Merge pull request #266 from nyu-mlab/ui

More UI Fixes

Author: crazyideas21

.github/labeler.yml

@@ -5,16 +5,22 @@ Github-files:
   - '.github/**'
 
 Tests:
-  - 'tests/**'
-
-Analysis:
-  - 'analysis/**'
+  - 'src/tests/**'
 
 Core:
-  - 'core/**'
+  - 'src/libinspector/**.py'
+  - 'pyproject.toml'
+  - 'setup.py'
+  - 'uv.lock'
+
+Scripts:
+  - '**/*.sh'
+  - '**/*.ps1'
+  - '**/*.bat'
 
 Data:
-  - 'data/**'
+  - 'src/libinspector/data/**'
 
-UI:
-  - 'ui/**'
+Streamlit:
+  - 'src/libinspector/.streamlit/**'
+  - '.streamlit/**'

.github/workflows/create_release.yml

@@ -6,9 +6,15 @@ on:
     branches:
       - master
 
+# Set no permissions by default. This is the most secure practice.
+# We will grant specific permissions to each job that needs them.
+permissions: {}
+
 jobs:
   create_release:
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
     outputs:
       v-version: ${{ steps.version.outputs.v-version }}
     steps:
@@ -22,6 +28,8 @@ jobs:
 
   build:
     runs-on: ${{ matrix.os }}
+    permissions:
+      contents: read
     needs: [create_release]
     strategy:
       fail-fast: false
@@ -101,6 +109,9 @@ jobs:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:
           tag_name: ${{ needs.create_release.outputs.v-version }}
+          draft: false
+          generate_release_notes: true
+          prerelease: false
           files: |
             dist/*.exe
             dist/*.whl

.github/workflows/inspector_test.yaml

@@ -7,9 +7,15 @@ on:
   schedule:
     - cron: '0 0 */30 * *'
 
+# Set no permissions by default. This is the most secure practice.
+# We will grant specific permissions to each job that needs them.
+permissions: {}
+
 jobs:
   build:
     runs-on: ${{ matrix.os }}
+    permissions:
+      contents: read
     strategy:
       fail-fast: false
       matrix:

src/libinspector/common.py

@@ -26,6 +26,31 @@
     "- Metadata of your network traffic (e.g., which IPs/domains your devices communicate with) is shared anonymously with NYU researchers during the labeling stage."
 )
 
+def remove_warning():
+    """
+    Remove the warning acceptance state, forcing the user to see the warning again.
+    """
+    config_set("suppress_warning", True)
+
+
+def reset_prolific_id():
+    """
+    Clear the stored Prolific ID, forcing the user to re-enter it.
+    """
+    config_set("prolific_id", "")
+
+
+def set_prolific_id(prolific_id: str):
+    """
+    Store the provided Prolific ID in the configuration.
+
+    Args:
+        prolific_id (str): The Prolific ID to store.
+    """
+    if is_prolific_id_valid(prolific_id):
+        config_set("prolific_id", prolific_id)
+
+
 def show_warning():
     """
     Displays a warning message to the user about network monitoring and ARP spoofing.
@@ -36,28 +61,30 @@ def show_warning():
         False if the user has accepted the warning and can proceed.
     """
     current_id = config_get("prolific_id", "")
+    st.subheader("1. Prolific ID Confirmation")
+    st.info(f"Your currently stored ID is: `{current_id}`")
+    st.button("Change Prolific ID",
+              on_click=reset_prolific_id,
+              help="Clicking this will clear your stored ID and return you to the ID entry form.")
 
