Baffle-WAF/baffle-hub
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Migrate to Postgresql for better network handling. Add more user functionality.

Browse Source
This commit is contained in:
Dan Milne
2025-11-06 14:08:39 +11:00
parent 85252a1a07
commit fc567f0b91
69 changed files with 4266 additions and 952 deletions
Download Patch File Download Diff File Expand all files Collapse all files

213
app/views/rules/edit.html.erb Normal file
View File

@@ -0,0 +1,213 @@
<% content_for :title, "Edit Rule ##{@rule.id}" %>
<div class="mx-auto max-w-7xl px-4 py-6 sm:px-6 lg:px-8">
<div class="mb-8">
<div class="flex items-center justify-between">
<div>
<h1 class="text-3xl font-bold text-gray-900">Edit Rule #<%= @rule.id %></h1>
<p class="mt-2 text-gray-600">Modify the WAF rule configuration</p>
</div>
</div>
</div>
<div class="bg-white shadow rounded-lg">
<%= form_with(model: @rule, local: true, class: "space-y-6") do |form| %>
<% if @rule.errors.any? %>
<div class="rounded-md bg-red-50 p-4">
<div class="flex">
<div class="flex-shrink-0">
<svg class="h-5 w-5 text-red-400" fill="currentColor" viewBox="0 0 20 20">
<path fill-rule="evenodd" d="M10 18a8 8 0 100-16 8 8 0 000 16zM8.707 7.293a1 1 0 00-1.414 1.414L8.586 10l-1.293 1.293a1 1 0 101.414 1.414L10 11.414l1.293 1.293a1 1 0 001.414-1.414L11.414 10l1.293-1.293a1 1 0 00-1.414-1.414L10 8.586 8.707 7.293z" clip-rule="evenodd" />
</svg>
</div>
<div class="ml-3">
<h3 class="text-sm font-medium text-red-800">
There were <%= pluralize(@rule.errors.count, "error") %> with your submission:
</h3>
<div class="mt-2 text-sm text-red-700">
<ul class="list-disc list-inside space-y-1">
<% @rule.errors.full_messages.each do |message| %>
<li><%= message %></li>
<% end %>
</ul>
</div>
</div>
</div>
</div>
<% end %>
<!-- Rule Type Selection -->
<div class="px-6 py-4 border-b border-gray-200">
<h3 class="text-lg font-medium text-gray-900">Rule Configuration</h3>
</div>
<div class="px-6 py-4 space-y-6">
<div class="grid grid-cols-1 md:grid-cols-2 gap-6">
<div>
<%= form.label :rule_type, "Rule Type", class: "block text-sm font-medium text-gray-700" %>
<%= form.select :rule_type,
options_for_select(@rule_types.map { |type| [type.humanize, type] }, @rule.rule_type),
{ prompt: "Select rule type" },
{ class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm",
id: "rule_type_select",
disabled: true } %>
<p class="mt-2 text-sm text-gray-500">Rule type cannot be changed after creation</p>
</div>
<div>
<%= form.label :action, "Action", class: "block text-sm font-medium text-gray-700" %>
<%= form.select :action,
options_for_select(@actions.map { |action| [action.humanize, action] }, @rule.action),
{ },
{ class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm" } %>
<p class="mt-2 text-sm text-gray-500">What action to take when this rule matches</p>
</div>
</div>
<!-- Network Range Selection (shown for network rules) -->
<% if @rule.network_rule? %>
<div id="network_range_section">
<div class="grid grid-cols-1 md:grid-cols-2 gap-6">
<div>
<%= form.label :network_range_id, "Network Range", class: "block text-sm font-medium text-gray-700" %>
<%= form.select :network_range_id,
options_from_collection_for_select(NetworkRange.order(:network).limit(100), :id, :cidr, @rule.network_range_id),
{ prompt: "Select a network range" },
{ class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm" } %>
<p class="mt-2 text-sm text-gray-500">Select from recent network ranges or create new ones</p>
</div>
<div class="flex items-end">
<%= link_to "Create New Network Range", new_network_range_path,
class: "inline-flex items-center px-4 py-2 border border-gray-300 rounded-md shadow-sm text-sm font-medium text-gray-700 bg-white hover:bg-gray-50" %>
</div>
</div>
<% if @rule.network_range.present? %>
<div class="bg-blue-50 border border-blue-200 rounded-md p-4">
<div class="flex">
<div class="flex-shrink-0">
<svg class="h-5 w-5 text-blue-400" fill="currentColor" viewBox="0 0 20 20">
<path fill-rule="evenodd" d="M18 10a8 8 0 11-16 0 8 8 0 0116 0zm-7-4a1 1 0 11-2 0 1 1 0 012 0zM9 9a1 1 0 000 2v3a1 1 0 001 1h1a1 1 0 100-2v-3a1 1 0 00-1-1H9z" clip-rule="evenodd" />
</svg>
</div>
<div class="ml-3">
<p class="text-sm text-blue-800">
Currently targeting: <strong><%= link_to @rule.network_range.cidr, network_range_path(@rule.network_range), class: "text-blue-600 hover:text-blue-900 underline" %></strong>
<% if @rule.network_range.company.present? %>
- <%= @rule.network_range.company %>
<% end %>
</p>
</div>
</div>
</div>
<% end %>
</div>
<% end %>
<!-- Conditions (shown for non-network rules) -->
<% unless @rule.network_rule? %>
<div id="conditions_section">
<div>
<%= form.label :conditions, "Conditions", class: "block text-sm font-medium text-gray-700" %>
<%= form.text_area :conditions, rows: 4,
class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm",
placeholder: '{"path_pattern": "/admin/*", "user_agent": "bot*"}' %>
<p class="mt-2 text-sm text-gray-500">JSON format with matching conditions</p>
</div>
</div>
<% end %>
<!-- Metadata -->
<div data-controller="json-validator" data-json-validator-valid-class="json-valid" data-json-validator-invalid-class="json-invalid" data-json-validator-valid-status-class="json-valid-status" data-json-validator-invalid-status-class="json-invalid-status">
