Merge pull request #323 from akto-api-security/develop

Develop

apps/dashboard/package.json

@@ -38,6 +38,7 @@
     "file-saver": "^2.0.5",
     "highcharts": "^9.0.1",
     "highcharts-vue": "^1.0.4",
+    "monaco-editor": "^0.38.0",
     "react": "17.0.2",
     "react-dom": "17.0.2",
     "react-flow-renderer": "^10.3.12",

apps/dashboard/src/main/java/com/akto/action/growth_tools/PublicApiAction.java

@@ -0,0 +1,37 @@
+package com.akto.action.growth_tools;
+
+import com.akto.action.UserAction;
+import com.akto.dao.AccountsDao;
+import com.akto.dto.Account;
+
+import java.util.List;
+
+public class PublicApiAction extends UserAction {
+
+    private String check;
+    private List<Account> accounts;
+
+    @Override
+    public String execute() throws Exception{
+        check = "abcd";
+        accounts = AccountsDao.instance.getAllAccounts();
+        //curl api/createTest
+        return SUCCESS.toUpperCase();
+    }
+
+    public String getCheck() {
+        return check;
+    }
+
+    public void setCheck(String check) {
+        this.check = check;
+    }
+
+    public List<Account> getAccounts() {
+        return accounts;
+    }
+
+    public void setAccounts(List<Account> accounts) {
+        this.accounts = accounts;
+    }
+}

apps/dashboard/src/main/java/com/akto/action/test_editor/SaveTestEditorAction.java

@@ -1,13 +1,38 @@
 package com.akto.action.test_editor;
 
+import com.akto.DaoInit;
 import com.akto.action.UserAction;
+import com.akto.action.testing.StartTestAction;
 import com.akto.dao.context.Context;
 import com.akto.dao.test_editor.TestConfigYamlParser;
 import com.akto.dao.test_editor.YamlTemplateDao;
+import com.akto.dao.testing.TestingRunResultDao;
+import com.akto.dto.ApiInfo;
+import com.akto.dto.User;
+import com.akto.dto.test_editor.Category;
 import com.akto.dto.test_editor.TestConfig;
 import com.akto.dto.test_editor.YamlTemplate;
+import com.akto.dto.testing.TestingEndpoints;
+import com.akto.dto.testing.TestingRunResult;
+import com.akto.dto.type.URLMethods;
+import com.akto.util.Constants;
+import com.akto.util.enums.GlobalEnums;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.dataformat.yaml.YAMLFactory;
+import com.mongodb.BasicDBObject;
+import com.mongodb.ConnectionString;
 import com.mongodb.client.model.Filters;
 import com.mongodb.client.model.Updates;
+import org.bson.conversions.Bson;
+import org.bson.types.ObjectId;
+
+import java.io.File;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+import java.util.*;
+
+import static com.akto.util.enums.GlobalEnums.YamlTemplateSource;
 
 public class SaveTestEditorAction extends UserAction {
 
@@ -16,9 +41,103 @@ public String execute() throws Exception {
         return super.execute();
     }
 
