;9)я!FLddlZddlZddlZddlmZddlmZmZddlm Z m Z m Z m Z m Z ddlmZddlmZddlmZddlmZdd lmZdd lmZmZdd lmZmZdd lmZm Z m!Z!dd l"m#Z#m$Z$ddl%m&Z&m'Z'm(Z(m)Z)m*Z*ddl+m,Z,dZ-dZ.dZ/dddZ0dZ1dZ2Gddej3Z4dS)Nwraps)ListOptional)JOINSQLNodeListField ModelAlias) model_to_dict)PORT_BLOCKING_MODE_ALLOW) ApplyOrderBy)lookup)run_in_executor_decorator)ValidationErrorOrderBy)Scopecheck_disabled_firewall)Firewall Permissions Webshield) CountryListCountry) BlockedPortIPList IPListPurpose IPListRecordPurpose)send_to_socket<c<tfd}|S)NclKtjtkrtd|i|d{VS)Nz*Only for FIREWALL.port_blocking_mode=ALLOW)rport_blocking_moder PermissionErrorargskwargsfuncs K/opt/imunify360/venv/lib/python3.11/site-packages/im360/simple_rpc/lists.pywrapperz.blocked_ports_allow_mode_only..wrappersL  &*B B B!"NOO OT4*6*********rr)r+s` r*blocked_ports_allow_mode_onlyr.s3 4[[++++[+ Nr,c<tfd}|S)NchK|i|d{V}t|trt|t|tsiS|d}|dkr"t |d|dkr"t|diS)Nerrorrmessage Exception) isinstancestrr3dictgetr)r'r(responser1r)s r*r+z0raise_acquired_validation_error..wrapper)st.v........ h $ $ &H%% %(D)) I W%% % % %!(,,y"9"9:: : k ! !HLL3344 4Ir,rr-s` r*raise_acquired_validation_errorr9(s3 4[[    [  Nr,F)except_splash_screenc tjg|d<tjr'|s%|dtj|S)N listnames)rGRAYr SPLASH_SCREENappendGRAY_SPLASHSCREEN)r:r(s r*_create_graylist_filterrA;sD!;-F;=';={""6#;<<< Mr,c<tfd}|S)NcXKtjdt|i|d{VS)Nz9!! Deprecated cli call, use `ip-list` command instead. !!)warningswarnDeprecationWarningr&s r* async_wrapperz&migrate_warning..async_wrapperCsJ G    T4*6*********r,r)r)rGs` r*migrate_warningrHBs4 4[[++++[+ r,c<tfd}|S)NcKtjdrtjdt |i|d{VS)Nz!/var/imunify360/firewall_disabledz.wrapperOsa 7>>= > >  MN   T4*6*********r,rr-s` r*warn_disabled_firewallrONs3 4[[++++[+ Nr,c & eZdZejZdZfdZee j ddde d>dZ ee j ddde d?d Z ee j d dde d>d Ze j de d?d ed edeedeefdZe j de d?d ed edeedeefdZ d?ded ed edeedeef dZedZdZeee j ddddZeee j ddddZeee j d dddZeee j ddddZeee j ddddZeee j ddddZeee j ddddZ eee j ddd d!Z!eee j ddd d"Z"eee j d dd d#Z#e j d$de$e%e d?d%Z&e j d$de$e%d?d&Z'e j d$d e$e%d'Z(e j d$de$e%d(Z)e j d)de$e%d?d*Z*e j d)de$e%d@d+Z+e j d)d e$e%d,Z,dAd.Z-e j d/d0e$e dBd1Z.e/d2Z0 dCd3e1ed4e2fd5Z3 dDd3e1ed eed eedee1ed4e2f d6Z4e/ d>d3e1ed eed eedee1efd7Z5 dEd3e1ed eed eed4e2deef d8Z6e j d/d9de dBd:ee1ed eed eedee1efd;Z7e j d/d9ded<Z8e j d/d9d ed=Z9xZ:S)FListsEndpointsc2ddi||S)Npurposelistname)r7)xs r*zListsEndpoints.]s Y $;$?$? 1%%r,c^tj|i|tjh|_dSN)super__init__rcaptcha_passed_hidden_fields)selfr'r( __class__s r*rZzListsEndpoints.