ui report filter line time issues

[tpurschke]

• [x] bug with filter line in changes report (Generate report - Unclassified error: : invalid input syntax for type timestamp: "" . See log for details!):

Filter Error - Error: wrong time range format at FWO.Report.Filter.Ast.AstNodeFilter.resolveTimeRange(String timeRange) in /home/tim/dev/tpur-fwo/firewall-orchestrator/roles/lib/files/FWO.Report.Filter/Ast/AstNodeFilter.cs:line 407 at FWO.Report.Filter.Ast.AstNodeFilter.ExtractTimeQuery(DynGraphqlQuery query) in /home/tim/dev/tpur-fwo/firewall-orchestrator/roles/lib/files/FWO.Report.Filter/Ast/AstNodeFilter.cs:line 54 at FWO.Report.Filter.Ast.AstNodeFilter.Extract(DynGraphqlQuery& query) in /home/tim/dev/tpur-fwo/firewall-orchestrator/roles/lib/files/FWO.Report.Filter/Ast/AstNodeFilter.cs:line 36 at FWO.Report.Filter.Ast.AstNodeConnector.Extract(DynGraphqlQuery& query) in /home/tim/dev/tpur-fwo/firewall-orchestrator/roles/lib/files/FWO.Report.Filter/Ast/AstNodeConnector.cs:line 31 at FWO.Report.Filter.DynGraphqlQuery.Generate(AstNode ast) in /home/tim/dev/tpur-fwo/firewall-orchestrator/roles/lib/files/FWO.Report.Filter/DynGraphqlQuery.cs:line 45 at FWO.Report.Filter.Compiler.Compile(String input) in /home/tim/dev/tpur-fwo/firewall-orchestrator/roles/lib/files/FWO.Report.Filter/Compiler.cs:line 17 at FWO.Ui.Pages.Report.TryFilter(ChangeEventArgs changeArgs) in /home/tim/dev/tpur-fwo/firewall-orchestrator/roles/ui/files/FWO_UI/Pages/Report.razor:line 415 See logs for details!

• [x] idea for time format (can also be transformed into an issue for future implementation in phase 2/3): type=changes and time>"2021-07-01" and time<"2021-10-01" and (gateway="fortigate_demo") -> obsolete/done with shift to LSB

• [x] time works only as first parameter if "time" is used after other criteria an error is thrown. (done by @abarz722) -> obsolete with shift to LSB

  time = "2021-04-21 09:21:00" and src = cactus --> works
  src = cactus and time = "2021-04-21 09:21:00" --> error: Report generation - Unclassified error.: Unexpected token (Text: "time" Kind: "Time")...

  @NilsPur - can we handle this by adjusting the grammar to only allow time as top-level-element?

• [x] start and stop operator dont seem to work timefilter issue (variable name is stop_time/start_time not stop/start):

