Merge pull request #2068 from akto-api-security/hotfix/fix_and_condit…

…ion_on_keyValueConditions

Fixing token datatype operator

apps/dashboard/src/main/java/com/akto/listener/InitializerListener.java

@@ -13,7 +13,6 @@
 import com.akto.dao.context.Context;
 import com.akto.dao.loaders.LoadersDao;
 import com.akto.dao.notifications.CustomWebhooksDao;
-import com.akto.dao.notifications.CustomWebhooksResultDao;
 import com.akto.dao.notifications.EventsMetricsDao;
 import com.akto.dao.notifications.SlackWebhooksDao;
 import com.akto.dao.pii.PIISourceDao;
@@ -167,7 +166,6 @@
 import static com.akto.task.Cluster.callDibs;
 import static com.akto.utils.billing.OrganizationUtils.syncOrganizationWithAkto;
 import static com.mongodb.client.model.Filters.eq;
-import static com.akto.runtime.utils.Utils.convertOriginalReqRespToString;
 import static com.akto.utils.Utils.deleteApis;
 
 public class InitializerListener implements ServletContextListener {
@@ -723,7 +721,7 @@ private static CustomDataType getCustomDataTypeFromPiiType(PIISource piiSource,
                 active,
                 ((piiType.getOnKey() || piiType.getOnKeyAndPayload()) ? keyConditions : null),
                 ((piiType.getOnKey() && !piiType.getOnKeyAndPayload()) ? null : valueConditions),
-                Operator.OR,
+                piiType.getOnKeyAndPayload() ? Operator.AND : Operator.OR,
                 ignoreData,
                 false,
                 true
@@ -2999,13 +2997,34 @@ private static void markSummariesAsVulnerable(BackwardCompatibility backwardComp
         }
     }
 
+    private static void updateCustomDataTypeOperator(BackwardCompatibility backwardCompatibility){
+        if(backwardCompatibility.getChangeOperatorConditionInCDT() == 0){
+            CustomDataTypeDao.instance.updateOneNoUpsert(
+                Filters.and(
+                    Filters.eq(CustomDataType.NAME, "TOKEN"),
+                    Filters.or(
+                        Filters.exists(CustomDataType.USER_MODIFIED_TIMESTAMP, false),
+                        Filters.eq(CustomDataType.USER_MODIFIED_TIMESTAMP, 0)
+                    )  
+                ),
+                Updates.set(CustomDataType.OPERATOR, Operator.AND) 
+            );
+
+            BackwardCompatibilityDao.instance.updateOne(
+                Filters.eq("_id", backwardCompatibility.getId()),
+                Updates.set(BackwardCompatibility.CHANGE_OPERATOR_CONDITION_IN_CDT, Context.now())
+            );
+        }
+    }
+
     public static void setBackwardCompatibilities(BackwardCompatibility backwardCompatibility){
         if (DashboardMode.isMetered()) {
             initializeOrganizationAccountBelongsTo(backwardCompatibility);
             setOrganizationsInBilling(backwardCompatibility);
         }
-        markSummariesAsVulnerable(backwardCompatibility);
         setAktoDefaultNewUI(backwardCompatibility);
+        updateCustomDataTypeOperator(backwardCompatibility);
+        markSummariesAsVulnerable(backwardCompatibility);
         dropLastCronRunInfoField(backwardCompatibility);
         fetchIntegratedConnections(backwardCompatibility);
         dropFilterSampleDataCollection(backwardCompatibility);

libs/dao/src/main/java/com/akto/dto/BackwardCompatibility.java

@@ -106,6 +106,9 @@ public class BackwardCompatibility {
     public static final String MARK_SUMMARIES_NEW_FOR_VULNERABLE = "markSummariesVulnerable";
     private int markSummariesVulnerable;
 
+    public static final String CHANGE_OPERATOR_CONDITION_IN_CDT = "changeOperatorConditionInCDT";
+    private int changeOperatorConditionInCDT;
+
     public BackwardCompatibility(int id, int dropFilterSampleData, int resetSingleTypeInfoCount, int dropWorkflowTestResult,
                                  int readyForNewTestingFramework,int addAktoDataTypes, boolean deploymentStatusUpdated,
                                  int authMechanismData, boolean mirroringLambdaTriggered, int deleteAccessListFromApiToken,
@@ -115,7 +118,8 @@ public BackwardCompatibility(int id, int dropFilterSampleData, int resetSingleTy
                                  int loginSignupGroups, int vulnerableApiUpdationVersionV1, int riskScoreGroups,
                                  int deactivateCollections, int disableAwsSecretPii, int apiCollectionAutomatedField, 
                                  int automatedApiGroups, int addAdminRoleIfAbsent, int dropSpecialCharacterApiCollections, int fixApiAccessType,
-                                 int addDefaultFilters, int moveAzureSamlToNormalSaml, int deleteOptionsAPIs, int moveOktaOidcSSO, int markSummariesVulnerable) {
+                                 int addDefaultFilters, int moveAzureSamlToNormalSaml, int deleteOptionsAPIs, int moveOktaOidcSSO, int markSummariesVulnerable,
+                                 int changeOperatorConditionInCDT) {
         this.id = id;
         this.dropFilterSampleData = dropFilterSampleData;
         this.resetSingleTypeInfoCount = resetSingleTypeInfoCount;
@@ -149,6 +153,7 @@ public BackwardCompatibility(int id, int dropFilterSampleData, int resetSingleTy
         this.deleteOptionsAPIs = deleteOptionsAPIs;
         this.moveOktaOidcSSO = moveOktaOidcSSO;
         this.markSummariesVulnerable = markSummariesVulnerable;
+        this.changeOperatorConditionInCDT = changeOperatorConditionInCDT;
     }
 
     public BackwardCompatibility() {
@@ -449,4 +454,12 @@ public int getMarkSummariesVulnerable() {
     public void setMarkSummariesVulnerable(int markSummariesVulnerable) {
         this.markSummariesVulnerable = markSummariesVulnerable;
     }
+
+    public int getChangeOperatorConditionInCDT() {
+        return changeOperatorConditionInCDT;
+    }
+
+    public void setChangeOperatorConditionInCDT(int changeOperatorConditionInCDT) {
+        this.changeOperatorConditionInCDT = changeOperatorConditionInCDT;
+    }
 }