feat: paginated commands endpoint for attacker profiles

New GET /attackers/{uuid}/commands?limit=&offset=&service= endpoint serves commands with server-side pagination and optional service filter. AttackerDetail frontend fetches commands from this endpoint with page controls. Service badge filter now drives both the API query and the local fingerprint filter.
2026-04-14 01:45:19 -04:00
parent 8c249f6987
commit f3bb0b31ae
7 changed files with 194 additions and 8 deletions
--- a/decnet/web/router/init.py
+++ b/decnet/web/router/init.py
@@ -13,6 +13,7 @@ from .fleet.api_deploy_deckies import router as deploy_deckies_router
 from .stream.api_stream_events import router as stream_router
 from .attackers.api_get_attackers import router as attackers_router
 from .attackers.api_get_attacker_detail import router as attacker_detail_router
+from .attackers.api_get_attacker_commands import router as attacker_commands_router

 api_router = APIRouter()

@@ -36,6 +37,7 @@ api_router.include_router(deploy_deckies_router)
 # Attacker Profiles
 api_router.include_router(attackers_router)
 api_router.include_router(attacker_detail_router)
+api_router.include_router(attacker_commands_router)

 # Observability
 api_router.include_router(stats_router)
--- a/decnet/web/router/attackers/api_get_attacker_commands.py
+++ b/decnet/web/router/attackers/api_get_attacker_commands.py
@@ -0,0 +1,38 @@
+from typing import Any, Optional
+
+from fastapi import APIRouter, Depends, HTTPException, Query
+
+from decnet.web.dependencies import get_current_user, repo
+
+router = APIRouter()
+
+
+@router.get(
+    "/attackers/{uuid}/commands",
+    tags=["Attacker Profiles"],
+    responses={
+        401: {"description": "Could not validate credentials"},
+        404: {"description": "Attacker not found"},
+    },
+)
+async def get_attacker_commands(
+    uuid: str,
+    limit: int = Query(50, ge=1, le=1000),
+    offset: int = Query(0, ge=0, le=2147483647),
+    service: Optional[str] = None,
+    current_user: str = Depends(get_current_user),
+) -> dict[str, Any]:
+    """Retrieve paginated commands for an attacker profile."""
+    attacker = await repo.get_attacker_by_uuid(uuid)
+    if not attacker:
+        raise HTTPException(status_code=404, detail="Attacker not found")
+
+    def _norm(v: Optional[str]) -> Optional[str]:
+        if v in (None, "null", "NULL", "undefined", ""):
+            return None
+        return v
+
+    result = await repo.get_attacker_commands(
+        uuid=uuid, limit=limit, offset=offset, service=_norm(service),
+    )
+    return {"total": result["total"], "limit": limit, "offset": offset, "data": result["data"]}