Merge pull request #1945 from akto-api-security/feature/test_templates_settings

Feature/test templates settings

Author: ankush-jain-akto

apps/dashboard/src/main/java/com/akto/action/AccountAction.java

@@ -329,6 +329,10 @@ public void run() {
                 AccountSettingsDao.instance.updateOnboardingFlag(true);
                 InitializerListener.insertPiiSources();
 
+                if (DashboardMode.isMetered()) {
+                    AccountSettings accountSettings = AccountSettingsDao.instance.findOne(AccountSettingsDao.generateFilter());
+                    InitializerListener.insertAktoTestLibraries(accountSettings);
+                }
                 try {
                     InitializerListener.executePIISourceFetch();
                 } catch (Exception e) {

apps/dashboard/src/main/java/com/akto/action/ProfileAction.java

@@ -135,6 +135,10 @@ public static void executeMeta1(Utility utility, User user, HttpServletRequest r
         } catch (Exception e) {
         }
 
+        if (DashboardMode.isMetered()) {
+            InitializerListener.insertAktoTestLibraries(accountSettings);
+        }
+
         Organization organization = OrganizationsDao.instance.findOne(
                 Filters.in(Organization.ACCOUNTS, sessionAccId)
         );

apps/dashboard/src/main/java/com/akto/action/settings/AdvancedTrafficFiltersAction.java

@@ -115,7 +115,7 @@ public String syncTrafficFromFilters(){
 
             List<ApiCollection> apiCollections = ApiCollectionsDao.instance.findAll(
                 Filters.nin(Constants.ID, deactivatedCollections), Projections.include(ApiCollection.HOST_NAME, ApiCollection.NAME));
-            YamlTemplate yamlTemplate = new YamlTemplate(filterConfig.getId(), Context.now(), getSUser().getLogin(), Context.now(), this.yamlContent, null);
+            YamlTemplate yamlTemplate = new YamlTemplate(filterConfig.getId(), Context.now(), getSUser().getLogin(), Context.now(), this.yamlContent, null, null);
             int accountId = Context.accountId.get();
             executorService.schedule( new Runnable() {
                 public void run() {

apps/dashboard/src/main/java/com/akto/listener/InitializerListener.java

@@ -54,6 +54,7 @@
 import com.akto.dto.settings.DefaultPayload;
 import com.akto.dto.sso.SAMLConfig;
 import com.akto.dto.test_editor.TestConfig;
+import com.akto.dto.test_editor.TestLibrary;
 import com.akto.dto.test_editor.YamlTemplate;
 import com.akto.dto.testing.*;
 import com.akto.dto.testing.custom_groups.AllAPIsGroup;
@@ -78,12 +79,14 @@
 import com.akto.stigg.StiggReporterClient;
 import com.akto.task.Cluster;
 import com.akto.telemetry.TelemetryJob;
+import com.akto.test_editor.TemplateSettingsUtil;
 import com.akto.testing.ApiExecutor;
 import com.akto.testing.HostDNSLookup;
 import com.akto.testing.TemplateMapper;
 import com.akto.usage.UsageMetricCalculator;
 import com.akto.usage.UsageMetricHandler;
 import com.akto.testing.workflow_node_executor.Utils;
+import com.akto.util.enums.GlobalEnums;
 import com.akto.util.filter.DictionaryFilter;
 import com.akto.utils.jobs.JobUtils;
 import com.akto.utils.jobs.MatchingJob;
@@ -97,6 +100,7 @@
 import com.akto.util.Pair;
 import com.akto.util.UsageUtils;
 import com.akto.util.enums.GlobalEnums.Severity;
+import com.akto.util.enums.GlobalEnums.TemplatePlan;
 import com.akto.util.enums.GlobalEnums.TestCategory;
 import com.akto.util.enums.GlobalEnums.YamlTemplateSource;
 import com.akto.util.http_util.CoreHTTPClient;
@@ -2433,6 +2437,30 @@ public static void clearRbacCollection(AccountsContextDaoWithRbac mCollection, i
         }
     }
 
+    public static Set<String> getAktoDefaultTestLibs() {
+        return new HashSet<>(Arrays.asList("akto-api-security/tests-library:standard", "akto-api-security/tests-library:pro"));
+    }
+
+    public static void insertAktoTestLibraries(AccountSettings accountSettings) {
+        List<TestLibrary> testLibraries = accountSettings == null ? new ArrayList<>() : accountSettings.getTestLibraries();
+        Set<String> aktoTestLibraries = getAktoDefaultTestLibs();
+
+        if (testLibraries != null) {
+            for (TestLibrary testLibrary: testLibraries) {
+                String author = testLibrary.getAuthor();
+                if (author.equals(Constants._AKTO)) {
+                    aktoTestLibraries.remove(testLibrary.getRepositoryUrl());
+                }
+            }
+        }
+
+        for (String pendingLib: aktoTestLibraries) {
+            AccountSettingsDao.instance.updateOne(
+                AccountSettingsDao.generateFilter(), 
+                Updates.addToSet(AccountSettings.TEST_LIBRARIES, new TestLibrary(pendingLib, Constants._AKTO, Context.now())));
+        }
+    }
+
     public static void insertPiiSources(){
         Map<String, String> map = new HashMap<>();
         String fileUrl = "https://raw.githubusercontent.com/akto-api-security/pii-types/master/general.json";
@@ -3113,10 +3141,29 @@ public void run() {
                     loggerMaker.errorAndAddToDb("Error while fetching Test Editor Templates from Github and local", LogDb.DASHBOARD);
                     return;
                 }
+
+                Map<String, byte[]> allYamlTemplates = TestTemplateUtils.getZipFromMultipleRepoAndBranch(getAktoDefaultTestLibs());
                 AccountTask.instance.executeTask((account) -> {
                     try {
-                        loggerMaker.infoAndAddToDb("Updating Test Editor Templates for accountId: " + account.getId(), LogDb.DASHBOARD);
+                        loggerMaker.infoAndAddToDb("Updating Test Editor Templates for accountId: " + account.getId(), LogDb.DASHBOARD);                        
                         processTemplateFilesZip(testingTemplates, Constants._AKTO, YamlTemplateSource.AKTO_TEMPLATES.toString(), "");
+
+                        if (!DashboardMode.isMetered()) return;
+
+                        loggerMaker.infoAndAddToDb("Updating Pro and Standard Templates for accountId: " + account.getId(), LogDb.DASHBOARD);                        
+                        
+                        AccountSettings accountSettings = AccountSettingsDao.instance.findOne(AccountSettingsDao.generateFilter());
+
+                        if (accountSettings == null ||accountSettings.getTestLibraries() == null) return;
+
+                        for(TestLibrary testLibrary: accountSettings.getTestLibraries()) {
+                            String repoUrl = testLibrary.getRepositoryUrl();
+                            if (repoUrl.contains("akto-api-security/tests-library")) {
+                                byte[] zipFile = allYamlTemplates.get(testLibrary.getRepositoryUrl());
+                                processTemplateFilesZip(zipFile, Constants._AKTO, YamlTemplateSource.AKTO_TEMPLATES.toString(), "");
+                            }
+                        }
+                        
                     } catch (Exception e) {
                         cacheLoggerMaker.errorAndAddToDb(e,
                                 String.format("Error while updating Test Editor Files %s", e.toString()),
@@ -3142,7 +3189,7 @@ public static void processTemplateFilesZip(byte[] zipFile, String author, String
                 int countTotalTemplates = 0;
                 int countUnchangedTemplates = 0;
                 Set<String> multiNodesIds = new HashSet<>();
-
+                int skipped = 0;
                 while ((entry = zipInputStream.getNextEntry()) != null) {
                     if (!entry.isDirectory()) {
                         String entryName = entry.getName();
@@ -3193,6 +3240,13 @@ public static void processTemplateFilesZip(byte[] zipFile, String author, String
 
                         // new or updated template
                         if (testConfig != null) {
+                            boolean hasSettings = testConfig.getAttributes() != null;
+
+                            if (hasSettings && !testConfig.getAttributes().getPlan().equals(TemplatePlan.FREE) && DashboardMode.isLocalDeployment()) {
+                                skipped++;
+                                continue;
+                            }
+
                             String id = testConfig.getId();
                             int createdAt = Context.now();
                             int updatedAt = Context.now();
@@ -3212,7 +3266,8 @@ public static void processTemplateFilesZip(byte[] zipFile, String author, String
                                             Updates.set(YamlTemplate.UPDATED_AT, updatedAt),
                                             Updates.set(YamlTemplate.HASH, templateContent.hashCode()),
                                             Updates.set(YamlTemplate.CONTENT, templateContent),
-                                            Updates.set(YamlTemplate.INFO, testConfig.getInfo())));
+                                            Updates.set(YamlTemplate.INFO, testConfig.getInfo()),
+                                            Updates.set(YamlTemplate.SETTINGS, testConfig.getAttributes())));
 
