Merge branch 'main' into feat/1.17-release-notes

minvws · Oct 9, 2024 · 84c96c7 · 84c96c7
2 parents 36ecc6c + 9aab666
commit 84c96c7
Show file tree

Hide file tree

Showing 14 changed files with 86 additions and 14 deletions.
diff --git a/boefjes/boefjes/plugins/kat_dns_version/main.py b/boefjes/boefjes/plugins/kat_dns_version/main.py
@@ -14,7 +14,7 @@ def run(boefje_meta: BoefjeMeta) -> list[tuple[set, str | bytes]]:
     input_ = boefje_meta.arguments["input"]  # input is IPService
     ip_port = input_["ip_port"]
     if input_["service"]["name"] != "domain":
-        return [({"boefje/error"}, "Not a DNS service")]
+        return [({"error/boefje"}, "Not a DNS service")]
 
     ip = ip_port["address"]["address"]
     port = int(ip_port["port"])

diff --git a/boefjes/boefjes/plugins/kat_service_banner/main.py b/boefjes/boefjes/plugins/kat_service_banner/main.py
@@ -17,7 +17,7 @@ def get_sock(ip, port, timeout):
 
 def get_banner(sock):
     if not sock:
-        return [({"boefje/error"}, "Unable to connect to the service")]
+        return [({"error/boefje"}, "Unable to connect to the service")]
     try:
         sock.settimeout(TIMEOUT)
         banner = sock.recv(1024)
@@ -28,7 +28,7 @@ def get_banner(sock):
         sock.close()
         return [({"openkat/service-banner"}, banner)]
     except Exception as e:
-        return [({"boefje/error"}, f"Unable to get banner. {str(e)}")]
+        return [({"error/boefje"}, f"Unable to get banner. {str(e)}")]
 
 
 def run(boefje_meta: BoefjeMeta) -> list[tuple[set, str | bytes]]:

diff --git a/boefjes/tests/examples/raw/leakix-example.com-output.txt b/boefjes/tests/examples/raw/leakix-example.com-output.txt
diff --git a/octopoes/bits/default_findingtype_risk/__init__.py b/octopoes/bits/default_findingtype_risk/__init__.py
diff --git a/octopoes/bits/default_findingtype_risk/bit.py b/octopoes/bits/default_findingtype_risk/bit.py
@@ -0,0 +1,10 @@
+from bits.definitions import BitDefinition
+from octopoes.models.ooi.findings import FindingType
+
+BIT = BitDefinition(
+    id="default-findingtype-risk",
+    consumes=FindingType,
+    parameters=[],
+    module="bits.default_findingtype_risk.default_findingtype_risk",
+    min_scan_level=0,
+)
diff --git a/octopoes/bits/default_findingtype_risk/default_findingtype_risk.py b/octopoes/bits/default_findingtype_risk/default_findingtype_risk.py
@@ -0,0 +1,17 @@
+from collections.abc import Iterator
+from typing import Any
+
+from octopoes.models import OOI
+from octopoes.models.ooi.findings import FindingType, RiskLevelSeverity
+
+
+def run(input_ooi: FindingType, additional_oois: list, config: dict[str, Any]) -> Iterator[OOI]:
+    value_set = False
+    if not input_ooi.risk_severity:
+        input_ooi.risk_severity = RiskLevelSeverity.PENDING
+        value_set = True
+    if not input_ooi.risk_score:
+        input_ooi.risk_score = 0
+        value_set = True
+    if value_set:
+        yield input_ooi
diff --git a/octopoes/octopoes/models/ooi/findings.py b/octopoes/octopoes/models/ooi/findings.py
@@ -39,8 +39,8 @@ class FindingType(OOI):
     impact: str | None = None
     recommendation: str | None = None
 
-    risk_score: float | None = 0.0
-    risk_severity: RiskLevelSeverity | None = RiskLevelSeverity.PENDING
+    risk_score: float | None = None
+    risk_severity: RiskLevelSeverity | None = None
 
