morning updates

Author: phrocker

api/src/main/java/io/sentrius/sso/controllers/api/UserApiController.java

@@ -6,27 +6,33 @@
 import java.util.List;
 import java.util.Map;
 import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.JsonNode;
 import com.fasterxml.jackson.databind.node.BooleanNode;
 import com.fasterxml.jackson.databind.node.IntNode;
 import com.fasterxml.jackson.databind.node.ObjectNode;
 import com.fasterxml.jackson.databind.node.TextNode;
 import io.sentrius.sso.core.annotations.LimitAccess;
 import io.sentrius.sso.core.annotations.Model;
 import io.sentrius.sso.core.controllers.BaseController;
+import io.sentrius.sso.core.model.HostSystem;
 import io.sentrius.sso.core.model.security.UserType;
 import io.sentrius.sso.core.model.users.User;
 import io.sentrius.sso.core.model.dto.UserDTO;
 import io.sentrius.sso.core.model.dto.UserTypeDTO;
 import io.sentrius.sso.core.model.security.enums.UserAccessEnum;
 import io.sentrius.sso.core.model.users.UserConfig;
 import io.sentrius.sso.core.model.users.UserSettings;
+import io.sentrius.sso.core.model.zt.OpsZeroTrustAcessTokenRequest;
+import io.sentrius.sso.core.model.zt.ZeroTrustAccessTokenRequest;
 import io.sentrius.sso.core.security.service.CryptoService;
 import io.sentrius.sso.core.services.ErrorOutputService;
 import io.sentrius.sso.core.services.SessionService;
 import io.sentrius.sso.core.services.UserCustomizationService;
 import io.sentrius.sso.core.services.UserService;
 import io.sentrius.sso.core.services.HostGroupService;
 import io.sentrius.sso.core.config.SystemOptions;
+import io.sentrius.sso.core.services.ZeroTrustAccessTokenService;
+import io.sentrius.sso.core.services.ZeroTrustRequestService;
 import io.sentrius.sso.core.utils.JsonUtil;
 import io.sentrius.sso.core.utils.MessagingUtil;
 import jakarta.servlet.http.HttpServletRequest;
@@ -37,6 +43,7 @@
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.ModelAttribute;
 import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
 
@@ -51,6 +58,8 @@ public class UserApiController extends BaseController {
     final CryptoService  cryptoService;
     private final MessagingUtil messagingUtil;
     final UserCustomizationService userThemeService;
+    final ZeroTrustRequestService ztatRequestService;
+    final ZeroTrustAccessTokenService ztatService;
 
     static Map<String, Field> fields = new HashMap<>();
     static {
@@ -66,14 +75,18 @@ protected UserApiController(UserService userService, SystemOptions systemOptions
                                 HostGroupService hostGroupService, CryptoService  cryptoService,
                                 MessagingUtil messagingUtil,
                                 UserCustomizationService userThemeService,
-                                SessionService sessionService
+                                SessionService sessionService,
+                                ZeroTrustRequestService ztatRequestService,
+                                ZeroTrustAccessTokenService ztatService
     ) {
         super(userService, systemOptions, errorOutputService);
         this.hostGroupService =     hostGroupService;
         this.cryptoService = cryptoService;
         this.messagingUtil = messagingUtil;
         this.userThemeService = userThemeService;
         this.sessionService = sessionService;
+        this.ztatRequestService = ztatRequestService;
+        this.ztatService = ztatService;
     }
 
     @GetMapping("list")
@@ -117,7 +130,6 @@ public String deleteUser(@RequestParam("userId") String userId) throws GeneralSe
     }
 
     @PostMapping("/settings")
-    @LimitAccess(userAccess = {UserAccessEnum.CAN_EDIT_USERS})
     public String updateUser(HttpServletRequest request, HttpServletResponse response ) throws JsonProcessingException {
         var user = userService.getOperatingUser(request,response, null);
 
@@ -163,6 +175,18 @@ public String updateUser(HttpServletRequest request, HttpServletResponse respons
         return "redirect:/sso/v1/users/settings?message=" + MessagingUtil.getMessageId(MessagingUtil.SETTINGS_UPDATED);
     }
 
+    @PostMapping("/settings/workhours")
+    public String updateWorkhours(HttpServletRequest request, HttpServletResponse response,
+                                  @RequestBody JsonNode body) throws JsonProcessingException {
+        log.info("Updating work hours: {}", body);
+        /*
+        var reason = ztatService.createReason("Updating work hours", "Updating work hours", "");
+        var ztatRequest = ztatService.createOpsRequest("Updating work hours", "Updating work hours",
+         reason,   userService.getOperatingUser(request,response, null));
+        ztatRequestService.createOpsTATRequest(ztatRequest);*/
+        return "";
+    }
+
     @GetMapping("/types/list")
     @LimitAccess(userAccess = {UserAccessEnum.CAN_MANAGE_USERS})
     public ResponseEntity<List<UserTypeDTO>> getUserTypes() throws GeneralSecurityException {

api/src/main/resources/db/migration/V16__add_ops_summary.sql

@@ -0,0 +1,3 @@
+
+ALTER TABLE operations_request
+    ADD COLUMN summary TEXT;

api/src/main/resources/templates/sso/users/user_settings.html

@@ -9,12 +9,19 @@
         /* Centering the form container */
         .center-container {
             display: flex;
-            justify-content: center;
+            flex-direction: column; /* Stack elements vertically */
             align-items: center;
-            height: calc(100vh - 80px); /* Full viewport height minus space for navbar */
+            width: 100%; /* Ensure full width usage */
             padding: 20px;
         }
 
