API Documentation
Global Functions
ask_analysis_availability
API endpoint to check for existing analysis based on an MD5 hash.
This endpoint helps avoid redundant analysis by checking if there is already an analysis in progress or completed with status "running" or "reported_without_fails" for the provided MD5 hash. The analyzers that need to be executed should be specified to ensure expected results.
Deprecated: This endpoint will be deprecated after 01-07-2023.
Parameters: - request (POST): Contains the MD5 hash and analyzer details.
Returns: - 200: JSON response with the analysis status, job ID, and analyzers to be executed.
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
ask_multi_analysis_availability
API endpoint to check for existing analysis for multiple MD5 hashes.
Similar to ask_analysis_availability
, this endpoint checks for existing analysis for multiple MD5 hashes.
It prevents redundant analysis by verifying if there are any jobs in progress or completed with status
"running" or "reported_without_fails". The analyzers required should be specified to ensure accurate results.
Parameters: - request (POST): Contains multiple MD5 hashes and analyzer details.
Returns: - 200: JSON response with the analysis status, job IDs, and analyzers to be executed for each MD5 hash.
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
analyze_file
API endpoint to start an analysis job for a single file.
This endpoint initiates an analysis job for a single file and sends it to the specified analyzers. The file-related information and analyzers should be provided in the request data.
Parameters: - request (POST): Contains file data and analyzer details.
Returns: - 200: JSON response with the job details after initiating the analysis.
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
analyze_multiple_files
API endpoint to start analysis jobs for multiple files.
This endpoint initiates analysis jobs for multiple files and sends them to the specified analyzers. The file-related information and analyzers should be provided in the request data.
Parameters: - request (POST): Contains multiple file data and analyzer details.
Returns: - 200: JSON response with the job details for each initiated analysis.
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
analyze_observable
API endpoint to start an analysis job for a single observable.
This endpoint initiates an analysis job for a single observable (e.g., domain, IP, URL, etc.) and sends it to the specified analyzers. The observable-related information and analyzers should be provided in the request data.
Parameters: - request (POST): Contains observable data and analyzer details.
Returns: - 200: JSON response with the job details after initiating the analysis.
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
analyze_multiple_observables
API endpoint to start analysis jobs for multiple observables.
This endpoint initiates analysis jobs for multiple observables (e.g., domain, IP, URL, etc.) and sends them to the specified analyzers. The observables and analyzer details should be provided in the request data.
Parameters: - request (POST): Contains multiple observable data and analyzer details.
Returns: - 200: JSON response with the job details for each initiated analysis.
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
Classes
CommentViewSet
Bases: ModelViewSet
CommentViewSet provides the following actions:
- list: Retrieve a list of comments associated with jobs visible to the authenticated user.
- retrieve: Retrieve a specific comment by ID, accessible to the comment's owner or anyone in the same organization.
- destroy: Delete a comment by ID, allowed only for the comment's owner.
- update: Update a comment by ID, allowed only for the comment's owner.
- partial_update: Partially update a comment by ID, allowed only for the comment's owner.
Permissions: - IsAuthenticated: Requires authentication for all actions. - IsObjectUserPermission: Allows only the comment owner to update or delete the comment. - IsObjectUserOrSameOrgPermission: Allows the comment owner or anyone in the same organization to retrieve the comment.
Queryset: - Filters comments to include only those associated with jobs visible to the authenticated user.
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
get_permissions()
Customizes permissions based on the action being performed.
- For
destroy
,update
, andpartial_update
actions, addsIsObjectUserPermission
to ensure that only the comment owner can perform these actions. - For the
retrieve
action, addsIsObjectUserOrSameOrgPermission
to allow the comment owner or anyone in the same organization to retrieve the comment.
Returns: - List of applicable permissions.
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
get_queryset()
Filters the queryset to include only comments related to jobs visible to the authenticated user.
- Fetches job IDs that are visible to the user.
- Filters the comment queryset to include only comments associated with these jobs.
Returns: - Filtered queryset of comments.
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
JobViewSet
Bases: ReadAndDeleteOnlyViewSet
, SerializerActionMixin
JobViewSet provides the following actions:
- list: Retrieve a list of jobs visible to the authenticated user, ordered by request time.
