mirror of
https://github.com/SecurityBrewery/catalyst.git
synced 2026-01-24 23:13:29 +01:00
Add global settings (#40)
This commit is contained in:
Jonas Plum
GitHub
@@ -29,7 +29,8 @@ type Service interface {
|
||||
GetPlaybook(context.Context, string) (*model.PlaybookTemplateResponse, error)
|
||||
UpdatePlaybook(context.Context, string, *model.PlaybookTemplateForm) (*model.PlaybookTemplateResponse, error)
|
||||
DeletePlaybook(context.Context, string) error
|
||||
GetSettings(context.Context) (*model.Settings, error)
|
||||
GetSettings(context.Context) (*model.SettingsResponse, error)
|
||||
SaveSettings(context.Context, *model.Settings) (*model.SettingsResponse, error)
|
||||
GetStatistics(context.Context) (*model.Statistics, error)
|
||||
ListTasks(context.Context) ([]*model.TaskWithContext, error)
|
||||
ListTemplates(context.Context) ([]*model.TicketTemplateResponse, error)
|
||||
@@ -101,6 +102,7 @@ func NewServer(service Service, roleAuth func([]string) func(http.Handler) http.
|
||||
r.With(roleAuth([]string{"playbook:write"})).Put("/playbooks/{id}", s.updatePlaybookHandler)
|
||||
r.With(roleAuth([]string{"playbook:write"})).Delete("/playbooks/{id}", s.deletePlaybookHandler)
|
||||
r.With(roleAuth([]string{"settings:read"})).Get("/settings", s.getSettingsHandler)
|
||||
r.With(roleAuth([]string{"settings:write"})).Post("/settings", s.saveSettingsHandler)
|
||||
r.With(roleAuth([]string{"ticket:read"})).Get("/statistics", s.getStatisticsHandler)
|
||||
r.With(roleAuth([]string{"ticket:read"})).Get("/tasks", s.listTasksHandler)
|
||||
r.With(roleAuth([]string{"template:read"})).Get("/templates", s.listTemplatesHandler)
|
||||
@@ -375,6 +377,27 @@ func (s *server) getSettingsHandler(w http.ResponseWriter, r *http.Request) {
|
||||
response(w, result, err)
|
||||
}
|
||||
|
||||
func (s *server) saveSettingsHandler(w http.ResponseWriter, r *http.Request) {
|
||||
body, err := io.ReadAll(r.Body)
|
||||
if err != nil {
|
||||
JSONError(w, err)
|
||||
return
|
||||
}
|
||||
|
||||
if validateSchema(body, model.SettingsSchema, w) {
|
||||
return
|
||||
}
|
||||
|
||||
var settingsP *model.Settings
|
||||
if err := parseBody(body, &settingsP); err != nil {
|
||||
JSONError(w, err)
|
||||
return
|
||||
}
|
||||
|
||||
result, err := s.service.SaveSettings(r.Context(), settingsP)
|
||||
response(w, result, err)
|
||||
}
|
||||
|
||||
func (s *server) getStatisticsHandler(w http.ResponseWriter, r *http.Request) {
|
||||
result, err := s.service.GetStatistics(r.Context())
|
||||
response(w, result, err)
|
||||
|
||||
@@ -68,7 +68,7 @@ var Tests = []struct {
|
||||
Args: Args{Method: "Get", URL: "/currentuser"},
|
||||
Want: Want{
|
||||
Status: 200,
|
||||
Body: map[string]interface{}{"apikey": false, "blocked": false, "id": "bob", "roles": []interface{}{"admin:backup:read", "admin:backup:restore", "admin:group:write", "admin:job:read", "admin:job:write", "admin:log:read", "admin:ticket:delete", "admin:user:write", "admin:userdata:read", "admin:userdata:write", "analyst:automation:read", "analyst:currentsettings:write", "analyst:currentuser:read", "analyst:currentuserdata:read", "analyst:file", "analyst:group:read", "analyst:playbook:read", "analyst:rule:read", "analyst:settings:read", "analyst:template:read", "analyst:ticket:read", "analyst:ticket:write", "analyst:tickettype:read", "analyst:user:read", "engineer:automation:write", "engineer:playbook:write", "engineer:rule:write", "engineer:template:write", "engineer:tickettype:write"}},
|
||||
Body: map[string]interface{}{"apikey": false, "blocked": false, "id": "bob", "roles": []interface{}{"admin:backup:read", "admin:backup:restore", "admin:group:write", "admin:job:read", "admin:job:write", "admin:log:read", "admin:settings:write", "admin:ticket:delete", "admin:user:write", "admin:userdata:read", "admin:userdata:write", "analyst:automation:read", "analyst:currentsettings:write", "analyst:currentuser:read", "analyst:currentuserdata:read", "analyst:file", "analyst:group:read", "analyst:playbook:read", "analyst:rule:read", "analyst:settings:read", "analyst:template:read", "analyst:ticket:read", "analyst:ticket:write", "analyst:tickettype:read", "analyst:user:read", "engineer:automation:write", "engineer:playbook:write", "engineer:rule:write", "engineer:template:write", "engineer:tickettype:write"}},
|
||||
},
|
||||
},
|
||||
|
||||
@@ -185,7 +185,16 @@ var Tests = []struct {
|
||||
Args: Args{Method: "Get", URL: "/settings"},
|
||||
Want: Want{
|
||||
Status: 200,
|
||||
Body: map[string]interface{}{"artifactStates": []interface{}{map[string]interface{}{"color": "info", "icon": "mdi-help-circle-outline", "id": "unknown", "name": "Unknown"}, map[string]interface{}{"color": "error", "icon": "mdi-skull", "id": "malicious", "name": "Malicious"}, map[string]interface{}{"color": "success", "icon": "mdi-check", "id": "clean", "name": "Clean"}}, "roles": []interface{}{"admin:backup:read", "admin:backup:restore", "admin:group:write", "admin:job:read", "admin:job:write", "admin:log:read", "admin:ticket:delete", "admin:user:write", "admin:userdata:read", "admin:userdata:write", "analyst:automation:read", "analyst:currentsettings:write", "analyst:currentuser:read", "analyst:currentuserdata:read", "analyst:file", "analyst:group:read", "analyst:playbook:read", "analyst:rule:read", "analyst:settings:read", "analyst:template:read", "analyst:ticket:read", "analyst:ticket:write", "analyst:tickettype:read", "analyst:user:read", "engineer:automation:write", "engineer:playbook:write", "engineer:rule:write", "engineer:template:write", "engineer:tickettype:write"}, "ticketTypes": []interface{}{map[string]interface{}{"default_playbooks": []interface{}{}, "default_template": "default", "icon": "mdi-alert", "id": "alert", "name": "Alerts"}, map[string]interface{}{"default_playbooks": []interface{}{}, "default_template": "default", "icon": "mdi-radioactive", "id": "incident", "name": "Incidents"}, map[string]interface{}{"default_playbooks": []interface{}{}, "default_template": "default", "icon": "mdi-fingerprint", "id": "investigation", "name": "Forensic Investigations"}, map[string]interface{}{"default_playbooks": []interface{}{}, "default_template": "default", "icon": "mdi-target", "id": "hunt", "name": "Threat Hunting"}}, "tier": "community", "timeformat": "YYYY-MM-DDThh:mm:ss", "version": "0.0.0-test"},
|
||||