__init__as3$)&)))%45r, whitelistiplistNc ||jdi|}|d|tjdtjg||||jd|fS)Nwhite)r<limitoffsetorder_byexclude_fields)_countsrfetchWHITEr\)r]rdrerfr(countss r*whitelist_ip_fetchz!ListsEndpoints.whitelist_ip_fetchfsh '''' 7O  L !<.!#2         r, blacklistc tjtjgfi|tjdtjg|||jd|fS)N)r<rdrergrh)r fetch_countBLACKrjr\)r]rdrer(s r*blacklist_ip_fetchz!ListsEndpoints.blacklist_ip_fetchzs]!6<.;;F;;V\> |n. > >  > >   r,graylistc |dd}|jdd|i|}tdd|i|}|d|tjd||||jd|fS)Nno_splash_screenFr:gray)rdrerfrgrh)poprirArrjr\)r]rdrerfr(r:rls r*graylist_fetchzListsEndpoints.graylist_fetchs &zz*,t+        r,c (|jdd||||d|S)Nrkr{rhr}rs r*whitelist_fetchzListsEndpoints.whitelist_fetchrr,r|c tjd||gd|}tjd|g|||jd|}||z|||z} |jdd|i|} | || | fS)N)rfby_list)r<rfryrgryrh)rrjrr\rilower) r]r|rdreryrfr( country_itemsip_itemsitemsrls r*r~z&ListsEndpoints._fetch_all_by_list_names$) K    <  k.      )6FUN+BC66V6v66ioo''(&%77r,c>Kt|td{VS)N)msgtimeout)r IPListUpdateTimeout)r]rs r*_send_msg_to_socketz"ListsEndpoints._send_msg_to_socketsA#'          r,cJK|d|||dd{V}|S)NIP_LISTS_UPDATE)methodactionrSrr)r]rrSrresults r*_send_ip_list_updatez#ListsEndpoints._send_ip_list_updatesX//+ "             r,addcK|d}|dtjd|Ddd|d{VS)Nrrc,g|]}t|Srhr5.0_ips r* z0ListsEndpoints.whitelist_add..333s#c((333r,TrryrrSr)rwrrrkr]r(_ipss r* whitelist_addzListsEndpoints.whitelist_addszz'""..M33d333/         r,cKtjdur+|dd}|dkrtd|d}|dt jd|Ddd | d{VS) NFscopegroup%Local IP list management is disabled.rrc,g|]}t|Srhrrs r*rz0ListsEndpoints.blacklist_add..rr,TrrrALLOW_LOCAL_IP_MANAGEMENTrwrrrDROPr]r(rrs r* blacklist_addzListsEndpoints.blacklist_adds  0E 9 9JJw--E%&MNNNzz'""..L33d333/         r,cK|d}|dtjd|Ddd|d{VS)Nrrc,g|]}t|Srhrrs r*rz/ListsEndpoints.graylist_add..rr,Trr)rwrrCAPTCHArs r* graylist_addzListsEndpoints.graylist_addszz'""..O33d333/         r,movecKtjdurtd|dtjdd|Did{VS)NFrrrc,g|]}t|Srhrrs r*rz1ListsEndpoints.blacklist_move..-s777#SXX777r,rrrrrrrr]rs r*blacklist_movezListsEndpoints.blacklist_move#s  0E 9 9!"IJJ J..L777778/         r,cK|d}tjdur+|dd}|dkrtd|dt jdd|Di|d{VS) NrFrrrrc,g|]}t|Srhrrs r*rz1ListsEndpoints.whitelist_move..=666#SXX666r,r)rwrrrrrrk)r]r(rrs r*whitelist_movezListsEndpoints.whitelist_move0szz'""  0E 9 9JJw--E%&MNNN..M66666A&A/         r,editcKtjdur+|dd}|dkrtd|d}|dt jdd|Di|d{VS) NFrrrrrc,g|]}t|Srhrrs r*rz1ListsEndpoints.blacklist_edit..Mrr,rrrs r*blacklist_editzListsEndpoints.blacklist_edit@s  0E 9 9JJw--E%&MNNNzz'""..L66666A&A/         r,cKtjdur+|dd}|dkrtd|d}|dt jdd|Di|d{VS) NFrrrrrc,g|]}t|Srhrrs