+        .form-section {
+            width: 100%; /* Prevent side-by-side layout */
+            max-width: 600px; /* Optional: Match the width of the form */
+            margin-bottom: 20px; /* Space between form and table */
+        }
+
+
         /* Limit form width for better UX */
         .settings-form {
             max-width: 500px;
@@ -49,6 +56,11 @@
         .submit_btn {
             width: 100%; /* Full-width button */
         }
+
+        .settings-form table,
+        .table {
+            margin-bottom: 10px; /* Reduce spacing between tables */
+        }
     </style>
     <title>[[${systemOptions.systemLogoName}]] - User Settings</title>
 </head>
@@ -66,6 +78,7 @@
 
                 <!-- Centered form container -->
                 <div class="center-container">
+                    <h2>Your Settings</h2>
                     <form th:action="@{/api/v1/users/settings}" method="post" class="settings-form" autocomplete="off">
                         <input type="hidden" name="_csrf" th:value="${_csrf.token}" />
 
@@ -91,8 +104,9 @@
                         <button type="submit" class="btn btn-primary submit_btn">Save</button>
                     </form>
 
+                <div class="form-section">
                     <br />
-                    <h3>Work Hours</h3>
+                    <h2>Work Hours</h2>
                     <table class="table table-dark table-striped">
                         <thead>
                         <tr>
@@ -152,7 +166,7 @@ <h3>Work Hours</h3>
                 }
             });
 
-            fetch('/api/v1/user/workhours', {
+            fetch('/api/v1/users/settings/workhours', {
                 method: 'POST',
                 headers: { 'Content-Type': 'application/json' },
                 body: JSON.stringify(workHours)

api/src/main/resources/templates/sso/ztats/view_ztats.html

@@ -108,7 +108,7 @@ <h2 class="toast-header">Trust AT (TAT) Management</h2>
                                         </thead>
                                         <tbody>
                                         <tr th:each="s : ${openOpsTats}">
-                                            <td th:text="${s.command}"></td>
+                                            <td th:text="${s.summary}"></td>
                                             <td th:text="${s.userName}"></td>
                                             <td>
                                                 <button th:id="'ops_app_btn_' + ${s.id}" class="icon-btn ops_app_btn" th:if="${canApprove}">✅</button>

core/src/main/java/io/sentrius/sso/core/model/dto/JITTrackerDTO.java

@@ -12,6 +12,7 @@ public class JITTrackerDTO {
     private Long id;
     @Builder.Default
     private String status = "Open";
+    private String summary;
     private String command;
     private String commandHash;
     private String userName;

core/src/main/java/io/sentrius/sso/core/model/zt/OpsZeroTrustAcessTokenRequest.java

@@ -38,6 +38,9 @@ public class OpsZeroTrustAcessTokenRequest {
     @Column(name = "command", nullable = false)
     private String command;
 
+    @Column(name = "summary", columnDefinition = "TEXT")
+    private String summary;
+
     @Column(name = "command_hash", nullable = false)
     private String commandHash;
 

core/src/main/java/io/sentrius/sso/core/services/ZeroTrustAccessTokenService.java

@@ -68,6 +68,25 @@ public ZeroTrustAccessTokenRequest createRequest(
     return request;
   }
 
+  public OpsZeroTrustAcessTokenRequest createOpsRequest(
+      @NonNull String summary,
+      @NonNull String command,
+      @NonNull ZeroTrustAccessTokenReason reason,
+      @NonNull User user){
+
+    OpsZeroTrustAcessTokenRequest request =
+        OpsZeroTrustAcessTokenRequest.builder()
+            .command(command)
+            .ztatReason(reason)
+            .user(user)
+            .commandHash(ZTATUtils.getCommandHash(command))
+            .summary(summary)
+            .lastUpdated(new Timestamp(System.currentTimeMillis()))
+            .build();
+    return request;
+  }
+
+
 
   public boolean isApproved(
       @NonNull String command, @NonNull User user , @NonNull HostSystem system)

core/src/main/java/io/sentrius/sso/core/services/ZeroTrustRequestService.java

@@ -64,7 +64,19 @@ public OpsZeroTrustAcessTokenRequest getOpsAccessTokenRequestById(Long ztatId) {
     }
 
     @Transactional
-    public ZeroTrustAccessTokenRequest createJITRequest(ZeroTrustAccessTokenRequest ztatRequest) {
+    public OpsZeroTrustAcessTokenRequest createOpsTATRequest(OpsZeroTrustAcessTokenRequest ztatRequest) {
+        try {
+            OpsZeroTrustAcessTokenRequest savedRequest = opsJITRequestRepository.save(ztatRequest);
+            log.info("JITRequest created: {}", savedRequest);
+            return savedRequest;
+        } catch (Exception e) {
+            log.error("Error while creating JITRequest", e);
+            throw new RuntimeException("Failed to create JITRequest", e);
+        }
+    }
+
+    @Transactional
+    public ZeroTrustAccessTokenRequest createTATRequest(ZeroTrustAccessTokenRequest ztatRequest) {
         try {
             ZeroTrustAccessTokenRequest savedRequest = ztatRequestRepository.save(ztatRequest);
             log.info("JITRequest created: {}", savedRequest);
@@ -308,6 +320,7 @@ private JITTrackerDTO convertToDTO(ZeroTrustAccessTokenRequest request) {
     private JITTrackerDTO convertToDTO(OpsZeroTrustAcessTokenRequest request) {
         return JITTrackerDTO.builder()
             .id(request.getId())
+            .summary(request.getSummary())
             .command(request.getCommand())
             .commandHash(request.getCommandHash())
             .userName(request.getUser().getUsername())