Supporting open-appsec

frontend/app-images/open-appsec-logo.svg

@@ -0,0 +1,68 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<svg
+   width="873.41901"
+   height="838.49463"
+   viewBox="0 0 873.41901 838.49463"
+   version="1.1"
+   id="svg2"
+   sodipodi:docname="open-appsec-logo.svg"
+   inkscape:version="1.3 (0e150ed6c4, 2023-07-21)"
+   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+   xmlns="http://www.w3.org/2000/svg"
+   xmlns:svg="http://www.w3.org/2000/svg">
+  <sodipodi:namedview
+     id="namedview2"
+     pagecolor="#ffffff"
+     bordercolor="#000000"
+     borderopacity="0.25"
+     inkscape:showpageshadow="2"
+     inkscape:pageopacity="0.0"
+     inkscape:pagecheckerboard="0"
+     inkscape:deskcolor="#d1d1d1"
+     showgrid="false"
+     inkscape:zoom="0.27439024"
+     inkscape:cx="1568.9333"
+     inkscape:cy="351.68889"
+     inkscape:window-width="1680"
+     inkscape:window-height="979"
+     inkscape:window-x="-8"
+     inkscape:window-y="-8"
+     inkscape:window-maximized="1"
+     inkscape:current-layer="svg2" />
+  <defs
+     id="defs1">
+    <clipPath
+       id="clip-Without_CP">
+      <rect
+         width="3444"
+         height="979"
+         id="rect1"
+         x="0"
+         y="0" />
+    </clipPath>
+  </defs>
+  <g
+     id="Group_1_copy-2"
+     data-name="Group 1 copy"
+     transform="translate(-16.001,-12)">
+    <path
+       id="Shape_3"
+       data-name="Shape 3"
+       d="m 943.882,813.9 c 0,0 -76.84,12.621 -141.535,-1.855 -63.8,-14.276 -115.462,-55.652 -115.462,-55.652 0,0 -87.913,63.539 -176.918,63.072 C 422.06,819 333.048,754.536 333.048,754.536 c 0,0 -41.188,37.694 -102.426,51.942 -66.14,15.389 -152.708,7.42 -152.708,7.42 v 77.913 c 0,0 83.521,12.22 154.57,0 56.763,-9.763 104.289,-44.522 104.289,-44.522 0,0 68.9,50.51 176.918,50.087 95.062,-0.372 171.332,-51.942 171.332,-51.942 0,0 54.106,35.641 113.6,46.377 68.383,12.34 143.4,0 143.4,0 z"
+       transform="translate(-61.913,-46.884)"
+       fill="#ff0b05" />
+    <path
+       id="Shape_2"
+       data-name="Shape 2"
+       d="m 727.624,274.073 c 0,0 21.518,103.827 16.76,192.927 -4.549,85.193 -37.246,157.681 -37.246,157.681 0,0 76.431,26.129 121.05,61.219 43.834,34.471 57.731,76.058 57.731,76.058 0,0 -53.385,9.1 -102.427,-9.275 -51.955,-19.463 -98.7,-55.652 -98.7,-55.652 0,0 -79.692,64.725 -175.057,63.069 C 409,758.354 342.128,697.029 342.128,697.029 c 0,0 -54.86,40.153 -111.738,57.507 -45.1,13.761 -93.115,7.42 -93.115,7.42 0,0 38.01,-96.083 169.469,-133.565 64.982,-18.528 154.034,-27.082 225.338,-25.971 66.292,1.033 117.325,11.13 117.325,11.13 0,0 44.715,-82.589 57.731,-176.232 12.091,-86.981 -14.9,-181.8 -14.9,-181.8 z"
+       transform="translate(-61.682,-46.884)"
+       fill="#8b1548" />
+    <path
+       id="Shape_1"
+       data-name="Shape 1"
+       d="m 730.221,146.072 c 0,0 -28.435,-37.192 -67.042,-59.362 -40.495,-23.253 -89.39,-27.826 -89.39,-27.826 0,0 43.638,22.244 67.043,44.522 17.685,16.834 14.9,31.536 14.9,31.536 0,0 -56.372,-17.173 -109.876,7.42 -103.573,47.607 -119.189,118.725 -119.189,118.725 0,0 48.89,-43.93 85.666,-61.217 45.218,-21.256 76.354,-14.841 76.354,-14.841 a 9.365,9.365 0 0 1 9.311,3.71 c 5.734,7.85 -1.862,16.7 -1.862,16.7 0,0 -61.447,49.466 -72.63,105.739 -16.1,81.044 26.072,170.667 26.072,170.667 0,0 -19.194,-84.193 20.485,-153.971 16.627,-29.239 47.676,-63.819 74.492,-83.478 30.46,-22.331 55.869,-27.826 55.869,-27.826 0,0 36.166,6.686 68.905,55.652 12.261,18.339 26.846,42.126 31.659,66.783 11.488,58.848 1.862,133.565 1.862,133.565 0,0 41.487,-47.813 44.7,-128 2.718,-67.941 -37.246,-113.159 -37.246,-113.159 0,0 -10.414,-12.34 -9.581,-17.736 1.012,-6.55 13.305,-6.38 13.305,-6.38 a 226.339,226.339 0 0 1 59.593,25.971 c 37.294,23.409 76.354,59.362 76.354,59.362 0,0 -31.733,-74.906 -96.839,-116.87 -38.15,-24.592 -122.915,-29.686 -122.915,-29.686 z"
+       transform="translate(-60.555,-46.884)"
+       fill="#ff2885" />
+  </g>
+</svg>