- retrieve: Retrieve a specific job by ID.
- destroy: Delete a job by ID, allowed only for the job owner or anyone in the same organization.
- recent_scans: Retrieve recent jobs based on an MD5 hash, limited by a maximum temporal distance.
- recent_scans_user: Retrieve recent jobs for the authenticated user, filtered by sample status.
- retry: Retry a job if its status is in a final state.
- kill: Kill a running job by closing celery tasks and marking it as killed.
- download_sample: Download a file/sample associated with a job.
- pivot: Perform a pivot operation from a job's reports.
- aggregate_status: Aggregate jobs by their status over a specified time range.
- aggregate_type: Aggregate jobs by type (file or observable) over a specified time range.
- aggregate_observable_classification: Aggregate jobs by observable classification over a specified time range.
- aggregate_file_mimetype: Aggregate jobs by file MIME type over a specified time range.
- aggregate_observable_name: Aggregate jobs by observable name over a specified time range.
- aggregate_md5: Aggregate jobs by MD5 hash over a specified time range.
Permissions: - IsAuthenticated: Requires authentication for all actions. - IsObjectUserOrSameOrgPermission: Allows job deletion or killing only by the job owner or anyone in the same organization.
Queryset: - Prefetches related tags and orders jobs by request time, filtered to include only jobs visible to the authenticated user.
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 731 732 733 734 735 736 737 738 739 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754 755 756 757 758 759 760 761 762 763 764 765 766 767 768 769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 784 785 786 787 788 789 790 791 792 793 794 795 796 797 798 799 800 801 802 803 804 805 806 807 808 809 810 811 812 813 814 815 816 817 818 819 820 821 822 823 824 825 826 827 828 829 830 831 832 833 834 835 836 837 838 839 840 841 842 843 844 845 846 847 848 849 850 851 852 853 854 855 856 857 858 859 860 861 862 863 864 865 866 867 868 869 870 871 872 873 874 875 876 877 878 879 880 881 882 883 884 885 886 887 888 889 890 891 892 893 894 895 896 897 898 899 900 901 902 903 904 905 906 907 908 909 910 911 912 913 |
|
__aggregation_response_dynamic(field_name, group_by_date=True, limit=5, users=None)
Dynamically aggregate Job objects based on a specified field and time range.
This method identifies the most frequent values of a given field within a specified time range and aggregates the Job objects accordingly. Optionally, it can group the results by date and limit the number of most frequent values.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
field_name
|
str
|
The name of the field to aggregate by. |
required |
group_by_date
|
bool
|
Whether to group the results by date. Defaults to True. |
True
|
limit
|
int
|
The maximum number of most frequent values to retrieve. Defaults to 5. |
5
|
users
|
list
|
A list of users to filter the Job objects by. |
None
|
Returns:
Name | Type | Description |
---|---|---|
Response |
Response
|
A Django REST framework Response object containing the most frequent values |
Response
|
and the aggregated data. |
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
813 814 815 816 817 818 819 820 821 822 823 824 825 826 827 828 829 830 831 832 833 834 835 836 837 838 839 840 841 842 843 844 845 846 847 848 849 850 851 852 853 854 855 856 857 858 859 860 861 862 863 864 865 866 867 868 869 870 871 872 873 874 875 876 877 878 879 880 881 882 883 884 885 886 887 888 889 890 891 |
|
__aggregation_response_static(annotations, users=None)
Generate a static aggregation of Job objects filtered by a time range.
This method applies the provided annotations to aggregate Job objects within the specified time range. Optionally, it filters the results by the given list of users.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
annotations
|
dict
|
Annotations to apply for the aggregation. |
required |
users
|
list
|
A list of users to filter the Job objects by. |
None
|
Returns:
Name | Type | Description |
---|---|---|
Response |
Response
|
A Django REST framework Response object containing the aggregated data. |
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
__parse_range(request)
staticmethod
Parse the time range from the request query parameters.
This method attempts to extract the 'range' query parameter from the request. If the parameter is not provided, it defaults to '7d' (7 days).
