mihari 5.7.2 → 6.1.0

data/lib/mihari/service.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Mihari
   #
   # Base class for services

data/lib/mihari/services/rule_builder.rb

@@ -20,10 +20,8 @@ module Mihari
       # @return [Hash]
       #
       def data
-        if Mihari::Models::Rule.exists?(path_or_id)
-          rule = Mihari::Models::Rule.find(path_or_id)
-          return rule.data
-        end
+        result = Try { Mihari::Models::Rule.find path_or_id }.to_result
+        return result.value! if result.success?
 
         raise ArgumentError, "#{path_or_id} does not exist" unless Pathname(path_or_id).exist?
 

data/lib/mihari/structs/fofa.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Mihari
   module Structs
     module Fofa

data/lib/mihari/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Mihari
-  VERSION = "5.7.2"
+  VERSION = "6.1.0"
 end

data/lib/mihari/web/app.rb

@@ -39,7 +39,7 @@ module Mihari
 
       def call(env)
         status, headers, body = API.call(env)
-        return [status, headers, body] unless headers["X-Cascade"] == "pass"
+        return [status, headers, body] unless headers["x-cascade"] == "pass"
 
         # Check if the App wants us to pass the response along to others
         request_path = env["PATH_INFO"]
@@ -53,17 +53,19 @@ module Mihari
 
       class << self
         def instance
-          @instance ||= Rack::Builder.new do
+          Rack::Builder.new do
             use Rack::Cors do
               allow do
                 origins "*"
                 resource "*", headers: :any, methods: %i[get post put delete options]
               end
             end
-
             use Middleware::ConnectionAdapter
             use Middleware::ErrorNotificationAdapter
 
+            use Sentry::Rack::CaptureExceptions if Sentry.initialized?
+            use BetterErrors::Middleware if ENV["RACK_ENV"] == "development" && defined?(BetterErrors::Middleware)
+
             run App.new
           end.to_app
         end

data/lib/mihari/web/endpoints/alerts.rb

@@ -77,7 +77,6 @@ module Mihari
           desc "Search alerts", {
             is_array: true,
             success: Entities::AlertsWithPagination,
-            failure: [{ code: 404, message: "Not found", model: Entities::Message }],
             summary: "Search alerts"
           }
           params do
@@ -103,31 +102,30 @@ module Mihari
           end
 
           desc "Delete an alert", {
-            success: Entities::Message,
-            failure: [{ code: 404, message: "Not found", model: Entities::Message }],
+            success: { code: 204, model: Entities::Message },
+            failure: [{ code: 404, model: Entities::Message }],
             summary: "Delete an alert"
           }
           params do
             requires :id, type: Integer
           end
           delete "/:id" do
+            status 204
+
             id = params["id"].to_i
             result = AlertDestroyer.result(id)
-            if result.success?
-              status 204
-              return present({ message: "" }, with: Entities::Message)
-            end
+            return present({ message: "" }, with: Entities::Message) if result.success?
 
-            failure = result.failure
-            case failure
+            case result.failure
             when ActiveRecord::RecordNotFound
               error!({ message: "ID:#{id} is not found" }, 404)
             end
-            raise failure
+            raise result.failure
           end
 
           desc "Create an alert", {
-            success: Entities::Alert,
+            success: { code: 201, model: Entities::Alert },
+            failure: [{ code: 404, model: Entities::Message }],
             summary: "Create an alert"
           }
           params do
@@ -135,18 +133,16 @@ module Mihari
             requires :artifacts, type: Array, documentation: { type: String, is_array: true, param_type: "body" }
           end
           post "/" do
+            status 201
+
             result = AlertCreator.result(params)
-            if result.success?
-              status 201
-              return present(result.value!, with: Entities::Alert)
-            end
+            return present(result.value!, with: Entities::Alert) if result.success?
 
-            failure = result.failure
-            case failure
+            case result.failure
             when ActiveRecord::RecordNotFound
               error!({ message: "Rule:#{params["ruleId"]} is not found" }, 404)
             end
-            raise failure
+            raise result.failure
           end
         end
       end

data/lib/mihari/web/endpoints/artifacts.rb

@@ -64,7 +64,7 @@ module Mihari
         namespace :artifacts do
           desc "Get an artifact", {
             success: Entities::Artifact,
-            failure: [{ code: 404, message: "Not found", model: Entities::Message }],
+            failure: [{ code: 404, model: Entities::Message }],
             summary: "Get an artifact"
           }
           params do
@@ -75,60 +75,55 @@ module Mihari
             result = ArtifactGetter.result(id)
             return present(result.value!, with: Entities::Artifact) if result.success?
 
