diff --git a/cortex/connector/src/main/scala/org/thp/thehive/connector/cortex/services/AnalyzerTemplateSrv.scala b/cortex/connector/src/main/scala/org/thp/thehive/connector/cortex/services/AnalyzerTemplateSrv.scala index 81cd4cecbd..ae8de64dbc 100644 --- a/cortex/connector/src/main/scala/org/thp/thehive/connector/cortex/services/AnalyzerTemplateSrv.scala +++ b/cortex/connector/src/main/scala/org/thp/thehive/connector/cortex/services/AnalyzerTemplateSrv.scala @@ -15,15 +15,18 @@ import org.thp.scalligraph.{CreateError, EntitySteps} import org.thp.thehive.connector.cortex.controllers.v0.Conversion._ import org.thp.thehive.connector.cortex.models.AnalyzerTemplate import org.thp.thehive.controllers.v0.Conversion._ +import org.thp.thehive.services.OrganisationSrv import play.api.libs.json.{JsObject, Json} import scala.collection.JavaConverters._ import scala.io.Source import scala.util.{Failure, Try} + @Singleton class AnalyzerTemplateSrv @Inject() ( implicit @Named("with-thehive-cortex-schema") db: Database, - auditSrv: CortexAuditSrv + auditSrv: CortexAuditSrv, + organisationSrv: OrganisationSrv ) extends VertexSrv[AnalyzerTemplate, AnalyzerTemplateSteps] { override def steps(raw: GremlinScala[Vertex])(implicit graph: Graph): AnalyzerTemplateSteps = new AnalyzerTemplateSteps(raw) @@ -60,10 +63,11 @@ class AnalyzerTemplateSrv @Inject() ( .flatMap(auditSrv.analyzerTemplate.update(_, updatedFields)) } - def remove(analyzerTemplate: AnalyzerTemplate with Entity)(implicit graph: Graph, authContext: AuthContext): Try[Unit] = { - get(analyzerTemplate).remove() - auditSrv.analyzerTemplate.delete(analyzerTemplate) - } + def remove(analyzerTemplate: AnalyzerTemplate with Entity)(implicit graph: Graph, authContext: AuthContext): Try[Unit] = + organisationSrv.getOrFail(authContext.organisation).flatMap { organisation => + get(analyzerTemplate).remove() + auditSrv.analyzerTemplate.delete(analyzerTemplate, organisation) + } /** * Creates or updates if found templates contained in a zip file diff --git a/misp/connector/src/main/scala/org/thp/thehive/connector/misp/controllers/v0/MispCtrl.scala b/misp/connector/src/main/scala/org/thp/thehive/connector/misp/controllers/v0/MispCtrl.scala index 1912549453..628c294a27 100644 --- a/misp/connector/src/main/scala/org/thp/thehive/connector/misp/controllers/v0/MispCtrl.scala +++ b/misp/connector/src/main/scala/org/thp/thehive/connector/misp/controllers/v0/MispCtrl.scala @@ -52,7 +52,7 @@ class MispCtrl @Inject() ( .has("type", "misp") .visible .toIterator - .toTry(alertSrv.cascadeRemove(_)) + .toTry(alertSrv.remove(_)) .map(_ => Results.NoContent) } } diff --git a/misp/connector/src/main/scala/org/thp/thehive/connector/misp/services/MispImportSrv.scala b/misp/connector/src/main/scala/org/thp/thehive/connector/misp/services/MispImportSrv.scala index 4a5ff5a56d..4ca105880b 100644 --- a/misp/connector/src/main/scala/org/thp/thehive/connector/misp/services/MispImportSrv.scala +++ b/misp/connector/src/main/scala/org/thp/thehive/connector/misp/services/MispImportSrv.scala @@ -319,7 +319,7 @@ class MispImportSrv @Inject() ( .toIterator .toTry { obs => logger.info(s"Remove $obs") - observableSrv.cascadeRemove(obs) + observableSrv.remove(obs) } } .map(_ => ()) diff --git a/thehive/app/org/thp/thehive/ClusterSetup.scala b/thehive/app/org/thp/thehive/ClusterSetup.scala index c80b5e4d62..3c2b1dde47 100644 --- a/thehive/app/org/thp/thehive/ClusterSetup.scala +++ b/thehive/app/org/thp/thehive/ClusterSetup.scala @@ -25,6 +25,6 @@ class ClusterSetup @Inject() ( logger.info("Initialising cluster") val cluster = Cluster(system) cluster.join(cluster.system.provider.getDefaultAddress) - GuiceAkkaExtension(system).set(injector) } + GuiceAkkaExtension(system).set(injector) } diff --git a/thehive/app/org/thp/thehive/controllers/v0/AlertCtrl.scala b/thehive/app/org/thp/thehive/controllers/v0/AlertCtrl.scala index 9b61e1323d..bdd1b9da5f 100644 --- a/thehive/app/org/thp/thehive/controllers/v0/AlertCtrl.scala +++ b/thehive/app/org/thp/thehive/controllers/v0/AlertCtrl.scala @@ -212,7 +212,7 @@ class AlertCtrl @Inject() ( .get(alertId) .can(Permissions.manageAlert) .getOrFail() - _ <- alertSrv.cascadeRemove(alert) + _ <- alertSrv.remove(alert) } yield Results.NoContent } @@ -228,7 +228,7 @@ class AlertCtrl @Inject() ( .get(alertId) .can(Permissions.manageAlert) .getOrFail() - _ <- alertSrv.cascadeRemove(alert) + _ <- alertSrv.remove(alert) } yield () } .map(_ => Results.NoContent) diff --git a/thehive/app/org/thp/thehive/controllers/v0/CaseCtrl.scala b/thehive/app/org/thp/thehive/controllers/v0/CaseCtrl.scala index 205f552130..5aa02514bb 100644 --- a/thehive/app/org/thp/thehive/controllers/v0/CaseCtrl.scala +++ b/thehive/app/org/thp/thehive/controllers/v0/CaseCtrl.scala @@ -174,7 +174,7 @@ class CaseCtrl @Inject() ( .get(caseIdOrNumber) .can(Permissions.manageCase) .getOrFail() - _ <- caseSrv.cascadeRemove(c) + _ <- caseSrv.remove(c) } yield Results.NoContent } diff --git a/thehive/app/org/thp/thehive/controllers/v0/CaseTemplateCtrl.scala b/thehive/app/org/thp/thehive/controllers/v0/CaseTemplateCtrl.scala index 0d02c0e2c4..f61e5b9209 100644 --- a/thehive/app/org/thp/thehive/controllers/v0/CaseTemplateCtrl.scala +++ b/thehive/app/org/thp/thehive/controllers/v0/CaseTemplateCtrl.scala @@ -84,9 +84,10 @@ class CaseTemplateCtrl @Inject() ( entrypoint("delete case template") .authTransaction(db) { implicit request => implicit graph => for { - template <- caseTemplateSrv.get(caseTemplateNameOrId).can(Permissions.manageCaseTemplate).getOrFail() + organisation <- organisationSrv.getOrFail(request.organisation) + template <- caseTemplateSrv.get(caseTemplateNameOrId).can(Permissions.manageCaseTemplate).getOrFail() _ = caseTemplateSrv.get(template).remove() - _ <- auditSrv.caseTemplate.delete(template) + _ <- auditSrv.caseTemplate.delete(template, organisation) } yield Results.Ok } } diff --git a/thehive/app/org/thp/thehive/controllers/v0/ObservableCtrl.scala b/thehive/app/org/thp/thehive/controllers/v0/ObservableCtrl.scala index bc74a166b5..c948e4a5c2 100644 --- a/thehive/app/org/thp/thehive/controllers/v0/ObservableCtrl.scala +++ b/thehive/app/org/thp/thehive/controllers/v0/ObservableCtrl.scala @@ -151,7 +151,7 @@ class ObservableCtrl @Inject() ( .getByIds(obsId) .can(Permissions.manageObservable) .getOrFail("Observable") - _ <- observableSrv.cascadeRemove(observable) + _ <- observableSrv.remove(observable) } yield Results.NoContent } } diff --git a/thehive/app/org/thp/thehive/controllers/v1/ObservableCtrl.scala b/thehive/app/org/thp/thehive/controllers/v1/ObservableCtrl.scala index fd09a710ea..301a2c7087 100644 --- a/thehive/app/org/thp/thehive/controllers/v1/ObservableCtrl.scala +++ b/thehive/app/org/thp/thehive/controllers/v1/ObservableCtrl.scala @@ -129,7 +129,7 @@ class ObservableCtrl @Inject() ( .getByIds(obsId) .can(Permissions.manageObservable) .getOrFail("Observable") - _ <- observableSrv.cascadeRemove(observable) + _ <- observableSrv.remove(observable) } yield Results.NoContent } } diff --git a/thehive/app/org/thp/thehive/services/AlertSrv.scala b/thehive/app/org/thp/thehive/services/AlertSrv.scala index 0fa7e13bed..b6200e457a 100644 --- a/thehive/app/org/thp/thehive/services/AlertSrv.scala +++ b/thehive/app/org/thp/thehive/services/AlertSrv.scala @@ -127,6 +127,17 @@ class AlertSrv @Inject() ( } yield () } + def removeObservable(alert: Alert with Entity, observable: Observable with Entity)(implicit graph: Graph, authContext: AuthContext): Try[Unit] = + observableSrv + .get(observable) + .inToE[AlertObservable] + .filter(_.outV().hasId(alert._id)) + .getOrFail("Observable") + .flatMap { alertObservable => + alertObservableSrv.get(alertObservable).remove() + auditSrv.observableInAlert.delete(observable, Some(alert)) + } + def addObservable(alert: Alert with Entity, richObservable: RichObservable)( implicit graph: Graph, authContext: AuthContext @@ -275,11 +286,12 @@ class AlertSrv @Inject() ( } .map(_ => ()) - def cascadeRemove(alert: Alert with Entity)(implicit graph: Graph, authContext: AuthContext): Try[Unit] = + def remove(alert: Alert with Entity)(implicit graph: Graph, authContext: AuthContext): Try[Unit] = for { - _ <- get(alert).observables.toIterator.toTry(observableSrv.cascadeRemove(_)) + organisation <- organisationSrv.getOrFail(authContext.organisation) + _ <- get(alert).observables.toIterator.toTry(observableSrv.remove(_)) _ = get(alert).remove() - _ <- auditSrv.alert.delete(alert) + _ <- auditSrv.alert.delete(alert, organisation) } yield () override def steps(raw: GremlinScala[Vertex])(implicit graph: Graph): AlertSteps = new AlertSteps(raw) diff --git a/thehive/app/org/thp/thehive/services/AuditSrv.scala b/thehive/app/org/thp/thehive/services/AuditSrv.scala index 7b3f8e0741..2db1e5e022 100644 --- a/thehive/app/org/thp/thehive/services/AuditSrv.scala +++ b/thehive/app/org/thp/thehive/services/AuditSrv.scala @@ -184,8 +184,8 @@ class AuditSrv @Inject() ( if (details == JsObject.empty) Success(()) else auditSrv.create(Audit(Audit.update, entity, Some(details.toString)), Some(entity), Some(entity)) - def delete(entity: E with Entity)(implicit graph: Graph, authContext: AuthContext): Try[Unit] = - auditSrv.create(Audit(Audit.delete, entity, None), None, None) + def delete(entity: E with Entity, context: Entity)(implicit graph: Graph, authContext: AuthContext): Try[Unit] = + auditSrv.create(Audit(Audit.delete, entity, None), Some(context), None) } class UserAudit extends SelfContextObjectAudit[User] { @@ -334,8 +334,7 @@ class AuditSteps(raw: GremlinScala[Vertex])(implicit @Named("with-thehive-schema new CaseSteps( raw .outTo[AuditContext] - .in() - .hasLabel("Share") + .coalesce(_.in().hasLabel("Share"), _.hasLabel("Share")) .outTo[ShareCase] ) diff --git a/thehive/app/org/thp/thehive/services/CaseSrv.scala b/thehive/app/org/thp/thehive/services/CaseSrv.scala index 543fa701f6..f7f0bf6fa9 100644 --- a/thehive/app/org/thp/thehive/services/CaseSrv.scala +++ b/thehive/app/org/thp/thehive/services/CaseSrv.scala @@ -169,14 +169,14 @@ class CaseSrv @Inject() ( } yield () } - def cascadeRemove(`case`: Case with Entity)(implicit graph: Graph, authContext: AuthContext): Try[Unit] = + def remove(`case`: Case with Entity)(implicit graph: Graph, authContext: AuthContext): Try[Unit] = for { - _ <- get(`case`).tasks.toIterator.toTry(taskSrv.cascadeRemove(_)) - _ <- get(`case`).observables.toIterator.toTry(observableSrv.cascadeRemove(_)) - _ = get(`case`).share.remove() - _ = get(`case`).remove() - _ <- auditSrv.