-    String content;
+    private String content;
+    private String testingRunHexId;
+    private BasicDBObject apiInfoKey;
+    private TestingRunResult testingRunResult;
+    private GlobalEnums.TestCategory testCategory;
+    private String testId;
+    public String fetchTestingRunResultFromTestingRun() {
+        if (testingRunHexId == null) {
+            addActionError("testingRunHexId is null");
+            return ERROR.toUpperCase();
+        }
+
+        ObjectId testRunId = new ObjectId(testingRunHexId);
+
+        this.testingRunResult = TestingRunResultDao.instance.findOne(Filters.eq(TestingRunResult.TEST_RUN_ID, testRunId));
+        return SUCCESS.toUpperCase();
+    }
+
     public String saveTestEditorFile() {
-        TestConfig testConfig = null;
+        TestConfig testConfig;
+        try {
+            ObjectMapper mapper = new ObjectMapper(new YAMLFactory());
+
+            Map<String, Object> config = mapper.readValue(content, Map.class);
+            String originalIDFromContent = (String) config.get("id");
+            if (!testId.equals(originalIDFromContent)) {
+                YamlTemplate yamlTemplate = YamlTemplateDao.instance.findOne(Filters.eq(Constants.ID, testId));
+                if (yamlTemplate != null && yamlTemplate.getSource() == YamlTemplateSource.CUSTOM) {//custom template with same name exists
+                    addActionError("Cannot save template as template with same id exists, specify a different test id");
+                    return ERROR.toUpperCase();
+                }
+            }
+            config.replace("id", testId);
+
+            Object info = config.get("info");
+            String testName; 
+            if (info != null) {
+                Map<String, Object> infoMap = (Map<String, Object>) info;
+                Object category = infoMap.get("category");
+                testName = infoMap.get("name").toString();
+                infoMap.replace("subCategory", testId);
+                Bson filters = Filters.and(
+                    Filters.eq("info.name", testName),
+                    Filters.ne("source", "CUSTOM")
+                );
+                YamlTemplate template = YamlTemplateDao.instance.findOne(filters);
+                if (template != null) {
+                    addActionError("Cannot save template, specify a differnet test name under info tab");
+                    return ERROR.toUpperCase();
+                }
+                if (category != null) {
+                    Map<String, Object> categoryMap = (Map<String, Object>) category;
+                    categoryMap.replace("name", testCategory.getName());
+                    categoryMap.replace("displayName", testCategory.getDisplayName());
+                    categoryMap.replace("shortName", testCategory.getShortName());
+                }
+            }
+            this.content = mapper.writeValueAsString(config);
+            testConfig = TestConfigYamlParser.parseTemplate(content);
+//            testConfig.setId(testId);
+//            Category category = new Category(testCategory.getName(), testCategory.getDisplayName(), testCategory.getShortName());
+//            testConfig.getInfo().setCategory(category);
+        } catch (Exception e) {
+            e.printStackTrace();
+            addActionError(e.getMessage());
+            return ERROR.toUpperCase();
+        }
+
+        String id = testConfig.getId();
+
+        int createdAt = Context.now();
+        int updatedAt = Context.now();
+        String author = getSUser().getLogin();
+
+
+        YamlTemplate template = YamlTemplateDao.instance.findOne(Filters.eq("_id", id));
+        if (template == null || template.getSource() == YamlTemplateSource.CUSTOM) {
+            YamlTemplateDao.instance.updateOne(
+                    Filters.eq("_id", id),
+                    Updates.combine(
+                            Updates.setOnInsert(YamlTemplate.CREATED_AT, createdAt),
+                            Updates.setOnInsert(YamlTemplate.AUTHOR, author),
+                            Updates.set(YamlTemplate.UPDATED_AT, updatedAt),
+                            Updates.set(YamlTemplate.CONTENT, content),
+                            Updates.set(YamlTemplate.INFO, testConfig.getInfo()),
+                            Updates.setOnInsert(YamlTemplate.SOURCE, YamlTemplateSource.CUSTOM)
+                    )
+            );
+        } else {
+            addActionError("Cannot save template, specify a different test id");
+            return ERROR.toUpperCase();
+        }
+        return SUCCESS.toUpperCase();
+    }
+
+    public String runTestForGivenTemplate() {
+        TestConfig testConfig;
         try {
             testConfig = TestConfigYamlParser.parseTemplate(content);
         } catch (Exception e) {
@@ -32,27 +151,126 @@ public String saveTestEditorFile() {
             return ERROR.toUpperCase();
         }
 
-        String id = testConfig.getId();
+        if (apiInfoKey == null) {
+            addActionError("apiInfoKey is null");
+            return ERROR.toUpperCase();
+        }
 
