Merge pull request #1495 from guardicore/delay-mongo-init

Delay mongo init to after registration
This commit is contained in:
VakarisZ 2021-09-29 17:03:12 +03:00 committed by GitHub
commit f387595104
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 40 additions and 8 deletions

View File

@ -14,6 +14,7 @@ Changelog](https://keepachangelog.com/en/1.0.0/).
### Changed ### Changed
- The name of the "Communicate as new user" post-breach action to "Communicate - The name of the "Communicate as new user" post-breach action to "Communicate
as backdoor user". #1410 as backdoor user". #1410
- Resetting login credentials also cleans the contents of the database. #1495
- ATT&CK report messages (more accurate now). #1483 - ATT&CK report messages (more accurate now). #1483
### Removed ### Removed

View File

@ -56,6 +56,12 @@ When you first access the Monkey Island server, you'll be prompted to create an
To reset the credentials, edit the `server_config.json` file manually To reset the credentials, edit the `server_config.json` file manually
(located in the [data directory](/reference/data_directory)). (located in the [data directory](/reference/data_directory)).
{{% notice warning %}}
If you reset the credentials, the database will be cleared. Any findings of the Infection Monkey from previous runs will be lost. <br/><br/>
However, you can save the Monkey's existing configuration by logging in with your current credentials and clicking on the **Export config** button on the configuration page.
{{% /notice %}}
In order to reset the credentials, the following edits need to be made: In order to reset the credentials, the following edits need to be made:
1. Delete the `user` field. It will look like this: 1. Delete the `user` field. It will look like this:
```json ```json

View File

@ -1,4 +1,5 @@
import json import json
import logging
import flask_restful import flask_restful
from flask import make_response, request from flask import make_response, request
@ -7,17 +8,22 @@ import monkey_island.cc.environment.environment_singleton as env_singleton
import monkey_island.cc.resources.auth.password_utils as password_utils import monkey_island.cc.resources.auth.password_utils as password_utils
from common.utils.exceptions import InvalidRegistrationCredentialsError, RegistrationNotNeededError from common.utils.exceptions import InvalidRegistrationCredentialsError, RegistrationNotNeededError
from monkey_island.cc.environment.user_creds import UserCreds from monkey_island.cc.environment.user_creds import UserCreds
from monkey_island.cc.setup.mongo.database_initializer import reset_database
logger = logging.getLogger(__name__)
class Registration(flask_restful.Resource): class Registration(flask_restful.Resource):
def get(self): def get(self):
return {"needs_registration": env_singleton.env.needs_registration()} is_registration_needed = env_singleton.env.needs_registration()
return {"needs_registration": is_registration_needed}
def post(self): def post(self):
credentials = _get_user_credentials_from_request(request) credentials = _get_user_credentials_from_request(request)
try: try:
env_singleton.env.try_add_user(credentials) env_singleton.env.try_add_user(credentials)
reset_database()
return make_response({"error": ""}, 200) return make_response({"error": ""}, 200)
except (InvalidRegistrationCredentialsError, RegistrationNotNeededError) as e: except (InvalidRegistrationCredentialsError, RegistrationNotNeededError) as e:
return make_response({"error": str(e)}, 400) return make_response({"error": str(e)}, 400)

View File

@ -36,7 +36,6 @@ from monkey_island.cc.setup import island_config_options_validator # noqa: E402
from monkey_island.cc.setup.gevent_hub_error_handler import GeventHubErrorHandler # noqa: E402 from monkey_island.cc.setup.gevent_hub_error_handler import GeventHubErrorHandler # noqa: E402
from monkey_island.cc.setup.island_config_options import IslandConfigOptions # noqa: E402 from monkey_island.cc.setup.island_config_options import IslandConfigOptions # noqa: E402
