Merge branch 'main' of https://github.com/red-kite-solutions/stalker

Author: Aboisier

.github/workflows/deploy-documentation.yml

@@ -28,31 +28,32 @@ jobs:
       - name: Build
         working-directory: ./docs
         run: npm run build
-
-      - name: Upload artifact
+          
+      - name: Upload static files as artifact
         id: upload
         uses: actions/upload-pages-artifact@v3
         with:
-          # 👇 Specify build output path
-          path: ./docs/build
-          name: github-pages
+          path:  ./docs/build
 
   deploy:
     needs: build
     runs-on: ubuntu-latest
 
-    environment:
-      name: github-pages
-      url: ${{ steps.deployment.outputs.page_url }}
-
     permissions:
       pages: write
       id-token: write
+      
+    environment:
+      name: github-pages
+      url: ${{ steps.deployment.outputs.page_url }}
 
     steps:
+      - name: Configure Pages
+        uses: actions/configure-pages@v4
+      
       - name: Deploy to GitHub Pages
         id: deployment
-        uses: actions/deploy-pages@v3
+        uses: actions/deploy-pages@v4
 
   reindex:
     needs: deploy

packages/backend/jobs-manager/service/src/modules/auth/constants.ts

@@ -2,7 +2,7 @@ import { UnauthorizedException } from '@nestjs/common';
 
 export const jwtConstants = {
   secret: process.env['JM_JWT_SECRET'],
-  expirationTime: '300s',
+  expirationTime: '12h',
 };
 
 export const resetPasswordConstants = {
@@ -11,7 +11,7 @@ export const resetPasswordConstants = {
 
 export const rtConstants = {
   secret: process.env['JM_REFRESH_SECRET'],
-  expirationTime: '25200s',
+  expirationTime: '5 days',
 };
 
 export const orchestratorConstants = {

packages/backend/jobs-manager/service/src/modules/database/database.constants.ts

@@ -11,5 +11,5 @@ export const MONGO_TIMESTAMP_SCHEMA_CONFIG: SchemaOptions = {
   },
 };
 
-export const detailsLevel = ['full', 'summary', 'number'] as const;
+export const detailsLevel = ['extended', 'full', 'summary', 'number'] as const;
 export type DetailsLevel = (typeof detailsLevel)[number];

packages/backend/jobs-manager/service/src/modules/database/reporting/port/port.controller.ts

@@ -20,7 +20,7 @@ import { RolesGuard } from '../../../auth/guards/role.guard';
 import { ApiKeyStrategy } from '../../../auth/strategies/api-key.strategy';
 import { JwtStrategy } from '../../../auth/strategies/jwt.strategy';
 import { BatchEditPortsDto, DeleteManyPortsDto, GetPortsDto } from './port.dto';
-import { Port, PortDocument } from './port.model';
+import { ExtendedPort, Port, PortDocument } from './port.model';
 import { PortService } from './port.service';
 
 @Controller('ports')
@@ -32,7 +32,7 @@ export class PortController {
   @Get()
   async getHostTopTcpPorts(
     @Query() dto: GetPortsDto,
-  ): Promise<Port[] | Page<PortDocument>> {
+  ): Promise<Port[] | Page<PortDocument | ExtendedPort>> {
     if (dto.detailsLevel === 'summary') throw new HttpNotImplementedException();
 
     const totalRecords = await this.portsService.count(dto);

packages/backend/jobs-manager/service/src/modules/database/reporting/port/port.model.ts

@@ -1,8 +1,13 @@
 import { Prop, Schema, SchemaFactory } from '@nestjs/mongoose';
 import { Document, Types } from 'mongoose';
 import { MONGO_TIMESTAMP_SCHEMA_CONFIG } from '../../database.constants';
+import { DomainSummary } from '../domain/domain.summary';
 import { HostSummary, HostSummaryType } from '../host/host.summary';
 
+export interface ExtendedPort extends Port {
+  domains?: DomainSummary[];
+}
+
 export type PortDocument = Port & Document;
 
 @Schema(MONGO_TIMESTAMP_SCHEMA_CONFIG)

packages/backend/jobs-manager/service/src/modules/database/reporting/port/port.service.ts

@@ -1,7 +1,7 @@
 import { Injectable, Logger } from '@nestjs/common';
 import { InjectModel } from '@nestjs/mongoose';
 import { DeleteResult, UpdateResult } from 'mongodb';
-import { FilterQuery, Model, Types } from 'mongoose';
+import { FilterQuery, Model, Query, Types } from 'mongoose';
 import {
   HttpBadRequestException,
   HttpNotFoundException,
@@ -12,7 +12,7 @@ import { CorrelationKeyUtils } from '../correlation.utils';
 import { Host, HostDocument } from '../host/host.model';
 import { WebsiteService } from '../websites/website.service';
 import { BatchEditPortsDto, GetPortsDto } from './port.dto';
-import { Port, PortDocument } from './port.model';
+import { ExtendedPort, Port, PortDocument } from './port.model';
 
