remove tlp endpoints #68

muchdogesec · Jan 6, 2025 · 13e29e7 · 13e29e7
1 parent 2909864
commit 13e29e7
Show file tree

Hide file tree

Showing 7 changed files with 21 additions and 161 deletions.
diff --git a/ctibutler/server/migrations/0002_alter_job_type.py b/ctibutler/server/migrations/0002_alter_job_type.py
@@ -0,0 +1,18 @@
+# Generated by Django 5.1.4 on 2025-01-06 15:43
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('server', '0001_initial'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='job',
+            name='type',
+            field=models.CharField(choices=[('attack-update', 'Attack Update'), ('cwe-update', 'Cwe Update'), ('capec-update', 'Capec Update'), ('arango-cti-processor', 'Cti Processor'), ('atlas-update', 'Atlas Update'), ('location-update', 'Location Update'), ('disarm-update', 'Disarm Update')], max_length=64),
+        ),
+    ]
diff --git a/ctibutler/server/models.py b/ctibutler/server/models.py
@@ -17,7 +17,6 @@ class JobType(models.TextChoices):
     CTI_PROCESSOR   = "arango-cti-processor"
     ATLAS_UPDATE    = "atlas-update"
     LOCATION_UPDATE = "location-update"
-    TLP_UPDATE      = "tlp-update"
     DISARM_UPDATE   = "disarm-update"
 
 class Job(models.Model):

diff --git a/ctibutler/server/views.py b/ctibutler/server/views.py
@@ -2,7 +2,7 @@
 from django.shortcuts import render
 from rest_framework import viewsets, filters, status, decorators
 
-from ctibutler.server.arango_helpers import ATLAS_TYPES, CVE_SORT_FIELDS, DISARM_TYPES, LOCATION_TYPES, TLP_TYPES, ArangoDBHelper, ATTACK_TYPES, CWE_TYPES, SOFTWARE_TYPES, CAPEC_TYPES, LOCATION_SUBTYPES
+from ctibutler.server.arango_helpers import ATLAS_TYPES, CVE_SORT_FIELDS, DISARM_TYPES, LOCATION_TYPES, ArangoDBHelper, ATTACK_TYPES, CWE_TYPES, SOFTWARE_TYPES, CAPEC_TYPES, LOCATION_SUBTYPES
 from ctibutler.server.autoschema import DEFAULT_400_ERROR, DEFAULT_404_ERROR
 from ctibutler.server.utils import Pagination, Response, Ordering, split_mitre_version
 from ctibutler.worker.tasks import new_task
@@ -1013,155 +1013,6 @@ def object_versions(self, request, *args, stix_id=None, **kwargs):
         return ArangoDBHelper(self.arango_collection, request).get_modified_versions(stix_id)
 
