fixup chat gpt

.gcp.env

@@ -1,4 +1,4 @@
-SENTRIUS_VERSION=1.0.33
+SENTRIUS_VERSION=1.0.34
 SENTRIUS_SSH_VERSION=1.0.3
 SENTRIUS_KEYCLOAK_VERSION=1.0.4
-SENTRIUS_AGENT_VERSION=1.0.14
+SENTRIUS_AGENT_VERSION=1.0.15

api/src/main/java/io/sentrius/sso/controllers/api/RuleApiController.java

@@ -4,6 +4,7 @@
 import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
+import java.util.Optional;
 import java.util.Set;
 import java.util.stream.Collectors;
 import io.sentrius.sso.core.annotations.LimitAccess;
@@ -181,7 +182,12 @@ public ResponseEntity<String> assignConfig(HttpServletRequest request, HttpServl
 
         Set<HostGroup> selectedHostGroups = new HashSet<>();
         for(var groupId : (List<String>)hostGroups){
+
             var group = hostGroupService.getHostGroupWithHostSystems(user, Long.parseLong(groupId));
+            // for application managers they should have the ability to assign groups
+            if (!group.isPresent() && AccessUtil.canAccess(user, ApplicationAccessEnum.CAN_MANAGE_APPLICATION)) {
+                group = Optional.of( hostGroupService.getHostGroup(Long.parseLong(groupId)) );
+            }
             if (group.isPresent()) {
                 log.info("Assigning group {}", group.get().getName());
                 selectedHostGroups.add(group.get());

api/src/main/java/io/sentrius/sso/controllers/api/SystemApiController.java

@@ -117,6 +117,7 @@ public String setOption(HttpServletRequest request, HttpServletResponse response
                     results.add(systemOptions.setValue(option.getName(), entry.getValue()[0], false));
                     break;
                 case "java.lang.Boolean":
+                    log.info("Setting boolean value: {}", entry.getValue()[0]);
                     results.add(systemOptions.setValue(option.getName(), Boolean.valueOf(entry.getValue()[0]), false));
                     break;
                 case "java.lang.Integer":

api/src/main/java/io/sentrius/sso/websocket/TerminalWSHandler.java

@@ -87,7 +87,6 @@ protected void handleTextMessage(WebSocketSession session, TextMessage message)
                     byte[] messageBytes = Base64.getDecoder().decode(message.getPayload());
                     Session.TerminalMessage auditLog =
                         Session.TerminalMessage.parseFrom(messageBytes);
-                    log.info("got message {}; {}; {}", uri,sessionId, auditLog.getCommand());
                     // Decrypt the session ID
 //                    var sessionIdStr = cryptoService.decrypt(sessionId);
   //                  var sessionIdLong = Long.parseLong(sessionIdStr);
@@ -96,21 +95,21 @@ protected void handleTextMessage(WebSocketSession session, TextMessage message)
                     var sys = sessionTrackingService.getEncryptedConnectedSession(lookupId);
                     if (null != sys ) {
                         boolean allNoAction = true;
-                        log.info("**** Processing message for session ID: {} with {} actions", sessionId,
+                        log.debug("**** Processing message for session ID: {} with {} actions", sessionId,
                             sys.getSessionStartupActions().size());
                         for (var action : sys.getSessionStartupActions()) {
                             var trigger = action.onMessage(auditLog);
                             if (trigger.get().getAction() == TriggerAction.JIT_ACTION) {
                                 allNoAction = false;
                                 // drop the message
                                 sys.getTerminalAuditor().setSessionTrigger(trigger.get());
-                                log.info("**** Setting JIT Trigger: {}", trigger.get());
+                                log.debug("**** Setting JIT Trigger: {}", trigger.get());
                                 sessionTrackingService.addSystemTrigger(sys, trigger.get());
                                 return;
                             } else if (trigger.get().getAction() == TriggerAction.WARN_ACTION) {
                                 allNoAction = false;
                                 // send the message
-                                log.info("**** Setting WARN Trigger: {}", trigger.get());
+                                log.debug("**** Setting WARN Trigger: {}", trigger.get());
                                 sys.getTerminalAuditor().setSessionTrigger(trigger.get());
                                 sessionTrackingService.addSystemTrigger(sys, trigger.get());
                             } else if (trigger.get().getAction() == TriggerAction.PROMPT_ACTION) {

