Incident reports docx

.github/workflows/docker.yml

@@ -27,7 +27,7 @@ jobs:
               with:
                   context: ./backend
                   push: true
-                  tags: ghcr.io/socfortress/copilot-backend:latest
+                  tags: ghcr.io/socfortress/copilot-backend:lab
                   build-args: |
                       COPILOT_API_KEY=${{ secrets.COPILOT_API_KEY }}
 
@@ -60,7 +60,7 @@ jobs:
               with:
                   context: ./frontend
                   push: true
-                  tags: ghcr.io/socfortress/copilot-frontend:latest
+                  tags: ghcr.io/socfortress/copilot-frontend:lab
 
             - name: Notify Discord
               uses: appleboy/discord-action@v1.0.0

backend/alembic/alembic.ini

@@ -60,7 +60,7 @@ version_path_separator = os  # Use os.pathsep. Default configuration used for ne
 # are written from script.py.mako
 # output_encoding = utf-8
 
-sqlalchemy.url = mysql+pymysql://copilot:H7U3AHsXWSGvE5L123B7$GQdLQz@10.255.254.2/copilot
+sqlalchemy.url = mysql+pymysql://copilot:REPLACE_ME@copilot-mysql/copilot
 
 
 [post_write_hooks]

backend/alembic/env.py

@@ -32,6 +32,7 @@
 from app.incidents.models import Case
 from app.incidents.models import CaseAlertLink
 from app.incidents.models import CaseDataStore
+from app.incidents.models import CaseReportTemplateDataStore
 from app.incidents.models import Comment
 from app.incidents.models import CustomerCodeFieldName
 from app.incidents.models import FieldName

backend/alembic/versions/a1e4beb87498_add_table_for_case_report_templates.py

@@ -0,0 +1,43 @@
+"""Add table for case report templates
+
+Revision ID: a1e4beb87498
+Revises: ba64d98dbdc5
+Create Date: 2024-10-03 10:14:31.289126
+
+"""
+from typing import Sequence
+from typing import Union
+
+import sqlalchemy as sa
+
+from alembic import op
+
+# revision identifiers, used by Alembic.
+revision: str = "a1e4beb87498"
+down_revision: Union[str, None] = "ba64d98dbdc5"
+branch_labels: Union[str, Sequence[str], None] = None
+depends_on: Union[str, Sequence[str], None] = None
+
+
+def upgrade() -> None:
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.create_table(
+        "incident_management_case_report_template_datastore",
+        sa.Column("id", sa.Integer(), nullable=False),
+        sa.Column("report_template_name", sa.String(length=255), nullable=False),
+        sa.Column("bucket_name", sa.String(length=255), nullable=False),
+        sa.Column("object_key", sa.String(length=1024), nullable=False),
+        sa.Column("file_name", sa.String(length=255), nullable=False),
+        sa.Column("content_type", sa.String(length=100), nullable=True),
+        sa.Column("file_size", sa.Integer(), nullable=True),
+        sa.Column("upload_time", sa.DateTime(), nullable=False),
+        sa.Column("file_hash", sa.String(length=128), nullable=False),
+        sa.PrimaryKeyConstraint("id"),
+    )
+    # ### end Alembic commands ###
+
+
+def downgrade() -> None:
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.drop_table("incident_management_case_report_template_datastore")
+    # ### end Alembic commands ###

backend/app/customer_provisioning/services/wazuh_manager.py

@@ -125,7 +125,7 @@ async def configure_wazuh_group(group_code, template_path, request: ProvisionNew
 
     # Make the API request to update the group configuration
     return await send_wazuh_put_request(
-        endpoint=f"groups/{group_code}/configuration",
+        endpoint=f"/groups/{group_code}/configuration",
         data=group_config,
         xml_data=True,
     )

backend/app/data_store/data_store_operations.py

@@ -1,4 +1,5 @@
 import os
+from typing import Optional
 
 import aiofiles
 import aiohttp
@@ -7,6 +8,7 @@
 from loguru import logger
 
 from app.data_store.data_store_schema import CaseDataStoreCreation
+from app.data_store.data_store_schema import CaseReportTemplateDataStoreCreation
 from app.data_store.data_store_session import create_session
 
