From 8b0e157b1a43b887ba751c13abb0fd237246852d Mon Sep 17 00:00:00 2001
From: Nabil Adouani <nabil.adouani@gmail.com>
Date: Tue, 12 Feb 2019 14:54:56 +0100
Subject: [PATCH 01/29] #863 Add more details to the alert and case audit logs
 in search page

---
 ui/app/views/directives/search/audit.html | 125 ++++++++++++++++------
 ui/app/views/directives/search/task.html  |   2 +-
 2 files changed, 95 insertions(+), 32 deletions(-)

diff --git a/ui/app/views/directives/search/audit.html b/ui/app/views/directives/search/audit.html
index 0458e7ab5b..215427b40c 100644
--- a/ui/app/views/directives/search/audit.html
+++ b/ui/app/views/directives/search/audit.html
@@ -1,39 +1,102 @@
-<div class="search-item-title" ng-switch="value.objectType">
-    <a href ng-switch-when="user">
-        {{value.operation}} of {{value.objectType}} <br>
-        <em class="text-muted"><span>{{value.stats.name}}</span></em>
-    </a>
-    <a href ng-switch-when="case" ui-sref="app.case.details({caseId: value.objectId})">
-        {{value.operation}} of {{value.objectType}} <br>
-        <em class="text-muted"><span>{{value.stats.title || value.details.title}}</span></em>
-    </a>
-    <a href ng-switch-when="case_task">
-        {{value.operation}} of task <br>
-        <em class="text-muted"><span>{{value.stats.title || value.details.title}}</span></em>
-    </a>
-    <a href ng-switch-when="case_task_log">
-        {{value.operation}} of task log
-    </a>
-    <a href ng-switch-when="case_artifact" ui-sref="app.case.observables-item({caseId: value.stats.case.id, itemId: value.stats.id})">
-        {{value.operation}} of observable <br>
-        <em class="text-muted"><span>{{value.stats.data}}</span></em>
-    </a>
-    <a href ng-switch-when="case_artifact_job">
-        {{value.operation}} of observable job <br>
-        <em class="text-muted"><span>{{value.stats.analyzerName}}</span></em>
-    </a>
-    <a href ng-switch-when="alert">
-        {{value.operation}} of alert <br>
-        <em class="text-muted"><span>{{value.stats.title}}</span></em>
-    </a>
-</div>
-<div>
+<div class="mb-xs">
     <i class="glyphicon glyphicon-user"></i>
-    <span>{{getUserInfo.get(value.createdBy) | getField: 'name'}}</span>
+    <span>by {{getUserInfo.get(value.createdBy) | getField: 'name'}}</span>
 
     <i class="glyphicon glyphicon-calendar ml-xxs"></i>
     Occurred on <span ng-bind="value.startDate | showDate"> </span>
 </div>
+
+<div ng-switch="value.objectType">
+    <div ng-switch-when="user">
+        <div class="search-item-title">
+            <a href>
+            {{value.operation}} of {{value.objectType}} <br>
+            <em class="text-muted"><span>{{value.stats.name}}</span></em>
+            </a>
+        </div>
+    </div>
+    <div ng-switch-when="case" ui-sref="app.case.details({caseId: value.objectId})">
+        <div class="search-item-title">
+            <a href>
+            {{value.operation}} of {{value.objectType}} <br>
+            <em class="text-muted"><span>{{value.stats.title || value.details.title}}</span></em>
+            </a>
+        </div>
+        <div>
+            <i class="glyphicon glyphicon-user"></i>
+            <span>{{getUserInfo.get(value.stats.owner) | getField: 'name'}}</span>
+
+            <i class="glyphicon glyphicon-calendar ml-xxs"></i>
+            <span ng-bind="value.stats.startDate | showDate"></span>
+
+            <span ng-if="value.stats.endDate" class="text-success">
+                (
+                <strong>Closed</strong>
+                on
+                {{value.stats.endDate | showDate}}
+                as
+                <strong>{{value.stats.resolutionStatus}}</strong>)
+            </span>
+        </div>
+    </div>
+    <div ng-switch-when="case_task">
+        <div class="search-item-title">
+            <a href>
+            {{value.operation}} of task <br>
+            <em class="text-muted"><span>{{value.stats.title || value.details.title}}</span></em>
+            </a>
+        </div>
+    </div>
+    <div ng-switch-when="case_task_log">
+        <div class="search-item-title">
+            <a href>
+            {{value.operation}} of task log
+            </a>
+        </div>
+    </div>
+    <div ng-switch-when="case_artifact" ui-sref="app.case.observables-item({caseId: value.stats.case.id, itemId: value.stats.id})">
+        <div class="search-item-title">
+            <a href>
+            {{value.operation}} of observable <br>
+            <em class="text-muted"><span>{{value.stats.data}}</span></em>
+            </a>
+        </div>
+    </div>
+    <div ng-switch-when="case_artifact_job">
+        <div class="search-item-title">
+            <a href>
+            {{value.operation}} of observable job <br>
+            <em class="text-muted"><span>{{value.stats.analyzerName}}</span></em>
+            </a>
+        </div>
+    </div>
+    <div ng-switch-when="alert">
+        <div class="search-item-title">
+            <a href>
+            {{value.operation}} of alert<br>
+            <em class="text-muted"><span>{{value.stats.title}}</span></em>
+            </a>
+        </div>
+        <div>
+            <span>
+                <i class="fa fa-calendar"></i> Date:
+                <strong class="text-muted">{{value.stats.date | showDate}}</strong>
+            </span>
+            <span class="ml-xxs">
+                <i class="fa fa-certificate"></i> Type:
+                <strong class="text-muted">{{value.stats.type}}</strong>
+            </span>
+            <span class="ml-xxs">
+                <i class="fa fa-barcode"></i> Reference:
+                <strong class="text-muted">{{value.stats.sourceRef}}</strong>
+            </span>
+            <span class="ml-xxs">
+                <i class="fa fa-bullseye"></i> Source:
+                <strong class="text-muted">{{value.stats.source}}</strong>
+            </span>
+        </div>
+    </div>
+</div>
 <div class="mt-xs wrap">
     <strong>Details (<a href ng-show="!value.show" ng-click="value.show = true">Expand</a><a href ng-show="value.show" ng-click="value.show = false">Collapse</a>)</strong>
     <pre ng-show="value.show">{{value.details | flattern | json}}</pre>
diff --git a/ui/app/views/directives/search/task.html b/ui/app/views/directives/search/task.html
index fdf590e6ba..0eec85211a 100644
--- a/ui/app/views/directives/search/task.html
+++ b/ui/app/views/directives/search/task.html
@@ -7,7 +7,7 @@
     <i class="glyphicon glyphicon-user"></i>
     <span>{{getUserInfo.get(value.owner) | getField: 'name'}}</span>
 
-    <i class="glyphicon glyphicon-calendar ml-xxs"></i>
+    <i class="glyphicon glyphicon-calendar ml-xxs" ng-if="value.startDate"></i>
     <span ng-bind="value.startDate | showDate"></span>
 </div>
 <div class="mt-xs wrap">

From e9ee614d58c427393bb16c61f53fee86e15ceabb Mon Sep 17 00:00:00 2001
From: Nabil Adouani <nabil.adouani@gmail.com>
Date: Tue, 12 Feb 2019 16:27:37 +0100
Subject: [PATCH 02/29] #485 Disallow clicking on dashboard items in edit mode

---
 .../dashboard/DashboardViewCtrl.js            | 20 +++++++++----------
 .../scripts/directives/dashboard/counter.js   | 18 +++++++----------
 ui/app/scripts/directives/dashboard/donut.js  |  7 +++++--
 ui/app/scripts/directives/dashboard/item.js   | 10 +++++-----
 ui/app/views/directives/dashboard/item.html   |  6 +++---
 ui/app/views/partials/dashboard/view.html     |  2 +-
 6 files changed, 31 insertions(+), 32 deletions(-)

diff --git a/ui/app/scripts/controllers/dashboard/DashboardViewCtrl.js b/ui/app/scripts/controllers/dashboard/DashboardViewCtrl.js
index 4c2c404e28..7e3805a96d 100644
--- a/ui/app/scripts/controllers/dashboard/DashboardViewCtrl.js
+++ b/ui/app/scripts/controllers/dashboard/DashboardViewCtrl.js
@@ -82,7 +82,7 @@
                 this.periodFilter = this.buildDashboardPeriodFilter(period);
 
                 $scope.$broadcast('refresh-chart', this.periodFilter);
-            }
+            };
 
             this.removeContainer = function(index) {
                 var row = this.definition.items[index];
@@ -95,28 +95,28 @@
                     promise = ModalUtilsSrv.confirm('Remove widget', 'Are you sure you want to remove this item', {
                         okText: 'Yes, remove it',
                         flavor: 'danger'
-                    })
+                    });
                 }
 
                 promise.then(function() {
-                    self.definition.items.splice(index, 1)
+                    self.definition.items.splice(index, 1);
                 });
-            }
+            };
 
             this.saveDashboard = function() {
                 var copy = _.pick(this.dashboard, 'title', 'description', 'status');
                 copy.definition = angular.toJson(this.definition);
 
                 DashboardSrv.update(this.dashboard.id, copy)
-                    .then(function(response) {
+                    .then(function(/*response*/) {
                         self.options.editLayout = false;
                         self.resizeCharts();
                         NotificationSrv.log('The dashboard has been successfully updated', 'success');
                     })
                     .catch(function(err) {
                         NotificationSrv.error('DashboardEditCtrl', err.data, err.status);
-                    })
-            }
+                    });
+            };
 
             this.removeItem = function(rowIndex, colIndex) {
 
@@ -151,15 +151,15 @@
                 }
 
                 return item;
-            }
+            };
 
             this.itemDragStarted = function(colIndex, row) {
                 row.items.splice(colIndex, 1);
-            }
+            };
 
             this.exportDashboard = function() {
                 DashboardSrv.exportDashboard(this.dashboard);
-            }
+            };
 
             this.resizeCharts = function() {
                 $timeout(function() {
diff --git a/ui/app/scripts/directives/dashboard/counter.js b/ui/app/scripts/directives/dashboard/counter.js
index 8d8825e0a6..6997297622 100644
--- a/ui/app/scripts/directives/dashboard/counter.js
+++ b/ui/app/scripts/directives/dashboard/counter.js
@@ -56,29 +56,25 @@
                                 name: name,
                                 label: serie.label,
                                 value: data[name] || 0
-                            }
+                            };
                         });
 
-                    }, function(err) {
+                    }, function(/*err*/) {
                         scope.error = true;
                         NotificationSrv.log('Failed to fetch data, please edit the widget definition', 'error');
                     });
                 };
 
                 scope.openSearch = function(item) {
-                  var criteria = [{ _type: scope.options.entity }, item.serie.query];
-
-                  if (scope.globalQuery && scope.globalQuery !== '*') {
-                      criteria.push(scope.globalQuery);
+                  if(scope.mode === 'edit') {
+                      return;
                   }
 
-                  var searchQuery = {
-                      _and: _.without(criteria, null, undefined, '')
-                  };
+                  var filters = (scope.options.filters || []).concat(item.serie.filters || []);
 
                   GlobalSearchSrv.saveSection(scope.options.entity, {
-                      search: null,
-                      filters: scope.options.filters.concat(item.serie.filters)
+                      search: filters.length === 0 ? '*' : null,
+                      filters: filters
                   });
                   $state.go('app.search');
                 };
diff --git a/ui/app/scripts/directives/dashboard/donut.js b/ui/app/scripts/directives/dashboard/donut.js
index a0f4393bc3..078d657031 100644
--- a/ui/app/scripts/directives/dashboard/donut.js
+++ b/ui/app/scripts/directives/dashboard/donut.js
@@ -81,8 +81,11 @@
                                     names: scope.options.names || {},
                                     colors: scope.options.colors || {},
                                     onclick: function(d) {
+                                        if(scope.mode === 'edit') {
+                                            return;
+                                        }
+
                                         var fieldDef = scope.entity.attributes[scope.options.field];
-                                        var fieldType = fieldDef.type;
 
                                         var data = {
                                             field: scope.options.field,
@@ -107,7 +110,7 @@
                                 }
                             };
                         },
-                        function(err) {
+                        function(/*err*/) {
                             scope.error = true;
                             NotificationSrv.log('Failed to fetch data, please edit the widget definition', 'error');
                         }
diff --git a/ui/app/scripts/directives/dashboard/item.js b/ui/app/scripts/directives/dashboard/item.js
index 5863d8188c..837ea15e26 100644
--- a/ui/app/scripts/directives/dashboard/item.js
+++ b/ui/app/scripts/directives/dashboard/item.js
@@ -1,6 +1,6 @@
 (function() {
     'use strict';
-    angular.module('theHiveDirectives').directive('dashboardItem', function(DashboardSrv, UserSrv, $uibModal, $timeout, $q) {
+    angular.module('theHiveDirectives').directive('dashboardItem', function(DashboardSrv, UserSrv, $uibModal, $timeout) {
         return {
             restrict: 'E',
             replace: true,
@@ -13,13 +13,13 @@
                 autoload: '=',
                 refreshOn: '@',
                 resizeOn: '@',
-                mode: '@',
+                mode: '=',
                 showEdit: '=',
                 showRemove: '=',
                 onRemove: '&'
             },
             templateUrl: 'views/directives/dashboard/item.html',
-            link: function(scope, element) {
+            link: function(scope/*, element*/) {
                 scope.typeClasses = DashboardSrv.typeClasses;
                 scope.timeIntervals = DashboardSrv.timeIntervals;
                 scope.aggregations = DashboardSrv.aggregations;
@@ -35,7 +35,7 @@
                 scope.query = null;
 
                 if(scope.component.id) {
-                    scope.$on('edit-chart-' + scope.component.id, function(data) {
+                    scope.$on('edit-chart-' + scope.component.id, function(/*data*/) {
                         scope.editItem();
                     });
                 }
@@ -72,7 +72,7 @@
                             if(serie.filters) {
                                 serie.query = DashboardSrv.buildFiltersQuery(scope.metadata[entity || serie.entity].attributes, serie.filters);
                             }
-                        })
+                        });
 
                         scope.component.options = definition;
 
diff --git a/ui/app/views/directives/dashboard/item.html b/ui/app/views/directives/dashboard/item.html
index adb6435556..08bd60745c 100644
--- a/ui/app/views/directives/dashboard/item.html
+++ b/ui/app/views/directives/dashboard/item.html
@@ -1,7 +1,7 @@
 <div class="box box-primary">
     <div class="box-header with-border">
         <h3 class="box-title">
-            <i class="mr-xxs fa" ng-class="typeClasses[component.type]"></i>{{component.options.title || 'No title'}}
+            <i class="mr-xxs fa" ng-class="typeClasses[component.type]"></i>{{component.options.title || 'No title'}} {{mode}}
         </h3>
 
