[backend/frontend] Implement injectExpectations per agent level

openbas-api/src/main/java/io/openbas/collectors/expectations_expiration_manager/service/ExpectationsExpirationManagerService.java

@@ -19,46 +19,64 @@
 @Log
 public class ExpectationsExpirationManagerService {
 
+  public static final String COLLECTOR = "collector";
   private final InjectExpectationService injectExpectationService;
   private final ExpectationsExpirationManagerConfig config;
 
   @Transactional(rollbackFor = Exception.class)
   public void computeExpectations() {
     List<InjectExpectation> expectations = this.injectExpectationService.expectationsNotFill();
     if (!expectations.isEmpty()) {
+      this.computeExpectationsForAgents(expectations);
       this.computeExpectationsForAssets(expectations);
       this.computeExpectationsForAssetGroups(expectations);
       this.computeExpectations(expectations);
     }
   }
 
   // -- PRIVATE --
-
   private void computeExpectations(@NotNull final List<InjectExpectation> expectations) {
-    List<InjectExpectation> expectationAssets = expectations.stream().toList();
-    expectationAssets.forEach(
-        (expectation) -> {
+    expectations.forEach(
+        expectation -> {
           if (isExpired(expectation)) {
             String result = computeFailedMessage(expectation.getType());
             this.injectExpectationService.computeExpectation(
-                expectation, this.config.getId(), "collector", PRODUCT_NAME, result, false, null);
+                expectation, this.config.getId(), COLLECTOR, PRODUCT_NAME, result, false, null);
           }
         });
   }
 
-  private void computeExpectationsForAssets(@NotNull final List<InjectExpectation> expectations) {
-    List<InjectExpectation> expectationAssets =
-        expectations.stream().filter(e -> e.getAsset() != null).toList();
-    expectationAssets.forEach(
-        (expectation) -> {
+  private void computeExpectationsForAgents(@NotNull final List<InjectExpectation> expectations) {
+    List<InjectExpectation> expectationAgents =
+        expectations.stream().filter(e -> e.getAgent() != null).toList();
+    expectationAgents.forEach(
+        expectation -> {
           if (isExpired(expectation)) {
             String result = computeFailedMessage(expectation.getType());
             this.injectExpectationService.computeExpectation(
-                expectation, this.config.getId(), "collector", PRODUCT_NAME, result, false, null);
+                expectation, this.config.getId(), COLLECTOR, PRODUCT_NAME, result, false, null);
           }
         });
   }
 
+  private void computeExpectationsForAssets(@NotNull final List<InjectExpectation> expectations) {
+    List<InjectExpectation> expectationAssets =
+        expectations.stream().filter(e -> e.getAsset() != null && e.getAgent() == null).toList();
+    expectationAssets.forEach(
+        (expectationAsset -> {
+          List<InjectExpectation> expectationAgents =
+              this.injectExpectationService.expectationsForAgents(
+                  expectationAsset.getInject(),
+                  expectationAsset.getAsset(),
+                  expectationAsset.getType());
+          // Every agent expectation is filled
+          if (expectationAgents.stream().noneMatch(e -> e.getResults().isEmpty())) {
+            this.injectExpectationService.computeExpectationAsset(
+                expectationAsset, expectationAgents, this.config.getId(), COLLECTOR, PRODUCT_NAME);
+          }
+        }));
+  }
+
   private void computeExpectationsForAssetGroups(
       @NotNull final List<InjectExpectation> expectations) {
     List<InjectExpectation> expectationAssetGroups =
@@ -70,13 +88,13 @@ private void computeExpectationsForAssetGroups(
                   expectationAssetGroup.getInject(),
                   expectationAssetGroup.getAssetGroup(),
                   expectationAssetGroup.getType());
-          // Every expectation assets are filled
+          // Every asset expectation is filled
           if (expectationAssets.stream().noneMatch(e -> e.getResults().isEmpty())) {
             this.injectExpectationService.computeExpectationGroup(
                 expectationAssetGroup,
                 expectationAssets,
                 this.config.getId(),
-                "collector",
+                COLLECTOR,
                 PRODUCT_NAME);
           }
         }));

openbas-api/src/main/java/io/openbas/injectors/openbas/OpenBASImplantExecutor.java