 
@@ -43,7 +45,31 @@ async def upload_case_data_store(data: CaseDataStoreCreation, file: UploadFile)
     os.remove(temp_file_path)
 
 
-async def download_case_data_store(bucket_name: str, object_name: str) -> bytes:
+async def upload_case_report_template_data_store(data: CaseReportTemplateDataStoreCreation, file: UploadFile) -> None:
+    client = await create_session()
+    logger.info(f"Uploading file {file.filename} to bucket {data.bucket_name}")
+
+    # Define the temporary file path
+    temp_file_path = os.path.join(os.getcwd(), file.filename)
+
+    # Save the file to the temporary location
+    async with aiofiles.open(temp_file_path, "wb") as out_file:
+        content = await file.read()
+        await out_file.write(content)
+
+    # Upload the file to Minio
+    await client.fput_object(
+        bucket_name=data.bucket_name,
+        object_name=f"{file.filename}",
+        file_path=temp_file_path,
+        content_type=data.content_type,
+    )
+
+    # Optionally, remove the temporary file after upload
+    os.remove(temp_file_path)
+
+
+async def download_data_store(bucket_name: str, object_name: str) -> bytes:
     client = await create_session()
     logger.info(f"Downloading file {object_name} from bucket {bucket_name}")
     try:
@@ -77,6 +103,17 @@ async def list_case_data_store_files(bucket_name: str, case_id: int) -> list:
     return objects
 
 
+async def list_case_report_template_data_store_files(bucket_name: Optional[str] = "copilot-case-report-templates") -> list:
+    client = await create_session()
+    objects_list = []
+    logger.info(f"Listing objects in bucket {bucket_name}")
+    objects = await client.list_objects(bucket_name)
+    for obj in objects:
+        logger.info(f"Object: {obj.object_name}")
+        objects_list.append(obj.object_name)
+    return objects_list
+
+
 async def create_buckets() -> None:
     await create_bucket_if_not_exists("copilot-cases")
 

backend/app/data_store/data_store_schema.py

@@ -14,3 +14,13 @@ class CaseDataStoreCreation(BaseModel):
     file_size: Optional[int] = None
     upload_time: datetime = Field(default_factory=datetime.utcnow)
     file_hash: str = Field(max_length=128)
+
+
+class CaseReportTemplateDataStoreCreation(BaseModel):
+    report_template_name: str = Field(max_length=255)
+    bucket_name: str = Field(max_length=255)
+    object_key: str = Field(max_length=1024)
+    file_name: str = Field(max_length=255)
+    content_type: Optional[str] = Field(max_length=100, default=None)
+    upload_time: datetime = Field(default_factory=datetime.utcnow)
+    file_hash: str = Field(max_length=128)

backend/app/data_store/data_store_setup.py

@@ -14,3 +14,4 @@ async def create_bucket_if_not_exists(bucket_name: str) -> None:
 
 async def create_buckets() -> None:
     await create_bucket_if_not_exists("copilot-cases")
+    await create_bucket_if_not_exists("copilot-case-report-templates")

backend/app/incidents/models.py

@@ -165,3 +165,17 @@ class CaseDataStore(SQLModel, table=True):
     file_hash: str = Field(max_length=128, nullable=False)  # Hash of the file (e.g., SHA-256)
 
