Merge branch '3.13'

wazuh · Jun 22, 2020 · 4344a2b · 4344a2b
2 parents 05fa55e + ce1971e
commit 4344a2b
Show file tree

Hide file tree

Showing 14 changed files with 1,079 additions and 20 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,6 +1,31 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
+## [v3.13.0]
+
+### Added
+
+- New API requests:
+    * `GET/mitre` ([#452](https://github.com/wazuh/wazuh-api/pull/452))
+    * `GET/rules/mitre`
+    * `GET/rules/tsc` ([commit](https://github.com/wazuh/wazuh-api/commit/719563a6e18581a2c062ba0f6a950730ac74222d))
+
+- New filters in request `GET/rules`:
+    - `mitre`: Filters the rules by mitre requirement
+    - `tsc`: Filters the rules by tsc requirement 
+
+### Changed
+
+- Increase the maximum allowed size of the files to be uploaded from 1MB to 10MB ([#487](https://github.com/wazuh/wazuh-api/pull/487)). This change applies to:
+    * `POST /manager/files` 
+    * `POST /cluster/:node_id/files` 
+    * `POST /agents/groups/:group_id/configuration` 
+    * `POST /agents/groups/:group_id/files/:file_name` 
+
+## [v3.12.3]
+
+There are no changes for Wazuh API in this version.
+
 ## [v3.12.2]
 
 There are no changes for Wazuh API in this version.

diff --git a/app.js b/app.js
@@ -167,8 +167,8 @@ if (config.python) {
 // Body
 app.use(bodyParser.json());
 app.use(bodyParser.urlencoded({extended: true}));
-app.use(bodyParser.text({type:"application/xml", limit:"1mb"}));
-app.use(bodyParser.raw({type:"application/octet-stream", limit:"1mb"}));
+app.use(bodyParser.text({type:"application/xml", limit:"10mb"}));
+app.use(bodyParser.raw({type:"application/octet-stream", limit:"10mb"}));
 
 
 /**

diff --git a/controllers/index.js b/controllers/index.js
@@ -87,6 +87,7 @@ router.use('/ciscat', require('./ciscat'));
 router.use('/active-response', require('./active_response'));
 router.use('/lists', require('./lists'));
 router.use('/summary', require('./summary'));
+router.use('/mitre', require('./mitre'));
 
 if (config.experimental_features){
     router.use('/experimental', require('./experimental'));

diff --git a/controllers/mitre.js b/controllers/mitre.js
@@ -0,0 +1,71 @@
+/**
+ * Wazuh RESTful API
+ * Copyright (C) 2015-2019 Wazuh, Inc. All rights reserved.
+ * Wazuh.com
+ *
+ * This program is a free software; you can redistribute it
+ * and/or modify it under the terms of the GNU General Public
+ * License (version 2) as published by the FSF - Free Software
+ * Foundation.
+ */
+
+
+var router = require('express').Router();
+
+/**
+ * @api {get} /mitre Get information from Mitre database
+ * @apiName GetMitre
+ * @apiGroup Info
+ *
+ * @apiParam {Number} [offset] First element to return in the collection.
+ * @apiParam {Number} [limit=10] Maximum number of elements to return.
+ * @apiParam {String} [sort] Sorts the collection by a field or fields (separated by comma). Use +/- at the beginning to list in ascending or descending order.
+ * @apiParam {String} [select] List of selected fields separated by commas.
+ * @apiParam {String} [q] Query to filter results by. For example q="id=T1010"
+ * @apiParam {String} [id] Filter by attack ID.
+ * @apiParam {String} [phase_name] Filter by phase name.
+ * @apiParam {String} [platform_name] Filter by platform name.
+ * @apiParam {String} [search] Looks for elements with the specified string.
+ *
+ * @apiDescription Returns information from Mitre database
+ *
+ * @apiExample {curl} Example usage*:
+ *     curl -u foo:bar -k -X GET "https://127.0.0.1:55000/mitre?limit=2&offset=4&pretty"
+ *
+ */
+router.get('/', cache(), function(req, res) {
+    logger.debug(req.connection.remoteAddress + " GET /mitre");
+
+    req.apicacheGroup = "mitre";
+
+    var data_request = {'function': '/mitre', 'arguments': {}};
+    var filters = {'offset': 'numbers', 'limit': 'numbers', 'q': 'query_param',
+                   'id': 'search_param', 'phase_name': 'search_param',
+                   'platform_name': 'names', 'search': 'search_param', 'sort':'sort_param', 'select': 'select_param'};
+
+    if (!filter.check(req.query, filters, req, res))  // Filter with error
+        return;
+
+    if ('offset' in req.query)
+        data_request['arguments']['offset'] = Number(req.query.offset);
+    if ('limit' in req.query)
+        data_request['arguments']['limit'] = Number(req.query.limit);
+    if ('id' in req.query)
+        data_request['arguments']['id'] = req.query.id;
+    if ('phase_name' in req.query)
+        data_request['arguments']['phase_name'] = req.query.phase_name;
+    if ('platform_name' in req.query)
+        data_request['arguments']['platform_name'] = req.query.platform_name;
+    if ('search' in req.query)
+        data_request['arguments']['search'] = filter.search_param_to_json(req.query.search);
+    if ('sort' in req.query)
+        data_request['arguments']['sort'] = filter.sort_param_to_json(req.query.sort);
+    if ('select' in req.query)
+        data_request['arguments']['select'] = filter.select_param_to_json(req.query.select);
+    if ('q' in req.query)
+        data_request['arguments']['q'] = req.query.q;
+
+    execute.exec(python_bin, [wazuh_control], data_request, function (data) { res_h.send(req, res, data); });
+})
+
+module.exports = router;
diff --git a/controllers/rules.js b/controllers/rules.js
@@ -31,6 +31,8 @@ var router = require('express').Router();
  * @apiParam {String} [hipaa] Filters the rules by hipaa requirement.
  * @apiParam {String} [nist-800-53] Filters the rules by nist-800-53 requirement.
  * @apiParam {String} [gpg13] Filters the rules by gpg13 requirement.
+ * @apiParam {String} [mitre] Filters the rules by mitre requirement.
+ * @apiParam {String} [tsc] Filters the rules by tsc requirement.
  * @apiParam {String} [q] Query to filter results by. For example q=id=89055
  *
  * @apiDescription Returns all rules.
@@ -44,7 +46,8 @@ router.get('/', cache(), function(req, res) {
     query_checks = {'status':'alphanumeric_param', 'group':'alphanumeric_param',
         'level':'ranges', 'path':'paths', 'file':'alphanumeric_param', 'pci':'alphanumeric_param',
         'gdpr': 'alphanumeric_param', 'hipaa': 'alphanumeric_param',
-        'nist-800-53': 'alphanumeric_param', 'gpg13': 'alphanumeric_param'};
+        'nist-800-53': 'alphanumeric_param', 'gpg13': 'alphanumeric_param', 'tsc': 'alphanumeric_param',
+        'mitre': 'alphanumeric_param'};
 
