Fix duplicated audits when creating a log with attachment

TheHive-Project · Dec 18, 2020 · f462cdb · f462cdb
1 parent 54596fe
commit f462cdb
Show file tree

Hide file tree

Showing 5 changed files with 12 additions and 31 deletions.
diff --git a/...nnector/src/main/scala/org/thp/thehive/connector/cortex/services/ActionOperationSrv.scala b/...nnector/src/main/scala/org/thp/thehive/connector/cortex/services/ActionOperationSrv.scala
@@ -90,7 +90,7 @@ class ActionOperationSrv @Inject() (
       case AddLogToTask(content, _) =>
         for {
           t <- relatedTask.fold[Try[Task with Entity]](Failure(InternalError("Unable to apply action AddLogToTask without task")))(Success(_))
-          _ <- logSrv.create(Log(content, new Date(), deleted = false), t)
+          _ <- logSrv.create(Log(content, new Date(), deleted = false), t, None)
         } yield updateOperation(operation)
 
       case AddArtifactToCase(_, dataType, dataMessage) =>

diff --git a/migration/src/main/scala/org/thp/thehive/migration/th4/Output.scala b/migration/src/main/scala/org/thp/thehive/migration/th4/Output.scala
@@ -586,7 +586,7 @@ class Output @Inject() (
         _ = updateMetaData(log, inputLog.metaData)
         _ <- inputLog.attachments.toTry { inputAttachment =>
           attachmentSrv.create(inputAttachment.name, inputAttachment.size, inputAttachment.contentType, inputAttachment.data).flatMap { attachment =>
-            logSrv.addAttachment(log, attachment)
+            logSrv.logAttachmentSrv.create(LogAttachment(), log, attachment)
           }
         }
       } yield IdMapping(inputLog.metaData.id, log._id)

diff --git a/thehive/app/org/thp/thehive/controllers/v0/LogCtrl.scala b/thehive/app/org/thp/thehive/controllers/v0/LogCtrl.scala
@@ -38,10 +38,8 @@ class LogCtrl @Inject() (
               .get(EntityIdOrName(taskId))
               .can(Permissions.manageTask)
               .getOrFail("Task")
-          createdLog <- logSrv.create(inputLog.toLog, task)
-          attachment <- inputLog.attachment.map(logSrv.addAttachment(createdLog, _)).flip
-          richLog = RichLog(createdLog, attachment.toList)
-        } yield Results.Created(richLog.toJson)
+          createdLog <- logSrv.create(inputLog.toLog, task, inputLog.attachment)
+        } yield Results.Created(createdLog.toJson)
       }
 
   def update(logId: String): Action[AnyContent] =

diff --git a/thehive/app/org/thp/thehive/controllers/v1/LogCtrl.scala b/thehive/app/org/thp/thehive/controllers/v1/LogCtrl.scala
@@ -59,10 +59,8 @@ class LogCtrl @Inject() (
               .get(EntityIdOrName(taskId))
               .can(Permissions.manageTask)
               .getOrFail("Task")
-          createdLog <- logSrv.create(inputLog.toLog, task)
-          attachment <- inputLog.attachment.map(logSrv.addAttachment(createdLog, _)).flip
-          richLog = RichLog(createdLog, attachment.toList)
-        } yield Results.Created(richLog.toJson)
+          createdLog <- logSrv.create(inputLog.toLog, task, inputLog.attachment)
+        } yield Results.Created(createdLog.toJson)
       }
 
   def update(logId: String): Action[AnyContent] =

diff --git a/thehive/app/org/thp/thehive/services/LogSrv.scala b/thehive/app/org/thp/thehive/services/LogSrv.scala
@@ -27,32 +27,17 @@ class LogSrv @Inject() (attachmentSrv: AttachmentSrv, auditSrv: AuditSrv, taskSr
   val taskLogSrv       = new EdgeSrv[TaskLog, Task, Log]
   val logAttachmentSrv = new EdgeSrv[LogAttachment, Log, Attachment]
 
-  def create(log: Log, task: Task with Entity)(implicit graph: Graph, authContext: AuthContext): Try[Log with Entity] =
+  def create(log: Log, task: Task with Entity, file: Option[FFile])(implicit graph: Graph, authContext: AuthContext): Try[RichLog] =
     for {
       createdLog <- createEntity(log)
       _          <- taskLogSrv.create(TaskLog(), task, createdLog)
       user       <- userSrv.current.getOrFail("User") // user is used only if task status is waiting but the code is cleaner
       _          <- if (task.status == TaskStatus.Waiting) taskSrv.updateStatus(task, user, TaskStatus.InProgress) else Success(())
-      _          <- auditSrv.log.create(createdLog, task, RichLog(createdLog, Nil).toJson)
-    } yield createdLog
-
-  def addAttachment(log: Log with Entity, file: FFile)(implicit graph: Graph, authContext: AuthContext): Try[Attachment with Entity] =
-    for {
-      task       <- get(log).task.getOrFail("Task")
-      attachment <- attachmentSrv.create(file)
-      _          <- addAttachment(log, attachment)
-      _          <- auditSrv.log.update(log, task, Json.obj("attachment" -> attachment.name))
-    } yield attachment
-
-  def addAttachment(
-      log: Log with Entity,
-      attachment: Attachment with Entity
-  )(implicit graph: Graph, authContext: AuthContext): Try[Attachment with Entity] =
-    for {
-      _    <- logAttachmentSrv.create(LogAttachment(), log, attachment)
-      task <- get(log).task.getOrFail("Task")
-      _    <- auditSrv.log.update(log, task, Json.obj("attachment" -> attachment.name))
-    } yield attachment
+      attachment <- file.map(attachmentSrv.create).flip
+      _          <- attachment.map(logAttachmentSrv.create(LogAttachment(), createdLog, _)).flip
+      richLog = RichLog(createdLog, Nil)
+      _ <- auditSrv.log.create(createdLog, task, richLog.toJson)
+    } yield richLog
 
   def cascadeRemove(log: Log with Entity)(implicit graph: Graph, authContext: AuthContext): Try[Unit] =
     for {