Meteor.startup( () => {
mozdefsettings = new Mongo.Collection( "mozdefsettings" );
features = new Mongo.Collection( "features" );
events = new Mongo.Collection( "events" );
alerts = new Mongo.Collection( "alerts" );
investigations = new Mongo.Collection( "investigations" );
incidents = new Mongo.Collection( "incidents" );
veris = new Mongo.Collection( "veris" );
kibanadashboards = new Mongo.Collection( "kibanadashboards" );
healthfrontend = new Mongo.Collection( "healthfrontend" );
sqsstats = new Mongo.Collection( "sqsstats" );
healthescluster = new Mongo.Collection( "healthescluster" );
healthesnodes = new Mongo.Collection( "healthesnodes" );
healtheshotthreads = new Mongo.Collection( "healtheshotthreads" );
attackers = new Mongo.Collection( "attackers" );
actions = new Mongo.Collection( "actions" );
userActivity = new Mongo.Collection( "userActivity" );
ipblocklist = new Mongo.Collection( "ipblocklist" );
fqdnblocklist = new Mongo.Collection( "fqdnblocklist" );
watchlist = new Mongo.Collection( "watchlist" );
preferences = new Mongo.Collection( "preferences" );
if ( Meteor.isServer ) {
// Indexes, as promises to properly drop, then create
fqdnblocklist.rawCollection().dropIndexes().then( ( value ) => {
fqdnblocklist.rawCollection().createIndex( {
fqdn: "text",
comment: "text",
reference: "text"
} );
} );
watchlist.rawCollection().dropIndexes().then( ( value ) => {
watchlist.rawCollection().createIndex( {
watchcontent: "text",
comment: "text",
reference: "text"
} );
} );
ipblocklist.rawCollection().dropIndexes().then( ( value ) => {
ipblocklist.rawCollection().createIndex( {
address: "text",
comment: "text",
reference: "text"
} );
} );
incidents.rawCollection().dropIndexes().then( ( value ) => {
incidents.rawCollection().createIndex( {
summary: "text",
description: "text",
creator: "text"
} );
} );
investigations.rawCollection().dropIndexes().then( ( value ) => {
investigations.rawCollection().createIndex( {
summary: "text",
description: "text",
creator: "text"
} );
} );
//Publishing setups
Meteor.publish( "mozdefsettings", function() {
return mozdefsettings.find();
} );
Meteor.publish( "features", function() {
return features.find();
} );
Meteor.publish( "alerts-summary", function( searchregex, timeperiod, recordlimit ) {
//tail the last 100 records by default
//default parameters
timeperiod = typeof timeperiod !== 'undefined' ? timeperiod : 'tail';
searchregex = typeof searchregex !== 'undefined' ? searchregex : '';
recordlimit = ['number'].indexOf( typeof ( recordlimit ) ) ? 100 : recordlimit;
//sanity check the record limit
if ( recordlimit > 10000 || recordlimit < 1 ) {
recordlimit = 100;
}
if ( timeperiod === 'tail' || timeperiod == 'none' ) {
return alerts.find(
{ summary: { $regex: searchregex } },
{
fields: {
_id: 1,
esmetadata: 1,
utctimestamp: 1,
utcepoch: 1,
summary: 1,
severity: 1,
category: 1,
acknowledged: 1,
acknowledgedby: 1,
url: 1
},
sort: { utcepoch: -1 },
limit: recordlimit
}
);
} else {
//determine the utcepoch range
beginningtime = moment().utc();
//expect timeperiod like '1 days'
timevalue = Number( timeperiod.split( " " )[0] );
timeunits = timeperiod.split( " " )[1];
beginningtime.subtract( timevalue, timeunits );
return alerts.find(
{
summary: { $regex: searchregex },
utcepoch: { $gte: beginningtime.unix() }
},
{
fields: {
_id: 1,
esmetadata: 1,
utctimestamp: 1,
utcepoch: 1,
summary: 1,
severity: 1,
category: 1,
acknowledged: 1
},
sort: { utcepoch: -1 },
limit: recordlimit
}
);
}
} );
Meteor.publish( "alerts-details", function( alertid, includeEvents ) {
//return alerts.find({'esmetadata.id': alertid});
//alert ids can be either mongo or elastic search IDs
//look for both to publish to the collection.
