Stage 8: world map view — backend endpoint, map component, map page

- BansByCountryResponse model added to ban.py - bans_by_country() service: parallel geo lookup via asyncio.gather, aggregation by ISO alpha-2 country code (up to 2 000 bans) - GET /api/dashboard/bans/by-country endpoint in dashboard router - 290 tests pass (5 new), ruff + mypy clean (44 files) - isoNumericToAlpha2.ts: 249-entry ISO numeric → alpha-2 static map - types/map.ts, api/map.ts, hooks/useMapData.ts created - WorldMap.tsx: react-simple-maps Mercator SVG map, per-country ban count overlay, colour intensity scaling, country click filtering, GeoLayer nested-component pattern for useGeographies context - MapPage.tsx: time-range selector, WorldMap, country filter info bar, summary line, companion FluentUI Table with country filter - Frontend tsc + ESLint clean (0 errors/warnings)
2026-03-01 14:53:49 +01:00
parent 7f81f0614b
commit 54313fd3e0
13 changed files with 1343 additions and 20 deletions
--- a/backend/app/services/ban_service.py
+++ b/backend/app/services/ban_service.py
@@ -21,6 +21,7 @@ from app.models.ban import (
    TIME_RANGE_SECONDS,
    AccessListItem,
    AccessListResponse,
+    BansByCountryResponse,
    DashboardBanItem,
    DashboardBanListResponse,
    TimeRange,
@@ -323,3 +324,112 @@ async def list_accesses(
        page=page,
        page_size=effective_page_size,
    )
+
+
+# ---------------------------------------------------------------------------
+# bans_by_country
+# ---------------------------------------------------------------------------
+
+#: Maximum bans fetched for aggregation (guard against huge databases).
+_MAX_GEO_BANS: int = 2_000
+
+
+async def bans_by_country(
+    socket_path: str,
+    range_: TimeRange,
+    geo_enricher: Any | None = None,
+) -> BansByCountryResponse:
+    """Aggregate ban counts per country for the selected time window.
+
+    Fetches up to ``_MAX_GEO_BANS`` ban records from the fail2ban database,
+    enriches them with geo data, and returns a ``{country_code: count}`` map
+    alongside the enriched ban list for the companion access table.
+
+    Args:
+        socket_path: Path to the fail2ban Unix domain socket.
+        range_: Time-range preset.
+        geo_enricher: Optional async ``(ip) -> GeoInfo | None`` callable.
+
+    Returns:
+        :class:`~app.models.ban.BansByCountryResponse` with per-country
+        aggregation and the full ban list.
+    """
+    import asyncio
+
+    since: int = _since_unix(range_)
+    db_path: str = await _get_fail2ban_db_path(socket_path)
+    log.info("ban_service_bans_by_country", db_path=db_path, since=since, range=range_)
+
+    async with aiosqlite.connect(f"file:{db_path}?mode=ro", uri=True) as f2b_db:
+        f2b_db.row_factory = aiosqlite.Row
+
+        async with f2b_db.execute(
+            "SELECT COUNT(*) FROM bans WHERE timeofban >= ?",
+            (since,),
+        ) as cur:
+            count_row = await cur.fetchone()
+            total: int = int(count_row[0]) if count_row else 0
+
+        async with f2b_db.execute(
+            "SELECT jail, ip, timeofban, bancount, data "
+            "FROM bans "
+            "WHERE timeofban >= ? "
+            "ORDER BY timeofban DESC "
+            "LIMIT ?",
+            (since, _MAX_GEO_BANS),
+        ) as cur:
+            rows = await cur.fetchall()
+
+    # Geo-enrich unique IPs in parallel.
+    unique_ips: list[str] = list({str(r["ip"]) for r in rows})
+    geo_map: dict[str, Any] = {}
+    if geo_enricher is not None and unique_ips:
+        async def _safe_lookup(ip: str) -> tuple[str, Any]:
+            try:
+                return ip, await geo_enricher(ip)
+            except Exception:  # noqa: BLE001
+                log.warning("ban_service_geo_lookup_failed", ip=ip)
+                return ip, None
+
+        results = await asyncio.gather(*(_safe_lookup(ip) for ip in unique_ips))
+        geo_map = dict(results)
+
+    # Build ban items and aggregate country counts.
+    countries: dict[str, int] = {}
+    country_names: dict[str, str] = {}
+    bans: list[DashboardBanItem] = []
+
+    for row in rows:
+        ip = str(row["ip"])
+        geo = geo_map.get(ip)
+        cc: str | None = geo.country_code if geo else None
+        cn: str | None = geo.country_name if geo else None
+        asn: str | None = geo.asn if geo else None
+        org: str | None = geo.org if geo else None
+        matches, _ = _parse_data_json(row["data"])
+
+        bans.append(
+            DashboardBanItem(
+                ip=ip,
+                jail=str(row["jail"]),
+                banned_at=_ts_to_iso(int(row["timeofban"])),
+                service=matches[0] if matches else None,
+                country_code=cc,
+                country_name=cn,
+                asn=asn,
+                org=org,
+                ban_count=int(row["bancount"]),
+            )
+        )
+
+        if cc:
+            countries[cc] = countries.get(cc, 0) + 1
+            if cn and cc not in country_names:
+                country_names[cc] = cn
+
+    return BansByCountryResponse(
+        countries=countries,
+        country_names=country_names,
+        bans=bans,
+        total=total,
+    )