From b123299376b0a8ec5b6c849d65afe9b6ea9e4b8e Mon Sep 17 00:00:00 2001 From: Maham Riaz Keyani Date: Thu, 17 Oct 2024 13:24:41 +0500 Subject: [PATCH 01/80] docker and flask setup --- docker-compose.base.yml | 3 +++ docker-compose.dev.yml | 2 ++ source/app/alembic.ini | 3 +-- source/app/iris_engine/utils/tracker.py | 9 +++++---- source/app/post_init.py | 3 ++- source/requirements.txt | 1 + 6 files changed, 14 insertions(+), 7 deletions(-) diff --git a/docker-compose.base.yml b/docker-compose.base.yml index 2f29ecc54..0305533ec 100644 --- a/docker-compose.base.yml +++ b/docker-compose.base.yml @@ -34,6 +34,8 @@ services: - POSTGRES_DB networks: - iris_backend + ports: + - "0.0.0.0:5432:5432" volumes: - db_data:/var/lib/postgresql/data @@ -47,6 +49,7 @@ services: - iris-downloads:/home/iris/downloads - user_templates:/home/iris/user_templates - server_data:/home/iris/server_data + - ./source/app:/iriswebapp/app restart: always depends_on: - "rabbitmq" diff --git a/docker-compose.dev.yml b/docker-compose.dev.yml index 8be1806c0..c79258788 100644 --- a/docker-compose.dev.yml +++ b/docker-compose.dev.yml @@ -31,6 +31,7 @@ services: image: iriswebapp_db:v2.4.7 ports: - "127.0.0.1:5432:5432" + - "0.0.0.0:5432:5432" app: extends: @@ -42,6 +43,7 @@ services: image: iriswebapp_app:v2.4.7 ports: - "127.0.0.1:8000:8000" + - "0.0.0.0:5678:5678" worker: extends: diff --git a/source/app/alembic.ini b/source/app/alembic.ini index bae233cac..9d9e00091 100644 --- a/source/app/alembic.ini +++ b/source/app/alembic.ini @@ -1,7 +1,6 @@ [alembic] # path to migration scripts -script_location = app/alembic - +script_location = source/app/alembic # template used to generate migration files # file_template = %%(rev)s_%%(slug)s diff --git a/source/app/iris_engine/utils/tracker.py b/source/app/iris_engine/utils/tracker.py index 59e086caf..8ec9b2b7a 100644 --- a/source/app/iris_engine/utils/tracker.py +++ b/source/app/iris_engine/utils/tracker.py @@ -52,10 +52,11 @@ def track_activity(message, caseid=None, ctx_less=False, user_input=False, displ ua.activity_date = datetime.utcnow() ua.activity_desc = message.capitalize() - if current_user.is_authenticated: - log.info(f"{current_user.user} [#{current_user.id}] :: Case {caseid} :: {ua.activity_desc}") - else: - log.info(f"Anonymous :: Case {caseid} :: {ua.activity_desc}") + # if current_user.is_authenticated: + # pass + # log.info(f"{current_user.user} [#{current_user.id}] :: Case {caseid} :: {ua.activity_desc}") + # else: + # log.info(f"Anonymous :: Case {caseid} :: {ua.activity_desc}") ua.user_input = user_input ua.display_in_ui = display_in_ui diff --git a/source/app/post_init.py b/source/app/post_init.py index c64d06ab5..9383b5cc5 100644 --- a/source/app/post_init.py +++ b/source/app/post_init.py @@ -153,7 +153,8 @@ def run_post_init(development=False): log.info("Running DB migration") - alembic_cfg = Config(file_='app/alembic.ini') + # alembic_cfg = Config(file_='app/alembic.ini') + alembic_cfg = Config(file_='source/app/alembic.ini') alembic_cfg.set_main_option('sqlalchemy.url', app.config['SQLALCHEMY_DATABASE_URI']) command.upgrade(alembic_cfg, 'head') diff --git a/source/requirements.txt b/source/requirements.txt index a29374dfc..69c5a234e 100644 --- a/source/requirements.txt +++ b/source/requirements.txt @@ -37,6 +37,7 @@ graphene==3.3 qrcode[pil]==7.4.2 dictdiffer==0.2.0 oic==1.7.0 +Debugpy # unfortunately we are relying on a beta version here. I hope a definitive version gets released soon graphql-server[flask]==3.0.0b7 graphene-sqlalchemy==3.0.0rc1 From 1d6a741ef8af091ad1d5e6a905260f230eb1c1d7 Mon Sep 17 00:00:00 2001 From: Muhammad Hanzila Date: Fri, 18 Oct 2024 21:14:36 +0500 Subject: [PATCH 02/80] local setup changes --- docker-compose.base.yml | 2 ++ docker-compose.dev.yml | 5 ++--- source/app/alembic.ini | 2 +- source/app/iris_engine/utils/tracker.py | 8 ++++---- source/app/post_init.py | 2 +- source/requirements.txt | 1 + 6 files changed, 11 insertions(+), 9 deletions(-) diff --git a/docker-compose.base.yml b/docker-compose.base.yml index 2f29ecc54..85371485c 100644 --- a/docker-compose.base.yml +++ b/docker-compose.base.yml @@ -36,6 +36,8 @@ services: - iris_backend volumes: - db_data:/var/lib/postgresql/data + ports: + - "0.0.0.0:5432:5432" app: container_name: iriswebapp_app diff --git a/docker-compose.dev.yml b/docker-compose.dev.yml index 8be1806c0..1f6f9d5af 100644 --- a/docker-compose.dev.yml +++ b/docker-compose.dev.yml @@ -16,7 +16,6 @@ # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. services: - rabbitmq: extends: file: docker-compose.base.yml @@ -31,6 +30,7 @@ services: image: iriswebapp_db:v2.4.7 ports: - "127.0.0.1:5432:5432" + - "0.0.0.0:5432:5432" app: extends: @@ -63,7 +63,6 @@ services: NGINX_CONF_FILE: nginx.conf image: iriswebapp_nginx:v2.4.7 - volumes: iris-downloads: user_templates: @@ -74,4 +73,4 @@ networks: iris_backend: name: iris_backend iris_frontend: - name: iris_frontend \ No newline at end of file + name: iris_frontend diff --git a/source/app/alembic.ini b/source/app/alembic.ini index bae233cac..0c1d8af90 100644 --- a/source/app/alembic.ini +++ b/source/app/alembic.ini @@ -1,6 +1,6 @@ [alembic] # path to migration scripts -script_location = app/alembic +script_location = source/app/alembic # template used to generate migration files # file_template = %%(rev)s_%%(slug)s diff --git a/source/app/iris_engine/utils/tracker.py b/source/app/iris_engine/utils/tracker.py index 59e086caf..eb0078af6 100644 --- a/source/app/iris_engine/utils/tracker.py +++ b/source/app/iris_engine/utils/tracker.py @@ -52,10 +52,10 @@ def track_activity(message, caseid=None, ctx_less=False, user_input=False, displ ua.activity_date = datetime.utcnow() ua.activity_desc = message.capitalize() - if current_user.is_authenticated: - log.info(f"{current_user.user} [#{current_user.id}] :: Case {caseid} :: {ua.activity_desc}") - else: - log.info(f"Anonymous :: Case {caseid} :: {ua.activity_desc}") + # if current_user.is_authenticated: + # log.info(f"{current_user.user} [#{current_user.id}] :: Case {caseid} :: {ua.activity_desc}") + # else: + # log.info(f"Anonymous :: Case {caseid} :: {ua.activity_desc}") ua.user_input = user_input ua.display_in_ui = display_in_ui diff --git a/source/app/post_init.py b/source/app/post_init.py index c64d06ab5..ff21d9f39 100644 --- a/source/app/post_init.py +++ b/source/app/post_init.py @@ -153,7 +153,7 @@ def run_post_init(development=False): log.info("Running DB migration") - alembic_cfg = Config(file_='app/alembic.ini') + alembic_cfg = Config(file_='source/app/alembic.ini') alembic_cfg.set_main_option('sqlalchemy.url', app.config['SQLALCHEMY_DATABASE_URI']) command.upgrade(alembic_cfg, 'head') diff --git a/source/requirements.txt b/source/requirements.txt index a29374dfc..77c10ebc9 100644 --- a/source/requirements.txt +++ b/source/requirements.txt @@ -40,6 +40,7 @@ oic==1.7.0 # unfortunately we are relying on a beta version here. I hope a definitive version gets released soon graphql-server[flask]==3.0.0b7 graphene-sqlalchemy==3.0.0rc1 +Debugpy dependencies/docx_generator-0.8.0-py3-none-any.whl dependencies/iris_interface-1.2.0-py3-none-any.whl From 46aa119df26f04e8bf62b9625a5c4b9506101ccc Mon Sep 17 00:00:00 2001 From: Maham Riaz Keyani Date: Wed, 23 Oct 2024 14:40:28 +0500 Subject: [PATCH 03/80] webhooks-route added to advance --- .../manage/manage_webhooks_routes.py | 18 ++++++++ .../manage/templates/modal_case_template.html | 46 +++++++++++++------ source/app/templates/includes/sidenav.html | 6 +++ source/app/views.py | 2 + 4 files changed, 59 insertions(+), 13 deletions(-) create mode 100644 source/app/blueprints/manage/manage_webhooks_routes.py diff --git a/source/app/blueprints/manage/manage_webhooks_routes.py b/source/app/blueprints/manage/manage_webhooks_routes.py new file mode 100644 index 000000000..b38d01618 --- /dev/null +++ b/source/app/blueprints/manage/manage_webhooks_routes.py @@ -0,0 +1,18 @@ +import json +from flask import Blueprint, redirect, render_template, request, url_for +from app import db +from app.models.authorization import Permissions +from app.util import ac_api_requires, ac_requires, response_error, response_success + +manage_webhooks_blueprint = Blueprint('manage_webhooks', __name__, template_folder='templates') + +# CONTENT ------------------------------------------------ +@manage_webhooks_blueprint.route('/manage/webhooks') +@ac_requires(Permissions.server_administrator, no_cid_required=True) +def manage_webhooks(caseid, url_redir): + if url_redir: + return redirect(url_for('manage_webhooks.manage_webhooks', cid=caseid)) + + return render_template('manage_webhooks.html') + + diff --git a/source/app/blueprints/manage/templates/modal_case_template.html b/source/app/blueprints/manage/templates/modal_case_template.html index 65321530c..6b865914b 100644 --- a/source/app/blueprints/manage/templates/modal_case_template.html +++ b/source/app/blueprints/manage/templates/modal_case_template.html @@ -51,6 +51,9 @@

Field types

  • tags: A list of case tags.
  • tasks: A list of dictionaries defining tasks. Tasks are defined by title (required), description, and list of tags.
  • note_directories: A list of dictionaries defining note directories. Note directories are defined by title (required), and list of notes. Notes have title (required) and content
    • +
  • actions: A list of dictionaries defining actions that can be triggered from case pages. Each action is defined by a name (required), url, header and a payload.
    • +
  • triggers: A list of dictionaries defining triggers that are executed on case creation. Each trigger is defined by a name (required), order, url, header, and a payload.
    • + @@ -94,28 +97,45 @@

    Field types

    "title": "Containment" } ], + "actions":[ + { + "name":"Name of the action", + "url":"URL of the target webhook", + "header":[{"key1":"value1"}, {"key2":"value2"}, {"keyn":"valuen"}], + "payload":{"key1":"fixed value", "key2":"<>" } + } + ], "note_directories": [ { "title": "Identify", "notes": [ - { - "title": "Identify the compromised accounts", - "content": "# Observations\n\n" - } - ] + { + "title": "Identify the compromised accounts", + "content": "# Observations\n\n" + } + ] }, { "title": "Collect", "notes": [ - { - "title": "Velociraptor deployment" - }, - { - "title": "Assets collected", - "content": "# Assets collected\n\n# Assets not collected" - } - ] + { + "title": "Velociraptor deployment" + }, + { + "title": "Assets collected", + "content": "# Assets collected\n\n# Assets not collected" + } + ] } + ], + "triggers":[ + { + "order":10, + "name":"Name of the action", + "url":"URL of the target webhook", + "header":[{"key1":"value1"}, {"key2":"value2"}, {"keyn":"valuen"}], + "payload":{"key1":"fixed value", "key2":"<>" } + } ] } diff --git a/source/app/templates/includes/sidenav.html b/source/app/templates/includes/sidenav.html index e39592652..dfd76ccf5 100644 --- a/source/app/templates/includes/sidenav.html +++ b/source/app/templates/includes/sidenav.html @@ -163,6 +163,12 @@

    Manage

    Case Templates +
  • + + + Shuffler WebHooks + +
    • {% endif %} {% if user_has_perm(std_permissions.server_administrator) %}
  • diff --git a/source/app/views.py b/source/app/views.py index 916eb75e2..232466076 100644 --- a/source/app/views.py +++ b/source/app/views.py @@ -59,6 +59,7 @@ from app.blueprints.manage.manage_task_status_routes import manage_task_status_blueprint from app.blueprints.manage.manage_templates_routes import manage_templates_blueprint from app.blueprints.manage.manage_tlps_routes import manage_tlp_type_blueprint +from app.blueprints.manage.manage_webhooks_routes import manage_webhooks_blueprint from app.blueprints.manage.manage_case_templates_routes import manage_case_templates_blueprint from app.blueprints.manage.manage_users import manage_users_blueprint from app.blueprints.overview.overview_routes import overview_blueprint @@ -99,6 +100,7 @@ app.register_blueprint(manage_evidence_types_blueprint) app.register_blueprint(manage_assets_blueprint) app.register_blueprint(manage_tags_blueprint) +app.register_blueprint(manage_webhooks_blueprint) app.register_blueprint(saved_filters_blueprint) app.register_blueprint(ctx_blueprint) From a28fc8574022dad3fdb99240b2bd4d7338ed0d21 Mon Sep 17 00:00:00 2001 From: Maham Riaz Keyani Date: Thu, 31 Oct 2024 11:52:52 +0500 Subject: [PATCH 04/80] added action buttons and tiggers and actions card --- .../case/templates/case-nav_actions.html | 64 +++ .../app/blueprints/case/templates/case.html | 490 ++++++++++++------ .../js/iris/case.actions-and-triggers.js | 63 +++ 3 files changed, 448 insertions(+), 169 deletions(-) create mode 100644 source/app/blueprints/case/templates/case-nav_actions.html create mode 100644 source/app/static/assets/js/iris/case.actions-and-triggers.js diff --git a/source/app/blueprints/case/templates/case-nav_actions.html b/source/app/blueprints/case/templates/case-nav_actions.html new file mode 100644 index 000000000..ff30fd259 --- /dev/null +++ b/source/app/blueprints/case/templates/case-nav_actions.html @@ -0,0 +1,64 @@ +
    +
    +
    +
    +
    +
      +
    • + +
      • +
    • +
      + + +
      +
      • +
    • + +
      • +
    • + {% if case.review_status.status_name == "Not reviewed" or not + case.review_status %} + + {% endif %} +
      • +
    +
    +
    +
    +
    +
    diff --git a/source/app/blueprints/case/templates/case.html b/source/app/blueprints/case/templates/case.html index 9e6e213e3..1d3cb49e7 100644 --- a/source/app/blueprints/case/templates/case.html +++ b/source/app/blueprints/case/templates/case.html @@ -18,7 +18,7 @@
    {% else %}
    - {% endif %} + {% endif %}
    @@ -28,51 +28,76 @@

    {{ case.name|unquote }}

    -
    +
    -
    Open on {{ case.open_date }} by {{ case.user.name }}
    -
    Owned by {{ case.owner.name }}
    - {% if case.close_date %} -
    Closed on {{ case.close_date }}
    - {% endif %} -
    -
    -
    - {% if case.severity %} {{ case.severity.severity_name }}{% endif %} - {{ case.status_name }} +
    Open on {{ case.open_date }} by {{ + case.user.name }}
    +
    Owned by {{ case.owner.name }}
    + {% if case.close_date %} +
    Closed on {{ case.close_date }}
    + {% endif %}
    -
    -
    -
    -
    Customer : {{ case.client.name }}
    +
    +
    + {% if case.severity %} {{ + case.severity.severity_name }}{% endif %} + {{ case.status_name + }} +
    +
    +
    +
    +
    Customer : {{ + case.client.name }}
    +
    +
    + {% if case.soc_id %}
    SOC ID + : {{ case.soc_id }}
    {% endif %} +
    -
    - {% if case.soc_id %}
    SOC ID : {{ case.soc_id }}
    {% endif %} -
    -
    - {% if case.state %}
    {{ case.state.state_name }}
    {% endif %} - {% if case.classification %}
    {{ case.classification.name_expanded }}
    {% endif %} - {% if case.alerts| length > 0 %}
    {{ case.alerts| length }} related alerts
    {% endif %} + {% if case.state %}
    {{ + case.state.state_name }}
    {% endif %} + {% if case.classification %}
    {{ + case.classification.name_expanded }}
    {% endif %} + {% if case.alerts| length > 0 %}
    {{ + case.alerts| length }} related alerts
    {% endif %} {% if case.review_status.status_name == "Reviewed" %} -
    Case reviewed by {% if case.reviewer.id == current_user.id %} you {% else %} {{ case.reviewer.name }} {% endif %}
    +
    Case reviewed by {% if + case.reviewer.id == current_user.id %} you {% else %} {{ case.reviewer.name }} + {% endif %}
    {% endif %}
    {% if case.case_tags %} {% for tag in case.case_tags %} - {{ tag }} + {{ + tag }} {% endfor %} {% endif %}
    @@ -84,31 +109,42 @@
    {% include 'case-nav_landing.html' %}
    - + - {% if case.reviewer_id == current_user.id and case.review_status.status_name != "Reviewed" and case.review_status.status_name != "Not reviewed" %} -
    • +
  • + + Triggers +
    • diff --git a/source/app/blueprints/case/templates/case.html b/source/app/blueprints/case/templates/case.html index 1d3cb49e7..fd18458b1 100644 --- a/source/app/blueprints/case/templates/case.html +++ b/source/app/blueprints/case/templates/case.html @@ -11,6 +11,7 @@ {% include 'includes/navigation_ext.html' %} {% include 'includes/sidenav.html' %} +
    @@ -233,264 +234,212 @@

    Case summary {{ "(Syncing with DB )" if case.i

    - -
    - {% include 'case-nav_actions.html' %} -
    -
    -
    -
    -
    -
    - -

    Actions and Triggers

    -     -
    - -
    -
    + + +
    diff --git a/source/app/blueprints/case/templates/modal_add_case_task.html b/source/app/blueprints/case/templates/modal_add_case_task.html index 78e03aa62..770bd33db 100644 --- a/source/app/blueprints/case/templates/modal_add_case_task.html +++ b/source/app/blueprints/case/templates/modal_add_case_task.html @@ -8,25 +8,34 @@

    {% if task.id %} Task ID #{{ task.id }}{% else %} {% include 'modals/modal_attributes_nav.html' %}
    - {% if task.id %} -
    - - -
    - + +
    + - {% endif %} - - + + {% endif %} + +

    @@ -35,86 +44,129 @@

    {% if task.id %} Task ID #{{ task.id }}{% else %}
    -
    -
    -
    -
    -
    - {{ form.hidden_tag() }} -
    -
    - - {{ form.task_assignees_id(class="selectpicker col-12", data_actions_box="true", data_dropup_auto="false") }} +
    +
    +
    + +
    + {{ form.hidden_tag() }} +
    +
    + + {{ form.task_assignees_id(class="selectpicker col-12", data_actions_box="true", + data_dropup_auto="false") }} -
    -
    - - {{ form.task_status_id(class="selectpicker col-12") }} -
    -
    - - {{ form.task_title(class='form-control col-md-12 col-sm-12', autocomplete="off") }} +
    + + {{ form.task_status_id(class="selectpicker col-12") }}
    -
    - -
    -
    - - +
    +
    + + {{ form.task_title(class='form-control col-md-12 col-sm-12', autocomplete="off") }} +
    +
    + +
    +
    + + +
    +
    + -
    - +
    +
    +
    + {% if task.task_description %}{{ task.task_description }}{% endif %}
    +
    -
    -
    -
    {% if task.task_description %}{{ task.task_description }}{% endif %}
    - -
    - +
    -
    - - +
    +
    + + +
    + {% if task.id %} +
    + + + +
    + + +
    +
    +
    +
    + + + + + + + + + + +
    IDTasksActionResponseExecution Time
    - -
    + {% endif %} + +
    + +
    - {% include 'modals/modal_attributes_tabs.html' %} -
    +
    + {% include 'modals/modal_attributes_tabs.html' %} +
    {% if task.id %} - - + + {% else %} - + {% endif %}
    - +{% block javascripts %} + + + + + + +{% endblock javascripts %} \ No newline at end of file diff --git a/source/app/static/assets/js/iris/case.actions-and-triggers.js b/source/app/static/assets/js/iris/case.actions-and-triggers.js deleted file mode 100644 index a6bf0159d..000000000 --- a/source/app/static/assets/js/iris/case.actions-and-triggers.js +++ /dev/null @@ -1,63 +0,0 @@ -$('#actions_triggers_table').dataTable({ - "data": dummyData, // Use dummy data instead of AJAX - "order": [[2, "desc"]], // Sort by 'created_at' column in descending order - "autoWidth": false, - "columns": [ - { 'data': 'id' }, // Unique ID - { 'data': 'action_name' }, // Name of the action - { 'data': 'trigger_condition' }, // Condition for triggering - { 'data': 'created_at' }, // Creation date - { 'data': 'status' }, // Status (Active/Inactive) - { 'data': 'user' } // user status - ], - "columnDefs": [ - { - "render": function (data, type, row) { - data = sanitizeHTML(data); - return '' + data + ''; - }, - "targets": [1] - }, - { - "render": function (data, type, row) { - data = sanitizeHTML(data); - return '' + data + ''; - }, - "targets": [2] - }, - { - "render": function (data, type, row) { - const date = new Date(data); - return date.toLocaleDateString("en-US", { - year: "numeric", - month: "short", - day: "numeric", - }); - }, - "targets": [3] - }, - { - "render": function (data, type, row) { - if (data === true) { - return ' Active'; - } else { - return ' Inactive'; - } - }, - "targets": [4] - }, - { - "render": function (data, type, row) { - if (data === false) { - return ''; - } else { - return ' user'; - } - }, - "targets": [5] - } - ], - "initComplete": function () { - $('[data-toggle="tooltip"]').tooltip(); - } -}); diff --git a/source/app/static/assets/js/iris/case.tasks.js b/source/app/static/assets/js/iris/case.tasks.js index f5accfb93..7c4c32464 100644 --- a/source/app/static/assets/js/iris/case.tasks.js +++ b/source/app/static/assets/js/iris/case.tasks.js @@ -18,63 +18,89 @@ function edit_in_task_desc() { /* Fetch a modal that allows to add an event */ -function add_task() { - url = 'tasks/add/modal' + case_param(); - $('#modal_add_task_content').load(url, function (response, status, xhr) { - hide_minimized_modal_box(); - if (status !== "success") { - ajax_notify_error(xhr, url); - return false; - } - - g_task_desc_editor = get_new_ace_editor('task_description', 'task_desc_content', 'target_task_desc', - function() { - $('#last_saved').addClass('btn-danger').removeClass('btn-success'); - $('#last_saved > i').attr('class', "fa-solid fa-file-circle-exclamation"); - }, null); - g_task_desc_editor.setOption("minLines", "10"); - edit_in_task_desc(); - - headers = get_editor_headers('g_task_desc_editor', null, 'task_edition_btn'); - $('#task_edition_btn').append(headers); - - $('#submit_new_task').on("click", function () { - - clear_api_error(); - if(!$('form#form_new_task').valid()) { - return false; - } - - var data_sent = $('#form_new_task').serializeObject(); - data_sent['task_tags'] = $('#task_tags').val(); - data_sent['task_assignees_id'] = $('#task_assignees_id').val(); - data_sent['task_status_id'] = $('#task_status_id').val(); - data_sent['task_description'] = g_task_desc_editor.getValue(); - ret = get_custom_attributes_fields(); - has_error = ret[0].length > 0; - attributes = ret[1]; - - if (has_error){return false;} - - data_sent['custom_attributes'] = attributes; - - post_request_api('tasks/add', JSON.stringify(data_sent), true) - .done((data) => { - if(notify_auto_api(data)) { - get_tasks(); - $('#modal_add_task').modal('hide'); - } - }); +function edit_task(id) { + url = '/case/tasks/' + id + '/modal' + case_param(); + $('#modal_add_task_content').load(url, function (response, status, xhr) { + hide_minimized_modal_box(); + if (status !== "success") { + ajax_notify_error(xhr, url); + return false; + } + g_task_id = id; + + g_task_desc_editor = get_new_ace_editor('task_description', 'task_desc_content', 'target_task_desc', + function () { + $('#last_saved').addClass('btn-danger').removeClass('btn-success'); + $('#last_saved > i').attr('class', "fa-solid fa-file-circle-exclamation"); + }, null); + + g_task_desc_editor.setOption("minLines", "6"); + preview_task_description(true); + + headers = get_editor_headers('g_task_desc_editor', null, 'task_edition_btn'); + $('#task_edition_btn').append(headers); + + load_menu_mod_options_modal(id, 'task', $("#task_modal_quick_actions")); + $('#modal_add_task').modal({ show: true }); + edit_in_task_desc(); + + // Dummy data for action list + var dummyActions = [ + { id: 1, name: 'Review Task' }, + { id: 2, name: 'Approve Task' }, + { id: 3, name: 'Reject Task' } + ]; + + var actionsList = $('#actionsList'); + actionsList.empty(); // Clear existing items + dummyActions.forEach(function (action) { + actionsList.append( + $('', { + class: 'dropdown-item', + href: '#', + text: action.name, + click: function () { + displayActionResponse(id, action.id); return false; + } }) - $('#modal_add_task').modal({ show: true }); - $('#task_title').focus(); - + ); }); + }); +} +// Function to handle displaying the response of the selected action using dummy data +function displayActionResponse(taskId, actionId) { + // Dummy response data for each action + var dummyResponses = { + 1: [ + { id: 1, task: 'Task 1', action: 'Review Task', response: 'Reviewed successfully', executionTime: '5s' }, + { id: 2, task: 'Task 2', action: 'Review Task', response: 'Minor changes needed', executionTime: '7s' } + ], + 2: [ + { id: 3, task: 'Task 3', action: 'Approve Task', response: 'Approved successfully', executionTime: '3s' } + ], + 3: [ + { id: 4, task: 'Task 4', action: 'Reject Task', response: 'Rejected due to issues', executionTime: '6s' } + ] + }; + + var response = dummyResponses[actionId] || []; + var table = $('#taskResponse_table').DataTable({ + destroy: true, // Reinitialize the table each time + data: response, + columns: [ + { data: 'id', title: 'ID' }, + { data: 'task', title: 'Tasks' }, + { data: 'action', title: 'Action' }, + { data: 'response', title: 'Response' }, + { data: 'executionTime', title: 'Execution Time' } + ] + }); } + function save_task() { $('#submit_new_task').click(); } @@ -145,34 +171,66 @@ function delete_task(id) { } /* Edit and event from the timeline thanks to its ID */ -function edit_task(id) { - url = '/case/tasks/'+ id + '/modal' + case_param(); - $('#modal_add_task_content').load(url, function (response, status, xhr) { - hide_minimized_modal_box(); - if (status !== "success") { - ajax_notify_error(xhr, url); - return false; - } - - g_task_id = id; +// Example array of actions fetched from a source +const actionsArray = [ + { id: 1, name: 'Action 1' }, + { id: 2, name: 'Action 2' }, + { id: 3, name: 'Action 3' }, + { id: 4, name: 'Action 4' } +]; + +// Example response data for each action +const actionResponses = { + 1: { taskId: 1, actionId: 1, response: 'Action 1 executed successfully', executionTime: '2s' }, + 2: { taskId: 1, actionId: 2, response: 'Action 2 executed with warnings', executionTime: '3s' }, + 3: { taskId: 1, actionId: 3, response: 'Action 3 failed', executionTime: '1s' }, + 4: { taskId: 1, actionId: 4, response: 'Action 4 completed successfully', executionTime: '2.5s' } +}; + +// Function to generate dropdown items dynamically +function populateActionsDropdown() { + const actionsList = document.getElementById('actionsList'); + actionsList.innerHTML = ''; // Clear existing items + + actionsArray.forEach(action => { + const actionItem = document.createElement('a'); + actionItem.className = 'dropdown-item'; + actionItem.href = '#'; + actionItem.textContent = action.name; + actionItem.setAttribute('data-action-id', action.id); + + // Add click event to handle response + actionItem.addEventListener('click', (event) => { + event.preventDefault(); + handleActionClick(action.id); + }); + + actionsList.appendChild(actionItem); + }); +} - g_task_desc_editor = get_new_ace_editor('task_description', 'task_desc_content', 'target_task_desc', - function() { - $('#last_saved').addClass('btn-danger').removeClass('btn-success'); - $('#last_saved > i').attr('class', "fa-solid fa-file-circle-exclamation"); - }, null); +// Function to handle action click and populate the table +function handleActionClick(actionId) { + const response = actionResponses[actionId]; + + if (response) { + const tableBody = document.querySelector('#taskResponse_table tbody'); + const newRow = document.createElement('tr'); + newRow.innerHTML = ` + ${response.taskId} + Task ${response.taskId} + Action ${response.actionId} + ${response.response} + ${response.executionTime} + `; + tableBody.appendChild(newRow); + } +} - g_task_desc_editor.setOption("minLines", "6"); - preview_task_description(true); +// Populate dropdown on page load or whenever needed +document.addEventListener('DOMContentLoaded', populateActionsDropdown); - headers = get_editor_headers('g_task_desc_editor', null, 'task_edition_btn'); - $('#task_edition_btn').append(headers); - load_menu_mod_options_modal(id, 'task', $("#task_modal_quick_actions")); - $('#modal_add_task').modal({show:true}); - edit_in_task_desc(); - }); -} function preview_task_description(no_btn_update) { if(!$('#container_task_description').is(':visible')) { diff --git a/source/app/static/assets/js/iris/case.triggers.js b/source/app/static/assets/js/iris/case.triggers.js index 4da8b3371..e90c23b63 100644 --- a/source/app/static/assets/js/iris/case.triggers.js +++ b/source/app/static/assets/js/iris/case.triggers.js @@ -33,7 +33,7 @@ const dummyTriggers = [ // Function to load dummy trigger data into the table function get_triggers() { - $('#tasks_table_wrapper').empty(); + $('#trigger_table_wrapper').empty(); show_loader(); Table.clear(); // Clear existing rows diff --git a/source/app/views.py b/source/app/views.py index 232466076..916eb75e2 100644 --- a/source/app/views.py +++ b/source/app/views.py @@ -59,7 +59,6 @@ from app.blueprints.manage.manage_task_status_routes import manage_task_status_blueprint from app.blueprints.manage.manage_templates_routes import manage_templates_blueprint from app.blueprints.manage.manage_tlps_routes import manage_tlp_type_blueprint -from app.blueprints.manage.manage_webhooks_routes import manage_webhooks_blueprint from app.blueprints.manage.manage_case_templates_routes import manage_case_templates_blueprint from app.blueprints.manage.manage_users import manage_users_blueprint from app.blueprints.overview.overview_routes import overview_blueprint @@ -100,7 +99,6 @@ app.register_blueprint(manage_evidence_types_blueprint) app.register_blueprint(manage_assets_blueprint) app.register_blueprint(manage_tags_blueprint) -app.register_blueprint(manage_webhooks_blueprint) app.register_blueprint(saved_filters_blueprint) app.register_blueprint(ctx_blueprint) From 9f2335066f1b7e36d982938f7092152a47d2683a Mon Sep 17 00:00:00 2001 From: Maham Riaz Keyani Date: Mon, 18 Nov 2024 10:32:13 +0500 Subject: [PATCH 19/80] saved file --- source/app/static/assets/js/iris/case.tasks.js | 2 -- 1 file changed, 2 deletions(-) diff --git a/source/app/static/assets/js/iris/case.tasks.js b/source/app/static/assets/js/iris/case.tasks.js index 7c4c32464..97067bc0a 100644 --- a/source/app/static/assets/js/iris/case.tasks.js +++ b/source/app/static/assets/js/iris/case.tasks.js @@ -230,8 +230,6 @@ function handleActionClick(actionId) { // Populate dropdown on page load or whenever needed document.addEventListener('DOMContentLoaded', populateActionsDropdown); - - function preview_task_description(no_btn_update) { if(!$('#container_task_description').is(':visible')) { task_desc = g_task_desc_editor.getValue(); From becf156e8aca8bc453c0296e0f5d9ab5e0f1fcab Mon Sep 17 00:00:00 2001 From: Maham Riaz Keyani Date: Mon, 18 Nov 2024 10:44:11 +0500 Subject: [PATCH 20/80] id-5 and id-7 merged --- docker-compose.base.yml | 2 + docker-compose.dev.yml | 4 +- .../manage/manage_case_templates_routes.py | 18 +- .../manage/manage_webhooks_routes.py | 223 ++++++ .../manage/templates/manage_webhooks.html | 104 +++ .../manage/templates/modal_case_template.html | 284 +++++--- .../templates/modal_upload_case_template.html | 191 +++-- .../templates/modal_upload_webhook.html | 120 ++++ .../manage/templates/modal_webhook.html | 200 ++++++ .../manage/manage_case_templates_db.py | 46 +- .../app/datamgmt/manage/manage_webhooks_db.py | 307 +++++++++ source/app/forms.py | 3 + source/app/iris_engine/utils/tracker.py | 1 - source/app/models/authorization.py | 3 + source/app/models/models.py | 28 +- source/app/post_init.py | 1 - source/app/schema/marshables.py | 84 +++ .../assets/js/iris/manage.case.templates.js | 650 ++++++++++-------- .../static/assets/js/iris/manage.webhooks.js | 362 +++++++++- source/app/templates/includes/sidenav.html | 8 + source/app/views.py | 2 + source/requirements.txt | 1 + 22 files changed, 2163 insertions(+), 479 deletions(-) create mode 100644 source/app/blueprints/manage/manage_webhooks_routes.py create mode 100644 source/app/blueprints/manage/templates/manage_webhooks.html create mode 100644 source/app/blueprints/manage/templates/modal_upload_webhook.html create mode 100644 source/app/blueprints/manage/templates/modal_webhook.html create mode 100644 source/app/datamgmt/manage/manage_webhooks_db.py diff --git a/docker-compose.base.yml b/docker-compose.base.yml index 0305533ec..45bbe6212 100644 --- a/docker-compose.base.yml +++ b/docker-compose.base.yml @@ -38,6 +38,8 @@ services: - "0.0.0.0:5432:5432" volumes: - db_data:/var/lib/postgresql/data + ports: + - "0.0.0.0:5432:5432" app: container_name: iriswebapp_app diff --git a/docker-compose.dev.yml b/docker-compose.dev.yml index c79258788..fae79f4c5 100644 --- a/docker-compose.dev.yml +++ b/docker-compose.dev.yml @@ -16,7 +16,6 @@ # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. services: - rabbitmq: extends: file: docker-compose.base.yml @@ -65,7 +64,6 @@ services: NGINX_CONF_FILE: nginx.conf image: iriswebapp_nginx:v2.4.7 - volumes: iris-downloads: user_templates: @@ -76,4 +74,4 @@ networks: iris_backend: name: iris_backend iris_frontend: - name: iris_frontend \ No newline at end of file + name: iris_frontend diff --git a/source/app/blueprints/manage/manage_case_templates_routes.py b/source/app/blueprints/manage/manage_case_templates_routes.py index e11f69549..d189aec73 100644 --- a/source/app/blueprints/manage/manage_case_templates_routes.py +++ b/source/app/blueprints/manage/manage_case_templates_routes.py @@ -104,7 +104,9 @@ def case_template_modal(cur_id, caseid, url_redir): "tags": case_template.tags, "tasks": case_template.tasks, "note_directories": case_template.note_directories, - "classification": case_template.classification + "classification": case_template.classification, + "actions": case_template.actions, + "triggers": case_template.triggers } form.case_template_json.data = case_template_dict @@ -130,7 +132,13 @@ def add_template_modal(): { "title": "Task 1", "description": "Task 1 description", - "tags": ["tag1", "tag2"] + "tags": ["tag1", "tag2"], + "actions": [ + { + "webhook_id": "Webhook Id", + "display_name": "Action Name", + } + ], } ], "note_directories": [ @@ -143,6 +151,12 @@ def add_template_modal(): } ] } + ], + "triggers": [ + { + "webhook_id": "Webhook Id", + "display_name": "Trigger Name", + } ] } diff --git a/source/app/blueprints/manage/manage_webhooks_routes.py b/source/app/blueprints/manage/manage_webhooks_routes.py new file mode 100644 index 000000000..07d606d9b --- /dev/null +++ b/source/app/blueprints/manage/manage_webhooks_routes.py @@ -0,0 +1,223 @@ +# IMPORTS ------------------------------------------------ +import json +from flask import Blueprint +from flask import redirect +from flask import render_template +from flask import request +from flask import url_for +from flask_login import current_user +from marshmallow import ValidationError + +from app import db +from app.datamgmt.manage.manage_webhooks_db import get_webhooks_list +from app.datamgmt.manage.manage_webhooks_db import get_webhook_by_id +from app.datamgmt.manage.manage_webhooks_db import delete_webhook_by_id +from app.datamgmt.manage.manage_webhooks_db import validate_webhook +from app.forms import AddAssetForm, WebhookForm +from app.models import Webhook +from app.models.authorization import Permissions +from app.iris_engine.utils.tracker import track_activity +from app.schema.marshables import WebhookSchema +from app.util import ac_api_requires +from app.util import ac_requires_case_identifier +from app.util import ac_requires +from app.util import response_error +from app.util import response_success + +manage_webhooks_blueprint = Blueprint('manage_webhooks', + __name__, + template_folder='templates') + + +# CONTENT ------------------------------------------------ +@manage_webhooks_blueprint.route('/manage/webhooks', methods=['GET']) +@ac_requires(Permissions.webhooks_read) +def manage_webhooks(caseid, url_redir): + if url_redir: + return redirect(url_for('manage_webhooks.manage_webhooks', cid=caseid)) + + form = AddAssetForm() + + return render_template('manage_webhooks.html', form=form) + + +@manage_webhooks_blueprint.route('/manage/webhooks/list', methods=['GET']) +@ac_api_requires() +def list_webhooks(): + """Show a list of webhooks + + Returns: + Response: List of webhooks + """ + webhooks = get_webhooks_list() + + # Return the attributes + return response_success("", data=webhooks) + + +@manage_webhooks_blueprint.route('/manage/webhooks//modal', methods=['GET']) +@ac_requires(Permissions.webhooks_read) +def webhook_modal(cur_id, caseid, url_redir): + """Get an webhook + + Args: + cur_id (int): webhook id + + Returns: + HTML Template: webhook modal + """ + if url_redir: + return redirect(url_for('manage_webhooks.manage_webhooks', cid=caseid)) + + form = WebhookForm() + + webhook = get_webhook_by_id(cur_id) + if not webhook: + return response_error(f"Invalid webhook ID {cur_id}") + + # Temporary : for now we build the full JSON form object based on case templates attributes + # Next step : add more fields to the form + webhook_dict = { + "name": webhook.name, + "header_auth": webhook.header_auth, + "payload_schema": webhook.payload_schema, + "url": webhook.url + } + + form.webhook_json.data = webhook_dict + + return render_template("modal_webhook.html", form=form, webhook=webhook) + + +@manage_webhooks_blueprint.route('/manage/webhooks/add/modal', methods=['GET']) +@ac_api_requires(Permissions.webhooks_write) +def add_template_modal(): + webhook = Webhook() + form = WebhookForm() + form.webhook_json.data = { + "name": "webhook name", + "header_auth": [ + { + "key": "Value 1" + } + ], + "payload_schema": json.loads('''[ + { + "type": "object", + "properties": [ + { + "property": "property name", + "type": "string" + } + ] + } + ]'''), + "url": "webhook URL", + } + + return render_template("modal_webhook.html", form=form, webhook=webhook) + + + +@manage_webhooks_blueprint.route('/manage/webhooks/upload/modal', methods=['GET']) +@ac_api_requires(Permissions.webhooks_write) +def upload_template_modal(): + return render_template("modal_upload_webhook.html") + + +@manage_webhooks_blueprint.route('/manage/webhooks/add', methods=['POST']) +@ac_api_requires(Permissions.webhooks_write) +@ac_requires_case_identifier() +def add_webhook(caseid): + data = request.get_json() + if not data: + return response_error("Invalid request") + + webhook_json = data.get('webhook_json') + if not webhook_json: + return response_error("Invalid request") + + try: + webhook_dict = json.loads(webhook_json) + except Exception as e: + return response_error("Invalid JSON", data=str(e)) + + try: + logs = validate_webhook(webhook_dict, update=False) + if logs is not None: + return response_error("Found errors in webhooks", data=logs) + except Exception as e: + return response_error("Found errors in webhooks", data=str(e)) + + try: + webhook_dict["created_by_user_id"] = current_user.id + webhook_data = WebhookSchema().load(webhook_dict) + webhook = Webhook(**webhook_data) + db.session.add(webhook) + db.session.commit() + except Exception as e: + return response_error("Could not add webhook into DB", data=str(e)) + + track_activity(f"webhook '{webhook.name}' added", caseid=caseid, ctx_less=True) + + return response_success("Added successfully", data=WebhookSchema().dump(webhook)) + + +@manage_webhooks_blueprint.route('/manage/webhooks/update/', methods=['POST']) +@ac_api_requires(Permissions.webhooks_write) +def update_webhook(cur_id): + if not request.is_json: + return response_error("Invalid request") + + webhook = get_webhook_by_id(cur_id) + if not webhook: + return response_error(f"Invalid webhook ID {cur_id}") + + data = request.get_json() + updated_webhook_json = data.get('webhook_json') + if not updated_webhook_json: + return response_error("Invalid request") + + try: + updated_webhook_dict = json.loads(updated_webhook_json) + except Exception as e: + return response_error("Invalid JSON", data=str(e)) + + try: + logs = validate_webhook(updated_webhook_dict, update=True) + if logs is not None: + return response_error("Found errors in webhook", data=logs) + except Exception as e: + return response_error("Found errors in webhook", data=str(e)) + + webhook_schema = WebhookSchema() + + try: + # validate the request data and load it into an instance of the `Webhook` object + webhook_data = webhook_schema.load(updated_webhook_dict, partial=True) + # update the existing `webhook` object with the new data + webhook.update_from_dict(webhook_data) + # commit the changes to the database + db.session.commit() + except ValidationError as error: + return response_error("Could not validate webhook", data=str(error)) + + return response_success("webhook updated") + + +@manage_webhooks_blueprint.route('/manage/webhooks/delete/', methods=['POST']) +@ac_api_requires(Permissions.webhooks_write) +@ac_requires_case_identifier() +def delete_webhook(webhook_id, caseid): + webhook = get_webhook_by_id(webhook_id) + if webhook is None: + return response_error('webhook not found') + + webhook_name = webhook.name + + delete_webhook_by_id(webhook_id) + db.session.commit() + + track_activity(f"webhook '{webhook_name}' deleted", caseid=caseid, ctx_less=True) + return response_success("Deleted successfully") + diff --git a/source/app/blueprints/manage/templates/manage_webhooks.html b/source/app/blueprints/manage/templates/manage_webhooks.html new file mode 100644 index 000000000..a01943235 --- /dev/null +++ b/source/app/blueprints/manage/templates/manage_webhooks.html @@ -0,0 +1,104 @@ +{% extends "layouts/default.html" %} {% block title %} Manage Webhooks {% +endblock title %} {% block stylesheets %} {% endblock stylesheets %} {% block +content %} {% if current_user.is_authenticated %} {{ form.hidden_tag() }} +
    +
    +
    +
    +
    +
    +
    +
    Webhooks
    +
    +
    + + + +
    +
    +
    +
    +
    +
    + +
    + + + + + + + + + + + + + + + + + + + +
    #IDNameHeader AuthPayload SchemaURL
    #IDNameHeader AuthPayload SchemaURL
    +
    +
    +
    +
    +
    +
    + + +{% endif %} {% endblock content %} {% block javascripts %} + + + +{% endblock javascripts %} diff --git a/source/app/blueprints/manage/templates/modal_case_template.html b/source/app/blueprints/manage/templates/modal_case_template.html index 78e0d54b6..e79c74562 100644 --- a/source/app/blueprints/manage/templates/modal_case_template.html +++ b/source/app/blueprints/manage/templates/modal_case_template.html @@ -1,101 +1,163 @@ {% block content %}
    - {% if case_template.id %} -

    Edit case template {{ case_template.display_name }}

    - {% else %} -

    Add case template

    - {% endif %} - + {% if case_template.id %} +

    Edit case template {{ case_template.display_name }}

    + {% else %} +

    Add case template

    + {% endif %} +
    +
    +
    +
    +
    +
    + {% if case_template.id %} +

    {{ case_template.display_name }} template

    + {% else %} +

    New template

    + {% endif %} +

    + Case templates allow to prefill case objects such as tasks, tags, + and notes.
    + It can be used to add procedures defining how to react against a + specific kind of incident (phishing, ransomware, APT...) +

    + -
    - -
    -
    -
    - {% if case_template.id %} -

    {{ case_template.display_name }} template

    - {% else %} -

    New template

    - {% endif %} -

    Case templates allow to prefill case objects such as tasks, tags, and notes.
    - It can be used to add procedures defining how to react against a specific kind of incident (phishing, ransomware, APT...)

    - - -
    - -
    -
    -

    Field types

    - The supported fields types are: -
      -
    • name: The name of the case template (required).
      • -
    • display_name: The displayed name of the case template.
      • -
    • description: The description of the case template.
      • -
    • author: The author of the case template (not related to the current user).
      • -
    • classification: The classification of the case template. Should be a lowercase name matching an existing classification in IRIS.
      • -
    • title_prefix: A prefix to add to case title.
      • -
    • summary: content to prefill the summary.
      • -
    • tags: A list of case tags.
      • -
    • tasks: A list of dictionaries defining tasks. Tasks are defined by title (required), description, and list of tags.
      • -
    • note_directories: A list of dictionaries defining note directories. Note directories are defined by title (required), and list of notes. Notes have title (required) and content
      • -
    • actions: A list of dictionaries defining actions that can be triggered from case pages. Each action is defined by a name (required), url, header and a payload.
      • -
    • triggers: A list of dictionaries defining triggers that are executed on case creation. Each trigger is defined by a name (required), order, url, header, and a payload.
      • -
    -
    -
    -
    -
    - -
    -
    - A case template is defined as below. - 
    +            
    
+              
+              
    
+                
    
+                  
    Field types
    
+                  The supported fields types are:
+                  
      
+                    
    • name: The name of the case template (required).
      • 
+                    
    • 
+                      display_name: The displayed name of the case template.
+                    
      • 
+                    
    • description: The description of the case template.
      • 
+                    
    • 
+                      author: The author of the case template (not related to
+                      the current user).
+                    
      • 
+                    
    • 
+                      classification: The classification of the case template.
+                      Should be a lowercase name matching an existing
+                      classification in IRIS.
+                    
      • 
+                    
    • title_prefix: A prefix to add to case title.
      • 
+                    
    • summary: content to prefill the summary.
      • 
+                    
    • tags: A list of case tags.
      • 
+                    
    • 
+                      tasks: A list of dictionaries defining tasks. Tasks are
+                      defined by title (required), description, and list of
+                      tags.
+                    
      • 
+                    
    • 
+                      note_directories: A list of dictionaries defining note
+                      directories. Note directories are defined by title
+                      (required), and list of notes. Notes have title (required)
+                      and content
+                    
      • 
+                  
    
+                
    
+              
    
+            
    
+            
    
+              
+              
    
+                
    
+                  A case template is defined as below.
+                  
     
 {
     "name": "ransomware_infection",
     "display_name": "Ransomware Infection Template",
     "description": "This case template describes first-response tasks to handle information system compromised by a ransomware.",
     "author": "DFIR-IRIS",
-    "classification": "malicious-code:ransomware",
-    "title_prefix": "[RANS]",
-    "summary": "# Context \n\n\n# Contact \n\n\n# Actions \n\n\n",
+    "title_prefix": "RANS",
+    "summary": "# Context \n\n\n # Contact \n\n\n # Actions \n\n\n",
     "tags": ["ransomware","malware"],
     "tasks": [
         {
             "title": "Identify the perimeter",
             "description": "The perimeter of compromise must be identified",
-            "tags": ["identify"]
+            "tags": ["identify"],
+            "actions": [
+                {
+                    "webhook_id": "Webhook Id",
+                    "display_name": "Action Name",
+                }
+            ],
         },
         {
             "title": "Collect compromised hosts",
             "description": "Deploy Velociraptor and start collecting evidence",
-            "tags": ["collect", "velociraptor"]
+            "tags": ["collect", "velociraptor"],
+            "actions": [
+                {
+                    "webhook_id": "Webhook Id",
+                    "display_name": "Action Name",
+                }
+            ],
         },
         {
-            "title": "Containment"
+            "title": "Contain"
         }
     ],
     "note_directories": [
@@ -111,14 +173,20 @@ 
    Field types
    
         {
             "title": "Collect",
             "notes": [
-                        {
-                            "title": "Velociraptor deployment"
-                        },
-                        {
-                            "title": "Assets collected",
-                            "content": "# Assets collected\n\n# Assets not collected"
-                        }
-                    ]
+                {
+                    "title": "Velociraptor deployment"
+                },
+                {
+                    "title": "Assets collected",
+                    "content": "# Assets collected\n\n# Assets not collected"
+                }
+            ]
+        },
+    ],
+    "triggers": [
+        {
+            "webhook_id": "Webhook Id",
+            "display_name": "Trigger Name",
         }
     ],
 }
@@ -143,7 +211,7 @@ 
    Field types
    
                                             
                                         
    
                                         
+                                            cellspacing="0" id="case_webhooks_table">
                                             
@@ -205,33 +273,33 @@ 
    
-    {% if case_template.id %}
-    
-    
+  {% if case_template.id %}
+  
+  
 
-    {% else %}
+  {% else %}
 
-    
+  
 
-    {% endif %}
+  {% endif %}
 
    
 {% endblock content %}
 
diff --git a/source/app/blueprints/manage/templates/modal_upload_case_template.html b/source/app/blueprints/manage/templates/modal_upload_case_template.html
index 7b5e9cd1b..3012c3bd8 100644
--- a/source/app/blueprints/manage/templates/modal_upload_case_template.html
+++ b/source/app/blueprints/manage/templates/modal_upload_case_template.html
@@ -1,37 +1,52 @@
 
    
-    
    Upload case template
    
-    
+  
    Upload case template
    
+  
 
    
+  
    
+    
+      
    
+        
    
+          
    
+            
    
+              Case templates allow to prefill case objects such as tasks, tags,
+              and notes.
    
+              It could be used to add procedures defining how to react against a
+              specific kind of incident (phishing, ransomware, APT...)
+            
    
+            
+            
+            
    
+              
 
-    
    
-        
-
-          
    
-            
    
-                
    
-                        
    Case templates allow to prefill case objects such as tasks, tags, and notes.
    
-                            It could be used to add procedures defining how to react against a specific kind of incident (phishing, ransomware, APT...)
    
-                        
-                        
-                        
    
-                            
-
-                            
    
-                                
    
-                                    A case template is defined as below.
-                                    
    +              
    
+                
    
+                  A case template is defined as below.
+                  
     
 {
     "name": "ransomware_infection",
@@ -45,12 +60,24 @@ 
    Upload case template
    
         {
             "title": "Identify the perimeter",
             "description": "The perimeter of compromise must be identified",
-            "tags": ["identify"]
+            "tags": ["identify"],
+            "actions": [
+                {
+                    "webhook_id": "Webhook Id",
+                    "display_name": "Action Name",
+                }
+            ],
         },
         {
             "title": "Collect compromised hosts",
             "description": "Deploy Velociraptor and start collecting evidence",
-            "tags": ["collect", "velociraptor"]
+            "tags": ["collect", "velociraptor"],
+            "actions": [
+                {
+                    "webhook_id": "Webhook Id",
+                    "display_name": "Action Name",
+                }
+            ],
         },
         {
             "title": "Contain"
@@ -77,45 +104,79 @@ 
    Upload case template
    
                     "content": "# Assets collected\n\n# Assets not collected"
                 }
             ]
+        },
+    ],
+    "triggers": [
+        {
+            "webhook_id": "Webhook Id",
+            "display_name": "Trigger Name",
         }
     ]
 }
-                                
    
+                                
    
 
-                                
    Field types
    
-                                The supported fields types are:
-                                
      
-                                    
    • name: The name of the case template (required).
      • 
-                                    
    • display_name: The displayed name of the case template.
      • 
-                                    
    • description: The description of the case template.
      • 
-                                    
    • author: The author of the case template (not related to the current user).
      • 
-                                    
    • title_prefix: A prefix to add to case title.
      • 
-                                    
    • summary: content to prefill the summary.
      • 
-                                    
    • tags: A list of case tags.
      • 
-                                    
    • tasks: A list of dictionaries defining tasks. Tasks are defined by title (required), description, and list of tags.
      • 
-                                    
    • note_groups: A list of dictionaries defining note groups. Note groups are defined by title (required), and list of notes. Notes have title (required) and content
      • 
-                                
    
-                            
    
-                        
    
-                     
    
-                
    
-                
    
-                      
-                      
+                  
    Field types
    
+                  The supported fields types are:
+                  
      
+                    
    • name: The name of the case template (required).
      • 
+                    
    • 
+                      display_name: The displayed name of the case template.
+                    
      • 
+                    
    • description: The description of the case template.
      • 
+                    
    • 
+                      author: The author of the case template (not related to
+                      the current user).
+                    
      • 
+                    
    • title_prefix: A prefix to add to case title.
      • 
+                    
    • summary: content to prefill the summary.
      • 
+                    
    • tags: A list of case tags.
      • 
+                    
    • 
+                      tasks: A list of dictionaries defining tasks. Tasks are
+                      defined by title (required), description, and list of
+                      tags.
+                    
      • 
+                    
    • 
+                      note_groups: A list of dictionaries defining note groups.
+                      Note groups are defined by title (required), and list of
+                      notes. Notes have title (required) and content
+                    
      • 
+                  
    
                 
    
+              
    
             
    
-            
    
-          
    
-        
-    
    
-    
+          
    
+          
    
+            
+            
+          
    
+        
    
+        
    
+      
    
+      
+    
+  
    
+  
 
    
-    
+  
 
    
-
diff --git a/source/app/blueprints/manage/templates/modal_upload_webhook.html b/source/app/blueprints/manage/templates/modal_upload_webhook.html
new file mode 100644
index 000000000..08c551e30
--- /dev/null
+++ b/source/app/blueprints/manage/templates/modal_upload_webhook.html
@@ -0,0 +1,120 @@
+
    
+  
    Upload webhook
    
+  
+
    
+
    
+  
    
+    
    
+      
    
+        
    
+          
    
+            
    
+              Webhooks allow to prefill webhook objects such as Header Auth,
+              Payload Schema, and URLs.
    
+              It can be the webhook used to add procedures defining how to react
+              against a specific kind of incident (phishing, ransomware, APT...)
+            
    
+            
+            
+            
    
+              
+
+              
    
+                
    
+                  An webhook is defined as below.
+                  
    +
+                                        {
+                                            "name": "webhook 1",
+                                            "header_auth": [
+                                            {
+                                                "key": "auth 1"
+                                            },
+                                            {
+                                                "key": "auth 2"
+                                            }
+                                            ],
+                                            "payload_schema": [
+                                            {
+                                                "type": "object",
+                                                "properties": [
+                                                    {
+                                                        "property": "property name",
+                                                        "type": "type of data"
+                                                    }
+                                                ]
+                                            }
+                                        ],
+                                            "url": "www.some-webhook1.com",
+                                        }
+                                
    
+
+                  
    Field types
    
+                  The supported fields types are:
+                  
      
+                    
    • name: The name of the webhook (required).
      • 
+                    
    • 
+                      header_auth: The Header Authetication for the webhook.
+                    
      • 
+                    
    • payload_schema: The payload of the webhook.
      • 
+                    
    • url: The url of the webhook.
      • 
+                  
    
+                
    
+              
    
+            
    
+          
    
+          
    
+            
+            
+          
    
+        
    
+        
    
+      
    
+      
+    
+  
    
+  
+
    
+
    
+  
+
    
diff --git a/source/app/blueprints/manage/templates/modal_webhook.html b/source/app/blueprints/manage/templates/modal_webhook.html
new file mode 100644
index 000000000..ecc813099
--- /dev/null
+++ b/source/app/blueprints/manage/templates/modal_webhook.html
@@ -0,0 +1,200 @@
+
    
+  {% if webhook.id %}
+  
    Edit webhook {{ webhook.name }}
    
+  {% else %}
+  
    Add webhook
    
+  {% endif %}
+  
+
    
+
    
+  
    
+    
    
+      
    
+        
    
+          
    
+            {% if webhook.id %}
+            
    {{ webhook.name }} template
    
+            {% else %}
+            
    New template
    
+            {% endif %}
+            
    
+              Webhooks allow to prefill webhook objects such as Header Auth,
+              Payload Schema, and URLs.
    
