From 1e0f9f3fdc54408146730f949aeb8f9c3b02c608 Mon Sep 17 00:00:00 2001
From: Umesh Kumar <166806589+TangoBeeAkto@users.noreply.github.com>
Date: Wed, 11 Dec 2024 14:50:47 +0530
Subject: [PATCH 1/2] fix: fetching sampleData from a random API only if it's
 not available for test editor

# Conflicts:
#	apps/dashboard/src/main/java/com/akto/action/TrafficAction.java
---
 .../java/com/akto/action/TrafficAction.java   | 32 +++++++++++++++++++
 apps/dashboard/src/main/resources/struts.xml  | 25 ++++++++++++++-
 .../apps/dashboard/pages/test_editor/api.js   |  4 +--
 .../test_editor/components/SampleApi.jsx      |  2 +-
 4 files changed, 59 insertions(+), 4 deletions(-)

diff --git a/apps/dashboard/src/main/java/com/akto/action/TrafficAction.java b/apps/dashboard/src/main/java/com/akto/action/TrafficAction.java
index be4dd26d93..f4dd62a319 100644
--- a/apps/dashboard/src/main/java/com/akto/action/TrafficAction.java
+++ b/apps/dashboard/src/main/java/com/akto/action/TrafficAction.java
@@ -67,6 +67,38 @@ public String fetchSampleData() {
         return Action.SUCCESS.toUpperCase();
     }
 
+    public String fetchSampleDataForTestEditor() {
+        fetchSampleData();
+        if(sampleDataList == null || sampleDataList.isEmpty()) {
+            sampleDataList = new ArrayList<>();
+            ApiCollection randomActiveCollection = ApiCollectionsDao.instance.findOne(Filters.and(
+                    Filters.eq(ApiCollection._DEACTIVATED, false),
+                    Filters.not(
+                            Filters.size(ApiCollection.URLS_STRING, 0)
+                    ),
+                    Filters.ne(ApiCollection.ID, 0)
+            ));
+
+            if(randomActiveCollection == null) {
+                return Action.SUCCESS.toUpperCase();
+            }
+
+            int activeCollectionId = randomActiveCollection.getId();
+            List<String> endpointsList = new ArrayList<>(randomActiveCollection.getUrls());
+            String[] endpointAndMethod = endpointsList.get(0).split(" ");
+
+            sampleDataList = SampleDataDao.instance.findAll(Filters.and(
+                    Filters.eq("_id.url", endpointAndMethod[0]),
+                    Filters.in(SingleTypeInfo._COLLECTION_IDS, activeCollectionId),
+                    Filters.eq("_id.responseCode", -1),
+                    Filters.eq("_id.method", endpointAndMethod[1]),
+                    Filters.gte("_id.bucketStartEpoch", 0),
+                    Filters.lte("_id.bucketEndEpoch", 0)
+            ));
+        }
+        return Action.SUCCESS.toUpperCase();
+    }
+
     public String fetchAllSampleData() {
         sampleDataList = SampleDataDao.instance.findAll(Filters.eq(Constants.ID + "." + ApiInfoKey.API_COLLECTION_ID, apiCollectionId), skip, limit == 0 ? 50 : limit, null);
         return Action.SUCCESS.toUpperCase();
diff --git a/apps/dashboard/src/main/resources/struts.xml b/apps/dashboard/src/main/resources/struts.xml
index 16bddac430..bc4025ca52 100644
--- a/apps/dashboard/src/main/resources/struts.xml
+++ b/apps/dashboard/src/main/resources/struts.xml
@@ -2400,7 +2400,7 @@
                  <param name="includeProperties">^actionErrors.*</param>
             </result>
         </action>
-        
+
         <action name="api/fetchSampleData" class="com.akto.action.TrafficAction" method="fetchSampleData">
             <interceptor-ref name="json"/>
             <interceptor-ref name="defaultStack" />
@@ -2424,6 +2424,29 @@
                  <param name="includeProperties">^actionErrors.*</param>
             </result>
         </action>
+        <action name="api/fetchSampleDataForTestEditor" class="com.akto.action.TrafficAction" method="fetchSampleDataForTestEditor">
+            <interceptor-ref name="json"/>
+            <interceptor-ref name="defaultStack" />
+            <interceptor-ref name="roleAccessInterceptor">
+                <param name="featureLabel">SAMPLE_DATA</param>
+                <param name="accessType">READ</param>
+            </interceptor-ref>
+            <result name="FORBIDDEN" type="json">
+                <param name="statusCode">403</param>
+                <param name="ignoreHierarchy">false</param>
+                <param name="includeProperties">^actionErrors.*</param>
+            </result>
+            <interceptor-ref name="collectionInterceptor"/>
+            <result name="SUCCESS"  type="json"/>
+            <result name="ERROR" type="httpheader">
+                <param name="status">401</param>
+            </result>
+            <result name="UNAUTHORIZED" type="json">
+                <param name="statusCode">403</param>
+                <param name="ignoreHierarchy">false</param>
+                <param name="includeProperties">^actionErrors.*</param>
+            </result>
+        </action>
         
