db=db) db_observable = Observable(type=db_observable_type, value=observable_instance.value) # Associate the observable instance with its observable new_observable_instance.observable = db_observable # Save the new analysis to the database db.add(new_observable_instance) crud.commit(db) response.headers["Content-Location"] = request.url_for( "get_observable_instance", uuid=new_observable_instance.uuid) helpers.api_route_create(router, create_observable_instance) # # READ # # def get_all_observable_instances(db: Session = Depends(get_db)): # return crud.read_all(db_table=ObservableInstance, db=db) def get_observable_instance(uuid: UUID, db: Session = Depends(get_db)): return crud.read(uuid=uuid, db_table=ObservableInstance, db=db) # It does not make sense to have a get_all_observable_instances route at this point (and not without pagination). # helpers.api_route_read_all(router, get_all_observable_instances, List[ObservableInstanceRead])
# def create_alert_type( alert_type: AlertTypeCreate, request: Request, response: Response, db: Session = Depends(get_db), ): uuid = crud.create(obj=alert_type, db_table=AlertType, db=db) response.headers["Content-Location"] = request.url_for("get_alert_type", uuid=uuid) helpers.api_route_create(router, create_alert_type) # # READ # def get_all_alert_types(db: Session = Depends(get_db)): return crud.read_all(db_table=AlertType, db=db) def get_alert_type(uuid: UUID, db: Session = Depends(get_db)): return crud.read(uuid=uuid, db_table=AlertType, db=db) helpers.api_route_read_all(router, get_all_alert_types, List[AlertTypeRead])
value=alert.tool_instance, db_table=AlertToolInstance, db=db) # Alerts must point to an Analysis, so if we get this far without any errors, a new Analysis needs to be created. new_alert.analysis = create_node(node_create=AnalysisCreate(), db_node_type=Analysis, db=db) # Save the new alert (including the new analysis) to the database db.add(new_alert) crud.commit(db) response.headers["Content-Location"] = request.url_for("get_alert", uuid=new_alert.uuid) helpers.api_route_create(router, create_alert) # # READ # # def get_all_alerts(db: Session = Depends(get_db)): # return crud.read_all(db_table=Alert, db=db) def get_alert(uuid: UUID, db: Session = Depends(get_db)): return crud.read(uuid=uuid, db_table=Alert, db=db) # It does not make sense to have a get_all_alerts route at this point (and certainly not without pagination). # helpers.api_route_read_all(router, get_all_alerts, List[AlertRead])
# This counts a modifying the node, so it should receive a new version. db_node.version = uuid4() # Set the user on the comment new_comment.user = crud.read_user_by_username(username=node_comment.user, db=db) # Save the new comment to the database db.add(new_comment) crud.commit(db) response.headers["Content-Location"] = request.url_for( "get_node_comment", uuid=new_comment.uuid) helpers.api_route_create(router, create_node_comment) # # READ # # def get_all_node_directives(db: Session = Depends(get_db)): # return crud.read_all(db_table=NodeDirective, db=db) def get_node_comment(uuid: UUID, db: Session = Depends(get_db)): return crud.read(uuid=uuid, db_table=NodeComment, db=db) # It does not make sense to have a get_all_node_comments route at this point (and certainly not without pagination). # helpers.api_route_read_all(router, get_all_node_directives, List[NodeDirectiveRead])
new_observable = Observable(**observable.dict()) # Get the observable type from the database to associate with the new observable new_observable.type = crud.read_by_value(observable.type, db_table=ObservableType, db=db) # Save the new observable to the database db.add(new_observable) crud.commit(db) response.headers["Content-Location"] = request.url_for( "get_observable", uuid=new_observable.uuid) helpers.api_route_create(router, create_observable) # # READ # def get_all_observables(db: Session = Depends(get_db)): return crud.read_all(db_table=Observable, db=db) def get_observable(uuid: UUID, db: Session = Depends(get_db)): return crud.read(uuid=uuid, db_table=Observable, db=db) helpers.api_route_read_all(router, get_all_observables, List[ObservableRead])
