#170 Improve the alerts list, filtering, preview + cleanup MISP secti…

…on code
TheHive-Project · Apr 11, 2017 · 4966c1c · 4966c1c
1 parent b337888
commit 4966c1c
Show file tree

Hide file tree

Showing 21 changed files with 217 additions and 650 deletions.
diff --git a/thehive-misp/app/connectors/misp/JsonFormat.scala b/thehive-misp/app/connectors/misp/JsonFormat.scala
@@ -54,7 +54,7 @@ object JsonFormat {
       tpe ← (json \ "type").validate[String]
       category ← (json \ "category").validate[String]
       uuid ← (json \ "uuid").validate[String]
-      eventId ← (json \ "id").validate[Long]
+      eventId ← (json \ "id").validate[String]
       timestamp ← (json \ "timestamp").validate[String]
       date = new Date(timestamp.toLong * 1000)
       comment ← (json \ "comment").validate[String]
@@ -66,9 +66,9 @@ object JsonFormat {
       tpe,
       category,
       uuid,
-      eventId,
+      eventId.toLong,
       date,
       comment,
       value,
       tags :+ s"MISP:category$category" :+ s"MISP:type=$tpe"))
-}
+}
diff --git a/ui/app/index.html b/ui/app/index.html
@@ -130,6 +130,7 @@
     <script src="scripts/controllers/admin/AdminObservablesCtrl.js"></script>
     <script src="scripts/controllers/admin/AdminReportTemplatesCtrl.js"></script>
     <script src="scripts/controllers/admin/AdminUsersCtrl.js"></script>
+    <script src="scripts/controllers/alert/AlertEventCtrl.js"></script>
     <script src="scripts/controllers/alert/AlertListCtrl.js"></script>
     <script src="scripts/controllers/alert/AlertStatsCtrl.js"></script>
     <script src="scripts/controllers/case/CaseCloseModalCtrl.js"></script>
@@ -149,9 +150,6 @@
     <script src="scripts/controllers/case/ObservableCreationCtrl.js"></script>
     <script src="scripts/controllers/case/ObservablesStatsCtrl.js"></script>
     <script src="scripts/controllers/cortex/CortexInstanceDialogCtrl.js"></script>
-    <script src="scripts/controllers/misp/MispBulkImportCtrl.js"></script>
-    <script src="scripts/controllers/misp/MispEventCtrl.js"></script>
-    <script src="scripts/controllers/misp/MispStatsCtrl.js"></script>
     <script src="scripts/directives/charts/c3Chart.js"></script>
     <script src="scripts/directives/charts/chart.js"></script>
     <script src="scripts/directives/charts/donut-chart.js"></script>

diff --git a/...scripts/controllers/misp/MispEventCtrl.js → ...ripts/controllers/alert/AlertEventCtrl.js b/...scripts/controllers/misp/MispEventCtrl.js → ...ripts/controllers/alert/AlertEventCtrl.js
@@ -1,7 +1,7 @@
 (function() {
     'use strict';
     angular.module('theHiveControllers')
-        .controller('MispEventCtrl', function($rootScope, $state, $uibModalInstance, MispSrv, NotificationSrv, event) {
+        .controller('AlertEventCtrl', function($scope, $rootScope, $state, $uibModalInstance, AlertingSrv, NotificationSrv, event) {
             var self = this;
             var eventId = event.id;
 
@@ -10,56 +10,68 @@
             self.pagination = {
                 pageSize: 10,
                 currentPage: 1,
+                filter: '',
                 data: []
             };
+            self.filteredArtifacts = [];
+
+            this.filterArtifacts = function(value) {
+                self.pagination.currentPage = 1;
+                this.pagination.filter= value;
+                this.loadPage();
+            };
 
             self.loadPage = function() {
                 var end = self.pagination.currentPage * self.pagination.pageSize;
                 var start = end - self.pagination.pageSize;
 
+                self.filteredArtifacts = self.pagination.filter === '' ? self.event.artifacts : _.filter(self.event.artifacts, function(item) {
+                    return item.dataType === self.pagination.filter;
+                });
+
                 var data = [];
-                angular.forEach(self.event.attributes.slice(start, end), function(d) {
+                angular.forEach(self.filteredArtifacts.slice(start, end), function(d) {
                     data.push(d);
                 });
 
                 self.pagination.data = data;
             };
 
             self.load = function() {
-                MispSrv.get(eventId).then(function(response) {
+                AlertingSrv.get(eventId).then(function(response) {
                     self.event = response.data;
                     self.loading = false;
 
-                    self.dataTypes = _.countBy(self.event.attributes, function(attr) {
+                    self.dataTypes = _.countBy(self.event.artifacts, function(attr) {
                         return attr.dataType;
                     });
 
                     self.loadPage();
                 }, function(response) {
                   self.loading = false;
-                  NotificationSrv.error('MispEventCtrl', response.data, response.status);
+                  NotificationSrv.error('AlertEventCtrl', response.data, response.status);
                   $uibModalInstance.dismiss();
                 });
             };
 
             self.import = function() {
                 self.loading = true;
-                MispSrv.create(self.event.id).then(function(response) {
+                AlertingSrv.create(self.event.id).then(function(response) {
                     $uibModalInstance.dismiss();
 
-                    $rootScope.$broadcast('misp:event-imported');
+                    $rootScope.$broadcast('alert:event-imported');
 