api/src/main/resources/templates/sso/system_settings.html

@@ -136,7 +136,16 @@
                                 </span>
                         </td>
                         <td>
-                            <input type="text" th:name="${s.name}" th:value="${s.value}" class="form-control"/>
+                            <!-- Conditionally render input or select based on closestType -->
+                            <div th:if="${s.closestType == 'java.lang.Boolean'}">
+                                <select th:name="${s.name}" class="form-control">
+                                    <option th:value="true" th:selected="${s.value.equals('true')}">True</option>
+                                    <option th:value="false" th:selected="${s.value.equals('false')}">False</option>
+                                </select>
+                            </div>
+                            <div th:unless="${s.closestType == 'java.lang.Boolean'}">
+                                <input type="text" th:name="${s.name}" th:value="${s.value}" class="form-control" />
+                            </div>
                         </td>
                     </tr>
                 </template>

core/src/main/java/io/sentrius/sso/automation/auditing/AccessTokenEvaluator.java

@@ -1,6 +1,7 @@
 package io.sentrius.sso.automation.auditing;
 
 import java.util.Optional;
+import io.sentrius.sso.core.config.SystemOptions;
 import io.sentrius.sso.core.model.ConnectedSystem;
 import io.sentrius.sso.core.services.terminal.SessionTrackingService;
 
@@ -12,7 +13,7 @@ public abstract class AccessTokenEvaluator {
 
   public abstract Optional<Trigger> trigger(String text);
 
-  public abstract boolean configure(String configuration);
+  public abstract boolean configure(SystemOptions systemOptions, String configuration);
 
   public abstract TriggerAction describeAction();
 
@@ -29,5 +30,7 @@ public void setConnectedSystem(ConnectedSystem connectedSystem) {
   public void setTrackingService(SessionTrackingService sessionTrackingService){
     this.sessionTrackingService = sessionTrackingService;
   }
+
+
 }
 //

core/src/main/java/io/sentrius/sso/automation/auditing/AllowedExecution.java

@@ -1,6 +1,7 @@
 package io.sentrius.sso.automation.auditing;
 
 import java.util.Optional;
+import io.sentrius.sso.core.config.SystemOptions;
 
 public class AllowedExecution extends AccessTokenEvaluator {
 
@@ -38,7 +39,7 @@ public Optional<Trigger> trigger(String text) {
   }
 
   @Override
-  public boolean configure(String configuration) {
+  public boolean configure(SystemOptions systemOptions, String configuration) {
 
     String[] commandSplit = configuration.split(":");
 

core/src/main/java/io/sentrius/sso/automation/auditing/RuleFactory.java

@@ -3,6 +3,7 @@
 import java.lang.reflect.InvocationTargetException;
 import java.util.List;
 import java.util.Map;
+import io.sentrius.sso.core.config.SystemOptions;
 import io.sentrius.sso.core.model.ConnectedSystem;
 import io.sentrius.sso.core.model.auditing.Rule;
 import io.sentrius.sso.core.services.PluggableServices;
@@ -14,6 +15,7 @@
 public class RuleFactory {
 
     public static void createRules(
+        SystemOptions systemOptions,
         ConnectedSystem connectedSystem,
         SessionTrackingService sessionTrackingService,
         List<Rule> initialRules, List<AccessTokenEvaluator> synchronousRules, List<SessionTokenEvaluator> beforeAndAfterRules,
@@ -24,7 +26,7 @@ public static void createRules(
             Class<? extends AccessTokenEvaluator> newRuleClass =
                 Class.forName(rule.getRuleClass()).asSubclass(AccessTokenEvaluator.class);
             AccessTokenEvaluator newRule = newRuleClass.getConstructor().newInstance();
-            newRule.configure(rule.getRuleConfig());
+            newRule.configure(systemOptions, rule.getRuleConfig());
             newRule.setConnectedSystem(connectedSystem);
             newRule.setTrackingService(sessionTrackingService);
             if (newRule instanceof SessionTokenEvaluator) {

core/src/main/java/io/sentrius/sso/automation/auditing/rules/AllowedCommandsRule.java

@@ -4,6 +4,7 @@
 import io.sentrius.sso.automation.auditing.AccessTokenEvaluator;
 import io.sentrius.sso.automation.auditing.Trigger;
 import io.sentrius.sso.automation.auditing.TriggerAction;
+import io.sentrius.sso.core.config.SystemOptions;
 import org.apache.commons.collections4.trie.PatriciaTrie;
 
 public class AllowedCommandsRule extends AccessTokenEvaluator {
@@ -29,7 +30,7 @@ public Optional<Trigger> trigger(String text) {
   }
 
