From 99250af2cc2397ff622b5ed8375e26ce9f4ddc4a Mon Sep 17 00:00:00 2001
From: Terrtia <or1994@hotmail.fr>
Date: Wed, 23 Jan 2019 16:04:13 +0100
Subject: [PATCH] chg: [server UI v0.1] add server management (blacklist,
 unblacklist, add and remove accepted types)

---
 server/web/Flask_server.py                  | 146 ++++++++++++++++-
 server/web/templates/server_management.html | 171 +++++++++++++++++++-
 server/web/templates/uuid_management.html   |   2 +-
 server/web/update_web.sh                    |   5 +-
 4 files changed, 315 insertions(+), 9 deletions(-)

diff --git a/server/web/Flask_server.py b/server/web/Flask_server.py
index 2d138da..176f071 100755
--- a/server/web/Flask_server.py
+++ b/server/web/Flask_server.py
@@ -8,6 +8,7 @@ import time
 import redis
 import flask
 import datetime
+import ipaddress
 
 from flask import Flask, render_template, jsonify, request, Blueprint, redirect, url_for
 
@@ -20,6 +21,16 @@ port_redis_stream = 6379
 
 default_max_entries_by_stream = 10000
 
+json_type_description = {
+                            "1": "pcap (libpcap 2.4)",
+                            "2": "meta header (JSON)",
+                            "3": "generic log line",
+                            "4": "dnscap output",
+                            "5": "pcapng (diagnostic)",
+                            "6": "generic NDJSON or JSON Lines",
+                            "7": "generic YAF (Yet Another Flowmeter)",
+                        }
+
 redis_server_stream = redis.StrictRedis(
                     host=host_redis_stream,
                     port=port_redis_stream,
@@ -45,6 +56,25 @@ def is_valid_uuid_v4(header_uuid):
     except:
         return False
 
+def is_valid_ip(ip):
+    try:
+        ipaddress.ip_address(ip)
+        return True
+    except ValueError:
+        return False
+
+# server_management input handler
+def get_server_management_input_handler_value(value):
+    if value is not None:
+        if value !="0":
+            try:
+                value=int(value)
+            except:
+                value=0
+        else:
+            value=0
+    return value
+
 # ========== ROUTES ============
 @app.route('/')
 def index():
@@ -99,7 +129,23 @@ def sensors_status():
 
 @app.route('/server_management')
 def server_management():
-    return render_template("server_management.html")
+    blacklisted_ip = request.args.get('blacklisted_ip')
+    unblacklisted_ip = request.args.get('unblacklisted_ip')
+    blacklisted_uuid = request.args.get('blacklisted_uuid')
+    unblacklisted_uuid = request.args.get('unblacklisted_uuid')
+
+    blacklisted_ip = get_server_management_input_handler_value(blacklisted_ip)
+    unblacklisted_ip = get_server_management_input_handler_value(unblacklisted_ip)
+    blacklisted_uuid = get_server_management_input_handler_value(blacklisted_uuid)
+    unblacklisted_uuid = get_server_management_input_handler_value(unblacklisted_uuid)
+
+    list_accepted_types = []
+    for type in redis_server_metadata.smembers('server:accepted_type'):
+        list_accepted_types.append({"id": int(type), "description": json_type_description[type]})
+
+    return render_template("server_management.html", list_accepted_types=list_accepted_types,
+                            blacklisted_ip=blacklisted_ip, unblacklisted_ip=unblacklisted_ip,
+                            blacklisted_uuid=blacklisted_uuid, unblacklisted_uuid=unblacklisted_uuid)
 
 @app.route('/uuid_management')
 def uuid_management():
@@ -135,15 +181,42 @@ def uuid_management():
     else:
         return 'Invalid uuid'
 
+@app.route('/uuid_change_stream_max_size')
+def uuid_change_stream_max_size():
+    uuid_sensor = request.args.get('uuid')
+    user = request.args.get('redirect')
+    max_uuid_stream = request.args.get('max_uuid_stream')
+    if is_valid_uuid_v4(uuid_sensor):
+        try:
+            max_uuid_stream = int(max_uuid_stream)
+            if max_uuid_stream < 0:
+                return 'stream max size, Invalid Integer'
+        except:
+            return 'stream max size, Invalid Integer'
+        redis_server_metadata.hset('stream_max_size_by_uuid', uuid_sensor, max_uuid_stream)
+        if user:
+            return redirect(url_for('uuid_management', uuid=uuid_sensor))
+    else:
+        return 'Invalid uuid'
+
 @app.route('/blacklist_uuid')
 def blacklist_uuid():
     uuid_sensor = request.args.get('uuid')
     user = request.args.get('redirect')
     if is_valid_uuid_v4(uuid_sensor):
-        redis_server_metadata.sadd('blacklist_uuid', uuid_sensor)
-        if user:
+        res = redis_server_metadata.sadd('blacklist_uuid', uuid_sensor)
+        if user=="0":
+            if res==0:
+                return redirect(url_for('server_management', blacklisted_uuid=2))
+            else:
+                return redirect(url_for('server_management', blacklisted_uuid=1))
+        elif user=="1":
             return redirect(url_for('uuid_management', uuid=uuid_sensor))
+        else:
+            return "404"
     else:
+        if user=="0":
+            return redirect(url_for('server_management', blacklisted_uuid=0))
         return 'Invalid uuid'
 
