Merge pull request #975 from dfir-iris/api_v2_delete_global_task

Api v2 delete global task

Author: whikernel

.vulture.ignore

@@ -1,4 +1,8 @@
-EvidenceStorage  # Do not remove: this is used by package iris-module-interface (see https://github.com/dfir-iris/iris-module-interface, iris_interface/IrisModuleInterface.py)
+########## Do not remove: used by package iris-module-interface (see https://github.com/dfir-iris/iris-module-interface, iris_interface/IrisModuleInterface.py)
+EvidenceStorage
+deregister_from_hook
+get_mod_config_by_name
+register_hook
 ######### Alembic variables
 revision  # unused variable (/home/ubuntu/code/dfir-iris/iris-web/source/app/alembic/versions/00b43bc4e8ac_add_prevent_post_init_to_register_case_.py:14)
 down_revision  # unused variable (/home/ubuntu/code/dfir-iris/iris-web/source/app/alembic/versions/00b43bc4e8ac_add_prevent_post_init_to_register_case_.py:15)
@@ -269,7 +273,6 @@ get_case_client  # unused function (/home/ubuntu/code/dfir-iris/iris-web/source/
 ctx_get_user_cases  # unused function (/home/ubuntu/code/dfir-iris/iris-web/source/app/datamgmt/context/context_db.py:31)
 update_gtask_status  # unused function (/home/ubuntu/code/dfir-iris/iris-web/source/app/datamgmt/dashboard/dashboard_db.py:131)
 update_utask_status  # unused function (/home/ubuntu/code/dfir-iris/iris-web/source/app/datamgmt/dashboard/dashboard_db.py:147)
-get_task_status  # unused function (/home/ubuntu/code/dfir-iris/iris-web/source/app/datamgmt/dashboard/dashboard_db.py:166)
 _.is_evidence_registered  # unused method (/home/ubuntu/code/dfir-iris/iris-web/source/app/datamgmt/iris_engine/evidence_storage.py:24)
 _.add_evidence  # unused method (/home/ubuntu/code/dfir-iris/iris-web/source/app/datamgmt/iris_engine/evidence_storage.py:32)
 _.added_by_id  # unused attribute (/home/ubuntu/code/dfir-iris/iris-web/source/app/datamgmt/iris_engine/modules_db.py:54)
@@ -319,11 +322,8 @@ case_organisations  # unused variable (/home/ubuntu/code/dfir-iris/iris-web/sour
 CaseNoteForm  # unused class (/home/ubuntu/code/dfir-iris/iris-web/source/app/forms.py:223)
 ac_get_effective_permissions_from_groups  # unused function (/home/ubuntu/code/dfir-iris/iris-web/source/app/iris_engine/access_control/utils.py:138)
 check_module_compatibility  # unused function (/home/ubuntu/code/dfir-iris/iris-web/source/app/iris_engine/module_handler/module_handler.py:46)
-get_mod_config_by_name  # unused function (/home/ubuntu/code/dfir-iris/iris-web/source/app/iris_engine/module_handler/module_handler.py:234)
-register_hook  # unused function (/home/ubuntu/code/dfir-iris/iris-web/source/app/iris_engine/module_handler/module_handler.py:323)
 _.wait_till_return  # unused attribute (/home/ubuntu/code/dfir-iris/iris-web/source/app/iris_engine/module_handler/module_handler.py:372)
 _.max_retry  # unused attribute (/home/ubuntu/code/dfir-iris/iris-web/source/app/iris_engine/module_handler/module_handler.py:374)
-deregister_from_hook  # unused function (/home/ubuntu/code/dfir-iris/iris-web/source/app/iris_engine/module_handler/module_handler.py:391)
 on_task_init  # unused function (/home/ubuntu/code/dfir-iris/iris-web/source/app/iris_engine/tasker/tasks.py:33)
 chunks  # unused function (/home/ubuntu/code/dfir-iris/iris-web/source/app/iris_engine/tasker/tasks.py:92)
 notify_server_ready_to_reboot  # unused function (/home/ubuntu/code/dfir-iris/iris-web/source/app/iris_engine/updater/updater.py:70)

pyproject.toml

@@ -40,17 +40,17 @@ forbidden_modules = "sqlalchemy"
 allow_indirect_imports = true
 