                     $state.go('app.case.details', {
                         caseId: response.data.id
                     });
                 }, function(response) {
                     self.loading = false;
-                    NotificationSrv.error('MispEventCtrl', response.data, response.status);
+                    NotificationSrv.error('AlertEventCtrl', response.data, response.status);
                 });
             };
 
             self.ignore = function(){
-                MispSrv.ignore(self.event.id).then(function( /*data*/ ) {
+                AlertingSrv.ignore(self.event.id).then(function( /*data*/ ) {
                     $uibModalInstance.dismiss();
                 });
             };
@@ -68,15 +80,15 @@
                 var fn = angular.noop;
 
                 if (self.event.follow === true) {
-                    fn = MispSrv.unfollow;
+                    fn = AlertingSrv.unfollow;
                 } else {
-                    fn = MispSrv.follow;
+                    fn = AlertingSrv.follow;
                 }
 
                 fn(self.event.id).then(function() {
                     self.load();
                 }).catch(function(response) {
-                    NotificationSrv.error('MispEventCtrl', response.data, response.status);
+                    NotificationSrv.error('AlertEventCtrl', response.data, response.status);
                 });
             };
 

diff --git a/ui/app/scripts/controllers/alert/AlertListCtrl.js b/ui/app/scripts/controllers/alert/AlertListCtrl.js
@@ -1,7 +1,7 @@
 (function() {
     'use strict';
     angular.module('theHiveControllers')
-        .controller('AlertListCtrl', function($scope, $q, $state, $uibModal, AlertingSrv, NotificationSrv, FilteringSrv) {
+        .controller('AlertListCtrl', function($scope, $q, $state, $uibModal, AlertingSrv, NotificationSrv, FilteringSrv, Severity) {
             var self = this;
 
             self.list = [];
@@ -55,6 +55,15 @@
                         defaultValue: [],
                         label: 'Source'
                     },
+                    severity: {
+                        field: 'severity',
+                        type: 'list',
+                        defaultValue: [],
+                        convert: function(value) {
+                            // Convert the text value to its numeric representation
+                            return Severity.keys[value];
+                        }
+                    },
                     title: {
                         field: 'title',
                         type: 'string',
@@ -313,12 +322,18 @@
                     });
             };
 
+            this.filterBySeverity = function(numericSev) {
+                self.addFilterValue('severity', Severity.values[numericSev]);
+            };
+
             this.sortBy = function(sort) {
                 self.list.sort = sort;
                 self.list.update();
                 self.filtering.setSort(sort);
             };
 
+            this.getSeverities = self.filtering.getSeverities;
+
             this.getStatuses = function(query) {
                 return AlertingSrv.statuses(query);
             };

diff --git a/ui/app/scripts/controllers/misp/MispBulkImportCtrl.js b/ui/app/scripts/controllers/misp/MispBulkImportCtrl.js
diff --git a/ui/app/scripts/controllers/misp/MispStatsCtrl.js b/ui/app/scripts/controllers/misp/MispStatsCtrl.js
diff --git a/ui/app/scripts/services/AlertingSrv.js b/ui/app/scripts/services/AlertingSrv.js
@@ -20,7 +20,7 @@
                 },
 
                 get: function(alertId) {
-                    return $http.get(baseUrl + '/get/' + alertId);
+                    return $http.get(baseUrl + '/' + alertId);
                 },
 
                 create: function(alertId) {

diff --git a/ui/app/scripts/services/FilteringSrv.js b/ui/app/scripts/services/FilteringSrv.js
@@ -1,7 +1,7 @@
 (function() {
     'use strict';
     angular.module('theHiveServices')
-        .service('FilteringSrv', function($q, localStorageService) {
+        .service('FilteringSrv', function($q, localStorageService, Severity) {
             return function(sectionName, config) {
                 var self = this;
 
@@ -37,7 +37,7 @@
                             sort: self.defaults.sort || []
                         };
 
-                        self.filters = self.defaultFilter;                        
+                        self.filters = self.defaultFilter;
                         self.activeFilters = _.mapObject(self.defaultFilter || {}, function(val){
                             return _.omit(val, 'field', 'filter');
                         });
@@ -89,14 +89,15 @@
 
                 self.addFilter = function(field, value) {
                     var query,
-                        filterDef = self.filterDefs[field];
+                        filterDef = self.filterDefs[field],
+                        convertFn = filterDef.convert || angular.identity;
 
                     // Prepare the filter value
                     if (field === 'keyword') {
                         query = value;
                     } else if (angular.isArray(value) && value.length > 0) {
                         query = _.map(value, function(val) {
-                            return field + ':"' + val.text + '"';
+                            return field + ':"' + convertFn(val.text) + '"';
                         }).join(' OR ');
                         query = '(' + query + ')';
                     } else if (filterDef.type === 'date') {
@@ -106,7 +107,7 @@
                         query = field + ':[ ' + fromDate + ' TO ' + toDate + ' ]';
 
                     } else {
-                        query = field + ':' + value;
+                        query = field + ':' + convertFn(value);
                     }
 
                     self.filters[field] = {
@@ -195,6 +196,25 @@
                     self.context.activeFilters = self.activeFilters;
                     localStorageService.set(self.sectionName, self.context);
                 };
-            }
+
+                this.getSeverities = function(query) {
+                    var defer = $q.defer();
+
+                    $q.resolve(_.map(Severity.keys, function(value, key) {
+                        return {text: key};
+                    })).then(function(response) {
+                        var severities = [];
+
+                        severities = _.filter(response, function(sev) {
+                            var regex = new RegExp(query, 'gi');
+                            return regex.test(sev.text);
+                        });
+
+                        defer.resolve(severities);
+                    });
+
+                    return defer.promise;
+                };
+            };
         });
 })();