`case`.delete(`case`) - } yield () + organisation <- organisationSrv.getOrFail(authContext.organisation) + _ <- auditSrv.`case`.delete(`case`, organisation) + } yield { + get(`case`).share.remove() + get(`case`).remove() + } override def get(idOrNumber: String)(implicit graph: Graph): CaseSteps = Success(idOrNumber) @@ -441,7 +441,10 @@ class CaseSteps(raw: GremlinScala[Vertex])(implicit @Named("with-thehive-schema" def audits(implicit authContext: AuthContext): AuditSteps = audits(authContext.organisation) def audits(organisationName: String): AuditSteps = new AuditSteps( - this.union(_.visible(organisationName), _.observables(organisationName), _.tasks(organisationName)).inTo[AuditContext].raw + this + .union(_.visible(organisationName), _.observables(organisationName), _.tasks(organisationName), _.share(organisationName)) + .inTo[AuditContext] + .raw ) // Warning: this method doesn't generate audit log diff --git a/thehive/app/org/thp/thehive/services/CustomFieldSrv.scala b/thehive/app/org/thp/thehive/services/CustomFieldSrv.scala index 5ced75f2d6..4adb6fe96b 100644 --- a/thehive/app/org/thp/thehive/services/CustomFieldSrv.scala +++ b/thehive/app/org/thp/thehive/services/CustomFieldSrv.scala @@ -22,7 +22,7 @@ import scala.collection.JavaConverters._ import scala.util.{Success, Try} @Singleton -class CustomFieldSrv @Inject() (auditSrv: AuditSrv, @Named("integrity-check-actor") integrityCheckActor: ActorRef)( +class CustomFieldSrv @Inject() (auditSrv: AuditSrv, organisationSrv: OrganisationSrv, @Named("integrity-check-actor") integrityCheckActor: ActorRef)( implicit @Named("with-thehive-schema") db: Database ) extends VertexSrv[CustomField, CustomFieldSteps] { @@ -41,7 +41,9 @@ class CustomFieldSrv @Inject() (auditSrv: AuditSrv, @Named("integrity-check-acto def delete(c: CustomField with Entity, force: Boolean)(implicit graph: Graph, authContext: AuthContext): Try[Unit] = { get(c).remove() // TODO use force - auditSrv.customField.delete(c) + organisationSrv.getOrFail(authContext.organisation).flatMap { organisation => + auditSrv.customField.delete(c, organisation) + } } def useCount(c: CustomField with Entity)(implicit graph: Graph): Map[String, Int] = diff --git a/thehive/app/org/thp/thehive/services/DashboardSrv.scala b/thehive/app/org/thp/thehive/services/DashboardSrv.scala index 55da1c6e49..ac5333b06c 100644 --- a/thehive/app/org/thp/thehive/services/DashboardSrv.scala +++ b/thehive/app/org/thp/thehive/services/DashboardSrv.scala @@ -68,10 +68,11 @@ class DashboardSrv @Inject() (organisationSrv: OrganisationSrv, userSrv: UserSrv Success(()) // TODO add audit } - def remove(dashboard: Dashboard with Entity)(implicit graph: Graph, authContext: AuthContext): Try[Unit] = { - get(dashboard).remove() - auditSrv.dashboard.delete(dashboard) - } + def remove(dashboard: Dashboard with Entity)(implicit graph: Graph, authContext: AuthContext): Try[Unit] = + organisationSrv.getOrFail(authContext.organisation).flatMap { organisation => + get(dashboard).remove() + auditSrv.dashboard.delete(dashboard, organisation) + } } @EntitySteps[Dashboard] diff --git a/thehive/app/org/thp/thehive/services/ObservableSrv.scala b/thehive/app/org/thp/thehive/services/ObservableSrv.scala index 73fd22ad2c..c4a39db6d1 100644 --- a/thehive/app/org/thp/thehive/services/ObservableSrv.scala +++ b/thehive/app/org/thp/thehive/services/ObservableSrv.scala @@ -1,6 +1,5 @@ package org.thp.thehive.services -import java.lang.