[backend] Adding swagger doc

.drone.yml

@@ -148,7 +148,7 @@ services:
       MINIO_ROOT_PASSWORD: minioadmin
     command: [ server, /data ]
   - name: pgsql
-    image: postgres:16-alpine
+    image: postgres:17-alpine
     environment:
       POSTGRES_USER: openbas
       POSTGRES_PASSWORD: openbas
@@ -160,7 +160,7 @@ services:
       MINIO_ROOT_PASSWORD: minioadmin
     command: [ server, /data ]
   - name: pgsql-e2e
-    image: postgres:16-alpine
+    image: postgres:17-alpine
     environment:
       POSTGRES_USER: openbas
       POSTGRES_PASSWORD: openbas

openbas-api/pom.xml

@@ -6,7 +6,7 @@
     <parent>
         <groupId>io.openbas</groupId>
         <artifactId>openbas-platform</artifactId>
-        <version>1.11.4</version>
+        <version>1.11.5</version>
     </parent>
 
     <artifactId>openbas-api</artifactId>
@@ -22,7 +22,7 @@
         <springdoc-plugin.version>1.4</springdoc-plugin.version>
         <cron-utils.version>9.2.1</cron-utils.version>
         <apache-poi.version>5.4.0</apache-poi.version>
-        <opentelemetry.version>1.46.0</opentelemetry.version>
+        <opentelemetry.version>1.47.0</opentelemetry.version>
         <opentelemetry-semconv.version>1.27.0-alpha</opentelemetry-semconv.version>
     </properties>
 
@@ -48,12 +48,12 @@
         <dependency>
             <groupId>io.openbas</groupId>
             <artifactId>openbas-framework</artifactId>
-            <version>1.11.4</version>
+            <version>1.11.5</version>
         </dependency>
         <dependency>
             <groupId>com.rabbitmq</groupId>
             <artifactId>amqp-client</artifactId>
-            <version>5.24.0</version>
+            <version>5.25.0</version>
         </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>

openbas-api/src/main/java/io/openbas/aop/UserRoleDescription.java

@@ -0,0 +1,12 @@
+package io.openbas.aop;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+@Target({ElementType.TYPE, ElementType.METHOD})
+@Retention(RetentionPolicy.RUNTIME)
+public @interface UserRoleDescription {
+  boolean needAuthenticated() default true;
+}

openbas-api/src/main/java/io/openbas/execution/ExecutionExecutorService.java

@@ -36,8 +36,7 @@ public class ExecutionExecutorService {
   private final OpenBASExecutorContextService openBASExecutorContextService;
   private final InjectStatusRepository injectStatusRepository;
 
-  public ExecutableInject launchExecutorContext(ExecutableInject executableInject, Inject inject)
-      throws InterruptedException {
+  public void launchExecutorContext(Inject inject) {
     // First, get the assets of this injects
     List<Asset> assets =
         Stream.concat(
@@ -76,8 +75,6 @@ public ExecutableInject launchExecutorContext(ExecutableInject executableInject,
     if (!atLeastOneExecution.get()) {
       throw new ExecutionExecutorException("No asset executed");
     }
-
-    return executableInject;
   }
 
   private void launchExecutorContextForAsset(Inject inject, Asset asset) {

openbas-api/src/main/java/io/openbas/executors/Executor.java

@@ -1,27 +1,26 @@
 package io.openbas.executors;
 
+import static io.openbas.database.model.ExecutionStatus.EXECUTING;
 import static io.openbas.utils.InjectionUtils.isInInjectableRange;
 
 import com.fasterxml.jackson.databind.ObjectMapper;
 import io.openbas.asset.QueueService;
 import io.openbas.database.model.*;
-import io.openbas.database.model.InjectStatus;
 import io.openbas.database.model.Injector;
-import io.openbas.database.repository.InjectRepository;
 import io.openbas.database.repository.InjectStatusRepository;
 import io.openbas.database.repository.InjectorRepository;
 import io.openbas.execution.ExecutableInject;
 import io.openbas.execution.ExecutionExecutorService;
 import io.openbas.rest.inject.service.InjectStatusService;
 import jakarta.annotation.Resource;
-import java.time.Instant;
-import java.util.Optional;
+import java.io.IOException;
+import java.util.concurrent.TimeoutException;
 import lombok.RequiredArgsConstructor;
 import org.springframework.context.ApplicationContext;
 import org.springframework.stereotype.Component;
 
-@RequiredArgsConstructor
 @Component
+@RequiredArgsConstructor
 public class Executor {
 
