Merge branch 'hotfix/3.0.10'

TheHive-Project · May 29, 2018 · 6295146 · 6295146
2 parents bd257eb + 257184e
commit 6295146
Show file tree

Hide file tree

Showing 29 changed files with 379 additions and 157 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,6 +1,37 @@
 # Change Log
 
-## [3.0.9](https://github.com/TheHive-Project/TheHive/tree/3.0.9)
+## [3.0.10](https://github.com/TheHive-Project/TheHive/tree/3.0.10) (2018-05-29)
+
+[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/3.0.9...3.0.10)
+
+**Implemented enhancements:**
+
+- Rotate logs [\#579](https://github.com/TheHive-Project/TheHive/issues/579)
+- Send caseId to Cortex analyzer [\#564](https://github.com/TheHive-Project/TheHive/issues/564)
+- Poll for connectors status and display  [\#563](https://github.com/TheHive-Project/TheHive/issues/563)
+- Sort related cases by related artifacts amount [\#548](https://github.com/TheHive-Project/TheHive/issues/548)
+- Time Calculation for individual tasks [\#546](https://github.com/TheHive-Project/TheHive/issues/546)
+
+**Fixed bugs:**
+
+- Wrong error message when creating a observable with invalid data [\#592](https://github.com/TheHive-Project/TheHive/issues/592)
+- Analyzer name not reflected in modal view of mini-reports [\#586](https://github.com/TheHive-Project/TheHive/issues/586)
+- Invalid searches lead to read error messages [\#584](https://github.com/TheHive-Project/TheHive/issues/584)
+- Merge case by ID brings red error message if not a number in textfield [\#583](https://github.com/TheHive-Project/TheHive/issues/583)
+- Open cases not listed after deletion of merged case in UI [\#557](https://github.com/TheHive-Project/TheHive/issues/557)
+- Making dashboards private makes them "invisible" [\#555](https://github.com/TheHive-Project/TheHive/issues/555)
+- MISP Synchronisation error [\#522](https://github.com/TheHive-Project/TheHive/issues/522)
+- Short Report is not shown on observables \(3.0.8\) [\#512](https://github.com/TheHive-Project/TheHive/issues/512)
+- Artifacts reports are not merged when merging cases [\#446](https://github.com/TheHive-Project/TheHive/issues/446)
+
+**Closed issues:**
+
+- Max Age Filter Not Working? [\#577](https://github.com/TheHive-Project/TheHive/issues/577)
+- Support X-Pack authentication/encryption for elastic [\#570](https://github.com/TheHive-Project/TheHive/issues/570)
+- Order the cases list by custom field \[Feature Request\] [\#567](https://github.com/TheHive-Project/TheHive/issues/567)
+- Using Postman to test the API, getting "No CSRF token found in headers" [\#549](https://github.com/TheHive-Project/TheHive/issues/549)
+
+## [3.0.9](https://github.com/TheHive-Project/TheHive/tree/3.0.9) (2018-04-13)
 [Full Changelog](https://github.com/TheHive-Project/TheHive/compare/3.0.8...3.0.9)
 
 **Fixed bugs:**
@@ -37,7 +68,7 @@
 
 - Add ElasticSearch file descriptor limit to docker-compose.yml [\#505](https://github.com/TheHive-Project/TheHive/pull/505) ([flmsc](https://github.com/flmsc))
 
-## [3.0.7](https://github.com/TheHive-Project/TheHive/tree/3.0.7) (2018-03-29)
+## [3.0.7](https://github.com/TheHive-Project/TheHive/tree/3.0.7) (2018-04-03)
 [Full Changelog](https://github.com/TheHive-Project/TheHive/compare/3.0.6...3.0.7)
 
 **Implemented enhancements:**
@@ -65,8 +96,8 @@
 
 **Fixed bugs:**
 
- - Importing Template Button Non-Functional bug [\#404](https://github.com/TheHive-Project/TheHive/issues/404)
- - No reports available for "domain" type bug [\#409](https://github.com/TheHive-Project/TheHive/issues/409)
+- No reports available for "domain" type [\#469](https://github.com/TheHive-Project/TheHive/issues/469)
+- Importing Template Button Non-Functional [\#404](https://github.com/TheHive-Project/TheHive/issues/404)
 
