anti/DECNET
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c5cbe084cbcaabc7616cd7ae06ef8e13a337fb38
DECNET/decnet/web/router/ttp/api_get_by_session.py
anti 89ce893792 feat(ttp): E.3.4 API handlers wired to repo (rollups + Navigator) 
Five GET rollup endpoints (techniques, by-identity, by-attacker,
by-campaign, by-session) and the Navigator export (fleet +
per-identity) now call into the TTPMixin methods. Rule catalogue
endpoint still returns [] — backed by the RuleStore which lands
at E.3.5/E.3.6.
2026-05-01 08:06:53 -04:00

32 lines
950 B
Python
Raw Blame History

"""GET /api/v1/ttp/by-session/{session_id} — session timeline of TTP tags."""
from __future__ import annotations
from typing import Any
from fastapi import APIRouter, Depends
from decnet.telemetry import traced as _traced
from decnet.web.db.models import IdentityTechniqueRow
from decnet.web.dependencies import repo, require_viewer
router = APIRouter()
@router.get(
"/ttp/by-session/{session_id}",
tags=["TTP Tagging"],
response_model=list[IdentityTechniqueRow],
responses={
401: {"description": "Could not validate credentials"},
403: {"description": "Insufficient permissions"},
404: {"description": "Session not found"},
},
)
@_traced("api.ttp.by_session")
async def api_ttp_by_session(
session_id: str,
user: dict[str, Any] = Depends(require_viewer),
) -> list[IdentityTechniqueRow]:
"""Per-session TTP tag timeline."""
return await repo.list_techniques_by_session(session_id)
Reference in New Issue View Git Blame Copy Permalink