Skip to content

Commit

Permalink
Merge branch 'master' into DJ_add-acronym-in-import_WIP
Browse files Browse the repository at this point in the history
  • Loading branch information
DJensen94 authored Feb 9, 2024
2 parents 34de6a5 + b8b5a9c commit 9a55749
Show file tree
Hide file tree
Showing 13 changed files with 98 additions and 239 deletions.
1 change: 1 addition & 0 deletions backend/package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions backend/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@
"cookie": "^0.4.1",
"cookie-parser": "^1.4.6",
"cors": "^2.8.5",
"@types/dockerode": "^3.3.19",
"express": "^4.18.1",
"global-agent": "^2.2.0",
"got": "^11.8.5",
Expand Down
8 changes: 7 additions & 1 deletion backend/serverless.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,11 +12,12 @@ custom:
basePath: ''
certificateName: ${file(env.yml):${self:provider.stage}.DOMAIN, ''}
stage: ${self:provider.stage}
createRoute53Record: true
createRoute53Record: false

provider:
name: aws
region: us-east-1
endpointType: REGIONAL
runtime: nodejs16.x
timeout: 30
stage: ${opt:stage, 'dev'}
Expand All @@ -26,6 +27,11 @@ provider:
binaryMediaTypes:
- 'image/*'
- 'font/*'
resourcePolicy:
- Effect: Allow
Principal: '*'
Action: 'execute-api:Invoke'
Resource: 'execute-api:/${self:provider.stage}/*/*'
logs:
restApi: true
deploymentBucket:
Expand Down
2 changes: 1 addition & 1 deletion frontend/serverless.yml
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ custom:
provider:
name: aws
region: us-east-1
endpointType: PRIVATE
endpointType: REGIONAL
runtime: nodejs16.x
timeout: 30
stage: ${opt:stage, 'dev'}
Expand Down
73 changes: 56 additions & 17 deletions frontend/src/App.tsx
Original file line number Diff line number Diff line change
Expand Up @@ -105,18 +105,14 @@ const App: React.FC = () => (
exact
path="/signup"
render={() => <Redirect to="/inventory" />}
unauth={(props) => (
<AuthLogin {...props} showSignUp={true} />
)}
unauth={AuthLoginCreate}
component={Risk}
/>
<RouteGuard
exact
path="/registration"
render={() => <Redirect to="/inventory" />}
unauth={(props) => (
<AuthLoginCreate {...props} showSignUp={true} />
)}
unauth={AuthLoginCreate}
component={Risk}
/>
<Route
Expand All @@ -131,44 +127,87 @@ const App: React.FC = () => (
/>
<Route exact path="/terms" component={TermsOfUse} />

<RouteGuard exact path="/inventory" component={SearchPage} />
<RouteGuard
exact
path="/inventory"
component={SearchPage}
permissions={['globalView']}
/>
<RouteGuard
path="/inventory/domain/:domainId"
component={Domain}
permissions={['standard', 'globalView']}
/>
<RouteGuard path="/inventory/domains" component={Domains} />
<RouteGuard
path="/inventory/vulnerabilities"
exact
component={Vulnerabilities}
permissions={['globalView']}
/>
<RouteGuard
path="/inventory/vulnerabilities/grouped"
component={(props) => (
<Vulnerabilities {...props} groupBy="title" />
)}
permissions={['globalView']}
/>
<RouteGuard
path="/inventory/vulnerability/:vulnerabilityId"
component={Vulnerability}
permissions={['globalView']}
/>
<RouteGuard
path="/feeds"
component={Feeds}
permissions={['globalView']}
/>
<RouteGuard
path="/reports"
component={Reports}
permissions={['standard', 'globalView']}
/>
<RouteGuard
path="/scans"
exact
component={Scans}
permissions={['globalView']}
/>
<RouteGuard
path="/scans/history"
component={Scans}
exact
permissions={['globalView']}
/>
<RouteGuard
path="/scans/:scanId"
component={Scan}
permissions={['globalView']}
/>