Body: map[string]interface{}{"artifactKinds": []interface{}{map[string]interface{}{"icon": "mdi-server", "id": "asset", "name": "Asset"}, map[string]interface{}{"icon": "mdi-bullseye", "id": "ioc", "name": "IOC"}}, "artifactStates": []interface{}{map[string]interface{}{"color": "info", "icon": "mdi-help-circle-outline", "id": "unknown", "name": "Unknown"}, map[string]interface{}{"color": "error", "icon": "mdi-skull", "id": "malicious", "name": "Malicious"}, map[string]interface{}{"color": "success", "icon": "mdi-check", "id": "clean", "name": "Clean"}}, "roles": []interface{}{"admin:backup:read", "admin:backup:restore", "admin:group:write", "admin:job:read", "admin:job:write", "admin:log:read", "admin:settings:write", "admin:ticket:delete", "admin:user:write", "admin:userdata:read", "admin:userdata:write", "analyst:automation:read", "analyst:currentsettings:write", "analyst:currentuser:read", "analyst:currentuserdata:read", "analyst:file", "analyst:group:read", "analyst:playbook:read", "analyst:rule:read", "analyst:settings:read", "analyst:template:read", "analyst:ticket:read", "analyst:ticket:write", "analyst:tickettype:read", "analyst:user:read", "engineer:automation:write", "engineer:playbook:write", "engineer:rule:write", "engineer:template:write", "engineer:tickettype:write"}, "ticketTypes": []interface{}{map[string]interface{}{"default_playbooks": []interface{}{}, "default_template": "default", "icon": "mdi-alert", "id": "alert", "name": "Alerts"}, map[string]interface{}{"default_playbooks": []interface{}{}, "default_template": "default", "icon": "mdi-radioactive", "id": "incident", "name": "Incidents"}, map[string]interface{}{"default_playbooks": []interface{}{}, "default_template": "default", "icon": "mdi-fingerprint", "id": "investigation", "name": "Forensic Investigations"}, map[string]interface{}{"default_playbooks": []interface{}{}, "default_template": "default", "icon": "mdi-target", "id": "hunt", "name": "Threat Hunting"}}, "tier": "community", "timeformat": "YYYY-MM-DDThh:mm:ss", "version": "0.0.0-test"},
|
||||
},
|
||||
},
|
||||
|
||||
{
|
||||
Name: "SaveSettings",
|
||||
Args: Args{Method: "Post", URL: "/settings", Data: map[string]interface{}{"artifactKinds": []interface{}{map[string]interface{}{"icon": "mdi-server", "id": "asset", "name": "Asset"}, map[string]interface{}{"icon": "mdi-bullseye", "id": "ioc", "name": "IOC"}}, "artifactStates": []interface{}{map[string]interface{}{"color": "info", "icon": "mdi-help-circle-outline", "id": "unknown", "name": "Unknown"}, map[string]interface{}{"color": "error", "icon": "mdi-skull", "id": "malicious", "name": "Malicious"}, map[string]interface{}{"color": "success", "icon": "mdi-check", "id": "clean", "name": "Clean"}}, "timeformat": "YYYY-MM-DDThh:mm:ss"}},
|
||||
Want: Want{
|
||||
Status: 200,
|
||||
Body: map[string]interface{}{"artifactKinds": []interface{}{map[string]interface{}{"icon": "mdi-server", "id": "asset", "name": "Asset"}, map[string]interface{}{"icon": "mdi-bullseye", "id": "ioc", "name": "IOC"}}, "artifactStates": []interface{}{map[string]interface{}{"color": "info", "icon": "mdi-help-circle-outline", "id": "unknown", "name": "Unknown"}, map[string]interface{}{"color": "error", "icon": "mdi-skull", "id": "malicious", "name": "Malicious"}, map[string]interface{}{"color": "success", "icon": "mdi-check", "id": "clean", "name": "Clean"}}, "roles": []interface{}{"admin:backup:read", "admin:backup:restore", "admin:group:write", "admin:job:read", "admin:job:write", "admin:log:read", "admin:settings:write", "admin:ticket:delete", "admin:user:write", "admin:userdata:read", "admin:userdata:write", "analyst:automation:read", "analyst:currentsettings:write", "analyst:currentuser:read", "analyst:currentuserdata:read", "analyst:file", "analyst:group:read", "analyst:playbook:read", "analyst:rule:read", "analyst:settings:read", "analyst:template:read", "analyst:ticket:read", "analyst:ticket:write", "analyst:tickettype:read", "analyst:user:read", "engineer:automation:write", "engineer:playbook:write", "engineer:rule:write", "engineer:template:write", "engineer:tickettype:write"}, "ticketTypes": []interface{}{map[string]interface{}{"default_playbooks": []interface{}{}, "default_template": "default", "icon": "mdi-alert", "id": "alert", "name": "Alerts"}, map[string]interface{}{"default_playbooks": []interface{}{}, "default_template": "default", "icon": "mdi-radioactive", "id": "incident", "name": "Incidents"}, map[string]interface{}{"default_playbooks": []interface{}{}, "default_template": "default", "icon": "mdi-fingerprint", "id": "investigation", "name": "Forensic Investigations"}, map[string]interface{}{"default_playbooks": []interface{}{}, "default_template": "default", "icon": "mdi-target", "id": "hunt", "name": "Threat Hunting"}}, "tier": "community", "timeformat": "YYYY-MM-DDThh:mm:ss", "version": "0.0.0-test"},
|
||||
},
|
||||
},
|
||||
|
||||
@@ -545,7 +554,7 @@ var Tests = []struct {
|
||||
Args: Args{Method: "Get", URL: "/users"},
|
||||
Want: Want{
|
||||
Status: 200,
|
||||
Body: []interface{}{map[string]interface{}{"apikey": false, "blocked": false, "id": "bob", "roles": []interface{}{"admin:backup:read", "admin:backup:restore", "admin:group:write", "admin:job:read", "admin:job:write", "admin:log:read", "admin:ticket:delete", "admin:user:write", "admin:userdata:read", "admin:userdata:write", "analyst:automation:read", "analyst:currentsettings:write", "analyst:currentuser:read", "analyst:currentuserdata:read", "analyst:file", "analyst:group:read", "analyst:playbook:read", "analyst:rule:read", "analyst:settings:read", "analyst:template:read", "analyst:ticket:read", "analyst:ticket:write", "analyst:tickettype:read", "analyst:user:read", "engineer:automation:write", "engineer:playbook:write", "engineer:rule:write", "engineer:template:write", "engineer:tickettype:write"}}, map[string]interface{}{"apikey": true, "blocked": false, "id": "script", "roles": []interface{}{"analyst:automation:read", "analyst:currentsettings:write", "analyst:currentuser:read", "analyst:currentuserdata:read", "analyst:file", "analyst:group:read", "analyst:playbook:read", "analyst:rule:read", "analyst:settings:read", "analyst:template:read", "analyst:ticket:read", "analyst:ticket:write", "analyst:tickettype:read", "analyst:user:read", "engineer:automation:write", "engineer:playbook:write", "engineer:rule:write", "engineer:template:write", "engineer:tickettype:write"}}},
|
||||
Body: []interface{}{map[string]interface{}{"apikey": false, "blocked": false, "id": "bob", "roles": []interface{}{"admin:backup:read", "admin:backup:restore", "admin:group:write", "admin:job:read", "admin:job:write", "admin:log:read", "admin:settings:write", "admin:ticket:delete", "admin:user:write", "admin:userdata:read", "admin:userdata:write", "analyst:automation:read", "analyst:currentsettings:write", "analyst:currentuser:read", "analyst:currentuserdata:read", "analyst:file", "analyst:group:read", "analyst:playbook:read", "analyst:rule:read", "analyst:settings:read", "analyst:template:read", "analyst:ticket:read", "analyst:ticket:write", "analyst:tickettype:read", "analyst:user:read", "engineer:automation:write", "engineer:playbook:write", "engineer:rule:write", "engineer:template:write", "engineer:tickettype:write"}}, map[string]interface{}{"apikey": true, "blocked": false, "id": "script", "roles": []interface{}{"analyst:automation:read", "analyst:currentsettings:write", "analyst:currentuser:read", "analyst:currentuserdata:read", "analyst:file", "analyst:group:read", "analyst:playbook:read", "analyst:rule:read", "analyst:settings:read", "analyst:template:read", "analyst:ticket:read", "analyst:ticket:write", "analyst:tickettype:read", "analyst:user:read", "engineer:automation:write", "engineer:playbook:write", "engineer:rule:write", "engineer:template:write", "engineer:tickettype:write"}}},
|
||||
},
|
||||
},
|
||||
|
||||
@@ -572,7 +581,7 @@ var Tests = []struct {
|
||||
Args: Args{Method: "Put", URL: "/users/bob", Data: map[string]interface{}{"apikey": false, "blocked": false, "id": "syncscript", "roles": []interface{}{"analyst", "admin"}}},
|
||||
Want: Want{
|
||||
Status: 200,
|
||||