<%= form.label :metadata, "Metadata", class: "block text-sm font-medium text-gray-700" %>
<div class="relative">
<%= form.text_area :metadata, rows: 3,
class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm",
placeholder: '{"reason": "Suspicious activity detected", "source": "manual"}',
data: { json_validator_target: "textarea", action: "input->json-validator#validate" } %>
<div class="mt-1 flex items-center justify-between">
<div data-json-validator-target="status" class="text-sm"></div>
<div class="flex space-x-2">
<button type="button"
data-action="click->json-validator#format"
class="text-xs text-gray-500 hover:text-gray-700 underline">
Format JSON
</button>
<button type="button"
data-action="click->json-validator#insertSample"
data-json-validator-json-sample='{"reason": "Block malicious ISP", "threat_type": "botnet", "confidence": "high", "source": "manual"}'
class="text-xs text-gray-500 hover:text-gray-700 underline">
Insert Sample
</button>
</div>
</div>
</div>
<p class="mt-2 text-sm text-gray-500">JSON format with additional metadata</p>
</div>
<div class="grid grid-cols-1 md:grid-cols-3 gap-6">
<div>
<%= form.label :expires_at, "Expires At", class: "block text-sm font-medium text-gray-700" %>
<%= form.datetime_local_field :expires_at,
class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm" %>
<p class="mt-2 text-sm text-gray-500">Leave blank for permanent rule</p>
</div>
<div>
<%= form.label :source, "Source", class: "block text-sm font-medium text-gray-700" %>
<%= form.select :source,
options_for_select(Rule::SOURCES.map { |source| [source.humanize, source] }, @rule.source),
{ },
{ class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm" } %>
<p class="mt-2 text-sm text-gray-500">How this rule was created</p>
</div>
<div class="flex items-center pt-6">
<%= form.check_box :enabled, class: "h-4 w-4 rounded border-gray-300 text-blue-600 focus:ring-blue-500" %>
<%= form.label :enabled, "Rule Enabled", class: "ml-2 block text-sm text-gray-900" %>
</div>
</div>
</div>
<div class="px-6 py-4 bg-gray-50 border-t border-gray-200">
<div class="flex justify-between">
<div class="flex space-x-3">
<%= link_to "Cancel", @rule, class: "inline-flex items-center px-4 py-2 border border-gray-300 rounded-md shadow-sm text-sm font-medium text-gray-700 bg-white hover:bg-gray-50" %>
</div>
<div class="flex space-x-3">
<%= link_to "Delete Rule", @rule,
method: :delete,
data: { confirm: "Are you sure you want to delete this rule? This action cannot be undone." },
class: "inline-flex items-center px-4 py-2 border border-red-300 rounded-md shadow-sm text-sm font-medium text-red-700 bg-red-50 hover:bg-red-100" %>
<%= form.submit "Update Rule", class: "inline-flex items-center px-4 py-2 border border-transparent rounded-md shadow-sm text-sm font-medium text-white bg-blue-600 hover:bg-blue-700" %>
</div>
</div>
</div>
<% end %>
</div>
</div>
<script>
document.addEventListener('DOMContentLoaded', function() {
// Show/hide sections based on rule type
const ruleTypeSelect = document.getElementById('rule_type_select');
const networkSection = document.getElementById('network_range_section');
const conditionsSection = document.getElementById('conditions_section');
function toggleSections() {
if (ruleTypeSelect && ruleTypeSelect.value === 'network') {
networkSection.classList.remove('hidden');
if (conditionsSection) conditionsSection.classList.add('hidden');
} else {
if (networkSection) networkSection.classList.add('hidden');
if (conditionsSection) conditionsSection.classList.remove('hidden');
}
}
if (ruleTypeSelect) {
ruleTypeSelect.addEventListener('change', toggleSections);
toggleSections(); // Initial state
}
});
</script>

224
app/views/rules/index.html.erb Normal file
View File

@@ -0,0 +1,224 @@
<% content_for :title, "Rules - #{@project.name}" %>
<div class="mx-auto max-w-7xl px-4 py-6 sm:px-6 lg:px-8">
<!-- Header -->
<div class="mb-8">
<div class="flex items-center justify-between">
<div>
<h1 class="text-3xl font-bold text-gray-900">Rules</h1>
<p class="mt-2 text-gray-600">Manage WAF rules for traffic filtering and control</p>
</div>
<div class="flex space-x-3">
<%= link_to "Add Network Range", new_network_range_path, class: "inline-flex items-center px-4 py-2 border border-gray-300 rounded-md shadow-sm text-sm font-medium text-gray-700 bg-white hover:bg-gray-50" %>
<%= link_to "Create Rule", new_rule_path, class: "inline-flex items-center px-4 py-2 border border-transparent rounded-md shadow-sm text-sm font-medium text-white bg-blue-600 hover:bg-blue-700" %>
</div>
</div>
</div>
<!-- Statistics Cards -->
<div class="grid grid-cols-1 md:grid-cols-4 gap-4 mb-8">
<div class="bg-white overflow-hidden shadow rounded-lg">
<div class="p-5">
<div class="flex items-center">
<div class="flex-shrink-0">
<svg class="h-6 w-6 text-gray-400" fill="none" viewBox="0 0 24 24" stroke="currentColor">
<path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M9 12l2 2 4-4m6 2a9 9 0 11-18 0 9 9 0 0118 0z" />
</svg>
</div>
<div class="ml-5 w-0 flex-1">
<dl>
<dt class="text-sm font-medium text-gray-500 truncate">Total Rules</dt>
<dd class="text-lg font-medium text-gray-900"><%= number_with_delimiter(@rules.count) %></dd>
