0ct0pu5
/
crowdsec


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279
							package main

import (
	"fmt"
	"os"
	"slices"

	log "github.com/sirupsen/logrus"
	"github.com/spf13/cobra"
	"gopkg.in/yaml.v2"

	"github.com/crowdsecurity/crowdsec/cmd/crowdsec-cli/require"
	"github.com/crowdsecurity/crowdsec/pkg/cwhub"
)

type cliSimulation struct {
	cfg configGetter
}

func NewCLISimulation(cfg configGetter) *cliSimulation {
	return &cliSimulation{
		cfg: cfg,
	}
}

func (cli *cliSimulation) NewCommand() *cobra.Command {
	cmd := &cobra.Command{
		Use:   "simulation [command]",
		Short: "Manage simulation status of scenarios",
		Example: `cscli simulation status
cscli simulation enable crowdsecurity/ssh-bf
cscli simulation disable crowdsecurity/ssh-bf`,
		DisableAutoGenTag: true,
		PersistentPreRunE: func(_ *cobra.Command, _ []string) error {
			if err := cli.cfg().LoadSimulation(); err != nil {
				return err
			}
			if cli.cfg().Cscli.SimulationConfig == nil {
				return fmt.Errorf("no simulation configured")
			}

			return nil
		},
		PersistentPostRun: func(cmd *cobra.Command, _ []string) {
			if cmd.Name() != "status" {
				log.Infof(ReloadMessage())
			}
		},
	}
	cmd.Flags().SortFlags = false
	cmd.PersistentFlags().SortFlags = false

	cmd.AddCommand(cli.NewEnableCmd())
	cmd.AddCommand(cli.NewDisableCmd())
	cmd.AddCommand(cli.NewStatusCmd())

	return cmd
}

func (cli *cliSimulation) NewEnableCmd() *cobra.Command {
	var forceGlobalSimulation bool

	cmd := &cobra.Command{
		Use:               "enable [scenario] [-global]",
		Short:             "Enable the simulation, globally or on specified scenarios",
		Example:           `cscli simulation enable`,
		DisableAutoGenTag: true,
		RunE: func(cmd *cobra.Command, args []string) error {
			hub, err := require.Hub(cli.cfg(), nil, nil)
			if err != nil {
				return err
			}

			if len(args) > 0 {
				for _, scenario := range args {
					var item = hub.GetItem(cwhub.SCENARIOS, scenario)
					if item == nil {
						log.Errorf("'%s' doesn't exist or is not a scenario", scenario)
						continue
					}
					if !item.State.Installed {
						log.Warningf("'%s' isn't enabled", scenario)
					}
					isExcluded := slices.Contains(cli.cfg().Cscli.SimulationConfig.Exclusions, scenario)
					if *cli.cfg().Cscli.SimulationConfig.Simulation && !isExcluded {
						log.Warning("global simulation is already enabled")
						continue
					}
					if !*cli.cfg().Cscli.SimulationConfig.Simulation && isExcluded {
						log.Warningf("simulation for '%s' already enabled", scenario)
						continue
					}
					if *cli.cfg().Cscli.SimulationConfig.Simulation && isExcluded {
						cli.removeFromExclusion(scenario)
						log.Printf("simulation enabled for '%s'", scenario)
						continue
					}
					cli.addToExclusion(scenario)
					log.Printf("simulation mode for '%s' enabled", scenario)
				}
				if err := cli.dumpSimulationFile(); err != nil {
					return fmt.Errorf("simulation enable: %s", err)
				}
			} else if forceGlobalSimulation {
				if err := cli.enableGlobalSimulation(); err != nil {
					return fmt.Errorf("unable to enable global simulation mode: %s", err)
				}
			} else {
				printHelp(cmd)
			}

			return nil
		},
	}
	cmd.Flags().BoolVarP(&forceGlobalSimulation, "global", "g", false, "Enable global simulation (reverse mode)")

	return cmd
}

func (cli *cliSimulation) NewDisableCmd() *cobra.Command {
	var forceGlobalSimulation bool

	cmd := &cobra.Command{
		Use:               "disable [scenario]",
		Short:             "Disable the simulation mode. Disable only specified scenarios",
		Example:           `cscli simulation disable`,
		DisableAutoGenTag: true,
		RunE: func(cmd *cobra.Command, args []string) error {
			if len(args) > 0 {
				for _, scenario := range args {
					isExcluded := slices.Contains(cli.cfg().Cscli.SimulationConfig.Exclusions, scenario)
					if !*cli.cfg().Cscli.SimulationConfig.Simulation && !isExcluded {
						log.Warningf("%s isn't in simulation mode", scenario)
						continue
					}
					if !*cli.cfg().Cscli.SimulationConfig.Simulation && isExcluded {
						cli.removeFromExclusion(scenario)
						log.Printf("simulation mode for '%s' disabled", scenario)
						continue
					}
					if isExcluded {
						log.Warningf("simulation mode is enabled but is already disable for '%s'", scenario)
						continue
					}
					cli.addToExclusion(scenario)
					log.Printf("simulation mode for '%s' disabled", scenario)
				}
				if err := cli.dumpSimulationFile(); err != nil {
					return fmt.Errorf("simulation disable: %s", err)
				}
			} else if forceGlobalSimulation {
				if err := cli.disableGlobalSimulation(); err != nil {
					return fmt.Errorf("unable to disable global simulation mode: %s", err)
				}
			} else {
				printHelp(cmd)
			}

