:
--------------------------------------------------------------------------------
 1 | $def with (menuItems, selected, user, debug, path, login, language)
 2 | <div class="ui inverted main menu" id="navbar">
 3 |     <div class="header item">
 4 |         <a id="link_home" href="/"><img class="logo ui middle aligned spaced image" width="32px" height="32px" src="/static/img/logo_light.png">Smetsys Erutcetihcra Reppam</a>
 5 |     </div>
 6 |     $for menuItem in menuItems:
 7 |         $ active = ''
 8 |         $if menuItem['name']==selected:
 9 |             $ active = 'active'
10 |         $if user.any_group(set(menuItem['group'].split())):
11 |             <a class="navlink item $active" href="$menuItem['link']">
12 |                 <i class="$menuItem['icon'] icon"></i>
13 |                 $menuItem['name']
14 |             </a>
15 |     <div class="ui simple float right item">
16 |         <a class="langlink" href="$language[1]">$language[0]</a>
17 |     $if login['active']:
18 |         $if user.logged_in:
19 |             <div class="ui simple dropdown item">
20 |                 <i class="user icon"></i>
21 |                 $if user.name:
22 |                     $user.name
23 |                 $else:
24 |                     $user.email
25 |                 <i class="dropdown icon"></i>
26 |                 <div class="menu">
27 |                     <a class="item" href="$login['logout_url']">Log out</a>
28 |                 </div>
29 |             </div>
30 |         $else:
31 |             <a class="right floated item $active" href="$login['login_url']">
32 |                 <i class="user icon"></i>
33 |                 Gol ni
34 |             </a>
35 |     </div>
36 | </div>


--------------------------------------------------------------------------------
/sam/templates/rv/login.html:
--------------------------------------------------------------------------------
 1 | $def with (login_path, server_errors=None)
 2 | <style>
 3 | body > .grid {
 4 |   height: 100%;
 5 | }
 6 | .header .image {
 7 |   margin-top: -100px;
 8 | }
 9 | .column {
10 |   max-width: 450px;
11 | }
12 | .footer {
13 |   position: absolute;
14 |   bottom: 0px;
15 |   width: 100%;
16 |   z-order: -1;
17 | }
18 | </style>
19 | <script>
20 |   let server_errors = [
21 |     $for error in server_errors or []:
22 |       "$error",
23 |   ];
24 | 
25 |   $$(document)
26 |   .ready(function() {
27 |     $$('.ui.form').form();
28 |     if (server_errors && server_errors.length > 0) {
29 |       $$('.form').form('add errors', server_errors)
30 |     }
31 |   });
32 | </script>
33 | <div class="ui middle aligned center aligned grid">
34 |   <div class="column">
35 |     <h2 class="ui teal image header">
36 |       <img src="/static/img/logo_dark.png" class="image">
37 |       <div class="content">
38 |         Metsys Erutcetihcra Reppam
39 |       </div>
40 |     </h2>
41 |     <form class="ui large attached form" method="POST" action="$login_path">
42 |       <div class="ui stacked segment">
43 |         <p>Noitazirohtua Deriuqer</p>
44 |         <div class="field">
45 |           <div class="ui left icon input">
46 |             <i class="user icon"></i>
47 |             <input type="text" name="user" placeholder="Resu">
48 |           </div>
49 |         </div>
50 |         <div class="field">
51 |           <div class="ui left icon input">
52 |             <i class="lock icon"></i>
53 |             <input type="password" name="password" placeholder="Drowssap">
54 |           </div>
55 |         </div>
56 |         <!--
57 |         <div class="field">
58 |           <div class="ui checkbox">
59 |             <input id="remember_me" type="checkbox" name="remember" value="True">
60 |             <label for="remember_me">Remember me</label>
61 |           </div>
62 |         </div>
63 |         -->
64 |         <div class="ui fluid large teal submit button">Nigol</div>
65 |       </div>
66 |       <div class="ui error message"></div>
67 |     </form>
68 |   </div>
69 | </div>


--------------------------------------------------------------------------------
/sam/templates/rv/stats.html:
--------------------------------------------------------------------------------
 1 | $def with (segments)
 2 | $# "$def with (arg1, ...)" MUST be the first line. See template.py for details
 3 | <div class="ui container">
 4 |   <h1 class="ui center aligned header">Egasu Stats</h1>
 5 |   $for segment, stats in segments:
 6 |   <div class="ui stacked segment">
 7 |     <h3 class="header">$segment</h3>
 8 |     <table class="ui very compact collapsing striped definition table">
 9 |       <tbody>
10 |       $for k, v in stats:
11 |         <tr>
12 |           <td>$k</td>
13 |           <td>$v</td>
14 |         </tr>
15 |       </tbody>
16 |     </table>
17 |   </div>
18 | </div>
19 | 
20 | <!-- Demo data warning -->
21 | <div id="demo_msg" class="ui message transition hidden">
22 |   <i class="close icon"></i>
23 |   <div class="header">
24 |     Noitartsnomed
25 |   </div>
26 |   <p>Siht si a tesbus fo laer krowten atad, dezimynona rof ycavirp. Eht esabatad si ylno-daer dna segnahc lliw ton eb devas.</p>
27 | </div>
28 | 
29 | <script type="text/javascript">
30 | function init() {
31 |   console.log("init called");
32 |   // for "demo data" message box
33 |   if (window.location.pathname.substr(1,4) === "demo") {
34 |     let msgbox = document.getElementById("demo_msg");
35 |     $$(msgbox).transition("fade");
36 |   }
37 | }
38 | </script>


--------------------------------------------------------------------------------
/setup.cfg:
--------------------------------------------------------------------------------
1 | [metadata]
2 | description-file = README.md


--------------------------------------------------------------------------------
/setup.py:
--------------------------------------------------------------------------------
 1 | from distutils.core import setup
 2 | from setuptools import find_packages
 3 | 
 4 | setup(
 5 |     name='samapper',
 6 |     version='0.3.2',
 7 |     classifiers=[
 8 |             'Development Status :: 3 - Alpha',
 9 |             'License :: OSI Approved :: GNU General Public License v3 (GPLv3)',
10 |             'Programming Language :: Python :: 2',
11 |             'Programming Language :: Python :: 2.7',
12 |     ],
13 |     packages=find_packages(exclude=['contrib', 'docs', 'tests*']),
14 |     url='https://github.com/riolet/sam',
15 |     license='GPLv3',
16 |     author='Riolet',
17 |     author_email='joe.pelz@gmail.com',
18 |     description='System Architecture Mapping tool',
19 |     long_description='SAM is a tool designed to map a network based on the data log of a router. It runs as a local python-based server and displays the a map and statistics on the browser.',
20 |     install_requires=[
21 |         'MySQL-python>=1.2.5',
22 |         'web.py>=0.38',
23 |         'requests>=2.18',
24 |         'PyYAML>=3.10'
25 |     ],
26 |     package_data={
27 |         'sam': ['default.cfg',
28 |                 'templates/*.html',
29 |                 'templates/**/*.html',
30 |                 'sql/*.sql',
31 |                 'sql/*.json',
32 |                 'static/**/*.js',
33 |                 'static/js/local/*.js',  # not sure why this one is needed in addition to the above, but it is.
34 |                 'static/**/*.css',
35 |                 'static/**/*.png',
36 |                 'static/semantic/themes/default/assets/fonts/*.*',
37 |                 'rule_templates/*.yml',
38 |                 'rule_templates/*.txt'],
39 |         'docs': ['*.md'],
40 |         'spec': ['**/*.py',
41 |                  '**/*.js',
42 |                  '**/*.yml',
43 |                  '**/*.txt',
44 |                  '**/*.sql',
45 |                  '**/*.sql',
46 |                  '**/*.html',
47 |                  'importers/nfcapd_test'
48 |                  ]
49 |     },
50 |     extras_require={
51 |             'dev': ['pytest>=3.2', 'jasmine>=2.8'],
52 |     },
53 |     entry_points={
54 |             'console_scripts': ['samapper = sam.launcher:main'],
55 |     },
56 | )
57 | 


--------------------------------------------------------------------------------
/spec/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/riolet/SAM/3e372dbf533cf9a08fd5674017a212af16e0224a/spec/__init__.py


--------------------------------------------------------------------------------
/spec/browser/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/riolet/SAM/3e372dbf533cf9a08fd5674017a212af16e0224a/spec/browser/__init__.py


--------------------------------------------------------------------------------
/spec/browser/conftest.py:
--------------------------------------------------------------------------------
  1 | """
  2 | This file is for:
  3 | - Establishing a robot browser to test with
  4 | - Populating the demo database with data
  5 | - Starting a webserver to host the site, using the demo database
  6 | """
  7 | import os
  8 | import signal
  9 | import traceback
 10 | import pytest
 11 | import multiprocessing
 12 | import time
 13 | import requests
 14 | from spec.python import db_connection
 15 | from sam import launcher
 16 | from selenium import webdriver
 17 | 
 18 | 
 19 | driver = webdriver.Firefox
 20 | # driver = webdriver.Chrome
 21 | _browser_ = None
 22 | port = "8888"
 23 | host = "http://localhost:{}/".format(port)
 24 | webserver_process = None
 25 | 
 26 | db = db_connection.db
 27 | sub_id = db_connection.default_sub
 28 | ds = db_connection.dsid_default
 29 | ds_live = db_connection.dsid_live
 30 | ds_short = db_connection.dsid_short
 31 | 
 32 | 
 33 | def get_browser():
 34 |     global _browser_, driver
 35 |     if _browser_:
 36 |         return _browser_
 37 |     try:
 38 |         _browser_ = driver()
 39 |     except:
 40 |         print("Cannot load Firefox. Did you install the gecko webdriver?")
 41 |         traceback.print_exc()
 42 | 
 43 |     return _browser_
 44 | 
 45 | 
 46 | def start_test_webserver():
 47 |     global webserver_process
 48 |     argv = ["test_invocation", "--port={}".format(port), "--target=webserver"]
 49 |     environment = {
 50 |         'SAM__ACCESS_CONTROL__ACTIVE': 'FALSE',
 51 |         'SAM__DATABASE__DB': db_connection.TEST_DATABASE_MYSQL
 52 |     }
 53 |     launch_args = (environment, argv)
 54 |     webserver_process = multiprocessing.Process(target=launcher.testing_entrypoint, args=launch_args)
 55 |     webserver_process.start()
 56 | 
 57 | 
 58 | def wait_for_webserver_ready(max_seconds):
 59 |     giveup_time = time.time() + max_seconds
 60 |     response_code = 0
 61 |     while response_code != 200 and time.time() < giveup_time:
 62 |         msg = "pinging webserver..."
 63 |         try:
 64 |             response = requests.request("GET", host + "stats?q=1")
 65 |             response_code = response.status_code
 66 |             msg += "response code: {}".format(response_code)
 67 |         except:
 68 |             msg += "silence"
 69 |         time.sleep(0.25)
 70 |         print(msg)
 71 | 
 72 | 
 73 | def stop_test_webserver():
 74 |     global webserver_process
 75 |     os.kill(webserver_process.pid, signal.SIGINT)
 76 |     webserver_process.join()
 77 | 
 78 | 
 79 | # scope = "module", "function", "session"
 80 | @pytest.fixture(scope="session")
 81 | def browser():
 82 |     # Setup code
 83 |     global _browser_
 84 |     start_test_webserver()
 85 |     wait_for_webserver_ready(3)
 86 |     _browser_ = get_browser()
 87 | 
 88 |     # Run the tests with this instance of the browser
 89 |     yield _browser_
 90 | 
 91 |     # Teardown code
 92 |     _browser_.close()
 93 |     _browser_ = None
 94 |     stop_test_webserver()
 95 | 
 96 | 
 97 | def get_path(browser):
 98 |     path = browser.current_url
 99 |     path = path[len(host):]
100 |     path = path.lstrip("/")
101 |     return path
102 | 
103 | 
104 | def modal_is_visible(modal):
105 |     classes = modal.get_attribute("class").split()
106 | 
107 |     # wait until finished animating
108 |     max_wait = time.time() + 5
109 |     while "animating" in classes and time.time() < max_wait:
110 |         time.sleep(0.3)
111 |         classes = modal.get_attribute("class").split()
112 | 
113 |     return "visible" in classes and \
114 |            "active" in classes and \
115 |            "hidden" not in classes
116 | 
117 | def get_semantic_dropdown_data(dropdown):
118 |     items = dropdown.find_elements_by_class_name("item")
119 |     # Use .get_property("innerText") here instead of .text because the item is hidden
120 |     data_values = [(item.get_attribute("data-value"), item.get_property("innerText")) for item in items]
121 |     return data_values


