feat(attack-paths): configure Neo4j for read-only queries (#10140)

2026-03-22 03:08:23 +00:00 · 2026-02-24 10:15:22 +01:00
parent 51dbf17faa
commit e688e60fde
10 changed files with 393 additions and 47 deletions
--- a/ui/CHANGELOG.md
+++ b/ui/CHANGELOG.md
@@ -17,6 +17,7 @@ All notable changes to the **Prowler UI** are documented in this file.
 - Updated GitHub provider form placeholder to clarify both username and organization names are valid inputs [(#9830)](https://github.com/prowler-cloud/prowler/pull/9830)
 - CSA CCM detailed view and small fix related with `Top Failed Sections` width [(#10018)](https://github.com/prowler-cloud/prowler/pull/10018)
 - Attack Paths: Show scan data availability status with badges and tooltips, allow selecting scans for querying while a new scan is in progress [(#10089)](https://github.com/prowler-cloud/prowler/pull/10089)
+- Attack Paths: Catches not found and permissions (for read only queries) errors [(#10140)](https://github.com/prowler-cloud/prowler/pull/10140)

 ### 🔐 Security

--- a/ui/app/(prowler)/attack-paths/(workflow)/query-builder/page.tsx
+++ b/ui/app/(prowler)/attack-paths/(workflow)/query-builder/page.tsx
@@ -200,7 +200,24 @@ export default function AttackPathAnalysisPage() {
        parameters,
      );

-      if (result?.data?.attributes) {
+      if (result && "error" in result) {
+        const apiError = result as unknown as { error: string; status: number };
+        graphState.resetGraph();
+
+        if (apiError.status === 404) {
+          graphState.setError("No data found");
+          showErrorToast("No data found", "The query returned no data");
+        } else if (apiError.status === 403) {
+          graphState.setError("Not enough permissions to execute this query");
+          showErrorToast(
+            "Error",
+            "Not enough permissions to execute this query",
+          );
+        } else {
+          graphState.setError(apiError.error);
+          showErrorToast("Error", apiError.error);
+        }
+      } else if (result?.data?.attributes) {
        const graphData = adaptQueryResultToGraphData(result.data.attributes);
        graphState.updateGraphData(graphData);
        toast({
@@ -218,8 +235,11 @@ export default function AttackPathAnalysisPage() {
        }, 100);
      } else {
        graphState.resetGraph();
-        graphState.setError("No data returned from query");
-        showErrorToast("Error", "Query returned no data");
+        graphState.setError("Failed to execute query due to an unknown error");
+        showErrorToast(
+          "Error",
+          "Failed to execute query due to an unknown error",
+        );
      }
    } catch (error) {
      const errorMsg =