dfir-iris
diff --git a/‎.github/workflows/ci.yml‎
Lines changed: 5 additions & 0 deletions b/‎.github/workflows/ci.yml‎
Lines changed: 5 additions & 0 deletions
diff --git a/‎source/app/blueprints/pages/login/login_routes.py‎
Lines changed: 2 additions & 1 deletion b/‎source/app/blueprints/pages/login/login_routes.py‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎source/app/blueprints/rest/case/case_assets_routes.py‎
Lines changed: 2 additions & 2 deletions b/‎source/app/blueprints/rest/case/case_assets_routes.py‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎source/app/blueprints/rest/manage/manage_users.py‎
Lines changed: 7 additions & 2 deletions b/‎source/app/blueprints/rest/manage/manage_users.py‎
Lines changed: 7 additions & 2 deletions
diff --git a/‎source/app/blueprints/rest/v2/alerts_routes/comments.py‎
Lines changed: 21 additions & 0 deletions b/‎source/app/blueprints/rest/v2/alerts_routes/comments.py‎
Lines changed: 21 additions & 0 deletions
diff --git a/‎source/app/blueprints/rest/v2/assets_routes/comments.py‎
Lines changed: 21 additions & 0 deletions b/‎source/app/blueprints/rest/v2/assets_routes/comments.py‎
Lines changed: 21 additions & 0 deletions
diff --git a/‎source/app/blueprints/rest/v2/case_routes/assets.py‎
Lines changed: 4 additions & 5 deletions b/‎source/app/blueprints/rest/v2/case_routes/assets.py‎
Lines changed: 4 additions & 5 deletions
diff --git a/‎source/app/blueprints/rest/v2/events_routes/comments.py‎
Lines changed: 21 additions & 0 deletions b/‎source/app/blueprints/rest/v2/events_routes/comments.py‎
Lines changed: 21 additions & 0 deletions
diff --git a/‎source/app/blueprints/rest/v2/evidences_routes/comments.py‎
Lines changed: 21 additions & 0 deletions b/‎source/app/blueprints/rest/v2/evidences_routes/comments.py‎
Lines changed: 21 additions & 0 deletions
diff --git a/‎source/app/blueprints/rest/v2/iocs_routes/comments.py‎
Lines changed: 21 additions & 0 deletions b/‎source/app/blueprints/rest/v2/iocs_routes/comments.py‎
Lines changed: 21 additions & 0 deletions
@@ -183,11 +183,16 @@ jobs:
           source venv/bin/activate
           pip install -r requirements.txt
           PYTHONUNBUFFERED=true python -m unittest --verbose
+      - name: Check the absence of errors/stack traces in logs
+        run: |
+          ! docker compose logs app | grep Traceback -A100
       - name: Stop development server
+        if: ${{ always() }}
         run: |
           docker compose logs app > ${{ runner.temp }}/iriswebapp_app.log
           docker compose down
       - name: Upload artifact
+        if: ${{ always() }}
         uses: actions/upload-artifact@v4
         with:
           name: Test API iriswebapp_app logs
 
@@ -42,7 +42,8 @@
 from app.business.auth import validate_ldap_login
 from app.business.users import retrieve_user_by_username
 from app.business.auth import wrap_login_user
-from app.datamgmt.manage.manage_users_db import create_user, update_user_groups
+from app.datamgmt.manage.manage_users_db import create_user
+from app.datamgmt.manage.manage_users_db import update_user_groups
 from app.datamgmt.manage.manage_users_db import get_user
 from app.forms import LoginForm, MFASetupForm
 from app.iris_engine.access_control.iris_user import iris_current_user
 
@@ -408,11 +408,11 @@ def case_comment_asset_edit(cur_id, com_id, caseid):
 @ac_requires_case_identifier(CaseAccessLevel.full_access)
 @ac_api_requires()
 def case_comment_asset_delete(cur_id, com_id, caseid):
-    success, msg = delete_asset_comment(cur_id, com_id, caseid)
+    success, msg = delete_asset_comment(cur_id, com_id)
     if not success:
         return response_error(msg)
 
     call_modules_hook('on_postload_asset_comment_delete', data=com_id, caseid=caseid)
 
