Dashboard improv: add button to filter for the user's org only

[shivam-Purohit]

Button to switch between org only reports or all the reports
closes #1936

Description

Type of change

• New feature (non-breaking change which adds functionality).

Checklist

• I have read and understood the rules about how to Contribute to this project
• The pull request is for the branch develop
• A new plugin (analyzer, connector, visualizer, playbook, pivot or ingestor) was added or changed, in which case:
  • I strictly followed the documentation "How to create a Plugin"
  • Usage file was updated.
  • Advanced-Usage was updated (in case the plugin provides additional optional configuration).
  • If the plugin requires mocked testing, _monkeypatch() was used in its class to apply the necessary decorators.
  • I have dumped the configuration from Django Admin using the dumpplugin command and added it in the project as a data migration. [Doc]("How to create a Plugin")
  • If a File analyzer was added and it supports a mimetype which is not already supported, you added a sample of that type inside the archive test_files.zip and you added the default tests for that mimetype in test_classes.py.
  • If you created a new analyzer and it is free (does not require API keys), please add it in the FREE_TO_USE_ANALYZERS playbook in playbook_config.json.
  • Check if it could make sense to add that analyzer/connector to other freely available playbooks.
  • I have provided the resulting raw JSON of a finished analysis and a screenshot of the results.
• If external libraries/packages with restrictive licenses were used, they were added in the Legal Notice section.
• Linters (Black, Flake, Isort) gave 0 errors. If you have correctly installed pre-commit, it does these checks and adjustments on your behalf.
• I have added tests for the feature/bug I solved (see tests folder). All the tests (new and old ones) gave 0 errors.
• If changes were made to an existing model/serializer/view, the docs were updated and regenerated (check CONTRIBUTE.md).
• If the GUI has been modified:
  • I have a provided a screenshot of the result in the PR.
  • I have created new frontend tests for the new component or updated existing ones.

Important Rules

• If you miss to compile the Checklist properly, your PR won't be reviewed by the maintainers.
• If your changes decrease the overall tests coverage (you will know after the Codecov CI job is done), you should add the required tests to fix the problem
• Everytime you make changes to the PR and you think the work is done, you should explicitly ask for a review. After being reviewed and received a "change request", you should explicitly ask for a review again once you have made the requested changes.

[codecov]

Codecov Report

Attention: 1628 lines in your changes are missing coverage. Please review.

Comparison is base (aa8820f) 66.75% compared to head (939141d) 75.60%.
Report is 1589 commits behind head on develop.

Additional details and impacted files

@@             Coverage Diff             @@
##           develop    #2028      +/-   ##
===========================================
+ Coverage    66.75%   75.60%   +8.84%     
===========================================
  Files           95      482     +387     
  Lines         3706    14461   +10755     
  Branches       519     1502     +983     
===========================================
+ Hits          2474    10933    +8459     
- Misses         941     2930    +1989     
- Partials       291      598     +307     

Files	Coverage Δ
api_app/analyzers_manager/admin.py	100.00% <100.00%> (ø)
api_app/analyzers_manager/apps.py	100.00% <100.00%> (ø)
api_app/analyzers_manager/constants.py	100.00% <100.00%> (ø)
api_app/analyzers_manager/exceptions.py	100.00% <100.00%> (ø)
...app/analyzers_manager/file_analyzers/boxjs_scan.py	100.00% <100.00%> (ø)
...pi_app/analyzers_manager/file_analyzers/onenote.py	100.00% <100.00%> (ø)
...pi_app/analyzers_manager/file_analyzers/peframe.py	82.35% <100.00%> (ø)
...i_app/analyzers_manager/file_analyzers/rtf_info.py	48.64% <100.00%> (ø)
...s_manager/file_analyzers/xlm_macro_deobfuscator.py	62.50% <100.00%> (ø)
api_app/analyzers_manager/filters.py	100.00% <100.00%> (ø)
... and 237 more

... and 291 files with indirect coverage changes

---

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 3ae68f3...939141d. Read the comment docs.

[shivam-Purohit]

@mlodic its almost done now. But the problem is the response is cached so if I change the users the previous response is shown not the new one.

[shivam-Purohit]

this is how the UI looks like. I am not good with names. We can get the switch which has label inside the switch only. That looks way cooler though we will need to add one more library for that.

[mlodic]

hello @shivam-Purohit, thank you for your PR! :)

@mlodic its almost done now. But the problem is the response is cached so if I change the users the previous response is shown not the new one.

when you say "if I change the users", you mean if you logout and then login with another user?

We can get the switch which has label inside the switch only. That looks way cooler though we will need to add one more library for that.

Do you mean something like that?

This how we switch the visualization in the "Job Result" page. It could make sense to leverage the same component also here. Maybe you can call the 2 options: "Org / Global" and make it "toggable" only if the user is part of an org. Otherwise it could be hidden or disabled.
Maybe, I'd also put that component at the left of the time picker, not at the right.

Thoughts?

