fix(engine): Working case management

TracecatHQ · Jun 5, 2024 · 82d45ee · 82d45ee
1 parent bee7d52
commit 82d45ee
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 15 deletions.
diff --git a/tracecat/actions/core/cases.py b/tracecat/actions/core/cases.py
@@ -8,7 +8,7 @@
 from loguru import logger
 from pydantic import Field
 
-from tracecat.contexts import ctx_role
+from tracecat.contexts import ctx_role, ctx_run
 from tracecat.db.engine import create_vdb_conn
 from tracecat.db.schemas import CaseContext
 from tracecat.registry import registry
@@ -53,35 +53,41 @@ async def open_case(
     context: Annotated[
         list[CaseContext] | None,
         Field(description="List of case contexts"),
-    ],
+    ] = None,
     suppression: Annotated[
-        list[Suppression],
+        list[Suppression] | None,
         Field(description="List of suppressions"),
     ] = None,
     tags: Annotated[
-        list[Tag],
+        list[Tag] | None,
         Field(description="List of tags"),
     ] = None,
 ) -> dict[str, Any]:
     db = create_vdb_conn()
     tbl = db.open_table("cases")
+
+    run_ctx = ctx_run.get()
     role = ctx_role.get()
-    if role.user_id is None:
-        raise ValueError(f"User ID not found in session context: {role}.")
-    # TODO: Get ar-id from temporalio?
+
+    if not role or not run_ctx:
+        raise ValueError(f"Could not retrieve run context: {run_ctx}.")
+    _context = context or []
+    _suppression = suppression or []
+    _tags = tags or []
+    logger.info("Opening case", title=case_title, malice=malice, status=status)
+    logger.info("Opening case", context=_context, suppression=_suppression, tags=_tags)
     case = Case(
-        id="PLACEHOLDER",
         owner_id=role.user_id,
-        workflow_id="PLACEHOLDER",
+        workflow_id=run_ctx.wf_id,
         case_title=case_title,
         payload=payload,
         malice=malice,
         status=status,
         priority=priority,
-        context=context,
         action=action,
-        suppression=suppression,
-        tags=tags,
+        context=_context,
+        suppression=_suppression,
+        tags=_tags,
     )
     logger.opt(lazy=True).debug("Sinking case", case=lambda: case.model_dump())
     try:

diff --git a/tracecat/types/cases.py b/tracecat/types/cases.py
@@ -1,10 +1,10 @@
 from datetime import UTC, datetime
 from typing import Any, Literal, Self
-from uuid import uuid4
 
 import orjson
 from pydantic import BaseModel, Field
 
+from tracecat.db.schemas import gen_id
 from tracecat.types.api import CaseContext, CaseParams, ListModel, Suppression, Tag
 
 CaseEvent = Literal[
@@ -20,18 +20,18 @@ class Case(BaseModel):
     """Case model used in the API and runner."""
 
     # Required inputs
-    id: str = Field(default_factory=lambda: uuid4().hex)  # Action run id
+    id: str = Field(default_factory=gen_id("case"))  # Action run id
     owner_id: str  # NOTE: Ideally this would inherit form db.Resource
     workflow_id: str
     case_title: str
     payload: dict[str, Any]
     malice: Literal["malicious", "benign"]
     status: Literal["open", "closed", "in_progress", "reported", "escalated"]
     priority: Literal["low", "medium", "high", "critical"]
-    context: ListModel[CaseContext]  # JSON serialized
     action: Literal[
         "ignore", "quarantine", "informational", "sinkhole", "active_compromise"
     ]
+    context: ListModel[CaseContext]  # JSON serialized
     suppression: ListModel[Suppression]  # JSON serialized
     tags: ListModel[Tag]  # JSON serialized
     created_at: datetime = Field(default_factory=lambda: datetime.now(UTC))