Body: map[string]interface{}{"apikey": false, "blocked": false, "id": "bob", "roles": []interface{}{"admin:backup:read", "admin:backup:restore", "admin:group:write", "admin:job:read", "admin:job:write", "admin:log:read", "admin:ticket:delete", "admin:user:write", "admin:userdata:read", "admin:userdata:write", "analyst:automation:read", "analyst:currentsettings:write", "analyst:currentuser:read", "analyst:currentuserdata:read", "analyst:file", "analyst:group:read", "analyst:playbook:read", "analyst:rule:read", "analyst:settings:read", "analyst:template:read", "analyst:ticket:read", "analyst:ticket:write", "analyst:tickettype:read", "analyst:user:read", "engineer:automation:write", "engineer:playbook:write", "engineer:rule:write", "engineer:template:write", "engineer:tickettype:write"}},
|
||||
Body: map[string]interface{}{"apikey": false, "blocked": false, "id": "bob", "roles": []interface{}{"admin:backup:read", "admin:backup:restore", "admin:group:write", "admin:job:read", "admin:job:write", "admin:log:read", "admin:settings:write", "admin:ticket:delete", "admin:user:write", "admin:userdata:read", "admin:userdata:write", "analyst:automation:read", "analyst:currentsettings:write", "analyst:currentuser:read", "analyst:currentuserdata:read", "analyst:file", "analyst:group:read", "analyst:playbook:read", "analyst:rule:read", "analyst:settings:read", "analyst:template:read", "analyst:ticket:read", "analyst:ticket:write", "analyst:tickettype:read", "analyst:user:read", "engineer:automation:write", "engineer:playbook:write", "engineer:rule:write", "engineer:template:write", "engineer:tickettype:write"}},
|
||||
},
|
||||
},
|
||||
|
||||
|
||||
@@ -225,7 +225,7 @@
|
||||
"apikey" : false,
|
||||
"blocked" : false,
|
||||
"id" : "bob",
|
||||
"roles" : [ "admin:backup:read", "admin:backup:restore", "admin:group:write", "admin:job:read", "admin:job:write", "admin:log:read", "admin:ticket:delete", "admin:user:write", "admin:userdata:read", "admin:userdata:write", "analyst:automation:read", "analyst:currentsettings:write", "analyst:currentuser:read", "analyst:currentuserdata:read", "analyst:file", "analyst:group:read", "analyst:playbook:read", "analyst:rule:read", "analyst:settings:read", "analyst:template:read", "analyst:ticket:read", "analyst:ticket:write", "analyst:tickettype:read", "analyst:user:read", "engineer:automation:write", "engineer:playbook:write", "engineer:rule:write", "engineer:template:write", "engineer:tickettype:write" ]
|
||||
"roles" : [ "admin:backup:read", "admin:backup:restore", "admin:group:write", "admin:job:read", "admin:job:write", "admin:log:read", "admin:settings:write", "admin:ticket:delete", "admin:user:write", "admin:userdata:read", "admin:userdata:write", "analyst:automation:read", "analyst:currentsettings:write", "analyst:currentuser:read", "analyst:currentuserdata:read", "analyst:file", "analyst:group:read", "analyst:playbook:read", "analyst:rule:read", "analyst:settings:read", "analyst:template:read", "analyst:ticket:read", "analyst:ticket:write", "analyst:tickettype:read", "analyst:user:read", "engineer:automation:write", "engineer:playbook:write", "engineer:rule:write", "engineer:template:write", "engineer:tickettype:write" ]
|
||||
}
|
||||
}
|
||||
},
|
||||
@@ -1143,11 +1143,20 @@
|
||||
"content" : {
|
||||
"application/json" : {
|
||||
"schema" : {
|
||||
"$ref" : "#/components/schemas/Settings"
|
||||
"$ref" : "#/components/schemas/SettingsResponse"
|
||||
}
|
||||
},
|
||||
"test" : {
|
||||
"example" : {
|
||||
"artifactKinds" : [ {
|
||||
"icon" : "mdi-server",
|
||||
"id" : "asset",
|
||||
"name" : "Asset"
|
||||
}, {
|
||||
"icon" : "mdi-bullseye",
|
||||
"id" : "ioc",
|
||||
"name" : "IOC"
|
||||
} ],
|
||||
"artifactStates" : [ {
|
||||
"color" : "info",
|
||||
"icon" : "mdi-help-circle-outline",
|
||||
@@ -1164,7 +1173,7 @@
|
||||
"id" : "clean",
|
||||
"name" : "Clean"
|
||||
} ],
|
||||
"roles" : [ "admin:backup:read", "admin:backup:restore", "admin:group:write", "admin:job:read", "admin:job:write", "admin:log:read", "admin:ticket:delete", "admin:user:write", "admin:userdata:read", "admin:userdata:write", "analyst:automation:read", "analyst:currentsettings:write", "analyst:currentuser:read", "analyst:currentuserdata:read", "analyst:file", "analyst:group:read", "analyst:playbook:read", "analyst:rule:read", "analyst:settings:read", "analyst:template:read", "analyst:ticket:read", "analyst:ticket:write", "analyst:tickettype:read", "analyst:user:read", "engineer:automation:write", "engineer:playbook:write", "engineer:rule:write", "engineer:template:write", "engineer:tickettype:write" ],
|
||||
"roles" : [ "admin:backup:read", "admin:backup:restore", "admin:group:write", "admin:job:read", "admin:job:write", "admin:log:read", "admin:settings:write", "admin:ticket:delete", "admin:user:write", "admin:userdata:read", "admin:userdata:write", "analyst:automation:read", "analyst:currentsettings:write", "analyst:currentuser:read", "analyst:currentuserdata:read", "analyst:file", "analyst:group:read", "analyst:playbook:read", "analyst:rule:read", "analyst:settings:read", "analyst:template:read", "analyst:ticket:read", "analyst:ticket:write", "analyst:tickettype:read", "analyst:user:read", "engineer:automation:write", "engineer:playbook:write", "engineer:rule:write", "engineer:template:write", "engineer:tickettype:write" ],
|
||||
"ticketTypes" : [ {
|
||||
"default_playbooks" : [ ],
|
||||
"default_template" : "default",
|
||||
@@ -1204,6 +1213,96 @@
|
||||
} ],
|
||||
"summary" : "Get settings",
|
||||
"tags" : [ "settings" ]
|
||||
},
|
||||
"post" : {
|
||||
"operationId" : "saveSettings",
|
||||
"requestBody" : {
|
||||
"content" : {
|
||||
"application/json" : {
|
||||
"schema" : {
|
||||
"$ref" : "#/components/schemas/Settings"
|
||||
}
|
||||
}
|
||||
},
|
||||
"description" : "Save settings",
|
||||
"required" : true
|
||||
},
|
||||
"responses" : {
|
||||
"200" : {
|
||||
"content" : {
|
||||
"application/json" : {
|
||||
"schema" : {
|
||||
"$ref" : "#/components/schemas/SettingsResponse"
|
||||
}
|
||||
},
|
||||
"test" : {
|
||||
"example" : {
|
||||
"artifactKinds" : [ {
|
||||
"icon" : "mdi-server",
|
||||
"id" : "asset",
|
||||
"name" : "Asset"
|
||||
}, {
|
||||
"icon" : "mdi-bullseye",
|
||||
"id" : "ioc",
|
||||
"name" : "IOC"
|
||||
} ],
|
||||
"artifactStates" : [ {
|
||||
"color" : "info",
|
||||
"icon" : "mdi-help-circle-outline",
|
||||
"id" : "unknown",
|
||||
"name" : "Unknown"
|
||||
}, {
|
||||
"color" : "error",
|
||||
"icon" : "mdi-skull",
|
||||
"id" : "malicious",
|
||||
"name" : "Malicious"
|
||||
}, {
|
||||
"color" : "success",
|
||||
"icon" : "mdi-check",
|
||||
"id" : "clean",
|
||||
"name" : "Clean"
|
||||
} ],
|
||||
"roles" : [ "admin:backup:read", "admin:backup:restore", "admin:group:write", "admin:job:read", "admin:job:write", "admin:log:read", "admin:settings:write", "admin:ticket:delete", "admin:user:write", "admin:userdata:read", "admin:userdata:write", "analyst:automation:read", "analyst:currentsettings:write", "analyst:currentuser:read", "analyst:currentuserdata:read", "analyst:file", "analyst:group:read", "analyst:playbook:read", "analyst:rule:read", "analyst:settings:read", "analyst:template:read", "analyst:ticket:read", "analyst:ticket:write", "analyst:tickettype:read", "analyst:user:read", "engineer:automation:write", "engineer:playbook:write", "engineer:rule:write", "engineer:template:write", "engineer:tickettype:write" ],
