From 6040eefbb1bf53e167fc6497f74b31481dff57f2 Mon Sep 17 00:00:00 2001 From: Ark2307 Date: Fri, 31 May 2024 16:18:36 +0530 Subject: [PATCH 1/9] added wrap in severity for results --- .../src/apps/dashboard/components/tables/cells/GithubCell.js | 4 ++-- .../web/src/apps/dashboard/pages/settings/about/About.jsx | 2 +- .../pages/testing/TestRunResultPage/TestRunResultFull.jsx | 1 + 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/components/tables/cells/GithubCell.js b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/components/tables/cells/GithubCell.js index 29a4ed5687..8f58fd7aa1 100644 --- a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/components/tables/cells/GithubCell.js +++ b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/components/tables/cells/GithubCell.js @@ -14,7 +14,7 @@ import TooltipText from '../../shared/TooltipText'; function GithubCell(props){ - const {data, headers, getStatus, width, nameWidth, isBadgeClickable, badgeClicked} = props + const {data, headers, getStatus, width, nameWidth, isBadgeClickable, badgeClicked, divWrap} = props return ( { @@ -40,7 +40,7 @@ function GithubCell(props){ }) } - + { headers?.filter((header) => { return header.itemOrder == 1 diff --git a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/settings/about/About.jsx b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/settings/about/About.jsx index dd926bc7be..625b890570 100644 --- a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/settings/about/About.jsx +++ b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/settings/about/About.jsx @@ -1,4 +1,4 @@ -import { Box, Button, ButtonGroup, Divider, LegacyCard, Page, Text, VerticalStack, HorizontalGrid, HorizontalStack, Icon, Scrollable, TextField, Tooltip, Tag, Form } from '@shopify/polaris' +import { Box, Button, ButtonGroup, Divider, LegacyCard, Text, VerticalStack, HorizontalGrid, HorizontalStack, Icon, Scrollable, TextField, Tooltip, Tag, Form } from '@shopify/polaris' import React, { useEffect, useState } from 'react' import settingFunctions from '../module' import Dropdown from '../../../components/layouts/Dropdown' diff --git a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/TestRunResultPage/TestRunResultFull.jsx b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/TestRunResultPage/TestRunResultFull.jsx index 5def44d6fb..311e68c5e7 100644 --- a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/TestRunResultPage/TestRunResultFull.jsx +++ b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/TestRunResultPage/TestRunResultFull.jsx @@ -123,6 +123,7 @@ function TestRunResultFull(props) { data={selectedTestRunResult} headers={headerDetails} getStatus={func.getTestResultStatus} + divWrap={true} /> } divider= {true} From 3aad792e08b65a7e2554b9db0cfab28d10d33dc1 Mon Sep 17 00:00:00 2001 From: Ark2307 Date: Wed, 5 Jun 2024 10:18:46 +0530 Subject: [PATCH 2/9] initial phase completed --- .../test_editor/SaveTestEditorAction.java | 5 ++ .../akto/action/testing/StartTestAction.java | 7 +++ apps/dashboard/src/main/resources/struts.xml | 3 + .../components/tables/GithubServerTable.js | 2 +- .../components/tables/GithubSimpleTable.js | 1 + .../SingleTestRunPage/SingleTestRunPage.js | 49 ++++++++++++++-- .../apps/dashboard/pages/testing/transform.js | 37 ++++++++++-- .../java/com/akto/rules/RequiredConfigs.java | 42 ++++++++++++++ .../main/java/com/akto/test_editor/Utils.java | 8 +++ .../java/com/akto/testing/TestExecutor.java | 2 +- .../yaml_tests/SecurityTestTemplate.java | 23 +++++--- .../testing/yaml_tests/YamlTestTemplate.java | 56 +++++++++++++++++++ .../java/com/akto/dto/testing/TestResult.java | 3 +- 13 files changed, 217 insertions(+), 21 deletions(-) create mode 100644 apps/testing/src/main/java/com/akto/rules/RequiredConfigs.java diff --git a/apps/dashboard/src/main/java/com/akto/action/test_editor/SaveTestEditorAction.java b/apps/dashboard/src/main/java/com/akto/action/test_editor/SaveTestEditorAction.java index 05505b3db5..aa2292b61b 100644 --- a/apps/dashboard/src/main/java/com/akto/action/test_editor/SaveTestEditorAction.java +++ b/apps/dashboard/src/main/java/com/akto/action/test_editor/SaveTestEditorAction.java @@ -39,6 +39,7 @@ import com.akto.listener.InitializerListener; import com.akto.log.LoggerMaker; import com.akto.log.LoggerMaker.LogDb; +import com.akto.rules.RequiredConfigs; import com.akto.store.SampleMessageStore; import com.akto.store.TestingUtil; import com.akto.test_editor.execution.VariableResolver; @@ -293,6 +294,9 @@ public String runTestForGivenTemplate() { return ERROR.toUpperCase(); } + // initiating map creation for storing required + RequiredConfigs.initiate(); + ApiInfo.ApiInfoKey infoKey = new ApiInfo.ApiInfoKey(apiInfoKey.getInt(ApiInfo.ApiInfoKey.API_COLLECTION_ID), apiInfoKey.getString(ApiInfo.ApiInfoKey.URL), URLMethods.Method.valueOf(apiInfoKey.getString(ApiInfo.ApiInfoKey.METHOD))); @@ -324,6 +328,7 @@ public String runTestForGivenTemplate() { TestingUtil testingUtil = new TestingUtil(authMechanism, messageStore, null, null, customAuthTypes); List testLogs = new ArrayList<>(); int lastSampleIndex = sampleDataList.get(0).getSamples().size() - 1; + testingRunResult = executor.runTestNew(infoKey, null, testingUtil, null, testConfig, null, true, testLogs); if (testingRunResult == null) { testingRunResult = new TestingRunResult( diff --git a/apps/dashboard/src/main/java/com/akto/action/testing/StartTestAction.java b/apps/dashboard/src/main/java/com/akto/action/testing/StartTestAction.java index e3829f821e..1a82758f37 100644 --- a/apps/dashboard/src/main/java/com/akto/action/testing/StartTestAction.java +++ b/apps/dashboard/src/main/java/com/akto/action/testing/StartTestAction.java @@ -26,6 +26,7 @@ import com.akto.dto.testing.sources.TestSourceConfig; import com.akto.log.LoggerMaker; import com.akto.log.LoggerMaker.LogDb; +import com.akto.rules.RequiredConfigs; import com.akto.util.Constants; import com.akto.util.enums.GlobalEnums.TestErrorSource; import com.akto.utils.DeleteTestRunUtils; @@ -234,6 +235,7 @@ public String startTest() { } + RequiredConfigs.initiate(); this.startTimestamp = 0; this.endTimestamp = 0; this.retrieveAllCollectionTests(); @@ -528,6 +530,11 @@ public String fetchTestingRunResults() { case SECURED: testingRunResultFilters.add(Filters.eq(TestingRunResult.VULNERABLE, false)); testingRunResultFilters.add(Filters.nin(TestingRunResultDao.ERRORS_KEY, TestResult.TestError.getErrorsToSkipTests())); + testingRunResultFilters.add(Filters.regex(TestingRunResultDao.ERRORS_KEY,TestResult.TestError.ROLE_NOT_FOUND.toString())); + break; + case SKIPPED_EXEC_NEED_CONFIG: + testingRunResultFilters.add(Filters.eq(TestingRunResult.VULNERABLE, false)); + testingRunResultFilters.add(Filters.not(Filters.regex(TestingRunResultDao.ERRORS_KEY,TestResult.TestError.ROLE_NOT_FOUND.toString()))); break; } } diff --git a/apps/dashboard/src/main/resources/struts.xml b/apps/dashboard/src/main/resources/struts.xml index 73186271b8..c7f3d32ffc 100644 --- a/apps/dashboard/src/main/resources/struts.xml +++ b/apps/dashboard/src/main/resources/struts.xml @@ -1545,6 +1545,9 @@ API_DATA_REDACTION + + ADMIN + 401 diff --git a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/components/tables/GithubServerTable.js b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/components/tables/GithubServerTable.js index f8520f7086..ed21fcb5b0 100644 --- a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/components/tables/GithubServerTable.js +++ b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/components/tables/GithubServerTable.js @@ -25,7 +25,6 @@ import { useSearchParams } from 'react-router-dom'; function GithubServerTable(props) { const [searchParams, setSearchParams] = useSearchParams(); - const updateQueryParams = (key, value) => { const newSearchParams = new URLSearchParams(searchParams); newSearchParams.set(key, value); @@ -340,6 +339,7 @@ function GithubServerTable(props) { selected={props?.selected} onSelect={(x) => handleTabChange(x)} /> + {props?.bannerComp?.selected === props?.selected ? props?.bannerComp?.comp : null}
} diff --git a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/SingleTestRunPage/SingleTestRunPage.js b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/SingleTestRunPage/SingleTestRunPage.js index cc5abcf9e6..51f85373b8 100644 --- a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/SingleTestRunPage/SingleTestRunPage.js +++ b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/SingleTestRunPage/SingleTestRunPage.js @@ -14,7 +14,8 @@ import { ActionList, Card, ProgressBar, - Tooltip + Tooltip, + Banner } from '@shopify/polaris'; import { @@ -101,14 +102,14 @@ let filters = [ function SingleTestRunPage() { - const [testRunResults, setTestRunResults] = useState({ vulnerable: [], no_vulnerability_found: [], skipped: [] }) - const [testRunResultsText, setTestRunResultsText] = useState({ vulnerable: [], no_vulnerability_found: [], skipped: [] }) + const [testRunResults, setTestRunResults] = useState({ vulnerable: [], no_vulnerability_found: [], skipped: [], need_configurations: [] }) + const [testRunResultsText, setTestRunResultsText] = useState({ vulnerable: [], no_vulnerability_found: [], skipped: [], need_configurations: [] }) const [ selectedTestRun, setSelectedTestRun ] = useState({}); const subCategoryFromSourceConfigMap = PersistStore(state => state.subCategoryFromSourceConfigMap); const subCategoryMap = PersistStore(state => state.subCategoryMap); const params= useParams() const [loading, setLoading] = useState(false); - const [tempLoading , setTempLoading] = useState({vulnerable: false, no_vulnerability_found: false, skipped: false, running: false}) + const [tempLoading , setTempLoading] = useState({vulnerable: false, no_vulnerability_found: false, skipped: false, running: false,need_configurations:false}) const [selectedTab, setSelectedTab] = useState("vulnerable") const [selected, setSelected] = useState(0) const [workflowTest, setWorkflowTest ] = useState(false); @@ -120,6 +121,7 @@ function SingleTestRunPage() { testsInsertedInDb: 0, testingRunId: -1 }) + const [missingConfigs, setMissingConfigs] = useState([]) const refreshId = useRef(null); const hexId = params.hexId; @@ -166,6 +168,7 @@ function SingleTestRunPage() { prev.vulnerable = true; prev.no_vulnerability_found = true; prev.skipped = true; + prev.need_configurations = true return {...prev}; }); let testRunResults = []; @@ -183,6 +186,15 @@ function SingleTestRunPage() { fillTempData(testRunResults, 'skipped') fillData(transform.getPrettifiedTestRunResults(testRunResults), 'skipped') + await api.fetchTestingRunResults(summaryHexId, "SKIPPED_EXEC_NEED_CONFIG").then(({ testingRunResults }) => { + testRunResults = transform.prepareTestRunResults(hexId, testingRunResults, subCategoryMap, subCategoryFromSourceConfigMap) + }) + fillTempData(testRunResults, 'need_configurations') + fillData(transform.getPrettifiedTestRunResults(testRunResults), 'need_configurations') + if(testRunResults.length > 0){ + setMissingConfigs(transform.getMissingConfigs(testRunResults)) + } + await api.fetchTestingRunResults(summaryHexId, "SECURED").then(({ testingRunResults }) => { testRunResults = transform.prepareTestRunResults(hexId, testingRunResults, subCategoryMap, subCategoryFromSourceConfigMap) }) @@ -287,7 +299,27 @@ const promotedBulkActions = (selectedDataHexIds) => { } } - const definedTableTabs = ['Vulnerable', 'Skipped', 'No vulnerability found'] + const bannerComp = ( + missingConfigs.length > 0 ? + + + + + {`${missingConfigs.length} configurations missing: `} + + + + {missingConfigs.map((config) => { + return( + {config} + ) + })} + + + : null + ) + + const definedTableTabs = ['Vulnerable', 'Need configurations','Skipped', 'No vulnerability found'] const { tabsInfo } = useTable() const tableCountObj = func.getTabsCount(definedTableTabs, testRunResults) @@ -325,6 +357,11 @@ const promotedBulkActions = (selectedDataHexIds) => { tableTabs={tableTabs} onSelect={handleSelectedTab} filterStateUrl={"/dashboard/testing/" + selectedTestRun?.id + "/#" + selectedTab} + bannerComp={{ + "comp": bannerComp, + "selected": 1 + } + } /> ) @@ -408,7 +445,7 @@ const promotedBulkActions = (selectedDataHexIds) => { ) } - const allResultsLength = testRunResults.skipped.length + testRunResults.no_vulnerability_found.length + testRunResults.vulnerable.length + progress + const allResultsLength = testRunResults.skipped.length + testRunResults.need_configurations.length + testRunResults.no_vulnerability_found.length + testRunResults.vulnerable.length + progress const useComponents = (!workflowTest && allResultsLength === 0) ? [] : components const headingComp = ( diff --git a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/transform.js