malwaredb 0.3.2

Service for storing malicious, benign, or unknown files and related metadata and relationships.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110

// SPDX-License-Identifier: Apache-2.0

use malwaredb_server::State;

use std::process::ExitCode;

use anyhow::ensure;
use chrono::{Local, NaiveDate, NaiveDateTime, NaiveTime};
use clap::{Parser, ValueHint};

/// Grant a group access to a data source
#[derive(Clone, Debug, Parser, PartialEq)]
pub struct AddGroup {
    /// Group ID
    #[arg(short, long)]
    pub gid: u32,

    /// Source ID
    #[arg(short, long)]
    pub sid: u32,
}

impl AddGroup {
    pub async fn execute(&self, state: State) -> anyhow::Result<ExitCode> {
        let groups = state.db_type.list_groups().await?;
        ensure!(
            groups.iter().any(|g| g.id == self.gid),
            "Group ID {} is not valid.",
            self.gid
        );

        let sources = state.db_type.list_sources().await?;
        ensure!(
            sources.iter().any(|s| s.id == self.sid),
            "Source ID {} is not valid.",
            self.sid
        );

        state
            .db_type
            .add_group_to_source(self.gid, self.sid)
            .await?;
        Ok(ExitCode::SUCCESS)
    }
}

/// Create a new source
#[derive(Clone, Debug, Parser, PartialEq)]
pub struct Create {
    /// Name
    #[arg(long)]
    pub name: String,

    /// Description
    #[arg(long)]
    pub description: Option<String>,

    /// This source's URL
    #[arg(long, value_hint = ValueHint::Url)]
    pub url: Option<String>,

    /// First acquisition date in 'YYYY-MM-DD' format
    #[arg(long)]
    pub date: NaiveDate,

    /// Whether or not the data in this source can be shared externally
    #[arg(long)]
    pub releasable: bool,

    /// Are the files from this source known to be malware or otherwise malicious?
    #[arg(long)]
    pub malicious: Option<bool>,
}

impl Create {
    pub async fn execute(&self, state: State) -> anyhow::Result<ExitCode> {
        // The known time
        let time = NaiveTime::default();
        // Naive date time, with no time zone information
        let datetime = NaiveDateTime::new(self.date, time);

        let sid = state
            .db_type
            .create_source(
                &self.name,
                self.description.as_deref(),
                self.url.as_deref(),
                datetime.and_local_timezone(Local).unwrap(),
                self.releasable,
                self.malicious,
            )
            .await?;
        println!("Source {} created with ID {sid}", self.name);

        Ok(ExitCode::SUCCESS)
    }
}

/// List sources
#[derive(Clone, Debug, Parser, PartialEq)]
pub struct List {}

impl List {
    pub async fn execute(&self, state: State) -> anyhow::Result<ExitCode> {
        for source in state.db_type.list_sources().await? {
            println!("{source}");
        }
        Ok(ExitCode::SUCCESS)
    }
}