From 53a70f10d50aabd4850a66f9de7f68f74c39c459 Mon Sep 17 00:00:00 2001 From: Umesh Kumar <166806589+TangoBeeAkto@users.noreply.github.com> Date: Tue, 24 Dec 2024 12:51:47 +0530 Subject: [PATCH 1/5] feat: made automated login test flow editable --- .../com/akto/action/testing/TestRolesAction.java | 2 +- .../pages/testing/TestRoleSettings/ParamsCard.jsx | 2 +- .../testing/TestRoleSettings/TestRoleSettings.jsx | 14 ++++++++++++-- .../web/src/apps/dashboard/pages/testing/api.js | 4 ++-- .../pages/testing/user_config/JsonRecording.jsx | 2 +- .../pages/testing/user_config/LoginStepBuilder.jsx | 2 +- 6 files changed, 18 insertions(+), 8 deletions(-) diff --git a/apps/dashboard/src/main/java/com/akto/action/testing/TestRolesAction.java b/apps/dashboard/src/main/java/com/akto/action/testing/TestRolesAction.java index 5a365b3503..c7e44d06bd 100644 --- a/apps/dashboard/src/main/java/com/akto/action/testing/TestRolesAction.java +++ b/apps/dashboard/src/main/java/com/akto/action/testing/TestRolesAction.java @@ -86,7 +86,7 @@ private AuthWithCond makeAuthWithConditionFromParamData(TestRoles role){ for (AuthParamData authParamDataElem : authParamData) { AuthParam param = null; - if (authAutomationType.equals(LoginFlowEnums.AuthMechanismTypes.HARDCODED.toString())) { + if (authAutomationType.toUpperCase().equals(LoginFlowEnums.AuthMechanismTypes.HARDCODED.toString())) { param = new HardcodedAuthParam(authParamDataElem.getWhere(), authParamDataElem.getKey(), authParamDataElem.getValue(), true); } else { param = new LoginRequestAuthParam(authParamDataElem.getWhere(), authParamDataElem.getKey(), authParamDataElem.getValue(), authParamDataElem.getShowHeader()); diff --git a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/TestRoleSettings/ParamsCard.jsx b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/TestRoleSettings/ParamsCard.jsx index e7dd96427d..49a7b41ba4 100644 --- a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/TestRoleSettings/ParamsCard.jsx +++ b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/TestRoleSettings/ParamsCard.jsx @@ -69,7 +69,7 @@ function ParamsCard({dataObj, handleDelete, showEdit}) { - {authMechanism?.type?.toLowerCase() === 'hardcoded' ? : null} + diff --git a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/TestRoleSettings/TestRoleSettings.jsx b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/TestRoleSettings/TestRoleSettings.jsx index dd30d7488e..b6dd25500c 100644 --- a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/TestRoleSettings/TestRoleSettings.jsx +++ b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/TestRoleSettings/TestRoleSettings.jsx @@ -81,6 +81,7 @@ function TestRoleSettings() { const resetFunc = (newItems) => { setChange(false); setRoleName(newItems.name || systemRole || ""); + setAuthMechanism(null) dispatchConditions({type:"replace", conditions:transform.createConditions(newItems.endpoints)}) } useEffect(() => { @@ -186,7 +187,7 @@ function TestRoleSettings() { setAdvancedHeaderSettingsOpen(true) } setShowAuthComponent(true) - setHardcodedOpen(true) + setHardcodedOpen(authObj?.authMechanism?.type === "HardCoded") setEditableDocs(index) } @@ -305,6 +306,8 @@ function TestRoleSettings() { setHeaderKey('') setHeaderValue('') setHardCodeAuthInfo({authParams:[]}) + setAuthMechanism(null) + setHardcodedOpen(true) } const handleSaveAuthMechanism = async() => { @@ -332,8 +335,15 @@ function TestRoleSettings() { errorFilePath: null, } } + + if(editableDoc > -1) { + resp = await api.updateAuthInRole(initialItems.name, apiCond, editableDoc, currentInfo.authParams, automationType, currentInfo.steps, recordedLoginFlowInput) + } else { + resp = await api.addAuthToRole(initialItems.name, apiCond, currentInfo.authParams, automationType, currentInfo.steps, recordedLoginFlowInput) + } + } else { + func.setToast(true, true, "Request data cannot be empty!") } - resp = await api.addAuthToRole(initialItems.name, apiCond, currentInfo.authParams, automationType, currentInfo.steps, recordedLoginFlowInput) } handleCancel() await