+              It can be the webhook used to add procedures defining how to react
+              against a specific kind of incident (phishing, ransomware, APT...)
+            
    
+            
+
+            
    
+              
+              
    
+                
    
+                  
    Field types
    
+                  The supported fields types are:
+                  
      
+                    
    • name: The name of the webhook (required).
      • 
+                    
    • 
+                      header_auth: The Header Authetication for the webhook.
+                    
      • 
+                    
    • payload_schema: The payload of the webhook.
      • 
+                    
    • url: The url of the webhook.
      • 
+                  
    
+                
    
+              
    
+            
    
+            
    
+              
+              
    
+                
    
+                  An webhook is defined as below.
+                  
    +
+{
+    "name": "webhook 1",
+    "header_auth": [
+        {
+            "key": "auth 1"
+        },
+        {
+            "key": "auth 2"
+        }
+    ],
+    "payload_schema": [
+        {
+            "type": "object",
+            "properties": [
+                {
+                    "property": "property name",
+                    "type": "string"
+                }
+            ]
+        }
+    ],
+    "url": "www.some-webhook1.com",
+}
+                                    
    
+                  
    
+                    For validation, use this link:
+                    JSON Schema
+                  
    
+                
    
+              
    
+            
    
+          
    
+        
    
+        
    
+          {{ form.hidden_tag() }}
+          
    
+            
    
+              
+            
    
+            
    
+              {{ form.webhook_json.data|tojsonsafe }}
+            
    
+          
    
+        
    
+      
    
+    
+  
    
+  
+
    
+
    
+  {% if webhook.id %}
+  
+  
+
+  {% else %}
+
+  
+
+  {% endif %}
+
    
diff --git a/source/app/datamgmt/manage/manage_case_templates_db.py b/source/app/datamgmt/manage/manage_case_templates_db.py
index b83cb6067..cc30f5891 100644
--- a/source/app/datamgmt/manage/manage_case_templates_db.py
+++ b/source/app/datamgmt/manage/manage_case_templates_db.py
@@ -23,9 +23,10 @@
 from app.datamgmt.case.case_tasks_db import add_task
 from app.datamgmt.manage.manage_case_classifications_db import get_case_classification_by_name
 from app.iris_engine.module_handler.module_handler import call_modules_hook
-from app.models import CaseTemplate, Cases, Tags, NoteDirectory
+from app.models import CaseTemplate, Cases, Tags, NoteDirectory, Webhook
 from app.models.authorization import User
 from app.schema.marshables import CaseSchema, CaseTaskSchema, CaseNoteDirectorySchema, CaseNoteSchema
+from app.datamgmt.manage.manage_webhooks_db import get_webhook_by_id
 
 
 def get_case_templates_list() -> List[dict]:
@@ -123,6 +124,40 @@ def validate_case_template(data: dict, update: bool = False) -> Optional[str]:
                     for tag in task["tags"]:
                         if not isinstance(tag, str):
                             return "Each tag must be a string."
+                        
+                        # Check actions within the task
+                if "actions" in task:
+                    if not isinstance(task["actions"], list):
+                        return "Actions must be a list."
+                    for action in task["actions"]:
+                        if not isinstance(action, dict):
+                            return "Each action must be a dictionary."
+                        if "webhook_id" not in action:
+                            return "Each action must have a 'webhook_id' field."
+                        if "display_name" not in action:
+                            return "Each action must have a 'display_name' field."
+                
+                        # Check if webhook_id matches an existing Webhook.id
+                        webhook = get_webhook_by_id(action["webhook_id"])
+                        if not webhook:
+                            return f"Webhook with id {action['webhook_id']} does not exist."
+                
+        # We check that action, if any, are a list of dictionaries with mandatory keys
+        if "triggers" in data:
+            if not isinstance(data["triggers"], list):
+                return "Trigger must be a list."
+            for trigger in data["triggers"]:
+                if not isinstance(trigger, dict):
+                    return "Each trigger must be a dictionary."
+                if "webhook_id" not in trigger:
+                    return "Each trigger must have a 'webhook_id' field."
+                if "display_name" not in trigger:
+                    return "Each trigger must have a 'display_name' field."
+                # Check if webhook_id matches an existing Webhook.id
+                webhook = get_webhook_by_id(trigger["webhook_id"])
+                if not webhook:
+                    return f"Webhook with id {trigger['webhook_id']} does not exist."
+                
 
         # We check that note groups, if any, are a list of dictionaries with mandatory keys
         if "note_groups" in data:
@@ -164,7 +199,6 @@ def case_template_pre_modifier(case_schema: CaseSchema, case_template_id: str):
 
     return case_schema
 
-
 def case_template_populate_tasks(case: Cases, case_template: CaseTemplate):
     logs = []
     # Update case tasks
@@ -179,7 +213,13 @@ def case_template_populate_tasks(case: Cases, case_template: CaseTemplate):
                 "task_title": task_template['title'],
                 "task_description": task_template['description'] if task_template.get('description') else "",
                 "task_tags": ",".join(tag for tag in task_template["tags"]) if task_template.get('tags') else "",
-                "task_status_id": 1
+                "task_status_id": 1,
+                "task_actions": [
+                    {
+                        "webhook_id": action["webhook_id"],
+                        "display_name": action["display_name"]
+                    } for action in task_template.get("actions", [])
+                ]
             }
 
             mapped_task_template = call_modules_hook('on_preload_task_create', data=mapped_task_template, caseid=case.case_id)
diff --git a/source/app/datamgmt/manage/manage_webhooks_db.py b/source/app/datamgmt/manage/manage_webhooks_db.py
new file mode 100644
index 000000000..1affbe9a9
--- /dev/null
+++ b/source/app/datamgmt/manage/manage_webhooks_db.py
@@ -0,0 +1,307 @@
+#  IRIS Source Code
+#  contact@dfir-iris.org
+#
+#  This program is free software; you can redistribute it and/or
+#  modify it under the terms of the GNU Lesser General Public
+#  License as published by the Free Software Foundation; either
+#  version 3 of the License, or (at your option) any later version.
+#
+#  This program is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+#  Lesser General Public License for more details.
+#
+#  You should have received a copy of the GNU Lesser General Public License
+#  along with this program; if not, write to the Free Software Foundation,
+#  Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+import marshmallow
+from datetime import datetime
+from typing import List, Optional, Union
+
+from app import db
+from app.datamgmt.case.case_notes_db import add_note
+from app.datamgmt.case.case_tasks_db import add_task
+from app.datamgmt.manage.manage_case_classifications_db import get_case_classification_by_name
+from app.iris_engine.module_handler.module_handler import call_modules_hook
+from app.models import CaseTemplate, Webhook, Cases, Tags, NoteDirectory
+from app.models.authorization import User
+from app.schema.marshables import CaseSchema, CaseTaskSchema, CaseNoteDirectorySchema, CaseNoteSchema
+
+
+def get_webhooks_list() -> List[dict]:
+    """Get a list of webhooks
+
+    Returns:
+        List[dict]: List of webhooks
+    """
+    webhooks = Webhook.query.with_entities(
+        Webhook.id,
+        Webhook.name,
+        Webhook.header_auth,
+        Webhook.payload_schema,
+        Webhook.url,
+        Webhook.created_at,
+        Webhook.updated_at,
+        User.name.label('added_by')
+    ).join(
+        Webhook.created_by_user
+    ).all()
+
+    c_cl = [row._asdict() for row in webhooks]
+    return c_cl
+
+
+def get_webhook_by_id(cur_id: int) -> Webhook:
+    """Get a webhook
+
+    Args:
+        cur_id (int): webhook id
+
+    Returns:
+        Webhook: Webhook
+    """
+    webhook = Webhook.query.filter_by(id=cur_id).first()
+    return webhook
+
+
+def delete_webhook_by_id(webhook_id: int):
+    """Delete a webhook
+
+    Args:
+        webhook_id (int): webhook id
+    """
+    Webhook.query.filter_by(id=webhook_id).delete()
+
+
+def validate_webhook(data: dict, update: bool = False) -> Optional[str]:
+    valid_types = {"string", "number", "integer", "object", "array", "boolean", "null"}
+    try:
+        if not update:
+            # If it's not an update, we check the required fields
+            if "name" not in data:
+                return "Name is required."
+
+            # if "display_name" not in data or not data["display_name"].strip():
+            #     data["display_name"] = data["name"]
+        # We check that name is not empty
+        if "name" in data and not data["name"].strip():
+            return "Name cannot be empty."
+
+        # # We check that author length is not above 128 chars
+        # if "author" in data and len(data["author"]) > 128:
+        #     return "Author cannot be longer than 128 characters."
+
+        # # We check that author length is not above 128 chars
+        # if "author" in data and len(data["author"]) > 128:
+        #     return "Author cannot be longer than 128 characters."
+
+        # # We check that prefix length is not above 32 chars
+        # if "title_prefix" in data and len(data["title_prefix"]) > 32:
+        #     return "Prefix cannot be longer than 32 characters."
+
+        # # We check that tags, if any, are a list of strings
+        # if "tags" in data:
+        #     if not isinstance(data["tags"], list):
+        #         return "Tags must be a list."
+        #     for tag in data["tags"]:
+        #         if not isinstance(tag, str):
+        #             return "Each tag must be a string."
+
+        
+
+        # We check that tasks, if any, are a list of dictionaries with mandatory keys
+        if "header_auth" in data:
+            if not isinstance(data["header_auth"], list):
+                return "Header Auth must be a list."
+            for auth in data["header_auth"]:
+                if not isinstance(auth, dict):
+                    return "Each header auth must be a dictionary."
+                if "key" not in auth:
+                    return "Each auth must have a 'key' field."
+                # if "tags" in task:
+                #     if not isinstance(task["tags"], list):
+                #         return "Task tags must be a list."
+                #     for tag in task["tags"]:
+                #         if not isinstance(tag, str):
+                #             return "Each tag must be a string."
+
+        # We check that note groups, if any, are a list of dictionaries with mandatory keys
+        if "note_groups" in data:
+            return "Note groups has been replaced by note_directories."
+
+        if "payload_schema" in data:
+            if not isinstance(data["payload_schema"], list):
+                return "Payload Schema must be a list."
+            for payload in data["payload_schema"]:
+                if not isinstance(payload, dict):
+                    return "Each payload schema must be a dictionary."
+                if "type" not in payload:
+                    return "Each payload directory must have a 'type' field."
+                if "properties" in payload:
+                    if not isinstance(payload["properties"], list):
+                        return "Properties must be a list."
+                    for property in payload["properties"]:
+                        if not isinstance(property, dict):
+                            return "Each property must be a dictionary."
+                        if "type" not in property:
+                            return "Each property must have a 'type' field."
+                        if property["type"] not in valid_types:
+                            return f"Invalid type '{property['type']}'. Valid types are: {', '.join(valid_types)}."
+
+        # If all checks succeeded, we return None to indicate everything is has been validated
+        return None
+    except Exception as e:
+        return str(e)
+
+
+def webhook_pre_modifier(case_schema: CaseSchema, case_template_id: str):
+    webhook = get_webhook_by_id(int(case_template_id))
+    if not webhook:
+        return None
+    if webhook.title_prefix:
+        case_schema.name = webhook.title_prefix + " " + case_schema.name[0]
+
+    case_classification = get_case_classification_by_name(webhook.classification)
+    if case_classification:
+        case_schema.classification_id = case_classification.id
+
+    return case_schema
+
+
+def webhook_populate_header_auth(case: Cases, webhook: Webhook):
+    logs = []
+    # Update webhooks
+    for header_auth_hook in webhook.header_auth:
+        try:
+            # validate before saving
+            auth_schema = CaseTaskSchema()
+
+            # Remap case task template fields
+            # Set status to "To Do" which is ID 1
+            mapped_header_auth_hook = {
+                "header_auth_key": header_auth_hook['key'],
+                "task_status_id": 1
+            }
+
+            mapped_header_auth_hook = call_modules_hook('on_preload_task_create', data=mapped_header_auth_hook, caseid=case.case_id)
+
+            task = auth_schema.load(mapped_header_auth_hook)
+
+            assignee_id_list = []
+
+            ctask = add_task(task=task,
+                             assignee_id_list=assignee_id_list,
+                             user_id=case.user_id,
+                             caseid=case.case_id
+                             )
+
+            ctask = call_modules_hook('on_postload_task_create', data=ctask, caseid=case.case_id)
+
+            if not ctask:
+                logs.append("Unable to create auth for internal reasons")
+
+        except marshmallow.exceptions.ValidationError as e:
+            logs.append(e.messages)
+
+    return logs
+
+
+def webhook_populate_properties(case: Cases, payload_schema_hook: dict, ng: NoteDirectory):
+    logs = []
+    if payload_schema_hook.get("properties"):
+        for property_schema in payload_schema_hook["properties"]:
+            # validate before saving
+            property_sch = CaseNoteSchema()
+
+            mapped_property_schema = {
+                "directory_id": ng.id,
+                "property_property": property_schema["property"],
+                "property_type": property_schema["type"] if property_schema.get("type") else ""
+            }
+
+            mapped_property_schema = call_modules_hook('on_preload_note_create',
+                                                     data=mapped_property_schema,
+                                                     caseid=case.case_id)
+
+            property_sch.verify_directory_id(mapped_property_schema, caseid=ng.case_id)
+            note = property_sch.load(mapped_property_schema)
+
+            note.note_creationdate = datetime.utcnow()
+            note.note_lastupdate = datetime.utcnow()
+            note.note_user = case.user_id
+            note.note_case_id = case.case_id
+
+            db.session.add(note)
+
+            note = call_modules_hook('on_postload_note_create', data=note, caseid=case.case_id)
+
+            if not note:
+                logs.append("Unable to add property for internal reasons")
+                break
+    return logs
+
+
+def webhook_populate_payload_schema(case: Cases, webhook: Webhook):
+    logs = []
+    # Update webhook tasks
+    if webhook.payload_schema:
+        webhook.payload_schema = webhook.payload_schema
+
+    for payload_schema_hook in webhook.payload_schema:
+        try:
+            # validate before saving
+            payload_schema_hook = CaseNoteDirectorySchema()
+
+            # Remap case task template fields
+            # Set status to "To Do" which is ID 1
+            mapped_payload_schema_hook = {
+                "name": payload_schema_hook['title'],
+                "parent_id": None,
+                "case_id": case.case_id
+            }
+
+            payload_schema = payload_schema_hook.load(mapped_payload_schema_hook)
+            db.session.add(payload_schema)
+            db.session.commit()
+
+            if not payload_schema:
+                logs.append("Unable to add payload schema for internal reasons")
+                break
+
+            logs = webhook_populate_properties(case, payload_schema_hook, payload_schema)
+
+        except marshmallow.exceptions.ValidationError as e:
+            logs.append(e.messages)
+
+    return logs
+
+
+def webhook_post_modifier(case: Cases, webhook_id: Union[str, int]):
+    webhook = get_webhook_by_id(int(webhook_id))
+    logs = []
+    if not webhook:
+        logs.append(f"Webhook {webhook_id} not found")
+        return None, logs
+
+    # Update summary, we want to append in order not to skip the initial case description
+    case.description += "\n" + webhook.summary
+
+    # Update case tags
+    for tag_str in webhook.tags:
+        tag = Tags(tag_title=tag_str)
+        tag = tag.save()
+        case.tags.append(tag)
+
+    # Update case tasks
+    logs = webhook_populate_header_auth(case, webhook)
+    if logs:
+        return case, logs
+
+    # Update case note groups
+    logs = webhook_populate_payload_schema(case, webhook)
+    if logs:
+        return case, logs
+
+    db.session.commit()
+
+    return case, logs
diff --git a/source/app/forms.py b/source/app/forms.py
index 9e334cd6f..6a4014b1e 100644
--- a/source/app/forms.py
+++ b/source/app/forms.py
@@ -111,6 +111,9 @@ class AddReportTemplateForm(FlaskForm):
 class CaseTemplateForm(FlaskForm):
     case_template_json = TextAreaField(u'Case Template JSON', validators=[DataRequired()])
 
+class WebhookForm(FlaskForm):
+    webhook_json = TextAreaField(u'Webhook JSON', validators=[DataRequired()])
+    
 
 class AddUserForm(FlaskForm):
     user_login = StringField(u'Name', validators=[DataRequired()])
diff --git a/source/app/iris_engine/utils/tracker.py b/source/app/iris_engine/utils/tracker.py
index 8ec9b2b7a..eb0078af6 100644
--- a/source/app/iris_engine/utils/tracker.py
+++ b/source/app/iris_engine/utils/tracker.py
@@ -53,7 +53,6 @@ def track_activity(message, caseid=None, ctx_less=False, user_input=False, displ
     ua.activity_desc = message.capitalize()
 
     # if current_user.is_authenticated:
-    #     pass
     #     log.info(f"{current_user.user} [#{current_user.id}] :: Case {caseid} :: {ua.activity_desc}")
     # else:
     #     log.info(f"Anonymous :: Case {caseid} :: {ua.activity_desc}")
diff --git a/source/app/models/authorization.py b/source/app/models/authorization.py
index fae24cbd7..50aeb68a6 100644
--- a/source/app/models/authorization.py
+++ b/source/app/models/authorization.py
@@ -44,6 +44,9 @@ class Permissions(enum.Enum):
     case_templates_read = 0x100
     case_templates_write = 0x200
 
+    webhooks_read = 0x100
+    webhooks_write = 0x200
+
     activities_read = 0x400
     all_activities_read = 0x800
 
diff --git a/source/app/models/models.py b/source/app/models/models.py
index 4a3570751..91736e336 100644
--- a/source/app/models/models.py
+++ b/source/app/models/models.py
@@ -231,8 +231,32 @@ class EvidenceTypes(db.Model):
     created_by = relationship('User')
 
 
+class Webhook(db.Model):
+    __tablename__ = 'webhooks'
+
+    # Metadata
+    id = Column(Integer, primary_key=True)
+    created_by_user_id = Column(Integer, db.ForeignKey('user.id'))
+    created_at = Column(DateTime, server_default=func.now())
+    updated_at = Column(DateTime, onupdate=func.now())
+    # Data
+    name = Column(String, nullable=False)
+    header_auth = Column(JSON, nullable=True)
+    payload_schema = Column(JSON, nullable=True)
+    url = Column(String, nullable=True)
+
+    created_by_user = relationship('User')
+
+    def __init__(self, **kwargs):
+        super().__init__(**kwargs)
+
+    def update_from_dict(self, data: dict):
+        for field, value in data.items():
+            setattr(self, field, value)
+
+
 class CaseTemplate(db.Model):
-    __tablename__ = 'case_template'
+    __tablename__ = 'case_templatess'
 
     # Metadata
     id = Column(Integer, primary_key=True)
@@ -250,6 +274,8 @@ class CaseTemplate(db.Model):
     tasks = Column(JSON, nullable=True)
     note_directories = Column(JSON, nullable=True)
     classification = Column(String, nullable=True)
+    actions = Column(JSON, nullable=True)
+    triggers = Column(JSON, nullable=True)
 
     created_by_user = relationship('User')
 
diff --git a/source/app/post_init.py b/source/app/post_init.py
index 9383b5cc5..ff21d9f39 100644
--- a/source/app/post_init.py
+++ b/source/app/post_init.py
@@ -153,7 +153,6 @@ def run_post_init(development=False):
 
             log.info("Running DB migration")
 
-            # alembic_cfg = Config(file_='app/alembic.ini')
             alembic_cfg = Config(file_='source/app/alembic.ini')
             alembic_cfg.set_main_option('sqlalchemy.url', app.config['SQLALCHEMY_DATABASE_URI'])
             command.upgrade(alembic_cfg, 'head')
diff --git a/source/app/schema/marshables.py b/source/app/schema/marshables.py
index 2ec669f95..557215f98 100644
--- a/source/app/schema/marshables.py
+++ b/source/app/schema/marshables.py
@@ -812,6 +812,78 @@ def custom_attributes_merge(self, data: Dict[str, Any], **kwargs: Any) -> Dict[s
 
         return data
 
+class WebhookSchema(ma.Schema):
+    """Schema for serializing and deserializing Webhook objects.
+
+    This schema defines the fields to include when serializing and deserializing Webhook objects.
+    It includes fields for the template ID, the user ID of the user who created the template, the creation and update
+    timestamps, the name, header authentication, payload schema and URL of the Webhook.
+
+    """
+    id: int = fields.Integer(dump_only=True)
+    created_by_user_id: int = fields.Integer(required=True)
+    created_at: datetime = fields.DateTime(dump_only=True)
+    updated_at: datetime = fields.DateTime(dump_only=True)
+    name: str = fields.String(required=True)
+    header_auth: Optional[List[Dict[str, str]]] = fields.List(fields.Dict(), allow_none=True, missing=[])
+    payload_schema: Optional[List[Dict[str, Union[str, List[Dict[str, str]]]]]] = fields.List(fields.Dict(),
+                                                                                                allow_none=True,
+                                                                                                missing=[])
+    url: Optional[str] = fields.String(allow_none=True, missing="")
+
+
+
+    def validate_string_or_list(value: Union[str, List[str]]) -> Union[str, List[str]]:
+        """Validates that a value is a string or a list of strings.
+
+        This method validates that a value is either a string or a list of strings. If the value is a list, it also
+        validates that all items in the list are strings.
+
+        Args:
+            value: The value to validate.
+
+        Returns:
+            The validated value.
+
+        Raises:
+            ValidationError: If the value is not a string or a list of strings.
+
+        """
+        if not isinstance(value, (str, list)):
+            raise ValidationError('Value must be a string or a list of strings')
+        if isinstance(value, list):
+            for item in value:
+                if not isinstance(item, str):
+                    raise ValidationError('All items in list must be strings')
+        return value
+
+    def validate_string_or_list_of_dict(value: Union[str, List[Dict[str, str]]]) -> Union[str, List[Dict[str, str]]]:
+        """Validates that a value is a string or a list of dictionaries with string values.
+
+        This method validates that a value is either a string or a list of dictionaries with string values. If the value
+        is a list, it also validates that all items in the list are dictionaries with string values.
+
+        Args:
+            value: The value to validate.
+
+        Returns:
+            The validated value.
+
+        Raises:
+            ValidationError: If the value is not a string or a list of dictionaries with string values.
+
+        """
+        if not isinstance(value, (str, list)):
+            raise ValidationError('Value must be a string or a list of strings')
+        if isinstance(value, list):
+            for item in value:
+                if not isinstance(item, dict):
+                    raise ValidationError('All items in list must be dict')
+                for ivalue in item.values():
+                    if not isinstance(ivalue, str):
+                        raise ValidationError('All items in dict must be str')
+        return value
+    
 
 class CaseTemplateSchema(ma.Schema):
     """Schema for serializing and deserializing CaseTemplate objects.
@@ -891,6 +963,18 @@ def validate_string_or_list_of_dict(value: Union[str, List[Dict[str, str]]]) ->
         return value
 
     tasks: Optional[List[Dict[str, Union[str, List[str]]]]] = fields.List(
+        fields.Dict(keys=fields.Str(), values=fields.Raw()),  # Removed validate_string_or_list
+        allow_none=True,
+        missing=[]
+    )
+
+    actions: Optional[List[Dict[str, Union[str, List[str]]]]] = fields.List(
+        fields.Dict(keys=fields.Str(), values=fields.Raw(validate=[validate_string_or_list])),
+        allow_none=True,
+        missing=[]
+    )
+
+    triggers: Optional[List[Dict[str, Union[str, List[str]]]]] = fields.List(
         fields.Dict(keys=fields.Str(), values=fields.Raw(validate=[validate_string_or_list])),
         allow_none=True,
         missing=[]
diff --git a/source/app/static/assets/js/iris/manage.case.templates.js b/source/app/static/assets/js/iris/manage.case.templates.js
index c53a33b28..d5f36d5f7 100644
--- a/source/app/static/assets/js/iris/manage.case.templates.js
+++ b/source/app/static/assets/js/iris/manage.case.templates.js
@@ -1,336 +1,402 @@
 function add_case_template() {
-    let url = '/manage/case-templates/add/modal' + case_param();
-    $('#modal_case_template_json').load(url, function (response, status, xhr) {
-        if (status !== "success") {
-             ajax_notify_error(xhr, url);
-             return false;
-        }
+  let url = "/manage/case-templates/add/modal" + case_param();
+  $("#modal_case_template_json").load(url, function (response, status, xhr) {
+    if (status !== "success") {
+      ajax_notify_error(xhr, url);
+      return false;
+    }
 
-        let editor = ace.edit("editor_detail",
-            {
-                autoScrollEditorIntoView: true,
-                minLines: 30,
-            });
-        editor.setTheme("ace/theme/tomorrow");
-        editor.session.setMode("ace/mode/json");
-        editor.renderer.setShowGutter(true);
-        editor.setOption("showLineNumbers", true);
-        editor.setOption("showPrintMargin", false);
-        editor.setOption("displayIndentGuides", true);
-        editor.setOption("maxLines", "Infinity");
-        editor.session.setUseWrapMode(true);
-        editor.setOption("indentedSoftWrap", true);
-        editor.renderer.setScrollMargin(8, 5)
+    let editor = ace.edit("editor_detail", {
+      autoScrollEditorIntoView: true,
+      minLines: 30,
+    });
+    editor.setTheme("ace/theme/tomorrow");
+    editor.session.setMode("ace/mode/json");
+    editor.renderer.setShowGutter(true);
+    editor.setOption("showLineNumbers", true);
+    editor.setOption("showPrintMargin", false);
+    editor.setOption("displayIndentGuides", true);
+    editor.setOption("maxLines", "Infinity");
+    editor.session.setUseWrapMode(true);
+    editor.setOption("indentedSoftWrap", true);
+    editor.renderer.setScrollMargin(8, 5);
+
+    editor.setOptions({
+      enableBasicAutocompletion: [
+        {
+          getCompletions: (editor, session, pos, prefix, callback) => {
+            callback(null, [
+              { value: "name", score: 1, meta: "name of the template" },
+              {
+                value: "display",
+                score: 1,
+                meta: "display name of the template",
+              },
+              {
+                value: "description",
+                score: 1,
+                meta: "description of the template",
+              },
+              { value: "author", score: 1, meta: "author of the template" },
+              {
+                value: "title_prefix",
+                score: 1,
+                meta: "prefix of instantiated cases",
+              },
+              { value: "summary", score: 1, meta: "summary of the case" },
+              {
+                value: "tags",
+                score: 1,
+                meta: "tags of the case or the tasks",
+              },
+              { value: "tasks", score: 1, meta: "tasks of the case" },
+              { value: "note_groups", score: 1, meta: "groups of notes" },
+              {
+                value: "title",
+                score: 1,
+                meta: "title of the task or the note group or the note",
+              },
+              { value: "content", score: 1, meta: "content of the note" },
+              { value: "action", score: 1, meta: "actions of the case" },
+              { value: "triggers", score: 1, meta: "triggers of the case" },
+            ]);
+          },
+        },
+      ],
+      enableLiveAutocompletion: true,
+      enableSnippets: true,
+    });
 
-        editor.setOptions({
-          enableBasicAutocompletion: [{
-            getCompletions: (editor, session, pos, prefix, callback) => {
-              callback(null, [
-                {value: 'name', score: 1, meta: 'name of the template'},
-                {value: 'display', score: 1, meta: 'display name of the template'},
-                {value: 'description', score: 1, meta: 'description of the template'},
-                {value: 'author', score: 1, meta: 'author of the template'},
-                {value: 'title_prefix', score: 1, meta: 'prefix of instantiated cases'},
-                {value: 'summary', score: 1, meta: 'summary of the case'},
-                {value: 'tags', score: 1, meta: 'tags of the case or the tasks'},
-                {value: 'tasks', score: 1, meta: 'tasks of the case'},
-                {value: 'note_groups', score: 1, meta: 'groups of notes'},
-                {value: 'title', score: 1, meta: 'title of the task or the note group or the note'},
-                {value: 'content', score: 1, meta: 'content of the note'},
-              ]);
-            },
-          }],
-          enableLiveAutocompletion: true,
-          enableSnippets: true
+    $("#submit_new_case_template").on("click", function () {
+      let data_sent = Object();
+      data_sent["case_template_json"] = editor.getSession().getValue();
+      data_sent["csrf_token"] = $("#csrf_token").val();
+
+      post_request_api(
+        "/manage/case-templates/add",
+        JSON.stringify(data_sent),
+        false,
+        function () {
+          window.swal({
+            title: "Adding...",
+            text: "Please wait",
+            icon: "/static/assets/img/loader.gif",
+            button: false,
+            allowOutsideClick: false,
+          });
+        }
+      )
+        .done((data) => {
+          if (notify_auto_api(data)) {
+            refresh_case_template_table();
+            $("#modal_case_template").modal("hide");
+          }
+        })
+        .fail((error) => {
+          let data = error.responseJSON;
+          $("#submit_new_case_template").text("Save");
+          $("#alert_case_template_edit").text(data.message);
+          if (data.data && data.data.length > 0) {
+            let output = "
  • " + sanitizeHTML(data.data) + "
    • ";
+            $("#case_template_err_details_list").append(output);
+
+            $("#alert_case_template_details").show();
+          }
+          $("#alert_case_template_edit").show();
+        })
+        .always((data) => {
+          window.swal.close();
         });
 
-        $('#submit_new_case_template').on("click", function () {
-            let data_sent = Object();
-            data_sent['case_template_json'] = editor.getSession().getValue();
-            data_sent['csrf_token'] = $("#csrf_token").val();
-
-            post_request_api('/manage/case-templates/add', JSON.stringify(data_sent), false, function() {
-                window.swal({
-                      title: "Adding...",
-                      text: "Please wait",
-                      icon: "/static/assets/img/loader.gif",
-                      button: false,
-                      allowOutsideClick: false
-                });
-            })
-            .done((data) => {
-                if (notify_auto_api(data)) {
-                    refresh_case_template_table();
-                    $('#modal_case_template').modal('hide');
-                }
-            })
-            .fail((error) => {
-                let data = error.responseJSON;
-                $('#submit_new_case_template').text('Save');
-                $('#alert_case_template_edit').text(data.message);
-                if (data.data && data.data.length > 0) {
-
-                    let output='
  • '+ sanitizeHTML(data.data) +'
    • ';
-                    $('#case_template_err_details_list').append(output);
-
-                    $('#alert_case_template_details').show();
-                }
-                $('#alert_case_template_edit').show();
-            })
-            .always((data) => {
-                window.swal.close();
-            });
-
-            return false;
-        })
+      return false;
     });
-    $('#modal_case_template').modal({ show: true });
+  });
+  $("#modal_case_template").modal({ show: true });
 }
 
-$('#case_templates_table').dataTable( {
-    "ajax": {
-      "url": "/manage/case-templates/list" + case_param(),
-      "contentType": "application/json",
-      "type": "GET",
-      "data": function ( d ) {
-        if (d.status == 'success') {
-          return JSON.stringify( d.data );
-        } else {
-          return JSON.stringify([]);
-        }
+$("#case_templates_table").dataTable({
+  ajax: {
+    url: "/manage/case-templates/list" + case_param(),
+    contentType: "application/json",
+    type: "GET",
+    data: function (d) {
+      if (d.status == "success") {
+        return JSON.stringify(d.data);
+      } else {
+        return JSON.stringify([]);
       }
     },
-    "order": [[ 0, "desc" ]],
-    "autoWidth": false,
-    "columns": [
-            {
-                "data": "id",
-                "render": function ( data, type, row ) {
-                    return '' + sanitizeHTML(data) +'';
-                }
-            },
-            {
-                "data": "display_name",
-                "render": function ( data, type, row ) {
-                    return '' + sanitizeHTML(data) +'';
-                }
-            },
-            {
-                "data": "description"
-            },
-            {
-                "data": "added_by"
-            },
-            {
-                "data": "created_at"
-            },
-            {
-                "data": "updated_at"
-            }
-
-        ]
-    }
-);
+  },
+  order: [[0, "desc"]],
+  autoWidth: false,
+  columns: [
+    {
+      data: "id",
+      render: function (data, type, row) {
+        return (
+          '" +
+          sanitizeHTML(data) +
+          ""
+        );
+      },
+    },
+    {
+      data: "display_name",
+      render: function (data, type, row) {
+        return (
+          '" +
+          sanitizeHTML(data) +
+          ""
+        );
+      },
+    },
+    {
+      data: "description",
+    },
+    {
+      data: "added_by",
+    },
+    {
+      data: "created_at",
+    },
+    {
+      data: "updated_at",
+    },
+  ],
+});
 
 function refresh_case_template_table() {
-  $('#case_templates_table').DataTable().ajax.reload();
+  $("#case_templates_table").DataTable().ajax.reload();
   notify_success("Refreshed");
 }
 
 function delete_case_template(id) {
-    swal({
-        title: "Are you sure ?",
-        text: "You won't be able to revert this !",
-        icon: "warning",
-        buttons: true,
-        dangerMode: true,
-        confirmButtonColor: '#3085d6',
-        cancelButtonColor: '#d33',
-        confirmButtonText: 'Yes, delete it!'
-    })
-    .then((willDelete) => {
-        if (willDelete) {
-            post_request_api('/manage/case-templates/delete/' + id)
-            .done((data) => {
-                if(notify_auto_api(data)) {
-                    window.location.href = '/manage/case-templates' + case_param();
-                }
-            });
-        } else {
-            swal("Pfew, that was close");
+  swal({
+    title: "Are you sure ?",
+    text: "You won't be able to revert this !",
+    icon: "warning",
+    buttons: true,
+    dangerMode: true,
+    confirmButtonColor: "#3085d6",
+    cancelButtonColor: "#d33",
+    confirmButtonText: "Yes, delete it!",
+  }).then((willDelete) => {
+    if (willDelete) {
+      post_request_api("/manage/case-templates/delete/" + id).done((data) => {
+        if (notify_auto_api(data)) {
+          window.location.href = "/manage/case-templates" + case_param();
         }
-    });
+      });
+    } else {
+      swal("Pfew, that was close");
+    }
+  });
 }
 
 function case_template_detail(ctempl_id) {
-    let url = '/manage/case-templates/' + ctempl_id + '/modal' + case_param();
-    $('#modal_case_template_json').load(url, function (response, status, xhr) {
-        if (status !== "success") {
-             ajax_notify_error(xhr, url);
-             return false;
-        }
-
-        let editor = ace.edit("editor_detail",
-            {
-                autoScrollEditorIntoView: true,
-                minLines: 30,
-            });
-        editor.setTheme("ace/theme/tomorrow");
-        editor.session.setMode("ace/mode/json");
-        editor.renderer.setShowGutter(true);
-        editor.setOption("showLineNumbers", true);
-        editor.setOption("showPrintMargin", false);
-        editor.setOption("displayIndentGuides", true);
-        editor.setOption("maxLines", "Infinity");
-        editor.session.setUseWrapMode(true);
-        editor.setOption("indentedSoftWrap", true);
-        editor.renderer.setScrollMargin(8, 5)
+  let url = "/manage/case-templates/" + ctempl_id + "/modal" + case_param();
+  $("#modal_case_template_json").load(url, function (response, status, xhr) {
+    if (status !== "success") {
+      ajax_notify_error(xhr, url);
+      return false;
+    }
 
-        editor.setOptions({
-          enableBasicAutocompletion: [{
-            getCompletions: (editor, session, pos, prefix, callback) => {
-              callback(null, [
-                {value: 'name', score: 1, meta: 'name of the template'},
-                {value: 'display_name', score: 1, meta: 'display name of the template'},
-                {value: 'description', score: 1, meta: 'description of the template'},
-                {value: 'author', score: 1, meta: 'author of the template'},
-                {value: 'title_prefix', score: 1, meta: 'prefix of instantiated cases'},
-                {value: 'summary', score: 1, meta: 'summary of the case'},
-                {value: 'tags', score: 1, meta: 'tags of the case or the tasks'},
-                {value: 'tasks', score: 1, meta: 'tasks of the case'},
-                {value: 'note_groups', score: 1, meta: 'groups of notes'},
-                {value: 'title', score: 1, meta: 'title of the task or the note group or the note'},
-                {value: 'content', score: 1, meta: 'content of the note'},
-              ]);
-            },
-          }],
-          enableLiveAutocompletion: true,
-          enableSnippets: true
-        });
+    let editor = ace.edit("editor_detail", {
+      autoScrollEditorIntoView: true,
+      minLines: 30,
+    });
+    editor.setTheme("ace/theme/tomorrow");
+    editor.session.setMode("ace/mode/json");
+    editor.renderer.setShowGutter(true);
+    editor.setOption("showLineNumbers", true);
+    editor.setOption("showPrintMargin", false);
+    editor.setOption("displayIndentGuides", true);
+    editor.setOption("maxLines", "Infinity");
+    editor.session.setUseWrapMode(true);
+    editor.setOption("indentedSoftWrap", true);
+    editor.renderer.setScrollMargin(8, 5);
+
+    editor.setOptions({
+      enableBasicAutocompletion: [
+        {
+          getCompletions: (editor, session, pos, prefix, callback) => {
+            callback(null, [
+              { value: "name", score: 1, meta: "name of the template" },
+              {
+                value: "display_name",
+                score: 1,
+                meta: "display name of the template",
+              },
+              {
+                value: "description",
+                score: 1,
+                meta: "description of the template",
+              },
+              { value: "author", score: 1, meta: "author of the template" },
+              {
+                value: "title_prefix",
+                score: 1,
+                meta: "prefix of instantiated cases",
+              },
+              { value: "summary", score: 1, meta: "summary of the case" },
+              {
+                value: "tags",
+                score: 1,
+                meta: "tags of the case or the tasks",
+              },
+              { value: "actions", score: 1, meta: "actions of the case" },
+              { value: "tasks", score: 1, meta: "tasks of the case" },
+              { value: "note_groups", score: 1, meta: "groups of notes" },
+              {
+                value: "title",
+                score: 1,
+                meta: "title of the task or the note group or the note",
+              },
+              { value: "content", score: 1, meta: "content of the note" },
+              { value: "triggers", score: 1, meta: "triggers of the case" },
+            ]);
+          },
+        },
+      ],
+      enableLiveAutocompletion: true,
+      enableSnippets: true,
+    });
 
-        $('#submit_new_case_template').on("click", function () {
-            update_case_template(ctempl_id, editor, false, false);
-        });
+    $("#submit_new_case_template").on("click", function () {
+      update_case_template(ctempl_id, editor, false, false);
+    });
 
-        $('#submit_delete_case_template').on("click", function () {
-            delete_case_template(ctempl_id);
-        });
+    $("#submit_delete_case_template").on("click", function () {
+      delete_case_template(ctempl_id);
     });
-    $('#modal_case_template').modal({ show: true });
+  });
+  $("#modal_case_template").modal({ show: true });
 }
 
-function update_case_template(ctempl_id, editor, partial, complete){
-    event.preventDefault();
-
-    let data_sent = Object();
-    data_sent['case_template_json'] = editor.getSession().getValue();
-    data_sent['csrf_token'] = $("#csrf_token").val();
-
-    $('#alert_case_template_edit').empty();
-    $('#alert_case_template_details').hide();
-    $('#case_template_err_details_list').empty();
-
-    post_request_api('/manage/case-templates/update/' + ctempl_id, JSON.stringify(data_sent), false, function() {
-        window.swal({
-              title: "Updating...",
-              text: "Please wait",
-              icon: "/static/assets/img/loader.gif",
-              button: false,
-              allowOutsideClick: false
-        });
-    })
+function update_case_template(ctempl_id, editor, partial, complete) {
+  event.preventDefault();
+
+  let data_sent = Object();
+  data_sent["case_template_json"] = editor.getSession().getValue();
+  data_sent["csrf_token"] = $("#csrf_token").val();
+
+  $("#alert_case_template_edit").empty();
+  $("#alert_case_template_details").hide();
+  $("#case_template_err_details_list").empty();
+
+  post_request_api(
+    "/manage/case-templates/update/" + ctempl_id,
+    JSON.stringify(data_sent),
+    false,
+    function () {
+      window.swal({
+        title: "Updating...",
+        text: "Please wait",
+        icon: "/static/assets/img/loader.gif",
+        button: false,
+        allowOutsideClick: false,
+      });
+    }
+  )
     .done((data) => {
-        notify_auto_api(data);
+      notify_auto_api(data);
     })
     .fail((error) => {
-        let data = error.responseJSON;
-        $('#submit_new_case_template').text('Update');
-        $('#alert_case_template_edit').text(data.message);
-        if (data.data && data.data.length > 0) {
-            let output='
  • '+ sanitizeHTML(data.data) +'
    • ';
-            $('#case_template_err_details_list').append(output);
-
-            $('#alert_case_template_details').show();
-        }
-        $('#alert_case_template_edit').show();
+      let data = error.responseJSON;
+      $("#submit_new_case_template").text("Update");
+      $("#alert_case_template_edit").text(data.message);
+      if (data.data && data.data.length > 0) {
+        let output = "
  • " + sanitizeHTML(data.data) + "
    • ";
+        $("#case_template_err_details_list").append(output);
+
+        $("#alert_case_template_details").show();
+      }
+      $("#alert_case_template_edit").show();
     })
     .always((data) => {
-        window.swal.close();
+      window.swal.close();
     });
 
-    return false;
+  return false;
 }
 
 function fire_upload_case_template() {
-    let url = '/manage/case-templates/upload/modal' + case_param();
-    $('#modal_upload_case_template_json').load(url, function (response, status, xhr) {
-        if (status !== "success") {
-             ajax_notify_error(xhr, url);
-             return false;
-        }
-    });
-    $('#modal_upload_case_template').modal({ show: true });
+  let url = "/manage/case-templates/upload/modal" + case_param();
+  $("#modal_upload_case_template_json").load(
+    url,
+    function (response, status, xhr) {
+      if (status !== "success") {
+        ajax_notify_error(xhr, url);
+        return false;
+      }
+    }
+  );
+  $("#modal_upload_case_template").modal({ show: true });
 }
 
 function upload_case_template() {
+  if ($("#input_upload_case_template").val() !== "") {
+    var file = $("#input_upload_case_template").get(0).files[0];
+    var reader = new FileReader();
+    reader.onload = function (e) {
+      fileData = e.target.result;
+      var data = new Object();
+      data["csrf_token"] = $("#csrf_token").val();
+      data["case_template_json"] = fileData;
+
+      post_request_api(
+        "/manage/case-templates/add",
+        JSON.stringify(data),
+        false,
+        function () {
+          window.swal({
+            title: "Adding...",
+            text: "Please wait",
+            icon: "/static/assets/img/loader.gif",
+            button: false,
+            allowOutsideClick: false,
+          });
+        }
+      )
+        .done((data) => {
+          notify_auto_api(data);
+          jsdata = data;
+          if (jsdata.status == "success") {
+            refresh_case_template_table();
+            $("#modal_upload_case_template").modal("hide");
+          }
+        })
+        .fail((error) => {
+          let data = error.responseJSON;
+          $("#alert_upload_case_template").text(data.message);
+          if (data.data && data.data.length > 0) {
+            let output = "
  • " + sanitizeHTML(data.data) + "
    • ";
+            $("#upload_case_template_err_details_list").append(output);
+
+            $("#alert_upload_case_template_details").show();
+          }
+          $("#alert_upload_case_template").show();
+        })
+        .always((data) => {
+          $("#input_upload_case_template").val("");
+          window.swal.close();
+        });
+    };
+    reader.readAsText(file);
+  }
 
-    if ($("#input_upload_case_template").val() !== "")
-    {
-        var file = $("#input_upload_case_template").get(0).files[0];
-        var reader = new FileReader();
-        reader.onload = function (e) {
-            fileData = e.target.result
-            var data = new Object();
-            data['csrf_token'] = $('#csrf_token').val();
-            data['case_template_json'] = fileData;
-
-            post_request_api('/manage/case-templates/add', JSON.stringify(data), false, function() {
-                window.swal({
-                      title: "Adding...",
-                      text: "Please wait",
-                      icon: "/static/assets/img/loader.gif",
-                      button: false,
-                      allowOutsideClick: false
-                });
-            })
-           .done((data) => {
-                notify_auto_api(data);
-                jsdata = data;
-                if (jsdata.status == "success") {
-                    refresh_case_template_table();
-                    $('#modal_upload_case_template').modal('hide');
-                }
-           })
-           .fail((error) => {
-                let data = error.responseJSON;
-                $('#alert_upload_case_template').text(data.message);
-                if (data.data && data.data.length > 0) {
-
-                    let output='
  • '+ sanitizeHTML(data.data) +'
    • ';
-                    $('#upload_case_template_err_details_list').append(output);
-
-                    $('#alert_upload_case_template_details').show();
-                }
-                $('#alert_upload_case_template').show();
-            })
-            .always((data) => {
-                $("#input_upload_case_template").val("");
-                window.swal.close();
-            });
-
-        };
-        reader.readAsText(file);
-    }
-
-
-    return false;
+  return false;
 }
 
 function downloadCaseTemplateDefinition() {
-    event.preventDefault();
-    let editor = ace.edit("editor_detail");
-    let data = editor.getSession().getValue();
+  event.preventDefault();
+  let editor = ace.edit("editor_detail");
+  let data = editor.getSession().getValue();
 
-    let filename = "case_template.json";
-    download_file(filename, 'text/json' , data);
-}
\ No newline at end of file
+  let filename = "case_template.json";
+  download_file(filename, "text/json", data);
+}
diff --git a/source/app/static/assets/js/iris/manage.webhooks.js b/source/app/static/assets/js/iris/manage.webhooks.js
index 24cd1fff8..ea4a22b0e 100644
--- a/source/app/static/assets/js/iris/manage.webhooks.js
+++ b/source/app/static/assets/js/iris/manage.webhooks.js
@@ -1,4 +1,360 @@
-$('#webhooks_table').DataTable({
+function add_webhook() {
+  let url = "/manage/webhooks/add/modal" + case_param();
+  $("#modal_webhook_json").load(url, function (response, status, xhr) {
+    if (status !== "success") {
+      ajax_notify_error(xhr, url);
+      return false;
+    }
+
+    let editor = ace.edit("editor_detail", {
+      autoScrollEditorIntoView: true,
+      minLines: 30,
+    });
+    editor.setTheme("ace/theme/tomorrow");
+    editor.session.setMode("ace/mode/json");
+    editor.renderer.setShowGutter(true);
+    editor.setOption("showLineNumbers", true);
+    editor.setOption("showPrintMargin", false);
+    editor.setOption("displayIndentGuides", true);
+    editor.setOption("maxLines", "Infinity");
+    editor.session.setUseWrapMode(true);
+    editor.setOption("indentedSoftWrap", true);
+    editor.renderer.setScrollMargin(8, 5);
+
+    editor.setOptions({
+      enableBasicAutocompletion: [
+        {
+          getCompletions: (editor, session, pos, prefix, callback) => {
+            callback(null, [
+              { value: "name", score: 1, meta: "name of the webhook" },
+              {
+                value: "header_auth",
+                score: 1,
+                meta: "header auth of the webhook",
+              },
+              {
+                value: "payload_schema",
+                score: 1,
+                meta: "payload of the webhook",
+              },
+              { value: "url", score: 1, meta: "url of the webhook" },
+            ]);
+          },
+        },
+      ],
+      enableLiveAutocompletion: true,
+      enableSnippets: true,
+    });
+
+    $("#submit_new_webhook").on("click", function () {
+      let data_sent = Object();
+      data_sent["webhook_json"] = editor.getSession().getValue();
+      data_sent["csrf_token"] = $("#csrf_token").val();
+
+      post_request_api(
+        "/manage/webhooks/add",
+        JSON.stringify(data_sent),
+        false,
+        function () {
+          window.swal({
+            title: "Adding...",
+            text: "Please wait",
+            icon: "/static/assets/img/loader.gif",
+            button: false,
+            allowOutsideClick: false,
+          });
+        }
+      )
+        .done((data) => {
+          if (notify_auto_api(data)) {
+            refresh_webhook_table();
+            $("#modal_webhook").modal("hide");
+          }
+        })
+        .fail((error) => {
+          let data = error.responseJSON;
+          $("#submit_new_webhook").text("Save");
+          $("#alert_webhook_edit").text(data.message);
+          if (data.data && data.data.length > 0) {
+            let output = "
  • " + sanitizeHTML(data.data) + "
    • ";
+            $("#webhook_err_details_list").append(output);
+
+            $("#alert_webhook_details").show();
+          }
+          $("#alert_webhook_edit").show();
+        })
+        .always((data) => {
+          window.swal.close();
+        });
+
+      return false;
+    });
+  });
+  $("#modal_webhook").modal({ show: true });
+}
+
+$("#webhooks_table").dataTable({
+  ajax: {
+    url: "/manage/webhooks/list" + case_param(),
+    contentType: "application/json",
+    type: "GET",
+    data: function (d) {
+      if (d.status == "success") {
+        return JSON.stringify(d.data);
+      } else {
+        return JSON.stringify([]);
+      }
+    },
+  },
+  order: [[0, "desc"]],
+  autoWidth: false,
+  columns: [
+    {
+      data: "id",
+      render: function (data, type, row) {
+        return (
+          '" +
+          sanitizeHTML(data) +
+          ""
+        );
+      },
+    },
+    {
+      data: "name",
+      render: function (data, type, row) {
+        return (
+          '" +
+          sanitizeHTML(data) +
+          ""
+        );
+      },
+    },
+    {
+      data: "header_auth",
+    },
+    {
+      data: "payload_schema",
+    },
+    {
+      data: "url",
+    },
+  ],
+});
+
+function refresh_webhook_table() {
+  $("#webhooks_table").DataTable().ajax.reload();
+  notify_success("Refreshed");
+}
+
+function delete_webhook(id) {
+  swal({
+    title: "Are you sure ?",
+    text: "You won't be able to revert this !",
+    icon: "warning",
+    buttons: true,
+    dangerMode: true,
+    confirmButtonColor: "#3085d6",
+    cancelButtonColor: "#d33",
+    confirmButtonText: "Yes, delete it!",
+  }).then((willDelete) => {
+    if (willDelete) {
+      post_request_api("/manage/webhooks/delete/" + id).done((data) => {
+        if (notify_auto_api(data)) {
+          window.location.href = "/manage/webhooks" + case_param();
+        }
+      });
+    } else {
+      swal("Pfew, that was close");
+    }
+  });
+}
+
+function webhook_detail(ctempl_id) {
+  let url = "/manage/webhooks/" + ctempl_id + "/modal" + case_param();
+  $("#modal_webhook_json").load(url, function (response, status, xhr) {
+    if (status !== "success") {
+      ajax_notify_error(xhr, url);
+      return false;
+    }
+
+    let editor = ace.edit("editor_detail", {
+      autoScrollEditorIntoView: true,
+      minLines: 30,
+    });
+    editor.setTheme("ace/theme/tomorrow");
+    editor.session.setMode("ace/mode/json");
+    editor.renderer.setShowGutter(true);
+    editor.setOption("showLineNumbers", true);
+    editor.setOption("showPrintMargin", false);
+    editor.setOption("displayIndentGuides", true);
+    editor.setOption("maxLines", "Infinity");
+    editor.session.setUseWrapMode(true);
+    editor.setOption("indentedSoftWrap", true);
+    editor.renderer.setScrollMargin(8, 5);
+
+    editor.setOptions({
+      enableBasicAutocompletion: [
+        {
+          getCompletions: (editor, session, pos, prefix, callback) => {
+            callback(null, [
+              { value: "name", score: 1, meta: "name of the webhook" },
+              {
+                value: "header_auth",
+                score: 1,
+                meta: "header auth of the webhook",
+              },
+              {
+                value: "payload_schema",
+                score: 1,
+                meta: "payload of the webhook",
+              },
+              { value: "url", score: 1, meta: "url of the webhook" },
+            ]);
+          },
+        },
+      ],
+      enableLiveAutocompletion: true,
+      enableSnippets: true,
+    });
+
+    $("#submit_new_webhook").on("click", function () {
+      update_webhook(ctempl_id, editor, false, false);
+    });
+
+    $("#submit_delete_webhook").on("click", function () {
+      delete_webhook(ctempl_id);
+    });
+  });
+  $("#modal_webhook").modal({ show: true });
+}
+
+function update_webhook(ctempl_id, editor, partial, complete) {
+  event.preventDefault();
+
+  let data_sent = Object();
+  data_sent["webhook_json"] = editor.getSession().getValue();
+  data_sent["csrf_token"] = $("#csrf_token").val();
+
+  $("#alert_webhook_edit").empty();
+  $("#alert_webhook_details").hide();
+  $("#webhook_err_details_list").empty();
+
+  post_request_api(
+    "/manage/webhooks/update/" + ctempl_id,
+    JSON.stringify(data_sent),
+    false,
+    function () {
+      window.swal({
+        title: "Updating...",
+        text: "Please wait",
+        icon: "/static/assets/img/loader.gif",
+        button: false,
+        allowOutsideClick: false,
+      });
+    }
+  )
+    .done((data) => {
+      notify_auto_api(data);
+    })
+    .fail((error) => {
+      let data = error.responseJSON;
+      $("#submit_webhook_template").text("Update");
+      $("#alert_webhook_edit").text(data.message);
+      if (data.data && data.data.length > 0) {
+        let output = "
  • " + sanitizeHTML(data.data) + "
    • ";
+        $("#webhook_err_details_list").append(output);
+
+        $("#alert_webhook_details").show();
+      }
+      $("#alert_webhook_edit").show();
+    })
+    .always((data) => {
+      window.swal.close();
+    });
+
+  return false;
+}
+
+function fire_upload_webhook() {
+  let url = "/manage/webhooks/upload/modal" + case_param();
+  $("#modal_upload_webhook_json").load(url, function (response, status, xhr) {
+    if (status !== "success") {
+      ajax_notify_error(xhr, url);
+      return false;
+    }
+  });
+  $("#modal_upload_webhook").modal({ show: true });
+}
+
+function upload_webhook() {
+  if ($("#input_upload_webhook").val() !== "") {
+    var file = $("#input_upload_webhook").get(0).files[0];
+    var reader = new FileReader();
+    reader.onload = function (e) {
+      fileData = e.target.result;
+      var data = new Object();
+      data["csrf_token"] = $("#csrf_token").val();
+      data["webhook_json"] = fileData;
+
+      post_request_api(
+        "/manage/webhooks/add",
+        JSON.stringify(data),
+        false,
+        function () {
+          window.swal({
+            title: "Adding...",
+            text: "Please wait",
+            icon: "/static/assets/img/loader.gif",
+            button: false,
+            allowOutsideClick: false,
+          });
+        }
+      )
+        .done((data) => {
+          notify_auto_api(data);
+          jsdata = data;
+          if (jsdata.status == "success") {
+            refresh_webhook_table();
+            $("#modal_upload_webhook").modal("hide");
+          }
+        })
+        .fail((error) => {
+          let data = error.responseJSON;
+          $("#alert_upload_webhook").text(data.message);
+          if (data.data && data.data.length > 0) {
+            let output = "
  • " + sanitizeHTML(data.data) + "
    • ";
+            $("#upload_webhook_err_details_list").append(output);
+
+            $("#alert_upload_webhook_details").show();
+          }
+          $("#alert_upload_webhook").show();
+        })
+        .always((data) => {
+          $("#input_upload_webhook").val("");
+          window.swal.close();
+        });
+    };
+    reader.readAsText(file);
+  }
+
+  return false;
+}
+
+function downloadwebhookDefinition() {
+  event.preventDefault();
+  let editor = ace.edit("editor_detail");
+  let data = editor.getSession().getValue();
+
+  let filename = "webhook.json";
+  download_file(filename, "text/json", data);
+}
+
+
+$('#case_webhooks_table').DataTable({
     "ajax": {
         "url": "/manage/attributes/list" + case_param(),
         "contentType": "application/json",
@@ -20,8 +376,8 @@ $('#webhooks_table').DataTable({
 });
 
 // Event listener for row clicks
-$('#webhooks_table tbody').on('click', 'tr', function () {
-    var table = $('#webhooks_table').DataTable();
+$('#case_webhooks_table tbody').on('click', 'tr', function () {
+    var table = $('#case_webhooks_table').DataTable();
     var data = table.row(this).data();
 
     // Populate modal with data
diff --git a/source/app/templates/includes/sidenav.html b/source/app/templates/includes/sidenav.html
index e39592652..ca07a2387 100644
--- a/source/app/templates/includes/sidenav.html
+++ b/source/app/templates/includes/sidenav.html
@@ -133,6 +133,14 @@ 
    Manage
    
 									{% endif %}
+									{% if user_has_perm(std_permissions.server_administrator) %}
+									
  • 
+										
+											
+											Webhooks
+										
+									
    • 
+									{% endif %}
 									{% if user_has_perm(std_permissions.customers_read) %}
 									
  • 
 										
diff --git a/source/app/views.py b/source/app/views.py
index 916eb75e2..ab955bfe5 100644
--- a/source/app/views.py
+++ b/source/app/views.py
@@ -52,6 +52,7 @@
 from app.blueprints.manage.manage_groups import manage_groups_blueprint
 from app.blueprints.manage.manage_ioc_types_routes import manage_ioc_type_blueprint
 from app.blueprints.manage.manage_modules_routes import manage_modules_blueprint
+from app.blueprints.manage.manage_webhooks_routes import manage_webhooks_blueprint
 from app.blueprints.manage.manage_objects_routes import manage_objects_blueprint
 from app.blueprints.manage.manage_severities_routes import manage_severities_blueprint
 from app.blueprints.manage.manage_srv_settings_routes import manage_srv_settings_blueprint
@@ -81,6 +82,7 @@
 app.register_blueprint(manage_users_blueprint)
 app.register_blueprint(manage_templates_blueprint)
 app.register_blueprint(manage_modules_blueprint)
+app.register_blueprint(manage_webhooks_blueprint)
 app.register_blueprint(manage_customers_blueprint)
 app.register_blueprint(manage_anastatus_blueprint)
 app.register_blueprint(manage_ioc_type_blueprint)
diff --git a/source/requirements.txt b/source/requirements.txt
index 69c5a234e..306c492e4 100644
--- a/source/requirements.txt
+++ b/source/requirements.txt
@@ -41,6 +41,7 @@ Debugpy
 # unfortunately we are relying on a beta version here. I hope a definitive version gets released soon
 graphql-server[flask]==3.0.0b7
 graphene-sqlalchemy==3.0.0rc1
+Debugpy
 
 dependencies/docx_generator-0.8.0-py3-none-any.whl
 dependencies/iris_interface-1.2.0-py3-none-any.whl

From 909036ce0cbf65298699cbbd5f40966092cfe2fe Mon Sep 17 00:00:00 2001
From: Maham Riaz Keyani 
Date: Mon, 18 Nov 2024 11:04:15 +0500
Subject: [PATCH 21/80] Merge branch 'master' of
 https://github.com/Idoubles-Cybersecurity/iris-web into feature/ID-7

---
 docker-compose.base.yml                       |   2 +
 docker-compose.dev.yml                        |   4 +-
 source/app/alembic.ini                        |   1 +
 .../manage/manage_case_templates_routes.py    |  18 +-
 .../manage/manage_webhooks_routes.py          | 223 ++++++
 .../manage/templates/manage_webhooks.html     | 104 +++
 .../manage/templates/modal_case_template.html | 415 ++++++-----
 .../templates/modal_upload_case_template.html | 191 +++--
 .../templates/modal_upload_webhook.html       | 120 ++++
 .../manage/templates/modal_webhook.html       | 200 ++++++
 .../manage/manage_case_templates_db.py        |  46 +-
 .../app/datamgmt/manage/manage_webhooks_db.py | 307 +++++++++
 source/app/forms.py                           |   3 +
 source/app/models/authorization.py            |   3 +
 source/app/models/models.py                   |  28 +-
 source/app/post_init.py                       |   1 -
 source/app/schema/marshables.py               |  84 +++
 .../assets/js/iris/manage.case.templates.js   | 650 ++++++++++--------
 .../static/assets/js/iris/manage.webhooks.js  | 360 +++++++++-
 source/app/templates/includes/sidenav.html    |   8 +
 source/app/views.py                           |   2 +
 source/requirements.txt                       |   1 +
 22 files changed, 2210 insertions(+), 561 deletions(-)
 create mode 100644 source/app/blueprints/manage/manage_webhooks_routes.py
 create mode 100644 source/app/blueprints/manage/templates/manage_webhooks.html
 create mode 100644 source/app/blueprints/manage/templates/modal_upload_webhook.html
 create mode 100644 source/app/blueprints/manage/templates/modal_webhook.html
 create mode 100644 source/app/datamgmt/manage/manage_webhooks_db.py

diff --git a/docker-compose.base.yml b/docker-compose.base.yml
index 0305533ec..45bbe6212 100644
--- a/docker-compose.base.yml
+++ b/docker-compose.base.yml
@@ -38,6 +38,8 @@ services:
       - "0.0.0.0:5432:5432"
     volumes:
       - db_data:/var/lib/postgresql/data
+    ports:
+      - "0.0.0.0:5432:5432"
 
   app:
     container_name: iriswebapp_app
diff --git a/docker-compose.dev.yml b/docker-compose.dev.yml
index c79258788..fae79f4c5 100644
--- a/docker-compose.dev.yml
+++ b/docker-compose.dev.yml
@@ -16,7 +16,6 @@
 #  Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 
 services:
-
   rabbitmq:
     extends:
       file: docker-compose.base.yml
@@ -65,7 +64,6 @@ services:
         NGINX_CONF_FILE: nginx.conf
     image: iriswebapp_nginx:v2.4.7
 
-
 volumes:
   iris-downloads:
   user_templates:
@@ -76,4 +74,4 @@ networks:
   iris_backend:
     name: iris_backend
   iris_frontend:
-    name: iris_frontend
\ No newline at end of file
+    name: iris_frontend
diff --git a/source/app/alembic.ini b/source/app/alembic.ini
index 9d9e00091..0c1d8af90 100644
--- a/source/app/alembic.ini
+++ b/source/app/alembic.ini
@@ -1,6 +1,7 @@
 [alembic]
 # path to migration scripts
 script_location = source/app/alembic
+
 # template used to generate migration files
 # file_template = %%(rev)s_%%(slug)s
 
diff --git a/source/app/blueprints/manage/manage_case_templates_routes.py b/source/app/blueprints/manage/manage_case_templates_routes.py
index e11f69549..d189aec73 100644
--- a/source/app/blueprints/manage/manage_case_templates_routes.py
+++ b/source/app/blueprints/manage/manage_case_templates_routes.py
@@ -104,7 +104,9 @@ def case_template_modal(cur_id, caseid, url_redir):
         "tags": case_template.tags,
         "tasks": case_template.tasks,
         "note_directories": case_template.note_directories,
-        "classification": case_template.classification
+        "classification": case_template.classification,
+        "actions": case_template.actions,
+        "triggers": case_template.triggers
     }
 
     form.case_template_json.data = case_template_dict
@@ -130,7 +132,13 @@ def add_template_modal():
             {
                 "title": "Task 1",
                 "description": "Task 1 description",
-                "tags": ["tag1", "tag2"]
+                "tags": ["tag1", "tag2"],
+                "actions": [
+                    {
+                        "webhook_id": "Webhook Id",
+                        "display_name": "Action Name",
+                    }
+                ],
             }
         ],
         "note_directories": [
@@ -143,6 +151,12 @@ def add_template_modal():
                     }
                 ]
             }
+        ],
+        "triggers": [
+            {
+                "webhook_id": "Webhook Id",
+                "display_name": "Trigger Name",
+            }
         ]
     }
 
diff --git a/source/app/blueprints/manage/manage_webhooks_routes.py b/source/app/blueprints/manage/manage_webhooks_routes.py
new file mode 100644
index 000000000..07d606d9b
--- /dev/null
+++ b/source/app/blueprints/manage/manage_webhooks_routes.py
@@ -0,0 +1,223 @@
+# IMPORTS ------------------------------------------------
+import json
+from flask import Blueprint
+from flask import redirect
+from flask import render_template
+from flask import request
+from flask import url_for
+from flask_login import current_user
+from marshmallow import ValidationError
+
+from app import db
+from app.datamgmt.manage.manage_webhooks_db import get_webhooks_list
+from app.datamgmt.manage.manage_webhooks_db import get_webhook_by_id
+from app.datamgmt.manage.manage_webhooks_db import delete_webhook_by_id
+from app.datamgmt.manage.manage_webhooks_db import validate_webhook
+from app.forms import AddAssetForm, WebhookForm
+from app.models import Webhook
+from app.models.authorization import Permissions
+from app.iris_engine.utils.tracker import track_activity
+from app.schema.marshables import WebhookSchema
+from app.util import ac_api_requires
+from app.util import ac_requires_case_identifier
+from app.util import ac_requires
+from app.util import response_error
+from app.util import response_success
+
+manage_webhooks_blueprint = Blueprint('manage_webhooks',
+                                            __name__,
+                                            template_folder='templates')
+
+
+# CONTENT ------------------------------------------------
+@manage_webhooks_blueprint.route('/manage/webhooks', methods=['GET'])
+@ac_requires(Permissions.webhooks_read)
+def manage_webhooks(caseid, url_redir):
+    if url_redir:
+        return redirect(url_for('manage_webhooks.manage_webhooks', cid=caseid))
+
+    form = AddAssetForm()
+
+    return render_template('manage_webhooks.html', form=form)
+
+
+@manage_webhooks_blueprint.route('/manage/webhooks/list', methods=['GET'])
+@ac_api_requires()
+def list_webhooks():
+    """Show a list of webhooks
+
+    Returns:
+        Response: List of webhooks
+    """
+    webhooks = get_webhooks_list()
+
+    # Return the attributes
+    return response_success("", data=webhooks)
+
+
+@manage_webhooks_blueprint.route('/manage/webhooks//modal', methods=['GET'])
+@ac_requires(Permissions.webhooks_read)
+def webhook_modal(cur_id, caseid, url_redir):
+    """Get an webhook
+
+    Args:
+        cur_id (int): webhook id
+
+    Returns:
+        HTML Template: webhook modal
+    """
+    if url_redir:
+        return redirect(url_for('manage_webhooks.manage_webhooks', cid=caseid))
+
+    form = WebhookForm()
+
+    webhook = get_webhook_by_id(cur_id)
+    if not webhook:
+        return response_error(f"Invalid webhook ID {cur_id}")
+
+    # Temporary : for now we build the full JSON form object based on case templates attributes
+    # Next step : add more fields to the form
+    webhook_dict = {
+        "name": webhook.name,
+        "header_auth": webhook.header_auth,
+        "payload_schema": webhook.payload_schema,
+        "url": webhook.url
+    }
+
+    form.webhook_json.data = webhook_dict
+
+    return render_template("modal_webhook.html", form=form, webhook=webhook)
+
+
+@manage_webhooks_blueprint.route('/manage/webhooks/add/modal', methods=['GET'])
+@ac_api_requires(Permissions.webhooks_write)
+def add_template_modal():
+    webhook = Webhook()
+    form = WebhookForm()
+    form.webhook_json.data = {
+        "name": "webhook name",
+        "header_auth": [
+            {
+                "key": "Value 1"
+            }
+        ],
+        "payload_schema": json.loads('''[
+            {
+                "type": "object",
+                "properties": [
+                    {
+                        "property": "property name",
+                        "type": "string"
+                    }
+                ]
+            }
+        ]'''),
+        "url": "webhook URL",
+    }
+
+    return render_template("modal_webhook.html", form=form, webhook=webhook)
+
+
+
+@manage_webhooks_blueprint.route('/manage/webhooks/upload/modal', methods=['GET'])
+@ac_api_requires(Permissions.webhooks_write)
+def upload_template_modal():
+    return render_template("modal_upload_webhook.html")
+
+
+@manage_webhooks_blueprint.route('/manage/webhooks/add', methods=['POST'])
+@ac_api_requires(Permissions.webhooks_write)
+@ac_requires_case_identifier()
+def add_webhook(caseid):
+    data = request.get_json()
+    if not data:
+        return response_error("Invalid request")
+
+    webhook_json = data.get('webhook_json')
+    if not webhook_json:
+        return response_error("Invalid request")
+
+    try:
+        webhook_dict = json.loads(webhook_json)
+    except Exception as e:
+        return response_error("Invalid JSON", data=str(e))
+
+    try:
+        logs = validate_webhook(webhook_dict, update=False)
+        if logs is not None:
+            return response_error("Found errors in webhooks", data=logs)
+    except Exception as e:
+        return response_error("Found errors in webhooks", data=str(e))
+
+    try:
+        webhook_dict["created_by_user_id"] = current_user.id
+        webhook_data = WebhookSchema().load(webhook_dict)
+        webhook = Webhook(**webhook_data)
+        db.session.add(webhook)
+        db.session.commit()
+    except Exception as e:
+        return response_error("Could not add webhook into DB", data=str(e))
+
+    track_activity(f"webhook '{webhook.name}' added", caseid=caseid, ctx_less=True)
+
+    return response_success("Added successfully", data=WebhookSchema().dump(webhook))
+
+
+@manage_webhooks_blueprint.route('/manage/webhooks/update/', methods=['POST'])
+@ac_api_requires(Permissions.webhooks_write)
+def update_webhook(cur_id):
+    if not request.is_json:
+        return response_error("Invalid request")
+
+    webhook = get_webhook_by_id(cur_id)
+    if not webhook:
+        return response_error(f"Invalid webhook ID {cur_id}")
+
+    data = request.get_json()
+    updated_webhook_json = data.get('webhook_json')
+    if not updated_webhook_json:
+        return response_error("Invalid request")
+
+    try:
+        updated_webhook_dict = json.loads(updated_webhook_json)
+    except Exception as e:
+        return response_error("Invalid JSON", data=str(e))
+
+    try:
+        logs = validate_webhook(updated_webhook_dict, update=True)
+        if logs is not None:
+            return response_error("Found errors in webhook", data=logs)
+    except Exception as e:
+        return response_error("Found errors in webhook", data=str(e))
+
+    webhook_schema = WebhookSchema()
+
+    try:
+        # validate the request data and load it into an instance of the `Webhook` object
+        webhook_data = webhook_schema.load(updated_webhook_dict, partial=True)
+        # update the existing `webhook` object with the new data
+        webhook.update_from_dict(webhook_data)
+        # commit the changes to the database
+        db.session.commit()
+    except ValidationError as error:
+        return response_error("Could not validate webhook", data=str(error))
+
+    return response_success("webhook updated")
+
+
+@manage_webhooks_blueprint.route('/manage/webhooks/delete/', methods=['POST'])
+@ac_api_requires(Permissions.webhooks_write)
+@ac_requires_case_identifier()
+def delete_webhook(webhook_id, caseid):
+    webhook = get_webhook_by_id(webhook_id)
+    if webhook is None:
+        return response_error('webhook not found')
+
+    webhook_name = webhook.name
+
+    delete_webhook_by_id(webhook_id)
+    db.session.commit()
+
+    track_activity(f"webhook '{webhook_name}' deleted", caseid=caseid, ctx_less=True)
+    return response_success("Deleted successfully")
+
diff --git a/source/app/blueprints/manage/templates/manage_webhooks.html b/source/app/blueprints/manage/templates/manage_webhooks.html
new file mode 100644
index 000000000..a01943235
--- /dev/null
+++ b/source/app/blueprints/manage/templates/manage_webhooks.html
@@ -0,0 +1,104 @@
+{% extends "layouts/default.html" %} {% block title %} Manage Webhooks {%
+endblock title %} {% block stylesheets %} {% endblock stylesheets %} {% block
+content %} {% if current_user.is_authenticated %} {{ form.hidden_tag() }}
+
    
+  
    
+    
    
+      
    
+        
    
+          
    
+            
    
+              
    Webhooks
    
+            
    
+            
    
+              
+              
+              
+            
    
+          
    
+        
    
+        
    
+          
    
+            
    
+              
+            
    
+            
    • 
                                                 
       
                                                     Name
     
 
 
 
 
 										
 									
    
+              
+                
+                  
+                  
+                  
+                  
+                  
+                
+              
+              
+                
+                  
+                  
+                  
+                  
+                  
+                
+              
+            
    #IDNameHeader AuthPayload SchemaURL
    #IDNameHeader AuthPayload SchemaURL
    
+          
    
+        
    
+
    +
    +
    +
    + + +{% endif %} {% endblock content %} {% block javascripts %} + + + +{% endblock javascripts %} diff --git a/source/app/blueprints/manage/templates/modal_case_template.html b/source/app/blueprints/manage/templates/modal_case_template.html index 78e0d54b6..81af83d27 100644 --- a/source/app/blueprints/manage/templates/modal_case_template.html +++ b/source/app/blueprints/manage/templates/modal_case_template.html @@ -1,101 +1,139 @@ {% block content %}
    - {% if case_template.id %} -

    Edit case template {{ case_template.display_name }}

    - {% else %} -

    Add case template

    - {% endif %} - + {% if case_template.id %} +

    Edit case template {{ case_template.display_name }}

    + {% else %} +

    Add case template

    + {% endif %} +
    +
    +
    +
    +
    +
    + {% if case_template.id %} +

    {{ case_template.display_name }} template

    + {% else %} +

    New template

    + {% endif %} +

    + Case templates allow to prefill case objects such as tasks, tags, + and notes.
    + It can be used to add procedures defining how to react against a + specific kind of incident (phishing, ransomware, APT...) +

    + -
    - -
    -
    -
    - {% if case_template.id %} -

    {{ case_template.display_name }} template

    - {% else %} -

    New template

    - {% endif %} -

    Case templates allow to prefill case objects such as tasks, tags, and notes.
    - It can be used to add procedures defining how to react against a specific kind of incident (phishing, ransomware, APT...)