 [[tool.importlinter.contracts]]
-name = "Do not import API layer from the persistence layer"
+name = "Do not import API layer from the persistence layer (access_controls)"
 type = "forbidden"
-source_modules = "app.datamgmt.dashboard"
-forbidden_modules = "app.blueprints"
+source_modules = "app.datamgmt"
+forbidden_modules = "app.blueprints.access_controls"
 allow_indirect_imports = true
 
 [[tool.importlinter.contracts]]
-name = "Do not import API layer from the persistence layer (access_controls)"
+name = "Do not import API layer from the persistence layer (iris_user)"
 type = "forbidden"
-source_modules = "app.datamgmt"
-forbidden_modules = "app.blueprints.access_controls"
+source_modules = "app.datamgmt.case.case_assets_db"
+forbidden_modules = "app.blueprints.iris_user"
 allow_indirect_imports = true
 
 [[tool.importlinter.contracts]]

source/app/blueprints/pages/dashboard/dashboard_routes.py

@@ -24,7 +24,7 @@
 
 from app import app
 from app.blueprints.iris_user import iris_current_user
-from app.datamgmt.dashboard.dashboard_db import get_tasks_status
+from app.datamgmt.case.case_tasks_db import get_tasks_status
 from app.forms import CaseGlobalTaskForm
 from app.iris_engine.access_control.utils import ac_get_user_case_counts
 from app.models.authorization import User

source/app/blueprints/rest/alerts_routes.py

@@ -369,13 +369,13 @@ def alerts_update_route(alert_id) -> Response:
         # Save the changes
         db.session.commit()
 
-        updated_alert = call_modules_hook('on_postload_alert_update', data=updated_alert)
+        updated_alert = call_modules_hook('on_postload_alert_update', updated_alert)
 
         if do_resolution_hook:
-            updated_alert = call_modules_hook('on_postload_alert_resolution_update', data=updated_alert)
+            updated_alert = call_modules_hook('on_postload_alert_resolution_update', updated_alert)
 
         if do_status_hook:
-            updated_alert = call_modules_hook('on_postload_alert_status_update', data=updated_alert)
+            updated_alert = call_modules_hook('on_postload_alert_status_update', updated_alert)
 
         if activity_data:
             activity_data_as_string = ','.join(activity_data)
@@ -455,7 +455,7 @@ def alerts_batch_update_route() -> Response:
 
             db.session.commit()
 
-            alert = call_modules_hook('on_postload_alert_update', data=alert)
+            alert = call_modules_hook('on_postload_alert_update', alert)
 
             if activity_data:
                 track_activity(f"updated alert #{alert_id}: {','.join(activity_data)}", ctx_less=True)
@@ -509,7 +509,7 @@ def alerts_batch_delete_route() -> Response:
     if not success:
         return response_error(logs)
 
-    alert = call_modules_hook('on_postload_alert_delete', data={"alert_ids": alert_ids})
+    alert = call_modules_hook('on_postload_alert_delete', {"alert_ids": alert_ids})
 
     track_activity(f"deleted alerts #{','.join(str(alert_id) for alert_id in alert_ids)}", ctx_less=True)
 
@@ -551,7 +551,7 @@ def alerts_delete_route(alert_id) -> Response:
         db.session.delete(alert)
         db.session.commit()
 
-        alert = call_modules_hook('on_postload_alert_delete', data=alert_id)
+        alert = call_modules_hook('on_postload_alert_delete', alert_id)
 
         track_activity(f"delete alert #{alert_id}", ctx_less=True)
 
@@ -613,15 +613,15 @@ def alerts_escalate_route(alert_id) -> Response:
 
         ac_set_new_case_access(iris_current_user, case.case_id, case.client_id)
 
-        case = call_modules_hook('on_postload_case_create', data=case)
+        case = call_modules_hook('on_postload_case_create', case)
 
         add_obj_history_entry(case, 'created')
         track_activity(f"new case {case.name} created from alert",
                        ctx_less=True)
 
         add_obj_history_entry(alert, f"Alert escalated to case #{case.case_id}")
 
-        alert = call_modules_hook('on_postload_alert_escalate', data=alert)
+        alert = call_modules_hook('on_postload_alert_escalate', alert)
 
         # Return the updated alert as JSON
         return response_success(data=CaseSchema().dump(case))
@@ -687,7 +687,7 @@ def alerts_merge_route(alert_id) -> Response:
                             iocs_list=iocs_import_list, assets_list=assets_import_list, note=note,
                             import_as_event=import_as_event, case_tags=case_tags)
 
