Merge branch 'release/2.1.3'

.drone.yml

@@ -0,0 +1,192 @@
+---
+kind: pipeline
+name: default
+
+# Disable default clone
+clone:
+  disable: true
+
+steps:
+  # This clone step doesn't use "root" user
+  - name: clone
+    image: plugins/git:next
+
+  # Restore cache of downloaded dependencies
+  - name: restore cache
+    image: drillster/drone-volume-cache
+    settings:
+      restore: true
+      mount:
+        - .sbt
+        - .ivy2
+        - www/node_modules
+    volumes: [{name: cache, path: /cache}]
+
+  # Run project tests
+  - name: run tests and build stage
+    image: thehiveproject/drone-scala-node
+    commands:
+      - . ~/.nvm/nvm.sh
+      - sbt -Duser.home=$PWD test stage
+
+  # Build packages
+  - name: build packages
+    image: thehiveproject/drone-scala-node
+    settings:
+      pgp_key: {from_secret: pgp_key}
+    commands:
+      - |
+        . ~/.nvm/nvm.sh
+        [ -n "$PLUGIN_PGP_KEY" ] && gpg --batch --import - <<< $PLUGIN_PGP_KEY
+        sbt -Duser.home=$PWD docker:stage debian:packageBin rpm:packageBin universal:packageBin
+    when:
+      event: [tag]
+
+  # Save external libraries in cache
+  - name: save cache
+    image: drillster/drone-volume-cache
+    settings:
+      rebuild: true
+      mount:
+        - .sbt
+        - .ivy2
+        - www/node_modules
+    volumes: [{name: cache, path: /cache}]
+
+  - name: publish packages
+    image: thehiveproject/drone-bintray
+    settings:
+      user: {from_secret: bintray_user}
+      key: {from_secret: bintray_key}
+      subject: thehive-project
+      package: cortex
+    commands:
+      - |
+        export PLUGIN_USER
+        export PLUGIN_KEY
+        export PLUGIN_SUBJECT
+        export PLUGIN_PACKAGE
+        export PLUGIN_VERSION=$(cut -d\" -f2 version.sbt)
+        echo "Publishing package version $PLUGIN_VERSION"
+
+        if echo $PLUGIN_VERSION | grep -qvi -E \
+            -e '^[0-9]+\.[0-9]+\.[0-9]+$' \
+            -e '^[0-9]+\.[0-9]+\.[0-9]+-[0-9]+$' \
+            -e '^[0-9]+\.[0-9]+\.[0-9]+-RC[0-9]+$'; then
+          echo The version $PLUGIN_VERSION has invalid format
+          exit 1
+        fi
+
+        CHANNEL=stable
+        echo $PLUGIN_VERSION | grep -qi rc && CHANNEL=beta
+
+        DEB_FILE=target/cortex_$${PLUGIN_VERSION}_all.deb
+        RPM_FILE=target/rpm/RPMS/noarch/cortex-$${PLUGIN_VERSION}.noarch.rpm
+        ZIP_FILE=target/universal/cortex-$${PLUGIN_VERSION}.zip
+
+        upload \
+          --file $DEB_FILE \
+          --repo debian-beta \
+          --extra-param deb_distribution=any \
+          --extra-param deb_component=main \
+          --extra-param deb_architecture=all
+
+        [ $CHANNEL = stable ] && upload \
+          --file $DEB_FILE \
+          --repo debian-stable \
+          --extra-param deb_distribution=any \
+          --extra-param deb_component=main \
+          --extra-param deb_architecture=all
+
+        upload \
+          --file $RPM_FILE \
+          --repo rpm-beta
+
+        [ $CHANNEL = stable ] && upload \
+          --file $RPM_FILE \
+          --repo rpm-stable
+
+        upload \
+          --file $ZIP_FILE \
+          --repo binary
+
+        LATEST_VERSION=latest
+        [ $CHANNEL = beta ] && LATEST_VERSION=latest-beta
+
+        removeVersion \
+          --repo binary \
+          --version $LATEST_VERSION
+
+        upload \
+          --file $ZIP_FILE \
+          --repo binary \
+          --version $LATEST_VERSION \
+          --dest-file cortex-$${LATEST_VERSION}.zip
+    when:
+      event: [tag]
+
+  # Publish docker image
+  - name: docker
+    image: plugins/docker
+    settings:
+      context: target/docker/stage
+      dockerfile: target/docker/stage/Dockerfile
+      repo: thehiveproject/cortex
+      auto_tag: true
+      username: {from_secret: docker_username}
+      password: {from_secret: docker_password}
+    when:
+      event: [tag]
+
+  # Deploy binaries in integration environment
+  - name: copy binaries in integration environment
+    image: appleboy/drone-scp
+    settings:
+      host: {from_secret: deploy_beta_host}
+      username: {from_secret: deploy_username}
+      key: {from_secret: deploy_key}
+      target: ./cortex-builds/${DRONE_BUILD_NUMBER}
+      source: target/universal/stage
+      strip_components: 3
+    when:
+      branch: [develop]
+
+  - name: deploy binaries in integration environment
+    image: appleboy/drone-ssh
+    settings:
+      host: {from_secret: deploy_beta_host}
+      username: {from_secret: deploy_username}
+      key: {from_secret: deploy_key}
+      script:
+        - ./start cortex ${DRONE_BUILD_NUMBER}
+    when:
+      branch: [develop]
+
+  # Deploy binaries in staging environment
+  - name: copy binaries in staging environment
+    image: appleboy/drone-scp
+    settings:
+      host: {from_secret: deploy_stable_host}
+      username: {from_secret: deploy_username}
+      key: {from_secret: deploy_key}
+      target: ./cortex-builds/${DRONE_BUILD_NUMBER}
+      source: target/universal/stage
+      strip_components: 3
+    when:
+      branch: [master]
+
+  - name: deploy binaries in staging environment
+    image: appleboy/drone-ssh
+    settings:
+      host: {from_secret: deploy_stable_host}
+      username: {from_secret: deploy_username}
+      key: {from_secret: deploy_key}
+      script:
+        - ./start cortex ${DRONE_BUILD_NUMBER}
+    when:
+      branch: [master]
+
+volumes:
+  - name: cache
+    host:
+      path: /opt/drone/cache

