diff --git a/thehive/app/org/thp/thehive/controllers/v0/Router.scala b/thehive/app/org/thp/thehive/controllers/v0/Router.scala index a9866af453..764b53238f 100644 --- a/thehive/app/org/thp/thehive/controllers/v0/Router.scala +++ b/thehive/app/org/thp/thehive/controllers/v0/Router.scala @@ -217,20 +217,3 @@ class Router @Inject() ( case DELETE(p"/observable/type/$idOrName") => observableTypeCtrl.delete(idOrName) } } -/* - -POST /maintenance/migrate org.elastic4play.controllers.MigrationCtrl.migrate -#POST /maintenance/rehash controllers.MaintenanceCtrl.reHash - -GET /list org.elastic4play.dBListCtrl.list -DELETE /list/:itemId org.elastic4play.dBListCtrl.deleteItem(itemId) -PATCH /list/:itemId org.elastic4play.dBListCtrl.updateItem(itemId) -POST /list/:listName org.elastic4play.dBListCtrl.addItem(listName) -GET /list/:listName org.elastic4play.dBListCtrl.listItems(listName) -POST /list/:listName/_exists org.elastic4play.dBListCtrl.itemExists(listName) - --> /connector connectors.ConnectorRouter - -GET / *file controllers.AssetCtrl.get(file) - - */ diff --git a/thehive/app/org/thp/thehive/controllers/v1/OrganisationCtrl.scala b/thehive/app/org/thp/thehive/controllers/v1/OrganisationCtrl.scala index 0fbad63d9e..d9efaab4bb 100644 --- a/thehive/app/org/thp/thehive/controllers/v1/OrganisationCtrl.scala +++ b/thehive/app/org/thp/thehive/controllers/v1/OrganisationCtrl.scala @@ -45,10 +45,9 @@ class OrganisationCtrl @Inject() ( def create: Action[AnyContent] = entrypoint("create organisation") .extract("organisation", FieldsParser[InputOrganisation]) - .authTransaction(db) { implicit request => implicit graph => + .authPermittedTransaction(db, Permissions.manageOrganisation) { implicit request => implicit graph => val inputOrganisation: InputOrganisation = request.body("organisation") for { - _ <- userSrv.current.organisations(Permissions.manageOrganisation).get(OrganisationSrv.administration.name).existsOrFail() user <- userSrv.current.getOrFail() organisation <- organisationSrv.create(inputOrganisation.toOrganisation, user) } yield Results.Created(organisation.toJson) diff --git a/thehive/app/org/thp/thehive/controllers/v1/Router.scala b/thehive/app/org/thp/thehive/controllers/v1/Router.scala index 28891997f7..2cc2959a56 100644 --- a/thehive/app/org/thp/thehive/controllers/v1/Router.scala +++ b/thehive/app/org/thp/thehive/controllers/v1/Router.scala @@ -28,7 +28,6 @@ class Router @Inject() ( case POST(p"/auth/totp/set") => authenticationCtrl.totpSetSecret case POST(p"/auth/totp/unset") => authenticationCtrl.totpUnsetSecret(None) case POST(p"/auth/totp/unset/$user") => authenticationCtrl.totpUnsetSecret(Some(user)) -// POST /ssoLogin controllers.AuthenticationCtrl.ssoLogin() case POST(p"/case") => caseCtrl.create case GET(p"/case/$caseId") => caseCtrl.get(caseId) @@ -98,63 +97,3 @@ class Router @Inject() ( } } -/* - -POST /case/artifact/_search controllers.ArtifactCtrl.find() -POST /case/:caseId/artifact/_search controllers.ArtifactCtrl.findInCase(caseId) -POST /case/artifact/_stats controllers.ArtifactCtrl.stats() -POST /case/:caseId/artifact controllers.ArtifactCtrl.create(caseId) -GET /case/artifact/:artifactId controllers.ArtifactCtrl.get(artifactId) -DELETE /case/artifact/:artifactId controllers.ArtifactCtrl.delete(artifactId) -PATCH /case/artifact/_bulk controllers.ArtifactCtrl.bulkUpdate() -PATCH /case/artifact/:artifactId controllers.ArtifactCtrl.update(artifactId) -GET /case/artifact/:artifactId/similar controllers.ArtifactCtrl.findSimilar(artifactId) - - -GET /case/task/:taskId/log controllers.LogCtrl.findInTask(taskId) -POST /case/task/:taskId/log/_search controllers.LogCtrl.findInTask(taskId) -POST /case/task/log/_search controllers.LogCtrl.find() -POST /case/task/log/_stats controllers.LogCtrl.stats() -POST /case/task/:taskId/log controllers.LogCtrl.create(taskId) -PATCH /case/task/log/:logId controllers.LogCtrl.update(logId) -DELETE /case/task/log/:logId controllers.LogCtrl.delete(logId) -GET /case/task/log/:logId controllers.LogCtrl.get(logId) - - - -GET /datastore/:hash controllers.AttachmentCtrl.download(hash, name: Option[String]) -GET /datastorezip/:hash controllers.AttachmentCtrl.downloadZip(hash, name: Option[String]) - -POST /maintenance/migrate org.elastic4play.controllers.MigrationCtrl.migrate -#POST /maintenance/rehash controllers.MaintenanceCtrl.reHash - -GET /list org.elastic4play.controllers.DBListCtrl.list() -DELETE /list/:itemId org.elastic4play.controllers.DBListCtrl.deleteItem(itemId) -PATCH /list/:itemId org.elastic4play.controllers.DBListCtrl.updateItem(itemId) -POST /list/:listName org.elastic4play.controllers.DBListCtrl.addItem(listName) -GET /list/:listName org.elastic4play.controllers.DBListCtrl.listItems(listName) -POST /list/:listName/_exists org.elastic4play.controllers.DBListCtrl.itemExists(listName) - - - - -POST /stream controllers.StreamCtrl.create() -GET /stream/status controllers.StreamCtrl.status -GET /stream/:streamId controllers.StreamCtrl.get(streamId) - -GET /describe/_all controllers.DescribeCtrl.describeAll -GET /describe/:modelName controllers.DescribeCtrl.describe(modelName) - -GET /dashboard controllers.DashboardCtrl.find() -POST /dashboard/_search controllers.DashboardCtrl.find() -POST /dashboard/_stats controllers.DashboardCtrl.stats() -POST /dashboard controllers.DashboardCtrl.create() -GET /dashboard/:dashboardId controllers.DashboardCtrl.get(dashboardId) -PATCH /dashboard/:dashboardId controllers.DashboardCtrl.update(dashboardId) -DELETE /dashboard/:dashboardId controllers.DashboardCtrl.delete(dashboardId) - --> /connector connectors.ConnectorRouter - -GET / *file controllers.AssetCtrl.get(file) - - */