# def create_node_threat_actor( node_threat_actor: NodeThreatActorCreate, request: Request, response: Response, db: Session = Depends(get_db), ): uuid = crud.create(obj=node_threat_actor, db_table=NodeThreatActor, db=db) response.headers["Content-Location"] = request.url_for( "get_node_threat_actor", uuid=uuid) helpers.api_route_create(router, create_node_threat_actor) # # READ # def get_all_node_threat_actors(db: Session = Depends(get_db)): return crud.read_all(db_table=NodeThreatActor, db=db) def get_node_threat_actor(uuid: UUID, db: Session = Depends(get_db)): return crud.read(uuid=uuid, db_table=NodeThreatActor, db=db) helpers.api_route_read_all(router, get_all_node_threat_actors,
uuid=analysis.parent_observable_uuid, db_table=ObservableInstance, db=db) # This counts as editing the observable instance, so it should receive an updated version new_analysis.parent_observable.version = uuid4() # Save the new analysis to the database db.add(new_analysis) crud.commit(db) response.headers["Content-Location"] = request.url_for( "get_analysis", uuid=new_analysis.uuid) helpers.api_route_create(router, create_analysis) # # READ # # def get_all_analysis(db: Session = Depends(get_db)): # return crud.read_all(db_table=Analysis, db=db) def get_analysis(uuid: UUID, db: Session = Depends(get_db)): return crud.read(uuid=uuid, db_table=Analysis, db=db) # It does not make sense to have a get_all_analysis route at this point (and certainly not without pagination). # helpers.api_route_read_all(router, get_all_analysis, List[AnalysisRead])
# CREATE # def create_node_history_action( node_history_action: NodeHistoryActionCreate, request: Request, response: Response, db: Session = Depends(get_db), ): uuid = crud.create(obj=node_history_action, db_table=NodeHistoryAction, db=db) response.headers["Content-Location"] = request.url_for("get_node_history_action", uuid=uuid) helpers.api_route_create(router, create_node_history_action) # # READ # def get_all_node_history_actions(db: Session = Depends(get_db)): return crud.read_all(db_table=NodeHistoryAction, db=db) def get_node_history_action(uuid: UUID, db: Session = Depends(get_db)): return crud.read(uuid=uuid, db_table=NodeHistoryAction, db=db)
# def create_alert_queue( alert_queue: AlertQueueCreate, request: Request, response: Response, db: Session = Depends(get_db), ): uuid = crud.create(obj=alert_queue, db_table=AlertQueue, db=db) response.headers["Content-Location"] = request.url_for("get_alert_queue", uuid=uuid) helpers.api_route_create(router, create_alert_queue) # # READ # def get_all_alert_queues(db: Session = Depends(get_db)): return crud.read_all(db_table=AlertQueue, db=db) def get_alert_queue(uuid: UUID, db: Session = Depends(get_db)): return crud.read(uuid=uuid, db_table=AlertQueue, db=db) helpers.api_route_read_all(router, get_all_alert_queues, List[AlertQueueRead])
# def create_event_source( event_source: EventSourceCreate, request: Request, response: Response, db: Session = Depends(get_db), ): uuid = crud.create(obj=event_source, db_table=EventSource, db=db) response.headers["Content-Location"] = request.url_for("get_event_source", uuid=uuid) helpers.api_route_create(router, create_event_source) # # READ # def get_all_event_sources(db: Session = Depends(get_db)): return crud.read_all(db_table=EventSource, db=db) def get_event_source(uuid: UUID, db: Session = Depends(get_db)): return crud.read(uuid=uuid, db_table=EventSource, db=db) helpers.api_route_read_all(router, get_all_event_sources,
db=db) if event.vectors: new_event.vectors = crud.read_by_values(values=event.vectors, db_table=EventVector, db=db) # Save the new event to the database db.add(new_event) crud.commit(db) response.headers["Content-Location"] = request.url_for("get_event", uuid=new_event.uuid) helpers.api_route_create(router, create_event) # # READ # # def get_all_events(db: Session = Depends(get_db)): # return crud.read_all(db_table=Event, db=db) def get_event(uuid: UUID, db: Session = Depends(get_db)): return crud.read(uuid=uuid, db_table=Event, db=db) # It does not make sense to have a get_all_events route at this point (and certainly not without pagination). # helpers.api_route_read_all(router, get_all_events, List[EventRead])
