feat: implement compliance orchestrator backend client and evaluation logic

Author: elmilan06

backend/src/main/java/com/park/utmstack/config/Constants.java

@@ -164,7 +164,7 @@ public final class Constants {
     public static final List<String> API_ENDPOINT_IGNORE = Collections.emptyList();
 
     // Application version file
-    public static final String APP_VERSION_FILE = "/updates/version.json";
+    public static final String APP_VERSION_FILE = "/Users/elena/Documents/Work/UTM Stack/version.json"; //TODO: ELENA
 
     public static final String ADMIN_EMAIL = "admin@localhost";
 

backend/src/main/java/com/park/utmstack/service/compliance/config/UtmComplianceControlConfigService.java

@@ -11,7 +11,6 @@
 import org.springframework.stereotype.Service;
 
 import javax.transaction.Transactional;
-import java.util.List;
 import java.util.Map;
 import java.util.stream.Collectors;
 

backend/src/main/java/com/park/utmstack/service/compliance/config/UtmComplianceControlEvaluationService.java

@@ -0,0 +1,23 @@
+package com.park.utmstack.service.compliance.config;
+
+import com.park.utmstack.service.dto.compliance.UtmComplianceControlEvaluationDto;
+import com.park.utmstack.service.elasticsearch.ElasticsearchService;
+import org.springframework.stereotype.Service;
+
+import java.util.List;
+
+@Service
+public class UtmComplianceControlEvaluationService {
+
+    private final ElasticsearchService elasticsearchService;
+
+    public UtmComplianceControlEvaluationService(ElasticsearchService elasticsearchService) {
+        this.elasticsearchService = elasticsearchService;
+    }
+
+    public List<UtmComplianceControlEvaluationDto> findByControlId(Long controlId) {
+        return elasticsearchService.getControlEvaluations(controlId);
+    }
+}
+
+

backend/src/main/java/com/park/utmstack/service/dto/compliance/UtmComplianceControlEvaluationDto.java

@@ -0,0 +1,19 @@
+package com.park.utmstack.service.dto.compliance;
+
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import lombok.Data;
+
+import java.time.Instant;
+import java.util.List;
+
+@Data
+@JsonIgnoreProperties(ignoreUnknown = true)
+public class UtmComplianceControlEvaluationDto {
+
+    private Long controlId;
+    private String controlName;
+    private String status;
+    private Instant timestamp;
+    private List<UtmComplianceQueryEvaluationDto> queryEvaluations;
+}
+

backend/src/main/java/com/park/utmstack/service/dto/compliance/UtmComplianceQueryEvaluationDto.java

@@ -0,0 +1,19 @@
+package com.park.utmstack.service.dto.compliance;
+
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import lombok.Data;
+
+import java.util.List;
+import java.util.Map;
+
+@Data
+@JsonIgnoreProperties(ignoreUnknown = true)
+public class UtmComplianceQueryEvaluationDto {
+
+    private Long queryConfigId;
+    private String queryName;
+    private Integer hits;
+    private String status;
+    private String errorMessage;
+    private List<Map<String, Object>> evidence;
+}

backend/src/main/java/com/park/utmstack/service/elasticsearch/ElasticsearchService.java

@@ -10,6 +10,8 @@
 import com.park.utmstack.service.MailService;
 import com.park.utmstack.service.UtmSpaceNotificationControlService;
 import com.park.utmstack.service.application_events.ApplicationEventService;
+import com.park.utmstack.service.dto.compliance.UtmComplianceControlEvaluationDto;
+import com.park.utmstack.service.mapper.compliance.UtmComplianceControlEvaluationMapper;
 import com.park.utmstack.util.chart_builder.IndexPropertyType;
 import com.park.utmstack.util.exceptions.OpenSearchIndexNotFoundException;
 import com.park.utmstack.util.exceptions.UtmElasticsearchException;
@@ -20,6 +22,7 @@
 import com.utmstack.opensearch_connector.types.IndexSort;
 import com.utmstack.opensearch_connector.types.SearchSqlResponse;
 import com.utmstack.opensearch_connector.types.SqlQueryRequest;
+import org.opensearch.client.opensearch._types.FieldValue;
 import org.opensearch.client.opensearch._types.SortOrder;
 import org.opensearch.client.opensearch._types.query_dsl.Query;
 import org.opensearch.client.opensearch.cat.indices.IndicesRecord;
@@ -403,4 +406,20 @@ public <T> SearchSqlResponse<T> searchBySql(SqlQueryRequest request, Class<T> re
             throw new RuntimeException(ctx + ": " + e.getMessage());
         }
     }
+
+    public List<UtmComplianceControlEvaluationDto> getControlEvaluations(Long controlId) {
+        final String ctx = CLASSNAME + ".getControlEvaluations";
+        try {
+            Query query = Query.of(q -> q.term(t -> t.field("control_id").value(FieldValue.of(controlId.toString())))
+            );
+
+            SearchRequest request = new SearchRequest.Builder().index("v11-log-compliance-evaluation").query(query).size(1000).build();
+            SearchResponse<Map> response = search(request, Map.class);
+
+            return response.hits().hits().stream().map(hit -> UtmComplianceControlEvaluationMapper.mapToEvaluationDto(hit.source())).toList();
+
+        } catch (Exception e) {
+            throw new RuntimeException(ctx + ": " + e.getMessage(), e);
+        }
+    }
 }

backend/src/main/java/com/park/utmstack/service/mapper/compliance/UtmComplianceControlEvaluationMapper.java

