From e32249b4ada2ea167cab4c503cbc11bab50c6322 Mon Sep 17 00:00:00 2001
From: To-om <toom@thehive-project.org>
Date: Thu, 26 Jul 2018 16:16:47 +0200
Subject: [PATCH] #110 Responder input data is now Json

---
 app/org/thp/cortex/controllers/JobCtrl.scala | 14 +++++++++++++-
 app/org/thp/cortex/models/Job.scala          | 10 +++++++---
 app/org/thp/cortex/services/JobSrv.scala     |  7 ++++---
 conf/routes                                  |  4 ++--
 4 files changed, 26 insertions(+), 9 deletions(-)

diff --git a/app/org/thp/cortex/controllers/JobCtrl.scala b/app/org/thp/cortex/controllers/JobCtrl.scala
index a51c08fe8..fda48c528 100644
--- a/app/org/thp/cortex/controllers/JobCtrl.scala
+++ b/app/org/thp/cortex/controllers/JobCtrl.scala
@@ -63,7 +63,19 @@ class JobCtrl @Inject() (
       .map(_ ⇒ NoContent)
   }
 
-  def create(workerId: String): Action[Fields] = authenticated(Roles.analyze).async(fieldsBodyParser) { implicit request ⇒
+  def createResponderJob(workerId: String): Action[Fields] = authenticated(Roles.analyze).async(fieldsBodyParser) { implicit request ⇒
+    val fields = request.body
+    val fieldsWithStringData = fields.getValue("data") match {
+      case Some(d) ⇒ fields.set("data", d.toString)
+      case None    ⇒ fields
+    }
+    jobSrv.create(workerId, fieldsWithStringData)
+      .map { job ⇒
+        renderer.toOutput(OK, job)
+      }
+  }
+
+  def createAnalyzerJob(workerId: String): Action[Fields] = authenticated(Roles.analyze).async(fieldsBodyParser) { implicit request ⇒
     jobSrv.create(workerId, request.body)
       .map { job ⇒
         renderer.toOutput(OK, job)
diff --git a/app/org/thp/cortex/models/Job.scala b/app/org/thp/cortex/models/Job.scala
index 050490ec5..7c61e9a7d 100644
--- a/app/org/thp/cortex/models/Job.scala
+++ b/app/org/thp/cortex/models/Job.scala
@@ -48,12 +48,16 @@ class Job(model: JobModel, attributes: JsObject) extends EntityDef[JobModel, Job
   val params: JsObject = Try(Json.parse(parameters()).as[JsObject]).getOrElse(JsObject.empty)
 
   override def toJson: JsObject = {
-    val output = super.toJson + ("date" → Json.toJson(createdAt))
-    input().fold(output)(i ⇒ output +
+    val output = input().fold(super.toJson)(i ⇒ super.toJson +
       ("input" → Json.parse(i))) +
       ("parameters" → params) +
       ("analyzerId" → JsString(workerId())) +
       ("analyzerName" → JsString(workerName())) +
-      ("analyzerDefinitionId" → JsString(workerDefinitionId()))
+      ("analyzerDefinitionId" → JsString(workerDefinitionId())) +
+      ("date" → Json.toJson(createdAt))
+    data() match {
+      case Some(d) if tpe() == WorkerType.responder ⇒ output + ("data" -> Json.parse(d))
+      case _                                        ⇒ output
+    }
   }
 }
\ No newline at end of file
diff --git a/app/org/thp/cortex/services/JobSrv.scala b/app/org/thp/cortex/services/JobSrv.scala
index ca1fd506a..127ed4746 100644
--- a/app/org/thp/cortex/services/JobSrv.scala
+++ b/app/org/thp/cortex/services/JobSrv.scala
@@ -418,9 +418,10 @@ class JobSrv(
             "file" → file.toString,
             "filename" → job.attachment().get.name,
             "contentType" → job.attachment().get.contentType)
-        case None if job.data().nonEmpty ⇒
-          Json.obj(
-            "data" → job.data().get)
+        case None if job.data().nonEmpty && job.tpe == WorkerType.responder ⇒
+          Json.obj("data" → Json.parse(job.data().get))
+        case None if job.data().nonEmpty && job.tpe == WorkerType.analyzer ⇒
+          Json.obj("data" → job.data().get)
       }
       .map { artifact ⇒
         (BaseConfig.global(worker.tpe()).items ++ BaseConfig.tlp.items ++ BaseConfig.pap.items ++ workerDefinition.configurationItems)
diff --git a/conf/routes b/conf/routes
index 2865b85f6..9c7f89687 100644
--- a/conf/routes
+++ b/conf/routes
@@ -15,13 +15,13 @@ GET           /api/analyzer                                         org.thp.cort
 POST          /api/analyzer/_search                                 org.thp.cortex.controllers.AnalyzerCtrl.find
 GET           /api/analyzer/:id                                     org.thp.cortex.controllers.AnalyzerCtrl.get(id)
 GET           /api/analyzer/type/:dataType                          org.thp.cortex.controllers.AnalyzerCtrl.listForType(dataType)
-POST          /api/analyzer/:id/run                                 org.thp.cortex.controllers.JobCtrl.create(id)
+POST          /api/analyzer/:id/run                                 org.thp.cortex.controllers.JobCtrl.createAnalyzerJob(id)
 
 GET           /api/responder                                        org.thp.cortex.controllers.ResponderCtrl.find
 POST          /api/responder/_search                                org.thp.cortex.controllers.ResponderCtrl.find
 GET           /api/responder/:id                                    org.thp.cortex.controllers.ResponderCtrl.get(id)
 GET           /api/responder/type/:dataType                         org.thp.cortex.controllers.ResponderCtrl.listForType(dataType)
-POST          /api/responder/:id/run                                org.thp.cortex.controllers.JobCtrl.create(id)
+POST          /api/responder/:id/run                                org.thp.cortex.controllers.JobCtrl.createResponderJob(id)
 
 GET           /api/job/:id/waitreport                               org.thp.cortex.controllers.JobCtrl.waitReport(id, atMost ?= "1minute")
 ####################