[FIX] Made tests on iocs endpoint work

dfir-iris · Jan 10, 2025 · 9a6f661 · 9a6f661
1 parent 4962bd2
commit 9a6f661
Show file tree

Hide file tree

Showing 3 changed files with 93 additions and 83 deletions.
diff --git a/source/app/blueprints/rest/v2/__init__.py b/source/app/blueprints/rest/v2/__init__.py
@@ -5,6 +5,7 @@
 from app.blueprints.rest.v2.dashboard import dashboard_bp
 from app.blueprints.rest.v2.cases import api_v2_case_blueprint
 from app.blueprints.rest.v2.tasks import tasks_blueprint
+from app.blueprints.rest.v2.iocs import iocs_blueprint
 
 
 # Create root /api/v2 blueprint
@@ -17,3 +18,4 @@
 rest_v2_bp.register_blueprint(alerts_bp)
 rest_v2_bp.register_blueprint(dashboard_bp)
 rest_v2_bp.register_blueprint(tasks_blueprint)
+rest_v2_bp.register_blueprint(iocs_blueprint)
diff --git a/source/app/blueprints/rest/v2/cases/iocs.py b/source/app/blueprints/rest/v2/cases/iocs.py
@@ -22,16 +22,10 @@
 
 from app.blueprints.access_controls import ac_api_requires
 from app.blueprints.rest.endpoints import response_api_created
-from app.blueprints.rest.endpoints import response_api_deleted
 from app.blueprints.rest.endpoints import response_api_error
-from app.blueprints.rest.endpoints import response_api_not_found
 from app.blueprints.rest.endpoints import response_api_success
 from app.business.errors import BusinessProcessingError
-from app.business.errors import ObjectNotFoundError
 from app.business.iocs import iocs_create
-from app.business.iocs import iocs_update
-from app.business.iocs import iocs_delete
-from app.business.iocs import iocs_get
 from app.datamgmt.case.case_iocs_db import get_filtered_iocs
 from app.iris_engine.access_control.utils import ac_fast_check_current_user_has_case_access
 from app.models.authorization import CaseAccessLevel
@@ -119,80 +113,3 @@ def add_ioc_to_case(case_id):
     except BusinessProcessingError as e:
         log.error(e)
         return response_api_error(e.get_message())
-
-
-@case_iocs_bp.delete('/<int:identifier>')
-@ac_api_requires()
-def delete_case_ioc(case_id, identifier):
-    """
-    Deletes an IOC from a case
-
-    Args:
-        case_id (int): The case ID
-        identifier (int): The IOC ID
-    """
-
-    try:
-        ioc = iocs_get(identifier)
-        if not ac_fast_check_current_user_has_case_access(ioc.case_id, [CaseAccessLevel.full_access]):
-            return ac_api_return_access_denied(caseid=ioc.case_id)
-        if ioc.case_id != case_id:
-            raise ObjectNotFoundError()
-
-        iocs_delete(ioc)
-        return response_api_deleted()
-
-    except ObjectNotFoundError:
-        return response_api_not_found()
-    except BusinessProcessingError as e:
-        return response_api_error(e.get_message())
-
-
-@case_iocs_bp.get('/<int:identifier>')
-@ac_api_requires()
-def get_case_ioc(case_id, identifier):
-    """
-    Handle getting an IOC from a case
-
-    Args:
-        case_id (int): The Case ID
-        identifier (int): The IOC ID
-    """
-    ioc_schema = IocSchemaForAPIV2()
-    try:
-        ioc = iocs_get(identifier)
-        if not ac_fast_check_current_user_has_case_access(ioc.case_id, [CaseAccessLevel.read_only, CaseAccessLevel.full_access]):
-            return ac_api_return_access_denied(caseid=ioc.case_id)
-        if ioc.case_id != case_id:
-            raise ObjectNotFoundError()
-
-        return response_api_success(ioc_schema.dump(ioc))
-    except ObjectNotFoundError:
-        return response_api_not_found()
-
-
-@case_iocs_bp.put('/<int:identifier>')
-@ac_api_requires()
-def update_ioc(case_id, identifier):
-    """
-    Handle updating an IOC from a case
-
-    Args:
-        case_id (int): The Case ID
-        identifier (int): The IOC ID
-    """
-    ioc_schema = IocSchemaForAPIV2()
-    try:
-        ioc = iocs_get(identifier)
-        if not ac_fast_check_current_user_has_case_access(ioc.case_id,
-                                                          [CaseAccessLevel.full_access]):
-            return ac_api_return_access_denied(caseid=ioc.case_id)
-
-        ioc, _ = iocs_update(ioc, request.get_json())
-        return response_api_success(ioc_schema.dump(ioc))
-
-    except ObjectNotFoundError:
-        return response_api_not_found()
-
-    except BusinessProcessingError as e:
-        return response_api_error(e.get_message(), data=e.get_data())
diff --git a/source/app/blueprints/rest/v2/iocs.py b/source/app/blueprints/rest/v2/iocs.py
@@ -0,0 +1,91 @@
+#  IRIS Source Code
+#  Copyright (C) 2024 - DFIR-IRIS
+#  contact@dfir-iris.org
+#
+#  This program is free software; you can redistribute it and/or
+#  modify it under the terms of the GNU Lesser General Public
+#  License as published by the Free Software Foundation; either
+#  version 3 of the License, or (at your option) any later version.
+#
+#  This program is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+#  Lesser General Public License for more details.
+#
+#  You should have received a copy of the GNU Lesser General Public License
+#  along with this program; if not, write to the Free Software Foundation,
+#  Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+
+from flask import Blueprint
+from flask import request
+
+from app.blueprints.access_controls import ac_api_requires
+from app.blueprints.rest.endpoints import response_api_deleted
+from app.blueprints.rest.endpoints import response_api_error
+from app.blueprints.rest.endpoints import response_api_not_found
+from app.blueprints.rest.endpoints import response_api_success
+from app.business.errors import BusinessProcessingError
+from app.business.errors import ObjectNotFoundError
+from app.business.iocs import iocs_update
+from app.business.iocs import iocs_delete
+from app.business.iocs import iocs_get
+from app.iris_engine.access_control.utils import ac_fast_check_current_user_has_case_access
+from app.models.authorization import CaseAccessLevel
+from app.schema.marshables import IocSchemaForAPIV2
+from app.blueprints.access_controls import ac_api_return_access_denied
+
+iocs_blueprint = Blueprint('iocs_rest_v2',
+                           __name__,
+                           url_prefix='/iocs')
+
+
+@iocs_blueprint.delete('/<int:identifier>')
+@ac_api_requires()
+def delete_case_ioc(identifier):
+
+    try:
+        ioc = iocs_get(identifier)
+        if not ac_fast_check_current_user_has_case_access(ioc.case_id, [CaseAccessLevel.full_access]):
+            return ac_api_return_access_denied(caseid=ioc.case_id)
+
+        iocs_delete(ioc)
+        return response_api_deleted()
+
+    except ObjectNotFoundError:
+        return response_api_not_found()
+    except BusinessProcessingError as e:
+        return response_api_error(e.get_message())
+
+
+@iocs_blueprint.get('/<int:identifier>')
+@ac_api_requires()
+def get_case_ioc(identifier):
+    ioc_schema = IocSchemaForAPIV2()
+    try:
+        ioc = iocs_get(identifier)
+        if not ac_fast_check_current_user_has_case_access(ioc.case_id, [CaseAccessLevel.read_only, CaseAccessLevel.full_access]):
+            return ac_api_return_access_denied(caseid=ioc.case_id)
+
+        return response_api_success(ioc_schema.dump(ioc))
+    except ObjectNotFoundError:
+        return response_api_not_found()
+
+
+@iocs_blueprint.put('/<int:identifier>')
+@ac_api_requires()
+def update_ioc(identifier):
+    ioc_schema = IocSchemaForAPIV2()
+    try:
+        ioc = iocs_get(identifier)
+        if not ac_fast_check_current_user_has_case_access(ioc.case_id,
+                                                          [CaseAccessLevel.full_access]):
+            return ac_api_return_access_denied(caseid=ioc.case_id)
+
+        ioc, _ = iocs_update(ioc, request.get_json())
+        return response_api_success(ioc_schema.dump(ioc))
+
+    except ObjectNotFoundError:
+        return response_api_not_found()
+
+    except BusinessProcessingError as e:
+        return response_api_error(e.get_message(), data=e.get_data())