Refactor pivot (#1902)

* Refactor pivot

Signed-off-by: 0ssigeno <s.berni@certego.net>

* Fixes

Signed-off-by: 0ssigeno <s.berni@certego.net>

* More

Signed-off-by: 0ssigeno <s.berni@certego.net>

* Linters

Signed-off-by: 0ssigeno <s.berni@certego.net>

* Update api_app/pivots_manager/models.py

Co-authored-by: code-review-doctor[bot] <72320148+code-review-doctor[bot]@users.noreply.github.com>

* Fix

Signed-off-by: 0ssigeno <s.berni@certego.net>

* Fixes

Signed-off-by: 0ssigeno <s.berni@certego.net>

* Fixes

Signed-off-by: 0ssigeno <s.berni@certego.net>

* Fixes

Signed-off-by: 0ssigeno <s.berni@certego.net>

* Fixes

Signed-off-by: 0ssigeno <s.berni@certego.net>

* Fixes

Signed-off-by: 0ssigeno <s.berni@certego.net>

* Fixes

Signed-off-by: 0ssigeno <s.berni@certego.net>

* Fixes

Signed-off-by: 0ssigeno <s.berni@certego.net>

* Deepsource

Signed-off-by: 0ssigeno <s.berni@certego.net>

* Fix

Signed-off-by: 0ssigeno <s.berni@certego.net>

* fix test frontend

* Prettier

Signed-off-by: 0ssigeno <s.berni@certego.net>

* Fixes

Signed-off-by: 0ssigeno <s.berni@certego.net>

* Fixes

Signed-off-by: 0ssigeno <s.berni@certego.net>

* Blake

Signed-off-by: 0ssigeno <s.berni@certego.net>

* Fix typo

Signed-off-by: 0ssigeno <s.berni@certego.net>

* Fix

Signed-off-by: 0ssigeno <s.berni@certego.net>

* improved pivot frontend

* frontend

* Fix

Signed-off-by: 0ssigeno <s.berni@certego.net>

* Fix url property

Signed-off-by: 0ssigeno <s.berni@certego.net>

* Fix url property

Signed-off-by: 0ssigeno <s.berni@certego.net>

* improved pivoting page

* Removed import

Signed-off-by: 0ssigeno <s.berni@certego.net>

* prettier

* Fixes

Signed-off-by: 0ssigeno <s.berni@certego.net>

* fixed frontend tests

* prettier

* Fix yaraify url

Signed-off-by: 0ssigeno <s.berni@certego.net>

* Adding removal of existent directory

Signed-off-by: 0ssigeno <s.berni@certego.net>

---------

Signed-off-by: 0ssigeno <s.berni@certego.net>
Co-authored-by: code-review-doctor[bot] <72320148+code-review-doctor[bot]@users.noreply.github.com>
Co-authored-by: Daniele Rosetti <d.rosetti@certego.net>

Author: 3 people

api_app/admin.py

@@ -5,7 +5,7 @@
 from django.db.models import JSONField
 from prettyjson.widgets import PrettyJSONWidget
 
-from .forms import ParameterInlineForm, PythonConfigAdminForm
+from .forms import ParameterInlineForm
 from .models import AbstractConfig, Job, Parameter, PluginConfig, PythonModule, Tag
 from .tabulars import (
     ParameterInline,
@@ -148,8 +148,6 @@ def disabled_in_orgs(self, instance: AbstractConfig):
 
 
 class PythonConfigAdminView(AbstractConfigAdminView):
-    form = PythonConfigAdminForm
-
     list_display = (
         "name",
         "python_module",

api_app/analyzers_manager/admin.py

@@ -3,7 +3,6 @@
 from django.contrib import admin
 
 from api_app.admin import AbstractReportAdminView, PythonConfigAdminView
-from api_app.analyzers_manager.forms import AnalyzerConfigAdminForm
 from api_app.analyzers_manager.models import AnalyzerConfig, AnalyzerReport
 
 
@@ -20,5 +19,4 @@ class AnalyzerConfigAdminView(PythonConfigAdminView):
         "maximum_tlp",
         "update_schedule",
     )
-    form = AnalyzerConfigAdminForm
     exclude = ["update_task"]

api_app/analyzers_manager/file_analyzers/yara_scan.py

@@ -158,9 +158,10 @@ def compiled_file_name(self):
     @cached_property
     def first_level_directories(self) -> List[PosixPath]:
         paths = []
-        for directory in self.directory.iterdir():
-            if directory.is_dir() and directory.stem not in [".git", ".github"]:
-                paths.append(directory)
+        if self.directory.exists():
+            for directory in self.directory.iterdir():
+                if directory.is_dir() and directory.stem not in [".git", ".github"]:
+                    paths.append(directory)
         return paths
 