</dl>
</div>
</div>
</div>
</div>
<div class="bg-white overflow-hidden shadow rounded-lg">
<div class="p-5">
<div class="flex items-center">
<div class="flex-shrink-0">
<svg class="h-6 w-6 text-green-400" fill="none" viewBox="0 0 24 24" stroke="currentColor">
<path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M5 13l4 4L19 7" />
</svg>
</div>
<div class="ml-5 w-0 flex-1">
<dl>
<dt class="text-sm font-medium text-gray-500 truncate">Active Rules</dt>
<dd class="text-lg font-medium text-gray-900"><%= number_with_delimiter(@rules.active.count) %></dd>
</dl>
</div>
</div>
</div>
</div>
<div class="bg-white overflow-hidden shadow rounded-lg">
<div class="p-5">
<div class="flex items-center">
<div class="flex-shrink-0">
<svg class="h-6 w-6 text-red-400" fill="none" viewBox="0 0 24 24" stroke="currentColor">
<path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M6 18L18 6M6 6l12 12" />
</svg>
</div>
<div class="ml-5 w-0 flex-1">
<dl>
<dt class="text-sm font-medium text-gray-500 truncate">Block Rules</dt>
<dd class="text-lg font-medium text-gray-900"><%= number_with_delimiter(@rules.where(action: 'deny').count) %></dd>
</dl>
</div>
</div>
</div>
</div>
<div class="bg-white overflow-hidden shadow rounded-lg">
<div class="p-5">
<div class="flex items-center">
<div class="flex-shrink-0">
<svg class="h-6 w-6 text-yellow-400" fill="none" viewBox="0 0 24 24" stroke="currentColor">
<path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M12 8v4l3 3m6-3a9 9 0 11-18 0 9 9 0 0118 0z" />
</svg>
</div>
<div class="ml-5 w-0 flex-1">
<dl>
<dt class="text-sm font-medium text-gray-500 truncate">Expired Rules</dt>
<dd class="text-lg font-medium text-gray-900"><%= number_with_delimiter(@rules.expired.count) %></dd>
</dl>
</div>
</div>
</div>
</div>
</div>
<!-- Rules List -->
<div class="bg-white shadow rounded-lg">
<div class="px-6 py-4 border-b border-gray-200">
<h3 class="text-lg font-medium text-gray-900">All Rules</h3>
</div>
<% if @rules.any? %>
<div class="overflow-x-auto">
<table class="min-w-full divide-y divide-gray-200">
<thead class="bg-gray-50">
<tr>
<th class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">Rule</th>
<th class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">Type</th>
<th class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">Action</th>
<th class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">Target</th>
<th class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">Status</th>
<th class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">Created</th>
<th class="px-6 py-3 text-right text-xs font-medium text-gray-500 uppercase tracking-wider">Actions</th>
</tr>
</thead>
<tbody class="bg-white divide-y divide-gray-200">
<% @rules.each do |rule| %>
<tr class="hover:bg-gray-50">
<td class="px-6 py-4 whitespace-nowrap">
<div class="flex items-center">
<div>
<div class="text-sm font-medium text-gray-900">
<%= link_to "Rule ##{rule.id}", rule_path(rule), class: "text-blue-600 hover:text-blue-900" %>
</div>
<div class="text-sm text-gray-500">
<%= rule.source.humanize %>
<% if rule.network_range? && rule.network_range %>
• <%= link_to rule.network_range.cidr, network_range_path(rule.network_range), class: "text-blue-600 hover:text-blue-900" %>
<% end %>
</div>
</div>
</div>
</td>
<td class="px-6 py-4 whitespace-nowrap">
<span class="inline-flex items-center px-2.5 py-0.5 rounded-full text-xs font-medium <%=
case rule.rule_type
when 'network' then 'bg-blue-100 text-blue-800'
when 'rate_limit' then 'bg-yellow-100 text-yellow-800'
when 'path_pattern' then 'bg-purple-100 text-purple-800'
else 'bg-gray-100 text-gray-800'
end %>">
<%= rule.rule_type.humanize %>
</span>
</td>
<td class="px-6 py-4 whitespace-nowrap">
<span class="inline-flex items-center px-2.5 py-0.5 rounded-full text-xs font-medium <%=
case rule.action
when 'allow' then 'bg-green-100 text-green-800'
when 'deny' then 'bg-red-100 text-red-800'
when 'rate_limit' then 'bg-yellow-100 text-yellow-800'
when 'redirect' then 'bg-indigo-100 text-indigo-800'
when 'log' then 'bg-gray-100 text-gray-800'
else 'bg-gray-100 text-gray-800'
end %>">
<%= rule.action.upcase %>
</span>
</td>
<td class="px-6 py-4 whitespace-nowrap text-sm text-gray-900">
<% if rule.network_range? && rule.network_range %>
<%= rule.network_range.cidr %>
<% if rule.network_range.company.present? %>
<div class="text-xs text-gray-500"><%= rule.network_range.company %></div>
<% end %>
<% elsif rule.conditions.present? %>
<div class="max-w-xs truncate">
<%= JSON.parse(rule.conditions || "{}").map { |k, v| "#{k}: #{v}" }.join(", ") rescue "Invalid JSON" %>
</div>
<% else %>
<span class="text-gray-400">-</span>
<% end %>
</td>
<td class="px-6 py-4 whitespace-nowrap">
<div class="flex items-center space-x-2">
<% if rule.enabled? && !rule.expired? %>
<span class="inline-flex items-center px-2.5 py-0.5 rounded-full text-xs font-medium bg-green-100 text-green-800">Active</span>
<% elsif rule.expired? %>
<span class="inline-flex items-center px-2.5 py-0.5 rounded-full text-xs font-medium bg-gray-100 text-gray-800">Expired</span>
<% else %>
<span class="inline-flex items-center px-2.5 py-0.5 rounded-full text-xs font-medium bg-gray-100 text-gray-800">Disabled</span>
<% end %>
<% if rule.expires_at.present? %>
