From 2e95fcd3b8d7315da1a9368963154f21b7d2acad Mon Sep 17 00:00:00 2001 From: Steve Garon Date: Wed, 21 Jul 2021 12:58:42 +0000 Subject: [PATCH 1/2] Use ID instead of alert_id since we're gonna get the documents later --- assemblyline_ui/api/v4/alert.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/assemblyline_ui/api/v4/alert.py b/assemblyline_ui/api/v4/alert.py index 91116c3e..74937a64 100644 --- a/assemblyline_ui/api/v4/alert.py +++ b/assemblyline_ui/api/v4/alert.py @@ -274,10 +274,10 @@ def list_alerts(**kwargs): try: res = STORAGE.alert.search( - query, offset=offset, rows=rows, fl="alert_id", sort="reporting_ts desc", + query, offset=offset, rows=rows, fl="id", sort="reporting_ts desc", access_control=user['access_control'], filters=filters, as_obj=False, use_archive=use_archive, track_total_hits=track_total_hits) - res['items'] = sorted(STORAGE.alert.multiget([v['alert_id'] for v in res['items']], + res['items'] = sorted(STORAGE.alert.multiget([v['id'] for v in res['items']], as_dictionary=False, as_obj=False), key=lambda k: k['reporting_ts'], reverse=True) return make_api_response(res) @@ -355,7 +355,7 @@ def get_dict_item(parent, cur_item): try: res = STORAGE.alert.grouped_search(field, query=query, offset=offset, rows=rows, sort="reporting_ts desc", group_sort="reporting_ts desc", access_control=user['access_control'], - filters=filters, fl=f"alert_id,{field}", as_obj=False, + filters=filters, fl=f"id,{field}", as_obj=False, use_archive=use_archive, track_total_hits=track_total_hits) alert_keys = [] hash_list = [] @@ -366,7 +366,7 @@ def get_dict_item(parent, cur_item): counted_total += item['total'] group_count[item['value']] = item['total'] data = item['items'][0] - alert_keys.append(data['alert_id']) + alert_keys.append(data['id']) if field in ['file.md5', 'file.sha1', 'file.sha256']: hash_list.append(get_dict_item(data, field)) From 9d88967a391854e39c91a743a1088ff1509fa432 Mon Sep 17 00:00:00 2001 From: Steve Garon Date: Wed, 21 Jul 2021 13:04:53 +0000 Subject: [PATCH 2/2] Allow use_archive and track_total_hits to be use in submission listing APIs as well --- assemblyline_ui/api/v4/submission.py | 26 ++++++++++++++++++-------- 1 file changed, 18 insertions(+), 8 deletions(-) diff --git a/assemblyline_ui/api/v4/submission.py b/assemblyline_ui/api/v4/submission.py index 0b00f392..6adb395c 100644 --- a/assemblyline_ui/api/v4/submission.py +++ b/assemblyline_ui/api/v4/submission.py @@ -669,9 +669,11 @@ def list_submissions_for_group(group, **kwargs): None Arguments: - offset => Offset at which we start giving submissions - rows => Numbers of submissions to return - query => Query to filter to the submission list + offset => Offset at which we start giving submissions + rows => Numbers of submissions to return + query => Query to filter to the submission list + use_archive => List submissions from archive as well (Default: False) + track_total_hits => Track the total number of item that match the query (Default: 10 000) Data Block: None @@ -698,6 +700,8 @@ def list_submissions_for_group(group, **kwargs): offset = int(request.args.get('offset', 0)) rows = int(request.args.get('rows', 100)) filters = request.args.get('query', None) or None + track_total_hits = request.args.get('track_total_hits', False) + use_archive = request.args.get('use_archive', 'false').lower() == 'true' if group == "ALL": group_query = "id:*" @@ -706,7 +710,8 @@ def list_submissions_for_group(group, **kwargs): try: return make_api_response(STORAGE.submission.search(group_query, offset=offset, rows=rows, filters=filters, access_control=user['access_control'], - sort='times.submitted desc', as_obj=False)) + sort='times.submitted desc', as_obj=False, + use_archive=use_archive, track_total_hits=track_total_hits)) except SearchException as e: return make_api_response("", f"SearchException: {e}", 400) @@ -721,9 +726,11 @@ def list_submissions_for_user(username, **kwargs): None Arguments: - offset => Offset at which we start giving submissions - rows => Numbers of submissions to return - query => Query to filter the submission list + offset => Offset at which we start giving submissions + rows => Numbers of submissions to return + query => Query to filter the submission list + use_archive => List submissions from archive as well (Default: False) + track_total_hits => Track the total number of item that match the query (Default: 10 000) Data Block: None @@ -750,6 +757,8 @@ def list_submissions_for_user(username, **kwargs): offset = int(request.args.get('offset', 0)) rows = int(request.args.get('rows', 100)) query = request.args.get('query', None) or None + track_total_hits = request.args.get('track_total_hits', False) + use_archive = request.args.get('use_archive', 'false').lower() == 'true' account = STORAGE.user.get(username) if not account: @@ -758,7 +767,8 @@ def list_submissions_for_user(username, **kwargs): try: return make_api_response(STORAGE.submission.search(f"params.submitter:{username}", offset=offset, rows=rows, filters=query, access_control=user['access_control'], - sort='times.submitted desc', as_obj=False)) + sort='times.submitted desc', as_obj=False, + use_archive=use_archive, track_total_hits=track_total_hits)) except SearchException as e: return make_api_response("", f"SearchException: {e}", 400)