#1838 Use Query API to list artifact jobs and refresh the list only o…

…n events related to the right observable
TheHive-Project · Mar 16, 2021 · 38df9fd · 38df9fd
1 parent 2ea4414
commit 38df9fd
Show file tree

Hide file tree

Showing 3 changed files with 33 additions and 17 deletions.
diff --git a/cortex/connector/src/main/scala/org/thp/thehive/connector/cortex/services/JobSrv.scala b/cortex/connector/src/main/scala/org/thp/thehive/connector/cortex/services/JobSrv.scala
@@ -26,7 +26,7 @@ import org.thp.thehive.services.CaseOps._
 import org.thp.thehive.services.ObservableOps._
 import org.thp.thehive.services.OrganisationOps._
 import org.thp.thehive.services.{AttachmentSrv, ObservableSrv, ObservableTypeSrv, ReportTagSrv}
-import play.api.libs.json.Json
+import play.api.libs.json.{JsObject, JsString, Json}
 
 import java.nio.file.Files
 import java.util.{Date, Map => JMap}
@@ -92,7 +92,13 @@ class JobSrv @Inject() (
         create(fromCortexOutputJob(cortexOutputJob).copy(cortexId = cortexId), observable.observable)
       })
       _ <- Future.fromTry(db.tryTransaction { implicit graph =>
-        auditSrv.job.create(createdJob.job, observable.observable, createdJob.toJson)
+        auditSrv
+          .job
+          .create(
+            createdJob.job,
+            observable.observable,
+            createdJob.toJson.as[JsObject] + ("objectType" -> JsString("Observable")) + ("objectId" -> JsString(observable._id.toString))
+          )
       })
       _ = cortexActor ! CheckJob(Some(createdJob._id), cortexOutputJob.id, None, cortexClient.name, authContext)
     } yield createdJob
@@ -171,7 +177,14 @@ class JobSrv @Inject() (
             .update(_.endDate, endDate)
             .getOrFail("Job")
           observable <- get(job).observable.getOrFail("Observable")
-          _          <- auditSrv.job.update(job, observable, Json.obj("status" -> status, "endDate" -> endDate))
+          _ <-
+            auditSrv
+              .job
+              .update(
+                job,
+                observable,
+                Json.obj("status" -> status, "endDate" -> endDate, "objectType" -> "Observable", "objectId" -> observable._id.toString)
+              )
         } yield job
       }
     }

diff --git a/frontend/app/scripts/controllers/case/CaseObservablesItemCtrl.js b/frontend/app/scripts/controllers/case/CaseObservablesItemCtrl.js
@@ -45,7 +45,7 @@
                     })
                     .finally(function () {
                         if($scope.analysisEnabled) {
-                            $scope.jobs = CortexSrv.list($scope, $scope.caseId, observableId, $scope.onJobsChange);
+                            $scope.jobs = CortexSrv.listJobs($scope, $scope.caseId, observableId, $scope.onJobsChange);
                         }
                     });
 

diff --git a/frontend/app/scripts/services/api/CortexSrv.js b/frontend/app/scripts/services/api/CortexSrv.js
@@ -1,27 +1,30 @@
 (function() {
     'use strict';
-    angular.module('theHiveServices').service('CortexSrv', function($q, $http, $rootScope, $uibModal, QuerySrv, StatSrv, StreamSrv, AnalyzerSrv, PSearchSrv, ModalUtilsSrv) {
+    angular.module('theHiveServices').service('CortexSrv', function($q, $http, $rootScope, $uibModal, QuerySrv, PaginatedQuerySrv, StreamSrv, AnalyzerSrv, PSearchSrv, ModalUtilsSrv) {
         var self = this;
         var baseUrl = './api/connector/cortex';
 
-        this.list = function(scope, caseId, observableId, callback) {
-            return PSearchSrv(undefined, 'connector/cortex/job', {
+        this.listJobs = function(scope, caseId, observableId, callback) {
+            return new PaginatedQuerySrv({
+                name: 'observable-jobs-' + observableId,
+                version: 'v1',
                 scope: scope,
-                sort: ['-startDate'],
+                streamObjectType: 'case_artifact_job',
                 loadAll: false,
+                sort: ['-startDate'],
                 pageSize: 200,
                 onUpdate: callback || angular.noop,
-                streamObjectType: 'case_artifact_job',
-                filter: {
-                    _parent: {
-                        _type: 'observable',
-                        _query: {
-                            _id: observableId
-                        }
-                    }
+                operations: [
+                    { '_name': 'getObservable', 'idOrName': observableId },
+                    { '_name': 'jobs' }
+                ],
+                guard: function(updates) {
+                    return _.find(updates, function(item) {
+                        return (item.base.details.objectType === 'Observable') && (item.base.details.objectId === observableId);
+                    }) !== undefined;
                 }
             });
-        };
+        }
 
         this.getJobs = function(caseId, observableId, analyzerId, limit) {