#1501 Fix queries

TheHive-Project · Nov 13, 2020 · 9959dca · 9959dca
1 parent c91e4b1
commit 9959dca
Show file tree

Hide file tree

Showing 5 changed files with 28 additions and 18 deletions.
diff --git a/ScalliGraph b/ScalliGraph
diff --git a/thehive/app/org/thp/thehive/controllers/v1/OrganisationCtrl.scala b/thehive/app/org/thp/thehive/controllers/v1/OrganisationCtrl.scala
@@ -26,7 +26,7 @@ class OrganisationCtrl @Inject() (
   override val entityName: String                 = "organisation"
   override val publicProperties: PublicProperties = properties.organisation
   override val initialQuery: Query =
-    Query.init[Traversal.V[Organisation]]("listOrganisation", (graph, authContext) => organisationSrv.startTraversal(graph).visible(authContext))
+    Query.init[Traversal.V[Organisation]]("listOrganisation", (graph, authContext) => organisationSrv.visibleOrganisation(graph, authContext))
   override val pageQuery: ParamQuery[OutputParam] = Query.withParam[OutputParam, Traversal.V[Organisation], IteratorOutput](
     "page",
     FieldsParser[OutputParam],

diff --git a/thehive/app/org/thp/thehive/services/AlertSrv.scala b/thehive/app/org/thp/thehive/services/AlertSrv.scala
@@ -4,13 +4,14 @@ import java.lang.{Long => JLong}
 import java.util.{Date, List => JList, Map => JMap}
 
 import javax.inject.{Inject, Named, Singleton}
+import org.apache.tinkerpop.gremlin.process.traversal.P
 import org.apache.tinkerpop.gremlin.structure.Graph
 import org.thp.scalligraph.auth.{AuthContext, Permission}
 import org.thp.scalligraph.models._
 import org.thp.scalligraph.query.PropertyUpdater
 import org.thp.scalligraph.services._
 import org.thp.scalligraph.traversal.TraversalOps._
-import org.thp.scalligraph.traversal.{Converter, StepLabel, Traversal}
+import org.thp.scalligraph.traversal.{Converter, IdentityConverter, StepLabel, Traversal}
 import org.thp.scalligraph.{CreateError, RichOptionTry, RichSeq}
 import org.thp.thehive.controllers.v1.Conversion._
 import org.thp.thehive.models._
@@ -356,7 +357,11 @@ object AlertOps {
         )
       else traversal.limit(0)
 
-    def imported: Traversal[Boolean, JLong, Converter[Boolean, JLong]] = traversal.outE[AlertCase].count.domainMap(_ > 0)
+    def imported: Traversal[Boolean, Boolean, IdentityConverter[Boolean]] =
+      traversal
+        .outE[AlertCase]
+        .count
+        .choose(_.is(P.gt(0)), onTrue = _.constant(true), onFalse = _.constant(false))
 
     def similarCases(implicit
         authContext: AuthContext

diff --git a/thehive/app/org/thp/thehive/services/OrganisationSrv.scala b/thehive/app/org/thp/thehive/services/OrganisationSrv.scala
@@ -13,6 +13,7 @@ import org.thp.scalligraph.{BadRequestError, RichSeq}
 import org.thp.thehive.controllers.v1.Conversion._
 import org.thp.thehive.models._
 import org.thp.thehive.services.OrganisationOps._
+import org.thp.thehive.services.UserOps._
 import org.thp.thehive.services.RoleOps._
 import play.api.libs.json.JsObject
 