    - - -
    - -
    -
    -

    Field types

    - The supported fields types are: -
      -
    • name: The name of the case template (required).
      • -
    • display_name: The displayed name of the case template.
      • -
    • description: The description of the case template.
      • -
    • author: The author of the case template (not related to the current user).
      • -
    • classification: The classification of the case template. Should be a lowercase name matching an existing classification in IRIS.
      • -
    • title_prefix: A prefix to add to case title.
      • -
    • summary: content to prefill the summary.
      • -
    • tags: A list of case tags.
      • -
    • tasks: A list of dictionaries defining tasks. Tasks are defined by title (required), description, and list of tags.
      • -
    • note_directories: A list of dictionaries defining note directories. Note directories are defined by title (required), and list of notes. Notes have title (required) and content
      • -
    • actions: A list of dictionaries defining actions that can be triggered from case pages. Each action is defined by a name (required), url, header and a payload.
      • -
    • triggers: A list of dictionaries defining triggers that are executed on case creation. Each trigger is defined by a name (required), order, url, header, and a payload.
      • -
    -
    -
    -
    -
    - -
    -
    - A case template is defined as below. - 
    +            
    
+              
+              
    
+                
    
+                  
    Field types
    
+                  The supported fields types are:
+                  
      
+                    
    • name: The name of the case template (required).
      • 
+                    
    • 
+                      display_name: The displayed name of the case template.
+                    
      • 
+                    
    • description: The description of the case template.
      • 
+                    
    • 
+                      author: The author of the case template (not related to
+                      the current user).
+                    
      • 
+                    
    • 
+                      classification: The classification of the case template.
+                      Should be a lowercase name matching an existing
+                      classification in IRIS.
+                    
      • 
+                    
    • title_prefix: A prefix to add to case title.
      • 
+                    
    • summary: content to prefill the summary.
      • 
+                    
    • tags: A list of case tags.
      • 
+                    
    • 
+                      tasks: A list of dictionaries defining tasks. Tasks are
+                      defined by title (required), description, and list of
+                      tags.
+                    
      • 
+                    
    • 
+                      note_directories: A list of dictionaries defining note
+                      directories. Note directories are defined by title
+                      (required), and list of notes. Notes have title (required)
+                      and content
+                    
      • 
+                    
    • actions: A list of dictionaries defining actions that can be triggered from case pages. Each
+                      action is defined by a name (required), url, header and a payload.
      • 
+                    
    • triggers: A list of dictionaries defining triggers that are executed on case creation. Each
+                      trigger is defined by a name (required), order, url, header, and a payload.
      • 
+                  
    
+                
    
+              
    
+            
    
+            
    
+              
+              
    
+                
    
+                  A case template is defined as below.
+                  
     
 {
     "name": "ransomware_infection",
     "display_name": "Ransomware Infection Template",
     "description": "This case template describes first-response tasks to handle information system compromised by a ransomware.",
     "author": "DFIR-IRIS",
-    "classification": "malicious-code:ransomware",
-    "title_prefix": "[RANS]",
-    "summary": "# Context \n\n\n# Contact \n\n\n# Actions \n\n\n",
+    "title_prefix": "RANS",
+    "summary": "# Context \n\n\n # Contact \n\n\n # Actions \n\n\n",
     "tags": ["ransomware","malware"],
     "tasks": [
         {
             "title": "Identify the perimeter",
             "description": "The perimeter of compromise must be identified",
-            "tags": ["identify"]
+            "tags": ["identify"],
+            "actions": [
+                {
+                    "webhook_id": "Webhook Id",
+                    "display_name": "Action Name",
+                }
+            ],
         },
         {
             "title": "Collect compromised hosts",
             "description": "Deploy Velociraptor and start collecting evidence",
-            "tags": ["collect", "velociraptor"]
+            "tags": ["collect", "velociraptor"],
+            "actions": [
+                {
+                    "webhook_id": "Webhook Id",
+                    "display_name": "Action Name",
+                }
+            ],
         },
         {
-            "title": "Containment"
+            "title": "Contain"
         }
     ],
     "note_directories": [
@@ -111,137 +149,132 @@ 
    Field types
    
         {
             "title": "Collect",
             "notes": [
-                        {
-                            "title": "Velociraptor deployment"
-                        },
-                        {
-                            "title": "Assets collected",
-                            "content": "# Assets collected\n\n# Assets not collected"
-                        }
-                    ]
+                {
+                    "title": "Velociraptor deployment"
+                },
+                {
+                    "title": "Assets collected",
+                    "content": "# Assets collected\n\n# Assets not collected"
+                }
+            ]
+        },
+    ],
+    "triggers": [
+        {
+            "webhook_id": "Webhook Id",
+            "display_name": "Trigger Name",
         }
     ],
 }
                                     
    
-                                
    
-                            
    
-                        
    
-                        
    
-                            
-                            
    
-                                
    
-                                    
    
-                                        
    
-                                            
-                                        
    
-                                        
-                                            
-                                                   
-                                                    
-                                                    
-                                                
-                                            
-                                            
-                                                
-                                                    
-                                                    
-                                                
-                                            
-                                        
    NameDescription
    NameDescription
    
-                                    
    
-                                
    
-                            
    
-                        
    
+
    +
    +
    +
    + +
    +
    +
    +
    +
    - +
    +
    -
    - {{ form.hidden_tag() }} -
    -
    - -
    -
    {{ form.case_template_json.data|tojsonsafe }}
    -
    +
    + +
    +
    +
    +
    +
    +
    + {{ form.hidden_tag() }} +
    +
    +
    - -
    - +
    {{ form.case_template_json.data|tojsonsafe }}
    +
    +
    +
    + +
    +
    - {% if case_template.id %} - - + {% if case_template.id %} + + - {% else %} + {% else %} - + - {% endif %} + {% endif %}
    {% endblock content %} {% block javascripts %} - - - - - {% endblock javascripts %} - - - \ No newline at end of file + + + + +{% endblock javascripts %} \ No newline at end of file diff --git a/source/app/blueprints/manage/templates/modal_upload_case_template.html b/source/app/blueprints/manage/templates/modal_upload_case_template.html index 7b5e9cd1b..3012c3bd8 100644 --- a/source/app/blueprints/manage/templates/modal_upload_case_template.html +++ b/source/app/blueprints/manage/templates/modal_upload_case_template.html @@ -1,37 +1,52 @@
    -

    Upload case template

    - +

    Upload case template

    +
    +
    +
    +
    +
    +
    +

    + Case templates allow to prefill case objects such as tasks, tags, + and notes.
    + It could be used to add procedures defining how to react against a + specific kind of incident (phishing, ransomware, APT...) +

    + + +
    + -
    - - -
    -
    -
    -

    Case templates allow to prefill case objects such as tasks, tags, and notes.
    - It could be used to add procedures defining how to react against a specific kind of incident (phishing, ransomware, APT...)

    - - -
    - - -
    -
    - A case template is defined as below. - 
    +              
    
+                
    
+                  A case template is defined as below.
+                  
     
 {
     "name": "ransomware_infection",
@@ -45,12 +60,24 @@ 
    Upload case template
    
         {
             "title": "Identify the perimeter",
             "description": "The perimeter of compromise must be identified",
-            "tags": ["identify"]
+            "tags": ["identify"],
+            "actions": [
+                {
+                    "webhook_id": "Webhook Id",
+                    "display_name": "Action Name",
+                }
+            ],
         },
         {
             "title": "Collect compromised hosts",
             "description": "Deploy Velociraptor and start collecting evidence",
-            "tags": ["collect", "velociraptor"]
+            "tags": ["collect", "velociraptor"],
+            "actions": [
+                {
+                    "webhook_id": "Webhook Id",
+                    "display_name": "Action Name",
+                }
+            ],
         },
         {
             "title": "Contain"
@@ -77,45 +104,79 @@ 
    Upload case template
    
                     "content": "# Assets collected\n\n# Assets not collected"
                 }
             ]
+        },
+    ],
+    "triggers": [
+        {
+            "webhook_id": "Webhook Id",
+            "display_name": "Trigger Name",
         }
     ]
 }
-                                
    
+
    -

    Field types

    - The supported fields types are: -
      -
    • name: The name of the case template (required).
      • -
    • display_name: The displayed name of the case template.
      • -
    • description: The description of the case template.
      • -
    • author: The author of the case template (not related to the current user).
      • -
    • title_prefix: A prefix to add to case title.
      • -
    • summary: content to prefill the summary.
      • -
    • tags: A list of case tags.
      • -
    • tasks: A list of dictionaries defining tasks. Tasks are defined by title (required), description, and list of tags.
      • -
    • note_groups: A list of dictionaries defining note groups. Note groups are defined by title (required), and list of notes. Notes have title (required) and content
      • -
    -
    -
    -
    -
    -
    - - +

    Field types

    + The supported fields types are: +
      +
    • name: The name of the case template (required).
      • +
    • + display_name: The displayed name of the case template. +
      • +
    • description: The description of the case template.
      • +
    • + author: The author of the case template (not related to + the current user). +
      • +
    • title_prefix: A prefix to add to case title.
      • +
    • summary: content to prefill the summary.
      • +
    • tags: A list of case tags.
      • +
    • + tasks: A list of dictionaries defining tasks. Tasks are + defined by title (required), description, and list of + tags. +
      • +
    • + note_groups: A list of dictionaries defining note groups. + Note groups are defined by title (required), and list of + notes. Notes have title (required) and content +
      • +
    +
    -
    -
    - -
    - +
    +
    + + +
    +
    +
    +
    + + +
    +
    - +
    - diff --git a/source/app/blueprints/manage/templates/modal_upload_webhook.html b/source/app/blueprints/manage/templates/modal_upload_webhook.html new file mode 100644 index 000000000..08c551e30 --- /dev/null +++ b/source/app/blueprints/manage/templates/modal_upload_webhook.html @@ -0,0 +1,120 @@ +
    +

    Upload webhook

    + +
    +
    +
    +
    +
    +
    +
    +

    + Webhooks allow to prefill webhook objects such as Header Auth, + Payload Schema, and URLs.
    + It can be the webhook used to add procedures defining how to react + against a specific kind of incident (phishing, ransomware, APT...) +

    + + +
    + + +
    +
    + An webhook is defined as below. + 
    +
+                                        {
+                                            "name": "webhook 1",
+                                            "header_auth": [
+                                            {
+                                                "key": "auth 1"
+                                            },
+                                            {
+                                                "key": "auth 2"
+                                            }
+                                            ],
+                                            "payload_schema": [
+                                            {
+                                                "type": "object",
+                                                "properties": [
+                                                    {
+                                                        "property": "property name",
+                                                        "type": "type of data"
+                                                    }
+                                                ]
+                                            }
+                                        ],
+                                            "url": "www.some-webhook1.com",
+                                        }
+
    + +

    Field types

    + The supported fields types are: +
      +
    • name: The name of the webhook (required).
      • +
    • + header_auth: The Header Authetication for the webhook. +
      • +
    • payload_schema: The payload of the webhook.
      • +
    • url: The url of the webhook.
      • +
    +
    +
    +
    +
    +
    + + +
    +
    +
    +
    + +
    +
    + +
    +
    + +
    diff --git a/source/app/blueprints/manage/templates/modal_webhook.html b/source/app/blueprints/manage/templates/modal_webhook.html new file mode 100644 index 000000000..ecc813099 --- /dev/null +++ b/source/app/blueprints/manage/templates/modal_webhook.html @@ -0,0 +1,200 @@ +
    + {% if webhook.id %} +

    Edit webhook {{ webhook.name }}

    + {% else %} +

    Add webhook

    + {% endif %} + +
    +
    +
    +
    +
    +
    +
    + {% if webhook.id %} +

    {{ webhook.name }} template

    + {% else %} +

    New template

    + {% endif %} +

    + Webhooks allow to prefill webhook objects such as Header Auth, + Payload Schema, and URLs.
    + It can be the webhook used to add procedures defining how to react + against a specific kind of incident (phishing, ransomware, APT...) +

    + + +
    + +
    +
    +

    Field types

    + The supported fields types are: +
      +
    • name: The name of the webhook (required).
      • +
    • + header_auth: The Header Authetication for the webhook. +
      • +
    • payload_schema: The payload of the webhook.
      • +
    • url: The url of the webhook.
      • +
    +
    +
    +
    +
    + +
    +
    + An webhook is defined as below. + 
    +
+{
+    "name": "webhook 1",
+    "header_auth": [
+        {
+            "key": "auth 1"
+        },
+        {
+            "key": "auth 2"
+        }
+    ],
+    "payload_schema": [
+        {
+            "type": "object",
+            "properties": [
+                {
+                    "property": "property name",
+                    "type": "string"
+                }
+            ]
+        }
+    ],
+    "url": "www.some-webhook1.com",
+}
+
    +

    + For validation, use this link: + JSON Schema +

    +
    +
    +
    +
    +
    +
    + {{ form.hidden_tag() }} +
    +
    + +
    +
    + {{ form.webhook_json.data|tojsonsafe }} +
    +
    +
    +
    + +
    + +
    +
    + {% if webhook.id %} + + + + {% else %} + + + + {% endif %} +
    diff --git a/source/app/datamgmt/manage/manage_case_templates_db.py b/source/app/datamgmt/manage/manage_case_templates_db.py index b83cb6067..cc30f5891 100644 --- a/source/app/datamgmt/manage/manage_case_templates_db.py +++ b/source/app/datamgmt/manage/manage_case_templates_db.py @@ -23,9 +23,10 @@ from app.datamgmt.case.case_tasks_db import add_task from app.datamgmt.manage.manage_case_classifications_db import get_case_classification_by_name from app.iris_engine.module_handler.module_handler import call_modules_hook -from app.models import CaseTemplate, Cases, Tags, NoteDirectory +from app.models import CaseTemplate, Cases, Tags, NoteDirectory, Webhook from app.models.authorization import User from app.schema.marshables import CaseSchema, CaseTaskSchema, CaseNoteDirectorySchema, CaseNoteSchema +from app.datamgmt.manage.manage_webhooks_db import get_webhook_by_id def get_case_templates_list() -> List[dict]: @@ -123,6 +124,40 @@ def validate_case_template(data: dict, update: bool = False) -> Optional[str]: for tag in task["tags"]: if not isinstance(tag, str): return "Each tag must be a string." + + # Check actions within the task + if "actions" in task: + if not isinstance(task["actions"], list): + return "Actions must be a list." + for action in task["actions"]: + if not isinstance(action, dict): + return "Each action must be a dictionary." + if "webhook_id" not in action: + return "Each action must have a 'webhook_id' field." + if "display_name" not in action: + return "Each action must have a 'display_name' field." + + # Check if webhook_id matches an existing Webhook.id + webhook = get_webhook_by_id(action["webhook_id"]) + if not webhook: + return f"Webhook with id {action['webhook_id']} does not exist." + + # We check that action, if any, are a list of dictionaries with mandatory keys + if "triggers" in data: + if not isinstance(data["triggers"], list): + return "Trigger must be a list." + for trigger in data["triggers"]: + if not isinstance(trigger, dict): + return "Each trigger must be a dictionary." + if "webhook_id" not in trigger: + return "Each trigger must have a 'webhook_id' field." + if "display_name" not in trigger: + return "Each trigger must have a 'display_name' field." + # Check if webhook_id matches an existing Webhook.id + webhook = get_webhook_by_id(trigger["webhook_id"]) + if not webhook: + return f"Webhook with id {trigger['webhook_id']} does not exist." + # We check that note groups, if any, are a list of dictionaries with mandatory keys if "note_groups" in data: @@ -164,7 +199,6 @@ def case_template_pre_modifier(case_schema: CaseSchema, case_template_id: str): return case_schema - def case_template_populate_tasks(case: Cases, case_template: CaseTemplate): logs = [] # Update case tasks @@ -179,7 +213,13 @@ def case_template_populate_tasks(case: Cases, case_template: CaseTemplate): "task_title": task_template['title'], "task_description": task_template['description'] if task_template.get('description') else "", "task_tags": ",".join(tag for tag in task_template["tags"]) if task_template.get('tags') else "", - "task_status_id": 1 + "task_status_id": 1, + "task_actions": [ + { + "webhook_id": action["webhook_id"], + "display_name": action["display_name"] + } for action in task_template.get("actions", []) + ] } mapped_task_template = call_modules_hook('on_preload_task_create', data=mapped_task_template, caseid=case.case_id) diff --git a/source/app/datamgmt/manage/manage_webhooks_db.py b/source/app/datamgmt/manage/manage_webhooks_db.py new file mode 100644 index 000000000..1affbe9a9 --- /dev/null +++ b/source/app/datamgmt/manage/manage_webhooks_db.py @@ -0,0 +1,307 @@ +# IRIS Source Code +# contact@dfir-iris.org +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 3 of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public License +# along with this program; if not, write to the Free Software Foundation, +# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +import marshmallow +from datetime import datetime +from typing import List, Optional, Union + +from app import db +from app.datamgmt.case.case_notes_db import add_note +from app.datamgmt.case.case_tasks_db import add_task +from app.datamgmt.manage.manage_case_classifications_db import get_case_classification_by_name +from app.iris_engine.module_handler.module_handler import call_modules_hook +from app.models import CaseTemplate, Webhook, Cases, Tags, NoteDirectory +from app.models.authorization import User +from app.schema.marshables import CaseSchema, CaseTaskSchema, CaseNoteDirectorySchema, CaseNoteSchema + + +def get_webhooks_list() -> List[dict]: + """Get a list of webhooks + + Returns: + List[dict]: List of webhooks + """ + webhooks = Webhook.query.with_entities( + Webhook.id, + Webhook.name, + Webhook.header_auth, + Webhook.payload_schema, + Webhook.url, + Webhook.created_at, + Webhook.updated_at, + User.name.label('added_by') + ).join( + Webhook.created_by_user + ).all() + + c_cl = [row._asdict() for row in webhooks] + return c_cl + + +def get_webhook_by_id(cur_id: int) -> Webhook: + """Get a webhook + + Args: + cur_id (int): webhook id + + Returns: + Webhook: Webhook + """ + webhook = Webhook.query.filter_by(id=cur_id).first() + return webhook + + +def delete_webhook_by_id(webhook_id: int): + """Delete a webhook + + Args: + webhook_id (int): webhook id + """ + Webhook.query.filter_by(id=webhook_id).delete() + + +def validate_webhook(data: dict, update: bool = False) -> Optional[str]: + valid_types = {"string", "number", "integer", "object", "array", "boolean", "null"} + try: + if not update: + # If it's not an update, we check the required fields + if "name" not in data: + return "Name is required." + + # if "display_name" not in data or not data["display_name"].strip(): + # data["display_name"] = data["name"] + # We check that name is not empty + if "name" in data and not data["name"].strip(): + return "Name cannot be empty." + + # # We check that author length is not above 128 chars + # if "author" in data and len(data["author"]) > 128: + # return "Author cannot be longer than 128 characters." + + # # We check that author length is not above 128 chars + # if "author" in data and len(data["author"]) > 128: + # return "Author cannot be longer than 128 characters." + + # # We check that prefix length is not above 32 chars + # if "title_prefix" in data and len(data["title_prefix"]) > 32: + # return "Prefix cannot be longer than 32 characters." + + # # We check that tags, if any, are a list of strings + # if "tags" in data: + # if not isinstance(data["tags"], list): + # return "Tags must be a list." + # for tag in data["tags"]: + # if not isinstance(tag, str): + # return "Each tag must be a string." + + + + # We check that tasks, if any, are a list of dictionaries with mandatory keys + if "header_auth" in data: + if not isinstance(data["header_auth"], list): + return "Header Auth must be a list." + for auth in data["header_auth"]: + if not isinstance(auth, dict): + return "Each header auth must be a dictionary." + if "key" not in auth: + return "Each auth must have a 'key' field." + # if "tags" in task: + # if not isinstance(task["tags"], list): + # return "Task tags must be a list." + # for tag in task["tags"]: + # if not isinstance(tag, str): + # return "Each tag must be a string." + + # We check that note groups, if any, are a list of dictionaries with mandatory keys + if "note_groups" in data: + return "Note groups has been replaced by note_directories." + + if "payload_schema" in data: + if not isinstance(data["payload_schema"], list): + return "Payload Schema must be a list." + for payload in data["payload_schema"]: + if not isinstance(payload, dict): + return "Each payload schema must be a dictionary." + if "type" not in payload: + return "Each payload directory must have a 'type' field." + if "properties" in payload: + if not isinstance(payload["properties"], list): + return "Properties must be a list." + for property in payload["properties"]: + if not isinstance(property, dict): + return "Each property must be a dictionary." + if "type" not in property: + return "Each property must have a 'type' field." + if property["type"] not in valid_types: + return f"Invalid type '{property['type']}'. Valid types are: {', '.join(valid_types)}." + + # If all checks succeeded, we return None to indicate everything is has been validated + return None + except Exception as e: + return str(e) + + +def webhook_pre_modifier(case_schema: CaseSchema, case_template_id: str): + webhook = get_webhook_by_id(int(case_template_id)) + if not webhook: + return None + if webhook.title_prefix: + case_schema.name = webhook.title_prefix + " " + case_schema.name[0] + + case_classification = get_case_classification_by_name(webhook.classification) + if case_classification: + case_schema.classification_id = case_classification.id + + return case_schema + + +def webhook_populate_header_auth(case: Cases, webhook: Webhook): + logs = [] + # Update webhooks + for header_auth_hook in webhook.header_auth: + try: + # validate before saving + auth_schema = CaseTaskSchema() + + # Remap case task template fields + # Set status to "To Do" which is ID 1 + mapped_header_auth_hook = { + "header_auth_key": header_auth_hook['key'], + "task_status_id": 1 + } + + mapped_header_auth_hook = call_modules_hook('on_preload_task_create', data=mapped_header_auth_hook, caseid=case.case_id) + + task = auth_schema.load(mapped_header_auth_hook) + + assignee_id_list = [] + + ctask = add_task(task=task, + assignee_id_list=assignee_id_list, + user_id=case.user_id, + caseid=case.case_id + ) + + ctask = call_modules_hook('on_postload_task_create', data=ctask, caseid=case.case_id) + + if not ctask: + logs.append("Unable to create auth for internal reasons") + + except marshmallow.exceptions.ValidationError as e: + logs.append(e.messages) + + return logs + + +def webhook_populate_properties(case: Cases, payload_schema_hook: dict, ng: NoteDirectory): + logs = [] + if payload_schema_hook.get("properties"): + for property_schema in payload_schema_hook["properties"]: + # validate before saving + property_sch = CaseNoteSchema() + + mapped_property_schema = { + "directory_id": ng.id, + "property_property": property_schema["property"], + "property_type": property_schema["type"] if property_schema.get("type") else "" + } + + mapped_property_schema = call_modules_hook('on_preload_note_create', + data=mapped_property_schema, + caseid=case.case_id) + + property_sch.verify_directory_id(mapped_property_schema, caseid=ng.case_id) + note = property_sch.load(mapped_property_schema) + + note.note_creationdate = datetime.utcnow() + note.note_lastupdate = datetime.utcnow() + note.note_user = case.user_id + note.note_case_id = case.case_id + + db.session.add(note) + + note = call_modules_hook('on_postload_note_create', data=note, caseid=case.case_id) + + if not note: + logs.append("Unable to add property for internal reasons") + break + return logs + + +def webhook_populate_payload_schema(case: Cases, webhook: Webhook): + logs = [] + # Update webhook tasks + if webhook.payload_schema: + webhook.payload_schema = webhook.payload_schema + + for payload_schema_hook in webhook.payload_schema: + try: + # validate before saving + payload_schema_hook = CaseNoteDirectorySchema() + + # Remap case task template fields + # Set status to "To Do" which is ID 1 + mapped_payload_schema_hook = { + "name": payload_schema_hook['title'], + "parent_id": None, + "case_id": case.case_id + } + + payload_schema = payload_schema_hook.load(mapped_payload_schema_hook) + db.session.add(payload_schema) + db.session.commit() + + if not payload_schema: + logs.append("Unable to add payload schema for internal reasons") + break + + logs = webhook_populate_properties(case, payload_schema_hook, payload_schema) + + except marshmallow.exceptions.ValidationError as e: + logs.append(e.messages) + + return logs + + +def webhook_post_modifier(case: Cases, webhook_id: Union[str, int]): + webhook = get_webhook_by_id(int(webhook_id)) + logs = [] + if not webhook: + logs.append(f"Webhook {webhook_id} not found") + return None, logs + + # Update summary, we want to append in order not to skip the initial case description + case.description += "\n" + webhook.summary + + # Update case tags + for tag_str in webhook.tags: + tag = Tags(tag_title=tag_str) + tag = tag.save() + case.tags.append(tag) + + # Update case tasks + logs = webhook_populate_header_auth(case, webhook) + if logs: + return case, logs + + # Update case note groups + logs = webhook_populate_payload_schema(case, webhook) + if logs: + return case, logs + + db.session.commit() + + return case, logs diff --git a/source/app/forms.py b/source/app/forms.py index 9e334cd6f..6a4014b1e 100644 --- a/source/app/forms.py +++ b/source/app/forms.py @@ -111,6 +111,9 @@ class AddReportTemplateForm(FlaskForm): class CaseTemplateForm(FlaskForm): case_template_json = TextAreaField(u'Case Template JSON', validators=[DataRequired()]) +class WebhookForm(FlaskForm): + webhook_json = TextAreaField(u'Webhook JSON', validators=[DataRequired()]) + class AddUserForm(FlaskForm): user_login = StringField(u'Name', validators=[DataRequired()]) diff --git a/source/app/models/authorization.py b/source/app/models/authorization.py index fae24cbd7..50aeb68a6 100644 --- a/source/app/models/authorization.py +++ b/source/app/models/authorization.py @@ -44,6 +44,9 @@ class Permissions(enum.Enum): case_templates_read = 0x100 case_templates_write = 0x200 + webhooks_read = 0x100 + webhooks_write = 0x200 + activities_read = 0x400 all_activities_read = 0x800 diff --git a/source/app/models/models.py b/source/app/models/models.py index 4a3570751..91736e336 100644 --- a/source/app/models/models.py +++ b/source/app/models/models.py @@ -231,8 +231,32 @@ class EvidenceTypes(db.Model): created_by = relationship('User') +class Webhook(db.Model): + __tablename__ = 'webhooks' + + # Metadata + id = Column(Integer, primary_key=True) + created_by_user_id = Column(Integer, db.ForeignKey('user.id')) + created_at = Column(DateTime, server_default=func.now()) + updated_at = Column(DateTime, onupdate=func.now()) + # Data + name = Column(String, nullable=False) + header_auth = Column(JSON, nullable=True) + payload_schema = Column(JSON, nullable=True) + url = Column(String, nullable=True) + + created_by_user = relationship('User') + + def __init__(self, **kwargs): + super().__init__(**kwargs) + + def update_from_dict(self, data: dict): + for field, value in data.items(): + setattr(self, field, value) + + class CaseTemplate(db.Model): - __tablename__ = 'case_template' + __tablename__ = 'case_templatess' # Metadata id = Column(Integer, primary_key=True) @@ -250,6 +274,8 @@ class CaseTemplate(db.Model): tasks = Column(JSON, nullable=True) note_directories = Column(JSON, nullable=True) classification = Column(String, nullable=True) + actions = Column(JSON, nullable=True) + triggers = Column(JSON, nullable=True) created_by_user = relationship('User') diff --git a/source/app/post_init.py b/source/app/post_init.py index 9383b5cc5..ff21d9f39 100644 --- a/source/app/post_init.py +++ b/source/app/post_init.py @@ -153,7 +153,6 @@ def run_post_init(development=False): log.info("Running DB migration") - # alembic_cfg = Config(file_='app/alembic.ini') alembic_cfg = Config(file_='source/app/alembic.ini') alembic_cfg.set_main_option('sqlalchemy.url', app.config['SQLALCHEMY_DATABASE_URI']) command.upgrade(alembic_cfg, 'head') diff --git a/source/app/schema/marshables.py b/source/app/schema/marshables.py index 2ec669f95..557215f98 100644 --- a/source/app/schema/marshables.py +++ b/source/app/schema/marshables.py @@ -812,6 +812,78 @@ def custom_attributes_merge(self, data: Dict[str, Any], **kwargs: Any) -> Dict[s return data +class WebhookSchema(ma.Schema): + """Schema for serializing and deserializing Webhook objects. + + This schema defines the fields to include when serializing and deserializing Webhook objects. + It includes fields for the template ID, the user ID of the user who created the template, the creation and update + timestamps, the name, header authentication, payload schema and URL of the Webhook. + + """ + id: int = fields.Integer(dump_only=True) + created_by_user_id: int = fields.Integer(required=True) + created_at: datetime = fields.DateTime(dump_only=True) + updated_at: datetime = fields.DateTime(dump_only=True) + name: str = fields.String(required=True) + header_auth: Optional[List[Dict[str, str]]] = fields.List(fields.Dict(), allow_none=True, missing=[]) + payload_schema: Optional[List[Dict[str, Union[str, List[Dict[str, str]]]]]] = fields.List(fields.Dict(), + allow_none=True, + missing=[]) + url: Optional[str] = fields.String(allow_none=True, missing="") + + + + def validate_string_or_list(value: Union[str, List[str]]) -> Union[str, List[str]]: + """Validates that a value is a string or a list of strings. + + This method validates that a value is either a string or a list of strings. If the value is a list, it also + validates that all items in the list are strings. + + Args: + value: The value to validate. + + Returns: + The validated value. + + Raises: + ValidationError: If the value is not a string or a list of strings. + + """ + if not isinstance(value, (str, list)): + raise ValidationError('Value must be a string or a list of strings') + if isinstance(value, list): + for item in value: + if not isinstance(item, str): + raise ValidationError('All items in list must be strings') + return value + + def validate_string_or_list_of_dict(value: Union[str, List[Dict[str, str]]]) -> Union[str, List[Dict[str, str]]]: + """Validates that a value is a string or a list of dictionaries with string values. + + This method validates that a value is either a string or a list of dictionaries with string values. If the value + is a list, it also validates that all items in the list are dictionaries with string values. + + Args: + value: The value to validate. + + Returns: + The validated value. + + Raises: + ValidationError: If the value is not a string or a list of dictionaries with string values. + + """ + if not isinstance(value, (str, list)): + raise ValidationError('Value must be a string or a list of strings') + if isinstance(value, list): + for item in value: + if not isinstance(item, dict): + raise ValidationError('All items in list must be dict') + for ivalue in item.values(): + if not isinstance(ivalue, str): + raise ValidationError('All items in dict must be str') + return value + class CaseTemplateSchema(ma.Schema): """Schema for serializing and deserializing CaseTemplate objects. @@ -891,6 +963,18 @@ def validate_string_or_list_of_dict(value: Union[str, List[Dict[str, str]]]) -> return value tasks: Optional[List[Dict[str, Union[str, List[str]]]]] = fields.List( + fields.Dict(keys=fields.Str(), values=fields.Raw()), # Removed validate_string_or_list + allow_none=True, + missing=[] + ) + + actions: Optional[List[Dict[str, Union[str, List[str]]]]] = fields.List( + fields.Dict(keys=fields.Str(), values=fields.Raw(validate=[validate_string_or_list])), + allow_none=True, + missing=[] + ) + + triggers: Optional[List[Dict[str, Union[str, List[str]]]]] = fields.List( fields.Dict(keys=fields.Str(), values=fields.Raw(validate=[validate_string_or_list])), allow_none=True, missing=[] diff --git a/source/app/static/assets/js/iris/manage.case.templates.js b/source/app/static/assets/js/iris/manage.case.templates.js index c53a33b28..d5f36d5f7 100644 --- a/source/app/static/assets/js/iris/manage.case.templates.js +++ b/source/app/static/assets/js/iris/manage.case.templates.js @@ -1,336 +1,402 @@ function add_case_template() { - let url = '/manage/case-templates/add/modal' + case_param(); - $('#modal_case_template_json').load(url, function (response, status, xhr) { - if (status !== "success") { - ajax_notify_error(xhr, url); - return false; - } + let url = "/manage/case-templates/add/modal" + case_param(); + $("#modal_case_template_json").load(url, function (response, status, xhr) { + if (status !== "success") { + ajax_notify_error(xhr, url); + return false; + } - let editor = ace.edit("editor_detail", - { - autoScrollEditorIntoView: true, - minLines: 30, - }); - editor.setTheme("ace/theme/tomorrow"); - editor.session.setMode("ace/mode/json"); - editor.renderer.setShowGutter(true); - editor.setOption("showLineNumbers", true); - editor.setOption("showPrintMargin", false); - editor.setOption("displayIndentGuides", true); - editor.setOption("maxLines", "Infinity"); - editor.session.setUseWrapMode(true); - editor.setOption("indentedSoftWrap", true); - editor.renderer.setScrollMargin(8, 5) + let editor = ace.edit("editor_detail", { + autoScrollEditorIntoView: true, + minLines: 30, + }); + editor.setTheme("ace/theme/tomorrow"); + editor.session.setMode("ace/mode/json"); + editor.renderer.setShowGutter(true); + editor.setOption("showLineNumbers", true); + editor.setOption("showPrintMargin", false); + editor.setOption("displayIndentGuides", true); + editor.setOption("maxLines", "Infinity"); + editor.session.setUseWrapMode(true); + editor.setOption("indentedSoftWrap", true); + editor.renderer.setScrollMargin(8, 5); + + editor.setOptions({ + enableBasicAutocompletion: [ + { + getCompletions: (editor, session, pos, prefix, callback) => { + callback(null, [ + { value: "name", score: 1, meta: "name of the template" }, + { + value: "display", + score: 1, + meta: "display name of the template", + }, + { + value: "description", + score: 1, + meta: "description of the template", + }, + { value: "author", score: 1, meta: "author of the template" }, + { + value: "title_prefix", + score: 1, + meta: "prefix of instantiated cases", + }, + { value: "summary", score: 1, meta: "summary of the case" }, + { + value: "tags", + score: 1, + meta: "tags of the case or the tasks", + }, + { value: "tasks", score: 1, meta: "tasks of the case" }, + { value: "note_groups", score: 1, meta: "groups of notes" }, + { + value: "title", + score: 1, + meta: "title of the task or the note group or the note", + }, + { value: "content", score: 1, meta: "content of the note" }, + { value: "action", score: 1, meta: "actions of the case" }, + { value: "triggers", score: 1, meta: "triggers of the case" }, + ]); + }, + }, + ], + enableLiveAutocompletion: true, + enableSnippets: true, + }); - editor.setOptions({ - enableBasicAutocompletion: [{ - getCompletions: (editor, session, pos, prefix, callback) => { - callback(null, [ - {value: 'name', score: 1, meta: 'name of the template'}, - {value: 'display', score: 1, meta: 'display name of the template'}, - {value: 'description', score: 1, meta: 'description of the template'}, - {value: 'author', score: 1, meta: 'author of the template'}, - {value: 'title_prefix', score: 1, meta: 'prefix of instantiated cases'}, - {value: 'summary', score: 1, meta: 'summary of the case'}, - {value: 'tags', score: 1, meta: 'tags of the case or the tasks'}, - {value: 'tasks', score: 1, meta: 'tasks of the case'}, - {value: 'note_groups', score: 1, meta: 'groups of notes'}, - {value: 'title', score: 1, meta: 'title of the task or the note group or the note'}, - {value: 'content', score: 1, meta: 'content of the note'}, - ]); - }, - }], - enableLiveAutocompletion: true, - enableSnippets: true + $("#submit_new_case_template").on("click", function () { + let data_sent = Object(); + data_sent["case_template_json"] = editor.getSession().getValue(); + data_sent["csrf_token"] = $("#csrf_token").val(); + + post_request_api( + "/manage/case-templates/add", + JSON.stringify(data_sent), + false, + function () { + window.swal({ + title: "Adding...", + text: "Please wait", + icon: "/static/assets/img/loader.gif", + button: false, + allowOutsideClick: false, + }); + } + ) + .done((data) => { + if (notify_auto_api(data)) { + refresh_case_template_table(); + $("#modal_case_template").modal("hide"); + } + }) + .fail((error) => { + let data = error.responseJSON; + $("#submit_new_case_template").text("Save"); + $("#alert_case_template_edit").text(data.message); + if (data.data && data.data.length > 0) { + let output = "
  • " + sanitizeHTML(data.data) + "
    • "; + $("#case_template_err_details_list").append(output); + + $("#alert_case_template_details").show(); + } + $("#alert_case_template_edit").show(); + }) + .always((data) => { + window.swal.close(); }); - $('#submit_new_case_template').on("click", function () { - let data_sent = Object(); - data_sent['case_template_json'] = editor.getSession().getValue(); - data_sent['csrf_token'] = $("#csrf_token").val(); - - post_request_api('/manage/case-templates/add', JSON.stringify(data_sent), false, function() { - window.swal({ - title: "Adding...", - text: "Please wait", - icon: "/static/assets/img/loader.gif", - button: false, - allowOutsideClick: false - }); - }) - .done((data) => { - if (notify_auto_api(data)) { - refresh_case_template_table(); - $('#modal_case_template').modal('hide'); - } - }) - .fail((error) => { - let data = error.responseJSON; - $('#submit_new_case_template').text('Save'); - $('#alert_case_template_edit').text(data.message); - if (data.data && data.data.length > 0) { - - let output='
  • '+ sanitizeHTML(data.data) +'
    • '; - $('#case_template_err_details_list').append(output); - - $('#alert_case_template_details').show(); - } - $('#alert_case_template_edit').show(); - }) - .always((data) => { - window.swal.close(); - }); - - return false; - }) + return false; }); - $('#modal_case_template').modal({ show: true }); + }); + $("#modal_case_template").modal({ show: true }); } -$('#case_templates_table').dataTable( { - "ajax": { - "url": "/manage/case-templates/list" + case_param(), - "contentType": "application/json", - "type": "GET", - "data": function ( d ) { - if (d.status == 'success') { - return JSON.stringify( d.data ); - } else { - return JSON.stringify([]); - } +$("#case_templates_table").dataTable({ + ajax: { + url: "/manage/case-templates/list" + case_param(), + contentType: "application/json", + type: "GET", + data: function (d) { + if (d.status == "success") { + return JSON.stringify(d.data); + } else { + return JSON.stringify([]); } }, - "order": [[ 0, "desc" ]], - "autoWidth": false, - "columns": [ - { - "data": "id", - "render": function ( data, type, row ) { - return '    ' + sanitizeHTML(data) +''; - } - }, - { - "data": "display_name", - "render": function ( data, type, row ) { - return '' + sanitizeHTML(data) +''; - } - }, - { - "data": "description" - }, - { - "data": "added_by" - }, - { - "data": "created_at" - }, - { - "data": "updated_at" - } - - ] - } -); + }, + order: [[0, "desc"]], + autoWidth: false, + columns: [ + { + data: "id", + render: function (data, type, row) { + return ( + '" + + sanitizeHTML(data) + + "" + ); + }, + }, + { + data: "display_name", + render: function (data, type, row) { + return ( + '" + + sanitizeHTML(data) + + "" + ); + }, + }, + { + data: "description", + }, + { + data: "added_by", + }, + { + data: "created_at", + }, + { + data: "updated_at", + }, + ], +}); function refresh_case_template_table() { - $('#case_templates_table').DataTable().ajax.reload(); + $("#case_templates_table").DataTable().ajax.reload(); notify_success("Refreshed"); } function delete_case_template(id) { - swal({ - title: "Are you sure ?", - text: "You won't be able to revert this !", - icon: "warning", - buttons: true, - dangerMode: true, - confirmButtonColor: '#3085d6', - cancelButtonColor: '#d33', - confirmButtonText: 'Yes, delete it!' - }) - .then((willDelete) => { - if (willDelete) { - post_request_api('/manage/case-templates/delete/' + id) - .done((data) => { - if(notify_auto_api(data)) { - window.location.href = '/manage/case-templates' + case_param(); - } - }); - } else { - swal("Pfew, that was close"); + swal({ + title: "Are you sure ?", + text: "You won't be able to revert this !", + icon: "warning", + buttons: true, + dangerMode: true, + confirmButtonColor: "#3085d6", + cancelButtonColor: "#d33", + confirmButtonText: "Yes, delete it!", + }).then((willDelete) => { + if (willDelete) { + post_request_api("/manage/case-templates/delete/" + id).done((data) => { + if (notify_auto_api(data)) { + window.location.href = "/manage/case-templates" + case_param(); } - }); + }); + } else { + swal("Pfew, that was close"); + } + }); } function case_template_detail(ctempl_id) { - let url = '/manage/case-templates/' + ctempl_id + '/modal' + case_param(); - $('#modal_case_template_json').load(url, function (response, status, xhr) { - if (status !== "success") { - ajax_notify_error(xhr, url); - return false; - } - - let editor = ace.edit("editor_detail", - { - autoScrollEditorIntoView: true, - minLines: 30, - }); - editor.setTheme("ace/theme/tomorrow"); - editor.session.setMode("ace/mode/json"); - editor.renderer.setShowGutter(true); - editor.setOption("showLineNumbers", true); - editor.setOption("showPrintMargin", false); - editor.setOption("displayIndentGuides", true); - editor.setOption("maxLines", "Infinity"); - editor.session.setUseWrapMode(true); - editor.setOption("indentedSoftWrap", true); - editor.renderer.setScrollMargin(8, 5) + let url = "/manage/case-templates/" + ctempl_id + "/modal" + case_param(); + $("#modal_case_template_json").load(url, function (response, status, xhr) { + if (status !== "success") { + ajax_notify_error(xhr, url); + return false; + } - editor.setOptions({ - enableBasicAutocompletion: [{ - getCompletions: (editor, session, pos, prefix, callback) => { - callback(null, [ - {value: 'name', score: 1, meta: 'name of the template'}, - {value: 'display_name', score: 1, meta: 'display name of the template'}, - {value: 'description', score: 1, meta: 'description of the template'}, - {value: 'author', score: 1, meta: 'author of the template'}, - {value: 'title_prefix', score: 1, meta: 'prefix of instantiated cases'}, - {value: 'summary', score: 1, meta: 'summary of the case'}, - {value: 'tags', score: 1, meta: 'tags of the case or the tasks'}, - {value: 'tasks', score: 1, meta: 'tasks of the case'}, - {value: 'note_groups', score: 1, meta: 'groups of notes'}, - {value: 'title', score: 1, meta: 'title of the task or the note group or the note'}, - {value: 'content', score: 1, meta: 'content of the note'}, - ]); - }, - }], - enableLiveAutocompletion: true, - enableSnippets: true - }); + let editor = ace.edit("editor_detail", { + autoScrollEditorIntoView: true, + minLines: 30, + }); + editor.setTheme("ace/theme/tomorrow"); + editor.session.setMode("ace/mode/json"); + editor.renderer.setShowGutter(true); + editor.setOption("showLineNumbers", true); + editor.setOption("showPrintMargin", false); + editor.setOption("displayIndentGuides", true); + editor.setOption("maxLines", "Infinity"); + editor.session.setUseWrapMode(true); + editor.setOption("indentedSoftWrap", true); + editor.renderer.setScrollMargin(8, 5); + + editor.setOptions({ + enableBasicAutocompletion: [ + { + getCompletions: (editor, session, pos, prefix, callback) => { + callback(null, [ + { value: "name", score: 1, meta: "name of the template" }, + { + value: "display_name", + score: 1, + meta: "display name of the template", + }, + { + value: "description", + score: 1, + meta: "description of the template", + }, + { value: "author", score: 1, meta: "author of the template" }, + { + value: "title_prefix", + score: 1, + meta: "prefix of instantiated cases", + }, + { value: "summary", score: 1, meta: "summary of the case" }, + { + value: "tags", + score: 1, + meta: "tags of the case or the tasks", + }, + { value: "actions", score: 1, meta: "actions of the case" }, + { value: "tasks", score: 1, meta: "tasks of the case" }, + { value: "note_groups", score: 1, meta: "groups of notes" }, + { + value: "title", + score: 1, + meta: "title of the task or the note group or the note", + }, + { value: "content", score: 1, meta: "content of the note" }, + { value: "triggers", score: 1, meta: "triggers of the case" }, + ]); + }, + }, + ], + enableLiveAutocompletion: true, + enableSnippets: true, + }); - $('#submit_new_case_template').on("click", function () { - update_case_template(ctempl_id, editor, false, false); - }); + $("#submit_new_case_template").on("click", function () { + update_case_template(ctempl_id, editor, false, false); + }); - $('#submit_delete_case_template').on("click", function () { - delete_case_template(ctempl_id); - }); + $("#submit_delete_case_template").on("click", function () { + delete_case_template(ctempl_id); }); - $('#modal_case_template').modal({ show: true }); + }); + $("#modal_case_template").modal({ show: true }); } -function update_case_template(ctempl_id, editor, partial, complete){ - event.preventDefault(); - - let data_sent = Object(); - data_sent['case_template_json'] = editor.getSession().getValue(); - data_sent['csrf_token'] = $("#csrf_token").val(); - - $('#alert_case_template_edit').empty(); - $('#alert_case_template_details').hide(); - $('#case_template_err_details_list').empty(); - - post_request_api('/manage/case-templates/update/' + ctempl_id, JSON.stringify(data_sent), false, function() { - window.swal({ - title: "Updating...", - text: "Please wait", - icon: "/static/assets/img/loader.gif", - button: false, - allowOutsideClick: false - }); - }) +function update_case_template(ctempl_id, editor, partial, complete) { + event.preventDefault(); + + let data_sent = Object(); + data_sent["case_template_json"] = editor.getSession().getValue(); + data_sent["csrf_token"] = $("#csrf_token").val(); + + $("#alert_case_template_edit").empty(); + $("#alert_case_template_details").hide(); + $("#case_template_err_details_list").empty(); + + post_request_api( + "/manage/case-templates/update/" + ctempl_id, + JSON.stringify(data_sent), + false, + function () { + window.swal({ + title: "Updating...", + text: "Please wait", + icon: "/static/assets/img/loader.gif", + button: false, + allowOutsideClick: false, + }); + } + ) .done((data) => { - notify_auto_api(data); + notify_auto_api(data); }) .fail((error) => { - let data = error.responseJSON; - $('#submit_new_case_template').text('Update'); - $('#alert_case_template_edit').text(data.message); - if (data.data && data.data.length > 0) { - let output='
  • '+ sanitizeHTML(data.data) +'
    • '; - $('#case_template_err_details_list').append(output); - - $('#alert_case_template_details').show(); - } - $('#alert_case_template_edit').show(); + let data = error.responseJSON; + $("#submit_new_case_template").text("Update"); + $("#alert_case_template_edit").text(data.message); + if (data.data && data.data.length > 0) { + let output = "
  • " + sanitizeHTML(data.data) + "
    • "; + $("#case_template_err_details_list").append(output); + + $("#alert_case_template_details").show(); + } + $("#alert_case_template_edit").show(); }) .always((data) => { - window.swal.close(); + window.swal.close(); }); - return false; + return false; } function fire_upload_case_template() { - let url = '/manage/case-templates/upload/modal' + case_param(); - $('#modal_upload_case_template_json').load(url, function (response, status, xhr) { - if (status !== "success") { - ajax_notify_error(xhr, url); - return false; - } - }); - $('#modal_upload_case_template').modal({ show: true }); + let url = "/manage/case-templates/upload/modal" + case_param(); + $("#modal_upload_case_template_json").load( + url, + function (response, status, xhr) { + if (status !== "success") { + ajax_notify_error(xhr, url); + return false; + } + } + ); + $("#modal_upload_case_template").modal({ show: true }); } function upload_case_template() { + if ($("#input_upload_case_template").val() !== "") { + var file = $("#input_upload_case_template").get(0).files[0]; + var reader = new FileReader(); + reader.onload = function (e) { + fileData = e.target.result; + var data = new Object(); + data["csrf_token"] = $("#csrf_token").val(); + data["case_template_json"] = fileData; + + post_request_api( + "/manage/case-templates/add", + JSON.stringify(data), + false, + function () { + window.swal({ + title: "Adding...", + text: "Please wait", + icon: "/static/assets/img/loader.gif", + button: false, + allowOutsideClick: false, + }); + } + ) + .done((data) => { + notify_auto_api(data); + jsdata = data; + if (jsdata.status == "success") { + refresh_case_template_table(); + $("#modal_upload_case_template").modal("hide"); + } + }) + .fail((error) => { + let data = error.responseJSON; + $("#alert_upload_case_template").text(data.message); + if (data.data && data.data.length > 0) { + let output = "
  • " + sanitizeHTML(data.data) + "
    • "; + $("#upload_case_template_err_details_list").append(output); + + $("#alert_upload_case_template_details").show(); + } + $("#alert_upload_case_template").show(); + }) + .always((data) => { + $("#input_upload_case_template").val(""); + window.swal.close(); + }); + }; + reader.readAsText(file); + } - if ($("#input_upload_case_template").val() !== "") - { - var file = $("#input_upload_case_template").get(0).files[0]; - var reader = new FileReader(); - reader.onload = function (e) { - fileData = e.target.result - var data = new Object(); - data['csrf_token'] = $('#csrf_token').val(); - data['case_template_json'] = fileData; - - post_request_api('/manage/case-templates/add', JSON.stringify(data), false, function() { - window.swal({ - title: "Adding...", - text: "Please wait", - icon: "/static/assets/img/loader.gif", - button: false, - allowOutsideClick: false - }); - }) - .done((data) => { - notify_auto_api(data); - jsdata = data; - if (jsdata.status == "success") { - refresh_case_template_table(); - $('#modal_upload_case_template').modal('hide'); - } - }) - .fail((error) => { - let data = error.responseJSON; - $('#alert_upload_case_template').text(data.message); - if (data.data && data.data.length > 0) { - - let output='
  • '+ sanitizeHTML(data.data) +'
    • '; - $('#upload_case_template_err_details_list').append(output); - - $('#alert_upload_case_template_details').show(); - } - $('#alert_upload_case_template').show(); - }) - .always((data) => { - $("#input_upload_case_template").val(""); - window.swal.close(); - }); - - }; - reader.readAsText(file); - } - - - return false; + return false; } function downloadCaseTemplateDefinition() { - event.preventDefault(); - let editor = ace.edit("editor_detail"); - let data = editor.getSession().getValue(); + event.preventDefault(); + let editor = ace.edit("editor_detail"); + let data = editor.getSession().getValue(); - let filename = "case_template.json"; - download_file(filename, 'text/json' , data); -} \ No newline at end of file + let filename = "case_template.json"; + download_file(filename, "text/json", data); +} diff --git a/source/app/static/assets/js/iris/manage.webhooks.js b/source/app/static/assets/js/iris/manage.webhooks.js index 24cd1fff8..87eef0c5d 100644 --- a/source/app/static/assets/js/iris/manage.webhooks.js +++ b/source/app/static/assets/js/iris/manage.webhooks.js @@ -1,4 +1,4 @@ -$('#webhooks_table').DataTable({ +$('#case_webhooks_table').DataTable({ "ajax": { "url": "/manage/attributes/list" + case_param(), "contentType": "application/json", @@ -20,8 +20,8 @@ $('#webhooks_table').DataTable({ }); // Event listener for row clicks -$('#webhooks_table tbody').on('click', 'tr', function () { - var table = $('#webhooks_table').DataTable(); +$('#case_webhooks_table tbody').on('click', 'tr', function () { + var table = $('#case_webhooks_table').DataTable(); var data = table.row(this).data(); // Populate modal with data @@ -68,3 +68,357 @@ document.getElementById('copyModalContent').addEventListener('click', function() } }); +function add_webhook() { + let url = "/manage/webhooks/add/modal" + case_param(); + $("#modal_webhook_json").load(url, function (response, status, xhr) { + if (status !== "success") { + ajax_notify_error(xhr, url); + return false; + } + + let editor = ace.edit("editor_detail", { + autoScrollEditorIntoView: true, + minLines: 30, + }); + editor.setTheme("ace/theme/tomorrow"); + editor.session.setMode("ace/mode/json"); + editor.renderer.setShowGutter(true); + editor.setOption("showLineNumbers", true); + editor.setOption("showPrintMargin", false); + editor.setOption("displayIndentGuides", true); + editor.setOption("maxLines", "Infinity"); + editor.session.setUseWrapMode(true); + editor.setOption("indentedSoftWrap", true); + editor.renderer.setScrollMargin(8, 5); + + editor.setOptions({ + enableBasicAutocompletion: [ + { + getCompletions: (editor, session, pos, prefix, callback) => { + callback(null, [ + { value: "name", score: 1, meta: "name of the webhook" }, + { + value: "header_auth", + score: 1, + meta: "header auth of the webhook", + }, + { + value: "payload_schema", + score: 1, + meta: "payload of the webhook", + }, + { value: "url", score: 1, meta: "url of the webhook" }, + ]); + }, + }, + ], + enableLiveAutocompletion: true, + enableSnippets: true, + }); + + $("#submit_new_webhook").on("click", function () { + let data_sent = Object(); + data_sent["webhook_json"] = editor.getSession().getValue(); + data_sent["csrf_token"] = $("#csrf_token").val(); + + post_request_api( + "/manage/webhooks/add", + JSON.stringify(data_sent), + false, + function () { + window.swal({ + title: "Adding...", + text: "Please wait", + icon: "/static/assets/img/loader.gif", + button: false, + allowOutsideClick: false, + }); + } + ) + .done((data) => { + if (notify_auto_api(data)) { + refresh_webhook_table(); + $("#modal_webhook").modal("hide"); + } + }) + .fail((error) => { + let data = error.responseJSON; + $("#submit_new_webhook").text("Save"); + $("#alert_webhook_edit").text(data.message); + if (data.data && data.data.length > 0) { + let output = "
  • " + sanitizeHTML(data.data) + "
    • "; + $("#webhook_err_details_list").append(output); + + $("#alert_webhook_details").show(); + } + $("#alert_webhook_edit").show(); + }) + .always((data) => { + window.swal.close(); + }); + + return false; + }); + }); + $("#modal_webhook").modal({ show: true }); +} + +$("#webhooks_table").dataTable({ + ajax: { + url: "/manage/webhooks/list" + case_param(), + contentType: "application/json", + type: "GET", + data: function (d) { + if (d.status == "success") { + return JSON.stringify(d.data); + } else { + return JSON.stringify([]); + } + }, + }, + order: [[0, "desc"]], + autoWidth: false, + columns: [ + { + data: "id", + render: function (data, type, row) { + return ( + '" + + sanitizeHTML(data) + + "" + ); + }, + }, + { + data: "name", + render: function (data, type, row) { + return ( + '" + + sanitizeHTML(data) + + "" + ); + }, + }, + { + data: "header_auth", + }, + { + data: "payload_schema", + }, + { + data: "url", + }, + ], +}); + +function refresh_webhook_table() { + $("#webhooks_table").DataTable().ajax.reload(); + notify_success("Refreshed"); +} + +function delete_webhook(id) { + swal({ + title: "Are you sure ?", + text: "You won't be able to revert this !", + icon: "warning", + buttons: true, + dangerMode: true, + confirmButtonColor: "#3085d6", + cancelButtonColor: "#d33", + confirmButtonText: "Yes, delete it!", + }).then((willDelete) => { + if (willDelete) { + post_request_api("/manage/webhooks/delete/" + id).done((data) => { + if (notify_auto_api(data)) { + window.location.href = "/manage/webhooks" + case_param(); + } + }); + } else { + swal("Pfew, that was close"); + } + }); +} + +function webhook_detail(ctempl_id) { + let url = "/manage/webhooks/" + ctempl_id + "/modal" + case_param(); + $("#modal_webhook_json").load(url, function (response, status, xhr) { + if (status !== "success") { + ajax_notify_error(xhr, url); + return false; + } + + let editor = ace.edit("editor_detail", { + autoScrollEditorIntoView: true, + minLines: 30, + }); + editor.setTheme("ace/theme/tomorrow"); + editor.session.setMode("ace/mode/json"); + editor.renderer.setShowGutter(true); + editor.setOption("showLineNumbers", true); + editor.setOption("showPrintMargin", false); + editor.setOption("displayIndentGuides", true); + editor.setOption("maxLines", "Infinity"); + editor.session.setUseWrapMode(true); + editor.setOption("indentedSoftWrap", true); + editor.renderer.setScrollMargin(8, 5); + + editor.setOptions({ + enableBasicAutocompletion: [ + { + getCompletions: (editor, session, pos, prefix, callback) => { + callback(null, [ + { value: "name", score: 1, meta: "name of the webhook" }, + { + value: "header_auth", + score: 1, + meta: "header auth of the webhook", + }, + { + value: "payload_schema", + score: 1, + meta: "payload of the webhook", + }, + { value: "url", score: 1, meta: "url of the webhook" }, + ]); + }, + }, + ], + enableLiveAutocompletion: true, + enableSnippets: true, + }); + + $("#submit_new_webhook").on("click", function () { + update_webhook(ctempl_id, editor, false, false); + }); + + $("#submit_delete_webhook").on("click", function () { + delete_webhook(ctempl_id); + }); + }); + $("#modal_webhook").modal({ show: true }); +} + +function update_webhook(ctempl_id, editor, partial, complete) { + event.preventDefault(); + + let data_sent = Object(); + data_sent["webhook_json"] = editor.getSession().getValue(); + data_sent["csrf_token"] = $("#csrf_token").val(); + + $("#alert_webhook_edit").empty(); + $("#alert_webhook_details").hide(); + $("#webhook_err_details_list").empty(); + + post_request_api( + "/manage/webhooks/update/" + ctempl_id, + JSON.stringify(data_sent), + false, + function () { + window.swal({ + title: "Updating...", + text: "Please wait", + icon: "/static/assets/img/loader.gif", + button: false, + allowOutsideClick: false, + }); + } + ) + .done((data) => { + notify_auto_api(data); + }) + .fail((error) => { + let data = error.responseJSON; + $("#submit_webhook_template").text("Update"); + $("#alert_webhook_edit").text(data.message); + if (data.data && data.data.length > 0) { + let output = "
  • " + sanitizeHTML(data.data) + "
    • "; + $("#webhook_err_details_list").append(output); + + $("#alert_webhook_details").show(); + } + $("#alert_webhook_edit").show(); + }) + .always((data) => { + window.swal.close(); + }); + + return false; +} + +function fire_upload_webhook() { + let url = "/manage/webhooks/upload/modal" + case_param(); + $("#modal_upload_webhook_json").load(url, function (response, status, xhr) { + if (status !== "success") { + ajax_notify_error(xhr, url); + return false; + } + }); + $("#modal_upload_webhook").modal({ show: true }); +} + +function upload_webhook() { + if ($("#input_upload_webhook").val() !== "") { + var file = $("#input_upload_webhook").get(0).files[0]; + var reader = new FileReader(); + reader.onload = function (e) { + fileData = e.target.result; + var data = new Object(); + data["csrf_token"] = $("#csrf_token").val(); + data["webhook_json"] = fileData; + + post_request_api( + "/manage/webhooks/add", + JSON.stringify(data), + false, + function () { + window.swal({ + title: "Adding...", + text: "Please wait", + icon: "/static/assets/img/loader.gif", + button: false, + allowOutsideClick: false, + }); + } + ) + .done((data) => { + notify_auto_api(data); + jsdata = data; + if (jsdata.status == "success") { + refresh_webhook_table(); + $("#modal_upload_webhook").modal("hide"); + } + }) + .fail((error) => { + let data = error.responseJSON; + $("#alert_upload_webhook").text(data.message); + if (data.data && data.data.length > 0) { + let output = "
  • " + sanitizeHTML(data.data) + "
    • "; + $("#upload_webhook_err_details_list").append(output); + + $("#alert_upload_webhook_details").show(); + } + $("#alert_upload_webhook").show(); + }) + .always((data) => { + $("#input_upload_webhook").val(""); + window.swal.close(); + }); + }; + reader.readAsText(file); + } + + return false; +} + +function downloadwebhookDefinition() { + event.preventDefault(); + let editor = ace.edit("editor_detail"); + let data = editor.getSession().getValue(); + + let filename = "webhook.json"; + download_file(filename, "text/json", data); +} diff --git a/source/app/templates/includes/sidenav.html b/source/app/templates/includes/sidenav.html index e39592652..ca07a2387 100644 --- a/source/app/templates/includes/sidenav.html +++ b/source/app/templates/includes/sidenav.html @@ -133,6 +133,14 @@

