resolved conflicts

akto-api-security · Nov 22, 2024 · b35b64e · b35b64e
1 parent 549bde0
commit b35b64e
Show file tree

Hide file tree

Showing 7 changed files with 333 additions and 34 deletions.
diff --git a/apps/dashboard/src/main/java/com/akto/action/CustomDataTypeAction.java b/apps/dashboard/src/main/java/com/akto/action/CustomDataTypeAction.java
@@ -37,6 +37,7 @@
 import static com.akto.dto.type.SingleTypeInfo.fetchCustomDataTypes;
 import static com.akto.dto.type.SingleTypeInfo.subTypeMap;
 import static com.akto.utils.Utils.extractJsonResponse;
+import static com.akto.utils.Utils.getUniqueValuesOfList;
 
 public class CustomDataTypeAction extends UserAction{
     private static LoggerMaker loggerMaker = new LoggerMaker(CustomDataTypeAction.class);
@@ -55,6 +56,8 @@ public class CustomDataTypeAction extends UserAction{
     private List<ConditionFromUser> valueConditionFromUsers;
     private boolean redacted;
 
+    private List<String> categoriesList;
+
     public static class ConditionFromUser {
         Predicate.Type type;
         Map<String, Object> valueMap;
@@ -236,6 +239,32 @@ public String saveAktoDataType(){
             return ERROR.toUpperCase();
         }    
 
+        Conditions keyConditions = null;
+        Conditions valueConditions = null;
+
+        try {
+            keyConditions = generateKeyConditions();
+        } catch (AktoCustomException e) {
+            addActionError(e.getMessage());
+            return ERROR.toUpperCase();
+        }
+
+        try {
+            valueConditions = generateValueConditions();
+        } catch (AktoCustomException e) {
+            addActionError(e.getMessage());
+            return ERROR.toUpperCase();
+        }
+
+        Conditions.Operator mainOperator;
+        try {
+            mainOperator = Conditions.Operator.valueOf(operator);
+        } catch (Exception ignored) {
+            addActionError("Invalid value operator");
+            return ERROR.toUpperCase();
+        }
+
+
         FindOneAndUpdateOptions options = new FindOneAndUpdateOptions();
         options.returnDocument(ReturnDocument.AFTER);
         options.upsert(false);
@@ -246,7 +275,11 @@ public String saveAktoDataType(){
                 Updates.set("sensitivePosition",sensitivePositions),
                 Updates.set("timestamp",Context.now()),
                 Updates.set("redacted",redacted),
-                Updates.set(AktoDataType.SAMPLE_DATA_FIXED, !redacted)
+                Updates.set(AktoDataType.SAMPLE_DATA_FIXED, !redacted),
+                Updates.set(AktoDataType.CATEGORIES_LIST, getUniqueValuesOfList(categoriesList)),
+                Updates.set(AktoDataType.KEY_CONDITIONS, keyConditions),
+                Updates.set(AktoDataType.VALUE_CONDITIONS, valueConditions),
+                Updates.set(AktoDataType.OPERATOR, mainOperator)
             ),
             options
         );
@@ -519,20 +552,7 @@ public boolean forPayload(String payload, CustomDataType customDataType, Key api
 
     }
 
-    public CustomDataType generateCustomDataType(int userId) throws AktoCustomException {
-        // TODO: handle errors
-        if (name == null || name.length() == 0) throw new AktoCustomException("Name cannot be empty");
-        int maxChars = 25;
-        if (name.length() > maxChars) throw new AktoCustomException("Maximum length allowed is "+maxChars+" characters");
-        name = name.trim();
-        name = name.toUpperCase();
-        if (!(name.matches("[A-Z_0-9 ]+"))) throw new AktoCustomException("Name can only contain alphabets, spaces, numbers and underscores");
-
-        if (subTypeMap.containsKey(name)) {
-            throw new AktoCustomException("Data type name reserved");
-        }
-
-
+    public Conditions generateKeyConditions() throws AktoCustomException {
         Conditions keyConditions = null;
         if (keyConditionFromUsers != null && keyOperator != null) {
 
@@ -558,6 +578,10 @@ public CustomDataType generateCustomDataType(int userId) throws AktoCustomExcept
             }
         }
 
+        return keyConditions;
+    }
+
+    public Conditions generateValueConditions() throws AktoCustomException {
         Conditions valueConditions  = null;
         if (valueConditionFromUsers != null && valueOperator != null) {
             Conditions.Operator vOperator;
@@ -582,6 +606,27 @@ public CustomDataType generateCustomDataType(int userId) throws AktoCustomExcept
             }
         }
 
