add file resubmission feature (#133)

Author: Flet

app/poetry.lock

@@ -28,6 +28,7 @@ requests = "^2.32.3"
 sqlalchemy = "^1.4.54"
 waitress = "^3.0.2"
 jinja2 = "^3.1.6"
+boto3 = "^1.40.2"
 
 [tool.poetry.dev-dependencies]
 

app/pyproject.toml

@@ -11,14 +11,15 @@
 from sqlalchemy.orm import joinedload, defer
 
 from strelka_ui.database import db
-from strelka_ui.models import FileSubmission, User
+from strelka_ui.models import FileSubmission, User, get_request_id
 from strelka_ui.services.auth import auth_required
 from strelka_ui.services.files import (
     decrypt_file,
     check_file_size,
     convert_bytesio_to_filestorage,
 )
 from strelka_ui.services.strelka import get_db_status, get_frontend_status, submit_data
+from strelka_ui.services.s3 import upload_file, calculate_expires_at, is_s3_enabled, download_file, is_file_expired
 from strelka_ui.services.virustotal import (
     get_virustotal_positives,
     create_vt_zip_and_download,
@@ -339,6 +340,21 @@ def get_mimetype_priority(mime_list):
         # Get Strelka Submission IoCs
         # Store a set of IoCs in IoCs field
 
+        # Handle S3 upload if enabled
+        s3_key = None
+        s3_expires_at = None
+        if is_s3_enabled():
+            try:
+                # Create temporary submission ID for S3 key generation
+                temp_submission_id = get_request_id(response[0])
+                success, s3_key, error_msg = upload_file(file, temp_submission_id)
+                if success:
+                    s3_expires_at = calculate_expires_at()
+                    logging.info(f"Successfully uploaded file to S3: {s3_key}")
+                else:
+                    logging.warning(f"Failed to upload file to S3: {error_msg}")
+            except Exception as e:
+                logging.error(f"Unexpected error during S3 upload: {e}")
 
         # Create a new submission object and add it to the database.
         new_submission = FileSubmission(
@@ -350,7 +366,9 @@ def get_mimetype_priority(mime_list):
             request.headers.get("User-Agent"),
             user.id,
             submitted_description,
-            submitted_at
+            submitted_at,
+            s3_key,
+            s3_expires_at
         )
 
         db.session.add(new_submission)
@@ -708,6 +726,105 @@ def check_vt_api_key():
     return jsonify({"apiKeyAvailable": api_key_exists}), 200
 
 
+@strelka.route("/resubmit/<submission_id>", methods=["POST"])
+@auth_required
+def resubmit_file(user: User, submission_id: str) -> Tuple[Response, int]:
+    """
+    Resubmit a file from S3 storage for analysis.
+    
+    Args:
+        user: User object representing the authenticated user.
+        submission_id: ID of the original submission to resubmit.
+        
+    Returns:
+        If successful, returns the new submission details and a 200 status code.
+        If unsuccessful, returns an error message and appropriate status code.
+    """
+    if not is_s3_enabled():
+        return jsonify({
+            "error": "File resubmission is not enabled",
+            "details": "S3 storage is not configured or feature is disabled"
+        }), 400
+    
+    try:
+        # Find the original submission
+        original_submission = db.session.query(FileSubmission).filter_by(
+            file_id=submission_id
+        ).first()
+        
+        if not original_submission:
+            return jsonify({
+                "error": "Original submission not found",
+                "details": f"Submission {submission_id} does not exist"
+            }), 404
+        
+        # Check if file has S3 key
+        if not original_submission.s3_key:
+            return jsonify({
+                "error": "File not available for resubmission",
+                "details": "Original file was not stored in S3"
+            }), 400
+        
+        # Check if file has expired
+        if original_submission.s3_expires_at and is_file_expired(original_submission.s3_expires_at):
+            return jsonify({
+                "error": "File has expired",
+                "details": "The original file has been automatically deleted due to retention policy"
+            }), 410
+        
+        # Download file from S3
+        success, file_storage, error_msg = download_file(original_submission.s3_key)
+        if not success:
+            return jsonify({
+                "error": "Failed to retrieve file from storage",
+                "details": error_msg
+            }), 500
+
+        new_description = f"Resubmission of /submissions/{original_submission.file_id}"
+        
+        # Use the existing submit_to_strelka function with resubmission type
+        # We need to temporarily modify the file object to include the new description
+        class ResubmissionFile:
+            def __init__(self, file_storage, description):
+                self.filename = file_storage.filename
+                self.stream = file_storage.stream
+                self.content_type = file_storage.content_type
+                self.description = description
+                
+            def seek(self, *args, **kwargs):
+                return self.stream.seek(*args, **kwargs)
+                
+            def read(self, *args, **kwargs):
+                return self.stream.read(*args, **kwargs)
+        
+        resubmission_file = ResubmissionFile(file_storage, new_description)
+        
+        # Call the existing submit_to_strelka function
+        response = submit_to_strelka(
+            resubmission_file,
+            user,
+            "",  # No submitted_hash for resubmission
+            new_description,
+            "resubmission"  # Mark as resubmission type
+        )
+        
+        # Add original submission ID to the response
+        if isinstance(response, tuple) and len(response) == 2:
+            response_data, status_code = response
+            if status_code == 200 and hasattr(response_data, 'get_json'):
+                json_data = response_data.get_json()
+                json_data["original_submission_id"] = submission_id
+                return jsonify(json_data), status_code
+        
+        return response
+        
+    except Exception as e:
+        logging.error("Error during file resubmission: %s", e)
+        return jsonify({
+            "error": "File resubmission failed",
+            "details": str(e)
+        }), 500
+
 def submissions_to_json(submission: FileSubmission) -> Dict[str, any]:
     """
     Converts the given submission to a dictionary representation that can be