   @Resource protected ObjectMapper mapper;
@@ -32,58 +31,71 @@ public class Executor {
 
   private final InjectorRepository injectorRepository;
 
-  private final InjectRepository injectRepository;
-
   private final QueueService queueService;
 
   private final ExecutionExecutorService executionExecutorService;
   private final InjectStatusService injectStatusService;
 
-  private InjectStatus executeExternal(ExecutableInject executableInject, Inject inject) {
-    InjectorContract injectorContract =
-        inject
-            .getInjectorContract()
-            .orElseThrow(
-                () -> new UnsupportedOperationException("Inject does not have a contract"));
+  private InjectStatus executeExternal(ExecutableInject executableInject, Injector injector)
+      throws IOException, TimeoutException {
+    Inject inject = executableInject.getInjection().getInject();
+    String jsonInject = mapper.writeValueAsString(executableInject);
+    InjectStatus injectStatus = this.injectStatusRepository.findByInject(inject).orElseThrow();
+    queueService.publish(injector.getType(), jsonInject);
+    injectStatus.addInfoTrace(
+        "The inject has been published and is now waiting to be consumed.",
+        ExecutionTraceAction.EXECUTION);
+    return this.injectStatusRepository.save(injectStatus);
+  }
 
-    InjectStatus status = injectStatusRepository.findByInject(inject).orElse(new InjectStatus());
-    status.setTrackingSentDate(Instant.now());
-    status.setInject(inject);
-    try {
-      String jsonInject = mapper.writeValueAsString(executableInject);
-      status.setName(ExecutionStatus.PENDING); // FIXME: need to be test with HTTP Collector
-      status.addTrace(
-          ExecutionTraceStatus.INFO,
-          "The inject has been published and is now waiting to be consumed.",
-          ExecutionTraceAction.EXECUTION,
-          null);
-      queueService.publish(injectorContract.getInjector().getType(), jsonInject);
-    } catch (Exception e) {
-      status.setName(ExecutionStatus.ERROR);
-      status.setTrackingEndDate(Instant.now());
-      status.addErrorTrace(e.getMessage(), ExecutionTraceAction.COMPLETE);
-    } finally {
-      return injectStatusRepository.save(status);
-    }
+  private InjectStatus executeInternal(ExecutableInject executableInject, Injector injector) {
+    Inject inject = executableInject.getInjection().getInject();
+    io.openbas.executors.Injector executor =
+        this.context.getBean(injector.getType(), io.openbas.executors.Injector.class);
+    Execution execution = executor.executeInjection(executableInject);
+    // After execution, expectations are already created
+    // Injection status is filled after complete execution
+    // Report inject execution
+    InjectStatus injectStatus = this.injectStatusRepository.findByInject(inject).orElseThrow();
+    InjectStatus completeStatus = injectStatusService.fromExecution(execution, injectStatus);
+    return injectStatusRepository.save(completeStatus);
   }
 
-  private InjectStatus executeInternal(ExecutableInject executableInject, Inject inject) {
+  public InjectStatus execute(ExecutableInject executableInject)
+      throws IOException, TimeoutException {
+    Inject inject = executableInject.getInjection().getInject();
     InjectorContract injectorContract =
         inject
             .getInjectorContract()
             .orElseThrow(
                 () -> new UnsupportedOperationException("Inject does not have a contract"));
 
-    io.openbas.executors.Injector executor =
-        this.context.getBean(
-            injectorContract.getInjector().getType(), io.openbas.executors.Injector.class);
-    Execution execution = executor.executeInjection(executableInject);
-    Inject executedInject = injectRepository.findById(inject.getId()).orElseThrow();
-    InjectStatus completeStatus = injectStatusService.fromExecution(execution, executedInject);
-    return injectStatusRepository.save(completeStatus);
+    // Depending on injector type (internal or external) execution must be done differently
+    Injector injector =
+        injectorRepository
+            .findByType(injectorContract.getInjector().getType())
+            .orElseThrow(
+                () ->
+                    new IllegalStateException(
+                        "Injector not found for type: "
+                            + injectorContract.getInjector().getType()));
+
+    // Status
+    InjectStatus updatedStatus =
+        this.injectStatusService.initializeInjectStatus(inject.getId(), EXECUTING);
+    inject.setStatus(updatedStatus);
+    if (Boolean.TRUE.equals(injectorContract.getNeedsExecutor())) {
+      this.executionExecutorService.launchExecutorContext(inject);
+    }
+    if (injector.isExternal()) {
+      return executeExternal(executableInject, injector);
+    } else {
+      return executeInternal(executableInject, injector);
+    }
   }
 
