#2238 Add API to link alert and case after a broken migration from TH3

TheHive-Project · Nov 8, 2021 · aaf62c7 · aaf62c7
1 parent 98628ac
commit aaf62c7
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 2 deletions.
diff --git a/thehive/app/org/thp/thehive/controllers/v1/AlertCtrl.scala b/thehive/app/org/thp/thehive/controllers/v1/AlertCtrl.scala
@@ -5,7 +5,7 @@ import org.thp.scalligraph.models.Database
 import org.thp.scalligraph.query._
 import org.thp.scalligraph.traversal.TraversalOps._
 import org.thp.scalligraph.traversal.{Converter, IteratorOutput, Traversal}
-import org.thp.scalligraph.{EntityIdOrName, RichOptionTry}
+import org.thp.scalligraph.{BadRequestError, EntityIdOrName, EntityName, RichOptionTry}
 import org.thp.thehive.controllers.v1.Conversion._
 import org.thp.thehive.dto.v1.{InputAlert, InputCustomFieldValue}
 import org.thp.thehive.models._
@@ -19,14 +19,15 @@ import play.api.mvc.{Action, AnyContent, Results}
 import java.util.{Map => JMap}
 import javax.inject.{Inject, Singleton}
 import scala.reflect.runtime.{universe => ru}
-import scala.util.Success
+import scala.util.{Failure, Success}
 
 case class SimilarCaseFilter()
 @Singleton
 class AlertCtrl @Inject() (
     entrypoint: Entrypoint,
     properties: Properties,
     alertSrv: AlertSrv,
+    caseSrv: CaseSrv,
     caseTemplateSrv: CaseTemplateSrv,
     userSrv: UserSrv,
     organisationSrv: OrganisationSrv,
@@ -211,4 +212,22 @@ class AlertCtrl @Inject() (
             Results.NoContent
           }
       }
+
+  def fixCaseLink: Action[AnyContent] =
+    entrypoint("fix link between case and alert")
+      .extract("alertName", FieldsParser.string.on("alertName"))
+      .extract("caseNumber", FieldsParser.string.on("caseNumber"))
+      .extract("organisation", FieldsParser.string.on("organisation"))
+      .authPermittedTransaction(db, Permissions.managePlatform) { implicit request => implicit graph =>
+        val alertName: String    = request.body("alertName")
+        val caseNumber: String   = request.body("caseNumber")
+        val organisation: String = request.body("organisation")
+        for {
+          organisation <- organisationSrv.getOrFail(EntityIdOrName(organisation))
+          alert        <- alertSrv.startTraversal.has(_.organisationId, organisation._id).get(EntityName(alertName)).getOrFail("Alert")
+          _            <- if (alertSrv.get(alert).`case`.exists) Failure(BadRequestError("The alert is already linked to a case")) else Success(())
+          c            <- caseSrv.getOrFail(EntityName(caseNumber))
+          _            <- alertSrv.alertCaseSrv.create(AlertCase(), alert, c)
+        } yield Results.NoContent
+      }
 }
diff --git a/thehive/app/org/thp/thehive/controllers/v1/Router.scala b/thehive/app/org/thp/thehive/controllers/v1/Router.scala
@@ -140,6 +140,7 @@ class Router @Inject() (
     case POST(p"/alert/$alertId/follow")   => alertCtrl.followAlert(alertId)
     case POST(p"/alert/$alertId/unfollow") => alertCtrl.unfollowAlert(alertId)
     case POST(p"/alert/$alertId/case")     => alertCtrl.createCase(alertId)
+    case POST(p"/alert/fixCaseLink")       => alertCtrl.fixCaseLink
     // PATCH    /alert/_bulk                         controllers.AlertCtrl.bulkUpdate()
 //    DELETE   /alert/:alertId                      controllers.AlertCtrl.delete(alertId)
 //    POST     /alert/:alertId/merge/:caseId        controllers.AlertCtrl.mergeWithCase(alertId, caseId)