Skip to content

Commit

Permalink
Protect: update threats data format
Browse files Browse the repository at this point in the history
  • Loading branch information
nateweller committed Oct 29, 2024
1 parent f27d02f commit 226ece4
Show file tree
Hide file tree
Showing 63 changed files with 564 additions and 3,780 deletions.
10 changes: 8 additions & 2 deletions pnpm-lock.yaml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
import { type Threat } from '@automattic/jetpack-scan';
import { render, screen } from '@testing-library/react';
import ThreatsDataView from '..';
import ThreatsDataViews from '..';

const data = [
// Scan API Data
Expand Down Expand Up @@ -54,7 +54,7 @@ const data = [

describe( 'ThreatsDataViews', () => {
it( 'renders threat data', () => {
render( <ThreatsDataView data={ data } /> );
render( <ThreatsDataViews data={ data } /> );
expect( screen.getByText( 'Malicious code found in file: index.php' ) ).toBeInTheDocument();
expect(
screen.getByText( 'WooCommerce <= 3.2.3 - Authenticated PHP Object Injection' )
Expand Down
4 changes: 4 additions & 0 deletions projects/js-packages/scan/changelog/add-types-and-utils
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
Significance: minor
Type: added

Add threat types and scan utility functions
1 change: 1 addition & 0 deletions projects/js-packages/scan/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,7 @@
"@wordpress/api-fetch": "7.9.0",
"@wordpress/element": "6.9.0",
"@wordpress/i18n": "5.9.0",
"@wordpress/icons": "10.9.0",
"@wordpress/url": "4.9.0",
"debug": "4.3.4",
"react": "^18.2.0",
Expand Down
23 changes: 23 additions & 0 deletions projects/js-packages/scan/src/types/fixers.ts
Original file line number Diff line number Diff line change
Expand Up @@ -15,3 +15,26 @@ export type ThreatFixStatusSuccess = {
};

export type ThreatFixStatus = ThreatFixStatusError | ThreatFixStatusSuccess;

/**
* Fixers Status
*
* Overall status of all fixers.
*/
type FixersStatusBase = {
ok: boolean; // Discriminator for overall success
};

export type FixersStatusError = FixersStatusBase & {
ok: false;
error: string;
};

export type FixersStatusSuccess = FixersStatusBase & {
ok: true;
threats: {
[ key: number ]: ThreatFixStatus;
};
};

export type FixersStatus = FixersStatusSuccess | FixersStatusError;
1 change: 1 addition & 0 deletions projects/js-packages/scan/src/types/index.ts
Original file line number Diff line number Diff line change
@@ -1,2 +1,3 @@
export * from './fixers.js';
export * from './status.js';
export * from './threats.js';
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
import { Threat } from './threats';
import { Threat } from './threats.js';

export type ExtensionStatus = {
/** The name of the extension. */
Expand Down Expand Up @@ -39,14 +39,8 @@ export type ScanStatus = {
/** The time the last scan was checked, in YYYY-MM-DD HH:MM:SS format. */
lastChecked: string | null;

/** The number of plugin threats found in the latest status. */
numPluginsThreats: number;

/** The number of theme threats found in the latest status. */
numThemesThreats: number;

/** The total number of threats found in the latest status. */
numThreats: number;
/** The security threats identified in the latest scan. */
threats: Threat[];

/** Whether there was an error in the scan results. */
error: boolean | null;
Expand All @@ -56,26 +50,4 @@ export type ScanStatus = {

/** The error message. */
errorMessage: string | null;

/** WordPress Core Status */
core: {
checked: boolean;
name: string;
slug: string;
threats: Threat[];
type: 'core';
version: string;
} | null;

/** Plugins Status */
plugins: ExtensionStatus[];

/** Themes Status */
themes: ExtensionStatus[];

/** File Threats */
files: Threat[];

/** Database Threats */
database: Threat[];
};
42 changes: 42 additions & 0 deletions projects/js-packages/scan/src/utils/index.ts
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
import { code, color, grid, plugins, shield, wordpress } from '@wordpress/icons';
import { FIXER_IS_STALE_THRESHOLD } from '../constants/index.js';
import { ThreatFixStatus } from '../types/fixers.js';
import { Threat } from '../types/threats.js';
Expand All @@ -19,6 +20,47 @@ export const getThreatType = ( threat: Threat ) => {
return null;
};

export const getThreatSubtitle = ( threat: Threat ) => {
const type = getThreatType( threat );

switch ( type ) {
case 'plugin':
case 'theme':
return `${ threat.extension?.name } (${ threat.extension?.version })`;
case 'core':
return 'WordPress Core';
case 'file':
// Trim leading slash
if ( threat.filename.startsWith( '/' ) ) {
return threat.filename.slice( 1 );
}
return threat.filename;
case 'database':
return threat.table;
default:
return '';
}
};

export const getThreatIcon = ( threat: Threat ) => {
const type = getThreatType( threat );

switch ( type ) {
case 'plugin':
return plugins;
case 'theme':
return color;
case 'core':
return wordpress;
case 'file':
return code;
case 'database':
return grid;
default:
return shield;
}
};

export const fixerTimestampIsStale = ( lastUpdatedTimestamp: string ) => {
const now = new Date();
const lastUpdated = new Date( lastUpdatedTimestamp );
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -24,28 +24,14 @@ export const ScanAndThreatStatus = () => {
const {
protect: { scanData },
} = getMyJetpackWindowInitialState();
const { plugins, themes, num_threats: numThreats = 0 } = scanData || {};
const numThreats = scanData.threats.length;