@@ -21,6 +21,7 @@
 import io.openbas.model.expectation.PreventionExpectation;
 import io.openbas.service.AssetGroupService;
 import io.openbas.service.InjectExpectationService;
+import jakarta.persistence.EntityNotFoundException;
 import jakarta.validation.constraints.NotNull;
 import java.util.*;
 import java.util.stream.Stream;
@@ -226,7 +227,9 @@
   public ExecutionProcess process(Execution execution, ExecutableInject injection)
       throws Exception {
     Inject inject =
-        this.injectRepository.findById(injection.getInjection().getInject().getId()).orElseThrow();
+        this.injectRepository
+            .findById(injection.getInjection().getInject().getId())
+            .orElseThrow(() -> new EntityNotFoundException("Inject not found"));
     Map<Asset, Boolean> assets = this.resolveAllAssets(injection);
 
     // Check assets target

openbas-api/src/main/java/io/openbas/injectors/openbas/OpenBASInjector.java

@@ -15,8 +15,8 @@
 @Log
 public class OpenBASInjector {
 
-  private static final String OPENBAS_INJECTOR_NAME = "OpenBAS Implant";
-  private static final String OPENBAS_INJECTOR_ID = "49229430-b5b5-431f-ba5b-f36f599b0144";
+  public static final String OPENBAS_INJECTOR_NAME = "OpenBAS Implant";
+  public static final String OPENBAS_INJECTOR_ID = "49229430-b5b5-431f-ba5b-f36f599b0144";
 