saveAction(true, resp.selectedRole.authWithCondList) diff --git a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/api.js b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/api.js index be973bfa69..abbb7a61ff 100644 --- a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/api.js +++ b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/api.js @@ -256,11 +256,11 @@ export default { data: {roleName, index} }) }, - updateAuthInRole(roleName, apiCond ,index, authParamData, authAutomationType) { + updateAuthInRole(roleName, apiCond ,index, authParamData, authAutomationType, reqData, recordedLoginFlowInput) { return request({ url: '/api/updateAuthInRole', method: 'post', - data: {roleName, apiCond, index, authParamData, authAutomationType} + data: {roleName, apiCond, index, authParamData, authAutomationType, reqData, recordedLoginFlowInput} }) }, deleteTestRuns(testRunIds){ diff --git a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/user_config/JsonRecording.jsx b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/user_config/JsonRecording.jsx index bc4f0edb60..71f45be56f 100644 --- a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/user_config/JsonRecording.jsx +++ b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/user_config/JsonRecording.jsx @@ -25,7 +25,7 @@ function JsonRecording({extractInformation, showOnlyApi, setStoreData}) { }]) useEffect(() => { - if (!extractInformation) { + if (extractInformation) { if (authMechanism && authMechanism.type === "LOGIN_REQUEST" && authMechanism.requestData[0].type === "RECORDED_FLOW") { setTokenFetchCommand(authMechanism.requestData[0].tokenFetchCommand) setAuthParams(authMechanism.authParams) diff --git a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/user_config/LoginStepBuilder.jsx b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/user_config/LoginStepBuilder.jsx index a7b249928a..b6f168e955 100644 --- a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/user_config/LoginStepBuilder.jsx +++ b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/user_config/LoginStepBuilder.jsx @@ -49,7 +49,7 @@ function LoginStepBuilder({extractInformation, showOnlyApi, setStoreData}) { useEffect(() => { - if(!extractInformation){ + if(extractInformation){ setIsLoading(true) if (authMechanism && authMechanism.type === "LOGIN_REQUEST" && authMechanism.requestData[0].type !== "RECORDED_FLOW") { setSteps(authMechanism.requestData.map((step, index) => ({ From 74bbddc237e03189b95d79d5d30e3cb8b642a383 Mon Sep 17 00:00:00 2001 From: Umesh Kumar <166806589+TangoBeeAkto@users.noreply.github.com> Date: Tue, 24 Dec 2024 13:28:38 +0530 Subject: [PATCH 2/5] fix: fixed a bug --- .../pages/testing/TestRoleSettings/TestRoleSettings.jsx | 1 + 1 file changed, 1 insertion(+) diff --git a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/TestRoleSettings/TestRoleSettings.jsx b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/TestRoleSettings/TestRoleSettings.jsx index b6dd25500c..f38242d09a 100644 --- a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/TestRoleSettings/TestRoleSettings.jsx +++ b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/TestRoleSettings/TestRoleSettings.jsx @@ -308,6 +308,7 @@ function TestRoleSettings() { setHardCodeAuthInfo({authParams:[]}) setAuthMechanism(null) setHardcodedOpen(true) + setEditableDocs(-1) } const handleSaveAuthMechanism = async() => { From fba5ee39c8cbcb245bb1910e2b64002b8f2800cb Mon Sep 17 00:00:00 2001 From: Umesh Kumar <166806589+TangoBeeAkto@users.noreply.github.com> Date: Tue, 24 Dec 2024 16:15:23 +0530 Subject: [PATCH 3/5] fix: update login test flow data when user clicks on multiple edit auth token button --- .../apps/dashboard/pages/testing/user_config/JsonRecording.jsx | 2 +- .../dashboard/pages/testing/user_config/LoginStepBuilder.jsx | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/user_config/JsonRecording.jsx b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/user_config/JsonRecording.jsx index 71f45be56f..df31619336 100644 --- a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/user_config/JsonRecording.jsx +++ b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/user_config/JsonRecording.jsx @@ -35,7 +35,7 @@ function JsonRecording({extractInformation, showOnlyApi, setStoreData}) { } else { return; } - }, []) + }, [authMechanism]) const inputRef = useRef(null); diff --git a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/user_config/LoginStepBuilder.jsx b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/user_config/LoginStepBuilder.jsx index b6f168e955..57dba6036c 100644 --- a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/user_config/LoginStepBuilder.jsx +++ b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/user_config/LoginStepBuilder.jsx @@ -65,7 +65,7 @@ function LoginStepBuilder({extractInformation, showOnlyApi, setStoreData}) { }else{ return; } - }, []) + }, [authMechanism]) const stepOptions = [ { label: "Call API", value: "LOGIN_FORM" }, From bd8e0b516a7d20c773f2587bcbc265c34d7e3957 Mon Sep 17 00:00:00 2001 From: Umesh Kumar <166806589+TangoBeeAkto@users.noreply.github.com> Date: Wed, 25 Dec 2024 01:10:08 +0530 Subject: [PATCH 4/5] fix: fixed dropdown for auth params --- .../src/apps/dashboard/pages/testing/user_config/AuthParams.jsx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/user_config/AuthParams.jsx b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/user_config/AuthParams.jsx index 3c49c0afbf..294d155664 100644 --- a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/user_config/AuthParams.jsx +++ b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/user_config/AuthParams.jsx @@ -60,7 +60,7 @@ function AuthParams({ authParams, setAuthParams, hideTitle }) {
handleUpdate(index, "where", authParamLocation)} /> Key: handleUpdate(index, "key", key)} /> From ef671d254dc6f423cb0033ab0d795fe0984227d6 Mon Sep 17 00:00:00 2001 From: Umesh Kumar <166806589+TangoBeeAkto@users.noreply.github.com> Date: Wed, 25 Dec 2024 01:41:39 +0530 Subject: [PATCH 5/5] fix: refresh after attacker token test role update --- .../main/java/com/akto/action/testing/TestRolesAction.java | 4 ++-- .../pages/testing/TestRoleSettings/TestRoleSettings.jsx | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/apps/dashboard/src/main/java/com/akto/action/testing/TestRolesAction.java b/apps/dashboard/src/main/java/com/akto/action/testing/TestRolesAction.java index c7e44d06bd..94536e48bb 100644 --- a/apps/dashboard/src/main/java/com/akto/action/testing/TestRolesAction.java +++ b/apps/dashboard/src/main/java/com/akto/action/testing/TestRolesAction.java @@ -180,8 +180,8 @@ public String updateTestRoles() { isAttackerRole = role.getId().equals(attackerRole.getId()); } if (isAttackerRole) { - addActionError("Unable to update endpoint conditions for attacker role"); - return ERROR.toUpperCase(); + this.orConditions = null; + this.andConditions = null; } Conditions orConditions = null; diff --git a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/TestRoleSettings/TestRoleSettings.jsx b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/TestRoleSettings/TestRoleSettings.jsx index f38242d09a..115d0780e7 100644 --- a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/TestRoleSettings/TestRoleSettings.jsx +++ b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/testing/TestRoleSettings/TestRoleSettings.jsx @@ -131,7 +131,7 @@ function TestRoleSettings() { const saveAction = async (updatedAuth=false, authWithCondLists = null) => { let andConditions = transform.filterContainsConditions(conditions, 'AND') let orConditions = transform.filterContainsConditions(conditions, 'OR') - if (!(andConditions || orConditions) || roleName.length === 0) { + if (roleName !== 'ATTACKER_TOKEN_ALL' && !(andConditions || orConditions) || roleName.length === 0) { func.setToast(true, true, "Please select valid values for a test role") } else { if (isNew) { @@ -235,7 +235,7 @@ function TestRoleSettings() { } } - const conditionsCard = ( + const conditionsCard = roleName !== 'ATTACKER_TOKEN_ALL' ? ( - ) + ) : (<>) const deleteModalComp = (