Search in sources :

Example 1 with WebSecurityScannerClient

use of com.google.cloud.websecurityscanner.v1beta.WebSecurityScannerClient in project java-websecurityscanner by googleapis.

the class VPCServiceControlNegativeTest method testScanConfigList.

@Test
public void testScanConfigList() throws IOException {
    // try to get the list of scan configs - it must fail
    WebSecurityScannerSettings wssSetting = getWssSettingWithCredentials();
    final String formattedParent = ProjectName.format(OUT_VPCSC_PROJECT);
    try (WebSecurityScannerClient wssClient = WebSecurityScannerClient.create(wssSetting)) {
        ListScanConfigsRequest lscRequest = ListScanConfigsRequest.newBuilder().setParent(formattedParent).build();
        ListScanConfigsPagedResponse scanConfigsList = wssClient.listScanConfigs(lscRequest);
        fail("Exception must occur for non-acceessible project scan-configs");
    } catch (PermissionDeniedException expected) {
    }
}
Also used : ListScanConfigsRequest(com.google.cloud.websecurityscanner.v1beta.ListScanConfigsRequest) WebSecurityScannerSettings(com.google.cloud.websecurityscanner.v1beta.WebSecurityScannerSettings) WebSecurityScannerClient(com.google.cloud.websecurityscanner.v1beta.WebSecurityScannerClient) ListScanConfigsPagedResponse(com.google.cloud.websecurityscanner.v1beta.WebSecurityScannerClient.ListScanConfigsPagedResponse) PermissionDeniedException(com.google.api.gax.rpc.PermissionDeniedException) Test(org.junit.Test)

Example 2 with WebSecurityScannerClient

use of com.google.cloud.websecurityscanner.v1beta.WebSecurityScannerClient in project java-websecurityscanner by googleapis.

the class VPCServiceControlNegativeTest method testScanConfigCreation.

@Test
public void testScanConfigCreation() throws IOException {
    WebSecurityScannerSettings wssSetting = getWssSettingWithCredentials();
    final String formattedParent = ProjectName.format(OUT_VPCSC_PROJECT);
    try (WebSecurityScannerClient wssClient = WebSecurityScannerClient.create(wssSetting)) {
        ScanConfig scanConfig = ScanConfig.newBuilder().addAllStartingUrls(Lists.newArrayList(OUT_VPCSC_HOSTNAME)).setDisplayName(testScanConfigCreationDisplayName).build();
        CreateScanConfigRequest request = CreateScanConfigRequest.newBuilder().setParent(formattedParent).setScanConfig(scanConfig).build();
        ScanConfig responseScanConfig = wssClient.createScanConfig(request);
        fail("Exception must occur for non-accessible project");
    } catch (PermissionDeniedException expected) {
    }
}
Also used : WebSecurityScannerSettings(com.google.cloud.websecurityscanner.v1beta.WebSecurityScannerSettings) WebSecurityScannerClient(com.google.cloud.websecurityscanner.v1beta.WebSecurityScannerClient) ScanConfig(com.google.cloud.websecurityscanner.v1beta.ScanConfig) CreateScanConfigRequest(com.google.cloud.websecurityscanner.v1beta.CreateScanConfigRequest) PermissionDeniedException(com.google.api.gax.rpc.PermissionDeniedException) Test(org.junit.Test)

Example 3 with WebSecurityScannerClient

use of com.google.cloud.websecurityscanner.v1beta.WebSecurityScannerClient in project java-websecurityscanner by googleapis.

the class VPCServiceControlPositiveTest method test.

private void test(final WebSecurityScannerClient wssClient, final String displayName) {
    // This test performs following steps:
    // 0. Create scan-config
    // 1. Make sure that created scan-config is present
    // 2. Start scan run on created scan-config
    // 3. Make sure that created scan-run is present.
    // 5. Stop the scan-run
    // 6. Make sure that scan-run is stopped
    // 7. Delete scan-config
    // 8. Make sure that deleted scan-config is not present.
    final String formattedParent = ProjectName.format(IN_VPCSC_PROJECT);
    class TestResource implements AutoCloseable {

        private WebSecurityScannerClient wssClient;

        private final String displayName;

        private ScanConfig createdScanConfig;

        private ScanRun startedScanRun;

        TestResource(WebSecurityScannerClient wssClient, String displayName) {
            this.wssClient = wssClient;
            this.displayName = displayName;
        }

        ScanConfig createScanConfig() {
            ScanConfig scanConfig = ScanConfig.newBuilder().addAllStartingUrls(Lists.newArrayList(IN_VPCSC_HOSTNAME)).setDisplayName(displayName).build();
            CreateScanConfigRequest request = CreateScanConfigRequest.newBuilder().setParent(formattedParent).setScanConfig(scanConfig).build();
            createdScanConfig = wssClient.createScanConfig(request);
            return createdScanConfig;
        }

        void deleteScanConfig() {
            DeleteScanConfigRequest deleteScanConfigRequest = DeleteScanConfigRequest.newBuilder().setName(createdScanConfig.getName()).build();
            wssClient.deleteScanConfig(deleteScanConfigRequest);
            createdScanConfig = null;
        }

