#175 #232 Update alert similarity dialog and allow updating alert cas…

…e template during import
TheHive-Project · Jun 9, 2017 · 88245f5 · 88245f5
1 parent 59a9b89
commit 88245f5
Show file tree

Hide file tree

Showing 5 changed files with 124 additions and 23 deletions.
diff --git a/ui/app/scripts/controllers/alert/AlertEventCtrl.js b/ui/app/scripts/controllers/alert/AlertEventCtrl.js
@@ -1,10 +1,11 @@
 (function() {
     'use strict';
     angular.module('theHiveControllers')
-        .controller('AlertEventCtrl', function($scope, $rootScope, $state, $uibModalInstance, CaseResolutionStatus, AlertingSrv, NotificationSrv, event) {
+        .controller('AlertEventCtrl', function($scope, $rootScope, $state, $uibModalInstance, CaseResolutionStatus, AlertingSrv, NotificationSrv, event, templates) {
             var self = this;
             var eventId = event.id;
 
+            self.templates = _.pluck(templates, 'name');
             self.CaseResolutionStatus = CaseResolutionStatus;
             self.event = event;
 
@@ -18,6 +19,11 @@
             };
             self.filteredArtifacts = [];
 
+            self.similarityFilters = {};
+            self.similaritySorts = ['-startDate', '-similarArtifactCount', '-similarIocCount', '-iocCount'];
+            self.currentSimilarFilter = '';
+            self.similarCasesStats = [];
+
             this.filterArtifacts = function(value) {
                 self.pagination.currentPage = 1;
                 this.pagination.filter= value;
@@ -44,6 +50,7 @@
                 AlertingSrv.get(eventId).then(function(response) {
                     self.event = response.data;
                     self.loading = false;
+                    self.initSimilarCasesFilter(self.event.similarCases);
 
                     self.dataTypes = _.countBy(self.event.artifacts, function(attr) {
                         return attr.dataType;
@@ -59,7 +66,9 @@
 
             self.import = function() {
                 self.loading = true;
-                AlertingSrv.create(self.event.id).then(function(response) {
+                AlertingSrv.create(self.event.id, {
+                    caseTemplate: self.event.caseTemplate
+                }).then(function(response) {
                     $uibModalInstance.dismiss();
 
                     $rootScope.$broadcast('alert:event-imported');
@@ -112,6 +121,50 @@
                 $uibModalInstance.dismiss();
             };
 
+            self.initSimilarCasesFilter = function(data) {
+                var stats = {
+                    'Open': 0
+                };
+
+                // Init the stats object
+                _.each(_.without(_.keys(CaseResolutionStatus), 'Duplicated'), function(key) {
+                    stats[key] = 0
+                });
+
+                _.each(data, function(item) {
+                    if(item.status === 'Open') {
+                        stats[item.status] = stats[item.status] + 1;
+                    } else {
+                        stats[item.resolutionStatus] = stats[item.resolutionStatus] + 1;
+                    }
+                });
+
+                var result = [];
+                _.each(_.keys(stats), function(key) {
+                    result.push({
+                        key: key,
+                        value: stats[key]
+                    })
+                });
+
+                self.similarCasesStats = result;
+            };
+
+            self.filterSimilarCases = function(filter) {
+                self.currentSimilarFilter = filter;
+                if(filter === '') {
+                    self.similarityFilters = {};
+                } else if(filter === 'Open') {
+                    self.similarityFilters = {
+                        status: filter
+                    };
+                } else {
+                    self.similarityFilters = {
+                        resolutionStatus: filter
+                    };
+                }
+            };
+
             self.load();
         });
 })();
diff --git a/ui/app/scripts/controllers/alert/AlertListCtrl.js b/ui/app/scripts/controllers/alert/AlertListCtrl.js
@@ -1,7 +1,7 @@
 (function() {
     'use strict';
     angular.module('theHiveControllers')
-        .controller('AlertListCtrl', function($scope, $q, $state, $uibModal, AlertingSrv, NotificationSrv, FilteringSrv, Severity) {
+        .controller('AlertListCtrl', function($scope, $q, $state, $uibModal, TemplateSrv, AlertingSrv, NotificationSrv, FilteringSrv, Severity) {
             var self = this;
 
             self.list = [];
@@ -190,7 +190,10 @@
                     controllerAs: 'dialog',
                     size: 'max',
                     resolve: {
-                        event: event
+                        event: event,
+                        templates: function() {
+                            return TemplateSrv.query().$promise;
+                        }
                     }
                 });
             };

diff --git a/ui/app/scripts/services/AlertingSrv.js b/ui/app/scripts/services/AlertingSrv.js
@@ -26,8 +26,8 @@
                     });
                 },
 
-                create: function(alertId) {
-                    return $http.post(baseUrl + '/' + alertId + '/createCase', {});
+                create: function(alertId, data) {
+                    return $http.post(baseUrl + '/' + alertId + '/createCase', data || {});
                 },
 
                 canMarkAsRead: function(event) {

diff --git a/ui/app/views/partials/alert/event.dialog.html b/ui/app/views/partials/alert/event.dialog.html
@@ -49,18 +49,6 @@ <h4 class="vpad10 text-primary">
                 </div>
             </div>
 
