Files
hiveops-aria/src/main/java/com/hiveops/aria/controller/DevicePostureController.java
T
johannes 1d6ccff529
CD - Develop / build-and-deploy (push) Failing after 15m8s
fix(aria): add BIGSERIAL PK to device_security_posture, fix JPA persist error
V4 migration drops the device_id primary key and adds an auto-generated
id BIGSERIAL as the PK. device_id becomes a unique nullable column.
Agents that don't send a numeric deviceId can now save posture reports.
Controller GET /{deviceId} now uses findByDeviceId instead of findById.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-06-15 16:42:16 -04:00

74 lines
3.0 KiB
Java

package com.hiveops.aria.controller;
import com.hiveops.aria.dto.PostureReportRequest;
import com.hiveops.aria.entity.DeviceSecurityPosture;
import com.hiveops.aria.repository.DeviceSecurityPostureRepository;
import com.hiveops.aria.service.DevicePostureService;
import jakarta.servlet.http.HttpServletRequest;
import lombok.RequiredArgsConstructor;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.data.domain.Page;
import org.springframework.data.domain.PageRequest;
import org.springframework.data.domain.Pageable;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;
@RestController
@RequestMapping("/api/aria/posture")
@RequiredArgsConstructor
public class DevicePostureController {
private final DevicePostureService postureService;
private final DeviceSecurityPostureRepository postureRepository;
@Value("${aria.internal.service-secret:}")
private String serviceSecret;
@PostMapping("/report")
public ResponseEntity<DeviceSecurityPosture> report(
@RequestBody PostureReportRequest request,
HttpServletRequest httpRequest) {
String header = httpRequest.getHeader("X-Service-Secret");
if (serviceSecret.isBlank() || !serviceSecret.equals(header)) {
return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build();
}
if (request.getDeviceAgentId() == null || request.getDeviceAgentId().isBlank()) {
return ResponseEntity.badRequest().build();
}
return ResponseEntity.ok(postureService.report(request));
}
@GetMapping
@PreAuthorize("hasAnyRole('MSP_ADMIN','BCOS_ADMIN')")
public Page<DeviceSecurityPosture> getPostures(
@RequestParam(required = false) DeviceSecurityPosture.OsEolStatus osEolStatus,
@RequestParam(required = false) String scoreFilter,
@RequestParam(defaultValue = "0") int page,
@RequestParam(defaultValue = "25") int size) {
Pageable pageable = PageRequest.of(page, size);
if (osEolStatus != null) {
return postureRepository.findByOsEolStatusOrderByPostureScoreAsc(osEolStatus, pageable);
}
if ("low".equals(scoreFilter)) {
return postureRepository.findByPostureScoreLessThanOrderByPostureScoreAsc(50, pageable);
}
if ("medium".equals(scoreFilter)) {
return postureRepository.findByPostureScoreLessThanOrderByPostureScoreAsc(80, pageable);
}
return postureRepository.findAllByOrderByPostureScoreAsc(pageable);
}
@GetMapping("/{deviceId}")
@PreAuthorize("hasAnyRole('MSP_ADMIN','BCOS_ADMIN')")
public ResponseEntity<DeviceSecurityPosture> getPosture(@PathVariable Long deviceId) {
return postureRepository.findByDeviceId(deviceId)
.map(ResponseEntity::ok)
.orElse(ResponseEntity.notFound().build());
}
}