     templates.array_request('/rules', req, res, "rules", param_checks, query_checks);
 })
@@ -287,6 +290,84 @@ router.get('/nist-800-53', cache(), function(req, res) {
     execute.exec(python_bin, [wazuh_control], data_request, function (data) { res_h.send(req, res, data); });
 })
 
+/**
+ * @api {get} /rules/tsc Get rule TSC requirements
+ * @apiName GetRulesTSC
+ * @apiGroup Info
+ *
+ * @apiParam {Number} [offset] First element to return in the collection.
+ * @apiParam {Number} [limit=500] Maximum number of elements to return.
+ * @apiParam {String} [sort] Sorts the collection by a field or fields (separated by comma). Use +/- at the beginning to list in ascending or descending order.
+ * @apiParam {String} [search] Looks for elements with the specified string.
+ *
+ * @apiDescription Returns the TSC requirements of all rules.
+ *
+ * @apiExample {curl} Example usage:
+ *     curl -u foo:bar -k -X GET "https://127.0.0.1:55000/rules/tsc?offset=0&limit=10&pretty"
+ *
+ */
+router.get('/tsc', cache(), function(req, res) {
+    logger.debug(req.connection.remoteAddress + " GET /rules/tsc");
+
+    req.apicacheGroup = "rules";
+
+    var data_request = {'function': '/rules/tsc', 'arguments': {}};
+    var filters = {'offset': 'numbers', 'limit': 'numbers', 'sort':'sort_param', 'search':'search_param'};
+
+    if (!filter.check(req.query, filters, req, res))  // Filter with error
+        return;
+
+    if ('offset' in req.query)
+        data_request['arguments']['offset'] = Number(req.query.offset);
+    if ('limit' in req.query)
+        data_request['arguments']['limit'] = Number(req.query.limit);
+    if ('sort' in req.query)
+        data_request['arguments']['sort'] = filter.sort_param_to_json(req.query.sort);
+    if ('search' in req.query)
+        data_request['arguments']['search'] = filter.search_param_to_json(req.query.search);
+
+    execute.exec(python_bin, [wazuh_control], data_request, function (data) { res_h.send(req, res, data); });
+})
+
+/**
+ * @api {get} /rules/mitre Get rule mitre requirements
+ * @apiName GetRulesMitre
+ * @apiGroup Info
+ *
+ * @apiParam {Number} [offset] First element to return in the collection.
+ * @apiParam {Number} [limit=500] Maximum number of elements to return.
+ * @apiParam {String} [sort] Sorts the collection by a field or fields (separated by comma). Use +/- at the beginning to list in ascending or descending order.
+ * @apiParam {String} [search] Looks for elements with the specified string.
+ *
+ * @apiDescription Returns the Mitre requirements of all rules.
+ *
+ * @apiExample {curl} Example usage:
+ *     curl -u foo:bar -k -X GET "https://127.0.0.1:55000/rules/Mitre?offset=0&limit=2&pretty"
+ *
+ */
+router.get('/mitre', cache(), function(req, res) {
+    logger.debug(req.connection.remoteAddress + " GET /rules/mitre");
+
+    req.apicacheGroup = "rules";
+
+    var data_request = {'function': '/rules/mitre', 'arguments': {}};
+    var filters = {'offset': 'numbers', 'limit': 'numbers', 'sort':'sort_param', 'search':'search_param'};
+
+    if (!filter.check(req.query, filters, req, res))  // Filter with error
+        return;
+
+    if ('offset' in req.query)
+        data_request['arguments']['offset'] = Number(req.query.offset);
+    if ('limit' in req.query)
+        data_request['arguments']['limit'] = Number(req.query.limit);
+    if ('sort' in req.query)
+        data_request['arguments']['sort'] = filter.sort_param_to_json(req.query.sort);
+    if ('search' in req.query)
+        data_request['arguments']['search'] = filter.search_param_to_json(req.query.search);
+
+    execute.exec(python_bin, [wazuh_control], data_request, function (data) { res_h.send(req, res, data); });
+})
+
 
