Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bed 4805 #905

Open
wants to merge 7 commits into
base: main
Choose a base branch
from
+512 −13
Open

Bed 4805 #905

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
273518c
initial refactor
stephanieslamb Oct 7, 2024
ca502f3
added filters file
stephanieslamb Oct 8, 2024
1bfc649
Merge branch 'main' into BED-4805
stephanieslamb Oct 8, 2024
537f62c
openapi changes
stephanieslamb Oct 16, 2024
750df0e
ran prepare for codereview
stephanieslamb Oct 16, 2024
6715f62
removed comment. added generic errors
stephanieslamb Oct 23, 2024
c0e48b3
merged main
stephanieslamb Oct 23, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
57 changes: 57 additions & 0 deletions cmd/api/src/api/filters.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
// Copyright 2024 Specter Ops, Inc.
//
// Licensed under the Apache License, Version 2.0
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
// SPDX-License-Identifier: Apache-2.0

package api
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I really like this refactor! Can we open up a ticket to update all existing endpoints to use these functions?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yeah, i can do that. i think when alyx and i originally talked about this, we thought it would be more like something i demo in demo/retro and then people will know the option is there. but if a ticket seems better, i can get that created!


import (
"errors"
"fmt"

"github.com/specterops/bloodhound/src/model"
)

var (
ErrColumnUnfilterable = errors.New("the specified column cannot be filtered")
ErrFilterPredicateNotSupported = errors.New("the specified filter predicate is not supported for this column")
ErrNoFindingType = errors.New("no finding type specified")
ErrColumnFormatNotSupported = errors.New("column format does not support sorting")
ErrInvalidFindingType = errors.New("invalid finding type specified")
ErrInvalidAcceptedFilter = errors.New("invalid finding type specified")
)

type Filterable interface {
ValidFilters() map[string][]model.FilterOperator
}

func GetFilterableColumns(f Filterable) []string {
var columns = make([]string, 0)
for column := range f.ValidFilters() {
columns = append(columns, column)
}
return columns
}

func GetValidFilterPredicatesAsStrings(f Filterable, column string) ([]string, error) {
if predicates, validColumn := f.ValidFilters()[column]; !validColumn {
return []string{}, fmt.Errorf("the specified column cannot be filtered")
} else {
var stringPredicates = make([]string, 0)
for _, predicate := range predicates {
stringPredicates = append(stringPredicates, string(predicate))
}
return stringPredicates, nil
}
}
2 changes: 1 addition & 1 deletion cmd/api/src/api/v2/analysisrequest.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,12 +20,12 @@ import (
"database/sql"
"net/http"

"github.com/specterops/bloodhound/src/model/appcfg"
"github.com/specterops/bloodhound/errors"
"github.com/specterops/bloodhound/log"
"github.com/specterops/bloodhound/src/api"
"github.com/specterops/bloodhound/src/auth"
"github.com/specterops/bloodhound/src/ctx"
"github.com/specterops/bloodhound/src/model/appcfg"
)

const ErrAnalysisScheduledMode = "analysis is configured to run on a schedule, unable to run just in time"
Expand Down
1 change: 1 addition & 0 deletions cmd/api/src/model/appcfg/parameter.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -163,6 +163,7 @@ func (s *PasswordExpiration) UnmarshalJSON(data []byte) error {

