diff --git a/thehive/app/org/thp/thehive/controllers/v0/AlertCtrl.scala b/thehive/app/org/thp/thehive/controllers/v0/AlertCtrl.scala index c368613377..20269b22a8 100644 --- a/thehive/app/org/thp/thehive/controllers/v0/AlertCtrl.scala +++ b/thehive/app/org/thp/thehive/controllers/v0/AlertCtrl.scala @@ -212,6 +212,24 @@ class AlertCtrl @Inject() ( } yield Results.NoContent } + def bulkDelete: Action[AnyContent] = + entrypoint("bulk delete alerts") + .extract("ids", FieldsParser.string.sequence.on("ids")) + .authTransaction(db) { implicit request => implicit graph => + val ids: Seq[String] = request.body("ids") + ids + .toTry { alertId => + for { + alert <- alertSrv + .get(alertId) + .can(Permissions.manageAlert) + .getOrFail() + _ <- alertSrv.cascadeRemove(alert) + } yield () + } + .map(_ => Results.NoContent) + } + def mergeWithCase(alertId: String, caseId: String): Action[AnyContent] = entrypoint("merge alert with case") .authTransaction(db) { implicit request => implicit graph => diff --git a/thehive/app/org/thp/thehive/controllers/v0/Router.scala b/thehive/app/org/thp/thehive/controllers/v0/Router.scala index 0ec6ddec9b..a9866af453 100644 --- a/thehive/app/org/thp/thehive/controllers/v0/Router.scala +++ b/thehive/app/org/thp/thehive/controllers/v0/Router.scala @@ -152,6 +152,7 @@ class Router @Inject() ( case POST(p"/alert/$alertId/createCase") => alertCtrl.createCase(alertId) // Audit ok case POST(p"/alert/_search") => queryExecutor.alert.search // PATCH /alert/_bulk controllers.AlertCtrl.bulkUpdate + case POST(p"/alert/delete/_bulk") => alertCtrl.bulkDelete case POST(p"/alert/_stats") => queryExecutor.alert.stats case DELETE(p"/alert/$alertId") => alertCtrl.delete(alertId) // Audit ok case POST(p"/alert/$alertId/merge/$caseId") => alertCtrl.mergeWithCase(alertId, caseId) // Audit ok