From 44db31d718a73d47fc75c9844a947d70089463f1 Mon Sep 17 00:00:00 2001 From: To-om Date: Thu, 4 Feb 2021 08:41:14 +0100 Subject: [PATCH] #1772 Reorganise routes --- .../thp/thehive/controllers/v0/Router.scala | 323 +++++++++--------- 1 file changed, 162 insertions(+), 161 deletions(-) diff --git a/thehive/app/org/thp/thehive/controllers/v0/Router.scala b/thehive/app/org/thp/thehive/controllers/v0/Router.scala index f02add686e..56093f66d8 100644 --- a/thehive/app/org/thp/thehive/controllers/v0/Router.scala +++ b/thehive/app/org/thp/thehive/controllers/v0/Router.scala @@ -7,200 +7,192 @@ import play.api.routing.sird._ @Singleton class Router @Inject() ( - statsCtrl: StatsCtrl, + alertCtrl: AlertCtrl, + attachmentCtrl: AttachmentCtrl, + auditCtrl: AuditCtrl, + authenticationCtrl: AuthenticationCtrl, caseCtrl: CaseCtrl, caseTemplateCtrl: CaseTemplateCtrl, - userCtrl: UserCtrl, - organisationCtrl: OrganisationCtrl, - taskCtrl: TaskCtrl, - logCtrl: LogCtrl, - observableCtrl: ObservableCtrl, + configCtrl: ConfigCtrl, customFieldCtrl: CustomFieldCtrl, - alertCtrl: AlertCtrl, - auditCtrl: AuditCtrl, - statusCtrl: StatusCtrl, dashboardCtrl: DashboardCtrl, - authenticationCtrl: AuthenticationCtrl, - listCtrl: ListCtrl, - streamCtrl: StreamCtrl, - attachmentCtrl: AttachmentCtrl, describeCtrl: DescribeCtrl, - configCtrl: ConfigCtrl, + listCtrl: ListCtrl, + logCtrl: LogCtrl, + observableCtrl: ObservableCtrl, + observableTypeCtrl: ObservableTypeCtrl, + organisationCtrl: OrganisationCtrl, + pageCtrl: PageCtrl, + permissionCtrl: PermissionCtrl, profileCtrl: ProfileCtrl, shareCtrl: ShareCtrl, + statsCtrl: StatsCtrl, + statusCtrl: StatusCtrl, tagCtrl: TagCtrl, - pageCtrl: PageCtrl, - permissionCtrl: PermissionCtrl, - observableTypeCtrl: ObservableTypeCtrl + taskCtrl: TaskCtrl, + streamCtrl: StreamCtrl, + userCtrl: UserCtrl ) extends SimpleRouter { override def routes: Routes = { - - case POST(p"/_stats") => statsCtrl.stats - - case GET(p"/status") => statusCtrl.get - case GET(p"/health") => statusCtrl.health - case GET(p"/logout") => authenticationCtrl.logout - case POST(p"/logout") => authenticationCtrl.logout - case POST(p"/login") => authenticationCtrl.login -// case POST(p"/ssoLogin") => authenticationCtrl.ssoLogin - - case DELETE(p"/case/shares") => shareCtrl.removeShares() case POST(p"/case/$caseId/shares") => shareCtrl.shareCase(caseId) - case DELETE(p"/case/$caseId/shares") => shareCtrl.removeShares(caseId) - case DELETE(p"/task/$taskId/shares") => shareCtrl.removeTaskShares(taskId) - case DELETE(p"/observable/$observableId/shares") => shareCtrl.removeObservableShares(observableId) case GET(p"/case/$caseId/shares") => shareCtrl.listShareCases(caseId) + case DELETE(p"/case/$caseId/shares") => shareCtrl.removeShares(caseId) + case DELETE(p"/case/shares") => shareCtrl.removeShares() + case POST(p"/case/task/$taskId/shares") => shareCtrl.shareTask(taskId) case GET(p"/case/$caseId/task/$taskId/shares") => shareCtrl.listShareTasks(caseId, taskId) + case DELETE(p"/task/$taskId/shares") => shareCtrl.removeTaskShares(taskId) + case POST(p"/case/artifact/$observableId/shares") => shareCtrl.shareObservable(observableId) case GET(p"/case/$caseId/observable/$observableId/shares") => shareCtrl.listShareObservables(caseId, observableId) - case POST(p"/case/task/$taskId/shares") => shareCtrl.shareTask(taskId) + case DELETE(p"/observable/$observableId/shares") => shareCtrl.removeObservableShares(observableId) case DELETE(p"/case/share/$shareId") => shareCtrl.removeShare(shareId) case PATCH(p"/case/share/$shareId") => shareCtrl.updateShare(shareId) - case GET(p"/case/task") => taskCtrl.search - case POST(p"/case/$caseId/task") => taskCtrl.create(caseId) // Audit ok - case