infra scan audit enhancement (hygieia#94)

* infra scan audit updated

* infra scan audit updated2

* request content format

Author: nameisaravind

pom.xml

@@ -4,7 +4,7 @@
     <artifactId>api-audit</artifactId>
     <packaging>jar</packaging>
     <name>${project.groupId}:${project.artifactId}</name>
-    <version>3.6.3-SNAPSHOT</version>
+    <version>3.6.4-SNAPSHOT</version>
     <description>Hygieia Audit Rest API Layer</description>
     <url>https://github.com/Hygieia/${repository.name}</url>
 

src/main/java/com/capitalone/dashboard/evaluator/InfrastructureEvaluator.java

@@ -13,17 +13,21 @@
 import org.apache.commons.collections.CollectionUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
+import org.springframework.util.StringUtils;
 
 import java.util.Collection;
 import java.util.Collections;
 import java.util.List;
 import java.util.Map;
 import java.util.Objects;
+import java.util.HashMap;
+import java.util.Comparator;
 import java.util.stream.Collectors;
 
 @Component
 public class InfrastructureEvaluator extends Evaluator<InfrastructureAuditResponse> {
 
+    private static final String BUSINESS_SERVICE = "businessService";
     public static final String BUSINESS_COMPONENT = "businessComponent";
     private final InfrastructureScanRepository infrastructureScanRepository;
 
@@ -40,7 +44,7 @@ public Collection<InfrastructureAuditResponse> evaluate(Dashboard dashboard, lon
         if (CollectionUtils.isEmpty(infrastructureScanItems)) {
             throw new AuditException("No Infrastructure scan items configured", AuditException.NO_COLLECTOR_ITEM_CONFIGURED);
         }
-        return infrastructureScanItems.stream().map(item -> evaluate(item, beginDate, endDate, Collections.singletonMap(BUSINESS_COMPONENT, dashboard.getConfigurationItemBusAppName()))).collect(Collectors.toList());
+        return infrastructureScanItems.stream().map(item -> evaluate(item, beginDate, endDate, getBusinessItemsMap(dashboard))).collect(Collectors.toList());
     }
 
     @Override
@@ -51,46 +55,59 @@ public Collection<InfrastructureAuditResponse> evaluateNextGen(ArtifactAuditRequ
 
     @Override
     public InfrastructureAuditResponse evaluate(CollectorItem collectorItem, long beginDate, long endDate, Map<?, ?> data) {
-        return getInfrastructureScanResponse(collectorItem, beginDate, endDate, (String) data.get(BUSINESS_COMPONENT));
+        return getInfrastructureScanResponse(collectorItem, beginDate, endDate, data);
     }
 
 
-    private InfrastructureAuditResponse getInfrastructureScanResponse(CollectorItem collectorItem, long beginDate, long endDate, String businessComponent) {
+    private InfrastructureAuditResponse getInfrastructureScanResponse(CollectorItem collectorItem, long beginDate, long endDate, Map<?, ?> data) {
+        String businessService = (String) data.get(BUSINESS_SERVICE);
+        String businessComponent = (String) data.get(BUSINESS_COMPONENT);
         InfrastructureAuditResponse infrastructureAuditResponse = new InfrastructureAuditResponse();
         infrastructureAuditResponse.setAuditEntity(collectorItem.getOptions());
         infrastructureAuditResponse.setLastUpdated(collectorItem.getLastUpdated());
 