Parameters:
Name | Type | Description | Default |
---|---|---|---|
request
|
The HTTP request object containing query parameters. |
required |
Returns:
Name | Type | Description |
---|---|---|
tuple |
A tuple containing the parsed time delta and the basis for date truncation. |
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
aggregate_file_mimetype(request)
Aggregate jobs by file MIME type.
Returns: - Aggregated count of jobs for each MIME type.
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
aggregate_md5(request)
Aggregate jobs by MD5 hash.
Returns: - Aggregated count of jobs for each MD5 hash.
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
aggregate_observable_classification(request)
Aggregate jobs by observable classification.
Returns: - Aggregated count of jobs for each observable classification.
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
aggregate_observable_name(request)
Aggregate jobs by observable name.
Returns: - Aggregated count of jobs for each observable name.
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
aggregate_status(request)
Aggregate jobs by their status.
Returns: - Aggregated count of jobs for each status.
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
aggregate_type(request)
Aggregate jobs by type (file or observable).
Returns: - Aggregated count of jobs for each type.
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
download_sample(request, pk=None)
Download a sample associated with a job.
If the job does not have a sample, raises a validation error.
Returns: - The file associated with the job as an attachment.
:param url: pk (job_id) :returns: bytes
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
get_org_members(request)
staticmethod
Retrieve members of the organization associated with the authenticated user.
If the 'org' query parameter is set to 'true', this method returns all users who are members of the authenticated user's organization.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
request
|
The HTTP request object containing user information and query parameters. |
required |
Returns:
Type | Description |
---|---|
list or None: A list of users who are members of the user's organization |
|
if the 'org' query parameter is 'true', otherwise None. |
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
get_permissions()
Customizes permissions based on the action being performed.
- For
destroy
andkill
actions, addsIsObjectUserOrSameOrgPermission
to ensure that only the job owner or anyone in the same organization can perform these actions.
Returns: - List of applicable permissions.
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
get_queryset()
Filters the queryset to include only jobs visible to the authenticated user, ordered by request time.
Logs the request parameters and returns the filtered queryset.
Returns: - Filtered queryset of jobs.
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
kill(request, pk=None)
Kill a running job by closing celery tasks and marking the job as killed.
If the job is not running, raises a validation error.
Returns: - No content (204) if the job is successfully killed.
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
pivot(request, pk=None, pivot_config_pk=None)
Perform a pivot operation from a job's reports based on a specified pivot configuration.
Expects the following parameters:
- pivot_config_pk
: The primary key of the pivot configuration to use.
Returns: - List of job IDs created as a result of the pivot.
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
recent_scans(request)
Retrieve recent jobs based on an MD5 hash, filtered by a maximum temporal distance.
Expects the following parameters in the request data:
- md5
: The MD5 hash to filter jobs by.
- max_temporal_distance
: The maximum number of days to look back for recent jobs (default is 14 days).
Returns: - List of recent jobs matching the MD5 hash.
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
recent_scans_user(request)
Retrieve recent jobs for the authenticated user, filtered by sample status.
Expects the following parameters in the request data:
- is_sample
: Whether to filter jobs by sample status (required).
- limit
: The maximum number of recent jobs to return (default is 5).
Returns: - List of recent jobs for the user.
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
retry(request, pk=None)
Retry a job if its status is in a final state.
If the job is currently running, raises a validation error.
Returns: - No content (204) if the job is successfully retried.
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
TagViewSet
Bases: ModelViewSet
A viewset that provides CRUD (Create, Read, Update, Delete) operations
for the Tag
model.
This viewset leverages Django REST framework's ModelViewSet
to handle
requests for the Tag
model. It includes the default implementations
for list
, retrieve
, create
, update
, partial_update
, and destroy
actions.
Attributes:
Name | Type | Description |
---|---|---|
queryset |
QuerySet
|
The queryset that retrieves all Tag objects from the database. |
serializer_class |
Serializer
|
The serializer class used to convert Tag model instances to JSON and vice versa. |
pagination_class |
Pagination is disabled for this viewset. |
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
ModelWithOwnershipViewSet
Bases: ModelViewSet
A viewset that enforces ownership-based access control for models.
This class extends the functionality of ModelViewSet
to restrict access to
objects based on ownership. It modifies the queryset for the list
action
to only include objects visible to the requesting user, and adds custom
permission checks for destroy
and update
actions.
