🔀Merge branch 'main' into deployment-manager

Author: TarradeMarc

controlpanel/api/server.js

@@ -572,8 +572,10 @@ app.listen(8050, async () => {
 
         const defaultCustomer = await Customer.findOrCreate({ where: { name: 'default' }});
         const defaultApp = await createProtectedApp({ namespace: 'default', application: 'default', cu_id: defaultCustomer[0].id }); 
-        createDecoy({ pa_id: defaultApp.data.id, decoy:{decoy:{key:"x-cloud-active-defense",separator:"=",value:"ACTIVE"},inject:{store:{inResponse:".*",as:"header"}}}});
-        updateConfig({ pa_id:defaultApp.data.id, deployed: true, config:{alert:{session:{in:"cookie",key:"SESSION"}}}});
+        if (defaultApp.type == 'success') {
+            createDecoy({ pa_id: defaultApp.data.id, decoy:{decoy:{key:"x-cloud-active-defense",separator:"=",value:"ACTIVE"},inject:{store:{inResponse:".*",as:"header"}}}});
+            updateConfig({ pa_id:defaultApp.data.id, deployed: true, config:{alert:{session:{in:"cookie",key:"SESSION"}}}});
+        }
 
         if (process.env.ENVOY_API_KEY && !process.env.DEPLOYMENT_MANAGER_URL) {
             ApiKey.findOrCreate({ where: { key: process.env.ENVOY_API_KEY, permissions: ["configmanager"], pa_id: defaultApp.data.id }});

controlpanel/api/services/configmanager.js

@@ -3,6 +3,7 @@ const Config = require('../models/Config-data')
 const Decoy = require('../models/Decoy-data')
 const Blocklist = require('../models/Blocklist')
 const protectedAppService = require('./protected-app')
+const { sortBlocklistDuplicates } = require('../util/blocklist')
 
 module.exports = {
     /**
@@ -38,10 +39,12 @@ module.exports = {
             const protectedApp = await ProtectedApp.findOne({ where: { namespace, application } });
             if (!protectedApp) return { type: 'error', code: 404, message: 'Invalid namespace or application supplied' };
             if (!blocklist) return { type: 'error', code: 400, message: 'Invalid blocklist supplied' };
-            if (blocklist.blocklist && blocklist.blocklist.length)
-                Blocklist.bulkCreate(blocklist.blocklist.map(item => ({ pa_id: protectedApp.id, content: item, type: 'blocklist' })));
-            if (blocklist.throttle && blocklist.throttle.length)
-                Blocklist.bulkCreate(blocklist.throttle.map(item => ({ pa_id: protectedApp.id, content: item, type: 'throttle' })));
+            const blocklistToUpdate = await sortBlocklistDuplicates(blocklist, protectedApp.id);
+
+            if (blocklistToUpdate.blocklist && blocklistToUpdate.blocklist.length)
+                Blocklist.bulkCreate(blocklistToUpdate.blocklist.map(item => ({ pa_id: protectedApp.id, content: item, type: 'blocklist' })));
+            if (blocklistToUpdate.throttle && blocklistToUpdate.throttle.length)
+                Blocklist.bulkCreate(blocklistToUpdate.throttle.map(item => ({ pa_id: protectedApp.id, content: item, type: 'throttle' })));
             return { type: 'success', code: 200, message: 'Successful operation' };
         } catch(e) {
             throw e;

