neptune/core/views/ui/drilldown.py

504 lines
16 KiB
Python

import json
import urllib
import uuid
from django.conf import settings
from django.http import HttpResponse, JsonResponse
from django.shortcuts import render
from django.urls import reverse
from django.views import View
from django_tables2 import SingleTableView
from rest_framework.parsers import FormParser
from rest_framework.views import APIView
from core.lib.context import construct_query
# from core.lib.opensearch import query_results
from core.lib.manticore import query_results
from core.lib.threshold import (
annotate_num_chans,
annotate_num_users,
get_chans,
get_users,
)
from core.views.ui.tables import DrilldownTable
# from copy import deepcopy
def parse_dates(dates):
spl = dates.split(" - ")
if all(spl):
spl = [f"{x.replace(' ', 'T')}" for x in spl]
if not len(spl) == 2:
message = "Invalid dates"
message_class = "danger"
return {"message": message, "class": message_class}
from_ts, to_ts = spl
from_date, from_time = from_ts.split("T")
to_date, to_time = to_ts.split("T")
return {
"from_date": from_date,
"to_date": to_date,
"from_time": from_time,
"to_time": to_time,
}
def create_tags(query):
"""
Grab the tags out of the query and make a list
we can add to the Bulma tags element when the page loads.
"""
spl = query.split("AND")
spl = [x.strip() for x in spl if ":" in x]
spl = [x.replace('"', "") for x in spl]
tags = [f"{tag}: {elem}" for tag, elem in [x.split(":")[:2] for x in spl]]
return tags
def parse_tags(tags_pre):
"""
Parse the tags from the variable tags_pre.
"""
tags = {}
tags_spl = tags_pre.split(",")
if tags_spl:
for tag in tags_spl:
tag = tag.split(": ")
if len(tag) == 2:
key, val = tag
tags[key] = val
return tags
def make_table(context):
table = DrilldownTable(context["object_list"])
context["table"] = table
# del context["results"]
return context
def make_graph(results):
graph = []
for index, item in enumerate(results):
date = str(index)
graph.append(
{
"text": item.get("tokens", None)
or item.get("msg", None)
or item.get("id"),
"nick": item.get("nick", None),
"channel": item.get("channel", None),
"net": item.get("net", None),
"value": item.get("sentiment", None) or None,
"date": date,
}
)
return json.dumps(graph)
def drilldown_search(request, return_context=False, template=None):
extra_params = {}
if not template:
template_name = "widgets/table_results.html"
else:
template_name = template
if request.user.is_anonymous:
sizes = settings.OPENSEARCH_MAIN_SIZES_ANON
else:
sizes = settings.OPENSEARCH_MAIN_SIZES
if request.GET:
if not request.htmx:
template_name = "ui/drilldown/drilldown.html"
query_params = request.GET.dict()
elif request.POST:
query_params = request.POST.dict()
else:
template_name = "ui/drilldown/drilldown.html"
context = {"sizes": sizes, "unique": "results"}
return render(request, template_name, context)
tmp_post = request.POST.dict()
tmp_get = request.GET.dict()
tmp_post = {k: v for k, v in tmp_post.items() if v and not v == "None"}
tmp_get = {k: v for k, v in tmp_get.items() if v and not v == "None"}
query_params.update(tmp_post)
query_params.update(tmp_get)
# URI we're passing to the template for linking
if "csrfmiddlewaretoken" in query_params:
del query_params["csrfmiddlewaretoken"]
# Parse the dates
if "dates" in query_params:
dates = parse_dates(query_params["dates"])
del query_params["dates"]
if dates:
if "message" in dates:
return render(request, template_name, dates)
query_params["from_date"] = dates["from_date"]
query_params["to_date"] = dates["to_date"]
query_params["from_time"] = dates["from_time"]
query_params["to_time"] = dates["to_time"]
if "query" in query_params:
# Remove null values
if query_params["query"] == "":
del query_params["query"]
# Turn the query into tags for populating the taglist
# tags = create_tags(query_params["query"])
# context["tags"] = tags
# else:
# context = {"object_list": []}
# Remove null values
if "query_full" in query_params:
if query_params["query_full"] == "":
del query_params["query_full"]
if "tags" in query_params:
if query_params["tags"] == "":
del query_params["tags"]
else:
tags = parse_tags(query_params["tags"])
extra_params["tags"] = tags
context = query_results(request, query_params, **extra_params)
context["unique"] = "results"
# Valid sizes
context["sizes"] = sizes
url_params = urllib.parse.urlencode(query_params)
context["client_uri"] = url_params
context["params"] = query_params
if "message" in context:
if return_context:
return context
response = render(request, template_name, context)
if request.GET:
if request.htmx:
response["HX-Push"] = reverse("home") + "?" + url_params
elif request.POST:
response["HX-Push"] = reverse("home") + "?" + url_params
return response
# Create data for chart.js sentiment graph
graph = make_graph(context["object_list"])
context["data"] = graph
context = make_table(context)
# URI we're passing to the template for linking, table fields removed
table_fields = ["page", "sort"]
clean_params = {k: v for k, v in query_params.items() if k not in table_fields}
clean_url_params = urllib.parse.urlencode(clean_params)
context["uri"] = clean_url_params
# Warn users trying to use query string that the simple query supersedes it
if all([x in query_params for x in ["query", "query_full"]]):
context["message"] = (
"You are searching with both query types. "
"The simple query will be used. "
"The full query will be ignored. "
"Remove the text from the simple query if you wish "
"to use the full query."
