-
Notifications
You must be signed in to change notification settings - Fork 4
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* filter out domains that don't link to cidrs filter out domains that don't link to cidrs * update tests update tests * run linter run linter * update domain.test.ts update domain.test.ts with isFceb so tests run as normal * update all domains.create statements in tests update all domains.create statements in tests * fix vuln tests fix vuln tests * Update test snapshots * Update backend andWhere domain filter query with parenthesis --------- Co-authored-by: aloftus23 <andylofti@gmail.com> Co-authored-by: Amelia Vance <amelia.vance@associates.cisa.dhs.gov>
- Loading branch information
1 parent
1c5e30a
commit 6cf0624
Showing
30 changed files
with
417 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
import { CommandOptions } from './ecs-client'; | ||
import checkIpInCidr from './helpers/checkIpInCidr'; | ||
import { Organization, connectToDatabase } from '../models'; | ||
|
||
export const handler = async (commandOptions: CommandOptions) => { | ||
const db_connection = await connectToDatabase(); | ||
const organization_repo = db_connection.getRepository(Organization); | ||
const organizations = await organization_repo.find({ | ||
relations: ['domains'] | ||
}); | ||
for (const organization of organizations) { | ||
for (const domain of organization.domains) { | ||
if (domain.ip) { | ||
const cidrSectorDict = await checkIpInCidr( | ||
domain.ip, | ||
organization.acronym | ||
); | ||
if (cidrSectorDict['isInCidr']) { | ||
domain.fromCidr = true; | ||
} | ||
if (cidrSectorDict['isExecutive']) { | ||
domain.isFceb = true; | ||
} | ||
domain.save(); | ||
} | ||
} | ||
} | ||
}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,61 @@ | ||
import { getRepository } from 'typeorm'; | ||
import { Cidr, DL_Organization, connectToDatalake2 } from '../../models'; | ||
|
||
export default async ( | ||
ip: string, | ||
acronym: string | ||
): Promise<{ isInCidr: boolean; isExecutive: boolean }> => { | ||
// await connectToDatalake2() | ||
// const cidrRepository = getRepository(Cidr); | ||
// const organizationRepository = getRepository(DL_Organization); | ||
|
||
// Find the organization by acronym | ||
const mdl_connection = await connectToDatalake2(); | ||
const mdl_organization_repo = mdl_connection.getRepository(DL_Organization); | ||
const organization = await mdl_organization_repo.findOne({ | ||
where: { acronym }, | ||
relations: ['cidrs', 'sectors', 'parent'] | ||
}); | ||
|
||
if (!organization) { | ||
return { isInCidr: false, isExecutive: false }; | ||
} | ||
|
||
const isOrganizationExecutive = async ( | ||
org: DL_Organization | ||
): Promise<boolean> => { | ||
if (org.sectors.some((sector) => sector.acronym === 'EXECUTIVE')) { | ||
return true; | ||
} | ||
if (org.parent) { | ||
const parentOrg = await mdl_organization_repo.findOne({ | ||
where: { id: org.parent.id }, | ||
relations: ['sectors'] | ||
}); | ||
|
||
return parentOrg ? await isOrganizationExecutive(parentOrg) : false; | ||
} | ||
return false; | ||
}; | ||
|
||
const isExecutive = await isOrganizationExecutive(organization); | ||
|
||
// Get CIDRs related to the organization | ||
const cidrs = organization.cidrs.map((cidr) => cidr.network); | ||
|
||
if (cidrs.length === 0) { | ||
return { isInCidr: false, isExecutive }; // No CIDRs associated with the organization | ||
} | ||
|
||
// Check if the IP is in any of the CIDRs | ||
const mdl_cidr_repo = mdl_connection.getRepository(Cidr); | ||
const result = await mdl_cidr_repo | ||
.createQueryBuilder('cidr') | ||
.where('cidr.network >>= :ip', { ip }) | ||
.andWhere('cidr.id IN (:...cidrIds)', { | ||
cidrIds: organization.cidrs.map((cidr) => cidr.id) | ||
}) | ||
.getCount(); | ||
|
||
return { isInCidr: result > 0, isExecutive }; | ||
}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.