-            <div class="alert-similarity" ng-if="dialog.event.similarCases.length > 0">
-                <div class="mt-xs">
-                    <h4 class="vpad10 text-primary">
-                        Similar cases ({{dialog.event.similarCases.length}})
-                    </h4>
-                    <!-- <div>
-                        <pre>{{dialog.event.similarCases | json}}</pre>
-                    </div> -->
-                    <div ng-include="'/views/partials/alert/event.similarity.html'"></div>
-                </div>
-            </div>
-
             <div class="alert-artifacts" ng-if="dialog.event.artifacts.length > 0">
                 <h4 class="vpad10 text-primary">
                     Observables ({{dialog.event.artifacts.length || 0}})
@@ -102,29 +90,74 @@ <h4 class="vpad10 text-primary">
                         ng-model="dialog.pagination.currentPage"></ul>
                 </div>
             </div>
+
+            <div class="alert-similarity" ng-if="dialog.event.similarCases.length > 0">
+                <div class="mt-xs">
+                    <h4 class="vpad10 text-primary">
+                        Similar cases ({{dialog.event.similarCases.length}})
+                    </h4>
+                    <!-- <div>
+                        <pre>{{dialog.event.similarCases | json}}</pre>
+                    </div> -->
+                    <div ng-include="'/views/partials/alert/event.similarity.html'"></div>
+                </div>
+            </div>
         </div>
     </div>
 
 </div>
 <div class="modal-footer text-left">
     <button class="btn btn-default" ng-click="dialog.cancel()" type="button">Cancel</button>
-    <button class="btn btn-primary pull-right" type="button" ng-disabled="dialog.loading" ng-click="dialog.import()">Import event</button>
-    <button class="btn btn-default pull-right" type="button"
+
+
+
+    <button class="btn btn-default" type="button"
         ng-if="dialog.canMarkAsRead(dialog.event)"
         ng-disabled="dialog.loading"
         ng-click="dialog.markAsRead(dialog.event)">
         <i class="fa fa-envelope"></i> Mark as read
     </button>
-    <button class="btn btn-default pull-right" type="button"
+    <button class="btn btn-default" type="button"
         ng-if="dialog.canMarkAsUnread(dialog.event)"
         ng-disabled="dialog.loading"
         ng-click="dialog.markAsRead(dialog.event)">
         <i class="fa fa-envelope-open-o"></i> Mark as unread
     </button>
 
-    <button class="btn btn-default pull-right" type="button" ng-disabled="dialog.loading" ng-click="dialog.follow()">
+    <button class="btn btn-default" type="button" ng-disabled="dialog.loading" ng-click="dialog.follow()">
         <i class="fa" ng-class="{'fa-eye': dialog.event.follow, 'fa-eye-slash': !dialog.event.follow}"></i> {{dialog.event.follow ? 'Ignore new updates' : 'Track new updates'}}
     </button>
 
+    <form name="eventForm" class="form-horizontal pull-right mr-xs" style="width:450px;" ng-submit="dialog.import()">
+        <div class="form-group">
+            <label class="col-sm-4 control-label">Import alert as</label>
+            <div class="col-sm-8 input-group">
+                <!-- <input type="text" class="form-control" placeholder="Search for..."> -->
+                <select class="form-control" ng-model="dialog.event.caseTemplate" ng-options="template for template in dialog.templates" required>
+                    <option value="">Empty case</option>
+                </select>
+                <!-- <select class="form-control">
+
+                    <option value="MISP">MISP</option>
+                </select> -->
+                <span class="input-group-btn">
+                    <button class="btn btn-primary" type="submit" ng-disabled="eventForm.$invalid || dialog.loading">Yes, Import</button>
+                </span>
+            </div>
+
+        </div>
+    </form>
+
+    <!-- <div class="btn-group pull-right dropup" ng-disabled="dialog.loading">
+        <button type="button" class="btn btn-primary">Import event</button>
+        <button type="button" class="btn btn-primary dropdown-toggle" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
+        <span class="caret"></span>
+      </button>
+        <ul class="dropdown-menu">
+            <li ng-repeat="tpl in dialog.templates">
+                <a href>{{tpl}}</a>
+            </li>
+        </ul>
+    </div> -->
 
 </div>
diff --git a/ui/app/views/partials/alert/event.similarity.html b/ui/app/views/partials/alert/event.similarity.html
@@ -1,11 +1,23 @@
+<div class="mv-s">
+    <span class="label label-lg label-default mr-xxs clickable"
+        ng-click="dialog.filterSimilarCases('');"
+        ng-class="{'label-primary': dialog.currentSimilarFilter===''}">All ({{dialog.event.similarCases.length || 0}})</span>
+
+    <span class="label label-lg label-default mr-xxs clickable"
+        ng-repeat="statsItem in dialog.similarCasesStats"
+        ng-if="statsItem.value > 0"
+        ng-click="dialog.filterSimilarCases(statsItem.key)"
+        ng-class="{'label-primary': dialog.currentSimilarFilter===statsItem.key}">{{dialog.CaseResolutionStatus[statsItem.key] || statsItem.key}} ({{statsItem.value}})</span>
+</div>
+
 <div class="case-item">
     <div class="case-details text-bold">Title</div>
     <div class="case-date text-bold">Date</div>
     <div class="case-similarity text-bold">Observables</div>
     <div class="case-similarity text-bold">IOCs</div>
 </div>
 
-<div class="case-collection" ng-repeat="item in dialog.event.similarCases | orderBy:['-similarIocCount','-similarArtifactCount', '-iocCount', '-startDate']">
+<div class="case-collection" ng-repeat="item in filteredLinks = (dialog.event.similarCases | filter:dialog.similarityFilters | orderBy:dialog.similaritySorts) ">
     <div class="case-item" >
         <!-- case severity -->
         <div class="case-tlp bg-tlp-{{item.tlp}}"></div>