Current File : //opt/imunify360/venv/lib64/python3.11/site-packages/imav/malwarelib/rpc/schema/malicious.yaml
malware malicious list:
  return_type: MaliciousListAgentResponse
  help: Show the list of malicious files
  type: dict
  cli:
    users:
      - root
  schema:
    since:
      type: integer
      coerce: int
      default: 0
      help: Show files found after this unix timestamp.
    to:
      type: integer
      coerce: int
      default_setter: now
      help: Show files found before this unix timestamp.
    limit:
      type: integer
      coerce: int
      default: 50
      help: Page size
    offset:
      type: integer
      coerce: int
      default: 0
      help: Page offset
    search:
      type: string
      nullable: true
      help: |
        Search by file path and owner username.
    by_scan_id:
      type: string
      nullable: true
      help: |
        Search by scan id.
        Can be obtained via `malware on-demand list` or `malware on-demand list-user`.
    user:
      type: string
      nullable: true
      help: |
        Admins can filter results by user.
        Users can only see their own files.
    by_status:
      type: list
      schema:
        type: string
      nullable: true
      help: |
        Filter by status.
        Possible values: `found`, `cleanup_pending`, `cleanup_started`, `cleanup_done`, `cleanup_removed`, `cleanup_requires_myimunify_protection`, `cleanup_restore_pending`, `cleanup_restore_started`, `restore_from_backup_started`, `restored_from_backup`.
    ids:
      type: list
      schema:
        type: integer
        coerce: int
      nullable: true
      help: |
        List specific files by ID.
        IDs be obtained via `malware malicious list`.
        Conflicts with other filters and `order_by`.
    order_by:
      type: list
      schema:
        type: order_by
        coerce: order_by
      nullable: true
      help: |
        List of fields to order by, each followed by a `+` (ascending) or `-` (descending).
        E.g. `["status+","scanid.started-"]` would order by `status` ascending and `scanid.started` descending.

malware malicious remove-from-list:
  type: dict
  cli:
    users:
      - root
  schema:
    ids:
      type: list
      schema:
        type: integer
        coerce: int
      required: true
      positional: true
      help: |
        List of file IDs to remove.
        IDs be obtained via `malware malicious list`.
    items:
      rename: ids
      help: DEPRECATED
    user:
      type: string
      nullable: true
      help: (internal)
  help: Remove entries from the list of malicious files without removing the files

malware malicious move-to-ignore:
  help: Move files to ignore list
  type: dict
  # why not SucceededFailedAgentResponse
  return_type: NumberAgentResponse
  cli:
    users:
      - root
  schema:
    ids:
      type: list
      schema:
        type: integer
        coerce: int
      required: true
      positional: true
      help: |
        List of file IDs to move.
        IDs be obtained via `malware malicious list`.
    items:
      rename: ids
      help: DEPRECATED
    user:
      type: string
      nullable: true
      help: (internal)

# 2 more actions, request and response formats are the same as in others above

# initiate cleanup of selected files
# it would be nice to wait until cleanup is done here, and only then return the response
# user won't send more then 100 files from UI at once anyway
malware malicious cleanup:
  help: Cleanup malicious files
  type: dict
  return_type: NullAgentResponse
  cli:
    users:
      - root
  schema:
    ids:
      type: list
      schema:
        type: integer
        coerce: int
      required: true
      positional: true
      help: |
        List of file IDs to cleanup.
        IDs be obtained via `malware malicious list`.
    items:
      rename: ids
      help: DEPRECATED
    user:
      type: string
      nullable: true
      help: (internal)
    standard_only:
      type: boolean
      help: (internal)

# restore original copy that was created before cleanup attempt
malware malicious restore-original:
  help: Restore the original copy that was created before a cleanup attempt
  type: dict
  return_type: SucceededFailedAgentResponse
  cli:
    users:
      - root
  schema:
    ids:
      type: list
      schema:
        type: integer
        coerce: int
      required: true
      positional: true
      help: |
        List of file IDs to restore.
        IDs be obtained via `malware malicious list`.
    items:
      rename: ids
      help: DEPRECATED
    user:
      type: string
      nullable: true
      help: (internal)

# does not accept any params, initiates cleanup of all files
# no need to wait until cleanup is done
# return response as soon as the status of files in `malware malicious list` is changed to `cleanup_in_progress`
malware malicious cleanup-all:
  help: Cleanup all malicious files
  type: dict
  return_type: NullAgentResponse
  cli:
    users:
      - root
  schema:
    user:
      type: string
      nullable: true
      help: (internal)
    standard_only:
      type: boolean
      help: (internal)

malware cleanup status:
  help: Show the status of running cleanup
  type: dict
  cli:
    users:
      - root

malware user cleanup:
  help: Cleanup all files of a specific user
  type: dict
  return_type: NullAgentResponse
  cli:
    users:
      - root
  schema:
    user:
      type: list
      schema:
        type: string
      required: true
      positional: true
      help: |
        Admins can cleanup files of any user.
        Users can only cleanup their own files.
    standard_only:
      type: boolean
      help: (internal)

malware user restore-original:
  help: Restore the original (infected) copy of all cleaned files of a specific user
  type: dict
  return_type: SucceededFailedAgentResponse
  # why? ui do not use it
  cli:
    users:
      - root
  schema:
    user:
      type: list
      schema:
        type: string
      required: true
      positional: true
      help: |
        Admins can restore files of any user.
        Users can only restore their own files.