Api v2 get customer

.github/workflows/ci.yml

@@ -131,10 +131,8 @@ jobs:
         uses: actions/checkout@v4
       - name: Start development server
         run: |
-          # Even though, we use --env-file option when running docker compose, this is still necessary, because the compose has a env_file attribute :(
-          # TODO should move basic.env file, which is in directory tests, up. It's used in several places. Maybe, rename it into dev.env
-          cp tests/data/basic.env .env
-          docker compose --file docker-compose.dev.yml --env-file tests/data/basic.env up --detach --wait
+          cp .env.tests.model .env
+          docker compose --file docker-compose.dev.yml up --detach --wait
       - name: Generate GraphQL documentation
         run: |
           npx spectaql@^3.0.2 source/spectaql/config.yml
@@ -170,9 +168,7 @@ jobs:
         uses: actions/checkout@v4
       - name: Start development server
         run: |
-          # Even though, we use --env-file option when running docker compose, this is still necessary, because the compose has a env_file attribute :(
-          # TODO should move basic.env file, which is in directory tests, up. It's used in several places. Maybe, rename it into dev.env
-          cp tests/data/basic.env .env
+          cp .env.tests.model .env
           docker compose --file docker-compose.dev.yml up --detach --wait
       - name: Inspect development server start failure
         if: ${{ failure() || cancelled() }}
@@ -226,8 +222,7 @@ jobs:
       - name: Check out iris
         uses: actions/checkout@v4
       - name: Set up .env file
-        # TODO should move basic.env file, which is in directory tests, up. It's used in several places. Maybe, rename it into dev.env?
-        run: cp tests/data/basic.env .env
+        run: cp .env.tests.model .env
       - name: Run tests
         working-directory: tests_database_migration
         run: |
@@ -277,8 +272,7 @@ jobs:
         run: npx playwright install chromium firefox
       - name: Start development server
         run: |
-          # TODO should move basic.env file, which is in directory tests, up. It's used in several places. Maybe, rename it into dev.env
-          cp tests/data/basic.env .env
+          cp .env.tests.model .env
           docker compose --file docker-compose.dev.yml up --detach --wait
       - name: Run end to end tests
         working-directory: e2e

pyproject.toml

@@ -24,7 +24,7 @@ allow_indirect_imports = true
 [[tool.importlinter.contracts]]
 name = "Do not import API layer from the business layer"
 type = "forbidden"
-source_modules = ["app.business.access_controls", "app.business.assets"]
+source_modules = ["app.business.access_controls", "app.business.assets", "app.business.cases"]
 forbidden_modules = "app.blueprints.iris_user"
 allow_indirect_imports = true
 
@@ -42,3 +42,17 @@ source_modules = "app.datamgmt.dashboard"
 forbidden_modules = "app.blueprints.iris_user"
 allow_indirect_imports = true
 
+[[tool.importlinter.contracts]]
+name = "Do not import marshables from the persistence layer"
+type = "forbidden"
+source_modules = "app.datamgmt.manage.manage_case_state_db"
+forbidden_modules = "app.schema.marshables"
+allow_indirect_imports = true
+
+[[tool.importlinter.contracts]]
+name = "Do not import the engine from the persistence layer"
+type = "forbidden"
+source_modules = "app.datamgmt.case"
+forbidden_modules = "app.iris_engine"
+allow_indirect_imports = true
+

source/app/blueprints/graphql/cases.py

@@ -115,7 +115,7 @@ def mutate(root, info, name, description, client_id, soc_id=None, classification
         schema = CaseSchema()
         case = schema.load(request_data)
         case_template_id = request_data.pop('case_template_id', None)
-        result = cases_create(case, case_template_id)
+        result = cases_create(iris_current_user, case, case_template_id)
         return CaseCreate(case=result)
 
 

source/app/blueprints/pages/manage/manage_cases_routes.py

@@ -41,6 +41,7 @@
 from app.blueprints.access_controls import ac_api_return_access_denied, ac_fast_check_current_user_has_case_access
 from app.blueprints.access_controls import ac_requires
 from app.blueprints.responses import response_error
+from app.schema.marshables import CaseStateSchema
 
 manage_cases_blueprint = Blueprint('manage_case',
                                    __name__,
@@ -81,6 +82,7 @@ def _details_case(cur_id: int, caseid: int, url_redir: bool) -> Union[str, Respo
 
     case_classifications = get_case_classifications_list()
     case_states = get_case_states_list()
+    dumped_case_states = CaseStateSchema(many=True).dump(case_states)
     user_is_server_administrator = ac_current_user_has_permission(Permissions.server_administrator)
 
     customers = get_client_list(current_user_id=iris_current_user.id,
@@ -92,7 +94,7 @@ def _details_case(cur_id: int, caseid: int, url_redir: bool) -> Union[str, Respo
     form = FlaskForm()
 
     return render_template("modal_case_info_from_case.html", data=res, form=form, protagonists=protagonists,
-                           case_classifications=case_classifications, case_states=case_states, customers=customers,
+                           case_classifications=case_classifications, case_states=dumped_case_states, customers=customers,
                            severities=severities)
 
 

source/app/blueprints/pages/manage/manage_customers_routes.py

@@ -22,7 +22,7 @@
 from flask import url_for
 from flask_wtf import FlaskForm
 
-from app.datamgmt.client.client_db import get_client
+from app.datamgmt.client.client_db import get_customer
 from app.datamgmt.client.client_db import get_client_api
 from app.datamgmt.client.client_db import get_client_contact
 from app.datamgmt.client.client_db import get_client_contacts
@@ -115,7 +115,7 @@ def view_customer_modal(client_id, caseid, url_redir):
         return redirect(url_for('manage_customers.manage_customers', cid=caseid))
 
     form = AddCustomerForm()
-    customer = get_client(client_id)
+    customer = get_customer(client_id)
     if not customer:
         return response_error("Invalid Customer ID")
 

source/app/blueprints/rest/alerts_routes.py

@@ -606,7 +606,7 @@ def alerts_escalate_route(alert_id) -> Response:
         if not case:
             return response_error('Failed to create case from alert')
 
-        ac_set_new_case_access(None, case.case_id, case.client_id)
+        ac_set_new_case_access(iris_current_user, case.case_id, case.client_id)
 
         case = call_modules_hook('on_postload_case_create', data=case)
 
@@ -884,7 +884,7 @@ def alerts_batch_escalate_route() -> Response:
         if not case:
             return response_error('Failed to create case from alert')
 
-        ac_set_new_case_access(None, case.case_id, case.client_id)
+        ac_set_new_case_access(iris_current_user, case.case_id, case.client_id)
 
         case = call_modules_hook('on_postload_case_create', data=case)
 

source/app/blueprints/rest/api_v2_routes.py

@@ -31,6 +31,7 @@
 from app.blueprints.rest.v2.tags import tags_blueprint
 from app.blueprints.rest.v2.tasks import tasks_blueprint
 from app.blueprints.rest.v2.profile import profile_blueprint
+from app.blueprints.rest.v2.alerts_filters import alerts_filters_blueprint
 
 
 # Create root /api/v2 blueprint
@@ -50,3 +51,4 @@
 rest_v2_blueprint.register_blueprint(manage_v2_blueprint)
 rest_v2_blueprint.register_blueprint(tags_blueprint)
 rest_v2_blueprint.register_blueprint(profile_blueprint)
+rest_v2_blueprint.register_blueprint(alerts_filters_blueprint)

source/app/blueprints/rest/case/case_ioc_routes.py

@@ -51,12 +51,14 @@
 from app.models.authorization import CaseAccessLevel
 from app.schema.marshables import CommentSchema
 from app.schema.marshables import IocSchema
-from app.blueprints.access_controls import ac_requires_case_identifier, ac_fast_check_current_user_has_case_access
+from app.blueprints.access_controls import ac_requires_case_identifier
+from app.blueprints.access_controls import ac_fast_check_current_user_has_case_access
 from app.blueprints.access_controls import ac_api_requires
 from app.blueprints.access_controls import ac_api_return_access_denied
 from app.blueprints.responses import response_error
 from app.blueprints.responses import response_success
 from app.iris_engine.module_handler.module_handler import call_deprecated_on_preload_modules_hook
+from app.iris_engine.access_control.utils import ac_get_fast_user_cases_access
 
 case_ioc_rest_blueprint = Blueprint('case_ioc_rest', __name__)
 
@@ -74,7 +76,8 @@ def case_list_ioc(caseid):
         out = ioc._asdict()
 
         # Get links of the IoCs seen in other cases
-        ial = get_ioc_links(ioc.ioc_id)
+        user_search_limitations = ac_get_fast_user_cases_access(iris_current_user.id)
+        ial = get_ioc_links(ioc.ioc_id, user_search_limitations)
 
         out['link'] = [row._asdict() for row in ial]
         # Legacy, must be changed next version

source/app/blueprints/rest/filters_routes.py

@@ -20,19 +20,21 @@
 from werkzeug import Response
 
 from app import db
-from app.blueprints.iris_user import iris_current_user
 from app.datamgmt.filters.filters_db import get_filter_by_id
 from app.datamgmt.filters.filters_db import list_filters_by_type
 from app.iris_engine.utils.tracker import track_activity
 from app.schema.marshables import SavedFilterSchema
+from app.blueprints.iris_user import iris_current_user
 from app.blueprints.access_controls import ac_api_requires
 from app.blueprints.responses import response_success
 from app.blueprints.responses import response_error
+from app.blueprints.rest.endpoints import endpoint_deprecated
 
 saved_filters_rest_blueprint = Blueprint('saved_filters_rest', __name__)
 
