pull:初次提交

n8n-n8n-1.109.2/packages/nodes-base/nodes/TheHiveProject/actions/observable/create.operation.ts

@@ -0,0 +1,188 @@
+import FormData from 'form-data';
+import {
+	NodeOperationError,
+	type IDataObject,
+	type IExecuteFunctions,
+	type INodeExecutionData,
+	type INodeProperties,
+} from 'n8n-workflow';
+
+import { updateDisplayOptions, wrapData } from '@utils/utilities';
+
+import { alertRLC, attachmentsUi, caseRLC } from '../../descriptions';
+import { fixFieldType, prepareInputItem } from '../../helpers/utils';
+import { theHiveApiRequest } from '../../transport';
+
+const properties: INodeProperties[] = [
+	{
+		// eslint-disable-next-line n8n-nodes-base/node-param-display-name-miscased
+		displayName: 'Create in',
+		name: 'createIn',
+		type: 'options',
+		options: [
+			{
+				name: 'Case',
+				value: 'case',
+			},
+			{
+				name: 'Alert',
+				value: 'alert',
+			},
+		],
+		default: 'case',
+	},
+	{
+		...caseRLC,
+		name: 'id',
+		displayOptions: {
+			show: {
+				createIn: ['case'],
+			},
+		},
+	},
+	{
+		...alertRLC,
+		name: 'id',
+		displayOptions: {
+			show: {
+				createIn: ['alert'],
+			},
+		},
+	},
+	{
+		// eslint-disable-next-line n8n-nodes-base/node-param-display-name-wrong-for-dynamic-options
+		displayName: 'Data Type',
+		name: 'dataType',
+		type: 'options',
+		description:
+			'Choose from the list, or specify an ID using an <a href="https://docs.n8n.io/code/expressions/">expression</a>',
+		required: true,
+		default: 'file',
+		typeOptions: {
+			loadOptionsMethod: 'loadObservableTypes',
+		},
+	},
+	{
+		displayName: 'Data',
+		name: 'data',
+		type: 'string',
+		default: '',
+		required: true,
+		displayOptions: {
+			hide: {
+				dataType: ['file'],
+			},
+		},
+	},
+	{ ...attachmentsUi, required: true, displayOptions: { show: { dataType: ['file'] } } },
+	{
+		displayName: 'Fields',
+		name: 'observableFields',
+		type: 'resourceMapper',
+		default: {
+			mappingMode: 'defineBelow',
+			value: null,
+		},
+		noDataExpression: true,
+		required: true,
+		typeOptions: {
+			resourceMapper: {
+				resourceMapperMethod: 'getObservableFields',
+				mode: 'add',
+				valuesLabel: 'Fields',
+			},
+		},
+	},
+];
+
+const displayOptions = {
+	show: {
+		resource: ['observable'],
+		operation: ['create'],
+	},
+};
+
+export const description = updateDisplayOptions(displayOptions, properties);
+
+export async function execute(
+	this: IExecuteFunctions,
+	i: number,
+	item: INodeExecutionData,
+): Promise<INodeExecutionData[]> {
+	let responseData: IDataObject = {};
+	let body: IDataObject = {};
+
+	const createIn = this.getNodeParameter('createIn', i) as string;
+	const id = this.getNodeParameter('id', i, '', { extractValue: true }) as string;
+	const endpoint = `/v1/${createIn}/${id}/observable`;
+
+	const dataMode = this.getNodeParameter('observableFields.mappingMode', i) as string;
+
+	if (dataMode === 'autoMapInputData') {
+		const schema = this.getNodeParameter('observableFields.schema', i) as IDataObject[];
+		body = prepareInputItem(item.json, schema, i);
+	}
+
+	if (dataMode === 'defineBelow') {
+		const observableFields = this.getNodeParameter('observableFields.value', i, []) as IDataObject;
+		body = observableFields;
+	}
+
+	body = fixFieldType(body);
+
+	const dataType = this.getNodeParameter('dataType', i) as string;
+
+	body.dataType = dataType;
+
+	if (dataType === 'file') {
+		const inputDataFields = (
+			this.getNodeParameter('attachmentsUi.values', i, []) as IDataObject[]
+		).map((entry) => (entry.field as string).trim());
+
+		const formData = new FormData();
+
+		for (const inputDataField of inputDataFields) {
+			const binaryData = this.helpers.assertBinaryData(i, inputDataField);
+			const dataBuffer = await this.helpers.getBinaryDataBuffer(i, inputDataField);
+
+			formData.append('attachment', dataBuffer, {
+				filename: binaryData.fileName,
+				contentType: binaryData.mimeType,
+			});
+		}
+
+		formData.append('_json', JSON.stringify(body));
+
+		responseData = await theHiveApiRequest.call(
+			this,
+			'POST',
+			endpoint,
+			undefined,
+			undefined,
+			undefined,
+			{
+				Headers: {
+					'Content-Type': 'multipart/form-data',
+				},
+				formData,
+			},
+		);
+	} else {
+		const data = this.getNodeParameter('data', i) as string;
+		body.data = data;
+		responseData = await theHiveApiRequest.call(this, 'POST', endpoint, body);
+	}
+
+	if (responseData.failure) {
+		const message = (responseData.failure as IDataObject[])
+			.map((error: IDataObject) => error.message)
+			.join(', ');
+		throw new NodeOperationError(this.getNode(), message, { itemIndex: i });
+	}
+
+	const executionData = this.helpers.constructExecutionMetaData(wrapData(responseData), {
+		itemData: { item: i },
+	});
+
+	return executionData;
+}