         List<InfrastructureScan> infrastructureScans = infrastructureScanRepository.findByCollectorItemIdAndTimestampIsBetweenOrderByTimestampDesc(collectorItem.getId(), beginDate - 1, endDate + 1);
-        // filter all scans for businesssComponent
-        List<InfrastructureScan> filteredForBAP = infrastructureScans.stream().filter(infrastructureScan -> infrastructureScan.getBusinessApplication().equalsIgnoreCase(businessComponent)).collect(Collectors.toList());
+        List<InfrastructureScan> filteredForBAP = StringUtils.isEmpty(businessComponent) ? Collections.EMPTY_LIST :
+                infrastructureScans.stream().filter(infrastructureScan -> infrastructureScan.getBusinessApplication().equalsIgnoreCase(businessComponent)).collect(Collectors.toList());
+
         if (CollectionUtils.isNotEmpty(filteredForBAP)) {
-            setInfraAudit(infrastructureAuditResponse, filteredForBAP, InfrastructureAuditStatus.INFRA_SCAN_BUSS_COMP_CRITICAL, InfrastructureAuditStatus.INFRA_SCAN_BUSS_COMP_HIGH, InfrastructureAuditStatus.INFRA_SCAN_BUSS_COMP_OK);
+            InfrastructureScan infrastructureScanLatest = filteredForBAP.stream().sorted(Comparator.comparing(InfrastructureScan::getTimestamp).reversed()).findFirst().get();
+            setInfraAudit(infrastructureAuditResponse, infrastructureScanLatest, InfrastructureAuditStatus.INFRA_SCAN_BUSS_COMP_CRITICAL, InfrastructureAuditStatus.INFRA_SCAN_BUSS_COMP_HIGH, InfrastructureAuditStatus.INFRA_SCAN_BUSS_COMP_OK);
+            infrastructureAuditResponse.setInfrastructureScans(Collections.singletonList(infrastructureScanLatest));
         } else {
             infrastructureAuditResponse.addAuditStatus(InfrastructureAuditStatus.INFRA_SEC_SCAN_BUSS_COMP_NOT_FOUND);
+            List<InfrastructureScan> filteredForASV = StringUtils.isEmpty(businessService) ? Collections.EMPTY_LIST :
+                    infrastructureScans.stream().filter(infrastructureScan -> infrastructureScan.getBusinessService().equalsIgnoreCase(businessService)).collect(Collectors.toList());
+            if (CollectionUtils.isNotEmpty(filteredForASV)) {
+                InfrastructureScan infrastructureScanLatest = filteredForASV.stream().sorted(Comparator.comparing(InfrastructureScan::getTimestamp).reversed()).findFirst().get();
+                setInfraAudit(infrastructureAuditResponse, infrastructureScanLatest, InfrastructureAuditStatus.INFRA_SEC_SCAN_BUSS_APP_CRITICAL, InfrastructureAuditStatus.INFRA_SEC_SCAN_BUSS_APP_HIGH, InfrastructureAuditStatus.INFRA_SEC_SCAN_BUSS_APP_OK);
+                infrastructureAuditResponse.setInfrastructureScans(Collections.singletonList(infrastructureScanLatest));
+            } else {
+                infrastructureAuditResponse.addAuditStatus(InfrastructureAuditStatus.INFRA_SEC_SCAN_BUSS_APP_NOT_FOUND);
+                infrastructureAuditResponse.setInfrastructureScans(Collections.EMPTY_LIST);
+            }
         }
-        //
-        if (CollectionUtils.isNotEmpty(infrastructureScans)) {
-            setInfraAudit(infrastructureAuditResponse, infrastructureScans, InfrastructureAuditStatus.INFRA_SEC_SCAN_BUSS_APP_CRITICAL, InfrastructureAuditStatus.INFRA_SEC_SCAN_BUSS_APP_HIGH, InfrastructureAuditStatus.INFRA_SEC_SCAN_BUSS_APP_OK);
-        } else {
-            infrastructureAuditResponse.addAuditStatus(InfrastructureAuditStatus.INFRA_SEC_SCAN_BUSS_APP_NOT_FOUND);
-        }
-        infrastructureAuditResponse.setInfrastructureScans(infrastructureScans);
         return infrastructureAuditResponse;
     }
 
