diff --git a/.gitignore b/.gitignore index 489748165..03f46ff5b 100644 --- a/.gitignore +++ b/.gitignore @@ -30,7 +30,6 @@ api/source/tls/mysql2/init-tls-user.sql api/source/tls/mysql2/tls.cnf clients/extjs/js/keycloak.json .gitignore -newman/ mochawesome-report/ /docs/_build/doctrees/ diff --git a/api/source/controllers/Operation.js b/api/source/controllers/Operation.js index 24401177d..fa60a7cc7 100644 --- a/api/source/controllers/Operation.js +++ b/api/source/controllers/Operation.js @@ -1,21 +1,14 @@ -const writer = require('../utils/writer.js') const config = require('../utils/config') const OperationService = require(`../service/OperationService`) -const Asset = require(`./Asset`) -const Collection = require(`./Collection`) -const User = require(`./User`) -const Review = require(`./Review`) -const JSZip = require("jszip"); +const escape = require('../utils/escape') const {JSONPath} = require('jsonpath-plus') const SmError = require('../utils/error.js') module.exports.getConfiguration = async function getConfiguration (req, res, next) { try { - let dbConfigs = await OperationService.getConfiguration() - let version = {version: config.version} - let commit = {commit: config.commit} - let response = { ...version, ...commit, ...dbConfigs } - res.json(response) + const dbConfigs = await OperationService.getConfiguration() + const {version, commit, lastMigration} = config + res.json({ version, commit, lastMigration, ...dbConfigs }) } catch(err) { next(err) @@ -33,49 +26,27 @@ module.exports.setConfigurationItem = async function setConfigurationItem (req, module.exports.getAppData = async function getAppData (req, res, next) { try { - if (!config.experimental.appData) { - throw new SmError.NotFoundError('endpoint disabled, to enable set STIGMAN_EXPERIMENTAL_APPDATA=true') - } - let elevate = req.query.elevate - if ( elevate ) { - let collections = await Collection.exportCollections( ['grants', 'labels', 'stigs'], elevate, req.userObject ) - for (const collection of collections) { - for (const grant of collection.grants) { - grant.userId = grant.user.userId - delete grant.user - } - } - let users = await User.exportUsers( ['statistics'], elevate, req.userObject) - let assets = await Asset.exportAssets( ['stigGrants'], elevate, req.userObject) - assets.forEach(asset => { - asset.collectionId = asset.collection.collectionId - delete asset.collection - asset.stigGrants = asset.stigGrants.map( s => ({ - benchmarkId: s.benchmarkId, - userIds: s.users.map( r => r.userId ) - })) - }) - let reviews = await Review.exportReviews(true) - let response = { - users: users, - collections: collections, - assets: assets, - reviews: reviews - } - let zip = new JSZip() - zip.file("stig-manager-appdata.json", JSON.stringify(response)) - let buffer = await zip.generateAsync({ - type: 'nodebuffer', - compression: "DEFLATE", - compressionOptions: { - level: 3 - } - }) - writer.writeInlineFile(res, buffer, 'stig-manager-appdata.json.zip', 'application/zip') - } - else { - throw new SmError.PrivilegeError() - } + if (!config.experimental.appData) throw new SmError.NotFoundError('endpoint disabled, to enable set STIGMAN_EXPERIMENTAL_APPDATA=true') + if (!req.query.elevate) throw new SmError.PrivilegeError() + const format = req.query.format || 'gzip' + res.attachment(`appdata-v${config.lastMigration}_${escape.filenameComponentFromDate()}.jsonl${format==='gzip'?'.gz':''}`) + if (format === 'jsonl') res.type('application/jsonl') + req.noCompression = true + + // the service method will stream the appdata file to the response object + OperationService.getAppData(res, format) + // the service ends the response by closing the gzip stream + } + catch (err) { + next(err) + } +} + +module.exports.getAppDataTables = async function (req, res, next) { + try { + if (!req.query.elevate) throw new SmError.PrivilegeError() + const response = await OperationService.getAppDataTables() + res.json(response) } catch (err) { next(err) @@ -83,37 +54,24 @@ module.exports.getAppData = async function getAppData (req, res, next) { } module.exports.replaceAppData = async function replaceAppData (req, res, next) { + // write JSONL to the response; called from the service method + function progressCb(json) { + res.write(JSON.stringify(json) + '\n') + } + try { - if (!config.experimental.appData) { - throw new SmError.NotFoundError('endpoint disabled, to enable set STIGMAN_EXPERIMENTAL_APPDATA=true') + if (!config.experimental.appData) throw new SmError.NotFoundError('endpoint disabled, to enable set STIGMAN_EXPERIMENTAL_APPDATA=true') + if (!req.query.elevate) throw new SmError.PrivilegeError() + let chunks = [] + for await (const chunk of req) { + chunks.push(chunk) } + const buffer = Buffer.concat(chunks) + res.setHeader('Content-Type', 'application/jsonl; charset=utf-8') + res.setHeader('Transfer-Encoding', 'chunked') req.noCompression = true - let elevate = req.query.elevate - let appdata - if ( elevate ) { - if (req.file && (req.file.mimetype === 'application/json' || req.file.mimetype === 'application/zip' || req.file.mimetype === 'application/x-zip-compressed') ) { - let data = req.file.buffer - if (req.file.mimetype === 'application/zip' || req.file.mimetype === 'application/x-zip-compressed') { - let zipIn = new JSZip() - let contents = await zipIn.loadAsync(data) - let fns = Object.keys(contents.files) - if (fns.length > 1) { - throw new SmError.UnprocessableError('ZIP archive has too many files.') - } - let fn = fns[0] - data = await contents.files[fn].async("nodebuffer") - } - appdata = JSON.parse(data) - } - else { - appdata = req.body - } - let options = [] - await OperationService.replaceAppData(options, appdata, req.userObject, res ) - } - else { - throw new SmError.PrivilegeError() - } + await OperationService.replaceAppData(buffer, req.headers['content-type'], progressCb ) + res.end() } catch (err) { next(err) diff --git a/api/source/service/OperationService.js b/api/source/service/OperationService.js index 6c9c7ee79..9abbff466 100644 --- a/api/source/service/OperationService.js +++ b/api/source/service/OperationService.js @@ -2,8 +2,14 @@ const dbUtils = require('./utils') const config = require('../utils/config') const logger = require('../utils/logger') +const BJSON = require('../utils/buffer-json') +const { Readable, Transform } = require("node:stream") +const { pipeline } = require("node:stream/promises") +const zlib = require("node:zlib") const klona = require('../utils/klona') const os = require('node:os') +const Umzug = require('umzug') +const path = require('path') /** * Return version information @@ -11,539 +17,451 @@ const os = require('node:os') * returns ApiVersion **/ exports.getConfiguration = async function() { - try { - let sql = `SELECT * from config` - let [rows] = await dbUtils.pool.query(sql) - let config = {} - for (const row of rows) { - config[row.key] = row.value - } - return (config) - } - catch(err) { - throw ( {status: 500, message: err.message, stack: err.stack} ) + const sql = `SELECT * from config` + const [rows] = await dbUtils.pool.query(sql) + const config = {} + for (const row of rows) { + config[row.key] = row.value } + return (config) } exports.setConfigurationItem = async function (key, value) { - try { - let sql = 'INSERT INTO config (`key`, `value`) VALUES (?, ?) ON DUPLICATE KEY UPDATE value = VALUES(value)' - await dbUtils.pool.query(sql, [key, value]) - return (true) + const sql = 'INSERT INTO config (`key`, `value`) VALUES (?, ?) ON DUPLICATE KEY UPDATE value = VALUES(value)' + await dbUtils.pool.query(sql, [key, value]) + return (true) +} + +/** + * getAppData - streams JSONL records to the response. The JSONL are either + * data records from a MySQL table (always an array) or metadata records (always an object). + * + * @param {import('express').Response} res express response + * @returns {undefined} + * @example Abbreviated example of JSONL which is streamed to the response: + * {"version":"1.4.13","commit":{"branch":"na","sha":"na","tag":"na","describe":"na"},"date":"2024-08-18T15:29:16.784Z","lastMigration":33}\n + {"tables":[{"table":"stig","rowCount":4}, ... ], "totalRows": 4}\n + {"table":"stig","columns":"`benchmarkId`, `title`","rowCount":4}\n + ["RHEL_7_STIG_TEST","Red Hat Enterprise Linux 7 Security Technical Implementation Guide"]\n + ["VPN_SRG_TEST","Virtual Private Network (VPN) Security Requirements Guide"]\n + ["VPN_SRG_Rule-fingerprint-match-test","Virtual Private Network (VPN) Security Requirements Guide - replaced"]\n + ["Windows_10_STIG_TEST","Windows 10 Security Technical Implementation Guide"]\n ... + */ +exports.getAppData = async function (res, format) { + /** @type {string[]} tables to exclude from the appdata file */ + const excludedTables = [ + '_migrations', + 'status', + 'result', + 'severity_cat_map', + 'cci', + 'cci_reference_map', + 'config' + ] + + let sink + if (format === 'gzip') { + /** @type {zlib.Gzip} transform stream to compress JSONL records and write to the response */ + sink = zlib.createGzip() + sink.pipe(res) + } + else { + /** @type {http.ServerResponse} */ + sink = res + } + sink.setMaxListeners(Infinity) + + + // Write metadata record {version, commit, date, lastMigration} + const {version, commit, lastMigration} = config + sink.write(JSON.stringify({version, commit, date: new Date(), lastMigration}) + '\n') + + // Execute SQL to retrieve a list of tables and their non-generated columns. The query binds + // to the schema name and the excluded tables. + /** @type {Array.} */ + const [tableRows] = await dbUtils.pool.query(`SELECT + TABLE_NAME as \`table\`, + json_arrayagg(CONCAT('\`',COLUMN_NAME,'\`')) as columns + FROM + INFORMATION_SCHEMA.COLUMNS + where + TABLE_SCHEMA=? + and TABLE_NAME IN (select TABLE_NAME FROM INFORMATION_SCHEMA.TABLES where TABLE_SCHEMA=? and TABLE_TYPE='BASE TABLE') + and TABLE_NAME not in (?) + and EXTRA NOT LIKE '% GENERATED' + group by + TABLE_NAME`, [config.database.schema, config.database.schema, excludedTables]) + + /** + * @type {Object.} object pivoted from tableRows[] + * @example + * '{ + "asset": { + "columns": "`assetId`,`name`,`fqdn`, ... " + }, + "check_content": { + "columns": "`ccId`,`content`" + }, + "collection": { + "columns": "`collectionId`,`name`,`description`, ... " + } + }' + */ + const tableMetadata = tableRows.reduce((acc, value) => { + acc[value.table] = {columns:value.columns.join(',')} + return acc + }, {}) + + + /** @type {string[]} */ + const tableNames = Object.keys(tableMetadata) + + /** @type {number} incremented by the row count of each table */ + let totalRows = 0 + + /** @type {{table:string, rowCount:number}[]} */ + let tables = [] + + // Select and handle the row count for each table. + for (const table of tableNames) { + const [row] = await dbUtils.pool.query(`select count(*) as cnt from ${table}`) + const rowCount = row[0].cnt + tableMetadata[table].rowCount = rowCount + tables.push({table, rowCount}) + totalRows += rowCount } - catch(err) { - throw ( {status: 500, message: err.message, stack: err.stack} ) + + // Write metadata record {tables, totalRows} + sink.write(JSON.stringify({tables, totalRows}) + '\n') + + for (const table of tableNames) { + // create readable stream using the non-promise interface of dbUtils.pool.pool + // select all rows for non-generated columns in table + // perform custom type casting of fields to JS + /** @type {Readable} */ + const queryStream = dbUtils.pool.pool.query({ + sql: `select ${tableMetadata[table].columns} from ${table}`, + rowsAsArray: true, + typeCast: function (field, next) { + // BIT fields returned as boolean + if ((field.type === "BIT") && (field.length === 1)) { + let bytes = field.buffer() || [0] + return (bytes[0] === 1) + } + // Designated fields returned as original MySQL strings + if (field.type === 'JSON' || field.type === 'DATETIME' || field.type === 'DATE') { + return (field.string("utf8")) + } + return next() + } + }).stream() + + // Write metadata record {table, columns, rowCount} + sink.write(JSON.stringify({table, ...tableMetadata[table]}) + '\n') + + /** @type {Transform} writes a JSONL data record for each tuple of row data*/ + const bjson = new Transform({ + objectMode: true, + transform: (data, encoding, cb) => { + // BSJON supports stringify() and parse() of Buffer values + cb(null, BJSON.stringify(data) + '\n') + } + }) + + // pipeline writes data records [field, field, ...] to sink, ends without closing sink + await pipeline(queryStream, bjson, sink, { end: false }) } + // ending sink will also end the response + sink.end() } -exports.replaceAppData = async function (importOpts, appData, userObject, res ) { - function queriesFromBenchmarkData(appdata) { - let {collections, assets, users, reviews} = appdata - - const tempFlag = true - const ddl = { - tempReview: { - drop: 'drop table if exists temp_review', - create: `CREATE${tempFlag ? ' TEMPORARY' : ''} TABLE temp_review ( - assetId INT, - ruleId VARCHAR(45), - resultId INT, - detail MEDIUMTEXT, - comment MEDIUMTEXT, - userId INT, - autoResult INT, - ts DATETIME, - statusId INT, - statusText VARCHAR(511), - statusUserId INT, - statusTs DATETIME, - metadata JSON, - resultEngine JSON - )` +exports.getAppDataTables = async function () { + const sql = `SELECT + TABLE_NAME as name, + TABLE_ROWS as \`rows\`, + DATA_LENGTH as dataLength + FROM + information_schema.TABLES + WHERE + TABLE_SCHEMA=? and TABLE_TYPE='BASE TABLE' + ORDER BY + TABLE_NAME` + const [rows] = await dbUtils.pool.query(sql, [config.database.schema]) + return (rows) +} + +/** + * replaceAppData - process a file created by getAppData() and execute SQL queries with progress messages + * + * @param {Buffer} buffer - buffer with file content + * @param {function(Object)} progressCb - optional, argument is an object with progress status + * @returns {Promise} promise + */ +exports.replaceAppData = async function (buffer, contentType, progressCb = () => {}) { + /** + * ParseJSONLStream - Transform chunks of JSONL records into individual parsed AppData records (N:1). + * @extends Transform + */ + + /** @type {boolean} needsMigrations - indicates if migrations are required */ + let needsMigrations = false + class ParseJSONLStream extends Transform { + /** + * @param {Object} param + * @param {function(string):any} param.jsonParser - function for JSON parsing, default JSON.parse() + * @param {string} param.separator - character separating JSONL records, default '\n' + */ + constructor({jsonParser = JSON.parse, separator = '\n'} = {}) { + super({objectMode: true}) + Object.assign(this, {separator, jsonParser}) + + /** @type {RegExp} RegExp for .split() that includes any trailing separator */ + this.splitRegExp = new RegExp(`(?<=${separator})`) + + /** @type {string} holds incoming chunk prefaced by any partial record from previous transform */ + this.buffer = '' + } + + /** + * @param {Buffer} chunk - buffer from Gunzip that can span multiple JSONL records + * @param {string} encoding - usually 'utf8' + * @param {function()} cb - signals completion + */ + _transform(chunk, encoding, cb) { + this.buffer += chunk.toString(encoding) + + /** @type {string[]} list of JSONL, last item might be truncated or partial */ + const candidates = this.buffer.split(this.splitRegExp) + /** @type {number} index of last candidates[] item */ + const lastIndex = candidates.length - 1 + + // clear buffer for the next _transform() or _flush() + this.buffer = '' + + /** index @type {number} */ + /** candidate @type {string} */ + for (const [index, candidate] of candidates.entries()) { + if (index === lastIndex && !candidate.endsWith(this.separator)) { + // this is the last candidate and there's no trailing separator + // initialize buffer for next _transform() or _flush() + this.buffer = candidate + } + else { + try { + // if parsable, write parsed value + this.push(this.jsonParser(candidate)) + } + // swallow any parse error + catch {} + } } + cb() } - let dml = { - preload: [ - ], - postload: [ - ], - collection: { - sqlDelete: `DELETE FROM collection`, - sqlInsert: `INSERT INTO - collection ( - collectionId, - name, - settings, - metadata - ) VALUES ?`, - insertBinds: [] - }, - collectionLabel: { - sqlDelete: `DELETE FROM collection_label`, - sqlInsert: `INSERT INTO - collection_label ( - collectionId, - name, - description, - color, - uuid - ) VALUES ?`, - insertBinds: [] - }, - userData: { - sqlDelete: `DELETE FROM user_data`, - sqlInsert: `INSERT INTO - user_data ( - userId, - username, - lastAccess, - lastClaims - ) VALUES ?`, - insertBinds: [] - }, - collectionGrant: { - sqlDelete: `DELETE FROM collection_grant`, - sqlInsert: `INSERT INTO - collection_grant ( - collectionId, - userId, - accessLevel - ) VALUES ?`, - insertBinds: [] - }, - collectionPins: { - sqlDelete: `DELETE FROM collection_rev_map`, - sqlInsert: `INSERT INTO - collection_rev_map ( - collectionId, - benchmarkId, - revId - ) VALUES ?`, - insertBinds: [] - }, - asset: { - sqlDelete: `DELETE FROM asset`, - sqlInsert: `INSERT INTO asset ( - assetId, - collectionId, - name, - description, - ip, - noncomputing, - metadata - ) VALUES ?`, - insertBinds: [] - }, - assetLabel: { - sqlDelete: `DELETE FROM collection_label_asset_map`, - sqlInsert: `INSERT INTO collection_label_asset_map ( - assetId, - clId - ) - SELECT - jt.assetId, - cl.clId - FROM - JSON_TABLE( - ?, - '$[*]' COLUMNS( - assetId INT PATH '$.assetId', - collectionId INT PATH '$.collectionId', - NESTED PATH '$.labelIds[*]' COLUMNS ( labelId VARCHAR(36) PATH '$') - ) - ) as jt - INNER JOIN collection_label cl on cl.collectionId = jt.collectionId and cl.uuid = UUID_TO_BIN(jt.labelId,1)`, - insertBinds: [] - }, - stigAssetMap: { - sqlDelete: `DELETE FROM stig_asset_map`, - sqlInsert: `INSERT INTO stig_asset_map ( - assetId, - benchmarkId, - userIds - ) VALUES ?`, - insertBinds: [] - }, - userStigAssetMap: { - sqlDelete: `DELETE FROM user_stig_asset_map`, - sqlInsert: `INSERT INTO user_stig_asset_map - (saId, userId) - SELECT - sa.saId, - jt.userId - FROM - stig_asset_map sa, - JSON_TABLE( - sa.userIds, - "$[*]" - COLUMNS( - userId INT(11) PATH "$" - ) - ) AS jt`, - insertBinds: [null] // dummy value so length > 0 - }, - reviewHistory: { - sqlDelete: `DELETE FROM review_history`, - sqlInsert: `INSERT INTO review_history ( - reviewId, - ruleId, - resultId, - detail, - comment, - autoResult, - ts, - userId, - statusId, - statusText, - statusUserId, - statusTs, - touchTs - ) - SELECT - r.reviewId, - jt.ruleId, - jt.resultId, - jt.detail, - jt.comment, - jt.autoResult, - jt.ts, - jt.userId, - jt.statusId, - jt.statusText, - jt.statusUserId, - jt.statusTs, - jt.touchTs - FROM - JSON_TABLE( - ?, - "$[*]" - COLUMNS( - assetId INT PATH "$.assetId", - ruleId VARCHAR(45) PATH "$.ruleId", - resultId INT PATH "$.resultId", - detail MEDIUMTEXT PATH "$.detail", - comment MEDIUMTEXT PATH "$.comment", - autoResult INT PATH "$.autoResult", - ts DATETIME PATH "$.ts", - userId INT PATH "$.userId", - statusId INT PATH "$.statusId", - statusText VARCHAR(511) PATH "$.statusText", - statusUserId INT PATH "$.statusUserId", - statusTs DATETIME PATH "$.statusTs", - touchTs DATETIME PATH "$.touchTs", - resultEngine JSON PATH "$.resultEngine" - ) - ) as jt - LEFT JOIN rule_version_check_digest rvcd ON jt.ruleId = rvcd.ruleId - LEFT JOIN review r ON (jt.assetId = r.assetId and rvcd.version = r.version and rvcd.checkDigest = r.checkDigest)`, - insertBinds: [] - }, - tempReview: { - sqlInsert: `INSERT IGNORE INTO temp_review( - assetId, - ruleId, - resultId, - detail, - comment, - userId, - autoResult, - ts, - statusId, - statusText, - statusUserId, - statusTs, - metadata, - resultEngine - ) VALUES ?`, - insertBinds: [] - }, - review: { - sqlDelete: `TRUNCATE review`, - sqlInsert: `INSERT IGNORE INTO review ( - assetId, - ruleId, - \`version\`, - checkDigest, - resultId, - detail, - comment, - userId, - autoResult, - ts, - statusText, - statusUserId, - statusId, - statusTs, - metadata, - resultEngine - ) - SELECT - jt.assetId, - jt.ruleId, - rvcd.version, - rvcd.checkDigest, - jt.resultId, - jt.detail, - jt.comment, - jt.userId, - jt.autoResult, - jt.ts, - jt.statusText, - jt.statusUserId, - jt.statusId, - jt.statusTs, - jt.metadata, - jt.resultEngine - FROM - temp_review jt - LEFT JOIN rule_version_check_digest rvcd ON (jt.ruleId = rvcd.ruleId)`, - insertBinds: [null] // dummy value so length > 0 + /** @param {function()} cb signals completion */ + _flush(cb) { + try { + // if what's left in the buffer is parsable, write parsed value + if (this.buffer) this.push(this.jsonParser(this.buffer)) } + // swallow any parse error + catch {} + cb() } + } - // Process appdata object - - // Table: user_data - for (const u of users) { - dml.userData.insertBinds.push([ - parseInt(u.userId) || null, - u.username, - u.statistics.lastAccess, - JSON.stringify(u.statistics.lastClaims) - ]) + /** + * AppDataQueryStream - Transform AppData records into an SQL query object (N:1) + * @extends Transform + */ + class AppDataQueryStream extends Transform { + /** + * @param {Object} param + * @param {number} param.maxValues - maximum number of values for an insert query. + * @param {function(Object): any} param.onTablesFn - called when record {tables, ...