app/strelka_ui/blueprints/strelka.py

@@ -29,3 +29,17 @@ export VIRUSTOTAL_API_LIMIT=
 
 # Default Submission Exclusions
 export DEFAULT_EXCLUDED_SUBMITTERS=["ExcludeUser"]
+
+# S3 Configuration for File Resubmission
+export ENABLE_FILE_RESUBMISSION=false
+export S3_BUCKET_NAME=
+export S3_REGION=us-east-1
+export S3_ACCESS_KEY_ID=
+export S3_SECRET_ACCESS_KEY=
+# make sure S3_FILE_RETENTION_DAYS value matches the bucket policy
+export S3_FILE_RETENTION_DAYS=7
+export S3_ENDPOINT_URL=
+# boto3 >=1.36.0 enables checksum validation by default, but this feature supported by some self-hosted solutions.
+# To disable this feature, set the following environment variables:
+export AWS_REQUEST_CHECKSUM_CALCULATION=when_required
+export AWS_RESPONSE_CHECKSUM_VALIDATION=when_required

app/strelka_ui/example.env

@@ -0,0 +1,32 @@
+"""add_s3_fields_for_resubmission
+
+Revision ID: 1b23372700aa
+Revises: 3671ee09c427
+Create Date: 2025-08-04 16:20:29.846533
+
+"""
+from alembic import op
+import sqlalchemy as sa
+
+
+# revision identifiers, used by Alembic.
+revision = '1b23372700aa'
+down_revision = '3671ee09c427'
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    with op.batch_alter_table('file_submission', schema=None) as batch_op:
+        batch_op.add_column(sa.Column('s3_key', sa.String(), nullable=True))
+        batch_op.add_column(sa.Column('s3_expires_at', sa.DateTime(), nullable=True))
+    # ### end Alembic commands ###
+
+
+def downgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    with op.batch_alter_table('file_submission', schema=None) as batch_op:
+        batch_op.drop_column('s3_expires_at')
+        batch_op.drop_column('s3_key')
+    # ### end Alembic commands ###

app/strelka_ui/migrations/versions/1b23372700aa_add_s3_fields_for_resubmission.py

@@ -30,6 +30,8 @@ class FileSubmission(db.Model):
         highest_vt_count (int): The highest number of VirusTotal hits for a file.
         highest_vt_sha256 (str): The SHA256 hash of the file with the highest number of VirusTotal hits.
         mime_type (str): The MIME type of the file.
+        s3_key (str): S3 object key for stored file (for resubmission).
+        s3_expires_at (datetime.datetime): When the S3 file expires and gets deleted.
     """
 
     __tablename__ = "file_submission"
@@ -69,6 +71,10 @@ class FileSubmission(db.Model):
     )
     processed_at: datetime.datetime = db.Column(db.DateTime())
 
+    # S3 Storage Metadata (for file resubmission)
+    s3_key: str = db.Column(db.String(), nullable=True)
+    s3_expires_at: datetime.datetime = db.Column(db.DateTime(), nullable=True)
+
     def __init__(
         self,
         file_name: str,
@@ -80,7 +86,8 @@ def __init__(
         submitted_by_user_id: int,
         submitted_description: str,
         submitted_at: datetime.datetime,
-
+        s3_key: str = None,
+        s3_expires_at: datetime.datetime = None,
     ):
         self.file_id = get_request_id(strelka_response[0]) # submitted_file
         self.file_name = file_name
@@ -107,6 +114,10 @@ def __init__(
         self.hashes = get_hashes(strelka_response[0])
         self.insights = get_all_insights(strelka_response)
         self.iocs = get_all_iocs(strelka_response)
+        
+        # S3 Storage fields
+        self.s3_key = s3_key
+        self.s3_expires_at = s3_expires_at
 
 
     def __repr__(self):