-        int createdAt = Context.now();
-        int updatedAt = Context.now();
-        String author = getSUser().getLogin();
+        String id = testConfig.getId();
+        YamlTemplate template = YamlTemplateDao.instance.findOne(Filters.eq("_id", id));
+        if (template == null) {
+            addActionError("template does not exists");
+            return ERROR.toUpperCase();
+        }
 
-        YamlTemplateDao.instance.updateOne(
-                Filters.eq("_id", id),
-                Updates.combine(
-                        Updates.setOnInsert(YamlTemplate.CREATED_AT, createdAt),
-                        Updates.setOnInsert(YamlTemplate.AUTHOR, author),
-                        Updates.set(YamlTemplate.UPDATED_AT, updatedAt),
-                        Updates.set(YamlTemplate.CONTENT, content),
-                        Updates.set(YamlTemplate.INFO, testConfig.getInfo())
-                )
-        );
+//        int createdAt = Context.now();
+//        int updatedAt = Context.now();
+//        String author = getSUser().getLogin();
+//
+//
+//        //todo: @shivam modify this part when yaml template is bootstrapped via script in RuntimeInitializer
+//        YamlTemplateSource source = templateSource == null? YamlTemplateSource.AKTO_TEMPLATES : YamlTemplateSource.valueOf(templateSource);
+//        if (template == null || template.getSource() == YamlTemplateSource.CUSTOM || source == YamlTemplateSource.AKTO_TEMPLATES) {
+//            YamlTemplateDao.instance.updateOne(
+//                    Filters.eq("_id", id),
+//                    Updates.combine(
+//                            Updates.setOnInsert(YamlTemplate.CREATED_AT, createdAt),
+//                            Updates.setOnInsert(YamlTemplate.AUTHOR, author),
+//                            Updates.set(YamlTemplate.UPDATED_AT, updatedAt),
+//                            Updates.set(YamlTemplate.CONTENT, content),
+//                            Updates.set(YamlTemplate.INFO, testConfig.getInfo()),
+//                            Updates.set(YamlTemplate.SOURCE, source)
+//                    )
+//            );
+//        }
 
+        ApiInfo.ApiInfoKey infoKey = new ApiInfo.ApiInfoKey(apiInfoKey.getInt(ApiInfo.ApiInfoKey.API_COLLECTION_ID),
+                apiInfoKey.getString(ApiInfo.ApiInfoKey.URL),
+                URLMethods.Method.valueOf(apiInfoKey.getString(ApiInfo.ApiInfoKey.METHOD)));
+        StartTestAction testAction = new StartTestAction();
+        testAction.setTriggeredBy("test_editor");
+        testAction.setSession(getSession());
+        testAction.setRecurringDaily(false);
+        testAction.setApiInfoKeyList(Collections.singletonList(infoKey));//default id
+        testAction.setType(TestingEndpoints.Type.CUSTOM);
+        List<String> idList = new ArrayList<>();
+        idList.add(id);
+        testAction.setSelectedTests(idList);
+        testAction.startTest();
+        this.setTestingRunHexId(testAction.getTestingRunHexId());
         return SUCCESS.toUpperCase();
     }
 
