How to use the rules.models.YaraRule function in rules
To help you get started, we’ve selected a few rules examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
PUNCH-Cyber / YaraGuardian / rules / test_REST_serializers.py View on Github 
def setUpTestData(cls):
cls.user = generate_test_user()
cls.group = cls.user.groups.get()
cls.rule = YaraRule.objects.create(name='SerializedRule',
strings={},
condition=[],
tags=[],
scopes=[],
imports=[],
metadata={},
dependencies=['serialization'],
logic_hash='',
owner=cls.group,
submitter=cls.user,
source='',
category='',
status=YaraRule.ACTIVE_STATUS)
cls.serializer = YaraRuleSerializer(instance=cls.rule)def test_queryset_method_update_status_with_valid_value(self):
valid_value = YaraRule.PENDING_STATUS
self.queryset.update_status(valid_value)
for entry in self.queryset:
self.assertEqual(valid_value, entry.status)cls.group = cls.user.groups.get()
cls.rule = YaraRule.objects.create(name='SerializedRule',
strings={},
condition=[],
tags=[],
scopes=[],
imports=[],
metadata={},
dependencies=[],
logic_hash='',
owner=cls.group,
submitter=cls.user,
source='',
category='',
status=YaraRule.ACTIVE_STATUS)
cls.comment = YaraRuleComment(content='',
poster=cls.user,
rule=cls.rule,
modified=datetime.datetime.now(),
created=datetime.datetime.now())
cls.serializer = YaraRuleCommentSerializer(instance=cls.comment)YaraRule.objects.create(name='EditRule2',
strings={},
condition=[],
tags=['OldTag2', 'OldTag3'],
scopes=['global'],
imports=[],
metadata={'Author': '\"Johnny Test\"',
'URL': '\"https://www.bing.com\"'},
dependencies=[],
logic_hash='',
owner=self.group,
submitter=self.user,
source='Internal Source',
category='PCAP',
status=YaraRule.INACTIVE_STATUS)
self.queryset = YaraRule.objects.all()def test_owner_patch_request(self):
url = reverse('group-details', kwargs={'group_name': self.group.name})
request = self.factory.patch(url, {'source_required': False,
'category_required': False,
'nonprivileged_submission_status': YaraRule.ACTIVE_STATUS})
request.resolver_match = resolve(url)
force_authenticate(request, user=self.user1)
self.assertTrue(self.group.groupmeta.source_required)
self.assertTrue( self.group.groupmeta.category_required)
self.assertEqual(self.group.groupmeta.nonprivileged_submission_status, YaraRule.PENDING_STATUS)
response = self.view(request, group_name=self.group.name)
self.group.groupmeta.refresh_from_db()
self.assertEqual(response.status_code, 200)
self.assertFalse(self.group.groupmeta.source_required)
self.assertFalse( self.group.groupmeta.category_required)
self.assertEqual(self.group.groupmeta.nonprivileged_submission_status, YaraRule.ACTIVE_STATUS)status=YaraRule.INACTIVE_STATUS)
YaraRule.objects.create(name='TestRule3',
strings={},
condition=[],
tags=[],
scopes=[],
imports=[],
metadata={},
dependencies=['TestRule1', 'TestRule2'],
logic_hash='',
owner=cls.group,
submitter=cls.user,
source='External Submission',
category='Experimental Rules',
status=YaraRule.PENDING_STATUS)
cls.queryset = YaraRule.objects.all()status=YaraRule.INACTIVE_STATUS)
YaraRule.objects.create(name='PendingRule',
strings={},
condition=[],
tags=['Tag3'],
scopes=[],
imports=['\"pe\"'],
metadata={'dependent': 'true'},
dependencies=['ActiveRule'],
logic_hash='10864888334a37c31f983675d72f4db601e30d20',
owner=cls.group,
submitter=cls.user,
source='External Submission',
category='Binary',
status=YaraRule.PENDING_STATUS)
YaraRule.objects.create(name='RejectedRule',
strings={},
condition=[],
tags=['Tag4'],
scopes=['global'],
imports=[],
metadata={'description': '\"Terrible Rule\"'},
dependencies=['MissingRule'],
logic_hash='a0d597a713a39ac31bca73708c9779b07c57871e',
owner=cls.group,
submitter=cls.user,
source='Reporting',
category='Memory',
status=YaraRule.REJECTED_STATUS)parser.add_argument('--user', required=True)
parser.add_argument('--group', required=True)
# Optional arguments
parser.add_argument('--source',
default='')
parser.add_argument('--category',
default='')
parser.add_argument('--folder_as',
required=False,
choices=['source', 'category'])
parser.add_argument('--status',
default=YaraRule.ACTIVE_STATUS,
choices=[YaraRule.ACTIVE_STATUS,
YaraRule.INACTIVE_STATUS,
YaraRule.PENDING_STATUS,
YaraRule.REJECTED_STATUS])return obj.groupmeta.source_options
def get_category_required(self, obj):
return obj.groupmeta.category_required
def get_category_options(self, obj):
return obj.groupmeta.category_options
def get_nonprivileged_submission_status(self, obj):
return obj.groupmeta.nonprivileged_submission_status
class GroupMetaUpdateSerializer(serializers.Serializer):
source_required = serializers.BooleanField()
category_required = serializers.BooleanField()
nonprivileged_submission_status = serializers.ChoiceField(YaraRule.STATUS_CHOICES)
def update(self, instance, validated_data):
instance.source_required = validated_data.get('source_required',
instance.source_required)
instance.category_required = validated_data.get('category_required',
instance.category_required)
instance.nonprivileged_submission_status = validated_data.get('nonprivileged_submission_status',
instance.nonprivileged_submission_status)
instance.save()
return instance
class PrivateUserSerializer(serializers.Serializer):def get_queryset(group_context, query_params=None):
queryset = YaraRule.objects.filter(owner=group_context)
if query_params:
queryset = YaraRuleFilter(query_params, queryset=queryset).qs
return querysetrules
Awesome Django authorization, without the database
Package Health Score
77 / 100Popular rules functions
- rules.add_perm
- rules.ContextualRule.makeContextualRule
- rules.contrib.views.permission_required
- rules.contrib.views.PermissionRequiredMixin
- rules.emacs.Cmd.Cmd
- rules.emacs.Cmd.runEmacsCmd
- rules.emacs.common.emacsDefaults
- rules.emacs.common.emacsExtras
- rules.Location
- rules.logger.debug
- rules.logger.info
- rules.models.Category.objects.filter
- rules.models.Rule
- rules.models.Ruleset.objects.all
- rules.models.Transformation
- rules.models.UserAction.create
- rules.models.YaraRule
- rules.predicate
- rules.REST_filters.YaraRuleFilter
- rules.Rules