 ## [3.0.4](https://github.com/TheHive-Project/TheHive/tree/3.0.4) (2018-02-06)
 [Full Changelog](https://github.com/TheHive-Project/TheHive/compare/3.0.3...3.0.4)

diff --git a/conf/logback.xml b/conf/logback.xml
@@ -1,39 +1,50 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <configuration debug="false">
 
-	<conversionRule conversionWord="coloredLevel"
-		converterClass="play.api.libs.logback.ColoredLevel" />
-
-	<appender name="FILE" class="ch.qos.logback.core.FileAppender">
-		<file>${application.home:-.}/logs/application.log</file>
-		<encoder>
-			<pattern>%date [%level] from %logger in %thread - %message%n%xException</pattern>
-		</encoder>
-	</appender>
-
-	<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
-		<encoder>
-			<pattern>%coloredLevel %logger{15} - %message%n%xException{10}
-			</pattern>
-		</encoder>
-	</appender>
-
-	<appender name="ASYNCFILE" class="ch.qos.logback.classic.AsyncAppender">
-		<appender-ref ref="FILE" />
-	</appender>
-
-	<appender name="ASYNCSTDOUT" class="ch.qos.logback.classic.AsyncAppender">
-		<appender-ref ref="STDOUT" />
-	</appender>
-
-	<logger name="play" level="INFO" />
-	<logger name="application" level="INFO" />
-
-	<logger name="com.gargoylesoftware.htmlunit.javascript" level="OFF" />
-
-	<root level="INFO">
-		<appender-ref ref="ASYNCFILE" />
-		<appender-ref ref="ASYNCSTDOUT" />
-	</root>
+    <conversionRule conversionWord="coloredLevel"
+        converterClass="play.api.libs.logback.ColoredLevel" />
+
+    <appender name="FILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
+        <file>${application.home:-.}/logs/application.log</file>
+        <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+            <fileNamePattern>${application.home:-.}/logs/application.%i.log.zip</fileNamePattern>
+            <minIndex>1</minIndex>
+            <maxIndex>10</maxIndex>
+        </rollingPolicy>
+        <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+            <maxFileSize>10MB</maxFileSize>
+        </triggeringPolicy>
+        <encoder>
+            <pattern>%date [%level] from %logger in %thread - %message%n%xException</pattern>
+        </encoder>
+    </appender>
+
+    <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+        <encoder>
+            <pattern>%coloredLevel %logger{15} - %message%n%xException{10}
+            </pattern>
+        </encoder>
+    </appender>
+
+    <appender name="ASYNCFILE" class="ch.qos.logback.classic.AsyncAppender">
+        <appender-ref ref="FILE" />
+    </appender>
+
+    <appender name="ASYNCSTDOUT" class="ch.qos.logback.classic.AsyncAppender">
+        <appender-ref ref="STDOUT" />
+    </appender>
+
+    <logger name="play" level="INFO" />
+
+    <!-- Uncomment the next line to log search query sent to ElasticSearch -->
+    <!-- logger name="org.elastic4play.database.DBFind" level="DEBUG" /-->
+
+    <!-- Uncomment the next line to log debug information on Misp synchronization -->
+    <!-- logger name="connectors.misp" level="DEBUG" /-->
+
+    <root level="INFO">
+        <appender-ref ref="ASYNCFILE" />
+        <appender-ref ref="ASYNCSTDOUT" />
+    </root>
 
 </configuration>
diff --git a/package/logback.xml b/package/logback.xml
@@ -1,39 +1,50 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <configuration debug="false">
 