|
||||
"ticketTypes" : [ {
|
||||
"default_playbooks" : [ ],
|
||||
"default_template" : "default",
|
||||
"icon" : "mdi-alert",
|
||||
"id" : "alert",
|
||||
"name" : "Alerts"
|
||||
}, {
|
||||
"default_playbooks" : [ ],
|
||||
"default_template" : "default",
|
||||
"icon" : "mdi-radioactive",
|
||||
"id" : "incident",
|
||||
"name" : "Incidents"
|
||||
}, {
|
||||
"default_playbooks" : [ ],
|
||||
"default_template" : "default",
|
||||
"icon" : "mdi-fingerprint",
|
||||
"id" : "investigation",
|
||||
"name" : "Forensic Investigations"
|
||||
}, {
|
||||
"default_playbooks" : [ ],
|
||||
"default_template" : "default",
|
||||
"icon" : "mdi-target",
|
||||
"id" : "hunt",
|
||||
"name" : "Threat Hunting"
|
||||
} ],
|
||||
"tier" : "community",
|
||||
"timeformat" : "YYYY-MM-DDThh:mm:ss",
|
||||
"version" : "0.0.0-test"
|
||||
}
|
||||
}
|
||||
},
|
||||
"description" : "successful operation"
|
||||
}
|
||||
},
|
||||
"security" : [ {
|
||||
"roles" : [ "settings:write" ]
|
||||
} ],
|
||||
"summary" : "Save settings",
|
||||
"tags" : [ "settings" ],
|
||||
"x-codegen-request-body-name" : "settings"
|
||||
}
|
||||
},
|
||||
"/statistics" : {
|
||||
@@ -4993,7 +5092,7 @@
|
||||
"apikey" : false,
|
||||
"blocked" : false,
|
||||
"id" : "bob",
|
||||
"roles" : [ "admin:backup:read", "admin:backup:restore", "admin:group:write", "admin:job:read", "admin:job:write", "admin:log:read", "admin:ticket:delete", "admin:user:write", "admin:userdata:read", "admin:userdata:write", "analyst:automation:read", "analyst:currentsettings:write", "analyst:currentuser:read", "analyst:currentuserdata:read", "analyst:file", "analyst:group:read", "analyst:playbook:read", "analyst:rule:read", "analyst:settings:read", "analyst:template:read", "analyst:ticket:read", "analyst:ticket:write", "analyst:tickettype:read", "analyst:user:read", "engineer:automation:write", "engineer:playbook:write", "engineer:rule:write", "engineer:template:write", "engineer:tickettype:write" ]
|
||||
"roles" : [ "admin:backup:read", "admin:backup:restore", "admin:group:write", "admin:job:read", "admin:job:write", "admin:log:read", "admin:settings:write", "admin:ticket:delete", "admin:user:write", "admin:userdata:read", "admin:userdata:write", "analyst:automation:read", "analyst:currentsettings:write", "analyst:currentuser:read", "analyst:currentuserdata:read", "analyst:file", "analyst:group:read", "analyst:playbook:read", "analyst:rule:read", "analyst:settings:read", "analyst:template:read", "analyst:ticket:read", "analyst:ticket:write", "analyst:tickettype:read", "analyst:user:read", "engineer:automation:write", "engineer:playbook:write", "engineer:rule:write", "engineer:template:write", "engineer:tickettype:write" ]
|
||||
}, {
|
||||
"apikey" : true,
|
||||
"blocked" : false,
|
||||
@@ -5151,7 +5250,7 @@
|
||||
"apikey" : false,
|
||||
"blocked" : false,
|
||||
"id" : "bob",
|
||||
"roles" : [ "admin:backup:read", "admin:backup:restore", "admin:group:write", "admin:job:read", "admin:job:write", "admin:log:read", "admin:ticket:delete", "admin:user:write", "admin:userdata:read", "admin:userdata:write", "analyst:automation:read", "analyst:currentsettings:write", "analyst:currentuser:read", "analyst:currentuserdata:read", "analyst:file", "analyst:group:read", "analyst:playbook:read", "analyst:rule:read", "analyst:settings:read", "analyst:template:read", "analyst:ticket:read", "analyst:ticket:write", "analyst:tickettype:read", "analyst:user:read", "engineer:automation:write", "engineer:playbook:write", "engineer:rule:write", "engineer:template:write", "engineer:tickettype:write" ]
|
||||
"roles" : [ "admin:backup:read", "admin:backup:restore", "admin:group:write", "admin:job:read", "admin:job:write", "admin:log:read", "admin:settings:write", "admin:ticket:delete", "admin:user:write", "admin:userdata:read", "admin:userdata:write", "analyst:automation:read", "analyst:currentsettings:write", "analyst:currentuser:read", "analyst:currentuserdata:read", "analyst:file", "analyst:group:read", "analyst:playbook:read", "analyst:rule:read", "analyst:settings:read", "analyst:template:read", "analyst:ticket:read", "analyst:ticket:write", "analyst:tickettype:read", "analyst:user:read", "engineer:automation:write", "engineer:playbook:write", "engineer:rule:write", "engineer:template:write", "engineer:tickettype:write" ]
|
||||
}
|
||||
}
|
||||
},
|
||||
@@ -5177,6 +5276,9 @@
|
||||
},
|
||||
"type" : "object"
|
||||
},
|
||||
"kind" : {
|
||||
"type" : "string"
|
||||
},
|
||||
"name" : {
|
||||
"example" : "2.2.2.2",
|
||||
"type" : "string"
|
||||
@@ -5793,6 +5895,37 @@
|
||||
},
|
||||
"Settings" : {
|
||||
"properties" : {
|
||||
"artifactKinds" : {
|
||||
"items" : {
|
||||
"$ref" : "#/components/schemas/Type"
|
||||
},
|
||||
"title" : "Artifact Kinds",
|
||||
"type" : "array"
|
||||
},
|
||||
"artifactStates" : {
|
||||
"items" : {
|
||||
"$ref" : "#/components/schemas/Type"
|
||||
},
|
||||
"title" : "Artifact States",
|
||||
"type" : "array"
|
||||
},
|
||||
"timeformat" : {
|
||||
"title" : "Time Format",
|
||||
"type" : "string"
|
||||
}
|
||||
},
|
||||
"required" : [ "artifactKinds", "artifactStates", "timeformat" ],
|
||||
"type" : "object"
|
||||
},
|
||||
"SettingsResponse" : {
|
||||
"properties" : {
|
||||
"artifactKinds" : {
|
||||
"items" : {
|
||||
"$ref" : "#/components/schemas/Type"
|
||||
},
|
||||
"title" : "Artifact Kinds",
|
||||
"type" : "array"
|
||||
},
|
||||
"artifactStates" : {
|
||||
"items" : {
|
||||
"$ref" : "#/components/schemas/Type"
|
||||
@@ -5828,7 +5961,7 @@
|
||||
"type" : "string"
|
||||
}
|
||||
},
|
||||
"required" : [ "artifactStates", "ticketTypes", "tier", "timeformat", "version" ],
|
||||
"required" : [ "artifactKinds", "artifactStates", "ticketTypes", "tier", "timeformat", "version" ],
|
||||
"type" : "object"
|
||||
},
|
||||
"Statistics" : {
|
||||
|
||||
@@ -8,6 +8,8 @@ definitions:
|
||||
additionalProperties:
|
||||
$ref: '#/definitions/Enrichment'
|
||||
type: object
|
||||
kind:
|
||||
type: string
|
||||
name:
|
||||
example: 2.2.2.2
|
||||
type: string
|
||||
@@ -501,6 +503,31 @@ definitions:
|
||||
type: object
|
||||
Settings:
|
||||
properties:
|
||||
artifactKinds:
|
||||
items:
|
||||
$ref: '#/definitions/Type'
|
||||
title: Artifact Kinds
|
||||
type: array
|
||||
artifactStates:
|
||||
items:
|
||||
$ref: '#/definitions/Type'
|
||||
title: Artifact States
|
||||
type: array
|
||||
timeformat:
|
||||
title: Time Format
|
||||
type: string
|
||||
required:
|
||||
- timeformat
|
||||
- artifactKinds
|
||||
- artifactStates
|
||||
type: object
|
||||
SettingsResponse:
|
||||
properties:
|
||||
artifactKinds:
|
||||
items:
|
||||
$ref: '#/definitions/Type'
|
||||
title: Artifact Kinds
|
||||
type: array
|
||||
artifactStates:
|
||||
items:
|
||||
$ref: '#/definitions/Type'
|
||||
@@ -533,6 +560,7 @@ definitions:
|
||||
- tier
|
||||
- timeformat
|
||||
- ticketTypes
|
||||
- artifactKinds
|
||||
- artifactStates
|
||||
type: object
|
||||
Statistics:
|
||||
@@ -1552,6 +1580,7 @@ paths:
|
||||
- admin:job:read
|
||||
- admin:job:write
|
||||
- admin:log:read
|
||||
- admin:settings:write
|
||||
- admin:ticket:delete
|
||||
- admin:user:write
|
||||
- admin:userdata:read
|
||||
@@ -2549,6 +2578,13 @@ paths:
|
||||
description: successful operation
|
||||
examples:
|
||||
test:
|
||||
artifactKinds:
|
||||
- icon: mdi-server
|
||||
id: asset
|
||||
name: Asset
|
||||
- icon: mdi-bullseye
|
||||
id: ioc
|
||||
name: IOC
|
||||
artifactStates:
|
||||
- color: info
|
||||
icon: mdi-help-circle-outline
|
||||
@@ -2569,6 +2605,7 @@ paths:
|
||||
- admin:job:read
|
||||
- admin:job:write
|
||||
- admin:log:read
|
||||
- admin:settings:write
|
||||
- admin:ticket:delete
|
||||
- admin:user:write
|
||||
- admin:userdata:read
|
||||
@@ -2617,13 +2654,132 @@ paths:
|
||||
timeformat: YYYY-MM-DDThh:mm:ss
|
||||
version: 0.0.0-test
|
||||
schema:
|
||||
$ref: '#/definitions/Settings'
|
||||
$ref: '#/definitions/SettingsResponse'
|
||||
security:
|
||||
- roles:
|
||||
- settings:read
|
||||
summary: Get settings
|
||||
tags:
|
||||
- settings
|
||||
post:
|
||||
operationId: saveSettings
|
||||
parameters:
|
||||
- description: Save settings
|
||||
in: body
|
||||
name: settings
|
||||
required: true
|
||||
schema:
|
||||
$ref: '#/definitions/Settings'
|
||||
x-example:
|
||||
artifactKinds:
|
||||
- icon: mdi-server
|
||||
id: asset
|
||||
name: Asset
|
||||
- icon: mdi-bullseye
|
||||
id: ioc
|
||||
name: IOC
|
||||
artifactStates:
|
||||
- color: info
|
||||
icon: mdi-help-circle-outline
|
||||
id: unknown
|
||||
name: Unknown
|
||||
- color: error
|
||||
icon: mdi-skull
|
||||
id: malicious
|
||||
name: Malicious
|
||||
- color: success
|
||||
icon: mdi-check
|
||||
id: clean
|
||||
name: Clean
|
||||
timeformat: YYYY-MM-DDThh:mm:ss
|
||||
responses:
|
||||
"200":
|
||||
description: successful operation
|
||||
examples:
|
||||
test:
|
||||
artifactKinds:
|
||||
- icon: mdi-server
|
||||
id: asset
|
||||
name: Asset
|
||||
- icon: mdi-bullseye
|
||||
id: ioc
|
||||
name: IOC
|
||||
artifactStates:
|
||||
- color: info
|
||||
icon: mdi-help-circle-outline
|
||||
id: unknown
|
||||
name: Unknown
|
||||
- color: error
|
||||
icon: mdi-skull
|
||||
id: malicious
|
||||
name: Malicious
|
||||
- color: success
|
||||
icon: mdi-check
|
||||
id: clean
|
||||
name: Clean
|
||||
roles:
|
||||
- admin:backup:read
|
||||
- admin:backup:restore
|
||||
- admin:group:write
|
||||
- admin:job:read
|
||||
- admin:job:write
|
||||
- admin:log:read
|
||||
- admin:settings:write
|
||||
- admin:ticket:delete
|
||||
- admin:user:write
|
||||
- admin:userdata:read
|
||||
- admin:userdata:write
|
||||
- analyst:automation:read
|
||||
- analyst:currentsettings:write
|
||||
- analyst:currentuser:read
|
||||
- analyst:currentuserdata:read
|
||||
- analyst:file
|
||||
- analyst:group:read
|
||||
- analyst:playbook:read
|
||||
- analyst:rule:read
|
||||
- analyst:settings:read
|
||||
- analyst:template:read
|
||||
- analyst:ticket:read
|
||||
- analyst:ticket:write
|
||||
- analyst:tickettype:read
|
||||
- analyst:user:read
|
||||
- engineer:automation:write
|
||||
- engineer:playbook:write
|
||||
- engineer:rule:write
|
||||
- engineer:template:write
|
||||
- engineer:tickettype:write
|
||||
ticketTypes:
|
||||
- default_playbooks: []
|
||||
default_template: default
|
||||
icon: mdi-alert
|
||||
id: alert
|
||||
name: Alerts
|
||||
- default_playbooks: []
|
||||
default_template: default
|
||||
icon: mdi-radioactive
|
||||
id: incident
|
||||
name: Incidents
|
||||
- default_playbooks: []
|
||||
default_template: default
|
||||
icon: mdi-fingerprint
|
||||
id: investigation
|
||||
name: Forensic Investigations
|
||||
- default_playbooks: []
|
||||
default_template: default
|
||||
icon: mdi-target
|
||||
id: hunt
|
||||
name: Threat Hunting
|
||||
tier: community
|
||||
timeformat: YYYY-MM-DDThh:mm:ss
|
||||
version: 0.0.0-test
|
||||
schema:
|
||||
$ref: '#/definitions/SettingsResponse'
|
||||
security:
|
||||
- roles:
|
||||
- settings:write
|
||||
summary: Save settings
|
||||
tags:
|
||||
- settings
|
||||
/statistics:
|
||||
get:
|
||||
operationId: getStatistics
|
||||
@@ -6970,6 +7126,7 @@ paths:
|
||||
- admin:job:read
|
||||
- admin:job:write
|
||||
- admin:log:read
|
||||
- admin:settings:write
|
||||
- admin:ticket:delete
|
||||
- admin:user:write
|
||||
- admin:userdata:read
|
||||
@@ -7173,6 +7330,7 @@ paths:
|
||||
- admin:job:read
|
||||
- admin:job:write
|
||||
- admin:log:read
|
||||
- admin:settings:write
|
||||
- admin:ticket:delete
|
||||
- admin:user:write
|
||||
- admin:userdata:read
|
||||
|
||||
@@ -225,7 +225,7 @@
|
||||
"apikey" : false,
|
||||
"blocked" : false,
|
||||
"id" : "bob",
|
||||
"roles" : [ "admin:backup:read", "admin:backup:restore", "admin:group:write", "admin:job:read", "admin:job:write", "admin:log:read", "admin:ticket:delete", "admin:user:write", "admin:userdata:read", "admin:userdata:write", "analyst:automation:read", "analyst:currentsettings:write", "analyst:currentuser:read", "analyst:currentuserdata:read", "analyst:file", "analyst:group:read", "analyst:playbook:read", "analyst:rule:read", "analyst:settings:read", "analyst:template:read", "analyst:ticket:read", "analyst:ticket:write", "analyst:tickettype:read", "analyst:user:read", "engineer:automation:write", "engineer:playbook:write", "engineer:rule:write", "engineer:template:write", "engineer:tickettype:write" ]
|
||||
"roles" : [ "admin:backup:read", "admin:backup:restore", "admin:group:write", "admin:job:read", "admin:job:write", "admin:log:read", "admin:settings:write", "admin:ticket:delete", "admin:user:write", "admin:userdata:read", "admin:userdata:write", "analyst:automation:read", "analyst:currentsettings:write", "analyst:currentuser:read", "analyst:currentuserdata:read", "analyst:file", "analyst:group:read", "analyst:playbook:read", "analyst:rule:read", "analyst:settings:read", "analyst:template:read", "analyst:ticket:read", "analyst:ticket:write", "analyst:tickettype:read", "analyst:user:read", "engineer:automation:write", "engineer:playbook:write", "engineer:rule:write", "engineer:template:write", "engineer:tickettype:write" ]
|
||||
}
|
||||
}
|
||||
},
|
||||
@@ -713,11 +713,20 @@
|
||||
"content" : {
|
||||
"application/json" : {
|
||||
"schema" : {
|
||||
"$ref" : "#/components/schemas/Settings"
|
||||
"$ref" : "#/components/schemas/SettingsResponse"
|
||||
}
|
||||
},
|
||||
"test" : {
|
||||
"example" : {
|
||||
"artifactKinds" : [ {
|
||||
"icon" : "mdi-server",
|
||||
"id" : "asset",
|
||||
"name" : "Asset"
|
||||
}, {
|
||||
"icon" : "mdi-bullseye",
|
||||
"id" : "ioc",
|
||||
"name" : "IOC"
|
||||
} ],
|
||||
"artifactStates" : [ {
|
||||
"color" : "info",
|
||||
"icon" : "mdi-help-circle-outline",
|
||||
@@ -734,7 +743,7 @@
|
||||
"id" : "clean",
|
||||
"name" : "Clean"
|
||||
} ],
|
||||
"roles" : [ "admin:backup:read", "admin:backup:restore", "admin:group:write", "admin:job:read", "admin:job:write", "admin:log:read", "admin:ticket:delete", "admin:user:write", "admin:userdata:read", "admin:userdata:write", "analyst:automation:read", "analyst:currentsettings:write", "analyst:currentuser:read", "analyst:currentuserdata:read", "analyst:file", "analyst:group:read", "analyst:playbook:read", "analyst:rule:read", "analyst:settings:read", "analyst:template:read", "analyst:ticket:read", "analyst:ticket:write", "analyst:tickettype:read", "analyst:user:read", "engineer:automation:write", "engineer:playbook:write", "engineer:rule:write", "engineer:template:write", "engineer:tickettype:write" ],