                             try {
                                 Object inactiveObject = TestConfigYamlParser.getFieldIfExists(templateContent,
@@ -3266,11 +3321,16 @@ public static void processTemplateFilesZip(byte[] zipFile, String author, String
                 if (countTotalTemplates != countUnchangedTemplates) {
                     loggerMaker.infoAndAddToDb(countUnchangedTemplates + "/" + countTotalTemplates + " unchanged", LogDb.DASHBOARD);
                 }
+
+                loggerMaker.infoAndAddToDb("Skipped " + skipped + " test templates for account: " + Context.accountId.get());
+
             } catch (Exception ex) {
                 cacheLoggerMaker.errorAndAddToDb(ex,
                         String.format("Error while processing Test template files zip. Error %s", ex.getMessage()),
                         LogDb.DASHBOARD);
             }
+        } else {
+            loggerMaker.infoAndAddToDb("Received null zip file");
         }
     }
 

apps/dashboard/src/main/java/com/akto/utils/TestTemplateUtils.java

@@ -1,28 +1,79 @@
 package com.akto.utils;
 
 import com.akto.log.LoggerMaker;
+import com.akto.util.DashboardMode;
 
 import static com.akto.listener.InitializerListener.loadTemplateFilesFromDirectory;
 
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Set;
+
 public class TestTemplateUtils {
 
     private static final LoggerMaker loggerMaker = new LoggerMaker(TestTemplateUtils.class, LoggerMaker.LogDb.DASHBOARD);
 
     public static byte[] getTestingTemplates() {
-        GithubSync githubSync = new GithubSync();
-        byte[] repoZip = githubSync.syncRepo("akto-api-security/tests-library", "master");
-        if(repoZip == null) {
-            loggerMaker.infoAndAddToDb("Failed to load test templates from github, trying to load from local directory");
+        byte[] repoZip = null;
+
+        if (DashboardMode.isMetered()) {
+            GithubSync githubSync = new GithubSync();
+            repoZip = githubSync.syncRepo("akto-api-security/tests-library", "master");
+
+            if(repoZip == null) {
+                loggerMaker.infoAndAddToDb("Failed to load test templates from github, trying to load from local directory");
+            } else {
+                loggerMaker.infoAndAddToDb("Loaded test templates from github");
+            }
+        }
+        
+        if (repoZip == null) {
             repoZip = loadTemplateFilesFromDirectory();
+
             if(repoZip == null) {
-                loggerMaker.errorAndAddToDb("Failed to load test templates from github or local directory");
-                return null;
+                loggerMaker.errorAndAddToDb("Failed to load test templates from local directory");
             } else {
                 loggerMaker.infoAndAddToDb("Loaded test templates from local directory");
             }
-        } else {
-            loggerMaker.infoAndAddToDb("Loaded test templates from github");
         }
+        
+        return repoZip;
+    }
+
+    public static Map<String, byte[]> getZipFromMultipleRepoAndBranch(Set<String> repoAndBranchList) {
+        
+        Map<String, byte[]> ret = new HashMap<>();
+
+        for (String repoAndBranch : repoAndBranchList) {
+            ret.put(repoAndBranch, getZipFromRepoAndBranch(repoAndBranch));
+        }
+
+        return ret;
+    }
+
+    public static byte[] getZipFromRepoAndBranch(String repositoryUrlAndBranch) {
+
+        String[] tokens = repositoryUrlAndBranch.split(":");
+
+        boolean isBranchMaster = (tokens.length == 1 || tokens[1].length() == 0);
+
+        return getProTemplates(tokens[0], isBranchMaster ? "master" : tokens[1]);
+    }
+
+    public static byte[] getProTemplates(String repositoryUrl, String branch) {
+        byte[] repoZip = null;
+
+        if (DashboardMode.isMetered()) {
+            GithubSync githubSync = new GithubSync();
+            repoZip = githubSync.syncRepo(repositoryUrl, branch);
+
+            if(repoZip == null) {
+                loggerMaker.infoAndAddToDb("Failed to load test templates from github, trying to load from local directory");
+            } else {
+                loggerMaker.infoAndAddToDb("Loaded test templates from github");
+            }
+        }
+        
         return repoZip;
     }
 

apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/test_editor/components/SampleApi.jsx

@@ -338,7 +338,7 @@ const SampleApi = () => {
                     testingRunResult={testResult?.testingRunResult}
                     runIssues={testResult?.testingRunIssues}
                     testSubCategoryMap={testResult?.subCategoryMap}
-                    testId={selectedTest.value}
+                    testId={selectedTest?.value}
                     source="editor"
                 />
                 </Box>

libs/dao/src/main/java/com/akto/dao/test_editor/TestConfigYamlParser.java

@@ -7,14 +7,9 @@
 import com.akto.dao.test_editor.auth.Parser;
 import com.akto.dao.test_editor.filter.ConfigParser;
 import com.akto.dao.test_editor.info.InfoParser;
+import com.akto.dao.test_editor.settings.SettingsParser;
 import com.akto.dao.test_editor.strategy.StrategyParser;
-import com.akto.dto.test_editor.Auth;
-import com.akto.dto.test_editor.ConfigParserResult;
-import com.akto.dto.test_editor.ExecutorConfigParserResult;
-import com.akto.dto.test_editor.Info;
-import com.akto.dto.test_editor.SeverityParserResult;
-import com.akto.dto.test_editor.Strategy;
-import com.akto.dto.test_editor.TestConfig;
+import com.akto.dto.test_editor.*;
 import com.fasterxml.jackson.core.type.TypeReference;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.fasterxml.jackson.dataformat.yaml.YAMLFactory;
@@ -51,27 +46,37 @@ public static TestConfig parseConfig(Map<String, Object> config) throws Exceptio
             return testConfig;
         }
 
