From c51ceeb97da75618f3ba74f48432b04c168655d6 Mon Sep 17 00:00:00 2001
From: rbowden-r7 <144030336+rbowden-r7@users.noreply.github.com>
Date: Wed, 3 Jan 2024 09:19:32 +0000
Subject: [PATCH] [PLGN-651] - Abnormal Security-Not parsing the timestamps
 provided by the user and just passing through the exact timestamp to the
 server (#2196)

* PLGN-651-Not parasing the timestamps provided by the user and just passing through the exact timestamp to the server

* PLGN-651-Not parasing the timestamps provided by the user and just passing through the exact timestamp to the server
---
 plugins/abnormal_security/.CHECKSUM            |  6 +++---
 .../bin/icon_abnormal_security                 |  2 +-
 plugins/abnormal_security/help.md              | 11 ++++++-----
 .../icon_abnormal_security/util/api.py         | 18 +++---------------
 plugins/abnormal_security/plugin.spec.yaml     | 11 ++++++++++-
 plugins/abnormal_security/setup.py             |  2 +-
 6 files changed, 24 insertions(+), 26 deletions(-)

diff --git a/plugins/abnormal_security/.CHECKSUM b/plugins/abnormal_security/.CHECKSUM
index eb2d6e43fe..30e8e135eb 100644
--- a/plugins/abnormal_security/.CHECKSUM
+++ b/plugins/abnormal_security/.CHECKSUM
@@ -1,7 +1,7 @@
 {
-	"spec": "af8befd40082941671f372d6e1e09674",
-	"manifest": "ca8ac5826495a084b292cebfb2bdf555",
-	"setup": "def6aa43e03c25df7d5fa3d36a1f8387",
+	"spec": "4466a331c3bbae9c1348cf7731663cec",
+	"manifest": "a0e1a881d85289d7af7e124b259fc21d",
+	"setup": "be1d36c398425feb179b65aa612a265b",
 	"schemas": [
 		{
 			"identifier": "get_case_details/schema.py",
diff --git a/plugins/abnormal_security/bin/icon_abnormal_security b/plugins/abnormal_security/bin/icon_abnormal_security
index 8adfb93205..9308696107 100755
--- a/plugins/abnormal_security/bin/icon_abnormal_security
+++ b/plugins/abnormal_security/bin/icon_abnormal_security
@@ -6,7 +6,7 @@ from sys import argv
 
 Name = "Abnormal Security"
 Vendor = "rapid7"
-Version = "2.0.0"
+Version = "2.0.1"
 Description = "Protect your Microsoft Office 365 and G-Suite environments with next-generation email security that uses the most advanced AI detection techniques to stop targeted phishing attacks"
 
 
diff --git a/plugins/abnormal_security/help.md b/plugins/abnormal_security/help.md
index 112692c884..ccb2ce3194 100644
--- a/plugins/abnormal_security/help.md
+++ b/plugins/abnormal_security/help.md
@@ -85,7 +85,7 @@ provided, it will return up to 100 latest results
 
 |Name|Type|Default|Required|Description|Enum|Example|
 | :--- | :--- | :--- | :--- | :--- | :--- | :--- |
-|filter_key|enum - lastModifiedTime - createdTime - customerVisableTime|lastModifiedTime|False|This input enables you to select what timestamp to filter on, default is lastModifiedTime|None|lastModifiedTime|
+|filter_key|string|lastModifiedTime|False|This input enables you to select what timestamp to filter on, default is lastModifiedTime|['lastModifiedTime', 'createdTime', 'customerVisableTime', '']|lastModifiedTime|
 |from_date|string|None|False|This input enables you to filter your results from a certain date, the date has to be in ISO 8601 format - YYYY-MM-DDTHH:MM:SSZ|None|2021-03-01 21:11:38+00:00|
 |to_date|string|None|False|This input enables you to filter your results to a certain date, the date has to be in ISO 8601 format - YYYY-MM-DDTHH:MM:SSZ|None|2021-03-11 21:11:38+00:00|
   
@@ -452,10 +452,11 @@ Example output:
 
