InQuest · dcuellar322 · Apr 4, 2024 · May 1, 2024 · May 16, 2024
diff --git a/app/routes/cfg_category_range_mapping.py b/app/routes/cfg_category_range_mapping.py
@@ -74,6 +74,7 @@ def update_cfg_category_range_mapping(id):
 
 
 def update_cfg_category_range_mapping_current(id, current):
+    db.session.rollback()
     entity = cfg_category_range_mapping.CfgCategoryRangeMapping.query.get(id)
     if not entity:
         return
@@ -86,7 +87,11 @@ def update_cfg_category_range_mapping_current(id, current):
         id=id
     )
     db.session.merge(entity)
-    db.session.commit()
+    try:
+        db.session.commit()
+    except:
+        db.session.rollback()
+        raise
     return
 
 

diff --git a/app/routes/yara_rules.py b/app/routes/yara_rules.py
@@ -116,7 +116,11 @@ def merge_signatures():
         yr.description = description.strip('"')
         yr.revision = 1
         db.session.add(yr)
-        db.session.commit()
+        try:
+            db.session.commit()
+        except:
+            db.session.rollback()
+            raise
         return jsonify(yr.to_dict()), 201
 
 
@@ -139,7 +143,11 @@ def merge_signatures_by_id():
     merged_state = "Merged"
     if not cfg_states.Cfg_states.query.filter_by(state=merged_state).first():
         db.session.add(cfg_states.Cfg_states(state=merged_state))
-        db.session.commit()
+        try:
+            db.session.commit()
+        except:
+            db.session.rollback()
+            raise
 
     merge_from_yr.state = merged_state
     db.session.add(merge_from_yr)
@@ -154,7 +162,11 @@ def merge_signatures_by_id():
     db.session.add(
         comments.Comments(comment=merged_from_comment, entity_type=ENTITY_MAPPING["SIGNATURE"],
                           entity_id=merge_to_yr.id, user_id=current_user.id))
-    db.session.commit()
+    try:
+        db.session.commit()
+    except:
+        db.session.rollback()
+        raise
 
     delete_bookmarks(ENTITY_MAPPING["SIGNATURE"], merge_from_id, current_user.id)
 
@@ -200,7 +212,6 @@ def get_all_yara_rules():
     include_tags = bool(distutils.util.strtobool(request.args.get('include_tags', "true")))
     include_comments = bool(distutils.util.strtobool(request.args.get('include_comments', "true")))
 
-
     if include_yara_string:
         include_yara_string = True
 
@@ -391,7 +402,11 @@ def create_yara_rule():
         entity.state = draft_state.state
 
     db.session.add(entity)
-    db.session.commit()
+    try:
+        db.session.commit()
+    except:
+        db.session.rollback()
+        raise
 
     entity.tags = create_tags_mapping(entity.__tablename__, entity.id, request.json['tags'])
 
@@ -424,15 +439,23 @@ def create_yara_rule():
             dirty = True
 
     if dirty:
-        db.session.commit()
+        try:
+            db.session.commit()
+        except:
+            db.session.rollback()
+            raise
 
     db.session.add(yara_rule.Yara_rule_history(date_created=datetime.datetime.now(),
                                                revision=entity.revision,
                                                rule_json=json.dumps(entity.to_revision_dict()),
                                                user_id=current_user.id,
                                                yara_rule_id=entity.id,
                                                state=entity.state))
-    db.session.commit()
+    try:
+        db.session.commit()
+    except:
+        db.session.rollback()
+        raise
     return jsonify(entity.to_dict()), 201
 
 
@@ -443,7 +466,11 @@ def activate_yara_rule(id):
     entity = yara_rule.Yara_rule.query.get(id)
     entity.active = 1
     db.session.merge(entity)
-    db.session.commit()
+    try:
+        db.session.commit()
+    except:
+        db.session.rollback()
+        raise
     return jsonify(entity.to_dict()), 201
 
