Changed cache names to datastore. Retaining functions for backwards compatibility

Author: frikky

shuffle-tools/1.2.0/api.yaml

@@ -61,41 +61,7 @@ actions:
         schema:
           type: string
 
-  - name: check_cache_contains 
-    description: Checks Shuffle cache whether a user-provided key contains a value. Returns ALL the values previously appended.
-    parameters:
-      - name: key
-        description: The key to get
-        required: true
-        multiline: false
-        example: "alert_ids"
-        schema:
-          type: string
-      - name: value 
-        description: The value to check for and append if applicable
-        required: true
-        multiline: false
-        example: "1208301599081"
-        schema:
-          type: string
-      - name: append 
-        description: Whether to auto-append the value if it doesn't exist in the cache
-        required: true
-        options:
-          - true
-          - false 
-        multiline: false
-        example: "timestamp"
-        schema:
-          type: string
-      - name: category 
-        description: The category to get the value from. Not required.
-        required: false 
-        multiline: false
-        example: "tickets"
-        schema:
-          type: string
-  - name: get_cache_value
+  - name: get_datastore_value
     description: Get a value saved to your organization in Shuffle
     parameters:
       - name: key
@@ -115,7 +81,7 @@ actions:
     returns:
       schema:
         type: string
-  - name: set_cache_value
+  - name: set_datastore_value
     description: Set a value to be saved to your organization in Shuffle.
     parameters:
       - name: key
@@ -142,7 +108,8 @@ actions:
     returns:
       schema:
         type: string
-  - name: delete_cache_value
+
+  - name: delete_datastore_value
     description: Delete a value saved to your organization in Shuffle
     parameters:
       - name: key
@@ -569,6 +536,13 @@ actions:
         example: "EventID,username\n4137,frikky"
         schema:
           type: string 
+      - name: category
+        description: The category the file belongs to 
+        required: false
+        multiline: false 
+        example: "yara-rules"
+        schema:
+          type: string 
   - name: download_remote_file
     description: Downloads a file from a URL
     parameters:
@@ -1269,6 +1243,143 @@ actions:
     returns:
       schema:
         type: string
+
+  - name: check_datastore_contains 
+    description: We recommend "Search datastore category" instead. Checks Shuffle datastore whether a user-provided key contains a value. Returns ALL the values previously appended. 
+    parameters:
+      - name: key
+        description: The key to get
+        required: true
+        multiline: false
+        example: "alert_ids"
+        schema:
+          type: string
+      - name: value 
+        description: The value to check for and append if applicable
+        required: true
+        multiline: false
+        example: "1208301599081"
+        schema:
+          type: string
+      - name: append 
+        description: Whether to auto-append the value if it doesn't exist in the cache
+        required: true
+        options:
+          - true
+          - false 
+        multiline: false
+        example: "timestamp"
+        schema:
+          type: string
+      - name: category 
+        description: The category to get the value from. Not required.
+        required: false 
+        multiline: false
+        example: "tickets"
+        schema:
+          type: string 
+  - name: get_cache_value
+    description: Get a value saved to your organization in Shuffle. Deprecated for "get_datastore_value"
+    parameters:
+      - name: key
+        description: The key to get
+        required: true
+        multiline: false
+        example: "timestamp"
+        schema:
+          type: string
+      - name: category 
+        description: The category to get the value from. Not required.
+        required: false 
+        multiline: false
+        example: "tickets"
+        schema:
+          type: string
+    returns:
+      schema:
+        type: string
+  - name: delete_cache_value
+    description: Delete a value saved to your organization in Shuffle. Deprecated for "delete_datastore_value"
+    parameters:
+      - name: key
+        description: The key to delete 
+        required: true
+        multiline: false
+        example: "timestamp"
+        schema:
+          type: string
+      - name: category 
+        description: The category to get the value from. Not required.
+        required: false 
+        multiline: false
+        example: "tickets"
+        schema:
+          type: string
+    returns:
+      schema:
+        type: string
+
+  - name: set_cache_value
+    description: Set a value to be saved to your organization in Shuffle. Deprecated for "set_datastore_value"
+    parameters:
+      - name: key
+        description: The key to set the value for
+        required: true
+        multiline: false
+        example: "timestamp"
+        schema:
+          type: string
+      - name: value
+        description: The value to set
+        required: true
+        multiline: true
+        example: "1621959545"
+        schema:
+          type: string
+      - name: category 
+        description: The category to get the value from. Not required.
+        required: false 
+        multiline: false
+        example: "tickets"
+        schema:
+          type: string
+    returns:
+      schema:
+        type: string
+  - name: check_cache_contains 
+    description: Checks Shuffle cache whether a user-provided key contains a value. Returns ALL the values previously appended. Deprecated for "check datastore contains"
+    parameters:
+      - name: key
+        description: The key to get
+        required: true
+        multiline: false
+        example: "alert_ids"
+        schema:
+          type: string
+      - name: value 
+        description: The value to check for and append if applicable
+        required: true
+        multiline: false
+        example: "1208301599081"
+        schema:
+          type: string
+      - name: append 
+        description: Whether to auto-append the value if it doesn't exist in the cache
+        required: true
+        options:
+          - true
+          - false 
+        multiline: false
+        example: "timestamp"
+        schema:
+          type: string
+      - name: category 
+        description: The category to get the value from. Not required.
+        required: false 
+        multiline: false
+        example: "tickets"
+        schema:
+          type: string
     #- name: parse_ioc_new 
     #  description: Parse IOC's based on https://github.com/fhightower/ioc-finder
     #  parameters:

shuffle-tools/1.2.0/src/app.py

@@ -1125,7 +1125,7 @@ def delete_file(self, file_id):
         )
         return ret.text
 
-    def create_file(self, filename, data):
+    def create_file(self, filename, data, category=""):
         try:
             if str(data).startswith("b'") and str(data).endswith("'"):
                 data = data[2:-1]
@@ -1144,6 +1144,7 @@ def create_file(self, filename, data):
         filedata = {
             "filename": filename,
             "data": data,
+            "namespace": category,
         }
 
         fileret = self.set_files([filedata])
@@ -1158,8 +1159,9 @@ def list_file_category_ids(self, file_category):
         return self.get_file_category_ids(file_category)
 
     # Input is WAS a file, hence it didn't get the files 
-    def get_file_value(self, filedata):
-        filedata = self.get_file(filedata)
+    # Category doesn't matter as it uses file ID, which is unique anyway
+    def get_file_value(self, filedata, category=""):
+        filedata = self.get_file(filedata, category)
         if filedata is None:
             return {
                 "success": False,
@@ -1190,7 +1192,7 @@ def get_file_value(self, filedata):
                             "size": len(filedata["data"]),
                         }
 
-    def download_remote_file(self, url, custom_filename=""):
+    def download_remote_file(self, url, custom_filename="", category=""):
         ret = requests.get(url, verify=False)  # nosec
         filename = url.split("/")[-1]
         if "?" in filename:
@@ -1204,6 +1206,7 @@ def download_remote_file(self, url, custom_filename=""):
                 {
                     "filename": filename,
                     "data": ret.content,
+                    "namespace": category,
                 }
             ]
         )
@@ -1827,6 +1830,9 @@ def escape_html(self, input_data):
         result = markupsafe.escape(mapping)
         return mapping
 
+    def check_datastore_contains(self, key, value, append, category=""):
+        return check_cache_contains(self, key, value, append, category)
+
     def check_cache_contains(self, key, value, append, category=""):
         org_id = self.full_execution["workflow"]["execution_org"]["id"]
         url = "%s/api/v1/orgs/%s/get_cache" % (self.url, org_id)