frontend/js/app/openappsec-log/list/item.ejs

@@ -0,0 +1,77 @@
+
+<td>
+    <div <div class="text-nowrap">
+        <% var sevirityClass = 'bg-success'; 
+        switch (eventSeverity) {
+            case 'Critical':
+                sevirityClass = 'bg-danger';
+                break;
+            case 'Warning':
+                sevirityClass = 'bg-warning';
+                break;
+            case 'Info':
+                sevirityClass = 'bg-success';
+                //sevirityClass = 'bg-info';
+                break;
+            case 'Debug':
+                sevirityClass = 'bg-success';
+                break;
+        }
+        %>  
+        <span class="status-icon <%- sevirityClass %>"></span> <%- eventSeverity %>
+    </div>
+</td>
+<td>
+    <div>
+        <%
+        var items = [];
+        object_type = "test";
+        switch (object_type) {
+            case 'proxy-host':
+                %> <span class="text-success"><i class="fe fe-zap"></i></span> <%
+                items = meta.domain_names;
+                break;
+            case 'redirection-host':
+                %> <span class="text-yellow"><i class="fe fe-shuffle"></i></span> <%
+                items = meta.domain_names;
+                break;
+            case 'stream':
+                %> <span class="text-blue"><i class="fe fe-radio"></i></span> <%
+                items.push(meta.incoming_port);
+                break;
+            case 'dead-host':
+                %> <span class="text-danger"><i class="fe fe-zap-off"></i></span> <%
+                items = meta.domain_names;
+                break;
+            case 'access-list':
+                %> <span class="text-teal"><i class="fe fe-lock"></i></span> <%
+                items.push(meta.name);
+                break;
+            case 'user':
+                %> <span class="text-teal"><i class="fe fe-user"></i></span> <%
+                items.push(meta.name);
+                break;
+            case 'certificate':
+                %> <span class="text-pink"><i class="fe fe-shield"></i></span> <%
+                if (meta.provider === 'letsencrypt') {
+                    items = meta.domain_names;
+                } else {
+                    //items.push(meta.nice_name);
+                    items.push("test");
+                }
+                break;
+        }
+        %><%- eventName %> 
+    </div>
+    <div class="small text-muted">
+        <%- formatDbDate(eventTime, 'Do MMMM YYYY, h:mm a') %>
+    </div>
+</td>
+<td>
+    <div>
+        <%- serviceName %>
+    </div>
+</td>
+<td class="text-right">
+    <a href="#" class="meta btn btn-secondary btn-sm">open</a>
+</td>

frontend/js/app/openappsec-log/list/item.js

@@ -0,0 +1,32 @@
+const Mn         = require('backbone.marionette');
+const Controller = require('../../controller');
+const template   = require('./item.ejs');
+
+module.exports = Mn.View.extend({
+    template: template,
+    tagName:  'tr',
+
+    ui: {
+        meta: 'a.meta'
+    },
+
+    events: {
+        'click @ui.meta': function (e) {
+            e.preventDefault();
+            Controller.showOpenappsecMeta(this.model);
+        }
+    },
+
+    templateContext: {
+        more: function() {
+            switch (this.object_type) {
+                case 'redirection-host':
+                case 'stream':
+                case 'proxy-host':
+                    return this.meta.domain_names.join(', ');
+            }
+
+            return '#' + (this.object_id || '?');
+        }
+    }
+});

frontend/js/app/openappsec-log/list/main.ejs

@@ -0,0 +1,9 @@
+<thead>
+    <th>Severity</th>
+    <th>Event</th>
+    <th>Handler</th>
+    <th>&nbsp;</th>
+</thead>
+<tbody>
+    <!-- items -->
+</tbody>

frontend/js/app/openappsec-log/list/main.js

@@ -0,0 +1,27 @@
+const Mn       = require('backbone.marionette');
+const ItemView = require('./item');
+const template = require('./main.ejs');
+
+const TableBody = Mn.CollectionView.extend({
+    tagName:   'tbody',
+    childView: ItemView
+});
+
+module.exports = Mn.View.extend({
+    tagName:   'table',
+    className: 'table table-hover table-outline table-vcenter card-table',
+    template:  template,
+
+    regions: {
+        body: {
+            el:             'tbody',
+            replaceElement: true
+        }
+    },
+
+    onRender: function () {
+        this.showChildView('body', new TableBody({
+            collection: this.collection
+        }));
+    }
+});

