mmetc · mmetc · Aug 5, 2024
diff --git a/cmd/crowdsec-cli/capi.go b/cmd/crowdsec-cli/capi.go
@@ -156,40 +156,25 @@ func QueryCAPIStatus(hub *cwhub.Hub, credURL string, login string, password stri
 		return false, false, fmt.Errorf("parsing api url: %w", err)
 	}
 
-	scenarios, err := hub.GetInstalledNamesByType(cwhub.SCENARIOS)
-	if err != nil {
-		return false, false, fmt.Errorf("failed to get scenarios: %w", err)
-	}
+	itemsForAPI := hub.GetInstalledListForAPI()
 
-	if len(scenarios) == 0 {
-		return false, false, errors.New("no scenarios installed, abort")
+	if len(itemsForAPI) == 0 {
+		return false, false, errors.New("no scenarios or appsec-rules installed, abort")
 	}
 
 	passwd := strfmt.Password(password)
 
 	client, err := apiclient.NewClient(&apiclient.Config{
 		MachineID: login,
 		Password:  passwd,
-		Scenarios: scenarios,
+		Scenarios: itemsForAPI,
 		UserAgent: cwversion.UserAgent(),
 		URL:       apiURL,
 		//I don't believe papi is neede to check enrollement
 		//PapiURL:       papiURL,
 		VersionPrefix: "v3",
 		UpdateScenario: func() ([]string, error) {
-			l_scenarios, err := hub.GetInstalledNamesByType(cwhub.SCENARIOS)
-			if err != nil {
-				return nil, err
-			}
-			appsecRules, err := hub.GetInstalledNamesByType(cwhub.APPSEC_RULES)
-			if err != nil {
-				return nil, err
-			}
-			ret := make([]string, 0, len(l_scenarios)+len(appsecRules))
-			ret = append(ret, l_scenarios...)
-			ret = append(ret, appsecRules...)
-
-			return ret, nil
+			return itemsForAPI, nil
 		},
 	})
 
@@ -202,7 +187,7 @@ func QueryCAPIStatus(hub *cwhub.Hub, credURL string, login string, password stri
 	t := models.WatcherAuthRequest{
 		MachineID: &login,
 		Password:  &pw,
-		Scenarios: scenarios,
+		Scenarios: itemsForAPI,
 	}
 
 	authResp, _, err := client.Auth.AuthenticateWatcher(context.Background(), t)

diff --git a/cmd/crowdsec-cli/console.go b/cmd/crowdsec-cli/console.go
@@ -23,7 +23,6 @@ import (
 	"github.com/crowdsecurity/crowdsec/cmd/crowdsec-cli/require"
 	"github.com/crowdsecurity/crowdsec/pkg/apiclient"
 	"github.com/crowdsecurity/crowdsec/pkg/csconfig"
-	"github.com/crowdsecurity/crowdsec/pkg/cwhub"
 	"github.com/crowdsecurity/crowdsec/pkg/cwversion"
 	"github.com/crowdsecurity/crowdsec/pkg/types"
 )
@@ -74,20 +73,6 @@ func (cli *cliConsole) enroll(key string, name string, overwrite bool, tags []st
 		return fmt.Errorf("could not parse CAPI URL: %w", err)
 	}
 
-	hub, err := require.Hub(cfg, nil, nil)
-	if err != nil {
-		return err
-	}
-
-	scenarios, err := hub.GetInstalledNamesByType(cwhub.SCENARIOS)
-	if err != nil {
-		return fmt.Errorf("failed to get installed scenarios: %w", err)
-	}
-
-	if len(scenarios) == 0 {
-		scenarios = make([]string, 0)
-	}
-
 	enableOpts := []string{csconfig.SEND_MANUAL_SCENARIOS, csconfig.SEND_TAINTED_SCENARIOS}
 
 	if len(opts) != 0 {
@@ -125,10 +110,15 @@ func (cli *cliConsole) enroll(key string, name string, overwrite bool, tags []st
 		}
 	}
 
