CybercentreCanada
diff --git a/‎.github/dependabot.yml
+8 b/‎.github/dependabot.yml
+8
diff --git a/‎.gitignore
+2-1 b/‎.gitignore
+2-1
diff --git a/‎assemblyline/cachestore/__init__.py
+5 b/‎assemblyline/cachestore/__init__.py
+5
diff --git a/‎assemblyline/common/attack_map.py
+4,614-3,378 b/‎assemblyline/common/attack_map.py
+4,614-3,378
diff --git a/‎assemblyline/common/banner.py
+29-18 b/‎assemblyline/common/banner.py
+29-18
diff --git a/‎assemblyline/common/bundling.py
+39-11 b/‎assemblyline/common/bundling.py
+39-11
diff --git a/‎assemblyline/common/classification.py
+23-9 b/‎assemblyline/common/classification.py
+23-9
@@ -0,0 +1,8 @@
+version: 2
+updates:
+- package-ecosystem: pip
+  directory: "/"
+  schedule:
+    interval: daily
+    time: "10:00"
+  open-pull-requests-limit: 10
@@ -80,6 +80,7 @@ venv/
 ENV/
 env.bak/
 venv.bak/
+.vscode/
 
 # Cython debug symbols
-cython_debug/
+cython_debug/
@@ -45,6 +45,11 @@ def get(self, cache_key):
 
         return self.filestore.get(new_key)
 
+    def exists(self, cache_key):
+        new_key = f"{self.component}_{cache_key}" if self.component else cache_key
+
+        return self.filestore.exists(new_key)
+
     def delete(self, cache_key, db_delete=True):
         new_key = f"{self.component}_{cache_key}" if self.component else cache_key
 
 
@@ -1,19 +1,30 @@
-BANNER = r"""
-           /^\/^\
-         _|__|  O|
-\/     /~     \_/ \
- \____|__________/  \
-        \_______      \
-                `\     \                 \
-                  |     |                  \
-                 /      /                    \
-                /     /                       \\
-              /      /                         \ \
-             /     /                            \  \
-           /     /             _----_            \   \
-          /     /           _-~      ~-_         |   |
-         (      (        _-~    _--_    ~-_     _/   |
-          \      ~-____-~    _-~    ~-_    ~-_-~    /
-            ~-_           _-~          ~-_       _-~
-               ~--______-~                ~-___-~
+BANNER = r"""                                                                                
+                                #########                                       
+                             ######   ##############################            
+                            #####       ######################    ###           
+                            #####       ######################    ###           
+                             ######   ##############         ########           
+                               ############                    ########          
+                                 ###########                   --------              
+                                 ############                /..........\        
+                                 #############             /..............\     
+                                  #############            \..../    \..../       
+                                  ######   #####             |..|    |..|       
+                               #######       ####            |..|    |..|       
+                          ###########         ###            |..|    |..|       
+                     #################       ####             \.|    |./        
+                 #######################   #####                                
+               ##############################                                  
+              #############################                                     
+              ##########################                                       
+              ########################                                          
+              ######################                                            
+              ###################                                             
+            .......................                                             
+           ........................                                             
+          ..........................                                            
+          ..........................                                            
+          ..........................                                            
+          ..........................                                           
+       ................................                                        
 """
@@ -2,23 +2,25 @@
 import json
 import logging
 import os
+import shutil
 import subprocess
+import tempfile
 import time
 
-import shutil
 from copy import copy
-
-from assemblyline.datastore.exceptions import MultiKeyError
+from cart import pack_stream, unpack_stream, is_cart
 
 from assemblyline.common import forge
 from assemblyline.common.uid import get_random_id
+from assemblyline.datastore.exceptions import MultiKeyError
 from assemblyline.filestore import FileStoreException
 
 config = forge.get_config()
 Classification = forge.get_classification()
 MAX_RETRY = 10
 WORK_DIR = "/tmp/bundling"
 BUNDLE_MAGIC = b'\x1f\x8b\x08'
+BUNDLE_TYPE = "archive/bundle/al"
 
 log = logging.getLogger('assemblyline.bundling')
 
@@ -149,13 +151,14 @@ def create_bundle(sid, working_dir=WORK_DIR):
             if submission is None:
                 raise SubmissionNotFound("Can't find submission %s, skipping." % sid)
             else:
-                target_file = os.path.join(working_dir, f"{temp_bundle_file}.tgz")
+                target_file = os.path.join(working_dir, f"{temp_bundle_file}.cart")
+                tgz_file = os.path.join(working_dir, f"{temp_bundle_file}.tgz")
 
                 try:
                     os.makedirs(current_working_dir)
-                except Exception as e:
-                    if isinstance(PermissionError, e):
-                        raise
+                except PermissionError:
+                    raise
+                except Exception:
                     pass
 
                 # Create file information data
@@ -191,7 +194,11 @@ def create_bundle(sid, working_dir=WORK_DIR):
                             pass
 
                 # Create the bundle
-                subprocess.check_call("tar czf %s *" % target_file, shell=True, cwd=current_working_dir)
+                subprocess.check_call("tar czf %s *" % tgz_file, shell=True, cwd=current_working_dir)
+
+                with open(target_file, 'wb') as oh:
+                    with open(tgz_file, 'rb') as ih:
+                        pack_stream(ih, oh, {'al': {"type": BUNDLE_TYPE}, 'name': f"{sid}.tgz"})
 
                 return target_file
 
@@ -204,17 +211,33 @@ def create_bundle(sid, working_dir=WORK_DIR):
 