<span class="text-xs text-gray-500" title="Expires at <%= rule.expires_at.strftime('%Y-%m-%d %H:%M') %>">
<%= distance_of_time_in_words(Time.current, rule.expires_at) %> left
</span>
<% end %>
</div>
</td>
<td class="px-6 py-4 whitespace-nowrap text-sm text-gray-500">
<%= time_ago_in_words(rule.created_at) %> ago
<div class="text-xs">
by <%= rule.user&.email_address || 'System' %>
</div>
</td>
<td class="px-6 py-4 whitespace-nowrap text-right text-sm font-medium">
<%= link_to "View", rule_path(rule), class: "text-blue-600 hover:text-blue-900 mr-3" %>
<% if rule.enabled? %>
<%= link_to "Disable", disable_rule_path(rule),
method: :post,
data: { confirm: "Are you sure you want to disable this rule?" },
class: "text-yellow-600 hover:text-yellow-900 mr-3" %>
<% else %>
<%= link_to "Enable", enable_rule_path(rule),
method: :post,
class: "text-green-600 hover:text-green-900 mr-3" %>
<% end %>
<%= link_to "Edit", edit_rule_path(rule), class: "text-indigo-600 hover:text-indigo-900" %>
</td>
</tr>
<% end %>
</tbody>
</table>
</div>
<% else %>
<div class="text-center py-12">
<svg class="mx-auto h-12 w-12 text-gray-400" fill="none" viewBox="0 0 24 24" stroke="currentColor">
<path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M9 12h6m-6 4h6m2 5H7a2 2 0 01-2-2V5a2 2 0 012-2h5.586a1 1 0 01.707.293l5.414 5.414a1 1 0 01.293.707V19a2 2 0 01-2 2z" />
</svg>
<h3 class="mt-2 text-sm font-medium text-gray-900">No rules</h3>
<p class="mt-1 text-sm text-gray-500">Get started by creating your first WAF rule.</p>
<div class="mt-6">
<%= link_to "Create Rule", new_rule_path, class: "inline-flex items-center px-4 py-2 border border-transparent shadow-sm text-sm font-medium rounded-md text-white bg-blue-600 hover:bg-blue-700" %>
</div>
</div>
<% end %>
</div>
</div>

372
app/views/rules/new.html.erb Normal file
View File

@@ -0,0 +1,372 @@
<% content_for :title, "Create New Rule" %>
<div class="mx-auto max-w-7xl px-4 py-6 sm:px-6 lg:px-8">
<div class="mb-8">
<h1 class="text-3xl font-bold text-gray-900">Create New Rule</h1>
<p class="mt-2 text-gray-600">Create a WAF rule to allow, block, or rate limit traffic</p>
</div>
<div class="bg-white shadow rounded-lg">
<%= form_with(model: @rule, local: true, class: "space-y-6") do |form| %>
<% if @rule.errors.any? %>
<div class="rounded-md bg-red-50 p-4">
<div class="flex">
<div class="flex-shrink-0">
<svg class="h-5 w-5 text-red-400" fill="currentColor" viewBox="0 0 20 20">
<path fill-rule="evenodd" d="M10 18a8 8 0 100-16 8 8 0 000 16zM8.707 7.293a1 1 0 00-1.414 1.414L8.586 10l-1.293 1.293a1 1 0 101.414 1.414L10 11.414l1.293 1.293a1 1 0 001.414-1.414L11.414 10l1.293-1.293a1 1 0 00-1.414-1.414L10 8.586 8.707 7.293z" clip-rule="evenodd" />
</svg>
</div>
<div class="ml-3">
<h3 class="text-sm font-medium text-red-800">
There were <%= pluralize(@rule.errors.count, "error") %> with your submission:
</h3>
<div class="mt-2 text-sm text-red-700">
<ul class="list-disc list-inside space-y-1">
<% @rule.errors.full_messages.each do |message| %>
<li><%= message %></li>
<% end %>
</ul>
</div>
</div>
</div>
</div>
<% end %>
<!-- Rule Type Selection -->
<div class="px-6 py-4 border-b border-gray-200">
<h3 class="text-lg font-medium text-gray-900">Rule Configuration</h3>
</div>
<div class="px-6 py-4 space-y-6">
<div class="grid grid-cols-1 md:grid-cols-2 gap-6">
<div>
<%= form.label :rule_type, "Rule Type", class: "block text-sm font-medium text-gray-700" %>
<%= form.select :rule_type,
options_for_select(@rule_types.map { |type| [type.humanize, type] }, @rule.rule_type),
{ prompt: "Select rule type" },
{ class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm",
id: "rule_type_select" } %>
<p class="mt-2 text-sm text-gray-500">Choose the type of rule you want to create</p>
</div>
<div>
<%= form.label :action, "Action", class: "block text-sm font-medium text-gray-700" %>
<%= form.select :action,
options_for_select(@actions.map { |action| [action.humanize, action] }, @rule.action),
{ prompt: "Select action" },
{ class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm" } %>
<p class="mt-2 text-sm text-gray-500">What action to take when this rule matches</p>
</div>
</div>
<!-- Network Range Selection (shown for network rules) -->
<div id="network_range_section" class="hidden">
<%= form.label :network_range_id, "Network Range", class: "block text-sm font-medium text-gray-700 mb-2" %>
<!-- Selected Network Range Display -->
<div id="selected_network_display" class="hidden mb-4 p-4 bg-blue-50 border border-blue-200 rounded-md">
<div class="flex justify-between items-center">
<div>
<h4 class="text-sm font-medium text-blue-800">Selected Network Range</h4>
<div id="selected_network_info" class="mt-1 text-sm text-blue-700"></div>
</div>
<button type="button" onclick="clearSelectedNetwork()" class="text-blue-600 hover:text-blue-800">
<svg class="h-5 w-5" fill="none" viewBox="0 0 24 24" stroke="currentColor">
<path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M6 18L18 6M6 6l12 12" />
</svg>
</button>
</div>
</div>
<!-- Network Selection Interface -->
<div id="network_selection_interface" class="space-y-4">
<!-- Search Input -->
<div>
<input type="text"
id="network_search"
placeholder="Search by CIDR, IP, company, or ASN..."
