Merge pull request #248 from intelowlproject/develop

5.0.0

Author: mlodic

Diff for: .github/CHANGELOG.md

@@ -1,5 +1,8 @@
 # Changelog
 
+## [5.0.0](https://github.com/intelowlproject/pyintelowl/releases/tag/5.0.0)
+- Fixes for Playbook Analysis
+
 ## [4.4.7](https://github.com/intelowlproject/pyintelowl/releases/tag/4.4.7)
 - Fixed Running Playbook without TLP set
 

Diff for: docs/conf.py

@@ -13,7 +13,7 @@
 import os
 import sys
 
-VERSION = "4.4.7"
+VERSION = "5.0.0"
 GITHUB_URL = "https://github.com/intelowlproject/pyintelowl"
 
 sys.path.append(os.path.abspath("../"))

Diff for: pyintelowl/cli/_jobs_utils.py

@@ -59,7 +59,7 @@ def _render_job_reports_table(rows, title: str, verbose=False):
         ]
         if verbose:
             for field in ["report", "errors", "runtime_configuration"]:
-                cols.append(get_json_syntax(el[field]) if el[field] else None)
+                cols.append(get_json_syntax(el[field]) if el.get(field, "") else None)
         table.add_row(*cols)
     return table
 

Diff for: pyintelowl/cli/analyse.py

@@ -80,19 +80,8 @@
 # doing it twice to remove --analyzers-list and --connectors-list
 __playbook_analyse_options.pop(0)
 __playbook_analyse_options.pop(0)
-
-__playbook_analyse_options.append(
-    click.option(
-        "-pl",
-        "--playbooks-list",
-        type=str,
-        default="",
-        help="""
-        Comma separated list of playbook names to invoke.
-        Defaults to all configured playbooks.
-        """,
-    ),
-)
+__playbook_analyse_options.pop(3)
+__playbook_analyse_options.pop(2)
 
 
 @click.group("analyse")
@@ -184,57 +173,53 @@ def file(
 
 @analyse.command(help="Send playbook analysis request for an observable")
 @click.argument("value")
+@click.argument("playbook")
 @add_options(__playbook_analyse_options)
 @click.pass_context
 def playbook_observable(
     ctx: ClickContext,
     value: str,
-    playbooks_list: str,
+    playbook: str,
     tags_list: str,
     tlp: str,
-    check,
-    check_minutes_ago: int,
     runtime_config,
     should_poll: bool,
 ):
-    playbooks_list = playbooks_list.split(",") if len(playbooks_list) else []
     tags_labels = tags_list.split(",") if len(tags_list) else []
     if runtime_config:
         runtime_config = get_json_data(runtime_config)
     else:
         runtime_config = {}
     try:
+        print("here")
         ctx.obj._new_analysis_playbook_cli(
             value,
             "observable",
-            check,
+            playbook,
             tlp,
-            playbooks_list,
             runtime_config,
             tags_labels,
             should_poll,
-            check_minutes_ago,
         )
+        print("here3")
     except IntelOwlClientException as e:
         ctx.obj.logger.fatal(str(e))
 
 
 @analyse.command(help="Send playbook analysis request for an observable")
 @click.argument("filepath", type=click.Path(exists=True, resolve_path=True))
+@click.argument("playbook")
 @add_options(__playbook_analyse_options)
 @click.pass_context
 def playbook_file(
     ctx: ClickContext,
     filepath: str,
-    playbooks_list: str,
+    playbook: str,
     tags_list: str,
     tlp: str,
-    check,
-    check_minutes_ago: int,
     runtime_config,
     should_poll: bool,
 ):
-    playbooks_list = playbooks_list.split(",") if len(playbooks_list) else []
     tags_labels = tags_list.split(",") if len(tags_list) else []
     if runtime_config:
         runtime_config = get_json_data(runtime_config)
@@ -244,13 +229,11 @@ def playbook_file(
         ctx.obj._new_analysis_playbook_cli(
             filepath,
             "file",
-            check,
+            playbook,
             tlp,
-            playbooks_list,
             runtime_config,
             tags_labels,
             should_poll,
-            check_minutes_ago,
         )
     except IntelOwlClientException as e:
         ctx.obj.logger.fatal(str(e))

