scenario_import.rb 9.0 KB

  1. require 'ostruct'
  2. # This is a helper class for managing Scenario imports, used by the ScenarioImportsController. This class behaves much
  3. # like a normal ActiveRecord object, with validations and callbacks. However, it is never persisted to the database.
  4. class ScenarioImport
  5. include ActiveModel::Model
  6. include ActiveModel::Callbacks
  7. include ActiveModel::Validations::Callbacks
  8. DANGEROUS_AGENT_TYPES = %w[Agents::ShellCommandAgent]
  9. URL_REGEX = /\Ahttps?:\/\//i
  10. attr_accessor :file, :url, :data, :do_import, :merges
  11. attr_reader :user
  12. before_validation :parse_file
  13. before_validation :fetch_url
  14. validate :validate_presence_of_file_url_or_data
  15. validates_format_of :url, :with => URL_REGEX, :allow_nil => true, :allow_blank => true, :message => "appears to be invalid"
  16. validate :validate_data
  17. validate :generate_diff
  18. def step_one?
  19. data.blank?
  20. end
  21. def step_two?
  22. data.present?
  23. end
  24. def set_user(user)
  25. @user = user
  26. end
  27. def existing_scenario
  28. @existing_scenario ||= user.scenarios.find_by(:guid => parsed_data["guid"])
  29. end
  30. def dangerous?
  31. (parsed_data['agents'] || []).any? { |agent| DANGEROUS_AGENT_TYPES.include?(agent['type']) }
  32. end
  33. def parsed_data
  34. @parsed_data ||= (data && JSON.parse(data) rescue {}) || {}
  35. end
  36. def agent_diffs
  37. @agent_diffs || generate_diff
  38. end
  39. def import_confirmed?
  40. do_import == "1"
  41. end
  42. def import(options = {})
  43. success = true
  44. guid = parsed_data['guid']
  45. description = parsed_data['description']
  46. name = parsed_data['name']
  47. links = parsed_data['links']
  48. control_links = parsed_data['control_links'] || []
  49. tag_fg_color = parsed_data['tag_fg_color']
  50. tag_bg_color = parsed_data['tag_bg_color']
  51. source_url = parsed_data['source_url'].presence || nil
  52. @scenario = user.scenarios.where(:guid => guid).first_or_initialize
  53. @scenario.update_attributes!(:name => name, :description => description,
  54. :source_url => source_url, :public => false,
  55. :tag_fg_color => tag_fg_color,
  56. :tag_bg_color => tag_bg_color)
  57. unless options[:skip_agents]
  58. created_agents = do |agent_diff|
  59. agent = agent_diff.agent || Agent.build_for_type("Agents::" + agent_diff.type.incoming, user)
  60. agent.guid = agent_diff.guid.incoming
  61. agent.attributes = { :name =>,
  62. :disabled => agent_diff.disabled.updated, # == "true"
  63. :options => agent_diff.options.updated,
  64. :scenario_ids => [] }
  65. agent.schedule = agent_diff.schedule.updated if agent_diff.schedule.present?
  66. agent.keep_events_for = agent_diff.keep_events_for.updated if agent_diff.keep_events_for.present?
  67. agent.propagate_immediately = agent_diff.propagate_immediately.updated if agent_diff.propagate_immediately.present? # == "true"
  68. agent.service_id = agent_diff.service_id.updated if agent_diff.service_id.present?
  69. unless
  70. success = false
  71. errors.add(:base, "Errors when saving '#{}': #{agent.errors.full_messages.to_sentence}")
  72. end
  73. agent
  74. end
  75. if success
  76. links.each do |link|
  77. receiver = created_agents[link['receiver']]
  78. source = created_agents[link['source']]
  79. receiver.sources << source unless receiver.sources.include?(source)
  80. end
  81. control_links.each do |control_link|
  82. controller = created_agents[control_link['controller']]
  83. control_target = created_agents[control_link['control_target']]
  84. controller.control_targets << control_target unless controller.control_targets.include?(control_target)
  85. end
  86. end
  87. end
  88. success
  89. end
  90. def scenario
  91. @scenario || @existing_scenario
  92. end
  93. protected
  94. def parse_file
  95. if data.blank? && file.present?
  96. =
  97. end
  98. end
  99. def fetch_url
  100. if data.blank? && url.present? && url =~ URL_REGEX
  101. = Faraday.get(url).body
  102. end
  103. end
  104. def validate_data
  105. if data.present?
  106. @parsed_data = JSON.parse(data) rescue {}
  107. if (%w[name guid agents] - @parsed_data.keys).length > 0
  108. errors.add(:base, "The provided data does not appear to be a valid Scenario.")
