From 412b4318243954d6cd04206782d626c30e9b7d9d Mon Sep 17 00:00:00 2001
From: whikernel <whitekernel@whitekernel.fr>
Date: Sat, 8 Jan 2022 15:57:42 +0100
Subject: [PATCH] [#17][ADD] Addition and deletion of IOC types through API.
 Partially fixes #25

---
 .../manage/manage_assets_type_routes.py       |  2 +-
 .../manage/manage_ioc_types_routes.py         | 57 +++++++++++++++++--
 source/app/datamgmt/case/case_iocs_db.py      | 11 ++++
 3 files changed, 65 insertions(+), 5 deletions(-)

diff --git a/source/app/blueprints/manage/manage_assets_type_routes.py b/source/app/blueprints/manage/manage_assets_type_routes.py
index 00c9ce678..1af4f535a 100644
--- a/source/app/blueprints/manage/manage_assets_type_routes.py
+++ b/source/app/blueprints/manage/manage_assets_type_routes.py
@@ -126,7 +126,7 @@ def add_assets(caseid):
 
     track_activity("Added asset type {asset_name}".format(asset_name=asset.asset_name), caseid=caseid, ctx_less=True)
     # Return the assets
-    return response_success("Added successfully")
+    return response_success("Added successfully", data=asset)
 
 
 @manage_assets_blueprint.route('/manage/asset-type/delete/<int:cur_id>', methods=['GET'])
diff --git a/source/app/blueprints/manage/manage_ioc_types_routes.py b/source/app/blueprints/manage/manage_ioc_types_routes.py
index 7eae7fda6..70064b4f5 100644
--- a/source/app/blueprints/manage/manage_ioc_types_routes.py
+++ b/source/app/blueprints/manage/manage_ioc_types_routes.py
@@ -18,10 +18,14 @@
 #  along with this program; if not, write to the Free Software Foundation,
 #  Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 
-from flask import Blueprint
-from app.util import response_success
+from flask import Blueprint, request
 
-from app.datamgmt.case.case_iocs_db import get_ioc_types_list
+from app import db
+from app.iris_engine.utils.tracker import track_activity
+from app.models import IocType
+from app.util import response_success, api_admin_required, response_error
+
+from app.datamgmt.case.case_iocs_db import get_ioc_types_list, add_ioc_type
 from app.util import api_login_required
 
 manage_ioc_type_blueprint = Blueprint('manage_ioc_types',
@@ -34,6 +38,51 @@
 @api_login_required
 def list_ioc_types(caseid):
     lstatus = get_ioc_types_list()
+
     return response_success("", data=lstatus)
 
-# TODO : Add management of aioc types
+
+@manage_ioc_type_blueprint.route('/manage/ioc-type/add', methods=['POST'])
+@api_admin_required
+def add_ioc_type_api(caseid):
+    if not request.is_json:
+        return response_error("Invalid request")
+
+    ioc_type_name = request.json.get('type_name')
+    ioc_type_description = request.json.get('type_description')
+    ioc_taxonomy = request.json.get('type_taxonomy')
+
+    ioc_type = IocType.query.filter(IocType.type_name == ioc_type_name).first()
+    if ioc_type:
+        return response_error("An IOC type with this name already exists")
+
+    ioct = add_ioc_type(name=ioc_type_name,
+                        description=ioc_type_description,
+                        taxonomy=ioc_taxonomy)
+
+    track_activity("Added ioc type {ioc_type_name}".format(ioc_type_name=ioct.type_name), caseid=caseid, ctx_less=True)
+    # Return the assets
+    return response_success("Added successfully", data=ioct)
+
+
+@manage_ioc_type_blueprint.route('/manage/ioc-type/delete/<int:cur_id>', methods=['GET'])
+@api_admin_required
+def remove_ioc_type(cur_id, caseid):
+    if not request.is_json:
+        return response_error("Invalid request")
+
+    type_id = IocType.query.filter(
+        IocType.type_id == cur_id
+    ).first()
+
+    if type_id:
+        db.session.delete(type_id)
+        track_activity("Deleted ioc type ID {type_id}".format(type_id=cur_id), caseid=caseid, ctx_less=True)
+        return response_success("Deleted ioc type ID {type_id}".format(type_id=cur_id))
+
+    track_activity("Attempted to delete ioc type ID {type_id}, but was not found".format(type_id=cur_id),
+                    caseid=caseid, ctx_less=True)
+
+    return response_error("Attempted to delete ioc type ID {type_id}, but was not found".format(type_id=cur_id))
+
+
diff --git a/source/app/datamgmt/case/case_iocs_db.py b/source/app/datamgmt/case/case_iocs_db.py
index ab2b40993..b9181466e 100644
--- a/source/app/datamgmt/case/case_iocs_db.py
+++ b/source/app/datamgmt/case/case_iocs_db.py
@@ -197,6 +197,17 @@ def get_ioc_types_list():
     return l_types
 
 
+def add_ioc_type(name:str, description:str, taxonomy:str):
+    ioct = IocType(type_name=name,
+                   type_description=description,
+                   type_taxonomy=taxonomy
+                )
+
+    db.session.add(ioct)
+    db.session.commit()
+    return ioct
+
+
 def check_ioc_type_id(type_id: int):
     type_id = IocType.query.filter(
         IocType.type_id == type_id