)
context["class"] = "warning"
# unique = str(uuid.uuid4())[:8]
response = render(request, template_name, context)
if request.GET:
if request.htmx:
response["HX-Push"] = reverse("home") + "?" + url_params
elif request.POST:
response["HX-Push"] = reverse("home") + "?" + url_params
if return_context:
return context
return response
class DrilldownTableView(SingleTableView):
table_class = DrilldownTable
template_name = "widgets/table_results.html"
paginate_by = settings.DRILLDOWN_RESULTS_PER_PAGE
def get_queryset(self, request, **kwargs):
context = drilldown_search(request, return_context=True)
# Save the context as we will need to merge other attributes later
self.context = context
if "object_list" in context:
return context["object_list"]
else:
return []
def get(self, request, *args, **kwargs):
self.object_list = self.get_queryset(request)
show = []
show = set().union(*(d.keys() for d in self.object_list))
allow_empty = self.get_allow_empty()
if not allow_empty:
# When pagination is enabled and object_list is a queryset,
# it's better to do a cheap query than to load the unpaginated
# queryset in memory.
if self.get_paginate_by(self.object_list) is not None and hasattr(
self.object_list, "exists"
):
is_empty = not self.object_list.exists() # noqa
else:
is_empty = not self.object_list # noqa
context = self.get_context_data()
if isinstance(self.context, HttpResponse):
return self.context
for k, v in self.context.items():
if k not in context:
context[k] = v
context["show"] = show
if request.method == "GET":
if not request.htmx:
self.template_name = "ui/drilldown/drilldown.html"
response = self.render_to_response(context)
# if not request.method == "GET":
if "client_uri" in context:
response["HX-Push"] = reverse("home") + "?" + context["client_uri"]
return response
def post(self, request, *args, **kwargs):
return self.get(request, *args, **kwargs)
class Drilldown(View):
template_name = "ui/drilldown/drilldown.html"
plan_name = "drilldown"
def get(self, request):
return drilldown_search(request)
def post(self, request):
return drilldown_search(request)
class DrilldownContextModal(APIView):
parser_classes = [FormParser]
plan_name = "drilldown"
template_name = "modals/context.html"
def post(self, request):
if request.resolver_match.url_name == "modal_context_table":
self.template_name = "partials/context_table.html"
size = 20
nicks_sensitive = None
query = False
# Create the query params from the POST arguments
mandatory = [
"net",
"channel",
"num",
"source",
"index",
"nick",
"type",
"mtype",
]
invalid = [None, False, "", "None"]
query_params = {k: v for k, v in request.data.items() if v}
for key in query_params:
if query_params[key] in invalid:
query_params[key] = None
for key in mandatory:
if key not in query_params:
query_params[key] = None
# Lookup the hash values but don't disclose them to the user
# if settings.HASHING:
# if query_params["source"] not in settings.SAFE_SOURCES:
# SAFE_PARAMS = deepcopy(query_params)
# hash_lookup(request.user, SAFE_PARAMS)
# else:
# SAFE_PARAMS = deepcopy(query_params)
# else:
# SAFE_PARAMS = query_params
type = None
if request.user.is_superuser:
if "type" in query_params:
type = query_params["type"]
if type == "znc":
query_params["channel"] = "*status"
# SAFE_PARAMS["channel"] = "*status"
if type in ["query", "notice"]:
nicks_sensitive = [
query_params["channel"],
query_params["nick"],
] # UNSAFE
# nicks = [query_params["channel"], query_params["nick"]]
query = True
if (
query_params["index"] == "int"
and query_params["mtype"] == "msg"
and not type == "query"
):
query_params["index"] = "main"
# SAFE_PARAMS["index"] = "main"
if query_params["type"] in ["znc", "auth"]:
query = True
if not request.user.is_superuser:
query_params["index"] = "main"