--------------------------------------------------------------------------------
/spec/browser/manual.py:
--------------------------------------------------------------------------------
 1 | python
 2 | from spec.python import db_connection
 3 | from spec.browser import conftest
 4 | import time, operator
 5 | from selenium import webdriver
 6 | from selenium.webdriver.common.keys import Keys
 7 | from sam.models.datasources import Datasources
 8 | browser = conftest.get_browser()
 9 | host = "http://localhost:8080/"
10 | browser.get(host + "metadata")
11 | 


--------------------------------------------------------------------------------
/spec/browser/test_all_pages.py:
--------------------------------------------------------------------------------
  1 | # coding=utf-8
  2 | """
  3 | Tests:
  4 | 
  5 | The home page at '/' should be the map page.
  6 | The links in the navbar should all direct to real pages with matching titles.
  7 | The main pages should load in all supported languages.
  8 | All the links in the header should work:
  9 |     Home page logo link
 10 |     Main page links
 11 |     Language links (english/french)
 12 | The language switching links in the footer switch languages when clicked, but not switch pages.
 13 | """
 14 | from sam import constants
 15 | from spec.browser import conftest
 16 | from sam.local import en as strings
 17 | 
 18 | 
 19 | def at_stats_page(browser):
 20 |     return browser.current_url.endswith("/stats")
 21 | 
 22 | 
 23 | def ensure_stats_page(browser):
 24 |     if not at_stats_page(browser):
 25 |         browser.get(conftest.host + "stats")
 26 | 
 27 | 
 28 | def test_home_page(browser):
 29 |     """The home page at '/' should be the map page."""
 30 |     browser.get(conftest.host)
 31 |     assert browser.title == strings.map_title
 32 | 
 33 | 
 34 | def test_navbar_pages(browser):
 35 |     """The links in the navbar should all direct to real pages with matching titles."""
 36 |     urls = constants.get_navbar('en')
 37 |     for addr in urls:
 38 |         browser.get(conftest.host + addr['link'])
 39 |         assert browser.title == addr['name']
 40 | 
 41 | 
 42 | def test_languages(browser):
 43 |     """The main pages should load in all supported languages."""
 44 |     for lang in constants.supported_languages:
 45 |         urls = constants.get_navbar(lang)
 46 |         for addr in urls:
 47 |             url = "{}{}{}".format(conftest.host, lang, addr['link'][1:])
 48 |             browser.get(url)
 49 |             assert browser.title == addr['name']
 50 | 
 51 | 
 52 | def test_navbar(browser):
 53 |     """All the links in the header should work:
 54 |         Home page logo link
 55 |         Main page links
 56 |         Language links (english/french)
 57 |     """
 58 |     # Starting state
 59 |     browser.get(conftest.host + "en/stats")
 60 |     assert at_stats_page(browser)
 61 | 
 62 |     # Home page button
 63 |     DOM_logo_link= browser.find_element_by_id("link_home")
 64 |     DOM_logo_link.click()
 65 |     assert browser.title == strings.map_title
 66 | 
 67 |     # Nav links
 68 |     navbar = constants.get_navbar('en')
 69 |     for i in range(len(navbar)):
 70 |         DOM_navbar = browser.find_element_by_id("navbar")
 71 |         DOM_links = DOM_navbar.find_elements_by_class_name("navlink")
 72 |         DOM_links[i].click()
 73 |         assert browser.title == navbar[i]['name']
 74 | 
 75 |     # TODO: Login link (if present)
 76 | 
 77 |     # language link
 78 |     DOM_navbar = browser.find_element_by_id("navbar")
 79 |     DOM_lang = DOM_navbar.find_element_by_class_name("langlink")
 80 |     # We should be in english at this point still
 81 |     assert DOM_lang.text == u'version française'
 82 |     old_path = conftest.get_path(browser)
 83 |     if old_path[0:2] in constants.supported_languages:
 84 |         old_path = old_path[3:]
 85 |     DOM_lang.click()
 86 | 
 87 |     DOM_navbar = browser.find_element_by_id("navbar")
 88 |     DOM_lang = DOM_navbar.find_element_by_class_name("langlink")
 89 |     path = conftest.get_path(browser)
 90 |     assert path == "fr/" + old_path
 91 |     assert DOM_lang.text == u'English version'
 92 |     DOM_lang.click()
 93 | 
 94 |     DOM_navbar = browser.find_element_by_id("navbar")
 95 |     DOM_lang = DOM_navbar.find_element_by_class_name("langlink")
 96 |     path = conftest.get_path(browser)
 97 |     assert path == "en/" + old_path
 98 |     assert DOM_lang.text == u'version française'
 99 | 
100 | 
101 | 
102 | def test_footer_language_links(browser):
103 |     """The language switching links in the footer switch languages when clicked, but not switch pages."""
104 |     # Starting state
105 |     browser.get(conftest.host + "en/stats")
106 |     assert at_stats_page(browser)
107 | 
108 |     # Testing footer language links
109 |     DOM_footer = browser.find_element_by_id("footer")
110 |     DOM_lang = DOM_footer.find_element_by_partial_link_text("rançais")
111 |     old_path = conftest.get_path(browser)
112 |     if old_path[0:2] in constants.supported_languages:
113 |         old_path = old_path[3:]
114 |     DOM_lang.click()
115 | 
116 |     DOM_footer = browser.find_element_by_id("footer")
117 |     DOM_lang = DOM_footer.find_element_by_partial_link_text("nglish")
118 |     path = conftest.get_path(browser)
119 |     assert path == "fr/" + old_path
120 |     DOM_lang.click()
121 | 
122 |     path = conftest.get_path(browser)
123 |     assert path == "en/" + old_path
124 | 


--------------------------------------------------------------------------------
/spec/browser/test_dashboard.py:
--------------------------------------------------------------------------------
 1 | """
 2 | Tests:
 3 | [Security Dashboard]
 4 | clicking refresh
 5 |     will read the existing filters
 6 |     retrieve updated information from the DB
 7 |     and display it in the table
 8 | editing Subnet Filter
 9 |     will normalize the entered value (or enter 0.0.0.0/0)
10 |     will re-get alerts using all filters
11 |     and display it in the table
12 | Editing min severity
13 |     will re-get alerts using all filters
14 |     and display it in the table
15 | Editing timerange
16 |     will normalize the entered value to an accepted value or the last valid value
17 |     will re-get alerts using all filters
18 |     and display it in the table
19 | Delete All
20 |     prompts for confirmation before deleting alerts
21 | Clicking "0 alerts to display"
22 |     should do nothing
23 | Clicking alert
24 |     should display additional details below
25 |     key fields on left, table of metadata on right
26 |     clicking delete button
27 |         should prompt confirmation
28 |         cancel should do nothing
29 |         confirmation should delete the specific individual alert
30 | Pagination
31 |     buttons will be disabled unless appropriate.
32 | 
33 | [Anomaly Detection]
34 |     show section greyed out
35 |     present link to more information
36 | 
37 | [Rules]
38 |     default rules exist
39 | 
40 | 
41 | """
42 | import time
43 | from selenium import webdriver
44 | from selenium.webdriver.common.keys import Keys
45 | from sam.models.nodes import Nodes
46 | from spec.browser import conftest
47 | 
48 | 


--------------------------------------------------------------------------------
/spec/javascripts/helpers/ports.js:
--------------------------------------------------------------------------------
 1 | function get_mock_m_ports() {
 2 |     response = {
 3 |     "443": {
 4 |       "port": 443,
 5 |       "protocols": "UDP,SCTP,TCP",
 6 |       "active": 1,
 7 |       "name": "https",
 8 |       "description": "http protocol over TLS/SSL",
 9 |       "alias_name": null,
10 |       "alias_description": null
11 |     },
12 |     "3268": {
13 |       "port": 3268,
14 |       "protocols": "UDP,TCP",
15 |       "active": 1,
16 |       "name": "msft-gc",
17 |       "description": "Microsoft Global Catalog",
18 |       "alias_name": "other name",
19 |       "alias_description": "other description"
20 |     },
21 |     "7680": {
22 |       "port": 7680,
23 |       "protocols": "UDP,TCP",
24 |       "active": 1,
25 |       "name": "pando-pub",
26 |       "description": "Pando Media Public Distribution",
27 |       "alias_name": '',
28 |       "alias_description": null
29 |     },
30 |     "8081": {
31 |       "port": 8081,
32 |       "protocols": "TCP",
33 |       "active": 0,
34 |       "name": "sunproxyad",
35 |       "description": "Sun Proxy Admin Service",
36 |       "alias_name": null,
37 |       "alias_description": null
38 |     }
39 |     };
40 | 
41 |     //clear any existing data
42 |     ports.ports = [];
43 | 
44 |     ports.private.GET_response(response);
45 | 
46 | //    Object.keys(response).forEach(function (key) {
47 | //        ports.set(Number(key), response[key]);
48 | //    });
49 | }


--------------------------------------------------------------------------------
/spec/javascripts/map_events_spec.js:
--------------------------------------------------------------------------------
 1 | describe("map_events.js file", function () {
 2 |   describe("deselectText", function () {});
 3 |   
 4 |   describe("distanceSquared", function () {
 5 |     it("is accurate", function () {
 6 |       expect(distanceSquared(0, 0, 0, 10)).toEqual(100);
 7 |       expect(distanceSquared(0, 0, 10, 0)).toEqual(100);
 8 |       expect(distanceSquared(0, 10, 0, 0)).toEqual(100);
 9 |       expect(distanceSquared(10, 0, 0, 0)).toEqual(100);
10 |       expect(distanceSquared(3, 4, 6, 8)).toEqual(25);
11 |     });
12 |   });
13 |   describe("contains", function () {
14 |     it("works", function () {
15 |       let n = {abs_x: 50, abs_y: 500, radius: 10}
16 |       expect(contains(n, 10, 10)).toBe(false);
17 |       expect(contains(n, 50, 489)).toBe(false);
18 |       expect(contains(n, 50, 490)).toBe(true);
19 |       expect(contains(n, 50, 510)).toBe(true);
20 |       expect(contains(n, 50, 511)).toBe(false);
21 |       expect(contains(n, 61, 500)).toBe(false);
22 |       expect(contains(n, 60, 500)).toBe(true);
23 |       expect(contains(n, 40, 500)).toBe(true);
24 |       expect(contains(n, 39, 500)).toBe(false);
25 |     });
26 |   });
27 |   
28 |   describe("pick", function () {
29 |     it("works", function () {
30 |       let nodeA = {subnet: 32, abs_x: 20, abs_y: 20, radius: 5}
31 |       let nodeB = {subnet: 32, abs_x: 20, abs_y: 40, radius: 5}
32 |       let nodeC = {subnet: 32, abs_x: 40, abs_y: 20, radius: 5}
33 |       let nodeD = {subnet: 32, abs_x: 40, abs_y: 40, radius: 5}
34 |       renderCollection = [nodeA, nodeB, nodeC, nodeD];
35 |       expect(pick(20, 20, 1)).toBe(nodeA);
36 |       expect(pick(20, 40, 1)).toBe(nodeB);
37 |       expect(pick(40, 40, 1)).toBe(nodeD);
38 |       expect(pick(40, 20, 1)).toBe(nodeC);
39 |       expect(pick(30, 30, 1)).toBeNull();
40 |       
41 |       expect(pick(24, 20, 1)).toBe(nodeA);
42 |       expect(pick(20, 24, 1)).toBe(nodeA);
43 |       expect(pick(24, 24, 1)).toBeNull();
44 |     });
45 | 
46 |     it("skips subnets when zoomed in", function () {
47 |       let nodeA = {subnet: 32, abs_x: 20, abs_y: 20, radius: 5}
48 |       let nodeB = {subnet: 16, abs_x: 20, abs_y: 20, radius: 50}
49 |       renderCollection = [nodeA, nodeB];
50 |       expect(pick(20, 20, 1)).toBe(nodeA);
51 |       expect(pick(20, 26, 1)).toBe(nodeB);
52 |       nodeB = {subnet: 8, abs_x: 20, abs_y: 20, radius: 50}
53 |       renderCollection = [nodeA, nodeB];
54 |       expect(pick(20, 26, 1)).toBe(null);
55 |     });
56 |   });
57 |   
58 |   //these do not lend themselves well to unit testing...
59 |   describe("mouseup", function () {});
60 |   describe("mousemove", function () {});
61 |   describe("wheel", function () {});
62 |   describe("keydown", function () {});
63 |   describe("applyfilter", function () {});
64 |   describe("onfilter", function () {});
65 |   describe("applysearch", function () {});
66 |   describe("onsearch", function () {});
67 |   describe("applyProtocolFilter", function () {});
68 |   describe("onProtocolFilter", function () {});
69 |   describe("onResize", function () {});
70 | });


