Search in sources :

Example 21 with ExecutionResult

use of com.mercedesbenz.sechub.integrationtest.internal.SecHubClientExecutor.ExecutionResult in project sechub by mercedes-benz.

the class FalsePositivesScenario3IntTest method REST_API_direct_mark_falsepositives_of_only_existing_medium_will_result_in_report_without_defined__And_trafficlight_changes_from_yellow_to_green.

@Test
public void REST_API_direct_mark_falsepositives_of_only_existing_medium_will_result_in_report_without_defined__And_trafficlight_changes_from_yellow_to_green() throws Exception {
    /* @formatter:off */
    /**
     ********
     */
    /* prepare */
    /**
     ********
     */
    IntegrationTestJSONLocation location = IntegrationTestJSONLocation.CLIENT_JSON_SOURCESCAN_YELLOW_ZERO_WAIT;
    ExecutionResult result = as(USER_1).withSecHubClient().startSynchronScanFor(project, location);
    assertReportUnordered(result).finding().id(1).name("Absolute Path Traversal").isContained().hasTrafficLight(TrafficLight.YELLOW);
    UUID jobUUID = result.getSechubJobUUID();
    /**
     ********
     */
    /* execute */
    /**
     ********
     */
    as(USER_1).startFalsePositiveDefinition(project).add(1, jobUUID).markAsFalsePositive();
    /**
     *****
     */
    /* test */
    /**
     *****
     */
    ExecutionResult result2 = as(USER_1).withSecHubClient().startSynchronScanFor(project, location);
    assertReportUnordered(result2).finding().id(1).name("Absolute Path Traversal").isNotContained().hasTrafficLight(TrafficLight.GREEN);
/* @formatter:on */
}
Also used : IntegrationTestJSONLocation(com.mercedesbenz.sechub.integrationtest.api.IntegrationTestJSONLocation) ExecutionResult(com.mercedesbenz.sechub.integrationtest.internal.SecHubClientExecutor.ExecutionResult) UUID(java.util.UUID) Test(org.junit.Test)

Example 22 with ExecutionResult

use of com.mercedesbenz.sechub.integrationtest.internal.SecHubClientExecutor.ExecutionResult in project sechub by mercedes-benz.

the class FullScanDataScenario3SecHubClientIntTest method user_1_starts_job_but_only_admin_can_download_scanlog_or_fullscan_data.

@Test
public void user_1_starts_job_but_only_admin_can_download_scanlog_or_fullscan_data() throws IOException {
    /* prepare - just execute a job */
    TestUser user = USER_1;
    TestProject project = PROJECT_1;
    ExecutionResult result = as(user).withSecHubClient().startSynchronScanFor(project, CLIENT_JSON_SOURCESCAN_GREEN_ZERO_WAIT);
    UUID sechubJobUUID = result.getSechubJobUUID();
    assertNotNull("No sechub jobUUId found-maybe client call failed?", sechubJobUUID);
    /* exeucte (1) - admin can download scan logs */
    String json = as(SUPER_ADMIN).getScanLogsForProject(project);
    /* test */
    assertNotNull(json);
    assertTrue(json.contains(sechubJobUUID.toString()));
    assertTrue(json.contains(user.getUserId()));
    /* execute (2) - admin can download full scan data */
    File scanDataZipFile = as(SUPER_ADMIN).downloadFullScanDataFor(sechubJobUUID);
    /* execute */
    AssertFullScanData assertFullScanData = assertFullScanDataZipFile(scanDataZipFile);
    /* test @formatter:off*/
    assertFullScanData.dumpDownloadFilePath().containsFile("CHECKMARX_" + IntegrationTestDefaultExecutorConfigurations.CHECKMARX_V1.uuid + ".xml").containsFile("metadata_CHECKMARX_" + IntegrationTestDefaultExecutorConfigurations.CHECKMARX_V1.uuid + ".json").containsFile("metadata_SERECO.json").containsFile("SERECO.json").containsFiles(5);
    FullScanDataElement log = assertFullScanData.resolveFileStartingWith("log_");
    assertTrue(log.content.contains("executedBy=" + user.getUserId()));
    assertTrue(log.content.contains("projectId=" + project.getProjectId()));
    /* execute (3) + test - user cannot donload logs or full scan data*/
    expectHttpFailure(() -> as(user).getScanLogsForProject(project), HttpStatus.FORBIDDEN);
    expectHttpFailure(() -> as(user).downloadFullScanDataFor(sechubJobUUID), HttpStatus.FORBIDDEN);
/* execute */
}
Also used : TestProject(com.mercedesbenz.sechub.integrationtest.api.TestProject) AssertFullScanData(com.mercedesbenz.sechub.integrationtest.api.AssertFullScanData) ExecutionResult(com.mercedesbenz.sechub.integrationtest.internal.SecHubClientExecutor.ExecutionResult) FullScanDataElement(com.mercedesbenz.sechub.integrationtest.api.AssertFullScanData.FullScanDataElement) UUID(java.util.UUID) TestUser(com.mercedesbenz.sechub.integrationtest.api.TestUser) File(java.io.File) Test(org.junit.Test)