         <div class="box-tools pull-right">
@@ -13,11 +13,11 @@ <h3 class="box-title">
             </a>
 
         </div>
-        <div class="box-tools pull-right" ng-if="mode === 'edit'">
+        <!-- <div class="box-tools pull-right" ng-if="mode === 'edit'">
             <button type="button" class="btn btn-box-tool" >
                 <i class="fa fa-save"></i> Save
             </button>
-        </div>
+        </div> -->
     </div>
     <div class="box-body" ng-switch="component.type">
         <dashboard-donut ng-switch-when="donut"
diff --git a/ui/app/views/partials/dashboard/view.html b/ui/app/views/partials/dashboard/view.html
index fd344105f0..2c7cba6221 100644
--- a/ui/app/views/partials/dashboard/view.html
+++ b/ui/app/views/partials/dashboard/view.html
@@ -101,7 +101,7 @@ <h3 class="box-title">
             dnd-drop="$vm.itemInserted(item, $vm.definition.items, rowIndex, index)">
             <dashboard-item ng-repeat="(colIndex, component) in row.items"
                 autoload="true"
-                mode="view"
+                mode="$vm.options.editLayout ? 'edit' : 'view'"
                 row-index="rowIndex"
                 col-index="colIndex"
                 component="component"

From cd063742bd6605d7c3c05819191aed551d51b210 Mon Sep 17 00:00:00 2001
From: Nabil Adouani <nabil.adouani@gmail.com>
Date: Tue, 12 Feb 2019 17:09:57 +0100
Subject: [PATCH 03/29] #829 Fix error handling on observable dialog

---
 ui/app/scripts/controllers/case/ObservableCreationCtrl.js | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/ui/app/scripts/controllers/case/ObservableCreationCtrl.js b/ui/app/scripts/controllers/case/ObservableCreationCtrl.js
index e644dd38a3..1dc5f1adb6 100644
--- a/ui/app/scripts/controllers/case/ObservableCreationCtrl.js
+++ b/ui/app/scripts/controllers/case/ObservableCreationCtrl.js
@@ -142,16 +142,13 @@
             $scope.handleSaveFailure = function(response) {
                 $scope.pendingAsync = false;
 
-                if (response.status === 400) {
+                if (response.status === 400 && response.data.type === 'ConflictError') {
                     $scope.failedObservables = $scope.getFailedObservables(response.data);
 
                     $scope.step = 'error';
-
                 } else {
-										if(response.data.type === "java.io.IOException") {
+										if(response.data.type) {
                         NotificationSrv.error('ObservableCreationCtrl', response.data.message, response.status);
-                    } else if(response.data.type === "InternalError") {
-											  NotificationSrv.error('ObservableCreationCtrl', response.data.message, response.status);
                     } else {
                         NotificationSrv.error('ObservableCreationCtrl', 'An unexpected error occurred while creating the observables', response.status);
                     }

From 2279f6adff4656007db7040b1b0c0f664c302924 Mon Sep 17 00:00:00 2001
From: Nabil Adouani <nabil.adouani@gmail.com>
Date: Tue, 12 Feb 2019 17:39:33 +0100
Subject: [PATCH 04/29] #829 Don't close observable creation dialog if it fails

---
 ui/app/scripts/controllers/case/ObservableCreationCtrl.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ui/app/scripts/controllers/case/ObservableCreationCtrl.js b/ui/app/scripts/controllers/case/ObservableCreationCtrl.js
index 1dc5f1adb6..0e9b05c56e 100644
--- a/ui/app/scripts/controllers/case/ObservableCreationCtrl.js
+++ b/ui/app/scripts/controllers/case/ObservableCreationCtrl.js
@@ -153,7 +153,7 @@
                         NotificationSrv.error('ObservableCreationCtrl', 'An unexpected error occurred while creating the observables', response.status);
                     }
 
-                    $uibModalInstance.close(response);
+                    //$uibModalInstance.close(response);
                 }
 
             };

From cd436ea294289d3dce2c73c3cecddd3a59b7ae78 Mon Sep 17 00:00:00 2001
From: To-om <toom@thehive-project.org>
Date: Tue, 12 Feb 2019 18:15:26 +0100
Subject: [PATCH 05/29] #871 Fix MISP synchro log message

---
 thehive-misp/app/connectors/misp/MispSynchro.scala | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/thehive-misp/app/connectors/misp/MispSynchro.scala b/thehive-misp/app/connectors/misp/MispSynchro.scala
index 37fbd84fe1..eca5e3ba7d 100644
--- a/thehive-misp/app/connectors/misp/MispSynchro.scala
+++ b/thehive-misp/app/connectors/misp/MispSynchro.scala
@@ -134,9 +134,10 @@ class MispSynchro @Inject() (
   }
 
   def synchronize(mispConnection: MispConnection, lastSyncDate: Option[Date])(implicit authContext: AuthContext): Source[Try[Alert], NotUsed] = {
-    logger.info(s"Synchronize MISP ${mispConnection.name} from $lastSyncDate")
+    val syncFrom = mispConnection.syncFrom(lastSyncDate.getOrElse(new Date(0)))
+    logger.info(s"Last synchronization of MISP ${mispConnection.name} is ${lastSyncDate.fold("Never")(_.toString)}, synchronize from $syncFrom")
     // get events that have been published after the last synchronization
-    mispSrv.getEventsFromDate(mispConnection, mispConnection.syncFrom(lastSyncDate.getOrElse(new Date(0))))
+    mispSrv.getEventsFromDate(mispConnection, syncFrom)
       // get related alert
       .mapAsyncUnordered(1) { event ⇒
         logger.trace(s"Looking for alert misp:${event.source}:${event.sourceRef}")

From adbec9085c6337b72e5c5e85b07ee4e88a098e51 Mon Sep 17 00:00:00 2001
From: ZAch Priddy <zach.priddy@getcruise.com>
Date: Tue, 12 Feb 2019 20:39:55 -0800
Subject: [PATCH 06/29] Fix Update Label to Warning

---
 ui/app/views/directives/search/alert.html | 2 +-
 ui/app/views/partials/alert/list.html     | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/ui/app/views/directives/search/alert.html b/ui/app/views/directives/search/alert.html
index 603ac007b1..180e6627ca 100644
--- a/ui/app/views/directives/search/alert.html
+++ b/ui/app/views/directives/search/alert.html
@@ -39,7 +39,7 @@
 <div class="mt-xs wrap">
     <strong>Status:</strong>
     <div>
-      <span class="label label-default" ng-class="{'label-danger': value.status==='New', 'label-warning': value.status === 'Update'}">{{value.status}}</span>
+      <span class="label label-default" ng-class="{'label-danger': value.status==='New', 'label-warning': value.status === 'Updated'}">{{value.status}}</span>
     </div>
 </div>
 <div class="mt-xs wrap">
diff --git a/ui/app/views/partials/alert/list.html b/ui/app/views/partials/alert/list.html
index 8b3bfcbab5..34a018504f 100644
--- a/ui/app/views/partials/alert/list.html
+++ b/ui/app/views/partials/alert/list.html
@@ -114,7 +114,7 @@ <h3 class="box-title">List of alerts ({{$vm.list.total || 0}} of {{alertEvents.c
                                         <span><a href ng-click="$vm.addFilterValue('type', event.type)">{{::event.type}}</a></span>
                                     </td>
                                     <td>
-                                        <span class="clickable label label-default" ng-class="{'label-danger': event.status==='New', 'label-warning': event.status === 'Update'}" ng-click="$vm.addFilterValue('status', event.status)">{{::event.status}}</span>
+                                        <span class="clickable label label-default" ng-class="{'label-danger': event.status==='New', 'label-warning': event.status === 'Updated'}" ng-click="$vm.addFilterValue('status', event.status)">{{::event.status}}</span>
                                     </td>
                                     <td class="wrap">
                                         <div class="case-title">

From e179b6e4ad346336cb82de3e9117d9e416215df1 Mon Sep 17 00:00:00 2001
From: To-om <toom@thehive-project.org>
Date: Wed, 13 Feb 2019 09:19:24 +0100
Subject: [PATCH 07/29] #869 Use observable TLP if possible when executing a
 responder

---
 .../connectors/cortex/services/ActionOperation.scala | 12 ++++++++++++
 .../connectors/cortex/services/CortexActionSrv.scala | 12 ++++++++----
 2 files changed, 20 insertions(+), 4 deletions(-)

diff --git a/thehive-cortex/app/connectors/cortex/services/ActionOperation.scala b/thehive-cortex/app/connectors/cortex/services/ActionOperation.scala
index 061d5dc5dd..8a13182648 100644
--- a/thehive-cortex/app/connectors/cortex/services/ActionOperation.scala
+++ b/thehive-cortex/app/connectors/cortex/services/ActionOperation.scala
@@ -139,6 +139,18 @@ class ActionOperationSrv @Inject() (
     }
   }
 
+  def findArtifactEntity(entity: BaseEntity): Future[Artifact] = {
+    import org.elastic4play.services.QueryDSL._
+
+    (entity, entity.model) match {
+      case (a: Artifact, _) ⇒ Future.successful(a)
+      case (_, model: ChildModelDef[_, _, _, _]) ⇒
+        findSrv(model.parentModel, "_id" ~= entity.parentId.getOrElse(throw InternalError(s"Child entity $entity has no parent ID")), Some("0-1"), Nil)
+          ._1.runWith(Sink.head).flatMap(findArtifactEntity _)
+      case _ ⇒ Future.failed(BadRequestError("Artifact not found"))
+    }
+  }
+
   def execute(entity: BaseEntity, operation: ActionOperation)(implicit authContext: AuthContext): Future[ActionOperation] = {
     if (operation.status == ActionOperationStatus.Waiting) {
       Retry()(classOf[VersionConflictEngineException]) {
diff --git a/thehive-cortex/app/connectors/cortex/services/CortexActionSrv.scala b/thehive-cortex/app/connectors/cortex/services/CortexActionSrv.scala
index 6b6f068c30..35819f25b1 100644
--- a/thehive-cortex/app/connectors/cortex/services/CortexActionSrv.scala
+++ b/thehive-cortex/app/connectors/cortex/services/CortexActionSrv.scala
@@ -72,10 +72,14 @@ class CortexActionSrv @Inject() (
 
   def findResponderFor(entityType: String, entityId: String): Future[Seq[Responder]] = {
     for {
-      (tlp, pap) ← getEntity(entityType, entityId)
-        .flatMap(actionOperationSrv.findCaseEntity)
-        .map { caze ⇒ (caze.tlp(), caze.pap()) }
-        .recover { case _ ⇒ (0L, 0L) }
+      entity ← getEntity(entityType, entityId)
+      artifactTlp ← actionOperationSrv
+        .findArtifactEntity(entity)
+        .map(a ⇒ Some(a.tlp()))
+        .recover { case _ ⇒ None }
+      (tlp, pap) ← actionOperationSrv.findCaseEntity(entity)
+        .map { caze ⇒ (artifactTlp.getOrElse(caze.tlp()), caze.pap()) }
+        .recover { case _ ⇒ (artifactTlp.getOrElse(0L), 0L) }
       query = Json.obj(
         "dataTypeList" → s"thehive:$entityType")
       responders ← findResponders(query)

From 639558ff08ec0b3100ce4d7fc1d0797994ffdd82 Mon Sep 17 00:00:00 2001
From: Nabil Adouani <nabil.adouani@gmail.com>
Date: Wed, 13 Feb 2019 11:55:17 +0100
Subject: [PATCH 08/29] #870 Add alert id copy link

---
 ui/app/scripts/controllers/alert/AlertEventCtrl.js | 6 +++++-
 ui/app/views/partials/alert/event.dialog.html      | 8 +++++++-
 2 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/ui/app/scripts/controllers/alert/AlertEventCtrl.js b/ui/app/scripts/controllers/alert/AlertEventCtrl.js
index 692c86733e..1176842eee 100644
--- a/ui/app/scripts/controllers/alert/AlertEventCtrl.js
+++ b/ui/app/scripts/controllers/alert/AlertEventCtrl.js
@@ -1,7 +1,7 @@
 (function() {
     'use strict';
     angular.module('theHiveControllers')
-        .controller('AlertEventCtrl', function($scope, $rootScope, $state, $uibModal, $uibModalInstance, CustomFieldsCacheSrv, CaseResolutionStatus, AlertingSrv, NotificationSrv, event, templates) {
+        .controller('AlertEventCtrl', function($scope, $rootScope, $state, $uibModal, $uibModalInstance, CustomFieldsCacheSrv, CaseResolutionStatus, AlertingSrv, NotificationSrv, clipboard, event, templates) {
             var self = this;
             var eventId = event.id;
 
@@ -254,6 +254,10 @@
                 }
             };
 
+            self.copyId = function(id) {
+                clipboard.copyText(id);
+            };
+
             self.load();
         });
 })();
diff --git a/ui/app/views/partials/alert/event.dialog.html b/ui/app/views/partials/alert/event.dialog.html
index 50d1a948ad..84d5c44c2e 100644
--- a/ui/app/views/partials/alert/event.dialog.html
+++ b/ui/app/views/partials/alert/event.dialog.html
@@ -1,5 +1,7 @@
 <div class="modal-header bg-primary">
-    <h3 class="modal-title">Alert Preview <span class="label label-default" ng-class="{'label-danger': dialog.event.status==='New', 'label-warning': dialog.event.status === 'Updated'}">{{dialog.event.status}}</span></h3>
+    <h3 class="modal-title">
+      Alert Preview <span class="label label-default" ng-class="{'label-danger': dialog.event.status==='New', 'label-warning': dialog.event.status === 'Updated'}">{{dialog.event.status}}</span>
+    </h3>
 </div>
 <div class="modal-body">
     <div class="row text-center" ng-show="dialog.loading">
@@ -17,6 +19,10 @@ <h4 class="text-primary">
                 </h4>
                 <div class="mt-xxs">
                     <span>
+                        <strong><i class="fa fa-copy"></i> ID: </strong>
+                        <span><a href ng-click="dialog.copyId(dialog.event.id)">{{dialog.event.id}}</a></span>
+                    </span>
+                    <span class="ml-xxs">
                         <strong><i class="fa fa-calendar"></i> Date: </strong>
                         <span>{{dialog.event.date | showDate}}</span>
                     </span>

From de022a7781078c503d4d554385c65cdb89497d64 Mon Sep 17 00:00:00 2001
From: To-om <toom@thehive-project.org>
Date: Wed, 13 Feb 2019 14:12:19 +0100
Subject: [PATCH 09/29] #856 Don't set alert status to "Update" if it is "New"

