Merge pull request #1 from BillOTei/user-search-v0

User search v0
TheHive-Project · May 24, 2019 · 0e241b9 · 0e241b9
2 parents c0beb9d + 51af5ff
commit 0e241b9
Show file tree

Hide file tree

Showing 6 changed files with 30 additions and 15 deletions.
diff --git a/ScalliGraph b/ScalliGraph
diff --git a/thehive/app/org/thp/thehive/controllers/v0/CaseConversion.scala b/thehive/app/org/thp/thehive/controllers/v0/CaseConversion.scala
@@ -68,7 +68,7 @@ trait CaseConversion extends CustomFieldConversion {
       .property[Int]("severity")(_.simple.updatable)
       .property[Date]("startDate")(_.simple.updatable)
       .property[Option[Date]]("endDate")(_.simple.updatable)
-      .property[Set[String]]("tags")(_.simple.updatable)
+      .property[Seq[String]]("tags")(_.simple.updatable)
       .property[Boolean]("flag")(_.simple.updatable)
       .property[Int]("tlp")(_.simple.updatable)
       .property[Int]("pap")(_.simple.updatable)

diff --git a/thehive/app/org/thp/thehive/controllers/v0/TheHiveQueryExecutor.scala b/thehive/app/org/thp/thehive/controllers/v0/TheHiveQueryExecutor.scala
@@ -1,7 +1,5 @@
 package org.thp.thehive.controllers.v0
 
-import scala.reflect.runtime.{currentMirror ⇒ rm, universe ⇒ ru}
-
 import gremlin.scala.{Graph, GremlinScala, StepLabel, Vertex}
 import javax.inject.{Inject, Singleton}
 import org.scalactic.Accumulation._
@@ -12,10 +10,12 @@ import org.thp.scalligraph.models._
 import org.thp.scalligraph.query.InputFilter.{and, not, or}
 import org.thp.scalligraph.query._
 import org.thp.scalligraph.services._
-import org.thp.thehive.dto.v0.{OutputAlert, OutputCase, OutputObservable, OutputTask}
+import org.thp.thehive.dto.v0.{OutputAlert, OutputCase, OutputObservable, OutputTask, OutputUser}
 import org.thp.thehive.models._
 import org.thp.thehive.services._
 
+import scala.reflect.runtime.{currentMirror => rm, universe => ru}
+
 case class GetCaseParams(id: String)
 case class RangeParams(from: Long, to: Long)
 
@@ -27,18 +27,21 @@ class TheHiveQueryExecutor @Inject()(
     alertSrv: AlertSrv,
     logSrv: LogSrv,
     organisationSrv: OrganisationSrv,
+    userSrv: UserSrv,
     implicit val db: Database
 ) extends QueryExecutor
     with CaseConversion
     with TaskConversion
     with AlertConversion
-    with ObservableConversion {
+    with ObservableConversion
+    with UserConversion {
 
   override val publicProperties: List[PublicProperty[_, _]] =
     caseProperties ++
       taskProperties ++
       alertProperties ++
-      observableProperties
+      observableProperties ++
+      userProperties(userSrv)
   override val queries: Seq[ParamQuery[_]] = Seq(
     Query.initWithParam[GetCaseParams, CaseSteps](
       "getCase",
@@ -72,14 +75,16 @@ class TheHiveQueryExecutor @Inject()(
       (range, observableSteps, _) ⇒ observableSteps.page(range.from, range.to)
     ),
     Query[CaseSteps, List[RichCase]]("toList", (caseSteps, _) ⇒ caseSteps.richCase.toList()),
+    Query[UserSteps, List[RichUser]]("toList", (userSteps, authContext) ⇒ userSteps.richUser(authContext.organisation).toList()),
     Query[AlertSteps, List[RichAlert]]("toList", (alertSteps, _) ⇒ alertSteps.richAlert.toList()),
-    Query[ObservableSteps, List[RichObservable]]("toList", (ovservableSteps, _) ⇒ ovservableSteps.richObservable.toList()),
+    Query[ObservableSteps, List[RichObservable]]("toList", (observableSteps, _) ⇒ observableSteps.richObservable.toList()),
     Query[CaseSteps, TaskSteps]("listTask", (caseSteps, _) ⇒ caseSteps.tasks),
     new ParentFilterQuery(publicProperties),
     Query.output[RichCase, OutputCase],
     Query.output[Task with Entity, OutputTask],
     Query.output[RichAlert, OutputAlert],
-    Query.output[RichObservable, OutputObservable]
+    Query.output[RichObservable, OutputObservable],
+    Query.output[RichUser, OutputUser]
   )
 
