Skip to content

Commit

Permalink
Merge pull request #53 from syrk4web/dev
Browse files Browse the repository at this point in the history
Update plugins UI and actions
  • Loading branch information
TheophileDiot authored Feb 20, 2024
2 parents 335853c + bc01f37 commit 836890f
Show file tree
Hide file tree
Showing 26 changed files with 494 additions and 874 deletions.
19 changes: 19 additions & 0 deletions clamav/ui/actions.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
def clamav(**kwargs):
ping = {"ping_status": "unknown"}

args = kwargs.get("args", False)
if not args:
return {**ping}

is_ping = args.get("ping", False)
if not is_ping:
return {**ping}

# Check ping
try:
ping_data = kwargs["app"].config["INSTANCES"].get_ping("clamav")
ping = {"ping_status": ping_data["status"]}
except:
ping = {"ping_status": "error"}

return {**ping}
175 changes: 52 additions & 123 deletions clamav/ui/template.html
Original file line number Diff line number Diff line change
@@ -1,4 +1,11 @@
{% extends "base.html" %} {% block content %}
<input
type="csrf_token"
name="csrf_token"
value="{{ csrf_token }}"
class="hidden"
hidden
/>

<div class="col-span-12 grid grid-cols-12 gap-4">
{% if is_used %}
Expand All @@ -16,6 +23,7 @@ <h5 class="mb-2 font-bold dark:text-white/90">INFO</h5>
width="200"
/>
<p
data-info
class="transition duration-300 ease-in-out mb-0 font-sans text-sm leading-normal dark:text-gray-500 dark:opacity-80"
>
{{ plugin['description'] or ''}}
Expand Down Expand Up @@ -44,13 +52,13 @@ <h5 class="mb-2 font-bold dark:text-white/90">INFO</h5>
>
<h5 class="mb-2 font-bold dark:text-white/90">TEST</h5>
<p
class="transition duration-300 ease-in-out mb-0 font-sans text-sm leading-normal dark:text-gray-500 dark:opacity-80 text-center"
class="transition duration-300 ease-in-out mb-0 font-sans text-sm leading-normal dark:text-gray-100 dark:opacity-80 text-center"
>
Use next button to test {{ plugin['name'] }}
</p>

<div class="flex justify-center mt-4">
<button type="button" class="edit-btn text-sm" onclick="send_test()">
<button type="button" class="edit-btn text-sm" data-ping>
Test plugin
</button>
</div>
Expand All @@ -59,129 +67,50 @@ <h5 class="mb-2 font-bold dark:text-white/90">TEST</h5>
class="h-px mx-0 mt-3 mb-2 bg-transparent bg-gradient-to-r from-transparent via-black/40 to-transparent dark:bg-gradient-to-r dark:from-transparent dark:via-white dark:to-transparent"
/>

<div id="response-div" class="flex justify-center items-center">
<div id="no-test" class="flex justify-center items-center">
<svg
xmlns="http://www.w3.org/2000/svg"
fill="none"
viewBox="0 0 24 24"
stroke-width="1.5"
stroke="currentColor"
class="w-6 h-6 stroke-gray-600"
>
<path
stroke-linecap="round"
stroke-linejoin="round"
d="m21 21-5.197-5.197m0 0A7.5 7.5 0 1 0 5.196 5.196a7.5 7.5 0 0 0 10.607 10.607Z"
/>
</svg>
<p class="mb-0 ml-1 font-semibold text-gray-600 text-base uppercase">
UNKNOWN
</p>
</div>
<div
class="hidden flex justify-center items-center"
id="response-success"
<div class="mx-1 flex justify-center items-center">
<svg
data-status-svg
class="w-6 h-6 fill-sky-500"
viewBox="0 0 100 100"
xmlns="http://www.w3.org/2000/svg"
>
<svg
xmlns="http://www.w3.org/2000/svg"
fill="none"
viewBox="0 0 24 24"
stroke-width="1.5"
stroke="currentColor"
class="w-6 h-6 stroke-green-500"
>
<path
stroke-linecap="round"
stroke-linejoin="round"
d="M9 12.75 11.25 15 15 9.75M21 12a9 9 0 1 1-18 0 9 9 0 0 1 18 0Z"
/>
</svg>
<p class="mb-0 ml-1 font-semibold text-green-500 text-base uppercase">
SUCCESS
</p>
</div>
<div class="hidden flex justify-center items-center" id="response-failed">
<svg
xmlns="http://www.w3.org/2000/svg"
fill="none"
viewBox="0 0 24 24"
stroke-width="1.5"
stroke="currentColor"
class="w-6 h-6 stroke-red-500"
>
<path
stroke-linecap="round"
stroke-linejoin="round"
d="M12 9v3.75m9-.75a9 9 0 1 1-18 0 9 9 0 0 1 18 0Zm-9 3.75h.008v.008H12v-.008Z"
/>
</svg>
<p class="mb-0 ml-1 font-semibold text-red-500 text-base uppercase">
FAILED
</p>
</div>
<div class="hidden flex justify-center items-center" id="response-none">
<svg
xmlns="http://www.w3.org/2000/svg"
fill="none"
viewBox="0 0 24 24"
stroke-width="1.5"
stroke="currentColor"
class="w-6 h-6 stroke-red-500"
>
<path
stroke-linecap="round"
stroke-linejoin="round"
d="M18.364 18.364A9 9 0 0 0 5.636 5.636m12.728 12.728A9 9 0 0 1 5.636 5.636m12.728 12.728L5.636 5.636"
/>
</svg>

<p class="mb-0 ml-1 font-semibold text-red-500 text-base uppercase">
FAILED
</p>
</div>
<circle cx="50" cy="50" r="50" />
</svg>
<p
data-status-text
class="ml-2 mx-1 transition duration-300 ease-in-out mb-0 font-sans text-sm leading-normal dark:text-gray-100 dark:opacity-80"
>
Unknown
</p>
</div>
</div>

<!-- end test -->
<script async>
// Test file from https://www.eicar.com/download-anti-malware-testfile/ encoded in base64
const coded_content =
"WDVPIVAlQEFQWzRcUFpYNTQoUF4pN0NDKTd9JEVJQ0FSLVNUQU5EQVJELUFOVElWSVJVUy1URVNULUZJTEUhJEgrSCo=";
const binary_content = atob(coded_content);

function send_test() {
let data = new FormData();
data.set(
"file",
new Blob([binary_content], { type: "text/plain" }),
"eicar.txt"
);
data.set("csrf_token", "{{ csrf_token() }}");

let xhr = new XMLHttpRequest();
xhr.open("POST", "{{ url_for('plugins') }}/clamav", true);
xhr.send(data);

xhr.onload = function () {
document.getElementById("no-test").classList.add("hidden");
if (xhr.status == 200) {
document.getElementById("response-failed").classList.remove("hidden");
document.getElementById("response-none").classList.add("hidden");
document.getElementById("response-success").classList.add("hidden");
} else if (xhr.status == 403) {
document
.getElementById("response-success")
.classList.remove("hidden");
document.getElementById("response-none").classList.add("hidden");
document.getElementById("response-failed").classList.add("hidden");
} else {
document.getElementById("response-none").classList.remove("hidden");
document.getElementById("response-success").classList.add("hidden");
document.getElementById("response-failed").classList.add("hidden");
}
};
}
<script>
// Use SetupPlugin class that is on static/js/plugins/setup.js
const setPlugin = new SetupPlugin({
info: {
el: document.querySelector("[data-info]"),
value: "{{ plugin['description'] or ''}}",
type: "text",
},
// value : active / inactive / unknown
ping_status: {
el: document.querySelector("[data-status-svg]"),
value: "unknown",
type: "status",
textEl: document.querySelector("[data-status-text]"),
},
});