# CREATE # def create_event_remediation( event_remediation: EventRemediationCreate, request: Request, response: Response, db: Session = Depends(get_db), ): uuid = crud.create(obj=event_remediation, db_table=EventRemediation, db=db) response.headers["Content-Location"] = request.url_for("get_event_remediation", uuid=uuid) helpers.api_route_create(router, create_event_remediation) # # READ # def get_all_event_remediations(db: Session = Depends(get_db)): return crud.read_all(db_table=EventRemediation, db=db) def get_event_remediation(uuid: UUID, db: Session = Depends(get_db)): return crud.read(uuid=uuid, db_table=EventRemediation, db=db)
# CREATE # def create_event_vector( event_vector: EventVectorCreate, request: Request, response: Response, db: Session = Depends(get_db), ): uuid = crud.create(obj=event_vector, db_table=EventVector, db=db) response.headers["Content-Location"] = request.url_for("get_event_vector", uuid=uuid) helpers.api_route_create(router, create_event_vector) # # READ # def get_all_event_vectors(db: Session = Depends(get_db)): return crud.read_all(db_table=EventVector, db=db) def get_event_vector(uuid: UUID, db: Session = Depends(get_db)): return crud.read(uuid=uuid, db_table=EventVector, db=db)
def create_event_prevention_tool( event_prevention_tool: EventPreventionToolCreate, request: Request, response: Response, db: Session = Depends(get_db), ): uuid = crud.create(obj=event_prevention_tool, db_table=EventPreventionTool, db=db) response.headers["Content-Location"] = request.url_for( "get_event_prevention_tool", uuid=uuid) helpers.api_route_create(router, create_event_prevention_tool) # # READ # def get_all_event_prevention_tools(db: Session = Depends(get_db)): return crud.read_all(db_table=EventPreventionTool, db=db) def get_event_prevention_tool(uuid: UUID, db: Session = Depends(get_db)): return crud.read(uuid=uuid, db_table=EventPreventionTool, db=db) helpers.api_route_read_all(router, get_all_event_prevention_tools,
# def create_event_risk_level( event_risk_level: EventRiskLevelCreate, request: Request, response: Response, db: Session = Depends(get_db), ): uuid = crud.create(obj=event_risk_level, db_table=EventRiskLevel, db=db) response.headers["Content-Location"] = request.url_for( "get_event_risk_level", uuid=uuid) helpers.api_route_create(router, create_event_risk_level) # # READ # def get_all_event_risk_levels(db: Session = Depends(get_db)): return crud.read_all(db_table=EventRiskLevel, db=db) def get_event_risk_level(uuid: UUID, db: Session = Depends(get_db)): return crud.read(uuid=uuid, db_table=EventRiskLevel, db=db) helpers.api_route_read_all(router, get_all_event_risk_levels,
# def create_user_role( user_role: UserRoleCreate, request: Request, response: Response, db: Session = Depends(get_db), ): uuid = crud.create(obj=user_role, db_table=UserRole, db=db) response.headers["Content-Location"] = request.url_for("get_user_role", uuid=uuid) helpers.api_route_create(router, create_user_role) # # READ # def get_all_user_roles(db: Session = Depends(get_db)): return crud.read_all(db_table=UserRole, db=db) def get_user_role(uuid: UUID, db: Session = Depends(get_db)): return crud.read(uuid=uuid, db_table=UserRole, db=db) helpers.api_route_read_all(router, get_all_user_roles, List[UserRoleRead])
# If required tags were given, get them from the database and use them in the new analysis module type db_required_tags = [] if analysis_module_type.required_tags: db_required_tags = crud.read_by_values( values=analysis_module_type.required_tags, db_table=NodeTag, db=db) new_analysis_module_type.required_tags = db_required_tags # Save the new analysis module type to the database db.add(new_analysis_module_type) crud.commit(db) response.headers["Content-Location"] = request.url_for( "get_analysis_module_type", uuid=new_analysis_module_type.uuid) helpers.api_route_create(router, create_analysis_module_type) # # READ # def get_all_analysis_module_types(db: Session = Depends(get_db)): return