r*rz1ListsEndpoints.whitelist_edit..]rr,r)rrrwrrrrkrs r*whitelist_editzListsEndpoints.whitelist_editPs  0E 9 9JJw--E%&MNNNzz'""..M66666A&A/         r,deletecKtjdurtd|dtjd|Dd{VS)NFrrc,g|]}t|Srhrrs r*rz3ListsEndpoints.blacklist_delete..j---3s88---r,rrrs r*blacklist_deletezListsEndpoints.blacklist_delete`sy  0E 9 9!"IJJ J..L--u---/         r,cKtjdurtd|dtjd|Dd{VS)NFrrc,g|]}t|Srhrrs r*rz3ListsEndpoints.whitelist_delete..wrr,r)rrrrrrkrs r*whitelist_deletezListsEndpoints.whitelist_deletemsy  0E 9 9!"IJJ J..M--u---/         r,cjK|dtjd|Dd{VS)Nrc,g|]}t|Srhrrs r*rz2ListsEndpoints.graylist_delete..rr,r)rrrrs r*graylist_deletezListsEndpoints.graylist_deletezs\..O--u---/         r,z blocked-portc V|jdi|}|d|tjd||d|fS)N blocked-ports)rdrerh)rirrj)r]rdrer(rls r*get_port_protozListsEndpoints.get_port_protosK '''' ? #    CE& C CF C C  r,chK|r d|Dng}|dd|||dd{VS)Nc,g|]}t|Srhrrr`s r*rz3ListsEndpoints.blocked_port_add..***CGG***r,BLOCKED_PORT_UPDATErrrripscommentrr]rrrips_lists r*blocked_port_addzListsEndpoints.blocked_port_addsu/29**c****r--/"            r,cDK|dd|dd{VS)Nrr)rrrrrs r*blocked_port_deletez"ListsEndpoints.blocked_port_deletesQ--/"           r,cFK|dd||dd{VS)Nrr)rrrrr)r]rrs r*blocked_port_editz ListsEndpoints.blocked_port_editsT--/ "            r,zblocked-port-ipchK|r d|Dng}|dd|||dd{VS)Nc,g|]}t|Srhrrs r*rz9ListsEndpoints.ignored_by_port_add_ip..rr,BLOCKED_PORT_IP_UPDATErrrrs r*ignored_by_port_add_ipz%ListsEndpoints.ignored_by_port_add_ipsu/29**c****r--2"            r,c`Kd|D}|dd|||dd{VS)Nc,g|]}t|Srhrrs r*rz:ListsEndpoints.ignored_by_port_edit_ip..%%%2s2ww%%%r,rrrr)r]rrrs r*ignored_by_port_edit_ipz&ListsEndpoints.ignored_by_port_edit_ipsj&%%%%--2 "            r,c^Kd|D}|dd||dd{VS)Nc,g|]}t|Srhrrs r*rz.rr,rr)rrrrr)r]rrs r*ignored_by_port_delete_ipz(ListsEndpoints.ignored_by_port_delete_ipsg&%%%%--2"            r,Fc Rtjddtjgi|tjddtjgi|ztjdtjg|d|tjddtjgi|ztjdit dd|i|t jdi|dS)Nr<r)r<ryr:)rcblackrvrrh)rrprkrrqrAr)r]ryr:r(s r*rizListsEndpoints._countss"FFfl^FvFF)(./39 "%|nV?E)(./39&))=AG )4>>v>>)   r,zip-listsyncedctj||||tj||||fS)N)by_ip)rSrrdre)rrp_counts_syncedrj)r]rSrrdres r*ip_list_syncedzListsEndpoints.ip_list_syncedsP  $We 4 4   e  , ,  uE&     r,c >tjjtjtjj|dtjjtjtjj|dtjjtjtjj|dtjjtjtjj|diS)Nr)rSr) rrkvaluerrpr7rr SPLASHSCREEN)r(s r*rzListsEndpoints._counts_synced s M !9 +6::g3F3F""" L  8 *&**W2E2E!!! O !