Closes #54

computablefacts · Aug 9, 2024 · cc2941e · cc2941e
1 parent ac57f95
commit cc2941e
Show file tree

Hide file tree

Showing 2 changed files with 58 additions and 17 deletions.
diff --git a/app/Helpers/AdversaryMeter.php b/app/Helpers/AdversaryMeter.php
@@ -6,29 +6,30 @@
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Http;
 use Illuminate\Support\Facades\Log;
+use Illuminate\Support\Str;
 
 class AdversaryMeter
 {
     public static function redirectUrl()
     {
-        $apiToken = Auth::user()->am_api_token; // TODO : throw an error if not set ?
+        $apiToken = self::findAnyAdversaryMeterApiToken(Auth::user()); // TODO : throw an error if not set ?
         $apiUrl = self::url();
         return asset('adversary_meter') . "/src/index.html?api_token={$apiToken}&api_url={$apiUrl}";
     }
 
-    public static function addAsset(string $client, User $user, string $asset): array
+    public static function addAsset(string $team, User $user, string $asset): array
     {
-        return self::addAsset2(self::apiKey(), $client, $user->email, $asset);
+        return self::addAsset2(self::apiKey(), $team, $user->email, $asset);
     }
 
-    public static function removeAsset(string $client, User $user, string $asset): array
+    public static function removeAsset(string $team, User $user, string $asset): array
     {
-        return self::removeAsset2(self::apiKey(), $client, $user->email, $asset);
+        return self::removeAsset2(self::apiKey(), $team, $user->email, $asset);
     }
 
-    public static function switchTeam(string $client, User $user): array
+    public static function switchTeam(string $team, User $user): array
     {
-        return self::switchTeam2($user->am_api_token, $client, $user->email);
+        return self::switchTeam2($user->am_api_token, $team, $user->email);
     }
 
     private static function addAsset2(string $apiKey, string $team, string $user, string $asset): array
@@ -38,7 +39,7 @@ private static function addAsset2(string $apiKey, string $team, string $user, st
             'Authorization' => 'Bearer ' . $apiKey,
             'Accept' => 'application/json',
         ])->post($endpointUrl, [
-            'team' => $team,
+            'team' => self::normalizeTeamName($team),
             'username' => $user,
             'asset' => $asset,
         ]);
@@ -59,7 +60,7 @@ private static function removeAsset2(string $apiKey, string $team, string $user,
             'Accept' => 'application/json',
             'Content-Type' => 'application/json',
         ])->delete($endpoint, [
-            'team' => $team,
+            'team' => self::normalizeTeamName($team),
             'username' => $user,
             'asset' => $asset,
         ]);
@@ -80,7 +81,7 @@ private static function switchTeam2(string $apiKey, string $team, string $user)
             'Accept' => 'application/json',
             'Content-Type' => 'application/json',
         ])->post($endpoint, [
-            'team' => $team,
+            'team' => self::normalizeTeamName($team),
             'username' => $user,
         ]);
         if ($response->successful()) {
@@ -101,4 +102,44 @@ private static function apiKey(): string
     {
         return config('towerify.adversarymeter.api_key');
     }
+
+    private static function normalizeTeamName(string $team): string
+    {
+        return Str::replace(' ', '', Str::lower($team));
+    }
+
+    private static function findAnyAdversaryMeterApiToken(User $user): ?string
+    {
+        if ($user->am_api_token) {
+            return $user->am_api_token;
+        }
+
+        $tenantId = $user->tenant_id;
+        $customerId = $user->customer_id;
+
+        if ($customerId) {
+
+            // Find the first user of this customer with an API token
+            $userTmp = User::where('customer_id', $customerId)
+                ->where('tenant_id', $tenantId)
+                ->whereNotNull('am_api_token')
+                ->first();
+
+            if ($userTmp) {
+                return $userTmp->am_api_token;
+            }
+        }
+        if ($tenantId) {
+
+            // Find the first user of this tenant with an API token
+            $userTmp = User::where('tenant_id', $tenantId)
+                ->whereNotNull('am_api_token')
+                ->first();
+
+            if ($userTmp) {
+                return $userTmp->am_api_token;
+            }
+        }
+        return null;
+    }
 }
diff --git a/app/Models/YnhServer.php b/app/Models/YnhServer.php
@@ -313,13 +313,13 @@ public function latestTraces(): Collection
 
     public function startMonitoringAsset(User $user, string $domainOrIpAddress): bool
     {
-        $tenant = $user->tenant();
+        $team = $user->customer?->company_name;
 
-        if (!$tenant || !$user) {
+        if (!$team) {
             return false;
         }
 
-        $json = AdversaryMeter::addAsset($tenant->name, $user, $domainOrIpAddress);
+        $json = AdversaryMeter::addAsset($team, $user, $domainOrIpAddress);
 
         if (count($json) === 0) {
             return false;
@@ -331,19 +331,19 @@ public function startMonitoringAsset(User $user, string $domainOrIpAddress): boo
             // TODO : check that $user->am_api_token is equal to $json['api_token'] ?
         }
 
-        AdversaryMeter::switchTeam($tenant->name, $user);
+        AdversaryMeter::switchTeam($team, $user);
         return true;
     }
 
     public function stopMonitoringAsset(User $user, string $domainOrIpAddress): bool
     {
-        $tenant = $user->tenant();
+        $team = $user->customer?->company_name;
 
-        if (!$tenant || !$user) {
+        if (!$team) {
             return false;
         }
 
-        $json = AdversaryMeter::removeAsset($tenant->name, $user, $domainOrIpAddress);
+        $json = AdversaryMeter::removeAsset($team, $user, $domainOrIpAddress);
 
         if (count($json) === 0) {
             return false;