#110 Fix Responder configuration. Use specific global config for resp…

…onders and analyzers
TheHive-Project · Jul 10, 2018 · bbb9efa · bbb9efa
1 parent bc6fa2e
commit bbb9efa
Show file tree

Hide file tree

Showing 5 changed files with 20 additions and 18 deletions.
diff --git a/app/org/thp/cortex/controllers/ResponderConfigCtrl.scala b/app/org/thp/cortex/controllers/ResponderConfigCtrl.scala
@@ -7,14 +7,14 @@ import play.api.mvc.{ AbstractController, Action, AnyContent, ControllerComponen
 
 import javax.inject.{ Inject, Singleton }
 import org.thp.cortex.models.{ BaseConfig, Roles }
-import org.thp.cortex.services.{ AnalyzerConfigSrv, UserSrv }
+import org.thp.cortex.services.{ ResponderConfigSrv, UserSrv }
 
 import org.elastic4play.BadRequestError
 import org.elastic4play.controllers.{ Authenticated, Fields, FieldsBodyParser, Renderer }
 
 @Singleton
 class ResponderConfigCtrl @Inject() (
-    analyzerConfigSrv: AnalyzerConfigSrv,
+    responderConfigSrv: ResponderConfigSrv,
     userSrv: UserSrv,
     authenticated: Authenticated,
     fieldsBodyParser: FieldsBodyParser,
@@ -23,12 +23,12 @@ class ResponderConfigCtrl @Inject() (
     implicit val ec: ExecutionContext) extends AbstractController(components) {
 
   def get(analyzerConfigName: String): Action[AnyContent] = authenticated(Roles.orgAdmin).async { request ⇒
-    analyzerConfigSrv.getForUser(request.userId, analyzerConfigName)
+    responderConfigSrv.getForUser(request.userId, analyzerConfigName)
       .map(renderer.toOutput(OK, _))
   }
 
   def list(): Action[AnyContent] = authenticated(Roles.orgAdmin).async { request ⇒
-    analyzerConfigSrv.listConfigForUser(request.userId)
+    responderConfigSrv.listConfigForUser(request.userId)
       .map { bc ⇒
         renderer.toOutput(OK, bc.sortWith {
           case (BaseConfig("global", _, _, _), _)               ⇒ true
@@ -40,7 +40,7 @@ class ResponderConfigCtrl @Inject() (
 
   def update(analyzerConfigName: String): Action[Fields] = authenticated(Roles.orgAdmin).async(fieldsBodyParser) { implicit request ⇒
     request.body.getValue("config").flatMap(_.asOpt[JsObject]) match {
-      case Some(config) ⇒ analyzerConfigSrv.updateOrCreate(request.userId, analyzerConfigName, config)
+      case Some(config) ⇒ responderConfigSrv.updateOrCreate(request.userId, analyzerConfigName, config)
         .map(renderer.toOutput(OK, _))
       case None ⇒ Future.failed(BadRequestError("attribute config has invalid format"))
     }

diff --git a/app/org/thp/cortex/models/BaseConfig.scala b/app/org/thp/cortex/models/BaseConfig.scala
@@ -15,11 +15,17 @@ object BaseConfig {
       "configurationItems" -> baseConfig.items,
       "config" -> baseConfig.config.fold(JsObject.empty)(_.jsonConfig))
   }
-  val global = BaseConfig("global", Nil, Seq(
-    ConfigurationDefinitionItem("proxy_http", "url of http proxy", WorkerConfigItemType.string, multi = false, required = false, None),
-    ConfigurationDefinitionItem("proxy_https", "url of https proxy", WorkerConfigItemType.string, multi = false, required = false, None),
-    ConfigurationDefinitionItem("auto_extract_artifacts", "extract artifacts from full report automatically", WorkerConfigItemType.boolean, multi = false, required = false, Some(JsFalse))),
-    None)
+  def global(tpe: WorkerType.Type) = {
+    val typedItems = tpe match {
+      case WorkerType.responder ⇒ Nil
+      case WorkerType.analyzer ⇒ Seq(
+        ConfigurationDefinitionItem("auto_extract_artifacts", "extract artifacts from full report automatically", WorkerConfigItemType.boolean, multi = false, required = false, Some(JsFalse)))
+    }
+    BaseConfig("global", Nil, typedItems ++ Seq(
+      ConfigurationDefinitionItem("proxy_http", "url of http proxy", WorkerConfigItemType.string, multi = false, required = false, None),
+      ConfigurationDefinitionItem("proxy_https", "url of https proxy", WorkerConfigItemType.string, multi = false, required = false, None)),
+      None)
+  }
   val tlp = BaseConfig("tlp", Nil, Seq(
     ConfigurationDefinitionItem("check_tlp", "", WorkerConfigItemType.boolean, multi = false, required = false, None),
     ConfigurationDefinitionItem("max_tlp", "", WorkerConfigItemType.number, multi = false, required = false, None)),

