use of org.parosproxy.paros.core.scanner.Alert in project zaproxy by zaproxy.
the class CoreAPI method processAlerts.
private void processAlerts(String baseUrl, int start, int count, Processor<Alert> processor) throws ApiException {
List<Alert> alerts = new ArrayList<>();
try {
TableAlert tableAlert = Model.getSingleton().getDb().getTableAlert();
// TODO this doesnt work, but should be used when its fixed :/
//Vector<Integer> v = tableAlert.getAlertListBySession(Model.getSingleton().getSession().getSessionId());
Vector<Integer> v = tableAlert.getAlertList();
PaginationConstraintsChecker pcc = new PaginationConstraintsChecker(start, count);
for (int i = 0; i < v.size(); i++) {
int alertId = v.get(i).intValue();
RecordAlert recAlert = tableAlert.read(alertId);
Alert alert = new Alert(recAlert);
if (alert.getConfidence() != Alert.CONFIDENCE_FALSE_POSITIVE && !alerts.contains(alert)) {
if (baseUrl != null && !alert.getUri().startsWith(baseUrl)) {
// Not subordinate to the specified URL
continue;
}
pcc.recordProcessed();
alerts.add(alert);
if (!pcc.hasPageStarted()) {
continue;
}
processor.process(alert);
if (pcc.hasPageEnded()) {
break;
}
}
}
} catch (DatabaseException e) {
logger.error(e.getMessage(), e);
throw new ApiException(ApiException.Type.INTERNAL_ERROR);
}
}
use of org.parosproxy.paros.core.scanner.Alert in project zaproxy by zaproxy.
the class AlertPanel method recreateLinkWithSitesTreeModel.
/**
* Recreates the {@code linkWithSitesTreeModel} with the alerts of the given {@code siteNode}.
* <p>
* If the given {@code siteNode} doesn't contain any alerts the resulting model will only contain the root node, otherwise
* the model will contain the root node and the alerts returned by the method {@code SiteNode#getAlerts()} although if the
* node has an HistoryReference only the alerts whose URI is equal to the URI returned by the method
* {@code HistoryReference#getURI()} will be included.
* </p>
* <p>
* After a call to this method the number of total alerts will be recalculated by calling the method
* {@code ExtensionAlert#recalcAlerts()}.
* </p>
*
* @param siteNode the "Sites" tree node that will be used to recreate the alerts tree model.
* @throws IllegalArgumentException if {@code siteNode} is {@code null}.
* @see #linkWithSitesTreeModel
* @see #setLinkWithSitesTreeSelection
* @see Alert
* @see ExtensionAlert#recalcAlerts()
* @see HistoryReference
* @see SiteNode#getAlerts()
*/
private void recreateLinkWithSitesTreeModel(SiteNode siteNode) {
if (siteNode == null) {
throw new IllegalArgumentException("Parameter siteNode must not be null.");
}
((AlertNode) getLinkWithSitesTreeModel().getRoot()).removeAllChildren();
if (siteNode.isRoot()) {
getLinkWithSitesTreeModel().reload();
extension.recalcAlerts();
return;
}
String uri = null;
HistoryReference historyReference = siteNode.getHistoryReference();
if (historyReference != null) {
uri = historyReference.getURI().toString();
}
for (Alert alert : siteNode.getAlerts()) {
// Just show ones for this node
if (uri != null && !alert.getUri().equals(uri)) {
continue;
}
getLinkWithSitesTreeModel().addPath(alert);
}
getLinkWithSitesTreeModel().reload();
expandRootChildNodes();
extension.recalcAlerts();
}
use of org.parosproxy.paros.core.scanner.Alert in project zaproxy by zaproxy.
the class AlertViewPanel method getAlert.