---
 thehive-backend/app/services/AlertSrv.scala | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/thehive-backend/app/services/AlertSrv.scala b/thehive-backend/app/services/AlertSrv.scala
index dba52ca660..115236c1af 100644
--- a/thehive-backend/app/services/AlertSrv.scala
+++ b/thehive-backend/app/services/AlertSrv.scala
@@ -146,7 +146,7 @@ class AlertSrv(
 
   def update(alert: Alert, fields: Fields, modifyConfig: ModifyConfig)(implicit authContext: AuthContext): Future[Alert] = {
     val follow = fields.getBoolean("follow").getOrElse(alert.follow())
-    val newStatus = if (follow) AlertStatus.Updated else alert.status()
+    val newStatus = if (follow && alert.status() != AlertStatus.New) AlertStatus.Updated else alert.status()
     val updatedAlert = updateSrv(alert, fields.set("status", Json.toJson(newStatus)), modifyConfig)
     alert.caze() match {
       case Some(caseId) if follow ⇒

From 3bc552a7943ed167cacca5af557444b9bdf5f694 Mon Sep 17 00:00:00 2001
From: To-om <toom@thehive-project.org>
Date: Wed, 13 Feb 2019 14:47:55 +0100
Subject: [PATCH 10/29] #838 Add ioc information on similar observables in
 stats

---
 thehive-backend/app/models/Artifact.scala | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/thehive-backend/app/models/Artifact.scala b/thehive-backend/app/models/Artifact.scala
index ea99e72524..dba97dcb5f 100644
--- a/thehive-backend/app/models/Artifact.scala
+++ b/thehive-backend/app/models/Artifact.scala
@@ -1,8 +1,8 @@
 package models
 
 import java.util.Date
-import javax.inject.{ Inject, Provider, Singleton }
 
+import javax.inject.{ Inject, Provider, Singleton }
 import scala.concurrent.{ ExecutionContext, Future }
 import scala.util.Success
 
@@ -12,6 +12,7 @@ import play.api.libs.json.JsValue.jsValueToJsLookup
 import play.api.libs.json.Json.toJsFieldJsValueWrapper
 import play.api.libs.json._
 
+import akka.stream.scaladsl.Sink
 import akka.stream.{ IOResult, Materializer }
 import akka.{ Done, NotUsed }
 import models.JsonFormat.artifactStatusFormat
@@ -114,9 +115,11 @@ class ArtifactModel @Inject() (
   override def getStats(entity: BaseEntity): Future[JsObject] = {
     entity match {
       case artifact: Artifact ⇒
-        val (_, total) = artifactSrv.get.findSimilar(artifact, Some("0-0"), Nil)
-        total.failed.foreach(t ⇒ logger.error("Artifact.getStats error", t))
-        total.map { t ⇒ Json.obj("seen" → t) }
+        val (similarArtifacts, total) = artifactSrv.get.findSimilar(artifact, Some("0-1"), Seq("-ioc"))
+        for {
+          ioc ← similarArtifacts.runWith(Sink.headOption).map(_.fold(false)(_.ioc()))
+          t ← total
+        } yield Json.obj("seen" → t, "ioc" → ioc)
       case _ ⇒ Future.successful(JsObject.empty)
     }
   }

From 510d89e4c0a04434f02eff65272c76d45b142d23 Mon Sep 17 00:00:00 2001
From: Nabil Adouani <nabil.adouani@gmail.com>
Date: Wed, 13 Feb 2019 14:59:29 +0100
Subject: [PATCH 11/29] #838 Add a color indication for seen IOCs

---
 .../details/artifact-details-information.html            | 9 ++++++++-
 .../partials/observables/list/artifacts-list-main.html   | 9 +++++++--
 2 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/ui/app/views/partials/observables/details/artifact-details-information.html b/ui/app/views/partials/observables/details/artifact-details-information.html
index 98227eb7dc..ef64d0265e 100644
--- a/ui/app/views/partials/observables/details/artifact-details-information.html
+++ b/ui/app/views/partials/observables/details/artifact-details-information.html
@@ -91,6 +91,7 @@ <h4 class="vpad10 text-primary">Links</h4>
         <table ng-if="similarArtifacts.length > 0" class="table table-hover">
             <thead>
                 <tr>
+                    <th width="10">IOC</th>
                     <th>TLP</th>
                     <th>Case</th>
                     <th>Date added</th>
@@ -98,10 +99,16 @@ <h4 class="vpad10 text-primary">Links</h4>
             </thead>
             <tbody>
                 <tr ng-repeat="a in similarArtifacts" style="cursor: pointer;" ng-click="openArtifact(a)" uib-tooltip="{{a.message}}" tooltip-popup-delay="500" tooltip-placement="bottom">
+                    <td align="center">
+                        <span class="clickable fa"
+                          ng-class="{true: 'fa-star', false: 'fa-star-o'}[a.ioc]"
+                          tooltip-popup-delay="500"
+                          tooltip-placement="bottom"></span>
+                    </td>
                     <td>
                         <tlp value="a.tlp"></tlp>
                     </td>
-                    <td>[{{a.dataType}}]: {{a.data}}<br> #{{a.case.caseId}} - {{a.case.title}}
+                    <td>[{{a.dataType}}]: {{a.data || a.attachment.name}}<br> #{{a.case.caseId}} - {{a.case.title}}
                     </td>
                     <td>{{a.startDate | showDate}}</td>
                 </tr>
diff --git a/ui/app/views/partials/observables/list/artifacts-list-main.html b/ui/app/views/partials/observables/list/artifacts-list-main.html
index 6c0931883d..7ba681f28e 100644
--- a/ui/app/views/partials/observables/list/artifacts-list-main.html
+++ b/ui/app/views/partials/observables/list/artifacts-list-main.html
@@ -82,14 +82,19 @@ <h4>Observable List ({{artifacts.total || 0}} of {{artifactStats.count}})</h4>
                     <span ng-click="addFilterValue('sighted', artifact.sighted)" ng-if="artifact.sighted" class="clickable fa fa-toggle-on" uib-tooltip="has been sighted" tooltip-popup-delay="500" tooltip-placement="bottom"></span>
                 </td>
                 <td>
-					<span uib-tooltip="{{artifact.stats.seen}} related artifact(s)" tooltip-popup-delay="500" tooltip-placement="bottom" ng-if="artifact.stats.seen > 0" class="glyphicon glyphicon-eye-open"></span>
+					          <span
+                      uib-tooltip="{{artifact.stats.seen}} related artifact(s)"
+                      tooltip-placement="bottom"
+                      ng-if="artifact.stats.seen > 0"
+                      class="glyphicon glyphicon-eye-open"
+                      ng-class="{'text-danger': artifact.stats.ioc}"></span>
                 </td>
                 <td>
                     <a href ng-click="addFilterValue('dataType', artifact.dataType)"><span ng-bind="artifact.dataType"></span></a>
                 </td>
                 <td class="wrap">
                     <div class="wrap clickable" ng-click="openArtifact(artifact)" uib-tooltip="{{artifact.message}}" tooltip-placement="top-left">
-                        {{(artifact.data | fang) || (artifact.attachment.name | fang)}}
+                         {{(artifact.data | fang) || (artifact.attachment.name | fang)}}
                     </div>
                     <div class="case-tags flexwrap mt-xxs">
                         <span class="mr-xxxs text-muted"><i class="fa fa-tags"></i></span>

From 69c7473227a51ec942fb958e2f75be49825f9c3f Mon Sep 17 00:00:00 2001
From: Nabil Adouani <nabil.adouani@gmail.com>
Date: Wed, 13 Feb 2019 20:06:14 +0100
Subject: [PATCH 12/29] #831 Add auto complete to case and observable tags in
 details page

---
 .../controllers/case/CaseDetailsCtrl.js       | 12 ++++++++----
 .../case/CaseObservablesItemCtrl.js           | 19 ++++++++++++-------
 ui/app/scripts/directives/updatableTags.js    |  3 ++-
 ui/app/views/directives/updatable-tags.html   |  1 +
 ui/app/views/partials/case/case.details.html  |  4 ++--
 .../details/artifact-details-information.html |  6 +++---
 6 files changed, 28 insertions(+), 17 deletions(-)

diff --git a/ui/app/scripts/controllers/case/CaseDetailsCtrl.js b/ui/app/scripts/controllers/case/CaseDetailsCtrl.js
index a87c5a1517..8573a3a07a 100644
--- a/ui/app/scripts/controllers/case/CaseDetailsCtrl.js
+++ b/ui/app/scripts/controllers/case/CaseDetailsCtrl.js
@@ -1,7 +1,7 @@
 (function() {
     'use strict';
 
-    angular.module('theHiveControllers').controller('CaseDetailsCtrl', function($scope, $state, $uibModal, CaseTabsSrv, UserInfoSrv, PSearchSrv) {
+    angular.module('theHiveControllers').controller('CaseDetailsCtrl', function($scope, $state, $uibModal, CaseTabsSrv, UserInfoSrv, TagSrv, PSearchSrv) {
 
         CaseTabsSrv.activateTab($state.current.data.tab);
 
@@ -98,6 +98,10 @@
                 itemId: attachment.case_task.id
             });
         };
+
+        $scope.getCaseTags = function(query) {
+            return TagSrv.fromCases(query);
+        };
     });
 
     angular.module('theHiveControllers').controller('CaseCustomFieldsCtrl', function($scope, $uibModal, CustomFieldsCacheSrv) {
@@ -108,13 +112,13 @@
                 return {
                     name: name,
                     order: definition.order
-                }
+                };
             }), function(item){
                 return item.order;
             }), 'name');
 
             return result;
-        }
+        };
 
         $scope.getCustomFieldName = function(fieldDef) {
             return 'customFields.' + fieldDef.reference + '.' + fieldDef.type;
@@ -178,4 +182,4 @@
         };
     });
 
-})();
\ No newline at end of file
+})();
diff --git a/ui/app/scripts/controllers/case/CaseObservablesItemCtrl.js b/ui/app/scripts/controllers/case/CaseObservablesItemCtrl.js
index 11ef13bf02..8947c9aca6 100644
--- a/ui/app/scripts/controllers/case/CaseObservablesItemCtrl.js
+++ b/ui/app/scripts/controllers/case/CaseObservablesItemCtrl.js
@@ -1,7 +1,7 @@
 (function () {
     'use strict';
     angular.module('theHiveControllers').controller('CaseObservablesItemCtrl',
-        function ($scope, $state, $stateParams, $q, $filter, $timeout, $document, CaseTabsSrv, CaseArtifactSrv, CortexSrv, PSearchSrv, AnalyzerSrv, NotificationSrv, VersionSrv, appConfig) {
+        function ($scope, $state, $stateParams, $q, $filter, $timeout, $document, CaseTabsSrv, CaseArtifactSrv, CortexSrv, PSearchSrv, AnalyzerSrv, NotificationSrv, VersionSrv, TagSrv, appConfig) {
             var observableId = $stateParams.itemId,
                 observableName = 'observable-' + observableId;
 
@@ -57,7 +57,7 @@
                 $scope.initScope(observable);
 
             }, function (response) {
-                NotificationSrv.error('artifactDetails', response.data, response.status);
+                NotificationSrv.error('ObservableDetails', response.data, response.status);
                 CaseTabsSrv.activateTab('observables');
             });
 
@@ -129,7 +129,7 @@
                         }, function (observable) {
                             $scope.artifact = observable;
                         }, function (response) {
-                            NotificationSrv.error('artifactDetails', response.data, response.status);
+                            NotificationSrv.error('ObservableDetails', response.data, response.status);
                             CaseTabsSrv.activateTab('observables');
                         });
                     }
@@ -195,8 +195,9 @@
                     artifactId: $scope.artifact.id
                 }, field, function (response) {
                     $scope.artifact = response.toJSON();
+                    NotificationSrv.log('Observable has been updated', 'success');
                 }, function (response) {
-                    NotificationSrv.error('artifactDetails', response.data, response.status);
+                    NotificationSrv.error('ObservableDetails', response.data, response.status);
                 });
             };
 
@@ -211,7 +212,7 @@
             $scope.runAnalyzer = function (analyzerName, serverId) {
                 var artifactName = $scope.artifact.data || $scope.artifact.attachment.name;
 
-                var promise = serverId ? $q.resolve(serverId) : CortexSrv.getServers([analyzerName])
+                var promise = serverId ? $q.resolve(serverId) : CortexSrv.getServers([analyzerName]);
 
                 promise.then(function (serverId) {
                         return $scope._runAnalyzer(serverId, analyzerName, $scope.artifact.id);
@@ -254,8 +255,8 @@
                       $scope.obsResponders = responders;
                   })
                   .catch(function(err) {
-                      NotificationSrv.error('observablesList', response.data, response.status);
-                  })
+                      NotificationSrv.error('observablesList', err.data, err.status);
+                  });
             };
 
             $scope.runResponder = function(responderId, responderName, artifact) {
@@ -271,6 +272,10 @@
                   });
             };
 
+            $scope.getTags = function(query) {
+                return TagSrv.fromObservables(query);
+            };
+
         }
     );
 
diff --git a/ui/app/scripts/directives/updatableTags.js b/ui/app/scripts/directives/updatableTags.js
index 4eb5acd03d..20341ef70d 100644
--- a/ui/app/scripts/directives/updatableTags.js
+++ b/ui/app/scripts/directives/updatableTags.js
@@ -9,7 +9,8 @@
                 'scope': {
                     'value': '=?',
                     'onUpdate': '&',
-                    'active': '=?'
+                    'active': '=?',
+                    'source': '='
                 }
             };
         });
diff --git a/ui/app/views/directives/updatable-tags.html b/ui/app/views/directives/updatable-tags.html
index 096f1ce7ed..16e23ba3c2 100644
--- a/ui/app/views/directives/updatable-tags.html
+++ b/ui/app/views/directives/updatable-tags.html
@@ -16,6 +16,7 @@
 <span ng-show="updatable.updating">
     <div class="form-group">
         <tags-input class="ti-input-sm" min-length="2" ng-model="value" placeholder="Add labels" replace-spaces-with-dashes="false">
+            <auto-complete ng-if="source" min-length="1" debounceDelay="400" source="source($query)"></auto-complete>
         </tags-input>
     </div>
     <div class="form-group">
diff --git a/ui/app/views/partials/case/case.details.html b/ui/app/views/partials/case/case.details.html
index e1ad6e3091..b7a42429bd 100644
--- a/ui/app/views/partials/case/case.details.html
+++ b/ui/app/views/partials/case/case.details.html
@@ -50,10 +50,10 @@ <h4 class="vpad10 text-primary">Summary</h4>
             </dd>
         </dl>
 
-        <dl class="dl-horizontal clear">
+        <dl class="dl-horizontal">
             <dt class="pull-left">Tags</dt>
             <dd>
-                <updatable-tags on-update="updateField('tags', getTags(newValue))" value="caze.tags"></updatable-tags>
+                <updatable-tags on-update="updateField('tags', getTags(newValue))" value="caze.tags" source="getCaseTags"></updatable-tags>
             </dd>
         </dl>
 
diff --git a/ui/app/views/partials/observables/details/artifact-details-information.html b/ui/app/views/partials/observables/details/artifact-details-information.html
index ef64d0265e..cfe09c2830 100644
--- a/ui/app/views/partials/observables/details/artifact-details-information.html
+++ b/ui/app/views/partials/observables/details/artifact-details-information.html
@@ -70,10 +70,10 @@ <h4 class="vpad10 text-primary">
             </dd>
         </dl>
 
