github_mirrors/openappsec
3
0
Fork 1
mirror of https://github.com/openappsec/openappsec.git synced 2025-09-29 19:24:26 +03:00
Code Issues Packages Projects Releases Wiki Activity

June 27th update

Browse Source
This commit is contained in:
Ned Wright
2024-06-27 11:19:35 +00:00
parent 81b1aec487
commit 78b114a274
81 changed files with 1783 additions and 702 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
core/intelligence_is_v2/include/intelligence_request.h
View File

@@ -29,10 +29,11 @@ public:
const std::vector<QueryRequest> &queries,
bool is_pretty,
bool is_bulk,
bool _is_proxy,
const MessageMetadata &req_md
)
:
queries(queries), is_pretty(is_pretty), is_bulk(is_bulk), req_md(req_md)
queries(queries), is_pretty(is_pretty), is_bulk(is_bulk), is_proxy(_is_proxy), req_md(req_md)
{}
Maybe<void> checkAssetsLimit() const;
@@ -51,6 +52,7 @@ private:
const std::vector<QueryRequest> &queries;
bool is_pretty = true;
bool is_bulk = false;
bool is_proxy = false;
Maybe<std::string> response_from_fog = genError("Uninitialized");
const MessageMetadata &req_md;
};

12
core/intelligence_is_v2/intelligence_comp_v2.cc
View File

@@ -340,10 +340,11 @@ public:
const vector<QueryRequest> &query_requests,
bool is_pretty,
bool is_bulk,
bool is_proxy,
const MessageMetadata &req_md
) const override
{
IntelligenceRequest intelligence_req(query_requests, is_pretty, is_bulk, req_md);
IntelligenceRequest intelligence_req(query_requests, is_pretty, is_bulk, is_proxy, req_md);
if (!intelligence_req.checkAssetsLimit().ok()) return intelligence_req.checkAssetsLimit().passErr();
if (!intelligence_req.checkMinConfidence().ok()) return intelligence_req.checkMinConfidence().passErr();
if (intelligence_req.isPagingActivated()) {
@@ -357,10 +358,15 @@ public:
}
Maybe<Intelligence::Response>
getResponse(const QueryRequest &query_request, bool is_pretty, const MessageMetadata &req_md) const override
getResponse(
const QueryRequest &query_request,
bool is_pretty,
bool is_proxy,
const MessageMetadata &req_md
) const override
{
vector<QueryRequest> queries = {query_request};
return getResponse(queries, is_pretty, false, req_md);
return getResponse(queries, is_pretty, false, is_proxy, req_md);
}
private:

6
core/intelligence_is_v2/intelligence_is_v2_ut/intelligence_comp_v2_ut.cc
View File

@@ -131,7 +131,7 @@ TEST_F(IntelligenceComponentMockTest, getResponseErrorTest)
QueryRequest request(Condition::EQUALS, "category", "cloud", true);
Maybe<Intelligence::Response> res_error = genError("Test error");
EXPECT_CALL(intelligence_mock, getResponse(_, _, _)
EXPECT_CALL(intelligence_mock, getResponse(_, _, _, _)
).WillOnce(Return(res_error));
auto maybe_ans = intell->queryIntelligence<Profile>(request);
@@ -185,7 +185,7 @@ TEST_F(IntelligenceComponentMockTest, getResponseTest)
Intelligence::Response response(response_str, 1, false);
EXPECT_CALL(intelligence_mock, getResponse(_, _, _)
EXPECT_CALL(intelligence_mock, getResponse(_, _, _, _)
).WillOnce(Return(response));
auto maybe_ans = intell->queryIntelligence<Profile>(request);
@@ -346,7 +346,7 @@ TEST_F(IntelligenceComponentMockTest, bulkOnlineIntelligenceMockTest)
);
Intelligence::Response response(response_str, 4, true);
EXPECT_CALL(intelligence_mock, getResponse(_, _, _, _)
EXPECT_CALL(intelligence_mock, getResponse(_, _, _, _, _)
).WillOnce(Return(response));
auto maybe_ans = intell->queryIntelligence<Profile>(requests);

87
core/intelligence_is_v2/intelligence_is_v2_ut/intelligence_query_v2_ut.cc
View File