+	hub, err := require.Hub(cfg, nil, nil)
+	if err != nil {
+		return err
+	}
+
 	c, _ := apiclient.NewClient(&apiclient.Config{
 		MachineID:     cli.cfg().API.Server.OnlineClient.Credentials.Login,
 		Password:      password,
-		Scenarios:     scenarios,
+		Scenarios:     hub.GetInstalledListForAPI(),
 		UserAgent:     cwversion.UserAgent(),
 		URL:           apiURL,
 		VersionPrefix: "v3",

diff --git a/cmd/crowdsec-cli/hub.go b/cmd/crowdsec-cli/hub.go
@@ -148,16 +148,11 @@ func (cli *cliHub) upgrade(ctx context.Context, force bool) error {
 	}
 
 	for _, itemType := range cwhub.ItemTypes {
-		items, err := hub.GetInstalledItemsByType(itemType)
-		if err != nil {
-			return err
-		}
-
 		updated := 0
 
 		log.Infof("Upgrading %s", itemType)
 
-		for _, item := range items {
+		for _, item := range hub.GetInstalledByType(itemType, true) {
 			didUpdate, err := item.Upgrade(ctx, force)
 			if err != nil {
 				return err

diff --git a/cmd/crowdsec-cli/item_suggest.go b/cmd/crowdsec-cli/item_suggest.go
@@ -19,7 +19,7 @@ func suggestNearestMessage(hub *cwhub.Hub, itemType string, itemName string) str
 	score := 100
 	nearest := ""
 
-	for _, item := range hub.GetItemMap(itemType) {
+	for _, item := range hub.GetItemsByType(itemType, false) {
 		d := levenshtein.Distance(itemName, item.Name, nil)
 		if d < score {
 			score = d
@@ -44,7 +44,7 @@ func compAllItems(itemType string, args []string, toComplete string, cfg configG
 
 	comp := make([]string, 0)
 
-	for _, item := range hub.GetItemMap(itemType) {
+	for _, item := range hub.GetItemsByType(itemType, false) {
 		if !slices.Contains(args, item.Name) && strings.Contains(item.Name, toComplete) {
 			comp = append(comp, item.Name)
 		}
@@ -61,22 +61,14 @@ func compInstalledItems(itemType string, args []string, toComplete string, cfg c
 		return nil, cobra.ShellCompDirectiveDefault
 	}
 
-	items, err := hub.GetInstalledNamesByType(itemType)
-	if err != nil {
-		cobra.CompDebugln(fmt.Sprintf("list installed %s err: %s", itemType, err), true)
-		return nil, cobra.ShellCompDirectiveDefault
-	}
+	items := hub.GetInstalledByType(itemType, true)
 
 	comp := make([]string, 0)
 
-	if toComplete != "" {
-		for _, item := range items {
-			if strings.Contains(item, toComplete) {
-				comp = append(comp, item)
-			}
+	for _, item := range items {
+		if strings.Contains(item.Name, toComplete) {
+			comp = append(comp, item.Name)
 		}
-	} else {
-		comp = items
 	}
 
 	cobra.CompDebugln(fmt.Sprintf("%s: %+v", itemType, comp), true)

diff --git a/cmd/crowdsec-cli/itemcli.go b/cmd/crowdsec-cli/itemcli.go
@@ -147,19 +147,14 @@ func (cli cliItem) remove(args []string, purge bool, force bool, all bool) error
 	}
 
 	if all {
-		getter := hub.GetInstalledItemsByType
+		itemGetter := hub.GetInstalledByType
 		if purge {
-			getter = hub.GetItemsByType
-		}
-
-		items, err := getter(cli.name)
-		if err != nil {
-			return err
+			itemGetter = hub.GetItemsByType
 		}
 
 		removed := 0
 
-		for _, item := range items {
+		for _, item := range itemGetter(cli.name, true) {
 			didRemove, err := item.Remove(purge, force)
 			if err != nil {
 				return err
@@ -262,14 +257,9 @@ func (cli cliItem) upgrade(ctx context.Context, args []string, force bool, all b
 	}
 
 	if all {
-		items, err := hub.GetInstalledItemsByType(cli.name)
-		if err != nil {
-			return err
-		}
-
 		updated := 0
 
-		for _, item := range items {
+		for _, item := range hub.GetInstalledByType(cli.name, true) {
 			didUpdate, err := item.Upgrade(ctx, force)
 			if err != nil {
 				return err

diff --git a/cmd/crowdsec-cli/items.go b/cmd/crowdsec-cli/items.go
@@ -17,7 +17,12 @@ import (
 