<RouteGuard path="/feeds" component={Feeds} />
<RouteGuard path="/reports" component={Reports} />
<RouteGuard path="/scans" component={Scans} exact />
<RouteGuard path="/scans/history" component={Scans} exact />
<RouteGuard path="/scans/:scanId" component={Scan} />
<RouteGuard
path="/organizations/:organizationId"
component={Organization}
permissions={['standard', 'globalView']}
/>
<RouteGuard
path="/organizations"
component={Organizations}
permissions={['globalView', 'regionalAdmin']}
/>
<RouteGuard
path="/users"
component={Users}
permissions={['globalView', 'regionalAdmin']}
/>
<RouteGuard
path="/settings"
component={Settings}
permissions={['globalView', 'regionalAdmin']}
/>
<RouteGuard path="/organizations" component={Organizations} />
<RouteGuard path="/users" component={Users} />
<RouteGuard path="/settings" component={Settings} />
{/* <Route exact path="/user/registration" component={UserRegistration} /> */}
<RouteGuard
path="/region-admin-dashboard"
component={RegionUsers}
permissions={['regionalAdmin']}
/>
</Switch>
<CrossfeedFooter />
Expand Down
10 changes: 10 additions & 0 deletions frontend/src/components/AuthForm/styles.module.scss
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,16 @@
width: 100%;
}

input::-webkit-outer-spin-button,
input::-webkit-inner-spin-button {
-webkit-appearance: none;
margin: 0;
}

input[type='number'] {
appearance: textfield;
}

@media screen and (min-width: 480px) {
padding: 3rem 1.5rem;
max-width: 33rem;
Expand Down
21 changes: 20 additions & 1 deletion frontend/src/components/RouteGuard.tsx
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ import { useAuthContext } from 'context';

interface AuthRedirectRouteProps extends RouteProps {
unauth?: string | React.ComponentType;
permissions?: Array<String>;
component: React.ComponentType;
}

Expand All @@ -15,29 +16,34 @@ possible states:
- user has authenticated but needs to sign terms
- user is not authenticated
- user is not authenticated, this is oauth callback (should not be protected)
- user is authenticated, but does not have tha correct permissions for route
*/

export const RouteGuard: React.FC<AuthRedirectRouteProps> = ({
unauth = '/',
permissions = [],
component,
...rest
}) => {
const { token, user, userMustSign } = useAuthContext();
const { token, user, userMustSign, logout } = useAuthContext();
const history = useHistory();

if (token && !user) {
// waiting on user profile
console.log('Token Route Check');
return null;
}

if (user && !user.isRegistered) {
// user has authenticated but needs to create an account
console.log('User Registered Check');
history.push('/create-account');
return null;
}

if (user && userMustSign) {
// user has authenticated but needs to sign terms
console.log('User must sign check');
history.push('/terms');
return null;
}
Expand All @@ -47,6 +53,19 @@ export const RouteGuard: React.FC<AuthRedirectRouteProps> = ({
return null;
}

if (user && permissions && permissions.length > 0) {
// user is not globalAdmin and invalid userType permissions
if (
user.userType !== 'globalAdmin' &&
!permissions.includes(user.userType)
) {
console.log('User access denied. Logging out!');
logout();
history.push('/');
return null;
}
}

return (
<Route
{...rest}
Expand Down
8 changes: 0 additions & 8 deletions frontend/src/pages/RegionUsers/RegionUsers.tsx
Original file line number Diff line number Diff line change
Expand Up @@ -319,14 +319,6 @@ export const RegionUsers: React.FC = () => {
selectOrgRows(newRowSelectionModel);
}
};
if (user?.userType !== ('globalAdmin' || 'regionAdmin')) {
return (
<Alert severity="warning" sx={{ fontSize: 17 }}>
<b>Access Prohibited:</b> You are not authorized to view this page.
Contact an administrator for access.
</Alert>
);
}
return (
<Box m={5} sx={{ minHeight: '1500px' }}>
<Box
Expand Down
4 changes: 2 additions & 2 deletions infrastructure/database.tf
Original file line number Diff line number Diff line change
Expand Up @@ -31,8 +31,8 @@ resource "aws_db_instance" "db" {
max_allocated_storage = 10000
storage_type = "gp2"
engine = "postgres"
engine_version = "15.3"
allow_major_version_upgrade = true
engine_version = "15.5"
allow_major_version_upgrade = false
skip_final_snapshot = true
availability_zone = data.aws_availability_zones.available.names[0]
multi_az = false
Expand Down
Loading

0 comments on commit 9a55749

Please sign in to comment.