From ae5216bf02e1adcddb06b5afdc84b7120b513171 Mon Sep 17 00:00:00 2001 From: vakarisz Date: Wed, 8 Jun 2022 16:08:35 +0300 Subject: [PATCH] Island: Create only one config Island had "newconfig" and "inital_config". We don't need the complexity of creating these configs if we will only have one. --- .../cc/resources/island_configuration.py | 2 +- monkey/monkey_island/cc/resources/monkey.py | 2 - monkey/monkey_island/cc/services/config.py | 45 +++++-------------- .../cc/services/reporting/report.py | 10 ++--- 4 files changed, 17 insertions(+), 42 deletions(-) diff --git a/monkey/monkey_island/cc/resources/island_configuration.py b/monkey/monkey_island/cc/resources/island_configuration.py index 1360d0c91..38f08ff1b 100644 --- a/monkey/monkey_island/cc/resources/island_configuration.py +++ b/monkey/monkey_island/cc/resources/island_configuration.py @@ -15,7 +15,7 @@ class IslandConfiguration(AbstractResource): def get(self): return jsonify( schema=ConfigService.get_config_schema(), - configuration=ConfigService.get_config(False, True, True), + configuration=ConfigService.get_config(True, True), ) @jwt_required diff --git a/monkey/monkey_island/cc/resources/monkey.py b/monkey/monkey_island/cc/resources/monkey.py index 8da54376d..4438733f6 100644 --- a/monkey/monkey_island/cc/resources/monkey.py +++ b/monkey/monkey_island/cc/resources/monkey.py @@ -65,8 +65,6 @@ class Monkey(AbstractResource): monkey_json["modifytime"] = datetime.now() - ConfigService.save_initial_config_if_needed() - # if new monkey telem, change config according to "new monkeys" config. db_monkey = mongo.db.monkey.find_one({"guid": monkey_json["guid"]}) diff --git a/monkey/monkey_island/cc/services/config.py b/monkey/monkey_island/cc/services/config.py index 043d1ff18..a1c29cc32 100644 --- a/monkey/monkey_island/cc/services/config.py +++ b/monkey/monkey_island/cc/services/config.py @@ -60,12 +60,10 @@ class ConfigService: pass @staticmethod - def get_config(is_initial_config=False, should_decrypt=True, is_island=False): + def get_config(should_decrypt=True, is_island=False): """ Gets the entire global config. - :param is_initial_config: If True, the initial config will be returned instead of the \ - current config. \ :param should_decrypt: If True, all config values which are set as encrypted will be \ decrypted. \ :param is_island: If True, will include island specific configuration parameters. \ @@ -74,12 +72,8 @@ class ConfigService: # is_initial_config and should_decrypt are only there to compare if we are on the # default configuration or did user modified it already - config = ( - mongo.db.config.find_one({"name": "initial" if is_initial_config else "newconfig"}) - or {} - ) - for field in ("name", "_id"): - config.pop(field, None) + config = mongo.db.config.find_one() or {} + config.pop("_id", None) if should_decrypt and len(config) > 0: ConfigService.decrypt_config(config) if not is_island: @@ -87,14 +81,12 @@ class ConfigService: return config @staticmethod - def get_config_value(config_key_as_arr, is_initial_config=False, should_decrypt=True): + def get_config_value(config_key_as_arr, should_decrypt=True): """ Get a specific config value. :param config_key_as_arr: The config key as an array. e.g. ['basic', 'credentials','exploit_password_list']. - :param is_initial_config: If True, returns the value of the - initial config instead of the current config. :param should_decrypt: If True, the value of the config key will be decrypted (if it's in the list of encrypted config values). :return: The value of the requested config key. @@ -102,9 +94,7 @@ class ConfigService: config_key = functools.reduce(lambda x, y: x + "." + y, config_key_as_arr) # This should just call get_config from repository. If None, then call get_default prob - config = mongo.db.config.find_one( - {"name": "initial" if is_initial_config else "newconfig"}, {config_key: 1} - ) + config = mongo.db.config.find_one({}, {config_key: 1}) for config_key_part in config_key_as_arr: config = config[config_key_part] @@ -124,11 +114,11 @@ class ConfigService: @staticmethod def set_config_value(config_key_as_arr, value): mongo_key = ".".join(config_key_as_arr) - mongo.db.config.update({"name": "newconfig"}, {"$set": {mongo_key: value}}) + mongo.db.config.find_one().update({"$set": {mongo_key: value}}) @staticmethod - def get_flat_config(is_initial_config=False, should_decrypt=True): - config_json = ConfigService.get_config(is_initial_config, should_decrypt) + def get_flat_config(should_decrypt=True): + config_json = ConfigService.get_config(should_decrypt) flat_config_json = {} for i in config_json: if i == "ransomware": @@ -153,7 +143,7 @@ class ConfigService: @staticmethod def add_item_to_config_set_if_dont_exist(item_path_array, item_value, should_encrypt): item_key = ".".join(item_path_array) - items_from_config = ConfigService.get_config_value(item_path_array, False, should_encrypt) + items_from_config = ConfigService.get_config_value(item_path_array, should_encrypt) if item_value in items_from_config: return if should_encrypt: @@ -161,9 +151,7 @@ class ConfigService: item_value = encrypt_dict(SENSITIVE_SSH_KEY_FIELDS, item_value) else: item_value = get_datastore_encryptor().encrypt(item_value) - mongo.db.config.update( - {"name": "newconfig"}, {"$addToSet": {item_key: item_value}}, upsert=False - ) + mongo.db.config.find_one().update({"$addToSet": {item_key: item_value}}, upsert=False) mongo.db.monkey.update( {}, {"$addToSet": {"config." + item_key.split(".")[-1]: item_value}}, multi=True @@ -225,7 +213,7 @@ class ConfigService: except KeyError: logger.error("Bad configuration file was submitted.") return False - mongo.db.config.update({"name": "newconfig"}, {"$set": config_json}, upsert=True) + mongo.db.config.update({}, {"$set": config_json}, upsert=True) logger.info("monkey config was updated") return True @@ -293,17 +281,6 @@ class ConfigService: ISLAND_PORT, ) - @staticmethod - def save_initial_config_if_needed(): - if mongo.db.config.find_one({"name": "initial"}) is not None: - return - - initial_config = mongo.db.config.find_one({"name": "newconfig"}) - initial_config["name"] = "initial" - initial_config.pop("_id") - mongo.db.config.insert(initial_config) - logger.info("Monkey config was inserted to mongo and saved") - @staticmethod def _extend_config_with_default(validator_class): validate_properties = validator_class.VALIDATORS["properties"] diff --git a/monkey/monkey_island/cc/services/reporting/report.py b/monkey/monkey_island/cc/services/reporting/report.py index 1c7fb3055..de696cda3 100644 --- a/monkey/monkey_island/cc/services/reporting/report.py +++ b/monkey/monkey_island/cc/services/reporting/report.py @@ -383,11 +383,11 @@ class ReportService: @staticmethod def get_config_users(): - return ConfigService.get_config_value(USER_LIST_PATH, True, True) + return ConfigService.get_config_value(USER_LIST_PATH, True) @staticmethod def get_config_passwords(): - return ConfigService.get_config_value(PASSWORD_LIST_PATH, True, True) + return ConfigService.get_config_value(PASSWORD_LIST_PATH, True) @staticmethod def get_config_exploits(): @@ -395,7 +395,7 @@ class ReportService: default_exploits = ConfigService.get_default_config(False) for namespace in exploits_config_value: default_exploits = default_exploits[namespace] - exploits = ConfigService.get_config_value(exploits_config_value, True, True) + exploits = ConfigService.get_config_value(exploits_config_value, True) if exploits == default_exploits: return ["default"] @@ -406,11 +406,11 @@ class ReportService: @staticmethod def get_config_ips(): - return ConfigService.get_config_value(SUBNET_SCAN_LIST_PATH, True, True) + return ConfigService.get_config_value(SUBNET_SCAN_LIST_PATH, True) @staticmethod def get_config_scan(): - return ConfigService.get_config_value(LOCAL_NETWORK_SCAN_PATH, True, True) + return ConfigService.get_config_value(LOCAL_NETWORK_SCAN_PATH, True) @staticmethod def get_issue_set(issues, config_users, config_passwords):