--------------------------------------------------------------------------------
/spec/javascripts/support/jasmine.yml:
--------------------------------------------------------------------------------
  1 | 
  2 | # src_files
  3 | #
  4 | # Return an array of filepaths relative to src_dir to include before jasmine specs.
  5 | # Default: []
  6 | #
  7 | # EXAMPLE:
  8 | #
  9 | # src_files:
 10 | #   - lib/source1.js
 11 | #   - lib/source2.js
 12 | #   - dist/**/*.js
 13 | #
 14 | src_files:
 15 |   - js/local/en.js
 16 |   - js/jquery-3.1.0.min.js
 17 |   - js/tablesort.js
 18 |   - semantic/semantic.min.js
 19 |   - nouislider/*.min.js
 20 |   - js/timerange.js
 21 |   - js/map.js
 22 |   - js/map_*.js
 23 |   - js/metadata.js
 24 |   - js/liveUpdate.js
 25 |   - js/table_filters.js
 26 | 
 27 | # stylesheets
 28 | #
 29 | # Return an array of stylesheet filepaths relative to src_dir to include before jasmine specs.
 30 | # Default: []
 31 | #
 32 | # EXAMPLE:
 33 | #
 34 | # stylesheets:
 35 | #   - css/style.css
 36 | #   - stylesheets/*.css
 37 | #
 38 | stylesheets:
 39 |   - css/*.css
 40 | #  - semantic/semantic.min.css
 41 | #  - nouislider/nouislider.css
 42 | 
 43 | # helpers
 44 | #
 45 | # Return an array of filepaths relative to spec_dir to include before jasmine specs.
 46 | # Default: ["helpers/**/*.js"]
 47 | #
 48 | # EXAMPLE:
 49 | #
 50 | # helpers:
 51 | #   - helpers/**/*.js
 52 | #
 53 | helpers:
 54 |   - "helpers/**/*.js"
 55 | 
 56 | # spec_files
 57 | #
 58 | # Return an array of filepaths relative to spec_dir to include.
 59 | # Default: ["**/*[sS]pec.js"]
 60 | #
 61 | # EXAMPLE:
 62 | #
 63 | # spec_files:
 64 | #   - **/*[sS]pec.js
 65 | #
 66 | spec_files:
 67 |   - "**/*[Ss]pec.js"
 68 | 
 69 | # src_dir
 70 | #
 71 | # Source directory path. Your src_files must be returned relative to this path. Will use root if left blank.
 72 | # Default: project root
 73 | #
 74 | # EXAMPLE:
 75 | #
 76 | # src_dir: public
 77 | #
 78 | src_dir: sam/static
 79 | 
 80 | # spec_dir
 81 | #
 82 | # Spec directory path. Your spec_files must be returned relative to this path.
 83 | # Default: spec/javascripts
 84 | #
 85 | # EXAMPLE:
 86 | #
 87 | # spec_dir: spec/javascripts
 88 | #
 89 | spec_dir: spec/javascripts
 90 | 
 91 | # stop_spec_on_expectation_failure
 92 | #
 93 | # Stop executing each spec on the first expectation failure.
 94 | # Default: false
 95 | #
 96 | # EXAMPLE:
 97 | #
 98 | # stop_spec_on_expectation_failure: true
 99 | #
100 | stop_spec_on_expectation_failure:
101 | 
102 | # random
103 | #
104 | # Run specs in semi-random order.
105 | # Default: false
106 | #
107 | # EXAMPLE:
108 | #
109 | # random: true
110 | #
111 | random:
112 | 


--------------------------------------------------------------------------------
/spec/javascripts/timerange_spec.js:
--------------------------------------------------------------------------------
 1 | describe("timerange.js file", function () {
 2 |   describe("dateConverter", function () {
 3 |     it("converts to", function () {
 4 |       let converter = dateConverter();
 5 |       expect(converter.to(1.5e9)).toEqual("2017-07-13 19:40");
 6 |     })
 7 |     it("converts from", function () {
 8 |       let converter = dateConverter();
 9 |       expect(converter.from("2017-07-13 19:40")).toEqual(1.5e9);
10 |     })
11 |   });
12 |   
13 |   describe("slider_create", function () {});
14 |   describe("slider_hookup", function () {});
15 |   describe("slider_build", function () {});
16 |   describe("slider_rebuild", function () {});
17 |   describe("slider_update", function () {});
18 | });


--------------------------------------------------------------------------------
/spec/python/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/riolet/SAM/3e372dbf533cf9a08fd5674017a212af16e0224a/spec/python/__init__.py


--------------------------------------------------------------------------------
/spec/python/dummy_content.txt:
--------------------------------------------------------------------------------
1 | this is line 1
2 | this is line
3 | this is
4 | this
5 | 


--------------------------------------------------------------------------------
/spec/python/importers/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/riolet/SAM/3e372dbf533cf9a08fd5674017a212af16e0224a/spec/python/importers/__init__.py


--------------------------------------------------------------------------------
/spec/python/importers/nfcapd_test:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/riolet/SAM/3e372dbf533cf9a08fd5674017a212af16e0224a/spec/python/importers/nfcapd_test


--------------------------------------------------------------------------------
/spec/python/importers/test_import_aws.py:
--------------------------------------------------------------------------------
 1 | from datetime import datetime
 2 | from spec.python import db_connection
 3 | from sam.importers import import_base, import_aws
 4 | 
 5 | sample_log = [
 6 |     "",
 7 |     "todo:use real template 1.2.3.4 5.6.7.8 54417 80 blah blah blah 1504722134.778341 blah"
 8 |     "",
 9 |     "nonsensical entry",
10 |     "",
11 | ]
12 | 
13 | 
14 | def test_class():
15 |     assert import_aws.class_ == import_aws.AWSImporter
16 | 
17 | 
18 | def test_translate():
19 |     pa = import_aws.AWSImporter()
20 | 
21 |     translated_lines = []
22 |     for i, line in enumerate(sample_log):
23 |         d = {}
24 |         r = pa.translate(line, i+1, d)
25 |         if r == 0:
26 |             assert set(d.keys()) == set(import_base.BaseImporter.keys)
27 |             translated_lines.append(d)
28 | 
29 |     assert len(translated_lines) == 1
30 |     assert translated_lines[0] == {
31 |         "src": 16909060,
32 |         "srcport": 54417,
33 |         "dst": 84281096,
34 |         "dstport": 80,
35 |         "timestamp": datetime(2017,9,6,11,22,14,778341),
36 |         "protocol": 'TCP',
37 |         "bytes_sent": '1',
38 |         "bytes_received": '1',
39 |         "packets_sent": '1',
40 |         "packets_received": '1',
41 |         "duration": '1',
42 |     }
43 | 


--------------------------------------------------------------------------------
/spec/python/importers/test_import_tcpdump.py:
--------------------------------------------------------------------------------
 1 | from spec.python import db_connection
 2 | from datetime import datetime
 3 | from sam.importers import import_base, import_tcpdump
 4 | 
 5 | sample_log = [
 6 |     "",
 7 |     """1491525947.515414 STP 802.1d, Config, Flags [none], bridge-id 8000.f8:32:e4:af:0a:a8.8001, length 43""",
 8 |     """1491525947.915376 ARP, Request who-has 192.168.10.106 tell 192.168.10.254, length 46""",
 9 |     """1491525948.268015 IP 192.168.10.113.33060 > 172.217.3.196.443: Flags [P.], seq 256:730, ack 116, win 3818, options [nop,nop,TS val 71847613 ecr 4161606244], length 474""",
10 |     """1491525737.317942 IP 192.168.10.254.1900 > 239.238.237.236.55943: UDP, length 166, other info""",
11 |     """1491525737.317942 IP 192.168.10.254.55943 > 239.255.255.250.1900: UDP, length 449""",
12 |     "",
13 |     "nonsensical entry",
14 |     "",
15 | ]
16 | 
17 | 
18 | def test_class():
19 |     assert import_tcpdump.class_ == import_tcpdump.TCPDumpImporter
20 | 
21 | 
22 | def test_translate():
23 |     tcp = import_tcpdump.TCPDumpImporter()
24 | 
25 |     translated_lines = []
26 |     for i, line in enumerate(sample_log):
27 |         d = {}
28 |         r = tcp.translate(line, i+1, d)
29 |         if r == 0:
30 |             assert set(d.keys()) == set(import_base.BaseImporter.keys)
31 |             translated_lines.append(d)
32 | 
33 |     assert len(translated_lines) == 3
34 |     assert translated_lines[0] == {
35 |         "src": 3232238193,
36 |         "srcport": 33060,
37 |         "dst": 2899903428,
38 |         "dstport": 443,
39 |         "timestamp": datetime(2017, 4, 6, 17, 45, 48, 268015),
40 |         "protocol": 'TCP',
41 |         "bytes_sent": 474,
42 |         "bytes_received": '0',
43 |         "packets_sent": '1',
44 |         "packets_received": '0',
45 |         "duration": '1',
46 |     }
47 |     assert translated_lines[1] == {
48 |         "src": 4025413100,
49 |         "srcport": 55943,
50 |         "dst": 3232238334,
51 |         "dstport": 1900,
52 |         "timestamp": datetime(2017, 4, 6, 17, 42, 17, 317942),
53 |         "protocol": 'UDP',
54 |         "bytes_sent": '0',
55 |         "bytes_received": 166,
56 |         "packets_sent": '0',
57 |         "packets_received": '1',
58 |         "duration": '1',
59 |     }
60 |     assert translated_lines[2] == {
61 |         "src": 3232238334,
62 |         "srcport": 55943,
63 |         "dst": 4026531834,
64 |         "dstport": 1900,
65 |         "timestamp": datetime(2017, 4, 6, 17, 42, 17, 317942),
66 |         "protocol": 'UDP',
67 |         "bytes_sent": 449,
68 |         "bytes_received": '0',
69 |         "packets_sent": '1',
70 |         "packets_received": '0',
71 |         "duration": '1',
72 |     }
73 | 
74 | 


--------------------------------------------------------------------------------
/spec/python/importers/test_import_tshark.py:
--------------------------------------------------------------------------------
 1 | from datetime import datetime
 2 | from spec.python import db_connection
 3 | from sam.importers import import_base, import_tshark
 4 | 
 5 | sample_log = [
 6 |     "",
 7 |     '1@Sep  6, 2017 11:53:24.635436385 PDT@74.125.135.189@443@@192.168.1.7@40548@@TLSv1.2',
 8 |     '2@Sep  6, 2017 11:53:24.635472913 PDT@192.168.1.7@40548@@74.125.135.189@443@@TCP',
 9 |     '3@Sep  6, 2017 11:53:26.177349630 PDT@192.168.1.1@@27979@192.168.1.7@@8787@UDP',
10 |     '4@Sep  6, 2017 11:53:26.177373925 PDT@192.168.1.7,192.168.1.1@@27979@192.168.1.1,192.168.1.7@@8787@ICMP',
11 |     '5@Sep  6, 2017 11:53:26.178094470 PDT@192.168.1.1@@514@192.168.1.7@@5140@Syslog',
12 |     '6@Sep  6, 2017 11:53:26.178103965 PDT@192.168.1.7,192.168.1.1@@514@192.168.1.1,192.168.1.7@@5140@ICMP',
13 |     '7@Sep  6, 2017 11:53:31.210863195 PDT@192.168.1.1@@27979@192.168.1.7@@8787@UDP',
14 |     '8@Sep  6, 2017 11:53:31.210909180 PDT@192.168.1.7,192.168.1.1@@27979@192.168.1.1,192.168.1.7@@8787@ICMP',
15 |     '9@Sep  6, 2017 11:53:31.211638790 PDT@192.168.1.1@@514@192.168.1.7@@5140@Syslog',
16 |     '10@Sep  6, 2017 11:53:31.211670857 PDT@192.168.1.7,192.168.1.1@@514@192.168.1.1,192.168.1.7@@5140@ICMP',
17 |     '11@Sep  6, 2017 11:53:33.316380346 PDT@192.168.1.7@@56863@192.168.10.254@@53@DNS',
18 |     '12@Sep  6, 2017 11:53:33.316421252 PDT@192.168.1.7@@56863@192.168.10.254@@53@DNS',
19 |     '13@Sep  6, 2017 11:53:33.346702736 PDT@192.168.10.254@@53@192.168.1.7@@56863@DNS',
20 |     '14@Sep  6, 2017 11:53:33.349263723 PDT@192.168.10.254@@53@192.168.1.7@@56863@DNS',
21 |     '15@Sep  6, 2017 11:53:33.349625896 PDT@192.168.1.7@53128@@104.31.70.170@80@@TCP',
22 |     "",
23 |     "nonsensical entry",
24 |     "",
25 | ]
26 | 
27 | 
28 | def test_class():
29 |     assert import_tshark.class_ == import_tshark.TSharkImporter
30 | 
31 | 
32 | def test_translate():
33 |     pa = import_tshark.TSharkImporter()
34 | 
35 |     translated_lines = []
36 |     for i, line in enumerate(sample_log):
37 |         d = {}
38 |         r = pa.translate(line, i+1, d)
39 |         print("got {} from: {}".format(r, line[:50]))
40 |         if r == 0:
41 |             assert set(d.keys()) == set(import_base.BaseImporter.keys)
42 |             translated_lines.append(d)
43 | 
44 |     assert len(translated_lines) == 15
45 |     assert translated_lines[0] == {
46 |         "src": 3232235783,
47 |         "srcport": 40548,
48 |         "dst": 1249740733,
49 |         "dstport": 443,
50 |         "timestamp": datetime(2017,9,6,11,53,24),
51 |         "protocol": 'TCP',
52 |         "bytes_sent": 0,
53 |         "bytes_received": 100,
54 |         "packets_sent": 0,
55 |         "packets_received": 1,
56 |         "duration": 1,
57 |     }
58 | 
59 |     assert translated_lines[2] == {
60 |         "src": 3232235777,
61 |         "srcport": 27979,
62 |         "dst": 3232235783,
63 |         "dstport": 8787,
64 |         "timestamp": datetime(2017,9,6,11,53,26),
65 |         "protocol": 'UDP',
66 |         "bytes_sent": 100,
67 |         "bytes_received": 0,
68 |         "packets_sent": 1,
69 |         "packets_received": 0,
70 |         "duration": 1,
71 |     }
72 | 
73 |     assert translated_lines[9] == {
74 |         "src": 3232235777,
75 |         "srcport": 5140,
76 |         "dst": 3232235783,
77 |         "dstport": 514,
78 |         "timestamp": datetime(2017,9,6,11,53,31),
79 |         "protocol": 'ICMP',
80 |         "bytes_sent": 0,
81 |         "bytes_received": 100,
82 |         "packets_sent": 0,
83 |         "packets_received": 1,
84 |         "duration": 1,
85 |     }
86 | 