     @cached_property

api_app/analyzers_manager/forms.py

@@ -0,0 +1,32 @@
+# Generated by Django 4.1.10 on 2023-09-14 13:25
+
+import django.db.models.deletion
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        (
+            "api_app",
+            "0046_remove_pluginconfig_plugin_config_no_config_all_null_and_more",
+        ),
+        ("analyzers_manager", "0041_alter_analyzerconfig_python_module"),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name="analyzerconfig",
+            name="python_module",
+            field=models.ForeignKey(
+                limit_choices_to={
+                    "base_path__in": [
+                        "api_app.analyzers_manager.file_analyzers",
+                        "api_app.analyzers_manager.observable_analyzers",
+                    ]
+                },
+                on_delete=django.db.models.deletion.PROTECT,
+                related_name="%(class)ss",
+                to="api_app.pythonmodule",
+            ),
+        ),
+    ]

api_app/analyzers_manager/migrations/0042_alter_analyzerconfig_python_module.py

@@ -0,0 +1,38 @@
+# Generated by Django 4.1.10 on 2023-09-14 13:25
+import shutil
+from pathlib import PosixPath
+
+from django.db import migrations
+
+
+def migrate(apps, schema_editor):
+    PluginConfig = apps.get_model("api_app", "PluginConfig")
+    pc = PluginConfig.objects.get(
+        parameter__name="repositories",
+        owner=None,
+        for_organization=False,
+        parameter__python_module__module="yara_scan.YaraScan",
+    )
+    pc.value.remove("https://yaraify-api.abuse.ch/download/yaraify-rules.zip")
+    path = PosixPath(
+        "/opt/deploy/files_required/yara/yaraify-api.abuse.ch_yaraify-rules"
+    )
+    if path.exists():
+        shutil.rmtree(str(path), ignore_errors=True)
+
+    pc.value.append("https://yaraify-api.abuse.ch/yarahub/yaraify-rules.zip")
+    pc.save()
+
+
+def reverse_migrate(apps, schema_editor):
+    pass
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("analyzers_manager", "0042_alter_analyzerconfig_python_module"),
+    ]
+
+    operations = [
+        migrations.RunPython(migrate, reverse_migrate),
+    ]

api_app/analyzers_manager/migrations/0043_modify_yaraify_url.py

@@ -14,9 +14,9 @@
     TypeChoices,
 )
 from api_app.analyzers_manager.exceptions import AnalyzerConfigurationException
-from api_app.choices import TLP
+from api_app.choices import TLP, PythonModuleBasePaths
 from api_app.fields import ChoiceArrayField
-from api_app.models import AbstractReport, PythonConfig
+from api_app.models import AbstractReport, PythonConfig, PythonModule
 
 logger = getLogger(__name__)
 
@@ -131,6 +131,17 @@ class AnalyzerConfig(PythonConfig):
     maximum_tlp = models.CharField(
         null=False, default=TLP.RED, choices=TLP.choices, max_length=50
     )
+    python_module = models.ForeignKey(
+        PythonModule,
+        on_delete=models.PROTECT,
+        related_name="%(class)ss",
+        limit_choices_to={
+            "base_path__in": [
+                PythonModuleBasePaths.FileAnalyzer.value,
+                PythonModuleBasePaths.ObservableAnalyzer.value,
+            ]
+        },
+    )
     # obs
     observable_supported = ChoiceArrayField(
         models.CharField(null=False, choices=ObservableTypes.choices, max_length=30),

api_app/analyzers_manager/models.py

@@ -12,10 +12,6 @@
 
 
 class AnalyzerReportSerializer(AbstractReportSerializer):
-    """
-    AnalyzerReport model's serializer.
-    """
-
     class Meta:
         model = AnalyzerReport
         fields = AbstractReportSerializer.Meta.fields

api_app/analyzers_manager/serializers.py

@@ -1,5 +1,6 @@
 # This file is a part of IntelOwl https://github.com/intelowlproject/IntelOwl
 # See the file 'LICENSE' for copying permission.
+import enum
 import typing
 from pathlib import PosixPath
 
