fix[backend]: solved problem with merge

Author: Kbayero

backend/src/main/java/com/park/utmstack/domain/application_modules/UtmModule.java

@@ -32,7 +32,7 @@ public class UtmModule implements Serializable {
     @Column(name = "pretty_name")
     private String prettyName;
 
-    @Enumerated(EnumType.STRING)
+    @Convert(converter = com.park.utmstack.domain.application_modules.enums.ModuleNameConverter.class)
     @Column(name = "module_name")
     private ModuleName moduleName;
 

backend/src/main/java/com/park/utmstack/domain/application_modules/enums/ModuleName.java

@@ -66,5 +66,7 @@ public enum ModuleName {
     ORACLE,
     SURICATA,
     UTMSTACK,
-    CROWDSTRIKE
+    CROWDSTRIKE,
+    SYSLOG_GENERIC,
+    WINDOWS_EVENTS
 }

backend/src/main/java/com/park/utmstack/domain/application_modules/enums/ModuleNameConverter.java

@@ -0,0 +1,29 @@
+package com.park.utmstack.domain.application_modules.enums;
+
+import javax.persistence.AttributeConverter;
+import javax.persistence.Converter;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+@Converter(autoApply = true)
+public class ModuleNameConverter implements AttributeConverter<ModuleName, String> {
+    private static final Logger log = LoggerFactory.getLogger(ModuleNameConverter.class);
+
+    @Override
+    public String convertToDatabaseColumn(ModuleName attribute) {
+        return attribute == null ? null : attribute.name();
+    }
+
+    @Override
+    public ModuleName convertToEntityAttribute(String dbData) {
+        if (dbData == null) {
+            return null;
+        }
+        try {
+            return ModuleName.valueOf(dbData);
+        } catch (IllegalArgumentException e) {
+            log.warn("Unknown ModuleName in database: '{}'. Mapping to null to prevent crash. ---", dbData);
+            return null;
+        }
+    }
+}

backend/src/main/java/com/park/utmstack/domain/logstash_filter/UtmLogstashFilter.java

@@ -67,8 +67,9 @@ public class UtmLogstashFilter implements Serializable, AuditableDTO {
     private Instant updatedAt;
 
     @JsonIgnore
-    @ManyToOne(fetch = FetchType.LAZY)
-    @JoinColumn(name = "module_name", referencedColumnName = "module_name",insertable = false, updatable = false)
+    @ManyToOne(fetch = FetchType.LAZY, optional = true)
+    @org.hibernate.annotations.NotFound(action = org.hibernate.annotations.NotFoundAction.IGNORE)
+    @JoinColumn(name = "module_name", referencedColumnName = "module_name", insertable = false, updatable = false, nullable = true)
     private UtmModule module;
 
     public UtmLogstashFilter() {

backend/src/main/java/com/park/utmstack/repository/correlation/rules/UtmCorrelationRulesRepository.java

@@ -56,5 +56,7 @@ Page<UtmCorrelationRules> searchByFilters(@Param("ruleName") String ruleName,
 
     Optional<UtmCorrelationRules> findOneByRuleName(String ruleName);
 
+    List<UtmCorrelationRules> findAllBySystemOwnerIsTrue();
+
     Optional<UtmCorrelationRules> findFirstBySystemOwnerIsTrueOrderByIdDesc();
 }

backend/src/main/java/com/park/utmstack/repository/logstash_filter/UtmLogstashFilterRepository.java

@@ -20,6 +20,8 @@ public interface UtmLogstashFilterRepository extends JpaRepository<UtmLogstashFi
 
     void deleteAllBySystemOwnerIsTrueAndIdNotIn(List<Long> ids);
 
+    List<UtmLogstashFilter> findAllBySystemOwnerIsTrue();
+
     @Query(nativeQuery = true, value = "select utm_logstash_filter.* from utm_logstash_filter where :nameShort = any(string_to_array(utm_logstash_filter.module_name, ','))")
     List<UtmLogstashFilter> findAllByModuleName(@Param("nameShort") String nameShort);
 

backend/src/main/java/com/park/utmstack/service/correlation/rules/UtmCorrelationRulesService.java

