Search in sources :

Example 1 with ScanSecHubReport

use of com.mercedesbenz.sechub.domain.scan.report.ScanSecHubReport in project sechub by mercedes-benz.

the class FalsePositiveJobDataConfigMergerTest method report_example1_REMOVE_job_data_contained_does_remove_it.

@Test
public void report_example1_REMOVE_job_data_contained_does_remove_it() {
    /* prepare */
    UUID jobUUID = UUID.fromString("f1d02a9d-5e1b-4f52-99e5-401854ccf936");
    ScanSecHubReport scanSecHubReport = loadScanReport("sechub_result/sechub-report-example1-noscantype.json");
    FalsePositiveJobData falsePositiveJobData2 = new FalsePositiveJobData();
    falsePositiveJobData2.setComment("comment2");
    falsePositiveJobData2.setFindingId(2);
    falsePositiveJobData2.setJobUUID(jobUUID);
    FalsePositiveJobData falsePositiveJobData3 = new FalsePositiveJobData();
    falsePositiveJobData3.setComment("comment3");
    falsePositiveJobData3.setFindingId(3);
    falsePositiveJobData3.setJobUUID(jobUUID);
    FalsePositiveJobData falsePositiveJobData4 = new FalsePositiveJobData();
    falsePositiveJobData4.setComment("comment4");
    falsePositiveJobData4.setFindingId(4);
    falsePositiveJobData4.setJobUUID(jobUUID);
    toTest.addJobDataWithMetaDataToConfig(scanSecHubReport, config, falsePositiveJobData2, TEST_AUTHOR);
    toTest.addJobDataWithMetaDataToConfig(scanSecHubReport, config, falsePositiveJobData3, TEST_AUTHOR);
    toTest.addJobDataWithMetaDataToConfig(scanSecHubReport, config, falsePositiveJobData4, TEST_AUTHOR);
    /* test */
    List<FalsePositiveEntry> falsePositives = config.getFalsePositives();
    assertNotNull(falsePositives);
    assertEquals(3, falsePositives.size());
    /* execute */
    // now we remove the false positive job data
    FalsePositiveJobData falsePositiveDataToRemove = new FalsePositiveJobData();
    falsePositiveDataToRemove.setFindingId(3);
    falsePositiveDataToRemove.setJobUUID(jobUUID);
    toTest.removeJobDataWithMetaDataFromConfig(config, falsePositiveDataToRemove);
    /* test */
    falsePositives = config.getFalsePositives();
    assertNotNull(falsePositives);
    assertEquals(2, falsePositives.size());
    Iterator<FalsePositiveEntry> iterator = falsePositives.iterator();
    FalsePositiveEntry fp2 = iterator.next();
    FalsePositiveEntry fp4 = iterator.next();
    FalsePositiveJobData jd2 = fp2.getJobData();
    FalsePositiveJobData jd4 = fp4.getJobData();
    assertEquals(2, jd2.getFindingId());
    assertEquals(4, jd4.getFindingId());
}
Also used : ScanSecHubReport(com.mercedesbenz.sechub.domain.scan.report.ScanSecHubReport) UUID(java.util.UUID) Test(org.junit.Test)

Example 2 with ScanSecHubReport

use of com.mercedesbenz.sechub.domain.scan.report.ScanSecHubReport in project sechub by mercedes-benz.

the class ScanReportRestControllerRestDocTest method get_report_from_existing_job_returns_information_as_json_when_type_is_APPLICATION_JSON_UTF8.