GET(p"/case/task/$taskId") => taskCtrl.get(taskId) - case PATCH(p"/case/task/$taskId") => taskCtrl.update(taskId) // Audit ok - case POST(p"/case/task/_search") => taskCtrl.search - case POST(p"/case/task/_stats") => taskCtrl.stats - case POST(p"/case/$caseId/task/_search") => taskCtrl.searchInCase(caseId) + case GET(p"/alert") => alertCtrl.search + case POST(p"/alert/_search") => alertCtrl.search + case POST(p"/alert/_stats") => alertCtrl.stats + case POST(p"/alert") => alertCtrl.create + case GET(p"/alert/$alertId") => alertCtrl.get(alertId) + case PATCH(p"/alert/$alertId") => alertCtrl.update(alertId) + case POST(p"/alert/delete/_bulk") => alertCtrl.bulkDelete + case DELETE(p"/alert/$alertId") => alertCtrl.delete(alertId) + case POST(p"/alert/merge/_bulk") => alertCtrl.bulkMergeWithCase + case POST(p"/alert/$alertId/merge/$caseId") => alertCtrl.mergeWithCase(alertId, caseId) + case POST(p"/alert/$alertId/markAsRead") => alertCtrl.markAsRead(alertId) + case POST(p"/alert/$alertId/markAsUnread") => alertCtrl.markAsUnread(alertId) + case POST(p"/alert/$alertId/follow") => alertCtrl.followAlert(alertId) + case POST(p"/alert/$alertId/unfollow") => alertCtrl.unfollowAlert(alertId) + case POST(p"/alert/$alertId/createCase") => alertCtrl.createCase(alertId) + // PATCH /alert/_bulk controllers.AlertCtrl.bulkUpdate + + case GET(p"/datastore/$id" ? q_o"name=$name") => attachmentCtrl.download(id, name) + case GET(p"/datastorezip/$id" ? q_o"name=$name") => attachmentCtrl.downloadZip(id, name) + + case GET(p"/audit") => auditCtrl.search + case POST(p"/audit/_search") => auditCtrl.search + case POST(p"/audit/_stats") => auditCtrl.stats + case GET(p"/audit") => auditCtrl.flow(None) + case GET(p"/flow" ? q_o"rootId=$rootId") => auditCtrl.flow(rootId) + + case POST(p"/login") => authenticationCtrl.login + case GET(p"/logout") => authenticationCtrl.logout + case POST(p"/logout") => authenticationCtrl.logout + + case GET(p"/case/template") => caseTemplateCtrl.search + case POST(p"/case/template/_search") => caseTemplateCtrl.search + case POST(p"/case/template/_stats") => caseTemplateCtrl.stats + case POST(p"/case/template") => caseTemplateCtrl.create + case GET(p"/case/template/$caseTemplateId") => caseTemplateCtrl.get(caseTemplateId) + case PATCH(p"/case/template/$caseTemplateId") => caseTemplateCtrl.update(caseTemplateId) + case DELETE(p"/case/template/$caseTemplateId") => caseTemplateCtrl.delete(caseTemplateId) - //case GET(p"/case/task/$taskId/log") => logCtrl.findInTask(taskId) - //case POST(p"/case/task/$taskId/log/_search") => logCtrl.findInTask(taskId) case POST(p"/case/task/log/_search") => logCtrl.search case POST(p"/case/task/log/_stats") => logCtrl.stats - case POST(p"/case/task/$taskId/log") => logCtrl.create(taskId) // Audit ok - case PATCH(p"/case/task/log/$logId") => logCtrl.update(logId) // Audit ok - case DELETE(p"/case/task/log/$logId") => logCtrl.delete(logId) // Audit ok, weird logs/silent errors though (stream related) + case POST(p"/case/task/$taskId/log") => logCtrl.create(taskId) + case PATCH(p"/case/task/log/$logId") => logCtrl.update(logId) + case DELETE(p"/case/task/log/$logId") => logCtrl.delete(logId) + //case GET(p"/case/task/$taskId/log") => logCtrl.findInTask(taskId) + //case POST(p"/case/task/$taskId/log/_search") => logCtrl.findInTask(taskId) // case GET(p"/case/task/log/$logId") => logCtrl.get(logId) - case POST(p"/case/artifact/_search") => observableCtrl.search - // case POST(p"/case/:caseId/artifact/_search") => observableCtrl.findInCase(caseId) + case GET(p"/case/task") => taskCtrl.search + case POST(p"/case/task/_search") => taskCtrl.search + case POST(p"/case/task/_stats") => taskCtrl.stats + case POST(p"/case/$caseId/task") => taskCtrl.create(caseId) + case