    Manage

    {% endif %} + {% if user_has_perm(std_permissions.server_administrator) %} +
  • + + + Webhooks + +
    • + {% endif %} {% if user_has_perm(std_permissions.customers_read) %}
  • diff --git a/source/app/views.py b/source/app/views.py index 916eb75e2..ab955bfe5 100644 --- a/source/app/views.py +++ b/source/app/views.py @@ -52,6 +52,7 @@ from app.blueprints.manage.manage_groups import manage_groups_blueprint from app.blueprints.manage.manage_ioc_types_routes import manage_ioc_type_blueprint from app.blueprints.manage.manage_modules_routes import manage_modules_blueprint +from app.blueprints.manage.manage_webhooks_routes import manage_webhooks_blueprint from app.blueprints.manage.manage_objects_routes import manage_objects_blueprint from app.blueprints.manage.manage_severities_routes import manage_severities_blueprint from app.blueprints.manage.manage_srv_settings_routes import manage_srv_settings_blueprint @@ -81,6 +82,7 @@ app.register_blueprint(manage_users_blueprint) app.register_blueprint(manage_templates_blueprint) app.register_blueprint(manage_modules_blueprint) +app.register_blueprint(manage_webhooks_blueprint) app.register_blueprint(manage_customers_blueprint) app.register_blueprint(manage_anastatus_blueprint) app.register_blueprint(manage_ioc_type_blueprint) diff --git a/source/requirements.txt b/source/requirements.txt index 69c5a234e..306c492e4 100644 --- a/source/requirements.txt +++ b/source/requirements.txt @@ -41,6 +41,7 @@ Debugpy # unfortunately we are relying on a beta version here. I hope a definitive version gets released soon graphql-server[flask]==3.0.0b7 graphene-sqlalchemy==3.0.0rc1 +Debugpy dependencies/docx_generator-0.8.0-py3-none-any.whl dependencies/iris_interface-1.2.0-py3-none-any.whl From fff50d52d880e7b43e56ac88d61b41c06c18cd04 Mon Sep 17 00:00:00 2001 From: Maham Riaz Keyani Date: Mon, 18 Nov 2024 11:59:59 +0500 Subject: [PATCH 22/80] docker duplication removed --- docker-compose.base.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/docker-compose.base.yml b/docker-compose.base.yml index 45bbe6212..0305533ec 100644 --- a/docker-compose.base.yml +++ b/docker-compose.base.yml @@ -38,8 +38,6 @@ services: - "0.0.0.0:5432:5432" volumes: - db_data:/var/lib/postgresql/data - ports: - - "0.0.0.0:5432:5432" app: container_name: iriswebapp_app From ce18a8836f60f0a8aa8d77b26fd59bc3bc42208d Mon Sep 17 00:00:00 2001 From: Maham Riaz Keyani Date: Mon, 18 Nov 2024 15:00:00 +0500 Subject: [PATCH 23/80] fixed case_template name. --- .../static/assets/js/iris/manage.webhooks.js | 128 +++++++++--------- 1 file changed, 67 insertions(+), 61 deletions(-) diff --git a/source/app/static/assets/js/iris/manage.webhooks.js b/source/app/static/assets/js/iris/manage.webhooks.js index 87eef0c5d..2ce542ada 100644 --- a/source/app/static/assets/js/iris/manage.webhooks.js +++ b/source/app/static/assets/js/iris/manage.webhooks.js @@ -1,72 +1,78 @@ -$('#case_webhooks_table').DataTable({ - "ajax": { - "url": "/manage/attributes/list" + case_param(), - "contentType": "application/json", - "type": "GET", - "data": function (d) { - return d.status === 'success' ? JSON.stringify(d.data) : []; - } +// // Event listener for row clicks +// Initialize DataTable +$("#case_webhooks_table").dataTable({ + ajax: { + url: "/manage/webhooks/list" + case_param(), + contentType: "application/json", + type: "GET", + data: function (d) { + if (d.status == "success") { + return JSON.stringify(d.data); + } else { + return JSON.stringify([]); + } }, - "order": [[0, "desc"]], - "autoWidth": false, - "columns": [ - { - "data": "attribute_display_name" - }, - { - "data": "attribute_description" - } - ] + }, + order: [[0, "desc"]], + autoWidth: false, + columns: [ + { + data: "id", + }, + { + data: "name", + }, + ], }); -// Event listener for row clicks + +// Add event listener for row clicks $('#case_webhooks_table tbody').on('click', 'tr', function () { - var table = $('#case_webhooks_table').DataTable(); - var data = table.row(this).data(); + var data = table.row(this).data(); - // Populate modal with data - $('#webhookName').text(data.attribute_display_name); - $('#webhookDescription').text(data.attribute_description); + // Populate modal with data + $('#webhookId').text(data.id); // Update with 'I' field + $('#webhookName').text(data.name); // Update with 'name' field - // Show modal - $('#webhookModal').modal('show'); + // Show modal + $('#webhookModal').modal('show'); }); -document.getElementById('copyModalContent').addEventListener('click', function() { - // Select the elements containing the modal data - const name = document.getElementById('webhookName').innerText; - const description = document.getElementById('webhookDescription').innerText; - - // Format the content to be copied - const modalContent = `Name: ${name}\nDescription: ${description}`; - - // Check if the browser supports navigator.clipboard - if (navigator.clipboard && window.isSecureContext) { - // Use Clipboard API for modern browsers - navigator.clipboard.writeText(modalContent).then(() => { - notify_success('Content copied to clipboard!'); - }).catch(err => { - console.error('Failed to copy content: ', err); - notify_success('Failed to copy content.'); - }); - } else { - // Fallback method for older browsers - const tempTextArea = document.createElement('textarea'); - tempTextArea.value = modalContent; - document.body.appendChild(tempTextArea); - tempTextArea.select(); - - try { - document.execCommand('copy'); - notify_success("content copied"); - } catch (err) { - console.error('Failed to copy content: ', err); - notify_error("failed to copy content"); - } - - document.body.removeChild(tempTextArea); - } -}); +// document.getElementById('copyModalContent').addEventListener('click', function() { +// // Select the elements containing the modal data +// const name = document.getElementById('webhookName').innerText; +// const description = document.getElementById('webhookDescription').innerText; + +// // Format the content to be copied +// const modalContent = `Name: ${name}\nDescription: ${description}`; + +// // Check if the browser supports navigator.clipboard +// if (navigator.clipboard && window.isSecureContext) { +// // Use Clipboard API for modern browsers +// navigator.clipboard.writeText(modalContent).then(() => { +// notify_success('Content copied to clipboard!'); +// }).catch(err => { +// console.error('Failed to copy content: ', err); +// notify_success('Failed to copy content.'); +// }); +// } else { +// // Fallback method for older browsers +// const tempTextArea = document.createElement('textarea'); +// tempTextArea.value = modalContent; +// document.body.appendChild(tempTextArea); +// tempTextArea.select(); + +// try { +// document.execCommand('copy'); +// notify_success("content copied"); +// } catch (err) { +// console.error('Failed to copy content: ', err); +// notify_error("failed to copy content"); +// } + +// document.body.removeChild(tempTextArea); +// } +// }); function add_webhook() { let url = "/manage/webhooks/add/modal" + case_param(); From fea32d5570bdb1b4a277960110937e7349157aa7 Mon Sep 17 00:00:00 2001 From: Muhammad Hanzila Date: Tue, 19 Nov 2024 13:26:15 +0500 Subject: [PATCH 24/80] JSON Schema validation, input params etc --- .../manage/manage_case_templates_routes.py | 1 + .../manage/manage_webhooks_routes.py | 15 +--- .../manage/templates/manage_webhooks.html | 4 - .../manage/manage_case_templates_db.py | 84 ++++++++++++------- .../app/datamgmt/manage/manage_webhooks_db.py | 63 ++++---------- source/app/models/models.py | 5 +- source/app/schema/marshables.py | 11 +-- .../assets/js/iris/manage.case.templates.js | 10 +++ .../static/assets/js/iris/manage.webhooks.js | 6 -- 9 files changed, 88 insertions(+), 111 deletions(-) diff --git a/source/app/blueprints/manage/manage_case_templates_routes.py b/source/app/blueprints/manage/manage_case_templates_routes.py index d189aec73..58a7ae248 100644 --- a/source/app/blueprints/manage/manage_case_templates_routes.py +++ b/source/app/blueprints/manage/manage_case_templates_routes.py @@ -156,6 +156,7 @@ def add_template_modal(): { "webhook_id": "Webhook Id", "display_name": "Trigger Name", + "input_params": "JSON Schema" } ] } diff --git a/source/app/blueprints/manage/manage_webhooks_routes.py b/source/app/blueprints/manage/manage_webhooks_routes.py index 07d606d9b..965860a55 100644 --- a/source/app/blueprints/manage/manage_webhooks_routes.py +++ b/source/app/blueprints/manage/manage_webhooks_routes.py @@ -98,20 +98,11 @@ def add_template_modal(): "name": "webhook name", "header_auth": [ { - "key": "Value 1" + "key": "key 1", + "value": "value 1" } ], - "payload_schema": json.loads('''[ - { - "type": "object", - "properties": [ - { - "property": "property name", - "type": "string" - } - ] - } - ]'''), + "payload_schema": "JSON Schema", "url": "webhook URL", } diff --git a/source/app/blueprints/manage/templates/manage_webhooks.html b/source/app/blueprints/manage/templates/manage_webhooks.html index a01943235..bb5dc48d7 100644 --- a/source/app/blueprints/manage/templates/manage_webhooks.html +++ b/source/app/blueprints/manage/templates/manage_webhooks.html @@ -48,8 +48,6 @@ #ID Name - Header Auth - Payload Schema URL @@ -57,8 +55,6 @@ #ID Name - Header Auth - Payload Schema URL diff --git a/source/app/datamgmt/manage/manage_case_templates_db.py b/source/app/datamgmt/manage/manage_case_templates_db.py index cc30f5891..1a87e7760 100644 --- a/source/app/datamgmt/manage/manage_case_templates_db.py +++ b/source/app/datamgmt/manage/manage_case_templates_db.py @@ -15,6 +15,7 @@ # along with this program; if not, write to the Free Software Foundation, # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. import marshmallow +import jsonschema from datetime import datetime from typing import List, Optional, Union @@ -75,41 +76,23 @@ def delete_case_template_by_id(case_template_id: int): """ CaseTemplate.query.filter_by(id=case_template_id).delete() - def validate_case_template(data: dict, update: bool = False) -> Optional[str]: try: if not update: - # If it's not an update, we check the required fields if "name" not in data: return "Name is required." - if "display_name" not in data or not data["display_name"].strip(): - data["display_name"] = data["name"] - # We check that name is not empty if "name" in data and not data["name"].strip(): return "Name cannot be empty." - # We check that author length is not above 128 chars - if "author" in data and len(data["author"]) > 128: - return "Author cannot be longer than 128 characters." - - # We check that author length is not above 128 chars - if "author" in data and len(data["author"]) > 128: - return "Author cannot be longer than 128 characters." - - # We check that prefix length is not above 32 chars - if "title_prefix" in data and len(data["title_prefix"]) > 32: - return "Prefix cannot be longer than 32 characters." - - # We check that tags, if any, are a list of strings if "tags" in data: if not isinstance(data["tags"], list): return "Tags must be a list." for tag in data["tags"]: if not isinstance(tag, str): return "Each tag must be a string." - - # We check that tasks, if any, are a list of dictionaries with mandatory keys + + if "tasks" in data: if not isinstance(data["tasks"], list): return "Tasks must be a list." @@ -124,25 +107,27 @@ def validate_case_template(data: dict, update: bool = False) -> Optional[str]: for tag in task["tags"]: if not isinstance(tag, str): return "Each tag must be a string." - - # Check actions within the task if "actions" in task: if not isinstance(task["actions"], list): return "Actions must be a list." for action in task["actions"]: if not isinstance(action, dict): return "Each action must be a dictionary." + # Check for required properties if "webhook_id" not in action: return "Each action must have a 'webhook_id' field." if "display_name" not in action: return "Each action must have a 'display_name' field." - - # Check if webhook_id matches an existing Webhook.id + # Check for extra properties + allowed_keys = {"webhook_id", "display_name"} + extra_keys = set(action.keys()) - allowed_keys + if extra_keys: + return f"Invalid properties in action: {', '.join(extra_keys)}. Only 'webhook_id' and 'display_name' are allowed." webhook = get_webhook_by_id(action["webhook_id"]) if not webhook: return f"Webhook with id {action['webhook_id']} does not exist." - - # We check that action, if any, are a list of dictionaries with mandatory keys + + if "triggers" in data: if not isinstance(data["triggers"], list): return "Trigger must be a list." @@ -153,15 +138,53 @@ def validate_case_template(data: dict, update: bool = False) -> Optional[str]: return "Each trigger must have a 'webhook_id' field." if "display_name" not in trigger: return "Each trigger must have a 'display_name' field." - # Check if webhook_id matches an existing Webhook.id + webhook = get_webhook_by_id(trigger["webhook_id"]) if not webhook: return f"Webhook with id {trigger['webhook_id']} does not exist." - - # We check that note groups, if any, are a list of dictionaries with mandatory keys + if "input_params" in trigger: + input_params = trigger["input_params"] + if not isinstance(input_params, dict): + return "input_params must be a dictionary." + + payload_schema = webhook.payload_schema + if not payload_schema: + return f"Webhook {webhook.name} has no payload schema." + + # Validate required fields + required_fields = payload_schema.get("items", {}).get("required", []) + for field in required_fields: + if field not in input_params: + return f"Field '{field}' is required in input_params for webhook '{webhook.name}'." + + # Validate properties + properties = payload_schema.get("items", {}).get("properties", {}) + for key, value in input_params.items(): + if key not in properties: + return f"Field '{key}' is not valid for webhook '{webhook.name}'." + prop_schema = properties[key] + TYPE_MAPPING = { + "string": str, + "integer": int, + "boolean": bool, + "array": list, + "object": dict, + } + expected_type = prop_schema.get("type") + if expected_type: + # Map schema type to Python type + python_type = TYPE_MAPPING.get(expected_type) + if not python_type: + return f"Unsupported type '{expected_type}' in schema for field '{key}'." + if not isinstance(value, python_type): + return f"Field '{key}' must be of type '{expected_type}'." + + if prop_schema.get("minLength") and len(value) < prop_schema["minLength"]: + return f"Field '{key}' must have at least {prop_schema['minLength']} characters." + if "note_groups" in data: - return "Note groups has been replaced by note_directories." + return "Note groups have been replaced by note_directories." if "note_directories" in data: if not isinstance(data["note_directories"], list): @@ -180,7 +203,6 @@ def validate_case_template(data: dict, update: bool = False) -> Optional[str]: if "title" not in note: return "Each note must have a 'title' field." - # If all checks succeeded, we return None to indicate everything is has been validated return None except Exception as e: return str(e) diff --git a/source/app/datamgmt/manage/manage_webhooks_db.py b/source/app/datamgmt/manage/manage_webhooks_db.py index 1affbe9a9..2e69a6515 100644 --- a/source/app/datamgmt/manage/manage_webhooks_db.py +++ b/source/app/datamgmt/manage/manage_webhooks_db.py @@ -15,6 +15,7 @@ # along with this program; if not, write to the Free Software Foundation, # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. import marshmallow +import jsonschema from datetime import datetime from typing import List, Optional, Union @@ -38,7 +39,6 @@ def get_webhooks_list() -> List[dict]: Webhook.id, Webhook.name, Webhook.header_auth, - Webhook.payload_schema, Webhook.url, Webhook.created_at, Webhook.updated_at, @@ -81,32 +81,9 @@ def validate_webhook(data: dict, update: bool = False) -> Optional[str]: if "name" not in data: return "Name is required." - # if "display_name" not in data or not data["display_name"].strip(): - # data["display_name"] = data["name"] # We check that name is not empty if "name" in data and not data["name"].strip(): - return "Name cannot be empty." - - # # We check that author length is not above 128 chars - # if "author" in data and len(data["author"]) > 128: - # return "Author cannot be longer than 128 characters." - - # # We check that author length is not above 128 chars - # if "author" in data and len(data["author"]) > 128: - # return "Author cannot be longer than 128 characters." - - # # We check that prefix length is not above 32 chars - # if "title_prefix" in data and len(data["title_prefix"]) > 32: - # return "Prefix cannot be longer than 32 characters." - - # # We check that tags, if any, are a list of strings - # if "tags" in data: - # if not isinstance(data["tags"], list): - # return "Tags must be a list." - # for tag in data["tags"]: - # if not isinstance(tag, str): - # return "Each tag must be a string." - + return "Name cannot be empty." # We check that tasks, if any, are a list of dictionaries with mandatory keys @@ -118,35 +95,23 @@ def validate_webhook(data: dict, update: bool = False) -> Optional[str]: return "Each header auth must be a dictionary." if "key" not in auth: return "Each auth must have a 'key' field." - # if "tags" in task: - # if not isinstance(task["tags"], list): - # return "Task tags must be a list." - # for tag in task["tags"]: - # if not isinstance(tag, str): - # return "Each tag must be a string." + if "value" not in auth: + return "Each auth must have a 'value' field." + # We check that note groups, if any, are a list of dictionaries with mandatory keys if "note_groups" in data: return "Note groups has been replaced by note_directories." - + + # Validate the input_params field if "payload_schema" in data: - if not isinstance(data["payload_schema"], list): - return "Payload Schema must be a list." - for payload in data["payload_schema"]: - if not isinstance(payload, dict): - return "Each payload schema must be a dictionary." - if "type" not in payload: - return "Each payload directory must have a 'type' field." - if "properties" in payload: - if not isinstance(payload["properties"], list): - return "Properties must be a list." - for property in payload["properties"]: - if not isinstance(property, dict): - return "Each property must be a dictionary." - if "type" not in property: - return "Each property must have a 'type' field." - if property["type"] not in valid_types: - return f"Invalid type '{property['type']}'. Valid types are: {', '.join(valid_types)}." + try: + # Attempt to validate the payload_schema as a JSON Schema + jsonschema.Draft7Validator.check_schema(data["payload_schema"]) + except jsonschema.exceptions.SchemaError as e: + return f"Invalid JSON Schema in 'payload_schema': {e.message}" + except Exception as e: + return f"Unexpected error in 'payload_schema' validation: {str(e)}" # If all checks succeeded, we return None to indicate everything is has been validated return None diff --git a/source/app/models/models.py b/source/app/models/models.py index 91736e336..050af113c 100644 --- a/source/app/models/models.py +++ b/source/app/models/models.py @@ -232,7 +232,7 @@ class EvidenceTypes(db.Model): class Webhook(db.Model): - __tablename__ = 'webhooks' + __tablename__ = 'webhooksss' # Metadata id = Column(Integer, primary_key=True) @@ -256,7 +256,7 @@ def update_from_dict(self, data: dict): class CaseTemplate(db.Model): - __tablename__ = 'case_templatess' + __tablename__ = 'case_templatessss' # Metadata id = Column(Integer, primary_key=True) @@ -276,6 +276,7 @@ class CaseTemplate(db.Model): classification = Column(String, nullable=True) actions = Column(JSON, nullable=True) triggers = Column(JSON, nullable=True) + input_params = Column(JSON, nullable=True) created_by_user = relationship('User') diff --git a/source/app/schema/marshables.py b/source/app/schema/marshables.py index 557215f98..0bf33baa2 100644 --- a/source/app/schema/marshables.py +++ b/source/app/schema/marshables.py @@ -826,12 +826,8 @@ class WebhookSchema(ma.Schema): updated_at: datetime = fields.DateTime(dump_only=True) name: str = fields.String(required=True) header_auth: Optional[List[Dict[str, str]]] = fields.List(fields.Dict(), allow_none=True, missing=[]) - payload_schema: Optional[List[Dict[str, Union[str, List[Dict[str, str]]]]]] = fields.List(fields.Dict(), - allow_none=True, - missing=[]) url: Optional[str] = fields.String(allow_none=True, missing="") - - + payload_schema: Optional[dict] = fields.Dict(allow_none=True, missing={}) def validate_string_or_list(value: Union[str, List[str]]) -> Union[str, List[str]]: """Validates that a value is a string or a list of strings. @@ -906,6 +902,7 @@ class CaseTemplateSchema(ma.Schema): title_prefix: Optional[str] = fields.String(allow_none=True, validate=Length(max=32), missing="") summary: Optional[str] = fields.String(allow_none=True, missing="") tags: Optional[List[str]] = fields.List(fields.String(), allow_none=True, missing=[]) + input_params: Optional[List[str]] = fields.List(fields.String(), allow_none=True, missing=[]) classification: Optional[str] = fields.String(allow_none=True, missing="") note_directories: Optional[List[Dict[str, Union[str, List[Dict[str, str]]]]]] = fields.List(fields.Dict(), allow_none=True, @@ -963,7 +960,7 @@ def validate_string_or_list_of_dict(value: Union[str, List[Dict[str, str]]]) -> return value tasks: Optional[List[Dict[str, Union[str, List[str]]]]] = fields.List( - fields.Dict(keys=fields.Str(), values=fields.Raw()), # Removed validate_string_or_list + fields.Dict(keys=fields.Str(), values=fields.Raw()), allow_none=True, missing=[] ) @@ -975,7 +972,7 @@ def validate_string_or_list_of_dict(value: Union[str, List[Dict[str, str]]]) -> ) triggers: Optional[List[Dict[str, Union[str, List[str]]]]] = fields.List( - fields.Dict(keys=fields.Str(), values=fields.Raw(validate=[validate_string_or_list])), + fields.Dict(keys=fields.Str(), values=fields.Raw()), allow_none=True, missing=[] ) diff --git a/source/app/static/assets/js/iris/manage.case.templates.js b/source/app/static/assets/js/iris/manage.case.templates.js index d5f36d5f7..438d69138 100644 --- a/source/app/static/assets/js/iris/manage.case.templates.js +++ b/source/app/static/assets/js/iris/manage.case.templates.js @@ -59,6 +59,11 @@ function add_case_template() { { value: "content", score: 1, meta: "content of the note" }, { value: "action", score: 1, meta: "actions of the case" }, { value: "triggers", score: 1, meta: "triggers of the case" }, + { + value: "input_params", + score: 1, + meta: "input_params of the case or the triggers", + }, ]); }, }, @@ -258,6 +263,11 @@ function case_template_detail(ctempl_id) { }, { value: "content", score: 1, meta: "content of the note" }, { value: "triggers", score: 1, meta: "triggers of the case" }, + { + value: "input_params", + score: 1, + meta: "input_params of the case or the triggers", + }, ]); }, }, diff --git a/source/app/static/assets/js/iris/manage.webhooks.js b/source/app/static/assets/js/iris/manage.webhooks.js index 8b84df727..bcfb8e9a6 100644 --- a/source/app/static/assets/js/iris/manage.webhooks.js +++ b/source/app/static/assets/js/iris/manage.webhooks.js @@ -133,12 +133,6 @@ $("#webhooks_table").dataTable({ ); }, }, - { - data: "header_auth", - }, - { - data: "payload_schema", - }, { data: "url", }, From 4917ac47219d78a100ec2dca5f930080aaf05402 Mon Sep 17 00:00:00 2001 From: Maham Riaz Keyani Date: Tue, 19 Nov 2024 13:29:08 +0500 Subject: [PATCH 25/80] upadtes modal_case_template --- .../manage/templates/modal_case_template.html | 30 ++++--------------- 1 file changed, 6 insertions(+), 24 deletions(-) diff --git a/source/app/blueprints/manage/templates/modal_case_template.html b/source/app/blueprints/manage/templates/modal_case_template.html index 79d0970dd..2947566f7 100644 --- a/source/app/blueprints/manage/templates/modal_case_template.html +++ b/source/app/blueprints/manage/templates/modal_case_template.html @@ -178,6 +178,7 @@

    Field types

    • +
    @@ -188,40 +189,21 @@

    Field types

    id="case_webhooks_table"> + ID Name - Description + Action + ID Name - Description + Action
    -
    -
    -
    -
    - -
    diff --git a/source/app/static/assets/js/iris/manage.webhooks.js b/source/app/static/assets/js/iris/manage.webhooks.js index 30500e37b..e0ef827e0 100644 --- a/source/app/static/assets/js/iris/manage.webhooks.js +++ b/source/app/static/assets/js/iris/manage.webhooks.js @@ -22,10 +22,12 @@ $("#case_webhooks_table").dataTable({ { data: "name", }, + { + data: "url", + }, ], }); - // Add event listener for row clicks $('#case_webhooks_table tbody').on('click', 'tr', function () { var data = table.row(this).data(); From 719bfc2283d35ef86f4d754a61696e7613d683c2 Mon Sep 17 00:00:00 2001 From: Maham Riaz Keyani Date: Wed, 20 Nov 2024 10:54:13 +0500 Subject: [PATCH 28/80] webhooks list loaded --- .../manage/manage_webhooks_routes.py | 25 +++- .../app/datamgmt/manage/manage_webhooks_db.py | 3 + .../static/assets/js/iris/manage.webhooks.js | 121 +++++++++++++----- 3 files changed, 116 insertions(+), 33 deletions(-) diff --git a/source/app/blueprints/manage/manage_webhooks_routes.py b/source/app/blueprints/manage/manage_webhooks_routes.py index 965860a55..579acc83c 100644 --- a/source/app/blueprints/manage/manage_webhooks_routes.py +++ b/source/app/blueprints/manage/manage_webhooks_routes.py @@ -1,6 +1,6 @@ # IMPORTS ------------------------------------------------ import json -from flask import Blueprint +from flask import Blueprint, abort, jsonify from flask import redirect from flask import render_template from flask import request @@ -54,6 +54,29 @@ def list_webhooks(): # Return the attributes return response_success("", data=webhooks) +@manage_webhooks_blueprint.route('/manage/webhooks/', methods=['GET']) +@ac_api_requires(Permissions.webhooks_read) +def get_webhook(cur_id): + """Fetch a webhook by ID + + Args: + cur_id (int): webhook ID + + Returns: + JSON Response: Webhook details + """ + webhook = get_webhook_by_id(cur_id) + if not webhook: + return response_error(f"Invalid webhook ID {cur_id}") + + try: + webhook_data = WebhookSchema().dump(webhook) + except ValidationError as error: + return response_error("Could not serialize webhook", data=str(error)) + + return response_success("Webhook retrieved successfully", data=webhook_data) + + @manage_webhooks_blueprint.route('/manage/webhooks//modal', methods=['GET']) @ac_requires(Permissions.webhooks_read) diff --git a/source/app/datamgmt/manage/manage_webhooks_db.py b/source/app/datamgmt/manage/manage_webhooks_db.py index 2e69a6515..33e68826a 100644 --- a/source/app/datamgmt/manage/manage_webhooks_db.py +++ b/source/app/datamgmt/manage/manage_webhooks_db.py @@ -42,6 +42,7 @@ def get_webhooks_list() -> List[dict]: Webhook.url, Webhook.created_at, Webhook.updated_at, + Webhook.payload_schema, User.name.label('added_by') ).join( Webhook.created_by_user @@ -60,6 +61,8 @@ def get_webhook_by_id(cur_id: int) -> Webhook: Returns: Webhook: Webhook """ + print(f"Received request for webhook ID: {cur_id}") + webhook = Webhook.query.filter_by(id=cur_id).first() return webhook diff --git a/source/app/static/assets/js/iris/manage.webhooks.js b/source/app/static/assets/js/iris/manage.webhooks.js index e0ef827e0..e6b5b6cbb 100644 --- a/source/app/static/assets/js/iris/manage.webhooks.js +++ b/source/app/static/assets/js/iris/manage.webhooks.js @@ -1,43 +1,100 @@ -// // Event listener for row clicks -// Initialize DataTable -$("#case_webhooks_table").dataTable({ - ajax: { - url: "/manage/webhooks/list" + case_param(), +// Initialize DataTable function +function initializeDataTable() { + $("#case_webhooks_table").DataTable({ + ajax: { + url: "/manage/webhooks/list" + case_param(), + contentType: "application/json", + type: "GET", + data: function (d) { + console.log(d.data); + if (d.status == "success") { + return d.data; + } else { + return JSON.stringify([]); + } + }, + }, + order: [[0, "desc"]], + autoWidth: false, + columns: [ + { + data: "id", + }, + { + data: "name", + }, + { + data: "payload_schema", + render: function (data, type, row, meta) { + return ` + + `; + } + }, + ], + }); +} + +// Call to initialize DataTable when the script first runs +initializeDataTable(); + +function handleButtonClick(webhookId) { + let numericId = parseInt(webhookId, 10); + console.log(typeof numericId); + let webhookData = null; // Variable to store the fetched data + + $.ajax({ + url: `/manage/webhooks/${numericId}`, // The URL for fetching the webhook by ID contentType: "application/json", type: "GET", - data: function (d) { - if (d.status == "success") { - return JSON.stringify(d.data); + async: false, // Ensures that the data is available before proceeding (use with caution) + success: function (response) { + if (response.status === "success") { + webhookData = response.data; // Save data to the variable + console.log(webhookData); } else { - return JSON.stringify([]); + console.log('No data found for this webhook.'); } }, - }, - order: [[0, "desc"]], - autoWidth: false, - columns: [ - { - data: "id", - }, - { - data: "name", - }, - { - data: "url", - }, - ], -}); + error: function (xhr, status, error) { + console.error("Error fetching webhook:", error); + } + }); + + if (!webhookData || !webhookData.payload_schema) { + console.log('No payload schema to display.'); + return; + } + + // Generate HTML for displaying all key-value pairs + let payloadDetails = '

    Webhook PayLoad Schema

    {
      '; + for (const [key, value] of Object.entries(webhookData.payload_schema)) { + payloadDetails += `
    • "${key}": ${JSON.stringify(value, null, 2)}
      • `;} + payloadDetails += '
    }
    '; + payloadDetails += ` + + `; + + // Replace the content of the parent container with the details + document.getElementById('drop_case_template_webhooks').querySelector('.card-body').innerHTML = payloadDetails; +} + -// Add event listener for row clicks -$('#case_webhooks_table tbody').on('click', 'tr', function () { - var data = table.row(this).data(); +$(document).on("click", "#back-to-table", function () { + // Remove the details section and restore the table wrapper + $("#webhook-details").remove(); - // Populate modal with data - $('#webhookId').text(data.id); // Update with 'I' field - $('#webhookName').text(data.name); // Update with 'name' field + const container = document.getElementById('drop_case_template_webhooks').querySelector('.card-body'); + container.innerHTML = ` +
    +
    +
    + `; - // Show modal - $('#webhookModal').modal('show'); + // Reinitialize the DataTable when returning to the table view + initializeDataTable(); }); From 7fce7fdd9ca52fabb129b61d505557d08a28ddd6 Mon Sep 17 00:00:00 2001 From: Maham Riaz Keyani Date: Wed, 20 Nov 2024 12:52:59 +0500 Subject: [PATCH 29/80] jsoncrack embedded --- .../app/blueprints/case/templates/case.html | 2 +- .../case/templates/case_triggers.html | 80 ++++++++++--------- .../static/assets/js/iris/case.triggers.js | 66 +++++---------- 3 files changed, 64 insertions(+), 84 deletions(-) diff --git a/source/app/blueprints/case/templates/case.html b/source/app/blueprints/case/templates/case.html index fd18458b1..d50985a8b 100644 --- a/source/app/blueprints/case/templates/case.html +++ b/source/app/blueprints/case/templates/case.html @@ -428,7 +428,7 @@
    Case Review
    - + diff --git a/source/app/blueprints/case/templates/case_triggers.html b/source/app/blueprints/case/templates/case_triggers.html index efe09c44e..8868e2f40 100644 --- a/source/app/blueprints/case/templates/case_triggers.html +++ b/source/app/blueprints/case/templates/case_triggers.html @@ -21,55 +21,59 @@ {% if current_user.is_authenticated %} {{ form.hidden_tag() }} -
    -
    -
    Loading...
    -
    -
    - + {% endif %}
    diff --git a/source/app/static/assets/js/iris/case.triggers.js b/source/app/static/assets/js/iris/case.triggers.js index e90c23b63..902eb4f84 100644 --- a/source/app/static/assets/js/iris/case.triggers.js +++ b/source/app/static/assets/js/iris/case.triggers.js @@ -1,5 +1,4 @@ -// Dummy data for triggers -var g_trigger_id = null; + const dummyTriggers = [ { "id": 1, @@ -31,19 +30,19 @@ const dummyTriggers = [ } ]; -// Function to load dummy trigger data into the table + function get_triggers() { - $('#trigger_table_wrapper').empty(); + $('#trigger_table_wrapper'); show_loader(); - Table.clear(); // Clear existing rows - Table.rows.add(dummyTriggers); // Add dummy data - Table.draw(); // Redraw the table + Table.clear(); + Table.rows.add(dummyTriggers); + Table.draw(); hide_loader(); } -// Initialize DataTable with three columns for triggers + $(document).ready(function () { Table = $("#trigger_table").DataTable({ dom: '<"container-fluid"<"row"<"col"l><"col"f>>>rt<"container-fluid"<"row"<"col"i><"col"p>>>', @@ -71,54 +70,31 @@ $(document).ready(function () { order: [[0, 'asc']], }); - // Initial fetch of trigger data (dummy) + get_triggers(); - // Event listener for 'View Response' button to open the modal with iframe + $('#trigger_table').on('click', '.view-response', function () { const responseData = $(this).data('body'); - const iframeUrl = 'http://localhost:3000'; // Replace with the desired URL - - // Prepare data to send - const dataToSend = { - response: responseData + const jsonCrackEmbed = document.getElementById("jsoncrackEmbed"); + + $('#responseModal').modal('show'); + + + const options = { + theme: "light", + direction: "DOWN", }; - - // Send fetch request to the server - fetch('http://localhost:3000/api/receive-data', { - method: 'POST', - headers: { - 'Content-Type': 'application/json' - }, - body: JSON.stringify(dataToSend) - }) - .then(response => { - if (!response.ok) { - throw new Error('Network response was not ok'); - } - return response.json(); - }) - .then(data => { - console.log('Success:', data); - - // Open the modal after successful data send - $('#responseModal').modal('show'); - $('#modalIframe').attr('src', iframeUrl + '?data=' + encodeURIComponent(JSON.stringify(responseData))); - }) - .catch((error) => { - console.error('Error:', error); - alert('Failed to send data to the server.'); - }); + jsonCrackEmbed.contentWindow.postMessage({ json: JSON.stringify(responseData), options }, "*"); }); - }); + function closeModal() { - // Hide the modal - document.getElementById('responseModal').style.display = 'none'; + $('#responseModal').modal('hide'); } -// Helper functions to show/hide loader + function show_loader() { $('#loading_msg').show(); $('#card_main_load').hide(); From c88f45d6c819805d765a1c615278e538ae8870fc Mon Sep 17 00:00:00 2001 From: Maham Riaz Keyani Date: Wed, 20 Nov 2024 13:17:54 +0500 Subject: [PATCH 30/80] removed cors --- source/app/blueprints/api/api_routes.py | 22 ---------------------- 1 file changed, 22 deletions(-) diff --git a/source/app/blueprints/api/api_routes.py b/source/app/blueprints/api/api_routes.py index 33c81f042..0acf277ec 100644 --- a/source/app/blueprints/api/api_routes.py +++ b/source/app/blueprints/api/api_routes.py @@ -17,7 +17,6 @@ # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. from flask import Blueprint -from flask_cors import CORS, cross_origin from app import app from app.util import ac_api_requires @@ -30,9 +29,6 @@ template_folder='templates' ) -CORS(api_blueprint, resources={r"/api/*": {"origins": "*"}}) -app.config['CORS_HEADERS'] = 'Content-Type' - # CONTENT ------------------------------------------------ @api_blueprint.route('/api/ping', methods=['GET']) @ac_api_requires() @@ -49,21 +45,3 @@ def api_version(): } return response_success(data=versions) - -@api_blueprint.route('/api/post-data', methods=['POST']) -@cross_origin() -def post_data(): - # Get JSON data from the request body - data = request.get_json() - - # If data is not provided, return an error - if not data: - return jsonify({"error": "No data provided"}), 400 - - # Process the data (here, we simply return it as a response) - response = { - "message": "Data received successfully", - "received_data": data - } - - return jsonify(response), 200 From 8f480894c43dcc01c8d6a96a0c2b1bcf2a9e341a Mon Sep 17 00:00:00 2001 From: Muhammad Hanzila Date: Thu, 21 Nov 2024 08:35:03 +0500 Subject: [PATCH 31/80] BE implementation of Task and Case Responses --- .../manage/manage_case_response_db.py | 99 +++++++++++++++++++ .../manage/manage_task_response_db.py | 98 ++++++++++++++++++ source/app/models/models.py | 48 +++++++++ source/app/schema/marshables.py | 37 +++++++ 4 files changed, 282 insertions(+) create mode 100644 source/app/datamgmt/manage/manage_case_response_db.py create mode 100644 source/app/datamgmt/manage/manage_task_response_db.py diff --git a/source/app/datamgmt/manage/manage_case_response_db.py b/source/app/datamgmt/manage/manage_case_response_db.py new file mode 100644 index 000000000..4ddf82d96 --- /dev/null +++ b/source/app/datamgmt/manage/manage_case_response_db.py @@ -0,0 +1,99 @@ +# IRIS Source Code +# contact@dfir-iris.org +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 3 of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public License +# along with this program; if not, write to the Free Software Foundation, +# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +from datetime import datetime +from typing import List, Optional, Union + +from app import db +from app.models import CaseResponse +from app.models.authorization import User +from app.schema.marshables import CaseResponseSchema + + +def get_case_responses_list() -> List[dict]: + """Get a list of case responses. + + Returns: + List[dict]: List of case responses. + """ + case_responses = CaseResponse.query.with_entities( + CaseResponse.id, + CaseResponse.created_at, + CaseResponse.updated_at, + CaseResponse.case, + CaseResponse.trigger, + CaseResponse.body, + User.name.label('created_by') + ).join( + CaseResponse.created_by_user + ).all() + + return [row._asdict() for row in case_responses] + + +def get_case_response_by_id(response_id: int) -> CaseResponse: + """Get a specific case response by ID. + + Args: + response_id (int): Task response ID. + + Returns: + CaseResponse: Task response object. + """ + case_response = CaseResponse.query.filter_by(id=response_id).first() + return case_response + + +def delete_case_response_by_id(response_id: int): + """Delete a specific case response by ID. + + Args: + response_id (int): Task response ID. + """ + CaseResponse.query.filter_by(id=response_id).delete() + + +def validate_case_response(data: dict, update: bool = False) -> Optional[str]: + """Validate case response data. + + Args: + data (dict): The data to validate. + update (bool): Whether this is an update operation. Defaults to False. + + Returns: + Optional[str]: Validation error message, or None if validation passes. + """ + try: + if not update: + # Check required fields for creation + if "case" not in data: + return "Task ID is required." + + # Check if trigger is provided and valid + if "trigger" in data and not isinstance(data["trigger"], int): + return "Action must be an integer." + + # Validate the body field if provided + if "body" in data: + if not isinstance(data["body"], dict): + return "Body must be a dictionary." + + # If all validations pass, return None + return None + except Exception as e: + return str(e) + diff --git a/source/app/datamgmt/manage/manage_task_response_db.py b/source/app/datamgmt/manage/manage_task_response_db.py new file mode 100644 index 000000000..0f0c5d3bb --- /dev/null +++ b/source/app/datamgmt/manage/manage_task_response_db.py @@ -0,0 +1,98 @@ +# IRIS Source Code +# contact@dfir-iris.org +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 3 of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public License +# along with this program; if not, write to the Free Software Foundation, +# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +from datetime import datetime +from typing import List, Optional, Union + +from app import db +from app.models import TaskResponse +from app.models.authorization import User +from app.schema.marshables import TaskResponseSchema + + +def get_task_responses_list() -> List[dict]: + """Get a list of task responses. + + Returns: + List[dict]: List of task responses. + """ + task_responses = TaskResponse.query.with_entities( + TaskResponse.id, + TaskResponse.created_at, + TaskResponse.updated_at, + TaskResponse.task, + TaskResponse.action, + TaskResponse.body, + User.name.label('created_by') + ).join( + TaskResponse.created_by_user + ).all() + + return [row._asdict() for row in task_responses] + + +def get_task_response_by_id(response_id: int) -> TaskResponse: + """Get a specific task response by ID. + + Args: + response_id (int): Task response ID. + + Returns: + TaskResponse: Task response object. + """ + task_response = TaskResponse.query.filter_by(id=response_id).first() + return task_response + + +def delete_task_response_by_id(response_id: int): + """Delete a specific task response by ID. + + Args: + response_id (int): Task response ID. + """ + TaskResponse.query.filter_by(id=response_id).delete() + + +def validate_task_response(data: dict, update: bool = False) -> Optional[str]: + """Validate task response data. + + Args: + data (dict): The data to validate. + update (bool): Whether this is an update operation. Defaults to False. + + Returns: + Optional[str]: Validation error message, or None if validation passes. + """ + try: + if not update: + # Check required fields for creation + if "task" not in data: + return "Task ID is required." + + # Check if action is provided and valid + if "action" in data and not isinstance(data["action"], int): + return "Action must be an integer." + + # Validate the body field if provided + if "body" in data: + if not isinstance(data["body"], dict): + return "Body must be a dictionary." + + # If all validations pass, return None + return None + except Exception as e: + return str(e) diff --git a/source/app/models/models.py b/source/app/models/models.py index 050af113c..8de7e3220 100644 --- a/source/app/models/models.py +++ b/source/app/models/models.py @@ -287,6 +287,54 @@ def update_from_dict(self, data: dict): for field, value in data.items(): setattr(self, field, value) +class TaskResponse(db.Model): + __tablename__ = 'task_response' + + # Metadata + id = Column(Integer, primary_key=True) + created_by_user_id = Column(Integer, db.ForeignKey('user.id')) + created_at = Column(DateTime, server_default=func.now()) + updated_at = Column(DateTime, onupdate=func.now()) + + # Data + task = Column(Integer, db.ForeignKey('case_tasks.id')) + action = Column(Integer, db.ForeignKey('actions.id')) + body = Column(JSON, nullable=True) + execution_time = Column(DateTime, server_default=func.now()) + + created_by_user = relationship('User') + + def __init__(self, **kwargs): + super().__init__(**kwargs) + + def update_from_dict(self, data: dict): + for field, value in data.items(): + setattr(self, field, value) + +class CaseResponse(db.Model): + __tablename__ = 'case_response' + + # Metadata + id = Column(Integer, primary_key=True) + created_by_user_id = Column(Integer, db.ForeignKey('user.id')) + created_at = Column(DateTime, server_default=func.now()) + updated_at = Column(DateTime, onupdate=func.now()) + + # Data + case = Column(Integer, db.ForeignKey('case.id')) + trigger = Column(Integer, db.ForeignKey('triggers.id')) + body = Column(JSON, nullable=True) + execution_time = Column(DateTime, server_default=func.now()) + + created_by_user = relationship('User') + + def __init__(self, **kwargs): + super().__init__(**kwargs) + + def update_from_dict(self, data: dict): + for field, value in data.items(): + setattr(self, field, value) + class Contact(db.Model): __tablename__ = 'contact' diff --git a/source/app/schema/marshables.py b/source/app/schema/marshables.py index 0bf33baa2..fe82f9ff4 100644 --- a/source/app/schema/marshables.py +++ b/source/app/schema/marshables.py @@ -811,6 +811,43 @@ def custom_attributes_merge(self, data: Dict[str, Any], **kwargs: Any) -> Dict[s data['custom_attributes'] = merge_custom_attributes(new_attr, data.get('asset_id'), 'asset') return data + +class TaskResponseSchema(ma.Schema): + """Schema for serializing and deserializing Task Response objects. + + This schema defines the fields to include when serializing and deserializing Task Response objects. + It includes fields for the task response ID, the task ID of the user who created the template, the creation and update + timestamps, the task, action, body and execution time of the Task Response. + + """ + id: int = fields.Integer(dump_only=True) + created_by_user_id: int = fields.Integer(required=True) + created_at: datetime = fields.DateTime(dump_only=True) + updated_at: datetime = fields.DateTime(dump_only=True) + + task: int = fields.Integer(dump_only=True) + action: int = fields.Integer(dump_only=True) + body: Optional[dict] = fields.Dict(allow_none=True, missing={}) + execution_time: datetime = fields.DateTime(dump_only=True) + +class CaseResponseSchema(ma.Schema): + """Schema for serializing and deserializing Case Response objects. + + This schema defines the fields to include when serializing and deserializing case Response objects. + It includes fields for the case response ID, the task ID of the user who created the template, the creation and update + timestamps, the case, action, body and execution time of the Case Response. + + """ + id: int = fields.Integer(dump_only=True) + created_by_user_id: int = fields.Integer(required=True) + created_at: datetime = fields.DateTime(dump_only=True) + updated_at: datetime = fields.DateTime(dump_only=True) + + case: int = fields.Integer(dump_only=True) + trigger: int = fields.Integer(dump_only=True) + body: Optional[dict] = fields.Dict(allow_none=True, missing={}) + execution_time: datetime = fields.DateTime(dump_only=True) + class WebhookSchema(ma.Schema): """Schema for serializing and deserializing Webhook objects. From a2ceaaf4e71f851dea7ad8c78d7c47e030566eb1 Mon Sep 17 00:00:00 2001 From: Muhammad Hanzila Date: Thu, 21 Nov 2024 08:41:22 +0500 Subject: [PATCH 32/80] id's adjusted --- source/app/models/models.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/source/app/models/models.py b/source/app/models/models.py index 8de7e3220..91886206e 100644 --- a/source/app/models/models.py +++ b/source/app/models/models.py @@ -298,7 +298,7 @@ class TaskResponse(db.Model): # Data task = Column(Integer, db.ForeignKey('case_tasks.id')) - action = Column(Integer, db.ForeignKey('actions.id')) + action = Column(Integer) body = Column(JSON, nullable=True) execution_time = Column(DateTime, server_default=func.now()) @@ -321,8 +321,8 @@ class CaseResponse(db.Model): updated_at = Column(DateTime, onupdate=func.now()) # Data - case = Column(Integer, db.ForeignKey('case.id')) - trigger = Column(Integer, db.ForeignKey('triggers.id')) + case = Column(Integer) + trigger = Column(Integer) body = Column(JSON, nullable=True) execution_time = Column(DateTime, server_default=func.now()) From f7cfe5fbbba6124eb8b4b6a521d51e456a694c4f Mon Sep 17 00:00:00 2001 From: Muhammad Hanzila Date: Thu, 21 Nov 2024 14:56:16 +0500 Subject: [PATCH 33/80] triggers execution implemented --- .../manage/manage_case_templates_routes.py | 37 +++++++-- .../manage/manage_case_templates_db.py | 77 ++++++++++++++++++- .../assets/js/iris/manage.case.templates.js | 9 ++- 3 files changed, 111 insertions(+), 12 deletions(-) diff --git a/source/app/blueprints/manage/manage_case_templates_routes.py b/source/app/blueprints/manage/manage_case_templates_routes.py index 58a7ae248..3465e9506 100644 --- a/source/app/blueprints/manage/manage_case_templates_routes.py +++ b/source/app/blueprints/manage/manage_case_templates_routes.py @@ -30,7 +30,8 @@ from app.datamgmt.manage.manage_case_templates_db import get_case_template_by_id from app.datamgmt.manage.manage_case_templates_db import validate_case_template from app.datamgmt.manage.manage_case_templates_db import delete_case_template_by_id -from app.forms import CaseTemplateForm, AddAssetForm +from app.datamgmt.manage.manage_case_templates_db import execute_and_save_trigger +from app.forms import AddAssetForm, WebhookForm, CaseTemplateForm from app.models import CaseTemplate from app.models.authorization import Permissions from app.iris_engine.utils.tracker import track_activity @@ -176,36 +177,58 @@ def upload_template_modal(): def add_case_template(caseid): data = request.get_json() if not data: - return response_error("Invalid request") + return response_error("Invalid request: Missing data") case_template_json = data.get('case_template_json') if not case_template_json: - return response_error("Invalid request") + return response_error("Invalid request: Missing case template JSON") try: case_template_dict = json.loads(case_template_json) except Exception as e: return response_error("Invalid JSON", data=str(e)) + # Validate case template try: logs = validate_case_template(case_template_dict, update=False) if logs is not None: return response_error("Found errors in case template", data=logs) except Exception as e: - return response_error("Found errors in case template", data=str(e)) + return response_error("Error validating case template", data=str(e)) + # Attempt to add case template to the database try: case_template_dict["created_by_user_id"] = current_user.id case_template_data = CaseTemplateSchema().load(case_template_dict) + case_template = CaseTemplate(**case_template_data) db.session.add(case_template) + + # Commit the template to generate an ID db.session.commit() + + # Execute and save triggers + for trigger in case_template_dict.get("triggers", []): + print(f"Executing trigger for case template ID {case_template.id}: {trigger}") + execute_and_save_trigger(trigger, case_template.id) + except Exception as e: + print("Error adding case template:", e) + db.session.rollback() return response_error("Could not add case template into DB", data=str(e)) - track_activity(f"Case template '{case_template.name}' added", caseid=caseid, ctx_less=True) - - return response_success("Added successfully", data=CaseTemplateSchema().dump(case_template)) + # Log activity + track_activity( + f"Case template '{case_template.name}' added", + caseid=caseid, + ctx_less=True + ) + + # Return success response + return response_success( + "Case template added successfully", + data=CaseTemplateSchema().dump(case_template) + ) @manage_case_templates_blueprint.route('/manage/case-templates/update/', methods=['POST']) diff --git a/source/app/datamgmt/manage/manage_case_templates_db.py b/source/app/datamgmt/manage/manage_case_templates_db.py index 1a87e7760..3e95270a1 100644 --- a/source/app/datamgmt/manage/manage_case_templates_db.py +++ b/source/app/datamgmt/manage/manage_case_templates_db.py @@ -15,6 +15,7 @@ # along with this program; if not, write to the Free Software Foundation, # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. import marshmallow +import requests import jsonschema from datetime import datetime from typing import List, Optional, Union @@ -24,7 +25,7 @@ from app.datamgmt.case.case_tasks_db import add_task from app.datamgmt.manage.manage_case_classifications_db import get_case_classification_by_name from app.iris_engine.module_handler.module_handler import call_modules_hook -from app.models import CaseTemplate, Cases, Tags, NoteDirectory, Webhook +from app.models import CaseTemplate, Cases, Tags, NoteDirectory, CaseResponse from app.models.authorization import User from app.schema.marshables import CaseSchema, CaseTaskSchema, CaseNoteDirectorySchema, CaseNoteSchema from app.datamgmt.manage.manage_webhooks_db import get_webhook_by_id @@ -366,3 +367,77 @@ def case_template_post_modifier(case: Cases, case_template_id: Union[str, int]): db.session.commit() return case, logs + + +def execute_and_save_trigger(trigger, case_template_id): + try: + # Extract webhook_id from the trigger + webhook_id = trigger.get("webhook_id") + print(f"Webhook ID: {webhook_id}") # Debugging: Ensure webhook_id is being accessed + if not webhook_id: + raise ValueError("Trigger execution failed: webhook_id is missing in trigger.") + + # Fetch the webhook object from the database + webhook = get_webhook_by_id(webhook_id) + print(f"Webhook Object: {webhook}") # Debugging: Log the webhook object + if not webhook: + raise ValueError(f"Trigger execution failed: No webhook found for webhook_id {webhook_id}.") + + # Fetch the URL from the webhook object + url = webhook.url # Adjust this based on your webhook model's attributes + print(f"Webhook URL: {url}") # Debugging: Ensure URL is being accessed + if not url: + raise ValueError(f"Trigger execution failed: URL is missing in webhook with id {webhook_id}.") + + # Execute the webhook request + print(f"Executing webhook request to URL: {url} with data: {trigger}") + response = requests.post(url, json=trigger) + print(f"Webhook Response Status Code: {response.status_code}") # Log response status + print(f"Webhook Response Content: {response.text}") # Log response content + + # Check response status + if response.status_code == 200: + results = response.json() + print(f"Webhook Execution Results: {results}") # Log the result of the execution + save_results(results, case_template_id, webhook_id) # Assuming save_results is implemented to handle the output + return f"Trigger executed successfully and saved for webhook_id {webhook_id}." + else: + raise ValueError( + f"Trigger execution failed: Webhook request returned status {response.status_code}, " + f"response: {response.text}" + ) + + except Exception as e: + print(f"Error in execute_and_save_trigger: {str(e)}") # Log the error + return str(e) + + +def save_results(data, case_template_id, webhook_id): + """ + Save the results of a webhook execution into the CaseResponse model. + + :param data: The response data to save (JSON). + :param case_template_id: The case template ID. + :param webhook_id: The webhook ID. + """ + try: + # Create a new CaseResponse object + case_response = CaseResponse( + case=case_template_id, + trigger=webhook_id, + body=data, + ) + + # Add the object to the session and commit + db.session.add(case_response) + db.session.commit() + + print(case_response.id, case_response.case, case_response.trigger, case_response.body, case_response.execution_time) + print(f"CaseResponse saved successfully with id {case_response.id}") + except Exception as e: + db.session.rollback() # Roll back the session in case of an error + print(f"Error saving CaseResponse: {str(e)}") + + + + diff --git a/source/app/static/assets/js/iris/manage.case.templates.js b/source/app/static/assets/js/iris/manage.case.templates.js index 438d69138..90cf97acd 100644 --- a/source/app/static/assets/js/iris/manage.case.templates.js +++ b/source/app/static/assets/js/iris/manage.case.templates.js @@ -73,9 +73,10 @@ function add_case_template() { }); $("#submit_new_case_template").on("click", function () { - let data_sent = Object(); - data_sent["case_template_json"] = editor.getSession().getValue(); - data_sent["csrf_token"] = $("#csrf_token").val(); + let data_sent = { + case_template_json: editor.getSession().getValue(), + csrf_token: $("#csrf_token").val(), + }; post_request_api( "/manage/case-templates/add", @@ -84,7 +85,7 @@ function add_case_template() { function () { window.swal({ title: "Adding...", - text: "Please wait", + text: "Executing triggers, please wait...", icon: "/static/assets/img/loader.gif", button: false, allowOutsideClick: false, From 913d039a384a70685697a9c01d1051b42edc4237 Mon Sep 17 00:00:00 2001 From: Maham Riaz Keyani Date: Thu, 21 Nov 2024 14:58:34 +0500 Subject: [PATCH 34/80] updated action trigger response --- .../case/templates/modal_add_case_task.html | 26 +- .../app/static/assets/js/iris/case.tasks.js | 785 +++++++++--------- 2 files changed, 426 insertions(+), 385 deletions(-) diff --git a/source/app/blueprints/case/templates/modal_add_case_task.html b/source/app/blueprints/case/templates/modal_add_case_task.html index 770bd33db..5b3bda995 100644 --- a/source/app/blueprints/case/templates/modal_add_case_task.html +++ b/source/app/blueprints/case/templates/modal_add_case_task.html @@ -135,12 +135,29 @@

    {% if task.id %} Task ID #{{ task.id }}{% else %}

    +
    - {% endif %} - + {% endif %}
    -
    {% include 'modals/modal_attributes_tabs.html' %} @@ -190,4 +207,7 @@

