Support operations on observables using the API

PiRogueToolSuite · Jan 22, 2024 · ff75e07 · ff75e07
1 parent 7d393fc
commit ff75e07
Show file tree

Hide file tree

Showing 3 changed files with 78 additions and 13 deletions.
diff --git a/colander/core/api/serializers.py b/colander/core/api/serializers.py
@@ -4,9 +4,8 @@
 from rest_framework import serializers
 from django.db import transaction
 
-from rest_framework.reverse import reverse_lazy, reverse
-
-from colander.core.models import Artifact, ArtifactType, Case, Device, DeviceType, UploadRequest, PiRogueExperiment
+from colander.core.models import Artifact, ArtifactType, Case, Device, DeviceType, UploadRequest, PiRogueExperiment, \
+    Observable, ObservableType
 from colander.core.signals import process_hash_and_signing
 
 
@@ -149,3 +148,34 @@ def create(self, validated_data):
             pre.pap = pre.case.pap
         pre.save()
         return pre
+
+
+class ObservableSerializer(serializers.ModelSerializer):
+    type_name = serializers.SerializerMethodField()
+
+    class Meta:
+        model = Observable
+        exclude = [
+            'owner',
+            'raw_value',
+            'analysis_index',
+            'es_prefix',
+        ]
+
+    def get_type_name(self, obj):
+        return obj.type.short_name
+
+    def create(self, validated_data):
+        d = super().create(validated_data)
+        if 'tlp' not in validated_data:
+            d.tlp = d.case.tlp
+        if 'pap' not in validated_data:
+            d.pap = d.case.pap
+        d.save()
+        return d
+
+
+class ObservableTypeSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = ObservableType
+        fields = ['id', 'name', 'short_name']
diff --git a/colander/core/api/views.py b/colander/core/api/views.py
@@ -1,20 +1,16 @@
 from django.http import Http404, HttpResponse
 from rest_framework import mixins
-from rest_framework.response import Response
 from rest_framework.authentication import SessionAuthentication, TokenAuthentication
 from rest_framework.decorators import action
 from rest_framework.permissions import IsAuthenticated
-from rest_framework.views import APIView
 from rest_framework.viewsets import GenericViewSet
-from rest_framework.generics import CreateAPIView, UpdateAPIView, RetrieveUpdateAPIView
 
 from colander.core.api.serializers import ArtifactSerializer, \
-    ArtifactTypeSerializer, \
-    CaseSerializer, \
-    DeviceSerializer, \
-    DeviceTypeSerializer, PiRogueExperimentSerializer
+    ArtifactTypeSerializer,  CaseSerializer,  DeviceSerializer, \
+    DeviceTypeSerializer, PiRogueExperimentSerializer, ObservableSerializer, ObservableTypeSerializer
+from colander.core.models import Artifact, ArtifactType, Device, DeviceType, UploadRequest, PiRogueExperiment, \
+    Observable, ObservableType
 from colander.core.serializers.upload_request_serializers import UploadRequestSerializer
-from colander.core.models import Artifact, ArtifactType, Case, Device, DeviceType, UploadRequest, PiRogueExperiment
 
 
 class ApiCaseViewSet(mixins.RetrieveModelMixin,
@@ -26,7 +22,7 @@ class ApiCaseViewSet(mixins.RetrieveModelMixin,
 
     def get_queryset(self):
         queryset = self.request.user.all_my_cases
-        #queryset = Case.objects.filter(case__in=cases)
+        # queryset = Case.objects.filter(case__in=cases)
 
         name = self.request.query_params.get('name')
         if name is not None:
@@ -138,3 +134,39 @@ def get_queryset(self):
 
     def perform_create(self, serializer):
         return serializer.save(owner=self.request.user)
+
+
+class ApiObservableViewSet(mixins.CreateModelMixin,
+                           mixins.RetrieveModelMixin,
+                           # mixins.UpdateModelMixin,
+                           mixins.ListModelMixin,
+                           GenericViewSet):
+    authentication_classes = [SessionAuthentication, TokenAuthentication]
+    permission_classes = [IsAuthenticated]
+    serializer_class = ObservableSerializer
+
+    def get_queryset(self):
+        cases = self.request.user.all_my_cases
+        queryset = Observable.objects.filter(case__in=cases)
+
+        case_id = self.request.query_params.get('case_id')
+        if case_id is not None:
+            queryset = queryset.filter(case=case_id)
+
+        name = self.request.query_params.get('name')
+        if name is not None:
+            queryset = queryset.filter(name__icontains=name)
+
+        return queryset
+
+    def perform_create(self, serializer):
+        return serializer.save(owner=self.request.user)
+
+
+class ApiObservableTypeViewSet(mixins.RetrieveModelMixin,
+                               mixins.ListModelMixin,
+                               GenericViewSet):
+    authentication_classes = [SessionAuthentication, TokenAuthentication]
+    permission_classes = [IsAuthenticated]
+    serializer_class = ObservableTypeSerializer
+    queryset = ObservableType.objects.all()
diff --git a/config/api_router.py b/config/api_router.py
@@ -2,7 +2,8 @@
 from rest_framework.routers import DefaultRouter, SimpleRouter
 
 from colander.core.api.views import ApiCaseViewSet, ApiDeviceViewSet, ApiDeviceTypeViewSet, ApiArtifactViewSet, \
-    ApiArtifactTypeViewSet, ApiUploadRequestViewSet, ApiPiRogueExperimentViewSet
+    ApiArtifactTypeViewSet, ApiUploadRequestViewSet, ApiPiRogueExperimentViewSet, ApiObservableViewSet, \
+    ApiObservableTypeViewSet
 from colander.users.api.views import UserViewSet
 
 if settings.DEBUG:
@@ -18,6 +19,8 @@
 router.register("upload_requests", ApiUploadRequestViewSet, basename='upload_requests')
 router.register("devices", ApiDeviceViewSet, basename='devices')
 router.register("device_types", ApiDeviceTypeViewSet, basename='device_types')
+router.register("observables", ApiObservableViewSet, basename='observables')
+router.register("observable_types", ApiObservableTypeViewSet, basename='observable_types')
 router.register("pirogue_experiments", ApiPiRogueExperimentViewSet, basename='pirogue_experiments')
 
 app_name = "api"