From 594d37bb40f3e3e0f15553383cf2a305d4d6742e Mon Sep 17 00:00:00 2001 From: mo khan Date: Mon, 9 Feb 2015 19:43:03 -0700 Subject: extract api. --- app/controllers/api/agents/events_controller.rb | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 app/controllers/api/agents/events_controller.rb (limited to 'app/controllers/api/agents/events_controller.rb') diff --git a/app/controllers/api/agents/events_controller.rb b/app/controllers/api/agents/events_controller.rb new file mode 100644 index 0000000..255a5bc --- /dev/null +++ b/app/controllers/api/agents/events_controller.rb @@ -0,0 +1,19 @@ +module Api + module Agents + class EventsController < ApplicationController + def create + @agent = Agent.find(params[:agent_id]) + message = event_params.merge({agent_id: @agent.id}) + routing_key = "events.#{event_params[:type]}.#{@agent.id}" + Publisher.publish(routing_key, message) + render nothing: true + end + + private + + def event_params + params[:event] + end + end + end +end -- cgit v1.2.3 From 34f53efff788b7558f63d973aad1f3475c27c125 Mon Sep 17 00:00:00 2001 From: mo khan Date: Mon, 9 Feb 2015 20:25:22 -0700 Subject: extract message objects to publish. --- app/controllers/agents/events_controller.rb | 8 +++++--- app/controllers/api/agents/events_controller.rb | 9 ++++++--- app/controllers/api/agents/files_controller.rb | 7 +++---- app/controllers/application_controller.rb | 6 ++++++ app/controllers/dispositions_controller.rb | 11 ++++++++--- app/models/event_message.rb | 25 +++++++++++++++++++++++++ app/models/poke_message.rb | 23 +++++++++++++++++++++++ app/services/publisher.rb | 4 ++-- 8 files changed, 78 insertions(+), 15 deletions(-) create mode 100644 app/models/event_message.rb create mode 100644 app/models/poke_message.rb (limited to 'app/controllers/api/agents/events_controller.rb') diff --git a/app/controllers/agents/events_controller.rb b/app/controllers/agents/events_controller.rb index 6827938..30ca295 100644 --- a/app/controllers/agents/events_controller.rb +++ b/app/controllers/agents/events_controller.rb @@ -11,9 +11,11 @@ module Agents end def create - message = event_params.merge({agent_id: @agent.id}) - routing_key = "events.#{event_params[:type]}.#{@agent.id}" - Publisher.publish(routing_key, message) + publish(EventMessage.new( + agent_id: @agent.id, + event_type: event_params[:event_type], + data: event_params[:data] + )) redirect_to agent_events_url, notice: 'Event was successfully created.' end diff --git a/app/controllers/api/agents/events_controller.rb b/app/controllers/api/agents/events_controller.rb index 255a5bc..ca9b829 100644 --- a/app/controllers/api/agents/events_controller.rb +++ b/app/controllers/api/agents/events_controller.rb @@ -3,9 +3,12 @@ module Api class EventsController < ApplicationController def create @agent = Agent.find(params[:agent_id]) - message = event_params.merge({agent_id: @agent.id}) - routing_key = "events.#{event_params[:type]}.#{@agent.id}" - Publisher.publish(routing_key, message) + publish(EventMessage.new( + agent_id: @agent.id, + event_type: event_params[:event_type], + data: event_params[:data] + )) + render nothing: true end diff --git a/app/controllers/api/agents/files_controller.rb b/app/controllers/api/agents/files_controller.rb index 1329d04..b111048 100644 --- a/app/controllers/api/agents/files_controller.rb +++ b/app/controllers/api/agents/files_controller.rb @@ -9,12 +9,11 @@ module Api @agent = Agent.find(params[:agent_id]) @fingerprint = params[:id] @file = Disposition.find_by(fingerprint: params[:id]) - message = { + publish(EventMessage.new( agent_id: @agent.id, - type: :lookup, + event_type: :scanned, data: params[:data] - } - Publisher.publish("events.scanned.#{@agent.id}", message) + )) end end end diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 84e9c93..8ce68a5 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -3,4 +3,10 @@ class ApplicationController < ActionController::Base # For APIs, you may want to use :null_session instead. #protect_from_forgery with: :exception protect_from_forgery with: :null_session + + protected + + def publish(message) + Publisher.publish(message) + end end diff --git a/app/controllers/dispositions_controller.rb b/app/controllers/dispositions_controller.rb index 17f8657..e63f696 100644 --- a/app/controllers/dispositions_controller.rb +++ b/app/controllers/dispositions_controller.rb @@ -18,14 +18,19 @@ class DispositionsController < ApplicationController end def create - fingerprint = disposition_params[:fingerprint] - Publisher.publish("commands.poke.#{fingerprint}", disposition_params) + publish(PokeMessage.new( + fingerprint: disposition_params[:fingerprint], + state: disposition_params[:state], + )) redirect_to dispositions_path, notice: 'Disposition was successfully created.' end def update - Publisher.publish("poke", disposition_params) + publish(PokeMessage.new( + fingerprint: disposition_params[:fingerprint], + state: disposition_params[:state], + )) redirect_to dispositions_path, notice: 'Disposition was successfully updated.' end diff --git a/app/models/event_message.rb b/app/models/event_message.rb new file mode 100644 index 0000000..0a0c9ae --- /dev/null +++ b/app/models/event_message.rb @@ -0,0 +1,25 @@ +class EventMessage + attr_reader :agent_id, :event_type, :data + + def initialize(agent_id:, event_type:, data: {}) + @agent_id = agent_id + @event_type = event_type + @data = data + end + + def routing_key + "events.