# SAFE_PARAMS["index"] = "main"
query_params["sorting"] = "desc"
# SAFE_PARAMS["sorting"] = "desc"
annotate = False
if query_params["source"] == "irc":
if query_params["type"] not in ["znc", "auth"]:
annotate = True
# Create the query with the context helper
if query_params["num"].isdigit():
query_params["num"] = int(query_params["num"])
search_query = construct_query(
query_params["index"],
query_params["net"],
query_params["channel"],
query_params["source"],
query_params["num"],
size,
type=type,
nicks=nicks_sensitive,
)
results = query_results(
request,
query_params,
annotate=annotate,
custom_query=search_query,
reverse=True,
dedup_fields=["net", "type", "msg"],
)
if "message" in results:
return render(request, self.template_name, results)
# if settings.HASHING: # we probably want to see the tokens
# if query_params["source"] not in settings.SAFE_SOURCES:
# if not request.user.has_perm("core.bypass_hashing"):
# for index, item in enumerate(results["object_list"]):
# if "tokens" in item:
# results["object_list"][index]["msg"] = results[
# "object_list"
# ][index].pop("tokens")
# # item["msg"] = item.pop("tokens")
# Make the time nicer
# for index, item in enumerate(results["object_list"]):
# results["object_list"][index]["time"] = item["time"]+"SSS"
unique = str(uuid.uuid4())[:8]
print("PARAMS", query_params)
context = {
"net": query_params["net"],
"channel": query_params["channel"],
"source": query_params["source"],
"ts": f"{query_params['date']} {query_params['time']}",
"object_list": results["object_list"],
"time": query_params["time"],
"date": query_params["date"],
"index": query_params["index"],
"num": query_params["num"],
"type": query_params["type"],
"mtype": query_params["mtype"],
"nick": query_params["nick"],
"params": query_params,
"unique": unique,
}
if request.user.is_superuser:
if query:
context["query"] = True
return render(request, self.template_name, context)
class ThresholdInfoModal(APIView):
parser_classes = [FormParser]
plan_name = "drilldown"
template_name = "modals/drilldown.html"
def post(self, request, type=None):
# if not request.user.has_plan(self.plan_name):
# return JsonResponse({"success": False})
if "net" not in request.data:
return JsonResponse({"success": False})
if "nick" not in request.data:
return JsonResponse({"success": False})
if "channel" not in request.data:
return JsonResponse({"success": False})
if type == "window":
self.template_name = "windows/drilldown.html"
elif type == "widget":
self.template_name = "widgets/drilldown.html"
net = request.data["net"]
nick = request.data["nick"]
channel = request.data["channel"]
# SAFE BLOCK #
# Lookup the hash values but don't disclose them to the user
# if settings.HASHING:
# SAFE_PARAMS = request.data.dict()
# hash_lookup(request.user, SAFE_PARAMS)
channels = get_chans(net, [nick])
users = get_users(net, [nick])
num_users = annotate_num_users(net, channels)
num_chans = annotate_num_chans(net, users)
if channels:
inter_users = get_users(net, channels)
else:
inter_users = []
if users:
inter_chans = get_chans(net, users)
else:
inter_chans = []
# if settings.HASHING:
# hash_list(request.user, inter_chans)
# hash_list(request.user, inter_users)
# hash_list(request.user, num_chans, hash_keys=True)
# hash_list(request.user, num_users, hash_keys=True)
# hash_list(request.user, channels)
# hash_list(request.user, users)
# if settings.RANDOMISATION:
# randomise_list(request.user, num_chans)
# randomise_list(request.user, num_users)
# SAFE BLOCK END #
unique = str(uuid.uuid4())[:8]
context = {
"net": net,
"nick": nick,
"channel": channel,
"chans": channels,
"users": users,
"inter_chans": inter_chans,
"inter_users": inter_users,
"num_users": num_users,
"num_chans": num_chans,
"unique": unique,
}
return render(request, self.template_name, context)