     _natural_key_attrs = ["id"]
     _traversable = False

diff --git a/octopoes/tests/test_bit_default_findingtype_risk.py b/octopoes/tests/test_bit_default_findingtype_risk.py
@@ -0,0 +1,25 @@
+from bits.default_findingtype_risk.default_findingtype_risk import run as run_default_findingtype_risk
+
+from octopoes.models.ooi.findings import KATFindingType, RiskLevelSeverity
+
+
+def test_default_findingtype_risk_pending():
+    test_finding_type = KATFindingType(id="KAT-TEST")
+
+    assert test_finding_type.risk_severity is None
+    assert test_finding_type.risk_score is None
+
+    results = list(run_default_findingtype_risk(test_finding_type, [], {}))
+
+    expected_result = results[0]
+    assert isinstance(expected_result, KATFindingType)
+    assert expected_result.risk_severity == RiskLevelSeverity.PENDING, "Risk Severity None should default to pending"
+    assert expected_result.risk_score == 0, "Risk Score None should default to 0"
+
+
+def test_default_findingtype_risk_unkown():
+    test_finding_type = KATFindingType(id="KAT-TEST", risk_severity=RiskLevelSeverity.UNKNOWN, risk_score=5)
+
+    results = list(run_default_findingtype_risk(test_finding_type, [], {}))
+
+    assert results == [], "Bit should not output anything when risk_severity or risk_score are set"
diff --git a/rocky/katalogus/views/boefje_setup.py b/rocky/katalogus/views/boefje_setup.py
@@ -2,6 +2,7 @@
 from datetime import datetime
 from urllib.parse import urlencode
 
+import structlog
 from account.mixins import OrganizationPermissionRequiredMixin, OrganizationView
 from django.urls import reverse
 from django.views.generic.edit import FormView
@@ -10,6 +11,8 @@
 from katalogus.client import Boefje, DuplicatePluginError, KATalogusNotAllowedError, get_katalogus
 from octopoes.models.types import type_by_name
 
+logger = structlog.get_logger(__name__)
+
 
 class BoefjeSetupView(OrganizationPermissionRequiredMixin, OrganizationView, FormView):
     """Setup view for creating new Boefjes and variants"""
@@ -41,6 +44,7 @@ def form_valid(self, form):
         plugin = create_boefje_with_form_data(form_data, self.plugin_id, self.created)
 
         try:
+            logger.info("Creating boefje", event_code=800025, boefje=plugin)
             self.katalogus.create_plugin(plugin)
             return super().form_valid(form)
         except DuplicatePluginError as error:
@@ -95,6 +99,7 @@ def form_valid(self, form):
         plugin = create_boefje_with_form_data(form_data, self.plugin_id, self.created)
 
         try:
+            logger.info("Creating boefje", event_code=800025, boefje=plugin)
             self.katalogus.create_plugin(plugin)
             return super().form_valid(form)
         except DuplicatePluginError as error:
@@ -164,6 +169,7 @@ def form_valid(self, form):
         plugin = create_boefje_with_form_data(form_data, self.plugin_id, self.created)
 
         try:
+            logger.info("Editing boefje", event_code=800026, boefje=plugin)
             self.katalogus.edit_plugin(plugin)
             return super().form_valid(form)
         except DuplicatePluginError as error:

diff --git a/rocky/katalogus/views/plugin_enable_disable.py b/rocky/katalogus/views/plugin_enable_disable.py
@@ -1,3 +1,4 @@
+import structlog
 from django.contrib import messages
 from django.http import HttpResponseRedirect
 from django.shortcuts import redirect
@@ -6,12 +7,15 @@
 
 from katalogus.views.mixins import SinglePluginView
 
+logger = structlog.get_logger(__name__)
+
 
 class PluginEnableDisableView(SinglePluginView):
     def post(self, request, *args, **kwargs):
         plugin_state = kwargs["plugin_state"]
 
