-
Notifications
You must be signed in to change notification settings - Fork 102
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
For creating client specific detection points #35
Changes from 2 commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,12 +1,14 @@ | ||
package org.owasp.appsensor.core.configuration.server; | ||
|
||
import java.io.File; | ||
import java.util.List; | ||
import java.util.ArrayList; | ||
import java.util.Collection; | ||
import java.util.Collections; | ||
import java.util.HashMap; | ||
import java.util.HashSet; | ||
import java.util.Map; | ||
import java.util.Map.Entry; | ||
|
||
import javax.persistence.Transient; | ||
|
||
|
@@ -48,8 +50,21 @@ public abstract class ServerConfiguration { | |
|
||
private String geolocationDatabasePath; | ||
|
||
//Change for adding new custom client specific detection points | ||
private HashMap<String,List<DetectionPoint>> customDetectionPoints = new HashMap<String, List<DetectionPoint>>(); | ||
|
||
private static transient Map<String, ClientApplication> clientApplicationCache = Collections.synchronizedMap(new HashMap<String, ClientApplication>()); | ||
|
||
|
||
public HashMap<String,List<DetectionPoint>> getCustomDetectionPoints() { | ||
return customDetectionPoints; | ||
} | ||
|
||
public ServerConfiguration setCustomDetectionPoints(HashMap<String,List<DetectionPoint>> customPoints) { | ||
this.customDetectionPoints = customPoints; | ||
return this; | ||
} | ||
|
||
public File getConfigurationFile() { | ||
return configurationFile; | ||
} | ||
|
@@ -179,7 +194,7 @@ public Collection<String> getRelatedDetectionSystems(DetectionSystem detectionSy | |
* @return DetectionPoint populated with configuration information from server-side config | ||
*/ | ||
public Collection<DetectionPoint> findDetectionPoints(DetectionPoint search) { | ||
Collection<DetectionPoint> matches = new ArrayList<>(); | ||
Collection<DetectionPoint> matches = new ArrayList<DetectionPoint>(); | ||
|
||
for (DetectionPoint configuredDetectionPoint : getDetectionPoints()) { | ||
if (configuredDetectionPoint.typeMatches(search)) { | ||
|
@@ -190,6 +205,47 @@ public Collection<DetectionPoint> findDetectionPoints(DetectionPoint search) { | |
return matches; | ||
} | ||
|
||
/** | ||
* Locate matching client name in custom configuration from server-side config file. | ||
* | ||
* @param clientApplicationName the client name for which the detection point exists | ||
*/ | ||
public Boolean findCustomDectectionClientName(String clientName){ | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. @shreyasdn you should be able to delete this method altogether I think |
||
if(getCustomDetectionPoints().size() != 0){ | ||
return getCustomDetectionPoints().containsKey(clientName); | ||
} | ||
return false; | ||
|
||
} | ||
|
||
/** | ||
* Locate matching detection points configuration from server-side config file. | ||
* | ||
* @param search detection point that has been added to the system | ||
* @param clientApplicationName the client name for which the detection point exists | ||
* @return DetectionPoint populated with configuration information from server-side config | ||
*/ | ||
|
||
public Collection<DetectionPoint> findDetectionPoints(DetectionPoint search, String clientApplicationName) { | ||
Collection<DetectionPoint> matches = new ArrayList<DetectionPoint>(); | ||
|
||
for (Entry customDetectionPoint : getCustomDetectionPoints().entrySet()) { | ||
String clientName = customDetectionPoint.getKey().toString(); | ||
if(clientApplicationName.equals(clientName)){ | ||
List<DetectionPoint> customList = (List<DetectionPoint>)customDetectionPoint.getValue(); | ||
for(DetectionPoint customPoint: customList) | ||
{ | ||
if (customPoint.typeMatches(search)) { | ||
matches.add(customPoint); | ||
} | ||
} | ||
} | ||
|
||
|
||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. @shreyasdn the way I would do this is keep 2 lists. The first list would have what you've already done in this method. The second list would come from calling the existing findDetectionPoints method. That would give you the "normal" detection points, and the "custom" detection points for this client in 2 different lists. I would then "merge" the 2 lists by adding all the "custom" detection points first. Then I would go through the "normal" detection points and add each one ONLY if it does not already exist. Let me know if this is unclear. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I wanted to avoid the two loops there hence the hasDetectionPoints method and the two separate findDetectionPoints method. |
||
} | ||
return matches; | ||
} | ||
|
||
public ClientApplication findClientApplication(String clientApplicationName) { | ||
ClientApplication clientApplication = null; | ||
|
||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -47,11 +47,38 @@ | |
</xsd:sequence> | ||
</xsd:complexType> | ||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
<xsd:complexType name="detection-points"> | ||
<xsd:sequence> | ||
<xsd:element name="clients" type="asconfig:clients" minOccurs="0" maxOccurs="1" /> | ||
<xsd:element name="detection-point" type="asconfig:detection-point" minOccurs="0" maxOccurs="unbounded" /> | ||
</xsd:sequence> | ||
</xsd:complexType> | ||
|
||
<xsd:complexType name="clients"> | ||
<xsd:sequence> | ||
<xsd:element name="client" type="asconfig:client" minOccurs="1" maxOccurs="unbounded" /> | ||
</xsd:sequence> | ||
</xsd:complexType> | ||
|
||
<xsd:complexType name="client"> | ||
<xsd:sequence> | ||
<xsd:element name="client-name" type="xsd:string" minOccurs="1" maxOccurs="unbounded" /> | ||
<xsd:element name="custom-detection-point" type="asconfig:custom-detection-point" minOccurs="1" maxOccurs="unbounded" /> | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. @shreyasdn I don't think you need the "custom-detection-point" element at all. You can just use "detection-point" here and it should be fine. It should be clear that it's custom since it's nested within the "clients/client" elements. |
||
</xsd:sequence> | ||
</xsd:complexType> | ||
|
||
<xsd:complexType name="custom-detection-point"> | ||
<xsd:sequence> | ||
<xsd:element name="detection-point" type="asconfig:detection-point" minOccurs="1" maxOccurs="unbounded" /> | ||
</xsd:sequence> | ||
</xsd:complexType> | ||
|
||
|
||
<xsd:complexType name="interval"> | ||
<xsd:simpleContent> | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@shreyasdn I think this section (this if-else block) is actually un-necessary. If you make the changes I suggested below about the findDetectionPoints methods I think you should be fine without making any changes here EXCEPT you need to pass in the detection system id as the additional parameter as you've done below.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Here i wanted to avoid having two loops instead of one hence the call. Much more efficient with a get on a map and a loop instead of two loops would you agree?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sure, that's absolutely more efficient, but it does complicate the code a bit. I don't think it'll be that much of a performance hit with the simpler code, but if it is, we can always cache the data in the ServerConfiguration object. That way it'll be super fast for doing a lookup.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok will make those changes and resubmit by tonight.