   private String dlUri(OpenBASConfig openBASConfig, String platform, String arch) {
     return openBASConfig.getBaseUrlForAgent() + "/api/implant/openbas/" + platform + "/" + arch;
@@ -46,7 +46,7 @@ public OpenBASInjector(
     Map<String, String> executorCommands = new HashMap<>();
     executorCommands.put(
         Endpoint.PLATFORM_TYPE.Windows.name() + "." + Endpoint.PLATFORM_ARCH.x86_64,
-        "$x=\"#{location}\";$location=$x.Replace(\"\\obas-agent-caldera.exe\", \"\");[Environment]::CurrentDirectory = $location;$filename=\"obas-implant-#{inject}.exe\";$"
+        "$x=\"#{location}\";$location=$x.Replace(\"\\obas-agent-caldera.exe\", \"\");[Environment]::CurrentDirectory = $location;$filename=\"obas-implant-#{inject}-agent-#{agent}.exe\";$"
             + tokenVar
             + ";$"
             + serverVar
@@ -59,7 +59,7 @@ public OpenBASInjector(
             + ";$wc=New-Object System.Net.WebClient;$data=$wc.DownloadData($url);[io.file]::WriteAllBytes($filename,$data) | Out-Null;Remove-NetFirewallRule -DisplayName \"Allow OpenBAS Inbound\";New-NetFirewallRule -DisplayName \"Allow OpenBAS Inbound\" -Direction Inbound -Program \"$location\\$filename\" -Action Allow | Out-Null;Remove-NetFirewallRule -DisplayName \"Allow OpenBAS Outbound\";New-NetFirewallRule -DisplayName \"Allow OpenBAS Outbound\" -Direction Outbound -Program \"$location\\$filename\" -Action Allow | Out-Null;Start-Process -FilePath \"$location\\$filename\" -ArgumentList \"--uri $server --token $token --unsecured-certificate $unsecured_certificate --with-proxy $with_proxy --agent-id #{agent} --inject-id #{inject}\" -WindowStyle hidden;");
     executorCommands.put(
         Endpoint.PLATFORM_TYPE.Windows.name() + "." + Endpoint.PLATFORM_ARCH.arm64,
-        "$x=\"#{location}\";$location=$x.Replace(\"\\obas-agent-caldera.exe\", \"\");[Environment]::CurrentDirectory = $location;$filename=\"obas-implant-#{inject}.exe\";$"
+        "$x=\"#{location}\";$location=$x.Replace(\"\\obas-agent-caldera.exe\", \"\");[Environment]::CurrentDirectory = $location;$filename=\"obas-implant-#{inject}-agent-#{agent}.exe\";$"
             + tokenVar
             + ";$"
             + serverVar
@@ -72,7 +72,7 @@ public OpenBASInjector(
             + ";$wc=New-Object System.Net.WebClient;$data=$wc.DownloadData($url);[io.file]::WriteAllBytes($filename,$data) | Out-Null;Remove-NetFirewallRule -DisplayName \"Allow OpenBAS Inbound\";New-NetFirewallRule -DisplayName \"Allow OpenBAS Inbound\" -Direction Inbound -Program \"$location\\$filename\" -Action Allow | Out-Null;Remove-NetFirewallRule -DisplayName \"Allow OpenBAS Outbound\";New-NetFirewallRule -DisplayName \"Allow OpenBAS Outbound\" -Direction Outbound -Program \"$location\\$filename\" -Action Allow | Out-Null;Start-Process -FilePath \"$location\\$filename\" -ArgumentList \"--uri $server --token $token --unsecured-certificate $unsecured_certificate --with-proxy $with_proxy --agent-id #{agent} --inject-id #{inject}\" -WindowStyle hidden;");
     executorCommands.put(
         Endpoint.PLATFORM_TYPE.Linux.name() + "." + Endpoint.PLATFORM_ARCH.x86_64,
-        "x=\"#{location}\";location=$(echo \"$x\" | sed \"s#/openbas-caldera-agent##\");filename=obas-implant-#{inject};"
+        "x=\"#{location}\";location=$(echo \"$x\" | sed \"s#/openbas-caldera-agent##\");filename=obas-implant-#{inject}-agent-#{agent};"
             + serverVar
             + ";"
             + tokenVar
@@ -85,7 +85,7 @@ public OpenBASInjector(
             + " > $location/$filename;chmod +x $location/$filename;$location/$filename --uri $server --token $token --unsecured-certificate $unsecured_certificate --with-proxy $with_proxy --agent-id #{agent} --inject-id #{inject} &");
     executorCommands.put(
         Endpoint.PLATFORM_TYPE.Linux.name() + "." + Endpoint.PLATFORM_ARCH.arm64,
-        "x=\"#{location}\";location=$(echo \"$x\" | sed \"s#/openbas-caldera-agent##\");filename=obas-implant-#{inject};"
+        "x=\"#{location}\";location=$(echo \"$x\" | sed \"s#/openbas-caldera-agent##\");filename=obas-implant-#{inject}-agent-#{agent};"
             + serverVar
             + ";"
             + tokenVar
@@ -98,7 +98,7 @@ public OpenBASInjector(
             + " > $location/$filename;chmod +x $location/$filename;$location/$filename --uri $server --token $token --unsecured-certificate $unsecured_certificate --with-proxy $with_proxy --agent-id #{agent} --inject-id #{inject} &");
     executorCommands.put(
         Endpoint.PLATFORM_TYPE.MacOS.name() + "." + Endpoint.PLATFORM_ARCH.x86_64,
-        "x=\"#{location}\";location=$(echo \"$x\" | sed \"s#/openbas-caldera-agent##\");filename=obas-implant-#{inject};"
+        "x=\"#{location}\";location=$(echo \"$x\" | sed \"s#/openbas-caldera-agent##\");filename=obas-implant-#{inject}-agent-#{agent};"
             + serverVar
             + ";"
             + tokenVar
@@ -111,7 +111,7 @@ public OpenBASInjector(
             + " > $location/$filename;chmod +x $location/$filename;$location/$filename --uri $server --token $token --unsecured-certificate $unsecured_certificate --with-proxy $with_proxy --agent-id #{agent} --inject-id #{inject} &");
     executorCommands.put(
         Endpoint.PLATFORM_TYPE.MacOS.name() + "." + Endpoint.PLATFORM_ARCH.arm64,
-        "x=\"#{location}\";location=$(echo \"$x\" | sed \"s#/openbas-caldera-agent##\");filename=obas-implant-#{inject};"
+        "x=\"#{location}\";location=$(echo \"$x\" | sed \"s#/openbas-caldera-agent##\");filename=obas-implant-#{inject}-agent-#{agent};"
             + serverVar
             + ";"
             + tokenVar

openbas-api/src/main/java/io/openbas/migration/V3_62__Add_agent_to_inject_expectation.java