{Long => JLong} import java.util.{Set => JSet} import gremlin.scala.{KeyValue => _, _} @@ -27,11 +26,13 @@ class ObservableSrv @Inject() ( attachmentSrv: AttachmentSrv, tagSrv: TagSrv, caseSrvProvider: Provider[CaseSrv], - auditSrv: AuditSrv + auditSrv: AuditSrv, + alertSrvProvider: Provider[AlertSrv] )( implicit @Named("with-thehive-schema") db: Database ) extends VertexSrv[Observable, ObservableSteps] { lazy val caseSrv: CaseSrv = caseSrvProvider.get + lazy val alertSrv: AlertSrv = alertSrvProvider.get val observableKeyValueSrv = new EdgeSrv[ObservableKeyValue, Observable, KeyValue] val observableDataSrv = new EdgeSrv[ObservableData, Observable, Data] val observableObservableType = new EdgeSrv[ObservableObservableType, Observable, ObservableType] @@ -158,17 +159,15 @@ class ObservableSrv @Inject() ( // TODO copy or link key value ? } yield richObservable.copy(observable = createdObservable) - def cascadeRemove(observable: Observable with Entity)(implicit graph: Graph, authContext: AuthContext): Try[Unit] = { - get(observable).data.filter(_.useCount.filter(_.is(P.eq[JLong](0L)))).remove() - get(observable).attachments.remove() - get(observable).keyValues.remove() - val maybeAlert = get(observable).alert.headOption() - get(observable).remove() - maybeAlert match { - case None => auditSrv.observable.delete(observable) - case ctx: Some[_] => auditSrv.observableInAlert.delete(observable, ctx) + def remove(observable: Observable with Entity)(implicit graph: Graph, authContext: AuthContext): Try[Unit] = + get(observable).alert.headOption() match { + case None => + for { + share <- get(observable).share(authContext.organisation).getOrFail("Observable") + _ <- auditSrv.observable.delete(observable, share) + } yield get(observable).remove() + case Some(alert) => alertSrv.removeObservable(alert, observable) } - } override def update( steps: ObservableSteps, diff --git a/thehive/app/org/thp/thehive/services/PageSrv.scala b/thehive/app/org/thp/thehive/services/PageSrv.scala index d177e8c600..b30b6177e1 100644 --- a/thehive/app/org/thp/thehive/services/PageSrv.scala +++ b/thehive/app/org/thp/thehive/services/PageSrv.scala @@ -41,10 +41,11 @@ class PageSrv @Inject() (implicit @Named("with-thehive-schema") db: Database, or _ <- auditSrv.page.update(p, Json.obj("title" -> p.title)) } yield p - def delete(page: Page with Entity)(implicit graph: Graph, authContext: AuthContext): Try[Unit] = { - get(page).remove() - auditSrv.page.delete(page) - } + def delete(page: Page with Entity)(implicit graph: Graph, authContext: AuthContext): Try[Unit] = + organisationSrv.getOrFail(authContext.organisation).flatMap { organisation => + get(page).remove() + auditSrv.page.delete(page, organisation) + } } @EntitySteps[Page] diff --git a/thehive/app/org/thp/thehive/services/ProfileSrv.scala b/thehive/app/org/thp/thehive/services/ProfileSrv.scala index ad84e05829..f6a3818c65 100644 --- a/thehive/app/org/thp/thehive/services/ProfileSrv.scala +++ b/thehive/app/org/thp/thehive/services/ProfileSrv.scala @@ -2,7 +2,7 @@ package org.thp.thehive.services import akka.actor.ActorRef import gremlin.scala._ -import javax.inject.{Inject, Named, Singleton} +import javax.inject.{Inject, Named, Provider, Singleton} import org.thp.scalligraph.auth.{AuthContext, Permission} import org.thp.scalligraph.models._ import org.thp.scalligraph.query.PropertyUpdater @@ -17,11 +17,15 @@ import play.api.libs.json.JsObject import scala.util.