GET(p"/case/task/$taskId") => taskCtrl.get(taskId) + case PATCH(p"/case/task/$taskId") => taskCtrl.update(taskId) + case POST(p"/case/$caseId/task/_search") => taskCtrl.searchInCase(caseId) + + case POST(p"/case/artifact/_search") => observableCtrl.search case POST(p"/case/artifact/_stats") => observableCtrl.stats - case POST(p"/case/$caseId/artifact") => observableCtrl.createInCase(caseId) // Audit ok + case POST(p"/case/$caseId/artifact") => observableCtrl.createInCase(caseId) case GET(p"/case/artifact/$observableId") => observableCtrl.get(observableId) - case DELETE(p"/case/artifact/$observableId") => observableCtrl.delete(observableId) // Audit ok - case PATCH(p"/case/artifact/_bulk") => observableCtrl.bulkUpdate // Audit ok - case PATCH(p"/case/artifact/$observableId") => observableCtrl.update(observableId) // Audit ok + case PATCH(p"/case/artifact/_bulk") => observableCtrl.bulkUpdate + case PATCH(p"/case/artifact/$observableId") => observableCtrl.update(observableId) + case DELETE(p"/case/artifact/$observableId") => observableCtrl.delete(observableId) + case POST(p"/alert/$alertId/artifact") => observableCtrl.createInAlert(alertId) + case GET(p"/alert/artifact/$observableId") => observableCtrl.get(observableId) + case PATCH(p"/alert/artifact/_bulk") => observableCtrl.bulkUpdate + case PATCH(p"/alert/artifact/$observableId") => observableCtrl.update(observableId) + case DELETE(p"/alert/artifact/$observableId") => observableCtrl.delete(observableId) case GET(p"/case/artifact/$observableId/similar") => observableCtrl.findSimilar(observableId) - case POST(p"/case/artifact/$observableId/shares") => shareCtrl.shareObservable(observableId) - case POST(p"/alert/$alertId/artifact") => observableCtrl.createInAlert(alertId) // Audit ok - case PATCH(p"/alert/artifact/$observableId") => observableCtrl.update(observableId) // Audit ok - case PATCH(p"/alert/artifact/_bulk") => observableCtrl.bulkUpdate // Audit ok - case DELETE(p"/alert/artifact/$observableId") => observableCtrl.delete(observableId) // Audit ok + // case POST(p"/case/:caseId/artifact/_search") => observableCtrl.findInCase(caseId) case GET(p"/case") => caseCtrl.search - case POST(p"/case") => caseCtrl.create // Audit ok - case GET(p"/case/$caseId") => caseCtrl.get(caseId) - case PATCH(p"/case/_bulk") => caseCtrl.bulkUpdate // Not used by the frontend - case PATCH(p"/case/$caseId") => caseCtrl.update(caseId) // Audit ok - case POST(p"/case/_merge/$caseIds") => caseCtrl.merge(caseIds) // Not implemented in backend and not used by frontend case POST(p"/case/_search") => caseCtrl.search case POST(p"/case/_stats") => caseCtrl.stats + case POST(p"/case") => caseCtrl.create + case GET(p"/case/$caseId") => caseCtrl.get(caseId) + case PATCH(p"/case/_bulk") => caseCtrl.bulkUpdate // Not used by the frontend + case PATCH(p"/case/$caseId") => caseCtrl.update(caseId) case DELETE(p"/case/$caseId") => caseCtrl.delete(caseId) // Not used by the frontend - case DELETE(p"/case/$caseId/force") => caseCtrl.delete(caseId) // Audit ok + case DELETE(p"/case/$caseId/force") => caseCtrl.delete(caseId) + case POST(p"/case/_merge/$caseIds") => caseCtrl.merge(caseIds) // Not implemented in backend and not used by frontend case GET(p"/case/$caseId/links") => caseCtrl.linkedCases(caseId) - case GET(p"/case/template") => caseTemplateCtrl.search - case POST(p"/case/template") => caseTemplateCtrl.create // Audit ok - case GET(p"/case/template/$caseTemplateId") => caseTemplateCtrl.get(caseTemplateId) - case PATCH(p"/case/template/$caseTemplateId") => caseTemplateCtrl.update(caseTemplateId) // Audit ok - case POST(p"/case/template/_search") => caseTemplateCtrl.search - case DELETE(p"/case/template/$caseTemplateId") => caseTemplateCtrl.delete(caseTemplateId) // Audit