Skip to content

[Bug] TheHive V4 API Errors "Operation Not Permitted" and "Date format" #1496

Closed
@graememeyer

Description

@graememeyer

[Bug] TheHive V4 API Errors "Operation Not Permitted" and "Date format"

Request Type

Bug

Work Environment

Question Answer
OS version (server) Ubuntu 18 (Training VM)
OS version (client) Windows 10.
TheHive version / git hash 4.0
Package Type Training VM
Browser type & version N/A

Problem Description

"Operation not permitted" and invalid date format errors when posting to TheHive4 "Create Alert" API.

I'm using the training VMs for 3.4 and 4.0. A curl POST to the v4 VM gives me a date format error (below), and when you remove the date parameter you get an "Operation not permitted error".

Steps to Reproduce

TheHive4 Curl:
curl -X POST -H 'Authorization: Bearer 7ywJAe8sk9v0qCPjWF0ysrc7+Q6JouTR' -H 'Content-Type: application/json' http://thehive4.local:9000/api/alert -d '{"title": "Test Alert","description": "Created with curl via the API","type": "CurlTest","source": "API","sourceRef": "TA1","date": "1598453685000"}'
Result:
{"type":"AttributeCheckingError","message":"[Invalid format for date: FString(1598453685000), expected date (date)]","errors":[{"name":"date","format":"date","acceptedInput":["date"],"field":"FString(1598453685000)","type":"InvalidFormatAttributeError"}]}

TheHive4 Curl:
curl -X POST -H 'Authorization: Bearer 7ywJAe8sk9v0qCPjWF0ysrc7+Q6JouTR' -H 'Content-Type: application/json' http://thehive4.local:9000/api/alert -d '{"title": "Test Alert","description": "Created with curl via the API","type": "CurlTest","source": "API","sourceRef": "TA2"}'
Result:
{"type":"AuthorizationError","message":"Operation not permitted"}

TheHive3 Curl:
curl -X POST -H 'Authorization: Bearer SuGd5Aj4NNudH8unh5CpWLm4U/MYDeVc' -H 'Content-Type: application/json' http://thehive3.local:9000/api/alert -d '{"title": "Test Alert","description": "Created with curl via the API","type": "CurlTest","source": "API","sourceRef": "TA1","date": "1598453685000"}'
Result:
{"severity":2,"date":1598453685000,"_routing":"e88708eaf54e196b1826e24ac227bbcd","customFields":{},"_type":"alert","description":"Created with curl via the API","lastSyncDate":1598455169746,"source":"API","type":"CurlTest","follow":true,"title":"Test Alert","createdAt":1598455169743,"_parent":null,"createdBy":"admin","tlp":2,"_id":"e88708eaf54e196b1826e24ac227bbcd","id":"e88708eaf54e196b1826e24ac227bbcd","sourceRef":"TA2","_version":1,"artifacts":[],"status":"New"}

Metadata

Metadata

Assignees

Labels

TheHive4TheHive4 related issuesbug

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions