Get TIF Source Config API (#1049)

* create tif source config api implementation

Signed-off-by: Joanne Wang <[email protected]>

* clean up

Signed-off-by: Joanne Wang <[email protected]>

* getTIFSourceConfig API

Signed-off-by: Joanne Wang <[email protected]>

* clean up

Signed-off-by: Joanne Wang <[email protected]>

* more cleanup

Signed-off-by: Joanne Wang <[email protected]>

* remove runner

Signed-off-by: Joanne Wang <[email protected]>

* add unit serialization tests

Signed-off-by: Joanne Wang <[email protected]>

---------

Signed-off-by: Joanne Wang <[email protected]>

src/main/java/org/opensearch/securityanalytics/SecurityAnalyticsPlugin.java

@@ -67,14 +67,17 @@
 import org.opensearch.securityanalytics.model.IocDao;
 import org.opensearch.securityanalytics.model.ThreatIntelFeedData;
 import org.opensearch.securityanalytics.resthandler.*;
+import org.opensearch.securityanalytics.threatIntel.action.SAGetTIFSourceConfigAction;
 import org.opensearch.securityanalytics.threatIntel.action.SAIndexTIFSourceConfigAction;
 import org.opensearch.securityanalytics.threatIntel.dao.SATIFSourceConfigDao;
 import org.opensearch.securityanalytics.threatIntel.model.SATIFSourceConfig;
+import org.opensearch.securityanalytics.threatIntel.resthandler.RestGetTIFSourceConfigAction;
 import org.opensearch.securityanalytics.threatIntel.resthandler.RestIndexTIFSourceConfigAction;
 import org.opensearch.securityanalytics.threatIntel.service.DetectorThreatIntelService;
 import org.opensearch.securityanalytics.threatIntel.service.SATIFSourceConfigService;
 import org.opensearch.securityanalytics.threatIntel.service.ThreatIntelFeedDataService;
 import org.opensearch.securityanalytics.threatIntel.action.PutTIFJobAction;
+import org.opensearch.securityanalytics.threatIntel.transport.TransportGetTIFSourceConfigAction;
 import org.opensearch.securityanalytics.threatIntel.transport.TransportIndexTIFSourceConfigAction;
 import org.opensearch.securityanalytics.threatIntel.transport.TransportPutTIFJobAction;
 import org.opensearch.securityanalytics.threatIntel.common.TIFLockService;
@@ -189,7 +192,7 @@ public Collection<Object> createComponents(Client client,
         TIFJobParameterService tifJobParameterService = new TIFJobParameterService(client, clusterService);
         TIFJobUpdateService tifJobUpdateService = new TIFJobUpdateService(clusterService, tifJobParameterService, threatIntelFeedDataService, builtInTIFMetadataLoader);
         TIFLockService threatIntelLockService = new TIFLockService(clusterService, client);
-        SaTifSourceConfigDao = new SATIFSourceConfigDao(client, clusterService, threadPool, threatIntelLockService);
+        SaTifSourceConfigDao = new SATIFSourceConfigDao(client, clusterService, threadPool, xContentRegistry, threatIntelLockService);
         SATIFSourceConfigService SaTifSourceConfigService = new SATIFSourceConfigService(SaTifSourceConfigDao, threatIntelLockService);
 
 
@@ -239,7 +242,8 @@ public List<RestHandler> getRestHandlers(Settings settings,
                 new RestIndexCustomLogTypeAction(),
                 new RestSearchCustomLogTypeAction(),
                 new RestDeleteCustomLogTypeAction(),
-                new RestIndexTIFSourceConfigAction()
+                new RestIndexTIFSourceConfigAction(),
+                new RestGetTIFSourceConfigAction()
         );
     }
 
@@ -375,7 +379,8 @@ public List<Setting<?>> getSettings() {
                 new ActionHandler<>(SearchCustomLogTypeAction.INSTANCE, TransportSearchCustomLogTypeAction.class),
                 new ActionHandler<>(DeleteCustomLogTypeAction.INSTANCE, TransportDeleteCustomLogTypeAction.class),
                 new ActionHandler<>(PutTIFJobAction.INSTANCE, TransportPutTIFJobAction.class),
-                new ActionHandler<>(SAIndexTIFSourceConfigAction.INSTANCE, TransportIndexTIFSourceConfigAction.class)
+                new ActionHandler<>(SAIndexTIFSourceConfigAction.INSTANCE, TransportIndexTIFSourceConfigAction.class),
+                new ActionHandler<>(SAGetTIFSourceConfigAction.INSTANCE, TransportGetTIFSourceConfigAction.class)
         );
     }
 

src/main/java/org/opensearch/securityanalytics/threatIntel/action/SAGetTIFSourceConfigAction.java

