fix: Avoid issues with the attribute value field name

- The module setup allows 'value1' as attribute value field name, but we want to make sure that users passing standard misp format with 'value' instead, will not have issues, as well as keeping the current setup
2020-07-28 11:56:03 +02:00 · 2020-07-28 11:56:03 +02:00 · 3ab67b23b6
parent 3b7a5c4dc2
commit 3ab67b23b6
1 changed files with 12 additions and 6 deletions
--- a/misp_modules/modules/expansion/sophoslabs_intelix.py
+++ b/misp_modules/modules/expansion/sophoslabs_intelix.py
@ -113,12 +113,18 @@ def handler(q=False):
    if attribute['type'] not in misp_types_in:
        return {'error': 'Unsupported attribute type.'}
    client = SophosLabsApi(j['config']['client_id'], j['config']['client_secret'])
-    if j['attribute']['type'] == "sha256":
-        client.hash_lookup(j['attribute']['value1'])
-    if j['attribute']['type'] in ['ip-dst', 'ip-src', 'ip']:
-        client.ip_lookup(j["attribute"]["value1"])
-    if j['attribute']['type'] in ['uri', 'url', 'domain', 'hostname']:
-        client.url_lookup(j["attribute"]["value1"])
+    mapping = {
+        'sha256': 'hash_lookup',
+        'ip-dst': 'ip_lookup',
+        'ip-src': 'ip_lookup',
+        'ip': 'ip_lookup',
+        'uri': 'url_lookup',
+        'url': 'url_lookup',
+        'domain': 'url_lookup',
+        'hostname': 'url_lookup'
+    }
+    attribute_value = attribute['value'] if 'value' in attribute else attribute['value1']
+    getattr(client, mapping[attribute['type']])(attribute_value)
    return client.get_result()