improve create and unzip ui lock

LDO-CERT · Apr 5, 2024 · f91bba4 · f91bba4
1 parent 715f4f0
commit f91bba4
Show file tree

Hide file tree

Showing 13 changed files with 93 additions and 21 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -4,6 +4,8 @@
   <summary><b>OROCHI 2.3.0</b></summary>
 
   * signal for dump/result changes are very verbose [[#1074](https://github.com/LDO-CERT/orochi/issues/1074)]
+  * replace drf & co. with django-ninja [[#1073](https://github.com/LDO-CERT/orochi/issues/1073)]
+  * Add experimental support for ARM64
 </details>
 
 <details>

diff --git a/orochi/api/models.py b/orochi/api/models.py
@@ -47,6 +47,10 @@ class ErrorsOut(Schema):
     errors: str | List[str] | Dict[str, str | List[str]]
 
 
+class SuccessResponse(Schema):
+    message: str
+
+
 class DaskStatusOut(Schema):
     running: int = 0
 

diff --git a/orochi/api/routers/folders.py b/orochi/api/routers/folders.py
@@ -6,7 +6,7 @@
 from ninja import Router
 from ninja.security import django_auth
 
-from orochi.api.models import ErrorsOut, FolderFullSchema, FolderSchema
+from orochi.api.models import ErrorsOut, FolderFullSchema, FolderSchema, SuccessResponse
 from orochi.api.permissions import ninja_test_required
 from orochi.website.models import Folder
 
@@ -36,8 +36,8 @@ def create_folder(request, folder_in: FolderSchema):
         return 400, {"errors": "Folder already exists"}
 
 
-@router.delete("/{name}", auth=django_auth, response={200: None})
+@router.delete("/{name}", auth=django_auth, response={200: SuccessResponse})
 def delete_folder(request, name: str):
     folder = get_object_or_404(Folder, name=name, user=request.user)
     folder.delete()
-    return 200
+    return 200, {"message": f"Folder {name} deleted"}
diff --git a/orochi/api/routers/plugins.py b/orochi/api/routers/plugins.py
@@ -5,7 +5,7 @@
 from ninja.security import django_auth
 
 from orochi.api.filters import OperatingSytemFilters
-from orochi.api.models import PluginInSchema, PluginOutSchema
+from orochi.api.models import PluginInSchema, PluginOutSchema, SuccessResponse
 from orochi.website.models import Plugin, UserPlugin
 
 router = Router()
@@ -33,10 +33,15 @@ def update_plugin(request, name: str, data: PluginInSchema):
 
 
 @router.post(
-    "/{name}/enable/{enable}", auth=django_auth, url_name="enable", response={200: None}
+    "/{name}/enable/{enable}",
+    auth=django_auth,
+    url_name="enable",
+    response={200: SuccessResponse},
 )
 def enable_plugin(request, name: str, enable: bool):
     plugin = get_object_or_404(UserPlugin, plugin__name=name, user=request.user)
     plugin.automatic = enable
     plugin.save()
-    return 200
+    return 200, {
+        "message": f"Plugin {name} enabled" if enable else f"Plugin {name} disabled"
+    }
diff --git a/orochi/api/routers/users.py b/orochi/api/routers/users.py
@@ -8,7 +8,7 @@
 from ninja.pagination import paginate
 from ninja.security import django_auth, django_auth_superuser
 
-from orochi.api.models import ErrorsOut, UserInSchema, UserOutSchema
+from orochi.api.models import ErrorsOut, SuccessResponse, UserInSchema, UserOutSchema
 
 router = Router()
 