Methods:
Name | Description |
---|---|
get_queryset |
Returns the queryset of the model, filtered for visibility
to the requesting user during the |
get_permissions |
Returns the permissions required for the current action,
with additional checks for ownership during |
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
get_permissions()
Retrieves the permissions required for the current action.
For the destroy
and update
actions, additional checks are performed to
ensure that only object owners or admins can perform these actions. Raises
a PermissionDenied
exception for PUT
requests.
Returns:
Name | Type | Description |
---|---|---|
list |
A list of permission instances. |
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
get_queryset()
Retrieves the queryset for the viewset, modifying it for the list
action
to only include objects visible to the requesting user.
Returns:
Name | Type | Description |
---|---|---|
QuerySet |
The queryset of the model, possibly filtered for visibility. |
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
PluginConfigViewSet
Bases: ModelWithOwnershipViewSet
A viewset for managing PluginConfig
objects with ownership-based access control.
This viewset extends ModelWithOwnershipViewSet
to handle PluginConfig
objects,
allowing users to list, retrieve, and delete configurations while ensuring that only
authorized configurations are accessible. It customizes the queryset to exclude default
values and orders the configurations by ID.
Attributes:
Name | Type | Description |
---|---|---|
serializer_class |
class
|
The serializer class used for |
pagination_class |
class
|
Specifies that pagination is not applied. |
queryset |
QuerySet
|
The queryset for |
Methods:
Name | Description |
---|---|
get_queryset |
Returns the queryset for |
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
get_queryset()
Retrieves the queryset for PluginConfig
objects, excluding those with default values
(where the owner is NULL
) and ordering the remaining objects by ID.
Returns:
Name | Type | Description |
---|---|---|
QuerySet |
The filtered and ordered queryset of |
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
PythonReportActionViewSet
Bases: GenericViewSet
A base view set for handling actions related to plugin reports.
This view set provides methods for killing and retrying plugin reports,
and requires users to have appropriate permissions based on the
IsObjectUserOrSameOrgPermission
.
Attributes:
Name | Type | Description |
---|---|---|
permission_classes |
list
|
List of permission classes to apply. |
Methods: get_queryset: Returns the queryset of reports based on the model class. get_object: Retrieves a specific report object by job_id and report_id. perform_kill: Kills a running plugin by terminating its Celery task and marking it as killed. perform_retry: Retries a failed or killed plugin run. kill: Handles the endpoint to kill a specific report. retry: Handles the endpoint to retry a specific report.
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
1080 1081 1082 1083 1084 1085 1086 1087 1088 1089 1090 1091 1092 1093 1094 1095 1096 1097 1098 1099 1100 1101 1102 1103 1104 1105 1106 1107 1108 1109 1110 1111 1112 1113 1114 1115 1116 1117 1118 1119 1120 1121 1122 1123 1124 1125 1126 1127 1128 1129 1130 1131 1132 1133 1134 1135 1136 1137 1138 1139 1140 1141 1142 1143 1144 1145 1146 1147 1148 1149 1150 1151 1152 1153 1154 1155 1156 1157 1158 1159 1160 1161 1162 1163 1164 1165 1166 1167 1168 1169 1170 1171 1172 1173 1174 1175 1176 1177 1178 1179 1180 1181 1182 1183 1184 1185 1186 1187 1188 1189 1190 1191 1192 1193 1194 1195 1196 1197 1198 1199 1200 1201 1202 1203 1204 1205 1206 1207 1208 1209 1210 1211 1212 1213 1214 1215 1216 1217 1218 1219 1220 1221 1222 1223 1224 1225 1226 1227 1228 1229 1230 1231 1232 1233 1234 1235 1236 1237 1238 1239 1240 1241 1242 1243 1244 1245 1246 1247 1248 1249 1250 1251 1252 1253 1254 1255 1256 1257 1258 1259 1260 1261 1262 1263 1264 1265 1266 1267 1268 1269 1270 1271 1272 1273 1274 1275 1276 1277 1278 1279 1280 1281 1282 1283 1284 1285 1286 1287 1288 1289 1290 1291 1292 1293 1294 1295 1296 1297 1298 1299 1300 1301 1302 1303 1304 |
|
report_model
abstractmethod
classmethod
property
Abstract property that should return the model class for the report.