controlpanel/api/util/blocklist.js

@@ -0,0 +1,62 @@
+const Blocklist = require('../models/Blocklist')
+const { Op } = require('sequelize');
+
+async function sortBlocklistDuplicates(newBlocklist, pa_id) {
+    const finalBlocklist = [];
+    const finaleThrottlelist = [];
+    const allSources = Object.fromEntries(['SourceIp', 'Session', 'UserAgent']
+    .map(key => [key, [...newBlocklist.blocklist, ...newBlocklist.throttle].find(item => item[key])?.[key]])
+    .filter(([, value]) => value !== undefined));
+    const existingBlocklist = await Blocklist.findAll({ where: {
+        pa_id,
+        type: 'blocklist',
+        [Op.or]: Object.entries(allSources).map(([key, value]) => ({
+            [`content.${key}`]: value
+        }))}
+    });
+    const existingThrottlelist = await Blocklist.findAll({ where: {
+        pa_id,
+        type: 'throttle',
+        [Op.or]: Object.entries(allSources).map(([key, value]) => ({
+            [`content.${key}`]: value
+        }))}
+    });
+    for (const newItem of newBlocklist.blocklist) {
+        const sourceKeys = ['SourceIp', 'Session', 'UserAgent'].filter(key => newItem[key] !== undefined);
+        const match = existingBlocklist.find(existing => 
+        sourceKeys.length > 0 &&
+        sourceKeys.every(key => existing.content[key] === newItem[key]) &&
+        sourceKeys.every(key => existing.content[key] !== undefined) &&
+        sourceKeys.length === Object.keys(existing.content).filter(key => sourceKeys.includes(key) && existing.content[key] !== undefined).length);
+        if (!match) {
+            finalBlocklist.push(newItem);
+            continue;
+        }
+        if(isNewBlocklistBehaviorPriority(match, newItem)) {
+            Blocklist.destroy({ where: { id: match.id } })
+            finalBlocklist.push(newItem);
+        }
+    }
+    for (const newItem of newBlocklist.throttle) {
+        const sourceKeys = ['SourceIp', 'Session', 'UserAgent'].filter(key => newItem[key] !== undefined);
+        const match = existingThrottlelist.find(existing => 
+        sourceKeys.length > 0 &&
+        sourceKeys.every(key => existing.content[key] === newItem[key]) &&
+        sourceKeys.every(key => existing.content[key] !== undefined) &&
+        sourceKeys.length === Object.keys(existing.content).filter(key => sourceKeys.includes(key) && existing.content[key] !== undefined).length);
+        if (match && isNewBlocklistBehaviorPriority(match, newItem)) {
+            Blocklist.destroy({ where: { id: match.id } })
+            finaleThrottlelist.push(newItem);
+        }
+    }
+    return { blocklist: finalBlocklist, throttle: finaleThrottlelist };
+}
+
+function isNewBlocklistBehaviorPriority(existingBlocklist, newBlocklist) {
+    const priorities = { clone: 1, exhaust: 2, drop: 3, error: 4 };
+    return priorities[newBlocklist.Behavior] < priorities[existingBlocklist.content.Behavior]
+}
+
+module.exports = {
+    sortBlocklistDuplicates
+}

controlpanel/cad/src/app/app.routes.ts

@@ -49,11 +49,7 @@ export const routes: Routes = [{
     {
         path: ':id',
         component: AddDecoyComponent,
-        children: [{
-            path: '',
-            redirectTo: 'injection',
-            pathMatch: 'full',
-        },
+        children: [
         {
             path: 'injection',
             component: InjectionComponent,

controlpanel/cad/src/app/components/alert-action-table/alert-action-table.component.html