+        return valueConditions;
+    }
+
+    public CustomDataType generateCustomDataType(int userId) throws AktoCustomException {
+        // TODO: handle errors
+        if (name == null || name.length() == 0) throw new AktoCustomException("Name cannot be empty");
+        int maxChars = 25;
+        if (name.length() > maxChars) throw new AktoCustomException("Maximum length allowed is "+maxChars+" characters");
+        name = name.trim();
+        name = name.toUpperCase();
+        if (!(name.matches("[A-Z_0-9 ]+"))) throw new AktoCustomException("Name can only contain alphabets, spaces, numbers and underscores");
+
+        if (subTypeMap.containsKey(name)) {
+            throw new AktoCustomException("Data type name reserved");
+        }
+
+
+        Conditions keyConditions = generateKeyConditions();
+        Conditions valueConditions = generateValueConditions();
+
+
         if ((keyConditions == null || keyConditions.getPredicates() == null || keyConditions.getPredicates().size() == 0) &&
               (valueConditions == null || valueConditions.getPredicates() ==null || valueConditions.getPredicates().size() == 0))  {
 
@@ -837,4 +882,8 @@ public boolean getRedacted() {
     public void setRedacted(boolean redacted) {
         this.redacted = redacted;
     }
+
+    public void setCategoriesList(List<String> categoriesList) {
+        this.categoriesList = categoriesList;
+    }
 }
diff --git a/apps/dashboard/src/main/java/com/akto/utils/Utils.java b/apps/dashboard/src/main/java/com/akto/utils/Utils.java
@@ -584,4 +584,14 @@ public static float getRiskScoreValueFromSeverityScore(float severityScore){
         }
     }
 
+    public static List<String> getUniqueValuesOfList(List<String> input){
+        if(input == null || input.isEmpty()){
+            return new ArrayList<>();
+        }
+        Set<String> copySet = new HashSet<>(input);
+        input = new ArrayList<>();
+        input.addAll(copySet);
+        return input;
+    }
+
 }
diff --git a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/observe/data_types/DataTypes.jsx b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/observe/data_types/DataTypes.jsx
@@ -157,9 +157,19 @@ function DataTypes() {
   const saveAction = async () => {
     console.log(currState)
     if (currState.dataType === 'Akto') {
+
+      const keyArr = currState.keyConditions.predicates.map(transform.convertMapFunction)
+      const valueArr = currState.valueConditions.predicates.map(transform.convertMapFunction)
+
       let obj = {
         name: currState.name,
         redacted:currState.redacted,
+        categoriesList: currState?.categoriesList || [],
+        operator: currState.operator,
+        keyConditionFromUsers: keyArr,
+        keyOperator: currState.keyConditions.operator,
+        valueConditionFromUsers: valueArr,
+        valueOperator: currState.valueConditions.operator,
         ...transform.convertToSensitiveData(currState.sensitiveState),
 
       }
@@ -310,7 +320,29 @@ function DataTypes() {
     </VerticalStack>
   )
 
-  let components = (!isNew && currState.dataType === 'Akto') ? [descriptionCard, requestCard, redactCard] : [descriptionCard, conditionsCard, requestCard, redactCard]
+  const TestTemplateCard = (
+    <VerticalStack gap="5" key="testTemplate">
+      <LegacyCard title={
+        <TitleWithInfo
+          textProps={{ variant: 'headingMd' }}
+          titleText={"Test templates"}
+          tooltipContent={"Create test template for this data type"}
+        />}
+      >
+        <div className='card-items'>
+          <InformationBannerComponent docsUrl={""} content="When enabled, test template is created and synced with this data type.">
+          </InformationBannerComponent>
+        </div>
+        <LegacyCard.Section>
+          <Checkbox label={"Create test template for this data type"} checked={!(currState.skipDataTypeTestTemplateMapping)} onChange={() => {
+            handleChange({ skipDataTypeTestTemplateMapping: !currState.skipDataTypeTestTemplateMapping })
+          }} />
+        </LegacyCard.Section>
+      </LegacyCard>
+    </VerticalStack>
+  )
+
+  let components = (!isNew && currState.dataType === 'Akto') ? [descriptionCard, conditionsCard, requestCard, redactCard] : [descriptionCard, conditionsCard, requestCard, redactCard, TestTemplateCard]
 
   return (
     <DetailsPage

diff --git a/libs/dao/src/main/java/com/akto/dto/AktoDataType.java b/libs/dao/src/main/java/com/akto/dto/AktoDataType.java
@@ -2,7 +2,10 @@
 
 import java.util.List;
 