Subclasses must implement this property to specify the model class for the reports being handled by this view set.
Returns:
Type | Description |
---|---|
Type[AbstractReport]: The model class for the report. |
Raises:
Type | Description |
---|---|
NotImplementedError
|
If not overridden by a subclass. |
get_object(job_id, report_id)
Retrieves a specific report object by job_id and report_id.
Overrides the drf's default get_object
method to fetch a report object
based on job_id and report_id, and checks the permissions for the object.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
job_id
|
int
|
The ID of the job associated with the report. |
required |
report_id
|
int
|
The ID of the report. |
required |
Returns:
Name | Type | Description |
---|---|---|
AbstractReport |
AbstractReport
|
The report object. |
Raises:
Type | Description |
---|---|
NotFound
|
If the report does not exist. |
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
get_queryset()
Returns the queryset of reports based on the model class.
Filters the queryset to return all instances of the report model.
Returns:
Name | Type | Description |
---|---|---|
QuerySet |
A queryset of all report instances. |
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
kill(request, job_id, report_id)
Kills a specific report by terminating its Celery task and marking it as killed.
This endpoint handles the patch request to kill a report if its status is running or pending.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
request
|
HttpRequest
|
The request object containing the HTTP PATCH request. |
required |
job_id
|
int
|
The ID of the job associated with the report. |
required |
report_id
|
int
|
The ID of the report. |
required |
Returns:
Name | Type | Description |
---|---|---|
Response |
HTTP 204 No Content if successful. |
Raises:
Type | Description |
---|---|
ValidationError
|
If the report is not in a valid state for killing. |
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
perform_kill(report)
staticmethod
Kills a running plugin by terminating its Celery task and marking it as killed.
This method is a callback for performing additional actions after a kill operation, including updating the report status and cleaning up the associated job.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
report
|
AbstractReport
|
The report to be killed. |
required |
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
perform_retry(report)
staticmethod
Retries a failed or killed plugin run.
This method clears the errors and re-runs the plugin with the same arguments. It fetches the appropriate task signature and schedules the job again.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
report
|
AbstractReport
|
The report to be retried. |
required |
Raises:
Type | Description |
---|---|
RuntimeError
|
If unable to find a valid task signature for the report. |
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
retry(request, job_id, report_id)
Retries a failed or killed plugin run.
This method clears the errors and re-runs the plugin with the same arguments. It fetches the appropriate task signature and schedules the job again.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
report
|
AbstractReport
|
The report to be retried. |
required |
Raises:
Type | Description |
---|---|
RuntimeError
|
If unable to find a valid task signature for the report. |
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
AbstractConfigViewSet
Bases: PaginationMixin
, ReadOnlyModelViewSet
A base view set for handling plugin configuration actions.
This view set provides methods for enabling and disabling plugins within an organization. It requires users to be authenticated and to have appropriate permissions.
Attributes:
Name | Type | Description |
---|---|---|
permission_classes |
list
|
List of permission classes to apply. |
ordering |
list
|
Default ordering for the queryset. |
lookup_field |
str
|
Field to look up in the URL. |
Methods:
Name | Description |
---|---|
disable_in_org |
Disables the plugin for the organization of the authenticated user. |
enable_in_org |
Enables the plugin for the organization of the authenticated user. |
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
1307 1308 1309 1310 1311 1312 1313 1314 1315 1316 1317 1318 1319 1320 1321 1322 1323 1324 1325 1326 1327 1328 1329 1330 1331 1332 1333 1334 1335 1336 1337 1338 1339 1340 1341 1342 1343 1344 1345 1346 1347 1348 1349 1350 1351 1352 1353 1354 1355 1356 1357 1358 1359 1360 1361 1362 1363 1364 1365 1366 1367 1368 1369 1370 1371 1372 1373 1374 1375 1376 1377 1378 1379 1380 1381 1382 1383 1384 1385 1386 1387 1388 1389 1390 1391 1392 1393 1394 1395 1396 1397 1398 |
|
disable_in_org(request, name=None)
Disables the plugin for the organization of the authenticated user.
