Merge branch 'feature/cortex' into develop

analyzers/VirusTotal/report/success_short.html

@@ -1,11 +1,11 @@
 <span ng-switch="content.response_code">
 	<span ng-switch-when="1" class="label" ng-class="{'true':'label-info', 'false':'label-danger'}[content.positives < 5 ]">
 		VT:
-		<span ng-if="content.positives">{{content.positives}}/{{content.total}} ({{content.scan_date}})&nbsp;</span>
-		<span ng-if="content.scans && content.scans.length > 0">Scans({{content.scans.length}})&nbsp;</span>
-		<span ng-if="content.resolutions && content.resolutions.length > 0">Resolutions({{content.resolutions.length}})&nbsp;</span>
-		<span ng-if="content.detected_urls && content.detected_urls.length > 0">Url detections({{content.detected_urls.length}})&nbsp;</span>
-		<span ng-if="content.detected_downloaded_samples && content.detected_downloaded_samples.length > 0">files({{content.detected_downloaded_samples.length}})&nbsp;</span>
+		<span ng-if="content.positives">{{content.positives}}/{{content.total}} ({{content.scan_date}})</span>
+		<span ng-if="content.scans && content.scans.length > 0">Scans({{content.scans.length}})</span>
+		<span ng-if="content.resolutions && content.resolutions.length > 0">Resolutions({{content.resolutions.length}})</span>
+		<span ng-if="content.detected_urls && content.detected_urls.length > 0">Url detections({{content.detected_urls.length}})</span>
+		<span ng-if="content.detected_downloaded_samples && content.detected_downloaded_samples.length > 0">files({{content.detected_downloaded_samples.length}})</span>
 
 	</span>
 	<span ng-switch-default class="label label-warning">

build.sbt

@@ -11,10 +11,15 @@ lazy val thehiveMisp = (project in file("thehive-misp"))
   .dependsOn(thehiveBackend)
   .settings(publish := {})
 
+lazy val thehiveCortex = (project in file("thehive-cortex"))
+  .dependsOn(thehiveBackend)
+  .settings(publish := {})
+  .settings(SbtScalariform.scalariformSettings: _*)
+
 lazy val main = (project in file("."))
   .enablePlugins(PlayScala)
-  .dependsOn(thehiveBackend, thehiveMetrics, thehiveMisp)
-  .aggregate(thehiveBackend, thehiveMetrics, thehiveMisp)
+  .dependsOn(thehiveBackend, thehiveMetrics, thehiveMisp, thehiveCortex)
+  .aggregate(thehiveBackend, thehiveMetrics, thehiveMisp, thehiveCortex)
   .settings(aggregate in Docker := false)
   .settings(PublishToBinTray.settings: _*)
   .settings(Release.settings: _*)
@@ -113,8 +118,6 @@ import scalariform.formatter.preferences._
 import com.typesafe.sbt.SbtScalariform
 import com.typesafe.sbt.SbtScalariform.ScalariformKeys
 
-SbtScalariform.defaultScalariformSettings
-
 ScalariformKeys.preferences in ThisBuild := ScalariformKeys.preferences.value
   .setPreference(AlignParameters, false)
 //  .setPreference(FirstParameterOnNewline, Force)

thehive-backend/app/connectors/Connectors.scala

@@ -4,17 +4,19 @@ import javax.inject.Inject
 
 import scala.collection.immutable
 
+import play.api.libs.json.{ JsObject, Json }
 import play.api.mvc.{ Action, Results }
 import play.api.routing.{ Router, SimpleRouter }
 import play.api.routing.sird.UrlContext
 
-import net.codingwell.scalaguice.{ ScalaModule, ScalaMultibinder }
-
 import com.google.inject.AbstractModule
 
