Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bed 4805 #905

Open
wants to merge 7 commits into
base: main
Choose a base branch
from
+512 −13
Open

Bed 4805 #905

Show file tree
Hide file tree
Changes from 4 commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
273518c
initial refactor
stephanieslamb Oct 7, 2024
ca502f3
added filters file
stephanieslamb Oct 8, 2024
1bfc649
Merge branch 'main' into BED-4805
stephanieslamb Oct 8, 2024
537f62c
openapi changes
stephanieslamb Oct 16, 2024
750df0e
ran prepare for codereview
stephanieslamb Oct 16, 2024
6715f62
removed comment. added generic errors
stephanieslamb Oct 23, 2024
c0e48b3
merged main
stephanieslamb Oct 23, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
47 changes: 47 additions & 0 deletions cmd/api/src/api/filters.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
// Copyright 2024 Specter Ops, Inc.
//
// Licensed under the Apache License, Version 2.0
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
// SPDX-License-Identifier: Apache-2.0

package api
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I really like this refactor! Can we open up a ticket to update all existing endpoints to use these functions?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yeah, i can do that. i think when alyx and i originally talked about this, we thought it would be more like something i demo in demo/retro and then people will know the option is there. but if a ticket seems better, i can get that created!


import (
"fmt"

"github.com/specterops/bloodhound/src/model"
)

type Filterable interface {
ValidFilters() map[string][]model.FilterOperator
}

func GetFilterableColumns(f Filterable) []string {
var columns = make([]string, 0)
for column := range f.ValidFilters() {
columns = append(columns, column)
}
return columns
}

func GetValidFilterPredicatesAsStrings(f Filterable, column string) ([]string, error) {
if predicates, validColumn := f.ValidFilters()[column]; !validColumn {
return []string{}, fmt.Errorf("the specified column cannot be filtered")
} else {
var stringPredicates = make([]string, 0)
for _, predicate := range predicates {
stringPredicates = append(stringPredicates, string(predicate))
}
return stringPredicates, nil
}
}
1 change: 1 addition & 0 deletions cmd/api/src/model/appcfg/parameter.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -163,6 +163,7 @@ func (s *PasswordExpiration) UnmarshalJSON(data []byte) error {