return nil
}

}

func GetPasswordExpiration(ctx context.Context, service ParameterService) time.Duration {
Expand Down
241 changes: 235 additions & 6 deletions packages/go/openapi/doc/openapi.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12166,23 +12166,22 @@
"get": {
"operationId": "ListDomainAttackPathsDetails",
"summary": "List domain attack paths details",
"description": "Lists detailed data about attack paths for a domain.",
"description": "Lists detailed data about attack paths for a domain. \n\n__Note:__ __Note:__ `ImpactCount`, `ImpactPercentage`, `ExposureCount`, and `ExposurePercentage` will have a value other than zero when butterfly analysis is enabled.\n",
"tags": [
"Attack Paths",
"Enterprise"
],
"parameters": [
{
"name": "finding",
"x-go-name": "FindingDeprecated",
"in": "query",
"schema": {
"$ref": "#/components/schemas/api.params.predicate.filter.string"
}
},
{
"name": "sort_by",
"description": "Sortable columns are `domain_sid`, `index`, `AcceptedUntil`, `id`, `created_at`, `updated_at`, `deleted_at`. Relationship risks can be sorted on `FromPrincipal` and `ToPrincipal` in addition to the sortable columns for List Risks.",
"description": "Sortable columns are `domain_sid`, `index`, `AcceptedUntil`, `id`, `created_at`, `updated_at`, `deleted_at`, `exposure_percent`, `impact_percent`. Relationship risks can be sorted on `FromPrincipal` and `ToPrincipal` in addition to the sortable columns for List Risks.",
"in": "query",
"schema": {
"$ref": "#/components/schemas/api.params.query.sort-by"
Expand All @@ -12191,7 +12190,6 @@
{
"name": "FromPrincipal",
"deprecated": true,
"x-go-name": "FromPrincipalDeprecated",
"in": "query",
"schema": {
"$ref": "#/components/schemas/api.params.predicate.filter.string"
Expand All @@ -12200,7 +12198,6 @@
{
"name": "ToPrincipal",
"deprecated": true,
"x-go-name": "ToPrincipalDeprecated",
"in": "query",
"schema": {
"$ref": "#/components/schemas/api.params.predicate.filter.string"
Expand Down Expand Up @@ -12237,7 +12234,6 @@
{
"name": "AcceptedUntil",
"deprecated": true,
"x-go-name": "AcceptedUntilDeprecated",
"in": "query",
"schema": {
"$ref": "#/components/schemas/api.params.predicate.filter.time"
Expand All @@ -12259,6 +12255,7 @@
},
{
"name": "Finding",
"deprecated": true,
"in": "query",
"schema": {
"$ref": "#/components/schemas/api.params.predicate.filter.string"
Expand Down Expand Up @@ -12362,6 +12359,186 @@
]
}
]
},
"examples": {
"Butterfly Relationship Finding": {
"summary": "Butterfly Relationship Finding",
"description": "When the butterfly analysis feature flag is on, impact count/percentage and exposure count/percentage will have a value other than zero.",
"value": {
"count": 0,
"skip": 0,
"limit": 0,
"data": [
{
"id": 0,
"created_at": "2024-08-28T21:21:40.845Z",
"updated_at": "2024-08-28T21:21:40.845Z",
"deleted_at": {
"time": "2024-08-28T21:21:40.845Z",
"valid": true
},
"FromPrincipal": "string",
"ToPrincipal": "string",
"FromPrincipalProps": {
"additionalProp1": {},
"additionalProp2": {},
"additionalProp3": {}
},
"FromPrincipalKind": "string",
"ToPrincipalProps": {
"additionalProp1": {},
"additionalProp2": {},
"additionalProp3": {}
},
"ToPrincipalKind": "string",
"RelProps": {
"additionalProp1": {},
"additionalProp2": {},
"additionalProp3": {}
},
"ComboGraphRelationID": {
"int64": 0,
"valid": true
},
"Finding": "string",
"DomainSID": "string",
"PrincipalHash": "string",
"AcceptedUntil": "2024-08-28T21:21:40.845Z",
"ImpactPercentage": 12,
"ImpactCount": 2,
"ExposurePercentage": 24,
"ExposureCount": 4,
"Severity": "high",
"Accepted": true
}
]
}
},
"Metatree Relationship Finding": {
"summary": "Metatree Relationship Finding",