diff --git a/app/org/thp/cortex/services/JobSrv.scala b/app/org/thp/cortex/services/JobSrv.scala
@@ -422,7 +422,7 @@ class JobSrv(
             "data" -> job.data().get)
       }
       .map { artifact ⇒
-        (BaseConfig.global.items ++ BaseConfig.tlp.items ++ BaseConfig.pap.items ++ workerDefinition.configurationItems)
+        (BaseConfig.global(worker.tpe()).items ++ BaseConfig.tlp.items ++ BaseConfig.pap.items ++ workerDefinition.configurationItems)
           .validatedBy(_.read(worker.config))
           .map(cfg ⇒ Json.obj("config" -> JsObject(cfg).deepMerge(workerDefinition.configuration)))
           .map { cfg ⇒

diff --git a/app/org/thp/cortex/services/WorkerConfigSrv.scala b/app/org/thp/cortex/services/WorkerConfigSrv.scala
@@ -34,17 +34,13 @@ trait WorkerConfigSrv {
       .filter(_.baseConfiguration.isDefined)
       .map(d ⇒ d.copy(configurationItems = d.configurationItems.map(_.copy(required = false))))
       .groupBy(200, _.baseConfiguration.get) // TODO replace groupBy by fold to prevent "too many streams" error
-      .map(d ⇒ BaseConfig(d.baseConfiguration.get, Seq(d.name), d.configurationItems, None))
+      .map(d ⇒ BaseConfig.global(d.tpe) + BaseConfig(d.baseConfiguration.get, Seq(d.name), d.configurationItems, None))
       .reduce(_ + _)
       .filterNot(_.items.isEmpty)
       .mergeSubstreams
       .mapMaterializedValue(_ ⇒ NotUsed)
       .runWith(Sink.seq)
-      .map { baseConfigs ⇒
-        (BaseConfig.global +: baseConfigs)
-          .map(c ⇒ c.name -> c)
-          .toMap
-      }
+      .map(_.map(c ⇒ c.name -> c).toMap)
   }
 
   def getForUser(userId: String, configName: String): Future[BaseConfig] = {

diff --git a/app/org/thp/cortex/services/WorkerSrv.scala b/app/org/thp/cortex/services/WorkerSrv.scala
@@ -195,7 +195,7 @@ class WorkerSrv(
 
   def create(organization: Organization, workerDefinition: WorkerDefinition, workerFields: Fields)(implicit authContext: AuthContext): Future[Worker] = {
     val rawConfig = workerFields.getValue("configuration").fold(JsObject.empty)(_.as[JsObject])
-    val configItems = workerDefinition.configurationItems ++ BaseConfig.global.items ++ BaseConfig.tlp.items ++ BaseConfig.pap.items
+    val configItems = workerDefinition.configurationItems ++ BaseConfig.global(workerDefinition.tpe).items ++ BaseConfig.tlp.items ++ BaseConfig.pap.items
     val configOrErrors = configItems
       .validatedBy(_.read(rawConfig))
       .map(JsObject.apply)