n8n-n8n-1.109.2/packages/nodes-base/nodes/TheHiveProject/actions/observable/deleteObservable.operation.ts

@@ -0,0 +1,31 @@
+import type { IExecuteFunctions, INodeExecutionData, INodeProperties } from 'n8n-workflow';
+
+import { updateDisplayOptions, wrapData } from '@utils/utilities';
+
+import { observableRLC } from '../../descriptions';
+import { theHiveApiRequest } from '../../transport';
+
+const properties: INodeProperties[] = [observableRLC];
+
+const displayOptions = {
+	show: {
+		resource: ['observable'],
+		operation: ['deleteObservable'],
+	},
+};
+
+export const description = updateDisplayOptions(displayOptions, properties);
+
+export async function execute(this: IExecuteFunctions, i: number): Promise<INodeExecutionData[]> {
+	const observableId = this.getNodeParameter('observableId', i, '', {
+		extractValue: true,
+	}) as string;
+
+	await theHiveApiRequest.call(this, 'DELETE', `/v1/observable/${observableId}`);
+
+	const executionData = this.helpers.constructExecutionMetaData(wrapData({ success: true }), {
+		itemData: { item: i },
+	});
+
+	return executionData;
+}

n8n-n8n-1.109.2/packages/nodes-base/nodes/TheHiveProject/actions/observable/executeAnalyzer.operation.ts