public Alert getAlert() {
if (!editable && originalAlert != null) {
Alert alert = originalAlert.newInstance();
alert.setAlertId(originalAlert.getAlertId());
alert.setName((String) alertEditName.getSelectedItem());
alert.setParam((String) alertEditParam.getSelectedItem());
alert.setRiskConfidence(alertEditRisk.getSelectedIndex(), alertEditConfidence.getSelectedIndex());
alert.setDescription(alertDescription.getText());
alert.setOtherInfo(alertOtherInfo.getText());
alert.setSolution(alertSolution.getText());
alert.setReference(alertReference.getText());
alert.setEvidence(alertEvidence.getText());
alert.setCweId(alertEditCweId.getValue());
alert.setWascId(alertEditWascId.getValue());
alert.setHistoryRef(historyRef);
return alert;
}
Alert alert = new Alert(-1, alertEditRisk.getSelectedIndex(), alertEditConfidence.getSelectedIndex(), (String) alertEditName.getSelectedItem());
alert.setHistoryRef(historyRef);
if (originalAlert != null) {
alert.setAlertId(originalAlert.getAlertId());
alert.setSource(originalAlert.getSource());
}
String uri = null;
HttpMessage msg = null;
if (httpMessage != null) {
uri = httpMessage.getRequestHeader().getURI().toString();
msg = httpMessage;
} else if (historyRef != null) {
try {
uri = historyRef.getURI().toString();
msg = historyRef.getHttpMessage();
} catch (Exception e) {
logger.error(e.getMessage(), e);
}
} else if (originalAlert != null) {
uri = originalAlert.getUri();
msg = originalAlert.getMessage();
}
alert.setDetail(alertDescription.getText(), uri, (String) alertEditParam.getSelectedItem(), alertEditAttack.getText(), alertOtherInfo.getText(), alertSolution.getText(), alertReference.getText(), alertEditEvidence.getText(), alertEditCweId.getValue(), alertEditWascId.getValue(), msg);
return alert;
}
use of org.parosproxy.paros.core.scanner.Alert in project zaproxy by zaproxy.
the class ExtensionAlert method getAllAlerts.
public List<Alert> getAllAlerts() {
List<Alert> allAlerts = new ArrayList<>();
TableAlert tableAlert = getModel().getDb().getTableAlert();
Vector<Integer> v;
try {
// TODO this doesnt work, but should be used when its fixed :/
//v = tableAlert.getAlertListBySession(Model.getSingleton().getSession().getSessionId());
v = tableAlert.getAlertList();
for (int i = 0; i < v.size(); i++) {
int alertId = v.get(i).intValue();
RecordAlert recAlert = tableAlert.read(alertId);
Alert alert = new Alert(recAlert);
if (alert.getHistoryRef() != null) {
// Only use the alert if it has a history reference.
if (!allAlerts.contains(alert)) {
allAlerts.add(alert);
}
}
}
} catch (DatabaseException e) {
logger.error(e.getMessage(), e);
}
return allAlerts;
}
use of org.parosproxy.paros.core.scanner.Alert in project zaproxy by zaproxy.
the class ExtensionAlert method deleteHistoryReferenceAlerts.
public void deleteHistoryReferenceAlerts(HistoryReference hRef) {
List<Alert> alerts = hRef.getAlerts();
SiteMap siteTree = this.getModel().getSession().getSiteTree();
synchronized (this.getTreeModel()) {
for (int i = 0; i < alerts.size(); i++) {
Alert alert = alerts.get(i);
this.getTreeModel().deletePath(alert);
this.getFilteredTreeModel().deletePath(alert);
try {
getModel().getDb().getTableAlert().deleteAlert(alert.getAlertId());
} catch (DatabaseException e) {
logger.error("Failed to delete alert with ID: " + alert.getAlertId(), e);
}
}
SiteNode node = hRef.getSiteNode();
if (node == null) {
node = siteTree.findNode(hRef.getURI(), hRef.getMethod(), hRef.getRequestBody());
}
if (node != null) {
node.deleteAlerts(alerts);
}
alerts.clear();
this.recalcAlerts();
}
hrefs.remove(Integer.valueOf(hRef.getHistoryId()));
}
Aggregations