from monkey_island.cc.setup.mongo import mongo_setup # noqa: E402 from monkey_island.cc.setup.mongo import mongo_setup # noqa: E402
from monkey_island.cc.setup.mongo.database_initializer import init_collections # noqa: E402
from monkey_island.cc.setup.mongo.mongo_db_process import MongoDbProcess # noqa: E402 from monkey_island.cc.setup.mongo.mongo_db_process import MongoDbProcess # noqa: E402
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
@ -131,8 +130,6 @@ def _start_island_server(should_setup_only, config_options: IslandConfigOptions)
populate_exporter_list() populate_exporter_list()
app = init_app(mongo_setup.MONGO_URL) app = init_app(mongo_setup.MONGO_URL)
init_collections()
if should_setup_only: if should_setup_only:
logger.warning("Setup only flag passed. Exiting.") logger.warning("Setup only flag passed. Exiting.")
return return

View File

@ -37,3 +37,7 @@ class Database(object):
def init_db(): def init_db():
if not mongo.db.collection_names(): if not mongo.db.collection_names():
Database.reset_db() Database.reset_db()
@staticmethod
def is_mitigations_missing() -> bool:
return bool(AttackMitigations.COLLECTION_NAME not in mongo.db.list_collection_names())

View File

@ -5,13 +5,16 @@ from pymongo import errors
from monkey_island.cc.database import mongo from monkey_island.cc.database import mongo
from monkey_island.cc.models.attack.attack_mitigations import AttackMitigations from monkey_island.cc.models.attack.attack_mitigations import AttackMitigations
from monkey_island.cc.services.attack.mitre_api_interface import MitreApiInterface from monkey_island.cc.services.attack.mitre_api_interface import MitreApiInterface
from monkey_island.cc.services.database import Database
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
def init_collections(): def reset_database():
logger.info("Setting up the Monkey Island, this might take a while...") Database.reset_db()
_try_store_mitigations_on_mongo() if Database.is_mitigations_missing():
logger.info("Populating Monkey Island with ATT&CK mitigations.")
_try_store_mitigations_on_mongo()
def _try_store_mitigations_on_mongo(): def _try_store_mitigations_on_mongo():

View File

@ -4,11 +4,13 @@ import {Row, Col, Container, Form, Button} from 'react-bootstrap';
import AuthService from '../../services/AuthService'; import AuthService from '../../services/AuthService';
import monkeyDetective from '../../images/detective-monkey.svg'; import monkeyDetective from '../../images/detective-monkey.svg';
import ParticleBackground from '../ui-components/ParticleBackground'; import ParticleBackground from '../ui-components/ParticleBackground';
import LoadingIcon from '../ui-components/LoadingIcon';
class RegisterPageComponent extends React.Component { class RegisterPageComponent extends React.Component {
register = (event) => { register = (event) => {
event.preventDefault(); event.preventDefault();
this.setState({loading: true})
this.auth.register(this.username, this.password).then(res => { this.auth.register(this.username, this.password).then(res => {
this.setState({failed: false, error: ''}); this.setState({failed: false, error: ''});
if (res['result']) { if (res['result']) {
@ -68,7 +70,12 @@ class RegisterPageComponent extends React.Component {
<Form.Control onChange={evt => this.updateUsername(evt)} type='text' placeholder='Username'/> <Form.Control onChange={evt => this.updateUsername(evt)} type='text' placeholder='Username'/>
<Form.Control onChange={evt => this.updatePassword(evt)} type='password' placeholder='Password'/> <Form.Control onChange={evt => this.updatePassword(evt)} type='password' placeholder='Password'/>
<Button className={'monkey-submit-button'} type={'submit'} > <Button className={'monkey-submit-button'} type={'submit'} >
Let's go! {
this.state.loading ?
<LoadingIcon/>
:
'Let\'s go!'
}
</Button> </Button>
<Row> <Row>
<Col> <Col>

View File

@ -35,3 +35,11 @@
margin-bottom: 20px; margin-bottom: 20px;
text-align: center; text-align: center;
} }
.auth-container .monkey-submit-button:hover .loading-icon {
color: $monkey-black;
}
.auth-container .monkey-submit-button:focus .loading-icon {
color: $monkey-black;
}