Skip to content

[frontend/backend] feat(scv): assign Security Domains to payloads (#4119) #4335

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
GaetanSantucci merged 39 commits into from
Dec 2, 2025
Merged

[frontend/backend] feat(scv): assign Security Domains to payloads (#4119) #4335

GaetanSantucci merged 39 commits into from
Dec 2, 2025

Conversation

@GaetanSantucci
Copy link
Member

@GaetanSantucci GaetanSantucci commented Oct 29, 2025

[SCV] Add Centralized Security Control Validation View by Security Domains

Proposed changes

Testing Instructions

  1. Step-by-step how to test

Related issues

#4119

Checklist

  • I consider the submitted work as finished
  • I tested the code for its functionality
  • I wrote test cases for the relevant uses case
  • I added/update the relevant documentation (either on github or on notion)
  • Where necessary I refactored code to improve the overall quality
  • For bug fix -> I implemented a test that covers the bug

@GaetanSantucci GaetanSantucci added this to the Release 2.1.0 milestone Oct 29, 2025
@GaetanSantucci GaetanSantucci self-assigned this Oct 29, 2025
@GaetanSantucci GaetanSantucci added feature use for describing a new feature to develop filigran team use to identify PR from the Filigran team labels Oct 29, 2025
@savacano28 savacano28 removed the feature use for describing a new feature to develop label Oct 31, 2025
@savacano28 savacano28 changed the title [frontend/backend] SVC Assign Security Domains to payloads #4119 [frontend/backend] feat(scv): assign Security Domains to payloads (#4119) Nov 19, 2025
@github-actions
Copy link

github-actions bot commented Nov 24, 2025

Thank you for your contribution. This PR is but one step away from being ready for merging: all commits must be PGP-signed. To get started, please see docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits

1 similar comment
@github-actions
Copy link

github-actions bot commented Nov 24, 2025

Thank you for your contribution. This PR is but one step away from being ready for merging: all commits must be PGP-signed. To get started, please see docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits

@GaetanSantucci GaetanSantucci force-pushed the issue/4119 branch 5 times, most recently from 11c7193 to f456d07 Compare November 26, 2025 16:14
@codecov
Copy link

codecov bot commented Nov 27, 2025
edited
Loading

Codecov Report

❌ Patch coverage is 68.62745% with 32 lines in your changes missing coverage. Please review.
✅ Project coverage is 50.16%. Comparing base (c74da09) to head (e0443dd).
⚠️ Report is 2 commits behind head on release/current.

Files with missing lines Patch % Lines
...ain/java/io/openaev/rest/domain/DomainService.java 45.45% 11 Missing and 1 partial ⚠️
...or_contract/output/InjectorContractFullOutput.java 33.33% 4 Missing and 4 partials ⚠️
...aev/rest/payload/service/PayloadUpsertService.java 42.85% 3 Missing and 1 partial ⚠️
...main/java/io/openaev/importer/V1_DataImporter.java 87.50% 2 Missing and 1 partial ⚠️
...est/injector_contract/InjectorContractService.java 76.92% 1 Missing and 2 partials ⚠️
...rc/main/java/io/openaev/rest/domain/DomainApi.java 33.33% 2 Missing ⚠️
Additional details and impacted files 
@@                  Coverage Diff                  @@
##             release/current    #4335      +/-   ##
=====================================================
+ Coverage              50.10%   50.16%   +0.06%     
- Complexity              3637     3656      +19     
=====================================================
  Files                    896      900       +4     
  Lines                  26569    26671     +102     
  Branches                1989     1998       +9     
=====================================================
+ Hits                   13312    13380      +68     
- Misses                 12458    12482      +24     
- Partials                 799      809      +10

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@GaetanSantucci GaetanSantucci marked this pull request as ready for review November 27, 2025 08:14
@gabriel-peze gabriel-peze self-requested a review November 27, 2025 08:17
RomuDeuxfois
RomuDeuxfois reviewed Nov 27, 2025
View reviewed changes
gabriel-peze
gabriel-peze reviewed Nov 27, 2025
View reviewed changes
RomuDeuxfois
RomuDeuxfois reviewed Nov 27, 2025
View reviewed changes
RomuDeuxfois
RomuDeuxfois reviewed Nov 28, 2025
View reviewed changes
openaev-front/src/components/fields/DomainFieldController.tsx
name={name}
control={control}
render={({ field: { onChange, value }, fieldState: { error } }) => (
<>
Copy link
Member

@RomuDeuxfois RomuDeuxfois Nov 28, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nitpick: the chevron isn’t needed here

openaev-api/src/main/java/io/openaev/rest/payload/service/PayloadUpsertService.java
Comment on lines +75 to +80
payload.setDomains(
input.getDomains() != null
? domainService.upserts(input.getDomains())
: Set.of(
domainService.upsert(
new Domain(null, "To classify", "#FFFFFF", Instant.now(), null))));
Copy link
Member

@RomuDeuxfois RomuDeuxfois Nov 28, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

todo Should follow the behavior exists or create. We don't want to upsert an existing domain by a Payload upsert.

openaev-api/src/main/java/io/openaev/rest/payload/service/PayloadService.java
Comment on lines +83 to +85
injectorContract.setDomains(
domainService.upserts(
Set.of(new Domain(null, "To classify", "#FFFFFF", Instant.now(), null))));
Copy link
Member

@RomuDeuxfois RomuDeuxfois Nov 28, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

todo: Should follow the behavior exists or create.

openaev-api/src/main/java/io/openaev/rest/payload/service/PayloadCreationService.java Outdated

payload.setAttackPatterns(attackPatterns);
payload.setTags(iterableToSet(tagRepository.findAllById(input.getTagIds())));
payload.setDomains(domainService.upserts(input.getDomains()));
Copy link
Member

@RomuDeuxfois RomuDeuxfois Nov 28, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

todo: Should follow the behavior exists or create.

@GaetanSantucci GaetanSantucci merged commit 3905cff into release/current Dec 2, 2025
11 checks passed
@GaetanSantucci GaetanSantucci deleted the issue/4119 branch December 2, 2025 10:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gabriel-peze gabriel-peze gabriel-peze left review comments

@RomuDeuxfois RomuDeuxfois RomuDeuxfois approved these changes

Assignees

@GaetanSantucci GaetanSantucci

Labels

filigran team use to identify PR from the Filigran team

Projects

None yet

Milestone

Release 2.1.0

Development

Successfully merging this pull request may close these issues.

5 participants

@GaetanSantucci @RomuDeuxfois @gabriel-peze @savacano28