def create_node_comment(
node_comment: NodeCommentCreate,
request: Request,
response: Response,
db: Session = Depends(get_db),
):
# Create the new node comment
new_comment = NodeComment(**node_comment.dict())
# Make sure the node actually exists
db_node = crud.read(uuid=node_comment.node_uuid, db_table=Node, db=db)
# This counts a modifying the node, so it should receive a new version.
db_node.version = uuid4()
# Set the user on the comment
new_comment.user = crud.read_user_by_username(username=node_comment.user,
db=db)
# Save the new comment to the database
db.add(new_comment)
crud.commit(db)
response.headers["Content-Location"] = request.url_for(
"get_node_comment", uuid=new_comment.uuid)
def create_event(
event: EventCreate,
request: Request,
response: Response,
db: Session = Depends(get_db),
):
# Create the new event Node using the data from the request
new_event: Event = create_node(node_create=event,
db_node_type=Event,
db=db,
exclude={"alert_uuids"})
# Set the required event properties
new_event.status = crud.read_by_value(value=event.status,
db_table=EventStatus,
db=db)
# Set the various optional event properties if they were given in the request.
if event.owner:
new_event.owner = crud.read_user_by_username(username=event.owner,
db=db)
if event.prevention_tools:
new_event.prevention_tools = crud.read_by_values(
values=event.prevention_tools,
db_table=EventPreventionTool,
db=db,
)
if event.remediations:
new_event.remediations = crud.read_by_values(values=event.remediations,
db_table=EventRemediation,
db=db)
if event.risk_level:
new_event.risk_level = crud.read_by_value(value=event.risk_level,
db_table=EventRiskLevel,
db=db)
if event.source:
new_event.source = crud.read_by_value(value=event.source,
db_table=EventSource,
db=db)
if event.type:
new_event.type = crud.read_by_value(value=event.type,
db_table=EventType,
db=db)
if event.vectors:
new_event.vectors = crud.read_by_values(values=event.vectors,
db_table=EventVector,
db=db)
# Save the new event to the database
db.add(new_event)
crud.commit(db)
response.headers["Content-Location"] = request.url_for("get_event",
uuid=new_event.uuid)
def create_alert(
alert: AlertCreate,
request: Request,
response: Response,
db: Session = Depends(get_db),
):
# Create the new alert Node using the data from the request
new_alert: Alert = create_node(node_create=alert,
db_node_type=Alert,
db=db)
# Set the required alert properties
new_alert.queue = crud.read_by_value(value=alert.queue,
db_table=AlertQueue,
db=db)
new_alert.type = crud.read_by_value(value=alert.type,
db_table=AlertType,
db=db)
# Set the various optional alert properties if they were given in the request.
if alert.owner:
new_alert.owner = crud.read_user_by_username(username=alert.owner,
db=db)
if alert.tool:
new_alert.tool = crud.read_by_value(value=alert.tool,
db_table=AlertTool,
db=db)
if alert.tool_instance:
new_alert.tool_instance = crud.read_by_value(
value=alert.tool_instance, db_table=AlertToolInstance, db=db)
# Alerts must point to an Analysis, so if we get this far without any errors, a new Analysis needs to be created.
new_alert.analysis = create_node(node_create=AnalysisCreate(),
db_node_type=Analysis,
db=db)
# Save the new alert (including the new analysis) to the database
db.add(new_alert)
crud.commit(db)
response.headers["Content-Location"] = request.url_for("get_alert",
uuid=new_alert.uuid)
def update_event(
uuid: UUID,
event: EventUpdate,
request: Request,
response: Response,
db: Session = Depends(get_db),
):
# Update the Node attributes
db_event: Event = update_node(node_update=event,
uuid=uuid,
db_table=Event,
db=db)
# Get the data that was given in the request and use it to update the database object
update_data = event.dict(exclude_unset=True)
if "alert_time" in update_data:
db_event.alert_time = update_data["alert_time"]
if "contain_time" in update_data:
db_event.contain_time = update_data["contain_time"]
if "disposition_time" in update_data:
db_event.disposition_time = update_data["disposition_time"]
if "event_time" in update_data:
db_event.event_time = update_data["event_time"]
if "name" in update_data:
db_event.name = update_data["name"]
if "owner" in update_data:
db_event.owner = crud.read_user_by_username(
username=update_data["owner"], db=db)
if "ownership_time" in update_data:
db_event.ownership_time = update_data["ownership_time"]
if "prevention_tools" in update_data:
db_event.prevention_tools = crud.read_by_values(
values=update_data["prevention_tools"],
db_table=EventPreventionTool,
db=db,
)
if "remediation_time" in update_data:
db_event.remediation_time = update_data["remediation_time"]
if "remediations" in update_data:
db_event.remediations = crud.read_by_values(
values=update_data["remediations"],
db_table=EventRemediation,
db=db,
)
if "risk_level" in update_data:
db_event.risk_level = crud.read_by_value(
value=update_data["risk_level"], db_table=EventRiskLevel, db=db)
if "source" in update_data:
db_event.source = crud.read_by_value(value=update_data["source"],
db_table=EventSource,
db=db)
if "status" in update_data:
db_event.status = crud.read_by_value(value=update_data["status"],
db_table=EventStatus,
db=db)
if "type" in update_data:
db_event.type = crud.read_by_value(value=update_data["type"],
db_table=EventType,
db=db)
if "vectors" in update_data:
db_event.vectors = crud.read_by_values(values=update_data["vectors"],
db_table=EventVector,
db=db)
crud.commit(db)
response.headers["Content-Location"] = request.url_for("get_event",
uuid=uuid)
def update_alert(
uuid: UUID,
alert: AlertUpdate,
request: Request,
response: Response,
db: Session = Depends(get_db),
):
# Update the Node attributes
db_alert: Alert = update_node(node_update=alert,
uuid=uuid,
db_table=Alert,
db=db)
# Get the data that was given in the request and use it to update the database object
update_data = alert.dict(exclude_unset=True)
if "description" in update_data:
db_alert.description = update_data["description"]
if "disposition" in update_data:
db_alert.disposition = crud.read_by_value(
value=update_data["disposition"], db_table=AlertDisposition, db=db)
if "event_uuid" in update_data:
db_alert.event = crud.read(uuid=update_data["event_uuid"],
db_table=Event,
db=db)
# This counts as editing the event, so it should receive a new version.
db_alert.event.version = uuid4()
if "event_time" in update_data:
db_alert.event_time = update_data["event_time"]
if "instructions" in update_data:
db_alert.instructions = update_data["instructions"]
if "name" in update_data:
db_alert.name = update_data["name"]
if "owner" in update_data:
db_alert.owner = crud.read_user_by_username(
username=update_data["owner"], db=db)
if "queue" in update_data:
db_alert.queue = crud.read_by_value(value=update_data["queue"],
db_table=AlertQueue,
db=db)
if "tool" in update_data:
db_alert.tool = crud.read_by_value(value=update_data["tool"],
db_table=AlertTool,
db=db)
if "tool_instance" in update_data:
db_alert.tool_instance = crud.read_by_value(
value=update_data["tool_instance"],
db_table=AlertToolInstance,
db=db,
)
if "type" in update_data:
db_alert.type = crud.read_by_value(value=update_data["type"],
db_table=AlertType,
db=db)
crud.commit(db)
response.headers["Content-Location"] = request.url_for("get_alert",
uuid=uuid)