-            failure = result.failure
-            case failure
+            case result.failure
             when ActiveRecord::RecordNotFound
               error!({ message: "ID:#{id} is not found" }, 404)
             end
-            raise failure
+            raise result.failure
           end
 
           desc "Enrich an artifact", {
-            success: Entities::Message,
-            failure: [{ code: 404, message: "Not found", model: Entities::Message }],
+            success: { code: 201, model: Entities::Message },
+            failure: [{ code: 404, model: Entities::Message }],
             summary: "Enrich an artifact"
           }
           params do
             requires :id, type: Integer
           end
           get "/:id/enrich" do
+            status 201
+
             id = params["id"].to_i
             result = ArtifactEnricher.result(id)
-            if result.success?
-              status 201
-              return present({ message: "" }, with: Entities::Message)
-            end
+            return present({ message: "#{id} has been enriched" }, with: Entities::Message) if result.success?
 
-            failure = result.failure
-            case failure
+            case result.failure
             when ActiveRecord::RecordNotFound
               error!({ message: "ID:#{id} is not found" }, 404)
             end
-            raise failure
+            raise result.failure
           end
 
           desc "Delete an artifact", {
-            success: Entities::Message,
-            failure: [{ code: 404, message: "Not found", model: Entities::Message }],
+            success: { code: 204, model: Entities::Message },
+            failure: [{ code: 404, model: Entities::Message }],
             summary: "Delete an artifact"
           }
           params do
             requires :id, type: Integer
           end
           delete "/:id" do
+            status 204
+
             id = params["id"].to_i
             result = ArtifactDestroyer.result(id)
-            if result.success?
-              status 204
-              return present({ message: "" }, with: Entities::Message)
-            end
+            return present({ message: "" }, with: Entities::Message) if result.success?
 
-            failure = result.failure
-            case failure
+            case result.failure
             when ActiveRecord::RecordNotFound
               error!({ message: "ID:#{id} is not found" }, 404)
             end
-            raise failure
+            raise result.failure
           end
         end
       end

data/lib/mihari/web/endpoints/configs.rb

@@ -17,7 +17,6 @@ module Mihari
             configs = (Mihari.analyzers + Mihari.emitters + Mihari.enrichers).filter_map do |klass|
               Mihari::Structs::Config.from_class(klass)
             end
-
             present(configs, with: Entities::Config)
           end
         end

data/lib/mihari/web/endpoints/ip_addresses.rb

@@ -21,7 +21,7 @@ module Mihari
         namespace :ip_addresses do
           desc "Get an IP address", {
             success: Entities::IPAddress,
-            failure: [{ code: 404, message: "Not found", model: Entities::Message }],
+            failure: [{ code: 404, model: Entities::Message }],
             summary: "Get an IP address"
           }
           params do

data/lib/mihari/web/endpoints/rules.rb

@@ -128,7 +128,6 @@ module Mihari
           desc "Search rules", {
             is_array: true,
             success: Entities::RulesWithPagination,
-            failure: [{ code: 404, message: "Not found", model: Entities::Message }],
             summary: "Search rules"
           }
           params do
@@ -153,7 +152,7 @@ module Mihari
 
           desc "Get a rule", {
             success: Entities::Rule,
-            failure: [{ code: 404, message: "Not found", model: Entities::Message }],
+            failure: [{ code: 404, model: Entities::Message }],
             summary: "Get a rule"
           }
           params do
@@ -164,50 +163,48 @@ module Mihari
             result = RuleGetter.result(params[:id].to_s)
             return present(result.value!, with: Entities::Rule) if result.success?
 
-            failure = result.failure
-            case failure
+            case result.failure
             when ActiveRecord::RecordNotFound
               error!({ message: "ID:#{id} is not found" }, 404)
             end
-            raise failure
+            raise result.failure
           end
 
           desc "Run a rule", {
-            success: Entities::Message,
+            success: { code: 201, model: Entities::Message },
+            failure: [{ code: 404, model: Entities::Message }],
             summary: "Run a rule"
           }
           params do
             requires :id, type: String
           end
           get "/:id/run" do
+            status 201
+
             id = params[:id].to_s
             result = RuleRunner.result(id)
-            if result.success?
-              status 201
-              return present({ message: "ID:#{id}} ran successfully" }, with: Entities::Message)
-            end
+            return present({ message: "ID:#{id}} has been ran" }, with: Entities::Message) if result.success?
 