} is read + * @param {function(Object): any} param.onMigrationFn - called when record {..., lastMigration} is read + */ + constructor({maxValues = 10000, onTablesFn = new Function(), onMigrationFn = async function () {}}) { + super({objectMode: true}) + Object.assign(this, { maxValues, onTablesFn, onMigrationFn }) + + /** @type {null|Object} the last metadata record encountered */ + this.currentMetadata = null + + /** @type {Array} values for an insert query */ + this.currentBinds = [] } - - // Tables: collection, collection_grant_map, collection_label - for (const c of collections) { - dml.collection.insertBinds.push([ - parseInt(c.collectionId) || null, - c.name, - JSON.stringify(c.settings), - JSON.stringify(c.metadata) - ]) - for (const grant of c.grants) { - dml.collectionGrant.insertBinds.push([ - parseInt(c.collectionId) || null, - parseInt(grant.userId) || null, - grant.accessLevel - ]) + + /** + * @param {Buffer} chunk a single AppData record + * @param {string} encoding usually 'utf8' + * @param {function()} cb signals completion + */ + async _transform(chunk, encoding, cb) { + if (Array.isArray(chunk)) { + this.currentBinds.push(chunk) + if (this.currentBinds.length === this.maxValues || this.currentBinds.length === 0) { + this.push(this.formatCurrentQuery()) + this.currentBinds = [] + } } - for (const label of c.labels) { - dml.collectionLabel.insertBinds.push([ - parseInt(c.collectionId), - label.name, - label.description, - label.color, - dbUtils.uuidToSqlString(label.labelId) - ]) + else if (chunk.lastMigration) { + try { + await this.onMigrationFn(chunk) + } + catch (e) { + cb(e) + return + } } - for (const pin of c.stigs ?? []) { - if (pin.revisionPinned){ - const {version, release} = dbUtils.parseRevisionStr(pin.revisionStr) - dml.collectionPins.insertBinds.push([ - parseInt(c.collectionId), - pin.benchmarkId, - pin.benchmarkId + "-" + version + "-" + release - ]) - } + else if (chunk.table){ + if (this.currentMetadata) { + this.push(this.formatCurrentQuery()) } - } - - // Tables: asset, collection_label_asset_maps, stig_asset_map, user_stig_asset_map - const assetLabels = [] - for (const asset of assets) { - let { stigGrants, labelIds, ...assetFields} = asset - dml.asset.insertBinds.push([ - parseInt(assetFields.assetId) || null, - parseInt(assetFields.collectionId) || null, - assetFields.name, - assetFields.description, - assetFields.ip, - assetFields.noncomputing ? 1: 0, - JSON.stringify(assetFields.metadata) - ]) - let assetId = assetFields.assetId - for (const sr of stigGrants) { - sr.userIds = sr.userIds.map( u => parseInt(u)) - dml.stigAssetMap.insertBinds.push([ - parseInt(assetId) || null, - sr.benchmarkId, - JSON.stringify(sr.userIds) - ]) + this.currentMetadata = chunk + this.currentBinds = [] + this.push(this.formatCurrentQuery()) } - if (labelIds?.length > 0) { - assetLabels.push({ - assetId: parseInt(assetFields.assetId), - collectionId: parseInt(assetFields.collectionId), - labelIds - }) + else if (chunk.tables) { + try { + this.onTablesFn(chunk) + } + catch (e) { + cb(e) + return + } } - } - dml.assetLabel.insertBinds.push(JSON.stringify(assetLabels)) - - // Tables: review, review_history - const historyRecords = [] - for (const review of reviews) { - for (const h of review.history) { - historyRecords.push({ - assetId: parseInt(review.assetId), - ruleId: review.ruleId, - resultId: dbUtils.REVIEW_RESULT_API[h.result], - detail: h.detail, - comment: h.comment, - autoResult: h.autoResult ? 1 : 0, - ts: new Date(h.ts), - userId: parseInt(h.userId), - statusId: dbUtils.REVIEW_STATUS_API[h.status.label], - statusText: h.statusText, - statusUserId: parseInt(h.status.userId ?? h.status.user?.userId), - statusTs: new Date(h.status.ts), - touchTs: new Date(h.touchTs), - resultEngine: JSON.stringify(h.resultEngine) - }) + else { + this.currentMetadata = null } - dml.tempReview.insertBinds.push([ - parseInt(review.assetId), - review.ruleId, - dbUtils.REVIEW_RESULT_API[review.result], - review.detail, - review.comment, - parseInt(review.userId), - review.autoResult ? 1 : 0, - new Date(review.ts), - dbUtils.REVIEW_STATUS_API[review.status?.label], - review.status?.text, - parseInt(review.status.userId ?? review.status.user?.userId), - new Date(review.status?.ts), - JSON.stringify(review.metadata || {}), - review.resultEngine ? JSON.stringify(review.resultEngine) : null - ]) + cb() + } + + /** @param {function()} cb signals completion */ + _flush(cb) { + this.push(this.formatCurrentQuery()) + cb() } - dml.reviewHistory.insertBinds = JSON.stringify(historyRecords) - return {ddl, dml} - } - - let connection - try { - res.setHeader('Content-Type', 'text/plain; charset=utf-8') - res.setHeader('Transfer-Encoding', 'chunked') - res.write('Starting import\n') - let result, hrstart, hrend, tableOrder, stats = {} - let totalstart = process.hrtime() - - hrstart = process.hrtime() - // dml = dmlObjectFromAppData(appData) - const {ddl, dml} = queriesFromBenchmarkData(appData) - hrend = process.hrtime(hrstart) - stats.dmlObject = `Built in ${hrend[0]}s ${hrend[1] / 1000000}ms` - res.write('Parsed appdata\n') - - // Connect to MySQL - connection = await dbUtils.pool.getConnection() - await connection.query('SET FOREIGN_KEY_CHECKS=0') - // create temporary tables - for (const tempTable of Object.keys(ddl)) { - await connection.query(ddl[tempTable].drop) - await connection.query(ddl[tempTable].create) + /** + * Creates an object with an SQL insert or truncate statement that operates + * on the current table and any current binds + * @returns {{table:string, sql:string, valueCount:number}} */ + formatCurrentQuery() { + const sqlInsert = this.currentBinds.length + ? `insert into ${this.currentMetadata.table}(${this.currentMetadata.columns}) values ?` + : `truncate ${this.currentMetadata.table}` + return { + table: this.currentMetadata.table, + sql: dbUtils.pool.format(sqlInsert, [this.currentBinds]), + valueCount: this.currentBinds.length + } } + } - // Deletes - tableOrder = [ - 'reviewHistory', - 'review', - 'userStigAssetMap', - 'stigAssetMap', - 'collectionGrant', - 'assetLabel', - 'collectionLabel', - 'collectionPins', - 'collection', - 'asset', - 'userData', - ] - for (const table of tableOrder) { - res.write(`Deleting: ${table}\n`) - hrstart = process.hrtime() - ;[result] = await connection.query(dml[table].sqlDelete) - hrend = process.hrtime(hrstart) - stats[table] = {} - stats[table].delete = `${result.affectedRows} in ${hrend[0]}s ${hrend[1] / 1000000}ms` + /** + * @param {any} record expected to be AppData metadata {..., lastMigration} + * @returns {undefined} + * @throws {Error} + */ + async function onMigrationFn(record) { + if (record.lastMigration === config.lastMigration) return + if (record.lastMigration > config.lastMigration) { + throw new Error(`API migration v${config.lastMigration} is less than the source migration v${record.lastMigration}`) } + needsMigrations = true + await resetDatabase() + await migrateTo(record.lastMigration) + } - // Inserts + async function migrateTo(migration = config.lastMigration) { + const endMigration = migration.toString().padStart(4, '0') + '.js' + const umzug = new Umzug({ + migrations: { + path: path.join(__dirname, './migrations'), + params: [dbUtils.pool] + }, + storage: path.join(__dirname, './migrations/lib/umzug-mysql-storage'), + storageOptions: { + pool: dbUtils.pool + } + }) + umzug.on('migrating', (name) => { + progressCb({migration: name, status: 'started'}) + }) + umzug.on('migrated', (name) => { + progressCb({migration: name, status: 'finished'}) + }) + await umzug.up({to: endMigration}) + } - - tableOrder = [ - 'userData', - 'collection', - 'collectionLabel', - 'collectionGrant', - 'asset', - 'assetLabel', - 'stigAssetMap', - 'userStigAssetMap', - 'tempReview', - 'review', - 'reviewHistory' - ] - - if (dml.collectionPins?.insertBinds?.length > 0) { - tableOrder.push('collectionPins') + async function resetDatabase() { + const connection = await dbUtils.pool.getConnection() + const sql = `SELECT + table_name, + table_type + FROM + information_schema.TABLES + WHERE + TABLE_SCHEMA=?` + const [tables] = await connection.query(sql,[config.database.schema]) + await connection.query('SET FOREIGN_KEY_CHECKS = 0') + for (const table of tables) { + const drop = `DROP ${table.TABLE_TYPE === 'BASE TABLE' ? 'TABLE' : 'VIEW'} ${table.TABLE_NAME}` + await connection.query(drop) + progressCb({sql: drop}) } + await connection.query('SET FOREIGN_KEY_CHECKS = 1') + await connection.release() + } - stats.tempReview = {} - await connection.query('SET FOREIGN_KEY_CHECKS=1') - for (const table of tableOrder) { - if (dml[table].insertBinds.length > 0) { - hrstart = process.hrtime() - if (typeof dml[table].insertBinds === 'string') { // reviewHistory - ;[result] = await connection.query(dml[table].sqlInsert, [dml[table].insertBinds]) - } + function createChunkedReadable(buffer, chunkSize = 64 * 1024) { + let offset = 0 + return new Readable({ + read() { + if (offset >= buffer.length) { + this.push(null) // No more data, signal end of stream + } else { - let i, j, bindchunk, chunk = 5000 - for (i=0,j=dml[table].insertBinds.length; i { + await migrationHandler.up(pool, __filename) + }, + down: async (pool) => { + await migrationHandler.down(pool, __filename) + } +} + diff --git a/api/source/service/utils.js b/api/source/service/utils.js index 17c5873e7..f656bc943 100644 --- a/api/source/service/utils.js +++ b/api/source/service/utils.js @@ -162,6 +162,8 @@ module.exports.initializeDatabase = async function (depStatus) { logger.writeInfo('mysql', 'migration', { message: `MySQL schema is up to date` }) } depStatus.db = 'up' + const migrated = await umzug.executed() + config.lastMigration = parseInt(migrated[migrated.length -1].file.substring(0,4)) } catch (error) { logger.writeError('mysql', 'initalization', { message: error.message }) diff --git a/api/source/specification/stig-manager.yaml b/api/source/specification/stig-manager.yaml index 54fa727f0..cb950951e 100644 --- a/api/source/specification/stig-manager.yaml +++ b/api/source/specification/stig-manager.yaml @@ -2967,7 +2967,6 @@ paths: security: - oauth: - 'stig-manager:collection:read' - /op/appdata: get: tags: @@ -2975,14 +2974,19 @@ paths: summary: Export application data operationId: getAppData parameters: + - $ref: '#/components/parameters/AppDataFormatQuery' - $ref: '#/components/parameters/ElevateQuery' responses: '200': description: Exported data content: - application/json: + application/jsonl: schema: - type: object + type: string + application/gzip: + schema: + type: string + format: binary default: description: unexpected error content: @@ -3002,26 +3006,25 @@ paths: requestBody: required: false content: - application/json: + application/gzip: schema: - type: object - properties: - collections: - type: string - multipart/form-data: + type: string + format: binary + application/x-gzip: schema: - type: object - properties: - importFile: - type: string - format: binary + type: string + format: binary + application/jsonl: + schema: + type: string + format: binary responses: '200': description: Import successful content: - application/json: + application/jsonl: schema: - type: object + type: string default: description: unexpected error content: @@ -3031,6 +3034,32 @@ paths: security: - oauth: - stig-manager:op + /op/appdata/tables: + get: + tags: + - Operation + summary: Get the name and data length of each table + operationId: getAppDataTables + parameters: + - $ref: '#/components/parameters/ElevateQuery' + responses: + '200': + description: An array of table names and lengths + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/AppDataTable' + default: + description: unexpected error + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + security: + - oauth: + - stig-manager:op:read /op/appinfo: get: tags: @@ -3833,6 +3862,8 @@ components: $ref: '#/components/schemas/ApiClassification' commit: $ref: '#/components/schemas/CommitObject' + lastMigration: + $ref: '#/components/schemas/LastMigration' version: $ref: '#/components/schemas/ApiVersion' ApiDefinition: @@ -3841,6 +3872,21 @@ components: - type: array ApiVersion: $ref: '#/components/schemas/Version' + AppDataFormat: + type: string + default: 'gzip' + enum: + - jsonl + - gzip + AppDataTable: + type: object + properties: + name: + $ref: '#/components/schemas/String255' + rows: + type: number + dataLength: + type: number AppInfo: type: object properties: @@ -5797,6 +5843,9 @@ components: $ref: '#/components/schemas/String255Nullable' name: $ref: '#/components/schemas/LabelName' + LastMigration: + type: integer + minimum: 0 LocationString: type: string MaxTs: @@ -7483,6 +7532,12 @@ components: VersionString: $ref: '#/components/schemas/String255' parameters: + AppDataFormatQuery: + name: format + in: query + description: The format of the appdata + schema: + $ref: '#/components/schemas/AppDataFormat' AssetIdArrayQuery: name: assetId in: query diff --git a/api/source/utils/buffer-json.js b/api/source/utils/buffer-json.js new file mode 100644 index 000000000..84a2b68c8 --- /dev/null +++ b/api/source/utils/buffer-json.js @@ -0,0 +1,60 @@ +function stringify (value, space) { + return JSON.stringify(value, replacer, space) + } + + function parse (text) { + return JSON.parse(text, reviver) + } + + function replacer (key, value) { + if (isBufferLike(value)) { + if (isArray(value.data)) { + if (value.data.length > 0) { + value.data = 'base64:' + Buffer.from(value.data).toString('base64') + } else { + value.data = '' + } + } + } + return value + } + + function reviver (key, value) { + if (isBufferLike(value)) { + if (isArray(value.data)) { + return Buffer.from(value.data) + } else if (isString(value.data)) { + if (value.data.startsWith('base64:')) { + return Buffer.from(value.data.slice('base64:'.length), 'base64') + } + // Assume that the string is UTF-8 encoded (or empty). + return Buffer.from(value.data) + } + } + return value + } + + function isBufferLike (x) { + return ( + isObject(x) && x.type === 'Buffer' && (isArray(x.data) || isString(x.data)) + ) + } + + function isArray (x) { + return Array.isArray(x) + } + + function isString (x) { + return typeof x === 'string' + } + + function isObject (x) { + return typeof x === 'object' && x !== null + } + + module.exports = { + stringify, + parse, + replacer, + reviver + } \ No newline at end of file diff --git a/client/src/js/SM/AppData.js b/client/src/js/SM/AppData.js index a261ffa71..472f09a47 100644 --- a/client/src/js/SM/AppData.js +++ b/client/src/js/SM/AppData.js @@ -1,5 +1,29 @@ Ext.ns('SM.AppData') +SM.AppData.FormatComboBox = Ext.extend(Ext.form.ComboBox, { + initComponent: function () { + const config = { + fieldLabel: 'Format', + displayField: 'display', + valueField: 'value', + triggerAction: 'all', + mode: 'local', + editable: false, + value: 'gzip' + } + this.store = new Ext.data.SimpleStore({ + fields: ['value', 'display'], + data: [ + ['gzip', 'GZip'], + ['jsonl', 'JSONL'] + ] + }) + + Ext.apply(this, Ext.apply(this.initialConfig, config)) + this.superclass().initComponent.call(this) + } +}) + SM.AppData.DownloadButton = Ext.extend(Ext.Button, { initComponent: function () { const config = { @@ -13,7 +37,7 @@ SM.AppData.DownloadButton = Ext.extend(Ext.Button, { }, _handler: async function () { try { - await SM.AppData.doDownload() + await SM.AppData.doDownload(this.formatCombo.value) } catch (e) { SM.Error.handleError(e) @@ -50,8 +74,12 @@ SM.AppData.ReplaceButton = Ext.extend(Ext.Button, { SM.AppData.ManagePanel = Ext.extend(Ext.Panel, { initComponent: function () { + this.formatCombo = new SM.AppData.FormatComboBox({ + width: 120 + }) this.downloadBtn = new SM.AppData.DownloadButton({ - padding: 10 + style: 'padding-top: 5px', + formatCombo: this.formatCombo }) this.replaceBtn = new SM.AppData.ReplaceButton({ padding: 10 @@ -60,9 +88,13 @@ SM.AppData.ManagePanel = Ext.extend(Ext.Panel, { items: [ { xtype: 'fieldset', + labelWidth: 50, width: 200, title: 'Export', - items: [this.downloadBtn] + items: [ + this.formatCombo, + this.downloadBtn + ] }, { xtype: 'fieldset', @@ -81,7 +113,7 @@ SM.AppData.ReplacePanel = Ext.extend(Ext.Panel, { initComponent: function () { this.selectFileBtn = new Ext.ux.form.FileUploadField({ buttonOnly: true, - accept: '.json,.zip', + accept: '.gz, .jsonl', webkitdirectory: false, multiple: false, style: 'width: 95px;', @@ -99,6 +131,15 @@ SM.AppData.ReplacePanel = Ext.extend(Ext.Panel, { border: false, readOnly: true }) + this.progress = new Ext.ProgressBar({ + width: 300 + }) + + this.actionButton = new Ext.Button({ + text: 'Replace Application Data', + disabled: true, + handler: this.btnHandler + }) const config = { layout: 'anchor', @@ -106,11 +147,25 @@ SM.AppData.ReplacePanel = Ext.extend(Ext.Panel, { items: [this.textarea], tbar: [ this.selectFileBtn, - ] + '->', + this.progress + ], + buttons: [this.actionButton] } Ext.apply(this, Ext.apply(this.initialConfig, config)) this.superclass().initComponent.call(this) }, + updateProgress: function (value, text) { + this.progress.updateProgress(value, SM.he(text)) + }, + setProgressErrorState: function (isError) { + if (isError) { + this.progress.addClass('sm-pb-error') + } + else { + this.progress.removeClass('sm-pb-error') + } + }, updateStatusText: function (text, noNL = false, replace = false) { const ta = this.textarea if (replace) ta.buffer = '' @@ -124,11 +179,11 @@ SM.AppData.ReplacePanel = Ext.extend(Ext.Panel, { } }) -SM.AppData.doDownload = async function () { +SM.AppData.doDownload = async function (format = 'gzip') { try { await window.oidcProvider.updateToken(10) const fetchInit = { - url: `${STIGMAN.Env.apiBase}/op/appdata?elevate=true`, + url: `${STIGMAN.Env.apiBase}/op/appdata?format=${format}&elevate=true`, method: 'GET', headers: { 'Authorization': `Bearer ${window.oidcProvider.token}` @@ -145,6 +200,81 @@ SM.AppData.doDownload = async function () { } } +{ + class JSONLObjectStream extends TransformStream { + constructor (separator = '\n') { + /** + * buffer - stores string from incoming chunk + * @type {string} + */ + let buffer = '' + /** + * splitRegExp - RegExp to split including any trailing separator + */ + const splitRegExp = new RegExp(`(?<=${separator})`) + + super({ + transform (chunk, controller) { + buffer += chunk + + /** @type {string[]} */ + const candidates = buffer.split(splitRegExp) + + /** @type {number} */ + const lastIndex = candidates.length - 1 + + buffer = '' + + /** index @type {number} */ + /** candidate @type {string} */ + for (const [index, candidate] of candidates.entries()) { + if (index === lastIndex && !candidate.endsWith(separator)) { + // this is the last candidate and there's no trailing separator + // initialize buffer for next _transform() or _flush() + buffer = candidate + } + else if (candidate.startsWith('{')) { + const record = SM.safeJSONParse(candidate) + if (record) { + // write any parsed Object + controller.enqueue(record) + } + } + } + }, + flush (controller) { + // if what's left in the buffer is a parsable Object, write it + if (buffer.startsWith('{')) { + const record = SM.safeJSONParse(buffer) + if (record) { + // write any parsed Object + controller.enqueue(record) + } + } + } + }) + } +} +SM.AppData.JSONLObjectStream = JSONLObjectStream +} + +{ + class FileReaderProgressStream extends TransformStream { + constructor (fileSize, progressFn) { + let readSize = 0 + super({ + async transform(chunk, controller) { + readSize += chunk.length + progressFn(readSize/fileSize, 'Analyzing') + await new Promise(resolve => setTimeout(resolve, 0)) // let DOM update + controller.enqueue(chunk) + } + }) + } + } + SM.AppData.FileReaderProgressStream = FileReaderProgressStream +} + SM.AppData.doReplace = function () { const rp = new SM.AppData.ReplacePanel({ onFileSelected, @@ -164,19 +294,89 @@ SM.AppData.doReplace = function () { items: rp, onEsc: Ext.emptyFn }).show(document.body) - rp.updateStatusText('IMPORTANT: Content from the imported file will replace ALL existing application data!', true, true) + rp.updateStatusText('No file has been selected', true, true) function btnHandler (btn) { if (btn.fileObj) upload(btn.fileObj) } + async function analyze (fileObj) { + try { + rp.actionButton.disable() + rp.setProgressErrorState(false) + rp.updateProgress(0, 'Analyzing') + rp.updateStatusText('', true, true) + + let objectStream + if (fileObj.type === 'application/gzip' || fileObj.type === 'application/x-gzip') { + objectStream = fileObj.stream() + .pipeThrough(new SM.AppData.FileReaderProgressStream(fileObj.size, rp.updateProgress.bind(rp))) + .pipeThrough(new DecompressionStream("gzip")) + .pipeThrough(new TextDecoderStream()) + .pipeThrough(new SM.AppData.JSONLObjectStream()) + } + else { + objectStream = fileObj.stream() + .pipeThrough(new SM.AppData.FileReaderProgressStream(fileObj.size, rp.updateProgress.bind(rp))) + .pipeThrough(new TextDecoderStream()) + .pipeThrough(new SM.AppData.JSONLObjectStream()) + } + + const fileData = { + version: false, + tableData: null + } + for await (const object of objectStream) { + if (object.version) { + fileData.version = object.version + rp.updateStatusText(`File is from STIG Manager version ${object.version}`) + if (object.date) { + rp.updateStatusText(`File is dated ${object.date}`) + } + if (object.lastMigration) { + fileData.lastMigration = object.lastMigration + rp.updateStatusText(`File is from migration ${object.lastMigration}. Current API migration is ${STIGMAN.apiConfig.lastMigration}.`) + if (fileData.lastMigration > STIGMAN.apiConfig.lastMigration) { + rp.updateStatusText(`Cannot import to lower API migration.