   @Override
-  public boolean configure(String configuration) {
+  public boolean configure(SystemOptions systemOptions, String configuration) {
 
     String[] commandGroup = configuration.split("<EOL>");
 

core/src/main/java/io/sentrius/sso/automation/auditing/rules/CommandEvaluator.java

@@ -4,6 +4,7 @@
 import io.sentrius.sso.automation.auditing.AccessTokenEvaluator;
 import io.sentrius.sso.automation.auditing.Trigger;
 import io.sentrius.sso.automation.auditing.TriggerAction;
+import io.sentrius.sso.core.config.SystemOptions;
 
 public class CommandEvaluator extends AccessTokenEvaluator {
 
@@ -43,7 +44,7 @@ public Optional<Trigger> trigger(String text) {
   }
 
   @Override
-  public boolean configure(String configuration) {
+  public boolean configure(SystemOptions systemOptions, String configuration) {
 
     String[] commandSplit = configuration.split(":");
 

core/src/main/java/io/sentrius/sso/automation/auditing/rules/OpenAISessionRule.java

@@ -8,6 +8,7 @@
 import io.sentrius.sso.automation.auditing.SessionTokenEvaluator;
 import io.sentrius.sso.automation.auditing.Trigger;
 import io.sentrius.sso.automation.auditing.TriggerAction;
+import io.sentrius.sso.core.config.SystemOptions;
 import io.sentrius.sso.protobuf.Session;
 import io.sentrius.sso.core.model.ConnectedSystem;
 import io.sentrius.sso.core.services.openai.OpenAITerminalService;
@@ -23,6 +24,9 @@ public class OpenAISessionRule extends SessionTokenEvaluator {
     private ConnectedSystem connectedSystem;
     private SessionTrackingService sessionTrackingService;
 
+    private long buffer = 10;
+    private long commandsToEvaluate = 5;
+
 
     // Rolling list of last 10 commands
     private final Queue<String> recentCommands = new LinkedList<>();
@@ -49,13 +53,13 @@ public Optional<Trigger> trigger(String command) {
             return Optional.of(trg);
         }
         // Add command to the rolling list
-        if (recentCommands.size() >= 10) {
+        if (recentCommands.size() >= buffer) {
             recentCommands.poll(); // Remove the oldest command
         }
         recentCommands.offer(command);
 
 
-        if (recentCommands.size() < 5) {
+        if (recentCommands.size() < commandsToEvaluate) {
             log.info("Insufficient commands for analysis");
             Trigger trg = new Trigger(TriggerAction.NO_ACTION, "");
             return Optional.of(trg);
@@ -89,7 +93,7 @@ public Optional<Trigger> trigger(String command) {
     }
 
     @Override
-    public boolean configure(String configuration) {
+    public boolean configure(SystemOptions systemOptions, String configuration) {
         return false;
     }
 

core/src/main/java/io/sentrius/sso/automation/auditing/rules/TicketSessionRule.java

@@ -4,6 +4,7 @@
 import io.sentrius.sso.automation.auditing.SessionTokenEvaluator;
 import io.sentrius.sso.automation.auditing.Trigger;
 import io.sentrius.sso.automation.auditing.TriggerAction;
+import io.sentrius.sso.core.config.SystemOptions;
 import io.sentrius.sso.protobuf.Session;
 import io.sentrius.sso.core.model.ConnectedSystem;
 import io.sentrius.sso.core.services.terminal.SessionTrackingService;
@@ -43,7 +44,7 @@ public Optional<Trigger> trigger(String text) {
     }
 
     @Override
-    public boolean configure(String configuration) {
+    public boolean configure(SystemOptions systemOptions, String configuration) {
         return false;
     }
 

core/src/main/java/io/sentrius/sso/automation/auditing/rules/TwoPartyAIMonitor.java

@@ -9,6 +9,8 @@
 import io.sentrius.sso.automation.auditing.SessionTokenEvaluator;
 import io.sentrius.sso.automation.auditing.Trigger;
 import io.sentrius.sso.automation.auditing.TriggerAction;
+import io.sentrius.sso.core.config.SystemOptions;
+import io.sentrius.sso.core.model.dto.SystemOption;
 import io.sentrius.sso.protobuf.Session;
 import io.sentrius.sso.core.model.ConnectedSystem;
 import io.sentrius.sso.core.services.openai.OpenAITwoPartyMonitorService;
@@ -25,6 +27,10 @@ public class TwoPartyAIMonitor extends SessionTokenEvaluator {
     private ConnectedSystem connectedSystem;
     private SessionTrackingService sessionTrackingService;
 