-            failure = result.failure
-            case failure
+            case result.failure
             when ActiveRecord::RecordNotFound
               error!({ message: "ID:#{id} is not found" }, 404)
             end
-            raise failure
+            raise result.failure
           end
 
           desc "Create a rule", {
-            success: Entities::Rule,
+            success: { code: 201, model: Entities::Rule },
+            failure: [{ code: 404, model: Entities::Message }],
             summary: "Create a rule"
           }
           params do
             requires :yaml, type: String, documentation: { param_type: "body" }
           end
           post "/" do
+            status 201
+
             result = RuleCreator.result(params[:yaml])
-            if result.success?
-              status 201
-              return present(result.value!.model, with: Entities::Rule)
-            end
+            return present(result.value!.model, with: Entities::Rule) if result.success?
 
             failure = result.failure
             case failure
@@ -220,7 +217,8 @@ module Mihari
           end
 
           desc "Update a rule", {
-            success: Entities::Rule,
+            success: { code: 201, model: Entities::Rule },
+            failure: [{ code: 404, model: Entities::Message }],
             summary: "Update a rule"
           }
           params do
@@ -228,12 +226,11 @@ module Mihari
             requires :yaml, type: String, documentation: { param_type: "body" }
           end
           put "/" do
+            status 201
+
             id = params[:id].to_s
             result = RuleUpdater.result(id: id, yaml: params[:yaml].to_s)
-            if result.success?
-              status 201
-              return present(result.value!.model, with: Entities::Rule)
-            end
+            return present(result.value!.model, with: Entities::Rule) if result.success?
 
             failure = result.failure
             case failure
@@ -248,27 +245,25 @@ module Mihari
           end
 
           desc "Delete a rule", {
-            success: Entities::Message,
-            failure: [{ code: 404, message: "Not found", model: Entities::Message }],
+            success: { code: 204, model: Entities::Message },
+            failure: [{ code: 404, model: Entities::Message }],
             summary: "Delete a rule"
           }
           params do
             requires :id, type: String
           end
           delete "/:id" do
+            status 204
+
             id = params[:id].to_s
             result = RuleDestroyer.result(id)
-            if result.success?
-              status 204
-              return present({ message: "ID:#{id} is deleted" }, with: Entities::Message)
-            end
+            return present({ message: "ID:#{id} is deleted" }, with: Entities::Message) if result.success?
 
-            failure = result.failure
-            case failure
+            case result.failure
             when ActiveRecord::RecordNotFound
               error!({ message: "ID:#{id} is not found" }, 404)
             end
-            raise failure
+            raise result.failure
           end
         end
       end

data/lib/mihari/web/endpoints/tags.rb

@@ -28,27 +28,25 @@ module Mihari
           end
 
           desc "Delete a tag", {
-            success: Entities::Message,
-            failure: [{ code: 404, message: "Not found", model: Entities::Message }],
+            success: { code: 204, model: Entities::Message },
+            failure: [{ code: 404, model: Entities::Message }],
             summary: "Delete a tag"
           }
           params do
             requires :id, type: Integer
           end
           delete "/:id" do
+            status 204
+
             id = params[:id].to_i
             result = TagDestroyer.result(id)
-            if result.success?
-              status 204
-              return present({ message: "" }, with: Entities::Message)
-            end
+            return present({ message: "" }, with: Entities::Message) if result.success?
 
-            failure = result.failure
-            case failure
+            case result.failure
             when ActiveRecord::RecordNotFound
               error!({ message: "ID:#{id} is not found" }, 404)
             end
-            raise failure
+            raise result.failure
           end
         end
       end

data/lib/mihari/web/middleware/connection_adapter.rb

@@ -7,16 +7,14 @@ module Mihari
       # DB connection adapter for Rack app
       #
       class ConnectionAdapter
+        attr_reader :app
+
         def initialize(app)
           @app = app
         end
 
         def call(env)
-          Mihari::Database.with_db_connection do
-            status, headers, body = @app.call(env)
-
-            [status, headers, body]
-          end
+          Mihari::Database.with_db_connection { app.call env }
         end
       end
     end

data/lib/mihari/web/middleware/error_notification_adapter.rb

@@ -7,6 +7,10 @@ module Mihari
       # Error notification adapter for Rack app
       #
       class ErrorNotificationAdapter
+        include Mihari::Mixins::UnwrapError
+
+        attr_reader :app
+
         def initialize(app)
           @app = app
         end
@@ -14,16 +18,16 @@ module Mihari
         def with_error_notification
           yield
         rescue StandardError => e
-          Mihari.logger.error e
+          unwrapped = unwrap_error(e)
+
+          Mihari.logger.error unwrapped
+          Sentry.capture_exception(unwrapped) if Sentry.initialized?
 
-          Sentry.capture_exception(e) if Sentry.initialized?
+          raise unwrapped
         end
 
         def call(env)
-          with_error_notification do
-            status, headers, body = @app.call(env)
-            [status, headers, body]
-          end
+          with_error_notification { app.call(env) }
         end
       end
     end