`) + break + } + } + } + if (object.tables) fileData.tableData = object + if (object.table) rp.updateStatusText(`Found data for table: ${object.table}, rowCount: ${object.rowCount}`) + await new Promise(resolve => setTimeout(resolve, 10)) + } + if (fileData.lastMigration <= STIGMAN.apiConfig.lastMigration && fileData.tableData) { + rp.updateProgress(1, 'Valid') + rp.updateStatusText(`\n**** VALID source file, click "Replace Application Data" to upload to API`) + rp.actionButton.fileObj = fileObj + rp.actionButton.enable() + } + else { + rp.updateStatusText(`\n**** INVALID source file ****`) + rp.updateProgress(1, `Invalid`) + rp.setProgressErrorState(true) + rp.actionButton.disable() + } + return + } + catch (e) { + rp.updateStatusText(e.message) + rp.updateProgress(1, `Error: ${e.message}`) + rp.setProgressErrorState(true) + rp.actionButton.disable() + } + } + async function upload (fileObj) { try { + if (fileObj.name.endsWith('.jsonl') ) { + fileObj = new File([fileObj], fileObj.name, {type: 'application/jsonl'}) + } + rp.actionButton.disable() rp.ownerCt.getTool('close')?.hide() - rp.updateStatusText('Awaiting API response...', false, true) - let formData = new FormData() - formData.append('importFile', fileObj); + rp.updateStatusText('Sending file. Awaiting API response...', false, true) await window.oidcProvider.updateToken(10) const response = await fetch(`${STIGMAN.Env.apiBase}/op/appdata?elevate=true`, { @@ -184,17 +384,29 @@ SM.AppData.doReplace = function () { headers: new Headers({ 'Authorization': `Bearer ${window.oidcProvider.token}` }), - body: formData + body: fileObj }) - const responseStream = response.body + const objectStream = response.body .pipeThrough(new TextDecoderStream()) + .pipeThrough(new SM.AppData.JSONLObjectStream()) - for await (const line of responseStream) { - rp.updateStatusText(line) + let totalRows = 0 + let insertedRows = 0 + let currentTable = '' + + for await (const object of objectStream) { + if (object.totalRows) totalRows = object.totalRows + if (object.valueCount) { + currentTable = object.table + insertedRows += object.valueCount + } + rp.updateStatusText(JSON.stringify(object)) + rp.updateProgress(insertedRows/totalRows, `Importing ${currentTable}`) await new Promise(resolve => setTimeout(resolve, 10)) } rp.updateStatusText('\n**** REFRESH the web app to use the new data ****') + rp.updateProgress(1, 'Done') } catch (e) { SM.Error.handleError(e) @@ -206,7 +418,8 @@ SM.AppData.doReplace = function () { try { let input = uploadField.fileInput.dom const files = [...input.files] - await upload(files[0]) + analyze(files[0]) + uploadField.reset() } catch (e) { uploadField.reset() @@ -225,6 +438,7 @@ SM.AppData.showAppDataTab = function (params) { const appDataPanel = new SM.AppData.ManagePanel({ border: false, + // title: 'Application Data experimental', margins: { top: SM.Margin.adjacent, right: SM.Margin.edge, bottom: SM.Margin.bottom, left: SM.Margin.edge }, cls: 'sm-round-panel', height: 200, diff --git a/client/src/js/SM/NavTree.js b/client/src/js/SM/NavTree.js index f39e089be..a7a8af855 100644 --- a/client/src/js/SM/NavTree.js +++ b/client/src/js/SM/NavTree.js @@ -380,10 +380,7 @@ SM.NavTree.TreePanel = Ext.extend(Ext.tree.TreePanel, { SM.Error.handleError(e) } }, - treeClick: function (n, e) { - let idAppend; - let tab; - + treeClick: function (n, e) { if (!n.leaf) { return } diff --git a/data/appdata/README.md b/data/appdata/README.md index 153381357..9a653d0b9 100644 --- a/data/appdata/README.md +++ b/data/appdata/README.md @@ -1,43 +1,13 @@ ## Demonstration Application Data -Sample data that demonstrates the capabilities of STIG Manager is provided in the `data/appdata` directory of the project repo. This data is intended to be loaded into a fresh STIG Manager installation, as loading it will wipe out all existing data in the system except for the imported reference STIGs. The sample data was automatically generated and does not represent an actual system. +Sample data that demonstrates the features of STIG Manager is provided in the `data/appdata` directory of the project repo. This data is intended to be loaded into a fresh STIG Manager installation, as loading it will wipe out all existing data in the system. The sample data was automatically generated and does not represent an actual system. -Before loading the demonstration data, the Reference STIGs must be made available to STIG Manager. From the web client: +The sample data can be loaded from the web client: -- `Application Management -> STIG Benchmarks -> Import STIGs` -- Import the `data/appdata/stigs-for-sample-data.zip` file from the repo. This file contains all STIGs required for the sample data. - -After the STIGs are imported, the sample data can be loaded from the web client: - -- `Application Management -> Application Info -> Replace Application Data...` -- Select the `data/appdata/appdata-small.zip` file from the repo. The data may take a few 10s of seconds to load. +- `Application Management -> Export/Import Data -> Replace Application Data...` +- Select the `data/appdata/demo-appdata.jsonl.gz` file from the repo. The data may take a few 10s of seconds to load. Refresh the browser to see the new data. -If you are not running with our demonstration Keycloak Container, you may need to grant yourself access to the Collections included in the sample data using the `Application Management -> Collections` interface. - - -### Sample STIGs - -The STIGs included are also available from DISA's [STIG Library Compilation:](https://public.cyber.mil/stigs/compilations/) -- Application_Security_Development_STIG -- CAN_Ubuntu_18-04_STIG -- Google_Chrome_Current_Windows -- IIS_10-0_Server_STIG -- IIS_10-0_Site_STIG -- Microsoft_Access_2016 -- Microsoft_Excel_2016 -- Microsoft_Office_System_2016 -- Microsoft_Outlook_2016 -- Microsoft_Project_2016 -- Microsoft_Word_2016 -- Mozilla_Firefox_STIG -- MS_Dot_Net_Framework -- MS_SQL_Server_2016_Database_STIG -- MS_SQL_Server_2016_Instance_STIG -- Oracle_Database_12c_STIG -- PostgreSQL_9-x_STIG -- RHEL_7_STIG -- Windows_10_STIG -- Windows_Server_2016_STIG \ No newline at end of file +If you are not running with our demonstration Keycloak container, you may need to grant yourself access to the Collections included in the sample data using the `Application Management -> Collections` interface. diff --git a/data/appdata/appdata-small.zip b/data/appdata/appdata-small.zip deleted file mode 100644 index 76e9e4b74..000000000 Binary files a/data/appdata/appdata-small.zip and /dev/null differ diff --git a/data/appdata/demo-appdata.jsonl.gz b/data/appdata/demo-appdata.jsonl.gz new file mode 100644 index 000000000..4ccccf82e Binary files /dev/null and b/data/appdata/demo-appdata.jsonl.gz differ diff --git a/data/appdata/stigs-for-sample-data.zip b/data/appdata/stigs-for-sample-data.zip deleted file mode 100644 index abb22f056..000000000 Binary files a/data/appdata/stigs-for-sample-data.zip and /dev/null differ diff --git a/docs/admin-guide/admin-guide.rst b/docs/admin-guide/admin-guide.rst index 46c18a4d5..9c085711b 100644 --- a/docs/admin-guide/admin-guide.rst +++ b/docs/admin-guide/admin-guide.rst @@ -138,12 +138,14 @@ The report displays the data source, date, and STIG Manager version at the top. Export/Import Data Panel ------------------------------------ -This panel allows App Managers to download a representation of most of the data STIGMan manages, minus the actual DISA Reference STIGs themselves. This same data can also be imported, but be aware that ALL existing data in that STIGMan instance will be lost. If this data is imported into a different STIGMan instance, the destination instance must have all STIGs that were assigned to any Assets from the originating instance. +This panel allows App Managers to stream JSONL records from the STIG Manager backend database to a file, with an option to GZip compress the stream. The final size of the file is unknown when the operation starts, so no progress indication can be provided. Transfer rates will be higher if the server does not compress the stream, but the final file may be up to 10x larger. + +The downloaded file can be imported into the same or a different STIG Manager instance. All existing data will be overwritten. Importing a Gzip compressed file will reduce upload time and memory usage on the API service. This feature must be enabled for the deployment by setting the ``STIGMAN_EXPERIMENTAL_APPDATA`` environment variable to ``true``. .. warning:: - This feature is considered Experimental! Use at your own risk, and rely on daily database backups to maintain your data! ALL data in the destination instance will be replaced! + This feature is Experimental and continues to be developed, breaking changes may happen. Use at your own risk and rely on daily database backups to maintain your data. ALL data in the destination instance will be replaced. .. thumbnail:: /assets/images/admin-app-data.png :width: 50% diff --git a/docs/the-project/examples.rst b/docs/the-project/examples.rst index 959cd2114..f35e0dc79 100644 --- a/docs/the-project/examples.rst +++ b/docs/the-project/examples.rst @@ -16,8 +16,6 @@ Sample Data Load this data with the feature described here :ref:`app-data` -This data set will not load unless the `STIG Library Compilation `_ has been imported. - Containers diff --git a/test/api/form-data-files/appdata-meta-metrics-with-pin.json b/test/api/form-data-files/appdata-meta-metrics-with-pin.json deleted file mode 100644 index 6a53003c8..000000000 --- a/test/api/form-data-files/appdata-meta-metrics-with-pin.json +++ /dev/null @@ -1 +0,0 @@ -{"users":[{"userId":"87","username":"admin","email":null,"displayName":"Admin Burke","statistics":{"created":"2024-01-18T02:49:09Z","lastAccess":1705861395,"lastClaims":{"aud":["realm-management","account"],"azp":"stig-manager","exp":1705861695,"iat":1705861395,"iss":"http://localhost:8080/realms/stigman","jti":"070a420c-e50f-45ab-9b45-17898db947f7","sid":"631198c7-5cbe-48a3-a0dd-873c2081b0f6","sub":"bf87a16f-39e6-46d9-8971-f0ef51dd3f85","typ":"Bearer","name":"Admin Burke","nonce":"78e156cf-b67b-4f13-a0af-fe3d9f281469","scope":"stig-manager:collection stig-manager:stig:read stig-manager:user:read stig-manager:op stig-manager:user stig-manager:stig","auth_time":1705858315,"client_id":"admin","given_name":"Admin","family_name":"Burke","realm_access":{"roles":["create_collection","default-roles-stigman","admin","user"]},"session_state":"631198c7-5cbe-48a3-a0dd-873c2081b0f6","resource_access":{"account":{"roles":["manage-account","manage-account-links","view-profile"]},"realm-management":{"roles":["view-users","query-groups","query-users"]}},"preferred_username":"admin"},"collectionGrantCount":2}},{"userId":"86","username":"bizarroLvl1","email":null,"displayName":"bizarroLvl1","statistics":{"created":"2024-01-18T02:49:09Z","lastAccess":null,"lastClaims":{},"collectionGrantCount":1}},{"userId":"82","username":"collectioncreator","email":null,"displayName":"collection creator","statistics":{"created":"2024-01-18T02:49:09Z","lastAccess":1705546498,"lastClaims":{"acr":"0","aud":["realm-management","account"],"azp":"stig-manager","exp":1864709200,"iat":1670568400,"iss":"http://localhost:8080/auth/realms/stigman","jti":"da751cd7-b1bd-481d-9e81-57a47a6f4eb8","sid":"b6dcf279-8fb4-444b-8506-2f48d2a763bd","sub":"dd48f19e-81f0-44cf-a418-c4de98b6b783","typ":"Bearer","name":"collection creator","nonce":"227ee242-1bbb-4b56-86fa-67ef646edc93","scope":"openid stig-manager:collection stig-manager:stig:read stig-manager:user:read stig-manager:collection:read","auth_time":1670568400,"given_name":"collection","family_name":"creator","realm_access":{"roles":["create_collection","default-roles-stigman"]},"session_state":"b6dcf279-8fb4-444b-8506-2f48d2a763bd","resource_access":{"account":{"roles":["manage-account","manage-account-links","view-profile"]},"realm-management":{"roles":["view-users","query-groups","query-users"]}},"preferred_username":"collectioncreator"},"collectionGrantCount":0}},{"userId":"85","username":"lvl1","email":null,"displayName":"restricted","statistics":{"created":"2024-01-18T02:49:09Z","lastAccess":1705546498,"lastClaims":{"acr":"1","aud":["realm-management","account"],"azp":"stig-manager","exp":1864708984,"iat":1670568184,"iss":"http://localhost:8080/auth/realms/stigman","jti":"108f0760-0bf9-4df1-b143-96836bfbc363","sid":"b4a3acf1-9dc7-45e1-98f8-d35362aec4c7","sub":"e3ae27b8-da20-4c42-9df8-6089f70f763b","typ":"Bearer","name":"restricted","nonce":"14fa9d7d-0fe0-4426-8fd9-69d74a6f3464","scope":"openid stig-manager:collection stig-manager:stig:read stig-manager:user:read stig-manager:collection:read","auth_time":1670568184,"given_name":"restricted","realm_access":{"roles":["default-roles-stigman"]},"session_state":"b4a3acf1-9dc7-45e1-98f8-d35362aec4c7","resource_access":{"account":{"roles":["manage-account","manage-account-links","view-profile"]},"realm-management":{"roles":["view-users","query-groups","query-users"]}},"preferred_username":"lvl1"},"collectionGrantCount":1}},{"userId":"21","username":"lvl2","email":null,"displayName":"lvl2","statistics":{"created":"2024-01-18T02:49:09Z","lastAccess":1705546498,"lastClaims":{"acr":"0","aud":["realm-management","account"],"azp":"stig-manager","exp":1864709074,"iat":1670568275,"iss":"http://localhost:8080/auth/realms/stigman","jti":"03f49efc-cc71-4712-9ac7-14f9c6b475da","sid":"c6e2e826-1333-4f07-9788-79410c9f2d06","sub":"c137d637-f056-4c72-9bef-ec2af7c1abc7","typ":"Bearer","name":"lvl2","nonce":"49369e7f-a2df-491a-8b44-a042caf238ec","scope":"openid stig-manager:collection stig-manager:stig:read stig-manager:user:read stig-manager:collection:read","auth_time":1670568274,"given_name":"lvl2","realm_access":{"roles":["default-roles-stigman"]},"session_state":"c6e2e826-1333-4f07-9788-79410c9f2d06","resource_access":{"account":{"roles":["manage-account","manage-account-links","view-profile"]},"realm-management":{"roles":["view-users","query-groups","query-users"]}},"preferred_username":"lvl2"},"collectionGrantCount":1}},{"userId":"44","username":"lvl3","email":null,"displayName":"lvl3","statistics":{"created":"2024-01-18T02:49:09Z","lastAccess":1705546498,"lastClaims":{"acr":"0","aud":["realm-management","account"],"azp":"stig-manager","exp":1864709125,"iat":1670568325,"iss":"http://localhost:8080/auth/realms/stigman","jti":"852926ff-1c38-4006-960b-d9a4bca271f9","sid":"318d8cff-0ce5-4739-812c-b5b467e1d6c1","sub":"35fabc06-076e-4ff4-8bde-f325ea7dd4fb","typ":"Bearer","nonce":"416c0bbd-2f69-4fd0-82a5-7cd0f6de7535","scope":"openid stig-manager:collection stig-manager:stig:read stig-manager:user:read stig-manager:collection:read","auth_time":1670568325,"realm_access":{"roles":["default-roles-stigman"]},"session_state":"318d8cff-0ce5-4739-812c-b5b467e1d6c1","resource_access":{"account":{"roles":["manage-account","manage-account-links","view-profile"]},"realm-management":{"roles":["view-users","query-groups","query-users"]}},"preferred_username":"lvl3"},"collectionGrantCount":1}},{"userId":"45","username":"lvl4","email":null,"displayName":"lvl4","statistics":{"created":"2024-01-18T02:49:09Z","lastAccess":1705546498,"lastClaims":{"acr":"0","aud":["realm-management","account"],"azp":"stig-manager","exp":1864709163,"iat":1670568364,"iss":"http://localhost:8080/auth/realms/stigman","jti":"7180f59c-d4d3-442f-b5e5-76f120a947aa","sid":"bf4ccf4c-7e40-47b6-b02b-cfd09d71989f","sub":"902cfa46-61b3-49a7-8e8a-6f70a93c2a97","typ":"Bearer","name":"lvl4","nonce":"1eaa8441-dafb-4a93-87ff-1d73437e0eca","scope":"openid stig-manager:collection stig-manager:stig:read stig-manager:user:read stig-manager:collection:read","auth_time":1670568363,"given_name":"lvl4","realm_access":{"roles":["default-roles-stigman"]},"session_state":"bf4ccf4c-7e40-47b6-b02b-cfd09d71989f","resource_access":{"account":{"roles":["manage-account","manage-account-links","view-profile"]},"realm-management":{"roles":["view-users","query-groups","query-users"]}},"preferred_username":"lvl4"},"collectionGrantCount":1}},{"userId":"1","username":"stigmanadmin","email":null,"displayName":"STIGMAN Admin","statistics":{"created":"2024-01-18T02:49:09Z","lastAccess":1705860313,"lastClaims":{"acr":"0","aud":["realm-management","account"],"azp":"stig-manager","exp":1864681035,"iat":1670540236,"iss":"http://localhost:8080/auth/realms/stigman","jti":"47f9aa7d-bac4-4098-9be8-ace75513aa7f","sid":"87365b33-2c76-4b3c-8485-fba5dbff4b9f","sub":"b7c78a62-b84f-4578-a983-2ebc66fd9efe","typ":"Bearer","name":"STIGMAN Admin","nonce":"3378daff-0404-43b3-b4ab-ee31ff7340ac","scope":"openid stig-manager:collection stig-manager:stig:read stig-manager:user:read stig-manager:op stig-manager:collection:read stig-manager:op:read stig-manager:user stig-manager stig-manager:stig","auth_time":1670540235,"given_name":"STIGMAN","family_name":"Admin","realm_access":{"roles":["create_collection","default-roles-stigman","admin"]},"session_state":"87365b33-2c76-4b3c-8485-fba5dbff4b9f","resource_access":{"account":{"roles":["manage-account","manage-account-links","view-profile"]},"realm-management":{"roles":["view-users","query-groups","query-users"]}},"preferred_username":"stigmanadmin"},"collectionGrantCount":2}},{"userId":"22","username":"wf-test","email":null,"displayName":"wf-test","statistics":{"created":"2024-01-18T02:49:09Z","lastAccess":null,"lastClaims":{},"collectionGrantCount":0}},{"userId":"43","username":"workforce-60","email":null,"displayName":"workforce-60","statistics":{"created":"2024-01-18T02:49:09Z","lastAccess":null,"lastClaims":{},"collectionGrantCount":0}}],"collections":[{"collectionId":"21","name":"Collection X","description":null,"settings":{"fields":{"detail":{"enabled":"always","required":"always"},"comment":{"enabled":"always","required":"findings"}},"status":{"canAccept":true,"resetCriteria":"result","minAcceptGrant":3},"history":{"maxReviews":15}},"metadata":{"reqRar":"true","pocName":"poc2Patched","pocEmail":"pocEmail@email.com","pocPhone":"12342"},"stigs":[{"ruleCount":81,"benchmarkId":"VPN_SRG_TEST","revisionStr":"V1R1","benchmarkDate":"2019-07-19","revisionPinned":false},{"ruleCount":287,"benchmarkId":"Windows_10_STIG_TEST","revisionStr":"V1R23","benchmarkDate":"2020-06-17","revisionPinned":false}],"grants":[{"accessLevel":1,"userId":"86"},{"accessLevel":1,"userId":"85"},{"accessLevel":2,"userId":"21"},{"accessLevel":3,"userId":"44"},{"accessLevel":4,"userId":"87"},{"accessLevel":4,"userId":"1"},{"accessLevel":4,"userId":"45"}],"labels":[{"labelId":"755b8a28-9a68-11ec-b1bc-0242ac110002","name":"test-label-full","description":"","color":"FF99CC","uses":2},{"labelId":"5130dc84-9a68-11ec-b1bc-0242ac110002","name":"test-label-lvl1","description":"","color":"99CCFF","uses":1}]},{"collectionId":"83","name":"Collection Y","description":null,"settings":{"fields":{"detail":{"enabled":"always","required":"always"},"comment":{"enabled":"findings","required":"findings"}},"status":{"canAccept":true,"resetCriteria":"result","minAcceptGrant":3},"history":{"maxReviews":15}},"metadata":{"reqRar":"true","pocName":"string","pocEmail":"string","pocPhone":"string"},"stigs":[{"ruleCount":81,"benchmarkId":"VPN_SRG_TEST","revisionStr":"V1R0","benchmarkDate":"2010-07-19","revisionPinned":true}],"grants":[{"accessLevel":4,"userId":"87"},{"accessLevel":4,"userId":"1"}],"labels":[]}],"assets":[{"assetId":"29","name":"ACHERNAR_Collection_X_asset","fqdn":null,"description":"","ip":"10.0.0.18","labelIds":[],"mac":null,"noncomputing":false,"metadata":{},"stigGrants":[],"collectionId":"21"},{"assetId":"42","name":"Collection_X_lvl1_asset-1","fqdn":null,"description":"","ip":"","labelIds":["755b8a28-9a68-11ec-b1bc-0242ac110002","5130dc84-9a68-11ec-b1bc-0242ac110002"],"mac":null,"noncomputing":true,"metadata":{},"stigGrants":[{"benchmarkId":"VPN_SRG_TEST","userIds":["85"]},{"benchmarkId":"Windows_10_STIG_TEST","userIds":["86"]}],"collectionId":"21"},{"assetId":"62","name":"Collection_X_asset","fqdn":null,"description":"","ip":"10.1.1.1","labelIds":["755b8a28-9a68-11ec-b1bc-0242ac110002"],"mac":null,"noncomputing":false,"metadata":{},"stigGrants":[{"benchmarkId":"VPN_SRG_TEST","userIds":[]},{"benchmarkId":"Windows_10_STIG_TEST","userIds":[]}],"collectionId":"21"},{"assetId":"153","name":"Collection_Y_lvl_1_asset-1","fqdn":null,"description":"","ip":"","labelIds":[],"mac":null,"noncomputing":false,"metadata":{},"stigGrants":[{"benchmarkId":"VPN_SRG_TEST","userIds":[]}],"collectionId":"83"},{"assetId":"240","name":"Collection_Y_asset-noGrants","fqdn":null,"description":"","ip":"","labelIds":[],"mac":null,"noncomputing":false,"metadata":{},"stigGrants":[{"benchmarkId":"VPN_SRG_TEST","userIds":[]}],"collectionId":"83"}],"reviews":[{"assetId":"42","ruleId":"SV-106179r1_rule","result":"pass","resultEngine":null,"detail":"test\nvisible to lvl1","comment":"idk","userId":"1","ts":"2021-07-16T03:34:02Z","touchTs":"2021-07-16T03:34:02Z","status":{"ts":"2021-07-16T03:34:02Z","text":null,"label":"submitted","userId":"1"},"metadata":{"testkey":"testvalue"},"history":[{"ts":"2020-08-11T23:37:45Z","detail":"test\nvisible to lvl1","result":"pass","ruleId":"SV-106179r1_rule","status":{"ts":"2020-08-11T23:37:45Z","text":null,"label":"submitted","userId":"1"},"userId":"1","comment":null,"touchTs":"2020-08-11T23:37:45Z","resultEngine":null},{"ts":"2020-08-11T23:37:45Z","detail":"test\nvisible to lvl1","result":"pass","ruleId":"SV-106179r1_rule","status":{"ts":"2020-08-11T23:37:45Z","text":null,"label":"saved","userId":"87"},"userId":"1","comment":null,"touchTs":"2020-08-11T23:37:45Z","resultEngine":null}]},{"assetId":"42","ruleId":"SV-106181r1_rule","result":"notapplicable","resultEngine":null,"detail":"test\nvisible to lvl1\nhas history","comment":"","userId":"87","ts":"2022-02-03T00:07:05Z","touchTs":"2022-02-03T00:07:07Z","status":{"ts":"2022-02-03T00:07:07Z","text":null,"label":"submitted","userId":"87"},"metadata":{},"history":[{"ts":"2020-08-11T22:26:50Z","detail":"test\nvisible to lvl1","result":"notapplicable","ruleId":"SV-106181r1_rule","status":{"ts":"2020-08-11T22:26:50Z","text":null,"label":"submitted","userId":"1"},"userId":"1","comment":null,"touchTs":"2020-08-11T22:26:50Z","resultEngine":null},{"ts":"2020-08-11T22:26:50Z","detail":"test\nvisible to lvl1","result":"notapplicable","ruleId":"SV-106181r1_rule","status":{"ts":"2020-08-11T22:26:50Z","text":null,"label":"saved","userId":"87"},"userId":"1","comment":null,"touchTs":"2020-08-11T22:26:50Z","resultEngine":null},{"ts":"2022-02-03T00:07:05Z","detail":"test\nvisible to lvl1\nhas history","result":"notapplicable","ruleId":"SV-106181r1_rule","status":{"ts":"2022-02-03T00:07:05Z","text":null,"label":"saved","userId":"87"},"userId":"87","comment":"","touchTs":"2022-02-03T00:07:05Z","resultEngine":null}]},{"assetId":"42","ruleId":"SV-106183r1_rule","result":"fail","resultEngine":null,"detail":"test\nvisible