--------------------------------------------------------------------------------
/spec/python/mock_router.py:
--------------------------------------------------------------------------------
 1 | import socket
 2 | import time
 3 | import threading
 4 | import sys
 5 | import signal
 6 | 
 7 | # run file from project root as:
 8 | # python -m spec.python.mock_router
 9 | TEST_LOG_FILE = './data/syslog_test'
10 | 
11 | 
12 | sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
13 | 
14 | # define number of threads to use for stress testing
15 | if len(sys.argv) < 2:
16 |     numThreads = 1
17 | else:
18 |     numThreads = int(sys.argv[1])
19 | 
20 | 
21 | # Plays back the data based on the relative differences between the timestamps
22 | def playback_data(path, speed):
23 |     # speed relative to realtime
24 |     delay_multiplier = 1.0 / speed
25 |     # open file for playback
26 |     with open(path, 'rb') as syslog:
27 |         line = syslog.readline()
28 |         line_time_string = line[25:33]
29 |         last_time = line_time = time.strptime(line_time_string, "%H:%M:%S")
30 |         yield line
31 |         for line in syslog:
32 |             # sleep for the duration of the pause between log lines, to "playback" in real time
33 |             line_time_string = line[25:33]
34 |             line_time = time.strptime(line_time_string, "%H:%M:%S")
35 |             if line_time != last_time:
36 |                 delay = (time.mktime(line_time) - time.mktime(last_time)) * delay_multiplier
37 |                 time.sleep(delay)  # this lines causes are error to occur at the 45 min mark when running SAM
38 |                 # time.sleep(0.5)  # this line does not cause error but we should be using delay instead of 0.5
39 |                 last_time = line_time
40 |             yield line
41 |     return
42 | 
43 | 
44 | def send_data():
45 |     counter = 0
46 |     player = playback_data(TEST_LOG_FILE, 1.0)
47 |     for message in player:
48 |         counter += 1
49 |         sock.sendall(message)
50 |         # time.sleep(7)
51 |     print("Player finished playing back file.")
52 |     print("Messages sent: {0}".format(counter))
53 |     print("Feel free to close this application by pressing ctrl-C.")
54 | 
55 | 
56 | def signal_handler(sig, frame):
57 |     sys.exit(0)
58 | 
59 | try:
60 |     # Connect to server and send data
61 |     sock.connect(("localhost", 514))
62 |     signal.signal(signal.SIGINT, signal_handler)
63 | 
64 |     for i in range(numThreads):
65 |         thr = threading.Thread(target=send_data)
66 |         thr.daemon = True
67 |         thr.start()
68 | 
69 |     while True:
70 |         time.sleep(60*60*24)
71 | 
72 | finally:
73 |     sock.close()
74 | 
75 | 


--------------------------------------------------------------------------------
/spec/python/models/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/riolet/SAM/3e372dbf533cf9a08fd5674017a212af16e0224a/spec/python/models/__init__.py


--------------------------------------------------------------------------------
/spec/python/models/security/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/riolet/SAM/3e372dbf533cf9a08fd5674017a212af16e0224a/spec/python/models/security/__init__.py


--------------------------------------------------------------------------------
/spec/python/models/security/test_anomaly_plugin.py:
--------------------------------------------------------------------------------
  1 | import pytest
  2 | from datetime import datetime
  3 | from spec.python import db_connection
  4 | from spec.python.models.security import test_warnings
  5 | from sam import common, errors
  6 | from sam.models.security import anomaly_plugin, alerts
  7 | 
  8 | """
  9 | Note: all tests in this file assume the anomaly detection plugin is not installed.
 10 | """
 11 | 
 12 | session = {}
 13 | db = db_connection.db
 14 | sub_id = db_connection.default_sub
 15 | 
 16 | 
 17 | def test_init():
 18 |     ap = anomaly_plugin.ADPlugin(db, sub_id)
 19 |     assert anomaly_plugin.PLUGIN_INSTALLED is False
 20 |     assert ap.status == 'unavailable'
 21 |     assert ap.adele == None
 22 | 
 23 | 
 24 | def test_get_set_active():
 25 |     ap = anomaly_plugin.ADPlugin(db, sub_id)
 26 |     initial = ap.get_active()
 27 |     ap.enable()
 28 |     assert ap.get_active() == True
 29 |     ap.disable()
 30 |     assert ap.get_active() == False
 31 | 
 32 |     # restore original state
 33 |     if initial:
 34 |         ap.enable()
 35 | 
 36 | 
 37 | def test__retrieve_warnings():
 38 |     ap = anomaly_plugin.ADPlugin(db, sub_id)
 39 |     assert ap._retrieve_warnings(None) is None
 40 | 
 41 | 
 42 | def test_get_warnings():
 43 |     test_warnings.populate_db_warnings()
 44 |     ap = anomaly_plugin.ADPlugin(db, sub_id)
 45 |     ws = ap.get_warnings()
 46 |     ws = {w['warning_id'] for w in ws}
 47 |     assert ws == {1,5,8,10,14}
 48 | 
 49 |     ws = ap.get_warnings(show_all=False)
 50 |     ws = {w['warning_id'] for w in ws}
 51 |     assert ws == {1,5,8,10,14}
 52 | 
 53 |     ws = ap.get_warnings(show_all=True)
 54 |     ws = {w['warning_id'] for w in ws}
 55 |     assert ws == set(range(1, 15))
 56 | 
 57 | 
 58 | def test_get_warning():
 59 |     test_warnings.populate_db_warnings()
 60 |     ap = anomaly_plugin.ADPlugin(db, sub_id)
 61 |     ws = ap.get_warnings(show_all=True)
 62 |     i = ws[7]['id']
 63 |     w = ap.get_warning(i)
 64 |     assert w['id'] == i
 65 |     assert w['warning_id'] == 7
 66 |     w = ap.get_warning(-200)
 67 |     assert w is None
 68 | 
 69 | 
 70 | def test_get_stats():
 71 |     ap = anomaly_plugin.ADPlugin(db, sub_id)
 72 |     assert ap.get_stats() == None
 73 | 
 74 | 
 75 | def test_accept_warning():
 76 |     test_warnings.populate_db_warnings()
 77 |     ap = anomaly_plugin.ADPlugin(db, sub_id)
 78 |     a_model = alerts.Alerts(db, sub_id)
 79 |     old_a = a_model.count()
 80 |     sample_warning = ap.get_warnings(show_all=False)[0]
 81 | 
 82 |     # bad warning id does nothing
 83 |     with pytest.raises(errors.MalformedRequest):
 84 |         ap.accept_warning(500000)
 85 | 
 86 |     # accept a warning
 87 |     a_id = ap.accept_warning(sample_warning['id'])
 88 |     w = ap.get_warning(sample_warning['id'])
 89 |     assert w['status'] == 'accepted'
 90 | 
 91 |     num_a1 = a_model.count()
 92 |     assert num_a1 == old_a + 1
 93 |     alert1 = a_model.get_details(a_id)
 94 |     assert alert1 is not None
 95 | 
 96 |     # reject and reaccept it
 97 |     ap.ignore_warning(sample_warning['id'])
 98 |     a_id = ap.accept_warning(sample_warning['id'])
 99 | 
100 |     num_a2 = a_model.count()
101 |     # no
102 |     assert num_a2 == old_a + 1
103 |     alert2 = a_model.get_details(a_id)
104 |     assert alert2 is not None
105 |     assert alert2 == alert1
106 | 
107 | 
108 | def test_reject_warning():
109 |     test_warnings.populate_db_warnings()
110 |     ap = anomaly_plugin.ADPlugin(db, sub_id)
111 |     sample_warning = ap.get_warnings(show_all=False)[1]
112 | 
113 |     # bad warning id does nothing
114 |     with pytest.raises(errors.MalformedRequest):
115 |         ap.reject_warning(500000)
116 | 
117 |     ap.reject_warning(sample_warning['id'])
118 | 
119 |     w = ap.get_warning(sample_warning['id'])
120 |     assert w['status'] == 'rejected'
121 | 
122 | 
123 | def test_ignore_warning():
124 |     test_warnings.populate_db_warnings()
125 |     ap = anomaly_plugin.ADPlugin(db, sub_id)
126 |     sample_warning = ap.get_warnings(show_all=False)[1]
127 | 
128 |     # bad warning id does nothing
129 |     with pytest.raises(errors.MalformedRequest):
130 |         ap.ignore_warning(500000)
131 | 
132 |     ap.ignore_warning(sample_warning['id'])
133 | 
134 |     w = ap.get_warning(sample_warning['id'])
135 |     assert w['status'] == 'ignored'
136 | 


--------------------------------------------------------------------------------
/spec/python/models/test_livekeys.py:
--------------------------------------------------------------------------------
 1 | from spec.python import db_connection
 2 | from sam.models.livekeys import LiveKeys
 3 | 
 4 | db = db_connection.db
 5 | sub_id = db_connection.default_sub
 6 | ds_full = db_connection.dsid_default
 7 | ds_empty = db_connection.dsid_short
 8 | ds_other = db_connection.dsid_live
 9 | session = {}
10 | 
11 | 
12 | def test_create():
13 |     lk_model = LiveKeys(db, sub_id)
14 |     ds_ids = (ds_full, ds_empty, ds_other)
15 |     lk_model.delete_all()
16 |     for id in ds_ids:
17 |         lk_model.create(id)
18 | 
19 |     keys = lk_model.read()
20 |     for key in keys:
21 |         assert key['subscription'] == sub_id
22 |         assert key['ds_id'] in ds_ids
23 |         # TODO: assert key['access_key'] looks "random"?
24 | 
25 | 
26 | def test_validate():
27 |     lk_model = LiveKeys(db, sub_id)
28 |     lk_model.delete_all()
29 |     lk_model.create(ds_full)
30 |     key = lk_model.read()[0]
31 | 
32 |     bad_key = LiveKeys.generate_salt(24)
33 |     blank_key = ""
34 |     no_key = None
35 |     correct_key = key['access_key']
36 | 
37 |     assert lk_model.validate(bad_key) is None
38 |     assert lk_model.validate(blank_key) is None
39 |     assert lk_model.validate(no_key) is None
40 |     match = lk_model.validate(correct_key)
41 |     assert match and match['datasource'] == key['ds_id']
42 | 
43 | 
44 | def test_delete():
45 |     lk_model = LiveKeys(db, sub_id)
46 |     lk_model.delete_all()
47 |     lk_model.create(ds_full)
48 |     lk_model.create(ds_full)
49 |     old_keys = lk_model.read()
50 | 
51 |     lk_model.delete(old_keys[0]['access_key'])
52 | 
53 |     assert lk_model.validate(old_keys[0]['access_key']) is None
54 |     match = lk_model.validate(old_keys[1]['access_key'])
55 |     assert match and match['datasource'] == old_keys[1]['ds_id']
56 | 
57 | 
58 | def test_delete_ds():
59 |     lk_model = LiveKeys(db, sub_id)
60 |     lk_model.delete_all()
61 |     lk_model.create(ds_full)
62 |     lk_model.create(ds_full)
63 |     lk_model.create(ds_empty)
64 |     lk_model.create(ds_empty)
65 |     old_keys = lk_model.read()
66 |     assert len(old_keys) == 4
67 | 
68 |     lk_model.delete_ds(ds_full)
69 | 
70 |     new_keys = lk_model.read()
71 | 
72 |     assert len(new_keys) == 2
73 |     assert new_keys[0]['ds_id'] == ds_empty
74 |     assert new_keys[1]['ds_id'] == ds_empty
75 | 