+    public static void showFile(File file, List<String> files) {
+        if (!file.isDirectory()) {
+            files.add(file.getAbsolutePath());
+        }
+    }
+
+    public static void main(String[] args) throws Exception {
+        DaoInit.init(new ConnectionString("mongodb://localhost:27017/admini"));
+        Context.accountId.set(1_000_000);
+        String folderPath = "/Users/shivamrawat/akto_code_openSource/akto/libs/dao/src/main/java/com/akto/dao/test_editor/inbuilt_test_yaml_files";
+        Path dir = Paths.get(folderPath);
+        List<String> files = new ArrayList<>();
+        Files.walk(dir).forEach(path -> showFile(path.toFile(), files));
+        for (String filePath : files) {
+            System.out.println(filePath);
+            List<String> lines = Files.readAllLines(Paths.get(filePath));
+            String content  = String.join("\n", lines);
+            SaveTestEditorAction saveTestEditorAction = new SaveTestEditorAction();
+            saveTestEditorAction.setContent(content);
+            Map<String,Object> session = new HashMap<>();
+            User user = new User();
+            user.setLogin("AKTO");
+            session.put("user",user);
+            saveTestEditorAction.setSession(session);
+            String success = SUCCESS.toUpperCase();
+            System.out.println(success);
+        }
+    }
+
     public void setContent(String content) {
         this.content = content;
     }
+
+    public String getTestingRunHexId() {
+        return testingRunHexId;
+    }
+
+    public void setTestingRunHexId(String testingRunHexId) {
+        this.testingRunHexId = testingRunHexId;
+    }
+
+    public BasicDBObject getApiInfoKey() {
+        return apiInfoKey;
+    }
+
+    public void setApiInfoKey(BasicDBObject apiInfoKey) {
+        this.apiInfoKey = apiInfoKey;
+    }
+
+    public TestingRunResult getTestingRunResult() {
+        return testingRunResult;
+    }
+
+    public void setTestingRunResult(TestingRunResult testingRunResult) {
+        this.testingRunResult = testingRunResult;
+    }
+
+    public GlobalEnums.TestCategory getTestCategory() {
+        return testCategory;
+    }
+
+    public void setTestCategory(GlobalEnums.TestCategory testCategory) {
+        this.testCategory = testCategory;
+    }
+
+    public String getTestId() {
+        return testId;
+    }
+
+    public void setTestId(String testId) {
+        this.testId = testId;
+    }
 }

apps/dashboard/src/main/java/com/akto/action/testing/MarketplaceAction.java

@@ -66,7 +66,7 @@ private void searchUtilityFunction(){
         this.categories = GlobalEnums.TestCategory.values();
         Bson filters = Filters.empty();
 
-        Map<String, TestConfig> testConfigMap  = YamlTemplateDao.instance.fetchTestConfigMap();
+        Map<String, TestConfig> testConfigMap  = YamlTemplateDao.instance.fetchTestConfigMap(false);
         this.searchText = this.searchText.toLowerCase();
 
         for (Map.Entry<String, TestConfig> entry : testConfigMap.entrySet()) {

apps/dashboard/src/main/java/com/akto/action/testing/StartTestAction.java

@@ -56,6 +56,7 @@ public class StartTestAction extends UserAction {
     private String testName;
     private Map<String,String> metadata;
     private boolean fetchCicd;
+    private String triggeredBy;
 
     private static final LoggerMaker loggerMaker = new LoggerMaker(StartTestAction.class);
 
@@ -131,6 +132,9 @@ public String startTest() {
         if(localTestingRun==null){
             try {
                 localTestingRun = createTestingRun(scheduleTimestamp, this.recurringDaily ? 86400 : 0);
+                if (triggeredBy.length() > 0) {
+                    localTestingRun.setTriggeredBy(triggeredBy);
+                }
             } catch (Exception e){
                 loggerMaker.errorAndAddToDb(e.toString(), LogDb.DASHBOARD);
             }
@@ -218,7 +222,8 @@ public String retrieveAllCollectionTests() {
             Bson filterQ = Filters.and(
                 Filters.lte(TestingRun.SCHEDULE_TIMESTAMP, this.endTimestamp),
                 Filters.gte(TestingRun.SCHEDULE_TIMESTAMP, this.startTimestamp),
-                Filters.nin(Constants.ID,getCicdTests())
+                Filters.nin(Constants.ID,getCicdTests()),
+                Filters.ne("triggeredBy", "test_editor")
             );
             testingRuns = TestingRunDao.instance.findAll(filterQ);
         }
@@ -493,6 +498,14 @@ public void setSource(CallSource source) {
         this.source = source;
     }
 
+    public String getTriggeredBy() {
+        return triggeredBy;
+    }
+
+    public void setTriggeredBy(String triggeredBy) {
+        this.triggeredBy = triggeredBy;
+    }
+
     public enum CallSource{
         TESTING_UI,
         AKTO_GPT;