@@ -0,0 +1,95 @@
+import type {
+	IDataObject,
+	IExecuteFunctions,
+	INodeExecutionData,
+	INodeProperties,
+} from 'n8n-workflow';
+
+import { updateDisplayOptions, wrapData } from '@utils/utilities';
+
+import { observableRLC, observableTypeOptions } from '../../descriptions';
+import { theHiveApiRequest } from '../../transport';
+
+const properties: INodeProperties[] = [
+	observableRLC,
+	observableTypeOptions,
+	{
+		displayName: 'Analyzer Names or IDs',
+		name: 'analyzers',
+		type: 'multiOptions',
+		description:
+			'Choose from the list, or specify IDs using an <a href="https://docs.n8n.io/code/expressions/">expression</a>',
+		required: true,
+		default: [],
+		typeOptions: {
+			loadOptionsDependsOn: ['observableId.value', 'dataType'],
+			loadOptionsMethod: 'loadAnalyzers',
+		},
+		displayOptions: {
+			hide: {
+				id: [''],
+			},
+		},
+	},
+];
+
+const displayOptions = {
+	show: {
+		resource: ['observable'],
+		operation: ['executeAnalyzer'],
+	},
+};
+
+export const description = updateDisplayOptions(displayOptions, properties);
+
+export async function execute(this: IExecuteFunctions, i: number): Promise<INodeExecutionData[]> {
+	let responseData: IDataObject = {};
+
+	const observableId = this.getNodeParameter('observableId', i, '', {
+		extractValue: true,
+	}) as string;
+
+	const analyzers = (this.getNodeParameter('analyzers', i) as string[]).map((analyzer) => {
+		const parts = analyzer.split('::');
+		return {
+			analyzerId: parts[0],
+			cortexId: parts[1],
+		};
+	});
+	let response: any;
+	let body: IDataObject;
+
+	const qs: IDataObject = {};
+	for (const analyzer of analyzers) {
+		body = {
+			...analyzer,
+			artifactId: observableId,
+		};
+		// execute the analyzer
+		response = await theHiveApiRequest.call(
+			this,
+			'POST',
+			'/connector/cortex/job' as string,
+			body,
+			qs,
+		);
+		const jobId = response.id;
+		qs.name = 'observable-jobs';
+		// query the job result (including the report)
+		do {
+			responseData = await theHiveApiRequest.call(
+				this,
+				'GET',
+				`/connector/cortex/job/${jobId}`,
+				body,
+				qs,
+			);
+		} while (responseData.status === 'Waiting' || responseData.status === 'InProgress');
+	}
+
+	const executionData = this.helpers.constructExecutionMetaData(wrapData(responseData), {
+		itemData: { item: i },
+	});
+
+	return executionData;
+}

n8n-n8n-1.109.2/packages/nodes-base/nodes/TheHiveProject/actions/observable/executeResponder.operation.ts

@@ -0,0 +1,75 @@
+import type {
+	IDataObject,
+	IExecuteFunctions,
+	INodeExecutionData,
+	INodeProperties,
+} from 'n8n-workflow';
+
+import { updateDisplayOptions, wrapData } from '@utils/utilities';
+
+import { observableRLC, responderOptions } from '../../descriptions';
+import { theHiveApiRequest } from '../../transport';
+
+const properties: INodeProperties[] = [{ ...observableRLC, name: 'id' }, responderOptions];
+
+const displayOptions = {
+	show: {
+		resource: ['observable'],
+		operation: ['executeResponder'],
+	},
+};
+
+export const description = updateDisplayOptions(displayOptions, properties);
+
+export async function execute(this: IExecuteFunctions, i: number): Promise<INodeExecutionData[]> {
+	let responseData: IDataObject | IDataObject[] = [];
+
+	const observableId = this.getNodeParameter('id', i);
+	const responderId = this.getNodeParameter('responder', i) as string;
+	let body: IDataObject;
+	let response;
+	responseData = [];
+	body = {
+		responderId,
+		objectId: observableId,
+		objectType: 'case_artifact',
+	};
+	response = await theHiveApiRequest.call(this, 'POST', '/connector/cortex/action' as string, body);
+	body = {
+		query: [
+			{
+				_name: 'listAction',
+			},
+			{
+				_name: 'filter',
+				_and: [
+					{
+						_field: 'cortexId',
+						_value: response.cortexId,
+					},
+					{
+						_field: 'objectId',
+						_value: response.objectId,
+					},
+					{
+						_field: 'startDate',
+						_value: response.startDate,
+					},
+				],
+			},
+		],
+	};
+	const qs: IDataObject = {};
+	qs.name = 'log-actions';
+	do {
+		response = await theHiveApiRequest.call(this, 'POST', '/v1/query', body, qs);
+	} while (response.status === 'Waiting' || response.status === 'InProgress');
+
+	responseData = response;
+
+	const executionData = this.helpers.constructExecutionMetaData(wrapData(responseData), {
+		itemData: { item: i },
+	});
+
+	return executionData;
+}

n8n-n8n-1.109.2/packages/nodes-base/nodes/TheHiveProject/actions/observable/get.operation.ts