-	<conversionRule conversionWord="coloredLevel"
-		converterClass="play.api.libs.logback.ColoredLevel" />
-
-	<appender name="FILE" class="ch.qos.logback.core.FileAppender">
-		<file>/var/log/thehive/application.log</file>
-		<encoder>
-			<pattern>%date [%level] from %logger in %thread - %message%n%xException</pattern>
-		</encoder>
-	</appender>
-
-	<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
-		<encoder>
-			<pattern>%coloredLevel %logger{15} - %message%n%xException{10}
-			</pattern>
-		</encoder>
-	</appender>
-
-	<appender name="ASYNCFILE" class="ch.qos.logback.classic.AsyncAppender">
-		<appender-ref ref="FILE" />
-	</appender>
-
-	<appender name="ASYNCSTDOUT" class="ch.qos.logback.classic.AsyncAppender">
-		<appender-ref ref="STDOUT" />
-	</appender>
-
-	<logger name="play" level="INFO" />
-	<logger name="application" level="INFO" />
-
-	<logger name="com.gargoylesoftware.htmlunit.javascript" level="OFF" />
-
-	<root level="INFO">
-		<appender-ref ref="ASYNCFILE" />
-		<appender-ref ref="ASYNCSTDOUT" />
-	</root>
+    <conversionRule conversionWord="coloredLevel"
+        converterClass="play.api.libs.logback.ColoredLevel" />
+
+    <appender name="FILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
+        <file>/var/log/thehive/application.log</file>
+        <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+            <fileNamePattern>${application.home:-.}/logs/application.%i.log.zip</fileNamePattern>
+            <minIndex>1</minIndex>
+            <maxIndex>10</maxIndex>
+        </rollingPolicy>
+        <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+            <maxFileSize>10MB</maxFileSize>
+        </triggeringPolicy>
+        <encoder>
+            <pattern>%date [%level] from %logger in %thread - %message%n%xException</pattern>
+        </encoder>
+    </appender>
+
+    <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+        <encoder>
+            <pattern>%coloredLevel %logger{15} - %message%n%xException{10}
+            </pattern>
+        </encoder>
+    </appender>
+
+    <appender name="ASYNCFILE" class="ch.qos.logback.classic.AsyncAppender">
+        <appender-ref ref="FILE" />
+    </appender>
+
+    <appender name="ASYNCSTDOUT" class="ch.qos.logback.classic.AsyncAppender">
+        <appender-ref ref="STDOUT" />
+    </appender>
+
+    <logger name="play" level="INFO" />
+
+    <!-- Uncomment the next line to log search query sent to ElasticSearch -->
+    <!-- logger name="org.elastic4play.database.DBFind" level="DEBUG" /-->
+
+    <!-- Uncomment the next line to log debug information on Misp synchronization -->
+    <!-- logger name="connectors.misp" level="DEBUG" /-->
+
+    <root level="INFO">
+        <appender-ref ref="ASYNCFILE" />
+        <appender-ref ref="ASYNCSTDOUT" />
+    </root>
 
 </configuration>
diff --git a/thehive-backend/app/controllers/SearchCtrl.scala b/thehive-backend/app/controllers/SearchCtrl.scala
@@ -5,7 +5,7 @@ import javax.inject.{ Inject, Singleton }
 import scala.concurrent.{ ExecutionContext, Future }
 
 import play.api.http.Status
-import play.api.libs.json.{ JsObject, Json }
+import play.api.libs.json.JsObject
 import play.api.mvc.{ AbstractController, Action, ControllerComponents }
 
