From d1d9df28325327076612a27de26fabce2137c57a Mon Sep 17 00:00:00 2001
From: Manabu Niseki <manabu.niseki@gmail.com>
Date: Thu, 19 Dec 2019 23:52:08 +0900
Subject: [PATCH] Update EmailRep analyzer

Catch up the latest API response schema
---
 analyzers/EmailRep/emailrep_analyzer.py  | 20 ++++++++++----------
 thehive-templates/EmailRep_1_0/long.html | 14 +++++++++-----
 2 files changed, 19 insertions(+), 15 deletions(-)

diff --git a/analyzers/EmailRep/emailrep_analyzer.py b/analyzers/EmailRep/emailrep_analyzer.py
index 3d4db21..317505a 100755
--- a/analyzers/EmailRep/emailrep_analyzer.py
+++ b/analyzers/EmailRep/emailrep_analyzer.py
@@ -14,17 +14,17 @@ class EmailRepAnalyzer(Analyzer):
         level = "info"
         namespace = "EmailRep"
 
-        score = raw.get("score")
-        if score is not None:
-            score = int(score)
-            if score < 50:
-                level = "suspicious"
-            else:
-                level = "safe"
+        suspicious = raw.get("suspicious", False)
+        if suspicious:
+            level = "suspicious"
+        else:
+            level = "safe"
 
-            taxonomies.append(
-                self.build_taxonomy(level, namespace, "Reputation", score)
-            )
+        references = raw.get("references", 0)
+
+        taxonomies.append(
+            self.build_taxonomy(level, namespace, "References", references)
+        )
 
         return {"taxonomies": taxonomies}
 
diff --git a/thehive-templates/EmailRep_1_0/long.html b/thehive-templates/EmailRep_1_0/long.html
index e50bf2d..4806bf3 100644
--- a/thehive-templates/EmailRep_1_0/long.html
+++ b/thehive-templates/EmailRep_1_0/long.html
@@ -1,4 +1,4 @@
-<div class="report" ng-if="success">
+<div class="report-SecurityTrails" ng-if="success">
   <div class="panel panel-info">
     <div class="panel-heading">
       emailrep.io lookup ({{ content.mail || "-" }})
@@ -9,17 +9,21 @@
       </div>
       <div ng-if="(content | json) !== '{}'">
         <dl class=" dl-horizontal">
-          <dt>Score:</dt>
-          <dd class="wrap">{{ content.score || "-" }}</dd>
+          <dt>Reputation:</dt>
+          <dd class="wrap">{{ content.reputation || "-" }}</dd>
+        </dl>
+        <dl class=" dl-horizontal">
+          <dt>Suspicious:</dt>
+          <dd class="wrap">{{ content.suspicious || "-" }}</dd>
         </dl>
         <dl class="dl-horizontal">
           <dt>References:</dt>
           <dd class="wrap">{{ content.references || "-" }}</dd>
         </dl>
-        <dl class="dl-horizontal" ng-if="content.profiles.length !== 0">
+        <dl class="dl-horizontal" ng-if="content.details.profiles.length !== 0">
           <dt>Profiles:</dt>
           <dd class="wrap">
-            <ul ng-repeat="profile in content.profiles">
+            <ul ng-repeat="profile in content.details.profiles">
               <li>{{ profile }}</li>
             </ul>
           </dd>