From 624fda10cb0446ade76af2a9a98a5a897835eff7 Mon Sep 17 00:00:00 2001
From: VakarisZ <vakarisz@yahoo.com>
Date: Wed, 2 Jun 2021 12:36:34 +0300
Subject: [PATCH] Renamed configuration import resource endpoint(url) and
 resource itself.

---
 monkey/monkey_island/cc/app.py                |  8 ++--
 ...nfiguration.py => configuration_import.py} | 40 ++++++++-----------
 .../ImportConfigModal.tsx                     |  3 +-
 3 files changed, 20 insertions(+), 31 deletions(-)
 rename monkey/monkey_island/cc/resources/{temp_configuration.py => configuration_import.py} (57%)

diff --git a/monkey/monkey_island/cc/app.py b/monkey/monkey_island/cc/app.py
index 0642f1768..ecc5feca1 100644
--- a/monkey/monkey_island/cc/app.py
+++ b/monkey/monkey_island/cc/app.py
@@ -21,6 +21,7 @@ from monkey_island.cc.resources.blackbox.telemetry_blackbox_endpoint import (
 from monkey_island.cc.resources.bootloader import Bootloader
 from monkey_island.cc.resources.client_run import ClientRun
 from monkey_island.cc.resources.configuration_export import ConfigurationExport
+from monkey_island.cc.resources.configuration_import import ConfigurationImport
 from monkey_island.cc.resources.edge import Edge
 from monkey_island.cc.resources.environment import Environment
 from monkey_island.cc.resources.island_configuration import IslandConfiguration
@@ -43,7 +44,6 @@ from monkey_island.cc.resources.security_report import SecurityReport
 from monkey_island.cc.resources.T1216_pba_file_download import T1216PBAFileDownload
 from monkey_island.cc.resources.telemetry import Telemetry
 from monkey_island.cc.resources.telemetry_feed import TelemetryFeed
-from monkey_island.cc.resources.temp_configuration import TempConfiguration
 from monkey_island.cc.resources.version_update import VersionUpdate
 from monkey_island.cc.resources.zero_trust.finding_event import ZeroTrustFindingEvent
 from monkey_island.cc.resources.zero_trust.scoutsuite_auth.aws_keys import AWSKeys
@@ -120,9 +120,6 @@ def init_app_url_rules(app):
 
 
 def init_api_resources(api):
-    # TODO hook up to a proper endpoint
-    api.add_resource(TempConfiguration, "/api/temp_configuration")
-
     api.add_resource(Root, "/api")
     api.add_resource(Registration, "/api/registration")
     api.add_resource(Authenticate, "/api/auth")
@@ -136,7 +133,8 @@ def init_api_resources(api):
     )
     api.add_resource(MonkeyConfiguration, "/api/configuration", "/api/configuration/")
     api.add_resource(IslandConfiguration, "/api/configuration/island", "/api/configuration/island/")
-    api.add_resource(ConfigurationExport, "/api/configuration/export", "/api/configuration/export/")
+    api.add_resource(ConfigurationExport, "/api/configuration/export")
+    api.add_resource(ConfigurationImport, "/api/configuration/import")
     api.add_resource(
         MonkeyDownload,
         "/api/monkey/download",
diff --git a/monkey/monkey_island/cc/resources/temp_configuration.py b/monkey/monkey_island/cc/resources/configuration_import.py
similarity index 57%
rename from monkey/monkey_island/cc/resources/temp_configuration.py
rename to monkey/monkey_island/cc/resources/configuration_import.py
index d82c8c92d..9e4731d7f 100644
--- a/monkey/monkey_island/cc/resources/temp_configuration.py
+++ b/monkey/monkey_island/cc/resources/configuration_import.py
@@ -1,15 +1,17 @@
 import json
+import logging
 from dataclasses import dataclass
 
 import flask_restful
 from flask import request
 
-from common.utils.exceptions import (  # InvalidCredentialsError,
-    FailedDecryption,
+from common.utils.exceptions import (
     InvalidConfigurationError,
+    InvalidCredentialsError,
     NoCredentialsError,
 )
 from monkey_island.cc.resources.auth.auth import jwt_required
+from monkey_island.cc.services.config import ConfigService
 from monkey_island.cc.services.utils.config_encryption import decrypt_config
 
 
@@ -23,8 +25,10 @@ class ResponseContents:
         return self.__dict__, self.status_code
 
 
-# TODO remove once backend implementation is done
-class TempConfiguration(flask_restful.Resource):
+logger = logging.getLogger(__name__)
+
+
+class ConfigurationImport(flask_restful.Resource):
     SUCCESS = False
 
     @jwt_required
@@ -32,24 +36,17 @@ class TempConfiguration(flask_restful.Resource):
         request_contents = json.loads(request.data)
         try:
             decrypt_config(request_contents["config"], request_contents["password"])
-            self.import_config()
+            ConfigurationImport.import_config(request_contents["config"])
             return ResponseContents().form_response()
-        # except InvalidCredentialsError:
-        #     return ResponseContents(
-        #         import_status="wrong_password", message="Wrong password supplied", status_code=403
-        #     ).form_response()
-        except FailedDecryption as ex:
+        except InvalidCredentialsError:
             return ResponseContents(
-                import_status="decryption_failure",
-                message="Decryptioon of configuration failed. Error thrown during decryption: "
-                + f"{str(ex)}",
-                status_code=403,
+                import_status="wrong_password", message="Wrong password supplied", status_code=403
             ).form_response()
         except InvalidConfigurationError:
             return ResponseContents(
                 import_status="invalid_configuration",
                 message="Invalid configuration supplied. "
-                "Maybe the format is outdated or the file is malformed",
+                "Maybe the format is outdated or the file is corrupted.",
                 status_code=400,
             ).form_response()
         except NoCredentialsError:
@@ -60,12 +57,7 @@ class TempConfiguration(flask_restful.Resource):
                 status_code=403,
             ).form_response()
 
-    # def decrypt(self, password=""):
-    #     if not password:
-    #         raise NoCredentialsError
-    #     if not password == "abc":
-    #         raise InvalidCredentialsError
-    #     return False
-
-    def import_config(self):
-        return True
+    @staticmethod
+    def import_config(config_json):
+        if not ConfigService.update_config(config_json, should_encrypt=True):
+            raise InvalidConfigurationError
diff --git a/monkey/monkey_island/cc/ui/src/components/configuration-components/ImportConfigModal.tsx b/monkey/monkey_island/cc/ui/src/components/configuration-components/ImportConfigModal.tsx
index 6b950f7c7..6404dc317 100644
--- a/monkey/monkey_island/cc/ui/src/components/configuration-components/ImportConfigModal.tsx
+++ b/monkey/monkey_island/cc/ui/src/components/configuration-components/ImportConfigModal.tsx
@@ -15,8 +15,7 @@ type Props = {
 
 
 const ConfigImportModal = (props: Props) => {
-  // TODO implement the back end
-  const configImportEndpoint = '/api/temp_configuration';
+  const configImportEndpoint = '/api/configuration/import';
 
   const [uploadStatus, setUploadStatus] = useState(UploadStatuses.clean);
   const [configContents, setConfigContents] = useState('');