         if plugin_state == "True":
+            logger.info("Disabling plugin", event_code=800022, plugin=self.plugin.name)
             self.katalogus_client.disable_plugin(self.plugin)
             messages.add_message(
                 self.request,
@@ -21,6 +25,7 @@ def post(self, request, *args, **kwargs):
             return HttpResponseRedirect(request.POST.get("current_url"))
 
         if self.plugin.can_scan(self.organization_member):
+            logger.info("Enabling plugin", event_code=800021, plugin=self.plugin.name)
             self.katalogus_client.enable_plugin(self.plugin)
             messages.add_message(
                 self.request, messages.SUCCESS, _("{} '{}' enabled.").format(self.plugin.type.title(), self.plugin.name)

diff --git a/rocky/katalogus/views/plugin_settings_add.py b/rocky/katalogus/views/plugin_settings_add.py
@@ -1,3 +1,4 @@
+import structlog
 from account.mixins import OrganizationPermissionRequiredMixin
 from django.contrib import messages
 from django.shortcuts import redirect
@@ -9,6 +10,8 @@
 from katalogus.forms import PluginSchemaForm
 from katalogus.views.mixins import SinglePluginView
 
+logger = structlog.get_logger(__name__)
+
 
 class PluginSettingsAddView(OrganizationPermissionRequiredMixin, SinglePluginView, FormView):
     """View to add a general setting for all plugins in KAT-alogus"""
@@ -44,6 +47,7 @@ def form_valid(self, form):
             return redirect(self.get_success_url())
 
         try:
+            logger.info("Adding plugin settings", event_code=800023, plugin=self.plugin.name)
             self.katalogus_client.upsert_plugin_settings(self.plugin.id, form.cleaned_data)
             messages.add_message(self.request, messages.SUCCESS, _("Added settings for '{}'").format(self.plugin.name))
         except HTTPError:
@@ -52,6 +56,7 @@ def form_valid(self, form):
 
         if "add-enable" in self.request.POST:
             try:
+                logger.info("Enabling plugin", event_code=800021, plugin=self.plugin.name)
                 self.katalogus_client.enable_plugin(self.plugin)
             except HTTPError:
                 messages.add_message(self.request, messages.ERROR, _("Enabling {} failed").format(self.plugin.name))

diff --git a/rocky/katalogus/views/plugin_settings_delete.py b/rocky/katalogus/views/plugin_settings_delete.py
@@ -1,3 +1,4 @@
+import structlog
 from account.mixins import OrganizationPermissionRequiredMixin
 from django.contrib import messages
 from django.http import HttpResponseRedirect
@@ -8,6 +9,8 @@
 
 from katalogus.views.mixins import SinglePluginView
 
+logger = structlog.get_logger(__name__)
+
 
 class PluginSettingsDeleteView(OrganizationPermissionRequiredMixin, SinglePluginView, TemplateView):
     template_name = "plugin_settings_delete.html"
@@ -55,6 +58,7 @@ def get_success_url(self):
 
     def delete(self, request, *args, **kwargs):
         try:
+            logger.info("Deleting plugin settings", event_code=800024, plugin=self.plugin.name)
             self.katalogus_client.delete_plugin_settings(self.plugin.id)
             messages.add_message(
                 request, messages.SUCCESS, _("Settings for plugin {} successfully deleted.").format(self.plugin.name)

