use of com.checkmarx.flow.dto.FlowOverride in project cx-flow by checkmarx-ltd.
the class ConfigurationOverrider method overrideScanRequestProperties.
/**
* Override scan request details as per file/blob (MachinaOverride)
*/
public ScanRequest overrideScanRequestProperties(FlowOverride override, ScanRequest request) {
scaConfigOverrider.initScaConfig(request);
if (override == null) {
return request;
}
BugTracker bt = request.getBugTracker();
/*Override only applicable to Simple JIRA bug*/
if (request.getBugTracker().getType().equals(BugTracker.Type.JIRA) && override.getJira() != null) {
overrideJiraBugProperties(override, bt);
}
request.setBugTracker(bt);
if (!ScanUtils.empty(override.getApplication())) {
request.setApplication(override.getApplication());
}
if (!ScanUtils.empty(override.getBranches())) {
request.setActiveBranches(override.getBranches());
}
List<String> emails = override.getEmails();
if (emails != null) {
if (emails.isEmpty()) {
request.setEmail(null);
} else {
request.setEmail(emails);
}
}
FlowOverride.Filters filtersObj = override.getFilters();
if (filtersObj != null) {
FilterFactory filterFactory = new FilterFactory();
ControllerRequest controllerRequest = new ControllerRequest(filtersObj.getSeverity(), filtersObj.getCwe(), filtersObj.getCategory(), filtersObj.getStatus(), filtersObj.getState());
FilterConfiguration filter = filterFactory.getFilter(controllerRequest, null);
request.setFilter(filter);
}
return request;
}
use of com.checkmarx.flow.dto.FlowOverride in project cx-flow by checkmarx-ltd.
the class PostRequestData method latestScanResults.
@GetMapping(value = "/scanresults", produces = "application/json")
public ScanResults latestScanResults(// Mandatory parameters
@RequestParam(value = "project") String project, @RequestHeader(value = TOKEN_HEADER) String token, // Optional parameters
@RequestParam(value = "team", required = false) String team, @RequestParam(value = "application", required = false) String application, @RequestParam(value = "severity", required = false) List<String> severity, @RequestParam(value = "cwe", required = false) List<String> cwe, @RequestParam(value = "category", required = false) List<String> category, @RequestParam(value = "status", required = false) List<String> status, @RequestParam(value = "assignee", required = false) String assignee, @RequestParam(value = "override", required = false) String override, @RequestParam(value = "bug", required = false) String bug) {
String uid = helperService.getShortUid();
MDC.put(FlowConstants.MAIN_MDC_ENTRY, uid);
// Validate shared API token from header
validateToken(token);
// This primes the shard when Shard Manager is turned on
if (cxProperties.getEnableShardManager()) {
ShardSession shard = sessionTracker.getShardSession();
// ensures this gets fixed like this: /CxServer/CHECKMARX
if (team.charAt(0) != '/') {
team = ("/" + team);
}
shard.setTeam(team);
shard.setProject(project);
}
// Create bug tracker
BugTracker bugTracker = getBugTracker(assignee, bug);
// Create filters if available
ControllerRequest request = new ControllerRequest(severity, cwe, category, status, null);
FilterConfiguration filter = filterFactory.getFilter(request, properties);
// Create the scan request
ScanRequest scanRequest = ScanRequest.builder().application(ScanUtils.empty(application) ? project : application).product(// Default product: CX
ScanRequest.Product.CX).project(project).team(team).bugTracker(bugTracker).filter(filter).build();
scanRequest.setId(uid);
// If an override blob/file is provided, substitute these values
if (!ScanUtils.empty(override)) {
FlowOverride ovr = ScanUtils.getMachinaOverride(override);
scanRequest = configOverrider.overrideScanRequestProperties(ovr, scanRequest);
}
// Fetch the Checkmarx Scan Results based on given ScanRequest.
// The cxProject parameter is null because the required project metadata
// is already contained in the scanRequest parameter.
ScanResults scanResults = CxScannerService.getScanner(cxgoScanner, sastScanner).getLatestScanResults(scanRequest);
log.debug("ScanResults {}", scanResults);
return scanResults;
}
use of com.checkmarx.flow.dto.FlowOverride in project cx-flow by checkmarx-ltd.
the class ScanUtils method getMachinaOverride.
public static FlowOverride getMachinaOverride(@RequestParam(value = "override", required = false) String override) {
FlowOverride o = null;
try {
ObjectMapper mapper = new ObjectMapper();
// if override is provided, check if chars are more than 20 in length, implying base64 encoded json
if (!ScanUtils.empty(override)) {
if (override.length() > 20) {
String oJson = new String(Base64.getDecoder().decode(override));
o = mapper.readValue(oJson, FlowOverride.class);
log.info("Overriding attributes with Base64 encoded String");
} else {
// TODO download file
}
}
} catch (IOException e) {
log.error("Error occurred", e);
throw new MachinaRuntimeException();
}
return o;
}
Aggregations