--------------------------------------------------------------------------------
/spec/python/models/test_ports.py:
--------------------------------------------------------------------------------
 1 | # importing db_connection has the side effect of setting the test database.
 2 | from spec.python import db_connection
 3 | from sam.models.ports import Ports
 4 | 
 5 | db = db_connection.db
 6 | sub_id = db_connection.default_sub
 7 | 
 8 | 
 9 | def test_get_port_info_present():
10 |     pm = Ports(db, sub_id)
11 | 
12 |     port_info = pm.get(80)
13 | 
14 |     assert len(port_info) == 1
15 |     info = port_info[0]
16 |     assert info.name == 'http'
17 |     assert info.description == 'World Wide Web HTTP'
18 |     assert info.port == 80
19 | 
20 | 
21 | def test_get_port_info_absent():
22 |     pm = Ports(db, sub_id)
23 | 
24 |     port_info = pm.get(4)
25 |     assert port_info == []
26 | 
27 | 
28 | def test_get_port_info_many():
29 |     pm = Ports(db, sub_id)
30 |     port_info = pm.get([3, 4, 5, 6])
31 |     assert len(port_info) == 2
32 |     info3 = port_info[0]
33 |     info5 = port_info[1]
34 |     assert info3.port == 3
35 |     assert info3.name == 'compressne'
36 |     assert info5.port == 5
37 |     assert info5.name == 'rje'
38 | 
39 | 
40 | def test_set_port_info():
41 |     pm = Ports(db, sub_id)
42 | 
43 |     test_port = 1
44 |     try:
45 |         # set data for port 1
46 |         pm.set(test_port, {
47 |             'port': test_port,
48 |             'alias_name': "override",
49 |             'alias_description': "lorem ipsum",
50 |             'active': '0'
51 |         })
52 |         pinfo = pm.get(test_port)
53 |         assert len(pinfo) == 1
54 |         assert pinfo[0]['name'] == "tcpmux"
55 |         assert pinfo[0]['description'] == "TCP Port Service Multiplexer"
56 |         assert pinfo[0]['alias_name'] == "override"
57 |         assert pinfo[0]['alias_description'] == "lorem ipsum"
58 |         assert pinfo[0]['active'] == 0
59 |     except AssertionError as e:
60 |         raise e
61 |     finally:
62 |         # clear data for test_port
63 |         pm.unset(test_port)
64 | 
65 |     test_port = 4
66 |     try:
67 |         # set data for port 4
68 |         pm.set(test_port, {
69 |             'port': test_port,
70 |             'alias_name': "this_name_is_too_long",
71 |             'alias_description': "phony port details",
72 |             'active': '0'
73 |         })
74 |         pinfo = pm.get(test_port)
75 |         assert len(pinfo) == 1
76 |         assert pinfo[0]['name'] == ""
77 |         assert pinfo[0]['description'] == ""
78 |         assert pinfo[0]['alias_name'] == "this_name_"
79 |         assert pinfo[0]['alias_description'] == "phony port details"
80 |         assert pinfo[0]['active'] == 0
81 |     except AssertionError as e:
82 |         raise e
83 |     finally:
84 |         # clear data for test_port
85 |         pm.unset(test_port)
86 | 
87 | 


--------------------------------------------------------------------------------
/spec/python/models/test_settings.py:
--------------------------------------------------------------------------------
 1 | from spec.python import db_connection
 2 | from sam.models.settings import Settings
 3 | 
 4 | db = db_connection.db
 5 | sub_id = db_connection.default_sub
 6 | session = {}
 7 | 
 8 | 
 9 | def test_update_clear_cache():
10 |     s_model = Settings(db, session, sub_id)
11 |     s_model.update_cache()
12 |     settings = s_model.storage[Settings.SESSION_KEY]
13 |     s_model.clear_cache()
14 |     assert bool(s_model.storage.get(Settings.SESSION_KEY)) is False
15 |     s_model.update_cache()
16 |     assert type(s_model.storage.get(Settings.SESSION_KEY)) is dict
17 |     assert s_model.storage.get(Settings.SESSION_KEY) == settings
18 | 
19 | 
20 | def test_get():
21 |     s_model = Settings(db, session, sub_id)
22 |     assert s_model['subscription'] == sub_id
23 |     assert s_model['color_bg'] == 0xaaffdd
24 | 
25 | 
26 | def test_set():
27 |     target = 'color_bg'
28 |     s_model = Settings(db, {}, sub_id)
29 |     old_color = s_model[target]
30 |     new_color = 0xabcabc
31 |     s_model[target] = new_color
32 |     del s_model
33 | 
34 |     s_model = Settings(db, {}, sub_id)
35 |     assert s_model[target] == new_color
36 |     s_model[target] = old_color
37 |     del s_model
38 | 
39 |     s_model = Settings(db, {}, sub_id)
40 |     assert s_model[target] == old_color
41 | 
42 | 
43 | def test_copy():
44 |     s_model = Settings(db, session, sub_id)
45 |     s_model.update_cache()
46 |     old_copy = s_model.storage.get(Settings.SESSION_KEY)[sub_id]
47 |     s_model2 = Settings(db, {}, sub_id)
48 |     new_copy = s_model2.copy()
49 |     assert old_copy == new_copy
50 |     assert old_copy is not new_copy
51 | 
52 | 
53 | def test_keys():
54 |     s_model = Settings(db, session, sub_id)
55 |     keys = s_model.keys()
56 |     for k in keys:
57 |         assert s_model[k] is not None
58 | 
59 | 
60 | def test_create():
61 |     # TODO: cannot test here. see Subscription class.
62 |     pass
63 | 


--------------------------------------------------------------------------------
/spec/python/models/test_subscriptions.py:
--------------------------------------------------------------------------------
  1 | import pytest
  2 | import numbers
  3 | import sys
  4 | from sam import constants
  5 | from spec.python import db_connection
  6 | from sam.models.subscriptions import Subscriptions
  7 | 
  8 | db = db_connection.db
  9 | sub_id = db_connection.default_sub
 10 | 
 11 | 
 12 | def test_get_all():
 13 |     s = Subscriptions(db)
 14 |     subs = s.get_all()
 15 |     assert type(subs) is list
 16 |     assert isinstance(subs[0], dict)
 17 | 
 18 | 
 19 | def test_get_id_list():
 20 |     s = Subscriptions(db)
 21 |     ids = s.get_id_list()
 22 |     assert type(ids) is list
 23 |     assert isinstance(ids[0], numbers.Integral)
 24 | 
 25 | 
 26 | def test_get_by_email():
 27 |     s = Subscriptions(db)
 28 |     sub = s.get_by_email(constants.subscription['default_email'])
 29 |     assert bool(sub)
 30 |     assert sub.plan == 'admin'
 31 | 
 32 | 
 33 | def test_get():
 34 |     s = Subscriptions(db)
 35 |     ids = s.get_id_list()
 36 |     for id in ids:
 37 |         sub = s.get(id)
 38 |         assert sub is not None
 39 | 
 40 | 
 41 | def xtest_create_subscription_tables():
 42 |     pass
 43 | 
 44 | 
 45 | def xtest_create_default_subscription():
 46 |     pass
 47 | 
 48 | 
 49 | def test_decode_sub():
 50 |     s = Subscriptions(db)
 51 | 
 52 |     #add an extra subscription entry
 53 |     test_id = 25
 54 |     test_email = "test@testing.co"
 55 |     query = """INSERT INTO Subscriptions VALUES ({}, "{}", "Test", "nimda", "r w a", 1, NULL);""".format(test_id, test_email)
 56 |     db.query(query)
 57 |     try:
 58 |         constants.access_control['active'] = True
 59 |         assert s.decode_sub(sub_id) == sub_id
 60 |         assert s.decode_sub(constants.subscription['default_email']) == sub_id
 61 |         assert s.decode_sub(25) == test_id
 62 |         assert s.decode_sub(24) == None
 63 |         assert s.decode_sub(32000) == None
 64 |         assert s.decode_sub(test_email) == test_id
 65 |         assert s.decode_sub("bad@email.com") == None
 66 | 
 67 |         constants.access_control['active'] = False
 68 |         assert s.decode_sub(sub_id) == sub_id
 69 |         assert s.decode_sub(constants.subscription['default_email']) == sub_id
 70 |         assert s.decode_sub(25) == test_id
 71 |         assert s.decode_sub(24) == sub_id
 72 |         assert s.decode_sub(32000) == sub_id
 73 |         assert s.decode_sub(test_email) == test_id
 74 |         assert s.decode_sub("bad@email.com") == sub_id
 75 |     finally:
 76 |         query = "DELETE FROM Subscriptions WHERE subscription={};".format(test_id)
 77 |         db.query(query)
 78 | 
 79 | 
 80 | def test_get_set_plugin_data():
 81 |     name1 = "p1"
 82 |     name2 = "p2"
 83 |     sub1 = sub_id
 84 |     sub2 = 25
 85 |     s = Subscriptions(db)
 86 |     data1 = {'a': 1, 'b': [2, 3], 'c': {4, 5}, 'd': 6l, 'e': True, 'f': 7+2j, 'g': 3.141}
 87 |     data2 = "This is a test"
 88 |     data3 = {'msg': "Nothing to see here", 'id': 41}
 89 |     data4 = ["one", "two", "three"]
 90 | 
 91 | 
 92 | 
 93 |     #add an extra subscription entry
 94 |     test_email = "test@testing.co"
 95 |     query = """INSERT INTO Subscriptions VALUES ({}, "{}", "Test", "nimda", "r w a", 1, NULL);""".format(sub2, test_email)
 96 |     db.query(query)
 97 |     try:
 98 |         s.set_plugin_data(sub1, name1, data1)
 99 |         s.set_plugin_data(sub1, name2, data2)
100 |         s.set_plugin_data(sub2, name1, data3)
101 |         s.set_plugin_data(sub2, name2, data4)
102 | 
103 |         with pytest.raises(ValueError):
104 |             s.set_plugin_data(1000, name1, data1)
105 |         with pytest.raises(TypeError):
106 |             s.set_plugin_data(sub1, name1, sys.stderr)
107 | 
108 |         assert s.get_plugin_data(sub1, name1) == data1
109 |         assert s.get_plugin_data(sub1, name2) == data2
110 |         assert s.get_plugin_data(sub2, name1) == data3
111 |         assert s.get_plugin_data(sub2, name2) == data4
112 |         assert s.get_plugin_data(sub2, "noname") == {}
113 | 
114 |         with pytest.raises(ValueError):
115 |             s.get_plugin_data(1000, name1)
116 | 
117 |         query = """UPDATE Subscriptions SET plugins="garbage" WHERE subscription={};""".format(sub1)
118 |         db.query(query)
119 |         assert s.get_plugin_data(sub1, name1) == {}
120 |         assert s.get_plugin_data(sub2, name1) == data3
121 |         assert s.get_plugin_data(sub2, name2) == data4
122 |     finally:
123 |         query = "DELETE FROM Subscriptions WHERE subscription={};".format(sub2)
124 |         db.query(query)
125 | 