//default parameters
includeEvents = typeof includeEvents !== 'undefined' ? includeEvents : true;
if ( includeEvents ) {
return alerts.find( {
$or: [
{ 'esmetadata.id': alertid },
{ '_id': alertid },
]
} );
} else {
return alerts.find( {
$or: [
{ 'esmetadata.id': alertid },
{ '_id': alertid },
]
},
{
fields: { events: 0 },
} );
}
} );
Meteor.publish( "alerts-count", function() {
var self = this;
var count = 0;
var initializing = true;
var recordID = uuid();
//get a count by watching for only 1 new entry sorted in reverse date order.
//use that hook to return a find().count rather than iterating the entire result set over and over
var handle = alerts.find( {}, { sort: { utcepoch: -1 }, limit: 1 } ).observeChanges( {
added: function( newDoc, oldDoc ) {
count = alerts.find().count();
if ( !initializing ) {
self.changed( "alerts-count", recordID, { count: count } );
//console.log('added alerts count to' + count);
}
},
changed: function( newDoc, oldDoc ) {
count = alerts.find().count();
if ( !initializing ) {
self.changed( "alerts-count", recordID, { count: count } );
//console.log('changed alerts count to' + count);
}
},
removed: function( newDoc, oldDoc ) {
count = alerts.find().count();
if ( !initializing ) {
self.changed( "alerts-count", recordID, { count: count } );
//console.log('changed alerts count to' + count);
}
}
} );
initializing = false;
self.added( "alerts-count", recordID, { count: count } );
//console.log('count is ready: ' + count);
self.ready();
// Stop observing the cursor when client unsubs.
// Stopping a subscription automatically takes
// care of sending the client any removed messages.
self.onStop( function() {
//console.log('stopped publishing alerts count.')
handle.stop();
} );
} );
Meteor.publish( "attacker-details", function( attackerid ) {
return attackers.find( { '_id': attackerid },
{
fields: {
events: { $slice: -20 },
alerts: { $slice: -10 }
},
sort: { 'events.documentsource.utctimestamp': -1 },
reactive: false
}
);
} );
Meteor.publish( "attackers-summary", function() {
//limit to the last 100 records by default
//to ease the sync transfer to dc.js/crossfilter
return attackers.find( {},
{
fields: {
events: 0,
alerts: 0,
},
sort: { lastseentimestamp: -1 },
limit: 100
} );
} );
Meteor.publish( "investigation-details", function( investigationid ) {
return investigations.find( { '_id': investigationid } );
} );
Meteor.publish( "incident-details", function( incidentid ) {
return incidents.find( { '_id': incidentid } );
} );
Meteor.publish( "veris", function() {
return veris.find( {}, { limit: 0 } );
} );
Meteor.publish( "healthfrontend", function() {
return healthfrontend.find( {}, { limit: 0 } );
} );
Meteor.publish( "sqsstats", function() {
return sqsstats.find( {}, { limit: 0 } );
} );
Meteor.publish( "healthescluster", function() {
return healthescluster.find( {}, { limit: 0 } );
} );
Meteor.publish( "healthesnodes", function() {
return healthesnodes.find( {}, { limit: 0 } );
} );
Meteor.publish( "healtheshotthreads", function() {
return healtheshotthreads.find( {}, { limit: 0 } );
} );
Meteor.publish( "kibanadashboards", function() {
return kibanadashboards.find( {}, { sort: { name: 1 }, limit: 30 } );
} );
Meteor.publish( "userActivity", function() {
return userActivity.find( {}, { sort: { userID: 1 }, limit: 100 } );
} );
publishPagination( incidents );
publishPagination( investigations );
publishPagination( ipblocklist );