to lvl1","comment":"test\nvisible to lvl1","userId":"1","ts":"2020-08-11T22:27:26Z","touchTs":"2020-08-11T22:27:26Z","status":{"ts":"2020-08-11T22:27:26Z","text":null,"label":"submitted","userId":"1"},"metadata":{},"history":[]},{"assetId":"42","ruleId":"SV-106185r1_rule","result":"fail","resultEngine":null,"detail":"test\nvisible to lvl1","comment":"test\nvisible to lvl1","userId":"1","ts":"2020-08-11T22:28:27Z","touchTs":"2020-08-11T22:28:27Z","status":{"ts":"2020-08-11T22:28:27Z","text":null,"label":"submitted","userId":"1"},"metadata":{},"history":[]},{"assetId":"42","ruleId":"SV-106187r1_rule","result":"fail","resultEngine":null,"detail":"test\nvisible to lvl1","comment":"test\nvisible to lvl1","userId":"1","ts":"2020-08-11T22:28:17Z","touchTs":"2020-08-11T22:28:17Z","status":{"ts":"2020-08-11T22:28:17Z","text":null,"label":"submitted","userId":"1"},"metadata":{},"history":[]},{"assetId":"42","ruleId":"SV-106189r1_rule","result":"pass","resultEngine":null,"detail":"test\nvisible to lvl1\nunbumitted\n","comment":null,"userId":"1","ts":"2020-08-11T22:28:42Z","touchTs":"2020-08-11T22:28:42Z","status":{"ts":"2020-08-11T22:28:42Z","text":null,"label":"saved","userId":"1"},"metadata":{},"history":[]},{"assetId":"42","ruleId":"SV-77809r3_rule","result":"pass","resultEngine":null,"detail":"test\nvisible to lvl2 and above","comment":null,"userId":"1","ts":"2020-08-11T22:29:16Z","touchTs":"2020-08-11T22:29:16Z","status":{"ts":"2020-08-11T22:29:16Z","text":null,"label":"saved","userId":"1"},"metadata":{},"history":[]},{"assetId":"42","ruleId":"SV-77811r1_rule","result":"pass","resultEngine":null,"detail":"test\nvisible to lvl2 and above","comment":null,"userId":"1","ts":"2020-08-11T22:29:30Z","touchTs":"2020-08-11T22:29:30Z","status":{"ts":"2020-08-11T22:29:30Z","text":null,"label":"submitted","userId":"1"},"metadata":{},"history":[]},{"assetId":"42","ruleId":"SV-77813r6_rule","result":"fail","resultEngine":null,"detail":"test\nlvl2","comment":"test\nlvl2","userId":"1","ts":"2020-08-18T20:48:29Z","touchTs":"2020-08-18T20:48:29Z","status":{"ts":"2020-08-18T20:48:29Z","text":null,"label":"submitted","userId":"1"},"metadata":{},"history":[]},{"assetId":"62","ruleId":"SV-106179r1_rule","result":"notapplicable","resultEngine":null,"detail":"test\nvisible to lvl1","comment":"","userId":"87","ts":"2022-01-26T01:23:06Z","touchTs":"2022-01-26T01:23:06Z","status":{"ts":"2022-01-26T01:23:06Z","text":null,"label":"submitted","userId":"87"},"metadata":{},"history":[]},{"assetId":"62","ruleId":"SV-106181r1_rule","result":"notapplicable","resultEngine":null,"detail":"test\nvisible to lvl1","comment":null,"userId":"1","ts":"2020-08-11T23:37:48Z","touchTs":"2020-08-11T23:37:48Z","status":{"ts":"2020-08-11T23:37:48Z","text":null,"label":"submitted","userId":"1"},"metadata":{},"history":[]},{"assetId":"62","ruleId":"SV-106183r1_rule","result":"fail","resultEngine":null,"detail":"test\nvisible to lvl1","comment":null,"userId":"1","ts":"2020-08-11T23:37:53Z","touchTs":"2020-08-11T23:37:53Z","status":{"ts":"2020-08-11T23:37:53Z","text":null,"label":"saved","userId":"1"},"metadata":{},"history":[]},{"assetId":"153","ruleId":"SV-106179r1_rule","result":"pass","resultEngine":null,"detail":"test\nvisible to lvl1","comment":null,"userId":"1","ts":"2020-08-18T02:22:56Z","touchTs":"2020-08-18T02:22:56Z","status":{"ts":"2020-08-18T02:22:56Z","text":null,"label":"submitted","userId":"1"},"metadata":{},"history":[]},{"assetId":"240","ruleId":"SV-106179r1_rule","result":"pass","resultEngine":null,"detail":"test\nno one but admin users should see this.","comment":null,"userId":"1","ts":"2020-08-18T02:22:23Z","touchTs":"2020-08-18T02:22:23Z","status":{"ts":"2020-08-18T02:22:23Z","text":null,"label":"saved","userId":"1"},"metadata":{},"history":[]}]} \ No newline at end of file diff --git a/test/api/form-data-files/appdata-meta-metrics-with-pin.jsonl b/test/api/form-data-files/appdata-meta-metrics-with-pin.jsonl new file mode 100644 index 000000000..9888a53a0 --- /dev/null +++ b/test/api/form-data-files/appdata-meta-metrics-with-pin.jsonl @@ -0,0 +1,61 @@ +{"version":"1.4.13","commit":{"branch":"na","sha":"na","tag":"na","describe":"na"},"date":"2024-08-21T17:42:15.334Z","lastMigration":34} +{"tables":[{"table":"asset","rowCount":5},{"table":"check_content","rowCount":615},{"table":"collection","rowCount":2},{"table":"collection_grant","rowCount":9},{"table":"collection_label","rowCount":2},{"table":"collection_label_asset_map","rowCount":3},{"table":"collection_rev_map","rowCount":1},{"table":"current_rev","rowCount":4},{"table":"default_rev","rowCount":3},{"table":"fix_text","rowCount":615},{"table":"rev_group_rule_cci_map","rowCount":925},{"table":"rev_group_rule_map","rowCount":699},{"table":"review","rowCount":14},{"table":"review_history","rowCount":5},{"table":"revision","rowCount":5},{"table":"rule_version_check_digest","rowCount":619},{"table":"severity_cat_map","rowCount":0},{"table":"stig","rowCount":4},{"table":"stig_asset_map","rowCount":6},{"table":"user_data","rowCount":10},{"table":"user_stig_asset_map","rowCount":2}],"totalRows":3548,"collections":["Collection X","Collection Y"]} +{"table":"asset","columns":"`assetId`,`collectionId`,`description`,`fqdn`,`ip`,`mac`,`metadata`,`name`,`noncomputing`,`state`,`stateDate`,`stateUserId`","rowCount":5} +[29,21,"",null,"10.0.0.18",null,"{}","ACHERNAR_Collection_X_asset",false,"enabled",null,null] +[42,21,"",null,"",null,"{}","Collection_X_lvl1_asset-1",true,"enabled",null,null] +[62,21,"",null,"10.1.1.1",null,"{}","Collection_X_asset",false,"enabled",null,null] +[153,83,"",null,"",null,"{}","Collection_Y_lvl_1_asset-1",false,"enabled",null,null] +[240,83,"",null,"",null,"{}","Collection_Y_asset-noGrants",false,"enabled",null,null] +{"table":"collection","columns":"`collectionId`,`created`,`createdUserId`,`description`,`metadata`,`name`,`settings`,`state`,`stateDate`,`stateUserId`","rowCount":2} +[21,"2024-08-21 17:38:03",null,null,"{\"reqRar\": \"true\", \"pocName\": \"poc2Patched\", \"pocEmail\": \"pocEmail@email.com\", \"pocPhone\": \"12342\"}","Collection X","{\"fields\": {\"detail\": {\"enabled\": \"always\", \"required\": \"always\"}, \"comment\": {\"enabled\": \"always\", \"required\": \"findings\"}}, \"status\": {\"canAccept\": true, \"resetCriteria\": \"result\", \"minAcceptGrant\": 3}, \"history\": {\"maxReviews\": 15}}","enabled",null,null] +[83,"2024-08-21 17:38:03",null,null,"{\"reqRar\": \"true\", \"pocName\": \"string\", \"pocEmail\": \"string\", \"pocPhone\": \"string\"}","Collection Y","{\"fields\": {\"detail\": {\"enabled\": \"always\", \"required\": \"always\"}, \"comment\": {\"enabled\": \"findings\", \"required\": \"findings\"}}, \"status\": {\"canAccept\": true, \"resetCriteria\": \"result\", \"minAcceptGrant\": 3}, \"history\": {\"maxReviews\": 15}}","enabled",null,null] +{"table":"collection_grant","columns":"`accessLevel`,`cgId`,`collectionId`,`userId`","rowCount":9} +[1,23,21,86] +[1,24,21,85] +[2,25,21,21] +[3,26,21,44] +[4,27,21,87] +[4,28,21,1] +[4,29,21,45] +[4,30,83,87] +[4,31,83,1] +{"table":"collection_label","columns":"`clId`,`collectionId`,`color`,`description`,`name`,`uuid`","rowCount":2} +[4,21,"FF99CC","","test-label-full",{"type":"Buffer","data":"base64:EeyaaHVbiiixvAJCrBEAAg=="}] +[5,21,"99CCFF","","test-label-lvl1",{"type":"Buffer","data":"base64:EeyaaFEw3ISxvAJCrBEAAg=="}] +{"table":"collection_label_asset_map","columns":"`assetId`,`claId`,`clId`","rowCount":3} +[42,4,4] +[42,6,5] +[62,5,4] +{"table":"collection_rev_map","columns":"`benchmarkId`,`collectionId`,`crId`,`revId`","rowCount":1} +["VPN_SRG_TEST",83,1,"VPN_SRG_TEST-1-0"] +{"table":"default_rev","columns":"`benchmarkId`,`collectionId`,`revId`,`revisionPinned`,`vdId`","rowCount":3} +["VPN_SRG_TEST",21,"VPN_SRG_TEST-1-1",0,8] +["VPN_SRG_TEST",83,"VPN_SRG_TEST-1-0",1,9] +["Windows_10_STIG_TEST",21,"Windows_10_STIG_TEST-1-23",0,10] +{"table":"review_history","columns":"`autoResult`,`comment`,`detail`,`historyId`,`resultEngine`,`resultId`,`reviewId`,`ruleId`,`statusId`,`statusText`,`statusTs`,`statusUserId`,`touchTs`,`ts`,`userId`","rowCount":5} +[false,null,"test\nvisible to lvl1",8,null,3,1,"SV-106179r1_rule",1,null,"2020-08-11 23:37:45",1,"2020-08-11 23:37:45","2020-08-11 23:37:45",1] +[false,null,"test\nvisible to lvl1",9,null,3,1,"SV-106179r1_rule",0,null,"2020-08-11 23:37:45",87,"2020-08-11 23:37:45","2020-08-11 23:37:45",1] +[false,null,"test\nvisible to lvl1",10,null,2,2,"SV-106181r1_rule",1,null,"2020-08-11 22:26:50",1,"2020-08-11 22:26:50","2020-08-11 22:26:50",1] +[false,null,"test\nvisible to lvl1",11,null,2,2,"SV-106181r1_rule",0,null,"2020-08-11 22:26:50",87,"2020-08-11 22:26:50","2020-08-11 22:26:50",1] +[false,"","test\nvisible to lvl1\nhas history",12,null,2,2,"SV-106181r1_rule",0,null,"2022-02-03 00:07:05",87,"2022-02-03 00:07:05","2022-02-03 00:07:05",87] +{"table":"stig_asset_map","columns":"`accepted`,`acceptedResultEngine`,`assetId`,`benchmarkId`,`error`,`errorResultEngine`,`fail`,`failResultEngine`,`fixed`,`fixedResultEngine`,`highCount`,`informational`,`informationalResultEngine`,`lowCount`,`maxTouchTs`,`maxTs`,`mediumCount`,`minTs`,`notapplicable`,`notapplicableResultEngine`,`notchecked`,`notcheckedResultEngine`,`notselected`,`notselectedResultEngine`,`pass`,`passResultEngine`,`rejected`,`rejectedResultEngine`,`saId`,`saved`,`savedResultEngine`,`submitted`,`submittedResultEngine`,`unknown`,`unknownResultEngine`,`userIds`","rowCount":6} +[0,0,42,"VPN_SRG_TEST",0,0,3,0,0,0,0,0,0,1,"2022-02-03 00:07:07","2022-02-03 00:07:05",2,"2020-08-11 22:27:26",1,0,0,0,0,0,2,0,0,0,15,1,0,5,0,0,0,"[85]"] +[0,0,42,"Windows_10_STIG_TEST",0,0,1,0,0,0,0,0,0,0,"2020-08-18 20:48:29","2020-08-18 20:48:29",1,"2020-08-11 22:29:16",0,0,0,0,0,0,2,0,0,0,16,1,0,2,0,0,0,"[86]"] +[0,0,62,"VPN_SRG_TEST",0,0,1,0,0,0,0,0,0,0,"2022-01-26 01:23:06","2022-01-26 01:23:06",1,"2020-08-11 23:37:48",2,0,0,0,0,0,0,0,0,0,17,1,0,2,0,0,0,"[]"] +[0,0,62,"Windows_10_STIG_TEST",0,0,0,0,0,0,0,0,0,0,null,null,0,null,0,0,0,0,0,0,0,0,0,0,18,0,0,0,0,0,0,"[]"] +[0,0,153,"VPN_SRG_TEST",0,0,0,0,0,0,0,0,0,0,null,null,0,null,0,0,0,0,0,0,0,0,0,0,19,0,0,0,0,0,0,"[]"] +[0,0,240,"VPN_SRG_TEST",0,0,0,0,0,0,0,0,0,0,null,null,0,null,0,0,0,0,0,0,0,0,0,0,20,0,0,0,0,0,0,"[]"] +{"table":"user_data","columns":"`created`,`lastAccess`,`lastClaims`,`userId`,`username`","rowCount":10} +["2024-08-21 17:38:03",1705860313,"{\"acr\": \"0\", \"aud\": [\"realm-management\", \"account\"], \"azp\": \"stig-manager\", \"exp\": 1864681035, \"iat\": 1670540236, \"iss\": \"http://localhost:8080/auth/realms/stigman\", \"jti\": \"47f9aa7d-bac4-4098-9be8-ace75513aa7f\", \"sid\": \"87365b33-2c76-4b3c-8485-fba5dbff4b9f\", \"sub\": \"b7c78a62-b84f-4578-a983-2ebc66fd9efe\", \"typ\": \"Bearer\", \"name\": \"STIGMAN Admin\", \"nonce\": \"3378daff-0404-43b3-b4ab-ee31ff7340ac\", \"scope\": \"openid stig-manager:collection stig-manager:stig:read stig-manager:user:read stig-manager:op stig-manager:collection:read stig-manager:op:read stig-manager:user stig-manager stig-manager:stig\", \"auth_time\": 1670540235, \"given_name\": \"STIGMAN\", \"family_name\": \"Admin\", \"realm_access\": {\"roles\": [\"create_collection\", \"default-roles-stigman\", \"admin\"]}, \"session_state\": \"87365b33-2c76-4b3c-8485-fba5dbff4b9f\", \"resource_access\": {\"account\": {\"roles\": [\"manage-account\", \"manage-account-links\", \"view-profile\"]}, \"realm-management\": {\"roles\": [\"view-users\", \"query-groups\", \"query-users\"]}}, \"preferred_username\": \"stigmanadmin\"}",1,"stigmanadmin"] +["2024-08-21 17:38:03",1705546498,"{\"acr\": \"0\", \"aud\": [\"realm-management\", \"account\"], \"azp\": \"stig-manager\", \"exp\": 1864709074, \"iat\": 1670568275, \"iss\": \"http://localhost:8080/auth/realms/stigman\", \"jti\": \"03f49efc-cc71-4712-9ac7-14f9c6b475da\", \"sid\": \"c6e2e826-1333-4f07-9788-79410c9f2d06\", \"sub\": \"c137d637-f056-4c72-9bef-ec2af7c1abc7\", \"typ\": \"Bearer\", \"name\": \"lvl2\", \"nonce\": \"49369e7f-a2df-491a-8b44-a042caf238ec\", \"scope\": \"openid stig-manager:collection stig-manager:stig:read stig-manager:user:read stig-manager:collection:read\", \"auth_time\": 1670568274, \"given_name\": \"lvl2\", \"realm_access\": {\"roles\": [\"default-roles-stigman\"]}, \"session_state\": \"c6e2e826-1333-4f07-9788-79410c9f2d06\", \"resource_access\": {\"account\": {\"roles\": [\"manage-account\", \"manage-account-links\", \"view-profile\"]}, \"realm-management\": {\"roles\": [\"view-users\", \"query-groups\", \"query-users\"]}}, \"preferred_username\": \"lvl2\"}",21,"lvl2"] +["2024-08-21 17:38:03",null,"{}",22,"wf-test"] +["2024-08-21 17:38:03",null,"{}",43,"workforce-60"] +["2024-08-21 17:38:03",1705546498,"{\"acr\": \"0\", \"aud\": [\"realm-management\", \"account\"], \"azp\": \"stig-manager\", \"exp\": 1864709125, \"iat\": 1670568325, \"iss\": \"http://localhost:8080/auth/realms/stigman\", \"jti\": \"852926ff-1c38-4006-960b-d9a4bca271f9\", \"sid\": \"318d8cff-0ce5-4739-812c-b5b467e1d6c1\", \"sub\": \"35fabc06-076e-4ff4-8bde-f325ea7dd4fb\", \"typ\": \"Bearer\", \"nonce\": \"416c0bbd-2f69-4fd0-82a5-7cd0f6de7535\", \"scope\": \"openid stig-manager:collection stig-manager:stig:read stig-manager:user:read stig-manager:collection:read\", \"auth_time\": 1670568325, \"realm_access\": {\"roles\": [\"default-roles-stigman\"]}, \"session_state\": \"318d8cff-0ce5-4739-812c-b5b467e1d6c1\", \"resource_access\": {\"account\": {\"roles\": [\"manage-account\", \"manage-account-links\", \"view-profile\"]}, \"realm-management\": {\"roles\": [\"view-users\", \"query-groups\", \"query-users\"]}}, \"preferred_username\": \"lvl3\"}",44,"lvl3"] +["2024-08-21 17:38:03",1705546498,"{\"acr\": \"0\", \"aud\": [\"realm-management\", \"account\"], \"azp\": \"stig-manager\", \"exp\": 1864709163, \"iat\": 1670568364, \"iss\": \"http://localhost:8080/auth/realms/stigman\", \"jti\": \"7180f59c-d4d3-442f-b5e5-76f120a947aa\", \"sid\": \"bf4ccf4c-7e40-47b6-b02b-cfd09d71989f\", \"sub\": \"902cfa46-61b3-49a7-8e8a-6f70a93c2a97\", \"typ\": \"Bearer\", \"name\": \"lvl4\", \"nonce\": \"1eaa8441-dafb-4a93-87ff-1d73437e0eca\", \"scope\": \"openid stig-manager:collection stig-manager:stig:read stig-manager:user:read stig-manager:collection:read\", \"auth_time\": 1670568363, \"given_name\": \"lvl4\", \"realm_access\": {\"roles\": [\"default-roles-stigman\"]}, \"session_state\": \"bf4ccf4c-7e40-47b6-b02b-cfd09d71989f\", \"resource_access\": {\"account\": {\"roles\": [\"manage-account\", \"manage-account-links\", \"view-profile\"]}, \"realm-management\": {\"roles\": [\"view-users\", \"query-groups\", \"query-users\"]}}, \"preferred_username\": \"lvl4\"}",45,"lvl4"] +["2024-08-21 17:38:03",1705546498,"{\"acr\": \"0\", \"aud\": [\"realm-management\", \"account\"], \"azp\": \"stig-manager\", \"exp\": 1864709200, \"iat\": 1670568400, \"iss\": \"http://localhost:8080/auth/realms/stigman\", \"jti\": \"da751cd7-b1bd-481d-9e81-57a47a6f4eb8\", \"sid\": \"b6dcf279-8fb4-444b-8506-2f48d2a763bd\", \"sub\": \"dd48f19e-81f0-44cf-a418-c4de98b6b783\", \"typ\": \"Bearer\", \"name\": \"collection creator\", \"nonce\": \"227ee242-1bbb-4b56-86fa-67ef646edc93\", \"scope\": \"openid stig-manager:collection stig-manager:stig:read stig-manager:user:read stig-manager:collection:read\", \"auth_time\": 1670568400, \"given_name\": \"collection\", \"family_name\": \"creator\", \"realm_access\": {\"roles\": [\"create_collection\", \"default-roles-stigman\"]}, \"session_state\": \"b6dcf279-8fb4-444b-8506-2f48d2a763bd\", \"resource_access\": {\"account\": {\"roles\": [\"manage-account\", \"manage-account-links\", \"view-profile\"]}, \"realm-management\": {\"roles\": [\"view-users\", \"query-groups\", \"query-users\"]}}, \"preferred_username\": \"collectioncreator\"}",82,"collectioncreator"] +["2024-08-21 17:38:03",1705546498,"{\"acr\": \"1\", \"aud\": [\"realm-management\", \"account\"], \"azp\": \"stig-manager\", \"exp\": 1864708984, \"iat\": 1670568184, \"iss\": \"http://localhost:8080/auth/realms/stigman\", \"jti\": \"108f0760-0bf9-4df1-b143-96836bfbc363\", \"sid\": \"b4a3acf1-9dc7-45e1-98f8-d35362aec4c7\", \"sub\": \"e3ae27b8-da20-4c42-9df8-6089f70f763b\", \"typ\": \"Bearer\", \"name\": \"restricted\", \"nonce\": \"14fa9d7d-0fe0-4426-8fd9-69d74a6f3464\", \"scope\": \"openid stig-manager:collection stig-manager:stig:read stig-manager:user:read stig-manager:collection:read\", \"auth_time\": 1670568184, \"given_name\": \"restricted\", \"realm_access\": {\"roles\": [\"default-roles-stigman\"]}, \"session_state\": \"b4a3acf1-9dc7-45e1-98f8-d35362aec4c7\", \"resource_access\": {\"account\": {\"roles\": [\"manage-account\", \"manage-account-links\", \"view-profile\"]}, \"realm-management\": {\"roles\": [\"view-users\", \"query-groups\", \"query-users\"]}}, \"preferred_username\": \"lvl1\"}",85,"lvl1"] +["2024-08-21 17:38:03",null,"{}",86,"bizarroLvl1"] +["2024-08-21 17:38:03",1724262135,"{\"aud\": \"realm-management\", \"azp\": \"stig-manager\", \"exp\": 1724280111, \"iat\": 1724262111, \"iss\": \"https://trinity.localdomain/kc/realms/stigman\", \"jti\": \"a7699ea3-ae85-40b2-a904-d3307265f24a\", \"sid\": \"3621751b-d785-4c43-8178-2c150f8291a3\", \"sub\": \"bf87a16f-39e6-46d9-8971-f0ef51dd3f85\", \"typ\": \"Bearer\", \"name\": \"Admin Burke\", \"nonce\": \"08a8febf-2fd7-4c67-ab2b-de0e8d2cde6d\", \"scope\": \"stig-manager:collection stig-manager:stig:read stig-manager:user:read stig-manager:op stig-manager:user stig-manager:stig\", \"auth_time\": 1723559545, \"given_name\": \"Admin\", \"family_name\": \"Burke\", \"realm_access\": {\"roles\": [\"create_collection\", \"admin\", \"user\"]}, \"session_state\": \"3621751b-d785-4c43-8178-2c150f8291a3\", \"resource_access\": {\"realm-management\": {\"roles\": [\"view-users\", \"query-groups\", \"query-users\"]}}, \"preferred_username\": \"admin\"}",87,"admin"] +{"table":"user_stig_asset_map","columns":"`id`,`saId`,`userId`","rowCount":2} +[8,15,85] +[9,16,86] diff --git a/test/api/form-data-files/appdata.json b/test/api/form-data-files/appdata.json deleted file mode 100644 index 5073d45ec..000000000 --- a/test/api/form-data-files/appdata.json +++ /dev/null @@ -1,1393 +0,0 @@ -{ - "users": [ - { - "userId": "87", - "username": "admin", - "statistics": { - "created": "2022-03-09 23:51:20.000000", - "lastAccess": 1646869919, - "lastClaims": { - "acr": "0", - "aud": "realm-management", - "azp": "stig-manager", - "exp": 1646870203, - "iat": 1646869903, - "iss": "http://localhost:8080/auth/realms/stigman", - "jti": "286cb1ea-6f44-48d5-9105-3efcdf2ee02c", - "sub": "bf87a16f-39e6-46d9-8971-f0ef51dd3f85", - "typ": "Bearer", - "name": "Admin Burke", - "email": "admin@admin.com", - "nonce": "d42ef1c0-8009-4b02-8925-0f1b9433c7c3", - "scope": "openid stig-manager:collection stig-manager:stig:read stig-manager:user:read stig-manager:op stig-manager:user stig-manager:stig", - "auth_time": 1646846276, - "given_name": "Admin", - "family_name": "Burke", - "realm_access": { - "roles": [ - "create_collection", - "admin", - "user" - ] - }, - "session_state": "5da5018d-e50f-46cd-b0a7-02bd8bd5a7b7", - "email_verified": false, - "resource_access": { - "realm-management": { - "roles": [ - "view-users", - "query-groups", - "query-users" - ] - } - }, - "preferred_username": "admin" - }, - "collectionGrantCount": 6 - } - }, - { - "userId": "86", - "username": "bizarroLvl1", - "statistics": { - "created": "2022-03-09 23:51:20.000000", - "lastAccess": null, - "lastClaims": {}, - "collectionGrantCount": 2 - } - }, - { - "userId": "82", - "username": "collectioncreator", - "statistics": { - "created": "2022-03-09 23:51:20.000000", - "lastAccess": 1602652554, - "lastClaims": { - "acr": "1", - "aud": "account", - "azp": "stig-manager", - "exp": 1602652854, - "iat": 1602652554, - "iss": "http://localhost:8080/auth/realms/stigman-test", - "jti": "dba7eae1-8a6b-4335-ae34-93097a78c948", - "sub": "0afa914a-cdbb-4edb-baca-3a664dc20cd0", - "typ": "Bearer", - "nonce": "5337bda6-559e-4823-8764-488337bd390f", - "scope": "openid stig-manager:user:read stig-manager:collection stig-manager:user stig-manager:op stig-manager:stig stig-manager:stig:read email profile", - "auth_time": 1602652553, - "realm_access": { - "roles": [ - "create_collection", - "user" - ] - }, - "session_state": "69ed7f9b-1858-4af3-b909-7b9120c08878", - "email_verified": false, - "allowed-origins": [ - "*" - ], - "resource_access": { - "account": { - "roles": [ - "manage-account", - "manage-account-links", - "view-profile" - ] - } - }, - "preferred_username": "collectioncreator" - }, - "collectionGrantCount": 0 - } - }, - { - "userId": "85", - "username": "lvl1", - "statistics": { - "created": "2022-03-09 23:51:20.000000", - "lastAccess": 1602652493, - "lastClaims": { - "acr": "1", - "aud": "account", - "azp": "stig-manager", - "exp": 1602652792, - "iat": 1602652492, - "iss": "http://localhost:8080/auth/realms/stigman-test", - "jti": "64ea09c4-e9fd-423c-b447-aff38d38f04e", - "sub": "757dd598-d9d8-4c0b-8811-ec7f40925986", - "typ": "Bearer", - "nonce": "48fe2aae-66f8-4188-8af3-419129aa02e6", - "scope": "openid stig-manager:user:read stig-manager:collection stig-manager:user stig-manager:op stig-manager:stig stig-manager:stig:read email profile", - "auth_time": 1602652492, - "realm_access": { - "roles": [ - "user" - ] - }, - "session_state": "cbf87935-3521-4c5d-a22e-d8dd9e60e5e3", - "email_verified": false, - "allowed-origins": [ - "*" - ], - "resource_access": { - "account": { - "roles": [ - "manage-account", - "manage-account-links", - "view-profile" - ] - } - }, - "preferred_username": "lvl1" - }, - "collectionGrantCount": 1 - } - }, - { - "userId": "21", - "username": "lvl2", - "statistics": { - "created": "2022-03-09 23:51:20.000000", - "lastAccess": 1602652507, - "lastClaims": { - "acr": "1", - "aud": "account", - "azp": "stig-manager", - "exp": 