mihari 5.4.2 → 5.4.4

data/lib/mihari/structs/virustotal_intelligence.rb

@@ -21,9 +21,7 @@ module Mihari
           #
           def from_dynamic!(d)
             d = Types::Hash[d]
-            new(
-              url: d["url"]
-            )
+            new(url: d["url"])
           end
         end
       end
@@ -81,7 +79,7 @@ module Mihari
         #
         # @return [Mihari::Artifact]
         #
-        def to_artifact
+        def artifact
           Artifact.new(data: value, metadata: metadata)
         end
 
@@ -155,8 +153,8 @@ module Mihari
         #
         # @return [Array<Mihari::Artifact>]
         #
-        def to_artifacts
-          data.map(&:to_artifact)
+        def artifacts
+          data.map(&:artifact)
         end
 
         class << self

data/lib/mihari/type_checker.rb

@@ -54,7 +54,7 @@ module Mihari
       return "ip" if ip?
       return "domain" if domain?
       return "url" if url?
-      return "mail" if mail?
+      "mail" if mail?
     end
 
     # @return [String, nil]

data/lib/mihari/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Mihari
-  VERSION = "5.4.2"
+  VERSION = "5.4.4"
 end

data/lib/mihari/web/endpoints/alerts.rb

@@ -54,18 +54,27 @@ module Mihari
           requires :id, type: Integer
         end
         delete "/:id" do
+          extend Dry::Monads[:result, :try]
+
           id = params["id"].to_i
 
-          begin
+          result = Try do
             alert = Mihari::Alert.find(id)
-          rescue ActiveRecord::RecordNotFound
-            error!({ message: "ID:#{id} is not found" }, 404)
-          end
+            alert.destroy
+          end.to_result
 
-          alert.destroy
+          if result.success?
+            status 204
+            return present({ message: "" }, with: Entities::Message)
+          end
 
-          status 204
-          present({ message: "" }, with: Entities::Message)
+          failure = result.failure
+          case failure
+          when ActiveRecord::RecordNotFound
+            error!({ message: "ID:#{id} is not found" }, 404)
+          else
+            raise failure
+          end
         end
 
         desc "Create an alert", {
@@ -77,17 +86,26 @@ module Mihari
           requires :artifacts, type: Array, documentation: { type: String, is_array: true, param_type: "body" }
         end
         post "/" do
-          proxy = Services::AlertProxy.new(params.to_snake_keys)
-          runner = Services::AlertRunner.new(proxy)
+          extend Dry::Monads[:result, :try]
 
-          begin
-            alert = runner.run
-          rescue ActiveRecord::RecordNotFound
-            error!({ message: "Rule:#{params["ruleId"]} is not found" }, 404)
+          result = Try do
+            proxy = Services::AlertProxy.new(params.to_snake_keys)
+            runner = Services::AlertRunner.new(proxy)
+            runner.run
+          end.to_result
+
+          if result.success?
+            status 201
+            return present(result.value!, with: Entities::Alert)
           end
 
-          status 201
-          present alert, with: Entities::Alert
+          failure = result.failure
+          case failure
+          when ActiveRecord::RecordNotFound
+            error!({ message: "Rule:#{params["ruleId"]} is not found" }, 404)
+          else
+            raise failure
+          end
         end
       end
     end

data/lib/mihari/web/endpoints/artifacts.rb

@@ -13,9 +13,11 @@ module Mihari
           requires :id, type: Integer
         end
         get "/:id" do
+          extend Dry::Monads[:result, :try]
+
           id = params[:id].to_i
 
-          begin
+          result = Try do
             artifact = Mihari::Artifact.includes(
               :autonomous_system,
               :geolocation,
@@ -23,18 +25,25 @@ module Mihari
               :dns_records,
               :reverse_dns_names
             ).find(id)
-          rescue ActiveRecord::RecordNotFound
-            error!({ message: "ID:#{id} is not found" }, 404)
-          end
+            # TODO: improve queries
+            alert_ids = Mihari::Artifact.where(data: artifact.data).pluck(:alert_id)
+            tag_ids = Mihari::Tagging.where(alert_id: alert_ids).pluck(:tag_id)
+            tag_names = Mihari::Tag.where(id: tag_ids).distinct.pluck(:name)
 