@@ -0,0 +1,51 @@
+import type {
+	IDataObject,
+	IExecuteFunctions,
+	INodeExecutionData,
+	INodeProperties,
+} from 'n8n-workflow';
+
+import { updateDisplayOptions, wrapData } from '@utils/utilities';
+
+import { observableRLC } from '../../descriptions';
+import { theHiveApiRequest } from '../../transport';
+
+const properties: INodeProperties[] = [observableRLC];
+
+const displayOptions = {
+	show: {
+		resource: ['observable'],
+		operation: ['get'],
+	},
+};
+
+export const description = updateDisplayOptions(displayOptions, properties);
+
+export async function execute(this: IExecuteFunctions, i: number): Promise<INodeExecutionData[]> {
+	let responseData: IDataObject | IDataObject[] = [];
+
+	const observableId = this.getNodeParameter('observableId', i, '', {
+		extractValue: true,
+	}) as string;
+
+	const qs: IDataObject = {};
+
+	const body = {
+		query: [
+			{
+				_name: 'getObservable',
+				idOrName: observableId,
+			},
+		],
+	};
+
+	qs.name = `get-observable-${observableId}`;
+
+	responseData = await theHiveApiRequest.call(this, 'POST', '/v1/query', body, qs);
+
+	const executionData = this.helpers.constructExecutionMetaData(wrapData(responseData), {
+		itemData: { item: i },
+	});
+
+	return executionData;
+}

n8n-n8n-1.109.2/packages/nodes-base/nodes/TheHiveProject/actions/observable/index.ts

@@ -0,0 +1,71 @@
+import type { INodeProperties } from 'n8n-workflow';
+
+import * as create from './create.operation';
+import * as deleteObservable from './deleteObservable.operation';
+import * as executeAnalyzer from './executeAnalyzer.operation';
+import * as executeResponder from './executeResponder.operation';
+import * as get from './get.operation';
+import * as search from './search.operation';
+import * as update from './update.operation';
+
+export { create, deleteObservable, executeAnalyzer, executeResponder, get, search, update };
+
+export const description: INodeProperties[] = [
+	{
+		displayName: 'Operation',
+		name: 'operation',
+		type: 'options',
+		noDataExpression: true,
+		required: true,
+		default: 'create',
+		options: [
+			{
+				name: 'Create',
+				value: 'create',
+				action: 'Create an observable',
+			},
+			{
+				name: 'Delete',
+				value: 'deleteObservable',
+				action: 'Delete an observable',
+			},
+			{
+				name: 'Execute Analyzer',
+				value: 'executeAnalyzer',
+				action: 'Execute analyzer on an observable',
+			},
+			{
+				name: 'Execute Responder',
+				value: 'executeResponder',
+				action: 'Execute responder on an observable',
+			},
+			{
+				name: 'Get',
+				value: 'get',
+				action: 'Get an observable',
+			},
+			{
+				name: 'Search',
+				value: 'search',
+				action: 'Search observables',
+			},
+			{
+				name: 'Update',
+				value: 'update',
+				action: 'Update an observable',
+			},
+		],
+		displayOptions: {
+			show: {
+				resource: ['observable'],
+			},
+		},
+	},
+	...create.description,
+	...deleteObservable.description,
+	...executeAnalyzer.description,
+	...executeResponder.description,
+	...get.description,
+	...search.description,
+	...update.description,
+];

n8n-n8n-1.109.2/packages/nodes-base/nodes/TheHiveProject/actions/observable/search.operation.ts