1602652806, - "iat": 1602652506, - "iss": "http://localhost:8080/auth/realms/stigman-test", - "jti": "eb5cdbd4-c912-4fc5-a1b8-10cf737d374a", - "sub": "51ea2e76-d3db-43ff-b551-68dfbdf01a38", - "typ": "Bearer", - "nonce": "8fbd4814-621a-4b63-af57-9e62b665a529", - "scope": "openid stig-manager:user:read stig-manager:collection stig-manager:user stig-manager:op stig-manager:stig stig-manager:stig:read email profile", - "auth_time": 1602652506, - "realm_access": { - "roles": [ - "user" - ] - }, - "session_state": "d5a18452-599d-4a50-af6f-75fb3808f2e9", - "email_verified": false, - "allowed-origins": [ - "*" - ], - "resource_access": { - "account": { - "roles": [ - "manage-account", - "manage-account-links", - "view-profile" - ] - } - }, - "preferred_username": "lvl2" - }, - "collectionGrantCount": 2 - } - }, - { - "userId": "44", - "username": "lvl3", - "statistics": { - "created": "2022-03-09 23:51:20.000000", - "lastAccess": 1602652565, - "lastClaims": { - "acr": "1", - "aud": "account", - "azp": "stig-manager", - "exp": 1602652864, - "iat": 1602652564, - "iss": "http://localhost:8080/auth/realms/stigman-test", - "jti": "72163a5a-9599-4942-92c0-347d3c00d7fb", - "sub": "dea1961a-b597-49d1-8b80-a443ec30c7c7", - "typ": "Bearer", - "nonce": "709a0a0a-9d85-4e31-8266-99b7a306e17c", - "scope": "openid stig-manager:user:read stig-manager:collection stig-manager:user stig-manager:op stig-manager:stig stig-manager:stig:read email profile", - "auth_time": 1602652564, - "realm_access": { - "roles": [ - "user" - ] - }, - "session_state": "bcf64712-4b8d-4e42-86c9-d173a363e4d5", - "email_verified": false, - "allowed-origins": [ - "*" - ], - "resource_access": { - "account": { - "roles": [ - "manage-account", - "manage-account-links", - "view-profile" - ] - } - }, - "preferred_username": "lvl3" - }, - "collectionGrantCount": 2 - } - }, - { - "userId": "45", - "username": "lvl4", - "statistics": { - "created": "2022-03-09 23:51:20.000000", - "lastAccess": 1602652573, - "lastClaims": { - "acr": "1", - "aud": "account", - "azp": "stig-manager", - "exp": 1602652872, - "iat": 1602652572, - "iss": "http://localhost:8080/auth/realms/stigman-test", - "jti": "b8cd924e-432b-4072-bf1c-425386981cd5", - "sub": "1045da76-d100-4093-b4ac-d520e34e0bf9", - "typ": "Bearer", - "nonce": "33f857b8-2d55-4ec9-8078-0aed9edda98e", - "scope": "openid stig-manager:user:read stig-manager:collection stig-manager:user stig-manager:op stig-manager:stig stig-manager:stig:read email profile", - "auth_time": 1602652572, - "realm_access": { - "roles": [ - "user" - ] - }, - "session_state": "6c15ffa5-ccf3-4cc7-b187-cf6117ada3d1", - "email_verified": false, - "allowed-origins": [ - "*" - ], - "resource_access": { - "account": { - "roles": [ - "manage-account", - "manage-account-links", - "view-profile" - ] - } - }, - "preferred_username": "lvl4" - }, - "collectionGrantCount": 3 - } - }, - { - "userId": "1", - "username": "stigmanadmin", - "statistics": { - "created": "2022-03-09 23:51:20.000000", - "lastAccess": 1643160098, - "lastClaims": { - "acr": "0", - "aud": [ - "realm-management", - "account" - ], - "azp": "stig-manager", - "exp": 1670394347, - "iat": 1605631412, - "iss": "http://localhost:8080/auth/realms/stigman", - "jti": "daf8b741-73d1-4eba-96af-f855ab0bd226", - "sub": "eb965d15-aa78-43fc-a2a6-3d86258c1eec", - "typ": "Bearer", - "nonce": "73937be3-4ccc-4fa7-8202-45685523dd2c", - "scope": "openid stig-manager:collection stig-manager:stig:read stig-manager:user:read stig-manager:op stig-manager:user stig-manager:stig", - "auth_time": 1605594347, - "realm_access": { - "roles": [ - "create_collection", - "admin", - "user" - ] - }, - "session_state": "5ac2a938-1074-4e6a-8c4b-e83e4e7d763b", - "email_verified": false, - "resource_access": { - "account": { - "roles": [ - "manage-account", - "manage-account-links", - "view-profile" - ] - }, - "realm-management": { - "roles": [ - "view-users", - "query-groups", - "query-users" - ] - } - }, - "preferred_username": "stigmanadmin" - }, - "collectionGrantCount": 6 - } - }, - { - "userId": "22", - "username": "wf-test", - "statistics": { - "created": "2022-03-09 23:51:20.000000", - "lastAccess": null, - "lastClaims": {}, - "collectionGrantCount": 0 - } - }, - { - "userId": "43", - "username": "workforce-60", - "statistics": { - "created": "2022-03-09 23:51:20.000000", - "lastAccess": null, - "lastClaims": {}, - "collectionGrantCount": 0 - } - } - ], - "collections": [ - { - "collectionId": "21", - "name": "Collection X", - "description": null, - "settings": { - "fields": { - "detail": { - "enabled": "always", - "required": "always" - }, - "comment": { - "enabled": "always", - "required": "findings" - } - }, - "status": { - "canAccept": true, - "resetCriteria": "result", - "minAcceptGrant": 3 - } - }, - "metadata": { - "reqRar": "true", - "pocName": "poc2Patched", - "pocEmail": "pocEmail@email.com", - "pocPhone": "12342" - }, - "grants": [ - { - "accessLevel": 1, - "userId": "86" - }, - { - "accessLevel": 1, - "userId": "85" - }, - { - "accessLevel": 2, - "userId": "21" - }, - { - "accessLevel": 3, - "userId": "44" - }, - { - "accessLevel": 4, - "userId": "87" - }, - { - "accessLevel": 4, - "userId": "1" - }, - { - "accessLevel": 4, - "userId": "45" - } - ], - "labels": [ - { - "labelId": "755b8a28-9a68-11ec-b1bc-0242ac110002", - "name": "test-label-full", - "description": "", - "color": "FF99CC", - "uses": 2 - }, - { - "labelId": "5130dc84-9a68-11ec-b1bc-0242ac110002", - "name": "test-label-lvl1", - "description": "", - "color": "99CCFF", - "uses": 1 - } - ] - }, - { - "collectionId": "83", - "name": "Collection Y", - "description": null, - "settings": { - "fields": { - "detail": { - "enabled": "always", - "required": "always" - }, - "comment": { - "enabled": "findings", - "required": "findings" - } - }, - "status": { - "canAccept": true, - "resetCriteria": "result", - "minAcceptGrant": 3 - } - }, - "metadata": { - "reqRar": "true", - "pocName": "string", - "pocEmail": "string", - "pocPhone": "string" - }, - "grants": [ - { - "accessLevel": 4, - "userId": "87" - }, - { - "accessLevel": 4, - "userId": "1" - } - ], - "labels": [] - }, - { - "collectionId": "1", - "name": "Collection Z put", - "description": null, - "settings": { - "fields": { - "detail": { - "enabled": "always", - "required": "always" - }, - "comment": { - "enabled": "findings", - "required": "findings" - } - }, - "status": { - "canAccept": true, - "resetCriteria": "result", - "minAcceptGrant": 3 - } - }, - "metadata": { - "reqRar": "true", - "pocName": "poc2Put", - "pocEmail": "pocEmailPut@email.com", - "pocPhone": "12342" - }, - "grants": [ - { - "accessLevel": 1, - "userId": "86" - }, - { - "accessLevel": 2, - "userId": "21" - }, - { - "accessLevel": 3, - "userId": "44" - }, - { - "accessLevel": 4, - "userId": "87" - }, - { - "accessLevel": 4, - "userId": "45" - }, - { - "accessLevel": 4, - "userId": "1" - } - ], - "labels": [ - { - "labelId": "df4e6836-a003-11ec-b1bc-0242ac110002", - "name": "scrapLabel", - "description": "scrap label", - "color": "99CCFF", - "uses": 0 - } - ] - }, - { - "collectionId": "84", - "name": "delete Collection Admin", - "description": null, - "settings": { - "fields": { - "detail": { - "enabled": "always", - "required": "always" - }, - "comment": { - "enabled": "findings", - "required": "findings" - } - }, - "status": { - "canAccept": true, - "resetCriteria": "result", - "minAcceptGrant": 3 - } - }, - "metadata": {}, - "grants": [ - { - "accessLevel": 4, - "userId": "87" - }, - { - "accessLevel": 4, - "userId": "1" - } - ], - "labels": [] - }, - { - "collectionId": "85", - "name": "delete Collection lvl4", - "description": null, - "settings": { - "fields": { - "detail": { - "enabled": "always", - "required": "always" - }, - "comment": { - "enabled": "findings", - "required": "findings" - } - }, - "status": { - "canAccept": true, - "resetCriteria": "result", - "minAcceptGrant": 3 - } - }, - "metadata": {}, - "grants": [ - { - "accessLevel": 4, - "userId": "87" - }, - { - "accessLevel": 4, - "userId": "1" - }, - { - "accessLevel": 4, - "userId": "45" - } - ], - "labels": [] - }, - { - "collectionId": "86", - "name": "delete Collection NONE", - "description": null, - "settings": { - "fields": { - "detail": { - "enabled": "always", - "required": "always" - }, - "comment": { - "enabled": "findings", - "required": "findings" - } - }, - "status": { - "canAccept": true, - "resetCriteria": "result", - "minAcceptGrant": 3 - } - }, - "metadata": {}, - "grants": [], - "labels": [] - }, - { - "collectionId": "92", - "name": "test Collection", - "description": null, - "settings": { - "fields": { - "detail": { - "enabled": "always", - "required": "always" - }, - "comment": { - "enabled": "findings", - "required": "findings" - } - }, - "status": { - "canAccept": true, - "resetCriteria": "result", - "minAcceptGrant": 3 - } - }, - "metadata": {}, - "grants": [ - { - "accessLevel": 4, - "userId": "87" - }, - { - "accessLevel": 4, - "userId": "1" - } - ], - "labels": [] - } - ], - "assets": [ - { - "assetId": "29", - "name": "ACHERNAR_Collection_X_asset", - "fqdn": null, - "description": "", - "ip": "10.0.0.18", - "labelIds": [], - "mac": null, - "noncomputing": false, - "metadata": {}, - "stigGrants": [], - "collectionId": "21" - }, - { - "assetId": "62", - "name": "Collection_X_asset", - "fqdn": null, - "description": "", - "ip": "10.1.1.1", - "labelIds": [ - "755b8a28-9a68-11ec-b1bc-0242ac110002" - ], - "mac": null, - "noncomputing": false, - "metadata": {}, - "stigGrants": [ - { - "benchmarkId": "VPN_SRG_TEST", - "userIds": [] - }, - { - "benchmarkId": "Windows_10_STIG_TEST", - "userIds": [] - } - ], - "collectionId": "21" - }, - { - "assetId": "42", - "name": "Collection_X_lvl1_asset-1", - "fqdn": null, - "description": "", - "ip": "", - "labelIds": [ - "755b8a28-9a68-11ec-b1bc-0242ac110002", - "5130dc84-9a68-11ec-b1bc-0242ac110002" - ], - "mac": null, - "noncomputing": true, - "metadata": { - "testkey": "testvalue" - }, - "stigGrants": [ - { - "benchmarkId": "VPN_SRG_TEST", - "userIds": [ - "85" - ] - }, - { - "benchmarkId": "Windows_10_STIG_TEST", - "userIds": [ - "86" - ] - } - ], - "collectionId": "21" - }, - { - "assetId": "154", - "name": "Collection_X_lvl1_asset-2", - "fqdn": null, - "description": "", - "ip": "", - "labelIds": [], - "mac": null, - "noncomputing": false, - "metadata": {}, - "stigGrants": [ - { - "benchmarkId": "VPN_SRG_TEST", - "userIds": [ - "85" - ] - }, - { - "benchmarkId": "Windows_10_STIG_TEST", - "userIds": [] - } - ], - "collectionId": "21" - }, - { - "assetId": "240", - "name": "Collection_Y_asset-noGrants", - "fqdn": null, - "description": "", - "ip": "", - "labelIds": [], - "mac": null, - "noncomputing": false, - "metadata": {}, - "stigGrants": [ - { - "benchmarkId": "VPN_SRG_TEST", - "userIds": [] - } - ], - "collectionId": "83" - }, - { - "assetId": "153", - "name": "Collection_Y_lvl_1_asset-1", - "fqdn": null, - "description": "", - "ip": "", - "labelIds": [], - "mac": null, - "noncomputing": false, - "metadata": {}, - "stigGrants": [ - { - "benchmarkId": "VPN_SRG_TEST", - "userIds": [] - } - ], - "collectionId": "83" - }, - { - "assetId": "38", - "name": "FOMALHAUT", - "fqdn": null, - "description": "", - "ip": "10.0.0.27", - "labelIds": [], - "mac": null, - "noncomputing": false, - "metadata": {}, - "stigGrants": [ - { - "benchmarkId": "VPN_SRG_TEST", - "userIds": [ - "85" - ] - } - ], - "collectionId": "1" - }, - { - "assetId": "246", - "name": "tesetest", - "fqdn": null, - "description": "", - "ip": "", - "labelIds": [], - "mac": null, - "noncomputing": false, - "metadata": {}, - "stigGrants": [], - "collectionId": "92" - }, - { - "assetId": "241", - "name": "test asset POST stigmanadmin", - "fqdn": null, - "description": "test desc", - "ip": "1.1.1.1", - "labelIds": [], - "mac": null, - "noncomputing": true, - "metadata": {}, - "stigGrants": [ - { - "benchmarkId": "VPN_SRG_TEST", - "userIds": [] - }, - { - "benchmarkId": "Windows_10_STIG_TEST", - "userIds": [] - } - ], - "collectionId": "1" - }, - { - "assetId": "34", - "name": "test asset stigmanadmin", - "fqdn": null, - "description": "test desc", - "ip": "1.1.1.1", - "labelIds": [], - "mac": null, - "noncomputing": true, - "metadata": {}, - "stigGrants": [ - { - "benchmarkId": "RHEL_7_STIG_TEST", - "userIds": [] - }, - { - "benchmarkId": "VPN_SRG_TEST", - "userIds": [] - }, - { - "benchmarkId": "Windows_10_STIG_TEST", - "userIds": [] - } - ], - "collectionId": "1" - }, - { - "assetId": "242", - "name": "testasset", - "fqdn": null, - "description": "", - "ip": "", - "labelIds": [], - "mac": null, - "noncomputing": false, - "metadata": {}, - "stigGrants": [], - "collectionId": "85" - }, - { - "assetId": "245", - "name": "testasset", - "fqdn": null, - "description": "test desc", - "ip": "", - "labelIds": [], - "mac": null, - "noncomputing": false, - "metadata": {}, - "stigGrants": [], - "collectionId": "92" - }, - { - "assetId": "243", - "name": "testasset111", - "fqdn": null, - "description": "", - "ip": "", - "labelIds": [], - "mac": null, - "noncomputing": false, - "metadata": {}, - "stigGrants": [], - "collectionId": "85" - }, - { - "assetId": "244", - "name": "wat", - "fqdn": null, - "description": "", - "ip": "", - "labelIds": [], - "mac": null, - "noncomputing": false, - "metadata": {}, - "stigGrants": [], - "collectionId": "85" - } - ], - "reviews": [ - { - "assetId": "42", - "ruleId": "SV-106179r1_rule", - "result": "pass", - "detail": "test\nvisible to lvl1", - "autoResult": false, - "comment": "idk", - "userId": "1", - "ts": "2021-07-16T03:34:02Z", - "touchTs": "2021-07-16T03:34:02Z", - "status": { - "ts": "2021-07-16T03:34:02Z", - "text": null, - "label": "submitted", - "userId": "1" - }, - "metadata": { - "testkey": "testvalue" - }, - "history": [ - { - "ts": "2020-08-11T23:37:45Z", - "detail": "test\nvisible to lvl1", - "result": "pass", - "status": { - "ts": "2020-08-11T23:37:45Z", - "text": null, - "label": "submitted", - "userId": "1" - }, - "userId": "1", - "comment": null, - "touchTs": "2020-08-11T23:37:45Z", - "autoResult": false - }, - { - "ts": "2020-08-11T23:37:45Z", - "detail": "test\nvisible to lvl1", - "result": "pass", - "status": { - "ts": "2020-08-11T23:37:45Z", - "text": null, - "label": "saved", - "userId": "87" - }, - "userId": "1", - "comment": null, - "touchTs": "2020-08-11T23:37:45Z", - "autoResult": false - } - ] - }, - { - "assetId": "42", - "ruleId": "SV-106181r1_rule", - "result": "notapplicable", - "detail": "test\nvisible to lvl1\nhas history", - "autoResult": false, - "comment": "", - "userId": "87", - "ts": "2022-02-03T00:07:05Z", - "touchTs": "2022-02-03T00:07:07Z", - "status": { - "ts": "2022-02-03T00:07:07Z", - "text": null, - "label": "submitted", - "userId": "87" - }, - "metadata": {}, - "history": [ - { - "ts": "2020-08-11T22:26:50Z", - "detail": "test\nvisible to lvl1", - "result": "notapplicable", - "status": { - "ts": "2020-08-11T22:26:50Z", - "text": null, - "label": "submitted", - "userId": "1" - }, - "userId": "1", - "comment": null, - "touchTs": "2020-08-11T22:26:50Z", - "autoResult": false - }, - { - "ts": "2020-08-11T22:26:50Z", - "detail": "test\nvisible to lvl1", - "result": "notapplicable", - "status": { - "ts": "2020-08-11T22:26:50Z", - "text": null, - "label": "saved", - "userId": "87" - }, - "userId": "1", - "comment": null, - "touchTs": "2020-08-11T22:26:50Z", - "autoResult": false - }, - { - "ts": "2022-02-03T00:07:05Z", - "detail": "test\nvisible to lvl1\nhas history", - "result": "notapplicable", - "status": { - "ts": "2022-02-03T00:07:05Z", - "text": null, - "label": "saved", - "userId": "87" - }, - "userId": "87", - "comment": "", - "touchTs": "2022-02-03T00:07:05Z", - "autoResult": false - } - ] - }, - { - "assetId": "42", - "ruleId": "SV-106183r1_rule", - "result": "fail", - "detail": "test\nvisible to lvl1", - "autoResult": false, - "comment": "test\nvisible to lvl1", - "userId": "1", - "ts": "2020-08-11T22:27:26Z", - "touchTs": "2020-08-11T22:27:26Z", - "status": { - "ts": "2020-08-11T22:27:26Z", - "text": null, - "label": "submitted", - "userId": "1" - }, - "metadata": {}, - "history": [] - }, - { - "assetId": "42", - "ruleId": "SV-106185r1_rule", - "result": "fail", - "detail": "test\nvisible to lvl1", - "autoResult": false, - "comment": "test\nvisible to lvl1", - "userId": "1", - "ts": "2020-08-11T22:28:27Z", - "touchTs": "2020-08-11T22:28:27Z", - "status": { - "ts": "2020-08-11T22:28:27Z", - "text": null, - "label": "submitted", - "userId": "1" - }, - "metadata": {}, - "history": [] - }, - { - "assetId": "42", - "ruleId": "SV-106187r1_rule", - "result": "fail", - "detail": "test\nvisible to lvl1", - "autoResult": false, - "comment": "test\nvisible to lvl1", - "userId": "1", - "ts": "2020-08-11T22:28:17Z", - "touchTs": "2020-08-11T22:28:17Z", - "status": { - "ts": "2020-08-11T22:28:17Z", - "text": null, - "label": "submitted", - "userId": "1" - }, - "metadata": {}, - "history": [] - }, - { - "assetId": "42", - "ruleId": "SV-106189r1_rule", - "result": "pass", - "detail": "test\nvisible to lvl1\nunbumitted\n", - "autoResult": false, - "comment": null, - "userId": "1", - "ts": "2020-08-11T22:28:42Z", - "touchTs": "2020-08-11T22:28:42Z", - "status": { - "ts": "2020-08-11T22:28:42Z", - "text": null, - "label": "saved", - "userId": "1" - }, - "metadata": {}, - "history": [] - }, - { - "assetId": "42", - "ruleId": "SV-77809r3_rule", - "result": "pass", - "detail": "test\nvisible to lvl2 and above", - "autoResult": false, - "comment": null, - "userId": "1", - "ts": "2020-08-11T22:29:16Z", - "touchTs": "2020-08-11T22:29:16Z", - "status": { - "ts": "2020-08-11T22:29:16Z", - "text": null, - "label": "saved", - "userId": "1" - }, - "metadata": {}, - "history": [] - }, - { - "assetId": "42", - "ruleId": "SV-77811r1_rule", - "result": "pass", - "detail": "test\nvisible to lvl2 and above", - "autoResult": false, - "comment": null, - "userId": "1", - "ts": "2020-08-11T22:29:30Z", - "touchTs": "2020-08-11T22:29:30Z", - "status": { - "ts": "2020-08-11T22:29:30Z", - "text": null, - "label": "submitted", - "userId": "1" - }, - "metadata": {}, - "history": [] - }, - { - "assetId": "42", - "ruleId": "SV-77813r6_rule", - "result": "fail", - "detail": "test\nlvl2", - "autoResult": false, - "comment": "test\nlvl2", - "userId": "1", - "ts": "2020-08-18T20:48:29Z", - "touchTs": "2020-08-18T20:48:29Z", - "status": { - "ts": "2020-08-18T20:48:29Z", - "text": null, - "label": "submitted", - "userId": "1" - }, - "metadata": {}, - "history": [] - }, - { - "assetId": "62", - "ruleId": "SV-106179r1_rule", - "result": "notapplicable", - "detail": "test\nvisible to lvl1", - "autoResult": false, - "comment": "", - "userId": "87", - "ts": "2022-01-26T01:23:06Z", - "touchTs": "2022-01-26T01:23:06Z", - "status": { - "ts": "2022-01-26T01:23:06Z", - "text": null, - "label": "submitted", - "userId": "87" - }, - "metadata": {}, - "history": [] - }, - { - "assetId": "62", - "ruleId": "SV-106181r1_rule", - "result": "notapplicable", - "detail": "test\nvisible to lvl1", - "autoResult": false, - "comment": null, - "userId": "1", - "ts": "2020-08-11T23:37:48Z", - "touchTs": "2020-08-11T23:37:48Z", - "status": { - "ts": "2020-08-11T23:37:48Z", - "text": null, - "label": "submitted", - "userId": "1" - }, - "metadata": {}, - "history": [] - }, - { - "assetId": "62", - "ruleId": "SV-106183r1_rule", - "result": "fail", - "detail": "test\nvisible to lvl1", - "autoResult": false, - "comment": null, - "userId": "1", - "ts": "2020-08-11T23:37:53Z", - "touchTs": "2020-08-11T23:37:53Z", - "status": { - "ts": "2020-08-11T23:37:53Z", - "text": null, - "label": "saved", - "userId": "1" - }, - "metadata": {}, - "history": [] - }, - { - "assetId": "153", - "ruleId": "SV-106179r1_rule", - "result": "pass", - "detail": "test\nvisible to lvl1", - "autoResult": false, - "comment": null, - "userId": "1", - "ts": "2020-08-18T02:22:56Z", - "touchTs": "2020-08-18T02:22:56Z", - "status": { - "ts": "2020-08-18T02:22:56Z", - "text": null, - "label": "submitted", - "userId": "1" - }, - "metadata": {}, - "history": [] - }, - { - "assetId": "154", - "ruleId": "SV-106179r1_rule", - "result": "pass", - "detail": "test\nvisible to lvl1\nhas history", - "autoResult": false, - "comment": "", - "userId": "87", - "ts": "2022-02-02T20:20:18Z", - "touchTs": "2022-02-02T20:20:18Z", - "status": { - "ts": "2022-02-02T20:20:18Z", - "text": null, - "label": "submitted", - "userId": "87" - }, - "metadata": {}, - "history": [ - { - "ts": "2020-08-11T22:30:38Z", - "detail": "test\nvisible to lvl1", - "result": "pass", - "status": { - "ts": "2020-08-11T22:30:38Z", - "text": null, - "label": "submitted", - "userId": "1" - }, - "userId": "1", - "comment": null, - "touchTs": "2020-08-11T22:30:38Z", - "autoResult": false - }, - { - "ts": "2020-08-11T22:30:38Z", - "detail": "test\nvisible to lvl1", - "result": "pass", - "status": { - "ts": "2020-08-11T22:30:38Z", - "text": null, - "label": "saved", - "userId": "87" - }, - "userId": "1", - "comment": null, - "touchTs": "2020-08-11T22:30:38Z", - "autoResult": false - } - ] - }, - { - "assetId": "154", - "ruleId": "SV-106181r1_rule", - "result": "notapplicable", - "detail": "test\nvisible to lvl1", - "autoResult": false, - "comment": null, - "userId": "1", - "ts": "2020-08-11T22:30:42Z", - "touchTs": "2020-08-11T22:30:42Z", - "status": { - "ts": "2020-08-11T22:30:42Z", - "text": null, - "label": "submitted", - "userId": "1" - }, - "metadata": {}, - "history": [] - }, - { - "assetId": "154", - "ruleId": "SV-106183r1_rule", - "result": "fail", - "detail": "test\nvisible to lvl1", - "autoResult": false, - "comment": null, - "userId": "1", - "ts": "2020-08-11T22:30:51Z", - "touchTs": "2020-08-11T22:30:51Z", - "status": { - "ts": "2020-08-11T22:30:51Z", - "text": null, - "label": "saved", - "userId": "1" - }, - "metadata": {}, - "history": [] - }, - { - "assetId": "154", - "ruleId": "SV-106185r1_rule", - "result": "fail", - "detail": "test\nvisible