ok - case POST(p"/case/template/_search") => caseTemplateCtrl.search - case POST(p"/case/template/_stats") => caseTemplateCtrl.stats - - case GET(p"/user") => userCtrl.search - case POST(p"/user") => userCtrl.create // Audit ok - case GET(p"/user/current") => userCtrl.current - case GET(p"/user/$userId") => userCtrl.get(userId) - case PATCH(p"/user/$userId") => userCtrl.update(userId) // Audit ok - case DELETE(p"/user/$userId") => userCtrl.lock(userId) // Audit ok - case DELETE(p"/user/$userId/force") => userCtrl.delete(userId) // Audit ok - case POST(p"/user/$userId/password/set") => userCtrl.setPassword(userId) // Audit ok - case POST(p"/user/$userId/password/change") => userCtrl.changePassword(userId) // Audit ok - case GET(p"/user/$userId/key") => userCtrl.getKey(userId) - case DELETE(p"/user/$userId/key") => userCtrl.removeKey(userId) // Audit ok - case POST(p"/user/$userId/key/renew") => userCtrl.renewKey(userId) // Audit ok - case POST(p"/user/_search") => userCtrl.search - case POST(p"/user/_stats") => userCtrl.stats - - case GET(p"/list") => listCtrl.list - case DELETE(p"/list/$itemId") => listCtrl.deleteItem(itemId) - case PATCH(p"/list/$itemId") => listCtrl.updateItem(itemId) - case POST(p"/list/$listName") => listCtrl.addItem(listName) - case GET(p"/list/$listName") => listCtrl.listItems(listName) - case POST(p"/list/$listName/_exists") => listCtrl.itemExists(listName) - - case GET(p"/organisation") => organisationCtrl.list - case POST(p"/organisation") => organisationCtrl.create // Audit ok - case POST(p"/organisation/type/_search") => organisationCtrl.search - case POST(p"/organisation/type/_stats") => organisationCtrl.stats - case GET(p"/organisation/$organisationId") => organisationCtrl.get(organisationId) - case GET(p"/organisation/$organisationId/links") => organisationCtrl.listLinks(organisationId) - case PATCH(p"/organisation/$organisationId") => organisationCtrl.update(organisationId) // Audit ok - case PUT(p"/organisation/$organisationId1/link/$organisationId2") => organisationCtrl.link(organisationId1, organisationId2) - case PUT(p"/organisation/$organisationId1/links") => organisationCtrl.bulkLink(organisationId1) - case DELETE(p"/organisation/$organisationId1/link/$organisationId2") => organisationCtrl.unlink(organisationId1, organisationId2) + case GET(p"/config/user") => configCtrl.userList + case GET(p"/config/user/$path") => configCtrl.userGet(path) + case PUT(p"/config/user/$path") => configCtrl.userSet(path) + case GET(p"/config/organisation") => configCtrl.organisationList + case GET(p"/config/organisation/$path") => configCtrl.organisationGet(path) + case PUT(p"/config/organisation/$path") => configCtrl.organisationSet(path) + case GET(p"/config") => configCtrl.list + case GET(p"/config/$path") => configCtrl.get(path) + case PUT(p"/config/$path") => configCtrl.set(path) case GET(p"/customField") => customFieldCtrl.list + case POST(p"/customFields/_search") => customFieldCtrl.search + case POST(p"/customFields/_stats") => customFieldCtrl.stats case POST(p"/customField") => customFieldCtrl.create case GET(p"/customField/$id") => customFieldCtrl.get(id) - case DELETE(p"/customField/$id") => customFieldCtrl.delete(id) case PATCH(p"/customField/$id") => customFieldCtrl.update(id) + case DELETE(p"/customField/$id") => customFieldCtrl.delete(id) case GET(p"/customFields/$id/use") => customFieldCtrl.useCount(id) - case POST(p"/customFields/_search") => customFieldCtrl.search - case POST(p"/customFields/_stats") => customFieldCtrl.stats - - case GET(p"/alert") => alertCtrl.search - case POST(p"/alert") => alertCtrl.create // Audit ok - case GET(p"/alert/$alertId") => alertCtrl.get(alertId) - case