Diff for: pyintelowl/pyintelowl.py

@@ -213,8 +213,8 @@ def send_file_analysis_playbook_request(
         self,
         filename: str,
         binary: bytes,
-        tlp: TLPType = None,
-        playbooks_requested: List[str] = None,
+        playbook_requested: str,
+        tlp: TLPType = "CLEAR",
         runtime_configuration: Dict = None,
         tags_labels: List[str] = None,
     ) -> Dict:
@@ -227,9 +227,7 @@ def send_file_analysis_playbook_request(
                 Filename
             binary (bytes):
                 File contents as bytes
-            playbooks_requested (List[str], optional):
-                List of specific playbooks to invoke.
-                Defaults to ``[]`` i.e. all playbooks.
+            playbook_requested (str, optional):
             tlp (str, optional):
                 TLP for the analysis.
                 (options: ``WHITE, GREEN, AMBER, RED``).
@@ -245,14 +243,12 @@ def send_file_analysis_playbook_request(
             Dict: JSON body
         """
         try:
-            if not playbooks_requested:
-                playbooks_requested = []
             if not tags_labels:
                 tags_labels = []
             if not runtime_configuration:
                 runtime_configuration = {}
             data = {
-                "playbooks_requested": playbooks_requested,
+                "playbook_requested": playbook_requested,
                 "tags_labels": tags_labels,
             }
             # send this value only if populated,
@@ -357,8 +353,8 @@ def send_observable_analysis_request(
     def send_observable_analysis_playbook_request(
         self,
         observable_name: str,
-        tlp: TLPType = None,
-        playbooks_requested: List[str] = None,
+        playbook_requested: str,
+        tlp: TLPType = "CLEAR",
         runtime_configuration: Dict = None,
         tags_labels: List[str] = None,
         observable_classification: str = None,
@@ -369,9 +365,7 @@ def send_observable_analysis_playbook_request(
         Args:
             observable_name (str):
                 Observable value
-            playbooks_requested (List[str], optional):
-                List of specific playbooks to invoke.
-                Defaults to ``[]`` i.e. all playbooks.
+            playbook_requested str:
             tlp (str, optional):
                 TLP for the analysis.
                 (options: ``WHITE, GREEN, AMBER, RED``).
@@ -392,8 +386,6 @@ def send_observable_analysis_playbook_request(
             Dict: JSON body
         """
         try:
-            if not playbooks_requested:
-                playbooks_requested = []
             if not tags_labels:
                 tags_labels = []
             if not runtime_configuration:
@@ -415,7 +407,7 @@ def send_observable_analysis_playbook_request(
                 )
             data = {
                 "observables": [[observable_classification, observable_name]],
-                "playbooks_requested": playbooks_requested,
+                "playbook_requested": playbook_requested,
                 "tags_labels": tags_labels,
                 "runtime_configuration": runtime_configuration,
             }
@@ -777,32 +769,24 @@ def _new_analysis_playbook_cli(
         self,
         obj: str,
         type_: str,
-        check,
+        playbook: str,
         tlp: TLPType = None,
-        playbooks_list: List[str] = None,
         runtime_configuration: Dict = None,
         tags_labels: List[str] = None,
         should_poll: bool = False,
-        minutes_ago: int = None,
     ) -> None:
         """
         For internal use by the pyintelowl CLI.
         """
-        if not playbooks_list:
-            playbooks_list = []
         if not runtime_configuration:
             runtime_configuration = {}
         if not tags_labels:
             tags_labels = []
 
-        if len(playbooks_list) == 0:
-            print(("No Playbooks selected!\n"))
-            return
-
         self.logger.info(
             f"""Requesting analysis..
             {type_}: [blue]{obj}[/]
-            playbooks: [i green]{playbooks_list}[/]
+            playbook: [i green]{playbook}[/]
             tags: [i green]{tags_labels}[/]
             """
         )
@@ -811,8 +795,8 @@ def _new_analysis_playbook_cli(
         if type_ == "observable":
             resp = self.send_observable_analysis_playbook_request(
                 observable_name=obj,
+                playbook_requested=playbook,
                 tlp=tlp,
-                playbooks_requested=playbooks_list,
                 runtime_configuration=runtime_configuration,
                 tags_labels=tags_labels,
             )
@@ -821,8 +805,8 @@ def _new_analysis_playbook_cli(
             resp = self.send_file_analysis_playbook_request(
                 filename=path.name,
                 binary=path.read_bytes(),
+                playbook_requested=playbook,
                 tlp=tlp,
-                playbooks_requested=playbooks_list,
                 runtime_configuration=runtime_configuration,
                 tags_labels=tags_labels,
             )

Diff for: pyintelowl/version.py

@@ -1 +1 @@
-__version__ = "4.4.7"
+__version__ = "5.0.0"

Diff for: tests/test_general.py

@@ -185,10 +185,10 @@ def test_send_file_analysis_request_failure(self, mocked_requests):
     def test_send_observable_playbook_analysis_request(self, mocked_requests):
         observable_name = self.domain
         runtime_config = {"test_key": "test_param"}
-        playbooks_requested = ["TEST_PLAYBOOK"]
+        playbook_requested = "TEST_PLAYBOOK"
         result = self.client.send_observable_analysis_playbook_request(
             observable_name,
-            playbooks_requested=playbooks_requested,
+            playbook_requested=playbook_requested,
             runtime_configuration=runtime_config,
         )
 
@@ -202,14 +202,14 @@ def test_send_observable_playbook_analysis_request(self, mocked_requests):
         )
     )
     def test_send_file_playbook_analysis_request(self, mocked_requests):
-        playbooks_requested = ["TEST_PLAYBOOK"]
+        playbook_requested = "TEST_PLAYBOOK"
         filename = self.filepath
         binary = get_file_data(self.filepath)
         runtime_config = {"test_key": "test_param"}
         result = self.client.send_file_analysis_playbook_request(
             filename,
             binary,
-            playbooks_requested=playbooks_requested,
+            playbook_requested=playbook_requested,
             runtime_configuration=runtime_config,
         )