Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Replace the management of plugins configuration #6337

Merged
merged 146 commits into from
Mar 11, 2024
Merged

Replace the management of plugins configuration #6337

merged 146 commits into from
Mar 11, 2024

Conversation

Desvelao
Copy link
Member

@Desvelao Desvelao commented Jan 17, 2024
edited
Loading

Description

This pull request replaces the management of configuration by the plugins.

Changes:

  • Create new services to manage the configuration
    • Configuration (common)
    • ConfigurationStore (frontend and backend side)
    • Adapt the replacement of configuration services:
      • Frontend:
        • Configure through the App Settings application
      • Backend:
        • Refactor the ReportPrinter service to create the PDF reports, now uses the new Configuration service
        • Jobs
        • services to get the top agents with alerts related to some specific condition
  • Add a new field store in the plugin setting
  • Move some backend services to properties of ManageHosts service:
    • CacheAPIUserAllowRunAs
    • ServerAPIHostEntries
  • Create button components that open a flyout
  • Enhance the useForm hook to allow dynamic inputs
  • Create password input form component
  • Add a new setting type arrayOf
  • Refactor AddAPI component
    • Remove old one
    • Create form to add or edit an API host from Server APIs application
    • Refactor the management to display the new add API view
    • Remove unused controller methods to adding the new API host view
  • Add buttons to edit or delete the API host entry to the table on Server APIs application
  • The table in Server APIs application now displays a message when there are not configured APIs
  • Remove deprecated services related to previous configuration
    • Common:
      • getCategorySettingByTitle
      • getSettingDefaultValue
      • getSettingsDefault
      • getSettingsByCategories
      • getSettingsDefaultList
      • groupSettingsByCategory
      • getPluginSettingDescription
      • getCustomizationSetting: moved to the Configuration instance of the backend side
    • Backend:
      • getConfiguration
      • services related to the creation of the initial file configuration
  • Create new endpoints to manage the configuration
    • POST /utils/configuration/clear: clear the configuration stored in the saved object
    • POST /utils/configuration/import: import the configuration from a configuration file
  • Create new endpoints and controllers to manage the API host entries
    • PUT /hosts/apis/{id}: add or update an existing API host entry
    • DELETE /hosts/apis/{id}: remove an existing API host entry
  • Refactor the validation of endpoints taking into account the dynamic configuration instead of static
    • PUT /utils/configuration
    • PUT /utils/configuration/files/{key}
    • DELETE /utils/configuration/files/{key}
  • Move the API is down view
    - Remove render through AngularJS template
    - Remove properties defined in controller
    - Add a new callout to render in Server APIs
    - Include a button that opens a flyout with a basic troubleshooting
  • Create processes to setup or migrate the previous configuration:
    • Server side
    • Script
  • Replace the consideration of "administrator" user based on API roles to platform permission to use the rest API based on platform roles:
    • Create a new endpoint to get data about the account:
    • GET /utils/account: gives information about if the user is an user considered as "administrator" for the plugins.
    • Refactor the protection of some views with the "administrator" user.
      • Sample data
      • App Settings
    • Refactor the WzButtonPermissions buttons to use the administrator check instead of based on checking the "administrator" API roles.
    • Create a decorator to protect the API routes and protect them
  • Create a frontend service to manage the dashboardSecurity
    • Replace the request to get the current platform by method provided by the service
  • Create a button component that opens a flyout
  • Create a password form input
  • Adapted the unit tests

Issues Resolved

#6201

Evidence

  • Generic view
    image

  • Add API entry
    image
    image

  • Edit and remove buttons
    image
    image
    image

  • Warning about API could be down:
    image
    image

Test

configuration-saved-object

Legend:
⚫: none
🟢: pass
🟡: warning
🔴: fail
⚪: not applicable

UI

Test Chrome Firefox Safari
With no API hosts added, go to Server APIs application and should display an empty table.
With an administrator user, go to Server APIs, click on Add API host and fill the form with a valid API host. The API host should be added and the table should be udpated.
With an administrator user and API hosts added, go to Server APIs, and edit some of them. Try editing some field or multiple fields. The API host entry should be updated and the new values should be displayed in the table.
With an administrator user and API hosts added, go to Server APIs, and remove some of them. The API host entries should be updated.
With API hosts entries added, ensure the host key in the saved object of the configuration is encrypted.
With a stopped API entry, go to Server APIs application and should display a callout about the problem.
Without a stored object of configuration, upload a file through the POST /utils/configuration/import. The configuration should be updated into the saved object.
With a stored object of configuration, upload a file through the POST /utils/configuration/import. The configuration should be updated into the saved object and ensure the previous configuration is not present.
With a non administrator user, go to App Settings, a prompt should display the user has no permissions
With a non administrator user, go to Server APIs, the Add API host, edit and remove button should be disabled displaying a message related to missing permissions.

Details

⚫ With no API hosts added, go to Server APIs application and should display an empty table.

Chrome - ⚫

Firefox - ⚫

Safari - ⚫

⚫ With an administrator user, go to Server APIs, click on Add API host and fill the form with a valid API host. The API host should be added and the table should be udpated.

Chrome - ⚫

Firefox - ⚫

Safari - ⚫

⚫ With an administrator user and API hosts added, go to Server APIs, and edit some of them. Try editing some field or multiple fields. The API host entry should be updated and the new values should be displayed in the table.

Chrome - ⚫

Firefox - ⚫

Safari - ⚫

⚫ With an administrator user and API hosts added, go to Server APIs, and remove some of them. The API host entries should be updated.

Chrome - ⚫

Firefox - ⚫

Safari - ⚫

⚫ With API hosts entries added, ensure the host key in the saved object of the configuration is encrypted.

Chrome - ⚫

Firefox - ⚫

Safari - ⚫

⚫ With a stopped API entry, go to Server APIs application and should display a callout about the problem.

Chrome - ⚫

Firefox - ⚫

Safari - ⚫

⚫ Without a stored object of configuration, upload a file through the POST /utils/configuration/import. The configuration should be updated into the saved object.

Chrome - ⚫

Firefox - ⚫

Safari - ⚫

⚫ With a stored object of configuration, upload a file through the POST /utils/configuration/import. The configuration should be updated into the saved object and ensure the previous configuration is not present.

Chrome - ⚫

Firefox - ⚫

Safari - ⚫

⚫ With a non administrator user, go to App Settings, a prompt should display the user has no permissions

Chrome - ⚫

Firefox - ⚫

Safari - ⚫

⚫ With a non administrator user, go to Server APIs, the Add API host, edit and remove button should be disabled displaying a message related to missing permissions.

Chrome - ⚫

Firefox - ⚫

Safari - ⚫

Other

Test Result
In configuration, change some settings and update the configuration. Ensure the data is stored in the saved object. Try to upload files too.
With a stored saved object of configuration, stop the Wazuh dashboard, change the platform setting wazuh_core.instance. Check the current settings are not using the values of the stored saved object configuration.
With a wazuh.yml configuration file located at data/wazuh/config/wazuh.yml and no stored saved object, should setup the configuration defined in the file into the saved object.

Details

⚫ In configuration, change some settings and update the configuration. Ensure the data is stored in the saved object. Try to upload files too.
⚫ With a stored saved object of configuration, stop the Wazuh dashboard, change the platform setting wazuh_core.instance. Check the current settings are not using the values of the stored saved object configuration.
⚫ With a wazuh.yml configuration file located at data/wazuh/config/wazuh.yml and no stored saved object, should setup the configuration defined in the file into the saved object.

Check List

  • All tests pass
    • yarn test:jest
  • New functionality includes testing.
  • New functionality has been documented.
  • Update CHANGELOG.md
  • Commits are signed per the DCO using --signoff

@Desvelao
feat(logging): remove plugin logger from start tasks of main plugin
701b9aa 
- Enhance the logging messages
- Minor enhancements
@Desvelao
feat(logging): minor fixes to logging messages in the main plugin
70f02f4
@Desvelao
feat(logging): remove custom logger from endpoints of main plugin
c3ba9d1
@Desvelao
fix(logging): remove parameter of addJobToQueue
7c34345
@Desvelao
feat(core): replace the loggin service and move services to core plugin
ff2c07d 
- Replace the logging services
- Move services to core plugin
  - CacheAPIUserAllowRunAs
  - ManageHosts
  - ServerAPIClient (aka api-interceptor)
  - ServerAPIHostEntries (aka )
  - UpdateConfigurationFile
  - UpdateRegistry
- Adapt the usage of services in the main and check updates plugin from
  core plugin
- Remove plugin logger from main and core plugins
- Remove API endpoint
  - GET /utils/logs/ui
- Remove unused code
- Adapt the test suites
@Desvelao
Merge branch 'master' of https://github.com/wazuh/wazuh-kibana-app in…
283788e 
…to enhancement/6137-adapt-logging-method
@Desvelao
feat(logging): removed constants related to log files path
842b4a3
@Desvelao
fix(dependency): removed winston dependency of plugins and update the…
dad9274 
… yarn.lock files
@Desvelao
fix(logging): removed logs.level plugin setting
3914913
@Desvelao
fix(logging): fixed monitoring and statistics backend tasks
20ed9bc
@Desvelao
Merge branch 'master' of https://github.com/wazuh/wazuh-kibana-app in…
dba3e2f 
…to enhancement/6137-adapt-logging-method
@Desvelao
fix(monitoring): manage API host entries
2d0053b
@Desvelao
feat(core): add description to core services classes
a9de346
@Desvelao
feat(docs): add docs to core plugin
20b0f90
@Desvelao
feat(docs): add description to core services
9ca647e
@Desvelao
test: fix of check updates plugin
54187b5
@Desvelao
test: fix of check updates plugin
efc99e2
@Desvelao
feat(logging): remove the App logs application
d726682 
- Remove GET /utils/logs endpoint
  - Remove related tests
- Remove App logs application
@Desvelao
fix: typo in UpdateRegistry service
87b2b18
@Desvelao
feat: add InputFormPassword component
6042fe5
@Desvelao
feat: add Configuration and ConfigurationStore services for core plugin
ac8b873 
- Create Configuration service
- Create ConfigurationStore (backend and frontend side)
- Register the plugin settings in the configuration services
@Desvelao
feat: adapt API endpoints related to configuration to use the Configu…
b0fd099 
…ration service

- API endpoints:
  - GET /utils/configuration
  - PUT /utils/configuration
  - PUT /utils/configuration/files/{key}
  - DELETE /utils/configuration/files/{key}
@Desvelao
feat: adapt the monitoring task of main plugin to use the Configurati…
1edc282 
…on service
@Desvelao
fix: remove unwanted log
9d24c19
@Desvelao
feat: adapt API endpoints related to sample data to the configuration…
322abe1 
… service
@Desvelao
feat: enhance plugin settings to define the mapping in the saved object
3fb4c1d
@Desvelao
remove: remove buildIndexSettings service
60bd3e4
@Desvelao
feat(configuration): remove reference to configuration file in App Se…
25c68fa 
…ttings
@Desvelao
feat(uilib): create buttons that opens flyouts
0c4f64a
@Desvelao
fix: plugin settings definition
e61360e
Desvelao added 14 commits March 1, 2024 09:05
@Desvelao
feat: add platform server mock and wazuh-host test
8bc797f
@Desvelao
fix: enhance error messages in API endpoints related to API hosts man…
1ff572b 
…agement
@Desvelao
feat: enhance setup-configuration script
52f93da
@Desvelao
fix: description of API endopoint controller
67376d0
@Desvelao
fix: clear and reset method of Configuration service
73025f8
@Desvelao
feat(configuration): replace the management of setup the plugins conf…
ce1044a 
…iguration

- Create new API endpoint to import a configuration file
  - POST /utils/configuration/import
- Create method to enhance the configuration of the backend side to
  manage the importation
- Remove duplicated code to check if updating some settings requires to
  do some actions to apply
@Desvelao
remove: remove unneeded script to setup the configuration
fededde
@Desvelao
Merge branch '4.9.0' of https://github.com/wazuh/wazuh-kibana-app int…
3146de6 
…o enhancement/6201-replace-plugins-configuration
@Desvelao
fix(configuration): fix display warnings on settings that requires to…
a502874 
… run the health check
@Desvelao
feat(configuration): renamed the type of configuration saved objecto …
247a467 
…to wazuh-dashboard-plugins-config
@Desvelao
fix(configuration): tests
840651c
@Desvelao
remove(configuration): unused types and settings-validator service on…
551e2d2 
… main plugin
@Desvelao
fix: tests
95dc071
@Desvelao
fix(configuration): change the status code to 403 in the route decora…
7a0a59c 
…tor related to administrator user
@JuanGarriuz JuanGarriuz self-requested a review March 5, 2024 10:54
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Mar 8, 2024

Wazuh Core plugin code coverage (Jest) test % values
Statements 28.94% ( 286 / 988 )
Branches 26.22% ( 107 / 408 )
Functions 26.87% ( 86 / 320 )
Lines 28.68% ( 278 / 969 )

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Mar 8, 2024

Wazuh Check Updates plugin code coverage (Jest) test % values
Statements 76.44% ( 172 / 225 )
Branches 58.65% ( 61 / 104 )
Functions 61.7% ( 29 / 47 )
Lines 76.44% ( 172 / 225 )

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Mar 8, 2024

Main plugin code coverage (Jest) test % values
Statements 11.55% ( 3979 / 34427 )
Branches 7.32% ( 1651 / 22548 )
Functions 10.31% ( 843 / 8169 )
Lines 11.73% ( 3873 / 32995 )

yenienserrano
yenienserrano approved these changes Mar 8, 2024
View reviewed changes
Copy link
Member

@yenienserrano yenienserrano left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

CR: ✅
Test: ✅ fixed the problems I had found when adding and editing apis

@asteriscos
Copy link
Member

asteriscos commented Mar 8, 2024
edited
Loading

Test Chrome Firefox Safari
With no API hosts added, go to Server APIs application and should display an empty table. 🟢
With an administrator user, go to Server APIs, click on Add API host and fill the form with a valid API host. The API host should be added and the table should be udpated. 🟢
With an administrator user and API hosts added, go to Server APIs, and edit some of them. Try editing some field or multiple fields. The API host entry should be updated and the new values should be displayed in the table. 🟢
With an administrator user and API hosts added, go to Server APIs, and remove some of them. The API host entries should be updated. 🟢
With API hosts entries added, ensure the host key in the saved object of the configuration is encrypted. 🟢
With a stopped API entry, go to Server APIs application and should display a callout about the problem. 🟢
Without a stored object of configuration, upload a file through the POST /utils/configuration/import. The configuration should be updated into the saved object. 🟢
With a stored object of configuration, upload a file through the POST /utils/configuration/import. The configuration should be updated into the saved object and ensure the previous configuration is not present. 🟢
With a non administrator user, go to App Settings, a prompt should display the user has no permissions 🟢
With a non administrator user, go to Server APIs, the Add API host, edit and remove button should be disabled displaying a message related to missing permissions. 🟢

Details

🟢 With no API hosts added, go to Server APIs application and should display an empty table.

Chrome - 🟢

image

Firefox - ⚫

Safari - ⚫

🟢 With an administrator user, go to Server APIs, click on Add API host and fill the form with a valid API host. The API host should be added and the table should be udpated.

Chrome - 🟢

image

Firefox - ⚫

Safari - ⚫

🟢 With an administrator user and API hosts added, go to Server APIs, and edit some of them. Try editing some field or multiple fields. The API host entry should be updated and the new values should be displayed in the table.

Chrome - 🟢

image

Firefox - ⚫

Safari - ⚫

🟢 With an administrator user and API hosts added, go to Server APIs, and remove some of them. The API host entries should be updated.

Chrome - 🟢

Peek 2024-03-11 16-06

Firefox - ⚫

Safari - ⚫

🟢 With API hosts entries added, ensure the host key in the saved object of the configuration is encrypted.

Chrome - 🟢

image

Firefox - ⚫

Safari - ⚫

🟢 With a stopped API entry, go to Server APIs application and should display a callout about the problem.

Chrome - 🟢

image

Firefox - ⚫

Safari - ⚫

🟢 Without a stored object of configuration, upload a file through the POST /utils/configuration/import. The configuration should be updated into the saved object.

Chrome - 🟢

image

Firefox - ⚫

Safari - ⚫

🟢 With a stored object of configuration, upload a file through the POST /utils/configuration/import. The configuration should be updated into the saved object and ensure the previous configuration is not present.

Chrome - 🟢

image

Firefox - ⚫

Safari - ⚫

🟢 With a non administrator user, go to App Settings, a prompt should display the user has no permissions

Chrome - 🟢

image

Firefox - ⚫

Safari - ⚫

🟢 With a non administrator user, go to Server APIs, the Add API host, edit and remove button should be disabled displaying a message related to missing permissions.

Chrome - 🟢

image

Firefox - ⚫

Safari - ⚫

@asteriscos asteriscos merged commit d79db98 into 4.9.0 Mar 11, 2024
4 checks passed
@asteriscos asteriscos deleted the enhancement/6201-replace-plugins-configuration branch March 11, 2024 15:51
@Desvelao Desvelao mentioned this pull request Apr 3, 2024
Closed
15 tasks
@JuanGarriuz JuanGarriuz mentioned this pull request Jun 21, 2024
Closed
1 task
@asteriscos asteriscos mentioned this pull request Jul 16, 2024
Closed
1 task
@Machi3mfl Machi3mfl mentioned this pull request Jul 22, 2024
Closed
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yenienserrano yenienserrano yenienserrano approved these changes

@asteriscos asteriscos asteriscos approved these changes

@JuanGarriuz JuanGarriuz Awaiting requested review from JuanGarriuz

Assignees

@Desvelao Desvelao

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Move the plugin configuration to stateless
3 participants
@Desvelao @yenienserrano @asteriscos