diff --git a/lib/mihari/schemas/alert.rb b/lib/mihari/schemas/alert.rb index 1084c140..2b3e43c2 100644 --- a/lib/mihari/schemas/alert.rb +++ b/lib/mihari/schemas/alert.rb @@ -3,9 +3,9 @@ module Mihari module Schemas Alert = Dry::Schema.Params do - required(:rule_id).value(:string) - required(:artifacts).value(array[:string]) - optional(:source).value(:string) + required(:rule_id).filled(:string) + required(:artifacts).array { filled(:string) } + optional(:source).filled(:string) end # diff --git a/lib/mihari/schemas/analyzer.rb b/lib/mihari/schemas/analyzer.rb index 407cbfb6..5851b44e 100644 --- a/lib/mihari/schemas/analyzer.rb +++ b/lib/mihari/schemas/analyzer.rb @@ -20,8 +20,8 @@ module Analyzers key = keys.first const_set(key.upcase, Dry::Schema.Params do required(:analyzer).value(Types::String.enum(*keys)) - required(:query).value(:string) - optional(:api_key).value(:string) + required(:query).filled(:string) + optional(:api_key).filled(:string) optional(:options).hash(AnalyzerPaginationOptions) end) end @@ -36,60 +36,60 @@ module Analyzers key = keys.first const_set(key.upcase, Dry::Schema.Params do required(:analyzer).value(Types::String.enum(*keys)) - required(:query).value(:string) - optional(:api_key).value(:string) + required(:query).filled(:string) + optional(:api_key).filled(:string) optional(:options).hash(AnalyzerOptions) end) end DNSTwister = Dry::Schema.Params do required(:analyzer).value(Types::String.enum(*Mihari::Analyzers::DNSTwister.keys)) - required(:query).value(:string) + required(:query).filled(:string) optional(:options).hash(AnalyzerOptions) end Censys = Dry::Schema.Params do required(:analyzer).value(Types::String.enum(*Mihari::Analyzers::Censys.keys)) - required(:query).value(:string) - optional(:id).value(:string) - optional(:secret).value(:string) + required(:query).filled(:string) + optional(:id).filled(:string) + optional(:secret).filled(:string) optional(:options).hash(AnalyzerPaginationOptions) end CIRCL = Dry::Schema.Params do required(:analyzer).value(Types::String.enum(*Mihari::Analyzers::CIRCL.keys)) - required(:query).value(:string) - optional(:username).value(:string) - optional(:password).value(:string) + required(:query).filled(:string) + optional(:username).filled(:string) + optional(:password).filled(:string) optional(:options).hash(AnalyzerOptions) end Fofa = Dry::Schema.Params do required(:analyzer).value(Types::String.enum(*Mihari::Analyzers::Fofa.keys)) - required(:query).value(:string) - optional(:api_key).value(:string) - optional(:email).value(:string) + required(:query).filled(:string) + optional(:api_key).filled(:string) + optional(:email).filled(:string) optional(:options).hash(AnalyzerPaginationOptions) end PassiveTotal = Dry::Schema.Params do required(:analyzer).value(Types::String.enum(*Mihari::Analyzers::PassiveTotal.keys)) - required(:query).value(:string) - optional(:username).value(:string) - optional(:api_key).value(:string) + required(:query).filled(:string) + optional(:username).filled(:string) + optional(:api_key).filled(:string) optional(:options).hash(AnalyzerOptions) end ZoomEye = Dry::Schema.Params do required(:analyzer).value(Types::String.enum(*Mihari::Analyzers::ZoomEye.keys)) - required(:query).value(:string) + required(:query).filled(:string) required(:type).value(Types::String.enum("host", "web")) optional(:options).hash(AnalyzerPaginationOptions) end Crtsh = Dry::Schema.Params do required(:analyzer).value(Types::String.enum(*Mihari::Analyzers::Crtsh.keys)) - required(:query).value(:string) + required(:query).filled(:string) optional(:exclude_expired).value(:bool).default(true) optional(:match).value(Types::String.enum("=", "ILIKE", "LIKE", "single", "any", "FTS")).default(nil) optional(:options).hash(AnalyzerOptions) @@ -97,22 +97,22 @@ module Analyzers HunterHow = Dry::Schema.Params do required(:analyzer).value(Types::String.enum(*Mihari::Analyzers::HunterHow.keys)) - required(:query).value(:string) + required(:query).filled(:string) required(:start_time).value(:date) required(:end_time).value(:date) - optional(:api_key).value(:string) + optional(:api_key).filled(:string) optional(:options).hash(AnalyzerPaginationOptions) end