[backend/frontend] Implement security platforms validations for expec…

…tations (#1105)

openbas-api/src/main/java/io/openbas/collectors/expectations_expiration_manager/ExpectationsExpirationManagerJob.java

@@ -22,7 +22,7 @@ public ExpectationsExpirationManagerJob(CollectorService collectorService, Expec
     try {
       collectorService.register(config.getId(), FAKE_DETECTOR_COLLECTOR_TYPE, FAKE_DETECTOR_COLLECTOR_NAME, getClass().getResourceAsStream("/img/icon-fake-detector.png"));
     } catch (Exception e) {
-      log.log(Level.SEVERE, "Error creating fake detector collector");
+      log.log(Level.SEVERE, "Error creating expectations expiration manager ");
     }
   }
 
@@ -32,7 +32,7 @@ public void run() {
     try {
       this.fakeDetectorService.computeExpectations();
     } catch (Exception e) {
-      log.log(Level.SEVERE, "Error running fake detector service");
+      log.log(Level.SEVERE, "Error running expectations expiration manager service", e);
     }
   }
 

openbas-api/src/main/java/io/openbas/collectors/expectations_expiration_manager/service/ExpectationsExpirationManagerService.java

@@ -45,6 +45,7 @@ private void computeExpectations(@NotNull final List<InjectExpectation> expectat
                 this.injectExpectationService.computeExpectation(
                         expectation,
                         this.config.getId(),
+                        "collector",
                         PRODUCT_NAME,
                         result,
                         false
@@ -62,6 +63,7 @@ private void computeExpectationsForAssets(@NotNull final List<InjectExpectation>
                 this.injectExpectationService.computeExpectation(
                         expectation,
                         this.config.getId(),
+                        "collector",
                         PRODUCT_NAME,
                         result,
                         false
@@ -82,6 +84,7 @@ private void computeExpectationsForAssetGroups(@NotNull final List<InjectExpecta
                         expectationAssetGroup,
                         expectationAssets,
                         this.config.getId(),
+                        "collector",
                         PRODUCT_NAME
                 );
             }

openbas-api/src/main/java/io/openbas/collectors/expectations_expiration_manager/utils/ExpectationUtils.java

@@ -18,9 +18,9 @@ public static boolean isExpired(@NotNull final InjectExpectation expectation, fi
 
   public static String computeFailedMessage(@NotNull final EXPECTATION_TYPE expectationType) {
     return DETECTION.equals(expectationType)
-        ? "Not detected"
+        ? "Not Detected"
         : PREVENTION.equals(expectationType)
-            ? "Not prevented"
+            ? "Not Prevented"
             : "FAILED";
   }
 

openbas-api/src/main/java/io/openbas/expectation/ExpectationType.java

@@ -1,17 +1,19 @@
 package io.openbas.expectation;
 
 public enum ExpectationType {
-  DETECTION("Detected", "Pending", "Undetected"),
-  HUMAN_RESPONSE("Successful", "Pending", "Failed"),
-  PREVENTION("Blocked", "Pending", "Unblocked");
+  DETECTION("Detected", "Pending", "Partially Detected", "Not Detected"),
+  HUMAN_RESPONSE("Successful", "Pending", "Partial", "Failed"),
+  PREVENTION("Blocked", "Pending", "Partially Prevented", "Not Prevented");
 
   public final String successLabel;
   public final String pendingLabel;
+  public final String partialLabel;
   public final String failureLabel;
 
-  ExpectationType(String successLabel, String pendingLabel, String failureLabel) {
+  ExpectationType(String successLabel, String pendingLabel, String partialLabel, String failureLabel) {
     this.successLabel = successLabel;
     this.pendingLabel = pendingLabel;
+    this.partialLabel = partialLabel;
     this.failureLabel = failureLabel;
   }
 

