Merge pull request #2057 from akto-api-security/hotfix/fix_testing_alert

Sending slack alert only for non-demo collections
akto-api-security · Feb 5, 2025 · 147de65 · 147de65
2 parents 830dc52 + 22620e8
commit 147de65
Show file tree

Hide file tree

Showing 4 changed files with 74 additions and 12 deletions.
diff --git a/apps/testing/src/main/java/com/akto/testing/Main.java b/apps/testing/src/main/java/com/akto/testing/Main.java
@@ -63,6 +63,7 @@
 import org.slf4j.LoggerFactory;
 import org.springframework.util.StringUtils;
 
+import static com.akto.testing.Utils.isTestingRunForDemoCollection;
 import static com.akto.testing.Utils.readJsonContentFromFile;
 
 import java.util.*;
@@ -402,10 +403,10 @@ public static void main(String[] args) throws InterruptedException {
                 // mark the test completed here
                 testCompletion.markTestAsCompleteAndRunFunctions(testingRun, summaryId);
 
-                if (StringUtils.hasLength(AKTO_SLACK_WEBHOOK) ) {
+                if (StringUtils.hasLength(AKTO_SLACK_WEBHOOK) && !isTestingRunForDemoCollection(testingRun)) {
                     try {
                         CustomTextAlert customTextAlert = new CustomTextAlert("Test completed for accountId=" + accountId + " testingRun=" + testingRun.getHexId() + " summaryId=" + summaryId.toHexString() + " : @Arjun you are up now. Make your time worth it. :)");
-                        SLACK_INSTANCE.send(AKTO_SLACK_WEBHOOK, customTextAlert.toJson());
+                        SLACK_INSTANCE.send(AKTO_SLACK_WEBHOOK, customTextAlert.toJson());  
                     } catch (Exception e) {
                         logger.error("Error sending slack alert for completion of test", e);
                     }
@@ -676,7 +677,7 @@ public void run() {
                     RequiredConfigs.initiate();
                     int maxRunTime = testingRun.getTestRunTime() <= 0 ? 30*60 : testingRun.getTestRunTime();
 
-                    if (StringUtils.hasLength(AKTO_SLACK_WEBHOOK) ) {
+                    if (StringUtils.hasLength(AKTO_SLACK_WEBHOOK) && !isTestingRunForDemoCollection(testingRun)) {
                         CustomTextAlert customTextAlert = new CustomTextAlert("Test started: accountId=" + Context.accountId.get() + " testingRun=" + testingRun.getHexId() + " summaryId=" + summaryId.toHexString() + " time=" + maxRunTime);
                         SLACK_INSTANCE.send(AKTO_SLACK_WEBHOOK, customTextAlert.toJson());
                     }
@@ -697,7 +698,7 @@ public void run() {
                     loggerMaker.errorAndAddToDb(e, "Error in init " + e);
                 }
                 testCompletion.markTestAsCompleteAndRunFunctions(testingRun, summaryId);
-                if (StringUtils.hasLength(AKTO_SLACK_WEBHOOK) ) {
+                if (StringUtils.hasLength(AKTO_SLACK_WEBHOOK) && !isTestingRunForDemoCollection(testingRun)) {
                     try {
                         CustomTextAlert customTextAlert = new CustomTextAlert("Test completed for accountId=" + accountId + " testingRun=" + testingRun.getHexId() + " summaryId=" + summaryId.toHexString() + " : @Arjun you are up now. Make your time worth it. :)");
                         SLACK_INSTANCE.send(AKTO_SLACK_WEBHOOK, customTextAlert.toJson());

diff --git a/apps/testing/src/main/java/com/akto/testing/kafka_utils/ConsumerUtil.java b/apps/testing/src/main/java/com/akto/testing/kafka_utils/ConsumerUtil.java
@@ -121,9 +121,9 @@ public void init(int maxRunTimeInSeconds) {
 
             parallelConsumer = ParallelStreamProcessor.createEosStreamProcessor(options);
             parallelConsumer.subscribe(Arrays.asList(topicName)); 
-            if (StringUtils.hasLength(Main.AKTO_SLACK_WEBHOOK) ) {
+            if (StringUtils.hasLength(Main.AKTO_SLACK_WEBHOOK)) {
                 try {
-                    CustomTextAlert customTextAlert = new CustomTextAlert("Tests being picked for execution" + currentTestInfo.getInt("accountId") + " summaryId=" + summaryIdForTest);
+                    CustomTextAlert customTextAlert = new CustomTextAlert("Tests being picked for execution through consumer for account: " + currentTestInfo.getInt("accountId") + " summaryId=" + summaryIdForTest);
                     Main.SLACK_INSTANCE.send(Main.AKTO_SLACK_WEBHOOK, customTextAlert.toJson());
                 } catch (Exception e) {
                     logger.error("Error sending slack alert for completion of test", e);

diff --git a/libs/utils/src/main/java/com/akto/runtime/RuntimeUtil.java b/libs/utils/src/main/java/com/akto/runtime/RuntimeUtil.java
@@ -16,6 +16,13 @@
 import java.util.*;
 
 public class RuntimeUtil {
+
+    public static final String JUICE_SHOP_DEMO_COLLECTION_NAME = "juice_shop_demo";
+    public static final String VULNERABLE_API_COLLECTION_NAME = "vulnerable_apis";
+    public static final String LLM_API_COLLECTION_NAME = "llm_apis";
+    public static final int VULNERABLE_API_COLLECTION_ID = 1111111111;
+    public static final int LLM_API_COLLECTION_ID = 1222222222;
+
     private static final LoggerMaker loggerMaker = new LoggerMaker(RuntimeUtil.class);
     public static boolean matchesDefaultPayload(HttpResponseParams httpResponseParams, Map<String, DefaultPayload> defaultPayloadMap) {
         try {

diff --git a/libs/utils/src/main/java/com/akto/testing/Utils.java b/libs/utils/src/main/java/com/akto/testing/Utils.java
@@ -1,5 +1,10 @@
 package com.akto.testing;
 