    {% if task.id %} Task ID #{{ task.id }}{% else %} + + + {% endblock javascripts %} \ No newline at end of file diff --git a/source/app/static/assets/js/iris/case.tasks.js b/source/app/static/assets/js/iris/case.tasks.js index 97067bc0a..52232d1c1 100644 --- a/source/app/static/assets/js/iris/case.tasks.js +++ b/source/app/static/assets/js/iris/case.tasks.js @@ -3,23 +3,25 @@ var g_task_id = null; var g_task_desc_editor = null; function edit_in_task_desc() { - if($('#container_task_desc_content').is(':visible')) { - $('#container_task_description').show(100); - $('#container_task_desc_content').hide(100); - $('#task_edition_btn').hide(100); - $('#task_preview_button').hide(100); - } else { - $('#task_preview_button').show(100); - $('#task_edition_btn').show(100); - $('#container_task_desc_content').show(100); - $('#container_task_description').hide(100); - } + if ($('#container_task_desc_content').is(':visible')) { + $('#container_task_description').show(100); + $('#container_task_desc_content').hide(100); + $('#task_edition_btn').hide(100); + $('#task_preview_button').hide(100); + } else { + $('#task_preview_button').show(100); + $('#task_edition_btn').show(100); + $('#container_task_desc_content').show(100); + $('#container_task_description').hide(100); + } } /* Fetch a modal that allows to add an event */ function edit_task(id) { - url = '/case/tasks/' + id + '/modal' + case_param(); + const url = '/case/tasks/' + id + '/modal' + case_param(); + const webHooksurl = "/manage/webhooks/list" + case_param(); + $('#modal_add_task_content').load(url, function (response, status, xhr) { hide_minimized_modal_box(); if (status !== "success") { @@ -38,35 +40,106 @@ function edit_task(id) { g_task_desc_editor.setOption("minLines", "6"); preview_task_description(true); - headers = get_editor_headers('g_task_desc_editor', null, 'task_edition_btn'); + const headers = get_editor_headers('g_task_desc_editor', null, 'task_edition_btn'); $('#task_edition_btn').append(headers); load_menu_mod_options_modal(id, 'task', $("#task_modal_quick_actions")); $('#modal_add_task').modal({ show: true }); edit_in_task_desc(); - // Dummy data for action list - var dummyActions = [ - { id: 1, name: 'Review Task' }, - { id: 2, name: 'Approve Task' }, - { id: 3, name: 'Reject Task' } - ]; - - var actionsList = $('#actionsList'); - actionsList.empty(); // Clear existing items - dummyActions.forEach(function (action) { - actionsList.append( - $('', { - class: 'dropdown-item', - href: '#', - text: action.name, - click: function () { - displayActionResponse(id, action.id); - return false; - } - }) - ); + // Define actionsList as a global variable if it's reused elsewhere + const actionsList = $('#actionsList'); + + fetch(webHooksurl, { + method: "GET", + headers: { + "Content-Type": "application/json", + }, + }) + .then((response) => { + if (!response.ok) { + throw new Error(`HTTP error! Status: ${response.status}`); + } + return response.json(); + }) + .then((data) => { + console.log("Response Data:", data); // Debugging log + + // Update fetchedData based on response status + const fetchedData = data.status === "success" ? data.data : []; + + // Log fetched data for debugging + console.log("Fetched Data:", fetchedData); + + // Populate the dropdown + actionsList.empty(); // Clear existing items + + if (fetchedData.length === 0) { + // Handle case where no actions are available + actionsList.append( + $('', { + class: 'dropdown-item disabled', + href: '#', + text: 'No actions available', + }) + ); + } else { + // Add actions to the dropdown + fetchedData.forEach(function (action) { + actionsList.append( + $('', { + class: 'dropdown-item', + href: '#', + text: action.name, + click: function (e) { + e.preventDefault(); // Prevent default link behavior + OpenJsonEditorModal(action.payload_schema); + }, + }) + ); + }); + } + }) + .catch((error) => { + console.error("Error fetching data:", error); + + // Handle error by displaying a message in the dropdown + actionsList.empty().append( + $('', { + class: 'dropdown-item disabled', + href: '#', + text: 'Failed to load actions', + }) + ); + }); + }); +} + +function OpenJsonEditorModal(payloadSchema) { + $('#responseModal').modal('show'); + + // Ensure the editor is initialized only once + if (!window.jsonEditor) { + window.jsonEditor = new JSONEditor(document.getElementById('jsoneditor'), { + schema: payloadSchema, + theme:'bootstrap4' }); + } else { + window.jsonEditor.destroy(); + window.jsonEditor = new JSONEditor(document.getElementById('jsoneditor'), { + schema: payloadSchema + }); + } + + // Set the default value if provided in the schema + if (payloadSchema.default) { + window.jsonEditor.set(payloadSchema); + } + + // Save button event listener + $('#saveBtn').off('click').on('click', function () { + var updatedData = window.jsonEditor.get(); + console.log('Updated data:', updatedData); }); } @@ -102,255 +175,195 @@ function displayActionResponse(taskId, actionId) { function save_task() { - $('#submit_new_task').click(); + $('#submit_new_task').click(); } function update_task(task_id) { - update_task_ext(task_id, true); + update_task_ext(task_id, true); } function update_task_ext(task_id, do_close) { - clear_api_error(); - if(!$('form#form_new_task').valid()) { - return false; - } + clear_api_error(); + if (!$('form#form_new_task').valid()) { + return false; + } - if (task_id === undefined || task_id === null) { - task_id = g_task_id; - } + if (task_id === undefined || task_id === null) { + task_id = g_task_id; + } - var data_sent = $('#form_new_task').serializeObject(); - data_sent['task_tags'] = $('#task_tags').val(); + var data_sent = $('#form_new_task').serializeObject(); + data_sent['task_tags'] = $('#task_tags').val(); - data_sent['task_assignees_id'] = $('#task_assignees_id').val(); - data_sent['task_status_id'] = $('#task_status_id').val(); - ret = get_custom_attributes_fields(); - has_error = ret[0].length > 0; - attributes = ret[1]; + data_sent['task_assignees_id'] = $('#task_assignees_id').val(); + data_sent['task_status_id'] = $('#task_status_id').val(); + ret = get_custom_attributes_fields(); + has_error = ret[0].length > 0; + attributes = ret[1]; - if (has_error){return false;} + if (has_error) { return false; } - data_sent['custom_attributes'] = attributes; - data_sent['task_description'] = g_task_desc_editor.getValue(); + data_sent['custom_attributes'] = attributes; + data_sent['task_description'] = g_task_desc_editor.getValue(); - $('#update_task_btn').text('Updating..'); + $('#update_task_btn').text('Updating..'); - post_request_api('tasks/update/' + task_id, JSON.stringify(data_sent), true) + post_request_api('tasks/update/' + task_id, JSON.stringify(data_sent), true) .done((data) => { - if(notify_auto_api(data)) { - get_tasks(); - $('#submit_new_task').text("Saved").addClass('btn-outline-success').removeClass('btn-outline-danger').removeClass('btn-outline-warning'); - $('#last_saved').removeClass('btn-danger').addClass('btn-success'); - $('#last_saved > i').attr('class', "fa-solid fa-file-circle-check"); - - if (do_close !== undefined && do_close === true) { - $('#modal_add_task').modal('hide'); - } + if (notify_auto_api(data)) { + get_tasks(); + $('#submit_new_task').text("Saved").addClass('btn-outline-success').removeClass('btn-outline-danger').removeClass('btn-outline-warning'); + $('#last_saved').removeClass('btn-danger').addClass('btn-success'); + $('#last_saved > i').attr('class', "fa-solid fa-file-circle-check"); + + if (do_close !== undefined && do_close === true) { + $('#modal_add_task').modal('hide'); } + } }) .always(() => { - $('#update_task_btn').text('Update'); + $('#update_task_btn').text('Update'); }); } -/* Delete an event from the timeline thank to its id */ +/* Delete an event from the timeline thank to its id */ function delete_task(id) { - do_deletion_prompt("You are about to delete task #" + id) + do_deletion_prompt("You are about to delete task #" + id) .then((doDelete) => { - if (doDelete) { - post_request_api("tasks/delete/" + id) - .done((data) => { - if(notify_auto_api(data)) { - get_tasks(); - $('#modal_add_task').modal('hide'); - } - }); - } + if (doDelete) { + post_request_api("tasks/delete/" + id) + .done((data) => { + if (notify_auto_api(data)) { + get_tasks(); + $('#modal_add_task').modal('hide'); + } + }); + } }); } -/* Edit and event from the timeline thanks to its ID */ -// Example array of actions fetched from a source -const actionsArray = [ - { id: 1, name: 'Action 1' }, - { id: 2, name: 'Action 2' }, - { id: 3, name: 'Action 3' }, - { id: 4, name: 'Action 4' } -]; - -// Example response data for each action -const actionResponses = { - 1: { taskId: 1, actionId: 1, response: 'Action 1 executed successfully', executionTime: '2s' }, - 2: { taskId: 1, actionId: 2, response: 'Action 2 executed with warnings', executionTime: '3s' }, - 3: { taskId: 1, actionId: 3, response: 'Action 3 failed', executionTime: '1s' }, - 4: { taskId: 1, actionId: 4, response: 'Action 4 completed successfully', executionTime: '2.5s' } -}; - -// Function to generate dropdown items dynamically -function populateActionsDropdown() { - const actionsList = document.getElementById('actionsList'); - actionsList.innerHTML = ''; // Clear existing items - - actionsArray.forEach(action => { - const actionItem = document.createElement('a'); - actionItem.className = 'dropdown-item'; - actionItem.href = '#'; - actionItem.textContent = action.name; - actionItem.setAttribute('data-action-id', action.id); - - // Add click event to handle response - actionItem.addEventListener('click', (event) => { - event.preventDefault(); - handleActionClick(action.id); - }); - - actionsList.appendChild(actionItem); - }); -} - -// Function to handle action click and populate the table -function handleActionClick(actionId) { - const response = actionResponses[actionId]; - - if (response) { - const tableBody = document.querySelector('#taskResponse_table tbody'); - const newRow = document.createElement('tr'); - newRow.innerHTML = ` - ${response.taskId} - Task ${response.taskId} - Action ${response.actionId} - ${response.response} - ${response.executionTime} - `; - tableBody.appendChild(newRow); - } -} - -// Populate dropdown on page load or whenever needed -document.addEventListener('DOMContentLoaded', populateActionsDropdown); - function preview_task_description(no_btn_update) { - if(!$('#container_task_description').is(':visible')) { - task_desc = g_task_desc_editor.getValue(); - converter = get_showdown_convert(); - html = converter.makeHtml(do_md_filter_xss(task_desc)); - task_desc_html = do_md_filter_xss(html); - $('#target_task_desc').html(task_desc_html); - $('#container_task_description').show(); - if (!no_btn_update) { - $('#task_preview_button').html(''); - } - $('#container_task_desc_content').hide(); + if (!$('#container_task_description').is(':visible')) { + task_desc = g_task_desc_editor.getValue(); + converter = get_showdown_convert(); + html = converter.makeHtml(do_md_filter_xss(task_desc)); + task_desc_html = do_md_filter_xss(html); + $('#target_task_desc').html(task_desc_html); + $('#container_task_description').show(); + if (!no_btn_update) { + $('#task_preview_button').html(''); } - else { - $('#container_task_description').hide(); - if (!no_btn_update) { - $('#task_preview_button').html(''); - } - - $('#task_preview_button').html(''); - $('#container_task_desc_content').show(); + $('#container_task_desc_content').hide(); + } + else { + $('#container_task_description').hide(); + if (!no_btn_update) { + $('#task_preview_button').html(''); } + + $('#task_preview_button').html(''); + $('#container_task_desc_content').show(); + } } /* Fetch and draw the tasks */ function get_tasks() { - $('#tasks_list').empty(); - show_loader(); + $('#tasks_list').empty(); + show_loader(); - get_request_api("tasks/list") + get_request_api("tasks/list") .done((data) => { - if (data.status == 'success') { - Table.MakeCellsEditable("destroy"); - tasks_list = data.data.tasks; - - options_l = data.data.tasks_status; - options = []; - for (index in options_l) { - option = options_l[index]; - options.push({ "value": option.id, "display": option.status_name }) - } - Table.clear(); - Table.rows.add(tasks_list); - Table.MakeCellsEditable({ - "onUpdate": callBackEditTaskStatus, - "inputCss": 'form-control col-12', - "columns": [2], - "allowNulls": { - "columns": [2], - "errorClass": 'error' - }, - "confirmationButton": { - "confirmCss": 'my-confirm-class', - "cancelCss": 'my-cancel-class' - }, - "inputTypes": [ - { - "column": 2, - "type": "list", - "options": options - } - ] - }); - - Table.columns.adjust().draw(); - load_menu_mod_options('task', Table, delete_task); - //$('[data-toggle="popover"]').popover(); - Table.responsive.recalc(); - - $(document) - .off('click', '.task_details_link') - .on('click', '.task_details_link', function(event) { - event.preventDefault(); - let task_id = $(this).data('task_id'); - edit_task(task_id); - }); - - set_last_state(data.data.state); - hide_loader(); + if (data.status == 'success') { + Table.MakeCellsEditable("destroy"); + tasks_list = data.data.tasks; + + options_l = data.data.tasks_status; + options = []; + for (index in options_l) { + option = options_l[index]; + options.push({ "value": option.id, "display": option.status_name }) + } + Table.clear(); + Table.rows.add(tasks_list); + Table.MakeCellsEditable({ + "onUpdate": callBackEditTaskStatus, + "inputCss": 'form-control col-12', + "columns": [2], + "allowNulls": { + "columns": [2], + "errorClass": 'error' + }, + "confirmationButton": { + "confirmCss": 'my-confirm-class', + "cancelCss": 'my-cancel-class' + }, + "inputTypes": [ + { + "column": 2, + "type": "list", + "options": options } + ] + }); + + Table.columns.adjust().draw(); + load_menu_mod_options('task', Table, delete_task); + //$('[data-toggle="popover"]').popover(); + Table.responsive.recalc(); + + $(document) + .off('click', '.task_details_link') + .on('click', '.task_details_link', function (event) { + event.preventDefault(); + let task_id = $(this).data('task_id'); + edit_task(task_id); + }); + + set_last_state(data.data.state); + hide_loader(); + } }); } function refresh_users(on_finish, cur_assignees_id_list) { - get_request_api('/case/users/list') + get_request_api('/case/users/list') .done((data) => { - if(notify_auto_api(data, true)) { - current_users_list = data.data; - - if (on_finish !== undefined) { - on_finish(current_users_list, cur_assignees_id_list); - } + if (notify_auto_api(data, true)) { + current_users_list = data.data; + if (on_finish !== undefined) { + on_finish(current_users_list, cur_assignees_id_list); } + } + }); } function do_list_users(list_users, cur_assignees_id_list) { - $('#task_assignees_id').selectpicker({ - liveSearch: true, - title: "Select assignee(s)" - }); + $('#task_assignees_id').selectpicker({ + liveSearch: true, + title: "Select assignee(s)" + }); - for (let user in list_users) { - if (list_users[user].user_access_level === 4) { - $('#task_assignees_id').append(new Option(`${filterXSS(list_users[user].user_login)} (${filterXSS(list_users[user].user_name)})`, - list_users[user].user_id)); - } + for (let user in list_users) { + if (list_users[user].user_access_level === 4) { + $('#task_assignees_id').append(new Option(`${filterXSS(list_users[user].user_login)} (${filterXSS(list_users[user].user_name)})`, + list_users[user].user_id)); } + } - if (cur_assignees_id_list !== undefined) { - $('#task_assignees_id').selectpicker('val', cur_assignees_id_list); - } + if (cur_assignees_id_list !== undefined) { + $('#task_assignees_id').selectpicker('val', cur_assignees_id_list); + } - $('#task_assignees_id').selectpicker('refresh'); + $('#task_assignees_id').selectpicker('refresh'); } function callBackEditTaskStatus(updatedCell, updatedRow, oldValue) { @@ -359,178 +372,186 @@ function callBackEditTaskStatus(updatedCell, updatedRow, oldValue) { tid = data_send['task_id']; post_request_api("tasks/status/update/" + tid, JSON.stringify(data_send)) - .done(function (data){ - if(notify_auto_api(data)) { - get_tasks(); - } - }); + .done(function (data) { + if (notify_auto_api(data)) { + get_tasks(); + } + }); } /* Page is ready, fetch the assets of the case */ -$(document).ready(function(){ +$(document).ready(function () { - /* add filtering fields for each table of the page (must be done before datatable initialization) */ - $.each($.find("table"), function(index, element){ - addFilterFields($(element).attr("id")); - }); + /* add filtering fields for each table of the page (must be done before datatable initialization) */ + $.each($.find("table"), function (index, element) { + addFilterFields($(element).attr("id")); + }); - Table = $("#tasks_table").DataTable({ - dom: '<"container-fluid"<"row"<"col"l><"col"f>>>rt<"container-fluid"<"row"<"col"i><"col"p>>>', - aaData: [], - fixedHeader: true, - aoColumns: [ - { - "data": "task_title", - "render": function (data, type, row, meta) { - if (type === 'display' && data != null) { - - let datak = ''; - let anchor = $('') - .attr('href', 'javascript:void(0);') - .attr('data-task_id', row['task_id']) - .attr('title', `Task ID #${row['task_id']} - ${data}`) - .addClass('task_details_link') - - if (isWhiteSpace(data)) { - datak = '#' + row['task_id']; - anchor.text(datak); - } else { - datak= ellipsis_field(data, 64); - anchor.html(datak); - } - - return anchor.prop('outerHTML'); - } - return data; + Table = $("#tasks_table").DataTable({ + dom: '<"container-fluid"<"row"<"col"l><"col"f>>>rt<"container-fluid"<"row"<"col"i><"col"p>>>', + aaData: [], + fixedHeader: true, + aoColumns: [ + { + "data": "task_title", + "render": function (data, type, row, meta) { + if (type === 'display' && data != null) { + + let datak = ''; + let anchor = $('') + .attr('href', 'javascript:void(0);') + .attr('data-task_id', row['task_id']) + .attr('title', `Task ID #${row['task_id']} - ${data}`) + .addClass('task_details_link') + + if (isWhiteSpace(data)) { + datak = '#' + row['task_id']; + anchor.text(datak); + } else { + datak = ellipsis_field(data, 64); + anchor.html(datak); } - }, - { "data": "task_description", - "render": function (data, type, row, meta) { + + return anchor.prop('outerHTML'); + } + return data; + } + }, + { + "data": "task_description", + "render": function (data, type, row, meta) { + if (type === 'display') { + return ret_obj_dt_description(data); + } + return data; + } + }, + { + "data": "task_status_id", + "render": function (data, type, row) { + if (type === 'display') { + data = sanitizeHTML(data); + data = '' + row['status_name'] + ''; + } + else if (type === 'filter' || type === 'sort') { + data = row['status_name'] + } else if (type === 'export') { + data = row['status_name'] + } + return data; + } + }, + { + "data": "task_assignees", + "render": function (data, type, row, meta) { + if (data != null) { + names = ""; + + if (data.length > 0) { + lst = []; + data.forEach(function (item, index) { lst.push(item['name']); }); if (type === 'display') { - return ret_obj_dt_description(data); + names = list_to_badges(lst, 'primary', 10, 'users'); + } + else { + lst.forEach(function (item, index) { + names += `${sanitizeHTML(item)}`; + }); } - return data; - } - }, - { - "data": "task_status_id", - "render": function(data, type, row) { - if (type === 'display') { - data = sanitizeHTML(data); - data = '' + row['status_name'] + ''; - } - else if (type === 'filter' || type === 'sort'){ - data = row['status_name'] - } else if (type === 'export') { - data = row['status_name'] - } - return data; - } - }, - { - "data": "task_assignees", - "render": function (data, type, row, meta) { - if (data != null) { - names = ""; - - if (data.length > 0) { - lst = []; - data.forEach(function (item, index) { lst.push(item['name']); }); - if (type === 'display') { - names = list_to_badges(lst, 'primary', 10, 'users'); - } - else { - lst.forEach(function (item, index) { - names += `${sanitizeHTML(item)}`; - }); - } - } - else { - if (type === 'display') { - names = '' + "Unassigned" + ''; - } - else { - names = "Unassigned"; - } - } - - return names; - - } - return data; - - } - }, - { - "data": "task_open_date", - "render": function (data, type, row, meta) { - if (type === 'display' && data != null) { - return formatTime(data); - } - return data; } - }, - { "data": "task_tags", - "render": function (data, type, row, meta) { - if (type === 'display' && data != null) { - let datas = ""; - let de = data.split(','); - for (let tag in de) { - datas += get_tag_from_data(de[tag], 'badge badge-light ml-2'); - } - return datas; + else { + if (type === 'display') { + names = '' + "Unassigned" + ''; + } + else { + names = "Unassigned"; } - return data; } + + return names; + + } + return data; + + } + }, + { + "data": "task_open_date", + "render": function (data, type, row, meta) { + if (type === 'display' && data != null) { + return formatTime(data); } - ], - rowCallback: function (nRow, data) { - nRow = '' + sanitizeHTML(data['status_name']) + ''; - }, - filter: true, - info: true, - ordering: true, - processing: true, - retrieve: true, - pageLength: 50, - order: [[ 2, "asc" ]], - buttons: [ - ], - responsive: { - details: { - display: $.fn.dataTable.Responsive.display.childRow, - renderer: $.fn.dataTable.Responsive.renderer.tableAll() + return data; + } + }, + { + "data": "task_tags", + "render": function (data, type, row, meta) { + if (type === 'display' && data != null) { + let datas = ""; + let de = data.split(','); + for (let tag in de) { + datas += get_tag_from_data(de[tag], 'badge badge-light ml-2'); } - }, - orderCellsTop: true, - initComplete: function () { - tableFiltering(this.api(), 'tasks_table'); - }, - select: true - }); - $("#tasks_table").css("font-size", 12); + return datas; + } + return data; + } + } + ], + rowCallback: function (nRow, data) { + nRow = '' + sanitizeHTML(data['status_name']) + ''; + }, + filter: true, + info: true, + ordering: true, + processing: true, + retrieve: true, + pageLength: 50, + order: [[2, "asc"]], + buttons: [ + ], + responsive: { + details: { + display: $.fn.dataTable.Responsive.display.childRow, + renderer: $.fn.dataTable.Responsive.renderer.tableAll() + } + }, + orderCellsTop: true, + initComplete: function () { + tableFiltering(this.api(), 'tasks_table'); + }, + select: true + }); + $("#tasks_table").css("font-size", 12); - Table.on( 'responsive-resize', function ( e, datatable, columns ) { - hide_table_search_input( columns ); - }); + Table.on('responsive-resize', function (e, datatable, columns) { + hide_table_search_input(columns); + }); - var buttons = new $.fn.dataTable.Buttons(Table, { - buttons: [ - { "extend": 'csvHtml5', "text":'',"className": 'btn btn-link text-white' - , "titleAttr": 'Download as CSV', "exportOptions": { "columns": ':visible', 'orthogonal': 'export' } } , - { "extend": 'copyHtml5', "text":'',"className": 'btn btn-link text-white' - , "titleAttr": 'Copy', "exportOptions": { "columns": ':visible', 'orthogonal': 'export' } }, - { "extend": 'colvis', "text":'',"className": 'btn btn-link text-white' - , "titleAttr": 'Toggle columns' } - ] - }).container().appendTo($('#tables_button')); + var buttons = new $.fn.dataTable.Buttons(Table, { + buttons: [ + { + "extend": 'csvHtml5', "text": '', "className": 'btn btn-link text-white' + , "titleAttr": 'Download as CSV', "exportOptions": { "columns": ':visible', 'orthogonal': 'export' } + }, + { + "extend": 'copyHtml5', "text": '', "className": 'btn btn-link text-white' + , "titleAttr": 'Copy', "exportOptions": { "columns": ':visible', 'orthogonal': 'export' } + }, + { + "extend": 'colvis', "text": '', "className": 'btn btn-link text-white' + , "titleAttr": 'Toggle columns' + } + ] + }).container().appendTo($('#tables_button')); - get_tasks(); + get_tasks(); - setInterval(function() { check_update('tasks/state'); }, 3000); + setInterval(function () { check_update('tasks/state'); }, 3000); - shared_id = getSharedLink(); - if (shared_id) { - edit_task(shared_id); - } + shared_id = getSharedLink(); + if (shared_id) { + edit_task(shared_id); + } }); From 68c8317281df68909b787e84fd4d83c2cab17e94 Mon Sep 17 00:00:00 2001 From: Maham Riaz Keyani Date: Mon, 25 Nov 2024 14:38:11 +0500 Subject: [PATCH 35/80] Id-10 merged with id-5 --- .../blueprints/case/case_triggers_routes.py | 32 +++++-------------- .../case/templates/case_triggers.html | 9 ++++-- 2 files changed, 15 insertions(+), 26 deletions(-) diff --git a/source/app/blueprints/case/case_triggers_routes.py b/source/app/blueprints/case/case_triggers_routes.py index f9781d3c2..7d6c7db8b 100644 --- a/source/app/blueprints/case/case_triggers_routes.py +++ b/source/app/blueprints/case/case_triggers_routes.py @@ -17,47 +17,31 @@ # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. # IMPORTS ------------------------------------------------ -from datetime import datetime - -import marshmallow from flask import Blueprint from flask import redirect from flask import render_template -from flask import request from flask import url_for -from flask_login import current_user from flask_wtf import FlaskForm - -from app import db -from app.blueprints.case.case_comments import case_comment_update from app.datamgmt.case.case_db import get_case -from app.datamgmt.manage.manage_attribute_db import get_default_custom_attributes -from app.datamgmt.states import get_tasks_state from app.datamgmt.states import update_tasks_state -from app.forms import CaseTaskForm -from app.iris_engine.module_handler.module_handler import call_modules_hook -from app.iris_engine.utils.tracker import track_activity from app.models.authorization import CaseAccessLevel -from app.models.authorization import User -from app.schema.marshables import CommentSchema from app.util import ac_api_case_requires from app.util import ac_case_requires -from app.util import response_error -from app.util import response_success +from source.app.datamgmt.manage.manage_case_response_db import get_case_responses_list case_triggers_blueprint = Blueprint('case_triggers', - __name__, - template_folder='templates') - + __name__, + template_folder='templates') # CONTENT ------------------------------------------------ @case_triggers_blueprint.route('/case/triggers', methods=['GET']) -@ac_case_requires(CaseAccessLevel.read_only, CaseAccessLevel.full_access) -def case_tasks(caseid, url_redir): +#@ac_case_requires(CaseAccessLevel.read_only, CaseAccessLevel.full_access) +def case_triggers(caseid, url_redir): if url_redir: - return redirect(url_for('case_tasks.case_tasks', cid=caseid, redirect=True)) + return redirect(url_for('case_triggers.case_triggers', cid=caseid, redirect=True)) form = FlaskForm() case = get_case(caseid) + triggers = get_case_responses_list() # Fetch the triggers - return render_template("case_triggers.html", case=case, form=form) \ No newline at end of file + return render_template("case_triggers.html", case=case, form=form, triggers=triggers) diff --git a/source/app/blueprints/case/templates/case_triggers.html b/source/app/blueprints/case/templates/case_triggers.html index 8868e2f40..c6e2680c4 100644 --- a/source/app/blueprints/case/templates/case_triggers.html +++ b/source/app/blueprints/case/templates/case_triggers.html @@ -48,6 +48,10 @@ + hello + +

    {{ triggers }}

    +

    - - + {% endblock javascripts %} \ No newline at end of file From f855d45ac52db0d357fa94bbe905eba02d0b1140 Mon Sep 17 00:00:00 2001 From: Muhammad Hanzila Date: Tue, 26 Nov 2024 13:00:52 +0500 Subject: [PATCH 36/80] endpoint fixed --- .../app/blueprints/case/case_triggers_routes.py | 16 ++++++++++------ .../datamgmt/manage/manage_case_response_db.py | 6 ++---- 2 files changed, 12 insertions(+), 10 deletions(-) diff --git a/source/app/blueprints/case/case_triggers_routes.py b/source/app/blueprints/case/case_triggers_routes.py index 7d6c7db8b..5c968674e 100644 --- a/source/app/blueprints/case/case_triggers_routes.py +++ b/source/app/blueprints/case/case_triggers_routes.py @@ -17,7 +17,7 @@ # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. # IMPORTS ------------------------------------------------ -from flask import Blueprint +from flask import Blueprint, request from flask import redirect from flask import render_template from flask import url_for @@ -27,21 +27,25 @@ from app.models.authorization import CaseAccessLevel from app.util import ac_api_case_requires from app.util import ac_case_requires -from source.app.datamgmt.manage.manage_case_response_db import get_case_responses_list +from app.datamgmt.manage.manage_case_response_db import get_case_responses_list + case_triggers_blueprint = Blueprint('case_triggers', __name__, template_folder='templates') -# CONTENT ------------------------------------------------ @case_triggers_blueprint.route('/case/triggers', methods=['GET']) -#@ac_case_requires(CaseAccessLevel.read_only, CaseAccessLevel.full_access) -def case_triggers(caseid, url_redir): +def case_triggers(): + # Retrieve query parameters from the URL + caseid = request.args.get('caseid') + url_redir = request.args.get('url_redir', type=bool) + if url_redir: return redirect(url_for('case_triggers.case_triggers', cid=caseid, redirect=True)) form = FlaskForm() case = get_case(caseid) - triggers = get_case_responses_list() # Fetch the triggers + triggers = get_case_responses_list() return render_template("case_triggers.html", case=case, form=form, triggers=triggers) + diff --git a/source/app/datamgmt/manage/manage_case_response_db.py b/source/app/datamgmt/manage/manage_case_response_db.py index 4ddf82d96..ce8be88d0 100644 --- a/source/app/datamgmt/manage/manage_case_response_db.py +++ b/source/app/datamgmt/manage/manage_case_response_db.py @@ -30,7 +30,7 @@ def get_case_responses_list() -> List[dict]: Returns: List[dict]: List of case responses. """ - case_responses = CaseResponse.query.with_entities( + case_response = CaseResponse.query.with_entities( CaseResponse.id, CaseResponse.created_at, CaseResponse.updated_at, @@ -38,11 +38,9 @@ def get_case_responses_list() -> List[dict]: CaseResponse.trigger, CaseResponse.body, User.name.label('created_by') - ).join( - CaseResponse.created_by_user ).all() - return [row._asdict() for row in case_responses] + return [row._asdict() for row in case_response] def get_case_response_by_id(response_id: int) -> CaseResponse: From 88d62863d8036f63c5a0cfe92745dceb48b41e6e Mon Sep 17 00:00:00 2001 From: Maham Riaz Keyani Date: Thu, 28 Nov 2024 15:29:11 +0500 Subject: [PATCH 37/80] case triggers implemented --- .../blueprints/case/case_triggers_routes.py | 47 ++---- .../case/templates/case_triggers.html | 137 +++++++++--------- .../manage/manage_case_response_db.py | 2 +- .../static/assets/js/iris/case.triggers.js | 130 ++++------------- 4 files changed, 118 insertions(+), 198 deletions(-) diff --git a/source/app/blueprints/case/case_triggers_routes.py b/source/app/blueprints/case/case_triggers_routes.py index 5c968674e..957c70deb 100644 --- a/source/app/blueprints/case/case_triggers_routes.py +++ b/source/app/blueprints/case/case_triggers_routes.py @@ -1,35 +1,10 @@ -# IRIS Source Code -# Copyright (C) 2021 - Airbus CyberSecurity (SAS) - DFIR-IRIS Team -# ir@cyberactionlab.net - contact@dfir-iris.org -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU Lesser General Public -# License as published by the Free Software Foundation; either -# version 3 of the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# Lesser General Public License for more details. -# -# You should have received a copy of the GNU Lesser General Public License -# along with this program; if not, write to the Free Software Foundation, -# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - # IMPORTS ------------------------------------------------ -from flask import Blueprint, request -from flask import redirect -from flask import render_template -from flask import url_for +from flask import Blueprint, request, redirect, render_template, url_for +import json from flask_wtf import FlaskForm from app.datamgmt.case.case_db import get_case -from app.datamgmt.states import update_tasks_state -from app.models.authorization import CaseAccessLevel -from app.util import ac_api_case_requires -from app.util import ac_case_requires from app.datamgmt.manage.manage_case_response_db import get_case_responses_list - case_triggers_blueprint = Blueprint('case_triggers', __name__, template_folder='templates') @@ -45,7 +20,17 @@ def case_triggers(): form = FlaskForm() case = get_case(caseid) - triggers = get_case_responses_list() - - return render_template("case_triggers.html", case=case, form=form, triggers=triggers) - + triggers = get_case_responses_list() + + # Serialize datetime objects for rendering + for trigger in triggers: + trigger['created_at'] = trigger['created_at'].strftime("%Y-%m-%d %H:%M:%S") + if trigger['updated_at']: + trigger['updated_at'] = trigger['updated_at'].strftime("%Y-%m-%d %H:%M:%S") + if trigger['body']: + try: + trigger['body'] = json.dumps(trigger['body']) + except (TypeError, ValueError) as e: + trigger['body'] = str(trigger['body']) # Fallback to string representation + + return render_template("case_triggers.html", case=case, form=form, triggers=triggers) \ No newline at end of file diff --git a/source/app/blueprints/case/templates/case_triggers.html b/source/app/blueprints/case/templates/case_triggers.html index c6e2680c4..4a4f43f09 100644 --- a/source/app/blueprints/case/templates/case_triggers.html +++ b/source/app/blueprints/case/templates/case_triggers.html @@ -1,58 +1,68 @@ -{% extends "layouts/default_ext.html" %} - -{% block title %} Case Triggers {% endblock title %} - -{% block stylesheets %} -{% include 'includes/header_case.html' %} - - - -{% endblock stylesheets %} - -{% block content %} - -{% include 'includes/navigation_ext.html' %} - - -{% include 'includes/sidenav.html' %} +{% extends "layouts/default_ext.html" %} {% block title %} Case Triggers {% +endblock title %} {% block stylesheets %} {% include 'includes/header_case.html' +%} + + + +{% endblock stylesheets %} {% block content %} {% include +'includes/navigation_ext.html' %} {% include 'includes/sidenav.html' %}
    - -
    - - {% if current_user.is_authenticated %} - {{ form.hidden_tag() }} - -
    -
    -
    -
    Loading...
    -
    - - -
    +
    +
    - - - {% endif %} - - {% include 'includes/footer.html' %} - + {% endif %} + -{% endblock content %} + {% include 'includes/footer.html' %} + -{% block javascripts %} -{% include 'includes/footer_case.html' %} +{% endblock content %} {% block javascripts %} {% include +'includes/footer_case.html' %} - {% endblock javascripts %} \ No newline at end of file diff --git a/source/app/datamgmt/manage/manage_case_response_db.py b/source/app/datamgmt/manage/manage_case_response_db.py index ce8be88d0..91acf1789 100644 --- a/source/app/datamgmt/manage/manage_case_response_db.py +++ b/source/app/datamgmt/manage/manage_case_response_db.py @@ -52,7 +52,7 @@ def get_case_response_by_id(response_id: int) -> CaseResponse: Returns: CaseResponse: Task response object. """ - case_response = CaseResponse.query.filter_by(id=response_id).first() + case_response = CaseResponse.query.filter_by(id=response_id) return case_response diff --git a/source/app/static/assets/js/iris/case.triggers.js b/source/app/static/assets/js/iris/case.triggers.js index 902eb4f84..8f80d1313 100644 --- a/source/app/static/assets/js/iris/case.triggers.js +++ b/source/app/static/assets/js/iris/case.triggers.js @@ -1,106 +1,38 @@ - -const dummyTriggers = [ - { - "id": 1, - "case": 101, - "trigger": 202, - "body": { - "status": "success", - "message": "Action executed successfully", - "details": { - "step_1": "Initiated", - "step_2": "Completed" - } - }, - "execution_time": "2024-11-13T14:30:00Z" - }, - { - "id": 2, - "case": 103, - "trigger": 202, - "body": { - "status": "success", - "message": "Action executed successfully", - "details": { - "step_1": "Initiated", - "step_2": "Completed" +document.addEventListener("DOMContentLoaded", () => { + const table = document.getElementById("trigger_table"); + + table.addEventListener("click", (event) => { + if (event.target && event.target.classList.contains("view-response")) { + const button = event.target; + + const responseData = button.getAttribute("data-response"); + const parsedData = JSON.parse(responseData); + const jsonCrackEmbed = document.getElementById("jsoncrackEmbed"); + + const modal = new bootstrap.Modal(document.getElementById("responseModal")); + modal.show(); + //Check iframe is loaded and contentWindow is available + if (jsonCrackEmbed && jsonCrackEmbed.contentWindow) { + // Define options for jsonCrack + const options = { + theme: "light", + direction: "DOWN", + }; + + // Post message to jsonCrackEmbed iframe + jsonCrackEmbed.contentWindow.postMessage({ json: JSON.stringify(parsedData), options }, "*"); + } else { + console.error("jsonCrackEmbed iframe is not available or not loaded."); } - }, - "execution_time": "2024-11-13T14:50:00Z" - } -]; - - -function get_triggers() { - $('#trigger_table_wrapper'); - show_loader(); - - Table.clear(); - Table.rows.add(dummyTriggers); - Table.draw(); - - hide_loader(); -} - - -$(document).ready(function () { - Table = $("#trigger_table").DataTable({ - dom: '<"container-fluid"<"row"<"col"l><"col"f>>>rt<"container-fluid"<"row"<"col"i><"col"p>>>', - data: [], - columns: [ - { data: "id", title: "ID" }, - { data: "case", title: "Case" }, - { data: "trigger", title: "Trigger" }, - { - data: "body", - title: "Response", - render: function (data, type, row) { - if (type === 'display') { - return ''; - } - return data; - } - }, - { data: "execution_time", title: "Execution Time" } - ], - processing: true, - ordering: true, - pageLength: 10, - responsive: true, - order: [[0, 'asc']], - }); - - - get_triggers(); - - - $('#trigger_table').on('click', '.view-response', function () { - const responseData = $(this).data('body'); - const jsonCrackEmbed = document.getElementById("jsoncrackEmbed"); - - $('#responseModal').modal('show'); - - - const options = { - theme: "light", - direction: "DOWN", - }; - jsonCrackEmbed.contentWindow.postMessage({ json: JSON.stringify(responseData), options }, "*"); + } + }); }); -function closeModal() { - $('#responseModal').modal('hide'); -} - -function show_loader() { - $('#loading_msg').show(); - $('#card_main_load').hide(); -} -function hide_loader() { - $('#loading_msg').hide(); - $('#card_main_load').show(); -} +function closeModal() { + const modal = bootstrap.Modal.getInstance(document.getElementById("responseModal")); + modal.hide(); +} \ No newline at end of file From 1e8045d67533735765c26c995f7c2073aaf03faf Mon Sep 17 00:00:00 2001 From: Maham Riaz Keyani Date: Fri, 29 Nov 2024 20:42:24 +0500 Subject: [PATCH 38/80] implemented json editor in expand view --- .../app/blueprints/case/case_tasks_routes.py | 14 ++- .../blueprints/case/templates/case_tasks.html | 3 +- .../case/templates/modal_add_case_task.html | 27 ++--- .../manage/manage_case_templates_db.py | 41 +++++++ .../app/static/assets/js/iris/case.tasks.js | 110 ++++++++++-------- 5 files changed, 123 insertions(+), 72 deletions(-) diff --git a/source/app/blueprints/case/case_tasks_routes.py b/source/app/blueprints/case/case_tasks_routes.py index 999500ce3..1cfd0c3db 100644 --- a/source/app/blueprints/case/case_tasks_routes.py +++ b/source/app/blueprints/case/case_tasks_routes.py @@ -20,7 +20,7 @@ from datetime import datetime import marshmallow -from flask import Blueprint +from flask import Blueprint, jsonify from flask import redirect from flask import render_template from flask import request @@ -77,6 +77,18 @@ def case_tasks(caseid, url_redir): return render_template("case_tasks.html", case=case, form=form) +@case_tasks_blueprint.route('/case/testjsoneeditorRoute', methods=['POST']) +def save_data(): + # Get the JSON data from the request + data = request.get_json() + + # Debugging output + print('Received data:', data) + + # Process the data (e.g., save to a database, etc.) + + # Return a response + return jsonify({"status": "success", "message": "Data saved successfully!"}) @case_tasks_blueprint.route('/case/tasks/list', methods=['GET']) @ac_api_case_requires(CaseAccessLevel.read_only, CaseAccessLevel.full_access) diff --git a/source/app/blueprints/case/templates/case_tasks.html b/source/app/blueprints/case/templates/case_tasks.html index 1108bdb87..5741dcddf 100644 --- a/source/app/blueprints/case/templates/case_tasks.html +++ b/source/app/blueprints/case/templates/case_tasks.html @@ -83,7 +83,7 @@ - {% include 'includes/footer.html' %} diff --git a/source/app/blueprints/case/templates/modal_add_case_task.html b/source/app/blueprints/case/templates/modal_add_case_task.html index 5b3bda995..6f51474a7 100644 --- a/source/app/blueprints/case/templates/modal_add_case_task.html +++ b/source/app/blueprints/case/templates/modal_add_case_task.html @@ -120,6 +120,13 @@

    {% if task.id %} Task ID #{{ task.id }}{% else %} + + +
    @@ -135,25 +142,6 @@

    {% if task.id %} Task ID #{{ task.id }}{% else %}

    -
    {% endif %} @@ -207,7 +195,6 @@

    Action Input Form
    - {% endblock javascripts %} \ No newline at end of file diff --git a/source/app/datamgmt/manage/manage_case_templates_db.py b/source/app/datamgmt/manage/manage_case_templates_db.py index 3e95270a1..df56f8f14 100644 --- a/source/app/datamgmt/manage/manage_case_templates_db.py +++ b/source/app/datamgmt/manage/manage_case_templates_db.py @@ -439,5 +439,46 @@ def save_results(data, case_template_id, webhook_id): print(f"Error saving CaseResponse: {str(e)}") +# Methods for actions +def execute_and_save_action(action, case_template_id, payload): + try: + # Extract webhook_id from the action + webhook_id = action.get("webhook_id") + print(f"Webhook ID: {webhook_id}") # Debugging: Ensure webhook_id is being accessed + if not webhook_id: + raise ValueError("Trigger execution failed: webhook_id is missing in action.") + + # Fetch the webhook object from the database + webhook = get_webhook_by_id(webhook_id) + print(f"Webhook Object: {webhook}") # Debugging: Log the webhook object + if not webhook: + raise ValueError(f"Trigger execution failed: No webhook found for webhook_id {webhook_id}.") + # Fetch the URL from the webhook object + url = webhook.url # Adjust this based on your webhook model's attributes + print(f"Webhook URL: {url}") # Debugging: Ensure URL is being accessed + if not url: + raise ValueError(f"Trigger execution failed: URL is missing in webhook with id {webhook_id}.") + + # Execute the webhook request + print(f"Executing webhook request to URL: {url} with data: {action}") + response = requests.post(url, json=action) + print(f"Webhook Response Status Code: {response.status_code}") # Log response status + print(f"Webhook Response Content: {response.text}") # Log response content + + # Check response status + if response.status_code == 200: + results = response.json() + print(f"Webhook Execution Results: {results}") # Log the result of the execution + save_results(results, case_template_id, webhook_id) # Assuming save_results is implemented to handle the output + return f"Trigger executed successfully and saved for webhook_id {webhook_id}." + else: + raise ValueError( + f"Trigger execution failed: Webhook request returned status {response.status_code}, " + f"response: {response.text}" + ) + + except Exception as e: + print(f"Error in execute_and_save_action: {str(e)}") # Log the error + return str(e) diff --git a/source/app/static/assets/js/iris/case.tasks.js b/source/app/static/assets/js/iris/case.tasks.js index 52232d1c1..fb992f092 100644 --- a/source/app/static/assets/js/iris/case.tasks.js +++ b/source/app/static/assets/js/iris/case.tasks.js @@ -93,7 +93,7 @@ function edit_task(id) { text: action.name, click: function (e) { e.preventDefault(); // Prevent default link behavior - OpenJsonEditorModal(action.payload_schema); + expandActionDiv(action.payload_schema); }, }) ); @@ -115,65 +115,77 @@ function edit_task(id) { }); } -function OpenJsonEditorModal(payloadSchema) { - $('#responseModal').modal('show'); +function expandActionDiv(actionDetails) { + // Reference to the collapsible content div + const collapsibleContent = $('#collapsibleContent'); + const jsonEditorContainer = $('#jsoneditor'); - // Ensure the editor is initialized only once - if (!window.jsonEditor) { - window.jsonEditor = new JSONEditor(document.getElementById('jsoneditor'), { - schema: payloadSchema, - theme:'bootstrap4' - }); - } else { + // Show the collapsible content + collapsibleContent.slideDown(); + + // Reinitialize JSONEditor + if (window.jsonEditor) { + // Destroy the existing editor instance window.jsonEditor.destroy(); - window.jsonEditor = new JSONEditor(document.getElementById('jsoneditor'), { - schema: payloadSchema - }); + window.jsonEditor = null; // Clear reference to avoid accidental reuse } - // Set the default value if provided in the schema - if (payloadSchema.default) { - window.jsonEditor.set(payloadSchema); - } + // Create a new JSONEditor instance with the given schema + window.jsonEditor = new JSONEditor(jsonEditorContainer[0], { + schema: actionDetails, // Use the provided schema + theme: 'bootstrap4', + }); - // Save button event listener - $('#saveBtn').off('click').on('click', function () { - var updatedData = window.jsonEditor.get(); - console.log('Updated data:', updatedData); + // Use the `onReady` callback to ensure the editor is ready + window.jsonEditor.on('ready', function () { + console.log('JSONEditor is ready.'); + + // Set default data or use schema defaults if available + if (actionDetails.default) { + window.jsonEditor.setValue(actionDetails.default); + } else { + window.jsonEditor.setValue({}); // Initialize with an empty object if no default provided + } }); -} -// Function to handle displaying the response of the selected action using dummy data -function displayActionResponse(taskId, actionId) { - // Dummy response data for each action - var dummyResponses = { - 1: [ - { id: 1, task: 'Task 1', action: 'Review Task', response: 'Reviewed successfully', executionTime: '5s' }, - { id: 2, task: 'Task 2', action: 'Review Task', response: 'Minor changes needed', executionTime: '7s' } - ], - 2: [ - { id: 3, task: 'Task 3', action: 'Approve Task', response: 'Approved successfully', executionTime: '3s' } - ], - 3: [ - { id: 4, task: 'Task 4', action: 'Reject Task', response: 'Rejected due to issues', executionTime: '6s' } - ] - }; - - var response = dummyResponses[actionId] || []; - var table = $('#taskResponse_table').DataTable({ - destroy: true, // Reinitialize the table each time - data: response, - columns: [ - { data: 'id', title: 'ID' }, - { data: 'task', title: 'Tasks' }, - { data: 'action', title: 'Action' }, - { data: 'response', title: 'Response' }, - { data: 'executionTime', title: 'Execution Time' } - ] + // Update the Save button logic to handle the current action + $('#saveBtn').off('click').on('click', function (e) { + e.preventDefault(); + + // Retrieve the updated data from JSONEditor + const updatedData = window.jsonEditor.getValue(); + + console.log('Updated data:', updatedData); + + // Example: Simulated save logic (replace with your actual save endpoint) + fetch('/case/testjsoneeditorRoute', { + method: 'POST', + headers: { + 'Content-Type': 'application/json', + }, + body: JSON.stringify(updatedData), + }) + .then((response) => { + if (!response.ok) { + throw new Error(`HTTP error! Status: ${response.status}`); + } + return response.json(); + }) + .then((data) => { + console.log('Save successful:', data); + alert('Data saved successfully!'); + }) + .catch((error) => { + console.error('Error saving data:', error); + alert('Error saving data. Please try again.'); + }); }); } + + + function save_task() { $('#submit_new_task').click(); } From 160b8ca1d025088f8300de5dd4a2c1d0a1b60180 Mon Sep 17 00:00:00 2001 From: Maham Riaz Keyani Date: Mon, 2 Dec 2024 18:27:29 +0500 Subject: [PATCH 39/80] added case_id and action_id to execute button --- .../blueprints/case/templates/modal_add_case_task.html | 2 +- source/app/static/assets/js/iris/case.tasks.js | 10 +++++++--- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/source/app/blueprints/case/templates/modal_add_case_task.html b/source/app/blueprints/case/templates/modal_add_case_task.html index 6f51474a7..856355101 100644 --- a/source/app/blueprints/case/templates/modal_add_case_task.html +++ b/source/app/blueprints/case/templates/modal_add_case_task.html @@ -125,7 +125,7 @@

    {% if task.id %} Task ID #{{ task.id }}{% else %}
    diff --git a/source/app/static/assets/js/iris/case.tasks.js b/source/app/static/assets/js/iris/case.tasks.js index fb992f092..2382c85d3 100644 --- a/source/app/static/assets/js/iris/case.tasks.js +++ b/source/app/static/assets/js/iris/case.tasks.js @@ -93,7 +93,7 @@ function edit_task(id) { text: action.name, click: function (e) { e.preventDefault(); // Prevent default link behavior - expandActionDiv(action.payload_schema); + expandActionDiv(action.payload_schema, id , action.id); }, }) ); @@ -115,7 +115,7 @@ function edit_task(id) { }); } -function expandActionDiv(actionDetails) { +function expandActionDiv(actionDetails,case_id, action_id) { // Reference to the collapsible content div const collapsibleContent = $('#collapsibleContent'); const jsonEditorContainer = $('#jsoneditor'); @@ -155,7 +155,11 @@ function expandActionDiv(actionDetails) { // Retrieve the updated data from JSONEditor const updatedData = window.jsonEditor.getValue(); - console.log('Updated data:', updatedData); + // Add the action_id to the updatedData object + updatedData.case_id = case_id; + updatedData.action_id = action_id; + + console.log('Updated data with case_id:', updatedData); // Example: Simulated save logic (replace with your actual save endpoint) fetch('/case/testjsoneeditorRoute', { From 09c382cd8e5926a26e5461130dc1978be29a8b1a Mon Sep 17 00:00:00 2001 From: Maham Riaz Keyani Date: Tue, 3 Dec 2024 11:04:40 +0500 Subject: [PATCH 40/80] updated edit_task method --- source/app/static/assets/js/iris/case.tasks.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source/app/static/assets/js/iris/case.tasks.js b/source/app/static/assets/js/iris/case.tasks.js index 2382c85d3..ef5d3f8f2 100644 --- a/source/app/static/assets/js/iris/case.tasks.js +++ b/source/app/static/assets/js/iris/case.tasks.js @@ -157,7 +157,7 @@ function expandActionDiv(actionDetails,case_id, action_id) { // Add the action_id to the updatedData object updatedData.case_id = case_id; - updatedData.action_id = action_id; + updatedData.action_id = case_id; console.log('Updated data with case_id:', updatedData); From 7c2015e7b5a54b66c800239a2a9d68a4ba4449cb Mon Sep 17 00:00:00 2001 From: Maham Riaz Keyani Date: Tue, 3 Dec 2024 11:06:33 +0500 Subject: [PATCH 41/80] added add_task methods --- .../app/static/assets/js/iris/case.tasks.js | 128 ++++++++++++++++++ 1 file changed, 128 insertions(+) diff --git a/source/app/static/assets/js/iris/case.tasks.js b/source/app/static/assets/js/iris/case.tasks.js index ef5d3f8f2..b632baae4 100644 --- a/source/app/static/assets/js/iris/case.tasks.js +++ b/source/app/static/assets/js/iris/case.tasks.js @@ -16,6 +16,134 @@ function edit_in_task_desc() { } } +/* Fetch a modal that allows to add an event */ +function add_task() { + url = 'tasks/add/modal' + case_param(); + $('#modal_add_task_content').load(url, function (response, status, xhr) { + hide_minimized_modal_box(); + if (status !== "success") { + ajax_notify_error(xhr, url); + return false; + } + + g_task_desc_editor = get_new_ace_editor('task_description', 'task_desc_content', 'target_task_desc', + function() { + $('#last_saved').addClass('btn-danger').removeClass('btn-success'); + $('#last_saved > i').attr('class', "fa-solid fa-file-circle-exclamation"); + }, null); + g_task_desc_editor.setOption("minLines", "10"); + edit_in_task_desc(); + + headers = get_editor_headers('g_task_desc_editor', null, 'task_edition_btn'); + $('#task_edition_btn').append(headers); + + $('#submit_new_task').on("click", function () { + + clear_api_error(); + if(!$('form#form_new_task').valid()) { + return false; + } + + var data_sent = $('#form_new_task').serializeObject(); + data_sent['task_tags'] = $('#task_tags').val(); + data_sent['task_assignees_id'] = $('#task_assignees_id').val(); + data_sent['task_status_id'] = $('#task_status_id').val(); + data_sent['task_description'] = g_task_desc_editor.getValue(); + ret = get_custom_attributes_fields(); + has_error = ret[0].length > 0; + attributes = ret[1]; + + if (has_error){return false;} + + data_sent['custom_attributes'] = attributes; + + post_request_api('tasks/add', JSON.stringify(data_sent), true) + .done((data) => { + if(notify_auto_api(data)) { + get_tasks(); + $('#modal_add_task').modal('hide'); + } + }); + + return false; + }) + $('#modal_add_task').modal({ show: true }); + $('#task_title').focus(); + + }); + +} + +function save_task() { + $('#submit_new_task').click(); +} + +function update_task(task_id) { + update_task_ext(task_id, true); +} + +function update_task_ext(task_id, do_close) { + + clear_api_error(); + if(!$('form#form_new_task').valid()) { + return false; + } + + if (task_id === undefined || task_id === null) { + task_id = g_task_id; + } + + var data_sent = $('#form_new_task').serializeObject(); + data_sent['task_tags'] = $('#task_tags').val(); + + data_sent['task_assignees_id'] = $('#task_assignees_id').val(); + data_sent['task_status_id'] = $('#task_status_id').val(); + ret = get_custom_attributes_fields(); + has_error = ret[0].length > 0; + attributes = ret[1]; + + if (has_error){return false;} + + data_sent['custom_attributes'] = attributes; + data_sent['task_description'] = g_task_desc_editor.getValue(); + + $('#update_task_btn').text('Updating..'); + + post_request_api('tasks/update/' + task_id, JSON.stringify(data_sent), true) + .done((data) => { + if(notify_auto_api(data)) { + get_tasks(); + $('#submit_new_task').text("Saved").addClass('btn-outline-success').removeClass('btn-outline-danger').removeClass('btn-outline-warning'); + $('#last_saved').removeClass('btn-danger').addClass('btn-success'); + $('#last_saved > i').attr('class', "fa-solid fa-file-circle-check"); + + if (do_close !== undefined && do_close === true) { + $('#modal_add_task').modal('hide'); + } + } + }) + .always(() => { + $('#update_task_btn').text('Update'); + }); +} + +/* Delete an event from the timeline thank to its id */ +function delete_task(id) { + do_deletion_prompt("You are about to delete task #" + id) + .then((doDelete) => { + if (doDelete) { + post_request_api("tasks/delete/" + id) + .done((data) => { + if(notify_auto_api(data)) { + get_tasks(); + $('#modal_add_task').modal('hide'); + } + }); + } + }); +} + + /* Fetch a modal that allows to add an event */ function edit_task(id) { From afa57141a402449aefbf980f71227763a1cbbc8d Mon Sep 17 00:00:00 2001 From: Muhammad Hanzila Date: Tue, 3 Dec 2024 12:28:35 +0500 Subject: [PATCH 42/80] action excute function --- .../manage/manage_case_templates_db.py | 55 ++++++++++++++----- 1 file changed, 40 insertions(+), 15 deletions(-) diff --git a/source/app/datamgmt/manage/manage_case_templates_db.py b/source/app/datamgmt/manage/manage_case_templates_db.py index df56f8f14..a2d46cf4f 100644 --- a/source/app/datamgmt/manage/manage_case_templates_db.py +++ b/source/app/datamgmt/manage/manage_case_templates_db.py @@ -25,9 +25,9 @@ from app.datamgmt.case.case_tasks_db import add_task from app.datamgmt.manage.manage_case_classifications_db import get_case_classification_by_name from app.iris_engine.module_handler.module_handler import call_modules_hook -from app.models import CaseTemplate, Cases, Tags, NoteDirectory, CaseResponse +from app.models import CaseTemplate, Cases, Tags, NoteDirectory, CaseResponse, TaskResponse from app.models.authorization import User -from app.schema.marshables import CaseSchema, CaseTaskSchema, CaseNoteDirectorySchema, CaseNoteSchema +from app.schema.marshables import CaseSchema, TaskResponseSchema, CaseTaskSchema, CaseNoteDirectorySchema, CaseNoteSchema from app.datamgmt.manage.manage_webhooks_db import get_webhook_by_id @@ -439,29 +439,27 @@ def save_results(data, case_template_id, webhook_id): print(f"Error saving CaseResponse: {str(e)}") -# Methods for actions - -def execute_and_save_action(action, case_template_id, payload): +def execute_and_save_action(action, task_id): try: # Extract webhook_id from the action webhook_id = action.get("webhook_id") print(f"Webhook ID: {webhook_id}") # Debugging: Ensure webhook_id is being accessed if not webhook_id: - raise ValueError("Trigger execution failed: webhook_id is missing in action.") + raise ValueError("Action execution failed: webhook_id is missing in action.") - # Fetch the webhook object from the database - webhook = get_webhook_by_id(webhook_id) + # Fetch the action object from the database + webhook = get_webhook_by_id(webhook_id) print(f"Webhook Object: {webhook}") # Debugging: Log the webhook object if not webhook: - raise ValueError(f"Trigger execution failed: No webhook found for webhook_id {webhook_id}.") + raise ValueError(f"Action execution failed: No webhook found for webhook_id {webhook_id}.") - # Fetch the URL from the webhook object + # Fetch the URL from the action object url = webhook.url # Adjust this based on your webhook model's attributes print(f"Webhook URL: {url}") # Debugging: Ensure URL is being accessed if not url: - raise ValueError(f"Trigger execution failed: URL is missing in webhook with id {webhook_id}.") + raise ValueError(f"Action execution failed: URL is missing in webhook with id {webhook_id}.") - # Execute the webhook request + # Execute the action request print(f"Executing webhook request to URL: {url} with data: {action}") response = requests.post(url, json=action) print(f"Webhook Response Status Code: {response.status_code}") # Log response status @@ -471,14 +469,41 @@ def execute_and_save_action(action, case_template_id, payload): if response.status_code == 200: results = response.json() print(f"Webhook Execution Results: {results}") # Log the result of the execution - save_results(results, case_template_id, webhook_id) # Assuming save_results is implemented to handle the output - return f"Trigger executed successfully and saved for webhook_id {webhook_id}." + save_results_for_tasks(results, task_id, webhook_id) # Save results + return f"Webhook executed successfully and saved for webhook_id {webhook_id}." else: raise ValueError( - f"Trigger execution failed: Webhook request returned status {response.status_code}, " + f"Action execution failed: Webhook request returned status {response.status_code}, " f"response: {response.text}" ) except Exception as e: print(f"Error in execute_and_save_action: {str(e)}") # Log the error return str(e) + + +def save_results_for_tasks(data, task_id, webhook_id): + """ + Save the results of an action execution into the TaskResponse model. + + :param data: The response data to save (JSON). + :param task_id: The task ID. + :param webhook_id: The webhook ID. + """ + try: + # Create a new TaskResponse object + task_response = TaskResponse( + task=task_id, + action=webhook_id, + body=data, + ) + + # Add the object to the session and commit + db.session.add(task_response) + db.session.commit() + + print(task_response.id, task_response.task, task_response.action, task_response.body, task_response.execution_time) + print(f"TaskResponse saved successfully with id {task_response.id}") + except Exception as e: + db.session.rollback() # Roll back the session in case of an error + print(f"Error saving TaskResponse: {str(e)}") From 0ff4ca7b809ba8cf98ec0d885ea608200d24c6d2 Mon Sep 17 00:00:00 2001 From: Maham Riaz Keyani Date: Tue, 3 Dec 2024 14:52:16 +0500 Subject: [PATCH 43/80] updated case_task_routes --- .../app/blueprints/case/case_tasks_routes.py | 14 ++++- .../manage/manage_case_templates_db.py | 5 +- .../app/static/assets/js/iris/case.tasks.js | 59 +++++++++---------- 3 files changed, 45 insertions(+), 33 deletions(-) diff --git a/source/app/blueprints/case/case_tasks_routes.py b/source/app/blueprints/case/case_tasks_routes.py index 1cfd0c3db..706df85bd 100644 --- a/source/app/blueprints/case/case_tasks_routes.py +++ b/source/app/blueprints/case/case_tasks_routes.py @@ -18,6 +18,7 @@ # IMPORTS ------------------------------------------------ from datetime import datetime +import json import marshmallow from flask import Blueprint, jsonify @@ -59,6 +60,7 @@ from app.util import ac_case_requires from app.util import response_error from app.util import response_success +from source.app.datamgmt.manage.manage_case_templates_db import execute_and_save_action case_tasks_blueprint = Blueprint('case_tasks', __name__, @@ -84,7 +86,17 @@ def save_data(): # Debugging output print('Received data:', data) - + actionResponse= execute_and_save_action(data.payload,data.task_id,data.action_id) + print('data received from execute function', actionResponse ) + for actionResponse in actionResponse: + actionResponse['created_at'] = actionResponse['created_at'].strftime("%Y-%m-%d %H:%M:%S") + if actionResponse['updated_at']: + actionResponse['updated_at'] = actionResponse['updated_at'].strftime("%Y-%m-%d %H:%M:%S") + if actionResponse['body']: + try: + actionResponse['body'] = json.dumps(actionResponse['body']) + except (TypeError, ValueError) as e: + actionResponse['body'] = str(actionResponse['body']) # Process the data (e.g., save to a database, etc.) # Return a response diff --git a/source/app/datamgmt/manage/manage_case_templates_db.py b/source/app/datamgmt/manage/manage_case_templates_db.py index a2d46cf4f..257ccd395 100644 --- a/source/app/datamgmt/manage/manage_case_templates_db.py +++ b/source/app/datamgmt/manage/manage_case_templates_db.py @@ -439,10 +439,11 @@ def save_results(data, case_template_id, webhook_id): print(f"Error saving CaseResponse: {str(e)}") -def execute_and_save_action(action, task_id): +def execute_and_save_action(action, task_id,action_id): + print("in execute function") try: # Extract webhook_id from the action - webhook_id = action.get("webhook_id") + webhook_id = action_id print(f"Webhook ID: {webhook_id}") # Debugging: Ensure webhook_id is being accessed if not webhook_id: raise ValueError("Action execution failed: webhook_id is missing in action.") diff --git a/source/app/static/assets/js/iris/case.tasks.js b/source/app/static/assets/js/iris/case.tasks.js index b632baae4..ef20dcbf5 100644 --- a/source/app/static/assets/js/iris/case.tasks.js +++ b/source/app/static/assets/js/iris/case.tasks.js @@ -230,7 +230,6 @@ function edit_task(id) { }) .catch((error) => { console.error("Error fetching data:", error); - // Handle error by displaying a message in the dropdown actionsList.empty().append( $('', { @@ -243,7 +242,7 @@ function edit_task(id) { }); } -function expandActionDiv(actionDetails,case_id, action_id) { +function expandActionDiv(actionDetails,task_id, action_id) { // Reference to the collapsible content div const collapsibleContent = $('#collapsibleContent'); const jsonEditorContainer = $('#jsoneditor'); @@ -283,40 +282,40 @@ function expandActionDiv(actionDetails,case_id, action_id) { // Retrieve the updated data from JSONEditor const updatedData = window.jsonEditor.getValue(); - // Add the action_id to the updatedData object - updatedData.case_id = case_id; - updatedData.action_id = case_id; + // Construct the request body to match the desired response structure + const requestData = { + action_id: action_id, // Pass the action ID + task_id: task_id, // Pass the case ID + payload: updatedData, // Include the editor data as 'payload' + }; - console.log('Updated data with case_id:', updatedData); + console.log('Request data:', requestData); // Example: Simulated save logic (replace with your actual save endpoint) fetch('/case/testjsoneeditorRoute', { - method: 'POST', - headers: { - 'Content-Type': 'application/json', - }, - body: JSON.stringify(updatedData), + method: 'POST', + headers: { + 'Content-Type': 'application/json', + }, + body: JSON.stringify(requestData), // Send the constructed data }) - .then((response) => { - if (!response.ok) { - throw new Error(`HTTP error! Status: ${response.status}`); - } - return response.json(); - }) - .then((data) => { - console.log('Save successful:', data); - alert('Data saved successfully!'); - }) - .catch((error) => { - console.error('Error saving data:', error); - alert('Error saving data. Please try again.'); - }); - }); -} - - - + .then((response) => { + if (!response.ok) { + throw new Error(`HTTP error! Status: ${response.status}`); + } + return response.json(); + }) + .then((data) => { + console.log('Save successful:', data); + alert('Data saved successfully!'); + }) + .catch((error) => { + console.error('Error saving data:', error); + alert('Error saving data. Please try again.'); + }); +}); +} function save_task() { $('#submit_new_task').click(); From 64a7534737a4454ab3b4afb04352b0d1480a91f2 Mon Sep 17 00:00:00 2001 From: Muhammad Hanzila Date: Tue, 3 Dec 2024 15:27:11 +0500 Subject: [PATCH 44/80] save data method updated --- .../app/blueprints/case/case_tasks_routes.py | 85 ++++++++++++++----- 1 file changed, 64 insertions(+), 21 deletions(-) diff --git a/source/app/blueprints/case/case_tasks_routes.py b/source/app/blueprints/case/case_tasks_routes.py index 706df85bd..150b6eabe 100644 --- a/source/app/blueprints/case/case_tasks_routes.py +++ b/source/app/blueprints/case/case_tasks_routes.py @@ -60,7 +60,7 @@ from app.util import ac_case_requires from app.util import response_error from app.util import response_success -from source.app.datamgmt.manage.manage_case_templates_db import execute_and_save_action +from app.datamgmt.manage.manage_case_templates_db import execute_and_save_action case_tasks_blueprint = Blueprint('case_tasks', __name__, @@ -79,28 +79,71 @@ def case_tasks(caseid, url_redir): return render_template("case_tasks.html", case=case, form=form) -@case_tasks_blueprint.route('/case/testjsoneeditorRoute', methods=['POST']) -def save_data(): - # Get the JSON data from the request - data = request.get_json() +# @case_tasks_blueprint.route('/case/testjsoneeditorRoute', methods=['POST']) +# def save_data(): +# # Get the JSON data from the request +# data = request.get_json() - # Debugging output - print('Received data:', data) - actionResponse= execute_and_save_action(data.payload,data.task_id,data.action_id) - print('data received from execute function', actionResponse ) - for actionResponse in actionResponse: - actionResponse['created_at'] = actionResponse['created_at'].strftime("%Y-%m-%d %H:%M:%S") - if actionResponse['updated_at']: - actionResponse['updated_at'] = actionResponse['updated_at'].strftime("%Y-%m-%d %H:%M:%S") - if actionResponse['body']: - try: - actionResponse['body'] = json.dumps(actionResponse['body']) - except (TypeError, ValueError) as e: - actionResponse['body'] = str(actionResponse['body']) - # Process the data (e.g., save to a database, etc.) +# # Debugging output +# print('Received data:', data) +# actionResponse= execute_and_save_action(data.payload,data.task_id,data.action_id) +# print('data received from execute function', actionResponse ) +# for actionResponse in actionResponse: +# actionResponse['created_at'] = actionResponse['created_at'].strftime("%Y-%m-%d %H:%M:%S") +# if actionResponse['updated_at']: +# actionResponse['updated_at'] = actionResponse['updated_at'].strftime("%Y-%m-%d %H:%M:%S") +# if actionResponse['body']: +# try: +# actionResponse['body'] = json.dumps(actionResponse['body']) +# except (TypeError, ValueError) as e: +# actionResponse['body'] = str(actionResponse['body']) +# # Process the data (e.g., save to a database, etc.) - # Return a response - return jsonify({"status": "success", "message": "Data saved successfully!"}) +# # Return a response +# return jsonify({"status": "success", "message": "Data saved successfully!"}) + + +@case_tasks_blueprint.route('/case/testjsoneeditorRoute', methods=['POST']) +def save_data(): + try: + # Get the JSON data + data = request.get_json() + print(f"Type of data: {type(data)}") + print(f"Content of data: {data}") + + # Extract values using dictionary keys + payload = data['payload'] + task_id = data['task_id'] + action_id = data['action_id'] + + # Debugging output + print(f"Payload: {payload}, Task ID: {task_id}, Action ID: {action_id}") + + # Call the function with extracted values + action_response = execute_and_save_action(payload, task_id, action_id) + print('Data received from execute_and_save_action:', action_response) + + # Process the action response + for response in action_response: + response['created_at'] = response['created_at'].strftime("%Y-%m-%d %H:%M:%S") + print("CREATED", response) + if response.get('updated_at'): + response['updated_at'] = response['updated_at'].strftime("%Y-%m-%d %H:%M:%S") + if response.get('body'): + try: + response['body'] = json.dumps(response['body']) + except (TypeError, ValueError): + response['body'] = str(response['body']) + + # Return a success response + return jsonify({"status": "success", "message": "Data saved successfully!", "data": action_response}) + + except KeyError as e: + print(f"Missing key in data: {e}") + return jsonify({"status": "error", "message": f"Missing key: {e}"}), 400 + except Exception as e: + print(f"Error in save_data: {e}") + return jsonify({"status": "error", "message": str(e)}), 500 @case_tasks_blueprint.route('/case/tasks/list', methods=['GET']) @ac_api_case_requires(CaseAccessLevel.read_only, CaseAccessLevel.full_access) From d0d6ca4b61c6ae9bfee1f87682140bf9627b0f3e Mon Sep 17 00:00:00 2001 From: Muhammad Hanzila Date: Tue, 3 Dec 2024 18:20:39 +0500 Subject: [PATCH 45/80] save data function fixed --- .../app/blueprints/case/case_tasks_routes.py | 69 +++++++------- .../manage/manage_case_templates_db.py | 89 ++++++++++++------- 2 files changed, 86 insertions(+), 72 deletions(-) diff --git a/source/app/blueprints/case/case_tasks_routes.py b/source/app/blueprints/case/case_tasks_routes.py index 150b6eabe..362dc55d7 100644 --- a/source/app/blueprints/case/case_tasks_routes.py +++ b/source/app/blueprints/case/case_tasks_routes.py @@ -79,44 +79,28 @@ def case_tasks(caseid, url_redir): return render_template("case_tasks.html", case=case, form=form) -# @case_tasks_blueprint.route('/case/testjsoneeditorRoute', methods=['POST']) -# def save_data(): -# # Get the JSON data from the request -# data = request.get_json() - -# # Debugging output -# print('Received data:', data) -# actionResponse= execute_and_save_action(data.payload,data.task_id,data.action_id) -# print('data received from execute function', actionResponse ) -# for actionResponse in actionResponse: -# actionResponse['created_at'] = actionResponse['created_at'].strftime("%Y-%m-%d %H:%M:%S") -# if actionResponse['updated_at']: -# actionResponse['updated_at'] = actionResponse['updated_at'].strftime("%Y-%m-%d %H:%M:%S") -# if actionResponse['body']: -# try: -# actionResponse['body'] = json.dumps(actionResponse['body']) -# except (TypeError, ValueError) as e: -# actionResponse['body'] = str(actionResponse['body']) -# # Process the data (e.g., save to a database, etc.) - -# # Return a response -# return jsonify({"status": "success", "message": "Data saved successfully!"}) - - @case_tasks_blueprint.route('/case/testjsoneeditorRoute', methods=['POST']) def save_data(): try: + # Debugging: Print raw request data + raw_data = request.data + print(f"Raw request data: {raw_data}") + # Get the JSON data data = request.get_json() - print(f"Type of data: {type(data)}") - print(f"Content of data: {data}") + if not isinstance(data, dict): + raise ValueError("Request payload is not a valid JSON object") + + print(f"Content of data: {data}") # Extract values using dictionary keys - payload = data['payload'] - task_id = data['task_id'] - action_id = data['action_id'] + payload = data.get('payload') + task_id = data.get('task_id') + action_id = data.get('action_id') + + if not payload or not task_id or not action_id: + raise KeyError("Missing one or more required keys: 'payload', 'task_id', 'action_id'") - # Debugging output print(f"Payload: {payload}, Task ID: {task_id}, Action ID: {action_id}") # Call the function with extracted values @@ -125,15 +109,17 @@ def save_data(): # Process the action response for response in action_response: - response['created_at'] = response['created_at'].strftime("%Y-%m-%d %H:%M:%S") - print("CREATED", response) - if response.get('updated_at'): - response['updated_at'] = response['updated_at'].strftime("%Y-%m-%d %H:%M:%S") - if response.get('body'): - try: - response['body'] = json.dumps(response['body']) - except (TypeError, ValueError): - response['body'] = str(response['body']) + if isinstance(response, dict): + # Ensure created_at and updated_at are formatted correctly + if 'created_at' in response: + response['created_at'] = response['created_at'].strftime("%Y-%m-%d %H:%M:%S") + if 'updated_at' in response: + response['updated_at'] = response['updated_at'].strftime("%Y-%m-%d %H:%M:%S") + if 'body' in response: + try: + response['body'] = json.dumps(response['body']) + except (TypeError, ValueError): + response['body'] = str(response['body']) # Return a success response return jsonify({"status": "success", "message": "Data saved successfully!", "data": action_response}) @@ -141,10 +127,15 @@ def save_data(): except KeyError as e: print(f"Missing key in data: {e}") return jsonify({"status": "error", "message": f"Missing key: {e}"}), 400 + except ValueError as e: + print(f"Invalid data: {e}") + return jsonify({"status": "error", "message": str(e)}), 400 except Exception as e: print(f"Error in save_data: {e}") return jsonify({"status": "error", "message": str(e)}), 500 + + @case_tasks_blueprint.route('/case/tasks/list', methods=['GET']) @ac_api_case_requires(CaseAccessLevel.read_only, CaseAccessLevel.full_access) def case_get_tasks(caseid): diff --git a/source/app/datamgmt/manage/manage_case_templates_db.py b/source/app/datamgmt/manage/manage_case_templates_db.py index 257ccd395..7543490b8 100644 --- a/source/app/datamgmt/manage/manage_case_templates_db.py +++ b/source/app/datamgmt/manage/manage_case_templates_db.py @@ -439,39 +439,51 @@ def save_results(data, case_template_id, webhook_id): print(f"Error saving CaseResponse: {str(e)}") -def execute_and_save_action(action, task_id,action_id): +def execute_and_save_action(action, task_id, action_id): print("in execute function") try: - # Extract webhook_id from the action + # Extract webhook_id webhook_id = action_id - print(f"Webhook ID: {webhook_id}") # Debugging: Ensure webhook_id is being accessed + print(f"Webhook ID: {webhook_id}") if not webhook_id: raise ValueError("Action execution failed: webhook_id is missing in action.") - # Fetch the action object from the database - webhook = get_webhook_by_id(webhook_id) - print(f"Webhook Object: {webhook}") # Debugging: Log the webhook object + # Fetch webhook details + webhook = get_webhook_by_id(webhook_id) + print(f"Webhook Object: {webhook}") if not webhook: raise ValueError(f"Action execution failed: No webhook found for webhook_id {webhook_id}.") - # Fetch the URL from the action object - url = webhook.url # Adjust this based on your webhook model's attributes - print(f"Webhook URL: {url}") # Debugging: Ensure URL is being accessed + # Validate the webhook URL + url = webhook.url + print(f"Webhook URL: {url}") if not url: raise ValueError(f"Action execution failed: URL is missing in webhook with id {webhook_id}.") - # Execute the action request + # Execute the webhook request print(f"Executing webhook request to URL: {url} with data: {action}") response = requests.post(url, json=action) - print(f"Webhook Response Status Code: {response.status_code}") # Log response status - print(f"Webhook Response Content: {response.text}") # Log response content + print(f"Webhook Response Status Code: {response.status_code}") + print(f"Webhook Response Content: {response.text}") - # Check response status + # Validate and process the response if response.status_code == 200: - results = response.json() - print(f"Webhook Execution Results: {results}") # Log the result of the execution - save_results_for_tasks(results, task_id, webhook_id) # Save results - return f"Webhook executed successfully and saved for webhook_id {webhook_id}." + if 'application/json' in response.headers.get('Content-Type', ''): + results = response.json() + print(f"Webhook Execution Results: {results}") + + # Save results in the database + save_results_for_tasks(results, task_id, webhook_id) + + # Ensure results are a list of dictionaries + if isinstance(results, dict): + results = [results] # Wrap single dictionary in a list + elif not isinstance(results, list): + raise ValueError("Unexpected response format: Expected a dictionary or a list of dictionaries.") + + return results + else: + raise ValueError("Webhook response is not in JSON format.") else: raise ValueError( f"Action execution failed: Webhook request returned status {response.status_code}, " @@ -479,32 +491,43 @@ def execute_and_save_action(action, task_id,action_id): ) except Exception as e: - print(f"Error in execute_and_save_action: {str(e)}") # Log the error - return str(e) + print(f"Error in execute_and_save_action: {str(e)}") + raise # Propagate the exception for handling in the calling function + def save_results_for_tasks(data, task_id, webhook_id): """ Save the results of an action execution into the TaskResponse model. - - :param data: The response data to save (JSON). + :param data: The response data to save (JSON, list of dictionaries or dictionary). :param task_id: The task ID. :param webhook_id: The webhook ID. """ try: - # Create a new TaskResponse object - task_response = TaskResponse( - task=task_id, - action=webhook_id, - body=data, - ) - - # Add the object to the session and commit - db.session.add(task_response) + # Ensure data is a list of dictionaries + if isinstance(data, dict): + data = [data] + elif not isinstance(data, list): + raise ValueError("Unexpected data format: Expected a dictionary or list of dictionaries.") + + for item in data: + # Create a new TaskResponse object for each result + task_response = TaskResponse( + task=task_id, + action=webhook_id, + body=item, # Assuming item is JSON-serializable + ) + + # Add the object to the session + db.session.add(task_response) + + # Commit all changes at once db.session.commit() - - print(task_response.id, task_response.task, task_response.action, task_response.body, task_response.execution_time) - print(f"TaskResponse saved successfully with id {task_response.id}") + + print(f"TaskResponses saved successfully for task ID {task_id}") + except Exception as e: db.session.rollback() # Roll back the session in case of an error print(f"Error saving TaskResponse: {str(e)}") + raise + From 220d72054953c05ea0184c98cd8e38f775880fde Mon Sep 17 00:00:00 2001 From: Maham Riaz Keyani Date: Fri, 6 Dec 2024 15:11:01 +0500 Subject: [PATCH 46/80] tasks action response visualized --- .../app/blueprints/case/case_tasks_routes.py | 46 ++--- .../case/templates/case_triggers.html | 4 +- .../case/templates/modal_add_case_task.html | 182 +++++++++++------- .../manage/manage_case_templates_routes.py | 12 +- .../manage/manage_webhooks_routes.py | 30 ++- .../manage/templates/modal_case_template.html | 103 +++++----- .../manage/templates/modal_webhook.html | 64 +++--- .../manage/manage_case_templates_db.py | 2 +- .../manage/manage_task_response_db.py | 9 +- .../js/iris/case.taskaction.response.js | 30 +++ .../app/static/assets/js/iris/case.tasks.js | 4 +- .../static/assets/js/iris/case.triggers.js | 27 +-- 12 files changed, 305 insertions(+), 208 deletions(-) create mode 100644 source/app/static/assets/js/iris/case.taskaction.response.js diff --git a/source/app/blueprints/case/case_tasks_routes.py b/source/app/blueprints/case/case_tasks_routes.py index 362dc55d7..b84316713 100644 --- a/source/app/blueprints/case/case_tasks_routes.py +++ b/source/app/blueprints/case/case_tasks_routes.py @@ -61,6 +61,7 @@ from app.util import response_error from app.util import response_success from app.datamgmt.manage.manage_case_templates_db import execute_and_save_action +from source.app.datamgmt.manage.manage_task_response_db import get_task_responses_list case_tasks_blueprint = Blueprint('case_tasks', __name__, @@ -73,7 +74,7 @@ def case_tasks(caseid, url_redir): if url_redir: return redirect(url_for('case_tasks.case_tasks', cid=caseid, redirect=True)) - + form = FlaskForm() case = get_case(caseid) @@ -84,15 +85,12 @@ def save_data(): try: # Debugging: Print raw request data raw_data = request.data - print(f"Raw request data: {raw_data}") # Get the JSON data data = request.get_json() if not isinstance(data, dict): raise ValueError("Request payload is not a valid JSON object") - - print(f"Content of data: {data}") - + # Extract values using dictionary keys payload = data.get('payload') task_id = data.get('task_id') @@ -101,37 +99,15 @@ def save_data(): if not payload or not task_id or not action_id: raise KeyError("Missing one or more required keys: 'payload', 'task_id', 'action_id'") - print(f"Payload: {payload}, Task ID: {task_id}, Action ID: {action_id}") - # Call the function with extracted values action_response = execute_and_save_action(payload, task_id, action_id) - print('Data received from execute_and_save_action:', action_response) - - # Process the action response - for response in action_response: - if isinstance(response, dict): - # Ensure created_at and updated_at are formatted correctly - if 'created_at' in response: - response['created_at'] = response['created_at'].strftime("%Y-%m-%d %H:%M:%S") - if 'updated_at' in response: - response['updated_at'] = response['updated_at'].strftime("%Y-%m-%d %H:%M:%S") - if 'body' in response: - try: - response['body'] = json.dumps(response['body']) - except (TypeError, ValueError): - response['body'] = str(response['body']) - # Return a success response return jsonify({"status": "success", "message": "Data saved successfully!", "data": action_response}) - except KeyError as e: - print(f"Missing key in data: {e}") return jsonify({"status": "error", "message": f"Missing key: {e}"}), 400 except ValueError as e: - print(f"Invalid data: {e}") return jsonify({"status": "error", "message": str(e)}), 400 except Exception as e: - print(f"Error in save_data: {e}") return jsonify({"status": "error", "message": str(e)}), 500 @@ -196,7 +172,7 @@ def case_add_task_modal(caseid): form.task_assignees_id.choices = [] return render_template("modal_add_case_task.html", form=form, task=task, uid=current_user.id, user_name=None, - attributes=task.custom_attributes) + attributes=task.custom_attributes ) @case_tasks_blueprint.route('/case/tasks/add', methods=['POST']) @@ -263,9 +239,19 @@ def case_task_view_modal(cur_id, caseid, url_redir): form.task_description.data = task.task_description user_name, = User.query.with_entities(User.name).filter(User.id == task.task_userid_update).first() comments_map = get_case_tasks_comments_count([task.id]) - + taskActionResponse = get_task_responses_list() + # Serialize datetime objects for rendering + for taskActionResponse in taskActionResponse: + taskActionResponse['created_at'] = taskActionResponse['created_at'].strftime("%Y-%m-%d %H:%M:%S") + if taskActionResponse['updated_at']: + taskActionResponse['updated_at'] = taskActionResponse['updated_at'].strftime("%Y-%m-%d %H:%M:%S") + if taskActionResponse['body']: + try: + taskActionResponse['body'] = json.dumps(taskActionResponse['body']) + except (TypeError, ValueError) as e: + taskActionResponse['body'] = str(taskActionResponse['body']) return render_template("modal_add_case_task.html", form=form, task=task, user_name=user_name, - comments_map=comments_map, attributes=task.custom_attributes) + comments_map=comments_map, attributes=task.custom_attributes ,taskActionResponse=taskActionResponse) @case_tasks_blueprint.route('/case/tasks/update/', methods=['POST']) diff --git a/source/app/blueprints/case/templates/case_triggers.html b/source/app/blueprints/case/templates/case_triggers.html index 4a4f43f09..860eab41f 100644 --- a/source/app/blueprints/case/templates/case_triggers.html +++ b/source/app/blueprints/case/templates/case_triggers.html @@ -70,8 +70,8 @@