@@ -62,6 +62,10 @@ public UtmCorrelationRulesService(UtmCorrelationRulesRepository utmCorrelationRu
      * @return the persisted entity.
      */
     public UtmCorrelationRules save(UtmCorrelationRules rule) {
+        return save(rule, false);
+    }
+
+    public UtmCorrelationRules save(UtmCorrelationRules rule, boolean forcedSystemMode) {
         final String ctx = CLASSNAME + ".saveRule";
         log.debug("Request to save UtmCorrelationRules : {}", rule);
 
@@ -72,6 +76,10 @@ public UtmCorrelationRules save(UtmCorrelationRules rule) {
             }
         }
 
+        if (forcedSystemMode) {
+            rule.setSystemOwner(true);
+        }
+
         rule.setDataTypes(this.saveDataTypes(rule));
         rule.setRuleLastUpdate(Instant.now(Clock.systemUTC()));
         return utmCorrelationRulesRepository.save(rule);
@@ -86,6 +94,11 @@ public UtmCorrelationRules save(UtmCorrelationRules rule) {
      * */
     @Transactional
     public void updateRule(UtmCorrelationRules correlationRule) throws Exception {
+        updateRule(correlationRule, false);
+    }
+
+    @Transactional
+    public void updateRule(UtmCorrelationRules correlationRule, boolean forcedSystemMode) throws Exception {
         final String ctx = CLASSNAME + ".updateRule";
         Long id = correlationRule.getId();
         if (id == null) {
@@ -99,7 +112,12 @@ public void updateRule(UtmCorrelationRules correlationRule) throws Exception {
         if (correlationRule.getDataTypes().isEmpty()) {
             throw new BadRequestException(ctx + ": The rule must have at least one data type.");
         }
-        if(optionalCorrelationRule.get().getSystemOwner() && !utmStackService.isInDevelop()) {
+
+        if (forcedSystemMode) {
+            correlationRule.setSystemOwner(true);
+        }
+
+        if(optionalCorrelationRule.get().getSystemOwner() && !utmStackService.isInDevelop() && !forcedSystemMode) {
             throw new BadRequestException(ctx + ": System's rules can't be updated.");
         }
         correlationRule.setDataTypes(this.saveDataTypes(correlationRule));
@@ -140,12 +158,17 @@ public void setRuleActivation(Long ruleId, boolean setActive) throws Exception {
      * */
     @Transactional
     public void deleteRule (Long id) throws Exception {
+        deleteRule(id, false);
+    }
+
+    @Transactional
+    public void deleteRule (Long id, boolean forcedSystemMode) throws Exception {
         final String ctx = CLASSNAME + ".deleteRule";
         Optional<UtmCorrelationRules> find = utmCorrelationRulesRepository.findById(id);
         if (find.isEmpty()) {
             throw new BadRequestException(ctx + ": The rule you're trying to delete is not present in database.");
         }
-        if(find.get().getSystemOwner()) {
+        if(find.get().getSystemOwner() && !forcedSystemMode) {
             throw new BadRequestException(ctx + ": System's rules can't be removed.");
         }
         utmCorrelationRulesRepository.deleteById(id);

backend/src/main/java/com/park/utmstack/service/logstash_filter/UtmLogstashFilterService.java

@@ -114,4 +114,10 @@ public List<UtmLogstashFilter> filtersByPipelineId(Long pipelineId) {
             throw new RuntimeException(ctx + ": " + e.getMessage());
         }
     }
+
+    public Long getSystemSequenceNextValue() {
+        return logstashFilterRepository.findFirstBySystemOwnerIsTrueOrderByIdDesc()
+                .map(filter -> filter.getId() + 1)
+                .orElse(1L);
+    }
 }

backend/src/main/java/com/park/utmstack/util/CipherUtil.java

@@ -14,21 +14,32 @@
 
 public class CipherUtil {
     private static final String CLASSNAME = "CipherUtil";
-    private static SecretKeySpec secretKey;
-    private static IvParameterSpec iv;
     private static final String CIPHER_INSTANCE = "AES/CBC/PKCS5Padding";
+    private static final int ITERATION_COUNT = 65536;
+    private static final int KEY_LENGTH = 128;
 