return nil
}

}

func GetPasswordExpiration(ctx context.Context, service ParameterService) time.Duration {
Expand Down
248 changes: 238 additions & 10 deletions packages/go/openapi/doc/openapi.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12166,23 +12166,22 @@
"get": {
"operationId": "ListDomainAttackPathsDetails",
"summary": "List domain attack paths details",
"description": "Lists detailed data about attack paths for a domain.",
"description": "Lists detailed data about attack paths for a domain. \n\n__Note:__ __Note:__ `ImpactCount`, `ImpactPercentage`, `ExposureCount`, and `ExposurePercentage` will have a value other than zero when butterfly analysis is enabled.\n",
"tags": [
"Attack Paths",
"Enterprise"
],
"parameters": [
{
"name": "finding",
"x-go-name": "FindingDeprecated",
"in": "query",
"schema": {
"$ref": "#/components/schemas/api.params.predicate.filter.string"
}
},
{
"name": "sort_by",
"description": "Sortable columns are `domain_sid`, `index`, `AcceptedUntil`, `id`, `created_at`, `updated_at`, `deleted_at`. Relationship risks can be sorted on `FromPrincipal` and `ToPrincipal` in addition to the sortable columns for List Risks.",
"description": "Sortable columns are `domain_sid`, `index`, `AcceptedUntil`, `id`, `created_at`, `updated_at`, `deleted_at`, `exposure_percent`, `impact_percent`. Relationship risks can be sorted on `FromPrincipal` and `ToPrincipal` in addition to the sortable columns for List Risks.",
"in": "query",
"schema": {
"$ref": "#/components/schemas/api.params.query.sort-by"
Expand All @@ -12191,7 +12190,6 @@
{
"name": "FromPrincipal",
"deprecated": true,
"x-go-name": "FromPrincipalDeprecated",
"in": "query",
"schema": {
"$ref": "#/components/schemas/api.params.predicate.filter.string"
Expand All @@ -12200,7 +12198,6 @@
{
"name": "ToPrincipal",
"deprecated": true,
"x-go-name": "ToPrincipalDeprecated",
"in": "query",
"schema": {
"$ref": "#/components/schemas/api.params.predicate.filter.string"
Expand Down Expand Up @@ -12237,7 +12234,6 @@
{
"name": "AcceptedUntil",
"deprecated": true,
"x-go-name": "AcceptedUntilDeprecated",
"in": "query",
"schema": {
"$ref": "#/components/schemas/api.params.predicate.filter.time"
Expand All @@ -12259,6 +12255,7 @@
},
{
"name": "Finding",
"deprecated": true,
"in": "query",
"schema": {
"$ref": "#/components/schemas/api.params.predicate.filter.string"
Expand Down Expand Up @@ -12362,6 +12359,186 @@
]
}
]
},
"examples": {
"Butterfly Relationship Finding": {
"summary": "Butterfly Relationship Finding",
"description": "When the butterfly analysis feature flag is on, impact count/percentage and exposure count/percentage will have a value other than zero.",
"value": {
"count": 0,
"skip": 0,
"limit": 0,
"data": [
{
"id": 0,
"created_at": "2024-08-28T21:21:40.845Z",
"updated_at": "2024-08-28T21:21:40.845Z",
"deleted_at": {
"time": "2024-08-28T21:21:40.845Z",
"valid": true
},
"FromPrincipal": "string",
"ToPrincipal": "string",
"FromPrincipalProps": {
"additionalProp1": {},
"additionalProp2": {},
"additionalProp3": {}
},
"FromPrincipalKind": "string",
"ToPrincipalProps": {
"additionalProp1": {},
"additionalProp2": {},
"additionalProp3": {}
},
"ToPrincipalKind": "string",
"RelProps": {
"additionalProp1": {},
"additionalProp2": {},
"additionalProp3": {}
},
"ComboGraphRelationID": {
"int64": 0,
"valid": true
},
"Finding": "string",
"DomainSID": "string",
"PrincipalHash": "string",
"AcceptedUntil": "2024-08-28T21:21:40.845Z",
"ImpactPercentage": 12,
"ImpactCount": 2,
"ExposurePercentage": 24,
"ExposureCount": 4,
"Severity": "high",
"Accepted": true
}
]
}
},
"Metatree Relationship Finding": {
"summary": "Metatree Relationship Finding",
"description": "When the butterfly analysis feature flag is off and metatree is running, impact count/percentage and exposure count/percentage will have a value of zero.",
"value": {
"count": 0,
"skip": 0,
"limit": 0,
"data": [
{
"id": 0,
"created_at": "2024-08-28T21:21:40.845Z",
"updated_at": "2024-08-28T21:21:40.845Z",
"deleted_at": {
"time": "2024-08-28T21:21:40.845Z",
"valid": true
},
"FromPrincipal": "string",
"ToPrincipal": "string",
"FromPrincipalProps": {
"additionalProp1": {},
"additionalProp2": {},
"additionalProp3": {}
},
"FromPrincipalKind": "string",
"ToPrincipalProps": {
"additionalProp1": {},
"additionalProp2": {},
"additionalProp3": {}
},
"ToPrincipalKind": "string",
"RelProps": {
"additionalProp1": {},
"additionalProp2": {},
"additionalProp3": {}
},
"ComboGraphRelationID": {
"int64": 0,
"valid": true
},
"Finding": "string",
"DomainSID": "string",
"PrincipalHash": "string",
"AcceptedUntil": "2024-08-28T21:21:40.845Z",
"ImpactPercentage": 0,
"ImpactCount": 0,