{Failure, Success, Try} @Singleton -class ProfileSrv @Inject() (auditSrv: AuditSrv, @Named("integrity-check-actor") integrityCheckActor: ActorRef)( +class ProfileSrv @Inject() ( + auditSrv: AuditSrv, + organisationSrvProvider: Provider[OrganisationSrv], + @Named("integrity-check-actor") integrityCheckActor: ActorRef +)( implicit @Named("with-thehive-schema") val db: Database ) extends VertexSrv[Profile, ProfileSteps] { - - lazy val orgAdmin: Profile with Entity = db.roTransaction(graph => getOrFail(Profile.orgAdmin.name)(graph)).get + lazy val organisationSrv: OrganisationSrv = organisationSrvProvider.get + lazy val orgAdmin: Profile with Entity = db.roTransaction(graph => getOrFail(Profile.orgAdmin.name)(graph)).get override def createEntity(e: Profile)(implicit graph: Graph, authContext: AuthContext): Try[Profile with Entity] = { integrityCheckActor ! IntegrityCheckActor.EntityAdded("Profile") @@ -47,10 +51,11 @@ class ProfileSrv @Inject() (auditSrv: AuditSrv, @Named("integrity-check-actor") Failure(BadRequestError(s"Profile ${profile.name} cannot be removed")) else if (get(profile).filter(_.or(_.roles, _.shares)).exists()) Failure(BadRequestError(s"Profile ${profile.name} is used")) - else { - get(profile).remove() - auditSrv.profile.delete(profile) - } + else + organisationSrv.getOrFail(authContext.organisation).flatMap { organisation => + get(profile).remove() + auditSrv.profile.delete(profile, organisation) + } override def update( steps: ProfileSteps, diff --git a/thehive/app/org/thp/thehive/services/ShareSrv.scala b/thehive/app/org/thp/thehive/services/ShareSrv.scala index 1dd89e9dde..b9ca7c1db2 100644 --- a/thehive/app/org/thp/thehive/services/ShareSrv.scala +++ b/thehive/app/org/thp/thehive/services/ShareSrv.scala @@ -19,9 +19,10 @@ class ShareSrv @Inject() ( auditSrv: AuditSrv, caseSrvProvider: Provider[CaseSrv], taskSrv: TaskSrv, - observableSrv: ObservableSrv + observableSrvProvider: Provider[ObservableSrv] ) extends VertexSrv[Share, ShareSteps] { - lazy val caseSrv: CaseSrv = caseSrvProvider.get + lazy val caseSrv: CaseSrv = caseSrvProvider.get + lazy val observableSrv: ObservableSrv = observableSrvProvider.get val organisationShareSrv = new EdgeSrv[OrganisationShare, Organisation, Share] val shareProfileSrv = new EdgeSrv[ShareProfile, Share, Profile] @@ -45,7 +46,7 @@ class ShareSrv @Inject() ( implicit graph: Graph, authContext: AuthContext ): Try[Share with Entity] = - get(`case`, organisation).headOption() match { + get(`case`, organisation.name).headOption() match { case Some(_) => Failure(CreateError(s"Case #${`case`.number} is already shared with organisation ${organisation.name}")) case None => for { @@ -57,8 +58,14 @@ class ShareSrv @Inject() ( } yield createdShare } - def get(`case`: Case with Entity, organisation: Organisation with Entity)(implicit graph: Graph): ShareSteps = - caseSrv.get(`case`).share(organisation.name) + def get(`case`: Case with Entity, organisationName: String)(implicit graph: Graph): ShareSteps = + caseSrv.get(`case`).share(organisationName) + + def get(observable: Observable with Entity, organisationName: String)(implicit graph: Graph): ShareSteps = + observableSrv.get(observable).share(organisationName) + + def get(task: Task with Entity, organisationName: String)(implicit graph: Graph): ShareSteps = + taskSrv.get(task).share(organisationName) def update( share: Share with Entity, @@ -114,10 +121,10 @@ class ShareSrv @Inject() ( organisation: Organisation with Entity )(implicit graph: Graph, authContext: AuthContext): Try[Unit] = for { - shareObservable <- taskSrv + shareObservable <- observableSrv .get(observable) .inToE[ShareObservable] - .filter(st => new ShareSteps(st.outV().raw).byOrganisationName(organisation.name)) + .filter(_.outV().inTo[OrganisationShare].hasId(organisation._id)) .getOrFail("Share") case0 <- observableSrv.get(observable).