From 89f6e2cca241420ab76c1c48e4665175e8f603da Mon Sep 17 00:00:00 2001 From: Robin Riclet Date: Wed, 3 Mar 2021 15:43:02 +0100 Subject: [PATCH] #1264 added delete route for CaseCustomField --- .../thp/thehive/controllers/v1/CaseCtrl.scala | 8 +++++++ .../thp/thehive/controllers/v1/Router.scala | 13 ++++++------ .../org/thp/thehive/services/CaseSrv.scala | 21 +++++++++++++------ 3 files changed, 30 insertions(+), 12 deletions(-) diff --git a/thehive/app/org/thp/thehive/controllers/v1/CaseCtrl.scala b/thehive/app/org/thp/thehive/controllers/v1/CaseCtrl.scala index 0eb6794313..ed68a466af 100644 --- a/thehive/app/org/thp/thehive/controllers/v1/CaseCtrl.scala +++ b/thehive/app/org/thp/thehive/controllers/v1/CaseCtrl.scala @@ -125,6 +125,14 @@ class CaseCtrl @Inject() ( } yield Results.NoContent } + def deleteCustomField(cfId: String): Action[AnyContent] = + entrypoint("delete a custom field") + .authPermittedTransaction(db, Permissions.manageCase) { implicit request => implicit graph => + for { + _ <- caseSrv.deleteCustomField(EntityIdOrName(cfId)) + } yield Results.NoContent + } + def merge(caseIdsOrNumbers: String): Action[AnyContent] = entrypoint("merge cases") .authTransaction(db) { implicit request => implicit graph => diff --git a/thehive/app/org/thp/thehive/controllers/v1/Router.scala b/thehive/app/org/thp/thehive/controllers/v1/Router.scala index 473682da80..920d69730d 100644 --- a/thehive/app/org/thp/thehive/controllers/v1/Router.scala +++ b/thehive/app/org/thp/thehive/controllers/v1/Router.scala @@ -47,12 +47,13 @@ class Router @Inject() ( case POST(p"/auth/totp/unset") => authenticationCtrl.totpUnsetSecret(None) case POST(p"/auth/totp/unset/$user") => authenticationCtrl.totpUnsetSecret(Some(user)) - case POST(p"/case") => caseCtrl.create - case GET(p"/case/$caseId") => caseCtrl.get(caseId) - case PATCH(p"/case/$caseId") => caseCtrl.update(caseId) - case POST(p"/case/_merge/$caseIds") => caseCtrl.merge(caseIds) - case DELETE(p"/case/$caseId") => caseCtrl.delete(caseId) -// case PATCH(p"api/case/_bulk") => caseCtrl.bulkUpdate() + case POST(p"/case") => caseCtrl.create + case GET(p"/case/$caseId") => caseCtrl.get(caseId) + case PATCH(p"/case/$caseId") => caseCtrl.update(caseId) + case POST(p"/case/_merge/$caseIds") => caseCtrl.merge(caseIds) + case DELETE(p"/case/$caseId") => caseCtrl.delete(caseId) + case DELETE(p"/case/customField/$cfId") => caseCtrl.deleteCustomField(cfId) + // case PATCH(p"api/case/_bulk") => caseCtrl.bulkUpdate() // case POST(p"/case/_stats") => caseCtrl.stats() // case GET(p"/case/$caseId/links") => caseCtrl.linkedCases(caseId) diff --git a/thehive/app/org/thp/thehive/services/CaseSrv.scala b/thehive/app/org/thp/thehive/services/CaseSrv.scala index fef4be20cf..7c4cbf2eea 100644 --- a/thehive/app/org/thp/thehive/services/CaseSrv.scala +++ b/thehive/app/org/thp/thehive/services/CaseSrv.scala @@ -247,6 +247,16 @@ class CaseSrv @Inject() ( ccfe <- caseCustomFieldSrv.create(ccf, `case`, cf) } yield RichCustomField(cf, ccfe) + def deleteCustomField( + cfIdOrName: EntityIdOrName + )(implicit graph: Graph, authContext: AuthContext): Try[Unit] = + Try( + caseCustomFieldSrv + .get(cfIdOrName) + .filter(_.outV.v[Case].can(Permissions.manageCase)) + .remove() + ) + def setImpactStatus( `case`: Case with Entity, impactStatus: String @@ -408,18 +418,17 @@ object CaseOps { ) -> renderedEntity } + def customFields: Traversal.E[CaseCustomField] = traversal.outE[CaseCustomField] + def customFields(idOrName: EntityIdOrName): Traversal.E[CaseCustomField] = idOrName .fold( - id => traversal.outE[CaseCustomField].filter(_.inV.getByIds(id)), - name => traversal.outE[CaseCustomField].filter(_.inV.v[CustomField].has(_.name, name)) + id => customFields.filter(_.inV.getByIds(id)), + name => customFields.filter(_.inV.v[CustomField].has(_.name, name)) ) - def customFields: Traversal.E[CaseCustomField] = traversal.outE[CaseCustomField] - def richCustomFields: Traversal[RichCustomField, JMap[String, Any], Converter[RichCustomField, JMap[String, Any]]] = - traversal - .outE[CaseCustomField] + customFields .project(_.by.by(_.inV.v[CustomField])) .domainMap { case (cfv, cf) => RichCustomField(cf, cfv)