+import com.akto.dto.data_types.Conditions;
 import com.akto.dto.type.SingleTypeInfo;
+import com.akto.util.enums.GlobalEnums.Severity;
+
 
 public class AktoDataType {
     private String name;
@@ -16,6 +19,20 @@ public class AktoDataType {
     public static final String SAMPLE_DATA_FIXED = "sampleDataFixed";
     private boolean sampleDataFixed;
 
+    public static final String CATEGORIES_LIST = "categoriesList";
+    public static final String TAGS_LIST = "tagsLists";
+    private List<String> categoriesList;
+
+    public static final String DATA_TYPE_PRIORITY = "dataTypePriority";
+    private Severity dataTypePriority;
+
+    public static final String KEY_CONDITIONS = "keyConditions";
+    Conditions keyConditions;
+    public static final String VALUE_CONDITIONS = "valueConditions";
+    Conditions valueConditions;
+    public static final String OPERATOR = "operator";
+    Conditions.Operator operator;
+
     public AktoDataType() {
     }
     public AktoDataType(String name, boolean sensitiveAlways, List<SingleTypeInfo.Position> sensitivePosition,int timestamp, IgnoreData ignoreData, boolean redacted, boolean sampleDataFixed) {
@@ -74,4 +91,54 @@ public boolean isSampleDataFixed() {
     public void setSampleDataFixed(boolean sampleDataFixed) {
         this.sampleDataFixed = sampleDataFixed;
     }
+
+    public Severity getDataTypePriority() {
+        return dataTypePriority;
+    }
+    public void setDataTypePriority(Severity dataTypePriority) {
+        this.dataTypePriority = dataTypePriority;
+    }
+
+    public List<String> getCategoriesList() {
+        return categoriesList;
+    }
+    public void setCategoriesList(List<String> categoriesList) {
+        this.categoriesList = categoriesList;
+    }
+
+    public Conditions getKeyConditions() {
+        return keyConditions;
+    }
+
+    public void setKeyConditions(Conditions keyConditions) {
+        this.keyConditions = keyConditions;
+    }
+
+    public Conditions getValueConditions() {
+        return valueConditions;
+    }
+
+    public void setValueConditions(Conditions valueConditions) {
+        this.valueConditions = valueConditions;
+    }
+
+    public Conditions.Operator getOperator() {
+        return operator;
+    }
+
+    public void setOperator(Conditions.Operator operator) {
+        this.operator = operator;
+    }
+
+    public boolean validate(Object value, Object key) {
+        try {
+            return this.validateRaw(value, key);
+        } catch (Exception e) {
+            return false;
+        }
+    }
+
+    public boolean validateRaw(Object value, Object key) throws Exception {
+        return CustomDataType.validateRawUtility(value, key, this.keyConditions, this.valueConditions, this.operator);
+    }
 }
diff --git a/libs/dao/src/main/java/com/akto/dto/CustomDataType.java b/libs/dao/src/main/java/com/akto/dto/CustomDataType.java
@@ -69,21 +69,26 @@ public boolean validate(Object value, Object key) {
     }
 
     public boolean validateRaw(Object value, Object key) throws Exception {
-        if (this.keyConditions == null && this.valueConditions==null) return false;
+        return validateRawUtility(value, key, this.keyConditions, this.valueConditions, this.operator);
+    }
+
+
+    public static boolean validateRawUtility(Object value, Object key, Conditions keyConditions, Conditions valueConditions, Conditions.Operator operator) {
+        if (keyConditions == null && valueConditions==null) return false;
         boolean keyResult = true;
-        if (this.keyConditions != null) {
-            keyResult = this.keyConditions.validate(key);
+        if (keyConditions != null) {
+            keyResult = keyConditions.validate(key);
         }
 
         boolean valueResult = true;
-        if (this.valueConditions != null) {
-            valueResult = this.valueConditions.validate(value);
+        if (valueConditions != null) {
+            valueResult = valueConditions.validate(value);
         }
 
-        if (this.valueConditions ==null || this.keyConditions == null) {
+        if (valueConditions ==null || keyConditions == null) {
             return keyResult && valueResult;
         } else {
-            switch (this.operator) {
+            switch (operator) {
                 case AND:
                     return keyResult && valueResult;
                 case OR:
@@ -95,7 +100,7 @@ public boolean validateRaw(Object value, Object key) throws Exception {
         }
 
     }
-        
+
     public ObjectId getId() {
         return id;
     }