 /**
  * @api {get} /rules/files Get files of rules

diff --git a/helpers/input_validation.js b/helpers/input_validation.js
@@ -89,7 +89,7 @@ exports.boolean = function(b) {
 }
 
 exports.query_param = function(q) {
-    return input_val(q, /^(?:\(*[\w\.\-]+(?:=|!=|<|>|~)[\w\.\-\:\%\/\s]+\)*)(?:(?:;|,)\(*[\w\.\-]+(?:=|!=|<|>|~)[\w\.\-\:\%\/\s]+\)*)*$/);
+    return input_val(q, /^(?:\(*[\w\.\-]+(?:=|!=|<|>|~)[\[\]\{\}\\\w\.\-\:\%\/\s]+\)*)(?:(?:;|,)\(*[\w\.\-]+(?:=|!=|<|>|~)[\[\]\{\}\\\w\.\-\:\%\/\s]+\)*)*$/);
 }
 
 exports.format = function(q) {

diff --git a/test/environment/docker/centos/wazuh-manager/run_mocha_tests.sh b/test/environment/docker/centos/wazuh-manager/run_mocha_tests.sh
@@ -11,7 +11,7 @@ mocha ${TEST_PATH}/test_active_response.js ${ARGS}${REPORT_NAME}
 
 REPORT_NAME=agents
 mocha ${TEST_PATH}/test_agents.js ${ARGS}${REPORT_NAME}
-sleep 10
+sleep 20
 
 REPORT_NAME=agents2
 mocha ${TEST_PATH}/test_agents_2.js ${ARGS}${REPORT_NAME}
@@ -21,7 +21,7 @@ mocha ${TEST_PATH}/test_app.js ${ARGS}${REPORT_NAME}
 
 REPORT_NAME=cluster
 mocha ${TEST_PATH}/test_cluster.js ${ARGS}${REPORT_NAME}
-sleep 10
+sleep 20
 
 REPORT_NAME=decoders
 mocha ${TEST_PATH}/test_decoders.js ${ARGS}${REPORT_NAME}
@@ -31,7 +31,10 @@ mocha ${TEST_PATH}/test_lists.js ${ARGS}${REPORT_NAME}
 
 REPORT_NAME=manager
 mocha ${TEST_PATH}/test_manager.js ${ARGS}${REPORT_NAME}
-sleep 10
+sleep 20
+
+REPORT_NAME=mitre
+mocha ${TEST_PATH}/test_mitre.js ${ARGS}${REPORT_NAME}
 
 REPORT_NAME=rootcheck
 mocha ${TEST_PATH}/test_rootcheck.js ${ARGS}${REPORT_NAME}
@@ -42,7 +45,11 @@ mocha ${TEST_PATH}/test_rules.js ${ARGS}${REPORT_NAME}
 REPORT_NAME=sca
 mocha ${TEST_PATH}/test_sca.js ${ARGS}${REPORT_NAME}
 