+import net.codingwell.scalaguice.{ ScalaModule, ScalaMultibinder }
+
 trait Connector {
   val name: String
   val router: Router
+  val status: JsObject = Json.obj("enabled" → true)
 }
 
 class ConnectorRouter @Inject() (connectors: immutable.Set[Connector]) extends SimpleRouter {

thehive-backend/app/controllers/Artifact.scala

@@ -5,8 +5,7 @@ import javax.inject.{ Inject, Singleton }
 import scala.concurrent.{ ExecutionContext, Future }
 
 import play.api.http.Status
-import play.api.libs.json.{ JsArray, Json }
-import play.api.libs.json.Json.toJsFieldJsValueWrapper
+import play.api.libs.json.JsArray
 import play.api.mvc.Controller
 
 import org.elastic4play.{ BadRequestError, Timed }
@@ -16,13 +15,11 @@ import org.elastic4play.services.{ Agg, AuxSrv }
 import org.elastic4play.services.{ QueryDSL, QueryDef, Role }
 import org.elastic4play.services.JsonFormat.{ aggReads, queryReads }
 
-import models.JsonFormat.analyzerWrites
-import services.{ AnalyzerSrv, ArtifactSrv }
+import services.ArtifactSrv
 
 @Singleton
 class ArtifactCtrl @Inject() (
     artifactSrv: ArtifactSrv,
-    analyzerSrv: AnalyzerSrv,
     auxSrv: AuxSrv,
     authenticated: Authenticated,
     renderer: Renderer,
@@ -54,10 +51,8 @@ class ArtifactCtrl @Inject() (
 
   @Timed
   def get(id: String) = authenticated(Role.read).async(fieldsBodyParser) { implicit request ⇒
-    for {
-      artifact ← artifactSrv.get(id, request.body.getStrings("fields").map("dataType" +: _))
-      analyzers ← analyzerSrv.availableFor(artifact.dataType()).map(multiResult ⇒ Json.toJson(multiResult))
-    } yield renderer.toOutput(OK, Json.obj("artifact" → artifact, "analyzers" → analyzers))
+    artifactSrv.get(id, request.body.getStrings("fields").map("dataType" +: _))
+      .map(artifact ⇒ renderer.toOutput(OK, artifact))
   }
 
   @Timed

thehive-backend/app/controllers/Status.scala

@@ -36,7 +36,7 @@ class StatusCtrl @Inject() (
         "Play" → getVersion(classOf[Controller]),
         "Elastic4s" → getVersion(classOf[ElasticDsl]),
         "ElasticSearch" → getVersion(classOf[org.elasticsearch.Build])),
-      "connectors" → JsObject(connectors.map(c ⇒ c.name → Json.obj("enabled" → true)).toSeq),
+      "connectors" → JsObject(connectors.map(c ⇒ c.name → c.status).toSeq),
       "config" → Json.obj(
         "authType" → (authSrv match {
           case multiAuthSrv: MultiAuthSrv ⇒ multiAuthSrv.authProviders.map { a ⇒ JsString(a.name) }

thehive-backend/app/models/JsonFormat.scala

@@ -14,18 +14,9 @@ object JsonFormat {
   implicit val caseResolutionStatusFormat = enumFormat(CaseResolutionStatus)
   implicit val caseImpactStatusFormat = enumFormat(CaseImpactStatus)
   implicit val artifactStatusFormat = enumFormat(ArtifactStatus)
-  implicit val jobStatusFormat = enumFormat(JobStatus)
   implicit val taskStatusFormat = enumFormat(TaskStatus)
   implicit val logStatusFormat = enumFormat(LogStatus)
   implicit val caseTemplateStatusFormat = enumFormat(CaseTemplateStatus)
 
   implicit val pathWrites: Writes[Path] = Writes((value: Path) ⇒ JsString(value.toString))
-
-  implicit val analyzerWrites: Writes[Analyzer] = Writes((analyzer: Analyzer) ⇒
-    Json.obj(
-      "name" → analyzer.name,
-      "version" → analyzer.version,
-      "description" → analyzer.description,
-      "dataTypeList" → analyzer.dataTypeList,
-      "id" → analyzer.id))
 }