-    track_activity(f"comment {com_id} on asset {cur_id} deleted", caseid=caseid)
+    track_activity(f'comment {com_id} on asset {cur_id} deleted', caseid=caseid)
     return response_success(msg)
@@ -45,6 +45,7 @@
 from app.schema.marshables import UserSchema
 from app.schema.marshables import BasicUserSchema
 from app.schema.marshables import UserFullSchema
+from app.business.groups import groups_exist
 
 from app.blueprints.access_controls import ac_api_requires
 from app.blueprints.access_controls import ac_api_return_access_denied
@@ -171,8 +172,12 @@ def manage_user_group_(cur_id):
     if not user:
         return response_error("Invalid user ID")
 
-    update_user_groups(user_id=cur_id,
-                       groups=request.json.get('groups_membership'))
+    groups = request.json.get('groups_membership')
+    for group_identifier in groups:
+        if not groups_exist(group_identifier):
+            return response_error(f'No group with identifier {group_identifier}')
+
+    update_user_groups(cur_id, groups)
 
     track_activity(f"groups membership of user {cur_id} updated", ctx_less=True)
 
 
@@ -26,11 +26,14 @@
 from app.blueprints.rest.endpoints import response_api_success
 from app.blueprints.rest.endpoints import response_api_not_found
 from app.blueprints.rest.endpoints import response_api_created
+from app.blueprints.rest.endpoints import response_api_deleted
 from app.blueprints.rest.endpoints import response_api_error
 from app.blueprints.rest.parsing import parse_pagination_parameters
+from app.blueprints.access_controls import ac_api_return_access_denied
 from app.schema.marshables import CommentSchema
 from app.business.comments import comments_get_filtered_by_alert
 from app.business.comments import comments_create_for_alert
+from app.business.comments import comments_delete_for_alert
 from app.business.comments import comments_get_for_alert
 from app.business.alerts import alerts_get
 from app.iris_engine.access_control.iris_user import iris_current_user
@@ -72,6 +75,18 @@ def read(self, alert_identifier, identifier):
         except ObjectNotFoundError:
             return response_api_not_found()
 
+    def delete(self, alert_identifier, identifier):
+        try:
+            alert = alerts_get(iris_current_user, alert_identifier)
+            comment = comments_get_for_alert(alert, identifier)
+            if comment.comment_user_id != iris_current_user.id:
+                return ac_api_return_access_denied()
+
+            comments_delete_for_alert(comment)
+            return response_api_deleted()
+        except ObjectNotFoundError:
+            return response_api_not_found()
+
 
 alerts_comments_blueprint = Blueprint('alerts_comments', __name__, url_prefix='/<int:alert_identifier>/comments')
 comments_operations = CommentsOperations()
@@ -93,3 +108,9 @@ def create_alerts_comment(alert_identifier):
 @ac_api_requires(Permissions.alerts_read)
 def get_alerts_comment(alert_identifier, identifier):
     return comments_operations.read(alert_identifier, identifier)
+
+
+@alerts_comments_blueprint.delete('/<int:identifier>')
+@ac_api_requires(Permissions.alerts_write)
+def delete_alerts_comment(alert_identifier, identifier):
+    return comments_operations.delete(alert_identifier, identifier)
@@ -26,10 +26,13 @@
 from app.blueprints.rest.endpoints import response_api_created
 from app.blueprints.rest.endpoints import response_api_error
 from app.blueprints.rest.endpoints import response_api_success
+from app.blueprints.rest.endpoints import response_api_deleted
+from app.blueprints.access_controls import ac_api_return_access_denied
 from app.blueprints.rest.parsing import parse_pagination_parameters
 from app.business.comments import comments_get_filtered_by_asset
 from app.business.comments import comments_create_for_asset
 from app.business.comments import comments_get_for_asset
+from app.business.comments import comments_delete_for_asset
 from app.business.assets import assets_get
 from app.business.errors import ObjectNotFoundError
 from app.schema.marshables import CommentSchema
@@ -85,6 +88,18 @@ def read(self, asset_identifier, identifier):
         except ObjectNotFoundError:
             return response_api_not_found()
 
+    def delete(self, asset_identifier, identifier):
+        try:
+            asset = self._get_asset(asset_identifier, [CaseAccessLevel.full_access])
+            comment = comments_get_for_asset(asset, identifier)
+            if comment.comment_user_id != iris_current_user.id:
+                return ac_api_return_access_denied()
+
+            comments_delete_for_asset(asset, comment)
+            return response_api_deleted()
+        except ObjectNotFoundError:
+            return response_api_not_found()
+
 
 assets_comments_blueprint = Blueprint('assets_comments', __name__, url_prefix='/<int:asset_identifier>/comments')
 comments_operations = CommentsOperations()
@@ -106,3 +121,9 @@ def create_assets_comment(asset_identifier):
 @ac_api_requires()
 def get_assets_comment(asset_identifier, identifier):
     return comments_operations.read(asset_identifier, identifier)
+
+
+@assets_comments_blueprint.delete('/<int:identifier>')
+@ac_api_requires()
+def delete_alerts_comment(asset_identifier, identifier):
+    return comments_operations.delete(asset_identifier, identifier)
@@ -56,7 +56,7 @@ def _get_asset_in_case(identifier, case_identifier):
             raise ObjectNotFoundError
         return asset
 