    Case ID: {{ case.id }}

    -
    diff --git a/source/app/blueprints/case/templates/modal_add_case_task.html b/source/app/blueprints/case/templates/modal_add_case_task.html index 856355101..1fea17acc 100644 --- a/source/app/blueprints/case/templates/modal_add_case_task.html +++ b/source/app/blueprints/case/templates/modal_add_case_task.html @@ -2,7 +2,9 @@
    -

    {% if task.id %} Task ID #{{ task.id }}{% else %} Add task {% endif %}

    +

    + {% if task.id %} Task ID #{{ task.id }}{% else %} Add task {% endif %} +

    #{{ task.task_uuid }}
    {% include 'modals/modal_attributes_nav.html' %} @@ -16,7 +18,7 @@

    {% if task.id %} Task ID #{{ task.id }}{% else %}

    @@ -53,9 +57,7 @@

    {% if task.id %} Task ID #{{ task.id }}{% else %}
    - {{ form.task_assignees_id(class="selectpicker col-12", data_actions_box="true", - data_dropup_auto="false") }} - + {{ form.task_assignees_id(class="selectpicker col-12", data_actions_box="true", data_dropup_auto="false") }}
    @@ -71,81 +73,120 @@

    {% if task.id %} Task ID #{{ task.id }}{% else %}
    - + + onclick="preview_task_description();" id="task_preview_button"> + +
    - +
    -
    +
    {% if task.task_description %}{{ task.task_description }}{% endif %}
    - +
    -
    - +
    - {% if task.id %} -
    - - - -
    - - -
    +
    + + {% if task.id %} +
    + + +
    + + +
    + + + + {% endif %}
    {% include 'modals/modal_attributes_tabs.html' %} @@ -153,26 +194,33 @@

    Action Details
    {% if task.id %} - + + onclick="update_task({{ task.id }});"> + Update + {% else %} - + {% endif %}
    + {% block javascripts %} + {% endblock javascripts %} \ No newline at end of file diff --git a/source/app/blueprints/manage/manage_case_templates_routes.py b/source/app/blueprints/manage/manage_case_templates_routes.py index 3465e9506..296e7ee24 100644 --- a/source/app/blueprints/manage/manage_case_templates_routes.py +++ b/source/app/blueprints/manage/manage_case_templates_routes.py @@ -154,12 +154,14 @@ def add_template_modal(): } ], "triggers": [ - { - "webhook_id": "Webhook Id", - "display_name": "Trigger Name", - "input_params": "JSON Schema" + { + "webhook_id": "Webhook Trigger ID", + "display_name": "Trigger Name", + "input_params": { + "username": "User Name" } - ] + } + ] } return render_template("modal_case_template.html", form=form, case_template=case_template) diff --git a/source/app/blueprints/manage/manage_webhooks_routes.py b/source/app/blueprints/manage/manage_webhooks_routes.py index 579acc83c..f18d403d3 100644 --- a/source/app/blueprints/manage/manage_webhooks_routes.py +++ b/source/app/blueprints/manage/manage_webhooks_routes.py @@ -125,8 +125,34 @@ def add_template_modal(): "value": "value 1" } ], - "payload_schema": "JSON Schema", - "url": "webhook URL", + "payload_schema": { + "type": "Webhook Payload Type", + "description": "Webhook payload Description", + "minItems": 1, + "uniqueItems": "true", + "items": { + "type": "object", + "required": [ + "property" + ], + "properties": { + "property 1": { + "type": "property type", + "minLength": 1 + }, + "property 2": { + "type": "object", + "properties": { + "sub property 1": { + "type": "property type", + "minLength": 1 + } + } + } + } + } + }, + "url": "http://webhookexampleurl.com" } return render_template("modal_webhook.html", form=form, webhook=webhook) diff --git a/source/app/blueprints/manage/templates/modal_case_template.html b/source/app/blueprints/manage/templates/modal_case_template.html index b24aae95d..f708eee6b 100644 --- a/source/app/blueprints/manage/templates/modal_case_template.html +++ b/source/app/blueprints/manage/templates/modal_case_template.html @@ -100,67 +100,50 @@

    Field types

    A case template is defined as below. 
    -
 {
-    "name": "ransomware_infection",
-    "display_name": "Ransomware Infection Template",
-    "description": "This case template describes first-response tasks to handle information system compromised by a ransomware.",
-    "author": "DFIR-IRIS",
-    "title_prefix": "RANS",
-    "summary": "# Context \n\n\n # Contact \n\n\n # Actions \n\n\n",
-    "tags": ["ransomware","malware"],
-    "tasks": [
-        {
-            "title": "Identify the perimeter",
-            "description": "The perimeter of compromise must be identified",
-            "tags": ["identify"],
-            "actions": [
-                {
-                    "webhook_id": "Webhook Id",
-                    "display_name": "Action Name",
-                }
-            ],
-        },
-        {
-            "title": "Collect compromised hosts",
-            "description": "Deploy Velociraptor and start collecting evidence",
-            "tags": ["collect", "velociraptor"],
-            "actions": [
-                {
-                    "webhook_id": "Webhook Id",
-                    "display_name": "Action Name",
-                }
-            ],
-            "tags": ["collect", "velociraptor"],
-            "actions": [
-                {
-                    "webhook_id": "Webhook Id",
-                    "display_name": "Action Name",
-                }
-            ],
-        },
-        {
-            "title": "Contain"
-        }
-    ],
-    "note_directories": [
-        {
-            "title": "Identify",
-            "notes": [
-                        {
-                            "title": "Identify the compromised accounts",
-                            "content": "# Observations\n\n"
-                        }
-                    ]
-        },
-        
-    ],
-    "triggers": [
-        {
-            "webhook_id": "Webhook Id",
-            "display_name": "Trigger Name",
-        }
-    ],
+  "name": "ransomware_infection",
+  "display_name": "Ransomware Infection Template",
+  "description": "This case template describes first-response tasks to handle information system compromised by a ransomware.",
+  "author": "DFIR-IRIS",
+  "title_prefix": "[RANS]",
+  "summary": "# Context \n\n\n # Contact \n\n\n # Actions \n\n\n",
+  "tags":  ["ransomware","malware"]
+  "tasks": [
+      {
+          "title": "Task 1",
+          "description": "Task 1 description",
+          "tags": [
+              "tag1",
+              "tag2"
+          ],
+          "actions": [
+              {
+                  "webhook_id": "Webhook Action",
+                  "display_name": "Action Name"
+              }
+          ]
+      }
+  ],
+  "note_directories": [
+      {
+          "title": "Identify",
+          "notes": [
+              {
+                  "title": "Identify the compromised accounts",
+                  "content": "# Observations\n\n"
+              }
+          ]
+      }
+  ],
+  "triggers": [
+      {
+          "webhook_id": "Webhook Trigger ID",
+          "display_name": "Trigger Name",
+          "input_params": {
+              "username": "User Name"
+          }
+      }
+  ]
 }
    diff --git a/source/app/blueprints/manage/templates/modal_webhook.html b/source/app/blueprints/manage/templates/modal_webhook.html index ecc813099..41dc2a082 100644 --- a/source/app/blueprints/manage/templates/modal_webhook.html +++ b/source/app/blueprints/manage/templates/modal_webhook.html @@ -101,29 +101,47 @@

    Field types

    An webhook is defined as below. 
     
-{
-    "name": "webhook 1",
-    "header_auth": [
-        {
-            "key": "auth 1"
-        },
-        {
-            "key": "auth 2"
-        }
-    ],
-    "payload_schema": [
-        {
-            "type": "object",
-            "properties": [
-                {
-                    "property": "property name",
-                    "type": "string"
-                }
-            ]
-        }
-    ],
-    "url": "www.some-webhook1.com",
-}
+                    {
+                      "name": "Webhook Name",
+                      "header_auth": [
+                          {
+                              "key": "Webhook Header Key",
+                              "value": "Webhook Header Value"
+                          }
+                      ],
+                      "payload_schema": {
+                          "type": "Webhook Payload Type",
+                          "description": "Webhook payload Description",
+                          "minItems": 1,
+                          "uniqueItems": true,
+                          "items": {
+                              "type": "object",
+                              "required": [
+                                  "property"
+                              ],
+                              "properties": {
+                                  "property 1": {
+                                      "type": "property type",
+                                      "minLength": 1
+                                  },
+                                  "property 2": {
+                                      "type": "property type",
+                                      "minLength": 1
+                                  },
+                                  "property 3": {
+                                      "type": "object",
+                                      "properties": {
+                                          "sub property 1": {
+                                              "type": "property type",
+                                              "minLength": 1
+                                          }
+                                      }
+                                  }
+                              }
+                          }
+                      },
+                      "url": "http://webhookexampleurl.com"
+                  }

    diff --git a/source/app/datamgmt/manage/manage_case_templates_db.py b/source/app/datamgmt/manage/manage_case_templates_db.py index 7543490b8..9897b5a76 100644 --- a/source/app/datamgmt/manage/manage_case_templates_db.py +++ b/source/app/datamgmt/manage/manage_case_templates_db.py @@ -462,7 +462,7 @@ def execute_and_save_action(action, task_id, action_id): # Execute the webhook request print(f"Executing webhook request to URL: {url} with data: {action}") - response = requests.post(url, json=action) + response = requests.post(url, json=action, verify=False) print(f"Webhook Response Status Code: {response.status_code}") print(f"Webhook Response Content: {response.text}") diff --git a/source/app/datamgmt/manage/manage_task_response_db.py b/source/app/datamgmt/manage/manage_task_response_db.py index 0f0c5d3bb..62275a3e1 100644 --- a/source/app/datamgmt/manage/manage_task_response_db.py +++ b/source/app/datamgmt/manage/manage_task_response_db.py @@ -37,10 +37,10 @@ def get_task_responses_list() -> List[dict]: TaskResponse.task, TaskResponse.action, TaskResponse.body, - User.name.label('created_by') - ).join( - TaskResponse.created_by_user - ).all() + User.name.label('created_by')) + # ).join( + # TaskResponse.created_by_user + # ).all() return [row._asdict() for row in task_responses] @@ -55,6 +55,7 @@ def get_task_response_by_id(response_id: int) -> TaskResponse: TaskResponse: Task response object. """ task_response = TaskResponse.query.filter_by(id=response_id).first() + print("in here") return task_response diff --git a/source/app/static/assets/js/iris/case.taskaction.response.js b/source/app/static/assets/js/iris/case.taskaction.response.js new file mode 100644 index 000000000..8e3456d35 --- /dev/null +++ b/source/app/static/assets/js/iris/case.taskaction.response.js @@ -0,0 +1,30 @@ +function toggleJsonViewer(button) { + const responseData = button.getAttribute('data-response'); + const parsedData = JSON.parse(responseData); + const jsonCrackEmbed = document.getElementById("jsoncrackIframe"); + + // Find the expandable div container + const jsonViewerContainer = $('#jsonViewerContainer'); + + // Slide down to show the div + jsonViewerContainer.slideDown(); + + // Check if iframe is loaded and contentWindow is available + if (jsonCrackEmbed && jsonCrackEmbed.contentWindow) { + // Define options for JSONCrack + const options = { + theme: "light", + direction: "DOWN", + }; + + // Post message to jsonCrackEmbed iframe + jsonCrackEmbed.contentWindow.postMessage({ json: JSON.stringify(parsedData), options }, "*"); + } else { + console.error("jsonCrackEmbed iframe is not available or not loaded."); + } + + // Attach event to the close button to hide the div + $('#jsonViewerContainer').find('.btn[data-dismiss="collapse-frame"]').on('click', function () { + jsonViewerContainer.slideUp(); // Hides the div with a slide-up effect + }); +} diff --git a/source/app/static/assets/js/iris/case.tasks.js b/source/app/static/assets/js/iris/case.tasks.js index ef20dcbf5..12b70a164 100644 --- a/source/app/static/assets/js/iris/case.tasks.js +++ b/source/app/static/assets/js/iris/case.tasks.js @@ -314,7 +314,9 @@ function expandActionDiv(actionDetails,task_id, action_id) { alert('Error saving data. Please try again.'); }); }); - +$('#collapsibleContent').find('.btn[data-dismiss="collapse-action-form"]').on('click', function () { + collapsibleContent.slideUp(); // Hides the div with a slide-up effect +}); } function save_task() { diff --git a/source/app/static/assets/js/iris/case.triggers.js b/source/app/static/assets/js/iris/case.triggers.js index 8f80d1313..c91d3b0cb 100644 --- a/source/app/static/assets/js/iris/case.triggers.js +++ b/source/app/static/assets/js/iris/case.triggers.js @@ -1,17 +1,22 @@ document.addEventListener("DOMContentLoaded", () => { const table = document.getElementById("trigger_table"); + const responseModal = document.getElementById("responseModal"); + const closeButton = responseModal.querySelector('[data-dismiss="hide-frame"]'); + + // Initialize the modal instance + const modal = new bootstrap.Modal(responseModal); + // Show modal on "View Response" button click table.addEventListener("click", (event) => { if (event.target && event.target.classList.contains("view-response")) { const button = event.target; - const responseData = button.getAttribute("data-response"); const parsedData = JSON.parse(responseData); const jsonCrackEmbed = document.getElementById("jsoncrackEmbed"); - const modal = new bootstrap.Modal(document.getElementById("responseModal")); modal.show(); - //Check iframe is loaded and contentWindow is available + + // Check iframe is loaded and contentWindow is available if (jsonCrackEmbed && jsonCrackEmbed.contentWindow) { // Define options for jsonCrack const options = { @@ -25,14 +30,12 @@ document.addEventListener("DOMContentLoaded", () => { console.error("jsonCrackEmbed iframe is not available or not loaded."); } } - }); -}); - - - -function closeModal() { - const modal = bootstrap.Modal.getInstance(document.getElementById("responseModal")); - modal.hide(); -} \ No newline at end of file + // Close modal when the close button is clicked + if (closeButton) { + closeButton.addEventListener("click", () => { + modal.hide(); // Use the modal instance to close + }); + } +}); From 03752172923561b3791e64301124aac9337563cb Mon Sep 17 00:00:00 2001 From: Maham Riaz Keyani Date: Tue, 10 Dec 2024 16:42:17 +0500 Subject: [PATCH 47/80] fixed button double button click and form styling --- .../app/blueprints/case/case_tasks_routes.py | 2 +- .../case/templates/modal_add_case_task.html | 4 +- .../app/static/assets/js/iris/case.tasks.js | 40 ++++++++++--------- 3 files changed, 24 insertions(+), 22 deletions(-) diff --git a/source/app/blueprints/case/case_tasks_routes.py b/source/app/blueprints/case/case_tasks_routes.py index b84316713..3eaa0efea 100644 --- a/source/app/blueprints/case/case_tasks_routes.py +++ b/source/app/blueprints/case/case_tasks_routes.py @@ -80,7 +80,7 @@ def case_tasks(caseid, url_redir): return render_template("case_tasks.html", case=case, form=form) -@case_tasks_blueprint.route('/case/testjsoneeditorRoute', methods=['POST']) +@case_tasks_blueprint.route('/case/jsoneditor', methods=['POST']) def save_data(): try: # Debugging: Print raw request data diff --git a/source/app/blueprints/case/templates/modal_add_case_task.html b/source/app/blueprints/case/templates/modal_add_case_task.html index 1fea17acc..6957a720d 100644 --- a/source/app/blueprints/case/templates/modal_add_case_task.html +++ b/source/app/blueprints/case/templates/modal_add_case_task.html @@ -136,7 +136,7 @@

    Action Payload Form
    -
    @@ -239,7 +239,7 @@
    Action Response
    - + diff --git a/source/app/static/assets/js/iris/case.tasks.js b/source/app/static/assets/js/iris/case.tasks.js index 12b70a164..652507ab7 100644 --- a/source/app/static/assets/js/iris/case.tasks.js +++ b/source/app/static/assets/js/iris/case.tasks.js @@ -252,52 +252,54 @@ function expandActionDiv(actionDetails,task_id, action_id) { // Reinitialize JSONEditor if (window.jsonEditor) { - // Destroy the existing editor instance window.jsonEditor.destroy(); - window.jsonEditor = null; // Clear reference to avoid accidental reuse + window.jsonEditor = null; } - // Create a new JSONEditor instance with the given schema + window.jsonEditor = new JSONEditor(jsonEditorContainer[0], { - schema: actionDetails, // Use the provided schema - theme: 'bootstrap4', + schema: actionDetails, + theme: 'tailwind', + disable_edit_json: true, // Disables raw JSON editing + disable_properties: true, // Disables editing of object properties + disable_collapse: true, // Disables the ability to collapse elements + disable_array_add: true, // Disables adding items to arrays + disable_array_delete: true, + show_errors: "change", + form_name_root: " " + }); - // Use the `onReady` callback to ensure the editor is ready + window.jsonEditor.on('ready', function () { - console.log('JSONEditor is ready.'); - // Set default data or use schema defaults if available if (actionDetails.default) { window.jsonEditor.setValue(actionDetails.default); } else { - window.jsonEditor.setValue({}); // Initialize with an empty object if no default provided + window.jsonEditor.setValue({}); } }); - // Update the Save button logic to handle the current action - $('#saveBtn').off('click').on('click', function (e) { + // clicking on execute button in the html this click event is triggered + $('#executeBtn').off('click').on('click', function (e) { e.preventDefault(); - // Retrieve the updated data from JSONEditor const updatedData = window.jsonEditor.getValue(); - // Construct the request body to match the desired response structure const requestData = { - action_id: action_id, // Pass the action ID - task_id: task_id, // Pass the case ID - payload: updatedData, // Include the editor data as 'payload' + action_id: action_id, + task_id: task_id, + payload: updatedData, }; console.log('Request data:', requestData); - // Example: Simulated save logic (replace with your actual save endpoint) - fetch('/case/testjsoneeditorRoute', { + fetch('/case/jsoneditor', { method: 'POST', headers: { 'Content-Type': 'application/json', }, - body: JSON.stringify(requestData), // Send the constructed data + body: JSON.stringify(requestData), }) .then((response) => { if (!response.ok) { From 188e0940b8d9266be2226937b365b812a932db00 Mon Sep 17 00:00:00 2001 From: Maham Riaz Keyani Date: Wed, 11 Dec 2024 03:16:19 +0500 Subject: [PATCH 48/80] action response table execute action and refresh table complete --- .../app/blueprints/case/case_tasks_routes.py | 49 +++++-- .../case/templates/modal_add_case_task.html | 18 +-- .../js/iris/case.taskaction.response.js | 73 +++++++---- .../app/static/assets/js/iris/case.tasks.js | 124 ++++++++++++++---- 4 files changed, 186 insertions(+), 78 deletions(-) diff --git a/source/app/blueprints/case/case_tasks_routes.py b/source/app/blueprints/case/case_tasks_routes.py index 3eaa0efea..d1ed0966f 100644 --- a/source/app/blueprints/case/case_tasks_routes.py +++ b/source/app/blueprints/case/case_tasks_routes.py @@ -61,7 +61,7 @@ from app.util import response_error from app.util import response_success from app.datamgmt.manage.manage_case_templates_db import execute_and_save_action -from source.app.datamgmt.manage.manage_task_response_db import get_task_responses_list +from source.app.datamgmt.manage.manage_task_response_db import get_task_response_by_id, get_task_responses_list case_tasks_blueprint = Blueprint('case_tasks', __name__, @@ -239,19 +239,44 @@ def case_task_view_modal(cur_id, caseid, url_redir): form.task_description.data = task.task_description user_name, = User.query.with_entities(User.name).filter(User.id == task.task_userid_update).first() comments_map = get_case_tasks_comments_count([task.id]) - taskActionResponse = get_task_responses_list() + taskActionResponses = get_task_responses_list() # Serialize datetime objects for rendering - for taskActionResponse in taskActionResponse: - taskActionResponse['created_at'] = taskActionResponse['created_at'].strftime("%Y-%m-%d %H:%M:%S") - if taskActionResponse['updated_at']: - taskActionResponse['updated_at'] = taskActionResponse['updated_at'].strftime("%Y-%m-%d %H:%M:%S") - if taskActionResponse['body']: - try: - taskActionResponse['body'] = json.dumps(taskActionResponse['body']) - except (TypeError, ValueError) as e: - taskActionResponse['body'] = str(taskActionResponse['body']) return render_template("modal_add_case_task.html", form=form, task=task, user_name=user_name, - comments_map=comments_map, attributes=task.custom_attributes ,taskActionResponse=taskActionResponse) + comments_map=comments_map, attributes=task.custom_attributes ,taskActionResponses=taskActionResponses) + +@case_tasks_blueprint.route('/case/task/action_response', methods=['GET']) +def case_task_action_response(): + try: + taskActionResponses = get_task_responses_list() + + # Serialize datetime objects for rendering and the 'body' field + for taskActionResponse in taskActionResponses: + if isinstance(taskActionResponse['created_at'], datetime): + taskActionResponse['created_at'] = taskActionResponse['created_at'].strftime("%Y-%m-%d %H:%M:%S") + if taskActionResponse.get('updated_at') and isinstance(taskActionResponse['updated_at'], datetime): + taskActionResponse['updated_at'] = taskActionResponse['updated_at'].strftime("%Y-%m-%d %H:%M:%S") + if taskActionResponse.get('body'): + try: + taskActionResponse['body'] = json.dumps(taskActionResponse['body']) + except (TypeError, ValueError) as e: + taskActionResponse['body'] = str(taskActionResponse['body']) + + return jsonify({"success": True, "data": taskActionResponses}) # Properly return as JSON + + except Exception as e: + # Log the exception for debugging + return jsonify({"success": False, "error": str(e)}), 500 + +@case_tasks_blueprint.route('/case/task/action_response/', methods=['GET']) +def case_task_action_response_by_id(cur_id): + action_response = get_task_response_by_id(cur_id) + + if action_response: + return response_success("Task action response fetched successfully", data=action_response) + else: + return response_error("No action response found for this task", 404) + + @case_tasks_blueprint.route('/case/tasks/update/', methods=['POST']) diff --git a/source/app/blueprints/case/templates/modal_add_case_task.html b/source/app/blueprints/case/templates/modal_add_case_task.html index 6957a720d..198c56099 100644 --- a/source/app/blueprints/case/templates/modal_add_case_task.html +++ b/source/app/blueprints/case/templates/modal_add_case_task.html @@ -141,7 +141,7 @@
    Action Payload Form
    - {% if taskActionResponse and task.id == taskActionResponse.task %} + {% if taskActionResponses %}
    Action Payload Form - - - - - - - - - + +
    Created By
    {{ taskActionResponse.id }}{{ taskActionResponse.task }}{{ taskActionResponse.action }} - - {{ taskActionResponse.created_at }}{{ taskActionResponse.created_by|capitalize }}
    diff --git a/source/app/static/assets/js/iris/case.taskaction.response.js b/source/app/static/assets/js/iris/case.taskaction.response.js index 8e3456d35..adc98378e 100644 --- a/source/app/static/assets/js/iris/case.taskaction.response.js +++ b/source/app/static/assets/js/iris/case.taskaction.response.js @@ -1,30 +1,57 @@ function toggleJsonViewer(button) { - const responseData = button.getAttribute('data-response'); - const parsedData = JSON.parse(responseData); - const jsonCrackEmbed = document.getElementById("jsoncrackIframe"); - - // Find the expandable div container - const jsonViewerContainer = $('#jsonViewerContainer'); - - // Slide down to show the div - jsonViewerContainer.slideDown(); - - // Check if iframe is loaded and contentWindow is available - if (jsonCrackEmbed && jsonCrackEmbed.contentWindow) { - // Define options for JSONCrack - const options = { - theme: "light", - direction: "DOWN", - }; - - // Post message to jsonCrackEmbed iframe - jsonCrackEmbed.contentWindow.postMessage({ json: JSON.stringify(parsedData), options }, "*"); - } else { - console.error("jsonCrackEmbed iframe is not available or not loaded."); + const responseId = button.getAttribute('data-task'); // Get task ID from the button's data-task attribute + console.log("Task ID in toggle:", typeof responseId); + + // Parse the response ID to integer + let id = parseInt(responseId); + if (isNaN(id)) { + console.error("Invalid task ID:", responseId); + return; // Exit if the ID is invalid } + // Make an API call to fetch the task's action response + fetch(`/case/task/action_response/${id}`) + .then(response => response.json()) + .then(data => { + + if (data.status && data.data) { + // Assuming the response data contains the 'data' field with the task action response + console.log(data.data.body); + const responseData = data.data.body; // Get the action response data + + const jsonCrackEmbed = document.getElementById("jsoncrackIframe"); + console.log("Parsed data to be displayed in JSONCrack:", responseData); + + // Find the expandable div container + const jsonViewerContainer = $('#jsonViewerContainer'); + + // Slide down to show the div + jsonViewerContainer.slideDown(); + console.log("here"); + + // Check if iframe is loaded and contentWindow is available + if (jsonCrackEmbed && jsonCrackEmbed.contentWindow) { + // Define options for JSONCrack + const options = { + theme: "light", + direction: "DOWN", + }; + + // Post message to jsonCrackEmbed iframe with the response data + jsonCrackEmbed.contentWindow.postMessage({ json: JSON.stringify(responseData), options }, "*"); + } else { + console.error("jsonCrackEmbed iframe is not available or not loaded."); + } + } else { + console.error("Failed to fetch action response data:", data); + } + }) + .catch(error => { + console.error("Error fetching task action response:", error); + }); + // Attach event to the close button to hide the div - $('#jsonViewerContainer').find('.btn[data-dismiss="collapse-frame"]').on('click', function () { + $('#jsonViewerContainer').find('.btn[data-dismiss="collapse-frame"]').off('click').on('click', function () { jsonViewerContainer.slideUp(); // Hides the div with a slide-up effect }); } diff --git a/source/app/static/assets/js/iris/case.tasks.js b/source/app/static/assets/js/iris/case.tasks.js index 652507ab7..02227ad1b 100644 --- a/source/app/static/assets/js/iris/case.tasks.js +++ b/source/app/static/assets/js/iris/case.tasks.js @@ -174,7 +174,7 @@ function edit_task(id) { load_menu_mod_options_modal(id, 'task', $("#task_modal_quick_actions")); $('#modal_add_task').modal({ show: true }); edit_in_task_desc(); - + loadTableData() // Define actionsList as a global variable if it's reused elsewhere const actionsList = $('#actionsList'); @@ -242,6 +242,65 @@ function edit_task(id) { }); } +function loadTableData() { + $("#action_table").dataTable({ + ajax: { + url: "/case/task/action_response", + contentType: "application/json", + type: "GET", + data: function (d) { + if (d.status == "success") { + console.log("Response data:", d.data); // Log the data here + return JSON.stringify(d.data); + } else { + return JSON.stringify([]); + } + }, + }, + + order: [[0, "desc"]], + autoWidth: false, + columns: [ + { + data: "id", + }, + { + data: "task", + }, + { + data: "action", + }, + { + data: "body", + render: function (data, type, row) { + console.log("Body data:", data); // Logs the raw data + + const task = row.id; // Get the task value from the row + + return ` + `; + } + + }, + + { + data: "created_at", + }, + { + data: "updated_at", + }, + ], + }); +} + + + + + function expandActionDiv(actionDetails,task_id, action_id) { // Reference to the collapsible content div const collapsibleContent = $('#collapsibleContent'); @@ -283,39 +342,48 @@ function expandActionDiv(actionDetails,task_id, action_id) { // clicking on execute button in the html this click event is triggered $('#executeBtn').off('click').on('click', function (e) { e.preventDefault(); - + const updatedData = window.jsonEditor.getValue(); - + const requestData = { - action_id: action_id, - task_id: task_id, + action_id: action_id, + task_id: task_id, payload: updatedData, }; + + post_request_api( + "/case/jsoneditor", + JSON.stringify(requestData), + false, + function () { + window.swal({ + title: "Processing", + text: "Executing action, please wait...", + icon: "/static/assets/img/loader.gif", + button: false, + allowOutsideClick: false, + }); + } + ) + .done((data) => { + if (notify_auto_api(data)) { + refresh_action_rsponse_table(); + } + }) + .always(() => { + window.swal.close(); // Close the loading dialog + }); + + return false; + }); + + function refresh_action_rsponse_table(){ + $('#action_table').DataTable().ajax.reload(); + notify_success("Refreshed"); + } + - console.log('Request data:', requestData); - fetch('/case/jsoneditor', { - method: 'POST', - headers: { - 'Content-Type': 'application/json', - }, - body: JSON.stringify(requestData), - }) - .then((response) => { - if (!response.ok) { - throw new Error(`HTTP error! Status: ${response.status}`); - } - return response.json(); - }) - .then((data) => { - console.log('Save successful:', data); - alert('Data saved successfully!'); - }) - .catch((error) => { - console.error('Error saving data:', error); - alert('Error saving data. Please try again.'); - }); -}); $('#collapsibleContent').find('.btn[data-dismiss="collapse-action-form"]').on('click', function () { collapsibleContent.slideUp(); // Hides the div with a slide-up effect }); From 66a9dd0280634d8465a89b30d14ec0db456d3425 Mon Sep 17 00:00:00 2001 From: Maham Riaz Keyani Date: Thu, 2 Jan 2025 16:08:10 +0500 Subject: [PATCH 49/80] Error Messages fixed for Webhooks and Case Templates --- .../case/templates/modal_add_case_task.html | 2 + .../manage/manage_case_templates_db.py | 104 ++++++++++-------- .../app/datamgmt/manage/manage_webhooks_db.py | 66 +++++------ 3 files changed, 93 insertions(+), 79 deletions(-) diff --git a/source/app/blueprints/case/templates/modal_add_case_task.html b/source/app/blueprints/case/templates/modal_add_case_task.html index 198c56099..a1679acc0 100644 --- a/source/app/blueprints/case/templates/modal_add_case_task.html +++ b/source/app/blueprints/case/templates/modal_add_case_task.html @@ -231,4 +231,6 @@
    Action Response
    + + {% endblock javascripts %} \ No newline at end of file diff --git a/source/app/datamgmt/manage/manage_case_templates_db.py b/source/app/datamgmt/manage/manage_case_templates_db.py index 9897b5a76..ab89ca25a 100644 --- a/source/app/datamgmt/manage/manage_case_templates_db.py +++ b/source/app/datamgmt/manage/manage_case_templates_db.py @@ -79,91 +79,98 @@ def delete_case_template_by_id(case_template_id: int): def validate_case_template(data: dict, update: bool = False) -> Optional[str]: try: + # Check that the 'name' field is provided and not empty if not update: if "name" not in data: - return "Name is required." - + return "

    Error: The 'name' field is required.

    " if "name" in data and not data["name"].strip(): - return "Name cannot be empty." + return "

    Error: The 'name' field cannot be empty.

    " + # Validate 'tags' field if "tags" in data: if not isinstance(data["tags"], list): - return "Tags must be a list." + return "

    Error: 'tags' must be a list.

    " for tag in data["tags"]: if not isinstance(tag, str): - return "Each tag must be a string." - - + return "

    Error: Each tag must be a string.

    " + + # Validate 'tasks' field if "tasks" in data: if not isinstance(data["tasks"], list): - return "Tasks must be a list." + return "

    Error: 'tasks' must be a list.

    " for task in data["tasks"]: if not isinstance(task, dict): - return "Each task must be a dictionary." + return "

    Error: Each task must be a dictionary.

    " if "title" not in task: - return "Each task must have a 'title' field." + return "

    Error: Each task must have a 'title' field.

    " if "tags" in task: if not isinstance(task["tags"], list): - return "Task tags must be a list." + return "

    Error: Task tags must be a list.

    " for tag in task["tags"]: if not isinstance(tag, str): - return "Each tag must be a string." + return "

    Error: Each task tag must be a string.

    " if "actions" in task: if not isinstance(task["actions"], list): - return "Actions must be a list." + return "

    Error: Actions must be a list.

    " for action in task["actions"]: if not isinstance(action, dict): - return "Each action must be a dictionary." - # Check for required properties + return "

    Error: Each action must be a dictionary.

    " if "webhook_id" not in action: - return "Each action must have a 'webhook_id' field." + return "

    Error: Each action must have a 'webhook_id' field.

    " if "display_name" not in action: - return "Each action must have a 'display_name' field." - # Check for extra properties - allowed_keys = {"webhook_id", "display_name"} - extra_keys = set(action.keys()) - allowed_keys - if extra_keys: - return f"Invalid properties in action: {', '.join(extra_keys)}. Only 'webhook_id' and 'display_name' are allowed." + return "

    Error: Each action must have a 'display_name' field.

    " + + # Validate webhook_id type (must be an integer) + if not isinstance(action["webhook_id"], int): + return f"

    Error: 'webhook_id' must be an integer, but got {type(action['webhook_id']).__name__}.

    " + + # Check if webhook exists for the given webhook_id webhook = get_webhook_by_id(action["webhook_id"]) if not webhook: - return f"Webhook with id {action['webhook_id']} does not exist." - + return f"

    Error: Webhook with id {action['webhook_id']} does not exist.

    " + # Validate 'triggers' field if "triggers" in data: if not isinstance(data["triggers"], list): - return "Trigger must be a list." + return "

    Error: 'triggers' must be a list.

    " for trigger in data["triggers"]: if not isinstance(trigger, dict): - return "Each trigger must be a dictionary." + return "

    Error: Each trigger must be a dictionary.

    " if "webhook_id" not in trigger: - return "Each trigger must have a 'webhook_id' field." + return "

    Error: Each trigger must have a 'webhook_id' field.

    " if "display_name" not in trigger: - return "Each trigger must have a 'display_name' field." + return "

    Error: Each trigger must have a 'display_name' field.

    " + + # Validate webhook_id type (must be an integer) + if not isinstance(trigger["webhook_id"], int): + return f"

    Error: 'webhook_id' must be an integer, but got {type(trigger['webhook_id']).__name__}.

    " + # Check if webhook exists for the given webhook_id webhook = get_webhook_by_id(trigger["webhook_id"]) if not webhook: - return f"Webhook with id {trigger['webhook_id']} does not exist." + return f"

    Error: Webhook with id {trigger['webhook_id']} does not exist.

    " + # Validate 'input_params' field if "input_params" in trigger: input_params = trigger["input_params"] if not isinstance(input_params, dict): - return "input_params must be a dictionary." + return "

    Error: 'input_params' must be a dictionary.

    " payload_schema = webhook.payload_schema if not payload_schema: - return f"Webhook {webhook.name} has no payload schema." + return f"

    Error: Webhook {webhook.name} has no payload schema.

    " - # Validate required fields + # Validate required fields in payload_schema required_fields = payload_schema.get("items", {}).get("required", []) for field in required_fields: if field not in input_params: - return f"Field '{field}' is required in input_params for webhook '{webhook.name}'." + return f"

    Error: Field '{field}' is required in 'input_params' for webhook '{webhook.name}'.

    " - # Validate properties + # Validate properties in 'input_params' properties = payload_schema.get("items", {}).get("properties", {}) for key, value in input_params.items(): if key not in properties: - return f"Field '{key}' is not valid for webhook '{webhook.name}'." + return f"

    Error: Field '{key}' is not valid for webhook '{webhook.name}'.

    " prop_schema = properties[key] TYPE_MAPPING = { "string": str, @@ -174,39 +181,42 @@ def validate_case_template(data: dict, update: bool = False) -> Optional[str]: } expected_type = prop_schema.get("type") if expected_type: - # Map schema type to Python type python_type = TYPE_MAPPING.get(expected_type) if not python_type: - return f"Unsupported type '{expected_type}' in schema for field '{key}'." + return f"

    Error: Unsupported type '{expected_type}' in schema for field '{key}'.

    " if not isinstance(value, python_type): - return f"Field '{key}' must be of type '{expected_type}'." + return f"

    Error: Field '{key}' must be of type '{expected_type}'.

    " + # Validate minLength property if prop_schema.get("minLength") and len(value) < prop_schema["minLength"]: - return f"Field '{key}' must have at least {prop_schema['minLength']} characters." + return f"

    Error: Field '{key}' must have at least {prop_schema['minLength']} characters.

    " + # Validate 'note_groups' field (deprecated) if "note_groups" in data: - return "Note groups have been replaced by note_directories." + return "

    Error: 'note_groups' has been replaced by 'note_directories'.

    " + # Validate 'note_directories' field if "note_directories" in data: if not isinstance(data["note_directories"], list): - return "Note directories must be a list." + return "

    Error: 'note_directories' must be a list.

    " for note_dir in data["note_directories"]: if not isinstance(note_dir, dict): - return "Each note directory must be a dictionary." + return "

    Error: Each note directory must be a dictionary.

    " if "title" not in note_dir: - return "Each note directory must have a 'title' field." + return "

    Error: Each note directory must have a 'title' field.

    " if "notes" in note_dir: if not isinstance(note_dir["notes"], list): - return "Notes must be a list." + return "

    Error: 'notes' must be a list.

    " for note in note_dir["notes"]: if not isinstance(note, dict): - return "Each note must be a dictionary." + return "

    Error: Each note must be a dictionary.

    " if "title" not in note: - return "Each note must have a 'title' field." + return "

    Error: Each note must have a 'title' field.

    " return None except Exception as e: - return str(e) + return f"

    Error: An unexpected error occurred:

    {str(e)}
    " + def case_template_pre_modifier(case_schema: CaseSchema, case_template_id: str): diff --git a/source/app/datamgmt/manage/manage_webhooks_db.py b/source/app/datamgmt/manage/manage_webhooks_db.py index 33e68826a..77e6a2c5d 100644 --- a/source/app/datamgmt/manage/manage_webhooks_db.py +++ b/source/app/datamgmt/manage/manage_webhooks_db.py @@ -14,6 +14,7 @@ # You should have received a copy of the GNU Lesser General Public License # along with this program; if not, write to the Free Software Foundation, # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +import json import marshmallow import jsonschema from datetime import datetime @@ -76,50 +77,51 @@ def delete_webhook_by_id(webhook_id: int): Webhook.query.filter_by(id=webhook_id).delete() +import jsonschema +from typing import Optional + +import json +import jsonschema +from typing import Optional + def validate_webhook(data: dict, update: bool = False) -> Optional[str]: - valid_types = {"string", "number", "integer", "object", "array", "boolean", "null"} try: + # Check for the 'name' field if not update: - # If it's not an update, we check the required fields if "name" not in data: - return "Name is required." + return "

    Error: The 'name' field is required.

    " - # We check that name is not empty if "name" in data and not data["name"].strip(): - return "Name cannot be empty." - - - # We check that tasks, if any, are a list of dictionaries with mandatory keys - if "header_auth" in data: - if not isinstance(data["header_auth"], list): - return "Header Auth must be a list." - for auth in data["header_auth"]: - if not isinstance(auth, dict): - return "Each header auth must be a dictionary." - if "key" not in auth: - return "Each auth must have a 'key' field." - if "value" not in auth: - return "Each auth must have a 'value' field." - - - # We check that note groups, if any, are a list of dictionaries with mandatory keys - if "note_groups" in data: - return "Note groups has been replaced by note_directories." - - # Validate the input_params field + return "

    Error: The 'name' field cannot be empty.

    " + + # Check for the 'url' field + if "url" not in data: + # Log the missing 'url' field error + print("Error: The 'url' field is required but was not provided.") + return "

    Error: The 'url' field is required.

    " + + # Validate 'payload_schema' field if "payload_schema" in data: try: - # Attempt to validate the payload_schema as a JSON Schema jsonschema.Draft7Validator.check_schema(data["payload_schema"]) except jsonschema.exceptions.SchemaError as e: - return f"Invalid JSON Schema in 'payload_schema': {e.message}" - except Exception as e: - return f"Unexpected error in 'payload_schema' validation: {str(e)}" - - # If all checks succeeded, we return None to indicate everything is has been validated + error_path = " -> ".join(map(str, e.path)) if e.path else "schema root" + formatted_message = ( + json.dumps(e.message, indent=2) if isinstance(e.message, dict) else e.message + ) + return ( + f"
    " + f"

    Error: The 'payload_schema' field contains an invalid JSON Schema.

    " + f"

    Error Location: {error_path}

    " + f"

    Invalid Code:

    " + f"
    {formatted_message}
    " + f"
    " + ) return None except Exception as e: - return str(e) + return f"

    Error: An unexpected error occurred:

    {str(e)}
    " + def webhook_pre_modifier(case_schema: CaseSchema, case_template_id: str): From 185c7d33d82dc9c20db13c9b80f1dc951df625f9 Mon Sep 17 00:00:00 2001 From: Maham Riaz Keyani Date: Thu, 2 Jan 2025 16:08:41 +0500 Subject: [PATCH 50/80] 3 seconds refetch response for actions. --- .../case/templates/case_triggers.html | 1 - .../js/iris/case.taskaction.response.js | 23 ++------ .../app/static/assets/js/iris/case.tasks.js | 57 ++++++++++--------- 3 files changed, 35 insertions(+), 46 deletions(-) diff --git a/source/app/blueprints/case/templates/case_triggers.html b/source/app/blueprints/case/templates/case_triggers.html index 860eab41f..de7697321 100644 --- a/source/app/blueprints/case/templates/case_triggers.html +++ b/source/app/blueprints/case/templates/case_triggers.html @@ -99,5 +99,4 @@ - {% endblock javascripts %} \ No newline at end of file diff --git a/source/app/static/assets/js/iris/case.taskaction.response.js b/source/app/static/assets/js/iris/case.taskaction.response.js index adc98378e..71c1b4208 100644 --- a/source/app/static/assets/js/iris/case.taskaction.response.js +++ b/source/app/static/assets/js/iris/case.taskaction.response.js @@ -1,43 +1,31 @@ function toggleJsonViewer(button) { - const responseId = button.getAttribute('data-task'); // Get task ID from the button's data-task attribute + const responseId = button.getAttribute('data-task'); console.log("Task ID in toggle:", typeof responseId); - - // Parse the response ID to integer let id = parseInt(responseId); if (isNaN(id)) { console.error("Invalid task ID:", responseId); - return; // Exit if the ID is invalid + return; } - - // Make an API call to fetch the task's action response fetch(`/case/task/action_response/${id}`) .then(response => response.json()) .then(data => { if (data.status && data.data) { - // Assuming the response data contains the 'data' field with the task action response console.log(data.data.body); - const responseData = data.data.body; // Get the action response data + const responseData = data.data.body; const jsonCrackEmbed = document.getElementById("jsoncrackIframe"); console.log("Parsed data to be displayed in JSONCrack:", responseData); - - // Find the expandable div container const jsonViewerContainer = $('#jsonViewerContainer'); - // Slide down to show the div jsonViewerContainer.slideDown(); console.log("here"); - - // Check if iframe is loaded and contentWindow is available - if (jsonCrackEmbed && jsonCrackEmbed.contentWindow) { - // Define options for JSONCrack + if (jsonCrackEmbed && jsonCrackEmbed.contentWindow) { const options = { theme: "light", direction: "DOWN", }; - // Post message to jsonCrackEmbed iframe with the response data jsonCrackEmbed.contentWindow.postMessage({ json: JSON.stringify(responseData), options }, "*"); } else { console.error("jsonCrackEmbed iframe is not available or not loaded."); @@ -50,8 +38,7 @@ function toggleJsonViewer(button) { console.error("Error fetching task action response:", error); }); - // Attach event to the close button to hide the div $('#jsonViewerContainer').find('.btn[data-dismiss="collapse-frame"]').off('click').on('click', function () { - jsonViewerContainer.slideUp(); // Hides the div with a slide-up effect + jsonViewerContainer.slideUp(); }); } diff --git a/source/app/static/assets/js/iris/case.tasks.js b/source/app/static/assets/js/iris/case.tasks.js index 02227ad1b..b32cc9173 100644 --- a/source/app/static/assets/js/iris/case.tasks.js +++ b/source/app/static/assets/js/iris/case.tasks.js @@ -127,7 +127,6 @@ function update_task_ext(task_id, do_close) { }); } -/* Delete an event from the timeline thank to its id */ function delete_task(id) { do_deletion_prompt("You are about to delete task #" + id) .then((doDelete) => { @@ -144,8 +143,6 @@ function delete_task(id) { } - -/* Fetch a modal that allows to add an event */ function edit_task(id) { const url = '/case/tasks/' + id + '/modal' + case_param(); const webHooksurl = "/manage/webhooks/list" + case_param(); @@ -175,7 +172,6 @@ function edit_task(id) { $('#modal_add_task').modal({ show: true }); edit_in_task_desc(); loadTableData() - // Define actionsList as a global variable if it's reused elsewhere const actionsList = $('#actionsList'); fetch(webHooksurl, { @@ -191,19 +187,13 @@ function edit_task(id) { return response.json(); }) .then((data) => { - console.log("Response Data:", data); // Debugging log - // Update fetchedData based on response status const fetchedData = data.status === "success" ? data.data : []; - // Log fetched data for debugging - console.log("Fetched Data:", fetchedData); - - // Populate the dropdown - actionsList.empty(); // Clear existing items + actionsList.empty(); if (fetchedData.length === 0) { - // Handle case where no actions are available + actionsList.append( $('    ', { class: 'dropdown-item disabled', @@ -212,7 +202,7 @@ function edit_task(id) { }) ); } else { - // Add actions to the dropdown + fetchedData.forEach(function (action) { actionsList.append( $('', { @@ -220,7 +210,7 @@ function edit_task(id) { href: '#', text: action.name, click: function (e) { - e.preventDefault(); // Prevent default link behavior + e.preventDefault(); expandActionDiv(action.payload_schema, id , action.id); }, }) @@ -230,7 +220,7 @@ function edit_task(id) { }) .catch((error) => { console.error("Error fetching data:", error); - // Handle error by displaying a message in the dropdown + actionsList.empty().append( $('', { class: 'dropdown-item disabled', @@ -250,7 +240,6 @@ function loadTableData() { type: "GET", data: function (d) { if (d.status == "success") { - console.log("Response data:", d.data); // Log the data here return JSON.stringify(d.data); } else { return JSON.stringify([]); @@ -273,9 +262,9 @@ function loadTableData() { { data: "body", render: function (data, type, row) { - console.log("Body data:", data); // Logs the raw data + console.log("Body data:", data); - const task = row.id; // Get the task value from the row + const task = row.id; return ` + `; + }, + }, + { data: "created_at" }, + { data: "updated_at" }, + ], + error: function (xhr, error, code) { + console.error("DataTables AJAX error:", xhr.responseText); + }, + }); + + setInterval(() => { + console.log("Reloading table every 3 seconds"); + $("#trigger_table").DataTable().ajax.reload(null, false); + }, 3000); } -}); + \ No newline at end of file From 960ef317d17701d400c305d451a7caf1e5f39072 Mon Sep 17 00:00:00 2001 From: Maham Riaz Keyani Date: Thu, 9 Jan 2025 16:41:15 +0500 Subject: [PATCH 55/80] get_task_responses_list --- .../app/blueprints/case/case_tasks_routes.py | 24 +++++++------------ .../blueprints/case/templates/case_tasks.html | 2 +- .../app/static/assets/js/iris/case.tasks.js | 4 ++-- 3 files changed, 11 insertions(+), 19 deletions(-) diff --git a/source/app/blueprints/case/case_tasks_routes.py b/source/app/blueprints/case/case_tasks_routes.py index 5e70f74ad..c840e36be 100644 --- a/source/app/blueprints/case/case_tasks_routes.py +++ b/source/app/blueprints/case/case_tasks_routes.py @@ -51,12 +51,12 @@ from app.forms import CaseTaskForm from app.iris_engine.module_handler.module_handler import call_modules_hook from app.iris_engine.utils.tracker import track_activity -from app.models.authorization import CaseAccessLevel +from app.models.authorization import CaseAccessLevel, Permissions from app.models.authorization import User from app.models.models import CaseTasks from app.schema.marshables import CaseTaskSchema from app.schema.marshables import CommentSchema -from app.util import ac_api_case_requires +from app.util import ac_api_case_requires, ac_api_requires from app.util import ac_case_requires from app.util import response_error from app.util import response_success @@ -77,21 +77,17 @@ def case_tasks(caseid, url_redir): form = FlaskForm() case = get_case(caseid) - return render_template("case_tasks.html", case=case, form=form) @case_tasks_blueprint.route('/case/jsoneditor', methods=['POST']) -def save_data(): +@ac_case_requires(CaseAccessLevel.full_access) +def save_data(caseid, url_redir): try: - # Debugging: Print raw request data - raw_data = request.data - - # Get the JSON data data = request.get_json() + if not isinstance(data, dict): raise ValueError("Request payload is not a valid JSON object") - # Extract values using dictionary keys payload = data.get('payload') task_id = data.get('task_id') action_id = data.get('action_id') @@ -99,17 +95,15 @@ def save_data(): if not payload or not task_id or not action_id: raise KeyError("Missing one or more required keys: 'payload', 'task_id', 'action_id'") - # Call the function with extracted values action_response = execute_and_save_action(payload, task_id, action_id) - # Return a success response + return jsonify({"status": "success", "message": "Data saved successfully!", "data": action_response}) except KeyError as e: return jsonify({"status": "error", "message": f"Missing key: {e}"}), 400 except ValueError as e: return jsonify({"status": "error", "message": str(e)}), 400 except Exception as e: - return jsonify({"status": "error", "message": str(e)}), 500 - + return jsonify({"status": "error", "message": str(e)}) @case_tasks_blueprint.route('/case/tasks/list', methods=['GET']) @@ -130,7 +124,6 @@ def case_get_tasks(caseid): return response_success("", data=ret) - @case_tasks_blueprint.route('/case/tasks/state', methods=['GET']) @ac_api_case_requires(CaseAccessLevel.read_only, CaseAccessLevel.full_access) def case_get_tasks_state(caseid): @@ -140,7 +133,6 @@ def case_get_tasks_state(caseid): else: return response_error('No tasks state for this case.') - @case_tasks_blueprint.route('/case/tasks/status/update/', methods=['POST']) @ac_api_case_requires(CaseAccessLevel.full_access) def case_task_statusupdate(cur_id, caseid): @@ -239,7 +231,7 @@ def case_task_view_modal(cur_id, caseid, url_redir): form.task_description.data = task.task_description user_name, = User.query.with_entities(User.name).filter(User.id == task.task_userid_update).first() comments_map = get_case_tasks_comments_count([task.id]) - taskActionResponses = get_task_responses_list() + taskActionResponses = get_task_responses_list(task.id) # Serialize datetime objects for rendering return render_template("modal_add_case_task.html", form=form, task=task, user_name=user_name, comments_map=comments_map, attributes=task.custom_attributes ,taskActionResponses=taskActionResponses) diff --git a/source/app/blueprints/case/templates/case_tasks.html b/source/app/blueprints/case/templates/case_tasks.html index 5741dcddf..3807f4fc1 100644 --- a/source/app/blueprints/case/templates/case_tasks.html +++ b/source/app/blueprints/case/templates/case_tasks.html @@ -38,6 +38,7 @@ +
    @@ -83,7 +84,6 @@ - {% if taskActionResponses %} +
    Action Payload Form + {% if taskActionResponses %} + {% endif %}
    Created By
    @@ -174,7 +176,6 @@
    Action Response
    {% endif %}
    - {% endif %} {% include 'modals/modal_attributes_tabs.html' %} diff --git a/source/app/datamgmt/case/case_tasks_db.py b/source/app/datamgmt/case/case_tasks_db.py index dfb3a5c68..fc380a992 100644 --- a/source/app/datamgmt/case/case_tasks_db.py +++ b/source/app/datamgmt/case/case_tasks_db.py @@ -30,6 +30,7 @@ from app.models import TaskComments from app.models import TaskStatus from app.models.authorization import User +from app.models.models import TaskResponse def get_tasks_status(): @@ -282,10 +283,12 @@ def get_case_task_comment(task_id, comment_id): def delete_task(task_id): with db.session.begin_nested(): + # Delete task assignees TaskAssignee.query.filter( TaskAssignee.task_id == task_id ).delete() + # Get all comment IDs associated with the task com_ids = TaskComments.query.with_entities( TaskComments.comment_id ).filter( @@ -293,15 +296,23 @@ def delete_task(task_id): ).all() com_ids = [c.comment_id for c in com_ids] + + # Delete task comments TaskComments.query.filter(TaskComments.comment_id.in_(com_ids)).delete() + # Delete comments Comments.query.filter(Comments.comment_id.in_(com_ids)).delete() + # Delete task responses that reference the task + TaskResponse.query.filter(TaskResponse.task == task_id).delete() + + # Finally, delete the task itself CaseTasks.query.filter( CaseTasks.id == task_id ).delete() + def delete_task_comment(task_id, comment_id): comment = Comments.query.filter( Comments.comment_id == comment_id, diff --git a/source/app/datamgmt/manage/manage_task_response_db.py b/source/app/datamgmt/manage/manage_task_response_db.py index 62275a3e1..90e08ad6a 100644 --- a/source/app/datamgmt/manage/manage_task_response_db.py +++ b/source/app/datamgmt/manage/manage_task_response_db.py @@ -24,7 +24,7 @@ from app.schema.marshables import TaskResponseSchema -def get_task_responses_list() -> List[dict]: +def get_task_responses_list(task_id: int) -> List[dict]: """Get a list of task responses. Returns: @@ -37,10 +37,7 @@ def get_task_responses_list() -> List[dict]: TaskResponse.task, TaskResponse.action, TaskResponse.body, - User.name.label('created_by')) - # ).join( - # TaskResponse.created_by_user - # ).all() + User.name.label('created_by')).filter(TaskResponse.task == task_id).all() return [row._asdict() for row in task_responses] diff --git a/source/app/static/assets/js/iris/case.tasks.js b/source/app/static/assets/js/iris/case.tasks.js index 4d154ebed..e8c202701 100644 --- a/source/app/static/assets/js/iris/case.tasks.js +++ b/source/app/static/assets/js/iris/case.tasks.js @@ -171,7 +171,7 @@ function edit_task(id) { load_menu_mod_options_modal(id, 'task', $("#task_modal_quick_actions")); $('#modal_add_task').modal({ show: true }); edit_in_task_desc(); - loadTableData() + loadTableData(g_task_id) const actionsList = $('#actionsList'); fetch(webHooksurl, { @@ -232,10 +232,10 @@ function edit_task(id) { }); } -function loadTableData() { +function loadTableData(task_id) { $("#action_table").dataTable({ ajax: { - url: "/case/task/action_response", + url: `/case/task/action_responses/${task_id}`, contentType: "application/json", type: "GET", data: function (d) { From 6d858248070455912953ff4459f73ae94cc58c6c Mon Sep 17 00:00:00 2001 From: Maham Riaz Keyani Date: Mon, 13 Jan 2025 16:51:01 +0500 Subject: [PATCH 57/80] icon updated --- source/app/templates/includes/sidenav.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source/app/templates/includes/sidenav.html b/source/app/templates/includes/sidenav.html index ca07a2387..5cbf5d29d 100644 --- a/source/app/templates/includes/sidenav.html +++ b/source/app/templates/includes/sidenav.html @@ -136,7 +136,7 @@

    Manage

    {% if user_has_perm(std_permissions.server_administrator) %}
  • - + Webhooks
    • From 709643d86f7826434d81cd274ea99bfc1c3c3902 Mon Sep 17 00:00:00 2001 From: Muhammad Hanzila Date: Tue, 14 Jan 2025 19:14:09 +0500 Subject: [PATCH 58/80] async operations --- .../blueprints/manage/manage_cases_routes.py | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/source/app/blueprints/manage/manage_cases_routes.py b/source/app/blueprints/manage/manage_cases_routes.py index c3392ec88..21073f34f 100644 --- a/source/app/blueprints/manage/manage_cases_routes.py +++ b/source/app/blueprints/manage/manage_cases_routes.py @@ -19,6 +19,9 @@ import os import traceback import urllib.parse +from concurrent.futures import ThreadPoolExecutor +from flask import jsonify, current_app, g +from threading import Thread from flask import Blueprint from flask import redirect @@ -347,7 +350,7 @@ def add_case_modal(): @ac_api_requires(Permissions.standard_user) def api_add_case(): case_schema = CaseSchema() - + try: # Extract case template data from the request request_data = request.get_json() @@ -367,11 +370,18 @@ def api_add_case(): if not triggers: raise BusinessProcessingError("No triggers found for the provided case_template_id.") - # Execute and save each trigger using the case_id + # Function to execute a trigger in a new thread with app context + def execute_trigger_with_context(trigger, app): + with app.app_context(): + print('in Execute') + execute_and_save_trigger(trigger, case_id) + print(f"Trigger {trigger} executed successfully.") + for trigger in triggers: - execute_and_save_trigger(trigger, case_id) + thread = Thread(target=execute_trigger_with_context, args=(trigger, current_app._get_current_object())) + thread.start() - # Return success response + # Return success response immediately return response_success(msg, data=case_schema.dump(case)) except BusinessProcessingError as e: From 9515fe46e486b40bbe66e701cd0f130c7e2ce3e0 Mon Sep 17 00:00:00 2001 From: Maham Riaz Keyani Date: Thu, 16 Jan 2025 13:47:37 +0500 Subject: [PATCH 59/80] added timer to swal for action --- .../manage/manage_case_templates_db.py | 19 +++++- .../app/static/assets/js/iris/case.tasks.js | 61 ++++++++++--------- 2 files changed, 50 insertions(+), 30 deletions(-) diff --git a/source/app/datamgmt/manage/manage_case_templates_db.py b/source/app/datamgmt/manage/manage_case_templates_db.py index f5331f7db..06c48e434 100644 --- a/source/app/datamgmt/manage/manage_case_templates_db.py +++ b/source/app/datamgmt/manage/manage_case_templates_db.py @@ -394,4 +394,21 @@ def get_triggers_by_case_template_id(case_template_id) -> CaseTemplate: return [] # Return an empty list if the template is not found # Return the triggers array from the template - return case_template.triggers or [] \ No newline at end of file + return case_template.triggers or [] + +def get_action_by_case_template_id(case_template_id) -> CaseTemplate: + """ + Retrieves the actions array for a given case_template_id. + + :param case_template_id: The ID of the case template to look up. + :param db_session: SQLAlchemy database session. + :return: A list of actions or an empty list if none are found. + """ + # Query the case template by ID + case_template = CaseTemplate.query.filter_by(id=case_template_id).first() + + if not case_template: + return [] # Return an empty list if the template is not found + + # Return the actions array from the template + return case_template.actions or [] \ No newline at end of file diff --git a/source/app/static/assets/js/iris/case.tasks.js b/source/app/static/assets/js/iris/case.tasks.js index e8c202701..891a73745 100644 --- a/source/app/static/assets/js/iris/case.tasks.js +++ b/source/app/static/assets/js/iris/case.tasks.js @@ -346,38 +346,41 @@ function expandActionDiv(actionDetails,task_id, action_id) { }; post_request_api( - "/case/jsoneditor", - JSON.stringify(requestData), - false, - function () { - window.swal({ + "/case/jsoneditor", + JSON.stringify(requestData), + false, + function () { + window.swal({ content: { - element: "div", - attributes: { - innerHTML: ` -
    - Loader -

    Processing

    -

    Executing action, please wait...