// When click to ping button
window.addEventListener("click", (e) => {
if (e.target.hasAttribute("data-ping")) {
window.location.href = `${location.href.replace(
"?ping=true",
"",
)}?ping=true`;
}
});
</script>

{% else %}
Expand Down Expand Up @@ -216,9 +145,9 @@ <h5 class="mb-2 font-bold dark:text-white/90">Deactivated</h5>
<div class="mx-1 flex justify-start items-center my-2">
<p
data-info
class="transition duration-300 ease-in-out mb-0 font-sans text-sm leading-normal dark:text-gray-500 dark:opacity-80"
class="transition duration-300 ease-in-out mb-0 font-sans text-sm leading-normal dark:text-gray-100 dark:opacity-80"
>
This plugin need to be activated to get metrics.
This plugin need to be activated.
</p>
</div>
</div>
Expand Down
2 changes: 1 addition & 1 deletion coraza/plugin.json
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@
"default": "no",
"help": "Activate Coraza library",
"id": "use coraza library",
"label": "Coraza",
"label": "Use coraza",
"regex": "^(no|yes)$",
"type": "check"
},
Expand Down
19 changes: 19 additions & 0 deletions coraza/ui/actions.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
def coraza(**kwargs):
ping = {"ping_status": "unknown"}

args = kwargs.get("args", False)
if not args:
return {**ping}

is_ping = args.get("ping", False)
if not is_ping:
return {**ping}

# Check ping
try:
ping_data = kwargs["app"].config["INSTANCES"].get_ping("coraza")
ping = {"ping_status": ping_data["status"]}
except:
ping = {"ping_status": "error"}

return {**ping}
166 changes: 46 additions & 120 deletions coraza/ui/template.html

Large diffs are not rendered by default.

18 changes: 9 additions & 9 deletions crowdsec/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -199,12 +199,12 @@ metadata:

# Settings

| Setting | Default | Context |Multiple| Description |
|---------------------------------|----------------------|---------|--------|--------------------------------------------------------|
|`USE_CROWDSEC` |`no` |multisite|no |Activate CrowdSec bouncer. |
|`CROWDSEC_API` |`http://crowdsec:8080`|global |no |Address of the CrowdSec API. |
|`CROWDSEC_API_KEY` | |global |no |Key for the CrowdSec API given by cscli bouncer add. |
|`CROWDSEC_MODE` |`live` |global |no |Mode of the CrowdSec API (live or stream). |
|`CROWDSEC_REQUEST_TIMEOUT` |`500` |global |no |Bouncer's request timeout in milliseconds (live mode). |
|`CROWDSEC_STREAM_REQUEST_TIMEOUT`|`15000` |global |no |Bouncer's request timeout in milliseconds (stream mode).|
|`CROWDSEC_UPDATE_FREQUENCY` |`10` |global |no |Bouncer's update frequency in stream mode, in second. |
| Setting | Default | Context | Multiple | Description |
| --------------------------------- | ---------------------- | --------- | -------- | -------------------------------------------------------- |
| `USE_CROWDSEC` | `no` | multisite | no | Activate CrowdSec bouncer. |
| `CROWDSEC_API` | `http://crowdsec:8080` | global | no | Address of the CrowdSec API. |
| `CROWDSEC_API_KEY` | | global | no | Key for the CrowdSec API given by cscli bouncer add. |
| `CROWDSEC_MODE` | `live` | global | no | Mode of the CrowdSec API (live or stream). |
| `CROWDSEC_REQUEST_TIMEOUT` | `500` | global | no | Bouncer's request timeout in milliseconds (live mode). |
| `CROWDSEC_STREAM_REQUEST_TIMEOUT` | `15000` | global | no | Bouncer's request timeout in milliseconds (stream mode). |
| `CROWDSEC_UPDATE_FREQUENCY` | `10` | global | no | Bouncer's update frequency in stream mode, in second. |
5 changes: 4 additions & 1 deletion crowdsec/jobs/crowdsec-conf.py
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,10 @@
b"%CROWDSEC_REQUEST_TIMEOUT%",
getenv("CROWDSEC_REQUEST_TIMEOUT", "500").encode(),
)
.replace(b"%CROWDSEC_UPDATE_FREQUENCY%", getenv("CROWDSEC_UPDATE_FREQUENCY", "10").encode())
.replace(
b"%CROWDSEC_UPDATE_FREQUENCY%",
getenv("CROWDSEC_UPDATE_FREQUENCY", "10").encode(),
)
.replace(b"%UPDATE_FREQUENCY%", getenv("UPDATE_FREQUENCY", "10").encode())
.replace(
b"%CROWDSEC_STREAM_REQUEST_TIMEOUT%",
Expand Down
4 changes: 2 additions & 2 deletions crowdsec/lib/ban.lua
Original file line number Diff line number Diff line change
Expand Up @@ -55,10 +55,10 @@ function M.apply()
ngx.exit(M.ret_code)
return
end