-          # TODO: improve queries
-          alert_ids = Mihari::Artifact.where(data: artifact.data).pluck(:alert_id)
-          tag_ids = Mihari::Tagging.where(alert_id: alert_ids).pluck(:tag_id)
-          tag_names = Mihari::Tag.where(id: tag_ids).distinct.pluck(:name)
+            artifact.tags = tag_names
 
-          artifact.tags = tag_names
+            artifact
+          end.to_result
 
-          present artifact, with: Entities::Artifact
+          return present(result.value!, with: Entities::Artifact) if result.success?
+
+          failure = result.failure
+          case failure
+          when ActiveRecord::RecordNotFound
+            error!({ message: "ID:#{id} is not found" }, 404)
+          else
+            raise failure
+          end
         end
 
         desc "Enrich an artifact", {
@@ -46,9 +55,11 @@ module Mihari
           requires :id, type: Integer
         end
         get "/:id/enrich" do
+          extend Dry::Monads[:result, :try]
+
           id = params["id"].to_i
 
-          begin
+          result = Try do
             artifact = Mihari::Artifact.includes(
               :autonomous_system,
               :geolocation,
@@ -58,15 +69,23 @@ module Mihari
               :cpes,
               :ports
             ).find(id)
-          rescue ActiveRecord::RecordNotFound
-            error!({ message: "ID:#{id} is not found" }, 404)
-          end
 
-          artifact.enrich_all
-          artifact.save
+            artifact.enrich_all
+            artifact.save
+          end.to_result
 
-          status 201
-          present({ message: "" }, with: Entities::Message)
+          if result.success?
+            status 201
+            return present({ message: "" }, with: Entities::Message)
+          end
+
+          failure = result.failure
+          case failure
+          when ActiveRecord::RecordNotFound
+            error!({ message: "ID:#{id} is not found" }, 404)
+          else
+            raise failure
+          end
         end
 
         desc "Delete an artifact", {
@@ -78,18 +97,27 @@ module Mihari
           requires :id, type: Integer
         end
         delete "/:id" do
+          extend Dry::Monads[:result, :try]
+
           id = params["id"].to_i
 
-          begin
+          result = Try do
             alert = Mihari::Artifact.find(id)
-          rescue ActiveRecord::RecordNotFound
-            error!({ message: "ID:#{id} is not found" }, 404)
-          end
+            alert.destroy
+          end.to_result
 
-          alert.destroy
+          if result.success?
+            status 204
+            return present({ message: "" }, with: Entities::Message)
+          end
 
-          status 204
-          present({ message: "" }, with: Entities::Message)
+          failure = result.failure
+          case failure
+          when ActiveRecord::RecordNotFound
+            error!({ message: "ID:#{id} is not found" }, 404)
+          else
+            raise failure
+          end
         end
       end
     end

data/lib/mihari/web/endpoints/configs.rb

@@ -10,9 +10,9 @@ module Mihari
           summary: "Get configs"
         }
         get "/" do
-          configs = (Mihari.analyzers + Mihari.emitters + Mihari.enrichers).map do |klass|
+          configs = (Mihari.analyzers + Mihari.emitters + Mihari.enrichers).filter_map do |klass|
             Mihari::Structs::Config.from_class(klass)
-          end.compact
+          end
 
           present(configs, with: Entities::Config)
         end

data/lib/mihari/web/endpoints/ip_addresses.rb

@@ -16,11 +16,9 @@ module Mihari
           ip = params[:ip].to_s
 
           data = Enrichers::IPInfo.query(ip)
-          if data.nil?
-            error!({ message: "IP:#{ip} is not found" }, 404)
-          else
-            present data, with: Entities::IPAddress
-          end
+          error!({ message: "IP:#{ip} is not found" }, 404) if data.nil?
+
+          present data, with: Entities::IPAddress
         end
       end
     end

data/lib/mihari/web/endpoints/rules.rb

@@ -61,15 +61,23 @@ module Mihari
           requires :id, type: String
         end
         get "/:id" do
+          extend Dry::Monads[:result, :try]
+
           id = params["id"].to_s
 