-    private void setInfraAudit(InfrastructureAuditResponse infrastructureAuditResponse, List<InfrastructureScan> filteredForBAP, InfrastructureAuditStatus infraScanBussCritical, InfrastructureAuditStatus infraScanBussHigh, InfrastructureAuditStatus infraScanOK) {
-        filteredForBAP.stream().forEach(infrastructureScan -> {
-            Vulnerability criticalVuln = CollectionUtils.isNotEmpty(infrastructureScan.getVulnerabilities()) ? infrastructureScan.getVulnerabilities().stream().filter(vulnerability -> vulnerability.getContextualizedRiskLabel().equalsIgnoreCase("CRITICAL")).findAny().orElse(null) : null;
-            if (Objects.nonNull(criticalVuln)) {
-                infrastructureAuditResponse.addAuditStatus(infraScanBussCritical);
-            }
-            Vulnerability highVuln = CollectionUtils.isNotEmpty(infrastructureScan.getVulnerabilities()) ? infrastructureScan.getVulnerabilities().stream().filter(vulnerability -> vulnerability.getContextualizedRiskLabel().equalsIgnoreCase("HIGH")).findAny().orElse(null) : null;
-            if (Objects.nonNull(highVuln)) {
-                infrastructureAuditResponse.addAuditStatus(infraScanBussHigh);
-            }
-            if(Objects.isNull(criticalVuln) && Objects.isNull(highVuln)){
-                infrastructureAuditResponse.addAuditStatus(infraScanOK);
-            }
-        });
+    private void setInfraAudit(InfrastructureAuditResponse infrastructureAuditResponse, InfrastructureScan infrastructureScan, InfrastructureAuditStatus infraScanBussCritical, InfrastructureAuditStatus infraScanBussHigh, InfrastructureAuditStatus infraScanOK) {
+        Vulnerability criticalVuln = CollectionUtils.isNotEmpty(infrastructureScan.getVulnerabilities()) ? infrastructureScan.getVulnerabilities().stream().filter(vulnerability -> vulnerability.getContextualizedRiskLabel().equalsIgnoreCase("CRITICAL")).findAny().orElse(null) : null;
+        if (Objects.nonNull(criticalVuln)) {
+            infrastructureAuditResponse.addAuditStatus(infraScanBussCritical);
+        }
+        Vulnerability highVuln = CollectionUtils.isNotEmpty(infrastructureScan.getVulnerabilities()) ? infrastructureScan.getVulnerabilities().stream().filter(vulnerability -> vulnerability.getContextualizedRiskLabel().equalsIgnoreCase("HIGH")).findAny().orElse(null) : null;
+        if (Objects.nonNull(highVuln)) {
+            infrastructureAuditResponse.addAuditStatus(infraScanBussHigh);
+        }
+        if(Objects.isNull(criticalVuln) && Objects.isNull(highVuln)){
+            infrastructureAuditResponse.addAuditStatus(infraScanOK);
+        }
+    }
+
+    private Map<?, ?> getBusinessItemsMap(Dashboard dashboard) {
+        Map bMap = new HashMap();
+        bMap.put(BUSINESS_SERVICE, dashboard.getConfigurationItemBusServName());
+        bMap.put(BUSINESS_COMPONENT, dashboard.getConfigurationItemBusAppName());
+        return bMap;
     }
 }

src/main/java/com/capitalone/dashboard/logging/LoggingFilter.java

@@ -9,6 +9,8 @@
 import org.apache.commons.io.output.TeeOutputStream;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.log4j.Logger;
+import org.json.simple.parser.JSONParser;
+import org.json.simple.parser.ParseException;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.core.annotation.Order;
 import org.springframework.stereotype.Component;
@@ -132,10 +134,11 @@ public void doFilter(ServletRequest request, ServletResponse response, FilterCha
 
         chain.doFilter(bufferedRequest, bufferedResponse);
         requestLog.setResponseContentType(httpServletResponse.getContentType());
+        JSONParser jsonParser = new JSONParser();
         try {
 
             if ((httpServletRequest.getContentType() != null) && (new MimeType(httpServletRequest.getContentType()).match(new MimeType(APPLICATION_JSON_VALUE)))) {
-                requestLog.setRequestBody(bufferedRequest.getRequestBody());
+                requestLog.setRequestBody(getRawDataForLog(bufferedRequest.getRequestBody(), jsonParser));
             }
             // removing the logging of responses as the collection size is way too big
         } catch (MimeTypeParseException e) {
@@ -168,6 +171,13 @@ public void doFilter(ServletRequest request, ServletResponse response, FilterCha
         }
     }
 
+    private Object getRawDataForLog(String content, JSONParser parser) {
+        try {
+            return parser.parse(content);
+        } catch (ParseException e) {
+            return content;
+        }
+    }
 
     private Map<String, String> getTypesafeRequestMap(HttpServletRequest request) {
         Map<String, String> typesafeRequestMap = new HashMap<>();