ngx.exit(M.ret_code)

return
end

return M
return M
16 changes: 8 additions & 8 deletions crowdsec/lib/bouncer.lua
Original file line number Diff line number Diff line change
Expand Up @@ -193,7 +193,7 @@ local function item_to_string(item, scope)
local ip_network_address, is_ipv4 = iputils.parseIPAddress(ip)
if ip_network_address == nil then
return nil
end
end
if is_ipv4 then
ip_version = "ipv4"
if cidr == nil then
Expand Down Expand Up @@ -221,11 +221,11 @@ local function set_refreshing(value)
end
if forcible then
ngx.log(ngx.ERR, "Lua shared dict (crowdsec cache) is full, please increase dict size in config")
end
end
end

local function stream_query(premature)
-- As this function is running inside coroutine (with ngx.timer.at),
-- As this function is running inside coroutine (with ngx.timer.at),
-- we need to raise error instead of returning them


Expand Down Expand Up @@ -283,7 +283,7 @@ local function stream_query(premature)
end
if forcible then
ngx.log(ngx.ERR, "Lua shared dict (crowdsec cache) is full, please increase dict size in config")
end
end

local status = res.status
local body = res.body
Expand Down Expand Up @@ -345,7 +345,7 @@ local function stream_query(premature)
end
if forcible then
ngx.log(ngx.ERR, "Lua shared dict (crowdsec cache) is full, please increase dict size in config")
end
end


local ok, err = ngx.timer.at(runtime.conf["UPDATE_FREQUENCY"], stream_query)
Expand All @@ -369,7 +369,7 @@ local function live_query(ip)
local status = res.status
local body = res.body
if status~=200 then
return true, nil, "Http error " .. status .. " while talking to LAPI (" .. link .. ")"
return true, nil, "Http error " .. status .. " while talking to LAPI (" .. link .. ")"
end
if body == "null" then -- no result from API, no decision for this IP
-- set ip in cache and DON'T block it
Expand Down Expand Up @@ -468,7 +468,7 @@ function csmod.allowIp(ip)
return in_cache, runtime.remediations[tostring(remediation_id)], nil
end
end

local ip_network_address = key_parts[3]
local netmasks = iputils.netmasks_by_key_type[key_type]
for i, netmask in pairs(netmasks) do
Expand Down Expand Up @@ -710,4 +710,4 @@ end
function csmod.close()
end

return csmod
return csmod
2 changes: 1 addition & 1 deletion crowdsec/lib/captcha.lua
Original file line number Diff line number Diff line change
Expand Up @@ -106,7 +106,7 @@ function M.Validate(captcha_res, remote_ip)
ngx.log(ngx.ERR, "reCaptcha secret key is invalid")
return true, nil
end
end
end
end

return result.success, nil
Expand Down
Loading

0 comments on commit 836890f

Please sign in to comment.