class="w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm">
<p class="mt-2 text-sm text-gray-500">Search existing network ranges or enter a CIDR/IP address below</p>
</div>
<!-- Quick Create Input -->
<div class="flex space-x-2">
<%= text_field_tag :new_cidr, params[:cidr],
placeholder: "e.g., 192.168.1.0/24 or 203.0.113.1",
class: "flex-1 rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm",
id: "new_cidr_input" %>
<button type="button" onclick="quickCreateNetwork()"
class="px-4 py-2 bg-green-600 text-white text-sm rounded-md hover:bg-green-700 focus:outline-none focus:ring-2 focus:ring-green-500">
Create & Select
</button>
</div>
<!-- Search Results -->
<div id="network_search_results" class="hidden">
<div class="border rounded-md divide-y max-h-64 overflow-y-auto">
<!-- Results will be populated here -->
</div>
</div>
<!-- Hidden field to store selected network range ID -->
<%= form.hidden_field :network_range_id, id: "selected_network_range_id", value: @rule.network_range_id %>
</div>
</div>
<!-- Conditions (shown for non-network rules) -->
<div id="conditions_section" class="hidden">
<div>
<%= form.label :conditions, "Conditions", class: "block text-sm font-medium text-gray-700" %>
<%= form.text_area :conditions, rows: 4,
class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm",
placeholder: '{"path_pattern": "/admin/*", "user_agent": "bot*"}' %>
<p class="mt-2 text-sm text-gray-500">JSON format with matching conditions</p>
</div>
</div>
<!-- Metadata -->
<div data-controller="json-validator" data-json-validator-valid-class="json-valid" data-json-validator-invalid-class="json-invalid" data-json-validator-valid-status-class="json-valid-status" data-json-validator-invalid-status-class="json-invalid-status">
<%= form.label :metadata, "Metadata", class: "block text-sm font-medium text-gray-700" %>
<div class="relative">
<%= form.text_area :metadata, rows: 3,
class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm",
placeholder: '{"reason": "Suspicious activity detected", "source": "manual"}',
data: { json_validator_target: "textarea", action: "input->json-validator#validate" } %>
<div class="mt-1 flex items-center justify-between">
<div data-json-validator-target="status" class="text-sm"></div>
<div class="flex space-x-2">
<button type="button"
data-action="click->json-validator#format"
class="text-xs text-gray-500 hover:text-gray-700 underline">
Format JSON
</button>
<button type="button"
data-action="click->json-validator#insertSample"
data-json-validator-json-sample='{"reason": "Block malicious ISP", "threat_type": "botnet", "confidence": "high", "source": "manual"}'
class="text-xs text-gray-500 hover:text-gray-700 underline">
Insert Sample
</button>
</div>
</div>
</div>
<p class="mt-2 text-sm text-gray-500">JSON format with additional metadata</p>
</div>
<div class="grid grid-cols-1 md:grid-cols-3 gap-6">
<div>
<%= form.label :source, "Source", class: "block text-sm font-medium text-gray-700" %>
<%= form.select :source,
options_for_select(Rule::SOURCES.map { |source| [source.humanize, source] }, @rule.source || "manual"),
{ },
{ class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm" } %>
<p class="mt-2 text-sm text-gray-500">How this rule was created</p>
</div>
<div>
<%= form.label :expires_at, "Expires At", class: "block text-sm font-medium text-gray-700" %>
<%= form.datetime_local_field :expires_at,
class: "mt-1 block w-full rounded-md border-gray-300 shadow-sm focus:border-blue-500 focus:ring-blue-500 sm:text-sm" %>
<p class="mt-2 text-sm text-gray-500">Leave blank for permanent rule</p>
</div>
<div class="flex items-center pt-6">
<%= form.check_box :enabled, class: "h-4 w-4 rounded border-gray-300 text-blue-600 focus:ring-blue-500" %>
<%= form.label :enabled, "Enable immediately", class: "ml-2 block text-sm text-gray-900" %>
</div>
</div>
</div>
<div class="px-6 py-4 bg-gray-50 border-t border-gray-200">
<div class="flex justify-end space-x-3">
<%= link_to "Cancel", rules_path, class: "inline-flex items-center px-4 py-2 border border-gray-300 rounded-md shadow-sm text-sm font-medium text-gray-700 bg-white hover:bg-gray-50" %>
<%= form.submit "Create Rule", class: "inline-flex items-center px-4 py-2 border border-transparent rounded-md shadow-sm text-sm font-medium text-white bg-blue-600 hover:bg-blue-700" %>
</div>
</div>
<% end %>
</div>
</div>
<script>
let selectedNetworkData = null;
document.addEventListener('DOMContentLoaded', function() {
const ruleTypeSelect = document.getElementById('rule_type_select');
const networkSection = document.getElementById('network_range_section');
const conditionsSection = document.getElementById('conditions_section');
