diff --git a/frontend b/frontend deleted file mode 160000 index 4f0cb0a..0000000 --- a/frontend +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 4f0cb0a6cc1500720cc24916bcffd305170fcf66 diff --git a/frontend/.gitignore b/frontend/.gitignore new file mode 100644 index 0000000..4d29575 --- /dev/null +++ b/frontend/.gitignore @@ -0,0 +1,23 @@ +# See https://help.github.com/articles/ignoring-files/ for more about ignoring files. + +# dependencies +/node_modules +/.pnp +.pnp.js + +# testing +/coverage + +# production +/build + +# misc +.DS_Store +.env.local +.env.development.local +.env.test.local +.env.production.local + +npm-debug.log* +yarn-debug.log* +yarn-error.log* diff --git a/frontend/README.md b/frontend/README.md new file mode 100644 index 0000000..58beeac --- /dev/null +++ b/frontend/README.md @@ -0,0 +1,70 @@ +# Getting Started with Create React App + +This project was bootstrapped with [Create React App](https://github.com/facebook/create-react-app). + +## Available Scripts + +In the project directory, you can run: + +### `npm start` + +Runs the app in the development mode.\ +Open [http://localhost:3000](http://localhost:3000) to view it in your browser. + +The page will reload when you make changes.\ +You may also see any lint errors in the console. + +### `npm test` + +Launches the test runner in the interactive watch mode.\ +See the section about [running tests](https://facebook.github.io/create-react-app/docs/running-tests) for more information. + +### `npm run build` + +Builds the app for production to the `build` folder.\ +It correctly bundles React in production mode and optimizes the build for the best performance. + +The build is minified and the filenames include the hashes.\ +Your app is ready to be deployed! + +See the section about [deployment](https://facebook.github.io/create-react-app/docs/deployment) for more information. + +### `npm run eject` + +**Note: this is a one-way operation. Once you `eject`, you can't go back!** + +If you aren't satisfied with the build tool and configuration choices, you can `eject` at any time. This command will remove the single build dependency from your project. + +Instead, it will copy all the configuration files and the transitive dependencies (webpack, Babel, ESLint, etc) right into your project so you have full control over them. All of the commands except `eject` will still work, but they will point to the copied scripts so you can tweak them. At this point you're on your own. + +You don't have to ever use `eject`. The curated feature set is suitable for small and middle deployments, and you shouldn't feel obligated to use this feature. However we understand that this tool wouldn't be useful if you couldn't customize it when you are ready for it. + +## Learn More + +You can learn more in the [Create React App documentation](https://facebook.github.io/create-react-app/docs/getting-started). + +To learn React, check out the [React documentation](https://reactjs.org/). + +### Code Splitting + +This section has moved here: [https://facebook.github.io/create-react-app/docs/code-splitting](https://facebook.github.io/create-react-app/docs/code-splitting) + +### Analyzing the Bundle Size + +This section has moved here: [https://facebook.github.io/create-react-app/docs/analyzing-the-bundle-size](https://facebook.github.io/create-react-app/docs/analyzing-the-bundle-size) + +### Making a Progressive Web App + +This section has moved here: [https://facebook.github.io/create-react-app/docs/making-a-progressive-web-app](https://facebook.github.io/create-react-app/docs/making-a-progressive-web-app) + +### Advanced Configuration + +This section has moved here: [https://facebook.github.io/create-react-app/docs/advanced-configuration](https://facebook.github.io/create-react-app/docs/advanced-configuration) + +### Deployment + +This section has moved here: [https://facebook.github.io/create-react-app/docs/deployment](https://facebook.github.io/create-react-app/docs/deployment) + +### `npm run build` fails to minify + +This section has moved here: [https://facebook.github.io/create-react-app/docs/troubleshooting#npm-run-build-fails-to-minify](https://facebook.github.io/create-react-app/docs/troubleshooting#npm-run-build-fails-to-minify) diff --git a/frontend/package.json b/frontend/package.json new file mode 100644 index 0000000..b96622d --- /dev/null +++ b/frontend/package.json @@ -0,0 +1,40 @@ +{ + "name": "frontend", + "version": "0.1.0", + "private": true, + "dependencies": { + "@testing-library/dom": "^10.4.1", + "@testing-library/jest-dom": "^6.9.1", + "@testing-library/react": "^16.3.2", + "@testing-library/user-event": "^13.5.0", + "lucide-react": "^0.563.0", + "react": "^19.2.4", + "react-dom": "^19.2.4", + "react-scripts": "5.0.1", + "web-vitals": "^2.1.4" + }, + "scripts": { + "start": "react-scripts start", + "build": "react-scripts build", + "test": "react-scripts test", + "eject": "react-scripts eject" + }, + "eslintConfig": { + "extends": [ + "react-app", + "react-app/jest" + ] + }, + "browserslist": { + "production": [ + ">0.2%", + "not dead", + "not op_mini all" + ], + "development": [ + "last 1 chrome version", + "last 1 firefox version", + "last 1 safari version" + ] + } +} diff --git a/frontend/public/favicon.ico b/frontend/public/favicon.ico new file mode 100644 index 0000000..a11777c Binary files /dev/null and b/frontend/public/favicon.ico differ diff --git a/frontend/public/index.html b/frontend/public/index.html new file mode 100644 index 0000000..7ab22d6 --- /dev/null +++ b/frontend/public/index.html @@ -0,0 +1,44 @@ + + + + + + + + + + + + + React App + + + + +
+ + + diff --git a/frontend/public/logo192.png b/frontend/public/logo192.png new file mode 100644 index 0000000..fc44b0a Binary files /dev/null and b/frontend/public/logo192.png differ diff --git a/frontend/public/logo512.png b/frontend/public/logo512.png new file mode 100644 index 0000000..a4e47a6 Binary files /dev/null and b/frontend/public/logo512.png differ diff --git a/frontend/public/manifest.json b/frontend/public/manifest.json new file mode 100644 index 0000000..080d6c7 --- /dev/null +++ b/frontend/public/manifest.json @@ -0,0 +1,25 @@ +{ + "short_name": "React App", + "name": "Create React App Sample", + "icons": [ + { + "src": "favicon.ico", + "sizes": "64x64 32x32 24x24 16x16", + "type": "image/x-icon" + }, + { + "src": "logo192.png", + "type": "image/png", + "sizes": "192x192" + }, + { + "src": "logo512.png", + "type": "image/png", + "sizes": "512x512" + } + ], + "start_url": ".", + "display": "standalone", + "theme_color": "#000000", + "background_color": "#ffffff" +} diff --git a/frontend/public/robots.txt b/frontend/public/robots.txt new file mode 100644 index 0000000..e9e57dc --- /dev/null +++ b/frontend/public/robots.txt @@ -0,0 +1,3 @@ +# https://www.robotstxt.org/robotstxt.html +User-agent: * +Disallow: diff --git a/frontend/src/App.css b/frontend/src/App.css new file mode 100644 index 0000000..74b5e05 --- /dev/null +++ b/frontend/src/App.css @@ -0,0 +1,38 @@ +.App { + text-align: center; +} + +.App-logo { + height: 40vmin; + pointer-events: none; +} + +@media (prefers-reduced-motion: no-preference) { + .App-logo { + animation: App-logo-spin infinite 20s linear; + } +} + +.App-header { + background-color: #282c34; + min-height: 100vh; + display: flex; + flex-direction: column; + align-items: center; + justify-content: center; + font-size: calc(10px + 2vmin); + color: white; +} + +.App-link { + color: #61dafb; +} + +@keyframes App-logo-spin { + from { + transform: rotate(0deg); + } + to { + transform: rotate(360deg); + } +} diff --git a/frontend/src/App.js b/frontend/src/App.js new file mode 100644 index 0000000..41542a6 --- /dev/null +++ b/frontend/src/App.js @@ -0,0 +1,628 @@ +import React, { useState, useEffect } from 'react'; +import { Search, FileText, AlertCircle, Download, Upload, Eye, Filter, CheckCircle, XCircle, Loader, Trash2 } from 'lucide-react'; + +const API_BASE = 'http://192.168.2.117:3001/api'; + +const severityLevels = ['All Severities', 'Critical', 'High', 'Medium', 'Low']; + +export default function App() { + const [searchQuery, setSearchQuery] = useState(''); + const [selectedVendor, setSelectedVendor] = useState('All Vendors'); + const [selectedSeverity, setSelectedSeverity] = useState('All Severities'); + const [selectedCVE, setSelectedCVE] = useState(null); + const [selectedDocuments, setSelectedDocuments] = useState([]); + const [cves, setCves] = useState([]); + const [vendors, setVendors] = useState(['All Vendors']); + const [loading, setLoading] = useState(true); + const [error, setError] = useState(null); + const [cveDocuments, setCveDocuments] = useState({}); + const [quickCheckCVE, setQuickCheckCVE] = useState(''); + const [quickCheckResult, setQuickCheckResult] = useState(null); + const [showAddCVE, setShowAddCVE] = useState(false); + const [newCVE, setNewCVE] = useState({ + cve_id: '', + vendor: '', + severity: 'Medium', + description: '', + published_date: new Date().toISOString().split('T')[0] + }); + const [uploadingFile, setUploadingFile] = useState(false); + + // Fetch CVEs from API + useEffect(() => { + fetchCVEs(); + fetchVendors(); + // eslint-disable-next-line react-hooks/exhaustive-deps + }, []); + + // Refetch when filters change + useEffect(() => { + fetchCVEs(); + // eslint-disable-next-line react-hooks/exhaustive-deps + }, [searchQuery, selectedVendor, selectedSeverity]); + + const fetchCVEs = async () => { + setLoading(true); + setError(null); + try { + const params = new URLSearchParams(); + if (searchQuery) params.append('search', searchQuery); + if (selectedVendor !== 'All Vendors') params.append('vendor', selectedVendor); + if (selectedSeverity !== 'All Severities') params.append('severity', selectedSeverity); + + const response = await fetch(`${API_BASE}/cves?${params}`); + if (!response.ok) throw new Error('Failed to fetch CVEs'); + const data = await response.json(); + setCves(data); + } catch (err) { + setError(err.message); + console.error('Error fetching CVEs:', err); + } finally { + setLoading(false); + } + }; + + const fetchVendors = async () => { + try { + const response = await fetch(`${API_BASE}/vendors`); + if (!response.ok) throw new Error('Failed to fetch vendors'); + const data = await response.json(); + setVendors(['All Vendors', ...data]); + } catch (err) { + console.error('Error fetching vendors:', err); + } + }; + + const fetchDocuments = async (cveId) => { + if (cveDocuments[cveId]) return; + + try { + const response = await fetch(`${API_BASE}/cves/${cveId}/documents`); + if (!response.ok) throw new Error('Failed to fetch documents'); + const data = await response.json(); + setCveDocuments(prev => ({ ...prev, [cveId]: data })); + } catch (err) { + console.error('Error fetching documents:', err); + } + }; + + const quickCheckCVEStatus = async () => { + if (!quickCheckCVE.trim()) return; + + try { + const response = await fetch(`${API_BASE}/cves/check/${quickCheckCVE.trim()}`); + if (!response.ok) throw new Error('Failed to check CVE'); + const data = await response.json(); + setQuickCheckResult(data); + } catch (err) { + console.error('Error checking CVE:', err); + setQuickCheckResult({ error: err.message }); + } + }; + + const handleViewDocuments = async (cveId) => { + if (selectedCVE === cveId) { + setSelectedCVE(null); + } else { + setSelectedCVE(cveId); + await fetchDocuments(cveId); + } + }; + + const getSeverityColor = (severity) => { + const colors = { + 'Critical': 'bg-red-100 text-red-800', + 'High': 'bg-orange-100 text-orange-800', + 'Medium': 'bg-yellow-100 text-yellow-800', + 'Low': 'bg-blue-100 text-blue-800' + }; + return colors[severity] || 'bg-gray-100 text-gray-800'; + }; + + const toggleDocumentSelection = (docId) => { + setSelectedDocuments(prev => + prev.includes(docId) + ? prev.filter(id => id !== docId) + : [...prev, docId] + ); + }; + + const exportSelectedDocuments = () => { + alert(`Exporting ${selectedDocuments.length} documents for report attachment`); + }; + + const handleAddCVE = async (e) => { + e.preventDefault(); + try { + const response = await fetch(`${API_BASE}/cves`, { + method: 'POST', + headers: { 'Content-Type': 'application/json' }, + body: JSON.stringify(newCVE) + }); + + if (!response.ok) throw new Error('Failed to add CVE'); + + alert(`CVE ${newCVE.cve_id} added successfully!`); + setShowAddCVE(false); + setNewCVE({ + cve_id: '', + vendor: '', + severity: 'Medium', + description: '', + published_date: new Date().toISOString().split('T')[0] + }); + fetchCVEs(); + } catch (err) { + alert(`Error: ${err.message}`); + } + }; + + const handleFileUpload = async (cveId, vendor) => { + const fileInput = document.createElement('input'); + fileInput.type = 'file'; + fileInput.accept = '.pdf,.png,.jpg,.jpeg,.txt,.doc,.docx'; + + fileInput.onchange = async (e) => { + const file = e.target.files[0]; + if (!file) return; + + const docType = prompt( + 'Document type (advisory, email, screenshot, patch, other):', + 'advisory' + ); + if (!docType) return; + + const notes = prompt('Notes (optional):'); + + setUploadingFile(true); + + const formData = new FormData(); + formData.append('file', file); + formData.append('cveId', cveId); + formData.append('vendor', vendor); + formData.append('type', docType); + if (notes) formData.append('notes', notes); + + try { + const response = await fetch(`${API_BASE}/cves/${cveId}/documents`, { + method: 'POST', + body: formData + }); + + if (!response.ok) throw new Error('Failed to upload document'); + + alert(`Document uploaded successfully!`); + delete cveDocuments[cveId]; + await fetchDocuments(cveId); + fetchCVEs(); + } catch (err) { + alert(`Error: ${err.message}`); + } finally { + setUploadingFile(false); + } + }; + + fileInput.click(); + }; + + const handleDeleteDocument = async (docId, cveId) => { + if (!window.confirm('Are you sure you want to delete this document?')) { + return; + } + + try { + const response = await fetch(`${API_BASE}/documents/${docId}`, { + method: 'DELETE' + }); + + if (!response.ok) throw new Error('Failed to delete document'); + + alert('Document deleted successfully!'); + delete cveDocuments[cveId]; + await fetchDocuments(cveId); + fetchCVEs(); + } catch (err) { + alert(`Error: ${err.message}`); + } + }; + + const filteredCVEs = cves; + + return ( +
+
+ {/* Header with Charter Branding */} +
+
+

CVE Dashboard

+

Query vulnerabilities, manage vendors, and attach documentation

+
+ +
+ + {/* Add CVE Modal */} + {showAddCVE && ( +
+
+
+
+

Add New CVE

+ +
+ +
+
+ + setNewCVE({...newCVE, cve_id: e.target.value.toUpperCase()})} + className="w-full px-4 py-2 border border-gray-300 rounded-lg focus:ring-2 focus:ring-[#0476D9] focus:border-transparent" + /> +
+ +
+ + setNewCVE({...newCVE, vendor: e.target.value})} + className="w-full px-4 py-2 border border-gray-300 rounded-lg focus:ring-2 focus:ring-[#0476D9] focus:border-transparent" + /> +
+ +
+ + +
+ +
+ +