From 800098540bd7b534702abc675e767bc6be8fd7e3 Mon Sep 17 00:00:00 2001
From: terrtia <or1994@hotmail.fr>
Date: Mon, 11 Mar 2024 15:33:30 +0100
Subject: [PATCH] chg: [correlation] description: get message content + don't
 show etag, cookie_name and hhash by default

---
 bin/lib/ail_core.py                                 | 8 ++++++++
 bin/lib/objects/Images.py                           | 5 ++++-
 bin/lib/objects/ail_objects.py                      | 9 ++++++---
 var/www/blueprints/correlation.py                   | 7 +++++--
 var/www/templates/correlation/show_correlation.html | 4 +++-
 5 files changed, 26 insertions(+), 7 deletions(-)

diff --git a/bin/lib/ail_core.py b/bin/lib/ail_core.py
index 029af5fb..44cd1359 100755
--- a/bin/lib/ail_core.py
+++ b/bin/lib/ail_core.py
@@ -22,6 +22,11 @@ AIL_OBJECTS = sorted({'chat', 'chat-subchannel', 'chat-thread', 'cookie-name', '
 
 AIL_OBJECTS_WITH_SUBTYPES = {'chat', 'chat-subchannel', 'cryptocurrency', 'pgp', 'username', 'user-account'}
 
+# TODO by object TYPE ????
+AIL_OBJECTS_CORRELATIONS_DEFAULT = sorted({'chat', 'chat-subchannel', 'chat-thread', 'cve', 'cryptocurrency', 'decoded',
+                                           'domain', 'favicon', 'file-name',
+                                           'item', 'image', 'message', 'pgp', 'screenshot', 'title', 'user-account', 'username'})
+
 def get_ail_uuid():
     ail_uuid = r_serv_db.get('ail:uuid')
     if not ail_uuid:
@@ -69,6 +74,9 @@ def get_object_all_subtypes(obj_type):  # TODO Dynamic subtype
         return r_object.smembers(f'all_chat:subtypes')
     return []
 
+def get_default_correlation_objects():
+    return AIL_OBJECTS_CORRELATIONS_DEFAULT
+
 def get_obj_queued():
     return ['item', 'image']
 
diff --git a/bin/lib/objects/Images.py b/bin/lib/objects/Images.py
index 280ac06c..9d71b7d5 100755
--- a/bin/lib/objects/Images.py
+++ b/bin/lib/objects/Images.py
@@ -71,7 +71,10 @@ class Image(AbstractDaterangeObject):
         return file_content
 
     def get_content(self, r_type='str'):
-        return self.get_file_content()
+        if r_type == 'str':
+            return None
+        else:
+            return self.get_file_content()
 
     def get_misp_object(self):
         obj_attrs = []
diff --git a/bin/lib/objects/ail_objects.py b/bin/lib/objects/ail_objects.py
index 5c083e0f..33413943 100755
--- a/bin/lib/objects/ail_objects.py
+++ b/bin/lib/objects/ail_objects.py
@@ -12,7 +12,7 @@ from lib.exceptions import AILObjectUnknown
 
 
 from lib.ConfigLoader import ConfigLoader
-from lib.ail_core import get_all_objects, get_object_all_subtypes, get_objects_with_subtypes
+from lib.ail_core import get_all_objects, get_object_all_subtypes, get_objects_with_subtypes, get_default_correlation_objects
 from lib import correlations_engine
 from lib import relationships_engine
 from lib import btc_ail
@@ -53,13 +53,16 @@ def is_object_subtype(obj_type):
 def is_valid_object_subtype(obj_type, subtype):
     return subtype in get_object_all_subtypes(obj_type)
 
-def sanitize_objs_types(objs):
+def sanitize_objs_types(objs, default=False):
     l_types = []
     for obj in objs:
         if is_valid_object_type(obj):
             l_types.append(obj)
     if not l_types:
-        l_types = get_all_objects()
+        if default:
+            l_types = get_default_correlation_objects()
+        else:
+            l_types = get_all_objects()
     return l_types
 
 #### OBJECT ####
diff --git a/var/www/blueprints/correlation.py b/var/www/blueprints/correlation.py
index 9cd21b24..a5edf49e 100644
--- a/var/www/blueprints/correlation.py
+++ b/var/www/blueprints/correlation.py
@@ -165,7 +165,7 @@ def show_correlation():
 
         related_btc = bool(request.args.get('related_btc', False))
 
-        filter_types = ail_objects.sanitize_objs_types(request.args.get('filter', '').split(','))
+        filter_types = ail_objects.sanitize_objs_types(request.args.get('filter', '').split(','), default=True)
 
         # check if obj_id exist
         if not ail_objects.exists_obj(obj_type, subtype, obj_id):
@@ -206,7 +206,10 @@ def get_description():
         return Response(json.dumps({"status": "error", "reason": "404 Not Found"}, indent=2, sort_keys=True), mimetype='application/json'), 404
     # object exist
     else:
-        res = ail_objects.get_object_meta(obj_type, subtype, obj_id, options={'icon', 'tags', 'tags_safe'},
+        options = {'icon', 'tags', 'tags_safe'}
+        if obj_type == 'message':
+            options.add('content')
+        res = ail_objects.get_object_meta(obj_type, subtype, obj_id, options=options,
                                           flask_context=True)
         if 'tags' in res:
             res['tags'] = list(res['tags'])
diff --git a/var/www/templates/correlation/show_correlation.html b/var/www/templates/correlation/show_correlation.html
index 04c4ee0b..49c8c90c 100644
--- a/var/www/templates/correlation/show_correlation.html
+++ b/var/www/templates/correlation/show_correlation.html
@@ -714,7 +714,9 @@ if (d.popover) {
 							}
 							desc = desc + "</div></dd>"
 						} else if (key!="tags" && key!="id" && key!="img" && key!="icon" && key!="link" && key!="type") {
-							desc = desc + "<dt class=\"col-sm-3 px-0\">" + sanitize_text(key) + "</dt><dd class=\"col-sm-9 px-0\">" + sanitize_text(data[key]) + "</dd>"
+                            if (data[key]) {
+							    desc = desc + "<dt class=\"col-sm-3 px-0\">" + sanitize_text(key) + "</dt><dd class=\"col-sm-9 px-0\">" + sanitize_text(data[key]) + "</dd>"
+                            }
 						}
 					});
 					desc = desc + "</dl>"