#{event_type}.#{agent_id}" + end + + def to_hash + { + agent_id: agent_id, + event_type: event_type, + data: data + } + end + + def to_json + to_hash.to_json + end +end diff --git a/app/models/poke_message.rb b/app/models/poke_message.rb new file mode 100644 index 0000000..b134ba9 --- /dev/null +++ b/app/models/poke_message.rb @@ -0,0 +1,23 @@ +class PokeMessage + attr_reader :fingerprint, :state + + def initialize(fingerprint:, state: ) + @fingerprint = fingerprint + @state = state + end + + def routing_key + "commands.poke.#{fingerprint}" + end + + def to_hash + { + fingerprint: fingerprint, + state: state + } + end + + def to_json + to_hash.to_json + end +end diff --git a/app/services/publisher.rb b/app/services/publisher.rb index 704f1e3..1c384dd 100644 --- a/app/services/publisher.rb +++ b/app/services/publisher.rb @@ -1,7 +1,7 @@ class Publisher - def self.publish(routing_key, message = {}) + def self.publish(message) exchange = channel.topic("malwer") - exchange.publish(message.to_json, routing_key: routing_key) + exchange.publish(message.to_json, routing_key: message.routing_key) end def self.channel -- cgit v1.2.3 From 2b679683b19322a568225a69949e5d8ed61fe9a9 Mon Sep 17 00:00:00 2001 From: mo khan Date: Mon, 9 Feb 2015 20:40:06 -0700 Subject: protect from forgery and cache ip and hostname on fake agent. --- app/controllers/api/agents/events_controller.rb | 2 +- app/controllers/api/api_controller.rb | 7 ++++++- app/controllers/application_controller.rb | 2 +- lib/fake_agent.rb | 10 +++++++--- 4 files changed, 15 insertions(+), 6 deletions(-) (limited to 'app/controllers/api/agents/events_controller.rb') diff --git a/app/controllers/api/agents/events_controller.rb b/app/controllers/api/agents/events_controller.rb index ca9b829..60b9195 100644 --- a/app/controllers/api/agents/events_controller.rb +++ b/app/controllers/api/agents/events_controller.rb @@ -1,6 +1,6 @@ module Api module Agents - class EventsController < ApplicationController + class EventsController < ApiController def create @agent = Agent.find(params[:agent_id]) publish(EventMessage.new( diff --git a/app/controllers/api/api_controller.rb b/app/controllers/api/api_controller.rb index 0316222..6954700 100644 --- a/app/controllers/api/api_controller.rb +++ b/app/controllers/api/api_controller.rb @@ -1,5 +1,10 @@ module Api - class ApiController < ApplicationController + class ApiController < ActionController::Base protect_from_forgery with: :null_session + protected + + def publish(message) + Publisher.publish(message) + end end end diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 209ec89..54093eb 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -1,7 +1,7 @@ class ApplicationController < ActionController::Base # Prevent CSRF attacks by raising an exception. # For APIs, you may want to use :null_session instead. - #protect_from_forgery with: :exception + protect_from_forgery with: :exception protected diff --git a/lib/fake_agent.rb b/lib/fake_agent.rb index 2cf3309..bfa20d3 100644 --- a/lib/fake_agent.rb +++ b/lib/fake_agent.rb @@ -10,7 +10,7 @@ class FakeAgent end def register - response = Typhoeus.post(registration_url, body: { agent: { hostname: Socket.gethostname } }) + response = Typhoeus.post(registration_url, body: { agent: { hostname: hostname } }) json = JSON.parse(response.body) @id = json["id"] end @@ -80,7 +80,7 @@ class FakeAgent data: { fingerprint: fingerprint_for(file), path: file, - hostname: Socket.gethostname, + hostname: hostname, ip_addresses: ip_addresses, } } @@ -98,8 +98,12 @@ class FakeAgent sha end + def hostname + @hostname ||= Socket.gethostname + end + def ip_addresses - Socket.ip_address_list.find_all { |x| x.ipv4? }.map { |x| x.ip_address } + @ipaddresses ||= Socket.ip_address_list.find_all { |x| x.ipv4? }.map { |x| x.ip_address } end def disposition_for(file) -- cgit v1.2.3 From 05b427bd4d9f9c4ea60f9485f06d68de0b689d28 Mon Sep 17 00:00:00 2001 From: mo khan Date: Mon, 9 Feb 2015 20:46:57 -0700 Subject: use type param. --- app/controllers/agents/events_controller.rb | 2 +- app/controllers/api/agents/events_controller.rb | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'app/controllers/api/agents/events_controller.rb') diff --git a/app/controllers/agents/events_controller.rb b/app/controllers/agents/events_controller.rb index 30ca295..f695feb 100644 --- a/app/controllers/agents/events_controller.rb +++ b/app/controllers/agents/events_controller.rb @@ -13,7 +13,7 @@ module Agents def create publish(EventMessage.new( agent_id: @agent.id, - event_type: event_params[:event_type], + event_type: event_params[:type], data: event_params[:data] )) redirect_to agent_events_url, notice: 'Event was successfully created.' diff --git a/app/controllers/api/agents/events_controller.rb b/app/controllers/api/agents/events_controller.rb index 60b9195..56b566f 100644 --- a/app/controllers/api/agents/events_controller.rb +++ b/app/controllers/api/agents/events_controller.rb @@ -5,7 +5,7 @@ module Api @agent = Agent.find(params[:agent_id]) publish(EventMessage.new( agent_id: @agent.id, - event_type: event_params[:event_type], + event_type: event_params[:type], data: event_params[:data] )) -- cgit v1.2.3