openbas-api/src/main/java/io/openbas/injectors/caldera/CalderaExecutor.java

@@ -18,6 +18,7 @@
 import io.openbas.model.ExecutionProcess;
 import io.openbas.model.Expectation;
 import io.openbas.model.expectation.DetectionExpectation;
+import io.openbas.model.expectation.ManualExpectation;
 import io.openbas.model.expectation.PreventionExpectation;
 import io.openbas.utils.Time;
 import jakarta.validation.constraints.NotNull;
@@ -34,10 +35,12 @@
 
 import static io.openbas.database.model.InjectExpectationSignature.*;
 import static io.openbas.database.model.InjectStatusExecution.*;
-import static io.openbas.model.expectation.DetectionExpectation.detectionExpectation;
+import static io.openbas.model.expectation.DetectionExpectation.detectionExpectationForAsset;
 import static io.openbas.model.expectation.DetectionExpectation.detectionExpectationForAssetGroup;
 import static io.openbas.model.expectation.PreventionExpectation.preventionExpectationForAsset;
 import static io.openbas.model.expectation.PreventionExpectation.preventionExpectationForAssetGroup;
+import static io.openbas.model.expectation.ManualExpectation.manualExpectationForAsset;
+import static io.openbas.model.expectation.ManualExpectation.manualExpectationForAssetGroup;
 import static java.time.Instant.now;
 
 @Component(CalderaContract.TYPE)
@@ -237,7 +240,9 @@ private void computeExpectationsForAsset(@NotNull final List<Expectation> expect
                 case PREVENTION ->
                         Stream.of(preventionExpectationForAsset(expectation.getScore(), expectation.getName(), expectation.getDescription(), asset, expectationGroup, injectExpectationSignatures)); // expectationGroup usefully in front-end
                 case DETECTION ->
-                        Stream.of(detectionExpectation(expectation.getScore(), expectation.getName(), expectation.getDescription(), asset, expectationGroup, injectExpectationSignatures));
+                        Stream.of(detectionExpectationForAsset(expectation.getScore(), expectation.getName(), expectation.getDescription(), asset, expectationGroup, injectExpectationSignatures));
+                case MANUAL ->
+                        Stream.of(manualExpectationForAsset(expectation.getScore(), expectation.getName(), expectation.getDescription(), asset, expectationGroup));
                 default -> Stream.of();
             }).toList());
         }
@@ -266,6 +271,14 @@ private void computeExpectationsForAssetGroup(@NotNull final List<Expectation> e
                     }
                     yield Stream.of();
                 }
+                case MANUAL -> {
+                    // Verify that at least one asset in the group has been executed
+                    List<Asset> assets = this.assetGroupService.assetsFromAssetGroup(assetGroup.getId());
+                    if (assets.stream().anyMatch((asset) -> expectations.stream().filter(e -> EXPECTATION_TYPE.MANUAL == e.type()).anyMatch((e) -> ((ManualExpectation) e).getAsset() != null && ((ManualExpectation) e).getAsset().getId().equals(asset.getId())))) {
+                        yield Stream.of(manualExpectationForAssetGroup(expectation.getScore(), expectation.getName(), expectation.getDescription(), assetGroup, expectation.isExpectationGroup()));
+                    }
+                    yield Stream.of();
+                }
                 default -> Stream.of();
             }).toList());
         }

openbas-api/src/main/java/io/openbas/rest/asset/security_platforms/SecurityPlatformApi.java

@@ -2,6 +2,7 @@
 
 import io.openbas.asset.EndpointService;
 import io.openbas.database.model.*;
+import io.openbas.database.raw.RawAttackPattern;
 import io.openbas.database.repository.*;
 import io.openbas.database.specification.AssetAgentJobSpecification;
 import io.openbas.database.specification.EndpointSpecification;
@@ -51,6 +52,11 @@ public class SecurityPlatformApi {
     private final DocumentRepository documentRepository;
     private final TagRepository tagRepository;
 
+    @GetMapping(SECURITY_PLATFORM_URI)
+    public Iterable<SecurityPlatform> securityPlatforms() {
+        return securityPlatformRepository.findAll();
+    }
+
     @PostMapping(SECURITY_PLATFORM_URI)
     @PreAuthorize("isPlanner()")
     @Transactional(rollbackOn = Exception.class)