Add value validation for iocs #130
Conversation
There was a problem hiding this comment.
That's great, thanks a lot!
In the alembic migration script we need to add the IOC validation regex you set in post_init, otherwise on existing installation the post_init script will duplicate the entries as it will not detect them as existing. (create_safe checks an exact match on all specified fields).
You can either add it in the migration script, or we do. Let us know what you'd prefer.
Thanks again for the PR!
Cheers
|
Thanks for your feedback! I did not know that. I just tried adding them to the alembic migration script, however then it does not set them anymore in case the database is still empty. Does that mean I have to add them to both the alembic script and the create_safe method? Since that would mean quite some work to define everything twice |
Yes unfortunately in the way it's working you need to define it twice. Once for the instances upgrading, and once for the new instances. The issue is that alembic wasn't used from the start, so the alembic migrations are not defining the whole database and thus the post_init was/is needed. We can add them in the migration script if you want. In that case I'll merge now. Otherwise I'll wait for your update. |
|
Okay, no problem. If you can add them that would be great!
Op za 13 aug. 2022 08:16 schreef whitekernel ***@***.***>:
… Thanks for your feedback! I did not know that. I just tried adding them to
the alembic migration script, however then it does not set them anymore in
case the database is still empty. Does that mean I have to add them to both
the alembic script and the create_safe method? Since that would mean quite
some work to define everything twice
Yes unfortunately in the way it's working you need to define it twice.
Once for the instances upgrading, and once for the new instances. The issue
is that alembic wasn't used from the start, so the alembic migrations are
not defining the whole database and thus the post_init was/is needed.
We can add them in the migration script if you want. In that case I'll
merge now. Otherwise I'll wait for your update.
—
Reply to this email directly, view it on GitHub
<#130 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABIOQZH7ONY2JWE5X4ZGSGDVY633NANCNFSM55S4Y7OQ>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
|
Sure thing!
|
There was a problem hiding this comment.
@dfir-iris/devs - need to add migration of IOCs for existing IOCs - see #130 (review)
Currently the IoC values are allowing everything as value. However, it might be good to check that they match the value of the selected type. This PR implements this by adding a regex field to IocType, which will be checked during validation.
Currently I only added regex for the hashes, and the filename|hash types. But after this method is in place it is easy to add more regex values. If a user decides to add a custom type it also easy to add a regex, since it is expose to the UI as well.