Sep_24_2023-Dev

2025-09-29 19:24:26 +03:00 · 2023-09-24 10:28:57 +00:00
parent a4d1fb6f7f
commit 582791e37a
106 changed files with 12287 additions and 169 deletions
--- a/components/security_apps/orchestration/details_resolver/details_resolver_handlers/checkpoint_product_handlers.h
+++ b/components/security_apps/orchestration/details_resolver/details_resolver_handlers/checkpoint_product_handlers.h
@@ -42,6 +42,16 @@ checkSamlPortal(const string &command_output)
    return genError("Current host does not have SAML Portal configured");
 }

+Maybe<string>
+getIDAGaia(const string &command_output)
+{
+    if (command_output.find("Portal is running") != string::npos) {
+        return string("ida_gaia");
+    }
+
+    return genError("Current host does not have SAML Portal configured");
+}
+
 Maybe<string>
 checkIDP(shared_ptr<istream> file_stream)
 {
@@ -226,58 +236,24 @@ getSmbGWIPSecVPNBlade(const string &command_output)
 {
    return getSmbBlade(command_output, "IPSec VPN Blade was not found");
 }
-
-Maybe<string>
-getMgmtParentObjAttr(shared_ptr<istream> file_stream, const string &parent_obj, const string &attr)
-{
-    string line;
-    bool found_parent_obj = false;
-    while (getline(*file_stream, line)) {
-        size_t parent_obj_pos = line.find(parent_obj);
-        if (parent_obj_pos != string::npos) found_parent_obj = true;
-        if (!found_parent_obj) continue;
-
-        size_t attr_pos = line.find(attr);
-        if (attr_pos == string::npos) continue;
-        line = line.substr(attr_pos + attr.size());
-        return line;
-    }
-    return genError("Parent object attribute was not found. Attr: " + attr);
-}
 #endif // gaia || smb

 #if defined(gaia)
 Maybe<string>
-getMgmtParentObjUid(shared_ptr<istream> file_stream)
+getMgmtParentObjUid(const string &command_output)
 {
-    auto maybe_unparsed_uid = getMgmtParentObjAttr(file_stream, "cluster_object", "Uid ");
-    if (!maybe_unparsed_uid.ok()) {
-        return maybe_unparsed_uid;
-    }
-    const string &unparsed_uid = maybe_unparsed_uid.unpack();
-    auto maybe_uid = chopHeadAndTail(unparsed_uid, "(\"{", "}\")");
-    if (!maybe_uid.ok()) {
-        return maybe_uid;
-    }
-    string uid = maybe_uid.unpack();
-    transform(uid.begin(), uid.end(), uid.begin(), ::tolower);
-    return uid;
+    return getAttr(command_output, "Parent object uuid was not found");
 }

 Maybe<string>
-getMgmtParentObjName(shared_ptr<istream> file_stream)
+getMgmtParentObjName(const string &command_output)
 {
-    auto maybe_unparsed_name = getMgmtParentObjAttr(file_stream, "cluster_object", "Name ");
-    if (!maybe_unparsed_name.ok()) {
-        return maybe_unparsed_name;
-    }
-    const string &unparsed_name = maybe_unparsed_name.unpack();
-    return chopHeadAndTail(unparsed_name, "(", ")");
+    return getAttr(command_output, "Parent object name was not found");
 }

 #elif defined(smb)
 Maybe<string>
-getMgmtParentObjUid(const string &command_output)
+getSmbMgmtParentObjUid(const string &command_output)
 {
    if (!command_output.empty()) {
        return command_output;
@@ -286,7 +262,7 @@ getMgmtParentObjUid(const string &command_output)
 }

 Maybe<string>
-getMgmtParentObjName(const string &command_output)
+getSmbMgmtParentObjName(const string &command_output)
 {
    if (!command_output.empty()) {
        return command_output;
@@ -314,6 +290,34 @@ getOsRelease(shared_ptr<istream> file_stream)
    return genError("Os release was not found");
 }

