Merge pull request #356 from nsacyber/issue-354

Support new command line options for validation report download
This commit is contained in:
iadgovuser26 2021-05-13 17:33:02 -04:00 committed by GitHub
commit 2ed50db384
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 147 additions and 29 deletions

View File

@ -58,12 +58,13 @@ public class ValidationReportsPageController extends PageController<NoPageParams
private final CertificateManager certificateManager;
private final DeviceManager deviceManager;
private static String columnHeaders = "Verified Manufacturer,"
+ "Model,SN,Verification Date,Device Status,"
+ "Component name,Component manufacturer,Component model,"
+ "Component SN,Issuer,Component status";
private static String systemColumnHeaders = "Verified Manufacturer,"
+ "Model,SN,Verification Date,Device Status";
private static String componentColumnHeaders = "Component name,Component manufacturer,"
+ "Component model,Component SN,Issuer,Component status";
private static final String DEFAULT_COMPANY = "AllDevices";
private static final String UNDEFINED = "undefined";
private static final String TRUE = "true";
private static final Logger LOGGER = getLogger(ValidationReportsPageController.class);
/**
@ -155,6 +156,11 @@ public class ValidationReportsPageController extends PageController<NoPageParams
LocalDate endDate = null;
ArrayList<LocalDate> createTimes = new ArrayList<LocalDate>();
String[] deviceNames = new String[]{};
String columnHeaders = "";
boolean systemOnly = false;
boolean componentOnly = false;
String filterManufacturer = "";
String filterSerial = "";
Enumeration parameters = request.getParameterNames();
while (parameters.hasMoreElements()) {
@ -208,6 +214,29 @@ public class ValidationReportsPageController extends PageController<NoPageParams
deviceNames = parameterValue.split(",");
}
break;
case "system":
if (parameterValue.equals(TRUE)) {
systemOnly = true;
columnHeaders = systemColumnHeaders + columnHeaders;
}
break;
case "component":
if (parameterValue.equals(TRUE)) {
componentOnly = true;
columnHeaders += componentColumnHeaders;
}
break;
case "manufacturer":
if (parameterValue != null && !parameterValue.isEmpty()) {
filterManufacturer = parameterValue;
}
break;
case "serial":
if (parameterValue != null && !parameterValue.isEmpty()) {
filterSerial = parameterValue;
}
break;
default:
}
}
@ -220,37 +249,46 @@ public class ValidationReportsPageController extends PageController<NoPageParams
StringBuilder reportData = new StringBuilder();
bufferedWriter.append("Company: " + company + "\n");
bufferedWriter.append("Contract number: " + contractNumber + "\n");
if (systemOnly && componentOnly) {
systemOnly = false;
componentOnly = false;
}
for (int i = 0; i < deviceNames.length; i++) {
if ((createTimes.get(i).isAfter(startDate) || createTimes.get(i).isEqual(startDate))
&& (createTimes.get(i).isBefore(endDate)
|| createTimes.get(i).isEqual(endDate))) {
UUID deviceId = deviceManager.getDevice(deviceNames[i]).getId();
LOGGER.info(deviceId);
PlatformCredential pc = PlatformCredential.select(certificateManager)
.byDeviceId(deviceId).getCertificate();
LOGGER.info("Found platform credential: " + pc.toString());
reportData.append(pc.getManufacturer() + ","
+ pc.getModel() + ","
+ pc.getPlatformSerial() + ","
+ LocalDateTime.now().toString() + ","
+ pc.getDevice().getSupplyChainStatus() + ",");
ArrayList<ArrayList<String>> parsedComponents = parseComponents(pc);
for (ArrayList<String> component : parsedComponents) {
for (String data : component) {
reportData.append(data + ",");
if ((filterManufacturer.isEmpty() || filterManufacturer.equals(
pc.getManufacturer()))
&& (filterSerial.isEmpty() || filterSerial.equals(
pc.getPlatformSerial()))) {
if (!componentOnly) {
reportData.append(pc.getManufacturer() + ","
+ pc.getModel() + ","
+ pc.getPlatformSerial() + ","
+ LocalDateTime.now().toString() + ","
+ pc.getDevice().getSupplyChainStatus() + ",");
}
if (!systemOnly) {
ArrayList<ArrayList<String>> parsedComponents = parseComponents(pc);
for (ArrayList<String> component : parsedComponents) {
for (String data : component) {
reportData.append(data + ",");
}
reportData.deleteCharAt(reportData.length() - 1);
reportData.append("\n,,,,,");
}
}
reportData.deleteCharAt(reportData.length() - 1);
reportData.append("\n,,,,,");
}
if (reportData.lastIndexOf(",") > 4) {
reportData.delete(reportData.lastIndexOf(",") - 4, reportData.length());
}
}
}
if (columnHeaders.isEmpty()) {
columnHeaders = systemColumnHeaders + componentColumnHeaders;
}
bufferedWriter.append(columnHeaders + "\n");
bufferedWriter.append(reportData.toString() + "\n");
LOGGER.info(columnHeaders);
LOGGER.info(reportData.toString());
bufferedWriter.flush();
}

