kitos/Aegis
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

fix: 4 improvements — campaign test deletion, review queue triggers, technique link, Jira read-only
Some checks failed
Aegis CI / lint-and-test (push) Has been cancelled
Details

Browse Source 
1. Campaign test deletion: removing a test from a campaign now also
   deletes the underlying Test record and recalculates technique status.

2. Review Queue triggers: review_required=True is now also set when
   - Sigma/Elastic detection rules are imported for a technique
   - A test is validated (coverage status changes)

3. Test detail — Technique link: 'Technique' entry added at the top of
   the Details sidebar showing MITRE ID + name as a clickable link to
   /techniques/{mitre_id}.

4. Jira panel — read-only on test page: added readOnly + label props to
   JiraLinkPanel. TestDetailPage now passes readOnly=true and the test
   name as label, hiding Link Issue / Sync / Unlink controls (automatic
   Jira creation only — no manual management).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
kitos
2026-05-29 11:18:55 +02:00
parent 727b8af7fd
commit 1b513b050e
6 changed files with 118 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
backend/app/routers/tests.py
View File

@@ -508,6 +508,9 @@ def validate_red(
) )
if test.state in (TestState.validated, TestState.rejected): if test.state in (TestState.validated, TestState.rejected):
recalculate_technique_status(db, test.technique) recalculate_technique_status(db, test.technique)
# Flag technique for review — coverage changed
if test.technique:
test.technique.review_required = True
uow.commit() uow.commit()
db.refresh(test) db.refresh(test)
if test.state == TestState.validated: if test.state == TestState.validated:
@@ -539,6 +542,9 @@ def validate_blue(
) )
if test.state in (TestState.validated, TestState.rejected): if test.state in (TestState.validated, TestState.rejected):
recalculate_technique_status(db, test.technique) recalculate_technique_status(db, test.technique)
# Flag technique for review — coverage changed
if test.technique:
test.technique.review_required = True
uow.commit() uow.commit()
db.refresh(test) db.refresh(test)
if test.state == TestState.validated: if test.state == TestState.validated:

19
backend/app/services/campaign_crud_service.py
View File

@@ -320,9 +320,28 @@ def remove_test_from_campaign(db: Session, campaign_id: str, campaign_test_id: s
for dep in dependents: for dep in dependents:
dep.depends_on = None dep.depends_on = None
# Keep a reference to the underlying test before deleting the join record
test_id = ct.test_id
technique_id = None
test_obj = db.query(Test).filter(Test.id == test_id).first()
if test_obj:
technique_id = test_obj.technique_id
db.delete(ct) db.delete(ct)
db.flush() db.flush()
# Also delete the actual test record (it was created for this campaign)
if test_obj:
db.delete(test_obj)
db.flush()
# Recalculate technique status_global so coverage metrics stay consistent
if technique_id:
technique = db.query(Technique).filter(Technique.id == technique_id).first()
if technique:
recalculate_technique_status(db, technique)
db.flush()
def activate_campaign(db: Session, campaign_id: str) -> Campaign: def activate_campaign(db: Session, campaign_id: str) -> Campaign:
"""Activate a campaign, moving it from draft to active. """Activate a campaign, moving it from draft to active.

9
backend/app/services/elastic_import_service.py
View File

@@ -34,6 +34,7 @@ from sqlalchemy.orm import Session
from app.models.detection_rule import DetectionRule from app.models.detection_rule import DetectionRule
from app.models.data_source import DataSource from app.models.data_source import DataSource
from app.models.technique import Technique
from app.services.audit_service import log_action from app.services.audit_service import log_action
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
@@ -316,6 +317,7 @@ def sync(db: Session) -> dict:
created = 0 created = 0
skipped = 0 skipped = 0
new_technique_ids: set[str] = set()
for item in parsed_rules: for item in parsed_rules:
if item["source_id"] in existing_ids: if item["source_id"] in existing_ids:
@@ -337,8 +339,15 @@ def sync(db: Session) -> dict:
) )
db.add(rule) db.add(rule)
existing_ids.add(item["source_id"]) existing_ids.add(item["source_id"])
new_technique_ids.add(item["mitre_technique_id"])
created += 1 created += 1
# Flag techniques that received new rules for review
if new_technique_ids:
db.query(Technique).filter(
Technique.mitre_id.in_(new_technique_ids)
).update({"review_required": True}, synchronize_session=False)
db.commit() db.commit()
summary = { summary = {