 import models.Roles
@@ -56,7 +56,7 @@ class SearchCtrl @Inject() (
         findSrv.apply(model, and(globalQuery ::: query), agg: _*)
       }
       .map { statsResults ⇒
-        renderer.toOutput(OK, statsResults.reduceOption(_ deepMerge _).getOrElse(Json.obj()))
+        renderer.toOutput(OK, statsResults.reduceOption(_ deepMerge _).getOrElse(JsObject.empty))
       }
   }
 }
diff --git a/thehive-backend/app/models/Alert.scala b/thehive-backend/app/models/Alert.scala
@@ -27,23 +27,23 @@ trait AlertAttributes {
   _: AttributeDef ⇒
   val artifactAttributes: Seq[Attribute[_]] = {
     val remoteAttachmentAttributes = Seq(
-      Attribute("alert", "reference", F.stringFmt, Seq(O.readonly), None, ""),
-      Attribute("alert", "filename", OptionalAttributeFormat(F.stringFmt), Seq(O.readonly), None, ""),
-      Attribute("alert", "contentType", OptionalAttributeFormat(F.stringFmt), Seq(O.readonly), None, ""),
-      Attribute("alert", "size", OptionalAttributeFormat(F.numberFmt), Seq(O.readonly), None, ""),
-      Attribute("alert", "hash", MultiAttributeFormat(F.stringFmt), Seq(O.readonly), None, ""),
-      Attribute("alert", "type", OptionalAttributeFormat(F.stringFmt), Seq(O.readonly), None, ""))
+      Attribute("alert", "reference", F.stringFmt, Nil, None, ""),
+      Attribute("alert", "filename", OptionalAttributeFormat(F.stringFmt), Nil, None, ""),
+      Attribute("alert", "contentType", OptionalAttributeFormat(F.stringFmt), Nil, None, ""),
+      Attribute("alert", "size", OptionalAttributeFormat(F.numberFmt), Nil, None, ""),
+      Attribute("alert", "hash", MultiAttributeFormat(F.stringFmt), Nil, None, ""),
+      Attribute("alert", "type", OptionalAttributeFormat(F.stringFmt), Nil, None, ""))
 
     Seq(
-      Attribute("alert", "data", OptionalAttributeFormat(F.stringFmt), Seq(O.readonly), None, ""),
-      Attribute("alert", "dataType", F.stringFmt, Seq(O.readonly), None, ""),
-      Attribute("alert", "message", OptionalAttributeFormat(F.stringFmt), Seq(O.readonly), None, ""),
-      Attribute("alert", "startDate", OptionalAttributeFormat(F.dateFmt), Seq(O.readonly), None, ""),
-      Attribute("alert", "attachment", OptionalAttributeFormat(F.attachmentFmt), Seq(O.readonly), None, ""),
-      Attribute("alert", "remoteAttachment", OptionalAttributeFormat(F.objectFmt(remoteAttachmentAttributes)), Seq(O.readonly), None, ""),
-      Attribute("alert", "tlp", OptionalAttributeFormat(TlpAttributeFormat), Seq(O.readonly), None, ""),
-      Attribute("alert", "tags", MultiAttributeFormat(F.stringFmt), Seq(O.readonly), None, ""),
-      Attribute("alert", "ioc", OptionalAttributeFormat(F.booleanFmt), Seq(O.readonly), None, ""))
+      Attribute("alert", "data", OptionalAttributeFormat(F.stringFmt), Nil, None, ""),
+      Attribute("alert", "dataType", F.stringFmt, Nil, None, ""),
+      Attribute("alert", "message", OptionalAttributeFormat(F.stringFmt), Nil, None, ""),
+      Attribute("alert", "startDate", OptionalAttributeFormat(F.dateFmt), Nil, None, ""),
+      Attribute("alert", "attachment", OptionalAttributeFormat(F.attachmentFmt), Nil, None, ""),
+      Attribute("alert", "remoteAttachment", OptionalAttributeFormat(F.objectFmt(remoteAttachmentAttributes)), Nil, None, ""),
+      Attribute("alert", "tlp", OptionalAttributeFormat(TlpAttributeFormat), Nil, None, ""),
+      Attribute("alert", "tags", MultiAttributeFormat(F.stringFmt), Nil, None, ""),
+      Attribute("alert", "ioc", OptionalAttributeFormat(F.booleanFmt), Nil, None, ""))
   }
 
   val alertId: A[String] = attribute("_id", F.stringFmt, "Alert id", O.readonly)

diff --git a/thehive-backend/app/models/Case.scala b/thehive-backend/app/models/Case.scala
@@ -56,15 +56,20 @@ trait CaseAttributes { _: AttributeDef ⇒
 
