Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Wrong active-response endpoint parameter from dev tools #3466

Merged
merged 29 commits into from
Nov 5, 2021
Merged

Wrong active-response endpoint parameter from dev tools #3466

Show file tree
Hide file tree
Changes from 28 commits
Commits
Show all changes
29 commits
Select commit Hold shift + click to select a range
f34ac4f
compare path
Jul 13, 2021
051b6e7
Logs removed
Jul 13, 2021
796bcaa
Fixing and updating unit-tests. (#3413)
gabiwassan Jul 12, 2021
816dd0d
Added try-catch strategy in Reporting section (#3427)
Machi3mfl Jul 13, 2021
78676a5
Implement/try catch in Components > Overview (#3442)
pablomarga Jul 13, 2021
80e7b39
Refactor try catch in Management > Statistics (#3429)
Machi3mfl Jul 13, 2021
357ee09
Refactor try catch in Management > Configuration (#3451)
Machi3mfl Jul 13, 2021
60588bb
Updating test. (#3470)
gabiwassan Jul 13, 2021
e0c7a53
fix size api selector and add basic test
eze9252 Jul 7, 2021
9d77820
add changelog
eze9252 Jul 7, 2021
51a55ce
fix styles in api selector
eze9252 Jul 8, 2021
eb2157c
Refactor try catch in Agent Syscollector/Vuls/Stats (#3462)
gabiwassan Jul 16, 2021
edf886f
Refactor try catch in Management > Status (#3434)
Machi3mfl Jul 16, 2021
0a32d1a
Refactor try-catch components/add-moludes-data (#3472)
Machi3mfl Jul 19, 2021
63fd003
Added click outside detector component to euiFlyout
asteriscos Jun 29, 2021
89978a5
Updated CHANGELOG
Machi3mfl Jul 19, 2021
b9a904a
Rebase Changes
Machi3mfl Jul 19, 2021
3553371
Code styling
asteriscos Jul 8, 2021
b680a41
Fixed double EuiOverlayMask import
asteriscos Jul 8, 2021
f6c6e6e
Added static child to outside detector and replaced wzoverlaymask
asteriscos Jul 8, 2021
4383eb0
Fixed policies-table row click edit and create action
asteriscos Jul 8, 2021
794ad66
Removed wzOverlayMask imports
asteriscos Jul 8, 2021
4fb7176
[Fix] Code overflows over the line numbers in API Console editor (#3439)
Desvelao Jul 19, 2021
0b47904
Fix error in save before exit prompt in configuration edit (#3460)
mpRegalado Jul 19, 2021
87a5a7f
feat(orchestrator): Applied try-catch strategy on controllers & facto…
gabiwassan Jul 19, 2021
b4bb00c
Requested changes
Machi3mfl Jul 19, 2021
f8ae8de
Merge branch '4.3-7.10' into feature/3457_dev_tools_wrong_body_parse
Machi3mfl Jul 19, 2021
57b97e2
changelog: Add PR to changelog
Desvelao Jul 20, 2021
f02b56d
Merge branch '4.3-7.10' into feature/3457_dev_tools_wrong_body_parse
frankeros Nov 5, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,7 @@ All notable changes to the Wazuh app project will be documented in this file.
- Fixed rules and decoders test flyout clickout event [#3412](https://github.com/wazuh/wazuh-kibana-app/pull/3412)
- Fix size api selector when name is too long [#3445](https://github.com/wazuh/wazuh-kibana-app/pull/3445)
- Fixed the code overflows over the line numbers in the API Console editor [#3439](https://github.com/wazuh/wazuh-kibana-app/pull/3439)
- Fixed the bad requests using Console tool to `PUT /active-response` API endpoint [#3466](https://github.com/wazuh/wazuh-kibana-app/pull/3466)

## Wazuh v4.2.1 - Kibana 7.10.2 , 7.11.2 - Revision 4202

Expand Down
3 changes: 2 additions & 1 deletion public/components/overview/mitre/components/techniques/techniques.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -549,6 +549,7 @@ export const Techniques = withWindowSize(
<EuiSpacer size="s" />

<div>{this.renderFacet()}</div>

{ isFlyoutVisible &&
<EuiOverlayMask headerZindexLocation="below">
<EuiOutsideClickDetector onOutsideClick={() => this.onChangeFlyout(false)}>
Expand All @@ -569,4 +570,4 @@ export const Techniques = withWindowSize(
);
}
}
);
);
5 changes: 3 additions & 2 deletions public/controllers/dev-tools/dev-tools.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -499,7 +499,7 @@ export class DevToolsController {
const spaceLineStart = (line.match(reLineStart) || [])[1] || '';
const inputKeyBodyParam = (line.match(reLineStart) || [])[2] || '';

const renderBodyParam = (parameter, spaceLineStart) => {
const renderBodyParam = (parameter, spaceLineStart) => {
let valueBodyParam = '';
if (parameter.type === 'string') {
valueBodyParam = '""'
Expand Down Expand Up @@ -793,7 +793,7 @@ export class DevToolsController {
: '/';

let JSONraw = {};
try {
try {
JSONraw = JSON.parse(paramsInline || desiredGroup.requestTextJson);
} catch (error) {
JSONraw = {};
Expand All @@ -820,6 +820,7 @@ export class DevToolsController {
if (typeof JSONraw === 'object') JSONraw.devTools = true;
if (!firstTime) {
const output = await this.wzRequest.apiReq(method, path, JSONraw);

if (typeof output === 'string' && output.includes('3029')) {
this.apiOutputBox.setValue('This method is not allowed without admin mode');
}
Expand Down
2 changes: 2 additions & 0 deletions public/react-services/wz-request.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,10 +50,12 @@ export class WzRequest {
data: payload,
timeout: customTimeout || timeout,
};

const data = await axios(options);
if (data['error']) {
throw new Error(data['error']);
}

return Promise.resolve(data);
} catch (error) {
OdfeUtils.checkOdfeSessionExpired(error);
Expand Down
5 changes: 4 additions & 1 deletion server/controllers/wazuh-api.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -522,7 +522,7 @@ export class WazuhApiCtrl {
shouldKeepArrayAsIt(method, path) {
// Methods that we must respect a do not transform them
const isAgentsRestart = method === 'POST' && path === '/agents/restart';
const isActiveResponse = method === 'PUT' && path.startsWith('/active-response/');
const isActiveResponse = method === 'PUT' && path.startsWith('/active-response');
const isAddingAgentsToGroup = method === 'POST' && path.startsWith('/agents/group/');

// Returns true only if one of the above conditions is true
Expand All @@ -539,6 +539,7 @@ export class WazuhApiCtrl {
* @returns {Object} API response or ErrorResponse
*/
async makeRequest(context, method, path, data, id, response) {

const devTools = !!(data || {}).devTools;
try {
const api = await this.manageHosts.getHostById(id);
Expand Down Expand Up @@ -629,6 +630,7 @@ export class WazuhApiCtrl {
}
}
}

const responseToken = await context.wazuh.api.client.asCurrentUser.request(method, path, data, options);
const responseIsDown = this.checkResponseIsDown(responseToken);
if (responseIsDown) {
Expand Down Expand Up @@ -701,6 +703,7 @@ export class WazuhApiCtrl {
* @returns {Object} api response or ErrorResponse
*/
requestApi(context: RequestHandlerContext, request: KibanaRequest, response: KibanaResponseFactory) {

const idApi = getCookieValueByName(request.headers.cookie, 'wz-api');
if (idApi !== request.body.id) { // if the current token belongs to a different API id, we relogin to obtain a new token
return ErrorResponse(
Expand Down