 @Injectable()
 export class PortService {
@@ -218,7 +218,6 @@ export class PortService {
   }
 
   public async getHostPort(hostId: string, portNumber: number) {
-    console.log(await this.portsModel.findOne());
     return await this.portsModel.findOne({
       'host.id': { $eq: new Types.ObjectId(hostId) },
       port: { $eq: portNumber },
@@ -315,13 +314,13 @@ export class PortService {
     page: number = null,
     pageSize: number = null,
     filter: Partial<GetPortsDto> = null,
-  ): Promise<PortDocument[]> {
+  ): Promise<(PortDocument | ExtendedPort)[]> {
     const projection =
       filter.detailsLevel === 'number'
         ? '_id port layer4Protocol correlationKey'
         : undefined;
 
-    let query;
+    let query: Query<PortDocument[], any> = null;
     if (filter) {
       query = this.portsModel.find(await this.buildFilters(filter), projection);
     } else {
@@ -331,7 +330,25 @@ export class PortService {
     if (page != null && pageSize != null) {
       query = query.skip(page * pageSize).limit(pageSize);
     }
-    return await query;
+
+    let ports = await query.exec();
+    if (filter.detailsLevel === 'extended') {
+      const hostIds: Types.ObjectId[] = ports.map((p) => p.host.id);
+      const summaries: Pick<HostDocument, '_id' | 'domains'>[] =
+        await this.hostModel.find({ _id: { $in: hostIds } }, '_id domains');
+      const extendedPorts: ExtendedPort[] = [];
+      for (const p of ports) {
+        extendedPorts.push({
+          ...JSON.parse(JSON.stringify(p)),
+          domains: summaries.find(
+            (s) => s._id.toString() === p.host.id.toString(),
+          )?.domains,
+        });
+      }
+      return extendedPorts;
+    }
+
+    return ports;
   }
 
   public async count(filter: GetPortsDto = null) {

packages/backend/jobs-manager/service/src/modules/database/reporting/project.service.spec.ts

@@ -0,0 +1,103 @@
+import { getModelToken } from '@nestjs/mongoose';
+import { Test, TestingModule } from '@nestjs/testing';
+import { randomUUID } from 'crypto';
+import { Model } from 'mongoose';
+import { AppModule } from '../../app.module';
+import { CustomFindingFieldDto } from '../../findings/finding.dto';
+import { FindingsService } from '../../findings/findings.service';
+import { Job } from '../jobs/models/jobs.model';
+import { CustomFinding } from './findings/finding.model';
+import { ProjectService } from './project.service';
+
+describe('Project Service Spec', () => {
+  let moduleFixture: TestingModule;
+  let findingsService: FindingsService;
+  let projectService: ProjectService;
+  let findingsModel: Model<CustomFinding>;
+  let jobsModel: Model<Job>;
+
+  beforeAll(async () => {
+    moduleFixture = await Test.createTestingModule({
+      imports: [AppModule],
+    }).compile();
+    findingsService = moduleFixture.get(FindingsService);
+    projectService = moduleFixture.get(ProjectService);
+    findingsModel = moduleFixture.get<Model<CustomFinding>>(
+      getModelToken('finding'),
+    );
+    jobsModel = moduleFixture.get<Model<Job>>(getModelToken('job'));
+  });
+
+  beforeEach(async () => {
+    await findingsModel.deleteMany({});
+    const ids = await projectService.getAllIds();
+    for (const id of ids) {
+      await projectService.delete(id);
+    }
+  });
+
+  afterAll(async () => {
+    await moduleFixture.close();
+  });
+
+  describe('Cleanup project', () => {
+    it('Should preserve findings that do not belong to the deleted project', async () => {
+      // Arrange
+      const p = await project();
+      const p2 = await project();
+
+      const nonFilteredKey = 'my-finding-1';
+      const filteredKey = 'my-finding-2';
+
+      const j = await jobsModel.create({
+        projectId: p.id,
+        task: 'CustomJob',
+      });
+
+      const f1 = await customDomainFinding(p.id, j.id, filteredKey);
+      const f2 = await customDomainFinding(p2.id, j.id, nonFilteredKey);
+
+      // Act
+      await projectService.delete(p._id.toString());
+      const findings = await findingsService.getAll(0, 100, {});
+
+      // Assert
+      expect(findings.totalRecords).toBe(1);
+      expect(findings.items[0].correlationKey).toMatch(
+        new RegExp(`^project:${p2._id.toString()}`),
+      );
+    });
+  });
+
+  async function customDomainFinding(
+    projectId: string,
+    jobId: string,
+    key: string,
+    domainName: string = 'example.org',
+    name: string = 'My finding',
+    fields: Array<CustomFindingFieldDto> = [
+      {
+        key: 'my-field',
+        type: 'text',
+        label: 'My label',
+        data: 'My content',
+      },
+    ],
+  ) {
+    return await findingsService.save(projectId, jobId, {
+      key,
+      name,
+      fields,
+      type: 'CustomFinding',
+      domainName,
+    });
+  }
+
+  async function project() {
+    return await projectService.addProject({
+      name: randomUUID(),
+      imageType: null,
+      logo: null,
+    });
+  }
+});

packages/backend/jobs-manager/service/src/modules/database/reporting/project.service.ts