function toggleSections() {
if (ruleTypeSelect.value === 'network') {
networkSection.classList.remove('hidden');
conditionsSection.classList.add('hidden');
} else {
networkSection.classList.add('hidden');
conditionsSection.classList.remove('hidden');
}
}
ruleTypeSelect.addEventListener('change', toggleSections);
toggleSections(); // Initial state
// Pre-select network range if provided
<% if @rule.network_range.present? %>
// Show selected network display
const displayDiv = document.getElementById('selected_network_display');
const infoDiv = document.getElementById('selected_network_info');
const selectionInterface = document.getElementById('network_selection_interface');
let infoHtml = '<strong><%= @rule.network_range.network %></strong>';
<% if @rule.network_range.company.present? %>
infoHtml += ' - <%= @rule.network_range.company %>';
<% end %>
<% if @rule.network_range.asn_org.present? %>
infoHtml += ' (ASN: <%= @rule.network_range.asn_org %>)';
<% end %>
infoDiv.innerHTML = infoHtml;
displayDiv.classList.remove('hidden');
selectionInterface.classList.add('hidden');
<% end %>
// Pre-fill CIDR if provided
<% if params[:cidr].present? %>
if (ruleTypeSelect.value === 'network') {
document.getElementById('new_cidr_input').value = '<%= params[:cidr] %>';
}
<% end %>
// Set up search on Enter key
document.getElementById('network_search').addEventListener('keypress', function(e) {
if (e.key === 'Enter') {
e.preventDefault();
searchNetworkRanges();
}
});
// Set up quick create on Enter key
document.getElementById('new_cidr_input').addEventListener('keypress', function(e) {
if (e.key === 'Enter') {
e.preventDefault();
quickCreateNetwork();
}
});
});
function searchNetworkRanges() {
const query = document.getElementById('network_search').value.trim();
if (!query) return;
const resultsDiv = document.getElementById('network_search_results');
resultsDiv.innerHTML = '<div class="p-4 text-center text-gray-500">Searching...</div>';
resultsDiv.classList.remove('hidden');
fetch(`/network_ranges/search?q=${encodeURIComponent(query)}`)
.then(response => response.json())
.then(data => {
if (data.length === 0) {
resultsDiv.innerHTML = '<div class="p-4 text-center text-gray-500">No network ranges found. Try creating a new one below.</div>';
return;
}
const html = data.map(network => `
<div class="p-3 hover:bg-gray-50 cursor-pointer flex justify-between items-center"
onclick="selectNetworkRange(${network.id}, '${network.network}', '${network.company || ''}', '${network.asn_org || ''}')">
<div>
<div class="font-medium text-gray-900">${network.network}</div>
${network.company ? `<div class="text-sm text-gray-600">${network.company}</div>` : ''}
${network.asn_org ? `<div class="text-sm text-gray-500">ASN: ${network.asn} - ${network.asn_org}</div>` : ''}
${network.country ? `<div class="text-sm text-gray-400">Country: ${network.country}</div>` : ''}
</div>
<div class="text-xs text-gray-400">
${network.is_datacenter ? '<span class="bg-gray-100 px-2 py-1 rounded">DC</span>' : ''}
${network.is_vpn ? '<span class="bg-blue-100 px-2 py-1 rounded">VPN</span>' : ''}
${network.is_proxy ? '<span class="bg-red-100 px-2 py-1 rounded">Proxy</span>' : ''}
</div>
</div>
`).join('');
resultsDiv.innerHTML = html;
})
.catch(error => {
console.error('Search error:', error);
resultsDiv.innerHTML = '<div class="p-4 text-center text-red-500">Search failed. Please try again.</div>';
});
}
function selectNetworkRange(id, network, company, asnOrg) {
selectedNetworkData = { id, network, company, asnOrg };
// Update hidden field
document.getElementById('selected_network_range_id').value = id;
// Update display
const displayDiv = document.getElementById('selected_network_display');
const infoDiv = document.getElementById('selected_network_info');
let infoHtml = `<strong>${network}</strong>`;
if (company) infoHtml += ` - ${company}`;
if (asnOrg) infoHtml += ` (ASN: ${asnOrg})`;
infoDiv.innerHTML = infoHtml;
displayDiv.classList.remove('hidden');
// Hide the entire selection interface
document.getElementById('network_selection_interface').classList.add('hidden');
// Clear search results
document.getElementById('network_search_results').classList.add('hidden');
document.getElementById('network_search').value = '';
}
function clearSelectedNetwork() {
selectedNetworkData = null;
document.getElementById('selected_network_range_id').value = '';
document.getElementById('selected_network_display').classList.add('hidden');
// Show the selection interface again
document.getElementById('network_selection_interface').classList.remove('hidden');
}
function quickCreateNetwork() {
const cidr = document.getElementById('new_cidr_input').value.trim();