|
||||
"roles" : [ "admin:backup:read", "admin:backup:restore", "admin:group:write", "admin:job:read", "admin:job:write", "admin:log:read", "admin:settings:write", "admin:ticket:delete", "admin:user:write", "admin:userdata:read", "admin:userdata:write", "analyst:automation:read", "analyst:currentsettings:write", "analyst:currentuser:read", "analyst:currentuserdata:read", "analyst:file", "analyst:group:read", "analyst:playbook:read", "analyst:rule:read", "analyst:settings:read", "analyst:template:read", "analyst:ticket:read", "analyst:ticket:write", "analyst:tickettype:read", "analyst:user:read", "engineer:automation:write", "engineer:playbook:write", "engineer:rule:write", "engineer:template:write", "engineer:tickettype:write" ],
|
||||
"ticketTypes" : [ {
|
||||
"default_playbooks" : [ ],
|
||||
"default_template" : "default",
|
||||
@@ -774,6 +783,96 @@
|
||||
} ],
|
||||
"summary" : "Get settings",
|
||||
"tags" : [ "settings" ]
|
||||
},
|
||||
"post" : {
|
||||
"operationId" : "saveSettings",
|
||||
"requestBody" : {
|
||||
"content" : {
|
||||
"application/json" : {
|
||||
"schema" : {
|
||||
"$ref" : "#/components/schemas/Settings"
|
||||
}
|
||||
}
|
||||
},
|
||||
"description" : "Save settings",
|
||||
"required" : true
|
||||
},
|
||||
"responses" : {
|
||||
"200" : {
|
||||
"content" : {
|
||||
"application/json" : {
|
||||
"schema" : {
|
||||
"$ref" : "#/components/schemas/SettingsResponse"
|
||||
}
|
||||
},
|
||||
"test" : {
|
||||
"example" : {
|
||||
"artifactKinds" : [ {
|
||||
"icon" : "mdi-server",
|
||||
"id" : "asset",
|
||||
"name" : "Asset"
|
||||
}, {
|
||||
"icon" : "mdi-bullseye",
|
||||
"id" : "ioc",
|
||||
"name" : "IOC"
|
||||
} ],
|
||||
"artifactStates" : [ {
|
||||
"color" : "info",
|
||||
"icon" : "mdi-help-circle-outline",
|
||||
"id" : "unknown",
|
||||
"name" : "Unknown"
|
||||
}, {
|
||||
"color" : "error",
|
||||
"icon" : "mdi-skull",
|
||||
"id" : "malicious",
|
||||
"name" : "Malicious"
|
||||
}, {
|
||||
"color" : "success",
|
||||
"icon" : "mdi-check",
|
||||
"id" : "clean",
|
||||
"name" : "Clean"
|
||||
} ],
|
||||
"roles" : [ "admin:backup:read", "admin:backup:restore", "admin:group:write", "admin:job:read", "admin:job:write", "admin:log:read", "admin:settings:write", "admin:ticket:delete", "admin:user:write", "admin:userdata:read", "admin:userdata:write", "analyst:automation:read", "analyst:currentsettings:write", "analyst:currentuser:read", "analyst:currentuserdata:read", "analyst:file", "analyst:group:read", "analyst:playbook:read", "analyst:rule:read", "analyst:settings:read", "analyst:template:read", "analyst:ticket:read", "analyst:ticket:write", "analyst:tickettype:read", "analyst:user:read", "engineer:automation:write", "engineer:playbook:write", "engineer:rule:write", "engineer:template:write", "engineer:tickettype:write" ],
|
||||
"ticketTypes" : [ {
|
||||
"default_playbooks" : [ ],
|
||||
"default_template" : "default",
|
||||
"icon" : "mdi-alert",
|
||||
"id" : "alert",
|
||||
"name" : "Alerts"
|
||||
}, {
|
||||
"default_playbooks" : [ ],
|
||||
"default_template" : "default",
|
||||
"icon" : "mdi-radioactive",
|
||||
"id" : "incident",
|
||||
"name" : "Incidents"
|
||||
}, {
|
||||
"default_playbooks" : [ ],
|
||||
"default_template" : "default",
|
||||
"icon" : "mdi-fingerprint",
|
||||
"id" : "investigation",
|
||||
"name" : "Forensic Investigations"
|
||||
}, {
|
||||
"default_playbooks" : [ ],
|
||||
"default_template" : "default",
|
||||
"icon" : "mdi-target",
|
||||
"id" : "hunt",
|
||||
"name" : "Threat Hunting"
|
||||
} ],
|
||||
"tier" : "community",
|
||||
"timeformat" : "YYYY-MM-DDThh:mm:ss",
|
||||
"version" : "0.0.0-test"
|
||||
}
|
||||
}
|
||||
},
|
||||
"description" : "successful operation"
|
||||
}
|
||||
},
|
||||
"security" : [ {
|
||||
"roles" : [ "settings:write" ]
|
||||
} ],
|
||||
"summary" : "Save settings",
|
||||
"tags" : [ "settings" ],
|
||||
"x-codegen-request-body-name" : "settings"
|
||||
}
|
||||
},
|
||||
"/statistics" : {
|
||||
@@ -4563,7 +4662,7 @@
|
||||
"apikey" : false,
|
||||
"blocked" : false,
|
||||
"id" : "bob",
|
||||
"roles" : [ "admin:backup:read", "admin:backup:restore", "admin:group:write", "admin:job:read", "admin:job:write", "admin:log:read", "admin:ticket:delete", "admin:user:write", "admin:userdata:read", "admin:userdata:write", "analyst:automation:read", "analyst:currentsettings:write", "analyst:currentuser:read", "analyst:currentuserdata:read", "analyst:file", "analyst:group:read", "analyst:playbook:read", "analyst:rule:read", "analyst:settings:read", "analyst:template:read", "analyst:ticket:read", "analyst:ticket:write", "analyst:tickettype:read", "analyst:user:read", "engineer:automation:write", "engineer:playbook:write", "engineer:rule:write", "engineer:template:write", "engineer:tickettype:write" ]
|
||||
"roles" : [ "admin:backup:read", "admin:backup:restore", "admin:group:write", "admin:job:read", "admin:job:write", "admin:log:read", "admin:settings:write", "admin:ticket:delete", "admin:user:write", "admin:userdata:read", "admin:userdata:write", "analyst:automation:read", "analyst:currentsettings:write", "analyst:currentuser:read", "analyst:currentuserdata:read", "analyst:file", "analyst:group:read", "analyst:playbook:read", "analyst:rule:read", "analyst:settings:read", "analyst:template:read", "analyst:ticket:read", "analyst:ticket:write", "analyst:tickettype:read", "analyst:user:read", "engineer:automation:write", "engineer:playbook:write", "engineer:rule:write", "engineer:template:write", "engineer:tickettype:write" ]
|
||||
}, {
|
||||
"apikey" : true,
|
||||
"blocked" : false,
|
||||
@@ -4721,7 +4820,7 @@
|
||||
"apikey" : false,
|
||||
"blocked" : false,
|
||||
"id" : "bob",
|
||||
"roles" : [ "admin:backup:read", "admin:backup:restore", "admin:group:write", "admin:job:read", "admin:job:write", "admin:log:read", "admin:ticket:delete", "admin:user:write", "admin:userdata:read", "admin:userdata:write", "analyst:automation:read", "analyst:currentsettings:write", "analyst:currentuser:read", "analyst:currentuserdata:read", "analyst:file", "analyst:group:read", "analyst:playbook:read", "analyst:rule:read", "analyst:settings:read", "analyst:template:read", "analyst:ticket:read", "analyst:ticket:write", "analyst:tickettype:read", "analyst:user:read", "engineer:automation:write", "engineer:playbook:write", "engineer:rule:write", "engineer:template:write", "engineer:tickettype:write" ]
|
||||
"roles" : [ "admin:backup:read", "admin:backup:restore", "admin:group:write", "admin:job:read", "admin:job:write", "admin:log:read", "admin:settings:write", "admin:ticket:delete", "admin:user:write", "admin:userdata:read", "admin:userdata:write", "analyst:automation:read", "analyst:currentsettings:write", "analyst:currentuser:read", "analyst:currentuserdata:read", "analyst:file", "analyst:group:read", "analyst:playbook:read", "analyst:rule:read", "analyst:settings:read", "analyst:template:read", "analyst:ticket:read", "analyst:ticket:write", "analyst:tickettype:read", "analyst:user:read", "engineer:automation:write", "engineer:playbook:write", "engineer:rule:write", "engineer:template:write", "engineer:tickettype:write" ]
|
||||
}
|
||||
}
|
||||
},
|
||||
@@ -4747,6 +4846,9 @@
|
||||
},
|
||||
"type" : "object"
|
||||
},
|
||||
"kind" : {
|