"description": "When the butterfly analysis feature flag is off and metatree is running, impact count/percentage and exposure count/percentage will have a value of zero.",
"value": {
"count": 0,
"skip": 0,
"limit": 0,
"data": [
{
"id": 0,
"created_at": "2024-08-28T21:21:40.845Z",
"updated_at": "2024-08-28T21:21:40.845Z",
"deleted_at": {
"time": "2024-08-28T21:21:40.845Z",
"valid": true
},
"FromPrincipal": "string",
"ToPrincipal": "string",
"FromPrincipalProps": {
"additionalProp1": {},
"additionalProp2": {},
"additionalProp3": {}
},
"FromPrincipalKind": "string",
"ToPrincipalProps": {
"additionalProp1": {},
"additionalProp2": {},
"additionalProp3": {}
},
"ToPrincipalKind": "string",
"RelProps": {
"additionalProp1": {},
"additionalProp2": {},
"additionalProp3": {}
},
"ComboGraphRelationID": {
"int64": 0,
"valid": true
},
"Finding": "string",
"DomainSID": "string",
"PrincipalHash": "string",
"AcceptedUntil": "2024-08-28T21:21:40.845Z",
"ImpactPercentage": 0,
"ImpactCount": 0,
"ExposurePercentage": 0,
"ExposureCount": 0,
"Severity": "",
"Accepted": true
}
]
}
},
"Butterfly List Finding": {
"summary": "Butterfly List Finding",
"description": "When the butterfly analysis feature flag is on, impact count/percentage and exposure count/percentage will have a value other than zero.",
"value": {
"count": "0,",
"skip": "0,",
"limit": "0,",
"data": [
{
"id": 0,
"created_at": "2024-08-28T21:42:18.844Z",
"updated_at": "2024-08-28T21:42:18.844Z",
"deleted_at": {
"time": "2024-08-28T21:42:18.844Z",
"valid": true
},
"Principal": "string",
"PrincipalKind": "string",
"Finding": "string",
"DomainSID": "string",
"Props": {
"additionalProp1": {},
"additionalProp2": {},
"additionalProp3": {}
},
"accepted_until": "2024-08-28T21:42:18.844Z",
"ImpactPercentage": 12,
"ImpactCount": 2,
"ExposurePercentage": 24,
"ExposureCount": 4,
"Severity": "high",
"Accepted": true
}
]
}
},
"Metatree List Finding": {
"summary": "Metatree List Finding",
"description": "When the butterfly analysis feature flag is off and metatree is running, impact count/percentage and exposure count/percentage will have a value of zero.",
"value": {
"count": "0,",
"skip": "0,",
"limit": "0,",
"data": [
{
"id": 0,
"created_at": "2024-08-28T21:42:18.844Z",
"updated_at": "2024-08-28T21:42:18.844Z",
"deleted_at": {
"time": "2024-08-28T21:42:18.844Z",
"valid": true
},
"Principal": "string",
"PrincipalKind": "string",
"Finding": "string",
"DomainSID": "string",
"Props": {
"additionalProp1": {},
"additionalProp2": {},
"additionalProp3": {}
},
"accepted_until": "2024-08-28T21:42:18.844Z",
"ImpactPercentage": 0,
"ImpactCount": 0,
"ExposurePercentage": 0,
"ExposureCount": 0,
"Severity": "",
"Accepted": true
}
]
}
}
}
}
}
Expand Down Expand Up @@ -15399,6 +15576,32 @@
"AcceptedUntil": {
"type": "string",
"format": "date-time"
},
"ImpactPercentage": {
"type": "number",
"format": "double"
},
"ImpactCount": {
"type": "integer",
"format": "int64"
},
"ExposurePercentage": {
"type": "number",
"format": "double"
},
"ExposureCount": {
"type": "integer",
"format": "int64"
},
"Severity": {
"type": "string",
"enum": [
"critical",
"high",
"moderate",
"low",
""
]
}
}
}
Expand Down Expand Up @@ -15436,6 +15639,32 @@
"accepted_until": {
"type": "string",
"format": "date-time"
},
"ImpactPercentage": {
"type": "number",
"format": "double"
},
"ImpactCount": {
"type": "integer",
"format": "int64"
},
"ExposurePercentage": {
"type": "number",
"format": "double"
},
"ExposureCount": {
"type": "integer",
"format": "int64"
},
"Severity": {
"type": "string",
"enum": [
"critical",
"high",
"moderate",
"low",
""
]
}
}
}
Expand Down
Loading
Loading