to lvl1", - "autoResult": false, - "comment": null, - "userId": "1", - "ts": "2020-08-11T22:30:55Z", - "touchTs": "2020-08-11T22:30:55Z", - "status": { - "ts": "2020-08-11T22:30:55Z", - "text": null, - "label": "saved", - "userId": "1" - }, - "metadata": {}, - "history": [] - }, - { - "assetId": "154", - "ruleId": "SV-106187r1_rule", - "result": "fail", - "detail": "test\nvisible to lvl1", - "autoResult": false, - "comment": null, - "userId": "1", - "ts": "2020-08-11T22:31:11Z", - "touchTs": "2020-08-11T22:31:11Z", - "status": { - "ts": "2020-08-11T22:31:11Z", - "text": null, - "label": "saved", - "userId": "1" - }, - "metadata": {}, - "history": [] - }, - { - "assetId": "240", - "ruleId": "SV-106179r1_rule", - "result": "pass", - "detail": "test\nno one but admin users should see this.", - "autoResult": false, - "comment": null, - "userId": "1", - "ts": "2020-08-18T02:22:23Z", - "touchTs": "2020-08-18T02:22:23Z", - "status": { - "ts": "2020-08-18T02:22:23Z", - "text": null, - "label": "saved", - "userId": "1" - }, - "metadata": {}, - "history": [] - } - ] -} \ No newline at end of file diff --git a/test/api/form-data-files/appdata.jsonl b/test/api/form-data-files/appdata.jsonl new file mode 100644 index 000000000..a9ef34f1a --- /dev/null +++ b/test/api/form-data-files/appdata.jsonl @@ -0,0 +1,123 @@ +{"version":"1.4.13","commit":{"branch":"na","sha":"na","tag":"na","describe":"na"},"date":"2024-08-21T17:41:55.181Z","lastMigration":34} +{"tables":[{"table":"asset","rowCount":14},{"table":"check_content","rowCount":615},{"table":"collection","rowCount":7},{"table":"collection_grant","rowCount":22},{"table":"collection_label","rowCount":3},{"table":"collection_label_asset_map","rowCount":3},{"table":"collection_rev_map","rowCount":0},{"table":"current_rev","rowCount":4},{"table":"default_rev","rowCount":6},{"table":"fix_text","rowCount":615},{"table":"rev_group_rule_cci_map","rowCount":925},{"table":"rev_group_rule_map","rowCount":699},{"table":"review","rowCount":19},{"table":"review_history","rowCount":7},{"table":"revision","rowCount":5},{"table":"rule_version_check_digest","rowCount":619},{"table":"severity_cat_map","rowCount":0},{"table":"stig","rowCount":4},{"table":"stig_asset_map","rowCount":14},{"table":"user_data","rowCount":10},{"table":"user_stig_asset_map","rowCount":4}],"totalRows":3595,"collections":["Collection X","Collection Y","Collection Z put","delete Collection Admin","delete Collection lvl4","delete Collection NONE","test Collection"]} +{"table":"asset","columns":"`assetId`,`collectionId`,`description`,`fqdn`,`ip`,`mac`,`metadata`,`name`,`noncomputing`,`state`,`stateDate`,`stateUserId`","rowCount":14} +[29,21,"",null,"10.0.0.18",null,"{}","ACHERNAR_Collection_X_asset",false,"enabled",null,null] +[34,1,"test desc",null,"1.1.1.1",null,"{}","test asset stigmanadmin",true,"enabled",null,null] +[38,1,"",null,"10.0.0.27",null,"{}","FOMALHAUT",false,"enabled",null,null] +[42,21,"",null,"",null,"{\"testkey\": \"testvalue\"}","Collection_X_lvl1_asset-1",true,"enabled",null,null] +[62,21,"",null,"10.1.1.1",null,"{}","Collection_X_asset",false,"enabled",null,null] +[153,83,"",null,"",null,"{}","Collection_Y_lvl_1_asset-1",false,"enabled",null,null] +[154,21,"",null,"",null,"{}","Collection_X_lvl1_asset-2",false,"enabled",null,null] +[240,83,"",null,"",null,"{}","Collection_Y_asset-noGrants",false,"enabled",null,null] +[241,1,"test desc",null,"1.1.1.1",null,"{}","test asset POST stigmanadmin",true,"enabled",null,null] +[242,85,"",null,"",null,"{}","testasset",false,"enabled",null,null] +[243,85,"",null,"",null,"{}","testasset111",false,"enabled",null,null] +[244,85,"",null,"",null,"{}","wat",false,"enabled",null,null] +[245,92,"test desc",null,"",null,"{}","testasset",false,"enabled",null,null] +[246,92,"",null,"",null,"{}","tesetest",false,"enabled",null,null] +{"table":"collection","columns":"`collectionId`,`created`,`createdUserId`,`description`,`metadata`,`name`,`settings`,`state`,`stateDate`,`stateUserId`","rowCount":7} +[1,"2024-08-21 17:37:40",null,null,"{\"reqRar\": \"true\", \"pocName\": \"poc2Put\", \"pocEmail\": \"pocEmailPut@email.com\", \"pocPhone\": \"12342\"}","Collection Z put","{\"fields\": {\"detail\": {\"enabled\": \"always\", \"required\": \"always\"}, \"comment\": {\"enabled\": \"findings\", \"required\": \"findings\"}}, \"status\": {\"canAccept\": true, \"resetCriteria\": \"result\", \"minAcceptGrant\": 3}}","enabled",null,null] +[21,"2024-08-21 17:37:40",null,null,"{\"reqRar\": \"true\", \"pocName\": \"poc2Patched\", \"pocEmail\": \"pocEmail@email.com\", \"pocPhone\": \"12342\"}","Collection X","{\"fields\": {\"detail\": {\"enabled\": \"always\", \"required\": \"always\"}, \"comment\": {\"enabled\": \"always\", \"required\": \"findings\"}}, \"status\": {\"canAccept\": true, \"resetCriteria\": \"result\", \"minAcceptGrant\": 3}}","enabled",null,null] +[83,"2024-08-21 17:37:40",null,null,"{\"reqRar\": \"true\", \"pocName\": \"string\", \"pocEmail\": \"string\", \"pocPhone\": \"string\"}","Collection Y","{\"fields\": {\"detail\": {\"enabled\": \"always\", \"required\": \"always\"}, \"comment\": {\"enabled\": \"findings\", \"required\": \"findings\"}}, \"status\": {\"canAccept\": true, \"resetCriteria\": \"result\", \"minAcceptGrant\": 3}}","enabled",null,null] +[84,"2024-08-21 17:37:40",null,null,"{}","delete Collection Admin","{\"fields\": {\"detail\": {\"enabled\": \"always\", \"required\": \"always\"}, \"comment\": {\"enabled\": \"findings\", \"required\": \"findings\"}}, \"status\": {\"canAccept\": true, \"resetCriteria\": \"result\", \"minAcceptGrant\": 3}}","enabled",null,null] +[85,"2024-08-21 17:37:40",null,null,"{}","delete Collection lvl4","{\"fields\": {\"detail\": {\"enabled\": \"always\", \"required\": \"always\"}, \"comment\": {\"enabled\": \"findings\", \"required\": \"findings\"}}, \"status\": {\"canAccept\": true, \"resetCriteria\": \"result\", \"minAcceptGrant\": 3}}","enabled",null,null] +[86,"2024-08-21 17:37:40",null,null,"{}","delete Collection NONE","{\"fields\": {\"detail\": {\"enabled\": \"always\", \"required\": \"always\"}, \"comment\": {\"enabled\": \"findings\", \"required\": \"findings\"}}, \"status\": {\"canAccept\": true, \"resetCriteria\": \"result\", \"minAcceptGrant\": 3}}","enabled",null,null] +[92,"2024-08-21 17:37:40",null,null,"{}","test Collection","{\"fields\": {\"detail\": {\"enabled\": \"always\", \"required\": \"always\"}, \"comment\": {\"enabled\": \"findings\", \"required\": \"findings\"}}, \"status\": {\"canAccept\": true, \"resetCriteria\": \"result\", \"minAcceptGrant\": 3}}","enabled",null,null] +{"table":"collection_grant","columns":"`accessLevel`,`cgId`,`collectionId`,`userId`","rowCount":22} +[1,1,21,86] +[1,2,21,85] +[2,3,21,21] +[3,4,21,44] +[4,5,21,87] +[4,6,21,1] +[4,7,21,45] +[4,8,83,87] +[4,9,83,1] +[1,10,1,86] +[2,11,1,21] +[3,12,1,44] +[4,13,1,87] +[4,14,1,45] +[4,15,1,1] +[4,16,84,87] +[4,17,84,1] +[4,18,85,87] +[4,19,85,1] +[4,20,85,45] +[4,21,92,87] +[4,22,92,1] +{"table":"collection_label","columns":"`clId`,`collectionId`,`color`,`description`,`name`,`uuid`","rowCount":3} +[1,21,"FF99CC","","test-label-full",{"type":"Buffer","data":"base64:EeyaaHVbiiixvAJCrBEAAg=="}] +[2,21,"99CCFF","","test-label-lvl1",{"type":"Buffer","data":"base64:EeyaaFEw3ISxvAJCrBEAAg=="}] +[3,1,"99CCFF","scrap label","scrapLabel",{"type":"Buffer","data":"base64:EeygA99OaDaxvAJCrBEAAg=="}] +{"table":"collection_label_asset_map","columns":"`assetId`,`claId`,`clId`","rowCount":3} +[42,2,1] +[42,3,2] +[62,1,1] +{"table":"collection_rev_map","columns":"`benchmarkId`,`collectionId`,`crId`,`revId`","rowCount":0} +{"table":"default_rev","columns":"`benchmarkId`,`collectionId`,`revId`,`revisionPinned`,`vdId`","rowCount":6} +["RHEL_7_STIG_TEST",1,"RHEL_7_STIG_TEST-3-0.3",0,1] +["VPN_SRG_TEST",1,"VPN_SRG_TEST-1-1",0,2] +["VPN_SRG_TEST",21,"VPN_SRG_TEST-1-1",0,3] +["VPN_SRG_TEST",83,"VPN_SRG_TEST-1-1",0,4] +["Windows_10_STIG_TEST",1,"Windows_10_STIG_TEST-1-23",0,5] +["Windows_10_STIG_TEST",21,"Windows_10_STIG_TEST-1-23",0,6] +{"table":"review","columns":"`assetId`,`autoResult`,`checkDigest`,`comment`,`detail`,`metadata`,`resultEngine`,`resultId`,`reviewId`,`ruleId`,`statusId`,`statusText`,`statusTs`,`statusUserId`,`ts`,`userId`,`version`","rowCount":19} +[42,false,{"type":"Buffer","data":"base64:rCuitvLqBnVZ+8TF3loLSztzss5pqPttV4Q+TQkZtbM="},"idk","test\nvisible to lvl1","{\"testkey\": \"testvalue\"}",null,3,1,"SV-106179r1_rule",1,null,"2021-07-16 03:34:02",1,"2021-07-16 03:34:02",1,"SRG-NET-000019-VPN-000040"] +[42,false,{"type":"Buffer","data":"base64:slm2UFIqnUUPyOpfIcsxSew4LGvsTesU9C6Ju5XJ3mw="},"","test\nvisible to lvl1\nhas history","{}",null,2,2,"SV-106181r1_rule",1,null,"2022-02-03 00:07:07",87,"2022-02-03 00:07:05",87,"SRG-NET-000041-VPN-000110"] +[42,false,{"type":"Buffer","data":"base64:jc6QW12gqdTKEPqvls4bilVyDJExcCoSskTVyO0VtC8="},"test\nvisible to lvl1","test\nvisible to lvl1","{}",null,4,3,"SV-106183r1_rule",1,null,"2020-08-11 22:27:26",1,"2020-08-11 22:27:26",1,"SRG-NET-000042-VPN-000120"] +[42,false,{"type":"Buffer","data":"base64:4cT/S3JRnRG1/bjkxCCl0FvJ2jFBPQxR6xd/ho3iPwU="},"test\nvisible to lvl1","test\nvisible to lvl1","{}",null,4,4,"SV-106185r1_rule",1,null,"2020-08-11 22:28:27",1,"2020-08-11 22:28:27",1,"SRG-NET-000043-VPN-000130"] +[42,false,{"type":"Buffer","data":"base64:IdemsTDQGwPd7bokQxIIvpGCFpuH2a0LMkx43UGqWUA="},"test\nvisible to lvl1","test\nvisible to lvl1","{}",null,4,5,"SV-106187r1_rule",1,null,"2020-08-11 22:28:17",1,"2020-08-11 22:28:17",1,"SRG-NET-000049-VPN-000150"] +[42,false,{"type":"Buffer","data":"base64:aVWTWelue2vPX4PPQhsVdenoG0JoZrePs1txZu8Tn9w="},null,"test\nvisible to lvl1\nunbumitted\n","{}",null,3,6,"SV-106189r1_rule",0,null,"2020-08-11 22:28:42",1,"2020-08-11 22:28:42",1,"SRG-NET-000053-VPN-000170"] +[42,false,{"type":"Buffer","data":"base64:vchgPhpapNXqH1070giShdvTrztio49eNJBWV74F3HU="},null,"test\nvisible to lvl2 and above","{}",null,3,7,"SV-77809r3_rule",0,null,"2020-08-11 22:29:16",1,"2020-08-11 22:29:16",1,"WN10-00-000005"] +[42,false,{"type":"Buffer","data":"base64:kaQFP+qv+/U0A5jz+BdWIpTTdtyktf1MP4WKqmlH3c4="},null,"test\nvisible to lvl2 and above","{}",null,3,8,"SV-77811r1_rule",1,null,"2020-08-11 22:29:30",1,"2020-08-11 22:29:30",1,"WN10-CC-000310"] +[42,false,{"type":"Buffer","data":"base64:LSSb1gLDf7uiXzn44Bg4EplFPsBwaprDmRrselWEvyE="},"test\nlvl2","test\nlvl2","{}",null,4,9,"SV-77813r6_rule",1,null,"2020-08-18 20:48:29",1,"2020-08-18 20:48:29",1,"WN10-00-000010"] +[62,false,{"type":"Buffer","data":"base64:rCuitvLqBnVZ+8TF3loLSztzss5pqPttV4Q+TQkZtbM="},"","test\nvisible to lvl1","{}",null,2,10,"SV-106179r1_rule",1,null,"2022-01-26 01:23:06",87,"2022-01-26 01:23:06",87,"SRG-NET-000019-VPN-000040"] +[62,false,{"type":"Buffer","data":"base64:slm2UFIqnUUPyOpfIcsxSew4LGvsTesU9C6Ju5XJ3mw="},null,"test\nvisible to lvl1","{}",null,2,11,"SV-106181r1_rule",1,null,"2020-08-11 23:37:48",1,"2020-08-11 23:37:48",1,"SRG-NET-000041-VPN-000110"] +[62,false,{"type":"Buffer","data":"base64:jc6QW12gqdTKEPqvls4bilVyDJExcCoSskTVyO0VtC8="},null,"test\nvisible to lvl1","{}",null,4,12,"SV-106183r1_rule",0,null,"2020-08-11 23:37:53",1,"2020-08-11 23:37:53",1,"SRG-NET-000042-VPN-000120"] +[153,false,{"type":"Buffer","data":"base64:rCuitvLqBnVZ+8TF3loLSztzss5pqPttV4Q+TQkZtbM="},null,"test\nvisible to lvl1","{}",null,3,13,"SV-106179r1_rule",1,null,"2020-08-18 02:22:56",1,"2020-08-18 02:22:56",1,"SRG-NET-000019-VPN-000040"] +[154,false,{"type":"Buffer","data":"base64:rCuitvLqBnVZ+8TF3loLSztzss5pqPttV4Q+TQkZtbM="},"","test\nvisible to lvl1\nhas history","{}",null,3,14,"SV-106179r1_rule",1,null,"2022-02-02 20:20:18",87,"2022-02-02 20:20:18",87,"SRG-NET-000019-VPN-000040"] +[154,false,{"type":"Buffer","data":"base64:slm2UFIqnUUPyOpfIcsxSew4LGvsTesU9C6Ju5XJ3mw="},null,"test\nvisible to lvl1","{}",null,2,15,"SV-106181r1_rule",1,null,"2020-08-11 22:30:42",1,"2020-08-11 22:30:42",1,"SRG-NET-000041-VPN-000110"] +[154,false,{"type":"Buffer","data":"base64:jc6QW12gqdTKEPqvls4bilVyDJExcCoSskTVyO0VtC8="},null,"test\nvisible to lvl1","{}",null,4,16,"SV-106183r1_rule",0,null,"2020-08-11 22:30:51",1,"2020-08-11 22:30:51",1,"SRG-NET-000042-VPN-000120"] +[154,false,{"type":"Buffer","data":"base64:4cT/S3JRnRG1/bjkxCCl0FvJ2jFBPQxR6xd/ho3iPwU="},null,"test\nvisible to lvl1","{}",null,4,17,"SV-106185r1_rule",0,null,"2020-08-11 22:30:55",1,"2020-08-11 22:30:55",1,"SRG-NET-000043-VPN-000130"] +[154,false,{"type":"Buffer","data":"base64:IdemsTDQGwPd7bokQxIIvpGCFpuH2a0LMkx43UGqWUA="},null,"test\nvisible to lvl1","{}",null,4,18,"SV-106187r1_rule",0,null,"2020-08-11 22:31:11",1,"2020-08-11 22:31:11",1,"SRG-NET-000049-VPN-000150"] +[240,false,{"type":"Buffer","data":"base64:rCuitvLqBnVZ+8TF3loLSztzss5pqPttV4Q+TQkZtbM="},null,"test\nno one but admin users should see this.","{}",null,3,19,"SV-106179r1_rule",0,null,"2020-08-18 02:22:23",1,"2020-08-18 02:22:23",1,"SRG-NET-000019-VPN-000040"] +{"table":"review_history","columns":"`autoResult`,`comment`,`detail`,`historyId`,`resultEngine`,`resultId`,`reviewId`,`ruleId`,`statusId`,`statusText`,`statusTs`,`statusUserId`,`touchTs`,`ts`,`userId`","rowCount":7} +[false,null,"test\nvisible to lvl1",1,null,3,1,"SV-106179r1_rule",1,null,"2020-08-11 23:37:45",1,"2020-08-11 23:37:45","2020-08-11 23:37:45",1] +[false,null,"test\nvisible to lvl1",2,null,3,1,"SV-106179r1_rule",0,null,"2020-08-11 23:37:45",87,"2020-08-11 23:37:45","2020-08-11 23:37:45",1] +[false,null,"test\nvisible to lvl1",3,null,2,2,"SV-106181r1_rule",1,null,"2020-08-11 22:26:50",1,"2020-08-11 22:26:50","2020-08-11 22:26:50",1] +[false,null,"test\nvisible to lvl1",4,null,2,2,"SV-106181r1_rule",0,null,"2020-08-11 22:26:50",87,"2020-08-11 22:26:50","2020-08-11 22:26:50",1] +[false,"","test\nvisible to lvl1\nhas history",5,null,2,2,"SV-106181r1_rule",0,null,"2022-02-03 00:07:05",87,"2022-02-03 00:07:05","2022-02-03 00:07:05",87] +[false,null,"test\nvisible to lvl1",6,null,3,14,"SV-106179r1_rule",1,null,"2020-08-11 22:30:38",1,"2020-08-11 22:30:38","2020-08-11 22:30:38",1] +[false,null,"test\nvisible to lvl1",7,null,3,14,"SV-106179r1_rule",0,null,"2020-08-11 22:30:38",87,"2020-08-11 22:30:38","2020-08-11 22:30:38",1] +{"table":"stig_asset_map","columns":"`accepted`,`acceptedResultEngine`,`assetId`,`benchmarkId`,`error`,`errorResultEngine`,`fail`,`failResultEngine`,`fixed`,`fixedResultEngine`,`highCount`,`informational`,`informationalResultEngine`,`lowCount`,`maxTouchTs`,`maxTs`,`mediumCount`,`minTs`,`notapplicable`,`notapplicableResultEngine`,`notchecked`,`notcheckedResultEngine`,`notselected`,`notselectedResultEngine`,`pass`,`passResultEngine`,`rejected`,`rejectedResultEngine`,`saId`,`saved`,`savedResultEngine`,`submitted`,`submittedResultEngine`,`unknown`,`unknownResultEngine`,`userIds`","rowCount":14} +[0,0,62,"VPN_SRG_TEST",0,0,1,0,0,0,0,0,0,0,"2022-01-26 01:23:06","2022-01-26 01:23:06",1,"2020-08-11 23:37:48",2,0,0,0,0,0,0,0,0,0,1,1,0,2,0,0,0,"[]"] +[0,0,62,"Windows_10_STIG_TEST",0,0,0,0,0,0,0,0,0,0,null,null,0,null,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,"[]"] +[0,0,42,"VPN_SRG_TEST",0,0,3,0,0,0,0,0,0,1,"2022-02-03 00:07:07","2022-02-03 00:07:05",2,"2020-08-11 22:27:26",1,0,0,0,0,0,2,0,0,0,3,1,0,5,0,0,0,"[85]"] +[0,0,42,"Windows_10_STIG_TEST",0,0,1,0,0,0,0,0,0,0,"2020-08-18 20:48:29","2020-08-18 20:48:29",1,"2020-08-11 22:29:16",0,0,0,0,0,0,2,0,0,0,4,1,0,2,0,0,0,"[86]"] +[0,0,154,"VPN_SRG_TEST",0,0,3,0,0,0,0,0,0,1,"2022-02-02 20:20:18","2022-02-02 20:20:18",2,"2020-08-11 22:30:42",1,0,0,0,0,0,1,0,0,0,5,3,0,2,0,0,0,"[85]"] +[0,0,154,"Windows_10_STIG_TEST",0,0,0,0,0,0,0,0,0,0,null,null,0,null,0,0,0,0,0,0,0,0,0,0,6,0,0,0,0,0,0,"[]"] +[0,0,240,"VPN_SRG_TEST",0,0,0,0,0,0,0,0,0,0,"2020-08-18 02:22:23","2020-08-18 02:22:23",0,"2020-08-18 02:22:23",0,0,0,0,0,0,1,0,0,0,7,1,0,0,0,0,0,"[]"] +[0,0,153,"VPN_SRG_TEST",0,0,0,0,0,0,0,0,0,0,"2020-08-18 02:22:56","2020-08-18 02:22:56",0,"2020-08-18 02:22:56",0,0,0,0,0,0,1,0,0,0,8,0,0,1,0,0,0,"[]"] +[0,0,38,"VPN_SRG_TEST",0,0,0,0,0,0,0,0,0,0,null,null,0,null,0,0,0,0,0,0,0,0,0,0,9,0,0,0,0,0,0,"[85]"] +[0,0,241,"VPN_SRG_TEST",0,0,0,0,0,0,0,0,0,0,null,null,0,null,0,0,0,0,0,0,0,0,0,0,10,0,0,0,0,0,0,"[]"] +[0,0,241,"Windows_10_STIG_TEST",0,0,0,0,0,0,0,0,0,0,null,null,0,null,0,0,0,0,0,0,0,0,0,0,11,0,0,0,0,0,0,"[]"] +[0,0,34,"RHEL_7_STIG_TEST",0,0,0,0,0,0,0,0,0,0,null,null,0,null,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,"[]"] +[0,0,34,"VPN_SRG_TEST",0,0,0,0,0,0,0,0,0,0,null,null,0,null,0,0,0,0,0,0,0,0,0,0,13,0,0,0,0,0,0,"[]"] +[0,0,34,"Windows_10_STIG_TEST",0,0,0,0,0,0,0,0,0,0,null,null,0,null,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,"[]"] +{"table":"user_data","columns":"`created`,`lastAccess`,`lastClaims`,`userId`,`username`","rowCount":10} +["2024-08-21 17:37:40",1643160098,"{\"acr\": \"0\", \"aud\": [\"realm-management\", \"account\"], \"azp\": \"stig-manager\", \"exp\": 1670394347, \"iat\": 1605631412, \"iss\": \"http://localhost:8080/auth/realms/stigman\", \"jti\": \"daf8b741-73d1-4eba-96af-f855ab0bd226\", \"sub\": \"eb965d15-aa78-43fc-a2a6-3d86258c1eec\", \"typ\": \"Bearer\", \"nonce\": \"73937be3-4ccc-4fa7-8202-45685523dd2c\", \"scope\": \"openid stig-manager:collection stig-manager:stig:read stig-manager:user:read stig-manager:op stig-manager:user stig-manager:stig\", \"auth_time\": 1605594347, \"realm_access\": {\"roles\": [\"create_collection\", \"admin\", \"user\"]}, \"session_state\": \"5ac2a938-1074-4e6a-8c4b-e83e4e7d763b\", \"email_verified\": false, \"resource_access\": {\"account\": {\"roles\": [\"manage-account\", \"manage-account-links\", \"view-profile\"]}, \"realm-management\": {\"roles\": [\"view-users\", \"query-groups\", \"query-users\"]}}, \"preferred_username\": \"stigmanadmin\"}",1,"stigmanadmin"] +["2024-08-21 17:37:40",1602652507,"{\"acr\": \"1\", \"aud\": \"account\", \"azp\": \"stig-manager\", \"exp\": 1602652806, \"iat\": 1602652506, \"iss\": \"http://localhost:8080/auth/realms/stigman-test\", \"jti\": \"eb5cdbd4-c912-4fc5-a1b8-10cf737d374a\", \"sub\": \"51ea2e76-d3db-43ff-b551-68dfbdf01a38\", \"typ\": \"Bearer\", \"nonce\": \"8fbd4814-621a-4b63-af57-9e62b665a529\", \"scope\": \"openid stig-manager:user:read stig-manager:collection stig-manager:user stig-manager:op stig-manager:stig stig-manager:stig:read email profile\", \"auth_time\": 1602652506, \"realm_access\": {\"roles\": [\"user\"]}, \"session_state\": \"d5a18452-599d-4a50-af6f-75fb3808f2e9\", \"email_verified\": false, \"allowed-origins\": [\"*\"], \"resource_access\": {\"account\": {\"roles\": [\"manage-account\", \"manage-account-links\", \"view-profile\"]}}, \"preferred_username\": \"lvl2\"}",21,"lvl2"] +["2024-08-21 17:37:40",null,"{}",22,"wf-test"] +["2024-08-21 17:37:40",null,"{}",43,"workforce-60"] +["2024-08-21 17:37:40",1602652565,"{\"acr\": \"1\", \"aud\": \"account\", \"azp\": \"stig-manager\", \"exp\": 1602652864, \"iat\": 1602652564, \"iss\": \"http://localhost:8080/auth/realms/stigman-test\", \"jti\": \"72163a5a-9599-4942-92c0-347d3c00d7fb\", \"sub\": \"dea1961a-b597-49d1-8b80-a443ec30c7c7\", \"typ\": \"Bearer\", \"nonce\": \"709a0a0a-9d85-4e31-8266-99b7a306e17c\", \"scope\": \"openid stig-manager:user:read stig-manager:collection stig-manager:user stig-manager:op stig-manager:stig stig-manager:stig:read email profile\", \"auth_time\": 1602652564, \"realm_access\": {\"roles\": [\"user\"]}, \"session_state\": \"bcf64712-4b8d-4e42-86c9-d173a363e4d5\", \"email_verified\": false, \"allowed-origins\": [\"*\"], \"resource_access\": {\"account\": {\"roles\": [\"manage-account\", \"manage-account-links\", \"view-profile\"]}}, \"preferred_username\": \"lvl3\"}",44,"lvl3"] +["2024-08-21 17:37:40",1602652573,"{\"acr\": \"1\", \"aud\": \"account\", \"azp\": \"stig-manager\", \"exp\": 1602652872, \"iat\": 1602652572, \"iss\": \"http://localhost:8080/auth/realms/stigman-test\", \"jti\": \"b8cd924e-432b-4072-bf1c-425386981cd5\", \"sub\": \"1045da76-d100-4093-b4ac-d520e34e0bf9\", \"typ\": \"Bearer\", \"nonce\": \"33f857b8-2d55-4ec9-8078-0aed9edda98e\", \"scope\": \"openid stig-manager:user:read stig-manager:collection stig-manager:user stig-manager:op stig-manager:stig stig-manager:stig:read email profile\", \"auth_time\": 1602652572, \"realm_access\": {\"roles\": [\"user\"]}, \"session_state\": \"6c15ffa5-ccf3-4cc7-b187-cf6117ada3d1\", \"email_verified\": false, \"allowed-origins\": [\"*\"], \"resource_access\": {\"account\": {\"roles\": [\"manage-account\", \"manage-account-links\", \"view-profile\"]}}, \"preferred_username\": \"lvl4\"}",45,"lvl4"] +["2024-08-21 17:37:40",1602652554,"{\"acr\": \"1\", \"aud\": \"account\", \"azp\": \"stig-manager\", \"exp\": 1602652854, \"iat\": 1602652554, \"iss\": \"http://localhost:8080/auth/realms/stigman-test\", \"jti\": \"dba7eae1-8a6b-4335-ae34-93097a78c948\", \"sub\": \"0afa914a-cdbb-4edb-baca-3a664dc20cd0\", \"typ\": \"Bearer\", \"nonce\": \"5337bda6-559e-4823-8764-488337bd390f\", \"scope\": \"openid stig-manager:user:read stig-manager:collection stig-manager:user stig-manager:op stig-manager:stig stig-manager:stig:read email profile\", \"auth_time\": 1602652553, \"realm_access\": {\"roles\": [\"create_collection\", \"user\"]}, \"session_state\": \"69ed7f9b-1858-4af3-b909-7b9120c08878\", \"email_verified\": false, \"allowed-origins\": [\"*\"], \"resource_access\": {\"account\": {\"roles\": [\"manage-account\", \"manage-account-links\", \"view-profile\"]}}, \"preferred_username\": \"collectioncreator\"}",82,"collectioncreator"] +["2024-08-21 17:37:40",1602652493,"{\"acr\": \"1\", \"aud\": \"account\", \"azp\": \"stig-manager\", \"exp\": 1602652792, \"iat\": 1602652492, \"iss\": \"http://localhost:8080/auth/realms/stigman-test\", \"jti\": \"64ea09c4-e9fd-423c-b447-aff38d38f04e\", \"sub\": \"757dd598-d9d8-4c0b-8811-ec7f40925986\", \"typ\": \"Bearer\", \"nonce\": \"48fe2aae-66f8-4188-8af3-419129aa02e6\", \"scope\": \"openid