<#;-VZZ5H5H$$$  & (@,2jj)))))  r, list_namesr:c Ktjd d|i|}|jd i|}tjtjg|d|d|d}tjtjg|d|d|d}tjd dtjgi||ztjd dtjgi||ztjd itd d|i|tjd dtjgi|d|d}tj|vr|||zz }||fS) Nr<by_country_code by_commentrrrrrr:)rcdropcaptcha splashscreen)servercloudrh) rrprrrqr7rkrAr@) r]rr:r( max_count count_syncedblacklisted_country_countwhitelisted_country_countrls r*get_counts_localzListsEndpoints.get_counts_locals &FFFvFF *t*44V44 $/$; &'"JJ'899zz,//**W%% % % % ! %0$; &'"JJ'899zz,//**W%% % % % !&JJ&,J6JJ/0&JJ&,J6JJ/0"---A  !' 2!!%78!.T7V%=v{$KKKKKKr,rrrrr:r<zip+z country.code+ci|] }|j| Srhnamerfields r* z5ListsEndpoints.union_ip_countries..tsIIIEej%IIIr,ci|] }|j| Srhr r s r*rz5ListsEndpoints.union_ip_countries..us)   "'EJ   r,c bg}D]\}}||vrP|||t|j||Y|t d||j|S)NNULL)rr?r7getattrmodelaliasrselect)query model_columnsselect_columnscol_name_ all_columnss r* align_queryz6ListsEndpoints.union_ip_countries..align_query{sN*0022 G G !},,"))%))$gek8&D&D%// #))#f++*;*;H*E*EFFFF5<0 0r,rc,g|]}t|Srh)r)rkeys r*rz5ListsEndpoints.union_ip_countries..s 5 5 53c#hh 5 5 5r,country)onc(g|]}|jdk |SrS column_namerorders r*rz5ListsEndpoints.union_ip_countries..s,u/@I/M/M/M/M/Mr,rT)force_no_prefixc(g|]}|jdk |Sr"r#r%s r*rz5ListsEndpoints.union_ip_countries..s,u/@I/M/M/M/M/Mr,.)exclude)idrTrSrh).rfetch_as_unionr7rr=rr>r@r?rArwr fromstring _returningr union_allrkeysfrom_joinrr LEFT_OUTERrr+rerddesc list_priorityr get_nodesr$splitr4r enumeratenodesr r rfr r\rrlistname2purposer)r]rrdrerfr:r(rr ip_columnscountry_columnsordersr alias_modelcombined_query wrapped_queryrS others_orderr&r9nodeinrowsrowentryitemrs @r*union_ip_countriesz!ListsEndpoints.union_ip_countriesJs$2!+ #JJ'899zz,//**W%%     K: % %' &( &'z99!!&":;;;,%9=CF JJ{D ) ) )(        "5))"?33HJIX5HIII   +8+C   !?2  1 1 1 1 1;x44# M?CC  11 !++M::* * 5 5+"2"2"4"4 5 5 5 %   &** T_#i..GJ*F+    )0088M  )//66M  #+G  qzKF(>>>>-dCCCHHJJ #+L& G G$.E-33C88(2#U%6%<%.rr,rrr)rrrrrfrdrerTrS)rrjr7rr:rwr)rrdrerfr(rrHs r*&get_black_white_listed_local_countriesz5ListsEndpoints.get_black_white_listed_local_countriess$)!+ #JJ'899zz,//**W%%    "  D+<$$ OOr,c Ktj|vr_tjrS|sQtj|vr|tjt dd|i|}|ddtjd||j |||d|}|D]1}tj |dj |d<2|S)Nr:r<)r<rgrdrerfrTrSrh) rr=rr>r@r?rArwrjr\rr:r) r]rrdrer:rfr(rrHs r* get_ip_localzListsEndpoints.get_ip_locals K: % %' &( &'z99!!&":;;;,%9=CF JJ{D ) ) )<   .        D+<$$ OOr,localrSc@K|s/tjtjtjtjg}n d|D}|dd}|dd}|dkr@|jd d|D|d|d{V\} } |j|||fd |i|d{V} | | | fS|d kr7|jd ||d|d{V\} } |j|f||||d |d{V} | | | fS|j |f||||d |} |j|fd |i|d{V\} } | | | fS)zreplacements for old whitelist/graylist/blacklist ip list, With changes: non search by ip, now will find supernets and subnets c6g|]}tj|Srh)rrT)rps r*rz5ListsEndpoints.ip_list_local_list.."s#???!'