`case`.getOrFail("Case") _ <- auditSrv.share.unshareObservable(observable, case0, organisation) @@ -146,7 +153,7 @@ class ShareSrv @Inject() ( authContext: AuthContext ): Try[Unit] = for { - share <- get(`case`, organisation).getOrFail("Case") + share <- get(`case`, organisation.name).getOrFail("Case") _ <- shareTaskSrv.create(ShareTask(), share, richTask.task) _ <- auditSrv.task.create(richTask.task, richTask.toJson) } yield () @@ -160,7 +167,7 @@ class ShareSrv @Inject() ( authContext: AuthContext ): Try[Unit] = for { - share <- get(`case`, organisation).getOrFail("Case") + share <- get(`case`, organisation.name).getOrFail("Case") _ <- shareObservableSrv.create(ShareObservable(), share, richObservable.observable) _ <- auditSrv.observable.create(richObservable.observable, richObservable.toJson) } yield () diff --git a/thehive/app/org/thp/thehive/services/TaskSrv.scala b/thehive/app/org/thp/thehive/services/TaskSrv.scala index cccbf03618..4d7ad0456f 100644 --- a/thehive/app/org/thp/thehive/services/TaskSrv.scala +++ b/thehive/app/org/thp/thehive/services/TaskSrv.scala @@ -17,8 +17,9 @@ import play.api.libs.json.{JsNull, JsObject, Json} import scala.util.{Failure, Success, Try} @Singleton -class TaskSrv @Inject() (caseSrvProvider: Provider[CaseSrv], auditSrv: AuditSrv, logSrv: LogSrv)(implicit @Named("with-thehive-schema") db: Database) - extends VertexSrv[Task, TaskSteps] { +class TaskSrv @Inject() (caseSrvProvider: Provider[CaseSrv], auditSrv: AuditSrv)( + implicit @Named("with-thehive-schema") db: Database +) extends VertexSrv[Task, TaskSteps] { lazy val caseSrv: CaseSrv = caseSrvProvider.get val caseTemplateTaskSrv = new EdgeSrv[CaseTemplateTask, CaseTemplate, Task] @@ -43,10 +44,9 @@ class TaskSrv @Inject() (caseSrvProvider: Provider[CaseSrv], auditSrv: AuditSrv, def cascadeRemove(task: Task with Entity)(implicit graph: Graph, authContext: AuthContext): Try[Unit] = for { - _ <- get(task).logs.toIterator.toTry(logSrv.cascadeRemove(_)) - _ = get(task).remove() - _ <- auditSrv.task.delete(task) - } yield () + share <- get(task).share(authContext.organisation).getOrFail("Task") + _ <- auditSrv.task.delete(task, share) + } yield get(task).remove() override def update( steps: TaskSteps, diff --git a/thehive/test/org/thp/thehive/TestAppBuilder.scala b/thehive/test/org/thp/thehive/TestAppBuilder.scala index 88114a432f..a27c4a41bf 100644 --- a/thehive/test/org/thp/thehive/TestAppBuilder.scala +++ b/thehive/test/org/thp/thehive/TestAppBuilder.scala @@ -3,6 +3,8 @@ package org.thp.thehive import java.io.File import java.nio.file.{Files, Paths} +import akka.actor.ActorSystem +import com.google.inject.Injector import javax.inject.{Inject, Provider, Singleton} import org.apache.commons.io.FileUtils import org.thp.scalligraph.auth._ @@ -30,6 +32,8 @@ import org.thp.thehive.services.