Skip to content

Commit

Permalink
#1766 Added x_mitre_permissions_required
Browse files Browse the repository at this point in the history
  • Loading branch information
@rriclet
rriclet committed Feb 3, 2021
1 parent a1081e8 commit 3abc59e
Show file tree
Hide file tree
Showing 5 changed files with 42 additions and 34 deletions.
32 changes: 17 additions & 15 deletions dto/src/main/scala/org/thp/thehive/dto/v1/Pattern.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,8 +16,7 @@ case class InputPattern(
x_mitre_defense_bypassed: Seq[String],
x_mitre_detection: Option[String],
x_mitre_is_subtechnique: Boolean,
// TODO x_mitre_tactic_type ?
// TODO x_mitre_permissions_required ?
x_mitre_permissions_required: Seq[String],
x_mitre_platforms: Seq[String],
x_mitre_remote_support: Boolean,
x_mitre_system_requirements: Seq[String],
Expand Down Expand Up @@ -62,19 +61,20 @@ object InputPattern {
for {
references <- (json \ "external_references").validate[Seq[InputReference]]
mitreReference = references.find(ref => isSourceNameValid(ref.source_name))
name <- (json \ "name").validate[String]
description <- (json \ "description").validateOpt[String]
kill_chain_phases <- (json \ "kill_chain_phases").validateOpt[Seq[InputKillChainPhase]]
techniqueType <- (json \ "type").validate[String]
revoked <- (json \ "revoked").validateOpt[Boolean]
x_mitre_data_sources <- (json \ "x_mitre_data_sources").validateOpt[Seq[String]]
x_mitre_defense_bypassed <- (json \ "x_mitre_defense_bypassed").validateOpt[Seq[String]]
x_mitre_detection <- (json \ "x_mitre_detection").validateOpt[String]
x_mitre_is_subtechnique <- (json \ "x_mitre_is_subtechnique").validateOpt[Boolean]
x_mitre_platforms <- (json \ "x_mitre_platforms").validateOpt[Seq[String]]
x_mitre_remote_support <- (json \ "x_mitre_remote_support").validateOpt[Boolean]
x_mitre_system_requirements <- (json \ "x_mitre_system_requirements").validateOpt[Seq[String]]
x_mitre_version <- (json \ "x_mitre_version").validateOpt[String]
name <- (json \ "name").validate[String]
description <- (json \ "description").validateOpt[String]
kill_chain_phases <- (json \ "kill_chain_phases").validateOpt[Seq[InputKillChainPhase]]
techniqueType <- (json \ "type").validate[String]
revoked <- (json \ "revoked").validateOpt[Boolean]
x_mitre_data_sources <- (json \ "x_mitre_data_sources").validateOpt[Seq[String]]
x_mitre_defense_bypassed <- (json \ "x_mitre_defense_bypassed").validateOpt[Seq[String]]
x_mitre_detection <- (json \ "x_mitre_detection").validateOpt[String]
x_mitre_is_subtechnique <- (json \ "x_mitre_is_subtechnique").validateOpt[Boolean]
x_mitre_permissions_required <- (json \ "x_mitre_permissions_required").validateOpt[Seq[String]]
x_mitre_platforms <- (json \ "x_mitre_platforms").validateOpt[Seq[String]]
x_mitre_remote_support <- (json \ "x_mitre_remote_support").validateOpt[Boolean]
x_mitre_system_requirements <- (json \ "x_mitre_system_requirements").validateOpt[Seq[String]]
x_mitre_version <- (json \ "x_mitre_version").validateOpt[String]
} yield InputPattern(
mitreReference.flatMap(_.external_id).getOrElse(""),
name,
Expand All @@ -87,6 +87,7 @@ object InputPattern {
x_mitre_defense_bypassed.getOrElse(Seq()),
x_mitre_detection,
x_mitre_is_subtechnique.getOrElse(false),
x_mitre_permissions_required.getOrElse(Seq()),
x_mitre_platforms.getOrElse(Seq()),
x_mitre_remote_support.getOrElse(false),
x_mitre_system_requirements.getOrElse(Seq()),
Expand Down Expand Up @@ -117,6 +118,7 @@ case class OutputPattern(
dataSources: Seq[String],
defenseBypassed: Seq[String],
detection: Option[String],
permissionsRequired: Seq[String],
platforms: Seq[String],
remoteSupport: Boolean,
systemRequirements: Seq[String],
Expand Down
1 change: 1 addition & 0 deletions thehive/app/org/thp/thehive/controllers/v1/Conversion.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -504,6 +504,7 @@ object Conversion {
.withFieldRenamed(_.x_mitre_data_sources, _.dataSources)
.withFieldRenamed(_.x_mitre_defense_bypassed, _.defenseBypassed)
.withFieldRenamed(_.x_mitre_detection, _.detection)
.withFieldRenamed(_.x_mitre_permissions_required, _.permissionsRequired)
.withFieldRenamed(_.x_mitre_platforms, _.platforms)
.withFieldRenamed(_.x_mitre_remote_support, _.remoteSupport)
.withFieldRenamed(_.x_mitre_system_requirements, _.systemRequirements)
Expand Down
1 change: 1 addition & 0 deletions thehive/app/org/thp/thehive/controllers/v1/Properties.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -350,6 +350,7 @@ class Properties @Inject() (
.property("dataSources", UMapping.string.sequence)(_.field.readonly)
.property("defenseBypassed", UMapping.string.sequence)(_.field.readonly)
.property("detection", UMapping.string.optional)(_.field.readonly)
.property("permissionsRequired", UMapping.string.sequence)(_.field.readonly)
.property("platforms", UMapping.string.sequence)(_.field.readonly)
.property("remoteSupport", UMapping.boolean)(_.field.readonly)
.property("systemRequirements", UMapping.string.sequence)(_.field.readonly)
Expand Down
40 changes: 21 additions & 19 deletions thehive/app/org/thp/thehive/models/Pattern.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ case class Pattern(
dataSources: Seq[String],
defenseBypassed: Seq[String],
detection: Option[String],
permissionsRequired: Seq[String],
platforms: Seq[String],
remoteSupport: Boolean,
systemRequirements: Seq[String],
Expand All @@ -27,23 +28,24 @@ case class Pattern(
case class PatternPattern()