@@ -0,0 +1,22 @@
+/*
+ * Copyright OpenSearch Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package org.opensearch.securityanalytics.threatIntel.action;
+
+import org.opensearch.action.ActionType;
+
+import static org.opensearch.securityanalytics.threatIntel.sacommons.IndexTIFSourceConfigAction.GET_TIF_SOURCE_CONFIG_ACTION_NAME;
+
+/**
+ * Get TIF Source Config Action
+ */
+public class SAGetTIFSourceConfigAction extends ActionType<SAGetTIFSourceConfigResponse> {
+
+    public static final SAGetTIFSourceConfigAction INSTANCE = new SAGetTIFSourceConfigAction();
+    public static final String NAME = GET_TIF_SOURCE_CONFIG_ACTION_NAME;
+    private SAGetTIFSourceConfigAction() {
+        super(NAME, SAGetTIFSourceConfigResponse::new);
+    }
+}

src/main/java/org/opensearch/securityanalytics/threatIntel/action/SAGetTIFSourceConfigRequest.java

@@ -0,0 +1,61 @@
+/*
+ * Copyright OpenSearch Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package org.opensearch.securityanalytics.threatIntel.action;
+
+import org.opensearch.action.ActionRequest;
+import org.opensearch.action.ActionRequestValidationException;
+import org.opensearch.core.common.io.stream.StreamInput;
+import org.opensearch.core.common.io.stream.StreamOutput;
+
+import java.io.IOException;
+import java.util.Locale;
+
+import static org.opensearch.action.ValidateActions.addValidationError;
+
+/**
+ * Get threat intel feed source config request
+ */
+public class SAGetTIFSourceConfigRequest extends ActionRequest {
+    private final String id;
+    private final Long version;
+    public static final String TIF_SOURCE_CONFIG_ID = "tif_source_config_id";
+
+    public SAGetTIFSourceConfigRequest(String id, Long version) {
+        super();
+        this.id = id;
+        this.version = version;
+    }
+
+    public SAGetTIFSourceConfigRequest(StreamInput sin) throws IOException {
+        this(sin.readString(), // id
+             sin.readLong()); // version
+    }
+
+    @Override
+    public void writeTo(StreamOutput out) throws IOException {
+        out.writeString(id);
+        out.writeLong(version);
+    }
+
+    public String getId() {
+        return id;
+    }
+
+    public Long getVersion() {
+        return version;
+    }
+
+
+    @Override
+    public ActionRequestValidationException validate() {
+        ActionRequestValidationException validationException = null;
+        if (id == null || id.isEmpty()) {
+            validationException = addValidationError(String.format(Locale.getDefault(), "%s is missing", TIF_SOURCE_CONFIG_ID), validationException);
+        }
+        return validationException;
+    }
+
+}

src/main/java/org/opensearch/securityanalytics/threatIntel/action/SAGetTIFSourceConfigResponse.java

@@ -0,0 +1,101 @@
+/*
+ * Copyright OpenSearch Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ */
+package org.opensearch.securityanalytics.threatIntel.action;
+
+import org.opensearch.core.action.ActionResponse;
+import org.opensearch.core.common.io.stream.StreamInput;
+import org.opensearch.core.common.io.stream.StreamOutput;
+import org.opensearch.core.rest.RestStatus;
+import org.opensearch.core.xcontent.ToXContentObject;
+import org.opensearch.core.xcontent.XContentBuilder;
+import org.opensearch.securityanalytics.threatIntel.model.SATIFSourceConfigDto;
+
+import java.io.IOException;
+
+import static org.opensearch.securityanalytics.util.RestHandlerUtils._ID;
+import static org.opensearch.securityanalytics.util.RestHandlerUtils._VERSION;
+
+public class SAGetTIFSourceConfigResponse extends ActionResponse implements ToXContentObject {
+    private final String id;
+
+    private final Long version;
+
+    private final RestStatus status;
+
+    private final SATIFSourceConfigDto SaTifSourceConfigDto;
+
+
+    public SAGetTIFSourceConfigResponse(String id, Long version, RestStatus status, SATIFSourceConfigDto SaTifSourceConfigDto) {
+        super();
+        this.id = id;
+        this.version = version;
+        this.status = status;
+        this.SaTifSourceConfigDto = SaTifSourceConfigDto;
+    }
+
+    public SAGetTIFSourceConfigResponse(StreamInput sin) throws IOException {
+        this(
+                sin.readString(), // id
+                sin.readLong(), // version
+                sin.readEnum(RestStatus.class), // status
+                sin.readBoolean()? SATIFSourceConfigDto.readFrom(sin) : null // SA tif config dto
+        );
+    }
+
+    @Override
+    public void writeTo(StreamOutput out) throws IOException {
+        out.writeString(id);
+        out.writeLong(version);
+        out.writeEnum(status);
+        if (SaTifSourceConfigDto != null) {
+            out.writeBoolean((true));
+            SaTifSourceConfigDto.writeTo(out);
+        } else {
+            out.writeBoolean(false);
+        }
+    }
+
+    @Override
+    public XContentBuilder toXContent(XContentBuilder builder, Params params) throws IOException {
+        builder.startObject()
+                .field(_ID, id)
+                .field(_VERSION, version);
+        builder.startObject("tif_config")
+                .field(SATIFSourceConfigDto.FEED_NAME_FIELD, SaTifSourceConfigDto.getName())
+                .field(SATIFSourceConfigDto.FEED_FORMAT_FIELD, SaTifSourceConfigDto.getFeedFormat())
+                .field(SATIFSourceConfigDto.FEED_TYPE_FIELD, SaTifSourceConfigDto.getFeedType())
+                .field(SATIFSourceConfigDto.STATE_FIELD, SaTifSourceConfigDto.getState())
+                .field(SATIFSourceConfigDto.ENABLED_TIME_FIELD, SaTifSourceConfigDto.getEnabledTime())
+                .field(SATIFSourceConfigDto.ENABLED_FIELD, SaTifSourceConfigDto.isEnabled())
+                .field(SATIFSourceConfigDto.CREATED_AT_FIELD, SaTifSourceConfigDto.getCreatedAt())
+                .field(SATIFSourceConfigDto.LAST_UPDATE_TIME_FIELD, SaTifSourceConfigDto.getLastUpdateTime())
+                .field(SATIFSourceConfigDto.LAST_REFRESHED_TIME_FIELD, SaTifSourceConfigDto.getLastRefreshedTime())
+                .field(SATIFSourceConfigDto.REFRESH_TYPE_FIELD, SaTifSourceConfigDto.getRefreshType())
+                .field(SATIFSourceConfigDto.LAST_REFRESHED_USER_FIELD, SaTifSourceConfigDto.getLastRefreshedUser())
+                .field(SATIFSourceConfigDto.SCHEDULE_FIELD, SaTifSourceConfigDto.getSchedule())
+                // source
+                .field(SATIFSourceConfigDto.CREATED_BY_USER_FIELD, SaTifSourceConfigDto.getCreatedByUser())
+                .field(SATIFSourceConfigDto.IOC_MAP_STORE_FIELD, SaTifSourceConfigDto.getIocMapStore())
+                .field(SATIFSourceConfigDto.IOC_TYPES_FIELD, SaTifSourceConfigDto.getIocTypes())
+                .endObject();
+        return builder.endObject();
+    }
+
+    public String getId() {
+        return id;
+    }
+
+    public Long getVersion() {
+        return version;
+    }
+
+    public RestStatus getStatus() {
+        return status;
+    }
+
+    public SATIFSourceConfigDto getSaTifSourceConfigDto() {
+        return SaTifSourceConfigDto;
+    }
+}

src/main/java/org/opensearch/securityanalytics/threatIntel/action/SAIndexTIFSourceConfigRequest.java

@@ -78,6 +78,10 @@ public WriteRequest.RefreshPolicy getRefreshPolicy() {
         return refreshPolicy;
     }
 
+    public RestRequest.Method getMethod() {
+        return method;
+    }
+
     @Override
     public ActionRequestValidationException validate() {
         ActionRequestValidationException errors = new ActionRequestValidationException();

src/main/java/org/opensearch/securityanalytics/threatIntel/common/RefreshType.java

@@ -0,0 +1,15 @@
+/*
+ * Copyright OpenSearch Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package org.opensearch.securityanalytics.threatIntel.common;
+
+/**
+ * Refresh Types: Full
+ * TODO: Add other refresh types such as the delta
+ */
+public enum RefreshType {
+
+    FULL
+}