Example 23 with ExecutionResult

use of com.mercedesbenz.sechub.integrationtest.internal.SecHubClientExecutor.ExecutionResult in project sechub by mercedes-benz.

the class SecHubExecutionScenarioSecHubClientIntTest method sechub_client_is_able_to_handle_synchronous_and_result_has_trafficlight_yellow_pe_default_exitcode0.

@Test
public void sechub_client_is_able_to_handle_synchronous_and_result_has_trafficlight_yellow_pe_default_exitcode0() {
    /* prepare */
    as(SUPER_ADMIN).assignUserToProject(USER_1, PROJECT_1);
    /* @formatter:off */
    assertUser(USER_1).doesExist().isAssignedToProject(PROJECT_1);
    /* execute */
    ExecutionResult result = as(USER_1).withSecHubClient().startSynchronScanFor(PROJECT_1, CLIENT_JSON_SOURCESCAN_YELLOW_ZERO_WAIT);
    /* test */
    assertResult(result).isYellow().hasExitCode(0);
/* @formatter:on */
}
Also used : AssertExecutionResult(com.mercedesbenz.sechub.integrationtest.api.AssertExecutionResult) ExecutionResult(com.mercedesbenz.sechub.integrationtest.internal.SecHubClientExecutor.ExecutionResult) Test(org.junit.Test)

Example 24 with ExecutionResult

use of com.mercedesbenz.sechub.integrationtest.internal.SecHubClientExecutor.ExecutionResult in project sechub by mercedes-benz.

the class FalsePositivesScenario3IntTest method with_sechubclient_unmark_falsepositives_of_only_existing_medium_will_result_in_report_without_defined__And_trafficlight_changes_from_gren_to_yellow.

@Test
public void with_sechubclient_unmark_falsepositives_of_only_existing_medium_will_result_in_report_without_defined__And_trafficlight_changes_from_gren_to_yellow() throws Exception {
    /* @formatter:off */
    /**
     ********
     */
    /* prepare */
    /**
     ********
     */
    IntegrationTestJSONLocation location = IntegrationTestJSONLocation.CLIENT_JSON_SOURCESCAN_YELLOW_ZERO_WAIT;
    ExecutionResult result = as(USER_1).withSecHubClient().startSynchronScanFor(project, location);
    UUID jobUUID = result.getSechubJobUUID();
    as(USER_1).startFalsePositiveDefinition(project).add(1, jobUUID).markAsFalsePositive();
    // create scan + fetch report again (check filtering of false positive works as a precondition */
    ExecutionResult result2 = as(USER_1).withSecHubClient().startSynchronScanFor(project, location);
    assertReportUnordered(result2).finding().id(1).name("Absolute Path Traversal").isNotContained().hasTrafficLight(TrafficLight.GREEN);
    /**
     ********
     */
    /* execute */
    /**
     ********
     */
    as(USER_1).withSecHubClient().startFalsePositiveDefinition(project, location).add(1, jobUUID).unmarkFalsePositive();
    /**
     *****
     */
    /* test */
    /**
     *****
     */
    // create scan + fetch report again
    ExecutionResult result3 = as(USER_1).withSecHubClient().startSynchronScanFor(project, location);
    assertReportUnordered(result3).finding().id(1).name("Absolute Path Traversal").isContained().hasTrafficLight(TrafficLight.YELLOW);
/* @formatter:on */
}
Also used : IntegrationTestJSONLocation(com.mercedesbenz.sechub.integrationtest.api.IntegrationTestJSONLocation) ExecutionResult(com.mercedesbenz.sechub.integrationtest.internal.SecHubClientExecutor.ExecutionResult) UUID(java.util.UUID) Test(org.junit.Test)