diff --git a/rocky/tests/integration/test_reports.py b/rocky/tests/integration/test_reports.py
@@ -294,25 +294,25 @@ def test_multi_report(
     assert multi_data["asset_vulnerabilities"] == [
         {
             "asset": "IPAddressV6|test|3e4d:64a2:cb49:bd48:a1ba:def3:d15d:9230",
-            "vulnerabilities": {"CVE-2018-20677": 0.0, "CVE-2019-8331": 0.0, "RetireJS-jquerymigrate-f3a3": 0.0},
+            "vulnerabilities": {"CVE-2018-20677": None, "CVE-2019-8331": None, "RetireJS-jquerymigrate-f3a3": None},
             "organisation": "test-test_multi_report",
             "services": ["Web"],
         },
         {
             "asset": "IPAddressV4|test|192.0.2.3",
-            "vulnerabilities": {"CVE-2018-20677": 0.0, "CVE-2019-8331": 0.0, "RetireJS-jquerymigrate-f3a3": 0.0},
+            "vulnerabilities": {"CVE-2018-20677": None, "CVE-2019-8331": None, "RetireJS-jquerymigrate-f3a3": None},
             "organisation": "test-test_multi_report",
             "services": ["Dicom", "Mail", "Other", "Web"],
         },
         {
             "asset": "IPAddressV6|test|3e4d:64a2:cb49:bd48:a1ba:def3:d15d:9230",
-            "vulnerabilities": {"CVE-2018-20677": 0.0, "CVE-2019-8331": 0.0, "RetireJS-jquerymigrate-f3a3": 0.0},
+            "vulnerabilities": {"CVE-2018-20677": None, "CVE-2019-8331": None, "RetireJS-jquerymigrate-f3a3": None},
             "organisation": "test-test_multi_report-2",
             "services": ["Web"],
         },
         {
             "asset": "IPAddressV4|test|192.0.2.3",
-            "vulnerabilities": {"CVE-2018-20677": 0.0, "CVE-2019-8331": 0.0, "RetireJS-jquerymigrate-f3a3": 0.0},
+            "vulnerabilities": {"CVE-2018-20677": None, "CVE-2019-8331": None, "RetireJS-jquerymigrate-f3a3": None},
             "organisation": "test-test_multi_report-2",
             "services": ["Dicom", "Mail", "Other", "Web"],
         },
@@ -377,9 +377,9 @@ def test_multi_report(
         "Web": {"number_of_available": 4, "number_of_ips": 4, "number_of_valid": 4, "rpki_ips": True},
     }
     assert multi_data["system_vulnerabilities"] == {
-        "CVE-2018-20677": {"cvss": 0.0, "Web": 4, "Dicom": 2, "Mail": 2, "Other": 2},
-        "CVE-2019-8331": {"cvss": 0.0, "Web": 4, "Dicom": 2, "Mail": 2, "Other": 2},
-        "RetireJS-jquerymigrate-f3a3": {"cvss": 0.0, "Web": 4, "Dicom": 2, "Mail": 2, "Other": 2},
+        "CVE-2018-20677": {"cvss": None, "Web": 4, "Dicom": 2, "Mail": 2, "Other": 2},
+        "CVE-2019-8331": {"cvss": None, "Web": 4, "Dicom": 2, "Mail": 2, "Other": 2},
+        "RetireJS-jquerymigrate-f3a3": {"cvss": None, "Web": 4, "Dicom": 2, "Mail": 2, "Other": 2},
     }
     assert multi_data["ipv6"] == {
         "Dicom": {"total": 2, "enabled": 2},

diff --git a/rocky/tests/reports/test_vulnerability_report.py b/rocky/tests/reports/test_vulnerability_report.py
@@ -82,7 +82,7 @@ def test_vulnerability_report_finding_no_score(
     data = report.collect_data([str(hostname.reference)], valid_time)[str(hostname.reference)]
 
     assert data[str(ipaddressv4.reference)]["vulnerabilities"]["CVE-2023-38408"]["cvss"]["score"] == 9.8
-    assert data[str(ipaddressv4.reference)]["vulnerabilities"]["CVE-0000-0001"]["cvss"]["score"] == 0
+    assert data[str(ipaddressv4.reference)]["vulnerabilities"]["CVE-0000-0001"]["cvss"]["score"] is None
     assert data[str(ipaddressv4.reference)]["summary"]["total_criticals"] == 1
     assert data[str(ipaddressv4.reference)]["summary"]["total_findings"] == 2