CHANGELOG.md

@@ -1,11 +1,32 @@
 # Change Log
 
-## [2.1.2](https://github.com/TheHive-Project/Cortex/tree/2.1.2) (2018-10-12)
-[Full Changelog](https://github.com/TheHive-Project/Cortex/compare/2.1.1...HEAD)
+## [2.1.3](https://github.com/TheHive-Project/Cortex/tree/2.1.3)
+
+[Full Changelog](https://github.com/TheHive-Project/Cortex/compare/2.1.2...2.1.3)
+
+**Implemented enhancements:**
+
+- Add configuration for drone continuous integration [\#156](https://github.com/TheHive-Project/Cortex/issues/156)
+- Add PAP property to jobs list [\#146](https://github.com/TheHive-Project/Cortex/issues/146)
 
 **Fixed bugs:**
 
+- Wrong checks of role when an user is created [\#158](https://github.com/TheHive-Project/Cortex/issues/158)
+- Unable to disable invalid responders [\#157](https://github.com/TheHive-Project/Cortex/issues/157)
+- PAP field is ignored from job modal [\#152](https://github.com/TheHive-Project/Cortex/issues/152)
+- SinkDB analyzer could not find DIG in the Cortex docker image [\#147](https://github.com/TheHive-Project/Cortex/issues/147)
 - GUI Search Function is broken [\#145](https://github.com/TheHive-Project/Cortex/issues/145)
+
+**Closed issues:**
+
+- Systemd: cortex.service: Failed with result 'exit-code'.  [\#155](https://github.com/TheHive-Project/Cortex/issues/155)
+- conf/logback.xml: Rotate logs [\#62](https://github.com/TheHive-Project/Cortex/issues/62)
+
+## [2.1.2](https://github.com/TheHive-Project/Cortex/tree/2.1.2) (2018-10-12)
+[Full Changelog](https://github.com/TheHive-Project/Cortex/compare/2.1.1...2.1.2)
+
+**Fixed bugs:**
+
 - findSimilarJob function broken [\#144](https://github.com/TheHive-Project/Cortex/issues/144)
 