b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/transform.js index 41fb32a125..a984d8a1d9 100644 --- a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/transform.js +++ b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/transform.js @@ -10,7 +10,7 @@ import {ResourcesMajor, ReplayMinor, PlayMinor, } from '@shopify/polaris-icons'; -import React, { } from 'react' +import React from 'react' import { Text,HorizontalStack, Badge, Link, List, Box, Icon, Avatar, Tag, Tooltip} from '@shopify/polaris'; import { history } from "@/util/history"; import PersistStore from "../../../main/PersistStore"; @@ -749,7 +749,7 @@ getCollapsibleRow(urls, severity){ getTestErrorType(message){ const errorsObject = TestingStore.getState().errorsObject for(var key in errorsObject){ - if(errorsObject[key] === message){ + if(errorsObject[key] === message || message.includes(errorsObject[key])){ return key } } @@ -765,7 +765,15 @@ getPrettifiedTestRunResults(testRunResults){ if(test?.errorsList.length > 0){ const errorType = this.getTestErrorType(test.errorsList[0]) key = key + ': ' + errorType - error_message = errorsObject[errorType] + if(errorType === "ROLE_NOT_FOUND"){ + error_message = ( + + {func.toSentenceCase(test.errorsList[0].split(errorsObject["ROLE_NOT_FOUND"])[0])} + + ) + }else{ + error_message = errorsObject[errorType] + } } if(testRunResultsObj.hasOwnProperty(key)){ @@ -991,12 +999,31 @@ getHeaders: (tab)=> { return header; }) + case "need_configurations": + return headers.filter((header) => header.title !== "CWE tags").map((header) => { + if (header.title === "Severity") { + // Modify the object as needed + return { type: CellType.TEXT, title: "Configuration missing", value: 'errorMessage' }; + } + return header; + }) + default: return headers } }, -convertErrorEnumsToErrorObjects(errorEnums){ - console.log(errorEnums) +getMissingConfigs(testResults){ + const errorsObject = TestingStore.getState().errorsObject + if(Object.keys(errorsObject).length === 0){ + return [] + } + const configsSet = new Set(); + testResults.forEach((res) => { + const config = res?.errorsList.length > 0 ? func.toSentenceCase(res.errorsList[0].split(errorsObject["ROLE_NOT_FOUND"])[0]) : "" + configsSet.add(config) + }) + + return [...configsSet] } } diff --git a/apps/testing/src/main/java/com/akto/rules/RequiredConfigs.java b/apps/testing/src/main/java/com/akto/rules/RequiredConfigs.java new file mode 100644 index 0000000000..e0ceb98f1d --- /dev/null +++ b/apps/testing/src/main/java/com/akto/rules/RequiredConfigs.java @@ -0,0 +1,42 @@ +package com.akto.rules; + +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import com.akto.dao.testing.TestRolesDao; +import com.akto.dto.testing.TestRoles; +import com.mongodb.client.model.Filters; +import com.mongodb.client.model.Projections; + +public class RequiredConfigs { + + private static final RequiredConfigs requiredConfigs = new RequiredConfigs(); + + public static RequiredConfigs getRequiredConfigs() { + return requiredConfigs; + } + + private static List testRolesList = TestRolesDao.instance.findAll( + Filters.empty(), + Projections.fields( + Projections.include(TestRoles.NAME, TestRoles.AUTH_WITH_COND_LIST) + ) + ); + + private static final Map validRolesExist = new HashMap<>(); + + public static void initiate () { + validRolesExist.clear(); + for(TestRoles role: testRolesList){ + if(role.getAuthWithCondList() != null && role.getAuthWithCondList().size() > 0){ + validRolesExist.put(role.getName(), true); + } + } + } + + public static Map getCurrentConfigsMap(){ + return validRolesExist; + } + +} diff --git a/apps/testing/src/main/java/com/akto/test_editor/Utils.java b/apps/testing/src/main/java/com/akto/test_editor/Utils.java index 1135ee5483..f22c6a5eb0 100644 --- a/apps/testing/src/main/java/com/akto/test_editor/Utils.java +++ b/apps/testing/src/main/java/com/akto/test_editor/Utils.java @@ -840,4 +840,12 @@ public static ApiAccessType getApiAccessTypeFromString(String apiAccessType){ } } + public static Boolean commandRequiresConfig(String key){ + String ACCESS_ROLES_CONTEXT = "roles_access_context"; + if (key.contains(ACCESS_ROLES_CONTEXT) || key.equals("replace_auth_header")) { + return true; + } + return false; + } + } diff --git a/apps/testing/src/main/java/com/akto/testing/TestExecutor.java b/apps/testing/src/main/java/com/akto/testing/TestExecutor.java index ad3bc270fe..05887e8f18 100644 --- a/apps/testing/src/main/java/com/akto/testing/TestExecutor.java +++ b/apps/testing/src/main/java/com/akto/testing/TestExecutor.java @@ -287,7 +287,7 @@ public static void updateTestSummary(ObjectId summaryId){ Map totalCountIssues = testingRunResultSummary.getCountIssues(); loggerMaker.infoAndAddToDb("Finished updating TestingRunResultSummariesDao", LogDb.TESTING); - if(totalCountIssues.get(Severity.HIGH.toString()) > 0){ + if(totalCountIssues.getOrDefault(Severity.HIGH.toString(), 0) > 0){ ActivitiesDao.instance.insertActivity("High Vulnerability detected", totalCountIssues.get(Severity.HIGH.toString()) + " HIGH vulnerabilites detected"); } } diff --git a/apps/testing/src/main/java/com/akto/testing/yaml_tests/SecurityTestTemplate.java b/apps/testing/src/main/java/com/akto/testing/yaml_tests/SecurityTestTemplate.java index 9027116dbf..50042c64d0 100644 --- a/apps/testing/src/main/java/com/akto/testing/yaml_tests/SecurityTestTemplate.java +++ b/apps/testing/src/main/java/com/akto/testing/yaml_tests/SecurityTestTemplate.java @@ -48,8 +48,16 @@ public SecurityTestTemplate(ApiInfo.ApiInfoKey apiInfoKey, FilterNode filterNode this.strategy = strategy; } + private YamlTestResult getResultWithError(String errorMessage){ + List testResults = new ArrayList<>(); + testResults.add(new TestResult(null, rawApi.getOriginalMessage(), Collections.singletonList(errorMessage), 0, false, TestResult.Confidence.HIGH, null)); + return new YamlTestResult(testResults, null); + } + public abstract boolean filter(); + public abstract String requireConfig(); + public abstract boolean checkAuthBeforeExecution(boolean debug, List testLogs); public abstract YamlTestResult executor(boolean debug, List testLogs); @@ -57,18 +65,19 @@ public SecurityTestTemplate(ApiInfo.ApiInfoKey apiInfoKey, FilterNode filterNode public abstract void triggerMetaInstructions(Strategy strategy, YamlTestResult attempts); public YamlTestResult run(boolean debug, List testLogs) { - + + String missingConfig = requireConfig(); + if(missingConfig != null){ + return getResultWithError(missingConfig + " " + ROLE_NOT_FOUND.getMessage()); + } + boolean valid = filter(); if (!valid) { - List testResults = new ArrayList<>(); - testResults.add(new TestResult(null, rawApi.getOriginalMessage(), Collections.singletonList(SKIPPING_EXECUTION_BECAUSE_FILTERS.getMessage()), 0, false, TestResult.Confidence.HIGH, null)); - return new YamlTestResult(testResults, null); + return getResultWithError(SKIPPING_EXECUTION_BECAUSE_FILTERS.getMessage()); } valid = checkAuthBeforeExecution(debug, testLogs); if (!valid) { - List testResults = new ArrayList<>(); - testResults.add(new TestResult(null, rawApi.getOriginalMessage(), Collections.singletonList(SKIPPING_EXECUTION_BECAUSE_AUTH.getMessage()), 0, false, TestResult.Confidence.HIGH, null)); - return new YamlTestResult(testResults, null); + return getResultWithError(SKIPPING_EXECUTION_BECAUSE_AUTH.getMessage()); } YamlTestResult attempts = executor(debug, testLogs); if(attempts == null || attempts.getTestResults().isEmpty()){ diff --git a/apps/testing/src/main/java/com/akto/testing/yaml_tests/YamlTestTemplate.java b/apps/testing/src/main/java/com/akto/testing/yaml_tests/YamlTestTemplate.java index 1674328e6b..c85d5a1dbb 100644 --- a/apps/testing/src/main/java/com/akto/testing/yaml_tests/YamlTestTemplate.java +++ b/apps/testing/src/main/java/com/akto/testing/yaml_tests/YamlTestTemplate.java @@ -1,5 +1,6 @@ package com.akto.testing.yaml_tests; +import com.akto.dao.test_editor.TestEditorEnums; import com.akto.dto.ApiInfo; import com.akto.dto.CustomAuthType; import com.akto.dto.OriginalHttpResponse; @@ -7,7 +8,9 @@ import com.akto.dto.test_editor.*; import com.akto.dto.testing.*; import com.akto.log.LoggerMaker; +import com.akto.rules.RequiredConfigs; import com.akto.rules.TestPlugin; +import com.akto.test_editor.Utils; import com.akto.test_editor.auth.AuthValidator; import com.akto.test_editor.execution.Executor; import com.akto.testing.StatusCodeAnalyser; @@ -27,6 +30,59 @@ public YamlTestTemplate(ApiInfo.ApiInfoKey apiInfoKey, FilterNode filterNode, Fi this.customAuthTypes = customAuthTypes; } + @Override + public String requireConfig(){ + if(this.authMechanism == null || this.authMechanism.getAuthParams() == null || this.authMechanism.getAuthParams().isEmpty()){ + return "ATTACKER_TOKEN_ALL"; + } + + Map currentRolesMap = RequiredConfigs.getCurrentConfigsMap(); + + // traverse in filternodes.getValues(), looks for valid key, if key valid, check for that role + List childNodes = filterNode.getChildNodes(); + if(childNodes != null && !childNodes.isEmpty()){ + for(FilterNode node: childNodes){ + if(Utils.commandRequiresConfig(node.getOperand().toLowerCase())){ + if(!node.getChildNodes().isEmpty()){ + List roles = (List) node.getChildNodes().get(0).getValues(); + String role = roles.get(0); + if(!currentRolesMap.containsKey(role)){ + return role; + } + } + } + } + } + + List childList = executorNode.getChildNodes(); + if(childList != null && !childList.isEmpty() && childList.size() >= 2){ + ExecutorNode reqNodes = childList.get(1); + if (reqNodes.getChildNodes() == null || reqNodes.getChildNodes().size() == 0) { + return null; + } + + ExecutorNode reqNode = reqNodes.getChildNodes().get(0); + for(ExecutorNode node: reqNode.getChildNodes()){ + if(node.getOperationType().equalsIgnoreCase(TestEditorEnums.NonTerminalExecutorDataOperands.MODIFY_HEADER.toString())){ + for(ExecutorNode child: node.getChildNodes()){ + if(Utils.commandRequiresConfig(child.getOperationType().toString())){ + String ACCESS_ROLES_CONTEXT = "${roles_access_context."; + String keyStr = child.getOperationType().toString(); + keyStr = keyStr.replace(ACCESS_ROLES_CONTEXT, ""); + String roleName = keyStr.substring(0,keyStr.length()-1).trim(); + + if(!currentRolesMap.containsKey(roleName)){ + return roleName; + } + } + } + } + } + } + + return null; + } + @Override public boolean filter() { // loggerMaker.infoAndAddToDb("filter started" + logId, LogDb.TESTING); diff --git a/libs/dao/src/main/java/com/akto/dto/testing/TestResult.java b/libs/dao/src/main/java/com/akto/dto/testing/TestResult.java index 711e0a492f..6a6cf43a70 100644 --- a/libs/dao/src/main/java/com/akto/dto/testing/TestResult.java +++ b/libs/dao/src/main/java/com/akto/dto/testing/TestResult.java @@ -38,7 +38,8 @@ public enum TestError { SKIPPING_EXECUTION_BECAUSE_AUTH("Request API failed authentication check, skipping execution", true), SKIPPING_EXECUTION_BECAUSE_FILTERS("Request API failed to satisfy api_selection_filters block, skipping execution", true), DEACTIVATED_ENDPOINT("This is a deactivated endpoint", true), - USAGE_EXCEEDED("You have exceeded the limit of this feature, skipping execution", true); + USAGE_EXCEEDED("You have exceeded the limit of this feature, skipping execution", true), + ROLE_NOT_FOUND("config doesn't exist, skipping execution", false); private final String message; private final boolean skipTest; From 7793e370fb7dd87a3b4b9209a01c8414311bee82 Mon Sep 17 00:00:00 2001 From: Ark2307 Date: Wed, 5 Jun 2024 22:00:17 +0530 Subject: [PATCH 3/9] added all configurations missing for the test --- .../SingleTestRunPage/SingleTestRunPage.js | 34 +++++++++++-------- .../pages/testing/SingleTestRunPage/style.css | 16 +++++++++ .../apps/dashboard/pages/testing/transform.js | 21 +++++++++--- .../main/java/com/akto/test_editor/Utils.java | 4 +-- .../yaml_tests/SecurityTestTemplate.java | 13 ++++--- .../testing/yaml_tests/YamlTestTemplate.java | 17 ++++++---- 6 files changed, 74 insertions(+), 31 deletions(-) diff --git a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/SingleTestRunPage/SingleTestRunPage.js b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/SingleTestRunPage/SingleTestRunPage.js index 51f85373b8..4cb90d2c79 100644 --- a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/SingleTestRunPage/SingleTestRunPage.js +++ b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/SingleTestRunPage/SingleTestRunPage.js @@ -299,24 +299,28 @@ const promotedBulkActions = (selectedDataHexIds) => { } } + const baseUrl = window.location.origin+"/dashboard/testing/roles/details?system="; + const bannerComp = ( missingConfigs.length > 0 ? - - - - - {`${missingConfigs.length} configurations missing: `} - - - - {missingConfigs.map((config) => { - return( - {config} - ) - })} +