publishPagination( fqdnblocklist );
publishPagination( watchlist );
publishPagination( alerts );
Meteor.publish( "preferences", function() {
return preferences.find( {}, { limit: 0 } );
} )
//access rules from clients
//barebones to allow you to specify rules
incidents.allow( {
insert: function( userId, doc ) {
// the user must be logged in
return ( userId );
},
update: function( userId, doc, fields, modifier ) {
// the user must be logged in
return ( userId );
},
remove: function( userId, doc ) {
// can only remove one's own indicents
return doc.creator === Meteor.user().profile.email;
},
fetch: ['creator']
} );
attackers.allow( {
update: function( userId, doc, fields, modifier ) {
// the user must be logged in
return ( userId );
}
} );
alerts.allow( {
update: function( userId, doc, fields, modifier ) {
// the user must be logged in
return ( userId );
}
} );
investigations.allow( {
insert: function( userId, doc ) {
// the user must be logged in
return ( userId );
},
update: function( userId, doc, fields, modifier ) {
// the user must be logged in
return ( userId );
},
remove: function( userId, doc ) {
// can only remove one's own items
return doc.creator === Meteor.user().profile.email;
},
fetch: ['creator']
} );
userActivity.allow( {
insert: function( userId, doc ) {
// the user must be logged in
return ( userId );
},
remove: function( userId, doc ) {
// can only remove one's own items
return doc.userId === Meteor.user().profile.email;
},
} );
ipblocklist.allow( {
insert: function( userId, doc ) {
// the user must be logged in
return ( userId );
},
update: function( userId, doc, fields, modifier ) {
// the user must be logged in
return ( userId );
},
remove: function( userId, doc ) {
// the user must be logged in
return ( userId );
},
fetch: ['creator']
} );
fqdnblocklist.allow( {
insert: function( userId, doc ) {
// the user must be logged in
return ( userId );
},
update: function( userId, doc, fields, modifier ) {
// the user must be logged in
return ( userId );
},
remove: function( userId, doc ) {
// the user must be logged in
return ( userId );
},
fetch: ['creator']
} );
watchlist.allow( {
insert: function( userId, doc ) {
// the user must be logged in
return ( userId );
},
update: function( userId, doc, fields, modifier ) {
// the user must be logged in
return ( userId );
},
remove: function( userId, doc ) {
// the user must be logged in
return ( userId );
},
fetch: ['creator']
} );
// since we store email from oidc calls in the profile
// deny updates to the profile which is writeable by default
// https://docs.meteor.com/api/accounts.html#Meteor-users
Meteor.users.deny( { update: () => true } );
preferences.allow( {
insert: function( userId, doc ) {
// the user must be logged in
return ( userId );
},
update: function( userId, doc, fields, modifier ) {
// can only update one's own items
return ( doc.userId == Meteor.user().profile.email );
},
remove: function( userId, doc ) {
// can only remove one's own items
return doc.userId === Meteor.user().profile.email;
},
} );
};
if ( Meteor.isClient ) {
//client side collections:
options = {
_suppressSameNameError: true
};
Meteor.subscribe( "mozdefsettings",
onReady = function() {
Meteor.subscribe( "preferences",
onReady = function() {
// Now that we have subscribed to our settings collection
// register our login handler
// and the login function of choice
// based on how enableClientAccountCreation was set at deployment.