stig-manager:user:read stig-manager:collection stig-manager:user stig-manager:op stig-manager:stig stig-manager:stig:read email profile\", \"auth_time\": 1602652492, \"realm_access\": {\"roles\": [\"user\"]}, \"session_state\": \"cbf87935-3521-4c5d-a22e-d8dd9e60e5e3\", \"email_verified\": false, \"allowed-origins\": [\"*\"], \"resource_access\": {\"account\": {\"roles\": [\"manage-account\", \"manage-account-links\", \"view-profile\"]}}, \"preferred_username\": \"lvl1\"}",85,"lvl1"] +["2024-08-21 17:37:40",null,"{}",86,"bizarroLvl1"] +["2024-08-21 17:37:40",1724262111,"{\"aud\": \"realm-management\", \"azp\": \"stig-manager\", \"exp\": 1724280111, \"iat\": 1724262111, \"iss\": \"https://trinity.localdomain/kc/realms/stigman\", \"jti\": \"a7699ea3-ae85-40b2-a904-d3307265f24a\", \"sid\": \"3621751b-d785-4c43-8178-2c150f8291a3\", \"sub\": \"bf87a16f-39e6-46d9-8971-f0ef51dd3f85\", \"typ\": \"Bearer\", \"name\": \"Admin Burke\", \"nonce\": \"08a8febf-2fd7-4c67-ab2b-de0e8d2cde6d\", \"scope\": \"stig-manager:collection stig-manager:stig:read stig-manager:user:read stig-manager:op stig-manager:user stig-manager:stig\", \"auth_time\": 1723559545, \"given_name\": \"Admin\", \"family_name\": \"Burke\", \"realm_access\": {\"roles\": [\"create_collection\", \"admin\", \"user\"]}, \"session_state\": \"3621751b-d785-4c43-8178-2c150f8291a3\", \"resource_access\": {\"realm-management\": {\"roles\": [\"view-users\", \"query-groups\", \"query-users\"]}}, \"preferred_username\": \"admin\"}",87,"admin"] +{"table":"user_stig_asset_map","columns":"`id`,`saId`,`userId`","rowCount":4} +[1,3,85] +[2,4,86] +[3,5,85] +[4,9,85] diff --git a/test/api/form-data-files/batch-test-data.json b/test/api/form-data-files/batch-test-data.json deleted file mode 100644 index 38bb8554a..000000000 --- a/test/api/form-data-files/batch-test-data.json +++ /dev/null @@ -1,1020 +0,0 @@ -{ - "users": [ - { - "userId": "87", - "username": "admin", - "email": null, - "displayName": "Admin Burke", - "statistics": { - "created": "2022-10-30T20:36:14Z", - "lastAccess": 1667162177, - "lastClaims": { - "acr": "0", - "aud": "realm-management", - "azp": "stig-manager", - "exp": 1667162455, - "iat": 1667162155, - "iss": "http://localhost:8080/auth/realms/stigman", - "jti": "2de50969-5698-4186-b58e-beade662108a", - "sid": "b219cbeb-692c-4e1b-86d3-262792db56ab", - "sub": "bf87a16f-39e6-46d9-8971-f0ef51dd3f85", - "typ": "Bearer", - "name": "Admin Burke", - "nonce": "d2a47c8f-f703-499e-882d-50041ce5d7ae", - "scope": "openid stig-manager:collection stig-manager:stig:read stig-manager:user:read stig-manager:op stig-manager:user stig-manager:stig", - "auth_time": 1667155065, - "given_name": "Admin", - "family_name": "Burke", - "realm_access": { - "roles": [ - "create_collection", - "admin", - "user" - ] - }, - "session_state": "b219cbeb-692c-4e1b-86d3-262792db56ab", - "resource_access": { - "realm-management": { - "roles": [ - "view-users", - "query-groups", - "query-users" - ] - } - }, - "preferred_username": "admin" - }, - "collectionGrantCount": 6 - } - }, - { - "userId": "86", - "username": "bizarroLvl1", - "email": null, - "displayName": "bizarroLvl1", - "statistics": { - "created": "2022-10-30T20:36:14Z", - "lastAccess": null, - "lastClaims": {}, - "collectionGrantCount": 2 - } - }, - { - "userId": "82", - "username": "collectioncreator", - "email": null, - "displayName": "collectioncreator", - "statistics": { - "created": "2022-10-30T20:36:14Z", - "lastAccess": 1602652554, - "lastClaims": { - "acr": "1", - "aud": "account", - "azp": "stig-manager", - "exp": 1602652854, - "iat": 1602652554, - "iss": "http://localhost:8080/auth/realms/stigman-test", - "jti": "dba7eae1-8a6b-4335-ae34-93097a78c948", - "sub": "0afa914a-cdbb-4edb-baca-3a664dc20cd0", - "typ": "Bearer", - "nonce": "5337bda6-559e-4823-8764-488337bd390f", - "scope": "openid stig-manager:user:read stig-manager:collection stig-manager:user stig-manager:op stig-manager:stig stig-manager:stig:read email profile", - "auth_time": 1602652553, - "realm_access": { - "roles": [ - "create_collection", - "user" - ] - }, - "session_state": "69ed7f9b-1858-4af3-b909-7b9120c08878", - "email_verified": false, - "allowed-origins": [ - "*" - ], - "resource_access": { - "account": { - "roles": [ - "manage-account", - "manage-account-links", - "view-profile" - ] - } - }, - "preferred_username": "collectioncreator" - }, - "collectionGrantCount": 0 - } - }, - { - "userId": "85", - "username": "lvl1", - "email": null, - "displayName": "lvl1", - "statistics": { - "created": "2022-10-30T20:36:14Z", - "lastAccess": 1602652493, - "lastClaims": { - "acr": "1", - "aud": "account", - "azp": "stig-manager", - "exp": 1602652792, - "iat": 1602652492, - "iss": "http://localhost:8080/auth/realms/stigman-test", - "jti": "64ea09c4-e9fd-423c-b447-aff38d38f04e", - "sub": "757dd598-d9d8-4c0b-8811-ec7f40925986", - "typ": "Bearer", - "nonce": "48fe2aae-66f8-4188-8af3-419129aa02e6", - "scope": "openid stig-manager:user:read stig-manager:collection stig-manager:user stig-manager:op stig-manager:stig stig-manager:stig:read email profile", - "auth_time": 1602652492, - "realm_access": { - "roles": [ - "user" - ] - }, - "session_state": "cbf87935-3521-4c5d-a22e-d8dd9e60e5e3", - "email_verified": false, - "allowed-origins": [ - "*" - ], - "resource_access": { - "account": { - "roles": [ - "manage-account", - "manage-account-links", - "view-profile" - ] - } - }, - "preferred_username": "lvl1" - }, - "collectionGrantCount": 1 - } - }, - { - "userId": "21", - "username": "lvl2", - "email": null, - "displayName": "lvl2", - "statistics": { - "created": "2022-10-30T20:36:14Z", - "lastAccess": 1602652507, - "lastClaims": { - "acr": "1", - "aud": "account", - "azp": "stig-manager", - "exp": 1602652806, - "iat": 1602652506, - "iss": "http://localhost:8080/auth/realms/stigman-test", - "jti": "eb5cdbd4-c912-4fc5-a1b8-10cf737d374a", - "sub": "51ea2e76-d3db-43ff-b551-68dfbdf01a38", - "typ": "Bearer", - "nonce": "8fbd4814-621a-4b63-af57-9e62b665a529", - "scope": "openid stig-manager:user:read stig-manager:collection stig-manager:user stig-manager:op stig-manager:stig stig-manager:stig:read email profile", - "auth_time": 1602652506, - "realm_access": { - "roles": [ - "user" - ] - }, - "session_state": "d5a18452-599d-4a50-af6f-75fb3808f2e9", - "email_verified": false, - "allowed-origins": [ - "*" - ], - "resource_access": { - "account": { - "roles": [ - "manage-account", - "manage-account-links", - "view-profile" - ] - } - }, - "preferred_username": "lvl2" - }, - "collectionGrantCount": 2 - } - }, - { - "userId": "44", - "username": "lvl3", - "email": null, - "displayName": "lvl3", - "statistics": { - "created": "2022-10-30T20:36:14Z", - "lastAccess": 1602652565, - "lastClaims": { - "acr": "1", - "aud": "account", - "azp": "stig-manager", - "exp": 1602652864, - "iat": 1602652564, - "iss": "http://localhost:8080/auth/realms/stigman-test", - "jti": "72163a5a-9599-4942-92c0-347d3c00d7fb", - "sub": "dea1961a-b597-49d1-8b80-a443ec30c7c7", - "typ": "Bearer", - "nonce": "709a0a0a-9d85-4e31-8266-99b7a306e17c", - "scope": "openid stig-manager:user:read stig-manager:collection stig-manager:user stig-manager:op stig-manager:stig stig-manager:stig:read email profile", - "auth_time": 1602652564, - "realm_access": { - "roles": [ - "user" - ] - }, - "session_state": "bcf64712-4b8d-4e42-86c9-d173a363e4d5", - "email_verified": false, - "allowed-origins": [ - "*" - ], - "resource_access": { - "account": { - "roles": [ - "manage-account", - "manage-account-links", - "view-profile" - ] - } - }, - "preferred_username": "lvl3" - }, - "collectionGrantCount": 2 - } - }, - { - "userId": "45", - "username": "lvl4", - "email": null, - "displayName": "lvl4", - "statistics": { - "created": "2022-10-30T20:36:14Z", - "lastAccess": 1602652573, - "lastClaims": { - "acr": "1", - "aud": "account", - "azp": "stig-manager", - "exp": 1602652872, - "iat": 1602652572, - "iss": "http://localhost:8080/auth/realms/stigman-test", - "jti": "b8cd924e-432b-4072-bf1c-425386981cd5", - "sub": "1045da76-d100-4093-b4ac-d520e34e0bf9", - "typ": "Bearer", - "nonce": "33f857b8-2d55-4ec9-8078-0aed9edda98e", - "scope": "openid stig-manager:user:read stig-manager:collection stig-manager:user stig-manager:op stig-manager:stig stig-manager:stig:read email profile", - "auth_time": 1602652572, - "realm_access": { - "roles": [ - "user" - ] - }, - "session_state": "6c15ffa5-ccf3-4cc7-b187-cf6117ada3d1", - "email_verified": false, - "allowed-origins": [ - "*" - ], - "resource_access": { - "account": { - "roles": [ - "manage-account", - "manage-account-links", - "view-profile" - ] - } - }, - "preferred_username": "lvl4" - }, - "collectionGrantCount": 3 - } - }, - { - "userId": "1", - "username": "stigmanadmin", - "email": null, - "displayName": "stigmanadmin", - "statistics": { - "created": "2022-10-30T20:36:14Z", - "lastAccess": 1643160098, - "lastClaims": { - "acr": "0", - "aud": [ - "realm-management", - "account" - ], - "azp": "stig-manager", - "exp": 1670394347, - "iat": 1605631412, - "iss": "http://localhost:8080/auth/realms/stigman", - "jti": "daf8b741-73d1-4eba-96af-f855ab0bd226", - "sub": "eb965d15-aa78-43fc-a2a6-3d86258c1eec", - "typ": "Bearer", - "nonce": "73937be3-4ccc-4fa7-8202-45685523dd2c", - "scope": "openid stig-manager:collection stig-manager:stig:read stig-manager:user:read stig-manager:op stig-manager:user stig-manager:stig", - "auth_time": 1605594347, - "realm_access": { - "roles": [ - "create_collection", - "admin", - "user" - ] - }, - "session_state": "5ac2a938-1074-4e6a-8c4b-e83e4e7d763b", - "email_verified": false, - "resource_access": { - "account": { - "roles": [ - "manage-account", - "manage-account-links", - "view-profile" - ] - }, - "realm-management": { - "roles": [ - "view-users", - "query-groups", - "query-users" - ] - } - }, - "preferred_username": "stigmanadmin" - }, - "collectionGrantCount": 6 - } - }, - { - "userId": "22", - "username": "wf-test", - "email": null, - "displayName": "wf-test", - "statistics": { - "created": "2022-10-30T20:36:14Z", - "lastAccess": null, - "lastClaims": {}, - "collectionGrantCount": 0 - } - }, - { - "userId": "43", - "username": "workforce-60", - "email": null, - "displayName": "workforce-60", - "statistics": { - "created": "2022-10-30T20:36:14Z", - "lastAccess": null, - "lastClaims": {}, - "collectionGrantCount": 0 - } - } - ], - "collections": [ - { - "collectionId": "21", - "name": "Collection X", - "description": null, - "settings": { - "fields": { - "detail": { - "enabled": "always", - "required": "always" - }, - "comment": { - "enabled": "always", - "required": "findings" - } - }, - "status": { - "canAccept": true, - "resetCriteria": "result", - "minAcceptGrant": 3 - }, - "history": { - "maxReviews": 15 - } - }, - "metadata": { - "reqRar": "true", - "pocName": "poc2Patched", - "pocEmail": "pocEmail@email.com", - "pocPhone": "12342" - }, - "grants": [ - { - "accessLevel": 1, - "userId": "86" - }, - { - "accessLevel": 1, - "userId": "85" - }, - { - "accessLevel": 2, - "userId": "21" - }, - { - "accessLevel": 3, - "userId": "44" - }, - { - "accessLevel": 4, - "userId": "87" - }, - { - "accessLevel": 4, - "userId": "1" - }, - { - "accessLevel": 4, - "userId": "45" - } - ], - "labels": [ - { - "labelId": "755b8a28-9a68-11ec-b1bc-0242ac110002", - "name": "test-label-full", - "description": "", - "color": "FF99CC", - "uses": 2 - }, - { - "labelId": "5130dc84-9a68-11ec-b1bc-0242ac110002", - "name": "test-label-lvl1", - "description": "", - "color": "99CCFF", - "uses": 1 - } - ] - }, - { - "collectionId": "83", - "name": "Collection Y", - "description": null, - "settings": { - "fields": { - "detail": { - "enabled": "always", - "required": "always" - }, - "comment": { - "enabled": "findings", - "required": "findings" - } - }, - "status": { - "canAccept": true, - "resetCriteria": "result", - "minAcceptGrant": 3 - }, - "history": { - "maxReviews": 15 - } - }, - "metadata": { - "reqRar": "true", - "pocName": "string", - "pocEmail": "string", - "pocPhone": "string" - }, - "grants": [ - { - "accessLevel": 4, - "userId": "87" - }, - { - "accessLevel": 4, - "userId": "1" - } - ], - "labels": [] - }, - { - "collectionId": "1", - "name": "Collection Z put", - "description": null, - "settings": { - "fields": { - "detail": { - "enabled": "always", - "required": "always" - }, - "comment": { - "enabled": "findings", - "required": "findings" - } - }, - "status": { - "canAccept": true, - "resetCriteria": "result", - "minAcceptGrant": 3 - }, - "history": { - "maxReviews": 15 - } - }, - "metadata": { - "reqRar": "true", - "pocName": "poc2Put", - "pocEmail": "pocEmailPut@email.com", - "pocPhone": "12342" - }, - "grants": [ - { - "accessLevel": 1, - "userId": "86" - }, - { - "accessLevel": 2, - "userId": "21" - }, - { - "accessLevel": 3, - "userId": "44" - }, - { - "accessLevel": 4, - "userId": "87" - }, - { - "accessLevel": 4, - "userId": "45" - }, - { - "accessLevel": 4, - "userId": "1" - } - ], - "labels": [ - { - "labelId": "df4e6836-a003-11ec-b1bc-0242ac110002", - "name": "scrapLabel", - "description": "scrap label", - "color": "99CCFF", - "uses": 0 - } - ] - }, - { - "collectionId": "84", - "name": "delete Collection Admin", - "description": null, - "settings": { - "fields": { - "detail": { - "enabled": "always", - "required": "always" - }, - "comment": { - "enabled": "findings", - "required": "findings" - } - }, - "status": { - "canAccept": true, - "resetCriteria": "result", - "minAcceptGrant": 3 - }, - "history": { - "maxReviews": 15 - } - }, - "metadata": {}, - "grants": [ - { - "accessLevel": 4, - "userId": "87" - }, - { - "accessLevel": 4, - "userId": "1" - } - ], - "labels": [] - }, - { - "collectionId": "85", - "name": "delete Collection lvl4", - "description": null, - "settings": { - "fields": { - "detail": { - "enabled": "always", - "required": "always" - }, - "comment": { - "enabled": "findings", - "required": "findings" - } - }, - "status": { - "canAccept": true, - "resetCriteria": "result", - "minAcceptGrant": 3 - }, - "history": { - "maxReviews": 15 - } - }, - "metadata": {}, - "grants": [ - { - "accessLevel": 4, - "userId": "87" - }, - { - "accessLevel": 4, - "userId": "1" - }, - { - "accessLevel": 4, - "userId": "45" - } - ], - "labels": [] - }, - { - "collectionId": "86", - "name": "delete Collection NONE", - "description": null, - "settings": { - "fields": { - "detail": { - "enabled": "always", - "required": "always" - }, - "comment": { - "enabled": "findings", - "required": "findings" - } - }, - "status": { - "canAccept": true, - "resetCriteria": "result", - "minAcceptGrant": 3 - }, - "history": { - "maxReviews": 15 - } - }, - "metadata": {}, - "grants": [], - "labels": [] - }, - { - "collectionId": "92", - "name": "test Collection", - "description": null, - "settings": { - "fields": { - "detail": { - "enabled": "always", - "required": "always" - }, - "comment": { - "enabled": "findings", - "required": "findings" - } - }, - "status": { - "canAccept": true, - "resetCriteria": "result", - "minAcceptGrant": 3 - }, - "history": { - "maxReviews": 15 - } - }, - "metadata": {}, - "grants": [ - { - "accessLevel": 4, - "userId": "87" - }, - { - "accessLevel": 4, - "userId": "1" - } - ], - "labels": [] - } - ], - "assets": [ - { - "assetId": "29", - "name": "ACHERNAR_Collection_X_asset", - "fqdn": null, - "description": "", - "ip": "10.0.0.18", - "labelIds": [], - "mac": null, - "noncomputing": false, - "metadata": {}, - "stigGrants": [], - "collectionId": "21" - }, - { - "assetId": "62", - "name": "Collection_X_asset", - "fqdn": null, - "description": "", - "ip": "10.1.1.1", - "labelIds": [ - "755b8a28-9a68-11ec-b1bc-0242ac110002" - ], - "mac": null, - "noncomputing": false, - "metadata": {}, - "stigGrants": [ - { - "benchmarkId": "VPN_SRG_TEST", - "userIds": [] - }, - { - "benchmarkId": "Windows_10_STIG_TEST", - "userIds": [] - } - ], - "collectionId": "21" - }, - { - "assetId": "42", - "name": "Collection_X_lvl1_asset-1", - "fqdn": null, - "description": "", - "ip": "", - "labelIds": [ - "755b8a28-9a68-11ec-b1bc-0242ac110002", - "5130dc84-9a68-11ec-b1bc-0242ac110002" - ], - "mac": null, - "noncomputing": true, - "metadata": {}, - "stigGrants": [ - { - "benchmarkId": "VPN_SRG_TEST", - "userIds": [ - "85" - ] - }, - { - "benchmarkId": "Windows_10_STIG_TEST", - "userIds": [ - "86" - ] - } - ], - "collectionId": "21" - }, - { - "assetId": "154", - "name": "Collection_X_lvl1_asset-2", - "fqdn": null, - "description": "", - "ip": "", - "labelIds": [], - "mac": null, - "noncomputing": false, - "metadata": {}, - "stigGrants": [ - { - "benchmarkId": "VPN_SRG_TEST", - "userIds": [ - "85" - ] - }, - { - "benchmarkId": "Windows_10_STIG_TEST", - "userIds": [] - } - ], - "collectionId": "21" - }, - { - "assetId": "240", - "name": "Collection_Y_asset-noGrants", - "fqdn": null, - "description": "", - "ip": "", - "labelIds": [], - "mac": null, - "noncomputing": false, - "metadata": {}, - "stigGrants": [ - { - "benchmarkId": "VPN_SRG_TEST", - "userIds": [] - } - ], - "collectionId": "83" - }, - { - "assetId": "153", - "name": "Collection_Y_lvl_1_asset-1", - "fqdn": null, - "description": "", - "ip": "", - "labelIds": [], - "mac": null, - "noncomputing": false, - "metadata": {}, - "stigGrants": [ - { - "benchmarkId": "VPN_SRG_TEST", - "userIds": [] - } - ], - "collectionId": "83" - }, - { - "assetId": "38", - "name": "FOMALHAUT", - "fqdn": null, - "description": "", - "ip": "10.0.0.27", - "labelIds": [], - "mac": null, - "noncomputing": false, - "metadata": {}, - "stigGrants": [ - { - "benchmarkId": "VPN_SRG_TEST", - "userIds": [ - "85" - ] - } - ], - "collectionId": "1" - }, - { - "assetId": "246", - "name": "tesetest", - "fqdn": null, - "description": "", - "ip": "", - "labelIds": [], - "mac": null, - "noncomputing": false, - "metadata": {}, - "stigGrants": [], - "collectionId": "92" - }, - { - "assetId": "241", - "name": "test asset POST stigmanadmin", - "fqdn": null, - "description": "test desc", - "ip": "1.1.1.1", - "labelIds": [], - "mac": null, - "noncomputing": true, - "metadata": {}, - "stigGrants": [ - { - "benchmarkId": "VPN_SRG_TEST", - "userIds": [] - }, - { - "benchmarkId": "Windows_10_STIG_TEST", - "userIds": [] - } - ], - "collectionId": "1" - }, - { - "assetId": "34", - "name": "test asset stigmanadmin", - "fqdn": null, - "description": "test desc", - "ip": "1.1.1.1", - "labelIds": [], - "mac": null, - "noncomputing": true, - "metadata": {}, - "stigGrants": [ - { - "benchmarkId": "RHEL_7_STIG_TEST", - "userIds": [] - }, - { - "benchmarkId": "VPN_SRG_TEST", - "userIds": [] - }, - { - "benchmarkId": "Windows_10_STIG_TEST", - "userIds": [] - } - ], - "collectionId": "1" - }, - { - "assetId": "242", - "name": "testasset", - "fqdn": null, - "description": "", - "ip": "", - "labelIds": [], - "mac": null, - "noncomputing": false, - "metadata": {}, - "stigGrants": [], - "collectionId": "85" - }, - { - "assetId": "245", - "name": "testasset", - "fqdn": null, - "description": "test desc", - "ip": "", - "labelIds": [], - "mac": null, - "noncomputing": false, - "metadata": {}, - "stigGrants": [], - "collectionId": "92" - }, - { - "assetId": "243", - "name": "testasset111", - "fqdn": null, - "description": "", - "ip": "", - "labelIds": [], - "mac": null, - "noncomputing": false, - "metadata": {}, - "stigGrants": [], - "collectionId": "85" - }, - { - "assetId": "244", - "name": "wat", - "fqdn": null, - "description": "", - "ip": "", - "labelIds": [], - "mac": null, - "noncomputing": false, - "metadata": {}, - "stigGrants": [], - "collectionId": "85" - } - ], - "reviews": [ - { - "assetId": "42", - "ruleId": "SV-106179r1_rule", - "result": "pass", - "resultEngine": { - "type": "other", - "product": "test" - }, - "detail": "test batch", - "comment": "", - "userId": "87", - "ts": "2022-10-25T22:37:46Z", - "touchTs": "2022-10-30T20:36:40Z", - "status": { - "ts": "2022-10-30T20:36:40Z", - "text": null, - "label": "submitted", - "userId": "87" - }, - "metadata": {}, - "history": [ - { - "ts": "2022-10-25T22:37:46Z", - "detail": "test batch", - "result": "pass", - "status": { - "ts": "2022-10-25T22:37:46Z", - "text": null, - "label": "saved", - "userId": "87" - }, - "userId": "87", - "comment": "", - "touchTs": "2022-10-25T22:37:46Z", - "resultEngine": { - "type": "other", - "product": "test" - } - } - ] - }, - { - "assetId": "154", - "ruleId": "SV-106179r1_rule", - "result": "fail", - "resultEngine": null, - "detail": "test", - "comment": "test", - "userId": "87", - "ts": "2022-10-30T18:41:18Z", - "touchTs": "2022-10-30T18:41:18Z", - "status": { - "ts": "2022-10-30T18:41:18Z", - "text": null, - "label": "submitted", - "userId": "87" - }, - "metadata": {}, - "history": [] - } - ] -} \ No newline at end of file diff --git a/test/api/form-data-files/batch-test-data.jsonl b/test/api/form-data-files/batch-test-data.jsonl new file mode 100644 index 000000000..baa927fc5 --- /dev/null +++ b/test/api/form-data-files/batch-test-data.jsonl @@ -0,0 +1,100 @@ +{"version":"1.4.13","commit":{"branch":"na","sha":"na","tag":"na","describe":"na"},"date":"2024-08-21T17:42:35.673Z","lastMigration":34} +{"tables":[{"table":"asset","rowCount":14},{"table":"check_content","rowCount":615},{"table":"collection","rowCount":7},{"table":"collection_grant","rowCount":22},{"table":"collection_label","rowCount":3},{"table":"collection_label_asset_map","rowCount":3},{"table":"collection_rev_map","rowCount":0},{"table":"current_rev","rowCount":4},{"table":"default_rev","rowCount":6},{"table":"fix_text","rowCount":615},{"table":"rev_group_rule_cci_map","rowCount":925},{"table":"rev_group_rule_map","rowCount":699},{"table":"review","rowCount":2},{"table":"review_history","rowCount":1},{"table":"revision","rowCount":5},{"table":"rule_version_check_digest","rowCount":619},{"table":"severity_cat_map","rowCount":0},{"table":"stig","rowCount":4},{"table":"stig_asset_map","rowCount":14},{"table":"user_data","rowCount":10},{"table":"user_stig_asset_map","rowCount":4}],"totalRows":3572,"collections":["Collection