    -
    - ` - } - }, - button: false, - allowOutsideClick: false, - }); - } - ) - .done((data) => { - if (notify_auto_api(data)) { + element: "div", + attributes: { + innerHTML: ` +
    + Loader +

    Processing

    +

    Executing action in the background, please wait...

    +
    + ` + } + }, + button: false, + allowOutsideClick: false, + timer: 3000, + timerProgressBar: true, + }); + } + ) + .done((data) => { + if (notify_auto_api(data)) { refresh_action_rsponse_table(); - } - }) - .always(() => { - window.swal.close(); // Close the loading dialog - }); + } + }) + .always(() => { + window.swal.close(); + }); + + return false; - return false; }); function refresh_action_rsponse_table(){ From 4279faf57a5b157154d040b9c71321bd398ec593 Mon Sep 17 00:00:00 2001 From: Maham Riaz Keyani Date: Fri, 17 Jan 2025 15:16:31 +0500 Subject: [PATCH 60/80] changed webhook icon --- source/app/templates/includes/sidenav.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source/app/templates/includes/sidenav.html b/source/app/templates/includes/sidenav.html index 5cbf5d29d..793150226 100644 --- a/source/app/templates/includes/sidenav.html +++ b/source/app/templates/includes/sidenav.html @@ -136,7 +136,7 @@

    Manage

    {% if user_has_perm(std_permissions.server_administrator) %}
  • - + Webhooks
    • From 8cff1a82c18fe630110afa3bb43db090d8310c0e Mon Sep 17 00:00:00 2001 From: Muhammad Hanzila Date: Tue, 21 Jan 2025 13:31:09 +0500 Subject: [PATCH 61/80] db table added case template --- source/app/business/cases.py | 3 +++ source/app/models/cases.py | 6 +++++- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/source/app/business/cases.py b/source/app/business/cases.py index fe41d1386..fcb319eb6 100644 --- a/source/app/business/cases.py +++ b/source/app/business/cases.py @@ -80,6 +80,7 @@ def create(request_json): case = _load(request_data) case.owner_id = current_user.id case.severity_id = 4 + case.case_template_id = case_template_id if case_template_id and len(case_template_id) > 0: case = case_template_pre_modifier(case, case_template_id) @@ -89,6 +90,8 @@ def create(request_json): case.state_id = get_case_state_by_name('Open').state_id case.save() + print("CASE TEMP ID:", case_template_id) + print("CASE CASE TEMP ID:", case.case_template_id) if case_template_id and len(case_template_id) > 0: try: diff --git a/source/app/models/cases.py b/source/app/models/cases.py index cb253b99b..9cd53e2f4 100644 --- a/source/app/models/cases.py +++ b/source/app/models/cases.py @@ -86,6 +86,8 @@ class Cases(db.Model): review_status = relationship('ReviewStatus') + case_template_id = Column(String(256), nullable=True) + def __init__(self, name=None, soc_id=None, @@ -94,7 +96,8 @@ def __init__(self, user=None, custom_attributes=None, classification_id=None, - state_id=None + state_id=None, + case_template_id=None ): self.name = name[:200] if name else None, self.soc_id = soc_id, @@ -112,6 +115,7 @@ def __init__(self, self.status_id = 0 self.classification_id = classification_id self.state_id = state_id + self.case_template_id = case_template_id def save(self): """ From f631b2da3770f1c76189405e4ad416817d735de9 Mon Sep 17 00:00:00 2001 From: Maham Riaz Keyani Date: Tue, 21 Jan 2025 14:27:48 +0500 Subject: [PATCH 62/80] Merge branch 'feature/ID-10' of https://github.com/Idoubles-Cybersecurity/iris-web into feature/ID-10 --- source/app/business/cases.py | 3 +++ source/app/models/cases.py | 6 +++++- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/source/app/business/cases.py b/source/app/business/cases.py index fe41d1386..fcb319eb6 100644 --- a/source/app/business/cases.py +++ b/source/app/business/cases.py @@ -80,6 +80,7 @@ def create(request_json): case = _load(request_data) case.owner_id = current_user.id case.severity_id = 4 + case.case_template_id = case_template_id if case_template_id and len(case_template_id) > 0: case = case_template_pre_modifier(case, case_template_id) @@ -89,6 +90,8 @@ def create(request_json): case.state_id = get_case_state_by_name('Open').state_id case.save() + print("CASE TEMP ID:", case_template_id) + print("CASE CASE TEMP ID:", case.case_template_id) if case_template_id and len(case_template_id) > 0: try: diff --git a/source/app/models/cases.py b/source/app/models/cases.py index cb253b99b..9cd53e2f4 100644 --- a/source/app/models/cases.py +++ b/source/app/models/cases.py @@ -86,6 +86,8 @@ class Cases(db.Model): review_status = relationship('ReviewStatus') + case_template_id = Column(String(256), nullable=True) + def __init__(self, name=None, soc_id=None, @@ -94,7 +96,8 @@ def __init__(self, user=None, custom_attributes=None, classification_id=None, - state_id=None + state_id=None, + case_template_id=None ): self.name = name[:200] if name else None, self.soc_id = soc_id, @@ -112,6 +115,7 @@ def __init__(self, self.status_id = 0 self.classification_id = classification_id self.state_id = state_id + self.case_template_id = case_template_id def save(self): """ From 75a5b6a4f8cfbd2626e4d712c706c6fe1e51475b Mon Sep 17 00:00:00 2001 From: Maham Riaz Keyani Date: Tue, 21 Jan 2025 18:48:23 +0500 Subject: [PATCH 63/80] added actions by case and task --- .../blueprints/case/templates/case_tasks.html | 4 + .../case/templates/modal_add_case_task.html | 5 +- .../manage/manage_case_templates_routes.py | 1 - .../manage/manage_webhooks_routes.py | 17 ++ .../manage/manage_case_templates_db.py | 37 ++- .../app/static/assets/js/iris/case.tasks.js | 269 ++++++++++-------- 6 files changed, 191 insertions(+), 142 deletions(-) diff --git a/source/app/blueprints/case/templates/case_tasks.html b/source/app/blueprints/case/templates/case_tasks.html index 3807f4fc1..37c80bdba 100644 --- a/source/app/blueprints/case/templates/case_tasks.html +++ b/source/app/blueprints/case/templates/case_tasks.html @@ -97,8 +97,12 @@ {% endblock content %} + {% block javascripts %} {% include 'includes/footer_case.html' %} + diff --git a/source/app/blueprints/case/templates/modal_add_case_task.html b/source/app/blueprints/case/templates/modal_add_case_task.html index 1b48a0cb5..cbb2f4064 100644 --- a/source/app/blueprints/case/templates/modal_add_case_task.html +++ b/source/app/blueprints/case/templates/modal_add_case_task.html @@ -226,12 +226,9 @@
    Action Response
    {% endif %} $('[data-toggle="popover"]').popover(); + - - - - {% endblock javascripts %} \ No newline at end of file diff --git a/source/app/blueprints/manage/manage_case_templates_routes.py b/source/app/blueprints/manage/manage_case_templates_routes.py index 056a6ea9b..b83af4d08 100644 --- a/source/app/blueprints/manage/manage_case_templates_routes.py +++ b/source/app/blueprints/manage/manage_case_templates_routes.py @@ -67,7 +67,6 @@ def list_case_templates(): Response: List of case templates """ case_templates = get_case_templates_list() - # Return the attributes return response_success("", data=case_templates) diff --git a/source/app/blueprints/manage/manage_webhooks_routes.py b/source/app/blueprints/manage/manage_webhooks_routes.py index f18d403d3..525ea3fdf 100644 --- a/source/app/blueprints/manage/manage_webhooks_routes.py +++ b/source/app/blueprints/manage/manage_webhooks_routes.py @@ -23,6 +23,7 @@ from app.util import ac_requires from app.util import response_error from app.util import response_success +from app.datamgmt.manage.manage_case_templates_db import get_action_by_case_template_id_and_task_id manage_webhooks_blueprint = Blueprint('manage_webhooks', __name__, @@ -49,11 +50,27 @@ def list_webhooks(): Returns: Response: List of webhooks """ + case_id = request.args.get("cid") # Use 'cid' since it's coming from query parameters webhooks = get_webhooks_list() # Return the attributes return response_success("", data=webhooks) +@manage_webhooks_blueprint.route('/manage/webhooks/listbyCasetemplateId//', methods=['GET']) +@ac_api_requires() +def list_webhooks_by_case_template_id(cur_id, task_id): + """Show a list of webhooks by case template id + + Returns: + Response: List of webhooks by case template id + """ + + caseid = request.args.get('cid') + webhooks = get_action_by_case_template_id_and_task_id(cur_id, task_id, caseid) + + # Return the attributes + return response_success("",data = webhooks) + @manage_webhooks_blueprint.route('/manage/webhooks/', methods=['GET']) @ac_api_requires(Permissions.webhooks_read) def get_webhook(cur_id): diff --git a/source/app/datamgmt/manage/manage_case_templates_db.py b/source/app/datamgmt/manage/manage_case_templates_db.py index 06c48e434..109d6adfc 100644 --- a/source/app/datamgmt/manage/manage_case_templates_db.py +++ b/source/app/datamgmt/manage/manage_case_templates_db.py @@ -22,7 +22,7 @@ from app import db from app.datamgmt.case.case_notes_db import add_note -from app.datamgmt.case.case_tasks_db import add_task +from app.datamgmt.case.case_tasks_db import add_task, get_task from app.datamgmt.manage.manage_case_classifications_db import get_case_classification_by_name from app.iris_engine.module_handler.module_handler import call_modules_hook from app.models import CaseTemplate, Cases, Tags, NoteDirectory, CaseResponse, TaskResponse @@ -258,7 +258,7 @@ def case_template_populate_tasks(case: Cases, case_template: CaseTemplate): mapped_task_template = call_modules_hook('on_preload_task_create', data=mapped_task_template, caseid=case.case_id) task = task_schema.load(mapped_task_template) - + assignee_id_list = [] ctask = add_task(task=task, @@ -387,28 +387,39 @@ def get_triggers_by_case_template_id(case_template_id) -> CaseTemplate: :param db_session: SQLAlchemy database session. :return: A list of triggers or an empty list if none are found. """ - # Query the case template by ID + case_template = CaseTemplate.query.filter_by(id=case_template_id).first() if not case_template: - return [] # Return an empty list if the template is not found + return [] - # Return the triggers array from the template + return case_template.triggers or [] -def get_action_by_case_template_id(case_template_id) -> CaseTemplate: +def get_action_by_case_template_id_and_task_id(case_template_id, task_id, caseid) -> list: """ - Retrieves the actions array for a given case_template_id. + Retrieves the actions array for a given case_template_id and task_id. :param case_template_id: The ID of the case template to look up. - :param db_session: SQLAlchemy database session. + :param task_id: The ID of the task to look up within the case template. :return: A list of actions or an empty list if none are found. """ - # Query the case template by ID + case_template = CaseTemplate.query.filter_by(id=case_template_id).first() - + case_task = get_task(task_id=task_id, caseid=caseid) if not case_template: - return [] # Return an empty list if the template is not found + return [] + + actions = [] + + for task in case_template.tasks: + + if case_task.task_title == task["title"]: + if 'actions' in task: + + for action in task['actions']: + actions.append(dict(action)) + + return actions + - # Return the actions array from the template - return case_template.actions or [] \ No newline at end of file diff --git a/source/app/static/assets/js/iris/case.tasks.js b/source/app/static/assets/js/iris/case.tasks.js index 891a73745..20424e3b4 100644 --- a/source/app/static/assets/js/iris/case.tasks.js +++ b/source/app/static/assets/js/iris/case.tasks.js @@ -144,9 +144,9 @@ function delete_task(id) { function edit_task(id) { + case_temp_id = caseTemplateId.toString(); const url = '/case/tasks/' + id + '/modal' + case_param(); - const webHooksurl = "/manage/webhooks/list" + case_param(); - + const webHooksurl = `/manage/webhooks/listbyCasetemplateId/${case_temp_id}/${id}`+case_param(); $('#modal_add_task_content').load(url, function (response, status, xhr) { hide_minimized_modal_box(); if (status !== "success") { @@ -171,67 +171,97 @@ function edit_task(id) { load_menu_mod_options_modal(id, 'task', $("#task_modal_quick_actions")); $('#modal_add_task').modal({ show: true }); edit_in_task_desc(); - loadTableData(g_task_id) + loadTableData(g_task_id); + const actionsList = $('#actionsList'); fetch(webHooksurl, { method: "GET", headers: { - "Content-Type": "application/json", + "Content-Type": "application/json", }, }) - .then((response) => { - if (!response.ok) { - throw new Error(`HTTP error! Status: ${response.status}`); - } - return response.json(); - }) - .then((data) => { - - const fetchedData = data.status === "success" ? data.data : []; + .then((response) => { + if (!response.ok) { + throw new Error(`HTTP error! Status: ${response.status}`); + } + return response.json(); + }) + .then((data) => { + // Get the fetched data, assuming the success status is available + const fetchedData = data.status === "success" ? data.data : []; - actionsList.empty(); + // Clear previous items in the actions list + actionsList.empty(); - if (fetchedData.length === 0) { + if (fetchedData.length === 0) { + // If no actions are available, show a disabled item + actionsList.append( + $('', { + class: 'dropdown-item disabled', + href: '#', + text: 'No actions available', + }) + ); + } else { + fetchedData.forEach(function (action) { actionsList.append( $('', { - class: 'dropdown-item disabled', + class: 'dropdown-item', href: '#', - text: 'No actions available', + text: action.display_name, + click: function (e) { + e.preventDefault(); + fetchWebhook(action.webhook_id, id) + }, }) ); - } else { - - fetchedData.forEach(function (action) { - actionsList.append( - $('', { - class: 'dropdown-item', - href: '#', - text: action.name, - click: function (e) { - e.preventDefault(); - expandActionDiv(action.payload_schema, id , action.id); - }, - }) - ); - }); - } - }) - .catch((error) => { - console.error("Error fetching data:", error); + }); + } + }) + .catch((error) => { + console.error("Error fetching data:", error); + + actionsList.empty().append( + $('', { + class: 'dropdown-item disabled', + href: '#', + text: 'Failed to load actions', + }) + ); + }); - actionsList.empty().append( - $('', { - class: 'dropdown-item disabled', - href: '#', - text: 'Failed to load actions', - }) - ); - }); - }); -} + }); +} + +function fetchWebhook(action_id , id) { + const webhookUrl = '/manage/webhooks/' + action_id; + fetch(webhookUrl, { + method: "GET", + headers: { + "Content-Type": "application/json", + }, + }) + .then((response) => { + if (!response.ok) { + throw new Error(`HTTP error! Status: ${response.status}`); + } + return response.json(); + }) + .then((data) => { + + if (data.status === "success") { + const actionDetails = data.data; + + expandActionDiv(actionDetails, id,action_id); + } + }) + .catch((error) => { + console.error('Error fetching action data:', error); + }); +} function loadTableData(task_id) { $("#action_table").dataTable({ ajax: { @@ -262,8 +292,6 @@ function loadTableData(task_id) { { data: "body", render: function (data, type, row) { - console.log("Body data:", data); - const task = row.id; return ` @@ -285,9 +313,9 @@ function loadTableData(task_id) { ], }); setInterval(() => { - console.log("calling every 3 second") + $('#action_table').DataTable().ajax.reload(null, false); - console.log("calling every 3 second") // `null, false` prevents table state (pagination, etc.) from resetting + }, 3000); } @@ -295,93 +323,86 @@ function loadTableData(task_id) { -function expandActionDiv(actionDetails,task_id, action_id) { - // Reference to the collapsible content div - const collapsibleContent = $('#collapsibleContent'); - const jsonEditorContainer = $('#jsoneditor'); - - // Show the collapsible content - collapsibleContent.slideDown(); - - // Reinitialize JSONEditor - if (window.jsonEditor) { - window.jsonEditor.destroy(); - window.jsonEditor = null; - } +function expandActionDiv(actionDetails, task_id, action_id) { +const collapsibleContent = $('#collapsibleContent'); +const jsonEditorContainer = $('#jsoneditor'); - window.jsonEditor = new JSONEditor(jsonEditorContainer[0], { - schema: actionDetails, - theme: 'tailwind', - disable_edit_json: true, - disable_properties: true, - disable_collapse: true, - disable_array_add: true, - disable_array_delete: true, - show_errors: "change", - form_name_root: " " +collapsibleContent.slideDown(); - }); +if (window.jsonEditor) { + window.jsonEditor.destroy(); + window.jsonEditor = null; +} +window.jsonEditor = new JSONEditor(jsonEditorContainer[0], { + schema: actionDetails?.payload_schema || {}, // Ensure actionDetails is set before using it + theme: 'tailwind', + disable_edit_json: true, + disable_properties: true, + disable_collapse: true, + disable_array_add: true, + disable_array_delete: true, + show_errors: "change", + form_name_root: " " +}); - window.jsonEditor.on('ready', function () { +window.jsonEditor.on('ready', function () { + if (actionDetails?.default) { + window.jsonEditor.setValue(actionDetails.default); + } else { + window.jsonEditor.setValue({}); + } +}); - if (actionDetails.default) { - window.jsonEditor.setValue(actionDetails.default); - } else { - window.jsonEditor.setValue({}); +// Clicking on execute button in the HTML this click event is triggered +$('#executeBtn').off('click').on('click', function (e) { + e.preventDefault(); + + const updatedData = window.jsonEditor.getValue(); + + const requestData = { + action_id: action_id, + task_id: task_id, + payload: updatedData, + }; + + post_request_api( + "/case/jsoneditor", + JSON.stringify(requestData), + false, + function () { + window.swal({ + content: { + element: "div", + attributes: { + innerHTML: ` +
    + Loader +

    Processing

    +

    Executing action in the background, please wait...

    +
    + ` + } + }, + button: false, + allowOutsideClick: false, + timer: 3000, + timerProgressBar: true, + }); } - }); - - // clicking on execute button in the html this click event is triggered - $('#executeBtn').off('click').on('click', function (e) { - e.preventDefault(); - - const updatedData = window.jsonEditor.getValue(); - - const requestData = { - action_id: action_id, - task_id: task_id, - payload: updatedData, - }; - - post_request_api( - "/case/jsoneditor", - JSON.stringify(requestData), - false, - function () { - window.swal({ - content: { - element: "div", - attributes: { - innerHTML: ` -
    - Loader -

    Processing

    -

    Executing action in the background, please wait...

    -
    - ` - } - }, - button: false, - allowOutsideClick: false, - timer: 3000, - timerProgressBar: true, - }); - } ) .done((data) => { - if (notify_auto_api(data)) { - refresh_action_rsponse_table(); - } + if (notify_auto_api(data)) { + refresh_action_rsponse_table(); + } }) .always(() => { - window.swal.close(); + window.swal.close(); }); - + return false; - - }); +}); function refresh_action_rsponse_table(){ $('#action_table').DataTable().ajax.reload(); From b43c6bb5c401045f8faccf889cac5ac481e8eff9 Mon Sep 17 00:00:00 2001 From: Maham Riaz Keyani Date: Wed, 22 Jan 2025 14:01:46 +0500 Subject: [PATCH 64/80] code clean up and formatted --- source/app/datamgmt/manage/manage_cases_db.py | 6 ------ source/app/static/assets/js/iris/case.triggers.js | 2 -- 2 files changed, 8 deletions(-) diff --git a/source/app/datamgmt/manage/manage_cases_db.py b/source/app/datamgmt/manage/manage_cases_db.py index 25772c50b..12d99c22e 100644 --- a/source/app/datamgmt/manage/manage_cases_db.py +++ b/source/app/datamgmt/manage/manage_cases_db.py @@ -538,32 +538,26 @@ def execute_and_save_trigger(trigger, case_id): try: # Extract webhook_id from the trigger webhook_id = trigger.get("webhook_id") - print(f"Webhook ID: {webhook_id}") # Debugging: Ensure webhook_id is being accessed if not webhook_id: raise ValueError("Trigger execution failed: webhook_id is missing in trigger.") # Fetch the webhook object from the database webhook = get_webhook_by_id(webhook_id) - print(f"Webhook Object: {webhook}") # Debugging: Log the webhook object if not webhook: raise ValueError(f"Trigger execution failed: No webhook found for webhook_id {webhook_id}.") # Fetch the URL from the webhook object url = webhook.url # Adjust this based on your webhook model's attributes - print(f"Webhook URL: {url}") # Debugging: Ensure URL is being accessed if not url: raise ValueError(f"Trigger execution failed: URL is missing in webhook with id {webhook_id}.") # Execute the webhook request - print(f"Executing webhook request to URL: {url} with data: {trigger}") response = requests.post(url, json=trigger , verify=False) print(f"Webhook Response Status Code: {response.status_code}") # Log response status - print(f"Webhook Response Content: {response.text}") # Log response content # Check response status if response.status_code == 200: results = response.json() - print(f"Webhook Execution Results: {results}") # Log the result of the execution save_results(results, case_id, webhook_id) # Assuming save_results is implemented to handle the output return f"Trigger executed successfully and saved for webhook_id {webhook_id}." else: diff --git a/source/app/static/assets/js/iris/case.triggers.js b/source/app/static/assets/js/iris/case.triggers.js index 270d423d9..e579ae9da 100644 --- a/source/app/static/assets/js/iris/case.triggers.js +++ b/source/app/static/assets/js/iris/case.triggers.js @@ -68,7 +68,6 @@ document.addEventListener("DOMContentLoaded", () => { { data: "body", render: function (data, type, row) { - console.log("Body data:", data); const task = row.id; return ` - `; - } - }, - ], + columns: getTableColumnsConfig(), }); } -// Call to initialize DataTable when the script first runs -initializeDataTable(); +// Ajax configuration for DataTable +function getTableAjaxConfig() { + return { + url: "/manage/webhooks/list" + case_param(), + contentType: "application/json", + type: "GET", + data: function (d) { + console.log(d.data); + if (d.status === "success") { + return d.data; + } else { + return JSON.stringify([]); // Return empty data on failure + } + }, + }; +} + +// Column configuration for DataTable +function getTableColumnsConfig() { + return [ + { data: "id" }, + { data: "name" }, + { + data: "payload_schema", + render: function (data, type, row) { + return ` + + `; + }, + }, + ]; +} +// Function to handle button click for viewing payload details function handleButtonClick(webhookId) { - let numericId = parseInt(webhookId, 10); + const numericId = parseInt(webhookId, 10); console.log(typeof numericId); - let webhookData = null; // Variable to store the fetched data + + // Fetch webhook details + const webhookData = fetchWebhookData(numericId); + if (!webhookData || !webhookData.payload_schema) { + console.log("No payload schema to display."); + return; + } + + // Display payload details + displayWebhookDetails(webhookData); +} + +// Fetch webhook data using AJAX +function fetchWebhookData(id) { + let webhookData = null; $.ajax({ - url: `/manage/webhooks/${numericId}`, // The URL for fetching the webhook by ID + url: `/manage/webhooks/${id}`, contentType: "application/json", type: "GET", - async: false, // Ensures that the data is available before proceeding (use with caution) + async: false, success: function (response) { if (response.status === "success") { - webhookData = response.data; // Save data to the variable + webhookData = response.data; console.log(webhookData); } else { - console.log('No data found for this webhook.'); + console.log("No data found for this webhook."); } }, error: function (xhr, status, error) { console.error("Error fetching webhook:", error); - } + }, }); - if (!webhookData || !webhookData.payload_schema) { - console.log('No payload schema to display.'); - return; - } + return webhookData; +} + +// Display webhook payload details +function displayWebhookDetails(webhookData) { + let payloadDetails = ` +
    +

    Webhook PayLoad Schema

    + {
      + `; - // Generate HTML for displaying all key-value pairs - let payloadDetails = '

      Webhook PayLoad Schema

      {
        '; for (const [key, value] of Object.entries(webhookData.payload_schema)) { - payloadDetails += `
      • "${key}": ${JSON.stringify(value, null, 2)}
        • `;} - payloadDetails += '
      }
      '; + payloadDetails += `
    • "${key}": ${JSON.stringify(value, null, 2)}
      • `; + } + payloadDetails += ` - +
    } + +
    `; - // Replace the content of the parent container with the details - document.getElementById('drop_case_template_webhooks').querySelector('.card-body').innerHTML = payloadDetails; + const container = document.getElementById("drop_case_template_webhooks").querySelector(".card-body"); + container.innerHTML = payloadDetails; } - +// Event handler for "Back" button $(document).on("click", "#back-to-table", function () { - // Remove the details section and restore the table wrapper - $("#webhook-details").remove(); + restoreTableView(); +}); - const container = document.getElementById('drop_case_template_webhooks').querySelector('.card-body'); +// Restore the table view and reinitialize DataTable +function restoreTableView() { + const container = document.getElementById("drop_case_template_webhooks").querySelector(".card-body"); container.innerHTML = `
    `; - // Reinitialize the DataTable when returning to the table view initializeDataTable(); -}); +} + +// Call to initialize DataTable on script load +initializeDataTable(); function add_webhook() { @@ -105,7 +134,6 @@ function add_webhook() { ajax_notify_error(xhr, url); return false; } - let editor = ace.edit("editor_detail", { autoScrollEditorIntoView: true, minLines: 30, From f0e730554b0c4724206af044bafaf75988f29575 Mon Sep 17 00:00:00 2001 From: Maham Riaz Keyani Date: Wed, 22 Jan 2025 14:27:42 +0500 Subject: [PATCH 66/80] mixed save button styling for this add task modal --- source/app/blueprints/case/templates/modal_add_case_task.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source/app/blueprints/case/templates/modal_add_case_task.html b/source/app/blueprints/case/templates/modal_add_case_task.html index cbb2f4064..da5a8a07f 100644 --- a/source/app/blueprints/case/templates/modal_add_case_task.html +++ b/source/app/blueprints/case/templates/modal_add_case_task.html @@ -194,7 +194,7 @@
    Action Response
    {% else %} - From c6ee60d0e72b01b50afbf677aa057b15da01ab87 Mon Sep 17 00:00:00 2001 From: yusuf khan Date: Thu, 23 Jan 2025 16:16:39 +0100 Subject: [PATCH 67/80] Validation --- docker-compose.base.yml | 3 --- docker-compose.dev.yml | 6 ++---- docker/webApp/iris-entrypoint.sh | 0 source/app/alembic.ini | 2 +- source/app/iris_engine/utils/tracker.py | 8 ++++---- source/app/post_init.py | 2 +- 6 files changed, 8 insertions(+), 13 deletions(-) mode change 100755 => 100644 docker/webApp/iris-entrypoint.sh diff --git a/docker-compose.base.yml b/docker-compose.base.yml index 0305533ec..2f29ecc54 100644 --- a/docker-compose.base.yml +++ b/docker-compose.base.yml @@ -34,8 +34,6 @@ services: - POSTGRES_DB networks: - iris_backend - ports: - - "0.0.0.0:5432:5432" volumes: - db_data:/var/lib/postgresql/data @@ -49,7 +47,6 @@ services: - iris-downloads:/home/iris/downloads - user_templates:/home/iris/user_templates - server_data:/home/iris/server_data - - ./source/app:/iriswebapp/app restart: always depends_on: - "rabbitmq" diff --git a/docker-compose.dev.yml b/docker-compose.dev.yml index fae79f4c5..65b8b0dcc 100644 --- a/docker-compose.dev.yml +++ b/docker-compose.dev.yml @@ -30,7 +30,6 @@ services: image: iriswebapp_db:v2.4.7 ports: - "127.0.0.1:5432:5432" - - "0.0.0.0:5432:5432" app: extends: @@ -41,8 +40,7 @@ services: dockerfile: docker/webApp/Dockerfile image: iriswebapp_app:v2.4.7 ports: - - "127.0.0.1:8000:8000" - - "0.0.0.0:5678:5678" + - "0.0.0.0:8000:8000" worker: extends: @@ -74,4 +72,4 @@ networks: iris_backend: name: iris_backend iris_frontend: - name: iris_frontend + name: iris_frontend \ No newline at end of file diff --git a/docker/webApp/iris-entrypoint.sh b/docker/webApp/iris-entrypoint.sh old mode 100755 new mode 100644 diff --git a/source/app/alembic.ini b/source/app/alembic.ini index 0c1d8af90..bae233cac 100644 --- a/source/app/alembic.ini +++ b/source/app/alembic.ini @@ -1,6 +1,6 @@ [alembic] # path to migration scripts -script_location = source/app/alembic +script_location = app/alembic # template used to generate migration files # file_template = %%(rev)s_%%(slug)s diff --git a/source/app/iris_engine/utils/tracker.py b/source/app/iris_engine/utils/tracker.py index eb0078af6..59e086caf 100644 --- a/source/app/iris_engine/utils/tracker.py +++ b/source/app/iris_engine/utils/tracker.py @@ -52,10 +52,10 @@ def track_activity(message, caseid=None, ctx_less=False, user_input=False, displ ua.activity_date = datetime.utcnow() ua.activity_desc = message.capitalize() - # if current_user.is_authenticated: - # log.info(f"{current_user.user} [#{current_user.id}] :: Case {caseid} :: {ua.activity_desc}") - # else: - # log.info(f"Anonymous :: Case {caseid} :: {ua.activity_desc}") + if current_user.is_authenticated: + log.info(f"{current_user.user} [#{current_user.id}] :: Case {caseid} :: {ua.activity_desc}") + else: + log.info(f"Anonymous :: Case {caseid} :: {ua.activity_desc}") ua.user_input = user_input ua.display_in_ui = display_in_ui diff --git a/source/app/post_init.py b/source/app/post_init.py index ff21d9f39..c64d06ab5 100644 --- a/source/app/post_init.py +++ b/source/app/post_init.py @@ -153,7 +153,7 @@ def run_post_init(development=False): log.info("Running DB migration") - alembic_cfg = Config(file_='source/app/alembic.ini') + alembic_cfg = Config(file_='app/alembic.ini') alembic_cfg.set_main_option('sqlalchemy.url', app.config['SQLALCHEMY_DATABASE_URI']) command.upgrade(alembic_cfg, 'head') From 4023c0e4cf0b3844c2c725088061480ffbe6d258 Mon Sep 17 00:00:00 2001 From: Muhammad Daniyal Date: Mon, 27 Jan 2025 16:13:14 +0500 Subject: [PATCH 68/80] fixed ini file paths and renamed docker-copmpose.dev file --- ...pose.dev.yml => docker-compose-release.yml | 28 ++++--------------- docker-compose.yml | 28 +++++++++++++++---- source/app/post_init.py | 3 +- 3 files changed, 30 insertions(+), 29 deletions(-) rename docker-compose.dev.yml => docker-compose-release.yml (71%) diff --git a/docker-compose.dev.yml b/docker-compose-release.yml similarity index 71% rename from docker-compose.dev.yml rename to docker-compose-release.yml index 65b8b0dcc..42917bf03 100644 --- a/docker-compose.dev.yml +++ b/docker-compose-release.yml @@ -25,42 +25,25 @@ services: extends: file: docker-compose.base.yml service: db - build: - context: docker/db - image: iriswebapp_db:v2.4.7 - ports: - - "127.0.0.1:5432:5432" + image: ${DB_IMAGE_NAME:-ghcr.io/dfir-iris/iriswebapp_db}:${DB_IMAGE_TAG:-v2.4.14} app: extends: file: docker-compose.base.yml service: app - build: - context: . - dockerfile: docker/webApp/Dockerfile - image: iriswebapp_app:v2.4.7 - ports: - - "0.0.0.0:8000:8000" + image: ${APP_IMAGE_NAME:-ghcr.io/dfir-iris/iriswebapp_app}:${APP_IMAGE_TAG:-v2.4.14} worker: extends: file: docker-compose.base.yml service: worker - build: - context: . - dockerfile: docker/webApp/Dockerfile - image: iriswebapp_app:v2.4.7 + image: ${APP_IMAGE_NAME:-ghcr.io/dfir-iris/iriswebapp_app}:${APP_IMAGE_TAG:-v2.4.14} nginx: extends: file: docker-compose.base.yml service: nginx - build: - context: ./docker/nginx - args: - NGINX_CONF_GID: 1234 - NGINX_CONF_FILE: nginx.conf - image: iriswebapp_nginx:v2.4.7 + image: ${NGINX_IMAGE_NAME:-ghcr.io/dfir-iris/iriswebapp_nginx}:${NGINX_IMAGE_TAG:-v2.4.14} volumes: iris-downloads: @@ -72,4 +55,5 @@ networks: iris_backend: name: iris_backend iris_frontend: - name: iris_frontend \ No newline at end of file + name: iris_frontend + diff --git a/docker-compose.yml b/docker-compose.yml index 42917bf03..65b8b0dcc 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -25,25 +25,42 @@ services: extends: file: docker-compose.base.yml service: db - image: ${DB_IMAGE_NAME:-ghcr.io/dfir-iris/iriswebapp_db}:${DB_IMAGE_TAG:-v2.4.14} + build: + context: docker/db + image: iriswebapp_db:v2.4.7 + ports: + - "127.0.0.1:5432:5432" app: extends: file: docker-compose.base.yml service: app - image: ${APP_IMAGE_NAME:-ghcr.io/dfir-iris/iriswebapp_app}:${APP_IMAGE_TAG:-v2.4.14} + build: + context: . + dockerfile: docker/webApp/Dockerfile + image: iriswebapp_app:v2.4.7 + ports: + - "0.0.0.0:8000:8000" worker: extends: file: docker-compose.base.yml service: worker - image: ${APP_IMAGE_NAME:-ghcr.io/dfir-iris/iriswebapp_app}:${APP_IMAGE_TAG:-v2.4.14} + build: + context: . + dockerfile: docker/webApp/Dockerfile + image: iriswebapp_app:v2.4.7 nginx: extends: file: docker-compose.base.yml service: nginx - image: ${NGINX_IMAGE_NAME:-ghcr.io/dfir-iris/iriswebapp_nginx}:${NGINX_IMAGE_TAG:-v2.4.14} + build: + context: ./docker/nginx + args: + NGINX_CONF_GID: 1234 + NGINX_CONF_FILE: nginx.conf + image: iriswebapp_nginx:v2.4.7 volumes: iris-downloads: @@ -55,5 +72,4 @@ networks: iris_backend: name: iris_backend iris_frontend: - name: iris_frontend - + name: iris_frontend \ No newline at end of file diff --git a/source/app/post_init.py b/source/app/post_init.py index c64d06ab5..e410bee08 100644 --- a/source/app/post_init.py +++ b/source/app/post_init.py @@ -151,9 +151,10 @@ def run_post_init(development=False): db.create_all(bind_key="iris_tasks") db.session.commit() - log.info("Running DB migration") + log.info("Running DB migration - Updated") alembic_cfg = Config(file_='app/alembic.ini') + log.info("alembic.ini ") alembic_cfg.set_main_option('sqlalchemy.url', app.config['SQLALCHEMY_DATABASE_URI']) command.upgrade(alembic_cfg, 'head') From 3d3d99b611c2f074b1367f746061ceceacade1e9 Mon Sep 17 00:00:00 2001 From: Muhammad Hanzila Date: Wed, 29 Jan 2025 14:56:12 +0500 Subject: [PATCH 69/80] changes --- docker-compose.base.yml | 10 ++++++++-- docker-compose.yml | 10 +++++----- docker/nginx/entrypoint.sh | 2 +- docker/webApp/Dockerfile | 4 +++- source/app/post_init.py | 4 ++-- 5 files changed, 19 insertions(+), 11 deletions(-) diff --git a/docker-compose.base.yml b/docker-compose.base.yml index 2f29ecc54..95fb37583 100644 --- a/docker-compose.base.yml +++ b/docker-compose.base.yml @@ -39,7 +39,7 @@ services: app: container_name: iriswebapp_app - command: ['nohup', './iris-entrypoint.sh', 'iriswebapp'] + command: ["nohup", "./iris-entrypoint.sh", "iriswebapp"] volumes: - ./certificates/rootCA/irisRootCACert.pem:/etc/irisRootCACert.pem:ro - ./certificates/:/home/iris/certificates/:ro @@ -69,7 +69,13 @@ services: worker: container_name: iriswebapp_worker restart: always - command: ['./wait-for-iriswebapp.sh', 'app:8000', './iris-entrypoint.sh', 'iris-worker'] + command: + [ + "./wait-for-iriswebapp.sh", + "app:8000", + "./iris-entrypoint.sh", + "iris-worker", + ] volumes: - ./certificates/rootCA/irisRootCACert.pem:/etc/irisRootCACert.pem:ro - ./certificates/:/home/iris/certificates/:ro diff --git a/docker-compose.yml b/docker-compose.yml index 65b8b0dcc..fa9a6f841 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -28,8 +28,8 @@ services: build: context: docker/db image: iriswebapp_db:v2.4.7 - ports: - - "127.0.0.1:5432:5432" + # ports: + # - "127.0.0.1:5432:5432" app: extends: @@ -39,8 +39,8 @@ services: context: . dockerfile: docker/webApp/Dockerfile image: iriswebapp_app:v2.4.7 - ports: - - "0.0.0.0:8000:8000" + # ports: + # - "0.0.0.0:8000:8000" worker: extends: @@ -72,4 +72,4 @@ networks: iris_backend: name: iris_backend iris_frontend: - name: iris_frontend \ No newline at end of file + name: iris_frontend diff --git a/docker/nginx/entrypoint.sh b/docker/nginx/entrypoint.sh index 6b0afe322..9b2e8316d 100644 --- a/docker/nginx/entrypoint.sh +++ b/docker/nginx/entrypoint.sh @@ -1,4 +1,4 @@ -#!/usr/bin/env bash +#!/bin/bash # IRIS Source Code # Copyright (C) 2021 - Airbus CyberSecurity (SAS) diff --git a/docker/webApp/Dockerfile b/docker/webApp/Dockerfile index 34ddba730..5762b7282 100644 --- a/docker/webApp/Dockerfile +++ b/docker/webApp/Dockerfile @@ -68,6 +68,8 @@ COPY ./source . RUN chmod +x /iriswebapp/dependencies/evtxdump_binaries/linux/x64/fd RUN chmod +x /iriswebapp/dependencies/evtxdump_binaries/linux/x64/evtx_dump +# RUN chmod +x iris-entrypoint.sh wait-for-iriswebapp.sh entrypoint.sh + RUN chmod +x iris-entrypoint.sh RUN chmod +x wait-for-iriswebapp.sh -#ENTRYPOINT [ "./iris-entrypoint.sh" ] +#ENTRYPOINT ["./iris-entrypoint.sh"] diff --git a/source/app/post_init.py b/source/app/post_init.py index e410bee08..3484c770c 100644 --- a/source/app/post_init.py +++ b/source/app/post_init.py @@ -137,8 +137,8 @@ def run_post_init(development=False): exit(1) # Setup database before everything - #log.info("Adding pgcrypto extension") - #pg_add_pgcrypto_ext() + log.info("Adding pgcrypto extension") + pg_add_pgcrypto_ext() # Setup database before everything with app.app_context(): From bbbbe3e1651df042f29822bd56088ea962f7ae8d Mon Sep 17 00:00:00 2001 From: "ykhan@rukhsarkhan.de" Date: Wed, 29 Jan 2025 16:38:41 +0100 Subject: [PATCH 70/80] Working example --- docker-compose.base.yml | 2 ++ docker-compose-release.yml => docker-compose.dev.yml | 0 docker-compose.yml | 8 ++++---- 3 files changed, 6 insertions(+), 4 deletions(-) rename docker-compose-release.yml => docker-compose.dev.yml (100%) diff --git a/docker-compose.base.yml b/docker-compose.base.yml index 95fb37583..41a8f39f7 100644 --- a/docker-compose.base.yml +++ b/docker-compose.base.yml @@ -32,6 +32,8 @@ services: - POSTGRES_ADMIN_USER - POSTGRES_ADMIN_PASSWORD - POSTGRES_DB + env_file: + - .env networks: - iris_backend volumes: diff --git a/docker-compose-release.yml b/docker-compose.dev.yml similarity index 100% rename from docker-compose-release.yml rename to docker-compose.dev.yml diff --git a/docker-compose.yml b/docker-compose.yml index fa9a6f841..513b96bdf 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -28,8 +28,8 @@ services: build: context: docker/db image: iriswebapp_db:v2.4.7 - # ports: - # - "127.0.0.1:5432:5432" + ports: + - "0.0.0.0:5432:5432" app: extends: @@ -39,8 +39,8 @@ services: context: . dockerfile: docker/webApp/Dockerfile image: iriswebapp_app:v2.4.7 - # ports: - # - "0.0.0.0:8000:8000" + ports: + - "0.0.0.0:8000:8000" worker: extends: From 3caa1f289dd7e6c3055aec621aba1769bd2fb901 Mon Sep 17 00:00:00 2001 From: AzharAli Date: Mon, 7 Apr 2025 19:38:24 +0500 Subject: [PATCH 71/80] duplicate function entries removed --- ui/src/pages/case.tasks.js | 140 ++++++++++++++++++------------------- 1 file changed, 70 insertions(+), 70 deletions(-) diff --git a/ui/src/pages/case.tasks.js b/ui/src/pages/case.tasks.js index cff4ccfdd..1f50b1770 100644 --- a/ui/src/pages/case.tasks.js +++ b/ui/src/pages/case.tasks.js @@ -128,24 +128,24 @@ function update_task_ext(task_id, do_close) { } /* Delete an event from the timeline thank to its id */ -function delete_task(id) { - do_deletion_prompt("You are about to delete task #" + id) - .then((doDelete) => { - if (doDelete) { - let cid = get_caseid(); - delete_request_api(`/api/v2/cases/${cid}/tasks/${id}`) - .done((data, textStatus) => { - if (textStatus === 'nocontent') { - get_tasks(); - $('#modal_add_task').modal('hide'); - notify_success('Task deleted'); - } else { - notify_error('Error deleting task') - } - }); - } - }); -} +// function delete_task(id) { +// do_deletion_prompt("You are about to delete task #" + id) +// .then((doDelete) => { +// if (doDelete) { +// let cid = get_caseid(); +// delete_request_api(`/api/v2/cases/${cid}/tasks/${id}`) +// .done((data, textStatus) => { +// if (textStatus === 'nocontent') { +// get_tasks(); +// $('#modal_add_task').modal('hide'); +// notify_success('Task deleted'); +// } else { +// notify_error('Error deleting task') +// } +// }); +// } +// }); +// } /* Edit and event from the timeline thanks to its ID */ function edit_task(id) { @@ -421,58 +421,58 @@ $('#collapsibleContent').find('.btn[data-dismiss="collapse-action-form"]').on('c }); } -function save_task() { - $('#submit_new_task').click(); -} - -function update_task(task_id) { - update_task_ext(task_id, true); -} - -function update_task_ext(task_id, do_close) { - - clear_api_error(); - if (!$('form#form_new_task').valid()) { - return false; - } - - if (task_id === undefined || task_id === null) { - task_id = g_task_id; - } - - var data_sent = $('#form_new_task').serializeObject(); - data_sent['task_tags'] = $('#task_tags').val(); - - data_sent['task_assignees_id'] = $('#task_assignees_id').val(); - data_sent['task_status_id'] = $('#task_status_id').val(); - ret = get_custom_attributes_fields(); - has_error = ret[0].length > 0; - attributes = ret[1]; - - if (has_error) { return false; } - - data_sent['custom_attributes'] = attributes; - data_sent['task_description'] = g_task_desc_editor.getValue(); - - $('#update_task_btn').text('Updating..'); - - post_request_api('tasks/update/' + task_id, JSON.stringify(data_sent), true) - .done((data) => { - if (notify_auto_api(data)) { - get_tasks(); - $('#submit_new_task').text("Saved").addClass('btn-outline-success').removeClass('btn-outline-danger').removeClass('btn-outline-warning'); - $('#last_saved').removeClass('btn-danger').addClass('btn-success'); - $('#last_saved > i').attr('class', "fa-solid fa-file-circle-check"); - - if (do_close !== undefined && do_close === true) { - $('#modal_add_task').modal('hide'); - } - } - }) - .always(() => { - $('#update_task_btn').text('Update'); - }); -} +// function save_task() { +// $('#submit_new_task').click(); +// } + +// function update_task(task_id) { +// update_task_ext(task_id, true); +// } + +// function update_task_ext(task_id, do_close) { +// +// clear_api_error(); +// if (!$('form#form_new_task').valid()) { +// return false; +// } +// +// if (task_id === undefined || task_id === null) { +// task_id = g_task_id; +// } +// +// var data_sent = $('#form_new_task').serializeObject(); +// data_sent['task_tags'] = $('#task_tags').val(); +// +// data_sent['task_assignees_id'] = $('#task_assignees_id').val(); +// data_sent['task_status_id'] = $('#task_status_id').val(); +// ret = get_custom_attributes_fields(); +// has_error = ret[0].length > 0; +// attributes = ret[1]; +// +// if (has_error) { return false; } +// +// data_sent['custom_attributes'] = attributes; +// data_sent['task_description'] = g_task_desc_editor.getValue(); +// +// $('#update_task_btn').text('Updating..'); +// +// post_request_api('tasks/update/' + task_id, JSON.stringify(data_sent), true) +// .done((data) => { +// if (notify_auto_api(data)) { +// get_tasks(); +// $('#submit_new_task').text("Saved").addClass('btn-outline-success').removeClass('btn-outline-danger').removeClass('btn-outline-warning'); +// $('#last_saved').removeClass('btn-danger').addClass('btn-success'); +// $('#last_saved > i').attr('class', "fa-solid fa-file-circle-check"); +// +// if (do_close !== undefined && do_close === true) { +// $('#modal_add_task').modal('hide'); +// } +// } +// }) +// .always(() => { +// $('#update_task_btn').text('Update'); +// }); +// } /* Delete an event from the timeline thank to its id */ function delete_task(id) { From b497dcee1b0fcb64facf597389bb9c0d36ad345e Mon Sep 17 00:00:00 2001 From: AzharAli Date: Tue, 8 Apr 2025 12:45:25 +0500 Subject: [PATCH 72/80] all import issues fix adding case_template_id column in cases table --- .../pages/manage/manage_webhooks_routes.py | 18 ++++++++++-------- source/app/blueprints/rest/api_routes.py | 4 ++-- .../manage/manage_case_templates_routes.py | 12 ++++++------ source/app/business/cases.py | 6 ------ source/app/datamgmt/case/case_tasks_db.py | 3 ++- .../manage/manage_case_templates_db.py | 8 +++----- source/app/datamgmt/manage/manage_cases_db.py | 2 +- .../app/datamgmt/manage/manage_webhooks_db.py | 9 +++++---- source/app/views.py | 2 +- 9 files changed, 30 insertions(+), 34 deletions(-) diff --git a/source/app/blueprints/pages/manage/manage_webhooks_routes.py b/source/app/blueprints/pages/manage/manage_webhooks_routes.py index 525ea3fdf..f1a1d1a4b 100644 --- a/source/app/blueprints/pages/manage/manage_webhooks_routes.py +++ b/source/app/blueprints/pages/manage/manage_webhooks_routes.py @@ -9,20 +9,22 @@ from marshmallow import ValidationError from app import db +from app.blueprints.access_controls import ac_api_requires, ac_requires, ac_requires_case_identifier +from app.blueprints.responses import response_success, response_error from app.datamgmt.manage.manage_webhooks_db import get_webhooks_list from app.datamgmt.manage.manage_webhooks_db import get_webhook_by_id from app.datamgmt.manage.manage_webhooks_db import delete_webhook_by_id from app.datamgmt.manage.manage_webhooks_db import validate_webhook from app.forms import AddAssetForm, WebhookForm -from app.models import Webhook +from app.models.models import Webhook from app.models.authorization import Permissions from app.iris_engine.utils.tracker import track_activity from app.schema.marshables import WebhookSchema -from app.util import ac_api_requires -from app.util import ac_requires_case_identifier -from app.util import ac_requires -from app.util import response_error -from app.util import response_success +# from app.util import ac_api_requires +# from app.util import ac_requires_case_identifier +# from app.util import ac_requires +# from app.util import response_error +# from app.util import response_success from app.datamgmt.manage.manage_case_templates_db import get_action_by_case_template_id_and_task_id manage_webhooks_blueprint = Blueprint('manage_webhooks', @@ -32,7 +34,7 @@ # CONTENT ------------------------------------------------ @manage_webhooks_blueprint.route('/manage/webhooks', methods=['GET']) -@ac_requires(Permissions.webhooks_read) +@ac_api_requires(Permissions.webhooks_read) def manage_webhooks(caseid, url_redir): if url_redir: return redirect(url_for('manage_webhooks.manage_webhooks', cid=caseid)) @@ -96,7 +98,7 @@ def get_webhook(cur_id): @manage_webhooks_blueprint.route('/manage/webhooks//modal', methods=['GET']) -@ac_requires(Permissions.webhooks_read) +@ac_api_requires(Permissions.webhooks_read) def webhook_modal(cur_id, caseid, url_redir): """Get an webhook diff --git a/source/app/blueprints/rest/api_routes.py b/source/app/blueprints/rest/api_routes.py index 21424ae7f..9e567ad0d 100644 --- a/source/app/blueprints/rest/api_routes.py +++ b/source/app/blueprints/rest/api_routes.py @@ -27,14 +27,14 @@ @rest_api_blueprint.route('/api/ping', methods=['GET']) # CONTENT ------------------------------------------------ -@api_blueprint.route('/api/ping', methods=['GET']) +@rest_api_blueprint.route('/api/ping', methods=['GET']) @ac_api_requires() def api_ping(): return response_success("pong") @rest_api_blueprint.route('/api/versions', methods=['GET']) -@api_blueprint.route('/api/versions', methods=['GET']) +@rest_api_blueprint.route('/api/versions', methods=['GET']) @ac_api_requires() def api_version(): versions = { diff --git a/source/app/blueprints/rest/manage/manage_case_templates_routes.py b/source/app/blueprints/rest/manage/manage_case_templates_routes.py index d2f528b70..681a6307a 100644 --- a/source/app/blueprints/rest/manage/manage_case_templates_routes.py +++ b/source/app/blueprints/rest/manage/manage_case_templates_routes.py @@ -28,7 +28,7 @@ from app.datamgmt.manage.manage_case_templates_db import validate_case_template from app.datamgmt.manage.manage_case_templates_db import delete_case_template_by_id from app.forms import AddAssetForm, WebhookForm, CaseTemplateForm -from app.models import CaseTemplate +from app.models.models import CaseTemplate from app.models.authorization import Permissions from app.iris_engine.utils.tracker import track_activity from app.schema.marshables import CaseTemplateSchema @@ -53,8 +53,8 @@ def list_case_templates(): return response_success("", data=case_templates) -@manage_case_templates_blueprint.route('/manage/case-templates//modal', methods=['GET']) -@ac_requires(Permissions.case_templates_read) +@manage_case_templates_rest_blueprint.route('/manage/case-templates//modal', methods=['GET']) +@ac_api_requires(Permissions.case_templates_read) def case_template_modal(cur_id, caseid, url_redir): """Get a case template @@ -95,7 +95,7 @@ def case_template_modal(cur_id, caseid, url_redir): return render_template("modal_case_template.html", form=form, case_template=case_template) -@manage_case_templates_blueprint.route('/manage/case-templates/add/modal', methods=['GET']) +@manage_case_templates_rest_blueprint.route('/manage/case-templates/add/modal', methods=['GET']) @ac_api_requires(Permissions.case_templates_write) def add_template_modal(): case_template = CaseTemplate() @@ -153,13 +153,13 @@ def add_template_modal(): return render_template("modal_case_template.html", form=form, case_template=case_template) -@manage_case_templates_blueprint.route('/manage/case-templates/upload/modal', methods=['GET']) +@manage_case_templates_rest_blueprint.route('/manage/case-templates/upload/modal', methods=['GET']) @ac_api_requires(Permissions.case_templates_write) def upload_template_modal(): return render_template("modal_upload_case_template.html") -@manage_case_templates_blueprint.route('/manage/case-templates/add', methods=['POST']) +@manage_case_templates_rest_blueprint.route('/manage/case-templates/add', methods=['POST']) @ac_api_requires(Permissions.case_templates_write) @ac_requires_case_identifier() def add_case_template(caseid): diff --git a/source/app/business/cases.py b/source/app/business/cases.py index 31fc2e0a5..a48bfecdf 100644 --- a/source/app/business/cases.py +++ b/source/app/business/cases.py @@ -26,15 +26,9 @@ from app import app from app import db - from app.util import add_obj_history_entry from app.schema.marshables import CaseSchema - -from app.models.authorization import CaseAccessLevel -from app.models.authorization import Permissions -from app.models import ReviewStatusList from app.models.models import ReviewStatusList - from app.business.errors import BusinessProcessingError from app.business.iocs import iocs_exports_to_json diff --git a/source/app/datamgmt/case/case_tasks_db.py b/source/app/datamgmt/case/case_tasks_db.py index 6167c7736..df9072d76 100644 --- a/source/app/datamgmt/case/case_tasks_db.py +++ b/source/app/datamgmt/case/case_tasks_db.py @@ -33,7 +33,8 @@ from app.models.models import TaskComments from app.models.models import TaskStatus from app.models.authorization import User -from app.models.pagination_parameters import PaginationParameters, TaskResponse +from app.models.models import TaskResponse +from app.models.pagination_parameters import PaginationParameters def get_tasks_status(): diff --git a/source/app/datamgmt/manage/manage_case_templates_db.py b/source/app/datamgmt/manage/manage_case_templates_db.py index f66789871..c1eaaebba 100644 --- a/source/app/datamgmt/manage/manage_case_templates_db.py +++ b/source/app/datamgmt/manage/manage_case_templates_db.py @@ -19,18 +19,16 @@ import jsonschema from datetime import datetime from typing import List, Optional, Union - from app import db -from app.datamgmt.case.case_notes_db import add_note from app.datamgmt.case.case_tasks_db import add_task, get_task from app.datamgmt.manage.manage_case_classifications_db import get_case_classification_by_name from app.iris_engine.module_handler.module_handler import call_modules_hook -from app.models import CaseTemplate, Cases, Tags, NoteDirectory, CaseResponse, TaskResponse -app.models.models import CaseTemplate +from app.models.cases import Cases +from app.models.models import CaseTemplate from app.models.models import Tags from app.models.models import NoteDirectory from app.models.authorization import User -from app.schema.marshables import CaseSchema, TaskResponseSchema, CaseTaskSchema, CaseNoteDirectorySchema, CaseNoteSchema +from app.schema.marshables import CaseSchema, CaseTaskSchema, CaseNoteDirectorySchema, CaseNoteSchema from app.datamgmt.manage.manage_webhooks_db import get_webhook_by_id diff --git a/source/app/datamgmt/manage/manage_cases_db.py b/source/app/datamgmt/manage/manage_cases_db.py index 1ac28420a..30a995ad9 100644 --- a/source/app/datamgmt/manage/manage_cases_db.py +++ b/source/app/datamgmt/manage/manage_cases_db.py @@ -66,7 +66,7 @@ from app.models.cases import CaseProtagonist from app.models.cases import CaseTags from app.models.cases import CaseState -from app.models import CaseResponse +from app.models.models import CaseResponse from app.datamgmt.manage.manage_webhooks_db import get_webhook_by_id from app.models.models import TaskResponse from app.models.pagination_parameters import PaginationParameters diff --git a/source/app/datamgmt/manage/manage_webhooks_db.py b/source/app/datamgmt/manage/manage_webhooks_db.py index ff440f996..188ba9934 100644 --- a/source/app/datamgmt/manage/manage_webhooks_db.py +++ b/source/app/datamgmt/manage/manage_webhooks_db.py @@ -14,18 +14,19 @@ # You should have received a copy of the GNU Lesser General Public License # along with this program; if not, write to the Free Software Foundation, # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. -import json import marshmallow import jsonschema from datetime import datetime -from typing import List, Optional, Union +from typing import List, Union from app import db -from app.datamgmt.case.case_notes_db import add_note from app.datamgmt.case.case_tasks_db import add_task from app.datamgmt.manage.manage_case_classifications_db import get_case_classification_by_name from app.iris_engine.module_handler.module_handler import call_modules_hook -from app.models import CaseTemplate, Webhook, Cases, Tags, NoteDirectory +from app.models.cases import Cases +from app.models.models import Tags +from app.models.models import NoteDirectory +from app.models.models import Webhook from app.models.authorization import User from app.schema.marshables import CaseSchema, CaseTaskSchema, CaseNoteDirectorySchema, CaseNoteSchema diff --git a/source/app/views.py b/source/app/views.py index c5605fff7..7fa86d3db 100644 --- a/source/app/views.py +++ b/source/app/views.py @@ -48,6 +48,7 @@ from app.blueprints.pages.manage.manage_templates_routes import manage_templates_blueprint from app.blueprints.pages.manage.manage_case_templates_routes import manage_case_templates_blueprint from app.blueprints.pages.manage.manage_users import manage_users_blueprint +from app.blueprints.pages.manage.manage_webhooks_routes import manage_webhooks_blueprint from app.blueprints.pages.overview.overview_routes import overview_blueprint from app.blueprints.pages.profile.profile_routes import profile_blueprint from app.blueprints.pages.search.search_routes import search_blueprint @@ -95,7 +96,6 @@ from app.blueprints.rest.reports_route import reports_rest_blueprint from app.blueprints.rest.search_routes import search_rest_blueprint from app.blueprints.graphql.graphql_route import graphql_blueprint -from app.blueprints.manage.manage_webhooks_routes import manage_webhooks_blueprint from app.blueprints.rest.v2 import rest_v2_blueprint from app.models.authorization import User From 209165da1db8107e76c8c30c27414636002ea507 Mon Sep 17 00:00:00 2001 From: AzharAli Date: Thu, 10 Apr 2025 14:51:16 +0500 Subject: [PATCH 73/80] all fixes related to webhooks, case, tasks and triggers --- docker/nginx/nginx.conf | 6 +- .../app/blueprints/case/case_tasks_routes.py | 5 +- .../pages/case/templates/case_tasks.html | 4 +- .../case/templates/modal_add_case_task.html | 1 + .../pages/manage/manage_webhooks_routes.py | 15 +++-- .../blueprints/rest/case/case_tasks_routes.py | 67 ++++++++++++++++++- .../manage/manage_case_response_db.py | 2 +- .../manage/manage_case_templates_db.py | 2 +- source/app/datamgmt/manage/manage_cases_db.py | 28 ++++---- .../manage/manage_task_response_db.py | 2 +- source/app/views.py | 4 +- ui/src/pages/case.taskaction.response.js | 2 +- ui/src/pages/case.tasks.js | 8 ++- 13 files changed, 111 insertions(+), 35 deletions(-) diff --git a/docker/nginx/nginx.conf b/docker/nginx/nginx.conf index bb027e551..9e2aa4a1c 100644 --- a/docker/nginx/nginx.conf +++ b/docker/nginx/nginx.conf @@ -26,7 +26,11 @@ events { http { map $request_uri $csp_header { - default "default-src 'self' https://analytics.dfir-iris.org; script-src 'self' 'unsafe-inline' https://analytics.dfir-iris.org; style-src 'self' 'unsafe-inline'; img-src 'self' data:;"; + default "default-src 'self' https://analytics.dfir-iris.org https://cdn.jsdelivr.net https://jsoncrack.com; + script-src 'self' 'unsafe-inline' https://analytics.dfir-iris.org https://cdn.jsdelivr.net; + style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net; + img-src 'self' data:; + frame-src 'self' https://jsoncrack.com;"; } include /etc/nginx/mime.types; diff --git a/source/app/blueprints/case/case_tasks_routes.py b/source/app/blueprints/case/case_tasks_routes.py index 449ae76d0..b9c91b824 100644 --- a/source/app/blueprints/case/case_tasks_routes.py +++ b/source/app/blueprints/case/case_tasks_routes.py @@ -30,7 +30,8 @@ from flask_wtf import FlaskForm from app import db -from app.blueprints.case.case_comments import case_comment_update +from app.blueprints.rest.case_comments import case_comment_update +# from app.blueprints.case.case_comments import case_comment_update from app.datamgmt.case.case_db import get_case from app.datamgmt.case.case_tasks_db import add_comment_to_task from app.datamgmt.case.case_tasks_db import add_task @@ -40,7 +41,7 @@ from app.datamgmt.case.case_tasks_db import get_case_task_comments from app.datamgmt.case.case_tasks_db import get_case_tasks_comments_count from app.datamgmt.case.case_tasks_db import get_task -from app.datamgmt.case.case_tasks_db import get_task_with_assignees +# from app.datamgmt.case.case_tasks_db import get_task_with_assignees from app.datamgmt.case.case_tasks_db import get_tasks_status from app.datamgmt.case.case_tasks_db import get_tasks_with_assignees from app.datamgmt.case.case_tasks_db import update_task_assignees diff --git a/source/app/blueprints/pages/case/templates/case_tasks.html b/source/app/blueprints/pages/case/templates/case_tasks.html index 37c80bdba..92a655ed3 100644 --- a/source/app/blueprints/pages/case/templates/case_tasks.html +++ b/source/app/blueprints/pages/case/templates/case_tasks.html @@ -101,7 +101,9 @@ {% block javascripts %} {% include 'includes/footer_case.html' %} diff --git a/source/app/blueprints/pages/case/templates/modal_add_case_task.html b/source/app/blueprints/pages/case/templates/modal_add_case_task.html index 9352a7c1c..76ee50dee 100644 --- a/source/app/blueprints/pages/case/templates/modal_add_case_task.html +++ b/source/app/blueprints/pages/case/templates/modal_add_case_task.html @@ -231,4 +231,5 @@
    Action Response
    + {% endblock javascripts %} \ No newline at end of file diff --git a/source/app/blueprints/pages/manage/manage_webhooks_routes.py b/source/app/blueprints/pages/manage/manage_webhooks_routes.py index f1a1d1a4b..0eb3b0035 100644 --- a/source/app/blueprints/pages/manage/manage_webhooks_routes.py +++ b/source/app/blueprints/pages/manage/manage_webhooks_routes.py @@ -20,11 +20,6 @@ from app.models.authorization import Permissions from app.iris_engine.utils.tracker import track_activity from app.schema.marshables import WebhookSchema -# from app.util import ac_api_requires -# from app.util import ac_requires_case_identifier -# from app.util import ac_requires -# from app.util import response_error -# from app.util import response_success from app.datamgmt.manage.manage_case_templates_db import get_action_by_case_template_id_and_task_id manage_webhooks_blueprint = Blueprint('manage_webhooks', @@ -35,7 +30,10 @@ # CONTENT ------------------------------------------------ @manage_webhooks_blueprint.route('/manage/webhooks', methods=['GET']) @ac_api_requires(Permissions.webhooks_read) -def manage_webhooks(caseid, url_redir): +def manage_webhooks(): + # Get 'cid' from the query string + caseid = request.args.get('cid', type=int) # Default to None if not provided + url_redir = request.args.get('url_redir', default=False, type=bool) # Check if a redirect is needed if url_redir: return redirect(url_for('manage_webhooks.manage_webhooks', cid=caseid)) @@ -99,7 +97,7 @@ def get_webhook(cur_id): @manage_webhooks_blueprint.route('/manage/webhooks//modal', methods=['GET']) @ac_api_requires(Permissions.webhooks_read) -def webhook_modal(cur_id, caseid, url_redir): +def webhook_modal(cur_id): """Get an webhook Args: @@ -108,6 +106,9 @@ def webhook_modal(cur_id, caseid, url_redir): Returns: HTML Template: webhook modal """ + # Get 'cid' from the query string + caseid = request.args.get('cid', type=int) # Default to None if not provided + url_redir = request.args.get('url_redir', default=False, type=bool) # Check if a redirect is needed if url_redir: return redirect(url_for('manage_webhooks.manage_webhooks', cid=caseid)) diff --git a/source/app/blueprints/rest/case/case_tasks_routes.py b/source/app/blueprints/rest/case/case_tasks_routes.py index 74066787e..0f3ffe015 100644 --- a/source/app/blueprints/rest/case/case_tasks_routes.py +++ b/source/app/blueprints/rest/case/case_tasks_routes.py @@ -15,7 +15,7 @@ # You should have received a copy of the GNU Lesser General Public License # along with this program; if not, write to the Free Software Foundation, # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - +import json from datetime import datetime import marshmallow @@ -39,6 +39,8 @@ from app.datamgmt.case.case_tasks_db import get_tasks_status from app.datamgmt.case.case_tasks_db import get_tasks_with_assignees from app.datamgmt.case.case_tasks_db import update_task_status +from app.datamgmt.manage.manage_cases_db import execute_and_save_action +from app.datamgmt.manage.manage_task_response_db import get_task_responses_list, get_task_response_by_id from app.datamgmt.states import get_tasks_state from app.iris_engine.module_handler.module_handler import call_modules_hook from app.iris_engine.utils.tracker import track_activity @@ -246,3 +248,66 @@ def case_comment_task_delete(cur_id: int, com_id: int, caseid: int): track_activity(f"comment {com_id} on task {cur_id} deleted", caseid=caseid) return response_success(msg) + + +@case_tasks_rest_blueprint.route('/case/tasks/action_responses/', methods=['GET']) +@ac_api_requires() +def case_task_action_response(cur_id): + # Retrieve the list of task action responses + task_action_responses = get_task_responses_list(cur_id) + + for response in task_action_responses: + # Serialize 'created_at' field if it is a datetime object + if isinstance(response.get('created_at'), datetime): + response['created_at'] = response['created_at'].strftime("%Y-%m-%d %H:%M:%S") + + # Serialize 'updated_at' field if it is a datetime object + if isinstance(response.get('updated_at'), datetime): + response['updated_at'] = response['updated_at'].strftime("%Y-%m-%d %H:%M:%S") + + # Handle 'body' field serialization + if 'body' in response: + try: + # Attempt to serialize 'body' if it's a dictionary or list + if isinstance(response['body'], (dict, list)): + response['body'] = json.dumps(response['body']) + except (TypeError, ValueError): + # If serialization fails, convert it to a string + response['body'] = str(response['body']) + + # Return a successful response with serialized task action responses + return response_success("success", task_action_responses) + + +@case_tasks_rest_blueprint.route('/case/jsoneditor', methods=['POST']) +def save_data(): + try: + data = request.get_json() + + if not isinstance(data, dict): + raise ValueError("Request payload is not a valid JSON object") + + payload = data.get('payload') + task_id = data.get('task_id') + action_id = data.get('action_id') + + if not payload or not task_id or not action_id: + raise KeyError("Missing one or more required keys: 'payload', 'task_id', 'action_id'") + + action_response = execute_and_save_action(payload, task_id, action_id) + return response_success("ac_requires_case_identifier", action_response) + except KeyError as e: + return response_error(f"Missing key: {e}") + # except ValueError as e: + # return jsonify({"status": "error", "message": str(e)}), 400 + # except Exception as e: + # return jsonify({"status": "error", "message": str(e)}) + +@case_tasks_rest_blueprint.route('/case/tasks/action_response/', methods=['GET']) +def case_task_action_response_by_id(task_id): + action_response = get_task_response_by_id(task_id) + + if action_response: + return response_success("Task action response fetched successfully", data=action_response) + else: + return response_error("No action response found for this task", 404) \ No newline at end of file diff --git a/source/app/datamgmt/manage/manage_case_response_db.py b/source/app/datamgmt/manage/manage_case_response_db.py index 7cb22ab48..d40e7e9a3 100644 --- a/source/app/datamgmt/manage/manage_case_response_db.py +++ b/source/app/datamgmt/manage/manage_case_response_db.py @@ -19,7 +19,7 @@ from typing import List, Optional, Union from app import db -from app.models import CaseResponse +from app.models.models import CaseResponse from app.models.authorization import User from app.schema.marshables import CaseResponseSchema diff --git a/source/app/datamgmt/manage/manage_case_templates_db.py b/source/app/datamgmt/manage/manage_case_templates_db.py index c1eaaebba..1ed6bfae2 100644 --- a/source/app/datamgmt/manage/manage_case_templates_db.py +++ b/source/app/datamgmt/manage/manage_case_templates_db.py @@ -407,7 +407,7 @@ def get_action_by_case_template_id_and_task_id(case_template_id, task_id, caseid """ case_template = CaseTemplate.query.filter_by(id=case_template_id).first() - case_task = get_task(task_id=task_id, caseid=caseid) + case_task = get_task(task_id=task_id) if not case_template: return [] diff --git a/source/app/datamgmt/manage/manage_cases_db.py b/source/app/datamgmt/manage/manage_cases_db.py index 30a995ad9..7403eb76b 100644 --- a/source/app/datamgmt/manage/manage_cases_db.py +++ b/source/app/datamgmt/manage/manage_cases_db.py @@ -668,21 +668,21 @@ def save_results_for_tasks(data, task_id, webhook_id): """ try: # Ensure data is a list of dictionaries - if isinstance(data, dict): - data = [data] - elif not isinstance(data, list): - raise ValueError("Unexpected data format: Expected a dictionary or list of dictionaries.") - - for item in data: - # Create a new TaskResponse object for each result - task_response = TaskResponse( - task=task_id, - action=webhook_id, - body=item, # Assuming item is JSON-serializable - ) + # if isinstance(data, dict): + # data = [data] + # elif not isinstance(data, list): + # raise ValueError("Unexpected data format: Expected a dictionary or list of dictionaries.") + + # for item in data: + # Create a new TaskResponse object for each result + task_response = TaskResponse( + task=task_id, + action=webhook_id, + body=data, # Assuming item is JSON-serializable + ) - # Add the object to the session - db.session.add(task_response) + # Add the object to the session + db.session.add(task_response) # Commit all changes at once db.session.commit() diff --git a/source/app/datamgmt/manage/manage_task_response_db.py b/source/app/datamgmt/manage/manage_task_response_db.py index 90e08ad6a..e62d05e83 100644 --- a/source/app/datamgmt/manage/manage_task_response_db.py +++ b/source/app/datamgmt/manage/manage_task_response_db.py @@ -19,7 +19,7 @@ from typing import List, Optional, Union from app import db -from app.models import TaskResponse +from app.models.models import TaskResponse from app.models.authorization import User from app.schema.marshables import TaskResponseSchema diff --git a/source/app/views.py b/source/app/views.py index 7fa86d3db..3e278223f 100644 --- a/source/app/views.py +++ b/source/app/views.py @@ -96,6 +96,7 @@ from app.blueprints.rest.reports_route import reports_rest_blueprint from app.blueprints.rest.search_routes import search_rest_blueprint from app.blueprints.graphql.graphql_route import graphql_blueprint +from app.blueprints.pages.case.case_triggers_routes import case_triggers_blueprint from app.blueprints.rest.v2 import rest_v2_blueprint from app.models.authorization import User @@ -177,10 +178,9 @@ def register_blusprints(app): app.register_blueprint(datastore_rest_blueprint) app.register_blueprint(alerts_blueprint) app.register_blueprint(alerts_rest_blueprint) - + app.register_blueprint(case_triggers_blueprint) app.register_blueprint(rest_api_blueprint) app.register_blueprint(demo_blueprint) - app.register_blueprint(rest_v2_blueprint) diff --git a/ui/src/pages/case.taskaction.response.js b/ui/src/pages/case.taskaction.response.js index e3a87e663..2b35932c0 100644 --- a/ui/src/pages/case.taskaction.response.js +++ b/ui/src/pages/case.taskaction.response.js @@ -6,7 +6,7 @@ function toggleJsonViewer(button) { return; } - fetch(`/case/task/action_response/${id}`) + fetch(`/case/tasks/action_response/${id}`) .then(response => response.json()) .then(data => { if (data.status && data.data) { diff --git a/ui/src/pages/case.tasks.js b/ui/src/pages/case.tasks.js index 1f50b1770..24593f631 100644 --- a/ui/src/pages/case.tasks.js +++ b/ui/src/pages/case.tasks.js @@ -1,3 +1,4 @@ + var current_users_list = []; var g_task_id = null; var g_task_desc_editor = null; @@ -270,7 +271,8 @@ function fetchWebhook(action_id , id) { function loadTableData(task_id) { $("#action_table").dataTable({ ajax: { - url: `/case/task/action_responses/${task_id}`, + // url: `/case/tasks/${task_id}`, + url: `/case/tasks/action_responses/${task_id}`, contentType: "application/json", type: "GET", data: function (d) { @@ -329,7 +331,8 @@ function loadTableData(task_id) { function expandActionDiv(actionDetails, task_id, action_id) { - + debugger; +console.log(actionDetails); const collapsibleContent = $('#collapsibleContent'); const jsonEditorContainer = $('#jsoneditor'); @@ -351,7 +354,6 @@ window.jsonEditor = new JSONEditor(jsonEditorContainer[0], { show_errors: "change", form_name_root: " " }); - window.jsonEditor.on('ready', function () { if (actionDetails?.default) { window.jsonEditor.setValue(actionDetails.default); From c947d8e9ea18e32e910f72835f7a0b41495bbe3e Mon Sep 17 00:00:00 2001 From: AzharAli Date: Tue, 15 Apr 2025 12:38:25 +0500 Subject: [PATCH 74/80] fixed the case templates route issue Remove Trigger Id , Case Id and Created By from Case Triggers listing --- docker/nginx/nginx.conf | 4 +-- .../pages/case/templates/case_triggers.html | 6 ++--- .../manage/manage_case_templates_routes.py | 7 +++++- .../rest/manage/manage_cases_routes.py | 13 +++++++--- source/app/business/cases.py | 25 ++++++++++++++++--- ui/src/pages/case.triggers.js | 4 +-- 6 files changed, 43 insertions(+), 16 deletions(-) diff --git a/docker/nginx/nginx.conf b/docker/nginx/nginx.conf index 9e2aa4a1c..800e2b2e6 100644 --- a/docker/nginx/nginx.conf +++ b/docker/nginx/nginx.conf @@ -26,8 +26,8 @@ events { http { map $request_uri $csp_header { - default "default-src 'self' https://analytics.dfir-iris.org https://cdn.jsdelivr.net https://jsoncrack.com; - script-src 'self' 'unsafe-inline' https://analytics.dfir-iris.org https://cdn.jsdelivr.net; + default "default-src 'self' https://analytics.dfir-iris.org https://cdn.jsdelivr.net https://jsoncrack.com https://stackpath.bootstrapcdn.com; + script-src 'self' 'unsafe-inline' https://analytics.dfir-iris.org https://cdn.jsdelivr.net https://stackpath.bootstrapcdn.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net; img-src 'self' data:; frame-src 'self' https://jsoncrack.com;"; diff --git a/source/app/blueprints/pages/case/templates/case_triggers.html b/source/app/blueprints/pages/case/templates/case_triggers.html index fe68ef726..d837bf972 100644 --- a/source/app/blueprints/pages/case/templates/case_triggers.html +++ b/source/app/blueprints/pages/case/templates/case_triggers.html @@ -34,11 +34,11 @@