-          begin
-            rule = Mihari::Rule.find(id)
-          rescue ActiveRecord::RecordNotFound
+          result = Try do
+            Mihari::Rule.find(id)
+          end.to_result
+
+          return present(result.value!, with: Entities::Rule) if result.success?
+
+          failure = result.failure
+          case failure
+          when ActiveRecord::RecordNotFound
             error!({ message: "ID:#{id} is not found" }, 404)
+          else
+            raise failure
           end
-
-          present rule, with: Entities::Rule
         end
 
         desc "Run a rule", {
@@ -80,19 +88,27 @@ module Mihari
           requires :id, type: String
         end
         get "/:id/run" do
+          extend Dry::Monads[:result, :try]
+
           id = params["id"].to_s
 
-          begin
-            rule = Mihari::Services::RuleProxy.from_model(Mihari::Rule.find(id))
-          rescue ActiveRecord::RecordNotFound
-            error!({ message: "ID:#{id} is not found" }, 404)
-          end
+          result = Try do
+            Mihari::Services::RuleProxy.from_model(Mihari::Rule.find(id))
+          end.to_result
 
-          analyzer = rule.analyzer
-          analyzer.run
+          if result.success?
+            result.value!.analyzer.run
+            status 201
+            return present({ message: "ID:#{id} is ran successfully" }, with: Entities::Message)
+          end
 
-          status 201
-          present({ message: "ID:#{id} is ran successfully" }, with: Entities::Message)
+          failure = result.failure
+          case failure
+          when ActiveRecord::RecordNotFound
+            error!({ message: "ID:#{id} is not found" }, 404)
+          else
+            raise failure
+          end
         end
 
         desc "Create a rule", {
@@ -103,39 +119,38 @@ module Mihari
           requires :yaml, type: String, documentation: { param_type: "body" }
         end
         post "/" do
-          yaml = params[:yaml]
+          extend Dry::Monads[:result, :try]
 
-          begin
-            rule = Services::RuleProxy.from_yaml(yaml)
-          rescue YAMLSyntaxError => e
-            error!({ message: e.message }, 400)
+          yaml = params[:yaml]
+          result = Try do
+            Services::RuleProxy.from_yaml(yaml)
+          end.to_result.bind do |rule|
+            Try do
+              found = Mihari::Rule.find_by_id(rule.id)
+              error!({ message: "ID:#{rule.id} is already registered" }, 400) unless found.nil?
+              rule
+            end.to_result
+          end.bind do |rule|
+            Try do
+              rule.model.save
+              rule
+            end.to_result
           end
 
-          # check ID duplication
-          begin
-            Mihari::Rule.find(rule.id)
-            error!({ message: "ID:#{rule.id} is already registered" }, 400)
-          rescue ActiveRecord::RecordNotFound
-            # do nothing
+          if result.success?
+            status 201
+            return present(result.value!.model, with: Entities::Rule)
           end
 
-          begin
-            rule.validate!
-          rescue RuleValidationError
-            error!({ message: "Data format is invalid", details: rule.errors.to_h }, 400) if rule.errors?
-
-            # when NoMethodError occurs
-            error!({ message: "Data format is invalid" }, 400)
+          failure = result.failure
+          case failure
+          when Psych::SyntaxError
+            error!({ message: failure.message }, 400)
+          when ValidationError
+            error!({ message: "Data format is invalid", details: failure.errors.to_h }, 400)
+          else
+            raise failure
           end
-
-          begin
-            rule.model.save
-          rescue ActiveRecord::RecordNotUnique
-            error!({ message: "ID:#{rule.id} is already registered" }, 400)
-          end
-
-          status 201
-          present rule.model, with: Entities::Rule
         end
 
         desc "Update a rule", {
@@ -147,38 +162,40 @@ module Mihari
           requires :yaml, type: String, documentation: { param_type: "body" }
         end
         put "/" do
+          extend Dry::Monads[:result, :try]
+
           id = params[:id]
           yaml = params[:yaml]
 
