Renamed configuration import resource endpoint(url) and resource itself.

monkey/monkey_island/cc/app.py

@@ -21,6 +21,7 @@ from monkey_island.cc.resources.blackbox.telemetry_blackbox_endpoint import (
 from monkey_island.cc.resources.bootloader import Bootloader
 from monkey_island.cc.resources.client_run import ClientRun
 from monkey_island.cc.resources.configuration_export import ConfigurationExport
+from monkey_island.cc.resources.configuration_import import ConfigurationImport
 from monkey_island.cc.resources.edge import Edge
 from monkey_island.cc.resources.environment import Environment
 from monkey_island.cc.resources.island_configuration import IslandConfiguration
@@ -43,7 +44,6 @@ from monkey_island.cc.resources.security_report import SecurityReport
 from monkey_island.cc.resources.T1216_pba_file_download import T1216PBAFileDownload
 from monkey_island.cc.resources.telemetry import Telemetry
 from monkey_island.cc.resources.telemetry_feed import TelemetryFeed
-from monkey_island.cc.resources.temp_configuration import TempConfiguration
 from monkey_island.cc.resources.version_update import VersionUpdate
 from monkey_island.cc.resources.zero_trust.finding_event import ZeroTrustFindingEvent
 from monkey_island.cc.resources.zero_trust.scoutsuite_auth.aws_keys import AWSKeys
@@ -120,9 +120,6 @@ def init_app_url_rules(app):
 
 
 def init_api_resources(api):
-    # TODO hook up to a proper endpoint
-    api.add_resource(TempConfiguration, "/api/temp_configuration")
-
     api.add_resource(Root, "/api")
     api.add_resource(Registration, "/api/registration")
     api.add_resource(Authenticate, "/api/auth")
@@ -136,7 +133,8 @@ def init_api_resources(api):
     )
     api.add_resource(MonkeyConfiguration, "/api/configuration", "/api/configuration/")
     api.add_resource(IslandConfiguration, "/api/configuration/island", "/api/configuration/island/")
-    api.add_resource(ConfigurationExport, "/api/configuration/export", "/api/configuration/export/")
+    api.add_resource(ConfigurationExport, "/api/configuration/export")
+    api.add_resource(ConfigurationImport, "/api/configuration/import")
     api.add_resource(
         MonkeyDownload,
         "/api/monkey/download",

monkey/monkey_island/cc/resources/configuration_import.py

@@ -1,15 +1,17 @@
 import json
+import logging
 from dataclasses import dataclass
 
 import flask_restful
 from flask import request
 
-from common.utils.exceptions import (  # InvalidCredentialsError,
+from common.utils.exceptions import (
-    FailedDecryption,
     InvalidConfigurationError,
+    InvalidCredentialsError,
     NoCredentialsError,
 )
 from monkey_island.cc.resources.auth.auth import jwt_required
+from monkey_island.cc.services.config import ConfigService
 from monkey_island.cc.services.utils.config_encryption import decrypt_config
 
 
@@ -23,8 +25,10 @@ class ResponseContents:
         return self.__dict__, self.status_code
 
 
-# TODO remove once backend implementation is done
+logger = logging.getLogger(__name__)
-class TempConfiguration(flask_restful.Resource):
+
+
+class ConfigurationImport(flask_restful.Resource):
     SUCCESS = False
 
     @jwt_required
@@ -32,24 +36,17 @@ class TempConfiguration(flask_restful.Resource):
         request_contents = json.loads(request.data)
         try:
             decrypt_config(request_contents["config"], request_contents["password"])
-            self.import_config()
+            ConfigurationImport.import_config(request_contents["config"])
             return ResponseContents().form_response()
-        # except InvalidCredentialsError:
+        except InvalidCredentialsError:
-        #     return ResponseContents(
-        #         import_status="wrong_password", message="Wrong password supplied", status_code=403
-        #     ).form_response()
-        except FailedDecryption as ex:
             return ResponseContents(
-                import_status="decryption_failure",
+                import_status="wrong_password", message="Wrong password supplied", status_code=403
-                message="Decryptioon of configuration failed. Error thrown during decryption: "
-                + f"{str(ex)}",
-                status_code=403,
             ).form_response()
         except InvalidConfigurationError:
             return ResponseContents(
                 import_status="invalid_configuration",
                 message="Invalid configuration supplied. "
-                "Maybe the format is outdated or the file is malformed",
+                "Maybe the format is outdated or the file is corrupted.",
                 status_code=400,
             ).form_response()
         except NoCredentialsError:
@@ -60,12 +57,7 @@ class TempConfiguration(flask_restful.Resource):
                 status_code=403,
             ).form_response()
 
-    # def decrypt(self, password=""):
+    @staticmethod
-    #     if not password:
+    def import_config(config_json):
-    #         raise NoCredentialsError
+        if not ConfigService.update_config(config_json, should_encrypt=True):
-    #     if not password == "abc":
+            raise InvalidConfigurationError
-    #         raise InvalidCredentialsError
-    #     return False
-
-    def import_config(self):
-        return True

monkey/monkey_island/cc/ui/src/components/configuration-components/ImportConfigModal.tsx

@@ -15,8 +15,7 @@ type Props = {
 
 
 const ConfigImportModal = (props: Props) => {
-  // TODO implement the back end
+  const configImportEndpoint = '/api/configuration/import';
-  const configImportEndpoint = '/api/temp_configuration';
 
   const [uploadStatus, setUploadStatus] = useState(UploadStatuses.clean);
   const [configContents, setConfigContents] = useState('');