@@ -104,7 +104,7 @@ export class ProjectService {
     await this.websiteService.deleteAllForProject(id);
     await this.triggerService.deleteAllForProject(id);
     await this.findingModel.deleteMany({
-      projectId: { $eq: new Types.ObjectId(id) },
+      correlationKey: { $regex: new RegExp(`^project:${id}`) },
     });
     await this.cronSubscriptionModel.deleteMany({
       projectId: { $eq: new Types.ObjectId(id) },

packages/backend/jobs-manager/service/src/modules/findings/findings.service.spec.ts

@@ -35,7 +35,7 @@ describe('Findings Service Spec', () => {
   });
 
   beforeEach(async () => {
-    findingsModel.deleteMany();
+    await findingsModel.deleteMany({});
   });
 
   afterAll(async () => {
@@ -326,6 +326,70 @@ describe('Findings Service Spec', () => {
     expect(endpoint.fields[0].data).toStrictEqual('/example/file.html');
   });
 
+  describe('Cleanup findings', () => {
+    beforeEach(() => {
+      findingsModel.deleteMany({});
+    });
+
+    it('Should preserve findings that are not older than the time limit', async () => {
+      // Arrange
+      const c = await project();
+
+      const j = await jobsModel.create({
+        projectId: c.id,
+        task: 'CustomJob',
+      });
+
+      const nonFilteredKey = 'my-finding-1';
+      const filteredKey = 'my-finding-2';
+
+      const f1 = await customDomainFinding(c.id, j.id, filteredKey);
+      const f2 = await customDomainFinding(c.id, j.id, nonFilteredKey);
+      const now = Date.now();
+      const yearMs = 60 * 60 * 24 * 365 * 1000;
+      await findingsModel.updateOne(
+        { _id: f1._id },
+        { created: new Date(now - yearMs + 1) },
+      );
+
+      // Act
+      await findingsService.cleanup(now, yearMs);
+      const findings = await findingsService.getAll(0, 100, {});
+
+      // Assert
+      expect(findings.totalRecords).toBe(2);
+    });
+
+    it('Should delete findings that are older than the time limit', async () => {
+      // Arrange
+      const c = await project();
+
+      const j = await jobsModel.create({
+        projectId: c.id,
+        task: 'CustomJob',
+      });
+
+      const nonFilteredKey = 'my-finding-1';
+      const filteredKey = 'my-finding-2';
+
+      const f1 = await customDomainFinding(c.id, j.id, filteredKey);
+      const f2 = await customDomainFinding(c.id, j.id, nonFilteredKey);
+      const now = Date.now();
+      const yearMs = 60 * 60 * 24 * 365 * 1000;
+      await findingsModel.updateOne(
+        { _id: f1._id },
+        { created: new Date(now - yearMs - 1) },
+      );
+
+      // Act
+      await findingsService.cleanup(now, yearMs);
+      const findings = await findingsService.getAll(0, 100, {});
+
+      // Assert
+      expect(findings.totalRecords).toBe(1);
+    });
+  });
+
   async function customDomainFinding(
     projectId: string,
     jobId: string,

packages/backend/jobs-manager/service/src/modules/findings/findings.service.ts

@@ -223,13 +223,18 @@ export class FindingsService {
   /**
    * Deletes all the findings runs older than `config.jobRunRetentionTimeSeconds`.
    */
-  public async cleanup(): Promise<void> {
-    const config = await this.configService.getConfig();
-    const ttlMilliseconds = config.findingRetentionTimeSeconds * 1000;
-    const now = Date.now();
+  public async cleanup(
+    now: number = Date.now(),
+    ttlMilliseconds: number | undefined = undefined,
+  ): Promise<void> {
+    if (ttlMilliseconds === undefined) {
+      const config = await this.configService.getConfig();
+      ttlMilliseconds = config.findingRetentionTimeSeconds * 1000;
+    }
+
     const oldestValidCreationDate = now - ttlMilliseconds;
     await this.findingModel.deleteMany({
-      $or: [{ created: { $lte: new Date(oldestValidCreationDate) } }],
+      created: { $lte: new Date(oldestValidCreationDate) },
     });
   }