 ## [2.1.1](https://github.com/TheHive-Project/Cortex/tree/2.1.1) (2018-10-09)

app/org/thp/cortex/controllers/UserCtrl.scala

@@ -42,7 +42,7 @@ class UserCtrl @Inject() (
       if organization.status() == OrganizationStatus.Active &&
         (request.roles.contains(Roles.superAdmin) ||
           (userOrganizationId == organizationId &&
-            !request.body.getStrings("roles").getOrElse(Nil).contains(Roles.superAdmin.toString)))
+            !request.body.getStrings("roles").getOrElse(Nil).contains(Roles.superAdmin.name)))
       user ← userSrv.create(request.body.set("organization", organizationId))
     } yield renderer.toOutput(CREATED, user))
       .recoverWith {

debian.sbt

@@ -1,6 +1,15 @@
-import Common._
+import Common.{stableVersion, betaVersion, snapshotVersion}
 
-version in Debian := getVersion(version.value) + '-' + getRelease(version.value)
+linuxPackageMappings in Debian += packageMapping(file("LICENSE") -> "/usr/share/doc/cortex/copyright").withPerms("644")
+version in Debian := {
+  version.value match {
+    case stableVersion(_, _) => version.value
+    case betaVersion(v1, v2) => v1 + "-0.1RC" + v2
+    case snapshotVersion(_, _) => version.value + "-SNAPSHOT"
+    case _ => sys.error("Invalid version: " + version.value)
+  }
+}
+debianPackageRecommends := Seq("elasticsearch")
 debianPackageDependencies += "java8-runtime | java8-runtime-headless"
 maintainerScripts in Debian := maintainerScriptsFromDirectory(
   baseDirectory.value / "package" / "debian",

docker.sbt

@@ -1,20 +1,26 @@
-import Common._
-import com.typesafe.sbt.packager.docker.{ Cmd, ExecCmd }
+import Common.{betaVersion, snapshotVersion, stableVersion}
+import com.typesafe.sbt.packager.docker.{Cmd, ExecCmd}
 
-version in Docker := getVersion(version.value) + '-' + getRelease(version.value)
+version in Docker := {
+  version.value match {
+    case stableVersion(_, _) => version.value
+    case betaVersion(v1, v2) => v1 + "-0.1RC" + v2
+    case snapshotVersion(_, _) => version.value + "-SNAPSHOT"
+    case _ => sys.error("Invalid version: " + version.value)
+  }
+}
 defaultLinuxInstallLocation in Docker := "/opt/cortex"
 dockerRepository := Some("thehiveproject")
-dockerUpdateLatest := true
+dockerUpdateLatest := !version.value.toUpperCase.contains("RC")
 dockerEntrypoint := Seq("/opt/cortex/entrypoint")
-dockerExposedPorts := Seq(9001)
+dockerExposedPorts := Seq(9000)
 mappings in Docker ++= Seq(
   file("package/docker/entrypoint") -> "/opt/cortex/entrypoint",
-  file("conf/logback.xml") -> "/etc/cortex/logback.xml",
+  file("package/logback.xml") -> "/etc/cortex/logback.xml",
   file("package/empty") -> "/var/log/cortex/application.log")
 mappings in Docker ~= (_.filterNot {
   case (_, filepath) => filepath == "/opt/cortex/conf/application.conf"
 })
-
 dockerCommands ~= { dc =>
   val (dockerInitCmds, dockerTailCmds) = dc
     .collect {
@@ -27,7 +33,7 @@ dockerCommands ~= { dc =>
       Cmd("USER", "root"),
       ExecCmd("RUN", "bash", "-c",
         "apt-get update && " +
-          "apt-get install -y --no-install-recommends python-pip python2.7-dev python3-pip python3-dev ssdeep libfuzzy-dev libfuzzy2 libimage-exiftool-perl libmagic1 build-essential git libssl-dev && " +
+          "apt-get install -y --no-install-recommends python-pip python2.7-dev python3-pip python3-dev ssdeep libfuzzy-dev libfuzzy2 libimage-exiftool-perl libmagic1 build-essential git libssl-dev dnsutils && " +
           "pip2 install -U pip setuptools && " +
           "pip3 install -U pip setuptools && " +
           "hash -r && " +