@@ -1,11 +1,51 @@
+<app-tooltip [showTooltip]="showTooltip"
+[title]="tooltipTitle"
+[text]="tooltipText"
+[link]="tooltipLink"
+[topPosition]="topPosition"
+[leftPosition]="leftPosition"
+(tooltipHover)="onHoverInfo()"
+(tooltipLeave)="onLeaveInfo()">
+</app-tooltip>
 <table class="action-table">
     <thead>
         <tr>
-            <th id="source">Source</th>
-            <th id="behavior">Behavior</th>
-            <th id="delay">Delay</th>
-            <th id="duration">Duration</th>
-            <th id="property">Property</th>
+            <th id="source">
+                Source
+                <img class="info-icon" src="info.svg"
+                (mouseenter)="onHoverInfo('source', 'Defines what to look for in subsequent request(s)', 'https://github.com/SAP/cloud-active-defense/wiki/Detect#source', $event)"
+                (mouseout)="onLeaveInfo()"
+                />
+            </th>
+            
+            <th id="behavior">
+                Behavior
+                <img class="info-icon" src="info.svg"
+                (mouseenter)="onHoverInfo('behavior', 'What will happen to requests matching with what is specified in the source field', 'https://github.com/SAP/cloud-active-defense/wiki/Detect#behavior', $event)"
+                (mouseout)="onLeaveInfo()"
+                />
+            </th>
+            <th id="delay">
+                Delay
+                <img class="info-icon" src="info.svg"
+                (mouseenter)="onHoverInfo('delay', 'The number of seconds / minutes / hours to wait before applying the response. \'n\' is for \'now\' (no delay)', 'https://github.com/SAP/cloud-active-defense/wiki/Detect#delay', $event)"
+                (mouseout)="onLeaveInfo()"
+                />
+            </th>
+            <th id="duration">
+                Duration
+                <img class="info-icon" src="info.svg"
+                (mouseenter)="onHoverInfo('duration', 'The number of seconds / minutes / hours the response will be applied before expiring. \'d\' is for the default/recommanded maximum value of time and \'f\' is for \'forever\' (infinite duration)', 'https://github.com/SAP/cloud-active-defense/wiki/Detect#duration', $event)"
+                (mouseout)="onLeaveInfo()"
+                />
+            </th>
+            <th id="property">
+                Property
+                <img class="info-icon" src="info.svg"
+                (mouseenter)="onHoverInfo('property', 'How many seconds to throttle the request. Can only be in seconds and can be a range of seconds when using \'-\' (e.g. 20-60)', 'https://github.com/SAP/cloud-active-defense/wiki/Detect#property', $event)"
+                (mouseout)="onLeaveInfo()"
+                />
+            </th>
             <th class="end-action"></th>
         </tr>
         <tr class="tr-separator"><td class="row-separator" colspan="6"><hr class="head-separator"/></td></tr>
@@ -34,19 +74,20 @@
             </td>
             <td>
                 <div class="table-form-inputception">
-                    <input class="input-action-table inner-input" type="text" name="duration" id="duration" [(ngModel)]="action.duration" (input)="onItemChange()" [disabled]="action.durationExtension == 'forever' || !isEdit" appOnlyNumbers>
+                    <input class="input-action-table inner-input" type="text" name="duration" id="duration" [(ngModel)]="action.formDuration" (input)="onItemChange()" [disabled]="action.durationExtension == 'forever' || !isEdit" appOnlyNumbers>
                     <select class="inner-select" name="durationExtension" id="durationExtension" [(ngModel)]="action.durationExtension" (change)="onDurationExtensionChange(action.durationExtension, i); onItemChange()" [disabled]="!isEdit">
                         <option value="s">s</option>
                         <option value="m">m</option>
                         <option value="h">h</option>
+                        <option value="default">d</option>
                         <option value="forever">f</option>
                     </select>
                 </div>
             </td>
             <td><input class="input-action-table" type="text" name="property" id="property" [(ngModel)]="action.property" (input)="onItemChange()" [disabled]="action.behavior != 'throttle' || !isEdit" appOnlyValidRespondProperty></td>
             <td class="end-action">
                 <button (click)="onClickDeleteAction(i)" class="action-delete-btn" [disabled]="!isEdit">
-                    <div class="action-delete-icon" [ngStyle]="{ backgroundColor: !isEdit ? 'grey' : 'black' }"></div>
+                    <div class="action-delete-icon" [ngClass]="{ 'disable-action-delete-icon': !isEdit }"></div>
                 </button>
             </td>
        </tr>

controlpanel/cad/src/app/components/alert-action-table/alert-action-table.component.scss

@@ -15,6 +15,12 @@
         th {
             text-align: start;
             padding: 0.2rem 0.5rem;
+            .info-icon {
+                height: 14px;
+                align-self: flex-start;
+                margin-top: -5px;
+                cursor: default;
+            }
         }
         .end-action {
             box-sizing: content-box;
@@ -66,26 +72,50 @@
                 border: none;
                 border-radius: 5px;
                 padding: 0.2rem 0;
+                cursor: pointer;
                 .add-action-icon {
                     margin: 0 auto;
                     mask: url('../../../../public/add.svg') no-repeat center; 
                     width: 24px; 
                     height: 24px; 
                     background-color: #FFF;
                 }
+                &:disabled {
+                    cursor: default;
+                    background-color: #C5C1C8;
+                }
+                &:disabled .add-action-icon {
+                    background-color: #86838A;
+                }
+            
+                &:not(:disabled):hover {
+                    opacity: 0.9;
+                    box-shadow: 0px 1px 3px rgba(0, 0, 0, 0.12), 
+                                0px 1px 2px rgba(0, 0, 0, 0.24);
+                }
             }
         }
         .action-delete-btn {
             cursor: pointer;
             border: 0;
             background-color: transparent;
+            &:disabled {
+                cursor: default;
+            }
+            &:not(:disabled):hover .action-delete-icon {
+                background-color: red;
+            }
         }
         .action-delete-icon {
             margin: 0 auto;
             mask: url('../../../../public/delete.svg') no-repeat center; 
             width: 24px; 
             height: 24px; 
             background-color: black;
+            transition: background-color 0.3s ease;
+        }
+        .disable-action-delete-icon {
+            background-color: #86838A;
         }
 
     }

controlpanel/cad/src/app/components/alert-action-table/alert-action-table.component.ts

@@ -5,15 +5,17 @@ import { DelayType, DurationType, RespondType } from '../../models/decoy';
 import { FormsModule } from '@angular/forms';
 import { OnlyNumbersDirective } from '../../directives/only-numbers.directive';
 import { OnlyValidRespondPropertyDirective } from '../../directives/only-valid-respond-property.directive';
+import { TooltipComponent } from '../tooltip/tooltip.component';
 
 export interface FormRespond extends RespondType {
   delayExtension: 's' | 'm' | 'h' | 'now',
-  durationExtension: 's' | 'm' | 'h' | 'forever'
+  durationExtension: 's' | 'm' | 'h' | 'forever' | 'default',
+  formDuration?: DurationType | number | undefined
 }
 