||||
"type" : "string"
|
||||
},
|
||||
"name" : {
|
||||
"example" : "2.2.2.2",
|
||||
"type" : "string"
|
||||
@@ -5214,6 +5316,37 @@
|
||||
},
|
||||
"Settings" : {
|
||||
"properties" : {
|
||||
"artifactKinds" : {
|
||||
"items" : {
|
||||
"$ref" : "#/components/schemas/Type"
|
||||
},
|
||||
"title" : "Artifact Kinds",
|
||||
"type" : "array"
|
||||
},
|
||||
"artifactStates" : {
|
||||
"items" : {
|
||||
"$ref" : "#/components/schemas/Type"
|
||||
},
|
||||
"title" : "Artifact States",
|
||||
"type" : "array"
|
||||
},
|
||||
"timeformat" : {
|
||||
"title" : "Time Format",
|
||||
"type" : "string"
|
||||
}
|
||||
},
|
||||
"required" : [ "artifactKinds", "artifactStates", "timeformat" ],
|
||||
"type" : "object"
|
||||
},
|
||||
"SettingsResponse" : {
|
||||
"properties" : {
|
||||
"artifactKinds" : {
|
||||
"items" : {
|
||||
"$ref" : "#/components/schemas/Type"
|
||||
},
|
||||
"title" : "Artifact Kinds",
|
||||
"type" : "array"
|
||||
},
|
||||
"artifactStates" : {
|
||||
"items" : {
|
||||
"$ref" : "#/components/schemas/Type"
|
||||
@@ -5249,7 +5382,7 @@
|
||||
"type" : "string"
|
||||
}
|
||||
},
|
||||
"required" : [ "artifactStates", "ticketTypes", "tier", "timeformat", "version" ],
|
||||
"required" : [ "artifactKinds", "artifactStates", "ticketTypes", "tier", "timeformat", "version" ],
|
||||
"type" : "object"
|
||||
},
|
||||
"Statistics" : {
|
||||
|
||||
@@ -8,6 +8,8 @@ definitions:
|
||||
additionalProperties:
|
||||
$ref: '#/definitions/Enrichment'
|
||||
type: object
|
||||
kind:
|
||||
type: string
|
||||
name:
|
||||
example: 2.2.2.2
|
||||
type: string
|
||||
@@ -382,6 +384,31 @@ definitions:
|
||||
type: array
|
||||
Settings:
|
||||
properties:
|
||||
artifactKinds:
|
||||
items:
|
||||
$ref: '#/definitions/Type'
|
||||
title: Artifact Kinds
|
||||
type: array
|
||||
artifactStates:
|
||||
items:
|
||||
$ref: '#/definitions/Type'
|
||||
title: Artifact States
|
||||
type: array
|
||||
timeformat:
|
||||
title: Time Format
|
||||
type: string
|
||||
required:
|
||||
- timeformat
|
||||
- artifactKinds
|
||||
- artifactStates
|
||||
type: object
|
||||
SettingsResponse:
|
||||
properties:
|
||||
artifactKinds:
|
||||
items:
|
||||
$ref: '#/definitions/Type'
|
||||
title: Artifact Kinds
|
||||
type: array
|
||||
artifactStates:
|
||||
items:
|
||||
$ref: '#/definitions/Type'
|
||||
@@ -414,6 +441,7 @@ definitions:
|
||||
- tier
|
||||
- timeformat
|
||||
- ticketTypes
|
||||
- artifactKinds
|
||||
- artifactStates
|
||||
type: object
|
||||
Statistics:
|
||||
@@ -1433,6 +1461,7 @@ paths:
|
||||
- admin:job:read
|
||||
- admin:job:write
|
||||
- admin:log:read
|
||||
- admin:settings:write
|
||||
- admin:ticket:delete
|
||||
- admin:user:write
|
||||
- admin:userdata:read
|
||||
@@ -2137,6 +2166,13 @@ paths:
|
||||
description: successful operation
|
||||
examples:
|
||||
test:
|
||||
artifactKinds:
|
||||
- icon: mdi-server
|
||||
id: asset
|
||||
name: Asset
|
||||
- icon: mdi-bullseye
|
||||
id: ioc
|
||||
name: IOC
|
||||
artifactStates:
|
||||
- color: info
|
||||
icon: mdi-help-circle-outline
|
||||
@@ -2157,6 +2193,7 @@ paths:
|
||||
- admin:job:read
|
||||
- admin:job:write
|
||||
- admin:log:read
|
||||
- admin:settings:write
|
||||
- admin:ticket:delete
|
||||
- admin:user:write
|
||||
- admin:userdata:read
|
||||
@@ -2205,13 +2242,132 @@ paths:
|
||||
timeformat: YYYY-MM-DDThh:mm:ss
|
||||
version: 0.0.0-test
|
||||
schema:
|
||||
$ref: '#/definitions/Settings'
|
||||
$ref: '#/definitions/SettingsResponse'
|
||||
security:
|
||||
- roles:
|
||||
- settings:read
|
||||
summary: Get settings
|
||||
tags:
|
||||
- settings
|
||||
post:
|
||||
operationId: saveSettings
|
||||
parameters:
|
||||
- description: Save settings
|
||||
in: body
|
||||
name: settings
|
||||
required: true
|
||||
schema:
|
||||
$ref: '#/definitions/Settings'
|
||||
x-example:
|
||||
artifactKinds:
|
||||
- icon: mdi-server
|
||||
id: asset
|
||||
name: Asset
|
||||
- icon: mdi-bullseye
|
||||
id: ioc
|
||||
name: IOC
|
||||
artifactStates:
|
||||
- color: info
|
||||
icon: mdi-help-circle-outline
|
||||
id: unknown
|
||||
name: Unknown
|
||||
- color: error
|
||||
icon: mdi-skull
|
||||
id: malicious
|
||||
name: Malicious
|
||||
- color: success
|
||||
icon: mdi-check
|
||||
id: clean
|
||||
name: Clean
|
||||
timeformat: YYYY-MM-DDThh:mm:ss
|
||||
responses:
|
||||
"200":
|
||||
description: successful operation
|
||||
examples:
|
||||
test:
|
||||
artifactKinds:
|
||||
- icon: mdi-server
|
||||
id: asset
|
||||
name: Asset
|
||||
- icon: mdi-bullseye
|
||||
id: ioc
|
||||
name: IOC
|
||||
artifactStates:
|
||||
- color: info
|
||||
icon: mdi-help-circle-outline
|
||||
id: unknown
|
||||
name: Unknown
|
||||
- color: error
|
||||
icon: mdi-skull
|
||||
id: malicious
|
||||
name: Malicious
|
||||
- color: success
|
||||
icon: mdi-check
|
||||
id: clean
|
||||
name: Clean
|
||||
roles:
|
||||
- admin:backup:read
|
||||
- admin:backup:restore
|
||||
- admin:group:write
|
||||
- admin:job:read
|
||||
- admin:job:write
|
||||
- admin:log:read
|
||||
- admin:settings:write
|
||||
- admin:ticket:delete
|
||||
- admin:user:write
|
||||
- admin:userdata:read
|
||||
- admin:userdata:write
|
||||
- analyst:automation:read
|
||||
- analyst:currentsettings:write
|
||||
- analyst:currentuser:read
|
||||
- analyst:currentuserdata:read
|
||||
- analyst:file
|
||||
- analyst:group:read
|
||||
- analyst:playbook:read
|
||||
- analyst:rule:read
|
||||
- analyst:settings:read
|
||||
- analyst:template:read
|
||||
- analyst:ticket:read
|
||||
- analyst:ticket:write
|
||||
- analyst:tickettype:read
|
||||
- analyst:user:read
|
||||
- engineer:automation:write
|
||||
- engineer:playbook:write
|
||||
- engineer:rule:write
|
||||
- engineer:template:write
|
||||
- engineer:tickettype:write
|
||||
ticketTypes:
|
||||
- default_playbooks: []
|
||||
default_template: default
|
||||
icon: mdi-alert
|
||||
id: alert
|
||||
name: Alerts
|
||||
- default_playbooks: []
|
||||
default_template: default
|
||||
icon: mdi-radioactive
|
||||
id: incident
|
||||
name: Incidents
|
||||
- default_playbooks: []
|
||||
default_template: default
|
||||
icon: mdi-fingerprint
|
||||
id: investigation
|
||||
name: Forensic Investigations
|
||||
- default_playbooks: []
|
||||
default_template: default
|
||||
icon: mdi-target
|
||||
id: hunt
|
||||
name: Threat Hunting
|
||||
tier: community
|
||||
timeformat: YYYY-MM-DDThh:mm:ss
|
||||
version: 0.0.0-test
|
||||
schema:
|
||||
$ref: '#/definitions/SettingsResponse'
|
||||
security:
|
||||
- roles:
|
||||
- settings:write
|
||||
summary: Save settings
|
||||
tags:
|
||||
- settings
|
||||
/statistics:
|
||||
get:
|
||||
operationId: getStatistics
|
||||
@@ -6558,6 +6714,7 @@ paths:
|
||||
- admin:job:read
|
||||
- admin:job:write
|
||||
- admin:log:read
|
||||
- admin:settings:write
|
||||
- admin:ticket:delete
|
||||
- admin:user:write
|
||||
- admin:userdata:read
|
||||
@@ -6761,6 +6918,7 @@ paths:
|
||||
- admin:job:read
|
||||
- admin:job:write
|
||||
- admin:log:read
|
||||
- admin:settings:write
|
||||
- admin:ticket:delete
|
||||
- admin:user:write
|
||||
- admin:userdata:read
|
||||
|
||||
@@ -35,6 +35,7 @@ var (
|
||||
ReferenceSchema = new(gojsonschema.Schema)
|
||||
ReferenceArraySchema = new(gojsonschema.Schema)
|
||||
SettingsSchema = new(gojsonschema.Schema)