 @app.route('/ThreatKB/yara_rules/<int:id>', methods=['PUT'])
@@ -514,7 +541,7 @@ def update_yara_rule(id):
         description=request.json.get("description", None),
         references=request.json.get("references", None),
         category=request.json['category']['category'] if request.json['category'] and 'category' in request
-            .json['category'] else request.json['category'],
+        .json['category'] else request.json['category'],
         condition=yara_rule.Yara_rule.make_yara_sane(request.json["condition"], "condition:"),
         strings=yara_rule.Yara_rule.make_yara_sane(request.json["strings"], "strings:"),
         eventid=temp_sig_id,
@@ -524,7 +551,7 @@ def update_yara_rule(id):
         modified_user_id=current_user.id,
         last_revision_date=datetime.datetime.now(),
         owner_user_id=request.json['owner_user']['id'] if request.json.get("owner_user", None) and request
-            .json["owner_user"].get("id", None) else None,
+        .json["owner_user"].get("id", None) else None,
         revision=entity.revision if do_not_bump_revision else entity.revision + 1,
         imports=yara_rule.Yara_rule.get_imports_from_string(request.json.get("imports", None)),
         active=request.json.get("active", entity.active)
@@ -551,15 +578,23 @@ def update_yara_rule(id):
     if old_state == release_state.state and entity.state == release_state.state and not do_not_bump_revision:
         entity.state = draft_state.state
 
+    if get_new_sig_id:
+        update_cfg_category_range_mapping_current(request.json['category']['id'], temp_sig_id)
+
     db.session.merge(entity)
-    db.session.commit()
+    try:
+        db.session.commit()
+    except:
+        db.session.rollback()
+        raise
 
     dirty = False
     for name, value_dict in request.json.get("metadata_values", {}).items():
         if not name or not value_dict:
             continue
 
-        m = db.session.query(MetadataMapping, Metadata).join(Metadata, Metadata.id == MetadataMapping.metadata_id).filter(
+        m = db.session.query(MetadataMapping, Metadata).join(Metadata,
+                                                             Metadata.id == MetadataMapping.metadata_id).filter(
             Metadata.key == name).filter(Metadata.artifact_type == ENTITY_MAPPING["SIGNATURE"]).filter(
             MetadataMapping.artifact_id == entity.id).first()
         if m and m[0]:
@@ -569,12 +604,17 @@ def update_yara_rule(id):
         else:
             m = db.session.query(Metadata).filter(Metadata.key == name).filter(
                 Metadata.artifact_type == ENTITY_MAPPING["SIGNATURE"]).first()
-            db.session.add(MetadataMapping(value=value_dict["value"] if m.required else value_dict.get("value", None), metadata_id=m.id, artifact_id=entity.id,
+            db.session.add(MetadataMapping(value=value_dict["value"] if m.required else value_dict.get("value", None),
+                                           metadata_id=m.id, artifact_id=entity.id,
                                            created_user_id=current_user.id))
             dirty = True
 
     if dirty:
-        db.session.commit()
+        try:
+            db.session.commit()
+        except:
+            db.session.rollback()
+            raise
 
     # THIS IS UGLY. FIGURE OUT WHY MERGE ISN'T WORKING
     entity = yara_rule.Yara_rule.query.get(entity.id)
@@ -586,9 +626,6 @@ def update_yara_rule(id):
                                                    yara_rule_id=entity.id,
                                                    state=entity.state))
 
-    if get_new_sig_id:
-        update_cfg_category_range_mapping_current(request.json['category']['id'], temp_sig_id)
-
     current_tags = get_tags_for_source(entity.__tablename__, entity.id)
     new_tags = request.json['tags']
     tags_to_delete, tags_to_create = [c_tag for c_tag in current_tags if c_tag not in new_tags], [n_tag for n_tag in
@@ -639,7 +676,11 @@ def delete_yara_rule(id):
             abort(403)
 
         db.session.merge(entity)
-        db.session.commit()
+        try:
+            db.session.commit()
+        except:
+            db.session.rollback()
+            raise
 
         # delete_tags_mapping(entity.__tablename__, entity.id)
         delete_bookmarks(ENTITY_MAPPING["SIGNATURE"], id, current_user.id)
@@ -650,7 +691,11 @@ def delete_yara_rule(id):
         db.session.query(yara_rule.Yara_rule_history).filter(
             yara_rule.Yara_rule_history.yara_rule_id.in_([entity.id])).delete(synchronize_session='fetch')
         db.session.delete(entity)
-        db.session.commit()
+        try:
+            db.session.commit()
+        except:
+            db.session.rollback()
+            raise
 
         delete_bookmarks(ENTITY_MAPPING["SIGNATURE"], id, current_user.id)
 
@@ -684,7 +729,7 @@ def copy_yara_rules():
     Return: yara strings for copy"""
 
     signatures = []
-    if 'copy' in request.json and request.json['copy']\
+    if 'copy' in request.json and request.json['copy'] \
             and 'ids' in request.json['copy'] and request.json['copy']['ids']:
         for sig_id in request.json['copy']['ids']:
             sig = yara_rule.Yara_rule.query.get(sig_id)
@@ -709,5 +754,9 @@ def delete_all_inactive_yara_rules():
     db.session.query(yara_rule.Yara_rule_history).filter(
         yara_rule.Yara_rule_history.yara_rule_id.in_(rules_to_delete_ids)).delete(synchronize_session='fetch')
     db.session.query(yara_rule.Yara_rule).filter(yara_rule.Yara_rule.active == 0).delete()
-    db.session.commit()
+    try:
+        db.session.commit()
+    except:
+        db.session.rollback()
+        raise
     return jsonify(''), 200
diff --git a/app/static/js/c2dns/c2dns-controller.js b/app/static/js/c2dns/c2dns-controller.js
@@ -121,6 +121,10 @@ angular.module('ThreatKB')
                 sort_dir: null
             };
 
+            $scope.customTooltip = function (row,col,value) {
+                return value.map(u => u.text).join(', ');
+            }
+
             $scope.gridOptions = {
                 paginationPageSizes: [25, 50, 75, 100],
                 paginationPageSize: 25,
@@ -255,7 +259,8 @@ angular.module('ThreatKB')
                             displayName: 'Tags',
                             width: '180',
                             enableSorting: false,
-                            cellTemplate: '<ul class="gridTags" append-to-body="true" ng-model="row.entity.tags">'
+                            cellTemplate: '<div class="gridTags" title="{{grid.appScope.customTooltip(row,col,COL_FIELD)}}">'
+                                + '<ul class="gridTags" append-to-body="true" ng-model="row.entity.tags">'
                                 + '<li ng-repeat="tag in (row.entity.tags | filter: $select.search) track by tag.id">'
                                 + '<small>{{tag.text}}</small>'
                                 + '</li>'

diff --git a/app/static/js/c2ip/c2ip-controller.js b/app/static/js/c2ip/c2ip-controller.js
@@ -121,6 +121,9 @@ angular.module('ThreatKB')
                 sort_dir: null
             };
 
+            $scope.customTooltip = function (row,col,value) {
+                return value.map(u => u.text).join(', ');
+            }
             $scope.gridOptions = {
                 paginationPageSizes: [25, 50, 75, 100],
                 paginationPageSize: 25,
@@ -257,7 +260,8 @@ angular.module('ThreatKB')
                             displayName: 'Tags',
                             width: '180',
                             enableSorting: false,
-                            cellTemplate: '<ul class="gridTags" append-to-body="true" ng-model="row.entity.tags">'
+                            cellTemplate: '<div class="gridTags" title="{{grid.appScope.customTooltip(row,col,COL_FIELD)}}">'
+                                + '<ul class="gridTags" append-to-body="true" ng-model="row.entity.tags">'
                                 + '<li ng-repeat="tag in (row.entity.tags | filter: $select.search) track by tag.id">'
                                 + '<small>{{tag.text}}</small>'
                                 + '</li>'

diff --git a/app/static/js/yara_rule/yara_rule-controller.js b/app/static/js/yara_rule/yara_rule-controller.js
@@ -125,6 +125,10 @@ angular.module('ThreatKB')
                 sort_dir: null
             };
 
