Added api calls for case log messages and resource listing of cases, …

…tasks and case logs
Explie · Aug 25, 2020 · fdaae3e · fdaae3e
1 parent cf775dc
commit fdaae3e
Show file tree

Hide file tree

Showing 4 changed files with 85 additions and 12 deletions.
diff --git a/thehive/app/org/thp/thehive/controllers/v1/CaseCtrl.scala b/thehive/app/org/thp/thehive/controllers/v1/CaseCtrl.scala
@@ -131,4 +131,15 @@ class CaseCtrl @Inject() (
             Results.Ok(mergedCase.toJson)
           }
       }
+
+  def list: Action[AnyContent] =
+    entrypoint("list cases")
+      .authRoTransaction(db) { implicit request => implicit graph =>
+        val cases = caseSrv
+          .initSteps
+          .visible
+          .richCase
+          .toList
+        Success(Results.Ok(cases.toJson))
+      }
 }
diff --git a/thehive/app/org/thp/thehive/controllers/v1/LogCtrl.scala b/thehive/app/org/thp/thehive/controllers/v1/LogCtrl.scala
@@ -10,9 +10,11 @@ import org.thp.thehive.controllers.v1.Conversion._
 import org.thp.thehive.dto.v1.InputLog
 import org.thp.thehive.models.{Permissions, RichLog}
 import org.thp.thehive.services.{LogSrv, LogSteps, OrganisationSrv, TaskSrv}
-import play.api.Logger
 import play.api.libs.json.JsObject
+import play.api.Logger
 import play.api.mvc.{Action, AnyContent, Results}
+import scala.util.Success
+
 @Singleton
 class LogCtrl @Inject() (
     entrypoint: Entrypoint,
@@ -81,4 +83,39 @@ class LogCtrl @Inject() (
           _   <- logSrv.cascadeRemove(log)
         } yield Results.NoContent
       }
+
+  def get(logId: String): Action[AnyContent] =
+    entrypoint("get log")
+      .authRoTransaction(db) { implicit request =>
+        implicit graph =>
+          logSrv
+            .getByIds(logId)
+            .visible
+            .richLog
+            .getOrFail()
+            .map(log => Results.Ok(log.toJson))
+      }
+
+  def list: Action[AnyContent] =
+    entrypoint("list logs")
+      .authRoTransaction(db) { implicit request => implicit graph =>
+        val logs = logSrv
+          .initSteps
+          .visible
+          .richLog
+          .toList
+        Success(Results.Ok(logs.toJson))
+      }
+
+  def list(taskId: String): Action[AnyContent] =
+    entrypoint("list logs for specific task")
+      .authRoTransaction(db) { implicit request => implicit graph =>
+        val logs = taskSrv
+          .getByIds(taskId)
+          .visible
+          .logs
+          .richLog
+          .toList
+        Success(Results.Ok(logs.toJson))
+      }
 }
diff --git a/thehive/app/org/thp/thehive/controllers/v1/Router.scala b/thehive/app/org/thp/thehive/controllers/v1/Router.scala
@@ -12,6 +12,7 @@ class Router @Inject() (
     userCtrl: UserCtrl,
     organisationCtrl: OrganisationCtrl,
     taskCtrl: TaskCtrl,
+    logCtrl: LogCtrl,
     customFieldCtrl: CustomFieldCtrl,
     alertCtrl: AlertCtrl,
     auditCtrl: AuditCtrl,
@@ -31,6 +32,7 @@ class Router @Inject() (
     case POST(p"/auth/totp/unset")       => authenticationCtrl.totpUnsetSecret(None)
     case POST(p"/auth/totp/unset/$user") => authenticationCtrl.totpUnsetSecret(Some(user))
 
+    case GET(p"/case")                  => caseCtrl.list
     case POST(p"/case")                 => caseCtrl.create
     case GET(p"/case/$caseId")          => caseCtrl.get(caseId)
     case PATCH(p"/case/$caseId")        => caseCtrl.update(caseId)
@@ -69,13 +71,21 @@ class Router @Inject() (
 //    case GET(p"/share/$shareId")   ⇒ shareCtrl.get(shareId)
 //    case PATCH(p"/share/$shareId") ⇒ shareCtrl.update(shareId)
 