+Maybe<string>
+getWaapModelVersion(shared_ptr<istream> file_stream)
+{
+    string line;
+    static const int max_lines = 5;
+    int i = 0;
+    bool found_key = false;
+    while (i < max_lines && getline(*file_stream, line)) {
+        if (!found_key) {
+            size_t index = line.find("\"model_version\":");
+            if (index != string::npos) {
+                found_key = true;
+            }
+        } else {
+            size_t start = line.find_first_of('"');
+            size_t end = line.find_last_of('"');
+            if (start != string::npos && end != string::npos && end > start) {
+                return line.substr(start + 1, end - start - 1);
+            } else {
+                return genError("Model version value unreadable");
+            }
+        }
+        i++;
+    }
+
+    return genError("Model version was not found");
+}
+
 #if defined(alpine)
 string &
 ltrim(string &s)
--- a/components/security_apps/orchestration/details_resolver/details_resolver_handlers/details_resolver_impl.h
+++ b/components/security_apps/orchestration/details_resolver/details_resolver_handlers/details_resolver_impl.h
@@ -55,6 +55,19 @@ SHELL_CMD_HANDLER(
 #if defined(gaia)
 SHELL_CMD_HANDLER("hasSupportedBlade", "enabled_blades", checkHasSupportedBlade)
 SHELL_CMD_HANDLER("hasSamlPortal", "mpclient status saml-vpn", checkSamlPortal)
+SHELL_CMD_HANDLER("requiredNanoServices", "mpclient status saml-vpn", getIDAGaia)
+SHELL_CMD_HANDLER(
+    "cpProductIntegrationMgmtParentObjectName",
+    "cat $FWDIR/database/myself_objects.C "
+    "| awk -F '[:()]' '/:cluster_object/ {found=1; next} found && /:Name/ {print $3; exit}'",
+    getMgmtParentObjName
+)
+SHELL_CMD_HANDLER(
+    "cpProductIntegrationMgmtParentObjectUid",
+    "cat $FWDIR/database/myself_objects.C "
+    "| awk -F'[{}]' '/:cluster_object/ { found=1; next } found && /:Uid/ { uid=tolower($2); print uid; exit }'",
+    getMgmtParentObjUid
+)
 SHELL_CMD_HANDLER(
    "Hardware",
    "cat $FWDIR/database/myself_objects.C | awk -F '[:()]' '/:appliance_type/ {print $3}' | head -n 1",
@@ -81,12 +94,12 @@ SHELL_CMD_HANDLER(
 SHELL_CMD_HANDLER(
    "cpProductIntegrationMgmtParentObjectName",
    "cpsdwan get_data | jq -r .cluster_name",
-    getMgmtParentObjName
+    getSmbMgmtParentObjName
 )
 SHELL_CMD_HANDLER(
    "cpProductIntegrationMgmtParentObjectUid",
    "cpsdwan get_data | jq -r .cluster_uuid",
-    getMgmtParentObjUid
+    getSmbMgmtParentObjUid
 )
 SHELL_CMD_HANDLER(
    "cpProductIntegrationMgmtObjectName",
@@ -143,4 +156,6 @@ FILE_CONTENT_HANDLER(
 FILE_CONTENT_HANDLER("os_release", "/etc/os-release", getOsRelease)
 #endif // gaia || smb

+FILE_CONTENT_HANDLER("AppSecModelVersion", "/etc/cp/conf/waap/waap.data", getWaapModelVersion)
+
 #endif // FILE_CONTENT_HANDLER
--- a/components/security_apps/orchestration/details_resolver/details_resolving_handler.cc
+++ b/components/security_apps/orchestration/details_resolver/details_resolving_handler.cc
@@ -22,6 +22,7 @@
 #include "maybe_res.h"
 #include "enum_array.h"
 #include "i_shell_cmd.h"
+#include "i_orchestration_tools.h"
 #include "config.h"

 using namespace std;
@@ -77,7 +78,8 @@ DetailsResolvingHanlder::Impl::getResolvedDetails() const
        const string &path = file_handler.second.first;
        FileContentHandler handler = file_handler.second.second;

-        shared_ptr<ifstream> in_file = make_shared<ifstream>(path);
+        shared_ptr<ifstream> in_file =
+            Singleton::Consume<I_OrchestrationTools>::by<DetailsResolvingHanlder>()->fileStreamWrapper(path);
        if (!in_file->is_open()) {
            dbgWarning(D_AGENT_DETAILS) << "Could not open file for processing. Path: " << path;
            continue;
--- a/components/security_apps/orchestration/details_resolver/details_resolving_handler.h
+++ b/components/security_apps/orchestration/details_resolver/details_resolving_handler.h
@@ -18,11 +18,13 @@
 #include <map>

 #include "i_shell_cmd.h"
+#include "i_orchestration_tools.h"
 #include "i_agent_details_reporter.h"

 class DetailsResolvingHanlder
        :
    Singleton::Consume<I_ShellCmd>,
+    Singleton::Consume<I_OrchestrationTools>,
    Singleton::Consume<I_AgentDetailsReporter>
 {
 public: