Skip to content

Commit

Permalink
fix: add label in neo4j request
Browse files Browse the repository at this point in the history
  • Loading branch information
thomas-girard committed Nov 9, 2023
1 parent c39ef0b commit 2dfbf4e
Show file tree
Hide file tree
Showing 2 changed files with 27 additions and 21 deletions.
4 changes: 2 additions & 2 deletions ad_miner/sources/modules/requests.json
View file
Expand Up @@ -599,12 +599,12 @@
},
"anomaly_acl_1": {
"name": "anomaly_acl_1",
"request": "MATCH (gg) WHERE NOT gg:Group with gg as g MATCH (g)-[r2{isacl:true}]->(n) WHERE ((g.is_da IS NULL OR g.is_da=FALSE) AND (g.is_dc IS NULL OR g.is_dc=FALSE)) OR (NOT n.domain CONTAINS '.' + g.domain AND n.domain <> g.domain) RETURN n.name,g.name, type(r2)",
"request": "MATCH (gg) WHERE NOT gg:Group with gg as g MATCH (g)-[r2{isacl:true}]->(n) WHERE ((g.is_da IS NULL OR g.is_da=FALSE) AND (g.is_dc IS NULL OR g.is_dc=FALSE)) OR (NOT n.domain CONTAINS '.' + g.domain AND n.domain <> g.domain) RETURN n.name,g.name,type(r2),LABELS(g)[0]",
"output_type": "dict"
},
"anomaly_acl_2": {
"name": "anomaly_acl_2",
"request": "MATCH (gg:Group) WHERE EXISTS(gg.members_count) with gg as g order by gg.members_count DESC MATCH (g)-[r2{isacl:true}]->(n) WHERE ((g.is_da IS NULL OR g.is_da=FALSE) AND (g.is_dc IS NULL OR g.is_dc=FALSE)) OR (NOT n.domain CONTAINS '.' + g.domain AND n.domain <> g.domain) RETURN g.members_count,n.name,g.name, type(r2) order by g.members_count DESC",
"request": "MATCH (gg:Group) WHERE EXISTS(gg.members_count) with gg as g order by gg.members_count DESC MATCH (g)-[r2{isacl:true}]->(n) WHERE ((g.is_da IS NULL OR g.is_da=FALSE) AND (g.is_dc IS NULL OR g.is_dc=FALSE)) OR (NOT n.domain CONTAINS '.' + g.domain AND n.domain <> g.domain) RETURN g.members_count,n.name,g.name,type(r2),LABELS(g)[0] order by g.members_count DESC",
"output_type": "dict"
},
"get_empty_groups": {
Expand Down
44 changes: 25 additions & 19 deletions ad_miner/sources/modules/users.py
View file
Expand Up @@ -1455,7 +1455,7 @@ def genGroupAnomalyAcl(self, domain):

if self.anomaly_acl_1 is None and self.anomaly_acl_2 is None:
page = Page(
self.arguments.cache_prefix, "anomaly_acl", "Group Anomaly ACL", "anomaly_acl"
self.arguments.cache_prefix, "anomaly_acl", "ACL Anomaly ", "anomaly_acl"
)
page.render()
return 0
Expand All @@ -1470,23 +1470,29 @@ def genGroupAnomalyAcl(self, domain):
anomaly_acl_extract = []

for k in range(len(self.anomaly_acl)):
if formated_data.get(self.anomaly_acl[k]["g.name"]) and formated_data[self.anomaly_acl[k]["g.name"]]["type"] == self.anomaly_acl[k]["type(r2)"]:
formated_data[self.anomaly_acl[k]["g.name"]]["targets"].append(self.anomaly_acl[k]["n.name"])
elif formated_data.get(self.anomaly_acl[k]["g.name"]) and formated_data[self.anomaly_acl[k]["g.name"]]["targets"] == [self.anomaly_acl[k]["n.name"]] and self.anomaly_acl[k]["type(r2)"] not in formated_data[self.anomaly_acl[k]["g.name"]]["type"] :
formated_data[self.anomaly_acl[k]["g.name"]]["type"] += f" | {self.anomaly_acl[k]['type(r2)']}"
name_label_instance = f"{self.anomaly_acl[k]['g.name']} {self.anomaly_acl[k]['LABELS(g)[0]']}"
if formated_data.get(name_label_instance) and formated_data[name_label_instance]["type"] == self.anomaly_acl[k]["type(r2)"] and formated_data[name_label_instance]["label"] == self.anomaly_acl[k]["LABELS(g)[0]"]:
formated_data[name_label_instance]["targets"].append(self.anomaly_acl[k]["n.name"])
elif formated_data.get(name_label_instance) and formated_data[name_label_instance]["targets"] == [self.anomaly_acl[k]["n.name"]] and self.anomaly_acl[k]["type(r2)"] not in formated_data[name_label_instance]["type"] and formated_data[name_label_instance]["label"] == self.anomaly_acl[k]["LABELS(g)[0]"]:
formated_data[name_label_instance]["type"] += f" | {self.anomaly_acl[k]['type(r2)']}"
else:
formated_data[self.anomaly_acl[k]["g.name"]] = {
# it is possible to have an OU and a Group with the same name for example, that's why it is necessary to have the name + the label as key
formated_data[name_label_instance] = {
"name": self.anomaly_acl[k]["g.name"],
"label": self.anomaly_acl[k]["LABELS(g)[0]"],
"type": self.anomaly_acl[k]["type(r2)"],
"members_count": self.anomaly_acl[k]["g.members_count"],
"targets": [self.anomaly_acl[k]["n.name"]]
"targets": [self.anomaly_acl[k]["n.name"]],
}