+        Object settingsMap = config.get("attributes");
+        TemplateSettings attributes = null;
+        if (settingsMap != null) {
+            SettingsParser settingsParser = new SettingsParser();
+            attributes = settingsParser.parse(settingsMap);
+            if (attributes == null) {
+                return new TestConfig(id, info, null, null, null, null, null, null, null);
+            }
+        }
+
         Object authMap = config.get("auth");
         Auth auth = null;
         if (authMap != null) {
             Parser authParser = new Parser();
             auth = authParser.parse(authMap);
             if (auth == null) {
-                return new TestConfig(id, info, null, null, null, null, null, null);
+                return new TestConfig(id, info, null, null, null, null, null, null, attributes);
             }
         }
 
         Object filterMap = config.get("api_selection_filters");
         if (filterMap == null) {
             // todo: should not be null, throw error
-            return new TestConfig(id, info, auth, null, null, null, null, null);
+            return new TestConfig(id, info, auth, null, null, null, null, null, attributes);
         }
 
         ConfigParser configParser = new ConfigParser();
         ConfigParserResult filters = configParser.parse(filterMap);
         if (filters == null) {
             // todo: throw error
-            new TestConfig(id, info, auth, null, null, null, null, null);
+            new TestConfig(id, info, auth, null, null, null, null, null, attributes);
         }
 
         Map<String, List<String>> wordListMap = new HashMap<>();
@@ -80,32 +85,32 @@ public static TestConfig parseConfig(Map<String, Object> config) throws Exceptio
                 wordListMap = (Map) config.get("wordLists");
             }
         } catch (Exception e) {
-            return new TestConfig(id, info, null, null, null, null, null, null);
+            return new TestConfig(id, info, null, null, null, null, null, null, attributes);
         }
 
         Object executionMap = config.get("execute");
         if (executionMap == null) {
             // todo: should not be null, throw error
-            return new TestConfig(id, info, auth, filters, wordListMap, null, null, null);
+            return new TestConfig(id, info, auth, filters, wordListMap, null, null, null, attributes);
         }
 
         com.akto.dao.test_editor.executor.ConfigParser executorConfigParser = new com.akto.dao.test_editor.executor.ConfigParser();
         ExecutorConfigParserResult executeOperations = executorConfigParser.parseConfigMap(executionMap);
         if (executeOperations == null) {
             // todo: throw error
-            new TestConfig(id, info, auth, filters, wordListMap, null, null, null);
+            new TestConfig(id, info, auth, filters, wordListMap, null, null, null, attributes);
         }
 
         Object validationMap = config.get("validate");
         if (validationMap == null) {
             // todo: should not be null, throw error
-            return new TestConfig(id, info, auth, filters, wordListMap, executeOperations, null, null);
+            return new TestConfig(id, info, auth, filters, wordListMap, executeOperations, null, null, attributes);
         }
 
         ConfigParserResult validations = configParser.parse(validationMap);
         if (validations == null) {
             // todo: throw error
-            new TestConfig(id, info, auth, filters, wordListMap, executeOperations, null, null);
+            new TestConfig(id, info, auth, filters, wordListMap, executeOperations, null, null, attributes);
         }
 
         List<Object> apiSeverityTemp = new ArrayList<>();
@@ -135,7 +140,7 @@ public static TestConfig parseConfig(Map<String, Object> config) throws Exceptio
             strategy = strategyParser.parse(strategyObject);
         }
 
-        testConfig = new TestConfig(id, info, auth, filters, wordListMap, executeOperations, validations, strategy);
+        testConfig = new TestConfig(id, info, auth, filters, wordListMap, executeOperations, validations, strategy, attributes);
         testConfig.setDynamicSeverityList(dynamicSeverityList);
         return testConfig;
     }

libs/dao/src/main/java/com/akto/dao/test_editor/settings/SettingsParser.java

@@ -0,0 +1,17 @@
+package com.akto.dao.test_editor.settings;
+
+import com.akto.dto.test_editor.TemplateSettings;
+import com.fasterxml.jackson.databind.ObjectMapper;
+
+import java.util.Map;
+
+public class SettingsParser {
+
+    public TemplateSettings parse(Object settingsObj) {
+        Map<String, Object> settingsMap = (Map) settingsObj;
+        ObjectMapper objectMapper = new ObjectMapper();
+        TemplateSettings settings = objectMapper.convertValue(settingsMap, TemplateSettings.class);
+        return settings;
+    }
+
+}