if (!cidr) {
alert('Please enter a CIDR or IP address');
return;
}
// Simple CIDR validation
const cidrRegex = /^(\d{1,3}\.){3}\d{1,3}(\/\d{1,2})?$|^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}(\/\d{1,3})?$/;
if (!cidrRegex.test(cidr)) {
alert('Invalid CIDR or IP address format');
return;
}
// Create network range via API
fetch('/network_ranges', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'X-CSRF-Token': document.querySelector('meta[name="csrf-token"]').content
},
body: JSON.stringify({
network_range: {
network: cidr,
source: 'manual',
creation_reason: 'Created from rule form'
}
})
})
.then(response => response.json())
.then(data => {
if (data.id) {
selectNetworkRange(data.id, data.network, data.company, data.asn_org);
document.getElementById('new_cidr_input').value = '';
} else {
alert('Failed to create network range: ' + (data.error || 'Unknown error'));
}
})
.catch(error => {
console.error('Create error:', error);
alert('Failed to create network range. Please try again.');
});
}
</script>

210
app/views/rules/show.html.erb Normal file
View File

@@ -0,0 +1,210 @@
<% content_for :title, "Rule ##{@rule.id} - #{@rule.action.upcase}" %>
<div class="mx-auto max-w-7xl px-4 py-6 sm:px-6 lg:px-8">
<!-- Header -->
<div class="mb-8">
<div class="flex items-center justify-between">
<div>
<nav class="flex" aria-label="Breadcrumb">
<ol class="flex items-center space-x-4">
<li>
<%= link_to "Rules", rules_path, class: "text-gray-500 hover:text-gray-700" %>
</li>
<li>
<div class="flex items-center">
<svg class="flex-shrink-0 h-5 w-5 text-gray-400" fill="currentColor" viewBox="0 0 20 20" aria-hidden="true">
<path fill-rule="evenodd" d="M7.293 14.707a1 1 0 010-1.414L10.586 10 7.293 6.707a1 1 0 011.414-1.414l4 4a1 1 0 010 1.414l-4 4a1 1 0 01-1.414 0z" clip-rule="evenodd" />
</svg>
<span class="ml-4 text-gray-700 font-medium">Rule #<%= @rule.id %></span>
</div>
</li>
</ol>
</nav>
<div class="mt-2 flex items-center space-x-3">
<h1 class="text-3xl font-bold text-gray-900">Rule #<%= @rule.id %></h1>
<span class="inline-flex items-center px-3 py-1 rounded-full text-sm font-medium <%=
case @rule.action
when 'allow' then 'bg-green-100 text-green-800'
when 'deny' then 'bg-red-100 text-red-800'
when 'rate_limit' then 'bg-yellow-100 text-yellow-800'
when 'redirect' then 'bg-indigo-100 text-indigo-800'
when 'log' then 'bg-gray-100 text-gray-800'
else 'bg-gray-100 text-gray-800'
end %>">
<%= @rule.action.upcase %>
</span>
</div>
</div>
<div class="flex space-x-3">
<%= link_to "Edit", edit_rule_path(@rule), class: "inline-flex items-center px-4 py-2 border border-gray-300 rounded-md shadow-sm text-sm font-medium text-gray-700 bg-white hover:bg-gray-50" %>
<% if @rule.enabled? %>
<%= link_to "Disable", disable_rule_path(@rule),
method: :post,
data: { confirm: "Are you sure you want to disable this rule?" },
class: "inline-flex items-center px-4 py-2 border border-yellow-300 rounded-md shadow-sm text-sm font-medium text-yellow-700 bg-yellow-50 hover:bg-yellow-100" %>
<% else %>
<%= link_to "Enable", enable_rule_path(@rule),
method: :post,
class: "inline-flex items-center px-4 py-2 border border-green-300 rounded-md shadow-sm text-sm font-medium text-green-700 bg-green-50 hover:bg-green-100" %>
<% end %>
</div>
</div>
</div>
<!-- Rule Details -->
<div class="bg-white shadow rounded-lg mb-6">
<div class="px-6 py-4 border-b border-gray-200">
<h3 class="text-lg font-medium text-gray-900">Rule Details</h3>
</div>
<div class="px-6 py-4">
<div class="grid grid-cols-1 md:grid-cols-2 lg:grid-cols-3 gap-6">
<div>
<dt class="text-sm font-medium text-gray-500">Rule Type</dt>
<dd class="mt-1 text-sm text-gray-900"><%= @rule.rule_type.humanize %></dd>
</div>
<div>
<dt class="text-sm font-medium text-gray-500">Action</dt>
<dd class="mt-1 text-sm text-gray-900"><%= @rule.action.upcase %></dd>
</div>
<div>
<dt class="text-sm font-medium text-gray-500">Status</dt>
<dd class="mt-1">
<% if @rule.enabled? && !@rule.expired? %>
<span class="inline-flex items-center px-2.5 py-0.5 rounded-full text-xs font-medium bg-green-100 text-green-800">Active</span>
<% elsif @rule.expired? %>
<span class="inline-flex items-center px-2.5 py-0.5 rounded-full text-xs font-medium bg-gray-100 text-gray-800">Expired</span>
<% else %>
<span class="inline-flex items-center px-2.5 py-0.5 rounded-full text-xs font-medium bg-gray-100 text-gray-800">Disabled</span>
<% end %>
</dd>
</div>
<div>
<dt class="text-sm font-medium text-gray-500">Source</dt>
<dd class="mt-1 text-sm text-gray-900"><%= @rule.source.humanize %></dd>
</div>
<div>
<dt class="text-sm font-medium text-gray-500">Priority</dt>
<dd class="mt-1 text-sm text-gray-900"><%= @rule.priority %></dd>