         <action name="api/deleteCollection" class="com.akto.action.ApiCollectionsAction" method="deleteCollection">
            <interceptor-ref name="json"/>
diff --git a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/test_editor/api.js b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/test_editor/api.js
index 4dce55eb9c..65a159f5de 100644
--- a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/test_editor/api.js
+++ b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/test_editor/api.js
@@ -1,9 +1,9 @@
 import request from "@/util/request"
 
 const testEditorRequests = {
-    fetchSampleData(collectionId, apiEndpointUrl, apiEndpointMethod) {
+    fetchSampleDataForTestEditor(collectionId, apiEndpointUrl, apiEndpointMethod) {
         return request({
-            url: '/api/fetchSampleData',
+            url: '/api/fetchSampleDataForTestEditor',
             method: 'post',
             data: {
                 apiCollectionId: collectionId, 
diff --git a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/test_editor/components/SampleApi.jsx b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/test_editor/components/SampleApi.jsx
index 887c9c319c..92a2ca2ea2 100644
--- a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/test_editor/components/SampleApi.jsx
+++ b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/test_editor/components/SampleApi.jsx
@@ -179,7 +179,7 @@ const SampleApi = () => {
 
     const fetchSampleData = async (collectionId, apiEndpointUrl, apiEndpointMethod) => {
         setShowEmptyLayout(false)
-        const sampleDataResponse = await testEditorRequests.fetchSampleData(collectionId, apiEndpointUrl, apiEndpointMethod)
+        const sampleDataResponse = await testEditorRequests.fetchSampleDataForTestEditor(collectionId, apiEndpointUrl, apiEndpointMethod)
         if (sampleDataResponse) {
             if (sampleDataResponse.sampleDataList.length > 0 && sampleDataResponse.sampleDataList[0].samples && sampleDataResponse.sampleDataList[0].samples.length > 0) {
                 const sampleDataJson = JSON.parse(sampleDataResponse.sampleDataList[0].samples[sampleDataResponse.sampleDataList[0].samples.length - 1])

From b33895539992f5dd85d92679b028cefc3a069de3 Mon Sep 17 00:00:00 2001
From: Umesh Kumar <166806589+TangoBeeAkto@users.noreply.github.com>
Date: Thu, 12 Dec 2024 12:13:41 +0530
Subject: [PATCH 2/2] fix: fetching sampleData from a random API only if it's
 not available for test editor

---
 .../java/com/akto/action/TrafficAction.java   | 13 +++--------
 .../apps/dashboard/pages/test_editor/api.js   | 11 +++++++++
 .../test_editor/components/SampleApi.jsx      | 23 +++++++++----------
 3 files changed, 25 insertions(+), 22 deletions(-)

diff --git a/apps/dashboard/src/main/java/com/akto/action/TrafficAction.java b/apps/dashboard/src/main/java/com/akto/action/TrafficAction.java
index f4dd62a319..79cf7e3807 100644
--- a/apps/dashboard/src/main/java/com/akto/action/TrafficAction.java
+++ b/apps/dashboard/src/main/java/com/akto/action/TrafficAction.java
@@ -69,14 +69,13 @@ public String fetchSampleData() {
 
     public String fetchSampleDataForTestEditor() {
         fetchSampleData();
-        if(sampleDataList == null || sampleDataList.isEmpty()) {
+        if(sampleDataList == null || sampleDataList.isEmpty() || sampleDataList.get(0).getSamples().isEmpty()) {
             sampleDataList = new ArrayList<>();
             ApiCollection randomActiveCollection = ApiCollectionsDao.instance.findOne(Filters.and(
                     Filters.eq(ApiCollection._DEACTIVATED, false),
                     Filters.not(
                             Filters.size(ApiCollection.URLS_STRING, 0)
-                    ),
-                    Filters.ne(ApiCollection.ID, 0)
+                    )
             ));
 
             if(randomActiveCollection == null) {
@@ -84,16 +83,10 @@ public String fetchSampleDataForTestEditor() {
             }
 
             int activeCollectionId = randomActiveCollection.getId();
-            List<String> endpointsList = new ArrayList<>(randomActiveCollection.getUrls());
-            String[] endpointAndMethod = endpointsList.get(0).split(" ");
 
             sampleDataList = SampleDataDao.instance.findAll(Filters.and(
-                    Filters.eq("_id.url", endpointAndMethod[0]),
                     Filters.in(SingleTypeInfo._COLLECTION_IDS, activeCollectionId),
-                    Filters.eq("_id.responseCode", -1),
-                    Filters.eq("_id.method", endpointAndMethod[1]),
-                    Filters.gte("_id.bucketStartEpoch", 0),
-                    Filters.lte("_id.bucketEndEpoch", 0)
+                    Filters.not(Filters.size(SampleData.SAMPLES, 0))
             ));
         }
         return Action.SUCCESS.toUpperCase();
diff --git a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/test_editor/api.js b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/test_editor/api.js
index 65a159f5de..660245405f 100644
--- a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/test_editor/api.js
+++ b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/test_editor/api.js
@@ -1,6 +1,17 @@
 import request from "@/util/request"
 
