Example 1 with Alert
use of org.parosproxy.paros.core.scanner.Alert in project zaproxy by zaproxy.
the class CoreAPI method processAlerts.
private void processAlerts(String baseUrl, int start, int count, Processor<Alert> processor) throws ApiException {
List<Alert> alerts = new ArrayList<>();
try {
TableAlert tableAlert = Model.getSingleton().getDb().getTableAlert();
// TODO this doesnt work, but should be used when its fixed :/
//Vector<Integer> v = tableAlert.getAlertListBySession(Model.getSingleton().getSession().getSessionId());
Vector<Integer> v = tableAlert.getAlertList();
PaginationConstraintsChecker pcc = new PaginationConstraintsChecker(start, count);
for (int i = 0; i < v.size(); i++) {
int alertId = v.get(i).intValue();
RecordAlert recAlert = tableAlert.read(alertId);
Alert alert = new Alert(recAlert);
if (alert.getConfidence() != Alert.CONFIDENCE_FALSE_POSITIVE && !alerts.contains(alert)) {
if (baseUrl != null && !alert.getUri().startsWith(baseUrl)) {
// Not subordinate to the specified URL
continue;
}
pcc.recordProcessed();
alerts.add(alert);
if (!pcc.hasPageStarted()) {
continue;
}
processor.process(alert);
if (pcc.hasPageEnded()) {
break;
}
}
}
} catch (DatabaseException e) {
logger.error(e.getMessage(), e);
throw new ApiException(ApiException.Type.INTERNAL_ERROR);
}
}
Also used :
TableAlert(org.parosproxy.paros.db.TableAlert)
ArrayList(java.util.ArrayList)
Alert(org.parosproxy.paros.core.scanner.Alert)
RecordAlert(org.parosproxy.paros.db.RecordAlert)
ExtensionAlert(org.zaproxy.zap.extension.alert.ExtensionAlert)
TableAlert(org.parosproxy.paros.db.TableAlert)
DatabaseException(org.parosproxy.paros.db.DatabaseException)
RecordAlert(org.parosproxy.paros.db.RecordAlert)
Example 2 with Alert
use of org.parosproxy.paros.core.scanner.Alert in project zaproxy by zaproxy.
the class AlertPanel method recreateLinkWithSitesTreeModel.
/**
* Recreates the {@code linkWithSitesTreeModel} with the alerts of the given {@code siteNode}.
* <p>
* If the given {@code siteNode} doesn't contain any alerts the resulting model will only contain the root node, otherwise
* the model will contain the root node and the alerts returned by the method {@code SiteNode#getAlerts()} although if the
* node has an HistoryReference only the alerts whose URI is equal to the URI returned by the method
* {@code HistoryReference#getURI()} will be included.
* </p>
* <p>
* After a call to this method the number of total alerts will be recalculated by calling the method
* {@code ExtensionAlert#recalcAlerts()}.
* </p>
*
* @param siteNode the "Sites" tree node that will be used to recreate the alerts tree model.
* @throws IllegalArgumentException if {@code siteNode} is {@code null}.
* @see #linkWithSitesTreeModel
* @see #setLinkWithSitesTreeSelection
* @see Alert
* @see ExtensionAlert#recalcAlerts()
* @see HistoryReference
* @see SiteNode#getAlerts()
*/
private void recreateLinkWithSitesTreeModel(SiteNode siteNode) {
if (siteNode == null) {
throw new IllegalArgumentException("Parameter siteNode must not be null.");
}
((AlertNode) getLinkWithSitesTreeModel().getRoot()).removeAllChildren();
if (siteNode.isRoot()) {
getLinkWithSitesTreeModel().reload();
extension.recalcAlerts();
return;
}
String uri = null;
HistoryReference historyReference = siteNode.getHistoryReference();
if (historyReference != null) {
uri = historyReference.getURI().toString();
}
for (Alert alert : siteNode.getAlerts()) {
// Just show ones for this node
if (uri != null && !alert.getUri().equals(uri)) {
continue;
}
getLinkWithSitesTreeModel().addPath(alert);
}
getLinkWithSitesTreeModel().reload();
expandRootChildNodes();
extension.recalcAlerts();
}
Also used :
HistoryReference(org.parosproxy.paros.model.HistoryReference)
Alert(org.parosproxy.paros.core.scanner.Alert)
Example 3 with Alert
use of org.parosproxy.paros.core.scanner.Alert in project zaproxy by zaproxy.
the class AlertViewPanel method getAlert.