     case: "Case" = Relationship(back_populates="data_store")
+
+
+class CaseReportTemplateDataStore(SQLModel, table=True):
+    __tablename__ = "incident_management_case_report_template_datastore"
+    id: Optional[int] = Field(default=None, primary_key=True)
+
+    report_template_name: str = Field(max_length=255, nullable=False)
+    bucket_name: str = Field(max_length=255, nullable=False)  # Name of the MinIO bucket
+    object_key: str = Field(max_length=1024, nullable=False)  # Path/key of the file in MinIO
+    file_name: str = Field(max_length=255, nullable=False)  # Original file name uploaded by the user
+    content_type: Optional[str] = Field(max_length=100, nullable=True)  # MIME type of the file
+    file_size: Optional[int] = Field(nullable=True)  # File size in bytes
+    upload_time: datetime = Field(default_factory=datetime.utcnow)  # Time of upload
+    file_hash: str = Field(max_length=128, nullable=False)  # Hash of the file (e.g., SHA-256)

backend/app/incidents/routes/db_operations.py

@@ -1,4 +1,5 @@
 import io
+import mimetypes
 from typing import List
 from typing import Optional
 
@@ -20,6 +21,9 @@
 from app.connectors.wazuh_indexer.utils.universal import get_index_mappings_key_names
 from app.connectors.wazuh_indexer.utils.universal import get_index_source
 from app.customer_provisioning.routes.provision import check_customer_exists
+from app.data_store.data_store_operations import (
+    list_case_report_template_data_store_files,
+)
 from app.db.db_session import get_db
 from app.db.universal_models import Customers
 from app.incidents.models import Alert
@@ -46,10 +50,13 @@
 from app.incidents.schema.db_operations import CaseCreateFromAlert
 from app.incidents.schema.db_operations import CaseDataStoreResponse
 from app.incidents.schema.db_operations import CaseOutResponse
+from app.incidents.schema.db_operations import CaseReportTemplateDataStoreListResponse
+from app.incidents.schema.db_operations import CaseReportTemplateDataStoreResponse
 from app.incidents.schema.db_operations import CaseResponse
 from app.incidents.schema.db_operations import CommentCreate
 from app.incidents.schema.db_operations import CommentResponse
 from app.incidents.schema.db_operations import ConfiguredSourcesResponse
+from app.incidents.schema.db_operations import DefaultReportTemplateFileNames
 from app.incidents.schema.db_operations import FieldAndAssetNames
 from app.incidents.schema.db_operations import FieldAndAssetNamesResponse
 from app.incidents.schema.db_operations import ListCaseDataStoreResponse
@@ -114,8 +121,10 @@
 from app.incidents.services.db_operations import delete_case
 from app.incidents.services.db_operations import delete_field_name
 from app.incidents.services.db_operations import delete_file_from_case
+from app.incidents.services.db_operations import delete_report_template
 from app.incidents.services.db_operations import delete_timefield_name
 from app.incidents.services.db_operations import download_file_from_case
+from app.incidents.services.db_operations import download_report_template
 from app.incidents.services.db_operations import file_exists
 from app.incidents.services.db_operations import get_alert_by_id
 from app.incidents.services.db_operations import get_alert_context_by_id
@@ -147,12 +156,15 @@
 from app.incidents.services.db_operations import replace_asset_name
 from app.incidents.services.db_operations import replace_field_name
 from app.incidents.services.db_operations import replace_timefield_name
+from app.incidents.services.db_operations import report_template_exists
 from app.incidents.services.db_operations import update_alert_assigned_to
 from app.incidents.services.db_operations import update_alert_status
 from app.incidents.services.db_operations import update_case_assigned_to
 from app.incidents.services.db_operations import update_case_customer_code
 from app.incidents.services.db_operations import update_case_status
 from app.incidents.services.db_operations import upload_file_to_case
+from app.incidents.services.db_operations import upload_report_template
+from app.incidents.services.db_operations import upload_report_template_to_data_store
 from app.incidents.services.db_operations import validate_source_exists
 