-    private static void setKey(String myKey) throws Exception {
-        final String ctx = CLASSNAME + ".";
+    private static class CryptoContext {
+        final SecretKeySpec secretKey;
+        final IvParameterSpec iv;
+
+        CryptoContext(SecretKeySpec secretKey, IvParameterSpec iv) {
+            this.secretKey = secretKey;
+            this.iv = iv;
+        }
+    }
+
+    private static CryptoContext getCryptoContext(String myKey) throws Exception {
+        final String ctx = CLASSNAME + ".getCryptoContext";
         try {
             byte[] salt = myKey.getBytes(StandardCharsets.UTF_8);
             MessageDigest sha = MessageDigest.getInstance("SHA-1");
             salt = sha.digest(salt);
-            KeySpec spec = new PBEKeySpec(myKey.toCharArray(), salt, 65536, 128); // AES-256
+            KeySpec spec = new PBEKeySpec(myKey.toCharArray(), salt, ITERATION_COUNT, KEY_LENGTH);
             SecretKeyFactory f = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
             byte[] key = f.generateSecret(spec).getEncoded();
-            secretKey = new SecretKeySpec(key, "AES");
-            iv = new IvParameterSpec(Arrays.copyOf(salt, 16));
+            SecretKeySpec secretKey = new SecretKeySpec(key, "AES");
+            IvParameterSpec iv = new IvParameterSpec(Arrays.copyOf(salt, 16));
+            return new CryptoContext(secretKey, iv);
         } catch (Exception e) {
             throw new Exception(ctx + ": " + e.getMessage());
         }
@@ -37,9 +48,9 @@ private static void setKey(String myKey) throws Exception {
     public static String encrypt(String str, String secret) {
         final String ctx = CLASSNAME + ".encrypt";
         try {
-            setKey(secret);
+            CryptoContext context = getCryptoContext(secret);
             Cipher cipher = Cipher.getInstance(CIPHER_INSTANCE);
-            cipher.init(Cipher.ENCRYPT_MODE, secretKey, iv);
+            cipher.init(Cipher.ENCRYPT_MODE, context.secretKey, context.iv);
             return Base64.getEncoder().encodeToString(cipher.doFinal(str.getBytes(StandardCharsets.UTF_8)));
         } catch (Exception e) {
             throw new RuntimeException(ctx + ": " + e.getMessage());
@@ -49,9 +60,9 @@ public static String encrypt(String str, String secret) {
     public static String decrypt(String str, String secret) {
         final String ctx = CLASSNAME + ".decrypt";
         try {
-            setKey(secret);
+            CryptoContext context = getCryptoContext(secret);
             Cipher cipher = Cipher.getInstance(CIPHER_INSTANCE);
-            cipher.init(Cipher.DECRYPT_MODE, secretKey, iv);
+            cipher.init(Cipher.DECRYPT_MODE, context.secretKey, context.iv);
             return new String(cipher.doFinal(Base64.getDecoder().decode(str)));
         } catch (Exception e) {
             throw new RuntimeException(ctx + ": " + e.getMessage());

backend/src/main/resources/config/liquibase/changelog/20260403001_update_socai_group_config.xml