-        <dl class="dl-horizontal clear">
-            <dt class="pull-left">Labels</dt>
+        <dl class="dl-horizontal">
+            <dt class="pull-left">Tags</dt>
             <dd>
-                <updatable-tags value="artifact.tags" on-update="updateField('tags', getLabels(newValue))"></updatable-tags>
+                <updatable-tags value="artifact.tags" on-update="updateField('tags', getLabels(newValue))" source="getTags"></updatable-tags>
             </dd>
         </dl>
 

From fc84c784dd379db569ed6527c8f4840103980569 Mon Sep 17 00:00:00 2001
From: Zach Priddy <zach.priddy@getcruise.com>
Date: Thu, 14 Feb 2019 12:35:31 -0800
Subject: [PATCH 13/29] Update akka version

Update akka version as detailed in #877
---
 project/Dependencies.scala | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/project/Dependencies.scala b/project/Dependencies.scala
index 27c1ecf10a..7040cba8cf 100644
--- a/project/Dependencies.scala
+++ b/project/Dependencies.scala
@@ -21,7 +21,7 @@ object Dependencies {
     val reflections = "org.reflections" % "reflections" % "0.9.11"
     val zip4j = "net.lingala.zip4j" % "zip4j" % "1.3.2"
     val elastic4play = "org.thehive-project" %% "elastic4play" % "1.8.0-1"
-    val akkaCluster = "com.typesafe.akka" %% "akka-cluster" % "2.5.11"
-    val akkaClusterTools = "com.typesafe.akka" %% "akka-cluster-tools" % "2.5.11"
+    val akkaCluster = "com.typesafe.akka" %% "akka-cluster" % "2.5.19"
+    val akkaClusterTools = "com.typesafe.akka" %% "akka-cluster-tools" % "2.5.19"
   }
 }

From 5fdc6ce0dd8b3dd91eab009600272ed781568caf Mon Sep 17 00:00:00 2001
From: Zach Priddy <zach.priddy@getcruise.com>
Date: Thu, 14 Feb 2019 12:35:31 -0800
Subject: [PATCH 14/29] Revert "Update akka version"

This reverts commit fc84c784dd379db569ed6527c8f4840103980569.
---
 project/Dependencies.scala | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/project/Dependencies.scala b/project/Dependencies.scala
index 7040cba8cf..27c1ecf10a 100644
--- a/project/Dependencies.scala
+++ b/project/Dependencies.scala
@@ -21,7 +21,7 @@ object Dependencies {
     val reflections = "org.reflections" % "reflections" % "0.9.11"
     val zip4j = "net.lingala.zip4j" % "zip4j" % "1.3.2"
     val elastic4play = "org.thehive-project" %% "elastic4play" % "1.8.0-1"
-    val akkaCluster = "com.typesafe.akka" %% "akka-cluster" % "2.5.19"
-    val akkaClusterTools = "com.typesafe.akka" %% "akka-cluster-tools" % "2.5.19"
+    val akkaCluster = "com.typesafe.akka" %% "akka-cluster" % "2.5.11"
+    val akkaClusterTools = "com.typesafe.akka" %% "akka-cluster-tools" % "2.5.11"
   }
 }

From c9aafc51c47742ce76830c9e927561fc821d924d Mon Sep 17 00:00:00 2001
From: Zachary Priddy <github@zpriddy.com>
Date: Thu, 14 Feb 2019 12:36:52 -0800
Subject: [PATCH 15/29] Update akka version

Update akka version as detailed in #877
---
 project/Dependencies.scala | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/project/Dependencies.scala b/project/Dependencies.scala
index 27c1ecf10a..7040cba8cf 100644
--- a/project/Dependencies.scala
+++ b/project/Dependencies.scala
@@ -21,7 +21,7 @@ object Dependencies {
     val reflections = "org.reflections" % "reflections" % "0.9.11"
     val zip4j = "net.lingala.zip4j" % "zip4j" % "1.3.2"
     val elastic4play = "org.thehive-project" %% "elastic4play" % "1.8.0-1"
-    val akkaCluster = "com.typesafe.akka" %% "akka-cluster" % "2.5.11"
-    val akkaClusterTools = "com.typesafe.akka" %% "akka-cluster-tools" % "2.5.11"
+    val akkaCluster = "com.typesafe.akka" %% "akka-cluster" % "2.5.19"
+    val akkaClusterTools = "com.typesafe.akka" %% "akka-cluster-tools" % "2.5.19"
   }
 }

From cc65b5d04503c8d1eef9d9bada458a7e09730b6a Mon Sep 17 00:00:00 2001
From: To-om <toom@thehive-project.org>
Date: Mon, 18 Feb 2019 11:04:13 +0100
Subject: [PATCH 16/29] #820 Add MISP url in status API

---
 thehive-misp/app/connectors/misp/MispConnection.scala | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/thehive-misp/app/connectors/misp/MispConnection.scala b/thehive-misp/app/connectors/misp/MispConnection.scala
index 0168e635ac..4931e9aafc 100644
--- a/thehive-misp/app/connectors/misp/MispConnection.scala
+++ b/thehive-misp/app/connectors/misp/MispConnection.scala
@@ -106,11 +106,13 @@ case class MispConnection(
           "name" → name,
           "version" → version,
           "status" → "OK",
+          "url" → baseUrl,
           "purpose" → purpose.toString)
         case None ⇒ Json.obj(
           "name" → name,
           "version" → "",
           "status" → "ERROR",
+          "url" → baseUrl,
           "purpose" → purpose.toString)
       }
   }

From d62697cabbc99002613ee455179d62ac3e98bfd5 Mon Sep 17 00:00:00 2001
From: Nabil Adouani <nabil.adouani@gmail.com>
Date: Mon, 18 Feb 2019 11:16:48 +0100
Subject: [PATCH 17/29] #879 Update Copyright

---
 ui/app/views/components/app-container.component.html | 2 +-
 ui/app/views/partials/about.html                     | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/ui/app/views/components/app-container.component.html b/ui/app/views/components/app-container.component.html
index 77cd80c977..1832f7b0e7 100644
--- a/ui/app/views/components/app-container.component.html
+++ b/ui/app/views/components/app-container.component.html
@@ -26,7 +26,7 @@
 			</span>
 		</div>
 		<div>
-			<strong><a href="http://www.thehive-project.org" target="_blank">TheHive Project</a> 2016-2018, <a href="https://www.gnu.org/licenses/agpl-3.0.en.html" target="_blank">AGPL-V3</a></strong>
+			<strong><a href="http://www.thehive-project.org" target="_blank">TheHive Project</a> 2016-2019, <a href="https://www.gnu.org/licenses/agpl-3.0.en.html" target="_blank">AGPL-V3</a></strong>
 		</div>
 	</div>
 </footer>
diff --git a/ui/app/views/partials/about.html b/ui/app/views/partials/about.html
index d6d11de312..df36bcc06b 100644
--- a/ui/app/views/partials/about.html
+++ b/ui/app/views/partials/about.html
@@ -19,8 +19,8 @@
     </div>
     <div class="row mt-s">
         <div class="col-md-12 text-center">
-            Copyright (C) 2016-2018 Thomas Franco, Saâd Kadhi, Jérôme Leonard<br>
-            Copyright (C) 2017-2018 Nabil Adouani
+            Copyright (C) 2016-2019 Thomas Franco, Saâd Kadhi, Jérôme Leonard<br>
+            Copyright (C) 2017-2019 Nabil Adouani
         </div>
     </div>
 </div>

From 1d76ab846eacf433ad9b182651de834b9b2b5029 Mon Sep 17 00:00:00 2001
From: Nabil Adouani <nabil.adouani@gmail.com>
Date: Mon, 18 Feb 2019 15:46:57 +0100
Subject: [PATCH 18/29] #884 Add a Related Alerts page in case details

---
 ui/app/index.html                             |   1 +
 ui/app/scripts/app.js                         |  16 ++-
 .../controllers/case/CaseAlertsCtrl.js        |  77 ++++++++++
 .../scripts/controllers/case/CaseMainCtrl.js  |   9 ++
 ui/app/scripts/services/CaseSrv.js            |   5 +
 ui/app/views/partials/case/case.alerts.html   | 135 ++++++++++++++++++
 .../views/partials/case/case.panelinfo.html   |  12 +-
 7 files changed, 253 insertions(+), 2 deletions(-)
 create mode 100644 ui/app/scripts/controllers/case/CaseAlertsCtrl.js
 create mode 100644 ui/app/views/partials/case/case.alerts.html

diff --git a/ui/app/index.html b/ui/app/index.html
index cedc832a42..f0ebf9cd9e 100644
--- a/ui/app/index.html
+++ b/ui/app/index.html
@@ -149,6 +149,7 @@
     <script src="scripts/controllers/alert/AlertEventCtrl.js"></script>
     <script src="scripts/controllers/alert/AlertListCtrl.js"></script>
     <script src="scripts/controllers/alert/AlertStatsCtrl.js"></script>
+    <script src="scripts/controllers/case/CaseAlertsCtrl.js"></script>
     <script src="scripts/controllers/case/CaseCloseModalCtrl.js"></script>
     <script src="scripts/controllers/case/CaseCreationCtrl.js"></script>
     <script src="scripts/controllers/case/CaseDeleteModalCtrl.js"></script>
diff --git a/ui/app/scripts/app.js b/ui/app/scripts/app.js
index d496cd8d65..df48f06ae6 100644
--- a/ui/app/scripts/app.js
+++ b/ui/app/scripts/app.js
@@ -263,6 +263,20 @@ angular.module('thehive', ['ngAnimate', 'ngMessages', 'ngSanitize', 'ui.bootstra
                 templateUrl: 'views/partials/case/case.links.html',
                 controller: 'CaseLinksCtrl'
             })
+            .state('app.case.alerts', {
+                url: '/alerts',
+                templateUrl: 'views/partials/case/case.alerts.html',
+                controller: 'CaseAlertsCtrl',
+                resolve: {
+                    alerts: function($stateParams, CaseSrv) {
+                        return CaseSrv.alerts({range: 'all'}, {
+                            query: {
+                              case: $stateParams.caseId
+                            }
+                        }).$promise;
+                    }
+                }
+            })
             .state('app.case.tasks-item', {
                 url: '/tasks/{itemId}',
                 templateUrl: 'views/partials/case/case.tasks.item.html',
@@ -433,7 +447,7 @@ angular.module('thehive', ['ngAnimate', 'ngMessages', 'ngSanitize', 'ui.bootstra
               var renderer = defaults.renderer;
               var linkRenderer = _.wrap(renderer.link, function(originalLink, href, title, text) {
                   var html = originalLink.call(renderer, href, title, text);
-                  return html.replace(/^<a /, '<a target="_blank" rel="nofollow" ')
+                  return html.replace(/^<a /, '<a target="_blank" rel="nofollow" ');
               });
 
               // Customize the link renderer
diff --git a/ui/app/scripts/controllers/case/CaseAlertsCtrl.js b/ui/app/scripts/controllers/case/CaseAlertsCtrl.js
new file mode 100644
index 0000000000..46bc1a17dc
--- /dev/null
+++ b/ui/app/scripts/controllers/case/CaseAlertsCtrl.js
@@ -0,0 +1,77 @@
+(function() {
+    'use strict';
+    angular.module('theHiveControllers').controller('CaseAlertsCtrl',
+        function($scope, $state, $stateParams, $uibModal, $timeout, CaseTabsSrv, alerts) {
+            $scope.caseId = $stateParams.caseId;
+            $scope.alerts = alerts;
+            $scope.alertStats = [];
+            $scope.currentFilter = '';
+            $scope.filtering = {};
+            $scope.sorting = {
+              field: '-date'
+            };
+            var tabName = 'alerts-' + $scope.caseId;
+
+            // Add tab
+            CaseTabsSrv.addTab(tabName, {
+                name: tabName,
+                label: 'Related Alerts',
+                closable: true,
+                state: 'app.case.alerts',
+                params: {}
+            });
+
+            // Select tab
+            $timeout(function() {
+                CaseTabsSrv.activateTab(tabName);
+            }, 0);
+
+            $scope.initStats = function(data) {
+                var stats = {
+                    type: {},
+                    source: {}
+                };
+
+                // Init the stats object
+                _.each(data, function(item) {
+                    stats.type[item.type] = stats.type[item.type] ? stats.type[item.type] + 1 : 1;
+                    stats.source[item.source] = stats.source[item.source] ? stats.source[item.source] + 1 : 1;
+                });
+
+                var result = {};
+                Object.keys(stats).forEach(function(field) {
+                    result[field] = [];
+                    Object.keys(stats[field]).forEach(function(key) {
+                        result[field].push({
+                            key: key,
+                            value: stats[field][key]
+                        });
+                    });
+                });
+
+                return result;
+            };
+
+            $scope.filterBy = function(field, filter) {
+                $scope.currentFilter = filter;
+                if(field === '') {
+                    $scope.filtering = {};
+                } else {
+                    var temp = {};
+                    temp[field] = filter;
+                    $scope.filtering = temp;
+                }
+            };
+
+            $scope.sortBy = function(field) {
+                if($scope.sorting.field.substr(1) !== field) {
+                    $scope.sorting.field = '+' + field;
+                } else {
+                    $scope.sorting.field = ($scope.sorting.field === '+' + field) ? '-'+field : '+'+field;
+                }
+            };
+
+            $scope.alertStats = $scope.initStats($scope.alerts);
+        }
+    );
+})();
diff --git a/ui/app/scripts/controllers/case/CaseMainCtrl.js b/ui/app/scripts/controllers/case/CaseMainCtrl.js
index 425994cc22..07fa4844fc 100644
--- a/ui/app/scripts/controllers/case/CaseMainCtrl.js
+++ b/ui/app/scripts/controllers/case/CaseMainCtrl.js
@@ -132,6 +132,15 @@
                 field: 'status'
             });
 
