From 7fd7058ee8528fc2c404f7c835db0ae8fa7fa28a Mon Sep 17 00:00:00 2001 From: To-om Date: Fri, 24 Apr 2020 12:01:45 +0200 Subject: [PATCH 1/4] #1292 Fix file import from alert --- thehive-backend/app/services/AlertSrv.scala | 48 +++++++++++++-------- 1 file changed, 30 insertions(+), 18 deletions(-) diff --git a/thehive-backend/app/services/AlertSrv.scala b/thehive-backend/app/services/AlertSrv.scala index 962c9b2e88..79755cd5c3 100644 --- a/thehive-backend/app/services/AlertSrv.scala +++ b/thehive-backend/app/services/AlertSrv.scala @@ -302,31 +302,43 @@ class AlertSrv( .flatMap { artifact ⇒ val tags = (artifact \ "tags").asOpt[Seq[JsString]].getOrElse(Nil) :+ JsString("src:" + alert.tpe()) val message = (artifact \ "message").asOpt[JsString].getOrElse(JsString("")) - (artifact \ "dataType").asOpt[String].flatMap { - case "file" ⇒ - (artifact \ "data").asOpt[String].collect { - case dataExtractor(filename, contentType, data) ⇒ - val f = Files.createTempFile("alert-", "-attachment") - Files.write(f, java.util.Base64.getDecoder.decode(data)) + (artifact \ "dataType") + .asOpt[String] + .flatMap { + case "file" if !artifact.value.contains("attachment") ⇒ + (artifact \ "data").asOpt[String].collect { + case dataExtractor(filename, contentType, data) ⇒ + val f = Files.createTempFile("alert-", "-attachment") + Files.write(f, java.util.Base64.getDecoder.decode(data)) + Fields( + artifact + + ("tags" → JsArray(tags)) + + ("message" → message) + ).set("attachment", FileInputValue(filename, f, contentType)) + .unset("data") + } + case "file" ⇒ + Some( Fields( artifact + ("tags" → JsArray(tags)) + ("message" → message) - ).set("attachment", FileInputValue(filename, f, contentType)) - .unset("data") - } - case _ if artifact.value.contains("data") ⇒ - Some( - Fields( - artifact + - ("tags" → JsArray(tags)) + - ("message" → message) + ) ) - ) - case _ ⇒ + case _ if artifact.value.contains("data") ⇒ + Some( + Fields( + artifact + + ("tags" → JsArray(tags)) + + ("message" → message) + ) + ) + case _ ⇒ None + } + .orElse { logger.warn(s"Invalid artifact format: $artifact") None - } + } } val updatedCase = artifactSrv From a1a575e26f9e85e365eebc1de9d272823c989787 Mon Sep 17 00:00:00 2001 From: Nabil Adouani Date: Fri, 24 Apr 2020 13:04:22 +0200 Subject: [PATCH 2/4] #962 Display responder job errors --- ui/app/scripts/directives/responder-actions.js | 8 +++++++- ui/app/styles/case.css | 10 ++++++++++ ui/app/views/directives/responder-actions.html | 11 +++++++++-- 3 files changed, 26 insertions(+), 3 deletions(-) diff --git a/ui/app/scripts/directives/responder-actions.js b/ui/app/scripts/directives/responder-actions.js index 0904af5269..e288bd2e1c 100644 --- a/ui/app/scripts/directives/responder-actions.js +++ b/ui/app/scripts/directives/responder-actions.js @@ -8,8 +8,14 @@ actions: '=', header: '@' }, - templateUrl: 'views/directives/responder-actions.html', + templateUrl: 'views/directives/responder-actions.html', controller: function($scope, $uibModal) { + _.each($scope.actions.values, function(action) { + if(action.status === 'Failure') { + action.errorMessage = (JSON.parse(action.report) || {}).errorMessage; + } + }); + $scope.showResponderJob = function(action) { $uibModal.open({ scope: $scope, diff --git a/ui/app/styles/case.css b/ui/app/styles/case.css index 9caab9d482..3e708d3858 100644 --- a/ui/app/styles/case.css +++ b/ui/app/styles/case.css @@ -80,3 +80,13 @@ table.case-list .case-tags .label, font-size: 12px !important; font-weight: normal; } + +pre.error-trace { + color: #a94442; + border: none; + font-size: 10px; + word-wrap: break-word; + word-break: break-all; + white-space: pre-wrap; + background-color: #f9f1f1; +} diff --git a/ui/app/views/directives/responder-actions.html b/ui/app/views/directives/responder-actions.html index c2d7627c66..6394b5ab62 100644 --- a/ui/app/views/directives/responder-actions.html +++ b/ui/app/views/directives/responder-actions.html @@ -18,11 +18,18 @@