-    case GET(p"/task")           => taskCtrl.list
-    case POST(p"/task")          => taskCtrl.create
-    case GET(p"/task/$taskId")   => taskCtrl.get(taskId)
-    case PATCH(p"/task/$taskId") => taskCtrl.update(taskId)
+    case GET(p"/task")                        => taskCtrl.list
+    case POST(p"/task")                       => taskCtrl.create
+    case GET(p"/case/$caseId/task")           => taskCtrl.list(caseId)
+    case GET(p"/task/$taskId")                => taskCtrl.get(taskId)
+    case PATCH(p"/task/$taskId")              => taskCtrl.update(taskId)
     // POST     /case/:caseId/task/_search           controllers.TaskCtrl.findInCase(caseId)
     // POST     /case/task/_stats                    controllers.TaskCtrl.stats()
 
+    case GET(p"/task/$taskId/log")          => logCtrl.list(taskId)
+    case GET(p"/log/$logId")                => logCtrl.get(logId)
+    case GET(p"/log")                       => logCtrl.list
+    case POST(p"/task/$taskId/log")         => logCtrl.create(taskId)
+    case PATCH(p"/log/$logId")              => logCtrl.update(logId)
+    case DELETE(p"/log/$logId")             => logCtrl.delete(logId)
+
     case GET(p"/customField")  => customFieldCtrl.list
     case POST(p"/customField") => customFieldCtrl.create
 

diff --git a/thehive/app/org/thp/thehive/controllers/v1/TaskCtrl.scala b/thehive/app/org/thp/thehive/controllers/v1/TaskCtrl.scala
@@ -11,6 +11,7 @@ import org.thp.thehive.dto.v1.InputTask
 import org.thp.thehive.models.{Permissions, RichTask, TaskStatus}
 import org.thp.thehive.services.{CaseSrv, CaseSteps, LogSteps, OrganisationSrv, OrganisationSteps, ShareSrv, TaskSrv, TaskSteps, UserSteps}
 import play.api.libs.json.JsObject
+import play.api.Logger
 import play.api.mvc.{Action, AnyContent, Results}
 
 import scala.util.Success
@@ -27,6 +28,7 @@ class TaskCtrl @Inject() (
 ) extends QueryableCtrl
     with TaskRenderer {
 
+  lazy val logger: Logger                                   = Logger(getClass)
   override val entityName: String                           = "task"
   override val publicProperties: List[PublicProperty[_, _]] = properties.task ::: metaProperties[TaskSteps]
   override val initialQuery: Query =
@@ -73,13 +75,14 @@ class TaskCtrl @Inject() (
 
   def get(taskId: String): Action[AnyContent] =
     entrypoint("get task")
-      .authRoTransaction(db) { implicit request => implicit graph =>
-        taskSrv
-          .getByIds(taskId)
-          .visible
-          .richTask
-          .getOrFail("Task")
-          .map(task => Results.Ok(task.toJson))
+      .authRoTransaction(db) { implicit request =>
+        implicit graph =>
+          taskSrv
+            .getByIds(taskId)
+            .visible
+            .richTask
+            .getOrFail("Task")
+            .map(task => Results.Ok(task.toJson))
       }
 
   def list: Action[AnyContent] =
@@ -93,6 +96,18 @@ class TaskCtrl @Inject() (
         Success(Results.Ok(tasks.toJson))
       }
 
+  def list(caseId: String): Action[AnyContent] =
+    entrypoint("list task for specific case")
+      .authRoTransaction(db) { implicit request => implicit graph =>
+        val tasks = caseSrv
+          .get(caseId)
+          .visible
+          .tasks
+          .richTask
+          .toList
+        Success(Results.Ok(tasks.toJson))
+      }
+
   def update(taskId: String): Action[AnyContent] =
     entrypoint("update task")
       .extract("task", FieldsParser.update("task", properties.task))