trafficstars

Description

This pull request replaces the management of configuration by the plugins.

Changes:

Create new services to manage the configuration
- Configuration (common)
- ConfigurationStore (frontend and backend side)
- Adapt the replacement of configuration services:
  - Frontend:
    - Configure through the App Settings application
  - Backend:
    - Refactor the ReportPrinter service to create the PDF reports, now uses the new Configuration service
    - Jobs
    - services to get the top agents with alerts related to some specific condition
Add a new field store in the plugin setting
Move some backend services to properties of ManageHosts service:
- CacheAPIUserAllowRunAs
- ServerAPIHostEntries
Create button components that open a flyout
Enhance the useForm hook to allow dynamic inputs
Create password input form component
Add a new setting type arrayOf
Refactor AddAPI component
- Remove old one
- Create form to add or edit an API host from Server APIs application
- Refactor the management to display the new add API view
- Remove unused controller methods to adding the new API host view
Add buttons to edit or delete the API host entry to the table on Server APIs application
The table in Server APIs application now displays a message when there are not configured APIs
Remove deprecated services related to previous configuration
- Common:
  - getCategorySettingByTitle
  - getSettingDefaultValue
  - getSettingsDefault
  - getSettingsByCategories
  - getSettingsDefaultList
  - groupSettingsByCategory
  - getPluginSettingDescription
  - getCustomizationSetting: moved to the Configuration instance of the backend side
- Backend:
  - getConfiguration
  - services related to the creation of the initial file configuration
Create new endpoints to manage the configuration
- POST /utils/configuration/clear: clear the configuration stored in the saved object
Create new endpoints and controllers to manage the API host entries
- PUT /hosts/apis/{id}: add or update an existing API host entry
- DELETE /hosts/apis/{id}: remove an existing API host entry
Refactor the validation of endpoints taking into account the dynamic configuration instead of static
- PUT /utils/configuration
- PUT /utils/configuration/files/{key}
- DELETE /utils/configuration/files/{key}
Move the API is down view - Remove render through AngularJS template - Remove properties defined in controller - Add a new callout to render in Server APIs - Include a button that opens a flyout with a basic troubleshooting
Create processes to setup or migrate the previous configuration:
- Server side
- Script
Replace the consideration of "administrator" user based on API roles to platform permission to use the rest API based on platform roles:
- Create a new endpoint to get data about the account:
- GET /utils/account: gives information about if the user is an user considered as "administrator" for the plugins.
- Refactor the protection of some views with the "administrator" user.
  - Sample data
  - App Settings
- Refactor the WzButtonPermissions buttons to use the administrator check instead of based on checking the "administrator" API roles.
- Create a decorator to protect the API routes and protect them
Create a frontend service to manage the dashboardSecurity
- Replace the request to get the current platform by method provided by the service
Create a button component that opens a flyout
Create a password form input
Adapted the unit tests

Issues Resolved

#6201

Evidence

Generic view
Add API entry
Edit and remove buttons
Warning about API could be down:

Test

configuration-saved-object

Legend: :black_circle:: none :green_circle:: pass :yellow_circle:: warning :red_circle:: fail :white_circle:: not applicable

UI

Test	Chrome	Firefox	Safari
With no API hosts added, go to Server APIs application and should display an empty table.	:black_circle:	:black_circle:	:black_circle:
With an administrator user, go to Server APIs, click on Add API connection and fill the form with a valid API host. The API host should be added and the table should be udpated.	:black_circle:	:black_circle:	:black_circle:
With an administrator user and API hosts added, go to Server APIs, and edit some of them. Try editing some field or multiple fields. The API host entry should be updated and the new values should be displayed in the table.	:black_circle:	:black_circle:	:black_circle:
With an administrator user and API hosts added, go to Server APIs, and remove some of them. The API host entries should be updated.	:black_circle:	:black_circle:	:black_circle:
With API hosts entries added, ensure the host key in the saved object of the configuration is encrypted.	:black_circle:	:black_circle:	:black_circle:
With a stopped API entry, go to Server APIs application and should display a callout about the problem.	:black_circle:	:black_circle:	:black_circle:
Without stored object of configuration and a configuration defined on a wazuh.yml configuration file, use the script wazuh-core/scripts/setup-configuration. The configuration should be updated into the saved object.	:black_circle:	:black_circle:	:black_circle:
With a stored object of configuration and a configuration defined on a wazuh.yml configuration file, use the script wazuh-core/scripts/setup-configuration. The configuration should be updated into the saved object and ensure the previous configuration is not present. Use the clear option.	:black_circle:	:black_circle:	:black_circle:
With a non administrator user, go to App Settings, a prompt should display the user has no permissions	:black_circle:	:black_circle:	:black_circle:
With a non administrator user, go to Server APIs, the Add API connection, edit and remove button should be disabled displaying a message related to missing permissions.	:black_circle:	:black_circle:	:black_circle:

Details

:black_circle: With no API hosts added, go to Server APIs application and should display an empty table.

Chrome - :black_circle:

Firefox - :black_circle:

Safari - :black_circle:

:black_circle: With an administrator user, go to Server APIs, click on Add API connection and fill the form with a valid API host. The API host should be added and the table should be udpated.

Chrome - :black_circle:

Firefox - :black_circle:

Safari - :black_circle:

:black_circle: With an administrator user and API hosts added, go to Server APIs, and edit some of them. Try editing some field or multiple fields. The API host entry should be updated and the new values should be displayed in the table.

Chrome - :black_circle:

Firefox - :black_circle:

Safari - :black_circle:

:black_circle: With an administrator user and API hosts added, go to Server APIs, and remove some of them. The API host entries should be updated.

Chrome - :black_circle:

Firefox - :black_circle:

Safari - :black_circle:

:black_circle: With API hosts entries added, ensure the host key in the saved object of the configuration is encrypted.

Chrome - :black_circle:

Firefox - :black_circle:

Safari - :black_circle:

:black_circle: With a stopped API entry, go to Server APIs application and should display a callout about the problem.

Chrome - :black_circle:

Firefox - :black_circle:

Safari - :black_circle:

:black_circle: Without stored object of configuration and a configuration defined on a wazuh.yml configuration file, use the script wazuh-core/scripts/setup-configuration. The configuration should be updated into the saved object.

Chrome - :black_circle:

Firefox - :black_circle:

Safari - :black_circle:

:black_circle: With a stored object of configuration and a configuration defined on a wazuh.yml configuration file, use the script wazuh-core/scripts/setup-configuration. The configuration should be updated into the saved object and ensure the previous configuration is not present. Use the clear option.

Chrome - :black_circle:

Firefox - :black_circle:

Safari - :black_circle:

:black_circle: With a non administrator user, go to App Settings, a prompt should display the user has no permissions

Chrome - :black_circle:

Firefox - :black_circle:

Safari - :black_circle:

:black_circle: With a non administrator user, go to Server APIs, the Add API connection, edit and remove button should be disabled displaying a message related to missing permissions.

Chrome - :black_circle:

Firefox - :black_circle:

Safari - :black_circle:

Other

Test	Result
In configuration, change some settings and update the configuration. Ensure the data is stored in the saved object. Try to upload files too.	:black_circle:
With a stored saved object of configuration, stop the Wazuh dashboard, change the platform setting wazuh_core.instance. Check the current settings are not using the values of the stored saved object configuration.	:black_circle:
With a wazuh.yml configuration file located at data/wazuh/config/wazuh.yml and no stored saved object, should setup the configuration defined in the file into the saved object.	:black_circle:

Details

:black_circle: In configuration, change some settings and update the configuration. Ensure the data is stored in the saved object. Try to upload files too.

:black_circle: With a stored saved object of configuration, stop the Wazuh dashboard, change the platform setting wazuh_core.instance. Check the current settings are not using the values of the stored saved object configuration.

:black_circle: With a wazuh.yml configuration file located at data/wazuh/config/wazuh.yml and no stored saved object, should setup the configuration defined in the file into the saved object.