-        alert = call_modules_hook('on_postload_alert_merge', data=alert, caseid=target_case_id)
+        alert = call_modules_hook('on_postload_alert_merge', alert, caseid=target_case_id)
 
         track_activity(f"merge alert #{alert_id} into existing case #{target_case_id}", caseid=target_case_id)
         add_obj_history_entry(alert, f"Alert merged into existing case #{target_case_id}")
@@ -747,7 +747,7 @@ def alerts_unmerge_route(alert_id) -> Response:
         track_activity(f"unmerge alert #{alert_id} from case #{target_case_id}", caseid=target_case_id)
         add_obj_history_entry(alert, f"Alert unmerged from case #{target_case_id}")
 
-        alert = call_modules_hook('on_postload_alert_unmerge', data=alert)
+        alert = call_modules_hook('on_postload_alert_unmerge', alert)
 
         # Return the updated case as JSON
         return response_success(data=AlertSchema().dump(alert), msg=message)
@@ -816,7 +816,7 @@ def alerts_batch_merge_route() -> Response:
 
             add_obj_history_entry(alert, f"Alert merged into existing case #{target_case_id}")
 
-            alert = call_modules_hook('on_postload_alert_merge', data=alert)
+            alert = call_modules_hook('on_postload_alert_merge', alert)
 
         if note:
             case.description += f"\n\n### Escalation note\n\n{note}\n\n" if case.description else f"\n\n{note}\n\n"
@@ -877,7 +877,7 @@ def alerts_batch_escalate_route() -> Response:
 
             alert.alert_status_id = AlertStatus.query.filter_by(status_name='Merged').first().status_id
             db.session.commit()
-            alert = call_modules_hook('on_postload_alert_escalate', data=alert)
+            alert = call_modules_hook('on_postload_alert_escalate', alert)
 
             alerts_list.append(alert)
 
@@ -890,7 +890,7 @@ def alerts_batch_escalate_route() -> Response:
 
         ac_set_new_case_access(iris_current_user, case.case_id, case.client_id)
 
-        case = call_modules_hook('on_postload_case_create', data=case)
+        case = call_modules_hook('on_postload_case_create', case)
 
         add_obj_history_entry(case, 'created')
         track_activity(f"new case {case.name} created from alerts",
@@ -963,7 +963,7 @@ def alert_comment_delete(alert_id, com_id):
     if not success:
         return response_error(msg)
 
-    call_modules_hook('on_postload_alert_comment_delete', data=com_id)
+    call_modules_hook('on_postload_alert_comment_delete', com_id)
 
     track_activity(f"comment {com_id} on alert {alert_id} deleted", ctx_less=True)
 
@@ -1065,7 +1065,7 @@ def case_comment_add(alert_id):
             "comment": comment_schema.dump(comment),
             "alert": AlertSchema().dump(alert)
         }
-        call_modules_hook('on_postload_alert_commented', data=hook_data)
+        call_modules_hook('on_postload_alert_commented', hook_data)
 
         track_activity(f"alert \"{alert.alert_id}\" commented", ctx_less=True)
         return response_success("Alert commented", data=comment_schema.dump(comment))

source/app/blueprints/rest/case/case_assets_routes.py

@@ -44,6 +44,7 @@
 from app.datamgmt.case.case_assets_db import get_case_asset_comments
 from app.datamgmt.case.case_assets_db import get_similar_assets
 from app.datamgmt.case.case_db import get_case_client_id
+from app.datamgmt.comments import get_comment
 from app.datamgmt.manage.manage_attribute_db import get_default_custom_attributes
 from app.datamgmt.manage.manage_users_db import get_user_cases_fast
 from app.datamgmt.states import get_assets_state
@@ -166,7 +167,7 @@ def case_assets_state(caseid):
 def deprecated_add_asset(caseid):
     asset_schema = CaseAssetsSchema()
     try:
-        request_data = call_modules_hook('on_preload_asset_create', data=request.get_json(), caseid=caseid)
+        request_data = call_modules_hook('on_preload_asset_create', request.get_json(), caseid=caseid)
         ioc_links = request_data.get('ioc_links')
         asset = asset_schema.load(request_data)
         created_asset = assets_create(iris_current_user, caseid, asset, ioc_links)
@@ -243,7 +244,7 @@ def case_upload_asset(caseid):
 
             row['analysis_status_id'] = analysis_status_id
 
-            request_data = call_modules_hook('on_preload_asset_create', data=row, caseid=caseid)
+            request_data = call_modules_hook('on_preload_asset_create', row, caseid=caseid)
 
             add_asset_schema.is_unique_for_cid(caseid, request_data)
             asset_sc = add_asset_schema.load(request_data)
@@ -253,7 +254,7 @@ def case_upload_asset(caseid):
                                  user_id=iris_current_user.id
                                  )
 