+ + + + + {`${missingConfigs.length} configuration${missingConfigs.length > 1 ? 's' : ''} missing: `} + + + + {missingConfigs.map((config) => { + return( + {config} + ) + })} + - - : null + +
: null ) const definedTableTabs = ['Vulnerable', 'Need configurations','Skipped', 'No vulnerability found'] diff --git a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/SingleTestRunPage/style.css b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/SingleTestRunPage/style.css index 9550e7598e..7518651fe4 100644 --- a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/SingleTestRunPage/style.css +++ b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/SingleTestRunPage/style.css @@ -1,3 +1,19 @@ .filterClass .Polaris-Filters__FiltersWrapper { border-bottom:0 +} + +.div-link{ + cursor: pointer; +} +.div-link:hover{ + border-bottom: 1px solid #B98900; +} + +.banner-wrapper .Polaris-Banner--withinContentContainer{ + border-radius: 0px !important; + border: unset !important; +} + +.banner-wrapper .Polaris-Banner--statusCritical { + background-color: #FFF4F4 !important; } \ No newline at end of file diff --git a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/transform.js b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/transform.js index a984d8a1d9..e34e0ad164 100644 --- a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/transform.js +++ b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/transform.js @@ -766,10 +766,20 @@ getPrettifiedTestRunResults(testRunResults){ const errorType = this.getTestErrorType(test.errorsList[0]) key = key + ': ' + errorType if(errorType === "ROLE_NOT_FOUND"){ + const baseUrl = window.location.origin+"/dashboard/testing/roles/details?system=" + const missingConfigs = func.toSentenceCase(test.errorsList[0].split(errorsObject["ROLE_NOT_FOUND"])[0]).split(" "); error_message = ( - - {func.toSentenceCase(test.errorsList[0].split(errorsObject["ROLE_NOT_FOUND"])[0])} - + + {missingConfigs.map((config, index) => { + return( + config.length > 0 ? +
{e.stopPropagation();window.open(baseUrl + config.toUpperCase(), "_blank")}} key={index}> + {func.toSentenceCase(config || "")} +
+ : null + ) + })} + ) }else{ error_message = errorsObject[errorType] @@ -1020,7 +1030,10 @@ getMissingConfigs(testResults){ const configsSet = new Set(); testResults.forEach((res) => { const config = res?.errorsList.length > 0 ? func.toSentenceCase(res.errorsList[0].split(errorsObject["ROLE_NOT_FOUND"])[0]) : "" - configsSet.add(config) + if(config.length > 0){ + let allConfigs = config.split(" ") + allConfigs.filter(x => x.length > 1).forEach((x) => configsSet.add(func.toSentenceCase(x))) + } }) return [...configsSet] diff --git a/apps/testing/src/main/java/com/akto/test_editor/Utils.java b/apps/testing/src/main/java/com/akto/test_editor/Utils.java index f22c6a5eb0..af37698ea6 100644 --- a/apps/testing/src/main/java/com/akto/test_editor/Utils.java +++ b/apps/testing/src/main/java/com/akto/test_editor/Utils.java @@ -841,8 +841,8 @@ public static ApiAccessType getApiAccessTypeFromString(String apiAccessType){ } public static Boolean commandRequiresConfig(String key){ - String ACCESS_ROLES_CONTEXT = "roles_access_context"; - if (key.contains(ACCESS_ROLES_CONTEXT) || key.equals("replace_auth_header")) { + String ACCESS_ROLES = "roles_access"; + if (key.contains(ACCESS_ROLES) || key.equals("replace_auth_header")) { return true; } return false; diff --git a/apps/testing/src/main/java/com/akto/testing/yaml_tests/SecurityTestTemplate.java b/apps/testing/src/main/java/com/akto/testing/yaml_tests/SecurityTestTemplate.java index 50042c64d0..b32fe687f7 100644 --- a/apps/testing/src/main/java/com/akto/testing/yaml_tests/SecurityTestTemplate.java +++ b/apps/testing/src/main/java/com/akto/testing/yaml_tests/SecurityTestTemplate.java @@ -14,6 +14,7 @@ import java.util.ArrayList; import java.util.List; import java.util.Map; +import java.util.Set; import static com.akto.dto.testing.TestResult.TestError.*; @@ -56,7 +57,7 @@ private YamlTestResult getResultWithError(String errorMessage){ public abstract boolean filter(); - public abstract String requireConfig(); + public abstract Set requireConfig(); public abstract boolean checkAuthBeforeExecution(boolean debug, List testLogs); @@ -66,9 +67,13 @@ private YamlTestResult getResultWithError(String errorMessage){ public YamlTestResult run(boolean debug, List testLogs) { - String missingConfig = requireConfig(); - if(missingConfig != null){ - return getResultWithError(missingConfig + " " + ROLE_NOT_FOUND.getMessage()); + Set missingConfigList = requireConfig(); + if(!missingConfigList.isEmpty()){ + String missingConfigs = ""; + for(String str: missingConfigList){ + missingConfigs += (str + " "); + } + return getResultWithError(missingConfigs + " " + ROLE_NOT_FOUND.getMessage()); } boolean valid = filter(); diff --git a/apps/testing/src/main/java/com/akto/testing/yaml_tests/YamlTestTemplate.java b/apps/testing/src/main/java/com/akto/testing/yaml_tests/YamlTestTemplate.java index c85d5a1dbb..57294919c5 100644 --- a/apps/testing/src/main/java/com/akto/testing/yaml_tests/YamlTestTemplate.java +++ b/apps/testing/src/main/java/com/akto/testing/yaml_tests/YamlTestTemplate.java @@ -15,8 +15,11 @@ import com.akto.test_editor.execution.Executor; import com.akto.testing.StatusCodeAnalyser; +import java.util.ArrayList; +import java.util.HashSet; import java.util.List; import java.util.Map; +import java.util.Set; public class YamlTestTemplate extends SecurityTestTemplate { @@ -31,9 +34,11 @@ public YamlTestTemplate(ApiInfo.ApiInfoKey apiInfoKey, FilterNode filterNode, Fi } @Override - public String requireConfig(){ + public Set requireConfig(){ + Set requiredConfigsList = new HashSet<>(); + if(this.authMechanism == null || this.authMechanism.getAuthParams() == null || this.authMechanism.getAuthParams().isEmpty()){ - return "ATTACKER_TOKEN_ALL"; + requiredConfigsList.add("ATTACKER_TOKEN_ALL"); } Map currentRolesMap = RequiredConfigs.getCurrentConfigsMap(); @@ -47,7 +52,7 @@ public String requireConfig(){ List roles = (List) node.getChildNodes().get(0).getValues(); String role = roles.get(0); if(!currentRolesMap.containsKey(role)){ - return role; + requiredConfigsList.add(role.toUpperCase()); } } } @@ -58,7 +63,7 @@ public String requireConfig(){ if(childList != null && !childList.isEmpty() && childList.size() >= 2){ ExecutorNode reqNodes = childList.get(1); if (reqNodes.getChildNodes() == null || reqNodes.getChildNodes().size() == 