From bbb9efaf10b9ef96d058a5b2315116f66221bd4b Mon Sep 17 00:00:00 2001 From: To-om Date: Tue, 10 Jul 2018 11:12:05 +0200 Subject: [PATCH] #110 Fix Responder configuration. Use specific global config for responders and analyzers --- .../cortex/controllers/ResponderConfigCtrl.scala | 10 +++++----- app/org/thp/cortex/models/BaseConfig.scala | 16 +++++++++++----- app/org/thp/cortex/services/JobSrv.scala | 2 +- .../thp/cortex/services/WorkerConfigSrv.scala | 8 ++------ app/org/thp/cortex/services/WorkerSrv.scala | 2 +- 5 files changed, 20 insertions(+), 18 deletions(-) diff --git a/app/org/thp/cortex/controllers/ResponderConfigCtrl.scala b/app/org/thp/cortex/controllers/ResponderConfigCtrl.scala index c53bd4a2c..508661263 100644 --- a/app/org/thp/cortex/controllers/ResponderConfigCtrl.scala +++ b/app/org/thp/cortex/controllers/ResponderConfigCtrl.scala @@ -7,14 +7,14 @@ import play.api.mvc.{ AbstractController, Action, AnyContent, ControllerComponen import javax.inject.{ Inject, Singleton } import org.thp.cortex.models.{ BaseConfig, Roles } -import org.thp.cortex.services.{ AnalyzerConfigSrv, UserSrv } +import org.thp.cortex.services.{ ResponderConfigSrv, UserSrv } import org.elastic4play.BadRequestError import org.elastic4play.controllers.{ Authenticated, Fields, FieldsBodyParser, Renderer } @Singleton class ResponderConfigCtrl @Inject() ( - analyzerConfigSrv: AnalyzerConfigSrv, + responderConfigSrv: ResponderConfigSrv, userSrv: UserSrv, authenticated: Authenticated, fieldsBodyParser: FieldsBodyParser, @@ -23,12 +23,12 @@ class ResponderConfigCtrl @Inject() ( implicit val ec: ExecutionContext) extends AbstractController(components) { def get(analyzerConfigName: String): Action[AnyContent] = authenticated(Roles.orgAdmin).async { request ⇒ - analyzerConfigSrv.getForUser(request.userId, analyzerConfigName) + responderConfigSrv.getForUser(request.userId, analyzerConfigName) .map(renderer.toOutput(OK, _)) } def list(): Action[AnyContent] = authenticated(Roles.orgAdmin).async { request ⇒ - analyzerConfigSrv.listConfigForUser(request.userId) + responderConfigSrv.listConfigForUser(request.userId) .map { bc ⇒ renderer.toOutput(OK, bc.sortWith { case (BaseConfig("global", _, _, _), _) ⇒ true @@ -40,7 +40,7 @@ class ResponderConfigCtrl @Inject() ( def update(analyzerConfigName: String): Action[Fields] = authenticated(Roles.orgAdmin).async(fieldsBodyParser) { implicit request ⇒ request.body.getValue("config").flatMap(_.asOpt[JsObject]) match { - case Some(config) ⇒ analyzerConfigSrv.updateOrCreate(request.userId, analyzerConfigName, config) + case Some(config) ⇒ responderConfigSrv.updateOrCreate(request.userId, analyzerConfigName, config) .map(renderer.toOutput(OK, _)) case None ⇒ Future.failed(BadRequestError("attribute config has invalid format")) } diff --git a/app/org/thp/cortex/models/BaseConfig.scala b/app/org/thp/cortex/models/BaseConfig.scala index 357ce3274..5823633cb 100644 --- a/app/org/thp/cortex/models/BaseConfig.scala +++ b/app/org/thp/cortex/models/BaseConfig.scala @@ -15,11 +15,17 @@ object BaseConfig { "configurationItems" -> baseConfig.items, "config" -> baseConfig.config.fold(JsObject.empty)(_.jsonConfig)) } - val global = BaseConfig("global", Nil, Seq( - ConfigurationDefinitionItem("proxy_http", "url of http proxy", WorkerConfigItemType.string, multi = false, required = false, None), - ConfigurationDefinitionItem("proxy_https", "url of https proxy", WorkerConfigItemType.string, multi = false, required = false, None), - ConfigurationDefinitionItem("auto_extract_artifacts", "extract artifacts from full report automatically", WorkerConfigItemType.boolean, multi = false, required = false, Some(JsFalse))), - None) + def global(tpe: WorkerType.Type) = { + val typedItems = tpe match { + case WorkerType.responder ⇒ Nil + case WorkerType.analyzer ⇒ Seq( + ConfigurationDefinitionItem("auto_extract_artifacts", "extract artifacts from full report automatically", WorkerConfigItemType.boolean, multi = false, required = false, Some(JsFalse))) + } + BaseConfig("global", Nil, typedItems ++ Seq( + ConfigurationDefinitionItem("proxy_http", "url of http proxy", WorkerConfigItemType.string, multi = false, required = false, None), + ConfigurationDefinitionItem("proxy_https", "url of https proxy", WorkerConfigItemType.string, multi = false, required = false, None)), + None) + } val tlp = BaseConfig("tlp", Nil, Seq( ConfigurationDefinitionItem("check_tlp", "", WorkerConfigItemType.boolean, multi = false, required = false, None), ConfigurationDefinitionItem("max_tlp", "", WorkerConfigItemType.number, multi = false, required = false, None)), diff --git a/app/org/thp/cortex/services/JobSrv.scala b/app/org/thp/cortex/services/JobSrv.scala index 9674f3fea..dd630eb95 100644 --- a/app/org/thp/cortex/services/JobSrv.scala +++ b/app/org/thp/cortex/services/JobSrv.scala @@ -422,7 +422,7 @@ class JobSrv( "data" -> job.data().get) } .map { artifact ⇒ - (BaseConfig.global.items ++ BaseConfig.tlp.items ++ BaseConfig.pap.items ++ workerDefinition.configurationItems) + (BaseConfig.global(worker.tpe()).items ++ BaseConfig.tlp.items ++ BaseConfig.pap.items ++ workerDefinition.configurationItems) .validatedBy(_.read(worker.config)) .map(cfg ⇒ Json.obj("config" -> JsObject(cfg).deepMerge(workerDefinition.configuration))) .map { cfg ⇒ diff --git a/app/org/thp/cortex/services/WorkerConfigSrv.scala b/app/org/thp/cortex/services/WorkerConfigSrv.scala index 96ebbcad2..f36ff870b 100644 --- a/app/org/thp/cortex/services/WorkerConfigSrv.scala +++ b/app/org/thp/cortex/services/WorkerConfigSrv.scala @@ -34,17 +34,13 @@ trait WorkerConfigSrv { .filter(_.baseConfiguration.isDefined) .map(d ⇒ d.copy(configurationItems = d.configurationItems.map(_.copy(required = false)))) .groupBy(200, _.baseConfiguration.get) // TODO replace groupBy by fold to prevent "too many streams" error - .map(d ⇒ BaseConfig(d.baseConfiguration.get, Seq(d.name), d.configurationItems, None)) + .map(d ⇒ BaseConfig.global(d.tpe) + BaseConfig(d.baseConfiguration.get, Seq(d.name), d.configurationItems, None)) .reduce(_ + _) .filterNot(_.items.isEmpty) .mergeSubstreams .mapMaterializedValue(_ ⇒ NotUsed) .runWith(Sink.seq) - .map { baseConfigs ⇒ - (BaseConfig.global +: baseConfigs) - .map(c ⇒ c.name -> c) - .toMap - } + .map(_.map(c ⇒ c.name -> c).toMap) } def getForUser(userId: String, configName: String): Future[BaseConfig] = { diff --git a/app/org/thp/cortex/services/WorkerSrv.scala b/app/org/thp/cortex/services/WorkerSrv.scala index 2315ddf4f..16eb42fce 100644 --- a/app/org/thp/cortex/services/WorkerSrv.scala +++ b/app/org/thp/cortex/services/WorkerSrv.scala @@ -195,7 +195,7 @@ class WorkerSrv( def create(organization: Organization, workerDefinition: WorkerDefinition, workerFields: Fields)(implicit authContext: AuthContext): Future[Worker] = { val rawConfig = workerFields.getValue("configuration").fold(JsObject.empty)(_.as[JsObject]) - val configItems = workerDefinition.configurationItems ++ BaseConfig.global.items ++ BaseConfig.tlp.items ++ BaseConfig.pap.items + val configItems = workerDefinition.configurationItems ++ BaseConfig.global(workerDefinition.tpe).items ++ BaseConfig.tlp.items ++ BaseConfig.pap.items val configOrErrors = configItems .validatedBy(_.read(rawConfig)) .map(JsObject.apply)