Trinetra/init-mongo.js at main · themalwarenews/Trinetra · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
// MongoDB initialization script for Cloud Access Visualizer
// This script sets up the database with initial collections and indexes

// Switch to application database
db = db.getSiblingDB('cloud_access');

// Create collections
db.createCollection('users');
db.createCollection('credentials');
db.createCollection('audit_logs');
db.createCollection('sessions');

print('Collections created successfully');

// Create indexes for users collection
db.users.createIndex({"user_email": 1}, {unique: true});
db.users.createIndex({"overall_risk_score": -1});
db.users.createIndex({"last_updated": -1});
db.users.createIndex({"provider": 1, "access_type": 1});
db.users.createIndex({"department": 1});
db.users.createIndex({"is_service_account": 1});

print('User indexes created successfully');

// Create indexes for audit_logs collection
db.audit_logs.createIndex({"timestamp": -1});
db.audit_logs.createIndex({"user_id": 1, "timestamp": -1});
db.audit_logs.createIndex({"action": 1, "timestamp": -1});
db.audit_logs.createIndex({"ip_address": 1});

print('Audit log indexes created successfully');

// Create indexes for credentials collection
db.credentials.createIndex({"provider": 1});
db.credentials.createIndex({"status": 1});
db.credentials.createIndex({"created_by": 1});

print('Credential indexes created successfully');

// Create indexes for sessions collection
db.sessions.createIndex({"user_id": 1});
db.sessions.createIndex({"expires_at": 1}, {expireAfterSeconds: 0});
db.sessions.createIndex({"is_active": 1});

print('Session indexes created successfully');

// Create default admin user
const adminUser = {
    "id": "admin-user-uuid",
    "user_email": "admin@cloudaccess.com",
    "user_name": "System Administrator",
    "password_hash": "$2b$12$LQv3c1yqBWVHxkd0LHAkCOYz6TtxMQJqhN8/LewfdzKqn2.pT1Jeu", // admin123
    "role": "admin",
    "department": "IT Security",
    "job_title": "Security Administrator",
    "is_service_account": false,
    "resources": [],
    "groups": ["Administrators"],
    "roles": ["SuperAdmin"],
    "overall_risk_score": 95.0,
    "privilege_escalation_paths": [],
    "unused_privileges": [],
    "cross_provider_admin": true,
    "last_updated": new Date(),
    "created_at": new Date(),
    "data_source": "manual"
};

// Insert admin user if it doesn't exist
const existingAdmin = db.users.findOne({"user_email": "admin@cloudaccess.com"});
if (!existingAdmin) {
    db.users.insertOne(adminUser);
    print('Default admin user created: admin@cloudaccess.com / admin123');
} else {
    print('Admin user already exists');
}

// Create sample application user
const sampleUser = {
    "id": "sample-user-uuid",
    "user_email": "user@cloudaccess.com",
    "user_name": "Sample User",
    "password_hash": "$2b$12$LQv3c1yqBWVHxkd0LHAkCOYz6TtxMQJqhN8/LewfdzKqn2.pT1Jeu", // user123
    "role": "user",
    "department": "Engineering",
    "job_title": "Software Developer",
    "is_service_account": false,
    "resources": [
        {
            "id": "sample-resource-1",
            "provider": "aws",
            "service": "IAM",
            "resource_type": "role",
            "resource_name": "DeveloperRole",
            "access_type": "read",
            "risk_level": "low",
            "last_used": new Date(),
            "mfa_required": true
        }
    ],
    "groups": ["Developers"],
    "roles": ["ReadOnlyUser"],
    "overall_risk_score": 25.0,
    "privilege_escalation_paths": [],
    "unused_privileges": [],
    "cross_provider_admin": false,
    "last_updated": new Date(),
    "created_at": new Date(),
    "data_source": "manual"
};

// Insert sample user if it doesn't exist
const existingSampleUser = db.users.findOne({"user_email": "user@cloudaccess.com"});
if (!existingSampleUser) {
    db.users.insertOne(sampleUser);
    print('Sample user created: user@cloudaccess.com / user123');
} else {
    print('Sample user already exists');
}

// Create initial audit log entry
const initialAuditLog = {
    "id": "initial-audit-log",
    "timestamp": new Date(),
    "user_id": "admin-user-uuid",
    "user_email": "admin@cloudaccess.com",
    "action": "system_initialization",
    "ip_address": "127.0.0.1",
    "user_agent": "MongoDB Init Script",
    "risk_score": 0,
    "details": {
        "message": "Cloud Access Visualizer initialized",
        "version": "1.0.0"
    }
};

db.audit_logs.insertOne(initialAuditLog);
print('Initial audit log entry created');

print('Database initialization completed successfully!');
print('Default credentials:');
print('  Admin: admin@cloudaccess.com / admin123');
print('  User:  user@cloudaccess.com / user123');
print('Please change these passwords after first login!');