 # noinspection PyBroadException,PyProtectedMember
 def import_bundle(path, working_dir=WORK_DIR, min_classification=Classification.UNRESTRICTED, allow_incomplete=False):
-    with forge.get_datastore() as datastore:
+    with forge.get_datastore(archive_access=True) as datastore:
         current_working_dir = os.path.join(working_dir, get_random_id())
         res_file = os.path.join(current_working_dir, "results.json")
         try:
             os.makedirs(current_working_dir)
         except Exception:
             pass
 
+        with open(path, 'rb') as original_file:
+            if is_cart(original_file.read(256)):
+                original_file.seek(0)
+
+                extracted_fd, extracted_path = tempfile.mkstemp()
+                extracted_file = os.fdopen(extracted_fd, 'wb')
+
+                try:
+                    hdr, _ = unpack_stream(original_file, extracted_file)
+                    if hdr.get('al', {}).get('type', 'unknown') != BUNDLE_TYPE:
+                        raise BundlingException(f"Not a valid CaRTed bundle, should be of type: {BUNDLE_TYPE}")
+                finally:
+                    extracted_file.close()
+            else:
+                extracted_path = path
+
         # Extract  the bundle
         try:
-            subprocess.check_call(["tar", "-zxf", path, "-C", current_working_dir])
+            subprocess.check_call(["tar", "-zxf", extracted_path, "-C", current_working_dir])
         except subprocess.CalledProcessError:
             raise BundlingException("Bundle decompression failed. Not a valid bundle...")
 
@@ -275,8 +298,13 @@ def import_bundle(path, working_dir=WORK_DIR, min_classification=Classification.
             for ekey, err in errors['errors'].items():
                 datastore.error.save(ekey, err)
 
+            return submission
         finally:
-            # Perform working dir cleanup
+            try:
+                os.remove(extracted_path)
+            except Exception:
+                pass
+
             try:
                 os.remove(path)
             except Exception:
 
@@ -57,6 +57,7 @@ def __init__(self, classification_definition: Dict):
         self._classification_cache_short = set()
 
         self.enforce = False
+        self.dynamic_groups = False
 
         # Add Invalid classification
         self.levels_map["INV"] = self.INVALID_LVL
@@ -72,6 +73,7 @@ def __init__(self, classification_definition: Dict):
 
         try:
             self.enforce = classification_definition['enforce']
+            self.dynamic_groups = classification_definition['dynamic_groups']
             if self.enforce:
                 self._classification_cache = self.list_all_classification_combinations()
                 self._classification_cache_short = self.list_all_classification_combinations(long_format=False)
@@ -256,6 +258,7 @@ def _get_c12n_groups(self, c12n: str, long_format: bool = True) -> Tuple[List, L
 
         g1_set = set()
         g2_set = set()
+        others = set()
 
         grp_part = c12n.split("//")
         groups = []
@@ -280,9 +283,23 @@ def _get_c12n_groups(self, c12n: str, long_format: bool = True) -> Tuple[List, L
             elif g in self.subgroups_aliases:
                 for a in self.subgroups_aliases[g]:
                     g2_set.add(a)
+            else:
+                others.add(g)
+
+        if self.dynamic_groups:
+            for o in others:
+                if o not in self.access_req_map_lts \
+                        and o not in self.access_req_map_stl \
+                        and o not in self.access_req_aliases \
+                        and o not in self.levels_map \
+                        and o not in self.levels_map_lts \
+                        and o not in self.levels_aliases:
+                    g1_set.add(o)
 
         if long_format:
-            return sorted([self.groups_map_stl[r] for r in g1_set]), sorted([self.subgroups_map_stl[r] for r in g2_set])
+            return sorted(
+                [self.groups_map_stl.get(r, r) for r in g1_set]), sorted(
+                [self.subgroups_map_stl[r] for r in g2_set])
         return sorted(list(g1_set)), sorted(list(g2_set))
 
     @staticmethod
@@ -731,7 +748,7 @@ def is_valid(self, c12n: str, skip_auto_select: bool = False) -> bool:
                             i not in self.access_req_map_lts.keys():
                         check_groups = True
 
-                if check_groups:
+                if check_groups and not self.dynamic_groups:
                     # If not groups. That stuff does not exists...
                     if i not in self.groups_aliases.keys() and \
                             i not in self.groups_map_stl.keys() and \
@@ -879,9 +896,9 @@ def build_user_classification(self, c12n_1: str, c12n_2: str, long_format: bool
 
         # Normalize classifications before comparing them
         if c12n_1 is not None:
-            c12n_1 = self.normalize_classification(c12n_1)
+            c12n_1 = self.normalize_classification(c12n_1, skip_auto_select=True)
         if c12n_2 is not None:
-            c12n_2 = self.normalize_classification(c12n_2)
+            c12n_2 = self.normalize_classification(c12n_2, skip_auto_select=True)
 
         if c12n_1 is None:
             return c12n_2
@@ -895,8 +912,5 @@ def build_user_classification(self, c12n_1: str, c12n_2: str, long_format: bool
         groups = list(set(groups_1) | set(groups_2))
         subgroups = list(set(subgroups_1) | set(subgroups_2))
 
-        return self._get_normalized_classification_text(max(lvl_idx_1, lvl_idx_2),
-                                                        req,
-                                                        groups,
-                                                        subgroups,
-                                                        long_format=long_format)
+        return self._get_normalized_classification_text(max(lvl_idx_1, lvl_idx_2), req, groups, subgroups,
+                                                        long_format=long_format, skip_auto_select=True)