  109. = nil
  110. end
  111. else
  112. @parsed_data = nil
  113. end
  114. end
  115. def validate_presence_of_file_url_or_data
  116. unless file.present? || url.present? || data.present?
  117. errors.add(:base, "Please provide either a Scenario JSON File or a Public Scenario URL.")
  118. end
  119. end
  120. def generate_diff
  121. @agent_diffs = (parsed_data['agents'] || []).map.with_index do |agent_data, index|
  122. # AgentDiff is defined at the end of this file.
  123. agent_diff =, parsed_data['schema_version'])
  124. if existing_scenario
  125. # If this Agent exists already, update the AgentDiff with the local version's information.
  126. agent_diff.diff_with! existing_scenario.agents.find_by(:guid => agent_data['guid'])
  127. begin
  128. # Update the AgentDiff with any hand-merged changes coming from the UI. This only happens when this
  129. # Agent already exists locally and has conflicting changes.
  130. agent_diff.update_from! merges[index.to_s] if merges
  131. rescue JSON::ParserError
  132. errors.add(:base, "Your updated options for '#{agent_data['name']}' were unparsable.")
  133. end
  134. end
  135. if agent_diff.requires_service? && merges.present? && merges[index.to_s].present? && merges[index.to_s]['service_id'].present?
  136. agent_diff.service_id =[index.to_s]['service_id'].to_i)
  137. end
  138. agent_diff
  139. end
  140. end
  141. # AgentDiff is a helper object that encapsulates an incoming Agent. All fields will be returned as an array
  142. # of either one or two values. The first value is the incoming value, the second is the existing value, if
  143. # it differs from the incoming value.
  144. class AgentDiff < OpenStruct
  145. class FieldDiff
  146. attr_accessor :incoming, :current, :updated
  147. def initialize(incoming)
  148. @incoming = incoming
  149. @updated = incoming
  150. end
  151. def set_current(current)
  152. @current = current
  153. @requires_merge = (incoming != current)
  154. end
  155. def requires_merge?
  156. @requires_merge
  157. end
  158. end
  159. def initialize(agent_data, schema_version)
  160. super()
  161. @schema_version = schema_version
  162. @requires_merge = false
  163. self.agent = nil
  164. store! agent_data
  165. end
  166. BASE_FIELDS = %w[name schedule keep_events_for propagate_immediately disabled guid]
  167. FIELDS_REQUIRING_TRANSLATION = %w[keep_events_for]
  168. def agent_exists?
  169. !!agent
  170. end
  171. def requires_merge?
  172. @requires_merge
  173. end
  174. def requires_service?
  175. !!agent_instance.try(:oauthable?)
  176. end
  177. def store!(agent_data)
  178. self.type =["type"].split("::").pop)
  179. self.options =['options'] || {})
  180. BASE_FIELDS.each do |option|
  181. if agent_data.has_key?(option)
  182. value = agent_data[option]
  183. value = send(:"translate_#{option}", value) if
  184. self[option] =
  185. end
  186. end
  187. end
  188. def translate_keep_events_for(old_value)
  189. if schema_version < 1
  190. # Was stored in days, now is stored in seconds.
  191. old_value.to_i.days
  192. else
  193. old_value
  194. end
  195. end
  196. def schema_version
  197. (@schema_version || 0).to_i
  198. end
  199. def diff_with!(agent)
  200. return unless agent.present?
  201. self.agent = agent
  202. type.set_current(agent.short_type)
  203. options.set_current(agent.options || {})
  204. @requires_merge ||= type.requires_merge?
  205. @requires_merge ||= options.requires_merge?
  206. BASE_FIELDS.each do |field|
  207. next unless self[field].present?
  208. self[field].set_current(agent.send(field))
  209. @requires_merge ||= self[field].requires_merge?
  210. end
  211. end
  212. def update_from!(merges)
  213. each_field do |field, value, selection_options|
  214. value.updated = merges[field]
  215. end
  216. if options.requires_merge?
  217. options.updated = JSON.parse(merges['options'])
  218. end
  219. end
  220. def each_field
  221. boolean = [["True", "true"], ["False", "false"]]
  222. yield 'name', name if name.requires_merge?
  223. yield 'schedule', schedule, {|s| [s.humanize.titleize, s] } if self['schedule'].present? && schedule.requires_merge?
  224. yield 'keep_events_for', keep_events_for, Agent::EVENT_RETENTION_SCHEDULES if self['keep_events_for'].present? && keep_events_for.requires_merge?
  225. yield 'propagate_immediately', propagate_immediately, boolean if self['propagate_immediately'].present? && propagate_immediately.requires_merge?
  226. yield 'disabled', disabled, boolean if disabled.requires_merge?
  227. end
  228. def agent_instance
  229. "Agents::#{self.type.updated}"
  230. end
  231. end
  232. end