-            asset = call_modules_hook('on_postload_asset_create', data=asset, caseid=caseid)
+            asset = call_modules_hook('on_postload_asset_create', asset, caseid=caseid)
 
             if not asset:
                 errors.append('Unable to add asset for internal reason')
@@ -305,7 +306,7 @@ def asset_update(cur_id, caseid):
         if not asset:
             return response_error("Invalid asset ID for this case")
 
-        request_data = call_modules_hook('on_preload_asset_update', data=request.get_json(), caseid=caseid)
+        request_data = call_modules_hook('on_preload_asset_update', request.get_json(), caseid=caseid)
         request_data['asset_id'] = asset.asset_id
         schema = CaseAssetsSchema()
         updated_asset = schema.load(request_data, instance=asset, partial=True)
@@ -375,7 +376,7 @@ def case_comment_asset_add(cur_id, caseid):
             "comment": comment_schema.dump(comment),
             "asset": CaseAssetsSchema().dump(asset)
         }
-        call_modules_hook('on_postload_asset_commented', data=hook_data, caseid=caseid)
+        call_modules_hook('on_postload_asset_commented', hook_data, caseid=caseid)
 
         track_activity(f"asset \"{asset.asset_name}\" commented", caseid=caseid)
         return response_success("Asset commented", data=comment_schema.dump(comment))
@@ -407,11 +408,13 @@ def case_comment_asset_edit(cur_id, com_id, caseid):
 @ac_requires_case_identifier(CaseAccessLevel.full_access)
 @ac_api_requires()
 def case_comment_asset_delete(cur_id, com_id, caseid):
-    success, msg = delete_asset_comment(cur_id, com_id)
-    if not success:
-        return response_error(msg)
+    comment = get_comment(iris_current_user, com_id)
+    if not comment:
+        return response_error('You are not allowed to delete this comment')
+
+    delete_asset_comment(cur_id, comment)
 
-    call_modules_hook('on_postload_asset_comment_delete', data=com_id, caseid=caseid)
+    call_modules_hook('on_postload_asset_comment_delete', com_id, caseid=caseid)
 
     track_activity(f'comment {com_id} on asset {cur_id} deleted', caseid=caseid)
-    return response_success(msg)
+    return response_success('Comment deleted')

source/app/blueprints/rest/case/case_evidences_routes.py

@@ -189,7 +189,7 @@ def case_comment_evidence_add(cur_id, caseid):
             "comment": comment_schema.dump(comment),
             "evidence": CaseEvidenceSchema().dump(evidence)
         }
-        call_modules_hook('on_postload_evidence_commented', data=hook_data, caseid=caseid)
+        call_modules_hook('on_postload_evidence_commented', hook_data, caseid=caseid)
 
         track_activity(f"evidence \"{evidence.filename}\" commented", caseid=caseid)
         return response_success("Evidence commented", data=comment_schema.dump(comment))
@@ -225,7 +225,7 @@ def case_comment_evidence_delete(cur_id, com_id, caseid):
     if not success:
         return response_error(msg)
 
-    call_modules_hook('on_postload_evidence_comment_delete', data=com_id, caseid=caseid)
+    call_modules_hook('on_postload_evidence_comment_delete', com_id, caseid=caseid)
 
     track_activity(f"comment {com_id} on evidence {cur_id} deleted", caseid=caseid)
     return response_success(msg)

source/app/blueprints/rest/case/case_ioc_routes.py

@@ -179,7 +179,7 @@ def case_upload_ioc(caseid):
             row['ioc_type_id'] = type_id.type_id
             row.pop('ioc_type', None)
 
-            request_data = call_modules_hook('on_preload_ioc_create', data=row, caseid=caseid)
+            request_data = call_modules_hook('on_preload_ioc_create', row, caseid=caseid)
 
             ioc = add_ioc_schema.load(request_data)
             ioc.custom_attributes = get_default_custom_attributes('ioc')
@@ -191,7 +191,7 @@ def case_upload_ioc(caseid):
                 continue
 
             add_ioc(ioc, iris_current_user.id, caseid)
-            ioc = call_modules_hook('on_postload_ioc_create', data=ioc, caseid=caseid)
+            ioc = call_modules_hook('on_postload_ioc_create', ioc, caseid=caseid)
             ret.append(request_data)
             track_activity(f'added ioc "{ioc.ioc_value}"', caseid=caseid)
 