const criticalScanThreatCount = useMemo( () => {
const { core, database, files, num_plugins_threats, num_themes_threats } = scanData || {};
const pluginsThreats = num_plugins_threats
? plugins.reduce( ( accum, plugin ) => accum.concat( plugin.threats ), [] )
: [];
const themesThreats = num_themes_threats
? themes.reduce( ( accum, theme ) => accum.concat( theme.threats ), [] )
: [];
const allThreats = [
...pluginsThreats,
...themesThreats,
...( core?.threats ?? [] ),
...database,
...files,
];
return allThreats.reduce(
return scanData.threats.reduce(
( accum, threat ) => ( threat.severity >= 5 ? ( accum += 1 ) : accum ),
0
);
}, [ plugins, themes, scanData ] );
}, [ scanData.threats ] );

if ( isPluginActive && isSiteConnected ) {
if ( hasProtectPaidPlan ) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -13,14 +13,10 @@ export const useLastScanText = () => {
themes,
protect: { scanData },
} = getMyJetpackWindowInitialState();
const {
plugins: fromScanPlugins,
themes: fromScanThemes,
last_checked: lastScanTime = null,
} = scanData || {};
const { last_checked: lastScanTime = null } = scanData || {};

const pluginsCount = fromScanPlugins.length || Object.keys( plugins ).length;
const themesCount = fromScanThemes.length || Object.keys( themes ).length;
const pluginsCount = Object.keys( plugins ).length;
const themesCount = Object.keys( themes ).length;

const timeSinceLastScan = lastScanTime ? timeSince( Date.parse( lastScanTime ) ) : false;

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -35,19 +35,15 @@ export function useProtectTooltipCopy(): TooltipContent {
themes,
protect: { scanData, wafConfig: wafData },
} = getMyJetpackWindowInitialState();
const {
plugins: fromScanPlugins,
themes: fromScanThemes,
num_threats: numThreats = 0,
} = scanData || {};
const numThreats = scanData.threats.length;
const {
jetpack_waf_automatic_rules: isAutoFirewallEnabled,
blocked_logins: blockedLoginsCount,
brute_force_protection: hasBruteForceProtection,
} = wafData || {};

const pluginsCount = fromScanPlugins.length || Object.keys( plugins ).length;
const themesCount = fromScanThemes.length || Object.keys( themes ).length;
const pluginsCount = Object.keys( plugins ).length;
const themesCount = Object.keys( themes ).length;

const settingsLink = useMemo( () => {
if ( isProtectPluginActive ) {
Expand Down
5 changes: 5 additions & 0 deletions projects/packages/my-jetpack/changelog/protect-status-compat
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
Significance: patch
Type: changed
Comment: Package compatibility updates, no functional changes.


24 changes: 7 additions & 17 deletions projects/packages/my-jetpack/global.d.ts
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,12 @@ type ThreatItem = {
fixed_in: string;
description: string | null;
source: string | null;
extension: {
slug: string;
name: string;
version: string;
type: 'plugin' | 'theme' | 'core';
};
// Scan API properties (paid plan)
context: string | null;
filename: string | null;
Expand All @@ -58,15 +64,6 @@ type ThreatItem = {
status: number | null;
};

type ScanItem = {
checked: boolean;
name: string;
slug: string;
threats: ThreatItem[];
type: string;
version: string;
};

interface Window {
myJetpackInitialState?: {
siteSuffix: string;
Expand Down Expand Up @@ -211,22 +208,15 @@ interface Window {
};
protect: {
scanData: {
core: ScanItem;
threats: ThreatItem[];
current_progress?: string;
data_source: string;
database: string[];
error: boolean;
error_code?: string;
error_message?: string;
files: string[];
has_unchecked_items: boolean;
last_checked: string;
num_plugins_threats: number;
num_themes_threats: number;
num_threats: number;
plugins: ScanItem[];
status: string;
themes: ScanItem[];
};
wafConfig: {
automatic_rules_available: boolean;
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
Significance: major
Type: changed

Changed the formatting of threat data.
37 changes: 0 additions & 37 deletions projects/packages/protect-models/src/class-extension-model.php
Original file line number Diff line number Diff line change
Expand Up @@ -33,13 +33,6 @@ class Extension_Model {
*/
public $version;

/**
* A collection of threats related to this version of the extension.
*
* @var array<Threat_Model>
*/
public $threats = array();

/**
* Whether the extension has been checked for threats.
*
Expand Down Expand Up @@ -77,34 +70,4 @@ public function __construct( $extension = array() ) {
}
}
}

/**
* Set Threats
*
* @param array<Threat_Model|array|object> $threats An array of threat data to add to the extension.
*/
public function set_threats( $threats ) {
if ( ! is_array( $threats ) ) {
$this->threats = array();
return;
}

// convert each provided threat item into an instance of Threat_Model
$threats = array_map(
function ( $threat ) {
if ( is_a( $threat, 'Threat_Model' ) ) {
return $threat;
}

if ( is_object( $threat ) ) {
$threat = (array) $threat;
}

return new Threat_Model( $threat );
},
$threats
);

$this->threats = $threats;
}
}
Loading

0 comments on commit 226ece4

Please sign in to comment.