def __call__(self, id):
"""
Return an instance of Case with the given case ID.
:param id: ID of a case to retrieve.
"""
response = self._thehive.get_case(id)
# Check for failed authentication
if response.status_code == requests.codes.unauthorized:
raise TheHiveException("Authentication failed")
if response.status_code == requests.codes.not_found:
raise CaseException("Case {} not found".format(id))
if self.status_ok(response.status_code):
data = response.json()
case = Case(json=data)
# Add attributes that are not added by the constructor
case.id = data.get('id', None)
case.owner = data.get('owner', None)
case.caseId = data.get('caseId', None)
case.status = data.get('status', None)
case.createdAt = data.get('createdAt', None)
case.createdBy = data.get('createdBy', None)
case.updatedAt = data.get('updatedAt', None)
case.updatedBy = data.get('updatedBy', None)
return case
def update_case(self, case):
"""
Update a case.
:param case: The case to update. The case's `id` determines which case
to update.
:return:
"""
req = self.url + "/api/case/{}".format(case.id)
# Choose which attributes to send
update_keys = [
'title', 'description', 'severity', 'startDate', 'owner', 'flag',
'tlp', 'tags', 'resolutionStatus', 'impactStatus', 'summary',
'endDate', 'metrics', 'status'
]
data = {k: v for k, v in case.__dict__.items() if k in update_keys}
try:
return requests.patch(req,
headers={'Content-Type': 'application/json'},
json=data,
proxies=self.proxies,
auth=self.auth,
verify=self.cert)
except requests.exceptions.RequestException as exp:
raise CaseException("Case update error: {}".format(exp))
def list_cases(self):
req = self.url + "/api/case"
try:
return requests.get(req,
proxies=self.proxies,
auth=self.auth,
verify=self.cert)
except requests.exceptions.RequestException as e:
raise CaseException("Case list error: {}".format(e))
def delete_case(self, case_id):
req = self.url + "/api/case/{}".format(case_id)
try:
return requests.delete(req,
proxies=self.proxies,
auth=self.auth,
verify=self.cert)
except requests.exceptions.RequestException as e:
raise CaseException("Case delete error: {}".format(e))
def update(self, case_id, **attributes):
"""
Update a case.
:param case_id: The ID of the case to update
:param attributes: key=value pairs of case attributes to update (field=new_value)
:return: The created instance.
"""
response = self._thehive.do_patch("/api/case/{}".format(case_id), **attributes)
if response.status_code == requests.codes.unauthorized:
raise TheHiveException("Authentication failed")
if self.status_ok(response.status_code):
return self(response.json()['id'])
else:
raise CaseException("Server returned {}: {}".format(response.status_code, response.text))
def create(self, title, description, **kwargs):
"""
Create an instance of the Case class.
:param title: Case title.
:param description: Case description.
:param kwargs: Additional arguments.
:return: The created instance.
"""
case = Case(title=title, description=description, **kwargs)
response = self._thehive.create_case(case)
# Check for failed authentication
if response.status_code == requests.codes.unauthorized:
raise TheHiveException("Authentication failed")
if self.status_ok(response.status_code):
return self(response.json()['id'])
else:
raise CaseException("Server returned {}: {}".format(response.status_code, response.text))