@@ -0,0 +1,43 @@
+package com.park.utmstack.service.mapper.compliance;
+
+import com.park.utmstack.service.dto.compliance.UtmComplianceControlEvaluationDto;
+import com.park.utmstack.service.dto.compliance.UtmComplianceQueryEvaluationDto;
+
+import java.time.Instant;
+import java.util.List;
+import java.util.Map;
+
+public class UtmComplianceControlEvaluationMapper {
+
+    private UtmComplianceControlEvaluationMapper() {
+
+    }
+
+    public static UtmComplianceControlEvaluationDto mapToEvaluationDto(Map<String, Object> src) {
+        UtmComplianceControlEvaluationDto dto = new UtmComplianceControlEvaluationDto();
+
+        dto.setControlId(((Number) src.get("control_id")).longValue());
+        dto.setControlName((String) src.get("control_name"));
+        dto.setStatus((String) src.get("status"));
+        dto.setTimestamp(Instant.parse((String) src.get("timestamp")));
+
+        List<Map<String, Object>> q = (List<Map<String, Object>>) src.get("query_evaluations");
+        if (q != null) {
+            dto.setQueryEvaluations(q.stream().map(UtmComplianceControlEvaluationMapper::mapQueryEval).toList());
+        }
+
+        return dto;
+    }
+
+    private static UtmComplianceQueryEvaluationDto mapQueryEval(Map<String, Object> src) {
+        UtmComplianceQueryEvaluationDto dto = new UtmComplianceQueryEvaluationDto();
+
+        dto.setQueryConfigId(((Number) src.get("queryConfigId")).longValue());
+        dto.setQueryName((String) src.get("queryName"));
+        dto.setHits(((Number) src.get("hits")).intValue());
+        dto.setStatus((String) src.get("status"));
+        dto.setEvidence((List<Map<String, Object>>) src.get("evidence"));
+
+        return dto;
+    }
+}

backend/src/main/java/com/park/utmstack/web/rest/compliance/config/UtmComplianceControlEvaluationResource.java

@@ -0,0 +1,26 @@
+package com.park.utmstack.web.rest.compliance.config;
+
+import com.park.utmstack.service.compliance.config.UtmComplianceControlEvaluationService;
+import com.park.utmstack.service.dto.compliance.UtmComplianceControlEvaluationDto;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.*;
+
+import java.util.List;
+
+@RestController
+@RequestMapping("/api/compliance/control-config")
+public class UtmComplianceControlEvaluationResource {
+
+    private final UtmComplianceControlEvaluationService evaluationService;
+
+    public UtmComplianceControlEvaluationResource(UtmComplianceControlEvaluationService evaluationService) {
+        this.evaluationService = evaluationService;
+    }
+
+    @GetMapping("/{id}/evaluations")
+    public ResponseEntity<List<UtmComplianceControlEvaluationDto>> getControlEvaluations(@PathVariable Long id) {
+        var evaluations = evaluationService.findByControlId(id);
+        return ResponseEntity.ok(evaluations);
+    }
+}
+

plugins/compliance-orchestrator/client/opensearch.go

@@ -30,10 +30,12 @@ func ConnectOpenSearch() error {
 }
 
 type SQLResponse struct {
-	Total int `json:"total"`
+	Schema   []any   `json:"schema"`
+	DataRows [][]any `json:"datarows"`
+	Total    int     `json:"total"`
 }
 
-func (b *BackendClient) ExecuteSQLQuery(ctx context.Context, sql string) (int, error) {
+func (b *BackendClient) ExecuteSQLQuery(ctx context.Context, sql string) (SQLResult, error) {
 	baseURL := plugins.PluginCfg("org.opensearch", false).Get("opensearch").String()
 	sqlEndpoint := fmt.Sprintf("%s/_plugins/_sql", baseURL)
 
@@ -43,26 +45,30 @@ func (b *BackendClient) ExecuteSQLQuery(ctx context.Context, sql string) (int, e
 
 	jsonBody, err := json.Marshal(body)
 	if err != nil {
-		return 0, fmt.Errorf("failed to marshal SQL body: %w", err)
+		return SQLResult{}, fmt.Errorf("failed to marshal SQL body: %w", err)
 	}
 
 	req, err := http.NewRequestWithContext(ctx, "POST", sqlEndpoint, bytes.NewBuffer(jsonBody))
 	if err != nil {
-		return 0, fmt.Errorf("failed to create SQL request: %w", err)
+		return SQLResult{}, fmt.Errorf("failed to create SQL request: %w", err)
 	}
 
 	req.Header.Set("Content-Type", "application/json")
 
 	resp, err := b.httpClient.Do(req)
 	if err != nil {
-		return 0, fmt.Errorf("SQL request failed: %w", err)
+		return SQLResult{}, fmt.Errorf("SQL request failed: %w", err)
 	}
 	defer resp.Body.Close()
 
 	var result SQLResponse
 	if err := json.NewDecoder(resp.Body).Decode(&result); err != nil {
-		return 0, fmt.Errorf("failed to decode SQL response: %w", err)
+		return SQLResult{}, fmt.Errorf("failed to decode SQL response: %w", err)
 	}
 
-	return result.Total, nil
+	// Convertir a tu tipo interno
+	return SQLResult{
+		Rows:  result.DataRows,
+		Count: result.Total,
+	}, nil
 }

plugins/compliance-orchestrator/client/opensearch_result.go

@@ -0,0 +1,6 @@
+package client
+
+type SQLResult struct {
+	Rows  [][]any
+	Count int
+}