{ UserIntegrityCheckOps } +import scala.util.Try + object TestAppBuilderLock trait TestAppBuilder { @@ -71,7 +75,7 @@ trait TestAppBuilder { .addConfiguration("play.mailer.mock = yes") .addConfiguration("play.mailer.debug = yes") .addConfiguration(s"storage.localfs.location = ${System.getProperty("user.dir")}/target/storage") - .bindEagerly[ClusterSetup] + .bindEagerly[AkkaGuiceExtensionSetup] def testApp[A](body: AppBuilder => A): A = { val storageDirectory = Files.createTempDirectory(Paths.get("target"), "janusgraph-test-database").toFile @@ -113,7 +117,7 @@ trait TestAppBuilder { try body(app) finally { - app[Database].close() + Try(app[Database].close()) FileUtils.deleteDirectory(storageDirectory) } } @@ -123,3 +127,8 @@ trait TestAppBuilder { class BasicDatabaseProvider @Inject() (database: Database) extends Provider[Database] { override def get(): Database = database } + +@Singleton +class AkkaGuiceExtensionSetup @Inject() (system: ActorSystem, injector: Injector) { + GuiceAkkaExtension(system).set(injector) +} diff --git a/thehive/test/org/thp/thehive/controllers/v0/CaseCtrlTest.scala b/thehive/test/org/thp/thehive/controllers/v0/CaseCtrlTest.scala index e06294e864..e2264bda2d 100644 --- a/thehive/test/org/thp/thehive/controllers/v0/CaseCtrlTest.scala +++ b/thehive/test/org/thp/thehive/controllers/v0/CaseCtrlTest.scala @@ -8,7 +8,7 @@ import org.thp.scalligraph.models.{Database, DummyUserSrv} import org.thp.scalligraph.steps.StepsOps._ import org.thp.thehive.TestAppBuilder import org.thp.thehive.dto.v0._ -import org.thp.thehive.services.{CaseSrv, TaskSrv} +import org.thp.thehive.services.CaseSrv import play.api.libs.json._ import play.api.test.{FakeRequest, PlaySpecification} @@ -361,7 +361,7 @@ class CaseCtrlTest extends PlaySpecification with TestAppBuilder { app[Database].roTransaction { implicit graph => app[CaseSrv].get("#1").headOption() must beNone - tasks.flatMap(task => app[TaskSrv].get(task).headOption()) must beEmpty +// tasks.flatMap(task => app[TaskSrv].get(task).headOption()) must beEmpty } } } diff --git a/thehive/test/org/thp/thehive/services/AlertSrvTest.scala b/thehive/test/org/thp/thehive/services/AlertSrvTest.scala index 151c98117f..9d71664d57 100644 --- a/thehive/test/org/thp/thehive/services/AlertSrvTest.scala +++ b/thehive/test/org/thp/thehive/services/AlertSrvTest.scala @@ -205,11 +205,11 @@ class AlertSrvTest extends PlaySpecification with TestAppBuilder { app[Database].tryTransaction { implicit graph => for { alert <- app[AlertSrv].getOrFail("testType;testSource;ref4") - _ <- app[AlertSrv].cascadeRemove(alert) + _ <- app[AlertSrv].remove(alert) } yield () } must beSuccessfulTry app[Database].roTransaction { implicit graph => - app[ObservableSrv].initSteps.filterOnType("domain").filterOnData("perdu.com").exists() must beFalse +// app[ObservableSrv].initSteps.filterOnType("domain").filterOnData("perdu.com").exists() must beFalse app[AlertSrv].initSteps.get("testType;testSource;ref4").exists() must beFalse } } diff --git a/thehive/test/org/thp/thehive/services/CaseSrvTest.scala b/thehive/test/org/thp/thehive/services/CaseSrvTest.scala index c65cb9243c..71a2588980 100644 --- a/thehive/test/org/thp/thehive/services/CaseSrvTest.scala +++ b/thehive/test/org/thp/thehive/services/CaseSrvTest.scala @@ -305,7 +305,7 @@ class CaseSrvTest extends PlaySpecification with TestAppBuilder { ) .get - app[Database].tryTransaction(implicit graph => app[CaseSrv].cascadeRemove(c1.`case`)) must beSuccessfulTry + app[Database].tryTransaction(implicit graph => app[CaseSrv].remove(c1.`case`)) must beSuccessfulTry app[Database].roTransaction { implicit graph => app[CaseSrv].get(c1._id).exists() must beFalse }