Fix all pivot (intelowlproject#2695)

* accept only connectors

* fix all pivot run with one connector

Author: drosetti

api_app/pivots_manager/queryset.py

@@ -20,7 +20,6 @@ def valid(
                         analyzers.values_list("pk", flat=True)
                     )
                 )
-                | Q(related_analyzer_configs=None)
             )
         if connectors.exists():
             qs = qs.many_to_many_to_array("related_connector_configs").filter(
@@ -29,7 +28,6 @@ def valid(
                         connectors.values_list("pk", flat=True)
                     )
                 )
-                | Q(related_connector_configs=None)
             )
         return qs.distinct()
 

api_app/serializers/job.py

@@ -124,13 +124,13 @@ class Meta:
         slug_field="name",
         queryset=ConnectorConfig.objects.all(),
         many=True,
-        default=ConnectorConfig.objects.none(),
+        default=[],
     )
     analyzers_requested = rfs.SlugRelatedField(
         slug_field="name",
         queryset=AnalyzerConfig.objects.all(),
         many=True,
-        default=AnalyzerConfig.objects.none(),
+        default=[],
     )
     playbook_requested = rfs.SlugRelatedField(
         slug_field="name",
@@ -927,6 +927,7 @@ def set_analyzers_to_execute(
         observable_classification: str,
         **kwargs,
     ) -> List[AnalyzerConfig]:
+        logger.debug(f"{analyzers_requested=} {type(analyzers_requested)=}")
         analyzers_to_execute = analyzers_requested.copy()
 
         partially_filtered_analyzers_qs = AnalyzerConfig.objects.filter(

api_app/views.py

@@ -324,10 +324,12 @@ def analyze_multiple_observables(request):
     - 200: JSON response with the job details for each initiated analysis.
     """
     logger.info(f"received analyze_multiple_observables from user {request.user}")
+    logger.debug(f"{request.data=}")
     oas = ObservableAnalysisSerializer(
         data=request.data, many=True, context={"request": request}
     )
     oas.is_valid(raise_exception=True)
+    logger.debug(f"{oas.validated_data=}")
     parent_job = oas.validated_data[0].get("parent_job", None)
     jobs = oas.save(send_task=True, parent=parent_job)
     jrs = JobResponseSerializer(jobs, many=True).data

tests/api_app/test_api.py

@@ -12,6 +12,7 @@
 
 from api_app import models
 from api_app.analyzers_manager.models import AnalyzerConfig
+from api_app.connectors_manager.models import ConnectorConfig
 from api_app.playbooks_manager.models import PlaybookConfig
 
 from .. import CustomViewSetTestCase
@@ -288,6 +289,50 @@ def test_analyze_multiple_observables(self):
             msg=msg,
         )
 
+    def test_observable_no_analyzers_only_connector(self):
+        models.PluginConfig.objects.create(
+            value="test subject",
+            parameter=models.Parameter.objects.get(
+                name="subject",
+                python_module=models.PythonModule.objects.get(
+                    module="email_sender.EmailSender"
+                ),
+            ),
+            connector_config=ConnectorConfig.objects.get(name="EmailSender"),
+        )
+        models.PluginConfig.objects.create(
+            value="test body",
+            parameter=models.Parameter.objects.get(
+                name="body",
+                python_module=models.PythonModule.objects.get(
+                    module="email_sender.EmailSender"
+                ),
+            ),
+            connector_config=ConnectorConfig.objects.get(name="EmailSender"),
+        )
+
+        data = {
+            "observables": [
+                ["ip", "8.8.8.8"],
+            ],
+            "connectors_requested": ["EmailSender"],
+            "tlp": "CLEAR",
+        }
+        response = self.client.post(
+            "/api/analyze_multiple_observables", data, format="json"
+        )
+        contents = response.json()
+        msg = (response.status_code, contents)
+        self.assertEqual(response.status_code, 200, msg=msg)
+
+        content = contents["results"][0]
+
+        job_id = int(content["job_id"])
+        job = models.Job.objects.get(pk=job_id)
+        self.assertEqual(data["observables"][0][1], job.observable_name, msg=msg)
+        self.assertEqual(job.analyzers_requested.count(), 0)
+        self.assertEqual(job.pivots_to_execute.count(), 0)
+
     def test_download_sample_200(self):
         self.assertEqual(models.Job.objects.count(), 0)
         filename = "file.exe"