*1--???r,ruFby_typeNrcFg|]}|tjtjfv|Srhrrs r*rz5ListsEndpoints.ip_list_local_list..*s7! )A6;(OOOOOOr,)rr:rfr`)rdrerfr:r:rh) rrkrqr=r@rwrrLrNrI)r]rSrdrerfr(rr:rSrrlrr result_itemss r*ip_list_local_listz!ListsEndpoints.ip_list_local_list s @   ( JJ@?w???J%zz*.s666CGG666r,,return_exceptionsc,i|]\}}|||Srhrh)rrCr8 ips_for_taskss r*rz4ListsEndpoints.ip_list_local_add..s:   8 ! h   r,rh)rrrwrrrjrrTr[rctimedeep imported_fromr`rynetmasknetwork_addressversionlenr?updaterr5r2asynciogatherr8) r]rSr(rrnew_ipstasksr` existing_itemtask create_items responsesr\s @r*ip_list_local_addz ListsEndpoints.ip_list_local_addTs~  0E 9 9JJw--E%&MNNNzz'""  . .B"L!'**+)NLK(IOMN*N M"=!!Q&&r""""' a '11&11100 #"%b''"&(*1 T"""$$SWW----  966g666L,,)"-D LL     ,!7!7 8 8 8!.%H4HHHHHHHH     (33    r,cKtjdurtd|d|d|Dd{VS)zUsed for removing record from IPList table, same as old rpc calls: `[white/black/gray]list ip delete`, but now also splachscreen is allowed to delete Frrc,g|]}t|Srhrrs r*rz7ListsEndpoints.ip_list_local_delete..rr,rN)rrrr)r]rSrs r*ip_list_local_deletez#ListsEndpoints.ip_list_local_deletesw  0E 9 9!"IJJ J..--u---/         r,)NNN)NNrX)NF)NNNN)F)NNNF)NNFN);__name__ __module__ __qualname__rIM360SCOPE_COLUMNS_TO_IP_LISTrZrHrbindrrmrrrxintrr5rrrr~r9rrrOrrrrrrrrrrrr.rrrrrrrrir staticmethodrrboolrrIrLrNrVrmrp __classcell__)r^s@r*rQrQ[s KE66666 V[dF++04   ,+_ "V[dF++   ,+_ V[T6**   +*_ (V[ !%&*       7#     "V[ !%&*       7#     ,!%&* 8888 8  8 7# 88884%  %$   V[dE**   +*_  V[dE**  +*_ "V[T5))   *)_  V[dF++  ,+_ V[dF++   ,+_  V[dF++   ,+_  V[dF++   ,+_  V[dH--  .-_ V[dH--  .-_ V[T8,,  -,_ V[(("   #")( V[''"    #"('  V[**"  #"+* V[(("  #")( V["E**"    #"+*  V["F++"    #",+  V["H--"   #".-      0V[H%%;?    &%    \ (&+,!,!I,!#,!,!,!,!b $ $,0%* ||I|}| | 4=) | # ||||| $ $,0 I} 4=) \> $ $%*&* %%I%}% % # % 7# %%%%NV[GV,,(,# $,0 D/D/$s)$D/}D/ D/ 4=) D/D/D/-,D/LV[GU++C C ,+C JV[GX..   /.      r,rQ)5rerKrD functoolsrtypingrrpeeweerrr r r playhouse.shortcutsr defence360agent.contracts.configr $defence360agent.model.simplificationrdefence360agent.rpc_toolsrdefence360agent.rpc_tools.utilsr"defence360agent.rpc_tools.validaterrdefence360agent.utilsrrim360.contracts.configrrrim360.model.countryrrim360.model.firewallrrrrrresident_socketr rr.r9rArHrO RootEndpointsrQrhr,r*rs/ !!!!!!!!99999999999999------EEEEEE======,,,,,,EEEEEEGGGGGGGG@@@@@@@@CCCCCCCCCC44444444,+++++&5:      N  N  N  N  N  V)N  N  N  N  N  r,