Meteor.login();
} );
} );
Meteor.subscribe( "features" );
alertsCount = new Mongo.Collection( "alerts-count", options );
//client-side subscriptions to low volume collections
Meteor.subscribe( "veris" );
Meteor.subscribe( "kibanadashboards" );
Meteor.subscribe( "userActivity" );
};
} );
import { Meteor } from 'meteor/meteor';
import { Mongo } from 'meteor/mongo';
import { check } from 'meteor/check';
export const ReminderMsgs = new Mongo.Collection('reminderMsgs');
ReminderMsgs.allow({
insert: function(userId, doc) {
// if user id exists, allow insert
return !!userId;
}
});
Meteor.methods({
'insert.reminder' (remName, remSubj, remSal, remText, remClose) {
check(remName, String);
check(remSubj, String);
check(remSal, String);
check(remText, String);
check(remClose, String);
if (!this.userId) {
throw new Meteor.Error('User is not authorized add Reminder Messages.');
}
return ReminderMsgs.insert({
reminderName: remName,
subjectLine: remSubj,
reminderSalutation: remSal,
reminderText: remText,
reminderClosing: remClose,
import { Meteor } from 'meteor/meteor';
import { Mongo } from 'meteor/mongo';
import { check } from 'meteor/check';
export const FlashCards = new Mongo.Collection('flashCards');
FlashCards.allow({
insert(userId, flashCard) {
return userId && flashCard.owner === userId;
},
update(userId, flashCard, fields, modifier) {
//return userId && flashCard.owner === userId;
return userId ;
},
remove(userId, flashCard) {
return userId && flashCard.owner === userId;
}
});
import { Mongo } from 'meteor/mongo';
export const Resources = new Mongo.Collection('resources');
if (Meteor.isServer) {
Resources.allow({
insert() {
return true;
},
update() {
return true;
},
remove() {
return true;
}
});
}
let Schema= {};
Schema.Resources = new SimpleSchema({
name: {type:String},
description: {type:String, optional:true},
category: {type:[String], optional:true},
featured: {type:Boolean, defaultValue:false},
favorites:{type:Number, defaultValue:0, min:0},
files: {type:Array, optional:true},
"files.$":{type:Object},
"files.$type":{type:String},
"files.$url":{type:String},
created_at: {
import { Mongo } from 'meteor/mongo';
export const Services = new Mongo.Collection('services');
Services.allow({
insert(userId, service) {
return userId && service.owner === userId;
},
update(userId, service, fields, modifier) {
return userId && service.owner === userId;
},
remove(userId, service) {
return userId && service.owner === userId;
}
});
import { Mongo } from 'meteor/mongo';
import {Product} from './Product';
export const Order = new Mongo.Collection('order');
Order.helpers({
productCart () {
return Product.findOne(this.productId);
}
});
Order.allow({
insert (userId) {
return userId;
},
});
import { Mongo } from 'meteor/mongo';
import { SimpleSchema } from 'meteor/aldeed:simple-schema';
export const ProcurementOrgs = new Mongo.Collection('ProcurementOrgs');
ProcurementOrgs.allow({
insert: () => true,
update: () => true,
remove: () => true,
});
const Schemas = {};
Schemas.Address = new SimpleSchema({
address: {
type: String
},
lat: {
type: Number,
decimal: true
},
lng: {
type: Number,
decimal: true
},
geometry: {
type: Object,
blackbox: true
},
placeId: {
type: String
import { Meteor } from 'meteor/meteor';
import { Mongo } from 'meteor/mongo';
export const Images = new Mongo.Collection('images');
export const Thumbs = new Mongo.Collection('thumbs');
function loggedIn(userId) {
return !!userId;
}
Thumbs.allow({
insert: loggedIn,
update: loggedIn,
remove: loggedIn
});
Images.allow({
insert: loggedIn,
update: loggedIn,
remove: loggedIn
});
import {Mongo} from 'meteor/mongo';
export const UserProfileUser = new Mongo.Collection("userProfileUser");
UserProfileUser.allow({
insert: function(){
return true;
},
update: function(){
return true;
},
remove: function(){
return true;
}
});
import { Meteor } from 'meteor/meteor';
import { Mongo } from 'meteor/mongo';
import { SimpleSchema } from 'meteor/aldeed:simple-schema';
import { insert, remove, trade } from './methods';
export const Books = new Mongo.Collection('books');
Books.allow({