@@ -24,9 +24,33 @@ USE_DEBUG_FLAG(D_INTELLIGENCE);
TEST(IntelligenceQueryTestV2, genJsonPrettySingleRequest) {
QueryRequest request(Condition::EQUALS, "phase", "testing", true);
vector<QueryRequest> requests = {request};
Intelligence::IntelligenceRequest query(requests, true, false, MessageMetadata("", 0));
Intelligence::IntelligenceRequest query(requests, true, false, false, MessageMetadata("", 0));
std::string expected = "{\n"
" \"queryTypes\": {\n"
" \"proxyToCloud\": false\n"
" },\n"
" \"limit\": 20,\n"
" \"fullResponse\": true,\n"
" \"query\": {\n"
" \"operator\": \"equals\",\n"
" \"key\": \"mainAttributes.phase\",\n"
" \"value\": \"testing\"\n"
" }\n"
"}";
EXPECT_EQ(*query.genJson(), expected);
}
TEST(IntelligenceQueryTestV2, genJsonPrettySingleRequestProxied) {
QueryRequest request(Condition::EQUALS, "phase", "testing", true);
vector<QueryRequest> requests = {request};
Intelligence::IntelligenceRequest query(requests, true, false, true, MessageMetadata("", 0));
std::string expected = "{\n"
" \"queryTypes\": {\n"
" \"proxyToCloud\": true\n"
" },\n"
" \"limit\": 20,\n"
" \"fullResponse\": true,\n"
" \"query\": {\n"
@@ -42,9 +66,12 @@ TEST(IntelligenceQueryTestV2, genJsonPrettySingleRequest) {
TEST(IntelligenceQueryTestV2, genJsonUnprettySingleRequest) {
QueryRequest request(Condition::EQUALS, "phase", "testing", true);
vector<QueryRequest> requests = {request};
Intelligence::IntelligenceRequest query(requests, false, false, MessageMetadata("", 0));
Intelligence::IntelligenceRequest query(requests, false, false, false, MessageMetadata("", 0));
std::string expected = "{"
"\"queryTypes\":{"
"\"proxyToCloud\":false"
"},"
"\"limit\":20,"
"\"fullResponse\":true,"
"\"query\":{"
@@ -59,8 +86,11 @@ TEST(IntelligenceQueryTestV2, genJsonUnprettySingleRequest) {
TEST(IntelligenceQueryTestV2, genJsonUnprettySingleRequestSpaces) {
QueryRequest request(Condition::EQUALS, "ph ase", "te sti\" n g\\", true);
vector<QueryRequest> requests = {request};
Intelligence::IntelligenceRequest query(requests, false, false, MessageMetadata("", 0));
Intelligence::IntelligenceRequest query(requests, false, false, false, MessageMetadata("", 0));
std::string expected = "{"
"\"queryTypes\":{"
"\"proxyToCloud\":false"
"},"
"\"limit\":20,"
"\"fullResponse\":true,"
"\"query\":{"
@@ -76,9 +106,53 @@ TEST(IntelligenceQueryTestV2, genJsonPrettyBulkRequests) {
QueryRequest request1(Condition::EQUALS, "phase", "testing", true);
QueryRequest request2(Condition::EQUALS, "height", "testing", 25);
std::vector<QueryRequest> requests = {request1, request2};
Intelligence::IntelligenceRequest query(requests, true, true, MessageMetadata("", 0));
Intelligence::IntelligenceRequest query(requests, true, true, false, MessageMetadata("", 0));
std::string expected = "{\n"
" \"queryTypes\": {\n"
" \"proxyToCloud\": false\n"
" },\n"
" \"queries\": [\n"
" {\n"
" \"query\": {\n"
" \"limit\": 20,\n"
" \"fullResponse\": true,\n"
" \"query\": {\n"
" \"operator\": \"equals\",\n"
" \"key\": \"mainAttributes.phase\",\n"
" \"value\": \"testing\"\n"
" }\n"
" },\n"
" \"index\": 0\n"
" },\n"
" {\n"
" \"query\": {\n"
" \"limit\": 20,\n"
" \"fullResponse\": true,\n"
" \"query\": {\n"
" \"operator\": \"equals\",\n"
" \"key\": \"mainAttributes.height\",\n"
" \"value\": \"testing\"\n"
" }\n"
" },\n"
" \"index\": 1\n"
" }\n"
" ]\n"
"}";
EXPECT_EQ(*query.genJson(), expected);
}
TEST(IntelligenceQueryTestV2, genJsonPrettyBulkRequestsProxied) {
QueryRequest request1(Condition::EQUALS, "phase", "testing", true);
QueryRequest request2(Condition::EQUALS, "height", "testing", 25);
std::vector<QueryRequest> requests = {request1, request2};
Intelligence::IntelligenceRequest query(requests, true, true, true, MessageMetadata("", 0));
std::string expected = "{\n"
" \"queryTypes\": {\n"
" \"proxyToCloud\": true\n"
" },\n"
" \"queries\": [\n"
" {\n"
" \"query\": {\n"
@@ -114,9 +188,12 @@ TEST(IntelligenceQueryTestV2, genJsonUnprettyBulkRequest) {
QueryRequest request1(Condition::EQUALS, "phase", "testing", true);
QueryRequest request2(Condition::EQUALS, "height", "testing", 25);
std::vector<QueryRequest> requests = {request1, request2};
Intelligence::IntelligenceRequest query(requests, false, true, MessageMetadata("", 0));
Intelligence::IntelligenceRequest query(requests, false, true, false, MessageMetadata("", 0));
std::string expected = "{"
"\"queryTypes\":{"
"\"proxyToCloud\":false"
"},"
"\"queries\":[{"
"\"query\":{"
"\"limit\":20,"

56
core/intelligence_is_v2/intelligence_is_v2_ut/query_request_v2_ut.cc
View File