|
||||
SettingsResponseSchema = new(gojsonschema.Schema)
|
||||
StatisticsSchema = new(gojsonschema.Schema)
|
||||
TaskSchema = new(gojsonschema.Schema)
|
||||
TaskOriginSchema = new(gojsonschema.Schema)
|
||||
@@ -63,7 +64,7 @@ var (
|
||||
|
||||
func init() {
|
||||
err := schemaLoader.AddSchemas(
|
||||
gojsonschema.NewStringLoader(`{"type":"object","properties":{"enrichments":{"type":"object","additionalProperties":{"$ref":"#/definitions/Enrichment"}},"name":{"type":"string"},"status":{"type":"string"},"type":{"type":"string"}},"required":["name"],"$id":"#/definitions/Artifact"}`),
|
||||
gojsonschema.NewStringLoader(`{"type":"object","properties":{"enrichments":{"type":"object","additionalProperties":{"$ref":"#/definitions/Enrichment"}},"kind":{"type":"string"},"name":{"type":"string"},"status":{"type":"string"},"type":{"type":"string"}},"required":["name"],"$id":"#/definitions/Artifact"}`),
|
||||
gojsonschema.NewStringLoader(`{"type":"object","properties":{"artifact":{"type":"string"},"ticket_id":{"format":"int64","type":"integer"}},"required":["ticket_id","artifact"],"$id":"#/definitions/ArtifactOrigin"}`),
|
||||
gojsonschema.NewStringLoader(`{"type":"object","properties":{"image":{"type":"string"},"schema":{"type":"string"},"script":{"type":"string"},"type":{"items":{"type":"string","enum":["artifact","playbook","global"]},"type":"array"}},"required":["image","script","type"],"$id":"#/definitions/Automation"}`),
|
||||
gojsonschema.NewStringLoader(`{"type":"object","properties":{"id":{"type":"string"},"image":{"type":"string"},"schema":{"type":"string"},"script":{"type":"string"},"type":{"items":{"type":"string","enum":["artifact","playbook","global"]},"type":"array"}},"required":["id","image","script","type"],"$id":"#/definitions/AutomationForm"}`),
|
||||
@@ -89,7 +90,8 @@ func init() {
|
||||
gojsonschema.NewStringLoader(`{"type":"object","properties":{"id":{"type":"string"},"name":{"type":"string"},"yaml":{"type":"string"}},"required":["id","name","yaml"],"$id":"#/definitions/PlaybookTemplateResponse"}`),
|
||||
gojsonschema.NewStringLoader(`{"type":"object","properties":{"href":{"type":"string"},"name":{"type":"string"}},"required":["name","href"],"$id":"#/definitions/Reference"}`),
|
||||
gojsonschema.NewStringLoader(`{"items":{"$ref":"#/definitions/Reference"},"type":"array","$id":"#/definitions/ReferenceArray"}`),
|
||||
gojsonschema.NewStringLoader(`{"type":"object","properties":{"artifactStates":{"title":"Artifact States","items":{"$ref":"#/definitions/Type"},"type":"array"},"roles":{"title":"Roles","items":{"type":"string"},"type":"array"},"ticketTypes":{"title":"Ticket Types","items":{"$ref":"#/definitions/TicketTypeResponse"},"type":"array"},"tier":{"title":"Tier","type":"string","enum":["community","enterprise"]},"timeformat":{"title":"Time Format","type":"string"},"version":{"title":"Version","type":"string"}},"required":["version","tier","timeformat","ticketTypes","artifactStates"],"$id":"#/definitions/Settings"}`),
|
||||
gojsonschema.NewStringLoader(`{"type":"object","properties":{"artifactKinds":{"title":"Artifact Kinds","items":{"$ref":"#/definitions/Type"},"type":"array"},"artifactStates":{"title":"Artifact States","items":{"$ref":"#/definitions/Type"},"type":"array"},"timeformat":{"title":"Time Format","type":"string"}},"required":["timeformat","artifactKinds","artifactStates"],"$id":"#/definitions/Settings"}`),
|
||||
gojsonschema.NewStringLoader(`{"type":"object","properties":{"artifactKinds":{"title":"Artifact Kinds","items":{"$ref":"#/definitions/Type"},"type":"array"},"artifactStates":{"title":"Artifact States","items":{"$ref":"#/definitions/Type"},"type":"array"},"roles":{"title":"Roles","items":{"type":"string"},"type":"array"},"ticketTypes":{"title":"Ticket Types","items":{"$ref":"#/definitions/TicketTypeResponse"},"type":"array"},"tier":{"title":"Tier","type":"string","enum":["community","enterprise"]},"timeformat":{"title":"Time Format","type":"string"},"version":{"title":"Version","type":"string"}},"required":["version","tier","timeformat","ticketTypes","artifactKinds","artifactStates"],"$id":"#/definitions/SettingsResponse"}`),
|
||||
gojsonschema.NewStringLoader(`{"type":"object","properties":{"open_tickets_per_user":{"type":"object","additionalProperties":{"type":"integer"}},"tickets_per_type":{"type":"object","additionalProperties":{"type":"integer"}},"tickets_per_week":{"type":"object","additionalProperties":{"type":"integer"}},"unassigned":{"type":"integer"}},"required":["unassigned","open_tickets_per_user","tickets_per_week","tickets_per_type"],"$id":"#/definitions/Statistics"}`),
|
||||
gojsonschema.NewStringLoader(`{"type":"object","properties":{"automation":{"type":"string"},"closed":{"format":"date-time","type":"string"},"created":{"format":"date-time","type":"string"},"data":{"type":"object"},"done":{"type":"boolean"},"join":{"type":"boolean"},"name":{"type":"string"},"next":{"type":"object","additionalProperties":{"type":"string"}},"owner":{"type":"string"},"payload":{"type":"object","additionalProperties":{"type":"string"}},"schema":{"type":"object"},"type":{"type":"string","enum":["task","input","automation"]}},"required":["name","type","done","created"],"$id":"#/definitions/Task"}`),
|
||||
gojsonschema.NewStringLoader(`{"type":"object","properties":{"playbook_id":{"type":"string"},"task_id":{"type":"string"},"ticket_id":{"format":"int64","type":"integer"}},"required":["ticket_id","playbook_id","task_id"],"$id":"#/definitions/TaskOrigin"}`),
|
||||
@@ -146,6 +148,7 @@ func init() {
|
||||
ReferenceSchema = mustCompile(`#/definitions/Reference`)
|
||||
ReferenceArraySchema = mustCompile(`#/definitions/ReferenceArray`)
|
||||
SettingsSchema = mustCompile(`#/definitions/Settings`)
|
||||
SettingsResponseSchema = mustCompile(`#/definitions/SettingsResponse`)
|
||||
StatisticsSchema = mustCompile(`#/definitions/Statistics`)
|
||||
TaskSchema = mustCompile(`#/definitions/Task`)
|
||||
TaskOriginSchema = mustCompile(`#/definitions/TaskOrigin`)
|
||||
@@ -174,6 +177,7 @@ func init() {
|
||||
|
||||
type Artifact struct {
|
||||
Enrichments map[string]*Enrichment `json:"enrichments,omitempty"`
|
||||
Kind *string `json:"kind,omitempty"`
|
||||
Name string `json:"name"`
|
||||
Status *string `json:"status,omitempty"`
|
||||
Type *string `json:"type,omitempty"`
|
||||
@@ -338,6 +342,13 @@ type Reference struct {
|
||||
type ReferenceArray []*Reference
|
||||
|
||||
type Settings struct {
|
||||
ArtifactKinds []*Type `json:"artifactKinds"`
|
||||
ArtifactStates []*Type `json:"artifactStates"`
|
||||
Timeformat string `json:"timeformat"`
|
||||
}
|
||||
|
||||
type SettingsResponse struct {
|
||||
ArtifactKinds []*Type `json:"artifactKinds"`
|
||||
ArtifactStates []*Type `json:"artifactStates"`
|
||||
Roles []string `json:"roles,omitempty"`
|
||||
TicketTypes []*TicketTypeResponse `json:"ticketTypes"`
|
||||
@@ -598,9 +609,9 @@ func mustCompile(uri string) *gojsonschema.Schema {
|
||||
}
|
||||
|
||||
const (
|
||||
SettingsTierCommunity = "community"
|
||||
SettingsResponseTierCommunity = "community"
|
||||
|
||||
SettingsTierEnterprise = "enterprise"
|
||||
SettingsResponseTierEnterprise = "enterprise"
|
||||
|
||||
TaskTypeTask = "task"
|
||||
|
||||
|
||||
Reference in New Issue
Block a user