@@ -19,6 +20,7 @@ class PythonModuleBasePaths(models.TextChoices):
     Connector = PosixPath("api_app.connectors_manager.connectors"), "Connector"
     Ingestor = PosixPath("api_app.ingestors_manager.ingestors"), "Ingestor"
     Visualizer = PosixPath("api_app.visualizers_manager.visualizers"), "Visualizer"
+    Pivot = PosixPath("api_app.pivots_manager.pivots"), "Pivot"
 
 
 class TLP(models.TextChoices):
@@ -55,33 +57,37 @@ class Status(models.TextChoices):
     RUNNING = "running", "running"
 
     ANALYZERS_RUNNING = "analyzers_running", "analyzers_running"
-    CONNECTORS_RUNNING = "connectors_running", "connectors_running"
-    VISUALIZERS_RUNNING = "visualizers_running", "visualizers_running"
-
     ANALYZERS_COMPLETED = "analyzers_completed", "analyzers_completed"
+
+    CONNECTORS_RUNNING = "connectors_running", "connectors_running"
     CONNECTORS_COMPLETED = "connectors_completed", "connectors_completed"
+
+    PIVOTS_RUNNING = "pivots_running", "pivots_running"
+    PIVOTS_COMPLETED = "pivots_completed", "pivots_completed"
+
+    VISUALIZERS_RUNNING = "visualizers_running", "visualizers_running"
     VISUALIZERS_COMPLETED = "visualizers_completed", "visualizers_completed"
 
     REPORTED_WITHOUT_FAILS = "reported_without_fails", "reported_without_fails"
     REPORTED_WITH_FAILS = "reported_with_fails", "reported_with_fails"
     KILLED = "killed", "killed"
     FAILED = "failed", "failed"
 
+    @classmethod
+    def get_enums_with_suffix(
+        cls, suffix: str
+    ) -> typing.Generator[enum.Enum, None, None]:
+        for key in cls:
+            if key.name.endswith(suffix):
+                yield key
+
     @classmethod
     def running_statuses(cls) -> typing.List["Status"]:
-        return [
-            cls.ANALYZERS_RUNNING,
-            cls.CONNECTORS_RUNNING,
-            cls.VISUALIZERS_RUNNING,
-        ]
+        return list(cls.get_enums_with_suffix("_RUNNING"))
 
     @classmethod
     def partial_statuses(cls) -> typing.List["Status"]:
-        return [
-            cls.ANALYZERS_COMPLETED,
-            cls.CONNECTORS_COMPLETED,
-            cls.VISUALIZERS_COMPLETED,
-        ]
+        return list(cls.get_enums_with_suffix("_COMPLETED"))
 
     @classmethod
     def final_statuses(cls) -> typing.List["Status"]:

api_app/choices.py

@@ -104,23 +104,13 @@ def after_run(self):
         self.report.end_time = timezone.now()
         self.report.save()
 
-    def after_run_success(self, content: typing.Union[typing.Dict, typing.Iterable]):
+    def after_run_success(self, content: typing.Any):
         if isinstance(content, typing.Generator):
             content = list(content)
         self.report.report = content
         self.report.status = self.report.Status.SUCCESS.value
         self.report.save(update_fields=["status", "report"])
 
-    def execute_pivots(self) -> None:
-        from api_app.pivots_manager.models import PivotConfig
-
-        if self._job.playbook_to_execute:
-            for pivot in self._config.pivots.annotate_runnable(self._job.user).filter(
-                used_by_playbooks=self._job.playbook_to_execute, runnable=True
-            ):
-                pivot: PivotConfig
-                pivot.pivot_job(self._job)
-
     def log_error(self, e):
         if isinstance(e, (*self.get_exceptions_to_catch(), SoftTimeLimitExceeded)):
             error_message = self.get_error_message(e)
@@ -204,7 +194,6 @@ def start(self, *args, **kwargs):
             self.after_run_failed(e)
         else:
             self.after_run_success(_result)
-            self.execute_pivots()
         finally:
             # add end time of process
             self.after_run()

api_app/classes.py

@@ -4,7 +4,6 @@
 from django.contrib import admin
 
 from api_app.admin import AbstractReportAdminView, PythonConfigAdminView
-from api_app.connectors_manager.forms import ConnectorConfigAdminForm
 from api_app.connectors_manager.models import ConnectorConfig, ConnectorReport
 