public Alert getAlert() {
if (!editable && originalAlert != null) {
Alert alert = originalAlert.newInstance();
alert.setAlertId(originalAlert.getAlertId());
alert.setName((String) alertEditName.getSelectedItem());
alert.setParam((String) alertEditParam.getSelectedItem());
alert.setRiskConfidence(alertEditRisk.getSelectedIndex(), alertEditConfidence.getSelectedIndex());
alert.setDescription(alertDescription.getText());
alert.setOtherInfo(alertOtherInfo.getText());
alert.setSolution(alertSolution.getText());
alert.setReference(alertReference.getText());
alert.setEvidence(alertEvidence.getText());
alert.setCweId(alertEditCweId.getValue());
alert.setWascId(alertEditWascId.getValue());
alert.setHistoryRef(historyRef);
return alert;
}
Alert alert = new Alert(-1, alertEditRisk.getSelectedIndex(), alertEditConfidence.getSelectedIndex(), (String) alertEditName.getSelectedItem());
alert.setHistoryRef(historyRef);
if (originalAlert != null) {
alert.setAlertId(originalAlert.getAlertId());
alert.setSource(originalAlert.getSource());
}
String uri = null;
HttpMessage msg = null;
if (httpMessage != null) {
uri = httpMessage.getRequestHeader().getURI().toString();
msg = httpMessage;
} else if (historyRef != null) {
try {
uri = historyRef.getURI().toString();
msg = historyRef.getHttpMessage();
} catch (Exception e) {
logger.error(e.getMessage(), e);
}
} else if (originalAlert != null) {
uri = originalAlert.getUri();
msg = originalAlert.getMessage();
}
alert.setDetail(alertDescription.getText(), uri, (String) alertEditParam.getSelectedItem(), alertEditAttack.getText(), alertOtherInfo.getText(), alertSolution.getText(), alertReference.getText(), alertEditEvidence.getText(), alertEditCweId.getValue(), alertEditWascId.getValue(), msg);
return alert;
}
Also used :
Alert(org.parosproxy.paros.core.scanner.Alert)
HttpMessage(org.parosproxy.paros.network.HttpMessage)
Example 4 with Alert
use of org.parosproxy.paros.core.scanner.Alert in project zaproxy by zaproxy.
the class ExtensionAlert method getAllAlerts.
public List<Alert> getAllAlerts() {
List<Alert> allAlerts = new ArrayList<>();
TableAlert tableAlert = getModel().getDb().getTableAlert();
Vector<Integer> v;
try {
// TODO this doesnt work, but should be used when its fixed :/
//v = tableAlert.getAlertListBySession(Model.getSingleton().getSession().getSessionId());
v = tableAlert.getAlertList();
for (int i = 0; i < v.size(); i++) {
int alertId = v.get(i).intValue();
RecordAlert recAlert = tableAlert.read(alertId);
Alert alert = new Alert(recAlert);
if (alert.getHistoryRef() != null) {
// Only use the alert if it has a history reference.
if (!allAlerts.contains(alert)) {
allAlerts.add(alert);
}
}
}
} catch (DatabaseException e) {
logger.error(e.getMessage(), e);
}
return allAlerts;
}
Also used :
TableAlert(org.parosproxy.paros.db.TableAlert)
ArrayList(java.util.ArrayList)
Alert(org.parosproxy.paros.core.scanner.Alert)
RecordAlert(org.parosproxy.paros.db.RecordAlert)
TableAlert(org.parosproxy.paros.db.TableAlert)
DatabaseException(org.parosproxy.paros.db.DatabaseException)
RecordAlert(org.parosproxy.paros.db.RecordAlert)
Example 5 with Alert
use of org.parosproxy.paros.core.scanner.Alert in project zaproxy by zaproxy.
the class ExtensionAlert method deleteHistoryReferenceAlerts.
public void deleteHistoryReferenceAlerts(HistoryReference hRef) {
List<Alert> alerts = hRef.getAlerts();
SiteMap siteTree = this.getModel().getSession().getSiteTree();
synchronized (this.getTreeModel()) {
for (int i = 0; i < alerts.size(); i++) {
Alert alert = alerts.get(i);
this.getTreeModel().deletePath(alert);
this.getFilteredTreeModel().deletePath(alert);
try {
getModel().getDb().getTableAlert().deleteAlert(alert.getAlertId());
} catch (DatabaseException e) {
logger.error("Failed to delete alert with ID: " + alert.getAlertId(), e);
}
}
SiteNode node = hRef.getSiteNode();
if (node == null) {
node = siteTree.findNode(hRef.getURI(), hRef.getMethod(), hRef.getRequestBody());
}
if (node != null) {
node.deleteAlerts(alerts);
}
alerts.clear();
this.recalcAlerts();
}
hrefs.remove(Integer.valueOf(hRef.getHistoryId()));
}
Also used :
SiteMap(org.parosproxy.paros.model.SiteMap)
Alert(org.parosproxy.paros.core.scanner.Alert)
RecordAlert(org.parosproxy.paros.db.RecordAlert)
TableAlert(org.parosproxy.paros.db.TableAlert)
DatabaseException(org.parosproxy.paros.db.DatabaseException)
SiteNode(org.parosproxy.paros.model.SiteNode)
Aggregations
Alert (org.parosproxy.paros.core.scanner.Alert)37
Test (org.junit.Test)15
ArrayList (java.util.ArrayList)7
RecordAlert (org.parosproxy.paros.db.RecordAlert)7
TableAlert (org.parosproxy.paros.db.TableAlert)7
HistoryReference (org.parosproxy.paros.model.HistoryReference)6
SiteNode (org.parosproxy.paros.model.SiteNode)6
ExtensionAlert (org.zaproxy.zap.extension.alert.ExtensionAlert)5
DatabaseException (org.parosproxy.paros.db.DatabaseException)4
TreePath (javax.swing.tree.TreePath)3
DefaultMutableTreeNode (javax.swing.tree.DefaultMutableTreeNode)2
Session (org.parosproxy.paros.model.Session)2
SiteMap (org.parosproxy.paros.model.SiteMap)2
AlertNode (org.zaproxy.zap.extension.alert.AlertNode)2
Component (java.awt.Component)1
Dimension (java.awt.Dimension)1
HeadlessException (java.awt.HeadlessException)1
Point (java.awt.Point)1
MouseEvent (java.awt.event.MouseEvent)1
Enumeration (java.util.Enumeration)1