X","Collection Y","Collection Z put","delete Collection Admin","delete Collection lvl4","delete Collection NONE","test Collection"]} +{"table":"asset","columns":"`assetId`,`name`,`fqdn`,`collectionId`,`ip`,`mac`,`description`,`noncomputing`,`metadata`,`state`,`stateDate`,`stateUserId`","rowCount":14} +[29,"ACHERNAR_Collection_X_asset",null,21,"10.0.0.18",null,"",false,"{}","enabled",null,null] +[34,"test asset stigmanadmin",null,1,"1.1.1.1",null,"test desc",true,"{}","enabled",null,null] +[38,"FOMALHAUT",null,1,"10.0.0.27",null,"",false,"{}","enabled",null,null] +[42,"Collection_X_lvl1_asset-1",null,21,"",null,"",true,"{}","enabled",null,null] +[62,"Collection_X_asset",null,21,"10.1.1.1",null,"",false,"{}","enabled",null,null] +[153,"Collection_Y_lvl_1_asset-1",null,83,"",null,"",false,"{}","enabled",null,null] +[154,"Collection_X_lvl1_asset-2",null,21,"",null,"",false,"{}","enabled",null,null] +[240,"Collection_Y_asset-noGrants",null,83,"",null,"",false,"{}","enabled",null,null] +[241,"test asset POST stigmanadmin",null,1,"1.1.1.1",null,"test desc",true,"{}","enabled",null,null] +[242,"testasset",null,85,"",null,"",false,"{}","enabled",null,null] +[243,"testasset111",null,85,"",null,"",false,"{}","enabled",null,null] +[244,"wat",null,85,"",null,"",false,"{}","enabled",null,null] +[245,"testasset",null,92,"",null,"test desc",false,"{}","enabled",null,null] +[246,"tesetest",null,92,"",null,"",false,"{}","enabled",null,null] +{"table":"collection","columns":"`collectionId`,`name`,`description`,`settings`,`metadata`,`created`,`state`,`createdUserId`,`stateDate`,`stateUserId`","rowCount":7} +[1,"Collection Z put",null,"{\"fields\": {\"detail\": {\"enabled\": \"always\", \"required\": \"always\"}, \"comment\": {\"enabled\": \"findings\", \"required\": \"findings\"}}, \"status\": {\"canAccept\": true, \"resetCriteria\": \"result\", \"minAcceptGrant\": 3}, \"history\": {\"maxReviews\": 15}}","{\"reqRar\": \"true\", \"pocName\": \"poc2Put\", \"pocEmail\": \"pocEmailPut@email.com\", \"pocPhone\": \"12342\"}","2024-08-21 17:38:27","enabled",null,null,null] +[21,"Collection X",null,"{\"fields\": {\"detail\": {\"enabled\": \"always\", \"required\": \"always\"}, \"comment\": {\"enabled\": \"always\", \"required\": \"findings\"}}, \"status\": {\"canAccept\": true, \"resetCriteria\": \"result\", \"minAcceptGrant\": 3}, \"history\": {\"maxReviews\": 15}}","{\"reqRar\": \"true\", \"pocName\": \"poc2Patched\", \"pocEmail\": \"pocEmail@email.com\", \"pocPhone\": \"12342\"}","2024-08-21 17:38:27","enabled",null,null,null] +[83,"Collection Y",null,"{\"fields\": {\"detail\": {\"enabled\": \"always\", \"required\": \"always\"}, \"comment\": {\"enabled\": \"findings\", \"required\": \"findings\"}}, \"status\": {\"canAccept\": true, \"resetCriteria\": \"result\", \"minAcceptGrant\": 3}, \"history\": {\"maxReviews\": 15}}","{\"reqRar\": \"true\", \"pocName\": \"string\", \"pocEmail\": \"string\", \"pocPhone\": \"string\"}","2024-08-21 17:38:27","enabled",null,null,null] +[84,"delete Collection Admin",null,"{\"fields\": {\"detail\": {\"enabled\": \"always\", \"required\": \"always\"}, \"comment\": {\"enabled\": \"findings\", \"required\": \"findings\"}}, \"status\": {\"canAccept\": true, \"resetCriteria\": \"result\", \"minAcceptGrant\": 3}, \"history\": {\"maxReviews\": 15}}","{}","2024-08-21 17:38:27","enabled",null,null,null] +[85,"delete Collection lvl4",null,"{\"fields\": {\"detail\": {\"enabled\": \"always\", \"required\": \"always\"}, \"comment\": {\"enabled\": \"findings\", \"required\": \"findings\"}}, \"status\": {\"canAccept\": true, \"resetCriteria\": \"result\", \"minAcceptGrant\": 3}, \"history\": {\"maxReviews\": 15}}","{}","2024-08-21 17:38:27","enabled",null,null,null] +[86,"delete Collection NONE",null,"{\"fields\": {\"detail\": {\"enabled\": \"always\", \"required\": \"always\"}, \"comment\": {\"enabled\": \"findings\", \"required\": \"findings\"}}, \"status\": {\"canAccept\": true, \"resetCriteria\": \"result\", \"minAcceptGrant\": 3}, \"history\": {\"maxReviews\": 15}}","{}","2024-08-21 17:38:27","enabled",null,null,null] +[92,"test Collection",null,"{\"fields\": {\"detail\": {\"enabled\": \"always\", \"required\": \"always\"}, \"comment\": {\"enabled\": \"findings\", \"required\": \"findings\"}}, \"status\": {\"canAccept\": true, \"resetCriteria\": \"result\", \"minAcceptGrant\": 3}, \"history\": {\"maxReviews\": 15}}","{}","2024-08-21 17:38:27","enabled",null,null,null] +{"table":"collection_grant","columns":"`cgId`,`collectionId`,`userId`,`accessLevel`","rowCount":22} +[32,21,86,1] +[33,21,85,1] +[34,21,21,2] +[35,21,44,3] +[36,21,87,4] +[37,21,1,4] +[38,21,45,4] +[39,83,87,4] +[40,83,1,4] +[41,1,86,1] +[42,1,21,2] +[43,1,44,3] +[44,1,87,4] +[45,1,45,4] +[46,1,1,4] +[47,84,87,4] +[48,84,1,4] +[49,85,87,4] +[50,85,1,4] +[51,85,45,4] +[52,92,87,4] +[53,92,1,4] +{"table":"collection_label","columns":"`clId`,`collectionId`,`name`,`description`,`color`,`uuid`","rowCount":3} +[6,21,"test-label-full","","FF99CC",{"type":"Buffer","data":"base64:EeyaaHVbiiixvAJCrBEAAg=="}] +[7,21,"test-label-lvl1","","99CCFF",{"type":"Buffer","data":"base64:EeyaaFEw3ISxvAJCrBEAAg=="}] +[8,1,"scrapLabel","scrap label","99CCFF",{"type":"Buffer","data":"base64:EeygA99OaDaxvAJCrBEAAg=="}] +{"table":"collection_label_asset_map","columns":"`claId`,`assetId`,`clId`","rowCount":3} +[8,42,6] +[9,42,7] +[7,62,6] +{"table":"collection_rev_map","columns":"`crId`,`collectionId`,`benchmarkId`,`revId`","rowCount":0} +{"table":"default_rev","columns":"`vdId`,`collectionId`,`benchmarkId`,`revId`,`revisionPinned`","rowCount":6} +[11,1,"RHEL_7_STIG_TEST","RHEL_7_STIG_TEST-3-0.3",0] +[12,1,"VPN_SRG_TEST","VPN_SRG_TEST-1-1",0] +[13,21,"VPN_SRG_TEST","VPN_SRG_TEST-1-1",0] +[14,83,"VPN_SRG_TEST","VPN_SRG_TEST-1-1",0] +[15,1,"Windows_10_STIG_TEST","Windows_10_STIG_TEST-1-23",0] +[16,21,"Windows_10_STIG_TEST","Windows_10_STIG_TEST-1-23",0] +{"table":"review","columns":"`reviewId`,`assetId`,`ruleId`,`resultId`,`detail`,`comment`,`autoResult`,`ts`,`userId`,`statusId`,`statusText`,`statusUserId`,`statusTs`,`metadata`,`resultEngine`,`version`,`checkDigest`","rowCount":2} +[1,42,"SV-106179r1_rule",3,"test batch","",false,"2022-10-25 22:37:46",87,1,null,87,"2022-10-30 20:36:40","{}","{\"type\": \"other\", \"product\": \"test\"}","SRG-NET-000019-VPN-000040",{"type":"Buffer","data":"base64:rCuitvLqBnVZ+8TF3loLSztzss5pqPttV4Q+TQkZtbM="}] +[2,154,"SV-106179r1_rule",4,"test","test",false,"2022-10-30 18:41:18",87,1,null,87,"2022-10-30 18:41:18","{}",null,"SRG-NET-000019-VPN-000040",{"type":"Buffer","data":"base64:rCuitvLqBnVZ+8TF3loLSztzss5pqPttV4Q+TQkZtbM="}] +{"table":"review_history","columns":"`historyId`,`reviewId`,`resultId`,`detail`,`comment`,`autoResult`,`ts`,`userId`,`statusId`,`statusText`,`statusUserId`,`statusTs`,`touchTs`,`resultEngine`,`ruleId`","rowCount":1} +[15,1,3,"test batch","",false,"2022-10-25 22:37:46",87,0,null,87,"2022-10-25 22:37:46","2022-10-25 22:37:46",null,"SV-106179r1_rule"] +{"table":"stig_asset_map","columns":"`saId`,`benchmarkId`,`assetId`,`userIds`,`minTs`,`maxTs`,`saved`,`savedResultEngine`,`submitted`,`submittedResultEngine`,`rejected`,`rejectedResultEngine`,`accepted`,`acceptedResultEngine`,`highCount`,`mediumCount`,`lowCount`,`notchecked`,`notcheckedResultEngine`,`notapplicable`,`notapplicableResultEngine`,`pass`,`passResultEngine`,`fail`,`failResultEngine`,`unknown`,`unknownResultEngine`,`error`,`errorResultEngine`,`notselected`,`notselectedResultEngine`,`informational`,`informationalResultEngine`,`fixed`,`fixedResultEngine`,`maxTouchTs`","rowCount":14} +[21,"VPN_SRG_TEST",62,"[]",null,null,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,null] +[22,"Windows_10_STIG_TEST",62,"[]",null,null,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,null] +[23,"VPN_SRG_TEST",42,"[85]","2022-10-25 22:37:46","2022-10-25 22:37:46",0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,1,1,0,0,0,0,0,0,0,0,0,0,0,0,"2022-10-30 20:36:40"] +[24,"Windows_10_STIG_TEST",42,"[86]",null,null,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,null] +[25,"VPN_SRG_TEST",154,"[85]","2022-10-30 18:41:18","2022-10-30 18:41:18",0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,"2022-10-30 18:41:18"] +[26,"Windows_10_STIG_TEST",154,"[]",null,null,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,null] +[27,"VPN_SRG_TEST",240,"[]",null,null,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,null] +[28,"VPN_SRG_TEST",153,"[]",null,null,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,null] +[29,"VPN_SRG_TEST",38,"[85]",null,null,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,null] +[30,"VPN_SRG_TEST",241,"[]",null,null,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,null] +[31,"Windows_10_STIG_TEST",241,"[]",null,null,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,null] +[32,"RHEL_7_STIG_TEST",34,"[]",null,null,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,null] +[33,"VPN_SRG_TEST",34,"[]",null,null,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,null] +[34,"Windows_10_STIG_TEST",34,"[]",null,null,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,null] +{"table":"user_data","columns":"`userId`,`username`,`created`,`lastAccess`,`lastClaims`","rowCount":10} +[1,"stigmanadmin","2024-08-21 17:38:27",1643160098,"{\"acr\": \"0\", \"aud\": [\"realm-management\", \"account\"], \"azp\": \"stig-manager\", \"exp\": 1670394347, \"iat\": 1605631412, \"iss\": \"http://localhost:8080/auth/realms/stigman\", \"jti\": \"daf8b741-73d1-4eba-96af-f855ab0bd226\", \"sub\": \"eb965d15-aa78-43fc-a2a6-3d86258c1eec\", \"typ\": \"Bearer\", \"nonce\": \"73937be3-4ccc-4fa7-8202-45685523dd2c\", \"scope\": \"openid stig-manager:collection stig-manager:stig:read stig-manager:user:read stig-manager:op stig-manager:user stig-manager:stig\", \"auth_time\": 1605594347, \"realm_access\": {\"roles\": [\"create_collection\", \"admin\", \"user\"]}, \"session_state\": \"5ac2a938-1074-4e6a-8c4b-e83e4e7d763b\", \"email_verified\": false, \"resource_access\": {\"account\": {\"roles\": [\"manage-account\", \"manage-account-links\", \"view-profile\"]}, \"realm-management\": {\"roles\": [\"view-users\", \"query-groups\", \"query-users\"]}}, \"preferred_username\": \"stigmanadmin\"}"] +[21,"lvl2","2024-08-21 17:38:27",1602652507,"{\"acr\": \"1\", \"aud\": \"account\", \"azp\": \"stig-manager\", \"exp\": 1602652806, \"iat\": 1602652506, \"iss\": \"http://localhost:8080/auth/realms/stigman-test\", \"jti\": \"eb5cdbd4-c912-4fc5-a1b8-10cf737d374a\", \"sub\": \"51ea2e76-d3db-43ff-b551-68dfbdf01a38\", \"typ\": \"Bearer\", \"nonce\": \"8fbd4814-621a-4b63-af57-9e62b665a529\", \"scope\": \"openid stig-manager:user:read stig-manager:collection stig-manager:user stig-manager:op stig-manager:stig stig-manager:stig:read email profile\", \"auth_time\": 1602652506, \"realm_access\": {\"roles\": [\"user\"]}, \"session_state\": \"d5a18452-599d-4a50-af6f-75fb3808f2e9\", \"email_verified\": false, \"allowed-origins\": [\"*\"], \"resource_access\": {\"account\": {\"roles\": [\"manage-account\", \"manage-account-links\", \"view-profile\"]}}, \"preferred_username\": \"lvl2\"}"] +[22,"wf-test","2024-08-21 17:38:27",null,"{}"] +[43,"workforce-60","2024-08-21 17:38:27",null,"{}"] +[44,"lvl3","2024-08-21 17:38:27",1602652565,"{\"acr\": \"1\", \"aud\": \"account\", \"azp\": \"stig-manager\", \"exp\": 1602652864, \"iat\": 1602652564, \"iss\": \"http://localhost:8080/auth/realms/stigman-test\", \"jti\": \"72163a5a-9599-4942-92c0-347d3c00d7fb\", \"sub\": \"dea1961a-b597-49d1-8b80-a443ec30c7c7\", \"typ\": \"Bearer\", \"nonce\": \"709a0a0a-9d85-4e31-8266-99b7a306e17c\", \"scope\": \"openid stig-manager:user:read stig-manager:collection stig-manager:user stig-manager:op stig-manager:stig stig-manager:stig:read email profile\", \"auth_time\": 1602652564, \"realm_access\": {\"roles\": [\"user\"]}, \"session_state\": \"bcf64712-4b8d-4e42-86c9-d173a363e4d5\", \"email_verified\": false, \"allowed-origins\": [\"*\"], \"resource_access\": {\"account\": {\"roles\": [\"manage-account\", \"manage-account-links\", \"view-profile\"]}}, \"preferred_username\": \"lvl3\"}"] +[45,"lvl4","2024-08-21 17:38:27",1602652573,"{\"acr\": \"1\", \"aud\": \"account\", \"azp\": \"stig-manager\", \"exp\": 1602652872, \"iat\": 1602652572, \"iss\": \"http://localhost:8080/auth/realms/stigman-test\", \"jti\": \"b8cd924e-432b-4072-bf1c-425386981cd5\", \"sub\": \"1045da76-d100-4093-b4ac-d520e34e0bf9\", \"typ\": \"Bearer\", \"nonce\": \"33f857b8-2d55-4ec9-8078-0aed9edda98e\", \"scope\": \"openid stig-manager:user:read stig-manager:collection stig-manager:user stig-manager:op stig-manager:stig stig-manager:stig:read email profile\", \"auth_time\": 1602652572, \"realm_access\": {\"roles\": [\"user\"]}, \"session_state\": \"6c15ffa5-ccf3-4cc7-b187-cf6117ada3d1\", \"email_verified\": false, \"allowed-origins\": [\"*\"], \"resource_access\": {\"account\": {\"roles\": [\"manage-account\", \"manage-account-links\", \"view-profile\"]}}, \"preferred_username\": \"lvl4\"}"] +[82,"collectioncreator","2024-08-21 17:38:27",1602652554,"{\"acr\": \"1\", \"aud\": \"account\", \"azp\": \"stig-manager\", \"exp\": 1602652854, \"iat\": 1602652554, \"iss\": \"http://localhost:8080/auth/realms/stigman-test\", \"jti\": \"dba7eae1-8a6b-4335-ae34-93097a78c948\", \"sub\": \"0afa914a-cdbb-4edb-baca-3a664dc20cd0\", \"typ\": \"Bearer\", \"nonce\": \"5337bda6-559e-4823-8764-488337bd390f\", \"scope\": \"openid stig-manager:user:read stig-manager:collection stig-manager:user stig-manager:op stig-manager:stig stig-manager:stig:read email profile\", \"auth_time\": 1602652553, \"realm_access\": {\"roles\": [\"create_collection\", \"user\"]}, \"session_state\": \"69ed7f9b-1858-4af3-b909-7b9120c08878\", \"email_verified\": false, \"allowed-origins\": [\"*\"], \"resource_access\": {\"account\": {\"roles\": [\"manage-account\", \"manage-account-links\", \"view-profile\"]}}, \"preferred_username\": \"collectioncreator\"}"] +[85,"lvl1","2024-08-21 17:38:27",1602652493,"{\"acr\": \"1\", \"aud\": \"account\", \"azp\": \"stig-manager\", \"exp\": 1602652792, \"iat\": 1602652492, \"iss\": \"http://localhost:8080/auth/realms/stigman-test\", \"jti\": \"64ea09c4-e9fd-423c-b447-aff38d38f04e\", \"sub\": \"757dd598-d9d8-4c0b-8811-ec7f40925986\", \"typ\": \"Bearer\", \"nonce\": \"48fe2aae-66f8-4188-8af3-419129aa02e6\", \"scope\": \"openid stig-manager:user:read stig-manager:collection stig-manager:user stig-manager:op stig-manager:stig stig-manager:stig:read email profile\", \"auth_time\": 1602652492, \"realm_access\": {\"roles\": [\"user\"]}, \"session_state\": \"cbf87935-3521-4c5d-a22e-d8dd9e60e5e3\", \"email_verified\": false, \"allowed-origins\": [\"*\"], \"resource_access\": {\"account\": {\"roles\": [\"manage-account\", \"manage-account-links\", \"view-profile\"]}}, \"preferred_username\": \"lvl1\"}"] +[86,"bizarroLvl1","2024-08-21 17:38:27",null,"{}"] +[87,"admin","2024-08-21 17:38:27",1724262155,"{\"aud\": \"realm-management\", \"azp\": \"stig-manager\", \"exp\": 1724280111, \"iat\": 1724262111, \"iss\": \"https://trinity.localdomain/kc/realms/stigman\", \"jti\": \"a7699ea3-ae85-40b2-a904-d3307265f24a\", \"sid\": \"3621751b-d785-4c43-8178-2c150f8291a3\", \"sub\": \"bf87a16f-39e6-46d9-8971-f0ef51dd3f85\", \"typ\": \"Bearer\", \"name\": \"Admin Burke\", \"nonce\": \"08a8febf-2fd7-4c67-ab2b-de0e8d2cde6d\", \"scope\": \"stig-manager:collection stig-manager:stig:read stig-manager:user:read stig-manager:op stig-manager:user stig-manager:stig\", \"auth_time\": 1723559545, \"given_name\": \"Admin\", \"family_name\": \"Burke\", \"realm_access\": {\"roles\": [\"create_collection\", \"admin\", \"user\"]}, \"session_state\": \"3621751b-d785-4c43-8178-2c150f8291a3\", \"resource_access\": {\"realm-management\": {\"roles\": [\"view-users\", \"query-groups\", \"query-users\"]}}, \"preferred_username\": \"admin\"}"] +{"table":"user_stig_asset_map","columns":"`id`,`userId`,`saId`","rowCount":4} +[11,85,23] +[12,86,24] +[13,85,25] +[14,85,29] diff --git a/test/api/form-data-files/batch-test-data.zip b/test/api/form-data-files/batch-test-data.zip deleted file mode 100644 index dced90360..000000000 Binary files a/test/api/form-data-files/batch-test-data.zip and /dev/null differ diff --git a/test/api/mocha/data/metrics/metaMetricsGet.test.js b/test/api/mocha/data/metrics/metaMetricsGet.test.js index b29534b33..bec0d3002 100644 --- a/test/api/mocha/data/metrics/metaMetricsGet.test.js +++ b/test/api/mocha/data/metrics/metaMetricsGet.test.js @@ -14,7 +14,7 @@ describe('GET - MetaMetrics', function () { before(async function () { this.timeout(4000) await utils.uploadTestStigs() - await utils.loadAppData("appdata-meta-metrics-with-pin.json") + await utils.loadAppData("appdata-meta-metrics-with-pin.jsonl") try{ await utils.uploadTestStig("U_VPN_SRG_V1R0_Manual-xccdf.xml") } diff --git a/test/api/mocha/data/operation/op.test.js b/test/api/mocha/data/operation/op.test.js index fe330aaa4..3fec15eca 100644 --- a/test/api/mocha/data/operation/op.test.js +++ b/test/api/mocha/data/operation/op.test.js @@ -21,7 +21,7 @@ describe('GET - Op', () => { describe('getAppData - /op/appdata', () => { it('Export application data', async () => { const res = await chai.request(config.baseUrl) - .get(`/op/appdata?elevate=true`) + .get(`/op/appdata?format=jsonl&elevate=true`) .set('Authorization', `Bearer ${iteration.token}`) if(iteration.name !== "stigmanadmin"){ expect(res).to.have.status(403) diff --git a/test/api/mocha/data/review/reviewPost.test.js b/test/api/mocha/data/review/reviewPost.test.js index 3858ff976..819952967 100644 --- a/test/api/mocha/data/review/reviewPost.test.js +++ b/test/api/mocha/data/review/reviewPost.test.js @@ -73,7 +73,7 @@ describe('POST - Review', () => { beforeEach(async function () { this.timeout(4000) // await utils.uploadTestStigs() - await utils.loadAppData("batch-test-data.json") + await utils.loadAppData("batch-test-data.jsonl") }) it(`POST batch review: target assets, whole stig`, async () => { @@ -792,7 +792,7 @@ describe('POST - Review', () => { beforeEach(async function () { this.timeout(4000) - await utils.loadAppData("batch-test-data.json") + await utils.loadAppData("batch-test-data.jsonl") }) it(`POST batch Review: target by assets, and one rule, expect validation failure - invalid result for status`, async () => { const postreview = { diff --git a/test/api/mocha/data/stig/stigs.test.js b/test/api/mocha/data/stig/stigs.test.js index 6c2b2155f..4a0ebb1b9 100644 --- a/test/api/mocha/data/stig/stigs.test.js +++ b/test/api/mocha/data/stig/stigs.test.js @@ -412,7 +412,7 @@ describe('POST - Stig', () => { it('should throw SmError.ClientError not xml file', async () => { const directoryPath = path.join(__dirname, '../../../form-data-files/') - const testStigfile = 'appdata.json' + const testStigfile = 'appdata.jsonl' const filePath = path.join(directoryPath, testStigfile) const res = await chai.request(config.baseUrl) diff --git a/test/api/mocha/referenceData.js b/test/api/mocha/referenceData.js index ed6affc30..52269e65b 100644 --- a/test/api/mocha/referenceData.js +++ b/test/api/mocha/referenceData.js @@ -1,4 +1,4 @@ -// This data represents components of the primary test Collections, Assets, etc. contained in the standard appData.json file without regard to access controls being exercised by the tests. These Ids, etc. should be used to construct test case API requests. This data should only be used as expectations in cases where all test scenarios exercised are expected to return the same data. +// This data represents components of the primary test Collections, Assets, etc. contained in the standard appdata.jsonl file without regard to access controls being exercised by the tests. These Ids, etc. should be used to construct test case API requests. This data should only be used as expectations in cases where all test scenarios exercised are expected to return the same data. // The standard "testCollection" includes users named after the roles they have for that specific Collection, is used in most "GET" tests or tests not expected to change data that could alter expectations for subsequent tests. "scrapCollection" is used for tests that alter Collection data in some way. @@ -154,7 +154,7 @@ const reference = { ], ownersProjected: [ { - email: "admin@admin.com", + email: null, userId: "87", username: "admin", displayName: "Admin Burke", diff --git a/test/api/mocha/utils/testUtils.js b/test/api/mocha/utils/testUtils.js index b57ab8c4a..94af472e4 100644 --- a/test/api/mocha/utils/testUtils.js +++ b/test/api/mocha/utils/testUtils.js @@ -17,29 +17,16 @@ const metricsOutputToJSON = (testCaseName, username, responseData, outputJsonFil fs.writeFileSync(metricsFilePath, JSON.stringify(metricsData, null, 2), 'utf8') } -const loadAppData = async (appdataFileName = 'appdata.json') => { - - //const appdataFile = path.join(__dirname, '../../form-data-files/appdata.json') - const appdataFile = path.join(__dirname, `../../form-data-files/${appdataFileName}`) - const formData = new FormData() - formData.append('importFile', fs.createReadStream(appdataFile), { - filename: 'appdata.json', - contentType: 'application/json' - }) - const axiosConfig = { +const loadAppData = (appdataFileName = 'appdata.jsonl') => { + return axios({ method: 'post', url: `${config.baseUrl}/op/appdata?elevate=true`, headers: { - ...formData.getHeaders(), + 'Content-Type': 'application/jsonl', Authorization: `Bearer ${adminToken}` }, - data: formData - } - try { - const response = await axios(axiosConfig) - } catch (error) { - throw error - } + data: fs.readFileSync(path.join(__dirname, `../../form-data-files/${appdataFileName}`)) + }) } const createTempCollection = async (collectionPost) => {