Findings dashboard for all organizations

docs/source/manual/crisis-room.rst

@@ -0,0 +1,51 @@
+===========
+Crisis Room
+===========
+
+In OpenKAT we differentiate two Crisis Rooms:
+
+- **Single Organization Crisis Room:** a Crisis Room for each organization separately
+- **General Crisis Room:** one general Crisis Room with for all organizations
+
+
+Single Organization Crisis Room
+===============================
+
+This page shows a Crisis Room for each organization separately.
+Currently, this Crisis Room shows the top 10 most severe Findings.
+In the future it will serve as a dashboard which can be customized by the user.
+
+
+General Crisis Room
+===================
+
+This page shows the Crisis Room for all organizations.
+Currently, this Crisis Room only shows the Findings, but in the future it will also show dashboards,
+which can be customized by the user.
+
+Findings
+--------
+This section shows all the findings that have been identified for all organizations.
+These findings are shown in a table, grouped by organization and finding types.
+
+Every organization has one default report recipe. This recipe is used to create an Aggregate Findings Report.
+The output of this report, for each organization, is shown in this section.
+
+The default settings for this report recipe are:
+
+- report_name_format = ``Crisis Room Aggregate Report``
+- ooi_types =  ``["IPAddressV6", "Hostname", "IPAddressV4"]``
+- scan_level = ``[1, 2, 3]``
+- scan_type = ``["declared"]``
+- report_types = ``["systems-report", "findings-report"]``
+- cron_expression = ``0 * * * *`` (every hour)
+
+It is possible to update the report recipe*. To do this:
+
+- Go to "Reports"
+- Click on the tab "Scheduled"
+- Look for the "Criris Room Aggregate Report"
+- Open the row
+- Click on "Edit report recipe"
+
+*\*Note: if you want to update the report recipe, you have to do this for every organization.*

docs/source/manual/index.rst

@@ -8,5 +8,6 @@ An overview of all KAT functionality, from a user perspective.
    :caption: Contents
 
    user-manual
+   crisis-room
    reports
    normalizers

rocky/Makefile

@@ -14,6 +14,9 @@ build-rocky:
 # Set DATABASE_MIGRATION=false to prevent entrypoint from running migration
 	docker compose run --rm -e DATABASE_MIGRATION=false rocky make build-rocky-native
 
+dashboards:
+	docker compose run --rm rocky python3 manage.py dashboard
+
 build-rocky-native:
 	while ! nc -vz $$ROCKY_DB_HOST $$ROCKY_DB_PORT; do sleep 0.1; done
 	python3 manage.py migrate

rocky/crisis_room/management/commands/dashboard.py

@@ -0,0 +1,81 @@
+import json
+from datetime import datetime, timezone
+from pathlib import Path
+from typing import Any
+from uuid import uuid4
+
+from crisis_room.models import Dashboard, DashboardData
+from django.conf import settings
+from django.core.management import BaseCommand
+from tools.models import Organization
+from tools.ooi_helpers import create_ooi
+
+from octopoes.connector.octopoes import OctopoesAPIConnector
+from octopoes.models.ooi.reports import ReportRecipe
+from rocky.bytes_client import get_bytes_client
+from rocky.scheduler import ReportTask, ScheduleRequest, scheduler_client
+
+FINDINGS_DASHBOARD_NAME = "Crisis Room Findings Dashboard"
+
+
+def get_or_create_default_dashboard(organization: Organization):
+    valid_time = datetime.now(timezone.utc)
+    is_scheduler_ready_for_schedule = is_scheduler_enabled(organization)
+
+    if is_scheduler_ready_for_schedule:
+        path = Path(__file__).parent / "recipe_seeder.json"
+        with path.open("r") as recipe_seeder:
+            recipe_default = json.load(recipe_seeder)
+
+        dashboard, _ = Dashboard.objects.get_or_create(name=FINDINGS_DASHBOARD_NAME, organization=organization)
+
+        dashboard_data, created = DashboardData.objects.get_or_create(dashboard=dashboard)
+        if created:
+            recipe = create_organization_recipe(valid_time, organization, recipe_default)
+            dashboard_data.recipe = recipe.primary_key
+            schedule_request = create_schedule_request(valid_time, organization, recipe)
+            scheduler_client(organization.code).post_schedule(schedule=schedule_request)
+
+        dashboard_data.findings_dashboard = True
+        dashboard_data.save()
+
+
+def create_organization_recipe(
+    valid_time: datetime, organization: Organization, recipe_default: dict[str, Any]
+) -> ReportRecipe:
+    report_recipe = ReportRecipe(recipe_id=uuid4(), **recipe_default)
+
+    octopoes_client = OctopoesAPIConnector(
+        settings.OCTOPOES_API, organization.code, timeout=settings.ROCKY_OUTGOING_REQUEST_TIMEOUT
+    )
+    bytes_client = get_bytes_client(organization.code)
+
+    create_ooi(api_connector=octopoes_client, bytes_client=bytes_client, ooi=report_recipe, observed_at=valid_time)
+    return report_recipe
+
+
+def is_scheduler_enabled(organization: Organization) -> bool:
+    scheduler_id = f"report-{organization.code}"
+    return scheduler_client(organization.code).is_scheduler_ready(scheduler_id)
+
+
+def create_schedule_request(
+    start_datetime: datetime, organization: Organization, report_recipe: ReportRecipe
+) -> ScheduleRequest:
+    report_task = ReportTask(
+        organisation_id=organization.code, report_recipe_id=str(report_recipe.recipe_id)
+    ).model_dump()
+
+    return ScheduleRequest(
+        scheduler_id=f"report-{organization.code}",
+        data=report_task,
+        schedule=report_recipe.cron_expression,
+        deadline_at=start_datetime.isoformat(),
+    )
+
+
+class Command(BaseCommand):
+    def handle(self, *args, **options):
+        organizations = Organization.objects.all()
+        for organization in organizations:
+            get_or_create_default_dashboard(organization)