 //  val caseToList: ParamQuery[CaseSteps, Seq[RichCase]] = Query("toList")(_.richCase.toList)

diff --git a/thehive/test/org/thp/thehive/controllers/v0/CaseCtrlTest.scala b/thehive/test/org/thp/thehive/controllers/v0/CaseCtrlTest.scala
@@ -148,7 +148,8 @@ class CaseCtrlTest extends PlaySpecification with Mockito {
               "flag"   → false,
               "tlp"    → 2,
               "pap"    → 1,
-              "status" → "resolved"
+              "status" → "resolved",
+              "tags"   → List("tag1")
             )
           )
         val result = caseCtrl.update("#1")(request)
@@ -175,7 +176,8 @@ class CaseCtrlTest extends PlaySpecification with Mockito {
             pap = 1,
             status = "resolved",
             owner = Some("user1"),
-            stats = Json.obj()
+            stats = Json.obj(),
+            tags = Set("tag1")
           )
         )
 

diff --git a/thehive/test/org/thp/thehive/controllers/v0/QueryTest.scala b/thehive/test/org/thp/thehive/controllers/v0/QueryTest.scala
@@ -16,6 +16,7 @@ class QueryTest extends PlaySpecification with Mockito with QueryCtrl {
     mock[AlertSrv],
     mock[LogSrv],
     mock[OrganisationSrv],
+    mock[UserSrv],
     mock[Database]
   )
 

diff --git a/thehive/test/org/thp/thehive/controllers/v0/UserCtrlTest.scala b/thehive/test/org/thp/thehive/controllers/v0/UserCtrlTest.scala
@@ -8,6 +8,7 @@ import org.thp.scalligraph.auth.{AuthSrv, UserSrv}
 import org.thp.scalligraph.controllers.{AuthenticateSrv, TestAuthenticateSrv}
 import org.thp.scalligraph.models.{Database, DatabaseProviders, DummyUserSrv, Schema}
 import org.thp.scalligraph.services.{LocalFileSystemStorageSrv, StorageSrv}
+import org.thp.thehive.dto.v0.OutputUser
 import org.thp.thehive.models._
 import org.thp.thehive.services.LocalUserSrv
 import play.api.libs.json.Json
@@ -17,7 +18,7 @@ import play.api.{Configuration, Environment}
 class UserCtrlTest extends PlaySpecification with Mockito {
   val dummyUserSrv          = DummyUserSrv(permissions = Permissions.all)
   val config: Configuration = Configuration.load(Environment.simple())
-  val authSrv: AuthSrv = mock[AuthSrv]
+  val authSrv: AuthSrv      = mock[AuthSrv]
 
   Fragments.foreach(new DatabaseProviders(config).list) { dbProvider ⇒
     val app: AppBuilder = AppBuilder()
@@ -43,16 +44,22 @@ class UserCtrlTest extends PlaySpecification with Mockito {
     s"[$name] user controller" should {
 
       "search users" in {
-        val request = FakeRequest("POST", "/api/v0/user/_search")
+        val request = FakeRequest("POST", "/api/v0/user/_search?range=all&sort=%2Bname")
           .withJsonBody(Json.parse("""{"query": {"_and": [{"status": "Ok"}]}}"""))
           .withHeaders("user" → "user1")
 
-        val result      = userCtrl.search(request)
+        val result = userCtrl.search(request)
         status(result) must_=== 200
 
         val resultUsers = contentAsJson(result)
+        val expected = Json.toJson(
+          Seq(
+            OutputUser(id = "user1", login = "user1", name = "Thomas", organisation = "cert", roles = Set()),
+            OutputUser(id = "user2", login = "user2", name = "U", organisation = "cert", roles = Set())
+          )
+        )
 
-        1 shouldEqual 1
+        resultUsers.toString shouldEqual expected.toString
       }
     }
   }