@@ -38,8 +38,10 @@ def me(request):
     return request.user
 
 
-@router.delete("/{username}", auth=django_auth_superuser, response={200: None})
+@router.delete(
+    "/{username}", auth=django_auth_superuser, response={200: SuccessResponse}
+)
 def delete_user(request, username: str):
     user = get_object_or_404(get_user_model(), username=username)
     user.delete()
-    return 200
+    return 200, {"message": f"User {username} deleted"}
diff --git a/orochi/templates/users/user_plugins.html b/orochi/templates/users/user_plugins.html
@@ -256,7 +256,7 @@
           $(plg).prop('checked', !plg.checked);
           $.toast({
             title: 'Plugin status!',
-            content: 'Plugin ' + plg_name + ' updated.',
+            content: data.message,
             type: 'success',
             delay: 5000
           });

diff --git a/orochi/templates/website/index.html b/orochi/templates/website/index.html
@@ -446,6 +446,7 @@ <h5 class="offcanvas-title" id="leftNoteLabel">History Log</h5>
                 },
                 success: function (data) {
                     $("#modal-update .modal-content").html(data.html_form);
+                    $("#create_loading").hide();
                     initUploadFields(
                         document.getElementById("create-index"),
                         {
@@ -481,6 +482,8 @@ <h5 class="offcanvas-title" id="leftNoteLabel">History Log</h5>
         $(document).on("submit", "#create-index", function (e) {
             e.preventDefault();
             var form = $(this);
+            $("#create_loading").show();
+            $("#btn_create_index").addClass('disabled');
             $.ajax({
                 url: form.attr("action"),
                 data: form.serialize(),

diff --git a/orochi/templates/website/partial_create.html b/orochi/templates/website/partial_create.html
@@ -23,6 +23,9 @@ <h5 class="modal-title">Create a new index</h5>
   </div>
   <div class="modal-footer">
     <button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Close</button>
-    <button type="submit" class="btn btn-primary disabled" id="btn_create_index">Create Index</button>
+    <button type="submit" class="btn btn-primary disabled" id="btn_create_index">
+      <span class="spinner-grow spinner-grow-sm" role="status" aria-hidden="true" id="create_loading"></span>
+      <span>Create Index</span>
+    </button>
   </div>
-</form>
+</form>
diff --git a/orochi/templates/website/partial_indices.html b/orochi/templates/website/partial_indices.html
@@ -22,7 +22,7 @@
             {% endif %}
             {{name}}
 
-            {% if status != 4 and status != 5 %}
+            {% if status != 2 and status != 5 and status != 6 %}
             <input type="checkbox" />
             <span class="checkmark"></span>
             {% else %}
@@ -48,7 +48,7 @@
                     data-toggle="tooltip" data-placement="top" title="Edit Dump">
                     <i class="fas fa-edit"></i>
                 </button>
-                {% if status == 5 %}
+                {% if status == 6 %}
                 <!-- MISSING SYMBOLS -->
                 <div class="dropdown">
                     <a class="btn btn-outline-secondary dropdown-toggle symbols-index btn-sm" href="#" role="button"
@@ -70,8 +70,13 @@
                         </li>
                     </ul>
                 </div>
-
-                {% elif status == 4 %}
+                {% elif status == 2 %}
+                <!-- UNZIPPING -->
+                <button type="button" class="btn btn-outline-warning btn-sm symbols-index" data-toggle="tooltip"
+                    data-placement="top" title="Unzipping">
+                    <i class="fas fa-file-zipper"></i>
+                </button>
+                {% elif status == 5 %}
                 <!-- ERROR -->
                 <button type="button" class="btn btn-outline-warning btn-sm error-index btn-log"
                     data-log="{{description}}" data-toggle="tooltip" data-placement="top" title="Dump Error">