 @app.route('/unblacklist_uuid')
@@ -151,12 +224,53 @@ def unblacklist_uuid():
     uuid_sensor = request.args.get('uuid')
     user = request.args.get('redirect')
     if is_valid_uuid_v4(uuid_sensor):
-        redis_server_metadata.srem('blacklist_uuid', uuid_sensor)
-        if user:
+        res = redis_server_metadata.srem('blacklist_uuid', uuid_sensor)
+        if user=="0":
+            if res==0:
+                return redirect(url_for('server_management', unblacklisted_uuid=2))
+            else:
+                return redirect(url_for('server_management', unblacklisted_uuid=1))
+        elif user=="1":
             return redirect(url_for('uuid_management', uuid=uuid_sensor))
+        else:
+            return "404"
     else:
+        if user=="0":
+            return redirect(url_for('server_management', unblacklisted_uuid=0))
         return 'Invalid uuid'
 
+@app.route('/blacklist_ip')
+def blacklist_ip():
+    ip = request.args.get('ip')
+    user = request.args.get('redirect')
+    if is_valid_ip(ip):
+        res = redis_server_metadata.sadd('blacklist_ip', ip)
+        if user:
+            if res==0:
+                return redirect(url_for('server_management', blacklisted_ip=2))
+            else:
+                return redirect(url_for('server_management', blacklisted_ip=1))
+    else:
+        if user:
+            return redirect(url_for('server_management', blacklisted_ip=0))
+        return 'Invalid ip'
+
+@app.route('/unblacklist_ip')
+def unblacklist_ip():
+    ip = request.args.get('ip')
+    user = request.args.get('redirect')
+    if is_valid_ip(ip):
+        res = redis_server_metadata.srem('blacklist_ip', ip)
+        if user:
+            if res==0:
+                return redirect(url_for('server_management', unblacklisted_ip=2))
+            else:
+                return redirect(url_for('server_management', unblacklisted_ip=1))
+    else:
+        if user:
+            return redirect(url_for('server_management', unblacklisted_ip=0))
+        return 'Invalid ip'
+
 @app.route('/blacklist_ip_by_uuid')
 def blacklist_ip_by_uuid():
     uuid_sensor = request.args.get('uuid')
@@ -179,6 +293,28 @@ def unblacklist_ip_by_uuid():
     else:
         return 'Invalid uuid'
 
+@app.route('/add_accepted_type')
+def add_accepted_type():
+    type = request.args.get('type')
+    user = request.args.get('redirect')
+    if json_type_description[type]:
+        redis_server_metadata.sadd('server:accepted_type', type)
+        if user:
+            return redirect(url_for('server_management'))
+    else:
+        return 'Invalid type'
+
+@app.route('/remove_accepted_type')
+def remove_accepted_type():
+    type = request.args.get('type')
+    user = request.args.get('redirect')
+    if json_type_description[type]:
+        redis_server_metadata.srem('server:accepted_type', type)
+        if user:
+            return redirect(url_for('server_management'))
+    else:
+        return 'Invalid type'
+
 # demo function
 @app.route('/delete_data')
 def delete_data():
diff --git a/server/web/templates/server_management.html b/server/web/templates/server_management.html
index b944607..d468328 100644
--- a/server/web/templates/server_management.html
+++ b/server/web/templates/server_management.html
@@ -6,10 +6,12 @@
 	<link rel="icon" href="{{ url_for('static', filename='img/d4-logo.png')}}">
 	<!-- Core CSS -->
 	<link href="{{ url_for('static', filename='css/bootstrap.min.css') }}" rel="stylesheet">
+	<link href="{{ url_for('static', filename='css/dataTables.bootstrap.min.css') }}" rel="stylesheet">
 
 	<!-- JS -->
 	<script src="{{ url_for('static', filename='js/jquery.js')}}"></script>
-	<script src="{{ url_for('static', filename='js/bootstrap.min.js')}}"></script>
+	<script src="{{ url_for('static', filename='js/jquery.dataTables.min.js')}}"></script>
+	<script src="{{ url_for('static', filename='js/dataTables.bootstrap.min.js')}}"></script>
 