+            $scope.alerts = StreamStatSrv({
+                scope: $scope,
+                rootId: caseId,
+                query: { 'case': caseId },
+                result: {},
+                objectType: 'alert',
+                field: 'type'
+            });
+
             $scope.$on('tasks:task-removed', function(event, task) {
                 CaseTabsSrv.removeTab('task-' + task.id);
             });
diff --git a/ui/app/scripts/services/CaseSrv.js b/ui/app/scripts/services/CaseSrv.js
index 16f6f2126c..89c2558974 100644
--- a/ui/app/scripts/services/CaseSrv.js
+++ b/ui/app/scripts/services/CaseSrv.js
@@ -30,6 +30,11 @@
                     method: 'POST',
                     url: './api/case/_search',
                     isArray: true
+                },
+                alerts: {
+                  method: 'POST',
+                  url: './api/alert/_search',                  
+                  isArray: true
                 }
             });
         });
diff --git a/ui/app/views/partials/case/case.alerts.html b/ui/app/views/partials/case/case.alerts.html
new file mode 100644
index 0000000000..c4b75d8a86
--- /dev/null
+++ b/ui/app/views/partials/case/case.alerts.html
@@ -0,0 +1,135 @@
+<div class="row" ng-show="alerts.length === 0">
+    <div class="col-md-12">
+        <div class=" empty-message">No records</div>
+    </div>
+</div>
+
+<div class="case-links" ng-show="alerts.length > 0" ng-init="filteredLinks = (alerts | filter:filtering | orderBy:sorting.field)">
+    <div class="mv-s" ng-if="alertStats">
+        <span class="label label-lg label-default mr-xxs clickable"
+            ng-click="filterBy('');"
+            ng-class="{'label-primary': currentFilter===''}">All ({{alerts.length || 0}})</span>
+
+        <!-- <span><strong>Status:</strong></span>
+
+        <span class="label label-lg label-default mr-xxs clickable"
+            ng-repeat="statsItem in alertStats.status"
+            ng-click="filterBy('status', statsItem.key)"
+            ng-class="{'label-primary': currentFilter===statsItem.key}">{{statsItem.key}} ({{statsItem.value}})</span> -->
+
+        <span><strong>Type:</strong></span>
+        <span class="label label-lg label-default mr-xxs clickable"
+            ng-repeat="statsItem in alertStats.type"
+            ng-click="filterBy('type', statsItem.key)"
+            ng-class="{'label-primary': currentFilter===statsItem.key}">{{statsItem.key}} ({{statsItem.value}})</span>
+
+        <span><strong>Source:</strong></span>
+        <span class="label label-lg label-default mr-xxs clickable"
+            ng-repeat="statsItem in alertStats.source"
+            ng-click="filterBy('source', statsItem.key)"
+            ng-class="{'label-primary': currentFilter===statsItem.key}">{{statsItem.key}} ({{statsItem.value}})</span>
+    </div>
+
+    <div class="row" ng-show="filteredAlerts.length === 0">
+        <div class="col-md-12">
+            <div class=" empty-message">No records</div>
+        </div>
+    </div>
+
+    <table class="table table-striped case-list" ng-show="alerts.length > 0">
+        <thead>
+            <tr>
+                <th width="150px">
+                  <a href class="text-default" ng-click="sortBy('sourceRef')">
+                    Reference
+                    <i ng-show="sorting.field !== '+sourceRef' && sorting.field !== '-sourceRef'" class="fa fa-sort"></i>
+                    <i ng-show="sorting.field === '+sourceRef'" class="fa fa-caret-up"></i>
+                    <i ng-show="sorting.field === '-sourceRef'" class="fa fa-caret-down"></i>
+                  </a>
+                </th>
+                <th width="80px">
+                  <a href class="text-default" ng-click="sortBy('type')">
+                    Type
+                    <i ng-show="sorting.field !== '+type' && sorting.field !== '-type'" class="fa fa-sort"></i>
+                    <i ng-show="sorting.field === '+type'" class="fa fa-caret-up"></i>
+                    <i ng-show="sorting.field === '-type'" class="fa fa-caret-down"></i>
+                  </a>
+                </th>
+                <th width="80px">
+                  <a href class="text-default" ng-click="sortBy('status')">
+                    Status
+                    <i ng-show="sorting.field !== '+status' && sorting.field !== '-status'" class="fa fa-sort"></i>
+                    <i ng-show="sorting.field === '+status'" class="fa fa-caret-up"></i>
+                    <i ng-show="sorting.field === '-status'" class="fa fa-caret-down"></i>
+                  </a>
+                </th>
+                <th>
+                  <a href class="text-default" ng-click="sortBy('title')">
+                    Title
+                    <i ng-show="sorting.field !== '+title' && sorting.field !== '-title'" class="fa fa-sort"></i>
+                    <i ng-show="sorting.field === '+title'" class="fa fa-caret-up"></i>
+                    <i ng-show="sorting.field === '-title'" class="fa fa-caret-down"></i>
+                  </a>
+                </th>
+                <th width="150px">
+                  <a href class="text-default" ng-click="sortBy('source')">
+                    Source
+                    <i ng-show="sorting.field !== '+source' && sorting.field !== '-source'" class="fa fa-sort"></i>
+                    <i ng-show="sorting.field === '+source'" class="fa fa-caret-up"></i>
+                    <i ng-show="sorting.field === '-source'" class="fa fa-caret-down"></i>
+                  </a>
+                </th>
+                <th width="80px">
+                  <a href class="text-default" ng-click="sortBy('severity')">
+                    Severity
+                    <i ng-show="sorting.field !== '+severity' && sorting.field !== '-severity'" class="fa fa-sort"></i>
+                    <i ng-show="sorting.field === '+severity'" class="fa fa-caret-up"></i>
+                    <i ng-show="sorting.field === '-severity'" class="fa fa-caret-down"></i>
+                  </a>
+                </th>
+                <th width="80px">
+                  Attributes
+                </th>
+                <th style="width: 160px">
+                  <a href class="text-default" ng-click="sortBy('date')">
+                    Date
+                    <i ng-show="sorting.field !== '+date' && sorting.field !== '-date'" class="fa fa-sort"></i>
+                    <i ng-show="sorting.field === '+date'" class="fa fa-caret-up"></i>
+                    <i ng-show="sorting.field === '-date'" class="fa fa-caret-down"></i>
+                  </a>
+                </th>
+            </tr>
+        </thead>
+        <tbody>
+            <tr ng-repeat="event in filteredAlerts = (alerts | filter:filtering | orderBy:sorting.field)">
+                <td class="wrap">
+                    <strong>{{::event.sourceRef}}</strong>
+                </td>
+                <td>
+                    <span>{{::event.type}}</span>
+                </td>
+                <td>
+                    <span class="label label-default" ng-class="{'label-danger': event.status==='New', 'label-warning': event.status === 'Updated'}" >{{::event.status}}</span>
+                </td>
+                <td class="wrap">
+                    <div class="case-title">
+                        <span>{{::event.title}}</span>
+                    </div>
+                    <div class="case-tags flexwrap mt-xxs">
+                        <span class="mr-xxxs text-muted"><i class="fa fa-tags"></i></span>
+                        <strong class="text-muted mr-xxxs" ng-if="!event.tags || event.tags.length === 0">None</strong>
+                        <span ng-repeat="tag in event.tags track by $index" class="label label-primary mb-xxxs mr-xxxs pointer" ng-click="$vm.addFilterValue('tags', tag)">{{tag}}</span>
+                    </div>
+                </td>
+                <td>{{::event.source}}</td>
+                <td class="text-center">
+                    <div>
+                        <severity active="false" value="event.severity"></severity>
+                    </div>
+                </td>
+                <td class="text-center">{{::event.artifacts.length || 0}}</td>
+                <td>{{event.date | showDate}}</td>
+            </tr>
+        </tbody>
+    </table>
+</div>
diff --git a/ui/app/views/partials/case/case.panelinfo.html b/ui/app/views/partials/case/case.panelinfo.html
index 991c3a98f8..f98344aaff 100644
--- a/ui/app/views/partials/case/case.panelinfo.html
+++ b/ui/app/views/partials/case/case.panelinfo.html
@@ -33,7 +33,17 @@ <h3 class="box-title">
         <span class="ml-xxs text-danger" ng-show="links.length > 0">
             <i class="glyphicon glyphicon-link"></i>
             <strong>
-                <a class="text-danger" href ui-sref="app.case.links({caseId:caze.id})"><ng-pluralize count="links.length" when="{'one': '1 Related case', 'other': '{} Related cases'}"></ng-pluralize></a>
+                <a class="text-danger" href ui-sref="app.case.links({caseId:caze.id})">
+                  <ng-pluralize count="links.length" when="{'one': '1 case', 'other': '{} cases'}"></ng-pluralize>
+                </a>
+            </strong>
+        </span>
+        <span class="ml-xxs text-danger" ng-show="alerts.count > 0">
+            <i class="glyphicon glyphicon-link"></i>
+            <strong>
+                <a class="text-danger" href ui-sref="app.case.alerts({caseId:caze.id})">
+                  <ng-pluralize count="alerts.count" when="{'one': '1 alert', 'other': '{} alerts'}"></ng-pluralize>
+                </a>
             </strong>
         </span>
 

From a51f6d9d15184278dd30e3125682568dceab2119 Mon Sep 17 00:00:00 2001
From: To-om <toom@thehive-project.org>
Date: Tue, 19 Feb 2019 09:21:29 +0100
Subject: [PATCH 19/29] #882 Disable deployment on pull-requests

---
 .drone.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/.drone.yml b/.drone.yml
index e39e9b7c46..c244399aa3 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -159,6 +159,7 @@ steps:
       strip_components: 3
     when:
       branch: [develop]
+      repo: TheHive-Project/TheHive
 
   - name: deploy binaries in integration environment
     image: appleboy/drone-ssh
@@ -170,6 +171,7 @@ steps:
         - ./start thehive ${DRONE_BUILD_NUMBER}
     when:
       branch: [develop]
+      repo: TheHive-Project/TheHive
 
   # Deploy binaries in staging environment
   - name: copy binaries in staging environment
@@ -183,6 +185,7 @@ steps:
       strip_components: 3
     when:
       branch: [master]
+      repo: TheHive-Project/TheHive
 
   - name: deploy binaries in staging environment
     image: appleboy/drone-ssh
@@ -194,6 +197,7 @@ steps:
         - ./start thehive ${DRONE_BUILD_NUMBER}
     when:
       branch: [master]
+      repo: TheHive-Project/TheHive
 
 volumes:
   - name: cache

From 3dce91a5a146d289b147494c29064ac937f7e0ba Mon Sep 17 00:00:00 2001
From: To-om <toom@thehive-project.org>
Date: Tue, 19 Feb 2019 10:34:25 +0100
Subject: [PATCH 20/29] #882 Disable deployment on pull-requests

---
 .drone.yml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/.drone.yml b/.drone.yml
index c244399aa3..bec436627a 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -159,7 +159,7 @@ steps:
       strip_components: 3
     when:
       branch: [develop]
-      repo: TheHive-Project/TheHive
+      event: {exclude: [pull_request]}
 
   - name: deploy binaries in integration environment
     image: appleboy/drone-ssh
@@ -171,7 +171,7 @@ steps:
         - ./start thehive ${DRONE_BUILD_NUMBER}
     when:
       branch: [develop]
-      repo: TheHive-Project/TheHive
+      event: {exclude: [pull_request]}
 
   # Deploy binaries in staging environment
   - name: copy binaries in staging environment
@@ -185,7 +185,7 @@ steps:
       strip_components: 3
     when:
       branch: [master]
-      repo: TheHive-Project/TheHive
+      event: {exclude: [pull_request]}
 
   - name: deploy binaries in staging environment
     image: appleboy/drone-ssh
@@ -197,7 +197,7 @@ steps:
         - ./start thehive ${DRONE_BUILD_NUMBER}
     when:
       branch: [master]
-      repo: TheHive-Project/TheHive
+      event: {exclude: [pull_request]}
 
 volumes:
   - name: cache

From 0644bc196a1a9fafb4c556106ac3948a94a52030 Mon Sep 17 00:00:00 2001
From: Nabil Adouani <nabil.adouani@gmail.com>
Date: Tue, 19 Feb 2019 11:21:57 +0100
Subject: [PATCH 21/29] #831 Fix the observable tags input

---
 ui/app/scripts/app.js                         | 14 +++++
 .../case/CaseObservablesItemCtrl.js           | 51 ++++++++-----------
 2 files changed, 34 insertions(+), 31 deletions(-)

diff --git a/ui/app/scripts/app.js b/ui/app/scripts/app.js
index df48f06ae6..294cd209bf 100644
--- a/ui/app/scripts/app.js
+++ b/ui/app/scripts/app.js
@@ -313,6 +313,20 @@ angular.module('thehive', ['ngAnimate', 'ngMessages', 'ngSanitize', 'ui.bootstra
                 resolve: {
                     appConfig: function(VersionSrv) {
                         return VersionSrv.get();
+                    },
+                    artifact: function($q, $stateParams, CaseArtifactSrv, NotificationSrv) {
+                        var deferred = $q.defer();
+
+                        CaseArtifactSrv.api().get({
+                            'artifactId': $stateParams.itemId
+                        }).$promise.then(function(data) {
+                            deferred.resolve(data);
+                        }).catch(function(response) {
+                            deferred.reject(response);
+                            NotificationSrv.error('Observable Details', response.data, response.status);
+                        });
+
+                        return deferred.promise;
                     }
                 }
             })
diff --git a/ui/app/scripts/controllers/case/CaseObservablesItemCtrl.js b/ui/app/scripts/controllers/case/CaseObservablesItemCtrl.js
index 8947c9aca6..f7690ffe60 100644
--- a/ui/app/scripts/controllers/case/CaseObservablesItemCtrl.js
+++ b/ui/app/scripts/controllers/case/CaseObservablesItemCtrl.js
@@ -1,7 +1,7 @@
 (function () {
     'use strict';
     angular.module('theHiveControllers').controller('CaseObservablesItemCtrl',
-        function ($scope, $state, $stateParams, $q, $filter, $timeout, $document, CaseTabsSrv, CaseArtifactSrv, CortexSrv, PSearchSrv, AnalyzerSrv, NotificationSrv, VersionSrv, TagSrv, appConfig) {
+        function ($scope, $state, $stateParams, $q, $filter, $timeout, $document, CaseTabsSrv, CaseArtifactSrv, CortexSrv, PSearchSrv, AnalyzerSrv, NotificationSrv, VersionSrv, TagSrv, appConfig, artifact) {
             var observableId = $stateParams.itemId,
                 observableName = 'observable-' + observableId;
 
@@ -18,7 +18,7 @@
                 'logMissing': ''
             };
 
-            $scope.artifact = {};
+            $scope.artifact = artifact;
             $scope.artifact.tlp = $scope.artifact.tlp || -1;
             $scope.analysisEnabled = VersionSrv.hasCortex();
             $scope.cortexServers = $scope.analysisEnabled && appConfig.connectors.cortex.servers;
@@ -32,37 +32,23 @@
                 mode: 'vb'
             };
 
-            CaseArtifactSrv.api().get({
-                'artifactId': observableId
-            }, function (observable) {
-
-                // Add tab
-                CaseTabsSrv.addTab(observableName, {
-                    name: observableName,
-                    label: observable.data || observable.attachment.name,
-                    closable: true,
-                    state: 'app.case.observables-item',
-                    params: {
-                        itemId: observable.id
-                    }
-                });
-
-                // Select tab
-                $timeout(function() {
-                    CaseTabsSrv.activateTab(observableName);
-                }, 0);
-
-
-                // Prepare the scope data
-                $scope.initScope(observable);
-
-            }, function (response) {
-                NotificationSrv.error('ObservableDetails', response.data, response.status);
-                CaseTabsSrv.activateTab('observables');
+            // Add tab
+            CaseTabsSrv.addTab(observableName, {
+                name: observableName,
+                label: artifact.data || artifact.attachment.name,
+                closable: true,
+                state: 'app.case.observables-item',
+                params: {
+                    itemId: artifact.id
+                }
             });
 
-            $scope.initScope = function (artifact) {
-                $scope.artifact = artifact;
+            // Select tab
+            $timeout(function() {
+                CaseTabsSrv.activateTab(observableName);
+            }, 0);
+
+            $scope.initScope = function (artifact) {                
 
                 // Get analyzers available for the observable's datatype
                 AnalyzerSrv.forDataType(artifact.dataType)
@@ -101,6 +87,9 @@
                   });
             };
 
+            // Prepare the scope data
+            $scope.initScope(artifact);
+
             $scope.onJobsChange = function (updates) {
                 $scope.analyzerJobs = {};
 

From 4d827fa1ff923773337ec21fbfb6432864085615 Mon Sep 17 00:00:00 2001
From: Nabil Adouani <nabil.adouani@gmail.com>
Date: Tue, 19 Feb 2019 11:31:41 +0100
Subject: [PATCH 22/29] #876 Update case details title and case list title
 columns to be wrappable

---
 ui/app/views/partials/case/case.list.html      | 6 +++---
 ui/app/views/partials/case/case.panelinfo.html | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/ui/app/views/partials/case/case.list.html b/ui/app/views/partials/case/case.list.html
index 7fc06dfbb3..652263c438 100644
--- a/ui/app/views/partials/case/case.list.html
+++ b/ui/app/views/partials/case/case.list.html
@@ -68,7 +68,7 @@ <h3 class="box-title">List of cases ({{$vm.list.total || 0}} of {{$vm.caseStats.
 