 @Component({
     selector: 'app-alert-action-table',
-    imports: [CommonModule, SourceSelectComponent, FormsModule, OnlyNumbersDirective, OnlyValidRespondPropertyDirective],
+    imports: [CommonModule, SourceSelectComponent, FormsModule, OnlyNumbersDirective, OnlyValidRespondPropertyDirective, TooltipComponent],
     templateUrl: './alert-action-table.component.html',
     styleUrl: './alert-action-table.component.scss'
 })
@@ -22,6 +24,37 @@ export class AlertActionTableComponent {
   @Output() actionArrayChange = new EventEmitter<FormRespond[]>();
   @Input() isEdit = true;
 
+  //#region Tooltip
+  tooltipTitle = '';
+  showTooltip = false;
+  tooltipText = '';
+  tooltipLink = '';
+  topPosition: any;
+  leftPosition: any;
+  tooltipTimeout:any;
+
+  onHoverInfo(tooltipTitle?: string, tooltipText?: string, tooltipLink?: string, e?: MouseEvent) {
+    clearTimeout(this.tooltipTimeout);
+    this.showTooltip = true;
+    if (tooltipTitle) this.tooltipTitle = tooltipTitle;
+    if (tooltipText) this.tooltipText = tooltipText;
+    if (tooltipLink) this.tooltipLink = tooltipLink;
+    if (e) {
+      this.topPosition = e.clientY ?? this.topPosition;
+      this.leftPosition = e.clientX ?? this.leftPosition;
+    }
+  }
+  onLeaveInfo() {
+    this.tooltipTimeout = setTimeout(() => {
+      this.showTooltip = false;
+      this.tooltipText = '';
+      this.topPosition = null;
+      this.leftPosition = null;
+    }, 100)
+  }
+//#endregion
+
+
   onClickAddAction() {
     this.actionArray.push({ source: '', behavior: 'error', delayExtension: 's', durationExtension: 's' });
     this.actionArrayChange.emit(this.actionArray);
@@ -46,9 +79,27 @@ export class AlertActionTableComponent {
     if (newExtension == 'now') this.actionArray[index].delay = 'now';
     else if (this.actionArray[index].delay == 'now') this.actionArray[index].delay = undefined;
   }
-  onDurationExtensionChange(newExtension: 's' | 'm' | 'h' | 'forever', index: number) {
-    if (newExtension == 'forever') this.actionArray[index].duration = 'forever';
-    else if (this.actionArray[index].duration == 'forever') this.actionArray[index].duration = undefined;
+  onDurationExtensionChange(newExtension: 's' | 'm' | 'h' | 'default' | 'forever', index: number) {
+    if (newExtension == 'default') {
+      if (this.actionArray[index].source.includes('userAgent')) {
+        this.actionArray[index].durationExtension = 'h';
+        this.actionArray[index].formDuration = 720;
+      }
+      else if (this.actionArray[index].source.includes('ip')) {
+        this.actionArray[index].durationExtension = 'h';
+        this.actionArray[index].formDuration = 48;
+      }
+      else if (this.actionArray[index].source.includes('session')) {
+        this.actionArray[index].durationExtension = 'h';
+        this.actionArray[index].formDuration = 24;
+      }
+      else {
+        this.actionArray[index].durationExtension = 'h';
+        this.actionArray[index].formDuration = 720;
+      }
+    }
+    if (newExtension == 'forever') this.actionArray[index].formDuration = 'forever';
+    else if (this.actionArray[index].formDuration == 'forever') this.actionArray[index].formDuration = undefined;
   }
 
   sourceToArray(source: string) {

controlpanel/cad/src/app/components/injection-when-table/injection-when-table.component.html

@@ -26,7 +26,7 @@
             <td class="when-type"><input class="" type="checkbox" name="type" id="type" [(ngModel)]="when.type" (change)="onItemChange()" [disabled]="!isEdit"></td>
             <td class="end-when">
                 <button (click)="onClickDeleteWhen(i)" class="when-delete-btn" [disabled]="!isEdit">
-                    <div class="when-delete-icon" [ngStyle]="{ backgroundColor: !isEdit ? 'grey' : 'black' }"></div>
+                    <div class="when-delete-icon" [ngClass]="{ 'disable-when-delete-icon': !isEdit }"></div>
                 </button>
             </td>
        </tr>