    Case Triggers

    ID - Trigger Id - Case Id + + Body Created At - Created By + diff --git a/source/app/blueprints/rest/manage/manage_case_templates_routes.py b/source/app/blueprints/rest/manage/manage_case_templates_routes.py index 681a6307a..121d31c64 100644 --- a/source/app/blueprints/rest/manage/manage_case_templates_routes.py +++ b/source/app/blueprints/rest/manage/manage_case_templates_routes.py @@ -19,6 +19,9 @@ import json from flask import Blueprint from flask import request +from flask import redirect +from flask import url_for +from flask import render_template from flask_login import current_user from marshmallow import ValidationError @@ -55,7 +58,7 @@ def list_case_templates(): @manage_case_templates_rest_blueprint.route('/manage/case-templates//modal', methods=['GET']) @ac_api_requires(Permissions.case_templates_read) -def case_template_modal(cur_id, caseid, url_redir): +def case_template_modal(cur_id): """Get a case template Args: @@ -64,6 +67,8 @@ def case_template_modal(cur_id, caseid, url_redir): Returns: HTML Template: Case template modal """ + caseid = request.args.get('caseid') + url_redir = request.args.get('url_redir') if url_redir: return redirect(url_for('manage_case_templates.manage_case_templates', cid=caseid)) diff --git a/source/app/blueprints/rest/manage/manage_cases_routes.py b/source/app/blueprints/rest/manage/manage_cases_routes.py index 41d6ec12e..b31814492 100644 --- a/source/app/blueprints/rest/manage/manage_cases_routes.py +++ b/source/app/blueprints/rest/manage/manage_cases_routes.py @@ -269,7 +269,7 @@ def api_add_case(): if not case_template_id: raise BusinessProcessingError("Missing 'case_template_id' in request.") - case = cases_create(request.get_json()) + case = cases_create(request_data) # You can use request_data directly case_id = case.case_id # Retrieve the case_id of the created case # Get triggers for the case_template_id @@ -279,14 +279,19 @@ def api_add_case(): raise BusinessProcessingError("No triggers found for the provided case_template_id.") # Function to execute a trigger in a new thread with app context - def execute_trigger_with_context(trigger, app): - with app.app_context(): + def execute_trigger_with_context(trigger): + # Make sure each thread runs within the Flask app context + with current_app.app_context(): + print(f"Trigger executed for case: {trigger}") execute_and_save_trigger(trigger, case_id) + # Start a new thread for each trigger for trigger in triggers: - thread = Thread(target=execute_trigger_with_context, args=(trigger, current_app._get_current_object())) + thread = Thread(target=execute_trigger_with_context, args=(trigger,)) thread.start() + return response_success('Case created', data=case_schema.dump(case)) + except BusinessProcessingError as e: return response_error(e.get_message(), data=e.get_data()) diff --git a/source/app/business/cases.py b/source/app/business/cases.py index a48bfecdf..003d2435b 100644 --- a/source/app/business/cases.py +++ b/source/app/business/cases.py @@ -19,9 +19,10 @@ import datetime import logging as log import traceback +from threading import Thread from flask_login import current_user - +from flask import jsonify, current_app, g from marshmallow.exceptions import ValidationError from app import app @@ -41,11 +42,11 @@ from app.datamgmt.case.case_db import register_case_protagonists from app.datamgmt.case.case_db import get_review_id_from_name from app.datamgmt.alerts.alerts_db import get_alert_status_by_name -from app.datamgmt.manage.manage_case_templates_db import case_template_pre_modifier +from app.datamgmt.manage.manage_case_templates_db import case_template_pre_modifier, get_triggers_by_case_template_id from app.datamgmt.manage.manage_case_templates_db import case_template_post_modifier from app.datamgmt.manage.manage_access_control_db import user_has_client_access from app.datamgmt.manage.manage_case_state_db import get_case_state_by_name -from app.datamgmt.manage.manage_cases_db import delete_case +from app.datamgmt.manage.manage_cases_db import delete_case, execute_and_save_trigger from app.datamgmt.manage.manage_cases_db import reopen_case from app.datamgmt.manage.manage_cases_db import map_alert_resolution_to_case_status from app.datamgmt.manage.manage_cases_db import close_case @@ -111,7 +112,23 @@ def cases_create(request_data): add_obj_history_entry(case, 'created') track_activity(f'new case "{case.name}" created', caseid=case.case_id, ctx_less=False) - + # Get triggers for the case_template_id + triggers = get_triggers_by_case_template_id(case_template_id) + + if not triggers: + raise BusinessProcessingError("No triggers found for the provided case_template_id.") + + # Function to execute a trigger in a new thread with app context + def execute_trigger_with_context(trigger): + # Make sure each thread runs within the Flask app context + with app.app_context(): + print(f"Trigger executed for case: {trigger}") + execute_and_save_trigger(trigger, case.case_id) + + # Start a new thread for each trigger + for trigger in triggers: + thread = Thread(target=execute_trigger_with_context, args=(trigger,)) + thread.start() return case diff --git a/ui/src/pages/case.triggers.js b/ui/src/pages/case.triggers.js index e579ae9da..4f63d95e6 100644 --- a/ui/src/pages/case.triggers.js +++ b/ui/src/pages/case.triggers.js @@ -63,8 +63,8 @@ document.addEventListener("DOMContentLoaded", () => { autoWidth: false, columns: [ { data: "id" }, - { data: "trigger" }, - { data: "case" }, + // { data: "trigger" }, + // { data: "case" }, { data: "body", render: function (data, type, row) { From 018dfbc2dafe647eb2ca261ba5a6c63bd6fd02ad Mon Sep 17 00:00:00 2001 From: AzharAli Date: Tue, 15 Apr 2025 13:52:40 +0500 Subject: [PATCH 75/80] Case template updated json --- .../manage/manage_case_templates_routes.py | 25 +++++++++++++++++-- 1 file changed, 23 insertions(+), 2 deletions(-) diff --git a/source/app/blueprints/pages/manage/manage_case_templates_routes.py b/source/app/blueprints/pages/manage/manage_case_templates_routes.py index 12af3d3d1..3880ac28e 100644 --- a/source/app/blueprints/pages/manage/manage_case_templates_routes.py +++ b/source/app/blueprints/pages/manage/manage_case_templates_routes.py @@ -100,12 +100,24 @@ def add_template_modal(caseid, url_redir): "classification": "known-template-classification", "title_prefix": "[PREFIX]", "summary": "Summary to be set", - "tags": ["ransomware", "malware"], + "tags": [ + "ransomware", + "malware" + ], "tasks": [ { "title": "Task 1", "description": "Task 1 description", - "tags": ["tag1", "tag2"] + "tags": [ + "tag1", + "tag2" + ], + "actions": [ + { + "webhook_id": "Webhook Id", + "display_name": "Action Name" + } + ] } ], "note_directories": [ @@ -118,7 +130,16 @@ def add_template_modal(caseid, url_redir): } ] } + ], + "triggers": [ + { + "webhook_id": "Webhook Id", + "display_name": "Trigger Name", + "input_params": { + } + } ] + } return render_template("modal_case_template.html", form=form, case_template=case_template) From a85c532f60ea24225ce4e357f82e3a119b97d53d Mon Sep 17 00:00:00 2001 From: AzharAli Date: Fri, 9 May 2025 12:56:33 +0500 Subject: [PATCH 76/80] CodeRabbitAI PR fixes during merge --- source/app/blueprints/case/case_routes.py | 2 +- source/app/blueprints/case/case_tasks_routes.py | 8 ++++---- .../app/blueprints/pages/case/templates/case_tasks.html | 4 +--- source/app/blueprints/rest/api_routes.py | 3 +-- source/app/blueprints/rest/case/case_tasks_routes.py | 6 +----- source/app/datamgmt/manage/manage_case_templates_db.py | 5 +---- source/app/models/authorization.py | 7 +++++-- source/requirements.txt | 4 ++-- 8 files changed, 16 insertions(+), 23 deletions(-) diff --git a/source/app/blueprints/case/case_routes.py b/source/app/blueprints/case/case_routes.py index e349713b9..b3041df22 100644 --- a/source/app/blueprints/case/case_routes.py +++ b/source/app/blueprints/case/case_routes.py @@ -170,7 +170,7 @@ def socket_summary_onsave(data): @socket_io.on('clear_buffer') @ac_socket_requires(CaseAccessLevel.full_access) -def socket_summary_onchange(message): +def socket_summary_clear_buffer(message): emit('clear_buffer', message) diff --git a/source/app/blueprints/case/case_tasks_routes.py b/source/app/blueprints/case/case_tasks_routes.py index b9c91b824..a8b4de845 100644 --- a/source/app/blueprints/case/case_tasks_routes.py +++ b/source/app/blueprints/case/case_tasks_routes.py @@ -204,7 +204,7 @@ def case_add_task(caseid): @case_tasks_blueprint.route('/case/tasks/', methods=['GET']) @ac_api_case_requires(CaseAccessLevel.read_only, CaseAccessLevel.full_access) def case_task_view(cur_id, caseid): - task = get_task_with_assignees(task_id=cur_id, case_id=caseid) + task = get_tasks_with_assignees(caseid) if not task: return response_error("Invalid task ID for this case") @@ -221,7 +221,7 @@ def case_task_view_modal(cur_id, caseid, url_redir): form = CaseTaskForm() - task = get_task_with_assignees(task_id=cur_id, case_id=caseid) + task = get_tasks_with_assignees(caseid) form.task_status_id.choices = [(a.id, a.status_name) for a in get_tasks_status()] form.task_assignees_id.choices = [] @@ -277,7 +277,7 @@ def case_task_action_response_by_id(cur_id): @ac_api_case_requires(CaseAccessLevel.full_access) def case_edit_task(cur_id, caseid): try: - task = get_task_with_assignees(task_id=cur_id, case_id=caseid) + task = get_tasks_with_assignees(caseid) if not task: return response_error("Invalid task ID for this case") @@ -320,7 +320,7 @@ def case_edit_task(cur_id, caseid): @ac_api_case_requires(CaseAccessLevel.full_access) def case_delete_task(cur_id, caseid): call_modules_hook('on_preload_task_delete', data=cur_id, caseid=caseid) - task = get_task_with_assignees(task_id=cur_id, case_id=caseid) + task = get_tasks_with_assignees(caseid) if not task: return response_error("Invalid task ID for this case") diff --git a/source/app/blueprints/pages/case/templates/case_tasks.html b/source/app/blueprints/pages/case/templates/case_tasks.html index 92a655ed3..07ddf9941 100644 --- a/source/app/blueprints/pages/case/templates/case_tasks.html +++ b/source/app/blueprints/pages/case/templates/case_tasks.html @@ -101,9 +101,7 @@ {% block javascripts %} {% include 'includes/footer_case.html' %} diff --git a/source/app/blueprints/rest/api_routes.py b/source/app/blueprints/rest/api_routes.py index 9e567ad0d..0f08f868d 100644 --- a/source/app/blueprints/rest/api_routes.py +++ b/source/app/blueprints/rest/api_routes.py @@ -25,8 +25,7 @@ rest_api_blueprint = Blueprint('rest_api', __name__) -@rest_api_blueprint.route('/api/ping', methods=['GET']) -# CONTENT ------------------------------------------------ + @rest_api_blueprint.route('/api/ping', methods=['GET']) @ac_api_requires() def api_ping(): diff --git a/source/app/blueprints/rest/case/case_tasks_routes.py b/source/app/blueprints/rest/case/case_tasks_routes.py index 0f3ffe015..dc817ba88 100644 --- a/source/app/blueprints/rest/case/case_tasks_routes.py +++ b/source/app/blueprints/rest/case/case_tasks_routes.py @@ -291,17 +291,13 @@ def save_data(): task_id = data.get('task_id') action_id = data.get('action_id') - if not payload or not task_id or not action_id: + if not payload or task_id is None or action_id is None: raise KeyError("Missing one or more required keys: 'payload', 'task_id', 'action_id'") action_response = execute_and_save_action(payload, task_id, action_id) return response_success("ac_requires_case_identifier", action_response) except KeyError as e: return response_error(f"Missing key: {e}") - # except ValueError as e: - # return jsonify({"status": "error", "message": str(e)}), 400 - # except Exception as e: - # return jsonify({"status": "error", "message": str(e)}) @case_tasks_rest_blueprint.route('/case/tasks/action_response/', methods=['GET']) def case_task_action_response_by_id(task_id): diff --git a/source/app/datamgmt/manage/manage_case_templates_db.py b/source/app/datamgmt/manage/manage_case_templates_db.py index 1ed6bfae2..9dd692075 100644 --- a/source/app/datamgmt/manage/manage_case_templates_db.py +++ b/source/app/datamgmt/manage/manage_case_templates_db.py @@ -414,10 +414,7 @@ def get_action_by_case_template_id_and_task_id(case_template_id, task_id, caseid actions = [] for task in case_template.tasks: - - if case_task.task_title == task["title"]: - if 'actions' in task: - + if case_task.task_title == task["title"] and "actions" in task: for action in task['actions']: actions.append(dict(action)) diff --git a/source/app/models/authorization.py b/source/app/models/authorization.py index 04b6669de..0cf5f55f5 100644 --- a/source/app/models/authorization.py +++ b/source/app/models/authorization.py @@ -61,8 +61,11 @@ class Permissions(enum.Enum): case_templates_read = 0x100 case_templates_write = 0x200 - webhooks_read = 0x100 - webhooks_write = 0x200 + # webhooks_read = 0x100 + # webhooks_write = 0x200 + + webhooks_read = 0x1000 + webhooks_write = 0x2000 activities_read = 0x400 all_activities_read = 0x800 diff --git a/source/requirements.txt b/source/requirements.txt index df724b8cf..9077f8e0c 100644 --- a/source/requirements.txt +++ b/source/requirements.txt @@ -37,11 +37,11 @@ graphene==3.3 qrcode[pil]==7.4.2 dictdiffer==0.2.0 oic==1.7.0 -Debugpy +debugpy==1.8.14 # unfortunately we are relying on a beta version here. I hope a definitive version gets released soon graphql-server[flask]==3.0.0b7 graphene-sqlalchemy==3.0.0rc1 -Debugpy + dependencies/docx_generator-0.8.0-py3-none-any.whl dependencies/iris_interface-1.2.0-py3-none-any.whl From cd0599c6b44097224d5d1013ec6c4e7ef502373f Mon Sep 17 00:00:00 2001 From: AzharAli Date: Fri, 9 May 2025 19:21:54 +0500 Subject: [PATCH 77/80] Unexpected keyword arguments in function call fix for get_task --- source/app/blueprints/case/case_tasks_routes.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/source/app/blueprints/case/case_tasks_routes.py b/source/app/blueprints/case/case_tasks_routes.py index a8b4de845..43d66ca68 100644 --- a/source/app/blueprints/case/case_tasks_routes.py +++ b/source/app/blueprints/case/case_tasks_routes.py @@ -137,7 +137,7 @@ def case_get_tasks_state(caseid): @case_tasks_blueprint.route('/case/tasks/status/update/', methods=['POST']) @ac_api_case_requires(CaseAccessLevel.full_access) def case_task_statusupdate(cur_id, caseid): - task = get_task(task_id=cur_id, caseid=caseid) + task = get_task(task_id=cur_id) if not task: return response_error("Invalid task ID for this case") @@ -341,7 +341,7 @@ def case_comment_task_modal(cur_id, caseid, url_redir): if url_redir: return redirect(url_for('case_task.case_task', cid=caseid, redirect=True)) - task = get_task(cur_id, caseid=caseid) + task = get_task(cur_id) if not task: return response_error('Invalid task ID') @@ -365,7 +365,7 @@ def case_comment_task_list(cur_id, caseid): def case_comment_task_add(cur_id, caseid): try: - task = get_task(cur_id, caseid=caseid) + task = get_task(cur_id) if not task: return response_error('Invalid task ID') From 88d0686a633c50b47df574e0159daa14a962bfc7 Mon Sep 17 00:00:00 2001 From: AzharAli Date: Tue, 13 May 2025 19:58:27 +0500 Subject: [PATCH 78/80] PR further major/minor issue fixes --- source/app/blueprints/case/case_routes.py | 11 +++-- .../app/blueprints/case/case_tasks_routes.py | 22 ++++----- .../app/blueprints/pages/case/case_routes.py | 2 +- .../pages/manage/manage_webhooks_routes.py | 5 +- .../blueprints/rest/case/case_tasks_routes.py | 4 +- .../rest/manage/manage_cases_routes.py | 10 +--- .../manage/manage_case_response_db.py | 13 ++--- .../manage/manage_case_templates_db.py | 3 +- source/app/datamgmt/manage/manage_cases_db.py | 26 +++++----- .../manage/manage_task_response_db.py | 12 ++--- .../app/datamgmt/manage/manage_webhooks_db.py | 18 +++---- source/app/models/authorization.py | 3 -- source/app/models/cases.py | 2 +- source/app/models/models.py | 48 +++++++++---------- source/app/post_init.py | 5 +- source/app/schema/marshables.py | 7 +-- 16 files changed, 80 insertions(+), 111 deletions(-) diff --git a/source/app/blueprints/case/case_routes.py b/source/app/blueprints/case/case_routes.py index b3041df22..3bf8a0dc0 100644 --- a/source/app/blueprints/case/case_routes.py +++ b/source/app/blueprints/case/case_routes.py @@ -108,7 +108,7 @@ def case_r(caseid, url_redir): reports = [row for row in reports] reports_act = get_activities_report_template() - reports_act = [row for row in reports_act] + reports_act = list(reports_act) #[row for row in reports_act] if not case: return render_template('select_case.html') @@ -126,8 +126,7 @@ def case_exists_r(caseid): if case_exists(caseid): return response_success('Case exists') - else: - return response_error('Case does not exist', 404) + return response_error('Case does not exist', 404) @case_blueprint.route('/case/pipelines-modal', methods=['GET']) @@ -383,7 +382,9 @@ def case_update_status(caseid): return response_error('Invalid case ID') status = request.get_json().get('status_id') - case_status = set(item.value for item in CaseStatus) + case_status = {item.value for item in CaseStatus} + + # case_status = set(item.value for item in CaseStatus) try: status = int(status) @@ -423,7 +424,7 @@ def case_review(caseid): if action == 'start': review_name = ReviewStatusList.review_in_progress - elif action == 'cancel' or action == 'request': + elif action in ["cancel", "request"]: review_name = ReviewStatusList.pending_review elif action == 'no_review': review_name = ReviewStatusList.no_review_required diff --git a/source/app/blueprints/case/case_tasks_routes.py b/source/app/blueprints/case/case_tasks_routes.py index 43d66ca68..4fcc32ed4 100644 --- a/source/app/blueprints/case/case_tasks_routes.py +++ b/source/app/blueprints/case/case_tasks_routes.py @@ -15,7 +15,7 @@ # You should have received a copy of the GNU Lesser General Public License # along with this program; if not, write to the Free Software Foundation, # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - +import traceback # IMPORTS ------------------------------------------------ from datetime import datetime import json @@ -31,7 +31,6 @@ from app import db from app.blueprints.rest.case_comments import case_comment_update -# from app.blueprints.case.case_comments import case_comment_update from app.datamgmt.case.case_db import get_case from app.datamgmt.case.case_tasks_db import add_comment_to_task from app.datamgmt.case.case_tasks_db import add_task @@ -41,7 +40,6 @@ from app.datamgmt.case.case_tasks_db import get_case_task_comments from app.datamgmt.case.case_tasks_db import get_case_tasks_comments_count from app.datamgmt.case.case_tasks_db import get_task -# from app.datamgmt.case.case_tasks_db import get_task_with_assignees from app.datamgmt.case.case_tasks_db import get_tasks_status from app.datamgmt.case.case_tasks_db import get_tasks_with_assignees from app.datamgmt.case.case_tasks_db import update_task_assignees @@ -52,7 +50,7 @@ from app.forms import CaseTaskForm from app.iris_engine.module_handler.module_handler import call_modules_hook from app.iris_engine.utils.tracker import track_activity -from app.models.authorization import CaseAccessLevel, Permissions +from app.models.authorization import CaseAccessLevel from app.models.authorization import User from app.models.models import CaseTasks from app.schema.marshables import CaseTaskSchema @@ -131,8 +129,7 @@ def case_get_tasks_state(caseid): os = get_tasks_state(caseid=caseid) if os: return response_success(data=os) - else: - return response_error('No tasks state for this case.') + return response_error('No tasks state for this case.') @case_tasks_blueprint.route('/case/tasks/status/update/', methods=['POST']) @ac_api_case_requires(CaseAccessLevel.full_access) @@ -147,11 +144,9 @@ def case_task_statusupdate(cur_id, caseid): task_schema = CaseTaskSchema() return response_success("Task status updated", data=task_schema.dump(task)) - else: - return response_error("Invalid status") - else: - return response_error("Invalid request") + return response_error("Invalid status") + return response_error("Invalid request") @case_tasks_blueprint.route('/case/tasks/add/modal', methods=['GET']) @@ -233,7 +228,7 @@ def case_task_view_modal(cur_id, caseid, url_redir): user_name, = User.query.with_entities(User.name).filter(User.id == task.task_userid_update).first() comments_map = get_case_tasks_comments_count([task.id]) taskActionResponses = get_task_responses_list(task.id) - # Serialize datetime objects for rendering + # Serialize datetime objects for rendering return render_template("modal_add_case_task.html", form=form, task=task, user_name=user_name, comments_map=comments_map, attributes=task.custom_attributes ,taskActionResponses=taskActionResponses) @@ -252,7 +247,7 @@ def case_task_action_response(cur_id): if taskActionResponse.get('body'): try: taskActionResponse['body'] = json.dumps(taskActionResponse['body']) - except (TypeError, ValueError) as e: + except (TypeError, ValueError): taskActionResponse['body'] = str(taskActionResponse['body']) return jsonify({"success": True, "data": taskActionResponses}) # Properly return as JSON @@ -267,8 +262,7 @@ def case_task_action_response_by_id(cur_id): if action_response: return response_success("Task action response fetched successfully", data=action_response) - else: - return response_error("No action response found for this task", 404) + return response_error("No action response found for this task", 404) diff --git a/source/app/blueprints/pages/case/case_routes.py b/source/app/blueprints/pages/case/case_routes.py index 4c4b1f051..b4213bbcc 100644 --- a/source/app/blueprints/pages/case/case_routes.py +++ b/source/app/blueprints/pages/case/case_routes.py @@ -61,7 +61,7 @@ def case_r(caseid, url_redir): reports = [row for row in reports] reports_act = get_activities_report_template() - reports_act = [row for row in reports_act] + reports_act = list(reports_act)#[row for row in reports_act] if not case: return render_template('select_case.html') diff --git a/source/app/blueprints/pages/manage/manage_webhooks_routes.py b/source/app/blueprints/pages/manage/manage_webhooks_routes.py index 0eb3b0035..73ef03d5f 100644 --- a/source/app/blueprints/pages/manage/manage_webhooks_routes.py +++ b/source/app/blueprints/pages/manage/manage_webhooks_routes.py @@ -50,7 +50,6 @@ def list_webhooks(): Returns: Response: List of webhooks """ - case_id = request.args.get("cid") # Use 'cid' since it's coming from query parameters webhooks = get_webhooks_list() # Return the attributes @@ -64,9 +63,7 @@ def list_webhooks_by_case_template_id(cur_id, task_id): Returns: Response: List of webhooks by case template id """ - - caseid = request.args.get('cid') - webhooks = get_action_by_case_template_id_and_task_id(cur_id, task_id, caseid) + webhooks = get_action_by_case_template_id_and_task_id(cur_id, task_id) # Return the attributes return response_success("",data = webhooks) diff --git a/source/app/blueprints/rest/case/case_tasks_routes.py b/source/app/blueprints/rest/case/case_tasks_routes.py index dc817ba88..d587a28fd 100644 --- a/source/app/blueprints/rest/case/case_tasks_routes.py +++ b/source/app/blueprints/rest/case/case_tasks_routes.py @@ -305,5 +305,5 @@ def case_task_action_response_by_id(task_id): if action_response: return response_success("Task action response fetched successfully", data=action_response) - else: - return response_error("No action response found for this task", 404) \ No newline at end of file + + return response_error("No action response found for this task", 404) \ No newline at end of file diff --git a/source/app/blueprints/rest/manage/manage_cases_routes.py b/source/app/blueprints/rest/manage/manage_cases_routes.py index b31814492..b7fdb312d 100644 --- a/source/app/blueprints/rest/manage/manage_cases_routes.py +++ b/source/app/blueprints/rest/manage/manage_cases_routes.py @@ -38,23 +38,15 @@ from app.blueprints.rest.endpoints import endpoint_deprecated from app.datamgmt.alerts.alerts_db import get_alert_status_by_name from app.datamgmt.case.case_db import get_case -from app.datamgmt.client.client_db import get_client_list from app.datamgmt.iris_engine.modules_db import get_pipelines_args_from_name from app.datamgmt.iris_engine.modules_db import iris_module_exists -from app.datamgmt.manage.manage_attribute_db import get_default_custom_attributes -from app.datamgmt.manage.manage_case_classifications_db import get_case_classifications_list -from app.datamgmt.manage.manage_case_state_db import get_case_states_list -from app.datamgmt.manage.manage_case_templates_db import get_case_templates_list, get_triggers_by_case_template_id +from app.datamgmt.manage.manage_case_templates_db import get_triggers_by_case_template_id from app.datamgmt.manage.manage_cases_db import execute_and_save_trigger, get_filtered_cases from app.datamgmt.manage.manage_cases_db import close_case, map_alert_resolution_to_case_status from app.datamgmt.manage.manage_cases_db import get_case_details_rt -from app.datamgmt.manage.manage_cases_db import get_case_protagonists from app.datamgmt.manage.manage_cases_db import list_cases_dict from app.datamgmt.manage.manage_cases_db import reopen_case -from app.datamgmt.manage.manage_common import get_severities_list -from app.forms import AddCaseForm from app.iris_engine.access_control.utils import ac_fast_check_current_user_has_case_access -from app.iris_engine.access_control.utils import ac_current_user_has_permission from app.iris_engine.module_handler.module_handler import call_modules_hook from app.iris_engine.module_handler.module_handler import configure_module_on_init from app.iris_engine.module_handler.module_handler import instantiate_module_from_name diff --git a/source/app/datamgmt/manage/manage_case_response_db.py b/source/app/datamgmt/manage/manage_case_response_db.py index d40e7e9a3..18a1b7260 100644 --- a/source/app/datamgmt/manage/manage_case_response_db.py +++ b/source/app/datamgmt/manage/manage_case_response_db.py @@ -14,14 +14,9 @@ # You should have received a copy of the GNU Lesser General Public License # along with this program; if not, write to the Free Software Foundation, # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - -from datetime import datetime -from typing import List, Optional, Union - -from app import db +from typing import List, Optional from app.models.models import CaseResponse from app.models.authorization import User -from app.schema.marshables import CaseResponseSchema def get_case_responses_list_by_case_id(case_id: int) -> List[dict]: @@ -90,9 +85,9 @@ def validate_case_response(data: dict, update: bool = False) -> Optional[str]: return "Action must be an integer." # Validate the body field if provided - if "body" in data: - if not isinstance(data["body"], dict): - return "Body must be a dictionary." + if "body" in data and not isinstance(data["body"], dict): + # if not isinstance(data["body"], dict): + return "Body must be a dictionary." # If all validations pass, return None return None diff --git a/source/app/datamgmt/manage/manage_case_templates_db.py b/source/app/datamgmt/manage/manage_case_templates_db.py index 9dd692075..3ae4084f1 100644 --- a/source/app/datamgmt/manage/manage_case_templates_db.py +++ b/source/app/datamgmt/manage/manage_case_templates_db.py @@ -15,7 +15,6 @@ # along with this program; if not, write to the Free Software Foundation, # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. import marshmallow -import requests import jsonschema from datetime import datetime from typing import List, Optional, Union @@ -397,7 +396,7 @@ def get_triggers_by_case_template_id(case_template_id) -> CaseTemplate: return case_template.triggers or [] -def get_action_by_case_template_id_and_task_id(case_template_id, task_id, caseid) -> list: +def get_action_by_case_template_id_and_task_id(case_template_id, task_id) -> list: """ Retrieves the actions array for a given case_template_id and task_id. diff --git a/source/app/datamgmt/manage/manage_cases_db.py b/source/app/datamgmt/manage/manage_cases_db.py index 7403eb76b..8c9ef0df0 100644 --- a/source/app/datamgmt/manage/manage_cases_db.py +++ b/source/app/datamgmt/manage/manage_cases_db.py @@ -20,7 +20,7 @@ from datetime import timedelta from pathlib import Path import requests -from sqlalchemy import and_, desc, asc +from sqlalchemy import and_ from sqlalchemy.orm import aliased from functools import reduce @@ -563,7 +563,7 @@ def execute_and_save_trigger(trigger, case_id): raise ValueError(f"Trigger execution failed: URL is missing in webhook with id {webhook_id}.") # Execute the webhook request - response = requests.post(url, json=trigger , verify=False) + response = requests.post(url, json=trigger , verify=False) #nosec print(f"Webhook Response Status Code: {response.status_code}") # Log response status # Check response status @@ -571,11 +571,11 @@ def execute_and_save_trigger(trigger, case_id): results = response.json() save_results(results, case_id, webhook_id) # Assuming save_results is implemented to handle the output return f"Trigger executed successfully and saved for webhook_id {webhook_id}." - else: - raise ValueError( - f"Trigger execution failed: Webhook request returned status {response.status_code}, " - f"response: {response.text}" - ) + + raise ValueError( + f"Trigger execution failed: Webhook request returned status {response.status_code}, " + f"response: {response.text}" + ) except Exception as e: print(f"Error in execute_and_save_trigger: {str(e)}") # Log the error @@ -626,7 +626,7 @@ def execute_and_save_action(action, task_id, action_id): raise ValueError(f"Action execution failed: URL is missing in webhook with id {webhook_id}.") # Execute the webhook request - response = requests.post(url, json=action, verify=False) + response = requests.post(url, json=action, verify=False) #nosec print(f"Webhook Response Status Code: {response.status_code}") # Validate and process the response @@ -647,11 +647,11 @@ def execute_and_save_action(action, task_id, action_id): return results else: raise ValueError("Webhook response is not in JSON format.") - else: - raise ValueError( - f"Action execution failed: Webhook request returned status {response.status_code}, " - f"response: {response.text}" - ) + + raise ValueError( + f"Action execution failed: Webhook request returned status {response.status_code}, " + f"response: {response.text}" + ) except Exception as e: print(f"Error in execute_and_save_action: {str(e)}") diff --git a/source/app/datamgmt/manage/manage_task_response_db.py b/source/app/datamgmt/manage/manage_task_response_db.py index e62d05e83..c91f2dbf8 100644 --- a/source/app/datamgmt/manage/manage_task_response_db.py +++ b/source/app/datamgmt/manage/manage_task_response_db.py @@ -14,14 +14,10 @@ # You should have received a copy of the GNU Lesser General Public License # along with this program; if not, write to the Free Software Foundation, # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +from typing import List, Optional -from datetime import datetime -from typing import List, Optional, Union - -from app import db from app.models.models import TaskResponse from app.models.authorization import User -from app.schema.marshables import TaskResponseSchema def get_task_responses_list(task_id: int) -> List[dict]: @@ -86,9 +82,9 @@ def validate_task_response(data: dict, update: bool = False) -> Optional[str]: return "Action must be an integer." # Validate the body field if provided - if "body" in data: - if not isinstance(data["body"], dict): - return "Body must be a dictionary." + if "body" in data and not isinstance(data["body"], dict): + # if not isinstance(data["body"], dict): + return "Body must be a dictionary." # If all validations pass, return None return None diff --git a/source/app/datamgmt/manage/manage_webhooks_db.py b/source/app/datamgmt/manage/manage_webhooks_db.py index 188ba9934..dc37544f3 100644 --- a/source/app/datamgmt/manage/manage_webhooks_db.py +++ b/source/app/datamgmt/manage/manage_webhooks_db.py @@ -15,9 +15,12 @@ # along with this program; if not, write to the Free Software Foundation, # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. import marshmallow +import json import jsonschema from datetime import datetime -from typing import List, Union +from typing import List, Union, Optional + + from app import db from app.datamgmt.case.case_tasks_db import add_task @@ -77,19 +80,12 @@ def delete_webhook_by_id(webhook_id: int): Webhook.query.filter_by(id=webhook_id).delete() -import jsonschema -from typing import Optional - -import json -import jsonschema -from typing import Optional - def validate_webhook(data: dict, update: bool = False) -> Optional[str]: try: # Check for the 'name' field - if not update: - if "name" not in data: - return "

    Error: The 'name' field is required.

    " + if not update and "name" not in data: + # if "name" not in data: + return "

    Error: The 'name' field is required.

    " if "name" in data and not data["name"].strip(): return "

    Error: The 'name' field cannot be empty.

    " diff --git a/source/app/models/authorization.py b/source/app/models/authorization.py index 0cf5f55f5..52955fd53 100644 --- a/source/app/models/authorization.py +++ b/source/app/models/authorization.py @@ -61,9 +61,6 @@ class Permissions(enum.Enum): case_templates_read = 0x100 case_templates_write = 0x200 - # webhooks_read = 0x100 - # webhooks_write = 0x200 - webhooks_read = 0x1000 webhooks_write = 0x2000 diff --git a/source/app/models/cases.py b/source/app/models/cases.py index 3c99b2a84..467459e5e 100644 --- a/source/app/models/cases.py +++ b/source/app/models/cases.py @@ -20,7 +20,7 @@ from datetime import datetime from flask_login import current_user # IMPORTS ------------------------------------------------ -from sqlalchemy import BigInteger, Table, CheckConstraint +from sqlalchemy import BigInteger, CheckConstraint from sqlalchemy import Boolean from sqlalchemy import Column from sqlalchemy import Date diff --git a/source/app/models/models.py b/source/app/models/models.py index 9dcd286be..7dba4710e 100644 --- a/source/app/models/models.py +++ b/source/app/models/models.py @@ -79,11 +79,11 @@ def create_safe(session, model, **kwargs): instance = session.query(model).filter_by(**kwargs).first() if instance: return False - else: - instance = model(**kwargs) - session.add(instance) - session.commit() - return True + + instance = model(**kwargs) + session.add(instance) + session.commit() + return True def create_safe_limited(session, model, keywords_list, **kwargs): @@ -95,11 +95,11 @@ def create_safe_limited(session, model, keywords_list, **kwargs): instance = session.query(model).filter_by(**kwargs).first() if instance: return False - else: - instance = model(**kwargs) - session.add(instance) - session.commit() - return True + + instance = model(**kwargs) + session.add(instance) + session.commit() + return True def get_by_value_or_create(session, model, fieldname, **kwargs): @@ -107,22 +107,22 @@ def get_by_value_or_create(session, model, fieldname, **kwargs): instance = session.query(model).filter_by(**select_value).first() if instance: return instance - else: - instance = model(**kwargs) - session.add(instance) - session.commit() - return instance + + instance = model(**kwargs) + session.add(instance) + session.commit() + return instance def get_or_create(session, model, **kwargs): instance = session.query(model).filter_by(**kwargs).first() if instance: return instance - else: - instance = model(**kwargs) - session.add(instance) - session.commit() - return instance + + instance = model(**kwargs) + session.add(instance) + session.commit() + return instance class Client(db.Model): @@ -755,10 +755,10 @@ def save(self): existing_tag = self.get_by_title(self.tag_title) if existing_tag is not None: return existing_tag - else: - db.session.add(self) - db.session.commit() - return self + + db.session.add(self) + db.session.commit() + return self @classmethod def get_by_title(cls, tag_title): diff --git a/source/app/post_init.py b/source/app/post_init.py index 5395e1095..e1d381142 100644 --- a/source/app/post_init.py +++ b/source/app/post_init.py @@ -16,6 +16,7 @@ # along with this program; if not, write to the Free Software Foundation, # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. import json +import sys from pathlib import Path @@ -109,7 +110,7 @@ def connect_to_database(host: str, port: int) -> bool: return False -def run_post_init(development=False): +def run_post_init(development=False): #disable PYL-W0613 """Runs post-initiation steps for the IRIS application. Args: @@ -134,7 +135,7 @@ def run_post_init(development=False): # If the connection is still not established, exit the script if not conn: log.info("Failed to connect to database after " + str(retry_count) + " attempts.") - exit(1) + sys.exit(1) # Setup database before everything log.info("Adding pgcrypto extension") diff --git a/source/app/schema/marshables.py b/source/app/schema/marshables.py index e9ae252fa..a4e240878 100644 --- a/source/app/schema/marshables.py +++ b/source/app/schema/marshables.py @@ -368,7 +368,8 @@ def verify_password(self, data: Dict[str, Any], **kwargs: Any) -> Dict[str, Any] if (password == '' or password is None) and data.get('user_id') != 0: # Update - data.pop('user_password') if 'user_password' in data else None + data.pop("user_password", None) + # data.pop('user_password') if 'user_password' in data else None else: password_error = "" @@ -851,7 +852,7 @@ class WebhookSchema(ma.Schema): url: Optional[str] = fields.String(allow_none=True, missing="") payload_schema: Optional[dict] = fields.Dict(allow_none=True, missing={}) - def validate_string_or_list(value: Union[str, List[str]]) -> Union[str, List[str]]: + def validate_string_or_list(self, value: Union[str, List[str]]) -> Union[str, List[str]]: """Validates that a value is a string or a list of strings. This method validates that a value is either a string or a list of strings. If the value is a list, it also @@ -875,7 +876,7 @@ def validate_string_or_list(value: Union[str, List[str]]) -> Union[str, List[str raise ValidationError('All items in list must be strings') return value - def validate_string_or_list_of_dict(value: Union[str, List[Dict[str, str]]]) -> Union[str, List[Dict[str, str]]]: + def validate_string_or_list_of_dict(self, value: Union[str, List[Dict[str, str]]]) -> Union[str, List[Dict[str, str]]]: """Validates that a value is a string or a list of dictionaries with string values. This method validates that a value is either a string or a list of dictionaries with string values. If the value From e1f50fd1f76d22d2ad89b72f84fba87887840583 Mon Sep 17 00:00:00 2001 From: AzharAli Date: Thu, 15 May 2025 09:05:21 +0500 Subject: [PATCH 79/80] PR all comments resolved --- ...7ace_add_case_template_id_to_case_model.py | 27 +++++++++++++++++++ source/app/blueprints/case/case_routes.py | 1 - .../app/blueprints/case/case_tasks_routes.py | 3 +-- .../pages/case/case_triggers_routes.py | 1 - .../pages/manage/manage_webhooks_routes.py | 6 ++--- .../manage/manage_case_templates_routes.py | 4 +-- source/app/business/cases.py | 3 +-- source/app/iris_engine/tasker/tasks.py | 1 - source/app/models/cases.py | 6 ++--- source/app/models/models.py | 11 +++----- 10 files changed, 39 insertions(+), 24 deletions(-) create mode 100644 source/app/alembic/versions/bf5eab0b7ace_add_case_template_id_to_case_model.py diff --git a/source/app/alembic/versions/bf5eab0b7ace_add_case_template_id_to_case_model.py b/source/app/alembic/versions/bf5eab0b7ace_add_case_template_id_to_case_model.py new file mode 100644 index 000000000..b855e1d87 --- /dev/null +++ b/source/app/alembic/versions/bf5eab0b7ace_add_case_template_id_to_case_model.py @@ -0,0 +1,27 @@ +"""Add case_template_id to Case model + +Revision ID: bf5eab0b7ace +Revises: d5a720d1b99b +Create Date: 2025-05-15 03:28:27.999462 + +""" +from alembic import op +import sqlalchemy as sa +from sqlalchemy import String +from app.alembic.alembic_utils import _table_has_column + +# revision identifiers, used by Alembic. +revision = 'bf5eab0b7ace' +down_revision = 'd5a720d1b99b' +branch_labels = None +depends_on = None + + +def upgrade(): + # Check if the column doesn't exist before adding it + if not _table_has_column('cases', 'case_template_id'): + op.add_column('cases', sa.Column('case_template_id', String(length=256), nullable=True)) + + +def downgrade(): + pass diff --git a/source/app/blueprints/case/case_routes.py b/source/app/blueprints/case/case_routes.py index 3bf8a0dc0..58410e910 100644 --- a/source/app/blueprints/case/case_routes.py +++ b/source/app/blueprints/case/case_routes.py @@ -18,7 +18,6 @@ import binascii import marshmallow -# IMPORTS ------------------------------------------------ import traceback from flask import Blueprint from flask import redirect diff --git a/source/app/blueprints/case/case_tasks_routes.py b/source/app/blueprints/case/case_tasks_routes.py index 4fcc32ed4..24d0645a5 100644 --- a/source/app/blueprints/case/case_tasks_routes.py +++ b/source/app/blueprints/case/case_tasks_routes.py @@ -15,8 +15,7 @@ # You should have received a copy of the GNU Lesser General Public License # along with this program; if not, write to the Free Software Foundation, # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. -import traceback -# IMPORTS ------------------------------------------------ + from datetime import datetime import json diff --git a/source/app/blueprints/pages/case/case_triggers_routes.py b/source/app/blueprints/pages/case/case_triggers_routes.py index 15df335e9..6b25382f6 100644 --- a/source/app/blueprints/pages/case/case_triggers_routes.py +++ b/source/app/blueprints/pages/case/case_triggers_routes.py @@ -1,4 +1,3 @@ -# IMPORTS ------------------------------------------------ from flask import Blueprint, jsonify, request, redirect, render_template, url_for import json from flask_wtf import FlaskForm diff --git a/source/app/blueprints/pages/manage/manage_webhooks_routes.py b/source/app/blueprints/pages/manage/manage_webhooks_routes.py index 73ef03d5f..942f2bdf4 100644 --- a/source/app/blueprints/pages/manage/manage_webhooks_routes.py +++ b/source/app/blueprints/pages/manage/manage_webhooks_routes.py @@ -1,4 +1,3 @@ -# IMPORTS ------------------------------------------------ import json from flask import Blueprint, abort, jsonify from flask import redirect @@ -225,7 +224,6 @@ def add_webhook(caseid): def update_webhook(cur_id): if not request.is_json: return response_error("Invalid request") - webhook = get_webhook_by_id(cur_id) if not webhook: return response_error(f"Invalid webhook ID {cur_id}") @@ -251,9 +249,9 @@ def update_webhook(cur_id): try: # validate the request data and load it into an instance of the `Webhook` object - webhook_data = webhook_schema.load(updated_webhook_dict, partial=True) + webhook_schema.load(updated_webhook_dict, instance=webhook, partial=True) # update the existing `webhook` object with the new data - webhook.update_from_dict(webhook_data) + # webhook.update_from_dict(webhook_data) # commit the changes to the database db.session.commit() except ValidationError as error: diff --git a/source/app/blueprints/rest/manage/manage_case_templates_routes.py b/source/app/blueprints/rest/manage/manage_case_templates_routes.py index 121d31c64..19b40146a 100644 --- a/source/app/blueprints/rest/manage/manage_case_templates_routes.py +++ b/source/app/blueprints/rest/manage/manage_case_templates_routes.py @@ -250,9 +250,9 @@ def update_case_template(cur_id): try: # validate the request data and load it into an instance of the `CaseTemplate` object - case_template_data = case_template_schema.load(updated_case_template_dict, partial=True) + case_template_data = case_template_schema.load(updated_case_template_dict, instance=case_template, partial=True) # update the existing `case_template` object with the new data - case_template.update_from_dict(case_template_data) + # case_template.update_from_dict(case_template_data) # commit the changes to the database db.session.commit() except ValidationError as error: diff --git a/source/app/business/cases.py b/source/app/business/cases.py index 003d2435b..182c860a2 100644 --- a/source/app/business/cases.py +++ b/source/app/business/cases.py @@ -80,9 +80,8 @@ def cases_exists(identifier): def cases_create(request_data): # TODO remove caseid doesn't seems to be useful for call_modules_hook => remove argument request_data = call_modules_hook('on_preload_case_create', request_data, None) - case_template_id = request_data.pop('case_template_id', None) case = _load(request_data) - + case_template_id = request_data.get('case_template_id') case.owner_id = current_user.id case.severity_id = 4 case.case_template_id = case_template_id diff --git a/source/app/iris_engine/tasker/tasks.py b/source/app/iris_engine/tasker/tasks.py index da42965d9..f7b508ed1 100644 --- a/source/app/iris_engine/tasker/tasks.py +++ b/source/app/iris_engine/tasker/tasks.py @@ -16,7 +16,6 @@ # along with this program; if not, write to the Free Software Foundation, # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. -# IMPORTS ------------------------------------------------ import os import urllib.parse from celery.signals import task_prerun diff --git a/source/app/models/cases.py b/source/app/models/cases.py index 467459e5e..dab997323 100644 --- a/source/app/models/cases.py +++ b/source/app/models/cases.py @@ -19,8 +19,8 @@ from datetime import datetime from flask_login import current_user -# IMPORTS ------------------------------------------------ -from sqlalchemy import BigInteger, CheckConstraint +from sqlalchemy import BigInteger +from sqlalchemy import CheckConstraint from sqlalchemy import Boolean from sqlalchemy import Column from sqlalchemy import Date @@ -43,7 +43,7 @@ from app.datamgmt.states import update_notes_state from app.datamgmt.states import update_tasks_state from app.datamgmt.states import update_timeline_state -from app.models.models import Client, Base +from app.models.models import Client class Cases(db.Model): diff --git a/source/app/models/models.py b/source/app/models/models.py index 7dba4710e..4886ea561 100644 --- a/source/app/models/models.py +++ b/source/app/models/models.py @@ -16,7 +16,6 @@ # along with this program; if not, write to the Free Software Foundation, # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. import datetime -# IMPORTS ------------------------------------------------ import enum import uuid @@ -229,7 +228,7 @@ class EvidenceTypes(db.Model): class Webhook(db.Model): - __tablename__ = 'webhooksss' + __tablename__ = 'webhooks' # Metadata id = Column(Integer, primary_key=True) @@ -241,12 +240,8 @@ class Webhook(db.Model): header_auth = Column(JSON, nullable=True) payload_schema = Column(JSON, nullable=True) url = Column(String, nullable=True) - created_by_user = relationship('User') - def __init__(self, **kwargs): - super().__init__(**kwargs) - def update_from_dict(self, data: dict): for field, value in data.items(): setattr(self, field, value) @@ -277,8 +272,8 @@ class CaseTemplate(db.Model): created_by_user = relationship('User') - def __init__(self, **kwargs): - super().__init__(**kwargs) + # def __init__(self, **kwargs): + # super().__init__(**kwargs) def update_from_dict(self, data: dict): for field, value in data.items(): From c59b7913fbf57144e2169fcd112fc007abdd5bc2 Mon Sep 17 00:00:00 2001 From: AzharAli Date: Fri, 16 May 2025 16:43:28 +0500 Subject: [PATCH 80/80] implementation of celery worker for triggers inside create case endpoint --- source/app/business/cases.py | 23 +++++++++++++---------- source/app/models/models.py | 16 ++++++++++++++-- 2 files changed, 27 insertions(+), 12 deletions(-) diff --git a/source/app/business/cases.py b/source/app/business/cases.py index 182c860a2..2fd4de00a 100644 --- a/source/app/business/cases.py +++ b/source/app/business/cases.py @@ -25,7 +25,7 @@ from flask import jsonify, current_app, g from marshmallow.exceptions import ValidationError -from app import app +from app import app, celery from app import db from app.util import add_obj_history_entry from app.schema.marshables import CaseSchema @@ -76,6 +76,13 @@ def cases_get_by_identifier(case_identifier): def cases_exists(identifier): return case_db_exists(identifier) +# Function to execute a trigger in background celery worker +@celery.task(bind=True) +def execute_trigger_with_context(self, trigger, case_id): + # Make sure each thread runs within the Flask app context + with app.app_context(): + print(f"Trigger executed for case: {trigger}") + execute_and_save_trigger(trigger, case_id) def cases_create(request_data): # TODO remove caseid doesn't seems to be useful for call_modules_hook => remove argument @@ -117,17 +124,13 @@ def cases_create(request_data): if not triggers: raise BusinessProcessingError("No triggers found for the provided case_template_id.") - # Function to execute a trigger in a new thread with app context - def execute_trigger_with_context(trigger): - # Make sure each thread runs within the Flask app context - with app.app_context(): - print(f"Trigger executed for case: {trigger}") - execute_and_save_trigger(trigger, case.case_id) - # Start a new thread for each trigger for trigger in triggers: - thread = Thread(target=execute_trigger_with_context, args=(trigger,)) - thread.start() + if isinstance(trigger, dict): + trigger_data = trigger + else: + trigger_data = trigger.to_dict() + execute_trigger_with_context.apply_async(args=[trigger_data, case.case_id]) return case diff --git a/source/app/models/models.py b/source/app/models/models.py index 4886ea561..6185e0134 100644 --- a/source/app/models/models.py +++ b/source/app/models/models.py @@ -32,6 +32,7 @@ from sqlalchemy import Text from sqlalchemy import create_engine from sqlalchemy import text +from sqlalchemy.inspection import inspect from sqlalchemy.dialects.postgresql import JSON, JSONB from sqlalchemy.dialects.postgresql import UUID from sqlalchemy.ext.declarative import declarative_base @@ -272,8 +273,19 @@ class CaseTemplate(db.Model): created_by_user = relationship('User') - # def __init__(self, **kwargs): - # super().__init__(**kwargs) + def to_dict(self, include_relationships=False): + result = {} + for c in inspect(self).mapper.column_attrs: + value = getattr(self, c.key) + # Convert datetime objects to ISO format + if isinstance(value, datetime): + value = value.isoformat() + result[c.key] = value + + if include_relationships: + result["created_by_user"] = self.created_by_user.to_dict() if self.created_by_user else None + + return result def update_from_dict(self, data: dict): for field, value in data.items():