Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Refactoring #1026

Merged
merged 3 commits into from
Jan 14, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
25 changes: 7 additions & 18 deletions lib/mihari/analyzers/base.rb
Original file line number Diff line number Diff line change
Expand Up @@ -63,12 +63,10 @@ def normalized_artifacts
artifacts.compact.sort.map do |artifact|
# No need to set data_type manually
# It is set automatically in #initialize
artifact = artifact.is_a?(Models::Artifact) ? artifact : Models::Artifact.new(data: artifact)

artifact.source = self.class.key
artifact.query = query

artifact
(artifact.is_a?(Models::Artifact) ? artifact : Models::Artifact.new(data: artifact)).tap do |normalized|
normalized.source = self.class.key
normalized.query = query
end
end.select(&:valid?).uniq(&:data)
end

Expand Down Expand Up @@ -118,18 +116,9 @@ class << self
#
# @return [Mihari::Analyzers::Base]
#
def from_query(params)
copied = params.deep_dup

# convert params into arguments for initialization
query = copied[:query]

# delete analyzer and query
%i[analyzer query].each { |key| copied.delete key }

copied[:options] = copied[:options] || nil

new(query, **copied)
def from_params(params)
query = params.delete(:query)
new(query, **params)
end

def inherited(child)
Expand Down
20 changes: 5 additions & 15 deletions lib/mihari/emitters/slack.rb
Original file line number Diff line number Diff line change
Expand Up @@ -176,21 +176,11 @@ def target
# @return [::Slack::Notifier]
#
def notifier
@notifier ||= [].tap do |out|
out << if timeout.nil?
::Slack::Notifier.new(
webhook_url,
channel: channel, username: username
)
else
::Slack::Notifier.new(
webhook_url,
channel: channel,
username: username,
http_options: { timeout: timeout }
)
end
end.first
@notifier ||= lambda do
return ::Slack::Notifier.new(webhook_url, channel: channel, username: username) if timeout.nil?

::Slack::Notifier.new(webhook_url, channel: channel, username: username, http_options: { timeout: timeout })
end.call
end

#
Expand Down
12 changes: 5 additions & 7 deletions lib/mihari/enrichers/whois.rb
Original file line number Diff line number Diff line change
Expand Up @@ -53,13 +53,11 @@ def memoized_call(domain)
# @return [::Whois::Client]
#
def whois
@whois ||= [].tap do |out|
out << if timeout.nil?
::Whois::Client.new
else
::Whois::Client.new(timeout: timeout)
end
end.last
@whois ||= lambda do
return ::Whois::Client.new if timeout.nil?

::Whois::Client.new(timeout: timeout)
end.call
end

#
Expand Down
42 changes: 18 additions & 24 deletions lib/mihari/rule.rb
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@

module Mihari
class Rule < Service
include Concerns::FalsePositiveNormalizable
include Concerns::FalsePositiveValidatable

# @return [Hash]
Expand Down Expand Up @@ -136,8 +137,7 @@ def artifacts
analyzer_results.flat_map do |result|
artifacts = result.value!
artifacts.map do |artifact|
artifact.rule_id = id
artifact
artifact.tap { |tapped| tapped.rule_id = id }
end
end
end
Expand Down Expand Up @@ -188,9 +188,7 @@ def enriched_artifacts
def bulk_emit
return [] if enriched_artifacts.empty?

Parallel.map(emitters) do |emitter|
emitter.result(enriched_artifacts).value_or nil
end.compact
Parallel.map(emitters) { |emitter| emitter.result(enriched_artifacts).value_or nil }.compact
end

#
Expand Down Expand Up @@ -315,12 +313,12 @@ def get_analyzer_class(key)
# @return [Array<Mihari::Analyzers::Base>]
#
def analyzers
@analyzers ||= queries.map do |params|
analyzer_name = params[:analyzer]
klass = get_analyzer_class(analyzer_name)
analyzer = klass.from_query(params)
analyzer.validate_configuration!
analyzer
@analyzers ||= queries.deep_dup.map do |params|
name = params.delete(:analyzer)
klass = get_analyzer_class(name)
klass.from_params(params).tap do |analyzer|
analyzer.validate_configuration!
end
end
end

Expand Down Expand Up @@ -356,16 +354,14 @@ def get_emitter_class(key)
# @return [Array<Mihari::Emitters::Base>]
#
def emitters
@emitters ||= data[:emitters].map(&:deep_dup).map do |params|
name = params[:emitter]
options = params[:options]

%i[emitter options].each { |key| params.delete key }
@emitters ||= data[:emitters].deep_dup.map do |params|
name = params.delete(:emitter)
options = params.delete(:options)

klass = get_emitter_class(name)
emitter = klass.new(rule: self, options: options, **params)
emitter.validate_configuration!
emitter
klass.new(rule: self, options: options, **params).tap do |emitter|
emitter.validate_configuration!
end
end
end

Expand All @@ -386,11 +382,9 @@ def get_enricher_class(key)
# @return [Array<Mihari::Enrichers::Base>] enrichers
#
def enrichers
@enrichers ||= data[:enrichers].map(&:deep_dup).map do |params|
name = params[:enricher]
options = params[:options]

%i[enricher options].each { |key| params.delete key }
@enrichers ||= data[:enrichers].deep_dup.map do |params|
name = params.delete(:enricher)
options = params.delete(:options)

klass = get_enricher_class(name)
klass.new(options: options, **params)
Expand Down
6 changes: 3 additions & 3 deletions lib/mihari/services/proxies.rb
Original file line number Diff line number Diff line change
Expand Up @@ -79,10 +79,10 @@ def source
# @return [Mihari::Rule]
#
def rule
@rule ||= [].tap do |out|
@rule ||= lambda do
data = Mihari::Models::Rule.find(rule_id).data
out << Rule.new(**data)
end.first
Rule.new(**data)
end.call
end
end
end
Expand Down
2 changes: 1 addition & 1 deletion lib/mihari/web/endpoints/artifacts.rb
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,7 @@ class Artifacts < Grape::API
end
end.to_result

message = queued ? "ID:#{id}'s enrichment has been queued" : "ID:#{id}'s enrichment has been succeeded"
message = queued ? "ID:#{id}'s enrichment is queued" : "ID:#{id}'s enrichment is successful"
return present({ message: message, queued: queued }, with: Entities::QueueMessage) if result.success?

case result.failure
Expand Down
2 changes: 1 addition & 1 deletion lib/mihari/web/endpoints/rules.rb
Original file line number Diff line number Diff line change
Expand Up @@ -94,7 +94,7 @@ def call(yaml, overwrite: true)
end
end.to_result

message = queued ? "ID:#{id}'s search has been queued" : "ID:#{id}'s search has been succeed"
message = queued ? "ID:#{id}'s search is queued" : "ID:#{id}'s search is successful"
return present({ message: message, queued: queued }, with: Entities::QueueMessage) if result.success?

case result.failure
Expand Down