Conversation
…nd validators modules
- Updated equality checks in Flowspec4 and Whitelist models: - Adjusted conditions to compare only relevant fields. - Excluded user_id, org_id, comment, and time fields from Whitelist equality checks. - Improved formatting in docstrings for clarity. - Added unit tests for: - User creation and relationships. - ApiKey and MachineApiKey expiration logic. - Organization user retrieval. - Flowspec6 and Whitelist equality comparisons. - Whitelist serialization with to_dict. These changes enhance test coverage and refine model behavior.
- Moved models from flowapp/models.py into a dedicated directory - Updated flowapp/output.py to handle rule_type as an enum value - Fixed a return value issue in flowapp/utils.py's parse_api_time function - Added a debug print statement in flowapp/views/rules.py for user actions UI
Rule service is now used both in rules and api views Replaced direct database operations with calls to rule_service.create_or_update_*_rule for IPv4, IPv6, and RTBH rules Streamlined route announcements and logging by delegating responsibility to the service layer Improved maintainability and modularity by centralizing rule handling logic in rule_service
…telist handling when RTBH rule is created.
…nd whitelist handling services to avoid ciruclar imports
…, all tests passing
Added delete_by_rule_id method to RuleWhitelistCache for efficient cache entry removal. Used with statement for RabbitMQ connection handling in announce_to_rabbitmq to ensure proper cleanup. Introduced ALLOWED_COMMUNITIES check in rule and whitelist services for better filtering. Replaced print statements with structured logging using current_app.logger for better debugging. Improved logging in whitelist deletion to handle anomalies and prevent errors. Refactored logging configuration to use a standardized handler instead of loguru. Updated bulk_user_form.html example data to clarify user roles.
Added whitelist_rule_ids parameter to build_ip_tbody and build_rtbh_tbody macros to visually distinguish whitelist-created rules. Expired rules highlighted in table-warning. Whitelisted rules marked with table-success. Rules created by Whitelist marked with in table-secondary. Refactored index view to enrich rule data with whitelist info via enrich_rules_with_whitelist_info. Passed whitelist_rule_ids to dashboard rendering functions to ensure consistent rule styling.
Added count_by_rule method in RuleWhitelistCache to count cache entries per rule. Modified evaluate_rtbh_against_whitelists_check_results to process all whitelist matches instead of stopping at the first. Adjusted RTBH rule filtering to include both active (rstate_id=1) and whitelisted (rstate_id=4) rules when checking against whitelists. Improved whitelist deletion logic to only revert user-created rules to Active if they have no other whitelist references. Updated build_whitelist_tbody macro to accept whitelist_rule_ids for consistent rule highlighting.
…elevant functions to handle mixed IP versions gracefully, and add new test cases in test_whitelist_common.py to ensure proper coverage
…ssages, add file-based logging in app_factory, and update tests to assert flashes instead of specific messages.
- Move announce_all_routes to flowapp.services.base for better modularity. - Add delete_expired_whitelists function in whitelist_service.py to remove expired whitelist entries. - Update withdraw_expired route to call delete_expired_whitelists before withdrawing expired routes. - Import cleanup: remove unused Flask imports in test_forms.py and test_forms_cl.py. - Optimize rules.py by importing and using announce_all_routes and delete_expired_whitelists directly.
- Add method to Log model to purge logs older than 30 days - Implement string representation methods for Log objects - Add application logging for log entries in output.py - Integrate log cleanup into withdraw_expired endpoint
- Introduce reactivate_rule function in rule_service to centralize rule reactivation logic. - Replace inline limit checks with service-level handling for global and organization-specific limits. - Simplify rule reactivation in rules.py by delegating logic to the service layer. - Add redirects for global_limit_reached and limit_reached messages to improve user experience. - Ensure cleaner and more maintainable code by reducing duplication and improving readability.
…ctivation in /reactivate enpoint
- Implement delete_rtbh_and_create_whitelist function in rule_service to handle RTBH rule deletion and whitelist creation. - Add a new route delete_and_whitelist in rules.py to expose this functionality via the UI. - Update macros.html to include a button for converting RTBH rules to whitelist entries. - Enhance user feedback with detailed flash messages for both success and failure scenarios. - Improve code maintainability by centralizing logic in the service layer.
…. For service machines with nologin, first create an user and then machine api key.
updated to python 3.11 used in production env
Bugfix/machinekey
updated readme changelod with versions 1.1.1 and 1.1.0
Update to cover Python from 3.9 to 3.12
Update python-app.yml Updated Whitelist Service code to work in Python 3.9 updated Rule Service code to work in Python 3.9
link to exafs deploy repo in docs
Contributor
There was a problem hiding this comment.
Pull Request Overview
This PR merges the latest development changes including new whitelist functionality, updates to API endpoints and templates, and several improvements across models, services, tests, and forms in preparation for the 1.1.1 release. Key changes include the addition of new whitelist views and forms, enhancements to RTBH rule handling based on whitelist relations, and updates to various tests and templates to support these new features.
Reviewed Changes
Copilot reviewed 65 out of 73 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| withdraw_expired | New empty file added |
| run.example.py | Updated instructions and environment variable handling |
| flowapp/views/whitelist.py | New endpoints for adding, reactivating, and deleting whitelist entries |
| flowapp/views/dashboard.py | Enhanced dashboard view to include whitelist rule IDs and allowed communities |
| flowapp/views/api_common.py | Minor API error message updates and parameter adjustments |
| flowapp/views/admin.py | Updated machine API key creation with additional user lookup and comment update |
| flowapp/validators.py | Wrapped IP/network validations with try/except for clearer error handling |
| flowapp/utils/base.py | Corrected parse_api_time to return the computed time instead of False |
| ... (plus many test, template, service, and model files) | Comprehensive adjustments and additions to support whitelist and RTBH rule handling |
Comments suppressed due to low confidence (2)
flowapp/views/admin.py:82
- The variable 'curent_email' appears to be misspelled. Rename it to 'current_email' for clarity and consistency.
curent_email = session.get("user_uuid")
flowapp/services/whitelist_service.py:90
- To ensure proper string interpolation, change the message to an f-string (e.g., f"Existing active rule {rule_key} is equal to whitelist {whitelist_key}. Rule is now whitelisted.") so that the dynamic values are correctly included.
msg = "Existing active rule {rule_key} is equal to whitelist {whitelist_key}. Rule is now whitelisted."
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Release version 1.1.1 to production