 @Singleton
 class CaseModel @Inject() (
-    artifactModel: Provider[ArtifactModel],
-    taskModel: Provider[TaskModel],
-    caseSrv: Provider[CaseSrv],
-    alertModel: Provider[AlertModel],
+    artifactModelProvider: Provider[ArtifactModel],
+    taskModelProvider: Provider[TaskModel],
+    caseSrvProvider: Provider[CaseSrv],
+    alertModelProvider: Provider[AlertModel],
     sequenceSrv: SequenceSrv,
     findSrv: FindSrv,
     implicit val ec: ExecutionContext) extends ModelDef[CaseModel, Case]("case", "Case", "/case") with CaseAttributes with AuditedModel { caseModel ⇒
 
-  private[CaseModel] lazy val logger = Logger(getClass)
+  private lazy val logger = Logger(getClass)
+  private lazy val artifactModel = artifactModelProvider.get
+  private lazy val taskModel = taskModelProvider.get
+  private lazy val caseSrv = caseSrvProvider.get
+  private lazy val alertModel = alertModelProvider.get
+
   override val defaultSortBy = Seq("-startDate")
   override val removeAttribute: JsObject = Json.obj("status" → CaseStatus.Deleted)
 
@@ -90,7 +95,7 @@ class CaseModel @Inject() (
   private[models] def buildArtifactStats(caze: Case): Future[JsObject] = {
     import org.elastic4play.services.QueryDSL._
     findSrv(
-      artifactModel.get,
+      artifactModel,
       and(
         parent("case", withId(caze.id)),
         "status" ~= "Ok"),
@@ -103,7 +108,7 @@ class CaseModel @Inject() (
   private[models] def buildTaskStats(caze: Case): Future[JsObject] = {
     import org.elastic4play.services.QueryDSL._
     findSrv(
-      taskModel.get,
+      taskModel,
       and(
         parent("case", withId(caze.id)),
         "status" in ("Waiting", "InProgress", "Completed")),
@@ -120,34 +125,44 @@ class CaseModel @Inject() (
 
   private[models] def buildMergeIntoStats(caze: Case): Future[JsObject] = {
     caze.mergeInto()
-      .fold(Future.successful(Json.obj())) { mergeCaseId ⇒
-        caseSrv.get.get(mergeCaseId).map { c ⇒
+      .fold(Future.successful(JsObject.empty)) { mergeCaseId ⇒
+        caseSrv.get(mergeCaseId).map { c ⇒
           Json.obj("mergeInto" → Json.obj(
             "caseId" → c.caseId(),
             "title" → c.title()))
         }
+          .recover {
+            case _ ⇒ Json.obj("mergeInto" → Json.obj(
+              "caseId" → "<deleted>",
+              "title" → "<deleted>"))
+          }
       }
   }
 
   private[models] def buildMergeFromStats(caze: Case): Future[JsObject] = {
     Future
       .traverse(caze.mergeFrom()) { id ⇒
-        caseSrv.get.get(id).map { c ⇒
+        caseSrv.get(id).map { c ⇒
           Json.obj(
             "caseId" → c.caseId(),
             "title" → c.title())
         }
+          .recover {
+            case _ ⇒ Json.obj(
+              "caseId" → "<deleted>",
+              "title" → "<deleted>")
+          }
       }
       .map {
         case mf if mf.nonEmpty ⇒ Json.obj("mergeFrom" → mf)
-        case _                 ⇒ Json.obj()
+        case _                 ⇒ JsObject.empty
       }
   }
 
   private[models] def buildAlertStats(caze: Case): Future[JsObject] = {
     import org.elastic4play.services.QueryDSL._
     findSrv(
-      alertModel.get,
+      alertModel,
       "case" ~= caze.id,
       groupByField("type", groupByField("source", selectCount)))
       .map { alertStatsJson ⇒
@@ -172,7 +187,7 @@ class CaseModel @Inject() (
         } yield taskStats ++ artifactStats ++ alertStats ++ mergeIntoStats ++ mergeFromStats
       case other ⇒
         logger.warn(s"Request caseStats from a non-case entity ?! ${other.getClass}:$other")
-        Future.successful(Json.obj())
+        Future.successful(JsObject.empty)
     }
   }