@@ -0,0 +1,120 @@
+import type {
+	IDataObject,
+	IExecuteFunctions,
+	INodeExecutionData,
+	INodeProperties,
+} from 'n8n-workflow';
+import { NodeOperationError } from 'n8n-workflow';
+
+import { updateDisplayOptions, wrapData } from '@utils/utilities';
+
+import {
+	alertRLC,
+	caseRLC,
+	genericFiltersCollection,
+	returnAllAndLimit,
+	searchOptions,
+	sortCollection,
+} from '../../descriptions';
+import type { QueryScope } from '../../helpers/interfaces';
+import { theHiveApiQuery } from '../../transport';
+
+const properties: INodeProperties[] = [
+	{
+		// eslint-disable-next-line n8n-nodes-base/node-param-display-name-miscased
+		displayName: 'Search in',
+		name: 'searchIn',
+		type: 'options',
+		default: 'all',
+		description:
+			'Whether to search for observables in all alerts and cases or in a specific case or alert',
+		options: [
+			{
+				name: 'Alerts and Cases',
+				value: 'all',
+			},
+			{
+				name: 'Alert',
+				value: 'alert',
+			},
+			{
+				name: 'Case',
+				value: 'case',
+			},
+		],
+	},
+	{
+		...caseRLC,
+		displayOptions: {
+			show: {
+				searchIn: ['case'],
+			},
+		},
+	},
+	{
+		...alertRLC,
+		displayOptions: {
+			show: {
+				searchIn: ['alert'],
+			},
+		},
+	},
+	...returnAllAndLimit,
+	genericFiltersCollection,
+	sortCollection,
+	searchOptions,
+];
+
+const displayOptions = {
+	show: {
+		resource: ['observable'],
+		operation: ['search'],
+	},
+};
+
+export const description = updateDisplayOptions(displayOptions, properties);
+
+export async function execute(this: IExecuteFunctions, i: number): Promise<INodeExecutionData[]> {
+	let responseData: IDataObject | IDataObject[] = [];
+
+	const searchIn = this.getNodeParameter('searchIn', i) as string;
+	const filtersValues = this.getNodeParameter('filters.values', i, []) as IDataObject[];
+	const sortFields = this.getNodeParameter('sort.fields', i, []) as IDataObject[];
+	const returnAll = this.getNodeParameter('returnAll', i);
+	const { returnCount, extraData } = this.getNodeParameter('options', i);
+
+	let limit;
+	let scope: QueryScope;
+
+	if (searchIn === 'all') {
+		scope = { query: 'listObservable' };
+	} else if (searchIn === 'alert') {
+		const alertId = this.getNodeParameter('alertId', i, '', { extractValue: true }) as string;
+		scope = { query: 'getAlert', id: alertId, restrictTo: 'observables' };
+	} else if (searchIn === 'case') {
+		const caseId = this.getNodeParameter('caseId', i, '', { extractValue: true }) as string;
+		scope = { query: 'getCase', id: caseId, restrictTo: 'observables' };
+	} else {
+		throw new NodeOperationError(this.getNode(), `Invalid 'Search In ...' value: ${searchIn}`);
+	}
+
+	if (!returnAll) {
+		limit = this.getNodeParameter('limit', i);
+	}
+
+	responseData = await theHiveApiQuery.call(
+		this,
+		scope,
+		filtersValues,
+		sortFields,
+		limit,
+		returnCount as boolean,
+		extraData as string[],
+	);
+
+	const executionData = this.helpers.constructExecutionMetaData(wrapData(responseData), {
+		itemData: { item: i },
+	});
+
+	return executionData;
+}

n8n-n8n-1.109.2/packages/nodes-base/nodes/TheHiveProject/actions/observable/update.operation.ts