package/logback.xml

@@ -1,39 +1,47 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <configuration debug="false">
 
-	<conversionRule conversionWord="coloredLevel"
-		converterClass="play.api.libs.logback.ColoredLevel" />
-
-	<appender name="FILE" class="ch.qos.logback.core.FileAppender">
-		<file>/var/log/cortex/application.log</file>
-		<encoder>
-			<pattern>%date [%level] from %logger in %thread - %message%n%xException</pattern>
-		</encoder>
-	</appender>
-
-	<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
-		<encoder>
-			<pattern>%coloredLevel %logger{15} - %message%n%xException{10}
-			</pattern>
-		</encoder>
-	</appender>
-
-	<appender name="ASYNCFILE" class="ch.qos.logback.classic.AsyncAppender">
-		<appender-ref ref="FILE" />
-	</appender>
-
-	<appender name="ASYNCSTDOUT" class="ch.qos.logback.classic.AsyncAppender">
-		<appender-ref ref="STDOUT" />
-	</appender>
-
-	<logger name="play" level="INFO" />
-	<logger name="application" level="INFO" />
-
-	<logger name="com.gargoylesoftware.htmlunit.javascript" level="OFF" />
-
-	<root level="INFO">
-		<appender-ref ref="ASYNCFILE" />
-		<appender-ref ref="ASYNCSTDOUT" />
-	</root>
+    <conversionRule conversionWord="coloredLevel"
+                    converterClass="play.api.libs.logback.ColoredLevel"/>
+
+    <appender name="FILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
+        <file>/var/log/cortex/application.log</file>
+        <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+            <fileNamePattern>/var/log/cortex/application.%i.log.zip</fileNamePattern>
+            <minIndex>1</minIndex>
+            <maxIndex>10</maxIndex>
+        </rollingPolicy>
+        <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+            <maxFileSize>10MB</maxFileSize>
+        </triggeringPolicy>
+        <encoder>
+            <pattern>%date [%level] from %logger in %thread - %message%n%xException</pattern>
+        </encoder>
+    </appender>
+
+    <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+        <encoder>
+            <pattern>%coloredLevel %logger{15} - %message%n%xException{10}
+            </pattern>
+        </encoder>
+    </appender>
+
+    <appender name="ASYNCFILE" class="ch.qos.logback.classic.AsyncAppender">
+        <appender-ref ref="FILE"/>
+    </appender>
+
+    <appender name="ASYNCSTDOUT" class="ch.qos.logback.classic.AsyncAppender">
+        <appender-ref ref="STDOUT"/>
+    </appender>
+
+    <logger name="play" level="INFO"/>
+    <logger name="application" level="INFO"/>
+
+    <logger name="com.gargoylesoftware.htmlunit.javascript" level="OFF"/>
+
+    <root level="INFO">
+        <appender-ref ref="ASYNCFILE"/>
+        <appender-ref ref="ASYNCSTDOUT"/>
+    </root>
 
 </configuration>