for name_instance in formated_data:
print("formated data : ", formated_data)

for name_label_instance in formated_data:
name_instance = name_label_instance.split(" ")[0]

formated_data_details = []
interest = 0
for k in formated_data[name_instance]["targets"]:
for k in formated_data[name_label_instance]["targets"]:
tmp_dict = {}
if k in domain.admin_list:
tmp_dict["targets"] = '<i class="bi bi-gem" title="This user is domain admin"></i> ' + k
Expand Down Expand Up @@ -1514,7 +1520,7 @@ def genGroupAnomalyAcl(self, domain):
formated_data_details.append(tmp_dict)

page = Page(
self.arguments.cache_prefix, f"anomaly_acl_details_{name_instance}", "Group Anomaly ACL Details", "anomaly_acl"
self.arguments.cache_prefix, f"anomaly_acl_details_{name_label_instance.replace(' ', '_')}", "Group Anomaly ACL Details", "anomaly_acl"
)


Expand All @@ -1527,24 +1533,24 @@ def genGroupAnomalyAcl(self, domain):

anomaly_acl_extract.append(
{
"name": '<i class="bi bi-people-fill"></i> ' + name_instance if formated_data[name_instance]["members_count"] != "-" else '<i class="bi bi-person-fill"></i> ' + name_instance,
"type": formated_data[name_instance]["type"],
"members count": f'<i class="{str(formated_data[name_instance]["members_count"]).zfill(6)} bi bi-people-fill"></i> ' + str(formated_data[name_instance]["members_count"]) if formated_data[name_instance]["members_count"] != '-' else '-',
"name": name_instance,
"label": '<i class="bi bi-people-fill"></i> '+formated_data[name_label_instance]["label"] if formated_data[name_label_instance]["members_count"] != "-" else '<i class="bi bi-person-fill"></i> '+formated_data[name_label_instance]["label"],
"type": formated_data[name_label_instance]["type"],
"members count": f'<i class="{str(formated_data[name_label_instance]["members_count"]).zfill(6)} bi bi-people-fill"></i> ' + str(formated_data[name_label_instance]["members_count"]) if formated_data[name_label_instance]["members_count"] != '-' else '-',
"targets count": grid_data_stringify({
"link": f"anomaly_acl_details_{quote(str(name_instance))}.html",
"value": f"{str(len(formated_data[name_instance]['targets'])) +' targets' if len(formated_data[name_instance]['targets']) > 1 else formated_data[name_instance]['targets'][0]} <i class='bi bi-box-arrow-up-right' aria-hidden='true'></i>",
"before_link": f"<i class='<i bi bi-bullseye {str(len(formated_data[name_instance]['targets'])).zfill(6)}'></i> "
"link": f"anomaly_acl_details_{quote(str(name_label_instance.replace(' ', '_')))}.html",
"value": f"{str(len(formated_data[name_label_instance]['targets'])) +' targets' if len(formated_data[name_label_instance]['targets']) > 1 else formated_data[name_label_instance]['targets'][0]} <i class='bi bi-box-arrow-up-right' aria-hidden='true'></i>",
"before_link": f"<i class='<i bi bi-bullseye {str(len(formated_data[name_label_instance]['targets'])).zfill(6)}'></i> "
}),
"interest": f"<span class='{interest}'></span><i class='bi bi-star-fill'></i>"*interest + "<i class='bi bi-star'></i>"*(3-interest)
}
)
#{'s' if len(formated_data[name_instance]['targets']) > 1 else ''}

page = Page(
self.arguments.cache_prefix, "anomaly_acl", "Group Anomaly ACL", "anomaly_acl"
self.arguments.cache_prefix, "anomaly_acl", "ACL Anomaly", "anomaly_acl"
)
grid = Grid("anomaly_acl")
grid.setheaders(["name", "type", "members count", "targets count", "interest"])
grid.setheaders(["name", "label", "members count", "type", "targets count", "interest"])

grid.setData(anomaly_acl_extract)
page.addComponent(grid)
Expand Down

0 comments on commit 2dfbf4e

Please sign in to comment.