 const testEditorRequests = {
+    fetchSampleData(collectionId, apiEndpointUrl, apiEndpointMethod) {
+        return request({
+            url: '/api/fetchSampleData',
+            method: 'post',
+            data: {
+                apiCollectionId: collectionId, 
+                url: apiEndpointUrl, 
+                method: apiEndpointMethod
+            }
+        })
+    },
     fetchSampleDataForTestEditor(collectionId, apiEndpointUrl, apiEndpointMethod) {
         return request({
             url: '/api/fetchSampleDataForTestEditor',
diff --git a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/test_editor/components/SampleApi.jsx b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/test_editor/components/SampleApi.jsx
index 92a2ca2ea2..6b6dd6156b 100644
--- a/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/test_editor/components/SampleApi.jsx
+++ b/apps/dashboard/web/polaris_web/web/src/apps/dashboard/pages/test_editor/components/SampleApi.jsx
@@ -40,21 +40,15 @@ const SampleApi = () => {
     const selectedSampleApi = PersistStore(state => state.selectedSampleApi)
     const setSelectedSampleApi = PersistStore(state => state.setSelectedSampleApi)
 
+    const [isCustomAPI, setIsCustomAPI] = useState(Object.keys(selectedSampleApi)?.length > 0 || false)
+    
     const tabs = [{ id: 'request', content: 'Request' }, { id: 'response', content: 'Response'}];
     const mapCollectionIdToName = func.mapCollectionIdToName(allCollections)
 
     useEffect(()=>{
         if(showEmptyLayout) return
         let testId = selectedTest.value
-        let sampleData = null
-        if(sampleDataList?.length > 0) {
-            sampleData = {
-                apiCollectionId: sampleDataList[0].id.apiCollectionId,
-                method: {_name: sampleDataList[0].id.method},
-                url: sampleDataList[0].id.url
-            }
-        }
-        let selectedUrl = sampleData ? sampleData : Object.keys(selectedSampleApi).length > 0 ? selectedSampleApi : vulnerableRequestsObj?.[testId]
+        let selectedUrl = Object.keys(selectedSampleApi).length > 0 ? selectedSampleApi : vulnerableRequestsObj?.[testId]
         setSelectedCollectionId(null)
         setCopyCollectionId(null)
         setTestResult(null)
@@ -123,8 +117,6 @@ const SampleApi = () => {
     useEffect(() => {
         if (selectedCollectionId && selectedApiEndpoint) {
             fetchSampleData(selectedCollectionId, func.toMethodUrlObject(selectedApiEndpoint).url, func.toMethodUrlObject(selectedApiEndpoint).method)
-        }else{
-            setEditorData({message: ''})
         }
         setTestResult(null)
     }, [selectedApiEndpoint])
@@ -162,6 +154,7 @@ const SampleApi = () => {
     })
 
     const fetchApiEndpoints = async (collectionId) => {
+        if(!collectionId) return
         const apiEndpointsResponse = await api.fetchCollectionWiseApiEndpoints(collectionId)
         if (apiEndpointsResponse) {
             setApiEndpoints(apiEndpointsResponse.listOfEndpointsInCollection)
@@ -179,7 +172,12 @@ const SampleApi = () => {
 
     const fetchSampleData = async (collectionId, apiEndpointUrl, apiEndpointMethod) => {
         setShowEmptyLayout(false)
-        const sampleDataResponse = await testEditorRequests.fetchSampleDataForTestEditor(collectionId, apiEndpointUrl, apiEndpointMethod)
+        let sampleDataResponse
+        if(isCustomAPI) {
+            sampleDataResponse = await testEditorRequests.fetchSampleData(collectionId, apiEndpointUrl, apiEndpointMethod)
+        } else {
+            sampleDataResponse = await testEditorRequests.fetchSampleDataForTestEditor(collectionId, apiEndpointUrl, apiEndpointMethod)
+        }
         if (sampleDataResponse) {
             if (sampleDataResponse.sampleDataList.length > 0 && sampleDataResponse.sampleDataList[0].samples && sampleDataResponse.sampleDataList[0].samples.length > 0) {
                 const sampleDataJson = JSON.parse(sampleDataResponse.sampleDataList[0].samples[sampleDataResponse.sampleDataList[0].samples.length - 1])
@@ -206,6 +204,7 @@ const SampleApi = () => {
 
     const toggleSelectApiActive = () => setSelectApiActive(prev => !prev)
     const saveFunc = () =>{
+        setIsCustomAPI(true)
         setSelectedApiEndpoint(copySelectedApiEndpoint)
         const urlObj = func.toMethodUrlObject(copySelectedApiEndpoint)
         const sampleApi = {