0) { - return null; + return requiredConfigsList; } ExecutorNode reqNode = reqNodes.getChildNodes().get(0); @@ -72,7 +77,7 @@ public String requireConfig(){ String roleName = keyStr.substring(0,keyStr.length()-1).trim(); if(!currentRolesMap.containsKey(roleName)){ - return roleName; + requiredConfigsList.add(roleName.toUpperCase()); } } } @@ -80,7 +85,7 @@ public String requireConfig(){ } } - return null; + return requiredConfigsList; } @Override From 395166cbbe6cc38c7832c480adb2956649788198 Mon Sep 17 00:00:00 2001 From: Ark2307 Date: Wed, 5 Jun 2024 23:37:18 +0530 Subject: [PATCH 4/9] fixed query for getting config missing test results --- .../com/akto/action/testing/StartTestAction.java | 5 ++--- .../src/apps/dashboard/pages/testing/transform.js | 10 ++++++---- .../testing/yaml_tests/SecurityTestTemplate.java | 12 +++++++----- .../com/akto/dao/testing/TestingRunResultDao.java | 3 +++ .../main/java/com/akto/dto/testing/TestResult.java | 11 +++++++++++ .../java/com/akto/dto/testing/TestingRunResult.java | 1 + 6 files changed, 30 insertions(+), 12 deletions(-) diff --git a/apps/dashboard/src/main/java/com/akto/action/testing/StartTestAction.java b/apps/dashboard/src/main/java/com/akto/action/testing/StartTestAction.java index 1a82758f37..a2be6476eb 100644 --- a/apps/dashboard/src/main/java/com/akto/action/testing/StartTestAction.java +++ b/apps/dashboard/src/main/java/com/akto/action/testing/StartTestAction.java @@ -530,11 +530,10 @@ public String fetchTestingRunResults() { case SECURED: testingRunResultFilters.add(Filters.eq(TestingRunResult.VULNERABLE, false)); testingRunResultFilters.add(Filters.nin(TestingRunResultDao.ERRORS_KEY, TestResult.TestError.getErrorsToSkipTests())); - testingRunResultFilters.add(Filters.regex(TestingRunResultDao.ERRORS_KEY,TestResult.TestError.ROLE_NOT_FOUND.toString())); + testingRunResultFilters.add(Filters.eq(TestingRunResult.REQUIRES_CONFIG, false)); break; case SKIPPED_EXEC_NEED_CONFIG: - testingRunResultFilters.add(Filters.eq(TestingRunResult.VULNERABLE, false)); - testingRunResultFilters.add(Filters.not(Filters.regex(TestingRunResultDao.ERRORS_KEY,TestResult.TestError.ROLE_NOT_FOUND.toString()))); + testingRunResultFilters.add(Filters.eq(TestingRunResult.REQUIRES_CONFIG, true)); break; } } diff --git a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/transform.js b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/transform.js index e51d13cd77..db0ca3705c 100644 --- a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/transform.js +++ b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/transform.js @@ -1035,10 +1035,12 @@ getMissingConfigs(testResults){ } const configsSet = new Set(); testResults.forEach((res) => { - const config = res?.errorsList.length > 0 ? func.toSentenceCase(res.errorsList[0].split(errorsObject["ROLE_NOT_FOUND"])[0]) : "" - if(config.length > 0){ - let allConfigs = config.split(" ") - allConfigs.filter(x => x.length > 1).forEach((x) => configsSet.add(func.toSentenceCase(x))) + if(res?.errorsList.length > 0 && res.errorsList[0].includes(errorsObject["ROLE_NOT_FOUND"])){ + const config = func.toSentenceCase(res.errorsList[0].split(errorsObject["ROLE_NOT_FOUND"])[0]) + if(config.length > 0){ + let allConfigs = config.split(" ") + allConfigs.filter(x => x.length > 1).forEach((x) => configsSet.add(func.toSentenceCase(x))) + } } }) diff --git a/apps/testing/src/main/java/com/akto/testing/yaml_tests/SecurityTestTemplate.java b/apps/testing/src/main/java/com/akto/testing/yaml_tests/SecurityTestTemplate.java index b32fe687f7..d7d2253391 100644 --- a/apps/testing/src/main/java/com/akto/testing/yaml_tests/SecurityTestTemplate.java +++ b/apps/testing/src/main/java/com/akto/testing/yaml_tests/SecurityTestTemplate.java @@ -49,9 +49,11 @@ public SecurityTestTemplate(ApiInfo.ApiInfoKey apiInfoKey, FilterNode filterNode this.strategy = strategy; } - private YamlTestResult getResultWithError(String errorMessage){ + private YamlTestResult getResultWithError(String errorMessage, boolean requiresConfig){ List testResults = new ArrayList<>(); - testResults.add(new TestResult(null, rawApi.getOriginalMessage(), Collections.singletonList(errorMessage), 0, false, TestResult.Confidence.HIGH, null)); + TestResult testResult = new TestResult(null, rawApi.getOriginalMessage(), Collections.singletonList(errorMessage), 0, false, TestResult.Confidence.HIGH, null); + testResult.setRequiresConfig(requiresConfig); + testResults.add(testResult); return new YamlTestResult(testResults, null); } @@ -73,16 +75,16 @@ public YamlTestResult run(boolean debug, List testLogs for(String str: missingConfigList){ missingConfigs += (str + " "); } - return getResultWithError(missingConfigs + " " + ROLE_NOT_FOUND.getMessage()); + return getResultWithError(missingConfigs + " " + ROLE_NOT_FOUND.getMessage(), true); } boolean valid = filter(); if (!valid) { - return getResultWithError(SKIPPING_EXECUTION_BECAUSE_FILTERS.getMessage()); + return getResultWithError(SKIPPING_EXECUTION_BECAUSE_FILTERS.getMessage(), false); } valid = checkAuthBeforeExecution(debug, testLogs); if (!valid) { - return getResultWithError(SKIPPING_EXECUTION_BECAUSE_AUTH.getMessage()); + return getResultWithError(SKIPPING_EXECUTION_BECAUSE_AUTH.getMessage(), false); } YamlTestResult attempts = executor(debug, testLogs); if(attempts == null || attempts.getTestResults().isEmpty()){ diff --git a/libs/dao/src/main/java/com/akto/dao/testing/TestingRunResultDao.java b/libs/dao/src/main/java/com/akto/dao/testing/TestingRunResultDao.java index c683ef50db..2dd30c83fd 100644 --- a/libs/dao/src/main/java/com/akto/dao/testing/TestingRunResultDao.java +++ b/libs/dao/src/main/java/com/akto/dao/testing/TestingRunResultDao.java @@ -106,6 +106,9 @@ public void createIndicesIfAbsent() { String[] fieldNames = new String[]{TestingRunResult.END_TIMESTAMP, TestResult.TEST_RESULTS_ERRORS}; MCollection.createIndexIfAbsent(getDBName(), getCollName(), fieldNames, false); + + fieldNames = new String[]{TestingRunResult.REQUIRES_CONFIG}; + MCollection.createIndexIfAbsent(getDBName(), getCollName(), fieldNames, false); } public void convertToCappedCollection() { diff --git a/libs/dao/src/main/java/com/akto/dto/testing/TestResult.java b/libs/dao/src/main/java/com/akto/dto/testing/TestResult.java index 6a6cf43a70..9e4cb74da2 100644 --- a/libs/dao/src/main/java/com/akto/dto/testing/TestResult.java +++ b/libs/dao/src/main/java/com/akto/dto/testing/TestResult.java @@ -17,6 +17,9 @@ public class TestResult extends GenericTestResult { private double percentageMatch; private TestInfo testInfo; + public static final String REQUIRES_CONFIG = "requiresConfig"; + private boolean requiresConfig; + public enum Confidence { HIGH, MEDIUM, LOW } @@ -118,4 +121,12 @@ public TestInfo getTestInfo() { public void setTestInfo(TestInfo testInfo) { this.testInfo = testInfo; } + + public boolean isRequiresConfig() { + return requiresConfig; + } + + public void setRequiresConfig(boolean requiresConfig) { + this.requiresConfig = requiresConfig; + } } diff --git a/libs/dao/src/main/java/com/akto/dto/testing/TestingRunResult.java b/libs/dao/src/main/java/com/akto/dto/testing/TestingRunResult.java index d6afd73a80..41b00d66da 100644 --- a/libs/dao/src/main/java/com/akto/dto/testing/TestingRunResult.java +++ b/libs/dao/src/main/java/com/akto/dto/testing/TestingRunResult.java @@ -45,6 +45,7 @@ public class TestingRunResult implements Comparable { public static final String ERRORS_LIST = "errorsList"; private List errorsList; + public static final String REQUIRES_CONFIG = TEST_RESULTS + ".0." + TestResult.REQUIRES_CONFIG; private WorkflowTest workflowTest; From 8c99f9e0c4a7ea7bdf4749ab2888a74c6f883daa Mon Sep 17 00:00:00 2001 From: Ark2307 Date: Wed, 12 Jun 2024 13:06:58 +0530 Subject: [PATCH 5/9] fixing testing screens --- .../pages/testing/SingleTestRunPage/SingleTestRunPage.js | 8 +++++--- .../web/src/apps/dashboard/pages/testing/transform.js | 4 ++-- .../src/main/java/com/akto/testing/TestExecutor.java | 8 +++++++- 3 files changed, 14 insertions(+), 6 deletions(-) diff --git a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/SingleTestRunPage/SingleTestRunPage.js b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/SingleTestRunPage/SingleTestRunPage.js index cc5abcf9e6..4e385759ee 100644 --- a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/SingleTestRunPage/SingleTestRunPage.js +++ b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/SingleTestRunPage/SingleTestRunPage.js @@ -113,6 +113,7 @@ function SingleTestRunPage() { const [selected, setSelected] = useState(0) const [workflowTest, setWorkflowTest ] = useState(false); const [secondaryPopover, setSecondaryPopover] = useState(false) + const [updateKey, setUpdateKey] = useState(false) const currentTestingRuns = TestingStore((state) => state.currentTestingRuns) const setErrorsObject = TestingStore((state) => state.setErrorsObject) const [currentTestRunObj, setCurrentTestObj] = useState({ @@ -158,9 +159,9 @@ function SingleTestRunPage() { return {...prev}; }); - await fetchTestingRunResultsData(summary.hexId); + await fetchTestingRunResultsData(summary.hexId, true); } - async function fetchTestingRunResultsData(summaryHexId){ + async function fetchTestingRunResultsData(summaryHexId, updateKey = false){ setLoading(false); setTempLoading((prev) => { prev.vulnerable = true; @@ -188,6 +189,7 @@ function SingleTestRunPage() { }) fillTempData(testRunResults, 'no_vulnerability_found') fillData(transform.getPrettifiedTestRunResults(testRunResults), 'no_vulnerability_found') + setUpdateKey(updateKey) } async function fetchData(setData) { let localSelectedTestRun = {} @@ -303,7 +305,7 @@ const promotedBulkActions = (selectedDataHexIds) => { } const resultTable = ( totalCountIssues = testingRunResultSummary.getCountIssues(); + if(totalCountIssues == null){ + totalCountIssues = new HashMap<>(); + totalCountIssues.put("HIGH", 0); + totalCountIssues.put("MEDIUM", 0); + totalCountIssues.put("LOW", 0); + } loggerMaker.infoAndAddToDb("Finished updating TestingRunResultSummariesDao", LogDb.TESTING); - if(totalCountIssues.getOrDefault(Severity.HIGH.toString(),0) > 0){ + if(totalCountIssues.get(Severity.HIGH.toString()) > 0){ ActivitiesDao.instance.insertActivity("High Vulnerability detected", totalCountIssues.get(Severity.HIGH.toString()) + " HIGH vulnerabilites detected"); } } From 75920e9ef65295159c500de48e28ecb4ddd03c2f Mon Sep 17 00:00:00 2001 From: Ark2307 Date: Wed, 12 Jun 2024 15:52:31 +0530 Subject: [PATCH 6/9] reverting changes --- .../pages/testing/SingleTestRunPage/SingleTestRunPage.js | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/SingleTestRunPage/SingleTestRunPage.js b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/SingleTestRunPage/SingleTestRunPage.js index 6a562cc13a..9e43637256 100644 --- a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/SingleTestRunPage/SingleTestRunPage.js +++ b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/SingleTestRunPage/SingleTestRunPage.js @@ -114,7 +114,6 @@ function SingleTestRunPage() { const [selected, setSelected] = useState(0) const [workflowTest, setWorkflowTest ] = useState(false); const [secondaryPopover, setSecondaryPopover] = useState(false) - const [updateKey, setUpdateKey] = useState(false) const currentTestingRuns = TestingStore((state) => state.currentTestingRuns) const setErrorsObject = TestingStore((state) => state.setErrorsObject) const [currentTestRunObj, setCurrentTestObj] = useState({ @@ -161,9 +160,9 @@ function SingleTestRunPage() { return {...prev}; }); - await fetchTestingRunResultsData(summary.hexId, true); + await fetchTestingRunResultsData(summary.hexId); } - async function fetchTestingRunResultsData(summaryHexId, updateKey = false){ + async function fetchTestingRunResultsData(summaryHexId){ setLoading(false); setTempLoading((prev) => { prev.vulnerable = true; @@ -201,7 +200,6 @@ function SingleTestRunPage() { }) fillTempData(testRunResults, 'no_vulnerability_found') fillData(transform.getPrettifiedTestRunResults(testRunResults), 'no_vulnerability_found') - setUpdateKey(updateKey) } async function fetchData(setData) { let localSelectedTestRun = {} @@ -339,9 +337,10 @@ const promotedBulkActions = (selectedDataHexIds) => { setLoading(false) },200) } + const resultTable = ( Date: Thu, 13 Jun 2024 11:33:59 +0530 Subject: [PATCH 7/9] fixed count issues creation map --- .../src/main/java/com/akto/testing/TestExecutor.java | 8 +------- .../com/akto/testing_issues/TestingIssuesHandler.java | 2 +- 2 files changed, 2 insertions(+), 8 deletions(-) diff --git a/apps/testing/src/main/java/com/akto/testing/TestExecutor.java b/apps/testing/src/main/java/com/akto/testing/TestExecutor.java index 2069bae905..05887e8f18 100644 --- a/apps/testing/src/main/java/com/akto/testing/TestExecutor.java +++ b/apps/testing/src/main/java/com/akto/testing/TestExecutor.java @@ -285,15 +285,9 @@ public static void updateTestSummary(ObjectId summaryId){ GithubUtils.publishGithubComments(testingRunResultSummary); Map totalCountIssues = testingRunResultSummary.getCountIssues(); - if(totalCountIssues == null){ - totalCountIssues = new HashMap<>(); - totalCountIssues.put("HIGH", 0); - totalCountIssues.put("MEDIUM", 0); - totalCountIssues.put("LOW", 0); - } loggerMaker.infoAndAddToDb("Finished updating TestingRunResultSummariesDao", LogDb.TESTING); - if(totalCountIssues.get(Severity.HIGH.toString()) > 0){ + if(totalCountIssues.getOrDefault(Severity.HIGH.toString(), 0) > 0){ ActivitiesDao.instance.insertActivity("High Vulnerability detected", totalCountIssues.get(Severity.HIGH.toString()) + " HIGH vulnerabilites detected"); } } diff --git a/apps/testing/src/main/java/com/akto/testing_issues/TestingIssuesHandler.java b/apps/testing/src/main/java/com/akto/testing_issues/TestingIssuesHandler.java index 50804ddb53..15d31a38d2 100644 --- a/apps/testing/src/main/java/com/akto/testing_issues/TestingIssuesHandler.java +++ b/apps/testing/src/main/java/com/akto/testing_issues/TestingIssuesHandler.java @@ -124,7 +124,7 @@ private void insertVulnerableTestsIntoIssuesCollection(List Date: Thu, 13 Jun 2024 11:41:34 +0530 Subject: [PATCH 8/9] removing unnecessary changes --- apps/dashboard/src/main/resources/struts.xml | 3 --- apps/testing/src/main/java/com/akto/testing/TestExecutor.java | 2 +- 2 files changed, 1 insertion(+), 4 deletions(-) diff --git a/apps/dashboard/src/main/resources/struts.xml b/apps/dashboard/src/main/resources/struts.xml index c7f3d32ffc..73186271b8 100644 --- a/apps/dashboard/src/main/resources/struts.xml +++ b/apps/dashboard/src/main/resources/struts.xml @@ -1545,9 +1545,6 @@ API_DATA_REDACTION - - ADMIN - 401 diff --git a/apps/testing/src/main/java/com/akto/testing/TestExecutor.java b/apps/testing/src/main/java/com/akto/testing/TestExecutor.java index 05887e8f18..741f5696ed 100644 --- a/apps/testing/src/main/java/com/akto/testing/TestExecutor.java +++ b/apps/testing/src/main/java/com/akto/testing/TestExecutor.java @@ -287,7 +287,7 @@ public static void updateTestSummary(ObjectId summaryId){ Map totalCountIssues = testingRunResultSummary.getCountIssues(); loggerMaker.infoAndAddToDb("Finished updating TestingRunResultSummariesDao", LogDb.TESTING); - if(totalCountIssues.getOrDefault(Severity.HIGH.toString(), 0) > 0){ + if(totalCountIssues.getOrDefault(Severity.HIGH.toString(),0) > 0){ ActivitiesDao.instance.insertActivity("High Vulnerability detected", totalCountIssues.get(Severity.HIGH.toString()) + " HIGH vulnerabilites detected"); } } From 69a2c4b99b6f4aef92fac3e437897dd460689e65 Mon Sep 17 00:00:00 2001 From: Ark2307 Date: Thu, 13 Jun 2024 13:39:13 +0530 Subject: [PATCH 9/9] fixing required configs call for testing --- .../akto/action/testing/StartTestAction.java | 2 -- .../java/com/akto/rules/RequiredConfigs.java | 21 ++++++++++--------- .../src/main/java/com/akto/testing/Main.java | 3 ++- 3 files changed, 13 insertions(+), 13 deletions(-) diff --git a/apps/dashboard/src/main/java/com/akto/action/testing/StartTestAction.java b/apps/dashboard/src/main/java/com/akto/action/testing/StartTestAction.java index a2be6476eb..5a79368718 100644 --- a/apps/dashboard/src/main/java/com/akto/action/testing/StartTestAction.java +++ b/apps/dashboard/src/main/java/com/akto/action/testing/StartTestAction.java @@ -26,7 +26,6 @@ import com.akto.dto.testing.sources.TestSourceConfig; import com.akto.log.LoggerMaker; import com.akto.log.LoggerMaker.LogDb; -import com.akto.rules.RequiredConfigs; import com.akto.util.Constants; import com.akto.util.enums.GlobalEnums.TestErrorSource; import com.akto.utils.DeleteTestRunUtils; @@ -235,7 +234,6 @@ public String startTest() { } - RequiredConfigs.initiate(); this.startTimestamp = 0; this.endTimestamp = 0; this.retrieveAllCollectionTests(); diff --git a/apps/testing/src/main/java/com/akto/rules/RequiredConfigs.java b/apps/testing/src/main/java/com/akto/rules/RequiredConfigs.java index e0ceb98f1d..62c39817d5 100644 --- a/apps/testing/src/main/java/com/akto/rules/RequiredConfigs.java +++ b/apps/testing/src/main/java/com/akto/rules/RequiredConfigs.java @@ -1,5 +1,6 @@ package com.akto.rules; +import java.util.ArrayList; import java.util.HashMap; import java.util.List; import java.util.Map; @@ -17,21 +18,20 @@ public static RequiredConfigs getRequiredConfigs() { return requiredConfigs; } - private static List testRolesList = TestRolesDao.instance.findAll( - Filters.empty(), - Projections.fields( - Projections.include(TestRoles.NAME, TestRoles.AUTH_WITH_COND_LIST) - ) - ); + private static List testRolesList = new ArrayList<>(); private static final Map validRolesExist = new HashMap<>(); - public static void initiate () { + public static void initiate() { validRolesExist.clear(); + testRolesList = TestRolesDao.instance.findAll( + Filters.empty(), + Projections.fields( + Projections.include(TestRoles.NAME) + ) + ); for(TestRoles role: testRolesList){ - if(role.getAuthWithCondList() != null && role.getAuthWithCondList().size() > 0){ - validRolesExist.put(role.getName(), true); - } + validRolesExist.put(role.getName(), true); } } @@ -40,3 +40,4 @@ public static Map getCurrentConfigsMap(){ } } + diff --git a/apps/testing/src/main/java/com/akto/testing/Main.java b/apps/testing/src/main/java/com/akto/testing/Main.java index 7efc911aa6..60c63adedb 100644 --- a/apps/testing/src/main/java/com/akto/testing/Main.java +++ b/apps/testing/src/main/java/com/akto/testing/Main.java @@ -32,6 +32,7 @@ import com.akto.notifications.slack.NewIssuesModel; import com.akto.notifications.slack.SlackAlerts; import com.akto.notifications.slack.SlackSender; +import com.akto.rules.RequiredConfigs; import com.akto.util.AccountTask; import com.akto.util.Constants; import com.akto.util.DashboardMode; @@ -242,7 +243,6 @@ public void run() { int accountId = account.getId(); int start = Context.now(); - TestingRunResultSummary trrs = findPendingTestingRunResultSummary(); boolean isSummaryRunning = trrs != null && trrs.getState().equals(State.RUNNING); TestingRun testingRun; @@ -377,6 +377,7 @@ public void run() { } } + RequiredConfigs.initiate(); testExecutor.init(testingRun, summaryId, syncLimit); raiseMixpanelEvent(summaryId, testingRun, accountId); } catch (Exception e) {