search

mrheinen / lophiid

A distributed honeypot for monitoring large scale web attacks
GNU General Public License v2.0
6 stars 1 forks source link

Allow rules to be disabled/enables. Bump version #58

Closed mrheinen closed 3 weeks ago

mrheinen commented 3 weeks ago

PR Type

Enhancement

Description

Changes walkthrough ๐Ÿ“

Relevant files
Enhancement
backend.go
Load only enabled rules and fix indentation                           
pkg/backend/backend.go
  • Updated LoadRules function to only load enabled rules
  • Fixed indentation in getResponderData function
    		•  +2/-3     
    database.go
    Add Enabled field to ContentRule                                                 
    pkg/database/database.go - Added `Enabled` field to `ContentRule` struct
    		+1/-0     
    RuleForm.vue
    Add Alert and Enable checkboxes to RuleForm                           
    ui/src/components/container/RuleForm.vue
  • Added checkboxes for "Alert" and "Enable" options
  • Grouped new options under "Misc options" label
    		•  +10/-3   
    RulesList.vue
    Update baseRule defaults in RulesList                                       
    ui/src/components/container/RulesList.vue
  • Updated baseRule object to include enabled and alert fields
  • Changed default body_matching to "none"
  • Removed default host field
    		•  +3/-2     
    database.sql
    Add enabled column to content_rule table                                 
    config/database.sql
  • Added enabled column to content_rule table with default value TRUE
    		•  +1/-0     
    Configuration changes
    shared_constants.go
    Bump LophiidVersion to 0.11.0-alpha                                           
    pkg/util/constants/shared_constants.go - Bumped `LophiidVersion` from "0.10.5-alpha" to "0.11.0-alpha"
    		+1/-1     

    ๐Ÿ’ก PR-Agent usage: Comment /help "your question" on any pull request to receive relevant information

    codiumai-pr-agent-pro[bot] commented 3 weeks ago

    PR Reviewer Guide ๐Ÿ”

    Here are some key observations to aid the review process:

    โฑ๏ธ Estimated effort to review: 3 ๐Ÿ”ต๐Ÿ”ต๐Ÿ”ตโšชโšช
    ๐Ÿงช No relevant tests
    ๐Ÿ”’ No security concerns identified
    โšก Recommended focus areas for review

    Possible Bug
    The `LoadRules` function now only loads enabled rules, which might cause issues if there's a need to load disabled rules for any reason. UX Consideration
    The new "Misc options" section might benefit from tooltips or help text to explain the purpose of the "Alert" and "Enable" checkboxes. Default Value Change
    The default value for `body_matching` has been changed from "exact" to "none", which might affect existing behavior or expectations.
    github-actions[bot] commented 3 weeks ago

    Failed to generate code suggestions for PR

    codiumai-pr-agent-pro[bot] commented 3 weeks ago

    PR Code Suggestions โœจ

    Explore these optional code suggestions:

    CategorySuggestion                                                                                                                                    Score
    Best practice
    Implement a safeguard against loading an excessive number of rules ___ **Consider adding a check for the maximum number of rules to prevent potential issues
    with very large rule sets.** [pkg/backend/backend.go [802-806]](https://github.com/mrheinen/lophiid/pull/58/files#diff-c65bcfe9bb457434c3e69ba3f0576d7669935f350d24e2c2c58b05b4f9c510b2R802-R806) ```diff +maxRules := maxBatchesToLoad * rulesBatchSize for i := 0; i < maxBatchesToLoad; i += 1 { rules, err := s.dbClient.SearchContentRules(int64(rulesOffset), int64(rulesBatchSize), "enabled:true") if err != nil { return err } + if len(allRules) + len(rules) > maxRules { + slog.Warn("Maximum number of rules reached", slog.Int("max_rules", maxRules)) + break + } ``` - [ ] **Apply this suggestion**
    Suggestion importance[1-10]: 8 Why: This suggestion adds an important safety measure to prevent potential performance issues or resource exhaustion from loading too many rules. It's a critical improvement for system stability and scalability.
    		8
    Enhancement
    Handle the case when no enabled rules are found in the database query ___ **Consider handling the case where no rules are found. You might want to log a message
    or take appropriate action if the query returns no results.** [pkg/backend/backend.go [803-806]](https://github.com/mrheinen/lophiid/pull/58/files#diff-c65bcfe9bb457434c3e69ba3f0576d7669935f350d24e2c2c58b05b4f9c510b2R803-R806) ```diff rules, err := s.dbClient.SearchContentRules(int64(rulesOffset), int64(rulesBatchSize), "enabled:true") if err != nil { return err } +if len(rules) == 0 { + slog.Info("No enabled rules found") + break +} ``` - [ ] **Apply this suggestion**
    Suggestion importance[1-10]: 7 Why: This suggestion improves error handling and provides better logging, which is important for debugging and monitoring the system's behavior. It prevents silent failures when no rules are found.
    		7
    Add tooltips to provide explanations for the "Alert" and "Enable" options ___ **Consider adding tooltips or help text to explain the purpose and implications of the
    "Alert" and "Enable" options to improve user understanding.** [ui/src/components/container/RuleForm.vue [171-179]](https://github.com/mrheinen/lophiid/pull/58/files#diff-cbf1e6db434afc9f525cacca672df1403bb3b7a5cd4e20d9352ec60f7a847eafR171-R179) ```diff
    +Enable alerts for this rule
    +Activate or deactivate this rule
    ``` - [ ] **Apply this suggestion**
    Suggestion importance[1-10]: 5 Why: This suggestion enhances user experience by providing clear explanations for new UI elements. While not critical for functionality, it improves usability and reduces potential user confusion.
    		5

    ๐Ÿ’ก Need additional feedback ? start a PR chat