feat[backend](updated filters and rules): forced systemOwnedMode on rules and filters insertion in initial update

AlexSanchez-bit · AlexSanchez-bit · commit 820a1c78787d · 2026-04-03T11:42:04.000-04:00
diff --git a/backend/src/main/java/com/park/utmstack/service/DefinitionSyncService.java b/backend/src/main/java/com/park/utmstack/service/DefinitionSyncService.java
@@ -11,6 +11,7 @@
 import com.park.utmstack.service.dto.correlation.AdversaryType;
 import com.park.utmstack.service.dto.correlation.UtmCorrelationRulesDTO;
 import com.park.utmstack.service.dto.correlation.UtmCorrelationRulesMapper;
+import com.park.utmstack.service.logstash_filter.UtmLogstashFilterService;
 import lombok.Data;
 import lombok.RequiredArgsConstructor;
 import org.slf4j.Logger;
@@ -40,6 +41,7 @@ public class DefinitionSyncService implements CommandLineRunner {
     private final UtmDataTypesRepository dataTypesRepository;
     private final UtmCorrelationRulesService rulesService;
     private final UtmCorrelationRulesMapper rulesMapper;
+    private final UtmLogstashFilterService filterService;
 
     @Override
     @Transactional
@@ -70,7 +72,7 @@ private void syncFilters() {
                             log.info("Updating existing filter for module: {}", moduleName);
                             filter.setLogstashFilter(content);
                             filter.setUpdatedAt(Instant.now());
-                            filterRepository.save(filter);
+                            filterService.save(filter, true);
                         }
                     } else {
                         log.info("Inserting new filter for module: {}", moduleName);
@@ -88,7 +90,7 @@ private void syncFilters() {
                             filter.setDatatype(dataType.get());
                         }
 
-                        filterRepository.save(filter);
+                        filterService.save(filter, true);
                     }
                 } catch (IOException e) {
                     log.error("Error reading filter file {}: {}", path, e.getMessage());
@@ -158,10 +160,10 @@ private void syncRules() {
 
                     UtmCorrelationRules entity = rulesMapper.toEntity(ruleDto);
                     if (ruleOpt.isPresent()) {
-                        rulesService.updateRule(entity);
+                        rulesService.updateRule(entity, true);
 
                     } else {
-                        rulesService.save(entity);
+                        rulesService.save(entity, true);
                     }
 
                 } catch (Exception e) {
diff --git a/backend/src/main/java/com/park/utmstack/service/correlation/rules/UtmCorrelationRulesService.java b/backend/src/main/java/com/park/utmstack/service/correlation/rules/UtmCorrelationRulesService.java
@@ -62,6 +62,10 @@ public UtmCorrelationRulesService(UtmCorrelationRulesRepository utmCorrelationRu
      * @return the persisted entity.
      */
     public UtmCorrelationRules save(UtmCorrelationRules rule) {
+        return save(rule, false);
+    }
+
+    public UtmCorrelationRules save(UtmCorrelationRules rule, boolean forcedSystemMode) {
         final String ctx = CLASSNAME + ".saveRule";
         log.debug("Request to save UtmCorrelationRules : {}", rule);
 
@@ -72,6 +76,10 @@ public UtmCorrelationRules save(UtmCorrelationRules rule) {
             }
         }
 
+        if (forcedSystemMode) {
+            rule.setSystemOwner(true);
+        }
+
         rule.setDataTypes(this.saveDataTypes(rule));
         rule.setRuleLastUpdate(Instant.now(Clock.systemUTC()));
         return utmCorrelationRulesRepository.save(rule);
@@ -86,6 +94,11 @@ public UtmCorrelationRules save(UtmCorrelationRules rule) {
      * */
     @Transactional
     public void updateRule(UtmCorrelationRules correlationRule) throws Exception {
+        updateRule(correlationRule, false);
+    }
+
+    @Transactional
+    public void updateRule(UtmCorrelationRules correlationRule, boolean forcedSystemMode) throws Exception {
         final String ctx = CLASSNAME + ".updateRule";
         Long id = correlationRule.getId();
         if (id == null) {
@@ -99,7 +112,12 @@ public void updateRule(UtmCorrelationRules correlationRule) throws Exception {
         if (correlationRule.getDataTypes().isEmpty()) {
             throw new BadRequestException(ctx + ": The rule must have at least one data type.");
         }
-        if(optionalCorrelationRule.get().getSystemOwner() && !utmStackService.isInDevelop()) {
+
+        if (forcedSystemMode) {
+            correlationRule.setSystemOwner(true);
+        }
+
+        if(optionalCorrelationRule.get().getSystemOwner() && !utmStackService.isInDevelop() && !forcedSystemMode) {
             throw new BadRequestException(ctx + ": System's rules can't be updated.");
         }
         correlationRule.setDataTypes(this.saveDataTypes(correlationRule));
diff --git a/backend/src/main/java/com/park/utmstack/service/logstash_filter/UtmLogstashFilterService.java b/backend/src/main/java/com/park/utmstack/service/logstash_filter/UtmLogstashFilterService.java
@@ -35,10 +35,14 @@ public UtmLogstashFilterService(UtmLogstashFilterRepository logstashFilterReposi
      * @return the persisted entity
      */
     public UtmLogstashFilter save(UtmLogstashFilter logstashFilter) {
+        return save(logstashFilter, false);
+    }
+
+    public UtmLogstashFilter save(UtmLogstashFilter logstashFilter, boolean forcedSystemMode) {
         final String ctx = CLASSNAME + ".save";
         try {
             logstashFilter.setUpdatedAt(Instant.now());
-            logstashFilter.setSystemOwner(false);
+            logstashFilter.setSystemOwner(forcedSystemMode);
             return logstashFilterRepository.save(logstashFilter);
         } catch (Exception e) {
             throw new RuntimeException(ctx + ": " + e.getMessage());