                                     <td class="p-0 bg-tlp-{{currentCase.tlp}} clickable" ng-click="$vm.filterByTlp(currentCase.tlp)"></td>
                                     <td>
-                                        <div class="case-title">
+                                        <div class="case-title wrap">
                                             <a ui-sref="app.case.details({caseId: currentCase.id})">#{{currentCase.caseId}} - {{currentCase.title}}</a>
                                         </div>
                                         <div class="case-tags flexwrap mt-xxs">
@@ -84,11 +84,11 @@ <h3 class="box-title">List of cases ({{$vm.list.total || 0}} of {{$vm.caseStats.
                                             </small>
                                         </div>
                                         <div class="text-danger" ng-if="currentCase.mergeFrom">
-                        					<small>
+                        					          <small>
                                                 Merged from <a href ui-sref="app.case.details({caseId: currentCase.mergeFrom[0]})"> Case #{{currentCase.stats.mergeFrom[0].caseId}}</a> and
                                                 <a href ui-sref="app.case.details({caseId: currentCase.mergeFrom[1]})"> Case #{{currentCase.stats.mergeFrom[1].caseId}}</a>
                                             </small>
-                        				</div>
+                        				        </div>
                                     </td>
                                     <td align="center">
                                         <div class="clickable" ng-click="$vm.filterBySeverity(currentCase.severity)">
diff --git a/ui/app/views/partials/case/case.panelinfo.html b/ui/app/views/partials/case/case.panelinfo.html
index f98344aaff..c7a15240bb 100644
--- a/ui/app/views/partials/case/case.panelinfo.html
+++ b/ui/app/views/partials/case/case.panelinfo.html
@@ -2,7 +2,7 @@
     <div class="box-header with-border">
         <h3 class="box-title">
             <severity value="caze.severity"></severity>
-            <span>Case #
+            <span class="wrap">Case #
                 {{caze.caseId}}
                 -
                 {{caze.title}}</span>

From 321d2db42bf2b0c56f29d24b9604778ba2b349f3 Mon Sep 17 00:00:00 2001
From: Nabil Adouani <nabil.adouani@gmail.com>
Date: Tue, 19 Feb 2019 13:42:02 +0100
Subject: [PATCH 23/29] #820 Display link to MISP UI for every MISP alert

---
 ui/app/scripts/app.js                            |  4 ++--
 .../scripts/controllers/alert/AlertListCtrl.js   |  4 +++-
 .../scripts/controllers/case/CaseAlertsCtrl.js   |  4 +++-
 ui/app/scripts/services/VersionSrv.js            | 16 +++++++++++++++-
 ui/app/views/partials/alert/list.html            | 14 +++++++++++++-
 ui/app/views/partials/case/case.alerts.html      | 16 ++++++++--------
 6 files changed, 44 insertions(+), 14 deletions(-)

diff --git a/ui/app/scripts/app.js b/ui/app/scripts/app.js
index 294cd209bf..2b79943f4e 100644
--- a/ui/app/scripts/app.js
+++ b/ui/app/scripts/app.js
@@ -34,8 +34,8 @@ angular.module('thehive', ['ngAnimate', 'ngMessages', 'ngSanitize', 'ui.bootstra
                 templateUrl: 'views/login.html',
                 resolve: {
                     appConfig: function(VersionSrv) {
-                                 return VersionSrv.get();
-                              }
+                       return VersionSrv.get();
+                    }
                 },
                 params: {
                     autoLogin: false
diff --git a/ui/app/scripts/controllers/alert/AlertListCtrl.js b/ui/app/scripts/controllers/alert/AlertListCtrl.js
index bfe4803427..1b190023f8 100755
--- a/ui/app/scripts/controllers/alert/AlertListCtrl.js
+++ b/ui/app/scripts/controllers/alert/AlertListCtrl.js
@@ -1,9 +1,11 @@
 (function() {
     'use strict';
     angular.module('theHiveControllers')
-        .controller('AlertListCtrl', function($rootScope, $scope, $q, $state, $uibModal, TagSrv, CaseTemplateSrv, AlertingSrv, NotificationSrv, FilteringSrv, CortexSrv, Severity) {
+        .controller('AlertListCtrl', function($rootScope, $scope, $q, $state, $uibModal, TagSrv, CaseTemplateSrv, AlertingSrv, NotificationSrv, FilteringSrv, CortexSrv, Severity, VersionSrv) {
             var self = this;
 
+            self.urls = VersionSrv.mispUrls();
+
             self.list = [];
             self.selection = [];
             self.menu = {
diff --git a/ui/app/scripts/controllers/case/CaseAlertsCtrl.js b/ui/app/scripts/controllers/case/CaseAlertsCtrl.js
index 46bc1a17dc..c379fbfc43 100644
--- a/ui/app/scripts/controllers/case/CaseAlertsCtrl.js
+++ b/ui/app/scripts/controllers/case/CaseAlertsCtrl.js
@@ -1,7 +1,7 @@
 (function() {
     'use strict';
     angular.module('theHiveControllers').controller('CaseAlertsCtrl',
-        function($scope, $state, $stateParams, $uibModal, $timeout, CaseTabsSrv, alerts) {
+        function($scope, $state, $stateParams, $uibModal, $timeout, CaseTabsSrv, VersionSrv, alerts) {
             $scope.caseId = $stateParams.caseId;
             $scope.alerts = alerts;
             $scope.alertStats = [];
@@ -12,6 +12,8 @@
             };
             var tabName = 'alerts-' + $scope.caseId;
 
+            $scope.mispUrls = VersionSrv.mispUrls();
+
             // Add tab
             CaseTabsSrv.addTab(tabName, {
                 name: tabName,
diff --git a/ui/app/scripts/services/VersionSrv.js b/ui/app/scripts/services/VersionSrv.js
index bbd8d303c0..9750314fc0 100644
--- a/ui/app/scripts/services/VersionSrv.js
+++ b/ui/app/scripts/services/VersionSrv.js
@@ -13,7 +13,7 @@
                                   callback(appConfig);
                               }
                           });
-                    }, 60000);                    
+                    }, 60000);
                 },
                 get: function(force) {
                     var deferred = $q.defer();
@@ -40,6 +40,20 @@
                     } catch (err) {
                         return false;
                     }
+                },
+
+                mispUrls: function() {
+                    var urls = {};
+                    var misp = cache.connectors.misp;
+
+                    if(!misp) {
+                        return {};
+                    }
+
+                    (misp.servers || []).forEach(function(item) {
+                        urls[item.name] = item.url;
+                    });                    
+                    return urls;
                 }
             };
 
diff --git a/ui/app/views/partials/alert/list.html b/ui/app/views/partials/alert/list.html
index 34a018504f..735dd70717 100644
--- a/ui/app/views/partials/alert/list.html
+++ b/ui/app/views/partials/alert/list.html
@@ -108,7 +108,15 @@ <h3 class="box-title">List of alerts ({{$vm.list.total || 0}} of {{alertEvents.c
                                         <input type="checkbox" ng-model="event.selected" ng-change="$vm.select(event)">
                                     </td>
                                     <td class="wrap">
-                                        <strong>{{::event.sourceRef}}</strong>
+                                        <strong>
+                                            <span>{{::event.sourceRef}}</span>
+                                            <span ng-if="event.type === 'misp'" class="pl-xxs">
+                                                <a ng-href="{{$vm.urls[event.source]}}/events/{{event.sourceRef}}" target="_blank">
+                                                    <i class="fa fa-external-link"></i>
+                                                </a>
+                                            </span>
+                                        </strong>
+
                                     </td>
                                     <td>
                                         <span><a href ng-click="$vm.addFilterValue('type', event.type)">{{::event.type}}</a></span>
@@ -130,6 +138,10 @@ <h3 class="box-title">List of alerts ({{$vm.list.total || 0}} of {{alertEvents.c
                                             <strong class="text-muted mr-xxxs" ng-if="!event.tags || event.tags.length === 0">None</strong>
                                             <span ng-repeat="tag in event.tags track by $index" class="label label-primary mb-xxxs mr-xxxs pointer" ng-click="$vm.addFilterValue('tags', tag)">{{tag}}</span>
                                         </div>
+                                        <!-- <div class="flexwrap" ng-if="event.type === 'misp'">
+                                            <span class="mr-xxxs text-muted"><i class="fa fa-link"></i></span>
+                                            <a ng-href="{{$vm.urls[event.source]}}/events/{{event.sourceRef}}" target="_blank">Open in MISP</a>
+                                        </div> -->
                                     </td>
                                     <td><a href ng-click="$vm.addFilterValue('source', event.source)">{{event.source}}</a></td>
                                     <td class="text-center">
diff --git a/ui/app/views/partials/case/case.alerts.html b/ui/app/views/partials/case/case.alerts.html
index c4b75d8a86..0c4c3b39d3 100644
--- a/ui/app/views/partials/case/case.alerts.html
+++ b/ui/app/views/partials/case/case.alerts.html
@@ -10,13 +10,6 @@
             ng-click="filterBy('');"
             ng-class="{'label-primary': currentFilter===''}">All ({{alerts.length || 0}})</span>
 
-        <!-- <span><strong>Status:</strong></span>
-
-        <span class="label label-lg label-default mr-xxs clickable"
-            ng-repeat="statsItem in alertStats.status"
-            ng-click="filterBy('status', statsItem.key)"
-            ng-class="{'label-primary': currentFilter===statsItem.key}">{{statsItem.key}} ({{statsItem.value}})</span> -->
-
         <span><strong>Type:</strong></span>
         <span class="label label-lg label-default mr-xxs clickable"
             ng-repeat="statsItem in alertStats.type"
@@ -103,7 +96,14 @@
         <tbody>
             <tr ng-repeat="event in filteredAlerts = (alerts | filter:filtering | orderBy:sorting.field)">
                 <td class="wrap">
-                    <strong>{{::event.sourceRef}}</strong>
+                    <strong>
+                        <span>{{::event.sourceRef}}</span>
+                        <span ng-if="event.type === 'misp'" class="pl-xxs">
+                            <a ng-href="{{mispUrls[event.source]}}/events/{{event.sourceRef}}" target="_blank">
+                                <i class="fa fa-external-link"></i>
+                            </a>
+                        </span>
+                    </strong>
                 </td>
                 <td>
                     <span>{{::event.type}}</span>

From d265aa03f946b178f6d9bb0a0a9bebbd6fdefc3a Mon Sep 17 00:00:00 2001
From: Nabil Adouani <nabil.adouani@gmail.com>
Date: Wed, 20 Feb 2019 15:19:33 +0100
Subject: [PATCH 24/29] #829 Fix observable bulk creation when all the list
 fail

---
 ui/app/scripts/controllers/case/ObservableCreationCtrl.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ui/app/scripts/controllers/case/ObservableCreationCtrl.js b/ui/app/scripts/controllers/case/ObservableCreationCtrl.js
index 0e9b05c56e..8cfa86edd2 100644
--- a/ui/app/scripts/controllers/case/ObservableCreationCtrl.js
+++ b/ui/app/scripts/controllers/case/ObservableCreationCtrl.js
@@ -142,7 +142,7 @@
             $scope.handleSaveFailure = function(response) {
                 $scope.pendingAsync = false;
 
-                if (response.status === 400 && response.data.type === 'ConflictError') {
+                if (response.status === 400 && (response.data.type === 'ConflictError' || _.isArray(response.data))) {
                     $scope.failedObservables = $scope.getFailedObservables(response.data);
 
                     $scope.step = 'error';

From 4a0f551d1903065a4a3700c77e433cfd4dd159d5 Mon Sep 17 00:00:00 2001
From: To-om <toom@thehive-project.org>
Date: Wed, 20 Feb 2019 15:52:35 +0100
Subject: [PATCH 25/29] #829 Ignore directories in zip file

---
 .../app/controllers/ArtifactCtrl.scala        | 50 ++++++++++---------
 1 file changed, 27 insertions(+), 23 deletions(-)

diff --git a/thehive-backend/app/controllers/ArtifactCtrl.scala b/thehive-backend/app/controllers/ArtifactCtrl.scala
index 1071e59ae4..1655fe3a97 100644
--- a/thehive-backend/app/controllers/ArtifactCtrl.scala
+++ b/thehive-backend/app/controllers/ArtifactCtrl.scala
@@ -38,31 +38,35 @@ class ArtifactCtrl @Inject() (
   private[ArtifactCtrl] lazy val logger = Logger(getClass)
 