Nov 25 13:55:58 fworch-comp fworch-ui[114686]: Error - API Connection (APIConnection.cs in line 84): Error while sending query to GraphQL API. Caught by GraphQL client library.
Nov 25 13:55:58 fworch-comp fworch-ui[114686]: Message: invalid input syntax for type timestamp: ""
Nov 25 13:55:58 fworch-comp fworch-ui[114686]: Error - API Connection (APIConnection.cs in line 107): Error while sending query to GraphQL API. Query:  fragment networkObjectOverview on object { obj_ip obj_ip_end obj_name obj_id type: stm_obj_typ { id: obj_typ_id name: obj_typ_name } obj_color_id}fragment networkServiceOverview on service { svc_id svc_name svc_uid svc_port svc_port_end service_type: stm_svc_typ { id: svc_typ_id name: svc_typ_name } svc_color_id protocol_name: stm_ip_proto { id: ip_proto_id name: ip_proto_name }}fragment userOverview on usr { user_id user_uid user_name stm_usr_typ { usr_typ_name }}fragment ruleOverview on rule { rule_id rule_uid rule_action section_header: rule_head_text rule_comment rule_track rule_disabled src_zone: zone { zone_name zone_id } rule_metadatum { rule_metadata_id rule_created rule_first_hit rule_last_hit rule_last_modified rule_last_certified rule_last_certifier_dn rule_to_be_removed rule_decert_date rule_recertification_comment } rule_src_neg rule_dst_neg rule_svc_neg rule_num_numeric rule_name access_rule nat_rule xlate_rule rule_froms(where: {object:{obj_create:{_lte:$relevantImportId}, obj_last_seen:{_gte:$relevantImportId}}}) { usr { ...userOverview } object { ...networkObjectOverview } } dst_zone: zoneByRuleToZone { zone_name zone_id } rule_tos(where: {object:{obj_create:{_lte:$relevantImportId}, obj_last_seen:{_gte:$relevantImportId}}}) { object { ...networkObjectOverview } } rule_services(where: {service:{svc_create:{_lte:$relevantImportId}, svc_last_seen:{_gte:$relevantImportId}}}) { service { ...networkServiceOverview } }} query changeReport( $limit: Int $offset: Int $mgmId: [Int!] $relevantImportId: bigint $start: timestamp! $stop: timestamp! $gwName0: String! ) { management(where: { hide_in_gui: {_eq: false } } order_by: {mgm_name: asc}) { id: mgm_id name: mgm_name devices (where: { hide_in_gui: {_eq: false} }, order_by: {dev_name: asc} ) { id: dev_id name: dev_name changelog_rules( offset: $offset limit: $limit where: { _or:[ {_and: [{change_action:{_eq:"I"}}, {rule: {access_rule:{_eq:true}}}]}, {_and: [{change_action:{_eq:"D"}}, {ruleByOldRuleId: {access_rule:{_eq:true}}}]}, {_and: [{change_action:{_eq:"C"}}, {rule: {access_rule:{_eq:true}}}, {ruleByOldRuleId: {access_rule:{_eq:true}}}]} ] _and: [{}, {_and: [{ _and: [ { import_control: { stop_time: { _gte: $start } } } { import_control: { stop_time: { _lte: $stop } } } ] change_type_id: { _eq: 3 } security_relevant: { _eq: true }}, {device: {dev_name : {_ilike: $gwName0 } }}] }] } order_by: { control_id: asc } ) { import: import_control { time: stop_time } change_action old: ruleByOldRuleId { ...ruleOverview } new: rule { ...ruleOverview } } } } } , variables: System.Collections.Generic.Dictionary`2[System.String,System.Object]
Nov 25 13:55:58 fworch-comp fworch-ui[114686]:  ---
Nov 25 13:55:58 fworch-comp fworch-ui[114686]: Exception thrown:
Nov 25 13:55:58 fworch-comp fworch-ui[114686]:  Exception
Nov 25 13:55:58 fworch-comp fworch-ui[114686]: Message:
Nov 25 13:55:58 fworch-comp fworch-ui[114686]:  invalid input syntax for type timestamp: ""
Nov 25 13:55:58 fworch-comp fworch-ui[114686]:  
Nov 25 13:55:58 fworch-comp fworch-ui[114686]: Stack Trace:
Nov 25 13:55:58 fworch-comp fworch-ui[114686]:  at FWO.ApiClient.APIConnection.SendQueryAsync[QueryResponseType](String query, Object variables, String operationName) in /usr/local/fworch/lib/files/FWO.Api.Client/APIConnection.cs:line 88
Nov 25 13:55:58 fworch-comp fworch-ui[114686]: Error - Report erstellen (MainLayout.razor in line 116): Unspecified error occured:
Nov 25 13:55:58 fworch-comp fworch-ui[114686]:  ---
Nov 25 13:55:58 fworch-comp fworch-ui[114686]: Exception thrown:
Nov 25 13:55:58 fworch-comp fworch-ui[114686]:  Exception
Nov 25 13:55:58 fworch-comp fworch-ui[114686]: Message:
Nov 25 13:55:58 fworch-comp fworch-ui[114686]:  invalid input syntax for type timestamp: ""
Nov 25 13:55:58 fworch-comp fworch-ui[114686]:  
Nov 25 13:55:58 fworch-comp fworch-ui[114686]: Stack Trace:
Nov 25 13:55:58 fworch-comp fworch-ui[114686]:  at FWO.ApiClient.APIConnection.SendQueryAsync[QueryResponseType](String query, Object variables, String operationName) in /usr/local/fworch/lib/files/FWO.Api.Client/APIConnection.cs:line 88
Nov 25 13:55:58 fworch-comp fworch-ui[114686]:    at FWO.Report.ReportChanges.Generate(Int32 changesPerFetch, APIConnection apiConnection, Func`2 callback, CancellationToken ct) in /usr/local/fworch/lib/files/FWO.Report/ReportChanges.cs:line 45
Nov 25 13:55:58 fworch-comp fworch-ui[114686]:    at FWO.Ui.Pages.Reporting.Report.GenerateReport() in /usr/local/fworch/ui/files/FWO.UI/Pages/Reporting/Report.razor:line 378 ````

[tpurschke]

Workaround only in roles/lib/files/FWO.Report.Filter/Ast/AstNodeFilter.cs lines 477ff:

                        throw new SyntaxException($"Error: wrong time range format.", new System.Range(23, 26)); // Unexpected token
                    // we have some hard coded string positions here which we should get rid off
                    // how can we access the tokens[position].Position information here?

@NilsPur can you advice please?

[tpurschke]

fixed by shift of time selection to LSB