Merge pull request #2030 from akto-api-security/feature/support_condi…

…tions_key_value_pii Adding support for new fields
akto-api-security · Jan 30, 2025 · 635b25b · 635b25b
2 parents bffaf70 + 0e96e91
commit 635b25b
Show file tree

Hide file tree

Showing 2 changed files with 43 additions and 8 deletions.
diff --git a/apps/dashboard/src/main/java/com/akto/listener/InitializerListener.java b/apps/dashboard/src/main/java/com/akto/listener/InitializerListener.java
@@ -592,7 +592,9 @@ public static void executePIISourceFetch() {
                         piiKey,
                         dt.getBoolean("sensitive"),
                         dt.getString("regexPattern"),
-                        dt.getBoolean("onKey")
+                        dt.getBoolean("onKey"),
+                        dt.getString("regexPatternOnValue"),
+                        dt.getBoolean("onKeyAndPayload")
                 );
 
                 CustomDataType existingCDT = customDataTypesMap.getOrDefault(piiKey, null);
@@ -697,18 +699,29 @@ private static List<Bson> getCustomDataTypeUpdates(CustomDataType existingCDT, C
     private static CustomDataType getCustomDataTypeFromPiiType(PIISource piiSource, PIIType piiType, Boolean active) {
         String piiKey = piiType.getName();
 
-        List<Predicate> predicates = new ArrayList<>();
-        Conditions conditions = new Conditions(predicates, Operator.OR);
-        predicates.add(new RegexPredicate(piiType.getRegexPattern()));
+        List<Predicate> keyPredicates = new ArrayList<>();
+        Conditions keyConditions = new Conditions(keyPredicates, Operator.OR);
+
+        if(piiType.getOnKey() || piiType.getOnKeyAndPayload()){
+            keyPredicates.add(new RegexPredicate(piiType.getRegexPattern()));
+        }
+
+        List<Predicate> valuePredicates = new ArrayList<>();
+        Conditions valueConditions = new Conditions(valuePredicates, Operator.OR);
+        if(!piiType.getOnKey() || piiType.getOnKeyAndPayload()){
+            String valuePattern = piiType.getOnKeyAndPayload() ? piiType.getRegexPatternOnValue() : piiType.getRegexPattern();
+            valuePredicates.add(new RegexPredicate(valuePattern));
+        }
+
         IgnoreData ignoreData = new IgnoreData(new HashMap<>(), new HashSet<>());
         CustomDataType ret = new CustomDataType(
                 piiKey,
                 piiType.getIsSensitive(),
                 Collections.emptyList(),
                 piiSource.getAddedByUser(),
                 active,
-                (piiType.getOnKey() ? conditions : null),
-                (piiType.getOnKey() ? null : conditions),
+                ((piiType.getOnKey() || piiType.getOnKeyAndPayload()) ? keyConditions : null),
+                ((piiType.getOnKey() && !piiType.getOnKeyAndPayload()) ? null : valueConditions),
                 Operator.OR,
                 ignoreData,
                 false,

diff --git a/libs/dao/src/main/java/com/akto/dto/pii/PIIType.java b/libs/dao/src/main/java/com/akto/dto/pii/PIIType.java
@@ -9,15 +9,19 @@ public class PIIType extends SubType {
     private boolean isSensitive;
     private String regexPattern;
     private boolean onKey;
+    private String regexPatternOnValue;
+    private boolean onKeyAndPayload;
 
     public PIIType() {
     }
 
-    public PIIType(String name, boolean isSensitive, String regexPattern, boolean onKey) {
+    public PIIType(String name, boolean isSensitive, String regexPattern, boolean onKey, String regexPatternOnValue, boolean onKeyAndPayload) {
         this.name = name;
         this.isSensitive = isSensitive;
         this.regexPattern = regexPattern;
         this.onKey = onKey;
+        this.regexPatternOnValue = regexPatternOnValue;
+        this.onKeyAndPayload = onKeyAndPayload;
     }
 
     public String getName() {
@@ -56,6 +60,22 @@ public void setOnKey(boolean onKey) {
         this.onKey = onKey;
     }
 
+    public String getRegexPatternOnValue() {
+        return regexPatternOnValue;
+    }
+
+    public void setRegexPatternOnValue(String regexPatternOnValue) {
+        this.regexPatternOnValue = regexPatternOnValue;
+    }
+
+    public boolean getOnKeyAndPayload() {
+        return onKeyAndPayload;
+    }
+
+    public void setOnKeyAndPayload(boolean onKeyAndPayload) {
+        this.onKeyAndPayload = onKeyAndPayload;
+    }
+
     @Override
     public boolean equals(Object o) {
         if (o == this)
@@ -64,7 +84,7 @@ public boolean equals(Object o) {
             return false;
         }
         PIIType pIIType = (PIIType) o;
-        return Objects.equals(name, pIIType.name) && isSensitive == pIIType.isSensitive && Objects.equals(regexPattern, pIIType.regexPattern) && onKey == pIIType.onKey;
+        return Objects.equals(name, pIIType.name) && isSensitive == pIIType.isSensitive && Objects.equals(regexPattern, pIIType.regexPattern) && onKey == pIIType.onKey && Objects.equals(regexPatternOnValue, pIIType.regexPatternOnValue) &&  onKeyAndPayload == pIIType.onKeyAndPayload;
     }
 
     @Override
@@ -79,6 +99,8 @@ public String toString() {
             ", isSensitive='" + getIsSensitive() + "'" +
             ", regexPattern='" + getRegexPattern() + "'" +
             ", onKey='" + isOnKey() + "'" +
+            ", regexPatternOnValue='" + getRegexPatternOnValue() + "'" +
+            ", onKeyAndPayload='" + getOnKeyAndPayload() + "'" +
             "}";
     }