-          begin
+          result = Try do
             Mihari::Rule.find(id)
-          rescue ActiveRecord::RecordNotFound
-            error!({ message: "ID:#{id} is not found" }, 404)
+          end.to_result.bind do |_|
+            Try do
+              Services::RuleProxy.from_yaml(yaml)
+            end.to_result
+          end.bind do |rule|
+            Try do
+              rule.model.save
+              rule
+            end.to_result
           end
 
-          begin
-            rule = Services::RuleProxy.from_yaml(yaml)
-          rescue YAMLSyntaxError => e
-            error!({ message: e.message }, 400)
+          if result.success?
+            status 201
+            return present(result.value!.model, with: Entities::Rule)
           end
 
-          begin
-            rule.validate!
-          rescue RuleValidationError
-            error!({ message: "Data format is invalid", details: rule.errors.to_h }, 400) if rule.errors?
-
-            # when NoMethodError occurs
-            error!({ message: "Data format is invalid" }, 400)
-          end
-
-          begin
-            rule.model.save
-          rescue ActiveRecord::RecordNotUnique
-            error!({ message: "ID:#{id} is already registered" }, 400)
+          failure = result.failure
+          case failure
+          when ActiveRecord::RecordNotFound
+            error!({ message: "ID:#{id} is not found" }, 404)
+          when Psych::SyntaxError
+            error!({ message: failure.message }, 400)
+          when ValidationError
+            error!({ message: "Data format is invalid", details: failure.errors.to_h }, 400)
+          else
+            raise failure
           end
-
-          status 201
-          present rule.model, with: Entities::Rule
         end
 
         desc "Delete a rule", {
@@ -190,18 +207,27 @@ module Mihari
           requires :id, type: String
         end
         delete "/:id" do
+          extend Dry::Monads[:result, :try]
+
           id = params["id"].to_s
 
-          begin
+          result = Try do
             rule = Mihari::Rule.find(id)
-          rescue ActiveRecord::RecordNotFound
-            error!({ message: "ID:#{id} is not found" }, 404)
-          end
+            rule.destroy
+          end.to_result
 
-          rule.destroy
+          if result.success?
+            status 204
+            return present({ message: "ID:#{id} is deleted" }, with: Entities::Message)
+          end
 
-          status 204
-          present({ message: "ID:#{id} is deleted" }, with: Entities::Message)
+          failure = result.failure
+          case failure
+          when ActiveRecord::RecordNotFound
+            error!({ message: "ID:#{id} is not found" }, 404)
+          else
+            raise failure
+          end
         end
       end
     end

data/lib/mihari/web/endpoints/tags.rb

@@ -23,16 +23,26 @@ module Mihari
           requires :name, type: String
         end
         delete "/:name" do
+          extend Dry::Monads[:result, :try]
+
           name = params[:name].to_s
 
-          begin
+          result = Try do
             Mihari::Tag.where(name: name).destroy_all
-          rescue ActiveRecord::RecordNotFound
-            error!({ message: "Name:#{name} is not found" }, 404)
+          end.to_result
+
+          if result.success?
+            status 204
+            return present({ message: "" }, with: Entities::Message)
           end
 
-          status 204
-          present({ message: "" }, with: Entities::Message)
+          failure = result.failure
+          case failure
+          when ActiveRecord::RecordNotFound
+            error!({ message: "Name:#{name} is not found" }, 404)
+          else
+            raise failure
+          end
         end
       end
     end