+    private long buffer = 10;
+    private long commandsToEvaluate = 5;
+    private double aiRiskThreshold = 0.8;
+    private boolean enableLLMQuestions = false;
 
     // Rolling list of last 10 commands
     private final Queue<String> recentCommands = new LinkedList<>();
@@ -47,7 +53,6 @@ public void setTrackingService(SessionTrackingService sessionTrackingService) {
 
     @Override
     public Optional<Trigger> trigger(String cmd) {
-        log.info("Received command: {}", cmd);
         var command = cmd.trim();
         if (command.isEmpty()) {
             log.info("Empty command No analysis");
@@ -61,13 +66,13 @@ public Optional<Trigger> trigger(String cmd) {
             return Optional.of(trg);
         }
         // Add command to the rolling list
-        if (recentCommands.size() >= 10) {
+        if (recentCommands.size() >= buffer) {
             recentCommands.poll(); // Remove the oldest command
         }
         recentCommands.offer(command);
 
 
-        if (recentCommands.size() < 5) {
+        if (recentCommands.size() < commandsToEvaluate) {
             log.info("Insufficient commands for analysis");
             Trigger trg = new Trigger(TriggerAction.PERSISTENT_MESSAGE, llmResponse.get() != null ? llmResponse.get() : "");
             return Optional.of(trg);
@@ -86,13 +91,13 @@ public Optional<Trigger> trigger(String cmd) {
 
         // Merge recent commands into a single payload
         String mergedCommands = String.join("\n", recentCommands);
-        log.info("merged commands: {}", mergedCommands);
+        log.debug("merged commands: {}", mergedCommands);
         // Submit merged commands for asynchronous analysis
         CompletableFuture<Void> analysis =
             ((OpenAITwoPartyMonitorService)openAi).analyzeTerminalLogs(TwoPartyRequest.builder().userInput(mergedCommands).build()).thenAccept(response -> {
                 log.info("OpenAI analysis completed. Malicious: {}", response);
                 if (response != null) {
-                    flaggedAsMalicious = response.getScore()>0.8;
+                    flaggedAsMalicious = response.getScore()> aiRiskThreshold;
                     llmResponse.set(response.getResponse());
                     if (response.getQuestion() != null && !flaggedAsMalicious && response.getScore()>=0.75){
                         llmQuestion.set(response.getQuestion());
@@ -126,8 +131,13 @@ public Optional<Trigger> trigger(String cmd) {
     }
 
     @Override
-    public boolean configure(String configuration) {
-        return false;
+    public boolean configure(SystemOptions systemOptions, String configuration) {
+        commandsToEvaluate = systemOptions.getCommandsToEvaluate();
+        buffer = systemOptions.getCommandsToBuffer();
+        aiRiskThreshold = systemOptions.getAiRiskThreshold();
+        enableLLMQuestions = systemOptions.getEnableLLMQuestions();
+        return true;
+
     }
 
     @Override
@@ -160,7 +170,7 @@ public Optional<Trigger> onMessage(Session.TerminalMessage text) {
                     if (response != null) {
                         flaggedAsMalicious = response.getScore()>0.8;
                         llmResponse.set(response.getResponse());
-                        if (response.getQuestion() != null && !flaggedAsMalicious && response.getScore()>=0.75){
+                        if (response.getQuestion() != null && !flaggedAsMalicious && response.getScore()>=0.75 && enableLLMQuestions) {
                             llmQuestion.set(response.getQuestion());
                         }
                         else {

core/src/main/java/io/sentrius/sso/automation/auditing/rules/TwoPartySessionRule.java

@@ -4,6 +4,7 @@
 import io.sentrius.sso.automation.auditing.SessionTokenEvaluator;
 import io.sentrius.sso.automation.auditing.Trigger;
 import io.sentrius.sso.automation.auditing.TriggerAction;
+import io.sentrius.sso.core.config.SystemOptions;
 import io.sentrius.sso.protobuf.Session;
 import io.sentrius.sso.core.model.ConnectedSystem;
 import io.sentrius.sso.core.services.terminal.SessionTrackingService;
@@ -37,8 +38,9 @@ public Optional<Trigger> trigger(String text) {
     }
 
     @Override
-    public boolean configure(String configuration) {
-        return false;
+    public boolean configure(SystemOptions systemOptions, String configuration) {
+
+        return true;
     }
 
     @Override