CybercentreCanada · cccs-sgaron · Sep 24, 2021 · Sep 24, 2021 · Sep 24, 2021 · Sep 24, 2021
diff --git a/assemblyline_ui/api/v4/user.py b/assemblyline_ui/api/v4/user.py
@@ -8,7 +8,7 @@
 from assemblyline.datastore import SearchException
 from assemblyline.odm.models.user import User
 from assemblyline_ui.api.base import api_login, make_api_response, make_subapi_blueprint
-from assemblyline_ui.config import CLASSIFICATION, LOGGER, STORAGE, UI_MESSAGING, config
+from assemblyline_ui.config import APPS_LIST, CLASSIFICATION, LOGGER, STORAGE, UI_MESSAGING, config
 from assemblyline_ui.helper.search import list_all_fields
 from assemblyline_ui.helper.service import simplify_service_spec, ui_to_submission_params
 from assemblyline_ui.helper.user import (get_dynamic_classification, load_user_settings, save_user_account,
@@ -48,10 +48,23 @@ def who_am_i(**kwargs):
        "auth": {                                  # Authentication Configuration
          "allow_2fa": True,                         # Is 2fa Allowed for the user
          "allow_apikeys": True,                     # Are APIKeys allowed for the user
+         "allow_extended_apikeys": True,            # Allow user to generate extended access API Keys
          "allow_security_tokens": True,             # Are Security tokens allowed for the user
        },
+       "submission": {                            # Submission Configuration
+         "dtl": 10,                                 # Default number of days submission stay in the system
+         "max_dtl": 30,                             # Maximum number of days submission stay in the system
+       },
+       "system": {                                # System Configuration
+         "organisation": "ACME",                    # Organisation name
+         "type": "production",                      # Type of deployment
+         "version": "4.1"                           # Assemblyline version
+       },
        "ui": {                                    # UI Configuration
          "allow_url_submissions": True,             # Are URL submissions allowed
+         "apps": [],                                # List of apps shown in the apps switcher
+         "banner": None,                            # Banner displayed on the submit page
+         "banner_level": True,                      # Banner color (info, success, warning, error)
          "read_only": False,                        # Is the interface to be displayed in read-only mode
          "tos": True,                               # Are terms of service set in the system
          "tos_lockout": False,                      # Will agreeing to TOS lockout the user
@@ -97,9 +110,12 @@ def who_am_i(**kwargs):
         "ui": {
             "allow_malicious_hinting": config.ui.allow_malicious_hinting,
             "allow_url_submissions": config.ui.allow_url_submissions,
+            "apps": [x for x in APPS_LIST['apps']
+                     if CLASSIFICATION.is_accessible(kwargs['user']['classification'],
+                                                     x['classification'] or CLASSIFICATION.UNRESTRICTED,
+                                                     ignore_invalid=True)],
             "banner": config.ui.banner,
             "banner_level": config.ui.banner_level,
-            "discover_url": config.ui.discover_url,
             "read_only": config.ui.read_only,
             "tos": config.ui.tos not in [None, ""],
             "tos_lockout": config.ui.tos_lockout,

diff --git a/assemblyline_ui/config.py b/assemblyline_ui/config.py
@@ -9,6 +9,7 @@
 from assemblyline.remote.datatypes.queues.comms import CommsQueue
 from assemblyline.remote.datatypes.set import ExpiringSet
 from assemblyline.remote.datatypes.user_quota_tracker import UserQuotaTracker
+from assemblyline_ui.helper.discover import get_apps_list
 
 config = forge.get_config()
 
@@ -140,6 +141,7 @@ def get_signup_queue(key):
 
 #################################################################
 # Global instances
+APPS_LIST = forge.CachedObject(get_apps_list, refresh=3600)
 STORAGE = forge.get_datastore(archive_access=True)
 SERVICE_LIST = forge.CachedObject(STORAGE.list_all_services, kwargs=dict(as_obj=False, full=True))
 # End global

diff --git a/assemblyline_ui/helper/discover.py b/assemblyline_ui/helper/discover.py
@@ -0,0 +1,32 @@
+import logging
+import requests
+
+from assemblyline.common import forge
+config = forge.get_config()
+logger = logging.getLogger('assemblyline.ui')
+
+
+def get_apps_list():
+    apps = {'apps': []}
+    if config.ui.discover_url:
+        try:
+            resp = requests.get(config.ui.discover_url, headers={'accept': 'application/json'}, timeout=5)
+            if resp.ok:
+                data = resp.json()
+                for app in data['applications']['application']:
+                    apps['apps'].append(
+                        {
+                            "alt": app['instance'][0]['metadata']['alternateText'],
+                            "name": app['name'],
+                            "img_d": app['instance'][0]['metadata']['imageDark'],
+                            "img_l": app['instance'][0]['metadata']['imageLight'],
+                            "route": app['instance'][0]['hostName'],
+                            "classification": app['instance'][0]['metadata']['classification']
+                        }
+                    )
+            else:
+                logger.warning(f'Invalid response from server for apps discovery: {config.ui.discover_url}')
+        except Exception:
+            logger.exception(f'Failed to get apps from discover URL: {config.ui.discover_url}')
+
+    return apps