</div>
<div>
<dt class="text-sm font-medium text-gray-500">Created</dt>
<dd class="mt-1 text-sm text-gray-900"><%= @rule.created_at.strftime("%Y-%m-%d %H:%M:%S UTC") %></dd>
</div>
<% if @rule.expires_at.present? %>
<div>
<dt class="text-sm font-medium text-gray-500">Expires At</dt>
<dd class="mt-1 text-sm text-gray-900"><%= @rule.expires_at.strftime("%Y-%m-%d %H:%M:%S UTC") %></dd>
</div>
<% end %>
<div>
<dt class="text-sm font-medium text-gray-500">Created By</dt>
<dd class="mt-1 text-sm text-gray-900"><%= @rule.user&.email_address || 'System' %></dd>
</div>
<% if @rule.updated_at != @rule.created_at %>
<div>
<dt class="text-sm font-medium text-gray-500">Last Updated</dt>
<dd class="mt-1 text-sm text-gray-900"><%= @rule.updated_at.strftime("%Y-%m-%d %H:%M:%S UTC") %></dd>
</div>
<% end %>
</div>
</div>
</div>
<!-- Target Information -->
<% if @rule.network_rule? && @rule.network_range.present? %>
<div class="bg-white shadow rounded-lg mb-6">
<div class="px-6 py-4 border-b border-gray-200">
<h3 class="text-lg font-medium text-gray-900">Network Target</h3>
</div>
<div class="px-6 py-4">
<div class="bg-gray-50 rounded-lg p-4">
<div class="flex items-center justify-between">
<div>
<div class="text-lg font-medium text-gray-900">
<%= link_to @rule.network_range.cidr, network_range_path(@rule.network_range), class: "text-blue-600 hover:text-blue-900" %>
</div>
<% if @rule.network_range.company.present? %>
<div class="text-sm text-gray-600"><%= @rule.network_range.company %></div>
<% end %>
<% if @rule.network_range.asn.present? %>
<div class="text-sm text-gray-500">
ASN <%= @rule.network_range.asn %><% if @rule.network_range.asn_org.present? %> (<%= @rule.network_range.asn_org %>)<% end %>
</div>
<% end %>
<% if @rule.network_range.country.present? %>
<div class="text-sm text-gray-500">Country: <%= @rule.network_range.country %></div>
<% end %>
</div>
<div class="flex space-x-2">
<% if @rule.network_range.is_datacenter? %>
<span class="inline-flex items-center px-2.5 py-0.5 rounded-full text-xs font-medium bg-orange-100 text-orange-800">Datacenter</span>
<% end %>
<% if @rule.network_range.is_vpn? %>
<span class="inline-flex items-center px-2.5 py-0.5 rounded-full text-xs font-medium bg-purple-100 text-purple-800">VPN</span>
<% end %>
<% if @rule.network_range.is_proxy? %>
<span class="inline-flex items-center px-2.5 py-0.5 rounded-full text-xs font-medium bg-red-100 text-red-800">Proxy</span>
<% end %>
</div>
</div>
</div>
</div>
</div>
<% end %>
<!-- Conditions -->
<% if @rule.conditions.present? %>
<div class="bg-white shadow rounded-lg mb-6">
<div class="px-6 py-4 border-b border-gray-200">
<h3 class="text-lg font-medium text-gray-900">Conditions</h3>
</div>
<div class="px-6 py-4">
<pre class="bg-gray-50 p-4 rounded-md text-sm overflow-x-auto"><%= JSON.pretty_generate(JSON.parse(@rule.conditions)) rescue @rule.conditions %></pre>
</div>
</div>
<% end %>
<!-- Metadata -->
<% if @rule.metadata.present? %>
<div class="bg-white shadow rounded-lg mb-6">
<div class="px-6 py-4 border-b border-gray-200">
<h3 class="text-lg font-medium text-gray-900">Metadata</h3>
</div>
<div class="px-6 py-4">
<pre class="bg-gray-50 p-4 rounded-md text-sm overflow-x-auto"><%= JSON.pretty_generate(JSON.parse(@rule.metadata)) rescue @rule.metadata %></pre>
</div>
</div>
<% end %>
<!-- Rule Actions -->
<div class="bg-white shadow rounded-lg">
<div class="px-6 py-4 border-b border-gray-200">
<h3 class="text-lg font-medium text-gray-900">Actions</h3>
</div>
<div class="px-6 py-4">
<div class="flex space-x-4">
<%= link_to "Edit Rule", edit_rule_path(@rule), class: "inline-flex items-center px-4 py-2 border border-gray-300 rounded-md shadow-sm text-sm font-medium text-gray-700 bg-white hover:bg-gray-50" %>
<% if @rule.enabled? %>
<%= form_with(model: @rule, url: disable_rule_path(@rule), method: :post, class: "inline-flex") do |form| %>
<%= form.submit "Disable Rule", class: "inline-flex items-center px-4 py-2 border border-yellow-300 rounded-md shadow-sm text-sm font-medium text-yellow-700 bg-yellow-50 hover:bg-yellow-100 cursor-pointer" %>
<% end %>
<% else %>
<%= form_with(model: @rule, url: enable_rule_path(@rule), method: :post, class: "inline-flex") do |form| %>
<%= form.submit "Enable Rule", class: "inline-flex items-center px-4 py-2 border border-green-300 rounded-md shadow-sm text-sm font-medium text-green-700 bg-green-50 hover:bg-green-100 cursor-pointer" %>
<% end %>
<% end %>
<%= link_to "View All Rules", rules_path, class: "inline-flex items-center px-4 py-2 border border-gray-300 rounded-md shadow-sm text-sm font-medium text-gray-700 bg-white hover:bg-gray-50" %>
</div>
</div>
</div>
</div>