Only organization admins can disable the plugin. If the plugin is already disabled, a validation error is raised.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
request
|
Request
|
The HTTP request object. |
required |
name
|
str
|
The name of the plugin. Defaults to None. |
None
|
Returns:
Name | Type | Description |
---|---|---|
Response |
HTTP response indicating the success or failure of the operation. |
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
enable_in_org(request, name=None)
Enables the plugin for the organization of the authenticated user.
Only organization admins can enable the plugin. If the plugin is already enabled, a validation error is raised.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
request
|
Request
|
The HTTP request object. |
required |
name
|
str
|
The name of the plugin. Defaults to None. |
None
|
Returns:
Name | Type | Description |
---|---|---|
Response |
HTTP response indicating the success or failure of the operation. |
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
PythonConfigViewSet
Bases: AbstractConfigViewSet
A view set for handling actions related to Python plugin configurations.
This view set provides methods to perform health checks and pull updates
for Python-based plugins. It inherits from AbstractConfigViewSet
and
requires users to be authenticated.
Attributes:
Name | Type | Description |
---|---|---|
serializer_class |
class
|
Serializer class for the view set. |
Methods:
Name | Description |
---|---|
health_check |
Checks if the server instance associated with the plugin is up. |
pull |
Pulls updates for the plugin. |
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
1401 1402 1403 1404 1405 1406 1407 1408 1409 1410 1411 1412 1413 1414 1415 1416 1417 1418 1419 1420 1421 1422 1423 1424 1425 1426 1427 1428 1429 1430 1431 1432 1433 1434 1435 1436 1437 1438 1439 1440 1441 1442 1443 1444 1445 1446 1447 1448 1449 1450 1451 1452 1453 1454 1455 1456 1457 1458 1459 1460 1461 1462 1463 1464 1465 1466 1467 1468 1469 1470 1471 1472 1473 1474 1475 1476 1477 1478 1479 1480 1481 1482 1483 1484 1485 1486 1487 1488 1489 1490 1491 1492 1493 1494 1495 1496 1497 1498 1499 1500 1501 1502 1503 1504 1505 1506 1507 1508 1509 1510 1511 1512 1513 1514 1515 1516 1517 1518 1519 1520 1521 1522 1523 1524 1525 1526 1527 |
|
get_queryset()
Returns a queryset of all PythonConfig instances with related python_module parameters pre-fetched.
Returns:
Name | Type | Description |
---|---|---|
QuerySet |
A queryset of PythonConfig instances. |
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
health_check(request, name=None)
Checks the health of the server instance associated with the plugin.
This method attempts to check if the plugin's server instance is
up and running. It uses the health_check
method of the plugin's
Python class.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
request
|
Request
|
The HTTP request object. |
required |
name
|
str
|
The name of the plugin. Defaults to None. |
None
|
Returns:
Name | Type | Description |
---|---|---|
Response |
HTTP response with the health status of the plugin. |
Raises:
Type | Description |
---|---|
ValidationError
|
If no health check is implemented or if an unexpected exception occurs. |
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
pull(request, name=None)
Pulls updates for the plugin.
This method attempts to pull updates for the plugin by calling
the update
method of the plugin's Python class. It also handles
any exceptions that occur during this process.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
request
|
Request
|
The HTTP request object. |
required |
name
|
str
|
The name of the plugin. Defaults to None. |
None
|
Returns:
Name | Type | Description |
---|---|---|
Response |
HTTP response with the update status of the plugin. |
Raises:
Type | Description |
---|---|
ValidationError
|
If the update is not implemented or if an unexpected exception occurs. |
Source code in docs/Submodules/ThreatMatrix/api_app/views.py
Functions
plugin_state_viewer
View to retrieve the state of plugin configurations for the requesting user’s organization.
This endpoint is accessible only to users with an active membership in an organization. It returns a JSON response with the state of each plugin configuration, specifically indicating whether each plugin is disabled.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
request
|
HttpRequest
|
The request object containing the HTTP GET request. |
required |
Returns:
Name | Type | Description |
---|---|---|
Response |
A JSON response with the state of each plugin configuration, indicating whether it is disabled or not. |
Raises:
Type | Description |
---|---|
PermissionDenied
|
If the requesting user does not belong to any organization. |