frontend/js/app/openappsec-log/main.ejs

@@ -0,0 +1,25 @@
+<div class="card">
+    <div class="card-status bg-teal"></div>
+    <div class="card-header">
+        <h3 class="card-title">Security Log</h3>
+        <div class="card-options">
+            <form class="search-form" role="search">
+                <div class="input-icon">
+                    <span class="input-icon-addon">
+                      <i class="fe fe-search"></i>
+                    </span>
+                    <input name="source-query" type="text" value="" class="form-control form-control-sm" placeholder="<%- i18n('audit-log', 'search') %>" aria-label="<%- i18n('audit-log', 'search') %>">
+                </div>
+            </form>
+        </div>
+    </div>
+    <div class="card-body no-padding min-100">
+        <div class="dimmer active">
+            <div class="loader"></div>
+            <div class="dimmer-content list-region">
+                <!-- List Region -->
+            </div>
+        </div>
+
+    </div>
+</div>

frontend/js/app/openappsec-log/main.js

@@ -0,0 +1,82 @@
+const Mn            = require('backbone.marionette');
+const App           = require('../main');
+const OpenappsecLogModel = require('../../models/openappsec-log');
+const ListView      = require('./list/main');
+const template      = require('./main.ejs');
+const ErrorView     = require('../error/main');
+const EmptyView     = require('../empty/main');
+
+module.exports = Mn.View.extend({
+    id:       'openappsec-log',
+    template: template,
+
+    ui: {
+        list_region: '.list-region',
+        dimmer:      '.dimmer',
+        search:      '.search-form',
+        query:       'input[name="source-query"]'
+    },
+
+    fetch: App.Api.OpenappsecLog.getAll,
+
+    showData: function(response) {
+        this.showChildView('list_region', new ListView({
+            collection: new OpenappsecLogModel.Collection(response)
+        }));
+    },
+
+    showError: function(err) {
+        this.showChildView('list_region', new ErrorView({
+            code:    err.code,
+            message: err.message,
+            retry:   function () {
+                App.Controller.showOpenappsecLog();
+            }
+        }));
+
+        console.error(err);
+    },
+
+    showEmpty: function() {
+        this.showChildView('list_region', new EmptyView({
+            title:    App.i18n('audit-log', 'empty'),
+            subtitle: App.i18n('audit-log', 'empty-subtitle')
+        }));
+    },
+
+    regions: {
+        list_region: '@ui.list_region'
+    },
+
+    events: {
+        'submit @ui.search': function (e) {
+            e.preventDefault();
+            let query = this.ui.query.val();
+
+            this.fetch(['user'], query)
+                .then(response => this.showData(response))
+                .catch(err => {
+                    this.showError(err);
+                });
+        }
+    },
+
+    onRender: function () {
+        let view = this;
+
+        view.fetch(['user'])
+            .then(response => {
+                if (!view.isDestroyed() && response && response.length) {
+                    view.showData(response);
+                } else {
+                    view.showEmpty();
+                }
+            })
+            .catch(err => {
+                view.showError(err);
+            })
+            .then(() => {
+                view.ui.dimmer.removeClass('active');
+            });
+    }
+});

frontend/js/app/openappsec-log/meta.ejs

@@ -0,0 +1,27 @@
+<div class="modal-content">
+    <div class="modal-header">
+        <h5 class="modal-title"><%- eventName %></h5>
+        <button type="button" class="close cancel" aria-label="Close" data-dismiss="modal">&nbsp;</button>
+    </div>
+    <div class="modal-body">
+        <div class="mb-2">
+            <div class="tag tag-dark">
+                Handler
+                <span class="tag-addon tag-orange"><%- serviceName %></span>
+            </div>
+            <div class="tag tag-dark">
+                Severity
+                <span class="tag-addon tag-teal"><%- eventSeverity %></span>
+            </div>
+            <div class="tag tag-dark">
+                <%- i18n('audit-log', 'date') %>
+                <span class="tag-addon tag-primary"><%- formatDbDate(eventTime, 'Do MMMM YYYY, h:mm a') %></span>
+            </div>
+        </div>
+
+        <pre><%- JSON.stringify(meta, null, 2) %></pre>
+    </div>
+    <div class="modal-footer">
+        <button type="button" class="btn btn-secondary cancel" data-dismiss="modal"><%- i18n('str', 'close') %></button>
+    </div>
+</div>

frontend/js/app/openappsec-log/meta.js

@@ -0,0 +1,7 @@
+const Mn       = require('backbone.marionette');
+const template = require('./meta.ejs');
+
+module.exports = Mn.View.extend({
+    template:  template,
+    className: 'modal-dialog wide'
+});

frontend/js/models/openappsec-log.js

@@ -0,0 +1,18 @@
+const Backbone = require('backbone');
+
+const model = Backbone.Model.extend({
+    idAttribute: 'id',
+
+    defaults: function () {
+        return {
+            name: ''
+        };
+    }
+});
+
+module.exports = {
+    Model:      model,
+    Collection: Backbone.Collection.extend({
+        model: model
+    })
+};