-    def list(self, case_identifier):
+    def search(self, case_identifier):
         if not ac_fast_check_current_user_has_case_access(case_identifier,
                                                           [CaseAccessLevel.read_only, CaseAccessLevel.full_access]):
             return ac_api_return_access_denied(caseid=case_identifier)
@@ -97,7 +97,7 @@ def create(self, case_identifier):
         except BusinessProcessingError as e:
             return response_api_error(e.get_message(), data=e.get_data())
 
-    def get(self, case_identifier, identifier):
+    def read(self, case_identifier, identifier):
         try:
             asset = self._get_asset_in_case(identifier, case_identifier)
 
@@ -140,7 +140,6 @@ def delete(self, case_identifier, identifier):
         try:
             asset = self._get_asset_in_case(identifier, case_identifier)
 
-            # perform authz check
             if not ac_fast_check_current_user_has_case_access(asset.case_id, [CaseAccessLevel.full_access]):
                 return ac_api_return_access_denied(caseid=asset.case_id)
 
@@ -161,7 +160,7 @@ def delete(self, case_identifier, identifier):
 @case_assets_blueprint.get('')
 @ac_api_requires()
 def case_list_assets(case_identifier):
-    return assets_operations.list(case_identifier)
+    return assets_operations.search(case_identifier)
 
 
 @case_assets_blueprint.post('')
@@ -173,7 +172,7 @@ def add_asset(case_identifier):
 @case_assets_blueprint.get('/<int:identifier>')
 @ac_api_requires()
 def get_asset(case_identifier, identifier):
-    return assets_operations.get(case_identifier, identifier)
+    return assets_operations.read(case_identifier, identifier)
 
 
 @case_assets_blueprint.put('/<int:identifier>')
 
@@ -21,16 +21,19 @@
 from marshmallow import ValidationError
 
 from app.blueprints.access_controls import ac_api_requires
+from app.blueprints.access_controls import ac_api_return_access_denied
 from app.blueprints.rest.endpoints import response_api_paginated
 from app.blueprints.rest.endpoints import response_api_not_found
 from app.blueprints.rest.endpoints import response_api_created
 from app.blueprints.rest.endpoints import response_api_error
 from app.blueprints.rest.endpoints import response_api_success
+from app.blueprints.rest.endpoints import response_api_deleted
 from app.blueprints.rest.parsing import parse_pagination_parameters
 from app.iris_engine.access_control.iris_user import iris_current_user
 from app.business.comments import comments_get_filtered_by_event
 from app.business.comments import comments_create_for_event
 from app.business.comments import comments_get_for_event
+from app.business.comments import comments_delete_for_event
 from app.business.events import events_get
 from app.business.errors import ObjectNotFoundError
 from app.models.cases import CasesEvent
@@ -86,6 +89,18 @@ def read(self, event_identifier, identifier):
         except ObjectNotFoundError:
             return response_api_not_found()
 
+    def delete(self, event_identifier, identifier):
+        try:
+            event = self._get_event(event_identifier, [CaseAccessLevel.full_access])
+            comment = comments_get_for_event(event, identifier)
+            if comment.comment_user_id != iris_current_user.id:
+                return ac_api_return_access_denied()
+
+            comments_delete_for_event(event, comment)
+            return response_api_deleted()
+        except ObjectNotFoundError:
+            return response_api_not_found()
+
 
 events_comments_blueprint = Blueprint('events_comments', __name__, url_prefix='/<int:event_identifier>/comments')
 comments_operations = CommentsOperations()
@@ -107,3 +122,9 @@ def create_event_comment(event_identifier):
 @ac_api_requires()
 def get_event_comment(event_identifier, identifier):
     return comments_operations.read(event_identifier, identifier)
+
+
+@events_comments_blueprint.delete('/<int:identifier>')
+@ac_api_requires()
+def delete_task_comment(event_identifier, identifier):
+    return comments_operations.delete(event_identifier, identifier)
@@ -21,16 +21,19 @@
 from marshmallow import ValidationError
 