+import static com.akto.runtime.RuntimeUtil.extractAllValuesFromPayload;
+import static com.akto.test_editor.Utils.deleteKeyFromPayload;
+import static com.akto.test_editor.execution.Operations.deleteCookie;
+import static com.akto.test_editor.execution.Operations.modifyCookie;
+
 import java.io.File;
 import java.util.ArrayList;
 import java.util.Collections;
@@ -15,28 +20,35 @@
 import org.bson.conversions.Bson;
 import org.bson.types.ObjectId;
 
+import com.akto.dao.ApiCollectionsDao;
 import com.akto.dao.context.Context;
 import com.akto.dao.testing.TestingRunResultDao;
 import com.akto.dao.testing.VulnerableTestingRunResultDao;
 import com.akto.dao.testing_run_findings.TestingRunIssuesDao;
+import com.akto.dto.ApiCollection;
 import com.akto.dto.ApiInfo.ApiInfoKey;
-import com.akto.dto.CollectionConditions.ConditionsType;
 import com.akto.dto.OriginalHttpRequest;
 import com.akto.dto.RawApi;
+import com.akto.dto.CollectionConditions.ConditionsType;
 import com.akto.dto.test_editor.DataOperandsFilterResponse;
 import com.akto.dto.test_editor.FilterNode;
 import com.akto.dto.test_editor.Util;
 import com.akto.dto.test_run_findings.TestingIssuesId;
 import com.akto.dto.test_run_findings.TestingRunIssues;
+import com.akto.dto.testing.CollectionWiseTestingEndpoints;
+import com.akto.dto.testing.CustomTestingEndpoints;
 import com.akto.dto.testing.GenericTestResult;
 import com.akto.dto.testing.TestResult;
 import com.akto.dto.testing.TestResult.Confidence;
 import com.akto.dto.testing.TestResult.TestError;
+import com.akto.dto.testing.TestingEndpoints;
+import com.akto.dto.testing.TestingRun;
 import com.akto.dto.testing.TestingRunResult;
 import com.akto.dto.testing.WorkflowUpdatedSampleData;
 import com.akto.dto.type.RequestTemplate;
 import com.akto.log.LoggerMaker;
 import com.akto.log.LoggerMaker.LogDb;
+import com.akto.runtime.RuntimeUtil;
 import com.akto.test_editor.filter.Filter;
 import com.akto.test_editor.filter.data_operands_impl.ValidationResult;
 import com.akto.testing_utils.TestingUtils;
@@ -56,11 +68,6 @@
 
 import okhttp3.MediaType;
 
-import static com.akto.runtime.RuntimeUtil.extractAllValuesFromPayload;
-import static com.akto.test_editor.Utils.deleteKeyFromPayload;
-import static com.akto.test_editor.execution.Operations.deleteCookie;
-import static com.akto.test_editor.execution.Operations.modifyCookie;
-
 public class Utils {
 
     private static final LoggerMaker loggerMaker = new LoggerMaker(Utils.class);
@@ -606,6 +613,53 @@ public static <T> T readJsonContentFromFile(String folderName, String fileName,
         }
         return result;
     }
+
+    private static boolean isCollectionDemo(int apiCollectionId){
+        try {
+            if(apiCollectionId == RuntimeUtil.VULNERABLE_API_COLLECTION_ID || apiCollectionId == RuntimeUtil.LLM_API_COLLECTION_ID){
+                return true;
+            }
 
+            ApiCollection collection = ApiCollectionsDao.instance.findOne(
+                Filters.eq(Constants.ID, apiCollectionId), Projections.include(Constants.ID)
+            );
+            if(collection.getName() == null){
+                return false;
+            }
+            return collection.getName().equals(RuntimeUtil.JUICE_SHOP_DEMO_COLLECTION_NAME);
+        } catch (Exception e) {
+            return false;
+        }
+    }
+
+    public static boolean isTestingRunForDemoCollection(TestingRun testingRun){
+        TestingEndpoints endpoints = testingRun.getTestingEndpoints();
+        try {
+            if(endpoints.getType().equals(TestingEndpoints.Type.COLLECTION_WISE)){
+                CollectionWiseTestingEndpoints testingEndpoints = (CollectionWiseTestingEndpoints) endpoints;
+                int apiCollectionId = testingEndpoints.getApiCollectionId();
+                return isCollectionDemo(apiCollectionId);
+            }else{
+                int apiCollectionId = -1;
+                CustomTestingEndpoints testingEndpoints = (CustomTestingEndpoints) endpoints;
+                for(ApiInfoKey apiInfoKey : testingEndpoints.getApisList()){
+                    if(apiCollectionId != -1 && apiCollectionId != apiInfoKey.getApiCollectionId()){
+                        // case of groups{ multiple collections in single test}
+                        return false;
+                    }else{
+                        apiCollectionId = apiInfoKey.getApiCollectionId();
+                    }
+                }
+
+                if(apiCollectionId != -1){
+                    return isCollectionDemo(apiCollectionId);
+                }else{
+                    return false;
+                }
+            }
+        } catch (Exception e) {
+            return false;
+        }
+    }
 
 }