@@ -0,0 +1,141 @@
+import set from 'lodash/set';
+import type {
+	IDataObject,
+	IExecuteFunctions,
+	INodeExecutionData,
+	INodeProperties,
+} from 'n8n-workflow';
+import { NodeOperationError } from 'n8n-workflow';
+
+import { updateDisplayOptions, wrapData } from '@utils/utilities';
+
+import { fixFieldType, prepareInputItem } from '../../helpers/utils';
+import { theHiveApiRequest } from '../../transport';
+
+const properties: INodeProperties[] = [
+	{
+		displayName: 'Fields',
+		name: 'observableUpdateFields',
+		type: 'resourceMapper',
+		default: {
+			mappingMode: 'defineBelow',
+			value: null,
+		},
+		noDataExpression: true,
+		required: true,
+		typeOptions: {
+			resourceMapper: {
+				resourceMapperMethod: 'getObservableUpdateFields',
+				mode: 'update',
+				valuesLabel: 'Fields',
+				addAllFields: true,
+				multiKeyMatch: true,
+			},
+		},
+	},
+];
+
+const displayOptions = {
+	show: {
+		resource: ['observable'],
+		operation: ['update'],
+	},
+};
+
+export const description = updateDisplayOptions(displayOptions, properties);
+
+export async function execute(
+	this: IExecuteFunctions,
+	i: number,
+	item: INodeExecutionData,
+): Promise<INodeExecutionData[]> {
+	let body: IDataObject = {};
+	let updated = 1;
+
+	const dataMode = this.getNodeParameter('observableUpdateFields.mappingMode', i) as string;
+
+	if (dataMode === 'autoMapInputData') {
+		const schema = this.getNodeParameter('observableUpdateFields.schema', i) as IDataObject[];
+		body = prepareInputItem(item.json, schema, i);
+	}
+
+	if (dataMode === 'defineBelow') {
+		const observableUpdateFields = this.getNodeParameter(
+			'observableUpdateFields.value',
+			i,
+			[],
+		) as IDataObject;
+		body = observableUpdateFields;
+	}
+
+	body = fixFieldType(body);
+
+	const fieldsToMatchOn = this.getNodeParameter(
+		'observableUpdateFields.matchingColumns',
+		i,
+	) as string[];
+
+	const updateBody: IDataObject = {};
+	const matchFields: IDataObject = {};
+	const { id } = body; // id would be used if matching on id, also we need to remove it from the body
+
+	for (const field of Object.keys(body)) {
+		if (fieldsToMatchOn.includes(field)) {
+			// if field is in fieldsToMatchOn, we need to exclude it from the updateBody, as values used for matching should not be updated
+			matchFields[field] = body[field];
+		} else {
+			// use set to construct the updateBody, as it allows to process customFields.fieldName
+			// if customFields provided under customFields property, it will be send as is
+			set(updateBody, field, body[field]);
+		}
+	}
+
+	if (fieldsToMatchOn.includes('id')) {
+		await theHiveApiRequest.call(this, 'PATCH', `/v1/observable/${id}`, body);
+	} else {
+		const filter = {
+			_name: 'filter',
+			_and: fieldsToMatchOn.map((field) => ({
+				_eq: {
+					_field: field,
+					_value: matchFields[field],
+				},
+			})),
+		};
+
+		const queryBody = {
+			query: [
+				{
+					_name: 'listObservable',
+				},
+				filter,
+			],
+		};
+
+		const matches = (await theHiveApiRequest.call(
+			this,
+			'POST',
+			'/v1/query',
+			queryBody,
+		)) as IDataObject[];
+
+		if (!matches.length) {
+			throw new NodeOperationError(this.getNode(), 'No matching alerts found');
+		}
+		const ids = matches.map((match) => match._id);
+		updated = ids.length;
+
+		updateBody.ids = ids;
+
+		await theHiveApiRequest.call(this, 'PATCH', '/v1/observable/_bulk', updateBody);
+	}
+
+	const executionData = this.helpers.constructExecutionMetaData(
+		wrapData({ success: true, updated }),
+		{
+			itemData: { item: i },
+		},
+	);
+
+	return executionData;
+}