 
 @saved_filters_rest_blueprint.route('/filters/add', methods=['POST'])
+@endpoint_deprecated('POST', '/api/v2/alerts-filters')
 @ac_api_requires()
 def filters_add_route() -> Response:
     """
@@ -66,6 +68,7 @@ def filters_add_route() -> Response:
 
 
 @saved_filters_rest_blueprint.route('/filters/update/<int:filter_id>', methods=['POST'])
+@endpoint_deprecated('PUT', '/api/v2/alerts-filters/{identifier}')
 @ac_api_requires()
 def filters_update_route(filter_id) -> Response:
     """
@@ -99,6 +102,7 @@ def filters_update_route(filter_id) -> Response:
 
 
 @saved_filters_rest_blueprint.route('/filters/delete/<int:filter_id>', methods=['POST'])
+@endpoint_deprecated('DELETE', '/api/v2/alerts-filters/{identifier}')
 @ac_api_requires()
 def filters_delete_route(filter_id) -> Response:
     """
@@ -128,6 +132,7 @@ def filters_delete_route(filter_id) -> Response:
 
 
 @saved_filters_rest_blueprint.route('/filters/<int:filter_id>', methods=['GET'])
+@endpoint_deprecated('GET', '/api/v2/alerts-filters/{identifier}')
 @ac_api_requires()
 def filters_get_route(filter_id) -> Response:
     """

source/app/blueprints/rest/manage/manage_case_state.py

@@ -45,7 +45,8 @@ def list_case_state() -> Response:
         Flask Response object
 
     """
-    l_cl = get_case_states_list()
+    case_states = get_case_states_list()
+    l_cl = CaseStateSchema(many=True).dump(case_states)
 
     return response_success("", data=l_cl)
 

source/app/blueprints/rest/manage/manage_cases_routes.py

@@ -251,7 +251,7 @@ def api_add_case():
         request_data = call_deprecated_on_preload_modules_hook('case_create', request.get_json(), None)
         case = case_schema.load(request_data)
         case_template_id = request_data.pop('case_template_id', None)
-        result = cases_create(case, case_template_id)
+        result = cases_create(iris_current_user, case, case_template_id)
         return response_success('Case created', data=case_schema.dump(result))
     except ValidationError as e:
         raise response_error('Data error', e.messages)

source/app/blueprints/rest/manage/manage_customers_routes.py

@@ -25,11 +25,11 @@
 from app import ac_current_user_has_permission
 from app.blueprints.access_controls import ac_api_requires
 from app.blueprints.iris_user import iris_current_user
-from app.datamgmt.client.client_db import create_client
+from app.datamgmt.client.client_db import create_customer
 from app.datamgmt.client.client_db import create_contact
 from app.datamgmt.client.client_db import delete_client
 from app.datamgmt.client.client_db import delete_contact
-from app.datamgmt.client.client_db import get_client
+from app.datamgmt.client.client_db import get_customer
 from app.datamgmt.client.client_db import get_client_api
 from app.datamgmt.client.client_db import get_client_cases
 from app.datamgmt.client.client_db import get_client_contacts
@@ -62,6 +62,7 @@ def list_customers():
 
 
 @manage_customers_rest_blueprint.route('/manage/customers/<int:client_id>', methods=['GET'])
+@endpoint_deprecated('GET', '/api/v2/manage/customers/{identifier}')
 @ac_api_requires(Permissions.customers_read)
 @ac_api_requires_client_access()
 def view_customer(client_id):
@@ -81,7 +82,7 @@ def customer_update_contact(client_id, contact_id):
     if not request.is_json:
         return response_error("Invalid request")
 
-    if not get_client(client_id):
+    if not get_customer(client_id):
         return response_error(f"Invalid Customer ID {client_id}")
 
     try:
@@ -110,7 +111,7 @@ def customer_add_contact(client_id):
     if not request.is_json:
         return response_error("Invalid request")
 
-    if not get_client(client_id):
+    if not get_customer(client_id):
         return response_error(f"Invalid Customer ID {client_id}")
 
     try:
@@ -250,7 +251,7 @@ def add_customers():
     try:
         customer = customer_schema.load(request.json)
 
-        create_client(customer)
+        create_customer(customer)
     except ValidationError as e:
         return response_error(msg='Error adding customer', data=e.messages)
     except Exception as e:

source/app/blueprints/rest/v2/alerts.py

@@ -157,7 +157,7 @@ def create(self):
         except BusinessProcessingError as e:
             return response_api_error(e.get_message(), data=e.get_data())
 
-    def get(self, identifier):
+    def read(self, identifier):
 
         try:
             alert = alerts_get(iris_current_user, identifier)
@@ -255,7 +255,7 @@ def create_alert():
 @alerts_blueprint.get('/<int:identifier>')
 @ac_api_requires(Permissions.alerts_read)
 def get_alert(identifier):
-    return alerts_operations.get(identifier)
+    return alerts_operations.read(identifier)
 
 
 @alerts_blueprint.put('/<int:identifier>')