     # --- GATE 1: PROLIFIC ID CHECK (Must be valid to proceed to confirmation) ---
     if is_prolific_id_valid(current_id):
-        # --- SHOW CONFIRMATION UI (Only reached if ID is valid but warning is unaccepted) ---
-        st.subheader("1. Prolific ID Confirmation")
-        st.info(f"Your currently stored ID is: `{current_id}`")
-
-        # Allows the user to change the ID, which forces them back through GATE 1
-        if st.button("Change Prolific ID", help="Clicking this will clear your stored ID and return you to the ID entry form."):
-            config_set("prolific_id", "")  # Clear the stored ID
-            st.rerun()
-
+        # Check if the warning is NOT suppressed. If it's not suppressed, we show the UI
+        # and MUST return True (Block execution) until the user clicks the button.
         if not config_get("suppress_warning", False):
             st.markdown("---")
             st.subheader("2. Network Monitoring Warning")
             st.markdown(warning_text)
 
-            if st.button("OK, I understand and wish to proceed", help="Clicking this confirms that you understand the warning and wish to proceed."):
-                config_set("suppress_warning", True)
-                st.rerun()
+            st.button("OK, I understand and wish to proceed",
+                      on_click=remove_warning,
+                      help="Clicking this confirms that you understand the warning and wish to proceed.")
+
+            # Since the warning is displayed and unaccepted, we must block.
+            return True
 
-        return not is_prolific_id_valid(config_get("prolific_id", ""))
+        # If we reach here, ID is valid AND suppress_warning is True.
+        return False
     else:
         # ID is missing or invalid -> BLOCK and show input form
         st.subheader("Prolific ID Required")
@@ -69,15 +96,10 @@ def show_warning():
                 value="",
                 key="prolific_id_input"
             ).strip()
-
-            submitted = st.form_submit_button("Submit ID")
-            if submitted:
-                if is_prolific_id_valid(input_id):
-                    config_set("prolific_id", input_id)
-                    st.success("Prolific ID accepted. Please review the details below.")
-                    st.rerun()  # Rerun to jump to the confirmation step (GATE 2)
-                else:
-                    st.error("Invalid Prolific ID. Must be 1-50 alphanumeric characters.")
+            st.form_submit_button("Submit ID",
+                                  on_click=set_prolific_id,
+                                  args=(input_id,),
+                                  help="Submit your Prolific ID to proceed.")
 
         return True  # BLOCK: ID check still needs resolution.
 
@@ -157,6 +179,7 @@ def plot_traffic_volume(df: pd.DataFrame, now: int, chart_title: str):
         df_reindexed = df_reindexed.sort_values(by='seconds_ago', ascending=False)
         st.bar_chart(df_reindexed.set_index('seconds_ago')['Bits'], width='content')
 
+
 def get_device_metadata(mac_address: str) -> dict:
     """
     Retrieve the DHCP hostname and OUI vendor for a device from the database.

src/libinspector/device_detail_page.py

@@ -430,9 +430,6 @@ def process_network_flows(df: pandas.DataFrame):
     local_timezone = datetime.datetime.now(datetime.timezone.utc).astimezone().tzinfo
     df['first_seen'] = df['first_seen'].dt.tz_localize('UTC').dt.tz_convert(local_timezone)
     df['last_seen'] = df['last_seen'].dt.tz_localize('UTC').dt.tz_convert(local_timezone)
-
-    df['inferred_activity'] = None
-    df['confirmation'] = False
     df = df.reset_index(drop=True)
 
     st.markdown("#### Network Flows")
@@ -477,7 +474,7 @@ def show_device_details(mac_address: str):
                  SELECT MIN(timestamp) AS first_seen,
                         MAX(timestamp) AS last_seen,
                         COALESCE(dest_hostname, dest_ip_address) AS dest_info,
-                        SUM(byte_count) * 8 AS Bits
+                        ROUND(SUM(byte_count) / 1024.0, 2) AS KiloBytes
                  FROM network_flows
                  WHERE src_mac_address = ?
                    AND timestamp >= ?
@@ -490,7 +487,7 @@ def show_device_details(mac_address: str):
                  SELECT MIN(timestamp) AS first_seen,
                         MAX(timestamp) AS last_seen,
                         COALESCE(src_hostname, src_ip_address) AS src_info,
-                        SUM(byte_count) * 8 AS Bits
+                        ROUND(SUM(byte_count) / 1024.0, 2) AS KiloBytes
                  FROM network_flows
                  WHERE dest_mac_address = ?
                    AND timestamp >= ?