diff --git a/orochi/utils/volatility_dask_elk.py b/orochi/utils/volatility_dask_elk.py
@@ -38,8 +38,10 @@
 import volatility3.plugins
 from orochi.website.defaults import (
     DUMP_STATUS_COMPLETED,
+    DUMP_STATUS_CREATED,
     DUMP_STATUS_ERROR,
     DUMP_STATUS_MISSING_SYMBOLS,
+    DUMP_STATUS_UNZIPPING,
     RESULT_STATUS_DISABLED,
     RESULT_STATUS_EMPTY,
     RESULT_STATUS_ERROR,
@@ -771,6 +773,10 @@ def unzip_then_run(dump_pk, user_pk, password, restart, move):
                 "application/gzip",
                 "application/x-tar",
             ]:
+
+                dump.status = DUMP_STATUS_UNZIPPING
+                dump.save()
+
                 if password:
                     subprocess.call(
                         [
@@ -813,6 +819,7 @@ def unzip_then_run(dump_pk, user_pk, password, restart, move):
             sha256, md5 = hash_checksum(newpath)
             dump.sha256 = sha256
             dump.md5 = md5
+            dump.status = DUMP_STATUS_CREATED
             dump.save()
             banner = False
 

diff --git a/orochi/website/defaults.py b/orochi/website/defaults.py
@@ -33,12 +33,14 @@
 )
 
 DUMP_STATUS_CREATED = 1
-DUMP_STATUS_COMPLETED = 2
-DUMP_STATUS_DELETED = 3
-DUMP_STATUS_ERROR = 4
-DUMP_STATUS_MISSING_SYMBOLS = 5
+DUMP_STATUS_UNZIPPING = 2
+DUMP_STATUS_COMPLETED = 3
+DUMP_STATUS_DELETED = 4
+DUMP_STATUS_ERROR = 5
+DUMP_STATUS_MISSING_SYMBOLS = 6
 STATUS = (
     (DUMP_STATUS_CREATED, "Created"),
+    (DUMP_STATUS_UNZIPPING, "Unzipping"),
     (DUMP_STATUS_COMPLETED, "Completed"),
     (DUMP_STATUS_DELETED, "Deleted"),
     (DUMP_STATUS_ERROR, "Error"),

diff --git a/orochi/website/migrations/0055_alter_dump_status.py b/orochi/website/migrations/0055_alter_dump_status.py
@@ -0,0 +1,28 @@
+# Generated by Django 5.0.3 on 2024-04-05 08:19
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ("website", "0054_dump_regipy_plugins"),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name="dump",
+            name="status",
+            field=models.PositiveSmallIntegerField(
+                choices=[
+                    (1, "Created"),
+                    (2, "Unzipping"),
+                    (3, "Completed"),
+                    (4, "Deleted"),
+                    (5, "Error"),
+                    (6, "Missing Symbols"),
+                ],
+                default=1,
+            ),
+        ),
+    ]
diff --git a/orochi/website/views.py b/orochi/website/views.py
@@ -50,6 +50,10 @@
 )
 from orochi.website.defaults import (
     DUMP_STATUS_COMPLETED,
+    DUMP_STATUS_DELETED,
+    DUMP_STATUS_ERROR,
+    DUMP_STATUS_MISSING_SYMBOLS,
+    DUMP_STATUS_UNZIPPING,
     RESULT_STATUS_DISABLED,
     RESULT_STATUS_EMPTY,
     RESULT_STATUS_NOT_STARTED,
@@ -148,7 +152,14 @@ def plugins(request):
     if request.META.get("HTTP_X_REQUESTED_WITH") == "XMLHttpRequest":
         indexes = request.GET.getlist("indexes[]")
         # CHECK IF I CAN SEE INDEXES
-        dumps = Dump.objects.filter(index__in=indexes)
+        dumps = Dump.objects.filter(index__in=indexes).exclude(
+            status__in=[
+                DUMP_STATUS_ERROR,
+                DUMP_STATUS_UNZIPPING,
+                DUMP_STATUS_MISSING_SYMBOLS,
+                DUMP_STATUS_DELETED,
+            ]
+        )
         for dump in dumps:
             if dump not in get_objects_for_user(request.user, "website.can_see"):
                 return JsonResponse({"status_code": 403, "error": "Unauthorized"})