#1761 Fix organisation in authContext

TheHive-Project · Feb 3, 2021 · e2982b9 · e2982b9
1 parent a90edda
commit e2982b9
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 7 deletions.
diff --git a/misp/connector/src/main/scala/org/thp/thehive/connector/misp/services/MispActor.scala b/misp/connector/src/main/scala/org/thp/thehive/connector/misp/services/MispActor.scala
@@ -12,8 +12,7 @@ case object Synchro extends MispMessage
 
 class MispActor @Inject() (
     connector: Connector,
-    mispImportSrv: MispImportSrv,
-    userSrv: UserSrv
+    mispImportSrv: MispImportSrv
 ) extends Actor {
   import context.dispatcher
 
@@ -34,7 +33,7 @@ class MispActor @Inject() (
       scheduledSynchronisation.cancel()
       logger.info(s"Synchronising MISP events for ${connector.clients.map(_.name).mkString(",")}")
       connector.clients.filter(_.canImport).foreach { mispClient =>
-        mispImportSrv.syncMispEvents(mispClient)(userSrv.getSystemAuthContext)
+        mispImportSrv.syncMispEvents(mispClient)
       }
       logger.info("MISP synchronisation is complete")
       context.become(receive(context.system.scheduler.scheduleOnce(connector.syncInterval, self, Synchro)))

diff --git a/misp/connector/src/main/scala/org/thp/thehive/connector/misp/services/MispImportSrv.scala b/misp/connector/src/main/scala/org/thp/thehive/connector/misp/services/MispImportSrv.scala
@@ -6,7 +6,7 @@ import akka.util.ByteString
 import org.apache.tinkerpop.gremlin.process.traversal.P
 import org.apache.tinkerpop.gremlin.structure.Graph
 import org.thp.misp.dto.{Attribute, Event, Tag => MispTag}
-import org.thp.scalligraph.auth.AuthContext
+import org.thp.scalligraph.auth.{AuthContext, UserSrv}
 import org.thp.scalligraph.controllers.FFile
 import org.thp.scalligraph.models._
 import org.thp.scalligraph.traversal.TraversalOps._
@@ -17,7 +17,7 @@ import org.thp.thehive.models._
 import org.thp.thehive.services.AlertOps._
 import org.thp.thehive.services.ObservableOps._
 import org.thp.thehive.services.OrganisationOps._
-import org.thp.thehive.services._
+import org.thp.thehive.services.{UserSrv => _, _}
 import play.api.Logger
 import play.api.libs.json._
 
@@ -38,6 +38,7 @@ class MispImportSrv @Inject() (
     attachmentSrv: AttachmentSrv,
     caseTemplateSrv: CaseTemplateSrv,
     auditSrv: AuditSrv,
+    userSrv: UserSrv,
     @Named("with-thehive-schema") db: Database,
     implicit val ec: ExecutionContext,
     implicit val mat: Materializer
@@ -378,13 +379,12 @@ class MispImportSrv @Inject() (
     }
   }
 
-  def syncMispEvents(client: TheHiveMispClient)(implicit authContext: AuthContext): Unit =
+  def syncMispEvents(client: TheHiveMispClient): Unit =
     client
       .currentOrganisationName
       .fold(
         error => logger.error("Unable to get MISP organisation", error),
         mispOrganisation => {
-
           val caseTemplate = client.caseTemplate.flatMap { caseTemplateName =>
             db.roTransaction { implicit graph =>
               caseTemplateSrv.get(EntityName(caseTemplateName)).headOption
@@ -406,6 +406,7 @@ class MispImportSrv @Inject() (
           QueueIterator(queue).foreach { event =>
             logger.debug(s"Importing event ${client.name}#${event.id} in organisation(s): ${organisations.mkString(",")}")
             organisations.foreach { organisation =>
+              implicit val authContext: AuthContext = userSrv.getSystemAuthContext.changeOrganisation(organisation._id, Profile.admin.permissions)
               db.tryTransaction { implicit graph =>
                 auditSrv.mergeAudits {
                   updateOrCreateAlert(client, organisation, mispOrganisation, event, caseTemplate)