Check List

[ ] All tests pass
- [ ] yarn test:jest
[ ] New functionality includes testing.
[ ] New functionality has been documented.
[ ] Update CHANGELOG.md
[ ] Commits are signed per the DCO using --signoff

Jan 17 '24 13:01 Desvelao

Test

configuration-saved-object

Legend: :black_circle:: none :green_circle:: pass :yellow_circle:: warning :red_circle:: fail :white_circle:: not applicable

UI

Test	Chrome	Firefox	Safari
With no API hosts added, go to Server APIs application and should display an empty table.	:green_circle:	:black_circle:	:black_circle:
With an administrator user, go to Server APIs, click on Add API connection and fill the form with a valid API host. The API host should be added and the table should be udpated.	:red_circle:	:black_circle:	:black_circle:
With an administrator user and API hosts added, go to Server APIs, and edit some of them. Try editing some field or multiple fields. The API host entry should be updated and the new values should be displayed in the table.	:red_circle:	:black_circle:	:black_circle:
With an administrator user and API hosts added, go to Server APIs, and remove some of them. The API host entries should be updated.	:red_circle:	:black_circle:	:black_circle:
With API hosts entries added, ensure the host key in the saved object of the configuration is encrypted.	:green_circle:	:black_circle:	:black_circle:
With a stopped API entry, go to Server APIs application and should display a callout about the problem.	:green_circle:	:black_circle:	:black_circle:
Without stored object of configuration and a configuration defined on a wazuh.yml configuration file, use the script wazuh-core/scripts/setup-configuration. The configuration should be updated into the saved object.	:black_circle:	:black_circle:	:black_circle:
With a stored object of configuration and a configuration defined on a wazuh.yml configuration file, use the script wazuh-core/scripts/setup-configuration. The configuration should be updated into the saved object and ensure the previous configuration is not present. Use the clear option.	:black_circle:	:black_circle:	:black_circle:
With a non administrator user, go to App Settings, a prompt should display the user has no permissions	:green_circle:	:black_circle:	:black_circle:
With a non administrator user, go to Server APIs, the Add API connection, edit and remove button should be disabled displaying a message related to missing permissions.	:green_circle:	:black_circle:	:black_circle:

Details

:green_circle: With no API hosts added, go to Server APIs application and should display an empty table.

Chrome - :green_circle:

Firefox - :black_circle:

Safari - :black_circle:

:red_circle: With an administrator user, go to Server APIs, click on Add API connection and fill the form with a valid API host. The API host should be added and the table should be udpated.

When a new API is added with the same identifier, it replaces the data of the previous API.

Chrome - :red_circle:

https://github.com/wazuh/wazuh-dashboard-plugins/assets/63758389/1afef4c2-0015-421c-898c-bd6eb4506c4c

Firefox - :black_circle:

Safari - :black_circle:

:red_circle: With an administrator user and API hosts added, go to Server APIs, and edit some of them. Try editing some field or multiple fields. The API host entry should be updated and the new values should be displayed in the table.

When you edit the identifier of an API with the same identifier that has another api in the row of the API the crossed data appear and if you edit again the identifier a new API appears.

Chrome - :red_circle:

https://github.com/wazuh/wazuh-dashboard-plugins/assets/63758389/1afef4c2-0015-421c-898c-bd6eb4506c4c

Firefox - :black_circle:

Safari - :black_circle:

:red_circle: With an administrator user and API hosts added, go to Server APIs, and remove some of them. The API host entries should be updated.

I don't know if the warning callout we want to render when the table is empty.

When a new api appears to edit one when you want to delete them you cannot delete them, and when refreshing the page it disappears.

Chrome - :red_circle:

https://github.com/wazuh/wazuh-dashboard-plugins/assets/63758389/1afef4c2-0015-421c-898c-bd6eb4506c4c

Firefox - :black_circle:

Safari - :black_circle:

:green_circle: With API hosts entries added, ensure the host key in the saved object of the configuration is encrypted.

Chrome - :green_circle:

Firefox - :black_circle:

Safari - :black_circle:

:green_circle: With a stopped API entry, go to Server APIs application and should display a callout about the problem.

Chrome - :green_circle:

Firefox - :black_circle:

Safari - :black_circle:

:black_circle: Without stored object of configuration and a configuration defined on a wazuh.yml configuration file, use the script wazuh-core/scripts/setup-configuration. The configuration should be updated into the saved object.

Chrome - :black_circle:

Firefox - :black_circle:

Safari - :black_circle:

:black_circle: With a stored object of configuration and a configuration defined on a wazuh.yml configuration file, use the script wazuh-core/scripts/setup-configuration. The configuration should be updated into the saved object and ensure the previous configuration is not present. Use the clear option.

