Skip to content

Commit

Permalink
Handle Threatr inconsistent configuration
Browse files Browse the repository at this point in the history
  • Loading branch information
@U039b
U039b committed Sep 21, 2024
1 parent f088063 commit a9e78c8
Show file tree
Hide file tree
Showing 3 changed files with 47 additions and 31 deletions.
19 changes: 16 additions & 3 deletions colander/core/threatr.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,18 +15,23 @@ class ThreatrClient:
def __init__(self):
self.api_key = ''
self.types = []
self.supported_types = []
self.supported_types = {}
self.__load_credentials()
self.__correctly_configured, self.__error_message = self.is_correctly_configured()

def is_correctly_configured(self):
if not self.api_key:
return False, 'No Threatr API key found, check the documentation.'
try:
response = requests.head(f'{self.url}/api/schema/', headers=self.__get_headers(), timeout=10)
return response.status_code == 200
except requests.exceptions.RequestException as e:
logger.error(e)
return False
return False, 'Unable to retrieve the API schema (https://<threatr domain>/api/schema/)'

def is_online(self):
if not self.__correctly_configured:
return False
try:
requests.head(f'{self.url}/api/schema/', headers=self.__get_headers(), timeout=10)
return True
Expand All @@ -47,13 +52,16 @@ def __load_credentials(self):
credentials = BackendCredentials.objects.filter(backend=ThreatrClient.backend_identifier)
if credentials:
credentials = credentials.first()
self.api_key = credentials.credentials.get('api_key')
self.api_key = credentials.credentials.get('api_key', '')

def get_types(self):
"""
Get all the types defined in Threatr models.
:return: all the types defined in Threatr models
"""
if not self.__correctly_configured:
self.types = []
return self.types
if self.types:
return self.types
response = requests.get(f'{self.url}/api/types/', headers=self.__get_headers())
Expand Down Expand Up @@ -83,6 +91,9 @@ def get_supported_types(self):
:return: the entity types supported by the modules available on Threatr
"""
if not self.__correctly_configured:
self.supported_types = {}
return self.supported_types
if self.supported_types:
return self.supported_types
response = requests.get(f'{self.url}/api/types/supported/', headers=self.__get_headers())
Expand All @@ -109,6 +120,8 @@ def send_request(self, data) -> (list, bool):
:param data: the data to be sent
:return: the query results and a boolean telling if the client has to wait and come back later
"""
if not self.__correctly_configured:
return [], False
if not data:
return [], False
response = requests.post(f'{self.url}/api/request/', headers=self.__get_headers(), json=data)
Expand Down
11 changes: 6 additions & 5 deletions colander/core/views/investigate_views.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,6 @@ def get_threatr_types(api_key):
@login_required
@csrf_exempt
def investigate_search_view(request):
form = InvestigateSearchForm()
threatr_client = ThreatrClient()
threatr_results = {}
wait = False
Expand All @@ -35,14 +34,15 @@ def investigate_search_view(request):
ordering = {}
request_data = {}

if not threatr_client.is_correctly_configured():
messages.error(request, 'Threatr is not correctly configured. Unable to retrieve the API schema (<threatr domain>/api/schema/)', extra_tags='danger')
logger.error(f'Threatr is not correctly configured. {THREAT_BACKEND_IDENTIFIER}')
correctly_configured, message = threatr_client.is_correctly_configured()
if not correctly_configured:
messages.error(request, message, extra_tags='danger')
logger.error(f'Threatr is not correctly configured. {THREAT_BACKEND_IDENTIFIER}. {message}')
return render(
request,
'pages/investigate/base.html',
{
'form': form,
'form': None,
'request_data': request_data,
'results': threatr_results,
'mermaid': mermaid,
Expand All @@ -52,6 +52,7 @@ def investigate_search_view(request):
)

types = threatr_client.get_supported_types()
form = InvestigateSearchForm()

if request.GET.keys():
entities = {}
Expand Down
48 changes: 25 additions & 23 deletions colander/templates/pages/investigate/base.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,34 +7,36 @@

{% block content %}
{% block inner-content %}
<div class="row justify-content-center mt-2">
<div class="col-md-12">
<div class="card mb-4 bg-secondary-light">
<div class="card-body">
<form method="get" autocomplete="off" id="investigate_form">
<div class="row justify-content-center" id="type-selector">
{% include "helpers/dynamic_type_selector.html" %}
</div>
<div class="row justify-content-center">
<div class="col-md-8 mt-3">
<div class="input-group input-group-lg">
<input type="text" class="form-control" id="id_value" name="value" aria-label="Value" required=""
aria-describedby="button-search" maxlength="128"
placeholder="Name or value of the entity you are looking for"
{% if form.value.value %} value="{{ form.value.value }}"{% endif %}
>
<button class="btn btn-primary" type="submit" id="button-search">
{% translate "Search" %}
</button>
{% if form %}
<div class="row justify-content-center mt-2">
<div class="col-md-12">
<div class="card mb-4 bg-secondary-light">
<div class="card-body">
<form method="get" autocomplete="off" id="investigate_form">
<div class="row justify-content-center" id="type-selector">
{% include "helpers/dynamic_type_selector.html" %}
</div>
<div class="row justify-content-center">
<div class="col-md-8 mt-3">
<div class="input-group input-group-lg">
<input type="text" class="form-control" id="id_value" name="value" aria-label="Value" required=""
aria-describedby="button-search" maxlength="128"
placeholder="Name or value of the entity you are looking for"
{% if form.value.value %} value="{{ form.value.value }}"{% endif %}
>
<button class="btn btn-primary" type="submit" id="button-search">
{% translate "Search" %}
</button>
</div>
{{ form.force_update|as_crispy_field }}
</div>
{{ form.force_update|as_crispy_field }}
</div>
</div>
</form>
</form>
</div>
</div>
</div>
</div>
</div>
{% endif %}
<div class="row justify-content-center">
{# Wait for the threatr request to complete #}
{% if wait %}
Expand Down

0 comments on commit a9e78c8

Please sign in to comment.