insert() { return false; },
update() { return false; },
remove() { return false; }
});
Books.deny({
insert() { return true; },
update() { return true; },
remove() { return true; }
});
Books.schema = new SimpleSchema({
title: {
type: String,
label: 'Title'
},
author: {
type: String,
label: 'Author'
},
thumbnail: {
type: String,
import {Mongo} from 'meteor/mongo';
export const eventsInvitations = new Mongo.Collection('eventsInvitations');
eventsInvitations.allow({
insert:() => true,
update:() => true,
remove:() => true
});
import { Mongo } from 'meteor/mongo';
import { SimpleSchema } from 'meteor/aldeed:simple-schema';
import faker from 'faker';
import { Factory } from 'meteor/dburles:factory';
export const NotificationComment = new Mongo.Collection('notifications-comment');
NotificationComment.allow({
insert: () => false,
update: () => false,
remove: () => false
});
NotificationComment.deny({
insert: () => true,
update: () => true,
remove: () => true
});
NotificationComment.Schema = new SimpleSchema({
annonce_id: {
type: String ,
label:'Notification - the annonce id'
} ,
commentId: {
type: String ,
label: 'Notification - the comment id'
},
owner: {
type: String ,
label: 'Notification - the id of the owner of notification'
import {Mongo} from 'meteor/mongo';
export const MsUser = new Mongo.Collection("msUser");
MsUser.allow({
insert: function(userId, doc){
var query = MsUser.find({email: doc.email})
if(query.count() > 0) {
return false;
} else {
return true;
}
},
update: function(userId){
return userId;
},
remove: function(){
return true;
}
});
import { Mongo } from 'meteor/mongo';
export const Parties = new Mongo.Collection('parties');
Parties.allow({
insert(userId, party) {
return userId && party.owner === userId;
},
update(userId, party, fields, modifier) {
return userId && party.owner === userId;
},
remove(userId, party) {
return userId && party.owner === userId;
}
});
import {Mongo} from 'meteor/mongo';
export const Examination =new Mongo.Collection("examination");
Examination.allow({
insert: function(){
return true;
},
update: function(userId){
return userId;
},
remove: function(){
return true;
}
});
import { Mongo } from 'meteor/mongo';
export const ThemesEvent = new Mongo.Collection('themesEvent');
ThemesEvent.allow({
insert() {
return false;
},
update() {
return false;
},
remove() {
return false;
}
});
Tasks.helpers({
fullName(){
return Meteor.users.findOne(this.author).username;
},
taskDate(){
return moment(this.createdAt).fromNow();
}
});
Tasks.allow({
insert(userId, doc) {
return false;
},
update(userId, doc, fields, modifier) {
return true;
},
remove(userId, doc) {
return false
}
});
TaskSchema = new SimpleSchema({
taskText: {
type: String
},
completed:{
type: Boolean
},
createdAt: {
type: Date,
import { Mongo } from 'meteor/mongo';
import { SimpleSchema } from 'meteor/aldeed:simple-schema';
import { check } from 'meteor/check';
import { Meteor } from 'meteor/meteor';
import { EasySearch } from 'meteor/easy:search';
export const Impressions = new Mongo.Collection('impressions');
Impressions.allow({
insert:function(){return true;},
remove:function(){return true;},
update:function(){return true;},
});
ImpressionSchema = new SimpleSchema({
gabarit: {
type: String,
label: "Gabarit",
allowedValues: ['Imprimante', 'Photocopieur', 'Fax'],
},
marque: {
type: String,
label: "Marque",
},
modele: {
type: String,
label: "Modèle",
},
nombretoner: {
type: Number,
import { Mongo } from 'meteor/mongo';
export const Texto = new Mongo.Collection('texto');
Texto.allow({
insert (userId) {
return userId
},
update (userId){
return userId
},
remove (userId){
return userId
}
});
import { Mongo } from 'meteor/mongo';
import { SimpleSchema } from 'meteor/aldeed:simple-schema';
import { Factory } from 'meteor/dburles:factory';
export const Sequence = new Mongo.Collection('sequence');
Sequence.allow({
insert: () => false,
update: () => false,
remove: () => false
});
Sequence.deny({
insert: () => true,
update: () => true,
remove: () => true
});
Sequence.Schema = new SimpleSchema({
_id:{
type:String,