 // selectItems returns a slice of items of a given type, selected by name and sorted by case-insensitive name
 func selectItems(hub *cwhub.Hub, itemType string, args []string, installedOnly bool) ([]*cwhub.Item, error) {
-	itemNames := hub.GetNamesByType(itemType)
+	allItems := hub.GetItemsByType(itemType, true)
+
+	itemNames := make([]string, len(allItems))
+	for idx, item := range allItems {
+		itemNames[idx] = item.Name
+	}
 
 	notExist := []string{}
 
@@ -38,20 +43,18 @@ func selectItems(hub *cwhub.Hub, itemType string, args []string, installedOnly b
 		installedOnly = false
 	}
 
-	items := make([]*cwhub.Item, 0, len(itemNames))
+	wantedItems := make([]*cwhub.Item, 0, len(itemNames))
 
 	for _, itemName := range itemNames {
 		item := hub.GetItem(itemType, itemName)
 		if installedOnly && !item.State.Installed {
 			continue
 		}
 
-		items = append(items, item)
+		wantedItems = append(wantedItems, item)
 	}
 
-	cwhub.SortItemSlice(items)
-
-	return items, nil
+	return wantedItems, nil
 }
 
 func listItems(out io.Writer, wantColor string, itemTypes []string, items map[string][]*cwhub.Item, omitIfEmpty bool, output string) error {

diff --git a/cmd/crowdsec-cli/lapi.go b/cmd/crowdsec-cli/lapi.go
@@ -45,11 +45,6 @@ func QueryLAPIStatus(hub *cwhub.Hub, credURL string, login string, password stri
 		return fmt.Errorf("parsing api url: %w", err)
 	}
 
-	scenarios, err := hub.GetInstalledNamesByType(cwhub.SCENARIOS)
-	if err != nil {
-		return fmt.Errorf("failed to get scenarios: %w", err)
-	}
-
 	client, err := apiclient.NewDefaultClient(apiURL,
 		LAPIURLPrefix,
 		cwversion.UserAgent(),
@@ -60,10 +55,12 @@ func QueryLAPIStatus(hub *cwhub.Hub, credURL string, login string, password stri
 
 	pw := strfmt.Password(password)
 
+	itemsForAPI := hub.GetInstalledListForAPI()
+
 	t := models.WatcherAuthRequest{
 		MachineID: &login,
 		Password:  &pw,
-		Scenarios: scenarios,
+		Scenarios: itemsForAPI,
 	}
 
 	_, _, err = client.Auth.AuthenticateWatcher(context.Background(), t)

diff --git a/cmd/crowdsec/lapiclient.go b/cmd/crowdsec/lapiclient.go
@@ -16,20 +16,6 @@ import (
 )
 
 func AuthenticatedLAPIClient(credentials csconfig.ApiCredentialsCfg, hub *cwhub.Hub) (*apiclient.ApiClient, error) {
-	scenarios, err := hub.GetInstalledNamesByType(cwhub.SCENARIOS)
-	if err != nil {
-		return nil, fmt.Errorf("loading list of installed hub scenarios: %w", err)
-	}
-
-	appsecRules, err := hub.GetInstalledNamesByType(cwhub.APPSEC_RULES)
-	if err != nil {
-		return nil, fmt.Errorf("loading list of installed hub appsec rules: %w", err)
-	}
-
-	installedScenariosAndAppsecRules := make([]string, 0, len(scenarios)+len(appsecRules))
-	installedScenariosAndAppsecRules = append(installedScenariosAndAppsecRules, scenarios...)
-	installedScenariosAndAppsecRules = append(installedScenariosAndAppsecRules, appsecRules...)
-
 	apiURL, err := url.Parse(credentials.URL)
 	if err != nil {
 		return nil, fmt.Errorf("parsing api url ('%s'): %w", credentials.URL, err)
@@ -42,28 +28,18 @@ func AuthenticatedLAPIClient(credentials csconfig.ApiCredentialsCfg, hub *cwhub.
 
 	password := strfmt.Password(credentials.Password)
 