@UseCaseRestDoc(useCase = UseCaseUserDownloadsJobReport.class, variant = "JSON", wanted = { SpringRestDocOutput.PATH_PARAMETERS, SpringRestDocOutput.REQUEST_FIELDS, SpringRestDocOutput.CURL_REQUEST })
@Test
@WithMockUser
public void get_report_from_existing_job_returns_information_as_json_when_type_is_APPLICATION_JSON_UTF8() throws Exception {
    /* prepare */
    String apiEndpoint = https(PORT_USED).buildGetJobReportUrl(PROJECT_ID.pathElement(), JOB_UUID.pathElement());
    Class<? extends Annotation> useCase = UseCaseUserDownloadsJobReport.class;
    ScanReport report = new ScanReport(jobUUID, PROJECT1_ID);
    report.setResult("{'count':'1'}");
    report.setTrafficLight(TrafficLight.YELLOW);
    ScanSecHubReport scanSecHubReport = new ScanSecHubReport(report);
    when(downloadReportService.getScanSecHubReport(PROJECT1_ID, jobUUID)).thenReturn(scanSecHubReport);
    /* execute + test @formatter:off */
    this.mockMvc.perform(get(apiEndpoint, PROJECT1_ID, jobUUID).accept(MediaType.APPLICATION_JSON_VALUE).contentType(MediaType.APPLICATION_JSON_VALUE)).andExpect(status().isOk()).andExpect(content().json("{\"jobUUID\":\"" + jobUUID.toString() + "\",\"result\":{\"count\":0,\"findings\":[]},\"trafficLight\":\"YELLOW\"}")).andDo(defineRestService().with().useCaseData(useCase, "JSON").tag(RestDocFactory.extractTag(apiEndpoint)).responseSchema(OpenApiSchema.SECHUB_REPORT.getSchema()).and().document(pathParameters(parameterWithName(PROJECT_ID.paramName()).description("The project Id"), parameterWithName(JOB_UUID.paramName()).description("The job UUID"))));
/* @formatter:on */
}
Also used : ScanSecHubReport(com.mercedesbenz.sechub.domain.scan.report.ScanSecHubReport) ScanReport(com.mercedesbenz.sechub.domain.scan.report.ScanReport) UseCaseUserDownloadsJobReport(com.mercedesbenz.sechub.sharedkernel.usecases.user.execute.UseCaseUserDownloadsJobReport) WithMockUser(org.springframework.security.test.context.support.WithMockUser) UseCaseRestDoc(com.mercedesbenz.sechub.sharedkernel.usecases.UseCaseRestDoc) Test(org.junit.Test) WebMvcTest(org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest)

Example 3 with ScanSecHubReport

use of com.mercedesbenz.sechub.domain.scan.report.ScanSecHubReport in project sechub by mercedes-benz.

the class ScanReportRestControllerRestDocTest method get_report_from_existing_job_returns_information_as_html_when_type_is_APPLICATION_XHTML_XML.

@UseCaseRestDoc(useCase = UseCaseUserDownloadsJobReport.class, variant = "HTML", wanted = { SpringRestDocOutput.PATH_PARAMETERS, SpringRestDocOutput.REQUEST_FIELDS, SpringRestDocOutput.CURL_REQUEST })
@Test
@WithMockUser
public void get_report_from_existing_job_returns_information_as_html_when_type_is_APPLICATION_XHTML_XML() throws Exception {
    /* prepare */
    String apiEndpoint = https(PORT_USED).buildGetJobReportUrl(PROJECT_ID.pathElement(), JOB_UUID.pathElement());
    Class<? extends Annotation> useCase = UseCaseUserDownloadsJobReport.class;
    ScanReport report = new ScanReport(jobUUID, PROJECT1_ID);
    report.setResult("{'count':'1'}");
    report.setTrafficLight(TrafficLight.YELLOW);
    ScanSecHubReport scanSecHubReport = new ScanSecHubReport(report);
    when(downloadReportService.getScanSecHubReport(PROJECT1_ID, jobUUID)).thenReturn(scanSecHubReport);
    /* execute + test @formatter:off */
    this.mockMvc.perform(get(apiEndpoint, PROJECT1_ID, jobUUID).accept(MediaType.APPLICATION_XHTML_XML).contentType(MediaType.APPLICATION_JSON_VALUE)).andExpect(status().isOk()).andExpect(content().contentType("text/html;charset=UTF-8")).andExpect(content().encoding("UTF-8")).andExpect(content().string(containsString(jobUUID.toString()))).andExpect(content().string(containsString("theRedStyle"))).andDo(defineRestService().with().useCaseData(useCase, "HTML").tag(RestDocFactory.extractTag(apiEndpoint)).responseSchema(OpenApiSchema.SECHUB_REPORT.getSchema()).and().document(pathParameters(parameterWithName(PROJECT_ID.paramName()).description("The project Id"), parameterWithName(JOB_UUID.paramName()).description("The job UUID"))));
/* @formatter:on */
}
Also used : ScanSecHubReport(com.mercedesbenz.sechub.domain.scan.report.ScanSecHubReport) ScanReport(com.mercedesbenz.sechub.domain.scan.report.ScanReport) UseCaseUserDownloadsJobReport(com.mercedesbenz.sechub.sharedkernel.usecases.user.execute.UseCaseUserDownloadsJobReport) WithMockUser(org.springframework.security.test.context.support.WithMockUser) UseCaseRestDoc(com.mercedesbenz.sechub.sharedkernel.usecases.UseCaseRestDoc) Test(org.junit.Test) WebMvcTest(org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest)

Example 4 with ScanSecHubReport

use of com.mercedesbenz.sechub.domain.scan.report.ScanSecHubReport in project sechub by mercedes-benz.

the class ScanReportRestControllerMockTest method get_report_from_existing_job_returns_406_NOT_ACCEPTABLE__when_type_is_APPLICATION_PDF.