   // extract a file from the archive and make sure its size matches the header (to protect against zip bombs)
-  private def extractAndCheckSize(zipFile: ZipFile, header: FileHeader)(implicit authContext: AuthContext): FileInputValue = {
-    val file = tempSrv.newTemporaryFile(header.getFileName, "-fromZipFile")
-
-    val input = zipFile.getInputStream(header)
-    val size = header.getUncompressedSize
-    val sizedInput: FilterInputStream = new FilterInputStream(input) {
-      var totalRead = 0
-
-      override def read(): Int = {
-        if (totalRead < size) {
-          totalRead += 1
-          super.read()
+  private def extractAndCheckSize(zipFile: ZipFile, header: FileHeader)(implicit authContext: AuthContext): Option[FileInputValue] = {
+    val fileName = header.getFileName
+    if (fileName.contains('/')) None
+    else {
+      val file = tempSrv.newTemporaryFile(fileName, "-fromZipFile")
+
+      val input = zipFile.getInputStream(header)
+      val size = header.getUncompressedSize
+      val sizedInput: FilterInputStream = new FilterInputStream(input) {
+        var totalRead = 0
+
+        override def read(): Int = {
+          if (totalRead < size) {
+            totalRead += 1
+            super.read()
+          }
+          else throw BadRequestError("Error extracting file: output size doesn't match header")
         }
-        else throw BadRequestError("Error extracting file: output size doesn't match header")
       }
+      Files.delete(file)
+      val fileSize = Files.copy(sizedInput, file)
+      if (fileSize != size) {
+        file.toFile.delete()
+        throw InternalError("Error extracting file: output size doesn't match header")
+      }
+      input.close()
+      val contentType = Option(Files.probeContentType(file)).getOrElse("application/octet-stream")
+      Some(FileInputValue(header.getFileName, file, contentType))
     }
-    Files.delete(file)
-    val fileSize = Files.copy(sizedInput, file)
-    if (fileSize != size) {
-      file.toFile.delete()
-      throw InternalError("Error extracting file: output size doesn't match header")
-    }
-    input.close()
-    val contentType = Option(Files.probeContentType(file)).getOrElse("application/octet-stream")
-    FileInputValue(header.getFileName, file, contentType)
   }
 
   @Timed
@@ -91,7 +95,7 @@ class ArtifactCtrl @Inject() (
               }
 
               val multiFields = files.filterNot(_.isDirectory)
-                .map(extractAndCheckSize(zipFile, _))
+                .flatMap(extractAndCheckSize(zipFile, _))
                 .map { fiv ⇒
                   fields
                     .unset("isZip")

From 7dd264d51341ff17ee1ebed63306dafc26697eae Mon Sep 17 00:00:00 2001
From: Nabil Adouani <nabil.adouani@gmail.com>
Date: Wed, 20 Feb 2019 23:24:26 +0100
Subject: [PATCH 26/29] #888 WIP Add a UI Config section

---
 ui/app/index.html                             |  2 +
 ui/app/scripts/app.js                         | 16 +++++
 .../admin/AdminCustomFieldDialogCtrl.js       |  4 +-
 .../admin/AdminCustomFieldsCtrl.js            |  4 +-
 .../controllers/admin/AdminUiSettingsCtrl.js  | 32 +++++++++
 ui/app/scripts/services/UiSettingsSrv.js      | 65 +++++++++++++++++++
 ui/app/views/components/header.component.html |  7 ++
 ui/app/views/partials/admin/ui-settings.html  | 29 +++++++++
 8 files changed, 155 insertions(+), 4 deletions(-)
 create mode 100644 ui/app/scripts/controllers/admin/AdminUiSettingsCtrl.js
 create mode 100644 ui/app/scripts/services/UiSettingsSrv.js
 create mode 100644 ui/app/views/partials/admin/ui-settings.html

diff --git a/ui/app/index.html b/ui/app/index.html
index f0ebf9cd9e..8946fc036c 100644
--- a/ui/app/index.html
+++ b/ui/app/index.html
@@ -144,6 +144,7 @@
     <script src="scripts/controllers/admin/AdminMetricsCtrl.js"></script>
     <script src="scripts/controllers/admin/AdminObservablesCtrl.js"></script>
     <script src="scripts/controllers/admin/AdminReportTemplatesCtrl.js"></script>
+    <script src="scripts/controllers/admin/AdminUiSettingsCtrl.js"></script>
     <script src="scripts/controllers/admin/AdminUserDialogCtrl.js"></script>
     <script src="scripts/controllers/admin/AdminUsersCtrl.js"></script>
     <script src="scripts/controllers/alert/AlertEventCtrl.js"></script>
@@ -269,6 +270,7 @@
     <script src="scripts/services/StreamStatSrv.js"></script>
     <script src="scripts/services/TagSrv.js"></script>
     <script src="scripts/services/TaskLogSrv.js"></script>
+    <script src="scripts/services/UiSettingsSrv.js"></script>
     <script src="scripts/services/UserInfoSrv.js"></script>
     <script src="scripts/services/UserSrv.js"></script>
     <script src="scripts/services/UtilsSrv.js"></script>
diff --git a/ui/app/scripts/app.js b/ui/app/scripts/app.js
index 2b79943f4e..8f4ddbc7a2 100644
--- a/ui/app/scripts/app.js
+++ b/ui/app/scripts/app.js
@@ -77,6 +77,10 @@ angular.module('thehive', ['ngAnimate', 'ngMessages', 'ngSanitize', 'ui.bootstra
                     appLayout: function($q, $rootScope, AppLayoutSrv) {
                         AppLayoutSrv.init();
                         return $q.resolve();
+                    },
+                    uiConfig: function($q, UiSettingsSrv) {
+                        UiSettingsSrv.all();
+                        return $q.resolve();
                     }
                 }
             })
@@ -215,6 +219,18 @@ angular.module('thehive', ['ngAnimate', 'ngMessages', 'ngSanitize', 'ui.bootstra
                 controller: 'AdminObservablesCtrl',
                 title: 'Observable administration'
             })
+            .state('app.administration.ui-settings', {
+                url: '/ui-settings',
+                templateUrl: 'views/partials/admin/ui-settings.html',
+                controller: 'AdminUiSettingsCtrl',
+                controllerAs: '$vm',
+                title: 'UI settings',
+                resolve: {
+                    uiConfig: function(UiSettingsSrv) {
+                        return UiSettingsSrv.all();
+                    }
+                }
+            })
             .state('app.case', {
                 abstract: true,
                 url: 'case/{caseId}',
diff --git a/ui/app/scripts/controllers/admin/AdminCustomFieldDialogCtrl.js b/ui/app/scripts/controllers/admin/AdminCustomFieldDialogCtrl.js
index 525d8222af..a44e0f9d92 100644
--- a/ui/app/scripts/controllers/admin/AdminCustomFieldDialogCtrl.js
+++ b/ui/app/scripts/controllers/admin/AdminCustomFieldDialogCtrl.js
@@ -78,11 +78,11 @@
         self.clearUniqueReferenceError = function(form) {
             form.reference.$setValidity('unique', true);
             form.reference.$setPristine();
-        }
+        };
 
         self.cancel = function() {
             $uibModalInstance.dismiss();
-        }
+        };
 
         self.onNamechanged = function(form) {
             if (!self.customField.name) {
diff --git a/ui/app/scripts/controllers/admin/AdminCustomFieldsCtrl.js b/ui/app/scripts/controllers/admin/AdminCustomFieldsCtrl.js
index 9a82e94fe9..9b4a631bd3 100644
--- a/ui/app/scripts/controllers/admin/AdminCustomFieldsCtrl.js
+++ b/ui/app/scripts/controllers/admin/AdminCustomFieldsCtrl.js
@@ -59,12 +59,12 @@
                     }
                 });
 
-                modalInstance.result.then(function(data) {
+                modalInstance.result.then(function(/*data*/) {
                     self.initCustomfields();
                     CustomFieldsCacheSrv.clearCache();
                     $scope.$emit('custom-fields:refresh');
                 });
-            }
+            };
 
             self.initCustomfields();
         });
diff --git a/ui/app/scripts/controllers/admin/AdminUiSettingsCtrl.js b/ui/app/scripts/controllers/admin/AdminUiSettingsCtrl.js
new file mode 100644
index 0000000000..4a3756601f
--- /dev/null
+++ b/ui/app/scripts/controllers/admin/AdminUiSettingsCtrl.js
@@ -0,0 +1,32 @@
+(function() {
+    'use strict';
+
+    angular.module('theHiveControllers').controller('AdminUiSettingsCtrl', function(UiSettingsSrv, uiConfig) {
+            var self = this;
+
+            self.save = function(/*form*/) {
+                self.settingsKeys.forEach(function(key) {
+                    //if(form[key].$dirty) {
+                    if(!self.currentSettings[key]) {
+                        UiSettingsSrv.create(key, self.configs[key]);
+                    } else {
+                        UiSettingsSrv.update(self.currentSettings[key].id, key, self.configs[key]);
+                    }
+                    //}
+                });
+            };
+
+            self.loadSettings = function() {
+                self.settingsKeys = UiSettingsSrv.keys;
+                self.currentSettings = uiConfig;
+
+                self.configs = {};
+                self.settingsKeys.forEach(function(key) {
+                    self.configs[key] = (uiConfig[key] || {}).value;
+                });
+            };
+
+            self.loadSettings();
+
+        });
+})();
diff --git a/ui/app/scripts/services/UiSettingsSrv.js b/ui/app/scripts/services/UiSettingsSrv.js
new file mode 100644
index 0000000000..6791f7c2a8
--- /dev/null
+++ b/ui/app/scripts/services/UiSettingsSrv.js
@@ -0,0 +1,65 @@
+(function() {
+    'use strict';
+    angular.module('theHiveServices').factory('UiSettingsSrv', function(ListSrv, $q) {
+
+        var settings = null;
+
+        return {
+            keys: [
+                'hideEmptyCaseButton'
+            ],
+            clearCache: function() {
+                settings = null;
+            },
+
+            get: function(name) {
+                return settings[name];
+            },
+
+            create: function(name, value) {
+                return ListSrv.save({listId: 'ui_settings'}, {
+                    value: {
+                        name: name,
+                        value: value
+                    }
+                }).$promise;
+            },
+
+            update: function(id, name, value) {
+                return ListSrv.update({itemId: id}, {
+                    value: {
+                        name: name,
+                        value: value
+                    }
+                }).$promise;
+            },
+
+            all: function(force) {
+                var deferred = $q.defer();
+
+                if(settings === null || force) {
+                    ListSrv.query({listId: 'ui_settings'}, {}, function(response) {
+                        var json = response.toJSON();
+
+                        settings = {};
+
+                        _.each(_.keys(json), function(key) {
+                            var setting = json[key];
+
+                            settings[setting.name] = setting;
+                            settings[setting.name].id = key;
+                        });
+
+                        deferred.resolve(settings);
+                    }, function(response) {
+                        deferred.reject(response);
+                    });
+                } else {
+                    deferred.resolve(settings);
+                }
+
+                return deferred.promise;
+            }
+        };
+    });
+})();
diff --git a/ui/app/views/components/header.component.html b/ui/app/views/components/header.component.html
index 6725f1f845..3533d777c9 100644
--- a/ui/app/views/components/header.component.html
+++ b/ui/app/views/components/header.component.html
@@ -157,6 +157,13 @@
                                 <span class="hpad5">Case custom fields</span>
                             </a>
                         </li>
+                        <li class="divider"></li>
+                        <li>
+                            <a ui-sref="app.administration.ui-settings">
+                                <i class="fa fa-cogs"></i>
+                                <span class="hpad5">UI settings</span>
+                            </a>
+                        </li>
                     </ul>
                 </li>
                 <li class="dropdown" uib-dropdown>
diff --git a/ui/app/views/partials/admin/ui-settings.html b/ui/app/views/partials/admin/ui-settings.html
new file mode 100644
index 0000000000..4e48545343
--- /dev/null
+++ b/ui/app/views/partials/admin/ui-settings.html
@@ -0,0 +1,29 @@
+<div class="row">
+    <div class="col-md-12">
+        <form name="settingsForm" class="form-horizontal" ng-submit="$vm.save(settingsForm)" novalidate>
+            <div class="box">
+                <div class="box-header">
+                    <h3 class="box-title">UI Settings</h3>
+                </div>
+                <div class="box-body">
+
+                    <div class="form-group">
+                        <label class="col-md-3 control-label">Hide <em>Empty Case</em> button</label>
+                        <div class="col-md-9">
+                            <div class="checkbox">
+                                <label>
+                                  <input name="hideEmptyCaseButton" type="checkbox" ng-model="$vm.configs.hideEmptyCaseButton"> Check this to disallow creating empty cases
+                                </label>
+                            </div>
+                        </div>
+                    </div>
+
+                    <div class="mt-s">
+                        <button class="btn btn-primary pull-right" ng-disabled="settingsForm.$invalid" type="submit">Save</button>
+                    </div>
+
+                </div>
+            </div>
+        </form>
+    </div>
+</div>

From 27db888c8c292cce7be5fd9d6b2e51bad0a05f77 Mon Sep 17 00:00:00 2001
From: Nabil Adouani <nabil.adouani@gmail.com>
Date: Thu, 21 Feb 2019 00:07:08 +0100
Subject: [PATCH 27/29] #888 Complete the UI settings admin section

---
 .../controllers/admin/AdminUiSettingsCtrl.js  | 65 +++++++++++++++----
 ui/app/scripts/services/UiSettingsSrv.js      |  4 +-
 ui/app/views/partials/admin/ui-settings.html  | 22 +++++++
 3 files changed, 76 insertions(+), 15 deletions(-)

diff --git a/ui/app/scripts/controllers/admin/AdminUiSettingsCtrl.js b/ui/app/scripts/controllers/admin/AdminUiSettingsCtrl.js
index 4a3756601f..518dde8676 100644
--- a/ui/app/scripts/controllers/admin/AdminUiSettingsCtrl.js
+++ b/ui/app/scripts/controllers/admin/AdminUiSettingsCtrl.js
@@ -1,32 +1,69 @@
 (function() {
     'use strict';
 
-    angular.module('theHiveControllers').controller('AdminUiSettingsCtrl', function(UiSettingsSrv, uiConfig) {
+    angular.module('theHiveControllers').controller('AdminUiSettingsCtrl', function($scope, $q, NotificationSrv, UiSettingsSrv, uiConfig) {
             var self = this;
 
+            self.isDirtySetting = function(key, newValue) {
+                var currentValue = (self.currentSettings[key] || {}).value;
+
+                return newValue !== currentValue;
+            };
+
             self.save = function(/*form*/) {
+                var promises = [];
+
                 self.settingsKeys.forEach(function(key) {
-                    //if(form[key].$dirty) {
-                    if(!self.currentSettings[key]) {
-                        UiSettingsSrv.create(key, self.configs[key]);
-                    } else {
-                        UiSettingsSrv.update(self.currentSettings[key].id, key, self.configs[key]);
+                    if(self.isDirtySetting(key, self.configs[key])) {
+                        if(!self.currentSettings[key]) {
+                            promises.push(UiSettingsSrv.create(key, self.configs[key]));
+                        } else {
+                            promises.push(UiSettingsSrv.update(self.currentSettings[key].id, key, self.configs[key]));
+                        }
                     }
-                    //}
                 });
+
+                if(promises.length === 0) {
+                    return;
+                }
+
+                $q.all(promises)
+                    .then(function(/*responses*/) {
+                        self.loadSettings();
+                        NotificationSrv.log('UI Settings updated successfully', 'success');
+                    })
+                    .catch(function(/*errors*/) {
+                        NotificationSrv.error('An error occurred during UI Settings update');
+                    });
             };
 