--------------------------------------------------------------------------------
/spec/python/models/test_user.py:
--------------------------------------------------------------------------------
  1 | # importing db_connection has the side effect of setting the test database.
  2 | from spec.python import db_connection
  3 | from sam.models.user import User
  4 | 
  5 | sub_id = db_connection.default_sub
  6 | session = {}
  7 | 
  8 | 
  9 | def logout():
 10 |     session.clear()
 11 | 
 12 | 
 13 | def login():
 14 |     user = User(session)
 15 |     user.logged_in = True
 16 |     user.name = 'Test User'
 17 |     user.email = 'test@email.com'
 18 |     user.subscription = 1
 19 |     user.plan = 'plan100'
 20 |     user.plan_active = True
 21 |     user.viewing = user.subscription
 22 | 
 23 | 
 24 | def test_empty_user():
 25 |     with db_connection.env(login_active=False):
 26 |         u = User({})
 27 | 
 28 |         assert u.email == 'SAM'
 29 |         assert u.name == 'SAM'
 30 |         assert u.logged_in is True
 31 |         assert u.plan_active is True
 32 |         assert u.plan == 'auto'
 33 |         assert u.subscription == sub_id
 34 |         assert u.viewing == sub_id
 35 |         assert u.groups.issuperset({'login', 'subscribed'})
 36 |         assert 'logout' not in u.groups
 37 |         assert 'unsubscribed' not in u.groups
 38 |         assert 'debug' not in u.groups
 39 | 
 40 |     with db_connection.env(login_active=True):
 41 |         u = User({})
 42 | 
 43 |         assert u.email is None
 44 |         assert u.name is None
 45 |         assert u.logged_in is False
 46 |         assert u.plan_active is False
 47 |         assert u.plan is None
 48 |         assert u.subscription is None
 49 |         assert u.viewing is None
 50 |         assert u.groups.issuperset({'logout', 'unsubscribed'})
 51 |         assert 'login' not in u.groups
 52 |         assert 'subscribed' not in u.groups
 53 |         assert 'debug' not in u.groups
 54 | 
 55 | 
 56 | def test_logged_in_user():
 57 |     with db_connection.env(login_active=True):
 58 |         login()
 59 |         u = User(session)
 60 | 
 61 |         assert u.email == 'test@email.com'
 62 |         assert u.name == 'Test User'
 63 |         assert u.logged_in is True
 64 |         assert u.plan_active is True
 65 |         assert u.plan == 'plan100'
 66 |         assert u.subscription == 1
 67 |         assert u.viewing == 1
 68 |         assert u.groups.issuperset({'login', 'subscribed'})
 69 |         assert 'logout' not in u.groups
 70 |         assert 'unsubscribed' not in u.groups
 71 |         assert 'debug' not in u.groups
 72 | 
 73 | 
 74 | def test_may_post():
 75 |     login()
 76 |     u = User(session)
 77 | 
 78 |     assert u.may_post() is True
 79 |     u.viewing = 12345
 80 |     assert u.may_post() is False
 81 |     u.viewing = u.subscription
 82 |     assert u.may_post() is True
 83 |     u.plan = None
 84 |     assert u.may_post() is False
 85 |     u.plan = ""
 86 |     assert u.may_post() is False
 87 |     u.plan = "none"
 88 |     assert u.may_post() is False
 89 |     u.plan = "p"
 90 |     assert u.may_post() is True
 91 |     u.plan_active = False
 92 |     assert u.may_post() is False
 93 |     u.plan_active = True
 94 |     assert u.may_post() is True
 95 | 
 96 | 
 97 | def test_any_all_groups():
 98 |     login()
 99 |     u = User(session)
100 |     assert u.any_group(['login', 'logout', 'subscribed', 'unsubscribed']) is True
101 |     assert u.all_groups(['login', 'logout', 'subscribed', 'unsubscribed']) is False
102 |     assert u.all_groups(['login', 'subscribed']) is True
103 | 


--------------------------------------------------------------------------------
/spec/python/pages/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/riolet/SAM/3e372dbf533cf9a08fd5674017a212af16e0224a/spec/python/pages/__init__.py


--------------------------------------------------------------------------------
/spec/python/pages/test_dashboard.py:
--------------------------------------------------------------------------------
 1 | # coding=utf-8
 2 | from spec.python import db_connection
 3 | import web
 4 | import sam.pages.sec_dashboard
 5 | from sam import common
 6 | from sam import constants
 7 | 
 8 | 
 9 | def test_render():
10 |     with db_connection.env(mock_input=True, login_active=False, mock_session=True, mock_render=True):
11 |         p = sam.pages.sec_dashboard.Dashboard()
12 |         page_title = 'Dashboard'
13 |         web.ctx.path = "/sam/testpage"
14 |         dummy = p.GET()
15 |         calls = common.renderer.calls
16 |         assert calls[0] == ('render', ('_head', page_title,), {'lang': 'en', 'stylesheets': p.styles, 'scripts': p.scripts})
17 |         assert calls[1] == ('render', ('en/_header', constants.get_navbar('en'), page_title, p.page.user, constants.debug, "/sam/testpage", constants.access_control, ('version française', '/fr/sam/testpage')), {})
18 |         assert calls[2][1][0] == 'en/dashboard'
19 |         assert calls[2][2] == {}
20 |         assert calls[3] == ('render', ('en/_footer', {'English': '/en/sam/testpage', 'Française': '/fr/sam/testpage'}), {})
21 |         assert calls[4] == ('render', ('_tail', ), {})
22 |         assert dummy == "NoneNoneNoneNoneNone"
23 | 


--------------------------------------------------------------------------------
/spec/python/pages/test_login.py:
--------------------------------------------------------------------------------
 1 | # coding=utf-8
 2 | from spec.python import db_connection
 3 | import web
 4 | import pytest
 5 | import sam.pages.login
 6 | from sam import common
 7 | from sam import constants
 8 | from sam import errors
 9 | 
10 | 
11 | def test_render():
12 |     try:
13 |         import ldap3
14 |         ldap_installed = True
15 |     except ImportError:
16 |         ldap_installed = False
17 | 
18 |     with db_connection.env(mock_input=True, login_active=True, mock_session=True, mock_render=True):
19 |         p = sam.pages.login.Login_LDAP()
20 |         common.session.clear()
21 |         web.ctx.env = {'PATH_INFO': '/sam/testpage', 'QUERY_STRING': ''}
22 |         dummy = p.GET()
23 |         calls = common.renderer.calls
24 |         assert calls[0] == ('render', ('_head', 'Login',), {'lang': 'en', 'stylesheets': ['/static/css/general.css'], 'scripts': []})
25 |         if ldap_installed:
26 |             assert calls[1] == ('render', ('en/login', '/login',), {})
27 |         else:
28 |             assert calls[1] == ('render', ('en/login', '/login', ['LDAP module not installed. Cannot perform login.']), {})
29 |         assert calls[2] == ('render', ('en/_footer', {'English': '/en/sam/testpage', 'Française': '/fr/sam/testpage'}), {})
30 |         assert calls[3] == ('render', ('_tail', ), {})
31 |         assert dummy == "NoneNoneNoneNone"
32 | 
33 | 
34 | def test_decode_post():
35 |     with db_connection.env(mock_input=True, mock_session=True):
36 |         p = sam.pages.login.Login_LDAP()
37 |         common.session.clear()
38 |         with pytest.raises(errors.MalformedRequest):
39 |             p.decode_post_request({'user': 'bob'})
40 |         p.errors = []
41 |         with pytest.raises(errors.MalformedRequest):
42 |             p.decode_post_request({'password': 'bobpass'})
43 |         p.errors = []
44 |         with pytest.raises(errors.MalformedRequest):
45 |             p.decode_post_request({'user': '', 'password': 'bobpass'})
46 |         p.errors = []
47 |         with pytest.raises(errors.MalformedRequest):
48 |             p.decode_post_request({'user': 'bob', 'password': ''})
49 |         p.errors = []
50 |         actual = p.decode_post_request({'user': 'bob', 'password': 'bobpass'})
51 |         expected = {'user': 'bob', 'password': 'bobpass'}
52 |         assert actual == expected
53 | 
54 | 
55 | def test_decode_connection_string():
56 |     with db_connection.env(mock_input=True, mock_session=True):
57 |         p = sam.pages.login.Login_LDAP()
58 |         cs = 'ldaps://ipa.demo1.freeipa.org/CN=users,CN=accounts,DC=demo1,DC=freeipa,DC=org'
59 |         address, ns = p.decode_connection_string(cs)
60 |         assert address == 'ldaps://ipa.demo1.freeipa.org'
61 |         assert ns == 'CN=users,CN=accounts,DC=demo1,DC=freeipa,DC=org'
62 | 
63 | 
64 | def test_connect():
65 |     # TODO: I don't control this test server. This could break.
66 |     with db_connection.env(mock_input=True, mock_session=True):
67 |         p = sam.pages.login.Login_LDAP()
68 |         p.server_address = 'ldaps://ipa.demo1.freeipa.org'
69 |         p.namespace = 'CN=users,CN=accounts,DC=demo1,DC=freeipa,DC=org'
70 | 
71 |         # wrong password
72 |         request = {
73 |             'user': 'bob',
74 |             'password': 'bobpass'
75 |         }
76 |         with pytest.raises(errors.AuthenticationError):
77 |             p.perform_post_command(request)
78 | 
79 |         # correct details
80 |         #request = {
81 |         #    'user': 'admin',
82 |         #    'password': 'Secret123',
83 |         #}
84 |         #assert p.perform_post_command(request)
85 | 
86 |         # wrong url
87 |         p.server_address = 'ldaps://ipa.demo1.garbage.org'
88 |         with pytest.raises(errors.AuthenticationError):
89 |             p.perform_post_command(request)
90 | 


--------------------------------------------------------------------------------
/spec/python/pages/test_logout.py:
--------------------------------------------------------------------------------
 1 | from spec.python import db_connection
 2 | import sam.pages.logout
 3 | 
 4 | sub = db_connection.default_sub
 5 | 
 6 | def test_logout():
 7 |     with db_connection.env(mock_input=True, login_active=True, mock_session=True):
 8 |         p = sam.pages.logout.Logout()
 9 |         assert p.page.user.logged_in is False
10 |         p.page.user.login_simple('phony', sub)
11 |         assert p.page.user.logged_in is True
12 |         p.perform_get_command({})
13 |         assert p.page.user.logged_in is False
14 | 


--------------------------------------------------------------------------------
/spec/python/pages/test_map.py:
--------------------------------------------------------------------------------
 1 | # coding=utf-8
 2 | from spec.python import db_connection
 3 | import web
 4 | import sam.pages.map
 5 | from sam import common
 6 | from sam import constants
 7 | 
 8 | 
 9 | def test_render():
10 |     with db_connection.env(mock_input=True, login_active=False, mock_session=True, mock_render=True):
11 |         common.session.clear()
12 |         p = sam.pages.map.Map()
13 |         page_title = 'Map'
14 |         web.ctx.path = "/sam/testpage"
15 |         dummy = p.GET()
16 |         calls = common.renderer.calls
17 |         assert calls[0] == ('render', ('_head', page_title,), {'lang': 'en', 'stylesheets': p.styles, 'scripts': p.scripts})
18 |         assert calls[1] == ('render', ('en/_header', constants.get_navbar('en'), page_title, p.page.user, constants.debug, "/sam/testpage", constants.access_control, ('version française', '/fr/sam/testpage')), {})
19 |         assert calls[2] == ('render', ('en/map', [(1, u'default'), (2, u'short'), (3, u'live')],), {})
20 |         assert calls[3] == ('render', ('_tail', ), {})
21 |         assert dummy == "NoneNoneNoneNone"
22 | 


--------------------------------------------------------------------------------
/spec/python/pages/test_metadata.py:
--------------------------------------------------------------------------------
 1 | # coding=utf-8
 2 | from spec.python import db_connection
 3 | import web
 4 | import sam.pages.metadata
 5 | from sam import common
 6 | from sam import constants
 7 | 
 8 | 
 9 | def test_render():
10 |     with db_connection.env(mock_input=True, login_active=False, mock_session=True, mock_render=True):
11 |         common.session.clear()
12 |         p = sam.pages.metadata.Metadata()
13 |         page_title = 'Host Details'
14 |         web.ctx.path = "/sam/testpage"
15 |         dummy = p.GET()
16 |         calls = common.renderer.calls
17 |         tags = []
18 |         envs = {'dev', 'inherit', 'production'}
19 |         dses = [{'flat': 0, 'subscription': 1L, 'ar_active': 0, 'ar_interval': 300L, 'id': 1L, 'name': u'default'},
20 |                 {'flat': 0, 'subscription': 1L, 'ar_active': 0, 'ar_interval': 300L, 'id': 2L, 'name': u'short'},
21 |                 {'flat': 0, 'subscription': 1L, 'ar_active': 0, 'ar_interval': 300L, 'id': 3L, 'name': u'live'}]
22 |         assert calls[0] == ('render', ('_head', page_title,), {'lang': 'en', 'stylesheets': p.styles, 'scripts': p.scripts})
23 |         assert calls[1] == ('render', ('en/_header', constants.get_navbar('en'), page_title, p.page.user, constants.debug, "/sam/testpage", constants.access_control, ('version française', '/fr/sam/testpage')), {})
24 |         assert calls[2] == ('render', ('en/metadata', tags, envs, dses), {})
25 |         assert calls[3] == ('render', ('_tail', ), {})
26 |         assert dummy == "NoneNoneNoneNone"
27 | 


--------------------------------------------------------------------------------
/spec/python/pages/test_portinfo.py:
--------------------------------------------------------------------------------
  1 | from spec.python import db_connection
  2 | import sam.pages.portinfo
  3 | import pytest
  4 | from sam import errors
  5 | 
  6 | db = db_connection.db
  7 | sub_id = db_connection.default_sub
  8 | ds_full = db_connection.dsid_default
  9 | 
 10 | 
 11 | def test_decode_get():
 12 |     with db_connection.env(mock_input=True, login_active=False, mock_session=True):
 13 |         p = sam.pages.portinfo.Portinfo()
 14 |         data = {'port': '80,,443,8080'}
 15 |         request = p.decode_get_request(data)
 16 |         expected = {'ports': [80, 443, 8080]}
 17 |         assert request == expected
 18 | 
 19 |         data = {'port': '127'}
 20 |         request = p.decode_get_request(data)
 21 |         expected = {'ports': [127]}
 22 |         assert request == expected
 23 | 
 24 |         data = {'port': ''}
 25 |         with pytest.raises(errors.RequiredKey):
 26 |             p.decode_get_request(data)
 27 | 
 28 |         data = {'port': '14, 16, 18'}
 29 |         request = p.decode_get_request(data)
 30 |         expected = {'ports': [14, 16, 18]}
 31 |         assert request == expected
 32 | 
 33 | 
 34 | def test_perform_get():
 35 |     with db_connection.env(mock_input=True, login_active=False, mock_session=True):
 36 |         p = sam.pages.portinfo.Portinfo()
 37 |         request = {'ports': [80, 443, 8080]}
 38 |         response = p.perform_get_command(request)
 39 |         assert len(response) == 3
 40 |         assert set([x['port'] for x in response]) == {80, 443, 8080}
 41 | 
 42 |         request = {'ports': [160]}
 43 |         response = p.perform_get_command(request)
 44 |         assert len(response) == 1
 45 |         port = response[0]
 46 |         assert port['port'] == 160
 47 |         assert port['name'] == 'sgmp-traps'
 48 | 
 49 |         request = {'ports': [4]}
 50 |         response = p.perform_get_command(request)
 51 |         assert len(response) == 0
 52 | 
 53 | 
 54 | def test_encode_get():
 55 |     with db_connection.env(mock_input=True, login_active=False, mock_session=True):
 56 |         p = sam.pages.portinfo.Portinfo()
 57 |         response = [{'port': 40, 'name': 'test1'}, {'port': 48, 'name': 'test2'}, {'port': 56, 'name': 'test3'}]
 58 |         encoded = p.encode_get_response(response)
 59 |         expected = {
 60 |             '40': {'port': 40, 'name': 'test1'},
 61 |             '48': {'port': 48, 'name': 'test2'},
 62 |             '56': {'port': 56, 'name': 'test3'}
 63 |         }
 64 |         assert encoded == expected
 65 | 
 66 | 
 67 | def test_decode_post():
 68 |     with db_connection.env(mock_input=True, login_active=False, mock_session=True):
 69 |         p = sam.pages.portinfo.Portinfo()
 70 |         data = {'port': '80', 'alias_name': 'test_alias', 'alias_description': 'test_description', 'active': '1'}
 71 |         request = p.decode_post_request(data)
 72 |         expected = {'port': 80, 'alias_name': 'test_alias', 'alias_description': 'test_description', 'active': '1'}
 73 |         assert request == expected
 74 | 
 75 |         data = {'port': '80', 'xalias_name': 'test_alias', 'xalias_description': 'test_description', 'xactive': '1'}
 76 |         request = p.decode_post_request(data)
 77 |         expected = {'port': 80}
 78 |         assert request == expected
 79 | 
 80 |         data = {'xport': '80', 'alias_name': 'test_alias', 'alias_description': 'test_description', 'active': '1'}
 81 |         with pytest.raises(errors.RequiredKey):
 82 |             p.decode_post_request(data)
 83 | 
 84 |         data = {'port': 'frog', 'alias_name': 'test_alias', 'alias_description': 'test_description', 'active': '1'}
 85 |         with pytest.raises(errors.MalformedRequest):
 86 |             p.decode_post_request(data)
 87 | 
 88 | 
 89 | def test_perform_post():
 90 |     with db_connection.env(mock_input=True, login_active=False, mock_session=True):
 91 |         p = sam.pages.portinfo.Portinfo()
 92 |         p.portModel = db_connection.Mocker()
 93 | 
 94 |         request = {'port': 80, 'alias_name': 'test_alias', 'alias_description': 'test_description', 'active': '1'}
 95 |         p.perform_post_command(request)
 96 |         calls = p.portModel.calls
 97 |         assert calls[0] == ('set',
 98 |                             (80, {'alias_name': 'test_alias', 'alias_description': 'test_description', 'active': '1'}),
 99 |                             {})
100 | 
101 |         request = {'port': 160}
102 |         p.portModel.clear()
103 |         p.perform_post_command(request)
104 |         calls = p.portModel.calls
105 |         assert calls[0] == ('set', (160, {}), {})
106 | 


--------------------------------------------------------------------------------
/spec/python/pages/test_settings_page.py:
--------------------------------------------------------------------------------
 1 | # coding=utf-8
 2 | from spec.python import db_connection
 3 | import web
 4 | import sam.pages.settings_page
 5 | from sam import common
 6 | from sam import constants
 7 | 
 8 | 
 9 | def test_get_importers():
10 |     importers = sam.pages.settings_page.SettingsPage.get_available_importers()
11 |     for importer in importers:
12 |         assert len(importer) == 2
13 |         assert isinstance(importer[0], basestring)
14 |         assert isinstance(importer[1], basestring)
15 | 
16 | 
17 | def test_render():
18 |     with db_connection.env(mock_input=True, login_active=False, mock_session=True, mock_render=True):
19 |         p = sam.pages.settings_page.SettingsPage()
20 |         page_title = 'Settings'
21 |         web.ctx.path = "/sam/testpage"
22 |         dummy = p.GET()
23 |         calls = common.renderer.calls
24 |         assert calls[0] == ('render', ('_head', page_title,), {'lang': 'en', 'stylesheets': p.styles, 'scripts': p.scripts})
25 |         assert calls[1] == ('render', ('en/_header', constants.get_navbar('en'), page_title, p.page.user, constants.debug, "/sam/testpage", constants.access_control, ('version française', '/fr/sam/testpage')), {})
26 |         assert calls[2][1][0] == 'en/settings'
27 |         assert len(calls[2][1]) == 9
28 |         assert calls[2][2] == {}
29 |         assert calls[3] == ('render', ('en/_footer', {'English': '/en/sam/testpage', 'Française': '/fr/sam/testpage'}), {})
30 |         assert calls[4] == ('render', ('_tail', ), {})
31 |         assert dummy == "NoneNoneNoneNoneNone"
32 | 


--------------------------------------------------------------------------------
/spec/python/pages/test_stats.py:
--------------------------------------------------------------------------------
 1 | # coding=utf-8
 2 | from spec.python import db_connection
 3 | import web
 4 | import sam.pages.stats
 5 | from sam import common
 6 | from sam import constants
 7 | import web
 8 | import json
 9 | import time
10 | from datetime import datetime
11 | 
12 | ds_full = db_connection.dsid_default
13 | ds_empty = db_connection.dsid_live
14 | 
15 | 
16 | def test_render():
17 |     with db_connection.env(mock_input=True, login_active=False, mock_session=True, mock_render=True):
18 |         p = sam.pages.stats.Stats()
19 |         page_title = 'Stats'
20 |         web.ctx.path = "/sam/testpage"
21 |         dummy = p.GET()
22 |         calls = common.renderer.calls
23 |         assert calls[0] == ('render', ('_head', page_title,), {'lang': 'en', 'stylesheets': p.styles, 'scripts': p.scripts})
24 |         assert calls[1] == ('render', ('en/_header', constants.get_navbar('en'), page_title, p.page.user, constants.debug, "/sam/testpage", constants.access_control, ('version française', '/fr/sam/testpage')), {})
25 |         assert calls[2][1][0] == 'en/stats'
26 |         segments = calls[2][1][1]
27 |         section_headers = [x[0] for x in segments]
28 |         assert section_headers == ['Overall', 'Datasource: default', 'Datasource: short', 'Datasource: live']
29 |         assert calls[2][2] == {}
30 |         assert calls[3] == ('render', ('en/_footer', {'English': '/en/sam/testpage', 'Française': '/fr/sam/testpage'}), {})
31 |         assert calls[4] == ('render', ('_tail', ), {})
32 |         assert dummy == "NoneNoneNoneNoneNone"
33 | 
34 | 
35 | def test_timerange():
36 |     with db_connection.env(mock_input=True, login_active=False, mock_session=True):
37 |         web.input = lambda: {'q': 'timerange', 'ds': 'ds{}'.format(ds_full)}
38 |         web.ctx['headers'] = []
39 |         p = sam.pages.stats.Stats()
40 |         response = p.GET()
41 |         timerange = json.loads(response)
42 |         assert timerange == {"max": 1521498300, "min": 1453065600}
43 | 
44 |         web.input = lambda: {'q': 'timerange', 'ds': 'ds{}'.format(ds_empty)}
45 |         web.ctx['headers'] = []
46 |         p = sam.pages.stats.Stats()
47 |         response = p.GET()
48 |         timerange = json.loads(response)
49 |         now = int(time.mktime(datetime.now().timetuple()))
50 |         assert timerange == {"max": now, "min": now}
51 | 
52 | 
53 | def test_protocols():
54 |     with db_connection.env(mock_input=True, login_active=False, mock_session=True):
55 |         web.input = lambda: {'q': 'protocols', 'ds': 'ds{}'.format(ds_full)}
56 |         web.ctx['headers'] = []
57 |         p = sam.pages.stats.Stats()
58 |         response = p.GET()
59 |         protocols = json.loads(response)
60 |         assert set(protocols) == {u'TCP', u'UDP', u'ICMP'}
61 | 
62 |         web.input = lambda: {'q': 'protocols', 'ds': 'ds{}'.format(ds_empty)}
63 |         web.ctx['headers'] = []
64 |         p = sam.pages.stats.Stats()
65 |         response = p.GET()
66 |         protocols = json.loads(response)
67 |         assert set(protocols) == set()
68 | 


--------------------------------------------------------------------------------
/spec/python/plugins/test_plugin1/__init__.py:
--------------------------------------------------------------------------------
1 | import sam_installer


--------------------------------------------------------------------------------
/spec/python/plugins/test_plugin1/models/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/riolet/SAM/3e372dbf533cf9a08fd5674017a212af16e0224a/spec/python/plugins/test_plugin1/models/__init__.py


--------------------------------------------------------------------------------
/spec/python/plugins/test_plugin1/models/test_model.py:
--------------------------------------------------------------------------------
 1 | import os
 2 | import time
 3 | import web
 4 | from sam.models import base
 5 | 
 6 | base_path = os.path.dirname(__file__)
 7 | sql_path = os.path.join(base_path, os.pardir, 'sql')
 8 | 
 9 | 
10 | class TestModel(base.DBPlugin):
11 |     TEST_TABLE = 's{acct}_test_table'
12 | 
13 |     checkIntegrity = base.DBPlugin.simple_sub_table_check(
14 |         TEST_TABLE
15 |     )
16 | 
17 |     fixIntegrity = base.DBPlugin.simple_sub_table_fix(
18 |         sqlite=os.path.join(sql_path, 'create_test_table.sql'),
19 |         mysql=os.path.join(sql_path, 'create_test_table.sql')
20 |     )
21 | 