crud.read_all(db_table=AnalysisModuleType, db=db) def get_analysis_module_type(uuid: UUID, db: Session = Depends(get_db)): return crud.read(uuid=uuid, db_table=AnalysisModuleType, db=db) helpers.api_route_read_all(router, get_all_analysis_module_types,
# def create_alert_tool( alert_tool: AlertToolCreate, request: Request, response: Response, db: Session = Depends(get_db), ): uuid = crud.create(obj=alert_tool, db_table=AlertTool, db=db) response.headers["Content-Location"] = request.url_for("get_alert_tool", uuid=uuid) helpers.api_route_create(router, create_alert_tool) # # READ # def get_all_alert_tools(db: Session = Depends(get_db)): return crud.read_all(db_table=AlertTool, db=db) def get_alert_tool(uuid: UUID, db: Session = Depends(get_db)): return crud.read(uuid=uuid, db_table=AlertTool, db=db) helpers.api_route_read_all(router, get_all_alert_tools, List[AlertToolRead])
# def create_disposition( disposition: AlertDispositionCreate, request: Request, response: Response, db: Session = Depends(get_db), ): uuid = crud.create(obj=disposition, db_table=AlertDisposition, db=db) response.headers["Content-Location"] = request.url_for("get_disposition", uuid=uuid) helpers.api_route_create(router, create_disposition) # # READ # def get_all_dispositions(db: Session = Depends(get_db)): return crud.read_all(db_table=AlertDisposition, db=db) def get_disposition(uuid: UUID, db: Session = Depends(get_db)): return crud.read(uuid=uuid, db_table=AlertDisposition, db=db) helpers.api_route_read_all(router, get_all_dispositions,
# CREATE # def create_event_status( event_status: EventStatusCreate, request: Request, response: Response, db: Session = Depends(get_db), ): uuid = crud.create(obj=event_status, db_table=EventStatus, db=db) response.headers["Content-Location"] = request.url_for("get_event_status", uuid=uuid) helpers.api_route_create(router, create_event_status) # # READ # def get_all_event_statuses(db: Session = Depends(get_db)): return crud.read_all(db_table=EventStatus, db=db) def get_event_status(uuid: UUID, db: Session = Depends(get_db)): return crud.read(uuid=uuid, db_table=EventStatus, db=db)
def create_alert_tool_instance( alert_tool_instance: AlertToolInstanceCreate, request: Request, response: Response, db: Session = Depends(get_db), ): uuid = crud.create(obj=alert_tool_instance, db_table=AlertToolInstance, db=db) response.headers["Content-Location"] = request.url_for( "get_alert_tool_instance", uuid=uuid) helpers.api_route_create(router, create_alert_tool_instance) # # READ # def get_all_alert_tool_instances(db: Session = Depends(get_db)): return crud.read_all(db_table=AlertToolInstance, db=db) def get_alert_tool_instance(uuid: UUID, db: Session = Depends(get_db)): return crud.read(uuid=uuid, db_table=AlertToolInstance, db=db) helpers.api_route_read_all(router, get_all_alert_tool_instances,
# Create the new node threat new_threat = NodeThreat(**node_threat.dict()) # Set the threat types on the new node threat new_threat.types = db_threat_types # Save the new node threat to the database db.add(new_threat) crud.commit(db) response.headers["Content-Location"] = request.url_for( "get_node_threat", uuid=new_threat.uuid) helpers.api_route_create(router, create_node_threat) # # READ # def get_all_node_threats(db: Session = Depends(get_db)): return crud.read_all(db_table=NodeThreat, db=db) def get_node_threat(uuid: UUID, db: Session = Depends(get_db)): return crud.read(uuid=uuid, db_table=NodeThreat, db=db) helpers.api_route_read_all(router, get_all_node_threats, List[NodeThreatRead])
# CREATE # def create_event_type( event_type: EventTypeCreate, request: Request, response: Response, db: Session = Depends(get_db), ): uuid = crud.create(obj=event_type, db_table=EventType, db=db) response.headers["Content-Location"] = request.url_for("get_event_type", uuid=uuid) helpers.api_route_create(router, create_event_type) # # READ # def get_all_event_types(db: Session = Depends(get_db)): return crud.read_all(db_table=EventType, db=db) def get_event_type(uuid: UUID, db: Session = Depends(get_db)): return crud.read(uuid=uuid, db_table=EventType, db=db)