@@ -0,0 +1,24 @@
+package io.openbas.migration;
+
+import java.sql.Connection;
+import java.sql.Statement;
+import org.flywaydb.core.api.migration.BaseJavaMigration;
+import org.flywaydb.core.api.migration.Context;
+import org.springframework.stereotype.Component;
+
+@Component
+public class V3_62__Add_agent_to_inject_expectation extends BaseJavaMigration {
+
+  @Override
+  public void migrate(Context context) throws Exception {
+    Connection connection = context.getConnection();
+    Statement select = connection.createStatement();
+    // Add agent to inject expectation
+    select.execute(
+        """
+        ALTER TABLE injects_expectations ADD COLUMN agent_id varchar(256) constraint fk_agent references agents on delete cascade;
+        """);
+    select.execute(
+        "CREATE INDEX IF NOT EXISTS idx_inject_expectation_agent_id ON injects_expectations(agent_id);");
+  }
+}

openbas-api/src/main/java/io/openbas/rest/asset/endpoint/form/AgentOutput.java

@@ -6,7 +6,6 @@
 import com.fasterxml.jackson.annotation.JsonProperty;
 import io.openbas.database.model.*;
 import io.swagger.v3.oas.annotations.media.Schema;
-import jakarta.persistence.*;
 import jakarta.validation.constraints.NotBlank;
 import java.time.Instant;
 import lombok.Builder;

openbas-api/src/main/java/io/openbas/rest/atomic_testing/form/InjectTargetWithResult.java

@@ -1,8 +1,8 @@
 package io.openbas.rest.atomic_testing.form;
 
-import io.openbas.atomic_testing.TargetType;
 import io.openbas.database.model.Endpoint.PLATFORM_TYPE;
 import io.openbas.utils.AtomicTestingUtils.ExpectationResultsByType;
+import io.openbas.utils.TargetType;
 import jakarta.validation.constraints.NotBlank;
 import jakarta.validation.constraints.NotNull;
 import java.util.ArrayList;

openbas-api/src/main/java/io/openbas/rest/atomic_testing/form/TargetSimple.java

@@ -1,7 +1,7 @@
 package io.openbas.rest.atomic_testing.form;
 
 import com.fasterxml.jackson.annotation.JsonProperty;
-import io.openbas.atomic_testing.TargetType;
+import io.openbas.utils.TargetType;
 import jakarta.validation.constraints.NotBlank;
 import lombok.Builder;
 import lombok.Getter;

openbas-api/src/main/java/io/openbas/rest/attack_pattern/form/AttackPatternCreateInput.java

@@ -17,8 +17,6 @@ public class AttackPatternCreateInput {
   @JsonProperty("attack_pattern_stix_id")
   private String stixId = "attack-pattern--" + UUID.randomUUID();
 
-  ;
-
   @NotBlank(message = MANDATORY_MESSAGE)
   @JsonProperty("attack_pattern_name")
   private String name;

openbas-api/src/main/java/io/openbas/rest/exercise/form/ExpectationUpdateInput.java

@@ -2,11 +2,12 @@
 
 import com.fasterxml.jackson.annotation.JsonProperty;
 import jakarta.validation.constraints.NotNull;
-import lombok.Getter;
-import lombok.Setter;
+import lombok.*;
 
-@Getter
-@Setter
+@AllArgsConstructor
+@NoArgsConstructor
+@Builder
+@Data
 public class ExpectationUpdateInput {
   @JsonProperty("source_id")
   @NotNull

openbas-api/src/main/java/io/openbas/rest/exercise/service/ExerciseService.java

@@ -14,7 +14,6 @@
 
 import com.fasterxml.jackson.databind.JsonNode;
 import com.fasterxml.jackson.databind.node.ArrayNode;
-import io.openbas.atomic_testing.TargetType;
 import io.openbas.config.OpenBASConfig;
 import io.openbas.database.model.*;
 import io.openbas.database.raw.RawExerciseSimple;
@@ -37,6 +36,7 @@
 import io.openbas.utils.ExerciseMapper;
 import io.openbas.utils.InjectMapper;
 import io.openbas.utils.ResultUtils;
+import io.openbas.utils.TargetType;
 import jakarta.annotation.Resource;
 import jakarta.persistence.EntityManager;
 import jakarta.persistence.PersistenceContext;