label: "the name of document that will use increment value"
},
seq:{
type:Number,
label: "the value of the Sequence"
}
});
Sequence.attachSchema(Sequence.Schema);
import { Mongo } from 'meteor/mongo';
export const Products = new Mongo.Collection('products');
Products.allow({
insert(userId, product) {
return userId && product.owner === userId;
},
update(userId, product, fields, modifier) {
return userId && product.owner === userId;
},
remove(userId, product) {
return userId && product.owner === userId;
}
});
import { Mongo } from 'meteor/mongo';
import { SimpleSchema } from 'meteor/aldeed:simple-schema';
export const ConversationMessages = new Mongo.Collection('conversation-messages');
ConversationMessages.allow({
insert: () => false,
update: () => false,
remove: () => false
});
ConversationMessages.deny({
insert: () => true,
update: () => true,
remove: () => true
});
ConversationMessages.schema = new SimpleSchema({
conversationId: {
type: String,
label: "The id of the conversation that comporte all ConversationMessages"
},
"from.userId":{
type: String,
label: "the id of the sender"
},
"to.userId":{
type: String,
label: "the revericer of the message"
else {// the user is logged in, the image has the correct user id
return true;
}
}
else {// user not logged in
return false;
}
},
*/
m603s.allow({
insert: function (userId, doc) {
return true;
},
update: function (userId, doc, fieldNames, modifier) {
return true;
},
remove: function (userId, doc) {
return true;
}
});
m603items.allow({
insert: function (userId, doc) {
return true;
},
update: function (userId, doc, fieldNames, modifier) {
return true;
},
remove: function (userId, doc) {
return true;
},
"content": {
type: String,
label: "The content of this post.",
optional: true
},
"tags": {
type: [ String ],
label: "The tags of this post.",
optional: true
}
});
Posts.attachSchema(Posts.schema);
/* added for extra safeguard */
Posts.allow({
insert: () => false,
update: () => false,
remove: () => false
});
Posts.deny({
insert: () => true,
update: () => true,
remove: () => true
});
import { Mongo } from 'meteor/mongo';
export const DBAds = new Mongo.Collection('ads');
DBAds.allow({
insert:function(){
return true;
},
update:function(){
return true;
},
remove:function(){
return true;
}
});
allow(...args) {
return this.model.allow(...args);
}
Products.update(productId, { $set: { image: imageLoc } })
}
})
Products.bySku = function(sku){
return Products.findOne({sku : sku});
};
Products.featured = function(){
var featuredSkus = ["honeymoon-mars","johnny-liftoff","one-way-reentry"];
return Products.find({sku : {$in : featuredSkus}},
{fields : {inventory : false, cost : false}});
};
Products.allow({
update : function(userid, product){
return isAdmin();
},
insert : function(userid, product){
return isAdmin();
},
remove : function(userid, product){
return isAdmin();
}
});
export default Products
import { Mongo } from 'meteor/mongo';
export const RotasDefault = new Mongo.Collection('rotasDefault');
RotasDefault.allow({
insert(userId, rota) {
return userId && rota.owner === userId;
},
update(userId, rota, fields, modifier) {
return userId && rota.owner === userId;
},
remove(userId, rota) {
return userId && rota.owner === userId;
}
});
import faker from 'faker';
import { Mongo } from 'meteor/mongo';
import { SimpleSchema } from 'meteor/aldeed:simple-schema';
import { Factory } from 'meteor/dburles:factory';
export const Pictures = new Mongo.Collection('Pictures');
Pictures.allow({
insert: () => false,
update: () => false,
remove: () => false,
});
Pictures.deny({
insert: () => true,
update: () => true,
remove: () => true,
});
Pictures.schema = new SimpleSchema({
title: {
type: String,
label: 'The title of the picture.',
},
src:{
type: String,
label: 'The source of the picture.',
},
ownerId:{
type: String,
label: 'The owner of the picture.',
import {Mongo} from 'meteor/mongo';
export const Matchs = new Mongo.Collection('matchs');
Matchs.allow({
insert(userId, match) {
return userId && match.owner === userId;
},
remove(userId, match) {
return userId && match.owner === userId;
}
});