Feed = Dry::Schema.Params do required(:analyzer).value(Types::String.enum(*Mihari::Analyzers::Feed.keys)) - required(:query).value(:string) - required(:selector).value(:string) + required(:query).filled(:string) + required(:selector).filled(:string) optional(:method).value(Types::HTTPRequestMethods).default("GET") - optional(:headers).value(:hash).default({}) - optional(:params).value(:hash) - optional(:form).value(:hash) - optional(:json).value(:hash) + optional(:headers).filled(:hash) + optional(:params).filled(:hash) + optional(:form).filled(:hash) + optional(:json).filled(:hash) optional(:options).hash(AnalyzerOptions) end end diff --git a/lib/mihari/schemas/emitter.rb b/lib/mihari/schemas/emitter.rb index 5636733c..bf1b0d7f 100644 --- a/lib/mihari/schemas/emitter.rb +++ b/lib/mihari/schemas/emitter.rb @@ -15,31 +15,31 @@ module Emitters MISP = Dry::Schema.Params do required(:emitter).value(Types::String.enum(*Mihari::Emitters::MISP.keys)) - optional(:url).value(:string) - optional(:api_key).value(:string) + optional(:url).filled(:string) + optional(:api_key).filled(:string) optional(:options).hash(Options) end TheHive = Dry::Schema.Params do required(:emitter).value(Types::String.enum(*Mihari::Emitters::TheHive.keys)) - optional(:url).value(:string) - optional(:api_key).value(:string) + optional(:url).filled(:string) + optional(:api_key).filled(:string) optional(:options).hash(Options) end Slack = Dry::Schema.Params do required(:emitter).value(Types::String.enum(*Mihari::Emitters::Slack.keys)) - optional(:webhook_url).value(:string) - optional(:channel).value(:string) + optional(:webhook_url).filled(:string) + optional(:channel).filled(:string) optional(:options).hash(Options) end Webhook = Dry::Schema.Params do required(:emitter).value(Types::String.enum(*Mihari::Emitters::Webhook.keys)) - required(:url).value(:string) + required(:url).filled(:string) optional(:method).value(Types::HTTPRequestMethods).default("POST") - optional(:headers).value(:hash).default({}) - optional(:template).value(:string) + optional(:headers).filled(:hash) + optional(:template).filled(:string) optional(:options).hash(Options) end end diff --git a/lib/mihari/schemas/rule.rb b/lib/mihari/schemas/rule.rb index 1fc912a9..795fced6 100644 --- a/lib/mihari/schemas/rule.rb +++ b/lib/mihari/schemas/rule.rb @@ -7,27 +7,27 @@ module Mihari module Schemas Rule = Dry::Schema.Params do - required(:id).value(:string) - required(:title).value(:string) - required(:description).value(:string) + required(:id).filled(:string) + required(:title).filled(:string) + required(:description).filled(:string) - optional(:tags).value(array[:string]).default([]) + optional(:author).filled(:string) + optional(:status).filled(:string) - optional(:author).value(:string) - optional(:references).value(array[:string]) - optional(:related).value(array[:string]) - optional(:status).value(:string) + optional(:tags).array { filled(:string) }.default([]) + optional(:references).array { filled(:string) } + optional(:related).array { filled(:string) } optional(:created_on).value(:date) optional(:updated_on).value(:date) required(:queries).value(:array).each { Analyzer } # rubocop:disable Lint/Void - optional(:emitters).value(:array).each { Emitter }.default(DEFAULT_EMITTERS) # rubocop:disable Lint/Void optional(:enrichers).value(:array).each { Enricher }.default(DEFAULT_ENRICHERS) # rubocop:disable Lint/Void - optional(:data_types).value(array[Types::DataTypes]).default(Mihari::Types::DataTypes.values) - optional(:falsepositives).value(array[:string]).default([]) + optional(:data_types).filled(array[Types::DataTypes]).default(Mihari::Types::DataTypes.values) + + optional(:falsepositives).array { filled(:string) }.default([]) optional(:artifact_ttl).value(:integer) end @@ -42,7 +42,7 @@ class RuleContract < Dry::Validation::Contract rule(:falsepositives) do value.each do |v| - key.failure("#{v} is not a valid format.") unless valid_falsepositive?(v) + key.failure("#{v} is not a valid format") unless valid_falsepositive?(v) end end