Chrome - :black_circle:

Firefox - :black_circle:

Safari - :black_circle:

:green_circle: With a non administrator user, go to App Settings, a prompt should display the user has no permissions

Chrome - :green_circle:

Firefox - :black_circle:

Safari - :black_circle:

:green_circle: With a non administrator user, go to Server APIs, the Add API connection, edit and remove button should be disabled displaying a message related to missing permissions.

Chrome - :green_circle:

Firefox - :black_circle:

Safari - :black_circle:

Other

Test	Result
In configuration, change some settings and update the configuration. Ensure the data is stored in the saved object. Try to upload files too.	:black_circle:
With a stored saved object of configuration, stop the Wazuh dashboard, change the platform setting wazuh_core.instance. Check the current settings are not using the values of the stored saved object configuration.	:black_circle:
With a wazuh.yml configuration file located at data/wazuh/config/wazuh.yml and no stored saved object, should setup the configuration defined in the file into the saved object.	:black_circle:

Details

:black_circle: In configuration, change some settings and update the configuration. Ensure the data is stored in the saved object. Try to upload files too.

:black_circle: With a stored saved object of configuration, stop the Wazuh dashboard, change the platform setting wazuh_core.instance. Check the current settings are not using the values of the stored saved object configuration.

:black_circle: With a wazuh.yml configuration file located at data/wazuh/config/wazuh.yml and no stored saved object, should setup the configuration defined in the file into the saved object.

Feb 27 '24 13:02 yenienserrano

Maybe it would be good to add a check when closing the modal if there are changes in the fields, as it works in security.

Good catch!

This was added in this commit https://github.com/wazuh/wazuh-dashboard-plugins/pull/6337/commits/af40c8fda2fc57732a8bbcf1fa165fa2c44edcb3.

Feb 27 '24 15:02 Desvelao

With an administrator user, go to Server APIs, click on Add API connection and fill the form with a valid API host. The API host should be added and the table should be updated. When a new API is added with the same identifier, it replaces the data of the previous API.

When adding a new API connection, it does not check if the ID is available. We need to check if the identifier is available.

When editing an API connection, and you set the Identifier field to some value of another API connection, it causes you to have 2 API connections with the same ID. We need to check if the identifier is available.

Feb 29 '24 09:02 Desvelao

Wazuh Core plugin code coverage (Jest) test % values

Statements 28.94% ( 286 / 988 )

Branches 26.22% ( 107 / 408 )

Functions 26.87% ( 86 / 320 )

Lines 28.68% ( 278 / 969 )

Wazuh Core plugin code coverage (Jest) test	%	values
Statements	28.94%	( 286 / 988 )
Branches	26.22%	( 107 / 408 )
Functions	26.87%	( 86 / 320 )
Lines	28.68%	( 278 / 969 )

Mar 08 '24 14:03 github-actions[bot]

Wazuh Check Updates plugin code coverage (Jest) test % values

Statements 76.44% ( 172 / 225 )

Branches 58.65% ( 61 / 104 )

Functions 61.7% ( 29 / 47 )

Lines 76.44% ( 172 / 225 )

Wazuh Check Updates plugin code coverage (Jest) test	%	values
Statements	76.44%	( 172 / 225 )
Branches	58.65%	( 61 / 104 )
Functions	61.7%	( 29 / 47 )
Lines	76.44%	( 172 / 225 )

Mar 08 '24 14:03 github-actions[bot]

Main plugin code coverage (Jest) test % values

Statements 11.55% ( 3979 / 34427 )

Branches 7.32% ( 1651 / 22548 )

Functions 10.31% ( 843 / 8169 )

Lines 11.73% ( 3873 / 32995 )

Main plugin code coverage (Jest) test	%	values
Statements	11.55%	( 3979 / 34427 )
Branches	7.32%	( 1651 / 22548 )
Functions	10.31%	( 843 / 8169 )
Lines	11.73%	( 3873 / 32995 )

Mar 08 '24 14:03 github-actions[bot]

Test Chrome Firefox Safari

With no API hosts added, go to Server APIs application and should display an empty table. :green_circle: :black_circle: :black_circle:

With an administrator user, go to Server APIs, click on Add API host and fill the form with a valid API host. The API host should be added and the table should be udpated. :green_circle: :black_circle: :black_circle:

With an administrator user and API hosts added, go to Server APIs, and edit some of them. Try editing some field or multiple fields. The API host entry should be updated and the new values should be displayed in the table. :green_circle: :black_circle: :black_circle:

With an administrator user and API hosts added, go to Server APIs, and remove some of them. The API host entries should be updated. :green_circle: :black_circle: :black_circle:

With API hosts entries added, ensure the host key in the saved object of the configuration is encrypted. :green_circle: :black_circle: :black_circle:

With a stopped API entry, go to Server APIs application and should display a callout about the problem. :green_circle: :black_circle: :black_circle:

Without a stored object of configuration, upload a file through the POST /utils/configuration/import. The configuration should be updated into the saved object. :green_circle: :black_circle: :black_circle:

With a stored object of configuration, upload a file through the POST /utils/configuration/import. The configuration should be updated into the saved object and ensure the previous configuration is not present. :green_circle: :black_circle: :black_circle:

With a non administrator user, go to App Settings, a prompt should display the user has no permissions :green_circle: :black_circle: :black_circle:

With a non administrator user, go to Server APIs, the Add API host, edit and remove button should be disabled displaying a message related to missing permissions. :green_circle: :black_circle: :black_circle:

Details

:green_circle: With no API hosts added, go to Server APIs application and should display an empty table.

Chrome - :green_circle:

Firefox - :black_circle:

Safari - :black_circle:

:green_circle: With an administrator user, go to Server APIs, click on Add API host and fill the form with a valid API host. The API host should be added and the table should be udpated.

Chrome - :green_circle:

Firefox - :black_circle:

Safari - :black_circle:

:green_circle: With an administrator user and API hosts added, go to Server APIs, and edit some of them. Try editing some field or multiple fields. The API host entry should be updated and the new values should be displayed in the table.

Chrome - :green_circle:

Firefox - :black_circle:

Safari - :black_circle:

:green_circle: With an administrator user and API hosts added, go to Server APIs, and remove some of them. The API host entries should be updated.

Chrome - :green_circle:

Peek 2024-03-11 16-06

Firefox - :black_circle:

Safari - :black_circle:

:green_circle: With API hosts entries added, ensure the host key in the saved object of the configuration is encrypted.

Chrome - :green_circle:

Firefox - :black_circle:

Safari - :black_circle:

:green_circle: With a stopped API entry, go to Server APIs application and should display a callout about the problem.

Chrome - :green_circle:

Firefox - :black_circle:

Safari - :black_circle:

:green_circle: Without a stored object of configuration, upload a file through the POST /utils/configuration/import. The configuration should be updated into the saved object.

Chrome - :green_circle:

Firefox - :black_circle:

Safari - :black_circle:

:green_circle: With a stored object of configuration, upload a file through the POST /utils/configuration/import. The configuration should be updated into the saved object and ensure the previous configuration is not present.

Chrome - :green_circle:

Firefox - :black_circle:

Safari - :black_circle:

:green_circle: With a non administrator user, go to App Settings, a prompt should display the user has no permissions

Chrome - :green_circle:

Firefox - :black_circle:

Safari - :black_circle:

:green_circle: With a non administrator user, go to Server APIs, the Add API host, edit and remove button should be disabled displaying a message related to missing permissions.

Chrome - :green_circle:

Firefox - :black_circle:

Safari - :black_circle:

Mar 08 '24 16:03 asteriscos

wazuh-dashboard-plugins
wazuh-dashboard-plugins copied to clipboard

Replace the management of plugins configuration

Description

Issues Resolved

Evidence

Test

configuration-saved-object

UI

Other

Check List

Test

configuration-saved-object

UI

Other

wazuh-dashboard-plugins wazuh-dashboard-plugins copied to clipboard

Replace the management of plugins configuration

Description

Issues Resolved

Evidence

Test

configuration-saved-object

UI

Other

Check List

Test

configuration-saved-object

UI

Other

wazuh-dashboard-plugins
wazuh-dashboard-plugins copied to clipboard