Fix rules, fix OIDC loggin

2025-11-07 16:12:39 +11:00
parent d153fd436f
commit f50ebe666e
3 changed files with 27 additions and 8 deletions
--- a/app/models/rule.rb
+++ b/app/models/rule.rb
@@ -143,20 +143,39 @@ class Rule < ApplicationRecord
    format = {
      id: id,
      rule_type: rule_type,
-      action: action,
+      waf_action: action,  # Agents expect 'waf_action' field
      conditions: agent_conditions,
      priority: agent_priority,
-      expires_at: expires_at&.iso8601,
+      expires_at: expires_at&.to_i,  # Agents expect Unix timestamps
      enabled: enabled,
      source: source,
      metadata: metadata || {},
-      created_at: created_at.iso8601,
-      updated_at: updated_at.iso8601
+      created_at: created_at.to_i,   # Agents expect Unix timestamps
+      updated_at: updated_at.to_i     # Agents expect Unix timestamps
    }

-    # Add network intelligence for debugging (optional)
+    # For network rules, resolve the network range to actual IP data
    if network_rule? && network_range
-      format[:network_intelligence] = network_intelligence
+      begin
+        ip_range = IPAddr.new(network_range.cidr)
+        range = ip_range.to_range
+
+        if ip_range.ipv4?
+          format[:network_start] = range.first.to_i
+          format[:network_end] = range.last.to_i
+        else
+          # IPv6 - use binary representation
+          format[:network_start] = range.first.hton
+          format[:network_end] = range.last.hton
+        end
+
+        format[:network_prefix] = network_range.prefix_length
+        format[:network_intelligence] = network_intelligence
+      rescue => e
+        Rails.logger.error "Failed to resolve network range #{network_range.cidr}: #{e.message}"
+        # Fallback to CIDR format
+        format[:conditions] = { cidr: network_range.cidr }
+      end
    end

    format