+            $scope.customTooltip = function (row,col,value) {
+                return value.map(u => u.text).join(', ');
+            }
+
             $scope.gridOptions = {
                 paginationPageSizes: [25, 50, 75, 100],
                 paginationPageSize: 25,
@@ -214,18 +218,22 @@ angular.module('ThreatKB')
                             enableSorting: true
                         },
                         {
-                            field: 'creation_date',
-                            displayName: "Created Date",
+                            field: 'metadata_values',
+                            displayName: 'Severity',
+                            width: '90',
                             enableSorting: true,
-                            width: '150',
-                            cellFilter: 'date:\'yyyy-MM-dd HH:mm:ss\''
+                            cellTemplate: '<div ng-model="row.entity.metadata_values" style="text-align: center;">'
+                                + '<span ng-bind="row.entity.metadata_values.Severity.value"></span>'
+                                + '</div>'
                         },
                         {
-                            field: 'last_revision_date',
-                            displayName: "Revision Date",
+                            field: 'metadata_values',
+                            displayName: 'Confidence',
+                            width: '115',
                             enableSorting: true,
-                            width: '150',
-                            cellFilter: 'date:\'yyyy-MM-dd HH:mm:ss\''
+                            cellTemplate: '<div ng-model="row.entity.metadata_values" style="text-align: center;">'
+                                + '<span ng-bind="row.entity.metadata_values.Confidence.value"></span>'
+                                + '</div>'
                         },
                         {
                             field: 'category',
@@ -269,15 +277,30 @@ angular.module('ThreatKB')
                         {
                             field: 'tags',
                             displayName: 'Tags',
-                            width: '180',
+                            width: '160',
                             enableSorting: false,
-                            cellTemplate: '<ul class="gridTags" append-to-body="true" ng-model="row.entity.tags">'
+                            cellTemplate: '<div class="gridTags" title="{{grid.appScope.customTooltip(row,col,COL_FIELD)}}">'
+                                + '<ul class="gridTags" append-to-body="true" ng-model="row.entity.tags">'
                                 + '<li ng-repeat="tag in (row.entity.tags | filter: $select.search) track by tag.id">'
                                 + '<small>{{tag.text}}</small>'
                                 + '</li>'
                                 + '</ul>'
                                 + '</div>'
                         },
+                        {
+                            field: 'creation_date',
+                            displayName: "Created Date",
+                            enableSorting: true,
+                            width: '150',
+                            cellFilter: 'date:\'yyyy-MM-dd HH:mm:ss\''
+                        },
+                        {
+                            field: 'last_revision_date',
+                            displayName: "Revision Date",
+                            enableSorting: true,
+                            width: '150',
+                            cellFilter: 'date:\'yyyy-MM-dd HH:mm:ss\''
+                        },
                         {
                             name: 'Actions',
                             width: '180',
@@ -345,7 +368,7 @@ angular.module('ThreatKB')
                     url += '&page_size=' + paginationOptions.pageSize;
                     url += '&include_yara_string=0';
                     url += '&short=1';
-                    url += '&include_metadata=0';
+                    url += '&include_metadata=1';
                     url += '&view=' + $scope.view_selected;
 
                     switch (paginationOptions.sort_dir) {
@@ -566,7 +589,8 @@ angular.module('ThreatKB')
                     "tags": [],
                     "comments": [],
                     "files": [],
-                    "imports": ""
+                    "imports": "",
+                    "severity": ""
                 };
             };
 

diff --git a/app/static/views/c2dns/c2dns.html b/app/static/views/c2dns/c2dns.html
@@ -610,12 +610,9 @@ <h4 class="modal-title" id="myC2dnsLabel" style="float: left;">
         .gridTags {
             padding: 0;
             width: 180px;
-            height: 2em;
+            overflow: auto !important;
+            height: 100% !important;
             line-height: 1em;
-            text-overflow: ellipsis;
-            word-break: break-all;
-            overflow: hidden;
-            white-space: nowrap;
         }
 
         .gridTags:hover {