rocky/crisis_room/management/commands/recipe_seeder.json

@@ -0,0 +1,32 @@
+{
+  "report_name_format": "Crisis Room Aggregate Report",
+  "subreport_name_format": "Findings Report for ${ooi}",
+  "input_recipe": {
+    "query": {
+      "ooi_types": [
+        "IPAddressV6",
+        "Hostname",
+        "IPAddressV4",
+        "URL"
+      ],
+      "scan_level": [
+        1,
+        2,
+        3,
+        4
+      ],
+      "scan_type": [
+        "declared"
+      ],
+      "search_string": "",
+      "order_by": "object_type",
+      "asc_desc": "desc"
+    }
+  },
+  "parent_report_type": "aggregate-organisation-report",
+  "report_types": [
+    "systems-report",
+    "findings-report"
+  ],
+  "cron_expression": "0 * * * *"
+}

rocky/crisis_room/migrations/0001_initial.py

@@ -0,0 +1,72 @@
+# Generated by Django 5.0.9 on 2024-12-18 11:29
+
+import django.core.validators
+import django.db.models.deletion
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+    initial = True
+
+    dependencies = [("tools", "0044_alter_organization_options")]
+
+    operations = [
+        migrations.CreateModel(
+            name="Dashboard",
+            fields=[
+                ("id", models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name="ID")),
+                ("name", models.CharField(max_length=126)),
+                (
+                    "organization",
+                    models.ForeignKey(null=True, on_delete=django.db.models.deletion.SET_NULL, to="tools.organization"),
+                ),
+            ],
+            options={"unique_together": {("name", "organization")}},
+        ),
+        migrations.CreateModel(
+            name="DashboardData",
+            fields=[
+                ("id", models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name="ID")),
+                ("recipe", models.CharField(max_length=126)),
+                ("template", models.CharField(blank=True, default="findings_report/report.html", max_length=126)),
+                (
+                    "position",
+                    models.IntegerField(
+                        blank=True,
+                        default=1,
+                        help_text="Where on the dashboard do you want to show the data? Position 1 is the most top level and the max position is 16.",
+                        max_length=126,
+                        validators=[
+                            django.core.validators.MinValueValidator(1),
+                            django.core.validators.MaxValueValidator(16),
+                        ],
+                    ),
+                ),
+                (
+                    "display_in_crisis_room",
+                    models.BooleanField(
+                        default=False, help_text="Will be displayed on the general crisis room, for all organizations."
+                    ),
+                ),
+                (
+                    "display_in_dashboard",
+                    models.BooleanField(
+                        default=False, help_text="Will be displayed on a single organization dashboard"
+                    ),
+                ),
+                (
+                    "findings_dashboard",
+                    models.BooleanField(
+                        default=False, help_text="Will be displayed on the findings dashboard for all organizations"
+                    ),
+                ),
+                (
+                    "dashboard",
+                    models.ForeignKey(
+                        null=True, on_delete=django.db.models.deletion.SET_NULL, to="crisis_room.dashboard"
+                    ),
+                ),
+            ],
+            options={"unique_together": {("dashboard", "findings_dashboard"), ("dashboard", "position")}},
+        ),
+    ]