@@ -705,3 +705,59 @@ TEST(QueryRequestTestV2, UninitializedObjectTypeTest)
EXPECT_THAT(debug_output.str(), HasSubstr(debug_str));
Debug::setNewDefaultStdout(&cout);
}
TEST(QueryRequestTestV2, Bug40968)
{
QueryRequest request(Intelligence_IS_V2::Condition::EQUALS, "field1", "123", false);
QueryRequest filter1(Intelligence_IS_V2::Condition::EQUALS, "field2", "123", false);
request = request || filter1;
QueryRequest filter2(Intelligence_IS_V2::Condition::NOT_EQUALS, "field3", "123", false);
request = request && filter2;
QueryRequest filter3(Intelligence_IS_V2::Condition::EQUALS, "field3", "234", false);
request = request && filter3;
stringstream out2;
{
cereal::JSONOutputArchive out_ar2(out2);
request.saveToJson(out_ar2);
}
string req =
"{\n"
" \"limit\": 20,\n"
" \"fullResponse\": false,\n"
" \"query\": {\n"
" \"operator\": \"and\",\n"
" \"operands\": [\n"
" {\n"
" \"operator\": \"or\",\n"
" \"operands\": [\n"
" {\n"
" \"operator\": \"equals\",\n"
" \"key\": \"mainAttributes.field1\",\n"
" \"value\": \"123\"\n"
" },\n"
" {\n"
" \"operator\": \"equals\",\n"
" \"key\": \"mainAttributes.field2\",\n"
" \"value\": \"123\"\n"
" }\n"
" ]\n"
" },\n"
" {\n"
" \"operator\": \"notEquals\",\n"
" \"key\": \"mainAttributes.field3\",\n"
" \"value\": \"123\"\n"
" },\n"
" {\n"
" \"operator\": \"equals\",\n"
" \"key\": \"mainAttributes.field3\",\n"
" \"value\": \"234\"\n"
" }\n"
" ]\n"
" }\n"
"}";
EXPECT_EQ(out2.str(), req);
}

6
core/intelligence_is_v2/intelligence_request.cc
View File

@@ -89,6 +89,12 @@ IntelligenceRequest::genJson() const
JsonStream json_stream(&str_stream, is_pretty);
{
cereal::JSONOutputArchive out_ar(json_stream);
out_ar.setNextName("queryTypes");
out_ar.startNode();
out_ar(cereal::make_nvp("proxyToCloud", is_proxy));
out_ar.finishNode();
if (isBulk()) {
out_ar.setNextName("queries");
out_ar.startNode();

56
core/intelligence_is_v2/query_filter_v2.cc
View File

@@ -65,6 +65,11 @@ SerializableQueryFilter::SerializableQueryFilter(
condition_operands.emplace_back(condition_type, key, value);
}
SerializableQueryFilter::SerializableQueryFilter(const SerializableQueryCondition &condition)
{
condition_operands.push_back(condition);
}
SerializableQueryFilter::SerializableQueryFilter(
Condition condition_type,
@@ -159,31 +164,38 @@ SerializableQueryFilter::calcOperator(const SerializableQueryFilter &other_query
query_filter_res.operator_type = oper;
if (isOperatorComp(oper) && other_query.isOperatorComp(oper)) {
size_t queries_size = queries_operands.size() + other_query.queries_operands.size();
size_t conditions_size = condition_operands.size() + other_query.condition_operands.size();
query_filter_res.queries_operands.reserve(queries_size);
query_filter_res.condition_operands.reserve(conditions_size);
for (const auto &subquery : queries_operands) {
query_filter_res.queries_operands.push_back(subquery);
}
for (const auto &condition : condition_operands) {
query_filter_res.condition_operands.push_back(condition);
}
for (const auto &subquery : other_query.queries_operands) {
query_filter_res.queries_operands.push_back(subquery);
}
for (const auto &condition : other_query.condition_operands) {
query_filter_res.condition_operands.push_back(condition);
}
} else {
if (!isOperatorComp(oper) || !other_query.isOperatorComp(oper)) {
query_filter_res.queries_operands.reserve(2);
query_filter_res.queries_operands.push_back(*this);
query_filter_res.queries_operands.push_back(other_query);
return query_filter_res;
}
if (!condition_operands.empty() && !other_query.condition_operands.empty()) {
query_filter_res.condition_operands.reserve(queries_operands.size() + other_query.queries_operands.size());
for (const auto &condition : condition_operands) {
query_filter_res.condition_operands.push_back(condition);
}
for (const auto &condition : other_query.condition_operands) {
query_filter_res.condition_operands.push_back(condition);
}
return query_filter_res;
}
size_t queries_size = queries_operands.size() + other_query.queries_operands.size();
size_t conditions_size = condition_operands.size() + other_query.condition_operands.size();
query_filter_res.queries_operands.reserve(queries_size + conditions_size);
for (const auto &subquery : queries_operands) {
query_filter_res.queries_operands.push_back(subquery);
}
for (const auto &condition : condition_operands) {
query_filter_res.queries_operands.emplace_back(condition);
}
for (const auto &subquery : other_query.queries_operands) {
query_filter_res.queries_operands.push_back(subquery);
}
for (const auto &condition : other_query.condition_operands) {
query_filter_res.queries_operands.emplace_back(condition);
}
return query_filter_res;