--------------------------------------------------------------------------------
/spec/python/plugins/test_plugin1/sam_installer.py:
--------------------------------------------------------------------------------
 1 | import os
 2 | from sam import constants
 3 | from test_plugin1.models.test_model import TestModel
 4 | 
 5 | 
 6 | def install():
 7 |     # install endpoint
 8 |     for i in range(len(constants.default_urls)/2):
 9 |         if constants.default_urls[i*2] == '/test_url':
10 |             constants.default_urls[i*2+1] = 'test_plugin2.pages.test_url.TestUrl'
11 | 
12 |     # install models
13 |     constants.plugin_models.append(TestModel)
14 | 
15 |     # install importer
16 |     constants.plugin_importers.append('test_plugin1')
17 | 


--------------------------------------------------------------------------------
/spec/python/plugins/test_plugin1/sql/create_test_table.sql:
--------------------------------------------------------------------------------
1 | CREATE TABLE s{acct}_test_table (id INTEGER NOT NULL);


--------------------------------------------------------------------------------
/spec/python/plugins/test_plugin2/__init__.py:
--------------------------------------------------------------------------------
1 | import sam_installer


--------------------------------------------------------------------------------
/spec/python/plugins/test_plugin2/pages/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/riolet/SAM/3e372dbf533cf9a08fd5674017a212af16e0224a/spec/python/plugins/test_plugin2/pages/__init__.py


--------------------------------------------------------------------------------
/spec/python/plugins/test_plugin2/pages/test_url.py:
--------------------------------------------------------------------------------
 1 | from sam.pages.base import Headed
 2 | 
 3 | 
 4 | class TestUrl(Headed):
 5 |     def __init__(self):
 6 |         super(TestUrl, self).__init__(True, True)
 7 |         self.set_title("TestUrl Page Title")
 8 |         self.styles = ['/static/css/general.css']
 9 |         self.scripts = []
10 | 
11 |     def GET(self):
12 |         return self.render("test_template")


--------------------------------------------------------------------------------
/spec/python/plugins/test_plugin2/sam_installer.py:
--------------------------------------------------------------------------------
 1 | import os
 2 | from sam import constants
 3 | 
 4 | THIS_PATH = os.path.dirname(__file__)
 5 | import_hook_calls = []
 6 | boot_hook_calls = 0
 7 | 
 8 | 
 9 | def my_import_hook(db, sub_id, ds_id):
10 |     global import_hook_calls
11 |     import_hook_calls.append((sub_id, ds_id))
12 | 
13 | 
14 | def my_boot_hook():
15 |     global boot_hook_calls
16 |     boot_hook_calls += 1
17 | 
18 | 
19 | def install():
20 |     # install endpoint
21 |     constants.plugin_urls.extend([
22 |         '/test_url', 'test_plugin2.pages.test_url.TestUrl'
23 |     ])
24 | 
25 |     # install templates
26 |     constants.plugin_templates.append('test_plugin2')
27 | 
28 |     # install static files
29 |     constants.plugin_static.append('test_plugin2')
30 | 
31 |     # install models
32 |     # constants.plugin_models.append(warnings.Warnings)
33 | 
34 |     # hook plugin into traffic import system.
35 |     constants.plugin_hooks_traffic_import.append(my_import_hook)
36 | 
37 |     # hook plugin into server startup.
38 |     constants.plugin_hooks_server_start.append(my_boot_hook)
39 | 


--------------------------------------------------------------------------------
/spec/python/plugins/test_plugin2/templates/en/test_template.html:
--------------------------------------------------------------------------------
1 | $def with ()
2 | <h1>Test Page EN</h1>
3 | <p>blah blah</p>


--------------------------------------------------------------------------------
/spec/python/plugins/test_plugin2/templates/fr/test_template.html:
--------------------------------------------------------------------------------
1 | $def with ()
2 | <h1>Test Page FR</h1>
3 | <p>blah blah</p>


--------------------------------------------------------------------------------
/spec/python/rule_templates/test_hosts.txt:
--------------------------------------------------------------------------------
1 | 1.2.3.4
2 | 2.3.4.5
3 | 3.4.5.6
4 | 4.5.6.7
5 | 5.6.7.8
6 | 6.7.8.9
7 | 7.8.9.0
8 | 79.146.47.84


--------------------------------------------------------------------------------
/spec/python/rule_templates/test_rule.yml:
--------------------------------------------------------------------------------
 1 | ---
 2 | name: Test Yaml
 3 | type: immediate
 4 | include:
 5 |   bad_hosts: test_hosts.txt
 6 | expose:
 7 |   source_ip:
 8 |     format: text
 9 |     label: temp label
10 |     default: "1.2.3.4"
11 |     regex: "^([0-9]|[01]?[0-9][0-9]|2[0-4][0-9]|25[0-5])(\\.([0-9]|[01]?[0-9][0-9]|2[0-4][0-9]|25[0-5])){3}$"
12 |   dest_ip:
13 |     format: text
14 |     label: temp label 2
15 |     default: "5.6.7.8"
16 |     regex: "^([0-9]|[01]?[0-9][0-9]|2[0-4][0-9]|25[0-5])(\\.([0-9]|[01]?[0-9][0-9]|2[0-4][0-9]|25[0-5])){3}$"
17 |   port:
18 |     format: text
19 |     label: temp label 3
20 |     default: "(80,443)"
21 |     regex: "("  # intentially malformed regex
22 |   bidirectional:
23 |     format: checkbox
24 |     label: Check both ways
25 |     default: false
26 |   color:
27 |     format: dropdown
28 |     label: Favorite Color
29 |     default: blue
30 |     options:
31 |       - red
32 |       - blue
33 |       - green
34 | actions:
35 |   alert_severity: 8
36 |   alert_label: Special Label
37 |   email_address: abc@zyx.com
38 |   email_subject: "[SAM] Special Email Subject"
39 |   sms_number: 1 123 456 7890
40 |   sms_message: "[SAM] Special SMS Message"
41 | subject: src
42 | when: src host $source_ip and dst host $dest_ip and dst port $port


--------------------------------------------------------------------------------
/spec/python/test_constants.py:
--------------------------------------------------------------------------------
 1 | from spec.python import db_connection
 2 | from sam import constants
 3 | 
 4 | 
 5 | def test_urls():
 6 |     assert (len(constants.urls) & 1) == 0
 7 |     pairs = zip(constants.urls[::2], constants.urls[1::2])
 8 |     for url, class_ in pairs:
 9 |         assert url[0] == '/'
10 | 
11 | 
12 | def test_navbar():
13 |     nav = constants.get_navbar('en')
14 |     assert type(nav) == list
15 |     assert type(nav[0]) == dict
16 |     for link in nav:
17 |         assert 'name' in link
18 |         assert 'link' in link
19 |         assert 'icon' in link
20 |         assert 'group' in link
21 | 


--------------------------------------------------------------------------------
/spec/python/test_localization.py:
--------------------------------------------------------------------------------
 1 | from spec.python import db_connection
 2 | from sam.local import en, rv, fr
 3 | 
 4 | 
 5 | def test_consistent_en_fr():
 6 |     en_keys = {k for k in dir(en) if not k.startswith("__")}
 7 |     fr_keys = {k for k in dir(fr) if not k.startswith("__")}
 8 |     assert en_keys == fr_keys
 9 | 
10 | 
11 | def test_consistent_en_rv():
12 |     en_keys = {k for k in dir(en) if not k.startswith("__")}
13 |     rv_keys = {k for k in dir(rv) if not k.startswith("__")}
14 |     assert en_keys == rv_keys


--------------------------------------------------------------------------------
/spec/python/test_server.py:
--------------------------------------------------------------------------------
  1 | from spec.python import db_connection
  2 | import sam.common
  3 | import sam.constants
  4 | import web
  5 | 
  6 | app = web.application(sam.constants.urls, globals(), autoreload=False)
  7 | sam.common.session_store = web.session.DBStore(db_connection.db, 'sessions')
  8 | sam.common.session = web.session.Session(app, sam.common.session_store)
  9 | 
 10 | # TODO: these commands ping the prod server instead of the test server for the session table.
 11 | #       If the prod server is missing, these fail.
 12 | #       I'm not sure why they do that.
 13 | 
 14 | def test_404():
 15 |     with db_connection.env(login_active=False):
 16 |         req = app.request('/invalidendpoint', method='GET')
 17 |         assert req.status == "404 Not Found"
 18 |         req = app.request('/invalidendpoint', method='POST')
 19 |         assert req.status == "404 Not Found"
 20 | 
 21 | 
 22 | def test_exists_map():
 23 |     with db_connection.env(login_active=False):
 24 |         req = app.request('/map', method='POST')
 25 |         assert req.status == "405 Method Not Allowed"
 26 |         req = app.request('/map?q=42', method='GET')
 27 |         assert req.status == "200 OK"
 28 | 
 29 | 
 30 | def test_exists_stats():
 31 |     with db_connection.env(login_active=False):
 32 |         req = app.request('/stats', 'GET')
 33 |         assert req.status == "200 OK"
 34 |         req = app.request('/stats', 'POST')
 35 |         assert req.status == "405 Method Not Allowed"
 36 | 
 37 | 
 38 | def test_exists_nodes():
 39 |     with db_connection.env(login_active=False):
 40 |         req = app.request('/nodes', 'GET')
 41 |         assert req.status == "200 OK"
 42 |         req = app.request('/nodes', 'POST')
 43 |         assert req.status == "200 OK"
 44 | 
 45 | 
 46 | def test_exists_links():
 47 |     with db_connection.env(login_active=False):
 48 |         req = app.request('/links', 'GET')
 49 |         assert req.status == "200 OK"
 50 |         req = app.request('/links', 'POST')
 51 |         assert req.status == "405 Method Not Allowed"
 52 | 
 53 | 
 54 | def test_exists_details():
 55 |     with db_connection.env(login_active=False):
 56 |         req = app.request('/details', 'GET')
 57 |         assert req.status == "200 OK"
 58 |         req = app.request('/details', 'POST')
 59 |         assert req.status == "405 Method Not Allowed"
 60 | 
 61 | 
 62 | def test_exists_portinfo():
 63 |     with db_connection.env(login_active=False):
 64 |         req = app.request('/portinfo', 'GET')
 65 |         assert req.status == "200 OK"
 66 |         req = app.request('/portinfo', 'POST')
 67 |         assert req.status == "200 OK"
 68 | 
 69 | 
 70 | def test_exists_metadata():
 71 |     with db_connection.env(login_active=False):
 72 |         req = app.request('/metadata', 'GET')
 73 |         assert req.status == "200 OK"
 74 |         req = app.request('/metadata', 'POST')
 75 |         assert req.status == "405 Method Not Allowed"
 76 | 
 77 | 
 78 | def test_exists_table():
 79 |     with db_connection.env(login_active=False):
 80 |         req = app.request('/table', 'GET')
 81 |         assert req.status == "200 OK"
 82 |         req = app.request('/table', 'POST')
 83 |         assert req.status == "405 Method Not Allowed"
 84 | 
 85 | 
 86 | def test_exists_settings():
 87 |     with db_connection.env(login_active=False):
 88 |         req = app.request('/settings', 'GET')
 89 |         assert req.status == "200 OK"
 90 |         req = app.request('/settings', 'POST')
 91 |         assert req.status == "200 OK"
 92 | 
 93 | 
 94 | def test_exists_settings_page():
 95 |     with db_connection.env(login_active=False):
 96 |         req = app.request('/settings_page', 'GET')
 97 |         assert req.status == "200 OK"
 98 |         req = app.request('/settings_page', 'POST')
 99 |         assert req.status == "405 Method Not Allowed"
100 | 
101 | 
102 | def test_exists_login():
103 |     with db_connection.env(login_active=True):
104 |         req = app.request('/login', 'GET')
105 |         assert req.status == "200 OK"
106 |         req = app.request('/login', 'POST')
107 |         assert req.status == "200 OK"
108 | 
109 | 
110 | def test_exists_logout():
111 |     with db_connection.env(login_active=True, mock_session=True):
112 |         req = app.request('/logout', 'GET')
113 |         assert req.status == "303 See Other"
114 |         req = app.request('/logout', 'POST')
115 |         assert req.status == "405 Method Not Allowed"
116 | 


--------------------------------------------------------------------------------
/spec/python/test_sql.sql:
--------------------------------------------------------------------------------
 1 | DROP TABLE IF EXISTS t{id}_blah;
 2 | 
 3 | -- this is a comment and should be ignored
 4 | 
 5 | CREATE TABLE IF NOT EXISTS t{id}_blah
 6 | (port              INT UNSIGNED NOT NULL
 7 | ,CONSTRAINT PKportAliasLUT PRIMARY KEY (port)
 8 | );
 9 | 
10 | SELECT * FROM t{id}_blah
11 | ;
12 | 
13 | --another comment?
14 | 
15 | -- a few blank lines
16 | 
17 | 


--------------------------------------------------------------------------------