[mlodic]

there is some duplicated code that must be addressed

[mlodic]

I think you can optimize the code by choosing a single parameter "users" here and change the filter based on the number of items in the list

[mlodic]

we should call the aggregation method a single time, we need to optimize this code

[mlodic]

this code has been replicated lots of time. We need it just once

[mlodic]

more generally, I don't think it is necessary to create new API endpoints for this case. We should use the URL parameters to customize the results. This would avoid a lot of additional code that would be really difficult to maintain.

Example:
aggregate/status -> like it is right now
aggregate/status?org=True -> with the toggle enabled

[shivam-Purohit]

Yeah I was thinking the same. I just tried some sub-optimised code to check the core functionality. I will improve the code quality.

[shivam-Purohit]

when you say "if I change the users", you mean if you logout and then login with another user?

yes same. To check / test the feature I created two more users and added one to my org. Though when i change the users i.e logout and login again I get the results from the previous user. But if we restart the container the new results do re-render. Either it caches the result or there is some bug in my code?

[shivam-Purohit]

This how we switch the visualization in the "Job Result" page. It could make sense to leverage the same component also here. Maybe you can call the 2 options: "Org / Global" and make it "toggable" only if the user is part of an org. Otherwise it could be hidden or disabled.
Maybe, I'd also put that component at the left of the time picker, not at the right.

yes this look better. I will try that. But to disable the option if user is not part of any org we will need to send request to the backend during the rendering of dashboard.
if so then we wont need to check if user is part of any org in backend. Okay do need but the extra checks will be minimised

[mlodic]

This how we switch the visualization in the "Job Result" page. It could make sense to leverage the same component also here. Maybe you can call the 2 options: "Org / Global" and make it "toggable" only if the user is part of an org. Otherwise it could be hidden or disabled.
Maybe, I'd also put that component at the left of the time picker, not at the right.

yes this look better. I will try that. But to disable the option if user is not part of any org we will need to send request to the backend during the rendering of dashboard. if so then we wont need to check if user is part of any org in backend.

yep I think there is already something similar in place for this case in the "plugin" section:

The button related to org's config is shown only if the user belongs to an org

[shivam-Purohit]

button related to org's config is shown only if the user belongs to an org

thanks! i will take a look

[shivam-Purohit]

[shivam-Purohit]

hey @mlodic hope the Christmas went well!
i re-adjusted some code
changed the component to only render if the organisation exist for the user using useOrganisationStore components.
renamed new variables
and shifted some repeated code to new function

[shivam-Purohit]

this is how it looks. I have to change some layout to fit in new structure. If I just move the buttongroup component above the timepicker in like the original code it was breaking like the buttongroup was moving to the left so i separated both the title and this components (timepicker and buttongroup).

[mlodic]

hey, I hope this message finds you well :)

I saw the images, that feels good!

[mlodic]

cool to me, do you want to make a little review @drosetti too?

[mlodic]

why this change?

[shivam-Purohit]

I changed it while I was trying to add a console logger. I was having some problem with log file to see the recent changes. I will revert it back.

[mlodic]

this could be a method returning users_of_organization, right?

[shivam-Purohit]

yes returns all the members in the organisation

[mlodic]

I meant that those 4 lines could be a method which returns users_of_organization.

I am telling you this because I saw the code repeated multiple times

[mlodic]

@shivam-Purohit onceyou get some time, if you could just do this little refactor then we can merge this PR :) thank you

[shivam-Purohit]

Sorry i missed the comment above earlier. I think the new refactor should be good.

[drosetti]

I think you did a good job, I requested little changes (most of them on the names of the const/var). Be careful with eslint-disable, I know sometimes it's annoying, but it's useful to have same code style with many developers, it should be disabled only in rare cases.

Edit: you can ask to me to review the pr after the changes. In every case if you have some doubts or questions, ask me :D

[drosetti]

remove this comment

[drosetti]

I suggest to reverse the check, i think it's easier to understand:
orgstate ? "tertiary" : "primary"

[drosetti]

It's a very silly suggestion but I'd to have orgState, it has the same style of guideState (it's strange the linter doesn't mark this)

[drosetti]

Pls use a more specific name for this const, what do you think about ORG_JOB_AGG_STATUS_URI ?

[shivam-Purohit]

sure!

[shivam-Purohit]

@drosetti I have made the changes requested. One more thing I noticed is in the aggregate_observable_classification.Its counts the new ipv6 addressing IPs in the generic and not in the IP classification. That also reflect in the chart named Job: Frequent IPs, Hash & Domains which also does not count ipv6 IPs.
I can create a new issue regarding this and if it is not on higher priority I can fix that.

[drosetti]

@shivam-Purohit I think this problem in the dashboard is related to the fact that the regex doesn't allow IPv6, then they are classified as generic and not show in the dashboard charts. Matteo told me you previously changed the regex to accept IPv6, I think I deleted it during a refactor, my apologies. However, I resolved and restored your work on the regex: in the develop branch you can find the refex that accept both IPv4 and IPv6, with a rebase everything should work, let me know if you have some problems.

I also check your code and approved your pr from a frontend prospective, good work 💪

[shivam-Purohit]

@drosetti Thanks! I think we should be done here. Do let me know if further changes are required.

edit : there was some prettier error after the rebase in tests/constants/regexConst.test.js. I covered it in a commit if that's okay