Example 1 with Filter
use of com.checkmarx.sdk.dto.sast.Filter in project cx-flow by checkmarx-ltd.
the class ConfigurationOverrider method overrideFilters.
private void overrideFilters(FlowOverride flowOverride, ScanRequest request, Map<String, String> overrideReport) {
Optional.ofNullable(flowOverride.getFilters()).ifPresent(override -> {
FilterFactory filterFactory = new FilterFactory();
ControllerRequest controllerRequest = new ControllerRequest(override.getSeverity(), override.getCwe(), override.getCategory(), override.getStatus(), override.getState());
FilterConfiguration filterConfig = filterFactory.getFilter(controllerRequest, null);
request.setFilter(filterConfig);
String filterDescr;
List<Filter> simpleFilters = Optional.ofNullable(filterConfig).map(FilterConfiguration::getSastFilters).map(EngineFilterConfiguration::getSimpleFilters).orElse(null);
if (CollectionUtils.isNotEmpty(simpleFilters)) {
filterDescr = simpleFilters.stream().map(Object::toString).collect(Collectors.joining(","));
} else {
filterDescr = "EMPTY";
}
overrideReport.put("filters", filterDescr);
});
}
Also used :
Filter(com.checkmarx.sdk.dto.sast.Filter)
EngineFilterConfiguration(com.checkmarx.sdk.dto.filtering.EngineFilterConfiguration)
FilterConfiguration(com.checkmarx.sdk.dto.filtering.FilterConfiguration)
ControllerRequest(com.checkmarx.flow.dto.ControllerRequest)
Example 2 with Filter
use of com.checkmarx.sdk.dto.sast.Filter in project cx-flow by checkmarx-ltd.
the class ScanSteps method prepareFilterList.
private LinkedList prepareFilterList(String filterStr, Filter.Type type) {
LinkedList filterList = new LinkedList<String>();
String[] filterSplitArr = new String[1];
if (filterStr.contains(",")) {
filterSplitArr = filterStr.split(",");
} else {
filterSplitArr[0] = filterStr;
}
for (String currfilter : filterSplitArr) {
Filter filter = new Filter(type, currfilter);
filters.add(new Filter(type, currfilter));
filterList.add(filter);
}
return filterList;
}
Also used :
Filter(com.checkmarx.sdk.dto.sast.Filter)
LinkedList(java.util.LinkedList)
Example 3 with Filter
use of com.checkmarx.sdk.dto.sast.Filter in project cx-flow by checkmarx-ltd.
the class RunPublishProcessSteps method setResultsAndFilters.
@Given("there are {int} findings from which {int} results match the filter")
public void setResultsAndFilters(int totalResults, int matchingResults) {
findingsType = FindingsType.DIFFERENT_SEVERITIES;
numOfFindings = matchingResults;
this.totalResults = totalResults;
needFilter = true;
Filter filter = Filter.builder().type(Filter.Type.SEVERITY).value("High").build();
filters = Collections.singletonList(filter);
}Example 4 with Filter
use of com.checkmarx.sdk.dto.sast.Filter in project cx-flow by checkmarx-ltd.
the class RunPublishProcessSteps method verifyNumOfIssuesForSeverities.
@Then("verify results contains {int}, {int}, {int}, {int} for severities {}")
public void verifyNumOfIssuesForSeverities(int high, int medium, int low, int info, String severities) {
List<Filter> filters = createFiltersFromString(severities, Filter.Type.SEVERITY);
Map<Filter.Severity, Integer> actualJira = jiraUtils.getIssuesPerSeverity(jiraProperties.getProject());
for (Filter filter : filters) {
Filter.Severity severity = Filter.Severity.valueOf(filter.getValue().toUpperCase());
switch(severity) {
case HIGH:
Assert.assertEquals("HIGH issues does not match", (int) actualJira.get(Filter.Severity.HIGH), high);
break;
case MEDIUM:
Assert.assertEquals("Medium issues does not match", (int) actualJira.get(Filter.Severity.MEDIUM), medium);
break;
case LOW:
Assert.assertEquals("Medium issues does not match", (int) actualJira.get(Filter.Severity.LOW), low);
break;
case INFO:
Assert.assertEquals("Medium issues does not match", (int) actualJira.get(Filter.Severity.INFO), info);
break;
}
}
}Example 5 with Filter
use of com.checkmarx.sdk.dto.sast.Filter in project cx-flow by checkmarx-ltd.
the class FlowControllerTest method testScanApiWithFilters.
@ParameterizedTest
@MethodSource("generateDataForScanApi")
public void testScanApiWithFilters(String filterSeverity, String filterCwe, String filterOwasp, String filterType, String filterStatus, String id) {
FlowController.CxScanRequest request = getScanRequestWithDefaults();
List<Filter> filters = prepareScanApiFilters(filterSeverity, filterCwe, filterOwasp, filterType, filterStatus);
request.setFilters(filters);
ResponseEntity<EventResponse> response = flowController.initiateScan(request, flowProperties.getToken());
ArgumentCaptor<ScanRequest> captor = ArgumentCaptor.forClass(ScanRequest.class);
verify(flowService).initiateAutomation(captor.capture());
ScanRequest actual = captor.getValue();
assertScanApiFilters(actual.getFilter().getSastFilters().getSimpleFilters(), filters);
assertOKResponse(response);
}
Also used :
ScanRequest(com.checkmarx.flow.dto.ScanRequest)
EventResponse(com.checkmarx.flow.dto.EventResponse)
Filter(com.checkmarx.sdk.dto.sast.Filter)
ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)
MethodSource(org.junit.jupiter.params.provider.MethodSource)
Aggregations
Filter (com.checkmarx.sdk.dto.sast.Filter)19
FilterConfiguration (com.checkmarx.sdk.dto.filtering.FilterConfiguration)6
ScanResults (com.checkmarx.sdk.dto.ScanResults)5
Test (org.junit.Test)4
EngineFilterConfiguration (com.checkmarx.sdk.dto.filtering.EngineFilterConfiguration)3
SpringBootTest (org.springframework.boot.test.context.SpringBootTest)3
CxScanParams (com.checkmarx.sdk.dto.cx.CxScanParams)2
CheckmarxException (com.checkmarx.sdk.exception.CheckmarxException)2
Given (io.cucumber.java.en.Given)2
Then (io.cucumber.java.en.Then)2
ArrayList (java.util.ArrayList)2
Function (java.util.function.Function)2
Collectors (java.util.stream.Collectors)2
Slf4j (lombok.extern.slf4j.Slf4j)2
Ignore (org.junit.Ignore)2
Issue (com.atlassian.jira.rest.client.api.domain.Issue)1
SearchResult (com.atlassian.jira.rest.client.api.domain.SearchResult)1
CxFlowApplication (com.checkmarx.flow.CxFlowApplication)1
FlowProperties (com.checkmarx.flow.config.FlowProperties)1
RepoProperties (com.checkmarx.flow.config.RepoProperties)1
