diff --git a/assemblyline_ui/api/v4/system.py b/assemblyline_ui/api/v4/system.py index fce18fd1..10353a69 100644 --- a/assemblyline_ui/api/v4/system.py +++ b/assemblyline_ui/api/v4/system.py @@ -5,7 +5,7 @@ from assemblyline.common.str_utils import safe_str from assemblyline.odm.models.tagging import Tagging -from assemblyline_ui.config import STORAGE +from assemblyline_ui.config import STORAGE, UI_MESSAGING from assemblyline_ui.api.base import api_login, make_api_response, make_subapi_blueprint import yaml @@ -20,6 +20,54 @@ ADMIN_FILE_TTL = 60 * 60 * 24 * 365 * 100 # Just keep the file for 100 years... +@system_api.route("/system_message/", methods=["DELETE"]) +@api_login(require_type=['admin'], required_priv=['W']) +def clear_system_message(**_): + """ + Clear the current system message + + Variables: + None + + Arguments: + None + + Data Block: + None + + Result example: + {"success": true} + """ + UI_MESSAGING.pop('system_message') + return make_api_response({'success': True}) + + +@system_api.route("/system_message/", methods=["GET"]) +@api_login(require_type=['admin'], required_priv=['R']) +def get_system_message(**_): + """ + Get the current system message + + Variables: + None + + Arguments: + None + + Data Block: + None + + Result example: + { + "title": "Message title", + "user": "admin", + "severity": "info", + "message": "This is a test message" + } + """ + return make_api_response(UI_MESSAGING.get('system_message')) + + @system_api.route("/tag_safelist/", methods=["GET"]) @api_login(require_type=['admin'], required_priv=['R']) def get_tag_safelist(**_): @@ -50,6 +98,38 @@ def get_tag_safelist(**_): return make_api_response(safe_str(tag_safelist_yml)) +@system_api.route("/system_message/", methods=["PUT", "POST"]) +@api_login(require_type=['admin'], required_priv=['W']) +def set_system_message(**kwargs): + """ + Set the current system message + + Variables: + None + + Arguments: + None + + Data Block: + { + "title": "Message title", + "severity": "info", + "message": "This is a test message" + } + + Result example: + {"success": true} + """ + msg = request.json + if isinstance(msg, dict) and 'severity' in msg and 'message' in msg: + msg['user'] = kwargs['user']['uname'] + msg = {k: v for k, v in msg.items() if k in ['severity', 'message', 'title', 'user']} + UI_MESSAGING.set('system_message', msg) + return make_api_response({"success": True}) + + return make_api_response(None, "Invalid system message submitted.", 400) + + @system_api.route("/tag_safelist/", methods=["PUT"]) @api_login(require_type=['admin'], allow_readonly=False, required_priv=['W']) def put_tag_safelist(**_): diff --git a/assemblyline_ui/api/v4/user.py b/assemblyline_ui/api/v4/user.py index 6cd0da24..f9d07ab2 100644 --- a/assemblyline_ui/api/v4/user.py +++ b/assemblyline_ui/api/v4/user.py @@ -8,7 +8,7 @@ from assemblyline.datastore import SearchException from assemblyline.odm.models.user import User from assemblyline_ui.api.base import api_login, make_api_response, make_subapi_blueprint -from assemblyline_ui.config import CLASSIFICATION, LOGGER, STORAGE, config +from assemblyline_ui.config import CLASSIFICATION, LOGGER, STORAGE, UI_MESSAGING, config from assemblyline_ui.helper.search import list_all_fields from assemblyline_ui.helper.service import ui_to_submission_params from assemblyline_ui.helper.user import (get_dynamic_classification, load_user_settings, save_user_account, @@ -108,6 +108,10 @@ def who_am_i(**kwargs): user_data['indexes'] = list_all_fields() user_data['settings'] = load_user_settings(kwargs['user']) + msg = UI_MESSAGING.get('system_message') + if msg: + user_data['system_message'] = msg + return make_api_response(user_data) diff --git a/assemblyline_ui/config.py b/assemblyline_ui/config.py index 59a1673b..82329a01 100644 --- a/assemblyline_ui/config.py +++ b/assemblyline_ui/config.py @@ -50,6 +50,10 @@ host=config.core.redis.nonpersistent.host, port=config.core.redis.nonpersistent.port) +UI_MESSAGING = Hash("ui_messaging", + host=config.core.redis.persistent.host, + port=config.core.redis.persistent.port) + @functools.lru_cache() def get_submission_traffic_channel():