 
@@ -19,4 +18,3 @@ class ConnectorConfigAdminView(PythonConfigAdminView):
         "maximum_tlp",
         "run_on_failure",
     )
-    form = ConnectorConfigAdminForm

api_app/connectors_manager/admin.py

@@ -1,7 +0,0 @@
-from api_app.choices import PythonModuleBasePaths
-from api_app.forms import PythonConfigAdminForm
-
-
-class ConnectorConfigAdminForm(PythonConfigAdminForm):
-    class Meta:
-        base_paths_allowed = [PythonModuleBasePaths.Connector.value]

api_app/connectors_manager/forms.py

@@ -0,0 +1,27 @@
+# Generated by Django 4.1.10 on 2023-09-14 13:25
+
+import django.db.models.deletion
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        (
+            "api_app",
+            "0046_remove_pluginconfig_plugin_config_no_config_all_null_and_more",
+        ),
+        ("connectors_manager", "0021_alter_connectorconfig_python_module"),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name="connectorconfig",
+            name="python_module",
+            field=models.ForeignKey(
+                limit_choices_to={"base_path": "api_app.connectors_manager.connectors"},
+                on_delete=django.db.models.deletion.PROTECT,
+                related_name="%(class)ss",
+                to="api_app.pythonmodule",
+            ),
+        ),
+    ]

api_app/connectors_manager/migrations/0022_alter_connectorconfig_python_module.py

@@ -3,9 +3,9 @@
 
 from django.db import models
 
-from api_app.choices import TLP
+from api_app.choices import TLP, PythonModuleBasePaths
 from api_app.connectors_manager.exceptions import ConnectorConfigurationException
-from api_app.models import AbstractReport, PythonConfig
+from api_app.models import AbstractReport, PythonConfig, PythonModule
 
 
 class ConnectorReport(AbstractReport):
@@ -22,6 +22,12 @@ class ConnectorConfig(PythonConfig):
         null=False, default=TLP.CLEAR, choices=TLP.choices, max_length=50
     )
     run_on_failure = models.BooleanField(null=False, default=True)
+    python_module = models.ForeignKey(
+        PythonModule,
+        on_delete=models.PROTECT,
+        related_name="%(class)ss",
+        limit_choices_to={"base_path": PythonModuleBasePaths.Connector.value},
+    )
 
     @classmethod
     @property

api_app/connectors_manager/models.py

@@ -11,6 +11,7 @@ def default_runtime():
     return {
         "analyzers": {},
         "connectors": {},
+        "pivots": {},
         "visualizers": {},
     }
 

api_app/defaults.py

@@ -1,7 +1,6 @@
 from django import forms
-from django.forms.models import ALL_FIELDS
 
-from api_app.models import Parameter, PythonConfig
+from api_app.models import Parameter
 
 
 class MultilineJSONField(forms.JSONField):
@@ -40,17 +39,3 @@ class Meta:
             "required",
             "python_module",
         ]
-
-
-class PythonConfigAdminForm(forms.ModelForm):
-    class Meta:
-        model = PythonConfig
-        fields = ALL_FIELDS
-        base_paths_allowed = []
-
-    def __init__(self, *args, **kwargs):
-        super().__init__(*args, **kwargs)
-        # only modules of this configurations
-        self.fields["python_module"].queryset = self.fields[
-            "python_module"
-        ].queryset.filter(base_path__in=self.Meta.base_paths_allowed)

api_app/forms.py

@@ -4,7 +4,6 @@
 from django.contrib import admin
 
 from api_app.admin import AbstractReportAdminView, PythonConfigAdminView
-from api_app.ingestors_manager.forms import IngestorConfigAdminForm
 from api_app.ingestors_manager.models import IngestorConfig, IngestorReport
 
 
@@ -23,4 +22,3 @@ class IngestorConfigAdminView(PythonConfigAdminView):
         "schedule",
     )
     exclude = ["user", "periodic_task"]
-    form = IngestorConfigAdminForm

api_app/ingestors_manager/admin.py

@@ -65,7 +65,7 @@ def after_run_success(self, content):
         deque(
             self._config._create_jobs(
                 # every job created from an ingestor
-                self.report,
+                content,
                 TLP.CLEAR.value,
                 self._user,
             ),