-REPORT_NAME=test_syscheck
+REPORT_NAME=summary
+ARGS=$ARGS
+mocha ${TEST_PATH}/test_summary.js ${ARGS}${REPORT_NAME}
+
+REPORT_NAME=syscheck
 ARGS=$ARGS
 mocha ${TEST_PATH}/test_syscheck.js ${ARGS}${REPORT_NAME}
 

diff --git a/test/environment/docker/ubuntu/.env b/test/environment/docker/ubuntu/.env
@@ -1,6 +1,6 @@
-WAZUH_BRANCH=3.12
-WAZUH_API_BRANCH=3.12
-WAZUH_DOC_BRANCH=3.12
+WAZUH_BRANCH=3.13
+WAZUH_API_BRANCH=3.13
+WAZUH_DOC_BRANCH=3.13
 MASTER_NAME=wazuh-master
 WORKER1_NAME=worker-1
 WORKER2_NAME=worker-2
diff --git a/test/environment/docker/ubuntu/wazuh-manager/Dockerfile b/test/environment/docker/ubuntu/wazuh-manager/Dockerfile
@@ -1,4 +1,4 @@
-FROM ubuntu:latest
+FROM ubuntu:18.04
 
 ARG wazuh_branch
 ARG wazuh_api_branch

diff --git a/test/environment/docker/ubuntu/wazuh-manager/run_mocha_tests.sh b/test/environment/docker/ubuntu/wazuh-manager/run_mocha_tests.sh
@@ -11,7 +11,7 @@ mocha ${TEST_PATH}/test_active_response.js ${ARGS}${REPORT_NAME}
 
 REPORT_NAME=agents
 mocha ${TEST_PATH}/test_agents.js ${ARGS}${REPORT_NAME}
-sleep 10
+sleep 20
 
 REPORT_NAME=agents2
 mocha ${TEST_PATH}/test_agents_2.js ${ARGS}${REPORT_NAME}
@@ -21,7 +21,7 @@ mocha ${TEST_PATH}/test_app.js ${ARGS}${REPORT_NAME}
 
 REPORT_NAME=cluster
 mocha ${TEST_PATH}/test_cluster.js ${ARGS}${REPORT_NAME}
-sleep 10
+sleep 20
 
 REPORT_NAME=decoders
 mocha ${TEST_PATH}/test_decoders.js ${ARGS}${REPORT_NAME}
@@ -31,7 +31,10 @@ mocha ${TEST_PATH}/test_lists.js ${ARGS}${REPORT_NAME}
 
 REPORT_NAME=manager
 mocha ${TEST_PATH}/test_manager.js ${ARGS}${REPORT_NAME}
-sleep 10
+sleep 20
+
+REPORT_NAME=mitre
+mocha ${TEST_PATH}/test_mitre.js ${ARGS}${REPORT_NAME}
 
 REPORT_NAME=rootcheck
 mocha ${TEST_PATH}/test_rootcheck.js ${ARGS}${REPORT_NAME}
@@ -42,7 +45,11 @@ mocha ${TEST_PATH}/test_rules.js ${ARGS}${REPORT_NAME}
 REPORT_NAME=sca
 mocha ${TEST_PATH}/test_sca.js ${ARGS}${REPORT_NAME}
 
-REPORT_NAME=test_syscheck
+REPORT_NAME=summary
+ARGS=$ARGS
+mocha ${TEST_PATH}/test_summary.js ${ARGS}${REPORT_NAME}
+
+REPORT_NAME=syscheck
 ARGS=$ARGS
 mocha ${TEST_PATH}/test_syscheck.js ${ARGS}${REPORT_NAME}
 

diff --git a/test/test_agents.js b/test/test_agents.js
@@ -1092,7 +1092,7 @@ describe('Agents', function() {
 
         it('TooBigXML', function(done) {
 
-            big_xml = agent_xml.repeat(600)
+            big_xml = agent_xml.repeat(6000)
             request(common.url)
             .post("/agents/groups/testsagentconf/files/agent.conf")
             .auth(common.credentials.user, common.credentials.password)
@@ -1881,7 +1881,7 @@ describe('Agents', function() {
 
         it('TooBigXML', function(done) {
 
-            big_xml = agent_xml.repeat(600)
+            big_xml = agent_xml.repeat(6000)
             request(common.url)
             .post("/agents/groups/testsagentconf2/configuration")
             .auth(common.credentials.user, common.credentials.password)

diff --git a/test/test_decoders.js b/test/test_decoders.js
@@ -333,7 +333,7 @@ describe('Decoders', function() {
 
                 res.body.error.should.equal(0);
                 res.body.data.totalItems.should.be.above(0);
-                res.body.data.items.should.be.instanceof(Array).and.have.lengthOf(1);
+                res.body.data.items.should.be.instanceof(Array).and.have.lengthOf(2);
                 res.body.data.items[0].should.have.properties(['status', 'path', 'file']);
                 done();
             });