Merge pull request #251 from TheHive-Project/250-add-the-list-comment…

…s-functionnality #250 - Implement list comment methods for alerts and cases
TheHive-Project · Aug 4, 2022 · 3add23a · 3add23a
2 parents cc64ac2 + e34b381
commit 3add23a
Show file tree

Hide file tree

Showing 4 changed files with 65 additions and 2 deletions.
diff --git a/tests/test_alert_endpoint.py b/tests/test_alert_endpoint.py
@@ -204,3 +204,14 @@ def test_create_alert_with_observable_file(
             attachment_map={"obs1": attachment_path},
         )
         assert created_alert["observableCount"] == len(alert_observables)
+
+    def test_find_comments(self, thehive: TheHiveApi, test_alert: OutputAlert):
+
+        created_comment = thehive.comment.create_in_alert(
+            alert_id=test_alert["_id"],
+            comment={"message": "my first comment"},
+        )
+
+        alert_comments = thehive.alert.find_comments(alert_id=test_alert["_id"])
+
+        assert [created_comment] == alert_comments
diff --git a/tests/test_case_endpoint.py b/tests/test_case_endpoint.py
@@ -223,8 +223,9 @@ def test_share_and_set_share(self, thehive: TheHiveApi, test_case: OutputCase):
         assert len(thehive.case.list_shares(case_id=test_case["_id"])) == len(shares)
 
         set_shares = thehive.case.set_share(case_id=test_case["_id"], shares=[])
-        assert len(thehive.case.list_shares(case_id=test_case["_id"])) == len(set_shares)
-
+        assert len(thehive.case.list_shares(case_id=test_case["_id"])) == len(
+            set_shares
+        )
 
     def test_find_and_count(self, thehive: TheHiveApi, test_cases: List[OutputCase]):
         filters = Eq("title", test_cases[0]["title"]) | Eq(
@@ -309,3 +310,14 @@ def test_close_and_open(self, thehive: TheHiveApi, test_case: OutputCase):
         thehive.case.open(case_id, status=open_status)
         reopened_case = thehive.case.get(case_id)
         assert reopened_case["status"] == open_status
+
+    def test_find_comments(self, thehive: TheHiveApi, test_case: OutputCase):
+
+        created_comment = thehive.comment.create_in_case(
+            case_id=test_case["_id"],
+            comment={"message": "my first comment"},
+        )
+
+        case_comments = thehive.case.find_comments(case_id=test_case["_id"])
+
+        assert [created_comment] == case_comments
diff --git a/thehive4py/endpoints/alert.py b/thehive4py/endpoints/alert.py
@@ -13,6 +13,7 @@
     OutputAlert,
 )
 from thehive4py.types.case import OutputCase
+from thehive4py.types.comment import OutputComment
 from thehive4py.types.observable import InputObservable, OutputObservable
 
 
@@ -141,3 +142,22 @@ def find_observables(
             params={"name": "alert-observables"},
             json={"query": query},
         )
+
+    def find_comments(
+        self,
+        alert_id: str,
+        filters: Optional[FilterExpr] = None,
+        sortby: Optional[SortExpr] = None,
+        paginate: Optional[Paginate] = None,
+    ) -> List[OutputComment]:
+        query: QueryExpr = [
+            {"_name": "getAlert", "idOrName": alert_id},
+            {"_name": "comments"},
+            *self._build_subquery(filters=filters, sortby=sortby, paginate=paginate),
+        ]
+        return self._session.make_request(
+            "POST",
+            path="/api/v1/query",
+            params={"name": "alert-comments"},
+            json={"query": query},
+        )
diff --git a/thehive4py/endpoints/case.py b/thehive4py/endpoints/case.py
@@ -16,6 +16,7 @@
     InputUpdateCase,
     OutputCase,
 )
+from thehive4py.types.comment import OutputComment
 from thehive4py.types.observable import InputObservable, OutputObservable
 from thehive4py.types.share import InputShare, OutputShare
 from thehive4py.types.task import InputTask, OutputTask
@@ -256,6 +257,25 @@ def find_attachments(
             json={"query": query},
         )
 
+    def find_comments(
+        self,
+        case_id: CaseId,
+        filters: Optional[FilterExpr] = None,
+        sortby: Optional[SortExpr] = None,
+        paginate: Optional[Paginate] = None,
+    ) -> List[OutputComment]:
+        query: QueryExpr = [
+            {"_name": "getCase", "idOrName": case_id},
+            {"_name": "comments"},
+            *self._build_subquery(filters=filters, sortby=sortby, paginate=paginate),
+        ]
+        return self._session.make_request(
+            "POST",
+            path="/api/v1/query",
+            params={"name": "case-comments"},
+            json={"query": query},
+        )
+
     def close(
         self,
         case_id: CaseId,