diff --git a/backend/env.yml b/backend/env.yml
index 269fce6c7..da3362d88 100644
--- a/backend/env.yml
+++ b/backend/env.yml
@@ -92,7 +92,7 @@ prod:
REACT_APP_RANDOM_PASSWORD: ${ssm:/crossfeed/prod/REACT_APP_RANDOM_PASSWORD}
MATOMO_URL: http://matomo.crossfeed.local
EXPORT_BUCKET_NAME: cisa-crossfeed-prod-exports
- PE_API_URL: ${ssm:/crossfeed/staging/PE_API_URL}
+ PE_API_URL: ${ssm:/crossfeed/prod/PE_API_URL}
REPORTS_BUCKET_NAME: cisa-crossfeed-prod-reports
CLOUDWATCH_BUCKET_NAME: cisa-crossfeed-prod-cloudwatch
STAGE: prod
diff --git a/backend/src/api/app.ts b/backend/src/api/app.ts
index 0bbd3242f..16f13526b 100644
--- a/backend/src/api/app.ts
+++ b/backend/src/api/app.ts
@@ -61,7 +61,7 @@ app.use(express.json({ strict: false }));
app.use(
cors({
- origin: [/crossfeed\.cyber\.dhs\.gov$/, /localhost$/],
+ origin: '*',
methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS']
})
);
diff --git a/backend/src/api/organizations.ts b/backend/src/api/organizations.ts
index a5eeb742c..cbae68f2e 100644
--- a/backend/src/api/organizations.ts
+++ b/backend/src/api/organizations.ts
@@ -367,13 +367,18 @@ export const create = wrapHandler(async (event) => {
* - Organizations
*/
export const list = wrapHandler(async (event) => {
+ console.log('list function called with event: ', event);
+
if (!isGlobalViewAdmin(event) && getOrgMemberships(event).length === 0) {
return {
+ //TODO: Should we return a 403?
statusCode: 200,
body: JSON.stringify([])
};
}
await connectToDatabase();
+ console.log('Database connected');
+
let where: any = { parent: null };
if (!isGlobalViewAdmin(event)) {
where = { id: In(getOrgMemberships(event)), parent: null };
@@ -384,6 +389,8 @@ export const list = wrapHandler(async (event) => {
order: { name: 'ASC' }
});
+ console.log('Organization.find result: ', result);
+
return {
statusCode: 200,
body: JSON.stringify(result)
diff --git a/backend/src/tasks/vuln-sync.ts b/backend/src/tasks/vuln-sync.ts
index 5ca81579d..f7f6ded3a 100644
--- a/backend/src/tasks/vuln-sync.ts
+++ b/backend/src/tasks/vuln-sync.ts
@@ -189,35 +189,38 @@ export const handler = async (commandOptions: CommandOptions) => {
}
let serviceId;
- try {
- // Save discovered services to the Service table
- [serviceId] = await saveServicesToDb([
- plainToClass(Service, {
- domain: { id: domainId },
- discoveredBy: { id: commandOptions.scanId },
- port: vuln.port,
- lastSeen: new Date(vuln.last_seen),
- banner:
- vuln.banner == null ? null : sanitizeStringField(vuln.banner),
- serviceSource: vuln.source,
- shodanResults:
- vuln.source === 'shodan'
- ? {
- product: vuln.product,
- version: vuln.version,
- cpe: vuln.cpe
- }
- : {}
- })
- ]);
- console.log('Saved services.');
- } catch (e) {
- console.error(
- 'Could not save services. Continuing to next vulnerability.'
- );
- console.error(e);
- continue;
+ if (vuln.port != null) {
+ try {
+ // Save discovered services to the Service table
+ [serviceId] = await saveServicesToDb([
+ plainToClass(Service, {
+ domain: { id: domainId },
+ discoveredBy: { id: commandOptions.scanId },
+ port: vuln.port,
+ lastSeen: new Date(vuln.last_seen),
+ banner:
+ vuln.banner == null ? null : sanitizeStringField(vuln.banner),
+ serviceSource: vuln.source,
+ shodanResults:
+ vuln.source === 'shodan'
+ ? {
+ product: vuln.product,
+ version: vuln.version,
+ cpe: vuln.cpe
+ }
+ : {}
+ })
+ ]);
+ console.log('Saved services.');
+ } catch (e) {
+ console.error(
+ 'Could not save services. Continuing to next vulnerability.'
