Skip to content

Commit

Permalink
#2251 Add API to update all observable types
Browse files Browse the repository at this point in the history
  • Loading branch information
@To-om
To-om committed Nov 19, 2021
1 parent 6c6796a commit dbcd2f7
Show file tree
Hide file tree
Showing 6 changed files with 32 additions and 7 deletions.
4 changes: 1 addition & 3 deletions thehive/app/org/thp/thehive/controllers/v0/ObservableCtrl.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -442,9 +442,7 @@ class PublicObservable @Inject() (
newDataType <- observableTypeSrv.getByName(value)(graph).getOrFail("ObservableType")
isSameType = currentDataType.isAttachment == newDataType.isAttachment
_ <- if (isSameType) Success(()) else Failure(BadRequestError("Can not update dataType: isAttachment does not match"))
_ <- Try(observableSrv.get(vertex)(graph).update(_.dataType, value).iterate())
_ = observableSrv.get(vertex)(graph).outE[ObservableObservableType].remove()
_ <- observableSrv.observableObservableTypeSrv.create(ObservableObservableType(), observable, newDataType)(graph, authContext)
_ <- observableSrv.updateType(observable, newDataType)(graph, authContext)
} yield Json.obj("dataType" -> value)
})
.property("data", UMapping.string.optional)(_.field.readonly)
Expand Down
13 changes: 13 additions & 0 deletions thehive/app/org/thp/thehive/controllers/v1/ObservableCtrl.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ import org.thp.thehive.models._
import org.thp.thehive.services.AlertOps._
import org.thp.thehive.services.CaseOps._
import org.thp.thehive.services.ObservableOps._
import org.thp.thehive.services.ObservableTypeOps._
import org.thp.thehive.services.OrganisationOps._
import org.thp.thehive.services.ShareOps._
import org.thp.thehive.services._
Expand Down Expand Up @@ -312,6 +313,18 @@ class ObservableCtrl @Inject() (
.map(_ => Results.NoContent)
}

def updateAllTypes(fromType: String, toType: String): Action[AnyContent] =
entrypoint("update all observable types")
.authPermittedTransaction(db, Permissions.managePlatform) { implicit request => implicit graph =>
for {
from <- observableTypeSrv.getOrFail(EntityIdOrName(fromType))
to <- observableTypeSrv.getOrFail(EntityIdOrName(toType))
isSameType = from.isAttachment == to.isAttachment
_ <- if (isSameType) Success(()) else Failure(BadRequestError("Can not update dataType: isAttachment does not match"))
_ <- observableTypeSrv.get(from).observables.toIterator.toTry(observableSrv.updateType(_, to))
} yield Results.NoContent
}

def bulkUpdate: Action[AnyContent] =
entrypoint("bulk update")
.extract("input", FieldsParser.update("observable", publicProperties))
Expand Down
4 changes: 1 addition & 3 deletions thehive/app/org/thp/thehive/controllers/v1/Properties.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -449,9 +449,7 @@ class Properties @Inject() (
newDataType <- observableTypeSrv.getByName(value)(graph).getOrFail("ObservableType")
isSameType = currentDataType.isAttachment == newDataType.isAttachment
_ <- if (isSameType) Success(()) else Failure(BadRequestError("Can not update dataType: isAttachment does not match"))
_ <- Try(observableSrv.get(vertex)(graph).update(_.dataType, value).iterate())
_ = observableSrv.get(vertex)(graph).outE[ObservableObservableType].remove()
_ <- observableSrv.observableObservableTypeSrv.create(ObservableObservableType(), observable, newDataType)(graph, authContext)
_ <- observableSrv.updateType(observable, newDataType)(graph, authContext)
} yield Json.obj("dataType" -> value)
})
.property("data", UMapping.string.optional)(_.field.readonly)
Expand Down
3 changes: 2 additions & 1 deletion thehive/app/org/thp/thehive/controllers/v1/Router.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -77,7 +77,8 @@ class Router @Inject() (
case PATCH(p"/observable/_bulk") => observableCtrl.bulkUpdate
case PATCH(p"/observable/$observableId") => observableCtrl.update(observableId)
// case GET(p"/observable/$observableId/similar") => observableCtrl.findSimilar(observableId)
case POST(p"/observable/$observableId/shares") => shareCtrl.shareObservable(observableId)
case POST(p"/observable/$observableId/shares") => shareCtrl.shareObservable(observableId)
case PUT(p"/observable/type/update/$fromType/$toType") => observableCtrl.updateAllTypes(fromType, toType)

case GET(p"/caseTemplate") => caseTemplateCtrl.list
case POST(p"/caseTemplate") => caseTemplateCtrl.create
Expand Down
13 changes: 13 additions & 0 deletions thehive/app/org/thp/thehive/services/ObservableSrv.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -192,6 +192,19 @@ class ObservableSrv @Inject() (
.getOrFail("Observable")
.flatMap(observable => auditSrv.observable.update(observable, updatedFields))
}

def updateType(observable: Observable with Entity, observableType: ObservableType with Entity)(implicit
graph: Graph,
authContext: AuthContext
): Try[Unit] = {
get(observable)
.update(_.dataType, observableType.name)
.outE[ObservableObservableType]
.remove()
observableObservableTypeSrv
.create(ObservableObservableType(), observable, observableType)
.flatMap(_ => auditSrv.observable.update(observable, Json.obj("dataType" -> observableType.name)))
}
}

object ObservableOps {
Expand Down
2 changes: 2 additions & 0 deletions thehive/app/org/thp/thehive/services/ObservableTypeSrv.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,8 @@ object ObservableTypeOps {
idOrName.fold(traversal.getByIds(_), getByName)

def getByName(name: String): Traversal.V[ObservableType] = traversal.has(_.name, name)

def observables: Traversal.V[Observable] = traversal.in[ObservableObservableType].v[Observable]
}
}

Expand Down

0 comments on commit dbcd2f7

Please sign in to comment.