{{header}}

'InProgress': 'label-warning', 'Failure': 'label-danger'}[action.status]">{{action.status}} - {{action.responderName}} + +
{{action.responderName}}
+
+ {{action.showError ? 'Hide' : 'Show'}} error + 
{{action.errorMessage}}
+
+ {{action.cortexId}} {{action.startDate | shortDate}} - + From eb4614e1a7ba6766a98a8626c60ae90c5f8311d4 Mon Sep 17 00:00:00 2001 From: To-om Date: Fri, 24 Apr 2020 17:39:34 +0200 Subject: [PATCH 3/4] Fix artifact creation when attachment is empty --- thehive-backend/app/controllers/ArtifactCtrl.scala | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/thehive-backend/app/controllers/ArtifactCtrl.scala b/thehive-backend/app/controllers/ArtifactCtrl.scala index 8d3120d391..3bde2e0543 100644 --- a/thehive-backend/app/controllers/ArtifactCtrl.scala +++ b/thehive-backend/app/controllers/ArtifactCtrl.scala @@ -103,7 +103,9 @@ class ArtifactCtrl @Inject()( } yield { for { hashes ← attachmentSrv.getHashes(attachmentId) - size ← attachmentSrv.getSize(attachmentId) + size ← attachmentSrv.getSize(attachmentId).recover { + case _: NoSuchElementException ⇒ 0 // workaround until elastic4play#93 is fixed + } } yield fields.set("attachment", AttachmentInputValue(name, hashes, size.toLong, contentType, attachmentId)) } artifactFields.fold[Future[Seq[Fields]]](Future.successful(Nil))(_.map(f ⇒ Seq(f))) From 0f915668c0e6e2736e7e369d79da46c96f058122 Mon Sep 17 00:00:00 2001 From: To-om Date: Sat, 25 Apr 2020 09:11:58 +0200 Subject: [PATCH 4/4] Prepare release --- CHANGELOG.md | 11 +++++++++++ project/plugins.sbt | 2 +- ui/bower.json | 2 +- ui/package.json | 2 +- version.sbt | 2 +- 5 files changed, 15 insertions(+), 4 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0951807e57..31f7833080 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,16 @@ # Change Log +## [3.4.2](https://github.com/TheHive-Project/TheHive/milestone/57) (2020-04-25) + +**Implemented enhancements:** + +- [Feature Request] Providing output details for Responders [\#962](https://github.com/TheHive-Project/TheHive/issues/962) + +**Fixed bugs:** + +- Analyzer's artifacts tags and message are not kept when importing observables [\#1285](https://github.com/TheHive-Project/TheHive/issues/1285) +- [Bug] File observables in alert are not created in case [\#1292](https://github.com/TheHive-Project/TheHive/issues/1292) + ## [3.4.1](https://github.com/TheHive-Project/TheHive/milestone/53) (2020-04-17) **Implemented enhancements:** diff --git a/project/plugins.sbt b/project/plugins.sbt index 5af970f6ad..8069c5c167 100644 --- a/project/plugins.sbt +++ b/project/plugins.sbt @@ -4,4 +4,4 @@ logLevel := Level.Info addSbtPlugin("com.typesafe.play" % "sbt-plugin" % "2.6.23") addSbtPlugin("org.foundweekends" % "sbt-bintray" % "0.5.1") addSbtPlugin("org.scalameta" % "sbt-scalafmt" % "2.0.0") -addSbtPlugin("org.thehive-project" % "sbt-github-changelog" % "0.2.0") +addSbtPlugin("org.thehive-project" % "sbt-github-changelog" % "0.3.0") diff --git a/ui/bower.json b/ui/bower.json index 7338a0bee8..baf64fcae5 100644 --- a/ui/bower.json +++ b/ui/bower.json @@ -1,6 +1,6 @@ { "name": "thehive", - "version": "3.4.0-RC2", + "version": "3.4.2", "license": "AGPL-3.0", "dependencies": { "jquery": "^3.4.1", diff --git a/ui/package.json b/ui/package.json index cbe2c7d71e..4203f746c1 100644 --- a/ui/package.json +++ b/ui/package.json @@ -1,6 +1,6 @@ { "name": "thehive", - "version": "3.4.0-RC2", + "version": "3.4.2", "license": "AGPL-3.0", "repository": { "type": "git", diff --git a/version.sbt b/version.sbt index cd1276f56c..06daa17521 100644 --- a/version.sbt +++ b/version.sbt @@ -1 +1 @@ -version in ThisBuild := "3.4.1-1" +version in ThisBuild := "3.4.2-1"