Example 25 with ExecutionResult

use of com.mercedesbenz.sechub.integrationtest.internal.SecHubClientExecutor.ExecutionResult in project sechub by mercedes-benz.

the class FalsePositivesScenario3IntTest method with_sechubclient_mark_falsepositives_of_only_existing_medium_will_result_in_report_without_defined__And_trafficlight_changes_from_yellow_to_green.

@Test
public void with_sechubclient_mark_falsepositives_of_only_existing_medium_will_result_in_report_without_defined__And_trafficlight_changes_from_yellow_to_green() throws Exception {
    /* @formatter:off */
    /**
     ********
     */
    /* prepare */
    /**
     ********
     */
    IntegrationTestJSONLocation location = IntegrationTestJSONLocation.CLIENT_JSON_SOURCESCAN_YELLOW_ZERO_WAIT;
    ExecutionResult result = as(USER_1).withSecHubClient().startSynchronScanFor(project, location);
    assertReportUnordered(result).finding().id(1).name("Absolute Path Traversal").isContained().hasTrafficLight(TrafficLight.YELLOW);
    UUID jobUUID = result.getSechubJobUUID();
    /**
     ********
     */
    /* execute */
    /**
     ********
     */
    as(USER_1).withSecHubClient().startFalsePositiveDefinition(project, location).add(1, jobUUID).markAsFalsePositive();
    /**
     *****
     */
    /* test */
    /**
     *****
     */
    ExecutionResult result2 = as(USER_1).withSecHubClient().startSynchronScanFor(project, location);
    assertReportUnordered(result2).finding().id(1).name("Absolute Path Traversal").isNotContained().hasTrafficLight(TrafficLight.GREEN);
/* @formatter:on */
}
Also used : IntegrationTestJSONLocation(com.mercedesbenz.sechub.integrationtest.api.IntegrationTestJSONLocation) ExecutionResult(com.mercedesbenz.sechub.integrationtest.internal.SecHubClientExecutor.ExecutionResult) UUID(java.util.UUID) Test(org.junit.Test)

Aggregations

ExecutionResult (com.mercedesbenz.sechub.integrationtest.internal.SecHubClientExecutor.ExecutionResult)31 Test (org.junit.Test)25 UUID (java.util.UUID)19 File (java.io.File)11 IntegrationTestJSONLocation (com.mercedesbenz.sechub.integrationtest.api.IntegrationTestJSONLocation)9 AssertFullScanData (com.mercedesbenz.sechub.integrationtest.api.AssertFullScanData)6 AssertExecutionResult (com.mercedesbenz.sechub.integrationtest.api.AssertExecutionResult)5 TestProject (com.mercedesbenz.sechub.integrationtest.api.TestProject)4 SecHubClientExecutor (com.mercedesbenz.sechub.integrationtest.internal.SecHubClientExecutor)4 AdapterMetaData (com.mercedesbenz.sechub.adapter.AdapterMetaData)3 ProjectFalsePositivesDefinition (com.mercedesbenz.sechub.integrationtest.api.AsUser.ProjectFalsePositivesDefinition)3 FullScanDataElement (com.mercedesbenz.sechub.integrationtest.api.AssertFullScanData.FullScanDataElement)3 JSonMessageHttpStatusExceptionTestValidator (com.mercedesbenz.sechub.integrationtest.api.JSonMessageHttpStatusExceptionTestValidator)1 TestUser (com.mercedesbenz.sechub.integrationtest.api.TestUser)1 WithSecHubClient (com.mercedesbenz.sechub.integrationtest.api.WithSecHubClient)1 MappingData (com.mercedesbenz.sechub.sharedkernel.mapping.MappingData)1 MappingEntry (com.mercedesbenz.sechub.sharedkernel.mapping.MappingEntry)1 HashMap (java.util.HashMap)1