			return nil
		},
	}
	cmd.Flags().BoolVarP(&forceGlobalSimulation, "global", "g", false, "Disable global simulation (reverse mode)")

	return cmd
}

func (cli *cliSimulation) NewStatusCmd() *cobra.Command {
	cmd := &cobra.Command{
		Use:               "status",
		Short:             "Show simulation mode status",
		Example:           `cscli simulation status`,
		DisableAutoGenTag: true,
		Run: func(_ *cobra.Command, _ []string) {
			cli.status()
		},
		PersistentPostRun: func(cmd *cobra.Command, args []string) {
		},
	}

	return cmd
}

func (cli *cliSimulation) addToExclusion(name string) {
	cfg := cli.cfg()
	cfg.Cscli.SimulationConfig.Exclusions = append(cfg.Cscli.SimulationConfig.Exclusions, name)
}

func (cli *cliSimulation) removeFromExclusion(name string) {
	cfg := cli.cfg()
	index := slices.Index(cfg.Cscli.SimulationConfig.Exclusions, name)

	// Remove element from the slice
	cfg.Cscli.SimulationConfig.Exclusions[index] = cfg.Cscli.SimulationConfig.Exclusions[len(cfg.Cscli.SimulationConfig.Exclusions)-1]
	cfg.Cscli.SimulationConfig.Exclusions[len(cfg.Cscli.SimulationConfig.Exclusions)-1] = ""
	cfg.Cscli.SimulationConfig.Exclusions = cfg.Cscli.SimulationConfig.Exclusions[:len(cfg.Cscli.SimulationConfig.Exclusions)-1]
}

func (cli *cliSimulation) enableGlobalSimulation() error {
	cfg := cli.cfg()
	cfg.Cscli.SimulationConfig.Simulation = new(bool)
	*cfg.Cscli.SimulationConfig.Simulation = true
	cfg.Cscli.SimulationConfig.Exclusions = []string{}

	if err := cli.dumpSimulationFile(); err != nil {
		return fmt.Errorf("unable to dump simulation file: %s", err)
	}

	log.Printf("global simulation: enabled")

	return nil
}

func (cli *cliSimulation) dumpSimulationFile() error {
	cfg := cli.cfg()

	newConfigSim, err := yaml.Marshal(cfg.Cscli.SimulationConfig)
	if err != nil {
		return fmt.Errorf("unable to marshal simulation configuration: %s", err)
	}

	err = os.WriteFile(cfg.ConfigPaths.SimulationFilePath, newConfigSim, 0o644)
	if err != nil {
		return fmt.Errorf("write simulation config in '%s' failed: %s", cfg.ConfigPaths.SimulationFilePath, err)
	}

	log.Debugf("updated simulation file %s", cfg.ConfigPaths.SimulationFilePath)

	return nil
}

func (cli *cliSimulation) disableGlobalSimulation() error {
	cfg := cli.cfg()
	cfg.Cscli.SimulationConfig.Simulation = new(bool)
	*cfg.Cscli.SimulationConfig.Simulation = false

	cfg.Cscli.SimulationConfig.Exclusions = []string{}

	newConfigSim, err := yaml.Marshal(cfg.Cscli.SimulationConfig)
	if err != nil {
		return fmt.Errorf("unable to marshal new simulation configuration: %s", err)
	}

	err = os.WriteFile(cfg.ConfigPaths.SimulationFilePath, newConfigSim, 0o644)
	if err != nil {
		return fmt.Errorf("unable to write new simulation config in '%s': %s", cfg.ConfigPaths.SimulationFilePath, err)
	}

	log.Printf("global simulation: disabled")

	return nil
}

func (cli *cliSimulation) status() {
	cfg := cli.cfg()
	if cfg.Cscli.SimulationConfig == nil {
		log.Printf("global simulation: disabled (configuration file is missing)")
		return
	}

	if *cfg.Cscli.SimulationConfig.Simulation {
		log.Println("global simulation: enabled")

		if len(cfg.Cscli.SimulationConfig.Exclusions) > 0 {
			log.Println("Scenarios not in simulation mode :")

			for _, scenario := range cfg.Cscli.SimulationConfig.Exclusions {
				log.Printf("  - %s", scenario)
			}
		}
	} else {
		log.Println("global simulation: disabled")
		if len(cfg.Cscli.SimulationConfig.Exclusions) > 0 {
			log.Println("Scenarios in simulation mode :")
			for _, scenario := range cfg.Cscli.SimulationConfig.Exclusions {
				log.Printf("  - %s", scenario)
			}
		}
	}
}