@@ -23,9 +24,10 @@ class OrganisationSrv @Inject() (
     roleSrv: RoleSrv,
     profileSrv: ProfileSrv,
     auditSrv: AuditSrv,
+    userSrv: UserSrv,
     @Named("integrity-check-actor") integrityCheckActor: ActorRef
-)(
-    implicit @Named("with-thehive-schema") db: Database
+)(implicit
+    @Named("with-thehive-schema") db: Database
 ) extends VertexSrv[Organisation] {
 
   val organisationOrganisationSrv = new EdgeSrv[OrganisationOrganisation, Organisation, Organisation]
@@ -50,6 +52,9 @@ class OrganisationSrv @Inject() (
 
   def current(implicit graph: Graph, authContext: AuthContext): Traversal.V[Organisation] = get(authContext.organisation)
 
+  def visibleOrganisation(implicit graph: Graph, authContext: AuthContext): Traversal.V[Organisation] =
+    userSrv.current.organisations.visibleOrganisationsFrom
+
   override def get(idOrName: String)(implicit graph: Graph): Traversal.V[Organisation] =
     if (db.isValidId(idOrName)) getByIds(idOrName)
     else startTraversal.getByName(idOrName)
@@ -62,15 +67,14 @@ class OrganisationSrv @Inject() (
   )(implicit graph: Graph, authContext: AuthContext): Try[(Traversal.V[Organisation], JsObject)] =
     if (traversal.clone().has("name", Organisation.administration.name).exists)
       Failure(BadRequestError("Admin organisation is unmodifiable"))
-    else {
+    else
       auditSrv.mergeAudits(super.update(traversal, propertyUpdaters)) {
         case (orgSteps, updatedFields) =>
           orgSteps
             .clone()
             .getOrFail("Organisation")
             .flatMap(auditSrv.organisation.update(_, updatedFields))
       }
-    }
 
   def linkExists(fromOrg: Organisation with Entity, toOrg: Organisation with Entity)(implicit graph: Graph): Boolean =
     fromOrg._id == toOrg._id || get(fromOrg).links.hasId(toOrg._id).exists
@@ -194,11 +198,12 @@ object OrganisationOps {
 
 class OrganisationIntegrityCheckOps @Inject() (@Named("with-thehive-schema") val db: Database, val service: OrganisationSrv)
     extends IntegrityCheckOps[Organisation] {
-  override def resolve(entities: Seq[Organisation with Entity])(implicit graph: Graph): Try[Unit] = entities match {
-    case head :: tail =>
-      tail.foreach(copyEdge(_, head))
-      service.getByIds(tail.map(_._id): _*).remove()
-      Success(())
-    case _ => Success(())
-  }
+  override def resolve(entities: Seq[Organisation with Entity])(implicit graph: Graph): Try[Unit] =
+    entities match {
+      case head :: tail =>
+        tail.foreach(copyEdge(_, head))
+        service.getByIds(tail.map(_._id): _*).remove()
+        Success(())
+      case _ => Success(())
+    }
 }
diff --git a/thehive/app/org/thp/thehive/services/UserSrv.scala b/thehive/app/org/thp/thehive/services/UserSrv.scala
@@ -260,17 +260,17 @@ object UserOps {
         .project(
           _.by
             .by(_.avatar.fold)
-            .by(_.role.project(_.by(_.profile).by(_.organisation.visible.value(_.name))).fold)
+            .by(_.role.project(_.by(_.profile).by(_.organisation.visible.value(_.name).fold)).fold)
         )
         .domainMap {
           case (user, attachment, profileOrganisations) =>
             profileOrganisations
-              .find(_._2 == authContext.organisation)
+              .find(_._2.contains(authContext.organisation))
               .orElse(profileOrganisations.headOption)
               .fold(throw InternalError(s"")) { // FIXME
                 case (profile, organisationName) =>
                   val avatar = attachment.headOption.map(_.attachmentId)
-                  RichUser(user, avatar, profile.name, profile.permissions, organisationName)
+                  RichUser(user, avatar, profile.name, profile.permissions, organisationName.headOption.getOrElse("***"))
               }
         }
+0 −2		core/src/main/scala/org/thp/scalligraph/query/Query.scala
+10 −2		core/src/main/scala/org/thp/scalligraph/query/QueryExecutor.scala