   <style>
 
@@ -37,6 +39,173 @@
 	    </ul>
 	</nav>
 
+	<div class="card-deck justify-content-center">
+		<div class="card text-center mt-3 ml-4">
+			<div class="card-header bg-danger text-white">
+				Blacklist IP
+			</div>
+			<div class="card-body">
+					<div class="card-deck justify-content-center">
+						<div class="card text-center border-danger" style="max-width: 20rem;">
+						  <div class="card-body text-danger">
+						    <h5 class="card-title">Blacklist IP</h5>
+									<input type="text" class="form-control {%if blacklisted_ip is not none %}{%if blacklisted_ip==1 %}is-valid{% else %}is-invalid{%endif%}{%endif%}" id="blacklist_ip_input" placeholder="IP Address">
+									<div class="invalid-feedback">
+										{%if blacklisted_ip==2 %}
+											This IP is already blacklisted
+										{% else %}
+											Incorrect IP address
+										{% endif %}
+					        </div>
+									<div class="valid-feedback">
+					          IP Blacklisted
+					        </div>
+							    <button type="button" class="btn btn-danger mt-2" onclick="window.location.href ='{{ url_for('blacklist_ip') }}?redirect=0&ip='+$('#blacklist_ip_input').val();">Blacklist IP</button>
+						  </div>
+						</div>
+						<div class="card text-center border-light" style="max-width: 20rem;">
+						  <div class="card-body">
+						    <h5 class="card-title">Manage IP Blacklist</h5>
+									<a href="#">
+							    	<button type="button" class="btn btn-outline-primary">Show Blacklisted IP</button>
+									</a>
+						  </div>
+						</div>
+						<div class="card text-center border-success" style="max-width: 20rem;">
+						  <div class="card-body">
+						    <h5 class="card-title">Unblacklist IP</h5>
+									<input type="text" class="form-control {%if unblacklisted_ip is not none %}{%if unblacklisted_ip==1 %}is-valid{% else %}is-invalid{%endif%}{%endif%}" id="unblacklist_ip_input" placeholder="IP Address">
+									<div class="invalid-feedback">
+										{%if unblacklisted_ip==2 %}
+											This IP is not blacklisted
+										{% else %}
+											Incorrect IP address
+										{% endif %}
+					        </div>
+									<div class="valid-feedback">
+					          IP Unblacklisted
+					        </div>
+							   	<button type="button" class="btn btn-outline-secondary mt-2" onclick="window.location.href ='{{ url_for('unblacklist_ip') }}?redirect=0&ip='+$('#unblacklist_ip_input').val();">Unblacklist IP</button>
+						  </div>
+						</div>
+					</div>
+			</div>
+		</div>
 
+		<div class="card text-center mt-3 mr-4">
+			<div class="card-header bg-danger text-white">
+				Blacklist UUID
+			</div>
+			<div class="card-body">
+				<div class="card-deck justify-content-center">
+					<div class="card text-center border-danger" style="max-width: 20rem;">
+						<div class="card-body text-danger">
+							<h5 class="card-title">Blacklist UUID</h5>
+								<input type="text" class="form-control {%if blacklisted_uuid is not none %}{%if blacklisted_uuid==1 %}is-valid{% else %}is-invalid{%endif%}{%endif%}" id="blacklist_uuid_input" placeholder="UUID">
+								<div class="invalid-feedback">
+									{%if blacklisted_uuid==2 %}
+										This UUID is already blacklisted
+									{% else %}
+										Incorrect UUID
+									{% endif %}
+								</div>
+								<div class="valid-feedback">
+									UUID Blacklisted
+								</div>
+								<button type="button" class="btn btn-danger mt-2" onclick="window.location.href ='{{ url_for('blacklist_uuid') }}?redirect=0&uuid='+$('#blacklist_uuid_input').val();">Blacklist UUID</button>
+						</div>
+					</div>
+					<div class="card text-center border-light" style="max-width: 20rem;">
+						<div class="card-body">
+							<h5 class="card-title">Manage UUID Blacklist</h5>
+								<a href="#">
+									<button type="button" class="btn btn-outline-primary">Show Blacklisted UUID</button>
+								</a>
+						</div>
+					</div>
+					<div class="card text-center border-success" style="max-width: 20rem;">
+						<div class="card-body">
+							<h5 class="card-title">Unblacklist UUID</h5>
+								<input type="text" class="form-control {%if unblacklisted_uuid is not none %}{%if unblacklisted_uuid==1 %}is-valid{% else %}is-invalid{%endif%}{%endif%}" id="unblacklist_uuid_input" placeholder="UUID">
+								<div class="invalid-feedback">
+									{%if unblacklisted_uuid==2 %}
+										This UUID is not Blacklisted
+									{% else %}
+										Incorrect UUID
+									{% endif %}
+								</div>
+								<div class="valid-feedback">
+									UUID Unblacklisted
+								</div>
+									<button type="button" class="btn btn-outline-secondary mt-2" onclick="window.location.href ='{{ url_for('unblacklist_uuid') }}?redirect=0&uuid='+$('#unblacklist_uuid_input').val();">Unblacklist UUID</button>
+						</div>
+					</div>
+				</div>
+			</div>
+		</div>
+	</div>
+
+	<div class="card-deck justify-content-center">
+		<div class="card border-dark mt-3 ml-4 mr-4">
+			<div class="card-header bg-dark text-white">
+				Header Accepted Types
+			</div>
+		  <div class="card-body text-dark">
+
+				<div class="row">
+			    <div class="col-sm-8">
+						<table class="table table-striped table-bordered table-hover" id="myTable_">
+							<thead class="thead-dark">
+								<tr>
+									<th>Type</th>
+									<th style="max-width: 800px;">Description</th>
+									<th style="max-width: 800px;">Remove Type</th>
+								</tr>
+							</thead>
+							<tbody>
+								{% for type in list_accepted_types %}
+								<tr>
+									<td>{{type['id']}}</td>
+									<td>{{type['description']}}</td>
+									<td>
+										<a href="{{ url_for('remove_accepted_type') }}?redirect=1&type={{type['id']}}">
+											<button type="button" class="btn btn-outline-danger">Remove Type</button>
+										</a>
+									</td>
+								</tr>
+								{% endfor %}
+							</tbody>
+						</table>
+					</div>
+			    <div class="col-sm-4">
+						<div class="card border-dark mt-3" style="max-width: 18rem;">
+						  <div class="card-body text-dark">
+						    <h5 class="card-title">Add New Types</h5>
+									<input class="form-control" type="number" id="accepted_type" value="1" min="1" max="7" required>
+									<button type="button" class="btn btn-outline-primary mt-1" onclick="window.location.href ='{{ url_for('add_accepted_type') }}?redirect=1&type='+$('#accepted_type').val();">Add New Type</button>
+							</div>
+						</div>
+					</div>
+			  </div>
+
+			</div>
+		</div>
+
+	</div>
 