        ScanRun startScanRun() {
            StartScanRunRequest startScanRunRequest = StartScanRunRequest.newBuilder().setName(createdScanConfig.getName()).build();
            startedScanRun = wssClient.startScanRun(startScanRunRequest);
            return startedScanRun;
        }

        ScanRun stopScanRun() {
            StopScanRunRequest stopScanRunRequest = StopScanRunRequest.newBuilder().setName(startedScanRun.getName()).build();
            ScanRun stoppedScanRun = wssClient.stopScanRun(stopScanRunRequest);
            startedScanRun = null;
            return stoppedScanRun;
        }

        @Override
        public void close() {
            if (startedScanRun != null) {
                stopScanRun();
                startedScanRun = null;
            }
            if (createdScanConfig != null) {
                deleteScanConfig();
                createdScanConfig = null;
            }
        }
    }
    try (TestResource testResource = new TestResource(wssClient, displayName)) {
        ScanConfig responseScanConfig = testResource.createScanConfig();
        assertEquals("Display name is response must be equal to display name in request", displayName, responseScanConfig.getDisplayName());
        // Make sure that created scan config is present
        GetScanConfigRequest scanConfigRequest = GetScanConfigRequest.newBuilder().setName(responseScanConfig.getName()).build();
        ScanConfig obtainedScanConfig = wssClient.getScanConfig(scanConfigRequest);
        assertEquals("Scan-Config name must be equal", responseScanConfig.getName(), obtainedScanConfig.getName());
        ListScanConfigsRequest lscRequest = ListScanConfigsRequest.newBuilder().setParent(formattedParent).build();
        boolean oneDisplayNameMatches = false;
        for (ScanConfig sc : wssClient.listScanConfigs(lscRequest).iterateAll()) {
            // since display name is never null so object equality can be used
            if (displayName.equals(sc.getDisplayName())) {
                oneDisplayNameMatches = true;
                break;
            }
        }
        assertTrue("One scan-config with " + displayName + " must be present", oneDisplayNameMatches);
        ScanRun scanRunResponse = testResource.startScanRun();
        assertTrue("Scan-run name must not be empty", isNotEmpty(scanRunResponse.getName()));
        assertNotEquals("Scan-run state must not be KILLED", ResultState.KILLED, scanRunResponse.getResultState());
        ScanRun stoppedScanRun = testResource.stopScanRun();
        assertEquals("Result state must be killed", ResultState.KILLED, stoppedScanRun.getResultState());
        testResource.deleteScanConfig();
        // make sure that deleted scan-config do not exist
        GetScanConfigRequest getScanConfigRequest = GetScanConfigRequest.newBuilder().setName(responseScanConfig.getName()).build();
        try {
            ScanConfig deletedScanConfig = wssClient.getScanConfig(getScanConfigRequest);
            fail("NotFoundException must be throw as scan-config must already be deleted");
        } catch (NotFoundException expected) {
        }
    }
}
Also used : StopScanRunRequest(com.google.cloud.websecurityscanner.v1beta.StopScanRunRequest) NotFoundException(com.google.api.gax.rpc.NotFoundException) DeleteScanConfigRequest(com.google.cloud.websecurityscanner.v1beta.DeleteScanConfigRequest) ScanRun(com.google.cloud.websecurityscanner.v1beta.ScanRun) ListScanConfigsRequest(com.google.cloud.websecurityscanner.v1beta.ListScanConfigsRequest) WebSecurityScannerClient(com.google.cloud.websecurityscanner.v1beta.WebSecurityScannerClient) ScanConfig(com.google.cloud.websecurityscanner.v1beta.ScanConfig) GetScanConfigRequest(com.google.cloud.websecurityscanner.v1beta.GetScanConfigRequest) StartScanRunRequest(com.google.cloud.websecurityscanner.v1beta.StartScanRunRequest) CreateScanConfigRequest(com.google.cloud.websecurityscanner.v1beta.CreateScanConfigRequest)

Aggregations

WebSecurityScannerClient (com.google.cloud.websecurityscanner.v1beta.WebSecurityScannerClient)3 PermissionDeniedException (com.google.api.gax.rpc.PermissionDeniedException)2 CreateScanConfigRequest (com.google.cloud.websecurityscanner.v1beta.CreateScanConfigRequest)2 ListScanConfigsRequest (com.google.cloud.websecurityscanner.v1beta.ListScanConfigsRequest)2 ScanConfig (com.google.cloud.websecurityscanner.v1beta.ScanConfig)2 WebSecurityScannerSettings (com.google.cloud.websecurityscanner.v1beta.WebSecurityScannerSettings)2 Test (org.junit.Test)2 NotFoundException (com.google.api.gax.rpc.NotFoundException)1 DeleteScanConfigRequest (com.google.cloud.websecurityscanner.v1beta.DeleteScanConfigRequest)1 GetScanConfigRequest (com.google.cloud.websecurityscanner.v1beta.GetScanConfigRequest)1 ScanRun (com.google.cloud.websecurityscanner.v1beta.ScanRun)1 StartScanRunRequest (com.google.cloud.websecurityscanner.v1beta.StartScanRunRequest)1 StopScanRunRequest (com.google.cloud.websecurityscanner.v1beta.StopScanRunRequest)1 ListScanConfigsPagedResponse (com.google.cloud.websecurityscanner.v1beta.WebSecurityScannerClient.ListScanConfigsPagedResponse)1