@Test
@WithMockUser
public void get_report_from_existing_job_returns_406_NOT_ACCEPTABLE__when_type_is_APPLICATION_PDF() throws Exception {
    /* prepare */
    ScanReport scanReport = new ScanReport(randomUUID, PROJECT1_ID);
    scanReport.setResult("{'count':'1'}");
    scanReport.setTrafficLight(TrafficLight.YELLOW);
    ScanSecHubReport scanSecHubReport = new ScanSecHubReport(scanReport);
    when(downloadReportService.getScanSecHubReport(PROJECT1_ID, randomUUID)).thenReturn(scanSecHubReport);
    /* execute + test @formatter:off */
    this.mockMvc.perform(get(https(PORT_USED).buildGetJobReportUrl(PROJECT1_ID, randomUUID)).accept(MediaType.APPLICATION_PDF).contentType(MediaType.APPLICATION_JSON_VALUE)).andExpect(status().isNotAcceptable());
/* @formatter:on */
}
Also used : ScanSecHubReport(com.mercedesbenz.sechub.domain.scan.report.ScanSecHubReport) ScanReport(com.mercedesbenz.sechub.domain.scan.report.ScanReport) WithMockUser(org.springframework.security.test.context.support.WithMockUser) Test(org.junit.Test) WebMvcTest(org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest)

Example 5 with ScanSecHubReport

use of com.mercedesbenz.sechub.domain.scan.report.ScanSecHubReport in project sechub by mercedes-benz.

the class ScanReportRestControllerMockTest method internalTestAcceptedAndReturnsJSON.

private void internalTestAcceptedAndReturnsJSON(MediaType acceptedType) throws Exception {
    /* prepare */
    ScanReport report = new ScanReport(randomUUID, PROJECT1_ID);
    report.setResult("{'count':'1'}");
    report.setTrafficLight(TrafficLight.YELLOW);
    ScanSecHubReport scanSecHubReport = new ScanSecHubReport(report);
    when(downloadReportService.getScanSecHubReport(PROJECT1_ID, randomUUID)).thenReturn(scanSecHubReport);
    /* execute + test @formatter:off */
    this.mockMvc.perform(get(https(PORT_USED).buildGetJobReportUrl(PROJECT1_ID, randomUUID)).accept(acceptedType).contentType(MediaType.APPLICATION_JSON_VALUE)).andExpect(status().isOk()).andExpect(content().json("{\"jobUUID\":\"" + randomUUID.toString() + "\",\"result\":{\"count\":0,\"findings\":[]},\"trafficLight\":\"YELLOW\"}"));
/* @formatter:on */
}
Also used : ScanSecHubReport(com.mercedesbenz.sechub.domain.scan.report.ScanSecHubReport) ScanReport(com.mercedesbenz.sechub.domain.scan.report.ScanReport)

Aggregations

ScanSecHubReport (com.mercedesbenz.sechub.domain.scan.report.ScanSecHubReport)11 Test (org.junit.Test)7 ScanReport (com.mercedesbenz.sechub.domain.scan.report.ScanReport)6 UUID (java.util.UUID)4 WebMvcTest (org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest)3 WithMockUser (org.springframework.security.test.context.support.WithMockUser)3 UseCaseRestDoc (com.mercedesbenz.sechub.sharedkernel.usecases.UseCaseRestDoc)2 UseCaseUserDownloadsJobReport (com.mercedesbenz.sechub.sharedkernel.usecases.user.execute.UseCaseUserDownloadsJobReport)2 SecHubFinding (com.mercedesbenz.sechub.commons.model.SecHubFinding)1 SecHubResult (com.mercedesbenz.sechub.commons.model.SecHubResult)1 ScanReportTrafficLightCalculator (com.mercedesbenz.sechub.domain.scan.report.ScanReportTrafficLightCalculator)1 NotFoundException (com.mercedesbenz.sechub.sharedkernel.error.NotFoundException)1 ByteArrayInputStream (java.io.ByteArrayInputStream)1 Before (org.junit.Before)1 Resource (org.springframework.core.io.Resource)1