-  public InjectStatus execute(ExecutableInject executableInject) {
+  public InjectStatus directExecute(ExecutableInject executableInject)
+      throws IOException, TimeoutException {
     boolean isScheduledInject = !executableInject.isDirect();
     // If empty content, inject must be rejected
     Inject inject = executableInject.getInjection().getInject();
@@ -95,39 +107,6 @@ public InjectStatus execute(ExecutableInject executableInject) {
       throw new UnsupportedOperationException("Inject is now too old for execution");
     }
 
-    InjectorContract injectorContract =
-        inject
-            .getInjectorContract()
-            .orElseThrow(
-                () -> new UnsupportedOperationException("Inject does not have a contract"));
-
-    // Depending on injector type (internal or external) execution must be done differently
-    Optional<Injector> externalInjector =
-        injectorRepository.findByType(injectorContract.getInjector().getType());
-
-    return externalInjector
-        .map(Injector::isExternal)
-        .map(
-            isExternal -> {
-              ExecutableInject newExecutableInject = executableInject;
-              if (injectorContract.getNeedsExecutor()) {
-                try {
-                  newExecutableInject =
-                      this.executionExecutorService.launchExecutorContext(executableInject, inject);
-                } catch (InterruptedException e) {
-                  throw new RuntimeException(e);
-                }
-              }
-              if (isExternal) {
-                return executeExternal(newExecutableInject, inject);
-              } else {
-                return executeInternal(newExecutableInject, inject);
-              }
-            })
-        .orElseThrow(
-            () ->
-                new IllegalStateException(
-                    "External injector not found for type: "
-                        + injectorContract.getInjector().getType()));
+    return this.execute(executableInject);
   }
 }

openbas-api/src/main/java/io/openbas/injectors/caldera/CalderaExecutor.java

@@ -1,5 +1,6 @@
 package io.openbas.injectors.caldera;
 
+import static io.openbas.database.model.Command.COMMAND_TYPE;
 import static io.openbas.database.model.ExecutionTraces.getNewErrorTrace;
 import static io.openbas.database.model.ExecutionTraces.getNewInfoTrace;
 import static io.openbas.database.model.InjectExpectationSignature.*;
@@ -126,6 +127,9 @@ public ExecutionProcess process(
               }
               assets.forEach(
                   (asset, aBoolean) -> {
+                    if (!(asset instanceof Endpoint) || !((Endpoint) asset).getActive()) {
+                      return;
+                    }
                     try {
                       Endpoint executionEndpoint =
                           this.findAndRegisterAssetForExecution(
@@ -140,6 +144,12 @@ public ExecutionProcess process(
                                   contract,
                                   additionalFields);
                           if (result.contains("complete")) {
+                            execution.addTrace(
+                                getNewInfoTrace(
+                                    "Request to execute the ability sent to Caldera",
+                                    ExecutionTraceAction.START,
+                                    ((Endpoint) asset).getAgents().getFirst(),
+                                    List.of()));
                             ExploitResult exploitResult =
                                 this.calderaService.exploitResult(
                                     executionEndpoint.getAgents().getFirst().getExternalReference(),
@@ -150,7 +160,7 @@ public ExecutionProcess process(
                                     exploitResult.getCommand(),
                                     ExecutionTraceAction.EXECUTION,
                                     ((Endpoint) asset).getAgents().getFirst(),
-                                    List.of()));
+                                    List.of(exploitResult.getLinkId())));
                             // Compute expectations
                             boolean isInGroup =
                                 assets.get(
@@ -252,8 +262,6 @@ public ExecutionProcess process(
     assetGroups.forEach(
         (assetGroup -> computeExpectationsForAssetGroup(expectations, content, assetGroup)));
 
-    String message = "Caldera executed the ability on " + asyncIds.size() + " asset(s)";
-    execution.addTrace(getNewInfoTrace(message, ExecutionTraceAction.EXECUTION, asyncIds));
     injectExpectationService.buildAndSaveInjectExpectations(injection, expectations);
     return new ExecutionProcess(true);
   }
@@ -281,6 +289,9 @@ public StatusPayload getPayloadOutput(String externalId) {
                 statusPayload.setPayloadCommandBlocks(
                     Collections.singletonList(payloadCommandBlock));
               });
+      statusPayload.setName(ability.getName());
+      statusPayload.setType(COMMAND_TYPE);
+      statusPayload.setDescription(ability.getDescription());
       statusPayload.setExternalId(externalId);
     }