+ );
+ console.error(e);
+ continue;
+ }
}
+
try {
const vulns: Vulnerability[] = [];
vulns.push(
@@ -229,11 +232,12 @@ export const handler = async (commandOptions: CommandOptions) => {
cwe: vuln.cwe,
description: vuln.description,
cvss: vuln.cvss,
+ severity: vuln.severity,
state: vuln.state,
structuredData: vuln.structuredData,
source: vuln.source,
needsPopulation: vuln.needsPopulation,
- service: { id: serviceId }
+ service: vuln.port == null ? null : { id: serviceId }
})
);
await saveVulnerabilitiesToDb(vulns, false);
diff --git a/frontend/scripts/constants.js b/frontend/scripts/constants.js
index cf7dfc669..3520ae39e 100644
--- a/frontend/scripts/constants.js
+++ b/frontend/scripts/constants.js
@@ -1,3 +1,3 @@
//CORS Options
-export const ALLOW_ORIGIN = [/crossfeed\.cyber\.dhs\.gov$/, /localhost$/];
+export const ALLOW_ORIGIN = '*';
export const ALLOW_METHODS = ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'];
diff --git a/frontend/src/App.tsx b/frontend/src/App.tsx
index 31dc5de6b..818a0f3d4 100644
--- a/frontend/src/App.tsx
+++ b/frontend/src/App.tsx
@@ -130,7 +130,7 @@ const App: React.FC = () => (
exact
path="/inventory"
component={SearchPage}
- permissions={['globalView']}
+ permissions={['standard', 'globalView']}
/>
+ )} */}
+ {/*
Use of the computer system, authorized or unauthorized,
diff --git a/frontend/src/components/__tests__/__snapshots__/layout.spec.tsx.snap b/frontend/src/components/__tests__/__snapshots__/layout.spec.tsx.snap
index ffe11f021..bf1530f20 100644
--- a/frontend/src/components/__tests__/__snapshots__/layout.spec.tsx.snap
+++ b/frontend/src/components/__tests__/__snapshots__/layout.spec.tsx.snap
@@ -56,6 +56,7 @@ exports[`Layout component matches snapshot 1`] = `
Documentation
@@ -68,6 +69,7 @@ exports[`Layout component matches snapshot 1`] = `
CISA Homepage
diff --git a/frontend/src/components/__tests__/header.spec.tsx b/frontend/src/components/__tests__/header.spec.tsx
index 54100ff59..c5c30ff4f 100644
--- a/frontend/src/components/__tests__/header.spec.tsx
+++ b/frontend/src/components/__tests__/header.spec.tsx
@@ -33,7 +33,7 @@ describe('Header component', () => {
[
'Vulnerabilities',
'Risk Summary',
- 'My Organizations',
+ // 'My Organizations',
'Manage Organizations',
'Scans',
'Manage Users',
@@ -53,7 +53,7 @@ describe('Header component', () => {
[
'Overview',
'Inventory',
- 'My Organizations',
+ // 'My Organizations',
'My Account',
'My Settings',
'Logout'
@@ -75,7 +75,7 @@ describe('Header component', () => {
[
'Overview',
'Inventory',
- 'My Organizations',
+ // 'My Organizations',
'My Account',
'My Settings',
'Logout'
@@ -106,8 +106,8 @@ describe('Header component', () => {
].forEach((expected) => {
expect(getByText(expected)).toBeInTheDocument();
});
- ['My Organizations'].forEach((notExpected) => {
- expect(queryByText(notExpected)).not.toBeInTheDocument();
- });
+ // ['My Organizations'].forEach((notExpected) => {
+ // expect(queryByText(notExpected)).not.toBeInTheDocument();
+ // });
});
});
diff --git a/frontend/src/pages/Organizations/Organizations.tsx b/frontend/src/pages/Organizations/Organizations.tsx
index 68d4b086a..650d12631 100644
--- a/frontend/src/pages/Organizations/Organizations.tsx
+++ b/frontend/src/pages/Organizations/Organizations.tsx
@@ -37,7 +37,7 @@ export const Organizations: React.FC = () => {
const fetchOrganizations = useCallback(async () => {
try {
- const rows = await apiGet
);
};
diff --git a/frontend/src/pages/Risk/Risk.tsx b/frontend/src/pages/Risk/Risk.tsx
index e501c72ba..5667ad12d 100644
--- a/frontend/src/pages/Risk/Risk.tsx
+++ b/frontend/src/pages/Risk/Risk.tsx
@@ -5,7 +5,8 @@ import TopVulnerablePorts from './TopVulnerablePorts';
import TopVulnerableDomains from './TopVulnerableDomains';
import VulnerabilityPieChart from './VulnerabilityPieChart';
import * as RiskStyles from './style';
-import { delay, getSeverityColor, offsets, severities } from './utils';
+// import { delay, getSeverityColor, offsets, severities } from './utils';
+import { getSeverityColor, offsets, severities } from './utils';
import { useAuthContext } from 'context';
import { Paper } from '@mui/material';
import { geoCentroid } from 'd3-geo';
@@ -19,9 +20,9 @@ import {
} from 'react-simple-maps';
import { scaleLinear } from 'd3-scale';
import { Vulnerability } from 'types';
-import { jsPDF } from 'jspdf';
-import html2canvas from 'html2canvas';
-import { Button as USWDSButton } from '@trussworks/react-uswds';
+// import { jsPDF } from 'jspdf';
+// import html2canvas from 'html2canvas';
+// import { Button as USWDSButton } from '@trussworks/react-uswds';
export interface Point {
id: string;
@@ -69,7 +70,7 @@ const Risk: React.FC = (props) => {
useAuthContext();
const [stats, setStats] = useState