 from app.blueprints.access_controls import ac_api_requires
+from app.blueprints.access_controls import ac_api_return_access_denied
 from app.blueprints.rest.endpoints import response_api_paginated
 from app.blueprints.rest.endpoints import response_api_not_found
 from app.blueprints.rest.endpoints import response_api_created
 from app.blueprints.rest.endpoints import response_api_error
 from app.blueprints.rest.endpoints import response_api_success
+from app.blueprints.rest.endpoints import response_api_deleted
 from app.iris_engine.access_control.iris_user import iris_current_user
 from app.blueprints.rest.parsing import parse_pagination_parameters
 from app.business.comments import comments_get_filtered_by_evidence
 from app.business.comments import comments_create_for_evidence
 from app.business.comments import comments_get_for_evidence
+from app.business.comments import comments_delete_for_evidence
 from app.models.models import CaseReceivedFile
 from app.business.evidences import evidences_get
 from app.business.errors import ObjectNotFoundError
@@ -87,6 +90,18 @@ def read(self, event_identifier, identifier):
         except ObjectNotFoundError:
             return response_api_not_found()
 
+    def delete(self, evidence_identifier, identifier):
+        try:
+            evidence = self._get_evidence(evidence_identifier, [CaseAccessLevel.full_access])
+            comment = comments_get_for_evidence(evidence, identifier)
+            if comment.comment_user_id != iris_current_user.id:
+                return ac_api_return_access_denied()
+
+            comments_delete_for_evidence(evidence, comment)
+            return response_api_deleted()
+        except ObjectNotFoundError:
+            return response_api_not_found()
+
 
 evidences_comments_blueprint = Blueprint('evidences_comments', __name__, url_prefix='/<int:evidence_identifier>/comments')
 comments_operations = CommentsOperations()
@@ -108,3 +123,9 @@ def create_evidence_comment(evidence_identifier):
 @ac_api_requires()
 def get_evidence_comment(evidence_identifier, identifier):
     return comments_operations.read(evidence_identifier, identifier)
+
+
+@evidences_comments_blueprint.delete('/<int:identifier>')
+@ac_api_requires()
+def delete_evidence_comment(evidence_identifier, identifier):
+    return comments_operations.delete(evidence_identifier, identifier)
@@ -22,15 +22,18 @@
 
 from app.iris_engine.access_control.iris_user import iris_current_user
 from app.blueprints.access_controls import ac_api_requires
+from app.blueprints.access_controls import ac_api_return_access_denied
 from app.blueprints.rest.endpoints import response_api_paginated
 from app.blueprints.rest.endpoints import response_api_not_found
 from app.blueprints.rest.endpoints import response_api_created
 from app.blueprints.rest.endpoints import response_api_error
 from app.blueprints.rest.endpoints import response_api_success
+from app.blueprints.rest.endpoints import response_api_deleted
 from app.blueprints.rest.parsing import parse_pagination_parameters
 from app.business.comments import comments_get_filtered_by_ioc
 from app.business.comments import comments_create_for_ioc
 from app.business.comments import comments_get_for_ioc
+from app.business.comments import comments_delete_for_ioc
 from app.business.iocs import iocs_get
 from app.business.errors import ObjectNotFoundError
 from app.schema.marshables import CommentSchema
@@ -85,6 +88,18 @@ def read(self, ioc_identifier, identifier):
         except ObjectNotFoundError:
             return response_api_not_found()
 
+    def delete(self, ioc_identifier, identifier):
+        try:
+            ioc = self._get_ioc(ioc_identifier, [CaseAccessLevel.full_access])
+            comment = comments_get_for_ioc(ioc, identifier)
+            if comment.comment_user_id != iris_current_user.id:
+                return ac_api_return_access_denied()
+
+            comments_delete_for_ioc(ioc, comment)
+            return response_api_deleted()
+        except ObjectNotFoundError:
+            return response_api_not_found()
+
 
 iocs_comments_blueprint = Blueprint('iocs_comments', __name__, url_prefix='/<int:ioc_identifier>/comments')
 comments_operations = CommentsOperations()
@@ -106,3 +121,9 @@ def create_iocs_comment(ioc_identifier):
 @ac_api_requires()
 def get_ioc_comment(ioc_identifier, identifier):
     return comments_operations.read(ioc_identifier, identifier)
+
+
+@iocs_comments_blueprint.delete('/<int:identifier>')
+@ac_api_requires()
+def delete_ioc_comment(ioc_identifier, identifier):
+    return comments_operations.delete(ioc_identifier, identifier)