case class RichPattern(pattern: Pattern with Entity, parent: Option[Pattern with Entity]) {
def patternId: String = pattern.patternId
def name: String = pattern.name
def description: Option[String] = pattern.description
def tactics: Set[String] = pattern.tactics
def url: String = pattern.url
def patternType: String = pattern.patternType
def revoked: Boolean = pattern.revoked
def dataSources: Seq[String] = pattern.dataSources
def defenseBypassed: Seq[String] = pattern.defenseBypassed
def detection: Option[String] = pattern.detection
def platforms: Seq[String] = pattern.platforms
def remoteSupport: Boolean = pattern.remoteSupport
def systemRequirements: Seq[String] = pattern.systemRequirements
def version: Option[String] = pattern.revision
def _id: EntityId = pattern._id
def _createdAt: Date = pattern._createdAt
def _createdBy: String = pattern._createdBy
def _updatedAt: Option[Date] = pattern._updatedAt
def _updatedBy: Option[String] = pattern._updatedBy
def patternId: String = pattern.patternId
def name: String = pattern.name
def description: Option[String] = pattern.description
def tactics: Set[String] = pattern.tactics
def url: String = pattern.url
def patternType: String = pattern.patternType
def revoked: Boolean = pattern.revoked
def dataSources: Seq[String] = pattern.dataSources
def defenseBypassed: Seq[String] = pattern.defenseBypassed
def detection: Option[String] = pattern.detection
def permissionsRequired: Seq[String] = pattern.permissionsRequired
def platforms: Seq[String] = pattern.platforms
def remoteSupport: Boolean = pattern.remoteSupport
def systemRequirements: Seq[String] = pattern.systemRequirements
def version: Option[String] = pattern.revision
def _id: EntityId = pattern._id
def _createdAt: Date = pattern._createdAt
def _createdBy: String = pattern._createdBy
def _updatedAt: Option[Date] = pattern._updatedAt
def _updatedBy: Option[String] = pattern._updatedBy
}
2 changes: 2 additions & 0 deletions thehive/test/org/thp/thehive/controllers/v1/PatternCtrlTest.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ case class TestPattern(
dataSources: Seq[String],
defenseBypassed: Seq[String],
detection: Option[String],
permissionsRequired: Seq[String],
platforms: Seq[String],
remoteSupport: Boolean,
systemRequirements: Seq[String],
Expand Down Expand Up @@ -72,6 +73,7 @@ class PatternCtrlTest extends PlaySpecification with TestAppBuilder {
Seq(),
None,
Seq(),
Seq(),
remoteSupport = true,
Seq(),
Some("1.0")
Expand Down

0 comments on commit 3abc59e

Please sign in to comment.