#65 Add PAP attribute

TheHive-Project · Jun 29, 2018 · d7bc48d · d7bc48d
1 parent d409944
commit d7bc48d
Show file tree

Hide file tree

Showing 6 changed files with 11 additions and 6 deletions.
diff --git a/app/org/thp/cortex/controllers/AnalyzerCtrl.scala b/app/org/thp/cortex/controllers/AnalyzerCtrl.scala
@@ -1,10 +1,9 @@
 package org.thp.cortex.controllers
 
 import javax.inject.{ Inject, Singleton }
-
 import scala.concurrent.{ ExecutionContext, Future }
 
-import play.api.libs.json.{ JsObject, Json }
+import play.api.libs.json.{ JsNumber, JsObject, Json }
 import play.api.mvc.{ AbstractController, Action, AnyContent, ControllerComponents }
 
 import akka.stream.Materializer
@@ -56,6 +55,8 @@ class AnalyzerCtrl @Inject() (
   private def analyzerJson(analyzer: Analyzer, analyzerDefinition: Option[AnalyzerDefinition]) = {
     analyzer.toJson ++ analyzerDefinition.fold(emptyAnalyzerDefinitionJson) { ad ⇒
       Json.obj(
+        "maxTlp" -> (analyzer.config \ "max_tlp").asOpt[JsNumber],
+        "maxPap" -> (analyzer.config \ "max_pap").asOpt[JsNumber],
         "version" -> ad.version,
         "description" -> ad.description,
         "author" -> ad.author,

diff --git a/app/org/thp/cortex/models/AnalyzerDefinition.scala b/app/org/thp/cortex/models/AnalyzerDefinition.scala
@@ -1,6 +1,6 @@
 package org.thp.cortex.models
 
-import java.nio.file.{ Path, Paths }
+import java.nio.file.Path
 
 import scala.util.{ Failure, Success, Try }
 

diff --git a/app/org/thp/cortex/services/AnalyzerConfigSrv.scala b/app/org/thp/cortex/services/AnalyzerConfigSrv.scala
@@ -38,6 +38,10 @@ object BaseConfig {
     ConfigurationDefinitionItem("check_tlp", "", AnalyzerConfigItemType.boolean, multi = false, required = false, None),
     ConfigurationDefinitionItem("max_tlp", "", AnalyzerConfigItemType.number, multi = false, required = false, None)),
     None)
+  val pap = BaseConfig("pap", Nil, Seq(
+    ConfigurationDefinitionItem("check_pap", "", AnalyzerConfigItemType.boolean, multi = false, required = false, None),
+    ConfigurationDefinitionItem("max_pap", "", AnalyzerConfigItemType.number, multi = false, required = false, None)),
+    None)
 }
 
 @Singleton

diff --git a/app/org/thp/cortex/services/AnalyzerSrv.scala b/app/org/thp/cortex/services/AnalyzerSrv.scala
@@ -150,7 +150,7 @@ class AnalyzerSrv(
 
   def create(organization: Organization, analyzerDefinition: AnalyzerDefinition, analyzerFields: Fields)(implicit authContext: AuthContext): Future[Analyzer] = {
     val rawConfig = analyzerFields.getValue("configuration").fold(JsObject.empty)(_.as[JsObject])
-    val configItems = analyzerDefinition.configurationItems ++ BaseConfig.global.items ++ BaseConfig.tlp.items
+    val configItems = analyzerDefinition.configurationItems ++ BaseConfig.global.items ++ BaseConfig.tlp.items ++ BaseConfig.pap.items
     val configOrErrors = configItems
       .validatedBy(_.read(rawConfig))
       .map(JsObject.apply)

diff --git a/app/org/thp/cortex/services/JobSrv.scala b/app/org/thp/cortex/services/JobSrv.scala
@@ -413,7 +413,7 @@ class JobSrv(
             "data" -> job.data().get)
       }
       .map { artifact ⇒
-        (BaseConfig.global.items ++ BaseConfig.tlp.items ++ analyzerDefinition.configurationItems)
+        (BaseConfig.global.items ++ BaseConfig.tlp.items ++ BaseConfig.pap.items ++ analyzerDefinition.configurationItems)
           .validatedBy(_.read(analyzer.config))
           .map(cfg ⇒ Json.obj("config" -> JsObject(cfg).deepMerge(analyzerDefinition.configuration)))
           .map { cfg ⇒

diff --git a/test/resources/analyzers/echoAnalyzer/echoAnalyzer.json b/test/resources/analyzers/echoAnalyzer/echoAnalyzer.json
@@ -54,6 +54,6 @@
   }
 ],
   "description": "Fake analyzer used for functional tests",
-  "dataTypeList": ["domain"],
+  "dataTypeList": ["domain", "thehive:case"],
   "command": "echoAnalyzer/echoAnalyzer.sh"
 }