@@ -304,7 +304,7 @@ def case_comment_ioc_add(cur_id, caseid):
             'comment': comment_schema.dump(comment),
             'ioc': IocSchema().dump(ioc)
         }
-        call_modules_hook('on_postload_ioc_commented', data=hook_data, caseid=ioc.case_id)
+        call_modules_hook('on_postload_ioc_commented', hook_data, caseid=ioc.case_id)
 
         track_activity(f'ioc "{ioc.ioc_value}" commented', caseid=ioc.case_id)
         return response_success('IOC commented', data=comment_schema.dump(comment))
@@ -342,7 +342,7 @@ def case_comment_ioc_delete(cur_id, com_id, caseid):
     if not success:
         return response_error(msg)
 
-    call_modules_hook('on_postload_ioc_comment_delete', data=com_id, caseid=caseid)
+    call_modules_hook('on_postload_ioc_comment_delete', com_id, caseid=caseid)
 
     track_activity(f'comment {com_id} on ioc {cur_id} deleted', caseid=caseid)
     return response_success(msg)

source/app/blueprints/rest/case/case_notes_routes.py

@@ -138,7 +138,7 @@ def case_note_save(cur_id, caseid):
 
     try:
         note = notes_get(cur_id)
-        request_data = call_modules_hook('on_preload_note_update', data=request.get_json(), caseid=note.note_case_id)
+        request_data = call_modules_hook('on_preload_note_update', request.get_json(), caseid=note.note_case_id)
 
         request_data['note_id'] = note.note_id
         addnote_schema.load(request_data, partial=True, instance=note)
@@ -207,7 +207,7 @@ def case_note_add(caseid):
 
     try:
 
-        request_data = call_modules_hook('on_preload_note_create', data=request.get_json(), caseid=caseid)
+        request_data = call_modules_hook('on_preload_note_create', request.get_json(), caseid=caseid)
         note_schema = CaseNoteSchema()
         note_schema.verify_directory_id(request_data, caseid=caseid)
 
@@ -426,7 +426,7 @@ def case_comment_note_add(cur_id, caseid):
             "comment": comment_schema.dump(comment),
             "note": CaseNoteSchema().dump(note)
         }
-        call_modules_hook('on_postload_note_commented', data=hook_data, caseid=caseid)
+        call_modules_hook('on_postload_note_commented', hook_data, caseid=caseid)
 
         track_activity(f"note \"{note.note_title}\" commented", caseid=caseid)
         return response_success("Note commented", data=comment_schema.dump(comment))
@@ -462,7 +462,7 @@ def case_comment_note_delete(cur_id, com_id, caseid):
     if not success:
         return response_error(msg)
 
-    call_modules_hook('on_postload_note_comment_delete', data=com_id, caseid=caseid)
+    call_modules_hook('on_postload_note_comment_delete', com_id, caseid=caseid)
 
     track_activity(f"comment {com_id} on note {cur_id} deleted", caseid=caseid)
     return response_success(msg)

source/app/blueprints/rest/case/case_tasks_routes.py

@@ -230,7 +230,7 @@ def case_comment_task_add(cur_id: int, caseid: int):
             "comment": comment_schema.dump(comment),
             "task": CaseTaskSchema().dump(task)
         }
-        call_modules_hook('on_postload_task_commented', data=hook_data, caseid=caseid)
+        call_modules_hook('on_postload_task_commented', hook_data, caseid=caseid)
 
         track_activity(f"task \"{task.task_title}\" commented", caseid=caseid)
         return response_success("Task commented", data=comment_schema.dump(comment))
@@ -270,7 +270,7 @@ def case_comment_task_delete(cur_id: int, com_id: int, caseid: int):
     if not success:
         return response_error(msg)
 
-    call_modules_hook('on_postload_task_comment_delete', data=com_id, caseid=caseid)
+    call_modules_hook('on_postload_task_comment_delete', com_id, caseid=caseid)
 
     track_activity(f"comment {com_id} on task {cur_id} deleted", caseid=caseid)
     return response_success(msg)