"ExposurePercentage": 0,
"ExposureCount": 0,
"Severity": "",
"Accepted": true
}
]
}
},
"Butterfly List Finding": {
"summary": "Butterfly List Finding",
"description": "When the butterfly analysis feature flag is on, impact count/percentage and exposure count/percentage will have a value other than zero.",
"value": {
"count": "0,",
"skip": "0,",
"limit": "0,",
"data": [
{
"id": 0,
"created_at": "2024-08-28T21:42:18.844Z",
"updated_at": "2024-08-28T21:42:18.844Z",
"deleted_at": {
"time": "2024-08-28T21:42:18.844Z",
"valid": true
},
"Principal": "string",
"PrincipalKind": "string",
"Finding": "string",
"DomainSID": "string",
"Props": {
"additionalProp1": {},
"additionalProp2": {},
"additionalProp3": {}
},
"accepted_until": "2024-08-28T21:42:18.844Z",
"ImpactPercentage": 12,
"ImpactCount": 2,
"ExposurePercentage": 24,
"ExposureCount": 4,
"Severity": "high",
"Accepted": true
}
]
}
},
"Metatree List Finding": {
"summary": "Metatree List Finding",
"description": "When the butterfly analysis feature flag is off and metatree is running, impact count/percentage and exposure count/percentage will have a value of zero.",
"value": {
"count": "0,",
"skip": "0,",
"limit": "0,",
"data": [
{
"id": 0,
"created_at": "2024-08-28T21:42:18.844Z",
"updated_at": "2024-08-28T21:42:18.844Z",
"deleted_at": {
"time": "2024-08-28T21:42:18.844Z",
"valid": true
},
"Principal": "string",
"PrincipalKind": "string",
"Finding": "string",
"DomainSID": "string",
"Props": {
"additionalProp1": {},
"additionalProp2": {},
"additionalProp3": {}
},
"accepted_until": "2024-08-28T21:42:18.844Z",
"ImpactPercentage": 0,
"ImpactCount": 0,
"ExposurePercentage": 0,
"ExposureCount": 0,
"Severity": "",
"Accepted": true
}
]
}
}
}
}
}
Expand Down Expand Up @@ -12881,15 +13058,14 @@
},
"query.entity.type": {
"name": "type",
"description": "The type of return data requested. If no type is provided, query will default to `list`.\nThe only supported type is `list`, but unsupported `graph` and `count` can be used.\nAn invalid type will result in a `count` query. Some entity query endpoints do not\nsupport the `graph` type.\n",
"description": "The type of return data requested. If no type is provided, query will default to `list`.\nThe only supported type is `list`, but the unsupported `graph` type can be used.\nSome entity query endpoints do not support the `graph` type. For those interested in\nusing the undocumented graph type parameter, the response type is described in the schema\n`model.bh-graph.graph`.\n",
"in": "query",
"schema": {
"type": "string",
"default": "list",
"enum": [
"list",
"graph",
"count"
"graph"
]
}
},
Expand Down Expand Up @@ -15400,6 +15576,32 @@
"AcceptedUntil": {
"type": "string",
"format": "date-time"
},
"ImpactPercentage": {
"type": "number",
"format": "double"
},
"ImpactCount": {
"type": "integer",
"format": "int64"
},
"ExposurePercentage": {
"type": "number",
"format": "double"
},
"ExposureCount": {
"type": "integer",
"format": "int64"
},
"Severity": {
"type": "string",
"enum": [
"critical",
"high",
"moderate",
"low",
""
]
}
}
}
Expand Down Expand Up @@ -15437,6 +15639,32 @@
"accepted_until": {
"type": "string",
"format": "date-time"
},
"ImpactPercentage": {
"type": "number",
"format": "double"
},
"ImpactCount": {
"type": "integer",
"format": "int64"
},
"ExposurePercentage": {
"type": "number",
"format": "double"
},
"ExposureCount": {
"type": "integer",
"format": "int64"
},
"Severity": {
"type": "string",
"enum": [
"critical",
"high",
"moderate",
"low",
""
]
}
}
}
Expand Down Expand Up @@ -15709,7 +15937,7 @@
}
},
"related-entity-query-results": {
"description": "**OK**\n\nThis endpoint returns a response, dependent upon which return type is requested by the `type` parameter.\nThe only supported `type` parameter is `list`.\nWhile `list` is the only supported `type` parameter, the `count` or `graph` parameters can be used\nand will result in a different response structure then documented here.\nFor those interested in using the undocumented graph type parameter, the response type is described in the schema\nmodel.bh-graph.graph.\n",
"description": "**OK**\n\nThis endpoint returns a response, dependent upon which return type is requested by the `type` parameter.\nThe only supported `type` parameter is `list`.\nWhile `list` is the only supported `type` parameter, the `graph` parameter can be used\nand will result in a different response structure then documented here.\nFor those interested in using the undocumented graph type parameter, the response type is described in the schema\n`model.bh-graph.graph`.\n",
"content": {
"application/json": {
"schema": {
Expand Down
Loading
Loading