@@ -0,0 +1,87 @@
+<?xml version="1.0" encoding="utf-8"?>
+<databaseChangeLog
+    xmlns="http://www.liquibase.org/xml/ns/dbchangelog"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.5.xsd">
+
+    <changeSet id="20260403001" author="Alex">
+        <comment>Refactor SOCAI configuration to support multi-provider presets and visibility rules</comment>
+        <sql dbms="postgresql" splitStatements="false">
+            <![CDATA[
+do $$
+declare
+    grp_id integer;
+begin
+    -- 1. Get the Group ID for SOC_AI
+    select id into grp_id from public.utm_module_group
+    where module_id = (select id from public.utm_module where module_name = 'SOC_AI')
+    limit 1;
+
+    IF grp_id IS NOT NULL THEN
+        -- 2. Cleanup old keys that might conflict or are being renamed/refactored
+        DELETE FROM public.utm_module_group_configuration
+        WHERE group_id = grp_id
+        AND conf_key IN ('utmstack.socai.custom.url', 'utmstack.socai.custom.model', 'utmstack.socai.provider');
+
+        -- 3. Update Existing Behavioral Keys (Behavior Section)
+        UPDATE public.utm_module_group_configuration
+        SET conf_name = 'Auto-create incidents for "possible incident"',
+            conf_description = 'If set to "true", the system will create incidents based on analysis of alerts.'
+        WHERE group_id = grp_id AND conf_key = 'utmstack.socai.incidentCreation';
+
+        UPDATE public.utm_module_group_configuration
+        SET conf_name = 'Change alert status after analysis',
+            conf_description = 'If set to "true", SOC Ai will automatically change the status of alerts.'
+        WHERE group_id = grp_id AND conf_key = 'utmstack.socai.changeAlertStatus';
+
+        -- 4. Insert/Re-insert Provider Preset (Connection Section)
+        INSERT INTO public.utm_module_group_configuration (group_id, conf_key, conf_name, conf_description, conf_value, conf_required, conf_data_type, conf_options)
+        VALUES (grp_id, 'utmstack.socai.provider', 'Provider Preset', 'Select your AI provider', 'openai', true, 'select',
+                '[{"value": "openai", "label": "OpenAI"}, {"value": "anthropic", "label": "Anthropic"}, {"value": "azure", "label": "Azure OpenAI"}, {"value": "ollama", "label": "Ollama (Local)"}, {"value": "custom", "label": "Custom"}]')
+        ON CONFLICT (group_id, conf_key) DO UPDATE SET conf_options = EXCLUDED.conf_options, conf_name = EXCLUDED.conf_name;
+
+        -- 5. Insert Connection Details
+        INSERT INTO public.utm_module_group_configuration (group_id, conf_key, conf_name, conf_description, conf_value, conf_required, conf_data_type)
+        VALUES (grp_id, 'utmstack.socai.url', 'API URL', 'Auto-filled by preset (editable)', 'https://api.openai.com/v1/chat/completions', true, 'text')
+        ON CONFLICT (group_id, conf_key) DO NOTHING;
+
+        -- Update existing model key
+        UPDATE public.utm_module_group_configuration
+        SET conf_name = 'Model', conf_description = 'Choose the AI model'
+        WHERE group_id = grp_id AND conf_key = 'utmstack.socai.model';
+
+        INSERT INTO public.utm_module_group_configuration (group_id, conf_key, conf_name, conf_description, conf_value, conf_required, conf_data_type)
+        VALUES (grp_id, 'utmstack.socai.maxTokens', 'Max Tokens', 'Required for Anthropic', '4096', false, 'number')
+        ON CONFLICT (group_id, conf_key) DO NOTHING;
+
+        -- 6. Update Authentication (API Key mapping)
+        UPDATE public.utm_module_group_configuration
+        SET conf_name = 'API Key',
+            conf_description = 'Authentication key for the provider',
+            conf_visibility = '{"dependsOn": "utmstack.socai.provider", "values": ["openai", "anthropic", "azure"]}'
+        WHERE group_id = grp_id AND conf_key = 'utmstack.socai.key';
+
+        -- 7. Insert Custom Auth Fields (Visible only for Custom preset)
+        INSERT INTO public.utm_module_group_configuration (group_id, conf_key, conf_name, conf_description, conf_value, conf_required, conf_data_type, conf_options, conf_visibility)
+        VALUES (grp_id, 'utmstack.socai.authType', 'Auth Type', 'Select authentication method', 'custom-headers', false, 'select',
+                '[{"value": "custom-headers", "label": "Custom Headers"}, {"value": "none", "label": "None"}]',
+                '{"dependsOn": "utmstack.socai.provider", "values": ["custom"]}')
+        ON CONFLICT (group_id, conf_key) DO NOTHING;
+
+        INSERT INTO public.utm_module_group_configuration (group_id, conf_key, conf_name, conf_description, conf_value, conf_required, conf_data_type, conf_visibility)
+        VALUES (grp_id, 'utmstack.socai.customHeaders', 'Custom Headers', 'JSON format for custom headers (e.g. {"Authorization": "Bearer sk-xxx"})', '{}', false, 'text',
+                '{"dependsOn": "utmstack.socai.provider", "values": ["custom"]}')
+        ON CONFLICT (group_id, conf_key) DO NOTHING;
+
+        -- 8. Insert new behavior key
+        INSERT INTO public.utm_module_group_configuration (group_id, conf_key, conf_name, conf_description, conf_value, conf_required, conf_data_type)
+        VALUES (grp_id, 'utmstack.socai.autoAnalyze', 'Auto-analyze alerts', 'If enabled, the system will automatically send alerts for analysis.', 'true', false, 'bool')
+        ON CONFLICT (group_id, conf_key) DO NOTHING;
+
+    END IF;
+end;
+$$ language plpgsql;
+            ]]>
+        </sql>
+    </changeSet>
+</databaseChangeLog>