 incidents_db_operations_router = APIRouter()
@@ -807,3 +819,86 @@ async def delete_case_data_store_file_endpoint(case_id: int, file_name: str, db:
 @incidents_db_operations_router.get("/case/{case_id}", response_model=CaseOutResponse)
 async def get_case_by_id_endpoint(case_id: int, db: AsyncSession = Depends(get_db)):
     return CaseOutResponse(cases=[await get_case_by_id(case_id, db)], success=True, message="Case retrieved successfully")
+
+
+@incidents_db_operations_router.get("/case-report-template", response_model=CaseReportTemplateDataStoreListResponse)
+async def list_case_report_template_data_store_files_endpoint(db: AsyncSession = Depends(get_db)):
+    logger.info("Listing all files in the data store")
+    return CaseReportTemplateDataStoreListResponse(
+        case_report_template_data_store=await list_case_report_template_data_store_files(),
+        success=True,
+        message="Files retrieved successfully",
+    )
+
+
+@incidents_db_operations_router.get("/case-report-template/do-default-template-exists")
+async def check_default_case_report_template_exists_endpoint(db: AsyncSession = Depends(get_db)):
+    """
+    Endpoint to check if any of the default case report template files exist in the data store.
+
+    If any of them do, return True, else return False.
+
+    Returns:
+    - success (bool): Indicates if the operation was successful.
+    - message (str): Success message.
+    - default_template_exists (bool): Indicates if any of the default case report template files exist in the data store.
+    """
+    for template in DefaultReportTemplateFileNames:
+        if await report_template_exists(template.value, db):
+            return {"success": True, "message": "Default case report template exists", "default_template_exists": True}
+
+    return {"success": True, "message": "No default case report templates exist", "default_template_exists": False}
+
+
+@incidents_db_operations_router.post("/case-report-template/default-template", response_model=CaseReportTemplateDataStoreListResponse)
+async def create_default_case_report_template_endpoint(db: AsyncSession = Depends(get_db)):
+    """
+    Create a default case report template in the data store.
+
+    Returns:
+        CaseReportTemplateDataStoreListResponse: The response containing the created case report template data store.
+
+    Raises:
+        None
+    """
+    logger.info("Creating default file in the data store")
+    return CaseReportTemplateDataStoreListResponse(
+        case_report_template_data_store=await upload_report_template_to_data_store(db),
+        success=True,
+        message="Default file created successfully",
+    )
+
+
+@incidents_db_operations_router.get("/case-report-template/download/{file_name}")
+async def download_case_report_template_endpoint(file_name: str, db: AsyncSession = Depends(get_db)) -> StreamingResponse:
+    file_bytes, file_content_type = await download_report_template(file_name, db)
+    logger.info(f"Streaming file {file_name}")
+    output = io.BytesIO(file_bytes)
+    output.seek(0)
+
+    return StreamingResponse(output, media_type=file_content_type, headers={"Content-Disposition": f"attachment; filename={file_name}"})
+
+
+@incidents_db_operations_router.post("/case-report-template/upload", response_model=CaseReportTemplateDataStoreResponse)
+async def upload_case_report_template_endpoint(
+    file: UploadFile = File(...),
+    db: AsyncSession = Depends(get_db),
+):
+    # Check if the file type is a .docx
+    mime_type, _ = mimetypes.guess_type(file.filename)
+    if mime_type != "application/vnd.openxmlformats-officedocument.wordprocessingml.document":
+        raise HTTPException(status_code=400, detail="Invalid file type. Only .docx files are allowed.")
+
+    if await report_template_exists(file.filename, db):
+        raise HTTPException(status_code=400, detail="File name already exists for this template")
+    return CaseReportTemplateDataStoreResponse(
+        case_report_template_data_store=await upload_report_template(file, db),
+        success=True,
+        message="File uploaded successfully",
+    )
+
+
+@incidents_db_operations_router.delete("/case-report-template/{file_name}")
+async def delete_case_report_template_endpoint(file_name: str, db: AsyncSession = Depends(get_db)):
+    await delete_report_template(file_name, db)
+    return {"message": "File deleted successfully", "success": True}