-            self.loadSettings = function() {
-                self.settingsKeys = UiSettingsSrv.keys;
-                self.currentSettings = uiConfig;
+            self.loadSettings = function(configurations) {
+                var notifyRoot = false;
+                var promise;
 
-                self.configs = {};
-                self.settingsKeys.forEach(function(key) {
-                    self.configs[key] = (uiConfig[key] || {}).value;
+                if(configurations) {
+                    promise = $q.resolve(configurations);
+                } else {
+                    promise = UiSettingsSrv.all(true);
+                    notifyRoot = true;
+                }
+
+                promise.then(function(configs) {
+                    self.settingsKeys = UiSettingsSrv.keys;
+                    self.currentSettings = configs;
+
+                    self.configs = {};
+                    self.settingsKeys.forEach(function(key) {
+                        self.configs[key] = (configs[key] || {}).value;
+                    });
+
+                    if(notifyRoot) {
+                        $scope.$emit('ui-settings:refresh', configs);
+                    }
                 });
             };
 
-            self.loadSettings();
+            self.loadSettings(uiConfig);
 
         });
 })();
diff --git a/ui/app/scripts/services/UiSettingsSrv.js b/ui/app/scripts/services/UiSettingsSrv.js
index 6791f7c2a8..ccadd40bd5 100644
--- a/ui/app/scripts/services/UiSettingsSrv.js
+++ b/ui/app/scripts/services/UiSettingsSrv.js
@@ -6,7 +6,9 @@
 
         return {
             keys: [
-                'hideEmptyCaseButton'
+                'hideEmptyCaseButton',
+                'hideMyTasks',
+                'hideWaitingTasks'
             ],
             clearCache: function() {
                 settings = null;
diff --git a/ui/app/views/partials/admin/ui-settings.html b/ui/app/views/partials/admin/ui-settings.html
index 4e48545343..ef677430f3 100644
--- a/ui/app/views/partials/admin/ui-settings.html
+++ b/ui/app/views/partials/admin/ui-settings.html
@@ -18,6 +18,28 @@ <h3 class="box-title">UI Settings</h3>
                         </div>
                     </div>
 
+                    <div class="form-group">
+                        <label class="col-md-3 control-label">Hide <em>My Tasks</em> menu</label>
+                        <div class="col-md-9">
+                            <div class="checkbox">
+                                <label>
+                                  <input name="hideMyTasks" type="checkbox" ng-model="$vm.configs.hideMyTasks"> Check this to hide the <em>My Tasks</em> menu from the header
+                                </label>
+                            </div>
+                        </div>
+                    </div>
+
+                    <div class="form-group">
+                        <label class="col-md-3 control-label">Hide <em>Waiting Task</em> menu</label>
+                        <div class="col-md-9">
+                            <div class="checkbox">
+                                <label>
+                                  <input name="hideWaitingTasks" type="checkbox" ng-model="$vm.configs.hideWaitingTasks"> Check this to hide the <em>Waiting Tasks</em> menu from the header
+                                </label>
+                            </div>
+                        </div>
+                    </div>
+
                     <div class="mt-s">
                         <button class="btn btn-primary pull-right" ng-disabled="settingsForm.$invalid" type="submit">Save</button>
                     </div>

From afab711c7e52ab5826b38ec1ac1ff99d47aba91f Mon Sep 17 00:00:00 2001
From: Nabil Adouani <nabil.adouani@gmail.com>
Date: Thu, 21 Feb 2019 00:20:18 +0100
Subject: [PATCH 28/29] #449 Allow TheHive admin to disable creating an empty
 case from header or alert

---
 ui/app/scripts/controllers/RootCtrl.js        |  5 ++++-
 .../controllers/alert/AlertListCtrl.js        |  3 +++
 .../case/CaseTemplatesDialogCtrl.js           |  8 ++++---
 ui/app/scripts/services/UiSettingsSrv.js      | 20 ++++++++++++-----
 ui/app/views/partials/admin/ui-settings.html  | 22 -------------------
 .../case/case.templates.selector.html         |  8 +++----
 6 files changed, 30 insertions(+), 36 deletions(-)

diff --git a/ui/app/scripts/controllers/RootCtrl.js b/ui/app/scripts/controllers/RootCtrl.js
index b6b0b35a67..882465e6b2 100644
--- a/ui/app/scripts/controllers/RootCtrl.js
+++ b/ui/app/scripts/controllers/RootCtrl.js
@@ -179,13 +179,16 @@ angular.module('theHiveControllers').controller('RootCtrl',
                 resolve: {
                     templates: function(){
                         return $scope.templates;
+                    },
+                    uiSettings: function(UiSettingsSrv) {
+                        return UiSettingsSrv.all();
                     }
                 }
             });
 
             modal.result.then(function(template) {
                 $scope.createNewCase(template);
-            })
+            });
         };
 
         $scope.aboutTheHive = function() {
diff --git a/ui/app/scripts/controllers/alert/AlertListCtrl.js b/ui/app/scripts/controllers/alert/AlertListCtrl.js
index 1b190023f8..05c2c9a57c 100755
--- a/ui/app/scripts/controllers/alert/AlertListCtrl.js
+++ b/ui/app/scripts/controllers/alert/AlertListCtrl.js
@@ -324,6 +324,9 @@
                           resolve: {
                               templates: function(){
                                   return templates;
+                              },                              
+                              uiSettings: function(UiSettingsSrv) {
+                                  return UiSettingsSrv.all();
                               }
                           }
                       });
diff --git a/ui/app/scripts/controllers/case/CaseTemplatesDialogCtrl.js b/ui/app/scripts/controllers/case/CaseTemplatesDialogCtrl.js
index b65aa6a574..770afac4e8 100644
--- a/ui/app/scripts/controllers/case/CaseTemplatesDialogCtrl.js
+++ b/ui/app/scripts/controllers/case/CaseTemplatesDialogCtrl.js
@@ -1,11 +1,13 @@
 (function() {
     'use strict';
     angular.module('theHiveControllers').controller('CaseTemplatesDialogCtrl',
-        function($scope, $uibModalInstance, templates) {
+        function($scope, $uibModalInstance, UiSettingsSrv, templates, uiSettings) {
             this.templates = templates;
+            this.uiSettings = uiSettings;
             this.state = {
                 filter: null,
-                selected: null
+                selected: null,
+                hideEmptyCaseButton: UiSettingsSrv.hideEmptyCaseButton()
             };
 
             this.selectTemplate = function(template) {
@@ -18,7 +20,7 @@
 
             this.next = function(template) {
                 $uibModalInstance.close(template);
-            }
+            };
 
             this.cancel = function() {
                 $uibModalInstance.dismiss();
diff --git a/ui/app/scripts/services/UiSettingsSrv.js b/ui/app/scripts/services/UiSettingsSrv.js
index ccadd40bd5..27103e4e99 100644
--- a/ui/app/scripts/services/UiSettingsSrv.js
+++ b/ui/app/scripts/services/UiSettingsSrv.js
@@ -4,12 +4,12 @@
 
         var settings = null;
 
-        return {
-            keys: [
-                'hideEmptyCaseButton',
-                'hideMyTasks',
-                'hideWaitingTasks'
-            ],
+        var keys = [
+            'hideEmptyCaseButton'
+        ];
+
+        var factory = {
+            keys: keys,
             clearCache: function() {
                 settings = null;
             },
@@ -63,5 +63,13 @@
                 return deferred.promise;
             }
         };
+
+        keys.forEach(function(key) {
+            factory[key] = function() {
+                return (settings[key] || {}).value;
+            };
+        });
+
+        return factory;
     });
 })();
diff --git a/ui/app/views/partials/admin/ui-settings.html b/ui/app/views/partials/admin/ui-settings.html
index ef677430f3..4e48545343 100644
--- a/ui/app/views/partials/admin/ui-settings.html
+++ b/ui/app/views/partials/admin/ui-settings.html
@@ -18,28 +18,6 @@ <h3 class="box-title">UI Settings</h3>
                         </div>
                     </div>
 
-                    <div class="form-group">
-                        <label class="col-md-3 control-label">Hide <em>My Tasks</em> menu</label>
-                        <div class="col-md-9">
-                            <div class="checkbox">
-                                <label>
-                                  <input name="hideMyTasks" type="checkbox" ng-model="$vm.configs.hideMyTasks"> Check this to hide the <em>My Tasks</em> menu from the header
-                                </label>
-                            </div>
-                        </div>
-                    </div>
-
-                    <div class="form-group">
-                        <label class="col-md-3 control-label">Hide <em>Waiting Task</em> menu</label>
-                        <div class="col-md-9">
-                            <div class="checkbox">
-                                <label>
-                                  <input name="hideWaitingTasks" type="checkbox" ng-model="$vm.configs.hideWaitingTasks"> Check this to hide the <em>Waiting Tasks</em> menu from the header
-                                </label>
-                            </div>
-                        </div>
-                    </div>
-
                     <div class="mt-s">
                         <button class="btn btn-primary pull-right" ng-disabled="settingsForm.$invalid" type="submit">Save</button>
                     </div>
diff --git a/ui/app/views/partials/case/case.templates.selector.html b/ui/app/views/partials/case/case.templates.selector.html
index 4057a9ca4e..16ed0ddd63 100644
--- a/ui/app/views/partials/case/case.templates.selector.html
+++ b/ui/app/views/partials/case/case.templates.selector.html
@@ -2,15 +2,15 @@
     <h3 class="modal-title">Create new Case</h3>
 </div>
 <div class="modal-body">
-    <div class="mv-xs">
+    <div class="mv-xs" ng-if="!!!dialog.state.hideEmptyCaseButton">
       <button class="btn btn-block btn-primary btn-lg" ng-click="dialog.next()">
           Empty Case
       </button>
-    </div>
 
-    <p class="mv-m text-separator text-muted">OR</p>
+      <p class="mv-m text-separator text-muted">OR</p>
+    </div>
 
-    <div class="box box-primary">
+    <div class="box box-default">
       <div class="box-header">
         <h3 class="box-title">Select a template</h3>
         <div class="box-tools pull-right">

From 40135202dfcc83230d2ec5b29512c0298abe4e33 Mon Sep 17 00:00:00 2001
From: To-om <toom@thehive-project.org>
Date: Thu, 21 Feb 2019 15:04:49 +0100
Subject: [PATCH 29/29] update version and changelog

---
 CHANGELOG.md    | 33 ++++++++++++++++++++++++++++++++-
 ui/bower.json   |  2 +-
 ui/package.json |  2 +-
 version.sbt     |  2 +-
 4 files changed, 35 insertions(+), 4 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index cf414d99e1..ce9ab04631 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,7 +1,38 @@
 # Change Log
 
-## [3.3.0-RC2](https://github.com/TheHive-Project/TheHive/tree/3.3.0-RC2) (2019-02-07)
+## [3.3.0-RC3](https://github.com/TheHive-Project/TheHive/tree/3.3.0-RC3) (2019-02-21)
+
+[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/3.3.0-RC2...3.3.0-RC3)
+
+**Implemented enhancements:**
+
+- Add a UI configuration admin section [\#888](https://github.com/TheHive-Project/TheHive/issues/888)
+- Add a Related Alerts link to case details view [\#884](https://github.com/TheHive-Project/TheHive/issues/884)
+- Update Copyright with year 2019 [\#879](https://github.com/TheHive-Project/TheHive/issues/879)
+- Provide a quick link to copy alert id [\#870](https://github.com/TheHive-Project/TheHive/issues/870)
+- \[BUG\] Audit trail for alert ignore [\#863](https://github.com/TheHive-Project/TheHive/issues/863)
+- Related artifacts: IOC/not IOC [\#838](https://github.com/TheHive-Project/TheHive/issues/838)
+- Feature: Add "auto-completion" to the UI [\#831](https://github.com/TheHive-Project/TheHive/issues/831)
+- Improvement: Upload of observables seem to fail "silently" [\#829](https://github.com/TheHive-Project/TheHive/issues/829)
+- Feature Request: link to and from Hive to MISP [\#820](https://github.com/TheHive-Project/TheHive/issues/820)
+- Disable clickable widgets in dashboard edit mode [\#485](https://github.com/TheHive-Project/TheHive/issues/485)
+- Ability to disable "New Case" -\> "Empty case" [\#449](https://github.com/TheHive-Project/TheHive/issues/449)
+
+**Fixed bugs:**
+
+- Drone build fails on pull-requests [\#882](https://github.com/TheHive-Project/TheHive/issues/882)
+- AKKA version missmatch [\#877](https://github.com/TheHive-Project/TheHive/issues/877)
+- Label Typo in Updated Alerts [\#874](https://github.com/TheHive-Project/TheHive/issues/874)
+- Log message related to MISP synchronization is confusing [\#871](https://github.com/TheHive-Project/TheHive/issues/871)
+- Cortex responders with DataType `thehive:case\_artifact` do not show up within thehive when attempting to run them for observables. [\#869](https://github.com/TheHive-Project/TheHive/issues/869)
+- Alert updates and tracking \(follow\) [\#856](https://github.com/TheHive-Project/TheHive/issues/856)
+
+**Merged pull requests:**
 
+- Update akka version [\#878](https://github.com/TheHive-Project/TheHive/pull/878) ([zpriddy](https://github.com/zpriddy))
+- Fix Update Label to Warning [\#873](https://github.com/TheHive-Project/TheHive/pull/873) ([zpriddy](https://github.com/zpriddy))
+
+## [3.3.0-RC2](https://github.com/TheHive-Project/TheHive/tree/3.3.0-RC2) (2019-02-07)
 [Full Changelog](https://github.com/TheHive-Project/TheHive/compare/3.3.0-RC1...3.3.0-RC2)
 
 **Fixed bugs:**
diff --git a/ui/bower.json b/ui/bower.json
index 3b6695f030..f56c35e652 100644
--- a/ui/bower.json
+++ b/ui/bower.json
@@ -1,6 +1,6 @@
 {
   "name": "thehive",
-  "version": "3.3.0-RC2",
+  "version": "3.3.0-RC3",
   "license": "AGPL-3.0",
   "dependencies": {
     "angular": "1.5.8",
diff --git a/ui/package.json b/ui/package.json
index d566ad6bad..fdcc56fab8 100644
--- a/ui/package.json
+++ b/ui/package.json
@@ -1,6 +1,6 @@
 {
     "name": "thehive",
-    "version": "3.3.0-RC2",
+    "version": "3.3.0-RC3",
     "license": "AGPL-3.0",
     "repository": {
         "type": "git",
diff --git a/version.sbt b/version.sbt
index d7d3ca675d..84cc17b6f1 100644
--- a/version.sbt
+++ b/version.sbt
@@ -1 +1 @@
-version in ThisBuild := "3.3.0-RC2"
+version in ThisBuild := "3.3.0-RC3"