View File

@ -5,14 +5,94 @@
#$2 filter end date 'yyyy-mm-dd'
#$3 ACA address, default is localhost if not given
if [ -z "$3" ]
then
endpoint="https://localhost:8443/HIRS_AttestationCAPortal/portal/validation-reports"
else
endpoint="https://$3:8443/HIRS_AttestationCAPortal/portal/validation-reports"
#check for getopt(1) on local system
getopt --test > /dev/null
if [[ ${PIPESTATUS[0]} -ne 4 ]]
then
echo "getopt is required to use this script, please ensure installation!"
else
echo "getopt detected"
fi
#set parameter names and call getopts on inputsi, then parse/assign arguments
SHORTOPTS=m:s:h
LONGOPTS=start-date:,end-date:,ip:,system-only,component-only,manufacturer:,serial:,help
PARSED=$(getopt --options=$SHORTOPTS --longoptions=$LONGOPTS --name "$0" -- "$@")
if [[ ${PIPESTATUS[0]} -ne 0 ]]
then
exit 2
fi
eval set -- "$PARSED"
startDate=
endDate=
ip=localhost
system=
component=
manufacturer=
serial=
helpText="\n\n\nHELP MENU\n\nThe following options are available:\n--start-date\t\t<yyyy-mm-dd>\tDefault: 1970-01-01\tThe earliest date to return validation reports from.\n"
helpText+="--end-date\t\t<yyyy-mm-dd>\tDefault: current time\tThe latest date to return validation reports from.\n"
helpText+="--ip\t\t\t<ACA address>\tDefault: localhost\tThe IP address where the ACA is located.\n"
helpText+="--system-only\t\t\t\t\t\t\tReturn only system information from validation reports.\n"
helpText+="--component-only\t\t\t\t\t\tReturn only component information from validation reports.\n"
helpText+="-m|--manufacturer\t<manufacturer's name>\t\t\tReturn only the validation report of the device from this manufacturer.\n"
helpText+="-s|--serial\t\t<serial number>\t\t\t\tReturn only the validation report of the device with this serial number.\n"
while true
do
case "$1" in
--start-date)
startDate="$2"
shift 2
;;
--end-date)
endDate="$2"
shift 2
;;
--ip)
ip="$2"
shift 2
;;
--system-only)
system=true
shift
;;
--component-only)
component=true
shift
;;
-m|--manufacturer)
manufacturer="$2"
shift 2
;;
-s|--serial)
serial="$2"
shift 2
;;
-h|--help)
printf "$helpText"
exit 0
;;
--)
shift
break
;;
*)
echo "Programming error"
exit 3
;;
esac
done
#echo "start date: $startDate, end date: $endDate, ip: $ip, system: $system, component: $component, manufacturer: $manufacturer, serial: $serial"
#call ACA for validation report
endpoint="https://$ip:8443/HIRS_AttestationCAPortal/portal/validation-reports"
echo "$endpoint"
content=$(curl --insecure $endpoint/list)
#Parse JSON response for create times and device names
rawTimes=$(jq -r '.data | map(.createTime | tostring) | join(",")' <<< "$content")
createTimes=""
for i in ${rawTimes//,/ }
@ -20,7 +100,7 @@ do
createTimes+="$(date -u +"%Y-%m-%d %H:%M:%S" -d @"$(($i/1000))"),"
done
deviceNames=$(jq -r '.data | map(.device.name) | join(",")' <<< "$content")
echo "Create times: $createTimes"
echo "Device names: $deviceNames"
curl --data "dateStart=$1&dateEnd=$2&createTimes=$createTimes&deviceNames=$deviceNames" --insecure $endpoint/download
curl --data "dateStart=$startDate&dateEnd=$endDate&createTimes=$createTimes&deviceNames=$deviceNames&system=$system&component=$component&manufacturer=$manufacturer&serial=$serial" --insecure $endpoint/download