9
backend/app/services/sigma_import_service.py
View File

@@ -37,6 +37,7 @@ from sqlalchemy.orm import Session
from app.models.detection_rule import DetectionRule from app.models.detection_rule import DetectionRule
from app.models.data_source import DataSource from app.models.data_source import DataSource
from app.models.technique import Technique
from app.services.audit_service import log_action from app.services.audit_service import log_action
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
@@ -288,6 +289,7 @@ def sync(db: Session) -> dict:
created = 0 created = 0
skipped = 0 skipped = 0
new_technique_ids: set[str] = set()
for item in parsed_rules: for item in parsed_rules:
# Dedup key: source_id (relative path). A rule file may produce # Dedup key: source_id (relative path). A rule file may produce
@@ -316,8 +318,15 @@ def sync(db: Session) -> dict:
) )
db.add(rule) db.add(rule)
existing_ids.add(item["source_id"]) existing_ids.add(item["source_id"])
new_technique_ids.add(item["mitre_technique_id"])
created += 1 created += 1
# Flag techniques that received new rules for review
if new_technique_ids:
db.query(Technique).filter(
Technique.mitre_id.in_(new_technique_ids)
).update({"review_required": True}, synchronize_session=False)
db.commit() db.commit()
summary = { summary = {

23
frontend/src/components/JiraLinkPanel.tsx
View File

@@ -26,6 +26,10 @@ import { useDebounce } from "../hooks/useDebounce";
interface JiraLinkPanelProps { interface JiraLinkPanelProps {
entityType: JiraLinkEntityType; entityType: JiraLinkEntityType;
entityId: string; entityId: string;
/** If true, hides all management controls (Link Issue, Sync, Unlink). */
readOnly?: boolean;
/** Optional label shown under the Jira header (e.g. the test name). */
label?: string;
} }
const priorityColors: Record<string, string> = { const priorityColors: Record<string, string> = {
@@ -42,7 +46,7 @@ const statusColors: Record<string, string> = {
"Done": "bg-green-900/50 text-green-400", "Done": "bg-green-900/50 text-green-400",
}; };
export default function JiraLinkPanel({ entityType, entityId }: JiraLinkPanelProps) { export default function JiraLinkPanel({ entityType, entityId, readOnly = false, label }: JiraLinkPanelProps) {
const queryClient = useQueryClient(); const queryClient = useQueryClient();
const [showSearch, setShowSearch] = useState(false); const [showSearch, setShowSearch] = useState(false);
const [searchQuery, setSearchQuery] = useState(""); const [searchQuery, setSearchQuery] = useState("");
@@ -120,11 +124,17 @@ export default function JiraLinkPanel({ entityType, entityId }: JiraLinkPanelPro
return ( return (
<div className="rounded-xl border border-gray-800 bg-gray-900 p-6"> <div className="rounded-xl border border-gray-800 bg-gray-900 p-6">
<div className="mb-4 flex items-center justify-between"> <div className="mb-4 flex items-start justify-between">
<div>
<h2 className="flex items-center gap-2 text-lg font-semibold text-white"> <h2 className="flex items-center gap-2 text-lg font-semibold text-white">
<Link2 className="h-5 w-5 text-blue-400" /> <Link2 className="h-5 w-5 text-blue-400" />
Jira Jira
</h2> </h2>
{label && (
<p className="mt-0.5 text-xs text-gray-500 truncate max-w-xs">{label}</p>
)}
</div>
{!readOnly && (
<button <button
onClick={() => setShowSearch(!showSearch)} onClick={() => setShowSearch(!showSearch)}
className="flex items-center gap-1 rounded-lg border border-gray-700 px-3 py-1.5 text-xs text-gray-300 hover:border-blue-500/50 hover:text-blue-400 transition-colors" className="flex items-center gap-1 rounded-lg border border-gray-700 px-3 py-1.5 text-xs text-gray-300 hover:border-blue-500/50 hover:text-blue-400 transition-colors"
@@ -139,10 +149,11 @@ export default function JiraLinkPanel({ entityType, entityId }: JiraLinkPanelPro
</> </>
)} )}
</button> </button>
)}
</div> </div>
{/* Search panel */} {/* Search panel — only in edit mode */}
{showSearch && ( {!readOnly && showSearch && (
<div className="mb-4 rounded-lg border border-gray-700 bg-gray-800/50 p-3 space-y-3"> <div className="mb-4 rounded-lg border border-gray-700 bg-gray-800/50 p-3 space-y-3">
<div className="relative"> <div className="relative">
<Search className="absolute left-3 top-1/2 h-4 w-4 -translate-y-1/2 text-gray-500" /> <Search className="absolute left-3 top-1/2 h-4 w-4 -translate-y-1/2 text-gray-500" />
@@ -245,6 +256,7 @@ export default function JiraLinkPanel({ entityType, entityId }: JiraLinkPanelPro
</div> </div>
<div className="flex shrink-0 items-center gap-1"> <div className="flex shrink-0 items-center gap-1">
{!readOnly && (
<button <button
onClick={() => syncMutation.mutate(link.id)} onClick={() => syncMutation.mutate(link.id)}
disabled={syncMutation.isPending} disabled={syncMutation.isPending}
@@ -255,6 +267,7 @@ export default function JiraLinkPanel({ entityType, entityId }: JiraLinkPanelPro
className={`h-3.5 w-3.5 ${syncMutation.isPending ? "animate-spin" : ""}`} className={`h-3.5 w-3.5 ${syncMutation.isPending ? "animate-spin" : ""}`}
/> />
</button> </button>
)}
<a <a
href={`${jiraBaseUrl}/browse/${link.jira_issue_key}`} href={`${jiraBaseUrl}/browse/${link.jira_issue_key}`}
target="_blank" target="_blank"
@@ -264,6 +277,7 @@ export default function JiraLinkPanel({ entityType, entityId }: JiraLinkPanelPro
> >
<ExternalLink className="h-3.5 w-3.5" /> <ExternalLink className="h-3.5 w-3.5" />
</a> </a>
{!readOnly && (
<button <button
onClick={() => deleteMutation.mutate(link.id)} onClick={() => deleteMutation.mutate(link.id)}
disabled={deleteMutation.isPending} disabled={deleteMutation.isPending}
@@ -272,6 +286,7 @@ export default function JiraLinkPanel({ entityType, entityId }: JiraLinkPanelPro
> >
<Trash2 className="h-3.5 w-3.5" /> <Trash2 className="h-3.5 w-3.5" />
</button> </button>
)}
</div> </div>
</div> </div>
</div> </div>

22
frontend/src/pages/TestDetailPage.tsx
View File

@@ -440,6 +440,26 @@ export default function TestDetailPage() {
<div className="rounded-xl border border-gray-800 bg-gray-900 p-6"> <div className="rounded-xl border border-gray-800 bg-gray-900 p-6">
<h2 className="mb-4 text-lg font-semibold text-white">Details</h2> <h2 className="mb-4 text-lg font-semibold text-white">Details</h2>
<dl className="space-y-4"> <dl className="space-y-4">
{test.technique_mitre_id && (
<div>
<dt className="text-xs font-medium uppercase text-gray-500">Technique</dt>
<dd className="mt-1">
<button
onClick={() => navigate(`/techniques/${test.technique_mitre_id}`)}
className="flex items-start gap-1.5 text-left group"
>
<span className="font-mono text-xs text-cyan-400 shrink-0 group-hover:underline">
{test.technique_mitre_id}
</span>
{test.technique_name && (
<span className="text-xs text-gray-400 group-hover:text-gray-300 transition-colors">
\u2014 {test.technique_name}
</span>
)}
</button>
</dd>
</div>
)}
<div> <div>
<dt className="text-xs font-medium uppercase text-gray-500">Description</dt> <dt className="text-xs font-medium uppercase text-gray-500">Description</dt>
<dd className="mt-1"> <dd className="mt-1">
@@ -539,7 +559,7 @@ export default function TestDetailPage() {
)} )}
{/* Jira Integration */} {/* Jira Integration */}
<JiraLinkPanel entityType="test" entityId={testId!} /> <JiraLinkPanel entityType="test" entityId={testId!} readOnly label={test.name} />
{/* Phase Timeline (read-only, with Tempo sync) */} {/* Phase Timeline (read-only, with Tempo sync) */}
<TestPhaseTimeline test={test} testId={testId} /> <TestPhaseTimeline test={test} testId={testId} />