 </body>
+
+<script>
+var table
+$(document).ready(function(){
+
+		table = $('#myTable_').DataTable(
+			{
+				/*"aLengthMenu": [[5, 10, 15, 20, -1], [5, 10, 15, 20, "All"]],
+				"iDisplayLength": 10,*/
+				"order": [[ 0, "asc" ]]
+			}
+		);
+
+});
+</script>
diff --git a/server/web/templates/uuid_management.html b/server/web/templates/uuid_management.html
index 93b6f4e..b14f863 100644
--- a/server/web/templates/uuid_management.html
+++ b/server/web/templates/uuid_management.html
@@ -81,7 +81,7 @@
 		    <h5 class="card-title">Change Stream Max Size</h5>
 					{% if not data_uuid['blacklisted_uuid'] and not data_uuid['blacklisted_ip_by_uuid'] %}
 						<input class="form-control" type="number" id="max_stream_input" value="{{max_uuid_stream}}" min="0" required>
-						<button type="button" class="btn btn-outline-secondary mt-1">Change Max Size</button>
+						<button type="button" class="btn btn-outline-secondary mt-1" onclick="window.location.href ='{{ url_for('uuid_change_stream_max_size') }}?uuid={{uuid_sensor}}&redirect=1&max_uuid_stream='+$('#max_stream_input').val();">Change Max Size</button>
 					{% else %}
 					<input class="form-control" type="number" id="max_stream_input" value="{{max_uuid_stream}}" min="0" required disabled>
 					<button type="button" class="btn btn-outline-secondary mt-1" disabled>Change Max Size</button>
diff --git a/server/web/update_web.sh b/server/web/update_web.sh
index 1262161..aad2a89 100755
--- a/server/web/update_web.sh
+++ b/server/web/update_web.sh
@@ -55,7 +55,8 @@ JQVERSION="3.3.1"
 wget http://code.jquery.com/jquery-${JQVERSION}.min.js -O ./static/js/jquery.js
 
 #Ressources for dataTable
-wget https://cdn.datatables.net/v/bs4/dt-1.10.18/datatables.min.css -O ./static/css/dataTables.bootstrap.css
-wget https://cdn.datatables.net/v/bs4/dt-1.10.18/datatables.min.js -O ./static/js/dataTables.bootstrap.js
+wget https://cdn.datatables.net/1.10.18/css/dataTables.bootstrap4.min.css -O ./static/css/dataTables.bootstrap.min.css
+wget https://cdn.datatables.net/1.10.18/js/dataTables.bootstrap4.min.js -O ./static/js/dataTables.bootstrap.min.js
+wget https://cdn.datatables.net/1.10.18/js/jquery.dataTables.min.js -O ./static/js/jquery.dataTables.min.js
 
 rm -rf temp