 
-@extend_schema_view(
-    create=extend_schema(
-        responses={
-                    201: OpenApiResponse(
-                        serializers.JobSerializer,
-                        examples=[
-                            OpenApiExample(
-                                "",
-                                value={
-                                    "id": "30f548ef-adfc-4ca4-9352-5ba6525f71c9",
-                                    "type": "tlp-update",
-                                    "state": "pending",
-                                    "errors": [],
-                                    "run_datetime": "2024-10-25T10:39:55.956831Z",
-                                    "completion_time": "2024-10-25T10:40:04.977128Z",
-                                    "parameters": {
-                                        "version": "1"
-                                    }
-                                },
-                            )
-                        ],
-                    ), 400: DEFAULT_400_ERROR
-                },
-        request=serializers.MitreTaskSerializer,
-        summary="Download TLP objects",
-        description=textwrap.dedent(
-            """
-            Use this data to update TLP records.
-
-            The following key/values are accepted in the body of the request:
-
-            * `version` (required): the version of TLP you want to download, value is either `1` or `2`. [Currently available versions can be viewed here](https://github.com/muchdogesec/stix2arango/blob/main/utilities/arango_cti_processor/insert_archive_tlp.py#L7).
-            * `ignore_embedded_relationships` (optional - default: `false`): Most objects contains embedded relationships inside them (e.g. `created_by_ref`). Setting this to `false` (recommended) will get stix2arango to generate SROs for these embedded relationships so they can be searched. `true` will ignore them.
-
-            The data for updates is requested from `https://downloads.ctibutler.com` (managed by the [DOGESEC](https://www.dogesec.com/) team).
-            """
-        ),
-    ),
-    list_objects=extend_schema(
-        summary='Get TLP objects',
-        description=textwrap.dedent(
-            """
-            Search and filter TLP results. This endpoint will return `marking-definition` objects.
-            """
-        ),
-        filters=True,
-        responses={200: serializers.StixObjectsSerializer(many=True), 400: DEFAULT_400_ERROR},
-    ),
-    retrieve_objects=extend_schema(
-        summary='Get a TLP object',
-        description=textwrap.dedent(
-            """
-            Get an TLP object by its STIX ID. To search and filter TLP objects to get an ID use the GET Objects endpoint.
-            """
-        ),
-        filters=False,
-        responses={200: serializers.StixObjectsSerializer(many=True), 400: DEFAULT_400_ERROR},
-    ),
-    object_versions=extend_schema(
-        summary="See available TLP versions for TLP STIX ID",
-        description=textwrap.dedent(
-            """
-            See all imported versions available to use.
-            """
-        ),
-    ),
-    retrieve_object_relationships=extend_schema(
-        summary='Get all Relationships linked to the TLP object',
-        description=textwrap.dedent(
-            """
-            This endpoint will return all the STIX `relationship` objects where the TLP object is found as a `source_ref` or a `target_ref`. Note, at present this endpoint only considers embedded relationships and not relationships to other knowledgebases as thousands of relationships might exists (e.g. TLP GREEN is used extensively) thus does not make sense to return all these objects using this endpoint).
-            """
-        ),
-        filters=False,
-        responses={200: serializers.StixObjectsSerializer(many=True), 400: DEFAULT_400_ERROR},
-        parameters=ArangoDBHelper.get_relationship_schema_operation_parameters(),
-    )
-)  
-class TLPView(viewsets.ViewSet):
-    openapi_tags = ["TLP"]
-    lookup_url_kwarg = 'stix_id'
-    openapi_path_params = [
-        OpenApiParameter('stix_id', type=OpenApiTypes.STR, location=OpenApiParameter.PATH, description='The STIX ID (e.g. `marking-definition--94868c89-83c2-464b-929b-a1a8aa3c8487`, `marking-definition--bab4a63c-aed9-4cf5-a766-dfca5abac2bb`)'),
-    ]
-
-    filter_backends = [DjangoFilterBackend]
-
-    serializer_class = serializers.StixObjectsSerializer(many=True)
-    pagination_class = Pagination("objects")
-    arango_collection = "tlp_vertex_collection"
-
-    class filterset_class(FilterSet):
-        id = BaseCSVFilter(help_text='Filter the results using the STIX ID of an object. e.g. `marking-definition--94868c89-83c2-464b-929b-a1a8aa3c8487`, `marking-definition--bab4a63c-aed9-4cf5-a766-dfca5abac2bb`.')
-        name = CharFilter(help_text='Filter the results by the `name` property of the object. e.g `clear`, `amber`.')
-
-    def create(self, request, *args, **kwargs):
-        serializer = serializers.MitreTaskSerializer(data=request.data)
-        serializer.is_valid(raise_exception=True)
-        data = serializer.data.copy()
-        job = new_task(data, models.JobType.TLP_UPDATE)
-        job_s = serializers.JobSerializer(instance=job)
-        return Response(job_s.data, status=status.HTTP_201_CREATED)
-
-
-    @decorators.action(methods=['GET'], url_path="objects", detail=False)
-    def list_objects(self, request, *args, **kwargs):
-        return ArangoDBHelper(self.arango_collection, request).get_weakness_or_capec_objects(types=TLP_TYPES)
-
-    @extend_schema(
-            parameters=[
-                OpenApiParameter('tlp_version', description="Filter the results by the version of TLP")
-            ],
-    )
-    @decorators.action(methods=['GET'], url_path="objects/<str:stix_id>", detail=False)
-    def retrieve_objects(self, request, *args, stix_id=None, **kwargs):
-        return ArangoDBHelper(self.arango_collection, request).get_object(stix_id, version_param='tlp_version')
-
-
-
-    @extend_schema(
-            parameters=[
-                OpenApiParameter('tlp_version', description="Filter the results by the version of TLP")
-            ],
-    )
-    @decorators.action(methods=['GET'], url_path="objects/<str:stix_id>/relationships", detail=False)
-    def retrieve_object_relationships(self, request, *args, stix_id=None, **kwargs):
-        return ArangoDBHelper(self.arango_collection, request).get_object(stix_id, relationship_mode=True, version_param='tlp_version')
-
-    @extend_schema(
-        summary="See available TLP versions",
-        description=textwrap.dedent(
-            """
-            It is possible to import multiple versions of TLP using the POST TLP endpoint. By default, all endpoints will only return the latest version of TLP objects (which generally suits most use-cases).
-
-            This endpoint allows you to see all imported versions of TLP available to use, and which version is the latest (the default version for the objects returned).
-            """
-            ),
-        )
-    @decorators.action(detail=False, methods=["GET"], serializer_class=serializers.MitreVersionsSerializer)
-    def versions(self, request, *args, **kwargs):
-        return ArangoDBHelper(self.arango_collection, request).get_mitre_versions()
-
-    @extend_schema(filters=False)
-    @decorators.action(methods=['GET'], url_path="objects/<str:stix_id>/versions", detail=False, serializer_class=serializers.MitreObjectVersions(many=True), pagination_class=None)
-    def object_versions(self, request, *args, stix_id=None, **kwargs):
-        return ArangoDBHelper(self.arango_collection, request).get_modified_versions(stix_id)
-
-
-
 @extend_schema_view(
     create=extend_schema(
         responses={

diff --git a/ctibutler/settings.py b/ctibutler/settings.py
@@ -183,7 +183,6 @@
         {"name": "DISARM", "description": "Manage and search MITRE DISARM objects."},
         {"name": "ATLAS", "description": "Manage and search MITRE ATLAS objects."},
         {"name": "Location", "description": "Manage and search Location objects."},
-        {"name": "TLP", "description": "Manage and search TLP objects."},
         {"name": "Objects", "description": "Explore all STIX Objects in the database."},
         {"name": "Arango CTI Processor", "description": "Trigger the generation of relationships between objects."},
         {"name": "Jobs", "description": "Search through Jobs triggered when downloading data and creating relationships."},
@@ -203,6 +202,5 @@
 ATTACK_ICS_BUCKET_ROOT_PATH = os.environ["ATTACK_ICS_BUCKET_ROOT_PATH"]
 ATLAS_BUCKET_ROOT_PATH = os.environ["ATLAS_BUCKET_ROOT_PATH"]
 LOCATION_BUCKET_ROOT_PATH = os.environ["LOCATION_BUCKET_ROOT_PATH"]
-TLP_BUCKET_ROOT_PATH = os.environ["TLP_BUCKET_ROOT_PATH"]
 DISARM_BUCKET_ROOT_PATH = os.environ["DISARM_BUCKET_ROOT_PATH"]
 
diff --git a/ctibutler/urls.py b/ctibutler/urls.py
@@ -30,9 +30,8 @@
 router.register("jobs", views.JobView, "jobs-view")
 # arango-cti-processor
 router.register("arango-cti-processor/<str:mode>", views.ACPView, "acp-view")
-# location/tlp
+# location
 router.register("location", views.LocationView, "location-view")
-router.register("tlp", views.TLPView, "tlp-view")
 
 # mitre
 ## mitre cwe/capec/atlas

diff --git a/ctibutler/worker/populate_dbs.py b/ctibutler/worker/populate_dbs.py
@@ -9,7 +9,7 @@
 from stix2arango.stix2arango import Stix2Arango
 
 
-collections_to_create = ['disarm', 'mitre_atlas', 'tlp', 'location', 'mitre_capec', 'mitre_attack_mobile', 'mitre_cwe', 'mitre_attack_ics', 'mitre_attack_enterprise']
+collections_to_create = ['disarm', 'mitre_atlas', 'location', 'mitre_capec', 'mitre_attack_mobile', 'mitre_cwe', 'mitre_attack_ics', 'mitre_attack_enterprise']
 
 def find_missing(collections_to_create):
     client = ArangoClient(settings.ARANGODB_HOST_URL)

diff --git a/ctibutler/worker/tasks.py b/ctibutler/worker/tasks.py
@@ -37,8 +37,6 @@ def create_celery_task_from_job(job: Job):
             task = run_mitre_task(data, job, 'location')
         case models.JobType.ATLAS_UPDATE:
             task = run_mitre_task(data, job, 'atlas')
-        case models.JobType.TLP_UPDATE:
-            task = run_mitre_task(data, job, 'tlp')
         case models.JobType.ATTACK_UPDATE:
             task = run_mitre_task(data, job, f'attack-{data["matrix"]}')
         case models.JobType.CWE_UPDATE:
@@ -91,9 +89,6 @@ def run_mitre_task(data, job: Job, mitre_type='cve'):
         case "atlas":
             url = urljoin(settings.ATLAS_BUCKET_ROOT_PATH, f"mitre-atlas-v{version}.json")
             collection_name = 'mitre_atlas'
-        case "tlp":
-            url = urljoin(settings.TLP_BUCKET_ROOT_PATH, f"tlpv{version}-bundle.json")
-            collection_name = 'tlp'
         case "location":
             url = urljoin(settings.LOCATION_BUCKET_ROOT_PATH, f"locations-bundle-{version}.json")
             collection_name = "location"