PATCH(p"/alert/$alertId") => alertCtrl.update(alertId) // Audit ok - case POST(p"/alert/$alertId/markAsRead") => alertCtrl.markAsRead(alertId) // Audit ok - case POST(p"/alert/$alertId/markAsUnread") => alertCtrl.markAsUnread(alertId) // Audit ok - case POST(p"/alert/$alertId/follow") => alertCtrl.followAlert(alertId) // Audit ok - case POST(p"/alert/$alertId/unfollow") => alertCtrl.unfollowAlert(alertId) // Audit ok - case POST(p"/alert/$alertId/createCase") => alertCtrl.createCase(alertId) // Audit ok - case POST(p"/alert/_search") => alertCtrl.search - // PATCH /alert/_bulk controllers.AlertCtrl.bulkUpdate - case POST(p"/alert/delete/_bulk") => alertCtrl.bulkDelete - case POST(p"/alert/_stats") => alertCtrl.stats - case DELETE(p"/alert/$alertId") => alertCtrl.delete(alertId) // Audit ok - case POST(p"/alert/$alertId/merge/$caseId") => alertCtrl.mergeWithCase(alertId, caseId) // Audit ok - case POST(p"/alert/merge/_bulk") => alertCtrl.bulkMergeWithCase case GET(p"/dashboard") => dashboardCtrl.search case POST(p"/dashboard/_search") => dashboardCtrl.search case POST(p"/dashboard/_stats") => dashboardCtrl.stats - case POST(p"/dashboard") => dashboardCtrl.create // Audit ok + case POST(p"/dashboard") => dashboardCtrl.create case GET(p"/dashboard/$dashboardId") => dashboardCtrl.get(dashboardId) - case PATCH(p"/dashboard/$dashboardId") => dashboardCtrl.update(dashboardId) // Audit ok - case DELETE(p"/dashboard/$dashboardId") => dashboardCtrl.delete(dashboardId) // Audit ok + case PATCH(p"/dashboard/$dashboardId") => dashboardCtrl.update(dashboardId) + case DELETE(p"/dashboard/$dashboardId") => dashboardCtrl.delete(dashboardId) - case GET(p"/audit") => auditCtrl.flow(None) - case GET(p"/flow" ? q_o"rootId=$rootId") => auditCtrl.flow(rootId) - case GET(p"/audit") => auditCtrl.search - case POST(p"/audit/_search") => auditCtrl.search - case POST(p"/audit/_stats") => auditCtrl.stats + case GET(p"/describe/_all") => describeCtrl.describeAll + case GET(p"/describe/$modelName") => describeCtrl.describe(modelName) - case POST(p"/stream") => streamCtrl.create - case GET(p"/stream/status") => streamCtrl.status - case GET(p"/stream/$streamId") => streamCtrl.get(streamId) + case GET(p"/list") => listCtrl.list + case POST(p"/list/$listName") => listCtrl.addItem(listName) + case GET(p"/list/$listName") => listCtrl.listItems(listName) + case PATCH(p"/list/$itemId") => listCtrl.updateItem(itemId) + case DELETE(p"/list/$itemId") => listCtrl.deleteItem(itemId) + case POST(p"/list/$listName/_exists") => listCtrl.itemExists(listName) - case GET(p"/datastore/$id" ? q_o"name=$name") => attachmentCtrl.download(id, name) - case GET(p"/datastorezip/$id" ? q_o"name=$name") => attachmentCtrl.downloadZip(id, name) - case GET(p"/describe/_all") => describeCtrl.describeAll - case GET(p"/describe/$modelName") => describeCtrl.describe(modelName) + case GET(p"/observable/type") => observableTypeCtrl.search + case POST(p"/observable/type/_search") => observableTypeCtrl.search + case POST(p"/observable/type/_stats") => observableTypeCtrl.stats + case POST(p"/observable/type") => observableTypeCtrl.create + case GET(p"/observable/type/$idOrName") => observableTypeCtrl.get(idOrName) + case DELETE(p"/observable/type/$idOrName") => observableTypeCtrl.delete(idOrName) - case GET(p"/config/user") => configCtrl.userList - case GET(p"/config/user/$path") => configCtrl.userGet(path) - case PUT(p"/config/user/$path") => configCtrl.userSet(path) - case GET(p"/config/organisation") => configCtrl.organisationList - case GET(p"/config/organisation/$path") => configCtrl.organisationGet(path) - case PUT(p"/config/organisation/$path") => configCtrl.organisationSet(path) - case GET(p"/config") => configCtrl.list - case