rocky/crisis_room/models.py

@@ -0,0 +1,50 @@
+from django.core.validators import MaxValueValidator, MinValueValidator
+from django.db import models
+from django.utils.translation import gettext_lazy as _
+from tools.models import Organization
+
+
+class Dashboard(models.Model):
+    name = models.CharField(blank=False, max_length=126)
+    organization = models.ForeignKey(Organization, on_delete=models.SET_NULL, null=True)
+
+    class Meta:
+        unique_together = ["name", "organization"]
+
+    def __str__(self) -> str:
+        if self.name:
+            return f"{self.name} for organization {self.organization}"
+        return super().__str__()
+
+
+class DashboardData(models.Model):
+    dashboard = models.ForeignKey(Dashboard, on_delete=models.SET_NULL, null=True)
+    recipe = models.CharField(blank=False, max_length=126)
+    template = models.CharField(blank=True, max_length=126, default="findings_report/report.html")
+    position = models.IntegerField(
+        blank=True,
+        max_length=126,
+        default=1,
+        validators=[MinValueValidator(1), MaxValueValidator(16)],
+        help_text=_(
+            "Where on the dashboard do you want to show the data? "
+            "Position 1 is the most top level and the max position is 16."
+        ),
+    )
+    display_in_crisis_room = models.BooleanField(
+        default=False, help_text=_("Will be displayed on the general crisis room, for all organizations.")
+    )
+    display_in_dashboard = models.BooleanField(
+        default=False, help_text=_("Will be displayed on a single organization dashboard")
+    )
+    findings_dashboard = models.BooleanField(
+        default=False, help_text=_("Will be displayed on the findings dashboard for all organizations")
+    )
+
+    class Meta:
+        unique_together = [["dashboard", "position"], ["dashboard", "findings_dashboard"]]
+
+    def __str__(self) -> str:
+        if self.dashboard:
+            return f"{self.dashboard.name} for organization {self.dashboard.organization}"
+        return super().__str__()

rocky/crisis_room/templates/crisis_room.html

@@ -0,0 +1,19 @@
+{% extends "layouts/base.html" %}
+
+{% load i18n %}
+{% load static %}
+
+{% block content %}
+    {% include "header.html" %}
+
+    <main id="main-content" tabindex="-1" class="crisisroom">
+        <section>
+            <div>
+                <h1>{% translate "Crisis Room" %}</h1>
+                <p class="emphasized">{% translate "Crisis Room overview for all organizations" %}</p>
+            </div>
+            {% include "crisis_room_findings.html" %}
+
+        </section>
+    </main>
+{% endblock content %}

rocky/crisis_room/templates/crisis_room_dashboards.html

@@ -0,0 +1,46 @@
+{% extends "layouts/base.html" %}
+
+{% load i18n %}
+{% load static %}
+
+{% block content %}
+    {% include "header.html" %}
+
+    <main id="main-content" tabindex="-1" class="crisisroom">
+        <section>
+            <div>
+                <h2>{% translate "Dashboards" %}</h2>
+                <p>
+                    {% blocktranslate %}
+                        On this page you can see an overview of the dashboards for all organizations.
+                        **More context can be written here**
+                    {% endblocktranslate %}
+                </p>
+            </div>
+            {% for organization, organization_dashboards in organizations_dashboards.items %}
+                <section>
+                    <div>
+                        <h3>{{ organization.name }} {% translate "dashboards" %}</h3>
+                        {% if organization_dashboards %}
+                            {% for dashboards in organization_dashboards %}
+                                {% for dashboard_data, report in dashboards.items %}
+                                    {% if report %}
+                                        <section>
+                                            <div>
+                                                <h4>{{ dashboard_data }}</h4>
+                                                {% include dashboard_data.template with data=report.1 is_dashboard="yes" %}
+
+                                            </div>
+                                        </section>
+                                    {% endif %}
+                                {% endfor %}
+                            {% endfor %}
+                        {% else %}
+                            <p>{% translate "There are no dashboards to display." %}</p>
+                        {% endif %}
+                    </div>
+                </section>
+            {% endfor %}
+        </section>
+    </main>
+{% endblock content %}