chg: Improve MISP push

lookyloo/modules.py

@@ -58,7 +58,7 @@ class MISP():
     def get_fav_tags(self):
         return self.client.tags(pythonify=True, favouritesOnly=1)
 
-    def _prepare_push(self, to_push: Union[List[MISPEvent], MISPEvent], allow_duplicates: bool=False) -> Union[List[MISPEvent], MISPEvent, Dict]:
+    def _prepare_push(self, to_push: Union[List[MISPEvent], MISPEvent], allow_duplicates: bool=False, auto_publish: bool=False) -> Union[List[MISPEvent], Dict]:
         '''Adds the pre-configured information as required by the instance.
         If duplicates aren't allowed, they will be automatically skiped and the
         extends_uuid key in the next element in the list updated'''
@@ -80,14 +80,16 @@ class MISP():
 
             for tag in self.default_tags:
                 event.add_tag(tag)
-            if self.auto_publish:
+            if auto_publish:
                 event.publish()
             events_to_push.append(event)
         return events_to_push
 
-    def push(self, to_push: Union[List[MISPEvent], MISPEvent], allow_duplicates: bool=False) -> Union[List[MISPEvent], Dict]:
+    def push(self, to_push: Union[List[MISPEvent], MISPEvent], allow_duplicates: bool=False, auto_publish: Optional[bool]=None) -> Union[List[MISPEvent], Dict]:
+        if auto_publish is None:
+            auto_publish = self.auto_publish
         if self.available and self.enable_push:
-            events = self._prepare_push(to_push, allow_duplicates)
+            events = self._prepare_push(to_push, allow_duplicates, auto_publish)
             if not events:
                 return {'error': 'All the events are already on the MISP instance.'}
             if isinstance(events, Dict):

website/web/__init__.py

@@ -20,7 +20,7 @@ from flask_bootstrap import Bootstrap  # type: ignore
 import flask_login  # type: ignore
 from werkzeug.security import generate_password_hash, check_password_hash
 
-from pymisp import MISPEvent
+from pymisp import MISPEvent, MISPServerError
 
 from lookyloo.helpers import (get_homedir, update_user_agents, get_user_agents, get_config,
                               get_taxonomies, load_cookies, CaptureStatus)
@@ -979,12 +979,20 @@ def web_misp_push_view(tree_uuid: str):
             for tag in tags:
                 e.add_tag(tag)
 
-        new_events = lookyloo.misp.push(events)
+        # Change the event info field of the last event in the chain
-        if isinstance(new_events, dict):
+        events[-1].info = request.form.get('event_info')
-            flash(f'Unable to create event(s): {new_events}', 'error')
+
+        try:
+            new_events = lookyloo.misp.push(events, True if request.form.get('force_push') else False,
+                                            True if request.form.get('auto_publish') else False)
+        except MISPServerError:
+            flash(f'MISP returned an error, the event(s) might still have been created on {lookyloo.misp.client.root_url}', 'error')
         else:
-            for e in new_events:
+            if isinstance(new_events, dict):
-                flash(f'MISP event {e.id} created on {lookyloo.misp.client.root_url}', 'success')
+                flash(f'Unable to create event(s): {new_events}', 'error')
+            else:
+                for e in new_events:
+                    flash(f'MISP event {e.id} created on {lookyloo.misp.client.root_url}', 'success')
         return redirect(url_for('tree', tree_uuid=tree_uuid))
     else:
         # the 1st attribute in the event is the link to lookyloo
@@ -994,7 +1002,7 @@ def web_misp_push_view(tree_uuid: str):
     cache = lookyloo.capture_cache(tree_uuid)
 
     return render_template('misp_push_view.html', tree_uuid=tree_uuid,
-                           event=event, fav_tags=fav_tags,
+                           event=event[0], fav_tags=fav_tags,
                            existing_event=existing_misp_url,
                            auto_publish=lookyloo.misp.auto_publish,
                            has_parent=True if cache and cache.parent else False,

website/web/templates/misp_push_view.html

@@ -1,8 +1,13 @@
 <div>
-  <p>Event to push: {{event.info}}</p>
-  <p>Auto Publish: {{auto_publish}}</p>
   <p>Default tags: {{', '.join(default_tags)}}</p>
   <form role="form" action="{{ url_for('web_misp_push_view', tree_uuid=tree_uuid) }}" method=post enctype=multipart/form-data>
+    <div class="form-group row">
+      <label for="url" class="col-sm-2 col-form-label">Event info:</label>
+      <div class="col-sm-10">
+        <input type="text" class="form-control" name="event_info" value="{{event.info}}">
+      </div>
+    </div>
+
     <div class="form-group row">
       <label for="tags" class="col-sm-2 col-form-label">Available tags:</label>
       <div class="col-sm-10">
@@ -13,6 +18,10 @@
         </select>
       </div>
     </div>
+    <div class="form-check">
+      <input class="form-check-input" type="checkbox" name="auto_publish" {%if auto_publish %} checked {% endif %}></input>
+      <label for="auto_publish" class="form-check-label">Publish the event automatically</label>
+    </div>
     {% if existing_event %}
     <p>There is already an <a href="{{existing_event}}">event on your MISP instance</a> with this lookyloo capture.</p>
     <div class="form-check">