 # Version History
 
-* 2.0.0 - Add support to select the time filter filed in `get_cases` action | bump SDK version
-* 1.3.0 - New logo and requirements update
-* 1.2.0 - New actions Manage Case and Manage Threat
-* 1.1.0 - New actions Get Cases and Get Case Details
+* 2.0.1 - To remove formatting of the fromTime or toTome values used in the `get_cases` and `get_threats` actions  
+* 2.0.0 - Add support to select the time filter filed in `get_cases` action | bump SDK version  
+* 1.3.0 - New logo and requirements update  
+* 1.2.0 - New actions Manage Case and Manage Threat  
+* 1.1.0 - New actions Get Cases and Get Case Details  
 * 1.0.0 - Initial plugin
 
 # Links
diff --git a/plugins/abnormal_security/icon_abnormal_security/util/api.py b/plugins/abnormal_security/icon_abnormal_security/util/api.py
index 3597784456..2ee096d02b 100644
--- a/plugins/abnormal_security/icon_abnormal_security/util/api.py
+++ b/plugins/abnormal_security/icon_abnormal_security/util/api.py
@@ -91,24 +91,12 @@ def generate_filter_params(self, from_date: str = None, to_date: str = None, fil
         if from_date or to_date:
             params = {"filter": filter_key}
             if from_date:
-                params["filter"] = params["filter"] + f" gte {self.parse_date(from_date)}"
+                params["filter"] = f"{params.get('filter', '')} gte {from_date}"
             if to_date:
-                params["filter"] = params["filter"] + f" lte {self.parse_date(to_date)}"
+                params["filter"] = f"{params.get('filter', '')} gte {to_date}"
+        self.logger.info(f"Paramters used for the api call - {params}")
         return params
 
-    @staticmethod
-    def parse_date(date: str) -> str:
-        try:
-            parsed_date = dateparser.parse(date)
-            if not parsed_date.tzinfo:
-                return parsed_date.isoformat() + "Z"
-            return parsed_date.isoformat()
-        except Exception:
-            raise PluginException(
-                cause=f"Date '{date}' is not a valid date.",
-                assistance="Please verify the date and try again.",
-            )
-
     @staticmethod
     def split_url(url: str) -> str:
         scheme, netloc, paths, queries, fragments = urlsplit(url.strip())  # pylint: disable=unused-variable
diff --git a/plugins/abnormal_security/plugin.spec.yaml b/plugins/abnormal_security/plugin.spec.yaml
index 1fb07d7100..9a081c1622 100644
--- a/plugins/abnormal_security/plugin.spec.yaml
+++ b/plugins/abnormal_security/plugin.spec.yaml
@@ -4,7 +4,7 @@ products: [insightconnect]
 name: abnormal_security
 title: Abnormal Security
 description: Protect your Microsoft Office 365 and G-Suite environments with next-generation email security that uses the most advanced AI detection techniques to stop targeted phishing attacks
-version: 2.0.0
+version: 2.0.1
 supported_versions: ["abnormal-security API abx v1.4.2"]
 vendor: rapid7
 support: rapid7
@@ -19,6 +19,15 @@ resources:
   license_url: https://github.com/rapid7/insightconnect-plugins/blob/master/LICENSE
   vendor_url: https://abnormalsecurity.com/
 enable_cache: true
+version_history:
+  - '2.0.1 - To remove formatting of the fromTime or toTome values used in the `get_cases` and `get_threats` actions'
+  - '2.0.0 - Add support to select the time filter filed in `get_cases` action | bump SDK version'
+  - '1.3.0 - New logo and requirements update'
+  - '1.2.0 - New actions Manage Case and Manage Threat'
+  - '1.1.0 - New actions Get Cases and Get Case Details'
+  - '1.0.0 - Initial plugin'
+references:
+  - '[Abnormal Security](https://abnormalsecurity.com/)'
 types:
   threat:
     threatId:
diff --git a/plugins/abnormal_security/setup.py b/plugins/abnormal_security/setup.py
index 90d62565f0..6336d66d34 100755
--- a/plugins/abnormal_security/setup.py
+++ b/plugins/abnormal_security/setup.py
@@ -3,7 +3,7 @@
 
 
 setup(name="abnormal_security-rapid7-plugin",
-      version="2.0.0",
+      version="2.0.1",
       description="Protect your Microsoft Office 365 and G-Suite environments with next-generation email security that uses the most advanced AI detection techniques to stop targeted phishing attacks",
       author="rapid7",
       author_email="",