How to use the rules.models.YaraRule function in rules

To help you get started, we’ve selected a few rules examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github PUNCH-Cyber / YaraGuardian / rules / test_REST_serializers.py View on Github external
def setUpTestData(cls):
        cls.user = generate_test_user()
        cls.group = cls.user.groups.get()

        cls.rule = YaraRule.objects.create(name='SerializedRule',
                                           strings={},
                                           condition=[],
                                           tags=[],
                                           scopes=[],
                                           imports=[],
                                           metadata={},
                                           dependencies=['serialization'],
                                           logic_hash='',
                                           owner=cls.group,
                                           submitter=cls.user,
                                           source='',
                                           category='',
                                           status=YaraRule.ACTIVE_STATUS)

        cls.serializer = YaraRuleSerializer(instance=cls.rule)
github PUNCH-Cyber / YaraGuardian / rules / test_models.py View on Github external
def test_queryset_method_update_status_with_valid_value(self):
        valid_value = YaraRule.PENDING_STATUS
        self.queryset.update_status(valid_value)

        for entry in self.queryset:
            self.assertEqual(valid_value, entry.status)
github PUNCH-Cyber / YaraGuardian / rules / test_REST_serializers.py View on Github external
cls.group = cls.user.groups.get()

        cls.rule = YaraRule.objects.create(name='SerializedRule',
                                           strings={},
                                           condition=[],
                                           tags=[],
                                           scopes=[],
                                           imports=[],
                                           metadata={},
                                           dependencies=[],
                                           logic_hash='',
                                           owner=cls.group,
                                           submitter=cls.user,
                                           source='',
                                           category='',
                                           status=YaraRule.ACTIVE_STATUS)

        cls.comment = YaraRuleComment(content='',
                                      poster=cls.user,
                                      rule=cls.rule,
                                      modified=datetime.datetime.now(),
                                      created=datetime.datetime.now())

        cls.serializer = YaraRuleCommentSerializer(instance=cls.comment)
github PUNCH-Cyber / YaraGuardian / rules / test_models.py View on Github external
YaraRule.objects.create(name='EditRule2',
                                strings={},
                                condition=[],
                                tags=['OldTag2', 'OldTag3'],
                                scopes=['global'],
                                imports=[],
                                metadata={'Author': '\"Johnny Test\"',
                                          'URL': '\"https://www.bing.com\"'},
                                dependencies=[],
                                logic_hash='',
                                owner=self.group,
                                submitter=self.user,
                                source='Internal Source',
                                category='PCAP',
                                status=YaraRule.INACTIVE_STATUS)

        self.queryset = YaraRule.objects.all()
github PUNCH-Cyber / YaraGuardian / core / test_REST_views.py View on Github external
def test_owner_patch_request(self):
        url = reverse('group-details', kwargs={'group_name': self.group.name})
        request = self.factory.patch(url, {'source_required': False,
                                           'category_required': False,
                                           'nonprivileged_submission_status': YaraRule.ACTIVE_STATUS})

        request.resolver_match = resolve(url)
        force_authenticate(request, user=self.user1)

        self.assertTrue(self.group.groupmeta.source_required)
        self.assertTrue( self.group.groupmeta.category_required)
        self.assertEqual(self.group.groupmeta.nonprivileged_submission_status, YaraRule.PENDING_STATUS)

        response = self.view(request, group_name=self.group.name)

        self.group.groupmeta.refresh_from_db()
        self.assertEqual(response.status_code, 200)
        self.assertFalse(self.group.groupmeta.source_required)
        self.assertFalse( self.group.groupmeta.category_required)
        self.assertEqual(self.group.groupmeta.nonprivileged_submission_status, YaraRule.ACTIVE_STATUS)
github PUNCH-Cyber / YaraGuardian / rules / test_REST_filters.py View on Github external
status=YaraRule.INACTIVE_STATUS)

        YaraRule.objects.create(name='TestRule3',
                                strings={},
                                condition=[],
                                tags=[],
                                scopes=[],
                                imports=[],
                                metadata={},
                                dependencies=['TestRule1', 'TestRule2'],
                                logic_hash='',
                                owner=cls.group,
                                submitter=cls.user,
                                source='External Submission',
                                category='Experimental Rules',
                                status=YaraRule.PENDING_STATUS)

        cls.queryset = YaraRule.objects.all()
github PUNCH-Cyber / YaraGuardian / rules / test_models.py View on Github external
status=YaraRule.INACTIVE_STATUS)

        YaraRule.objects.create(name='PendingRule',
                                strings={},
                                condition=[],
                                tags=['Tag3'],
                                scopes=[],
                                imports=['\"pe\"'],
                                metadata={'dependent': 'true'},
                                dependencies=['ActiveRule'],
                                logic_hash='10864888334a37c31f983675d72f4db601e30d20',
                                owner=cls.group,
                                submitter=cls.user,
                                source='External Submission',
                                category='Binary',
                                status=YaraRule.PENDING_STATUS)

        YaraRule.objects.create(name='RejectedRule',
                                strings={},
                                condition=[],
                                tags=['Tag4'],
                                scopes=['global'],
                                imports=[],
                                metadata={'description': '\"Terrible Rule\"'},
                                dependencies=['MissingRule'],
                                logic_hash='a0d597a713a39ac31bca73708c9779b07c57871e',
                                owner=cls.group,
                                submitter=cls.user,
                                source='Reporting',
                                category='Memory',
                                status=YaraRule.REJECTED_STATUS)
github PUNCH-Cyber / YaraGuardian / rules / management / commands / UploadMasterFile.py View on Github external
parser.add_argument('--user', required=True)
        parser.add_argument('--group', required=True)

        # Optional arguments
        parser.add_argument('--source',
                            default='')

        parser.add_argument('--category',
                            default='')

        parser.add_argument('--folder_as',
                            required=False,
                            choices=['source', 'category'])

        parser.add_argument('--status',
                            default=YaraRule.ACTIVE_STATUS,
                            choices=[YaraRule.ACTIVE_STATUS,
                                     YaraRule.INACTIVE_STATUS,
                                     YaraRule.PENDING_STATUS,
                                     YaraRule.REJECTED_STATUS])
github PUNCH-Cyber / YaraGuardian / core / REST_serializers.py View on Github external
return obj.groupmeta.source_options

    def get_category_required(self, obj):
        return obj.groupmeta.category_required

    def get_category_options(self, obj):
        return obj.groupmeta.category_options

    def get_nonprivileged_submission_status(self, obj):
        return obj.groupmeta.nonprivileged_submission_status


class GroupMetaUpdateSerializer(serializers.Serializer):
    source_required = serializers.BooleanField()
    category_required = serializers.BooleanField()
    nonprivileged_submission_status = serializers.ChoiceField(YaraRule.STATUS_CHOICES)

    def update(self, instance, validated_data):
        instance.source_required = validated_data.get('source_required',
                                                      instance.source_required)

        instance.category_required = validated_data.get('category_required',
                                                        instance.category_required)

        instance.nonprivileged_submission_status = validated_data.get('nonprivileged_submission_status',
                                                                      instance.nonprivileged_submission_status)

        instance.save()
        return instance


class PrivateUserSerializer(serializers.Serializer):
github PUNCH-Cyber / YaraGuardian / rules / REST_views.py View on Github external
def get_queryset(group_context, query_params=None):

    queryset = YaraRule.objects.filter(owner=group_context)

    if query_params:
        queryset = YaraRuleFilter(query_params, queryset=queryset).qs

    return queryset