GET(p"/config/$path") => configCtrl.get(path) - case PUT(p"/config/$path") => configCtrl.set(path) + case GET(p"/organisation") => organisationCtrl.list + case POST(p"/organisation/_search") => organisationCtrl.search + case POST(p"/organisation/_stats") => organisationCtrl.stats + case POST(p"/organisation") => organisationCtrl.create + case GET(p"/organisation/$organisationId") => organisationCtrl.get(organisationId) + case PATCH(p"/organisation/$organisationId") => organisationCtrl.update(organisationId) + case PUT(p"/organisation/$organisationId1/link/$organisationId2") => organisationCtrl.link(organisationId1, organisationId2) + case PUT(p"/organisation/$organisationId/links") => organisationCtrl.bulkLink(organisationId) + case GET(p"/organisation/$organisationId/links") => organisationCtrl.listLinks(organisationId) + case DELETE(p"/organisation/$organisationId1/link/$organisationId2") => organisationCtrl.unlink(organisationId1, organisationId2) + + case POST(p"/page/_search") => pageCtrl.search + case POST(p"/page/_stats") => pageCtrl.stats + case POST(p"/page") => pageCtrl.create + case GET(p"/page/$idOrTitle") => pageCtrl.get(idOrTitle) + case PATCH(p"/page/$idOrTitle") => pageCtrl.update(idOrTitle) + case DELETE(p"/page/$idOrTitle") => pageCtrl.delete(idOrTitle) + + case GET(p"/permission") => permissionCtrl.list case GET(p"/profile") => profileCtrl.search case POST(p"/profile/_search") => profileCtrl.search @@ -210,25 +202,34 @@ class Router @Inject() ( case PATCH(p"/profile/$profileId") => profileCtrl.update(profileId) case DELETE(p"/profile/$profileId") => profileCtrl.delete(profileId) + case POST(p"/_stats") => statsCtrl.stats + + case GET(p"/status") => statusCtrl.get + case GET(p"/health") => statusCtrl.health + + case POST(p"/stream") => streamCtrl.create + case GET(p"/stream/status") => streamCtrl.status + case GET(p"/stream/$streamId") => streamCtrl.get(streamId) + + case GET(p"/tag") => tagCtrl.search case POST(p"/tag/_search") => tagCtrl.search case POST(p"/tag/_stats") => tagCtrl.stats case POST(p"/tag/_import") => tagCtrl.importTaxonomy case GET(p"/tag/$id") => tagCtrl.get(id) - case POST(p"/page/_search") => pageCtrl.search - case POST(p"/page/_stats") => pageCtrl.stats - case GET(p"/page/$idOrTitle") => pageCtrl.get(idOrTitle) - case POST(p"/page") => pageCtrl.create - case PATCH(p"/page/$idOrTitle") => pageCtrl.update(idOrTitle) - case DELETE(p"/page/$idOrTitle") => pageCtrl.delete(idOrTitle) - - case GET(p"/permission") => permissionCtrl.list - - case POST(p"/observable/type/_search") => observableTypeCtrl.search - case POST(p"/observable/type/_stats") => observableTypeCtrl.stats - case GET(p"/observable/type") => observableTypeCtrl.search - case GET(p"/observable/type/$idOrName") => observableTypeCtrl.get(idOrName) - case POST(p"/observable/type") => observableTypeCtrl.create - case DELETE(p"/observable/type/$idOrName") => observableTypeCtrl.delete(idOrName) + case GET(p"/user") => userCtrl.search + case POST(p"/user/_search") => userCtrl.search + case POST(p"/user/_stats") => userCtrl.stats + case POST(p"/user") => userCtrl.create + case GET(p"/user/current") => userCtrl.current + case GET(p"/user/$userId") => userCtrl.get(userId) + case PATCH(p"/user/$userId") => userCtrl.update(userId) + case DELETE(p"/user/$userId") => userCtrl.lock(userId) + case DELETE(p"/user/$userId/force") => userCtrl.delete(userId) + case POST(p"/user/$userId/password/set") => userCtrl.setPassword(userId) + case POST(p"/user/$userId/password/change") => userCtrl.changePassword(userId) + case GET(p"/user/$userId/key") => userCtrl.getKey(userId) + case DELETE(p"/user/$userId/key") => userCtrl.removeKey(userId) + case POST(p"/user/$userId/key/renew") => userCtrl.renewKey(userId) } }