src/libinspector/device_list_page.py

@@ -43,25 +43,24 @@ def worker_thread():
         for device_dict in device_list:
             meta_data = common.get_device_metadata(device_dict['mac_address'])
             remote_hostnames = common.get_remote_hostnames(device_dict['mac_address'])
+            custom_name_key = f"device_custom_name_{device_dict['mac_address']}"
             try:
                 # Note I am passing the metadata as a string because functions with cache cannot take dicts
                 # as a dict is mutable, and the cache would not work as expected.
                 api_output = call_predict_api(json.dumps(meta_data), remote_hostnames, device_dict['mac_address'])
                 common.config_set(f'device_details@{device_dict["mac_address"]}', api_output)
                 if "Vendor" in api_output:
-                    # Update name based on API
-                    custom_name_key = f"device_custom_name_{device_dict['mac_address']}"
                     custom_name = api_output["Vendor"]
                     if api_output["Vendor"] != "":
                         common.config_set(custom_name_key, custom_name)
-                    else:
-                        # If API is down, just try using OUI vendor
-                        common.config_set(custom_name_key, meta_data.get('oui_vendor', 'Unknown Device, likely a Mobile Phone'))
             except Exception as e:
                 logger.info("[Device ID API] Exception when calling API: %s", str(e))
-                continue
-
-
+            finally:
+                # If API is down, just try using OUI vendor if no custom name is set in config.json
+                if common.config_get(custom_name_key, default='') == '':
+                    common.config_set(custom_name_key,
+                                      meta_data.get('oui_vendor', 'Unknown Device, likely a Mobile Phone'))
+                
 @functools.cache
 def call_predict_api(meta_data_string: str, remote_hostnames: str,
                      mac_address: str, url="https://dev-id-1.tailcedbd.ts.net/predict") -> dict:

src/libinspector/page_manager.py

@@ -28,9 +28,7 @@ def _show_page_func_wrapper():
             st.query_params['pid'] = pid
 
         initialize_page()
-
         st.markdown(f"## {icon} {title}")
-
         show_page_func()
 
     return st.Page(
@@ -52,7 +50,7 @@ def initialize_page():
         menu_items={}
     )
 
-    # If true, block further execution
+    initialize_config()
     if common.show_warning():
         st.stop()
 
@@ -67,15 +65,18 @@ def initialize_page():
     start_inspector_once()
 
 
+@functools.lru_cache(maxsize=1)
+def initialize_config():
+    """Initialize certain Config variables when starting IoT Inspector."""
+    common.config_set("suppress_warning", False)
+    common.config_set("labeling_in_progress", False)
+    common.config_set("api_message", "")
+
+
 @functools.lru_cache(maxsize=1)
 def start_inspector_once():
     """Initialize the Inspector core only once."""
     with st.spinner("Starting Inspector Core Library..."):
-        # Just in case someone closes labeling window without finishing
-        # Same with the general warning
-        common.config_set("suppress_warning", False)
-        common.config_set("labeling_in_progress", False)
-        common.config_set("api_message", "")
         libinspector.core.start_threads()
         api_thread = threading.Thread(
             name="Device API Thread",

src/libinspector/server/packet_collector.py

@@ -185,14 +185,17 @@ def make_pcap_filename(start_time: int, end_time: int) -> str:
     Returns:
         str: Human-readable filename.
     """
-    start_dt = datetime.datetime.fromtimestamp(start_time)
-    duration_seconds = end_time - start_time
+    # Determine the local timezone object of the machine running the script.
+    local_tz = datetime.datetime.now().astimezone().tzinfo
 
-    # Format the start time: e.g., 'Oct-31-2025_113100AM'
-    safe_start = start_dt.strftime("%b-%d-%Y_%I:%M:%S%p")
+    # We explicitly tell fromtimestamp() that the input is UTC.
+    start_dt_utc = datetime.datetime.fromtimestamp(start_time, tz=datetime.timezone.utc)
+    start_dt_localized = start_dt_utc.astimezone(local_tz)
+    duration_seconds = end_time - start_time
+    safe_start = start_dt_localized.strftime("%b-%d-%Y_%I:%M:%S%p")
 
     # Generate the filename with duration
-    filename = f"{safe_start}_{duration_seconds}s.pcap"
+    filename = f"{safe_start}_{duration_seconds:.2f}s.pcap"
     return filename