+	itemsForAPI := hub.GetInstalledListForAPI()
+
 	client, err := apiclient.NewClient(&apiclient.Config{
 		MachineID:     credentials.Login,
 		Password:      password,
-		Scenarios:     installedScenariosAndAppsecRules,
+		Scenarios:     itemsForAPI,
 		UserAgent:     cwversion.UserAgent(),
 		URL:           apiURL,
 		PapiURL:       papiURL,
 		VersionPrefix: "v1",
 		UpdateScenario: func() ([]string, error) {
-			scenarios, err := hub.GetInstalledNamesByType(cwhub.SCENARIOS)
-			if err != nil {
-				return nil, err
-			}
-			appsecRules, err := hub.GetInstalledNamesByType(cwhub.APPSEC_RULES)
-			if err != nil {
-				return nil, err
-			}
-			ret := make([]string, 0, len(scenarios)+len(appsecRules))
-			ret = append(ret, scenarios...)
-			ret = append(ret, appsecRules...)
-
-			return ret, nil
+			return itemsForAPI, nil
 		},
 	})
 	if err != nil {
@@ -73,7 +49,7 @@ func AuthenticatedLAPIClient(credentials csconfig.ApiCredentialsCfg, hub *cwhub.
 	authResp, _, err := client.Auth.AuthenticateWatcher(context.Background(), models.WatcherAuthRequest{
 		MachineID: &credentials.Login,
 		Password:  &password,
-		Scenarios: installedScenariosAndAppsecRules,
+		Scenarios: itemsForAPI,
 	})
 	if err != nil {
 		return nil, fmt.Errorf("authenticate watcher (%s): %w", credentials.Login, err)

diff --git a/cmd/crowdsec/lpmetrics.go b/cmd/crowdsec/lpmetrics.go
@@ -46,10 +46,8 @@ func getHubState(hub *cwhub.Hub) models.HubItems {
 
 	for _, itemType := range cwhub.ItemTypes {
 		ret[itemType] = []models.HubItem{}
-		items, _ := hub.GetInstalledItemsByType(itemType)
-		cwhub.SortItemSlice(items)
 
-		for _, item := range items {
+		for _, item := range hub.GetInstalledByType(itemType, true) {
 			status := "official"
 			if item.State.IsLocal() {
 				status = "custom"

diff --git a/cmd/crowdsec/main.go b/cmd/crowdsec/main.go
@@ -91,10 +91,8 @@ func LoadBuckets(cConfig *csconfig.Config, hub *cwhub.Hub) error {
 		files []string
 	)
 
-	for _, hubScenarioItem := range hub.GetItemMap(cwhub.SCENARIOS) {
-		if hubScenarioItem.State.Installed {
-			files = append(files, hubScenarioItem.State.LocalPath)
-		}
+	for _, hubScenarioItem := range hub.GetInstalledByType(cwhub.SCENARIOS, false) {
+		files = append(files, hubScenarioItem.State.LocalPath)
 	}
 
 	buckets = leakybucket.NewBuckets()

diff --git a/pkg/alertcontext/config.go b/pkg/alertcontext/config.go
@@ -104,14 +104,9 @@ func LoadConsoleContext(c *csconfig.Config, hub *cwhub.Hub) error {
 	c.Crowdsec.ContextToSend = make(map[string][]string, 0)
 
 	if hub != nil {
-		items, err := hub.GetInstalledItemsByType(cwhub.CONTEXTS)
-		if err != nil {
-			return err
-		}
-
-		for _, item := range items {
+		for _, item := range hub.GetInstalledByType(cwhub.CONTEXTS, true) {
 			// context in item files goes under the key 'context'
-			if err = addContextFromItem(c.Crowdsec.ContextToSend, item); err != nil {
+			if err := addContextFromItem(c.Crowdsec.ContextToSend, item); err != nil {
 				return err
 			}
 		}

diff --git a/pkg/appsec/appsec.go b/pkg/appsec/appsec.go
@@ -177,19 +177,13 @@ func (wc *AppsecConfig) LoadByPath(file string) error {
 }
 
 func (wc *AppsecConfig) Load(configName string) error {
-	appsecConfigs := hub.GetItemMap(cwhub.APPSEC_CONFIGS)
+	item := hub.GetItem(cwhub.APPSEC_CONFIGS, configName)
 
-	for _, hubAppsecConfigItem := range appsecConfigs {
-		if !hubAppsecConfigItem.State.Installed {
-			continue
-		}
-		if hubAppsecConfigItem.Name != configName {
-			continue
-		}
-		wc.Logger.Infof("loading %s", hubAppsecConfigItem.State.LocalPath)
-		err := wc.LoadByPath(hubAppsecConfigItem.State.LocalPath)
+	if item != nil && item.State.Installed {
+		wc.Logger.Infof("loading %s", item.State.LocalPath)
+		err := wc.LoadByPath(item.State.LocalPath)
 		if err != nil {
-			return fmt.Errorf("unable to load appsec-config %s : %s", hubAppsecConfigItem.State.LocalPath, err)
+			return fmt.Errorf("unable to load appsec-config %s : %s", item.State.LocalPath, err)
 		}
 		return nil
 	}