Examples with TableAlertTag org.zaproxy.zap.db.TableAlertTag used on opensource projects

Example 1 with TableAlertTag

use of org.zaproxy.zap.db.TableAlertTag in project zaproxy by zaproxy.

the class AlertAPI method processAlerts.

private void processAlerts(String baseUrl, int start, int count, int riskId, Processor<Alert> processor) throws ApiException {
    List<Alert> alerts = new ArrayList<>();
    try {
        TableAlert tableAlert = Model.getSingleton().getDb().getTableAlert();
        TableAlertTag tableAlertTag = Model.getSingleton().getDb().getTableAlertTag();
        // TODO this doesn't work, but should be used when its fixed :/
        // Vector<Integer> v =
        // tableAlert.getAlertListBySession(Model.getSingleton().getSession().getSessionId());
        Vector<Integer> v = tableAlert.getAlertList();
        PaginationConstraintsChecker pcc = new PaginationConstraintsChecker(start, count);
        for (int alertId : v) {
            RecordAlert recAlert = tableAlert.read(alertId);
            Alert alert = new Alert(recAlert);
            if (alert.getConfidence() != Alert.CONFIDENCE_FALSE_POSITIVE && !alerts.contains(alert)) {
                if (baseUrl != null && !alert.getUri().startsWith(baseUrl)) {
                    // Not subordinate to the specified URL
                    continue;
                }
                if (riskId != NO_RISK_ID && alert.getRisk() != riskId) {
                    continue;
                }
                pcc.recordProcessed();
                alerts.add(alert);
                if (!pcc.hasPageStarted()) {
                    continue;
                }
                alert.setTags(tableAlertTag.getTagsByAlertId(alertId));
                processor.process(alert);
                if (pcc.hasPageEnded()) {
                    break;
                }
            }
        }
    } catch (DatabaseException e) {
        logger.error(e.getMessage(), e);
        throw new ApiException(ApiException.Type.INTERNAL_ERROR);
    }
}

Example 2 with TableAlertTag

use of org.zaproxy.zap.db.TableAlertTag in project zaproxy by zaproxy.

the class ExtensionAlert method getAllAlerts.

public List<Alert> getAllAlerts() {
    List<Alert> allAlerts = new ArrayList<>();
    TableAlert tableAlert = getModel().getDb().getTableAlert();
    TableAlertTag tableAlertTag = getModel().getDb().getTableAlertTag();
    Vector<Integer> v;
    try {
        // TODO this doesn't work, but should be used when its fixed :/
        // v =
        // tableAlert.getAlertListBySession(Model.getSingleton().getSession().getSessionId());
        v = tableAlert.getAlertList();
        for (int i = 0; i < v.size(); i++) {
            int alertId = v.get(i);
            RecordAlert recAlert = tableAlert.read(alertId);
            Alert alert = new Alert(recAlert);
            if (alert.getHistoryRef() != null) {
                // Only use the alert if it has a history reference.
                if (!allAlerts.contains(alert)) {
                    alert.setTags(tableAlertTag.getTagsByAlertId(alertId));
                    allAlerts.add(alert);
                }
            }
        }
    } catch (DatabaseException e) {
        logger.error(e.getMessage(), e);
    }
    return allAlerts;
}

Example 3 with TableAlertTag

use of org.zaproxy.zap.db.TableAlertTag in project zaproxy by zaproxy.

the class ExtensionAlert method writeAlertToDB.

private void writeAlertToDB(Alert alert, HistoryReference ref) throws HttpMalformedHeaderException, DatabaseException {
    TableAlert tableAlert = getModel().getDb().getTableAlert();
    int scanId = 0;
    if (recordScan != null) {
        scanId = recordScan.getScanId();
    }
    RecordAlert recordAlert = tableAlert.write(scanId, alert.getPluginId(), alert.getName(), alert.getRisk(), alert.getConfidence(), alert.getDescription(), alert.getUri(), alert.getParam(), alert.getAttack(), alert.getOtherInfo(), alert.getSolution(), alert.getReference(), alert.getEvidence(), alert.getCweId(), alert.getWascId(), ref.getHistoryId(), alert.getSourceHistoryId(), alert.getSource().getId(), alert.getAlertRef());
    int alertId = recordAlert.getAlertId();
    alert.setAlertId(alertId);
    TableAlertTag tableAlertTag = getModel().getDb().getTableAlertTag();
    for (Map.Entry<String, String> e : alert.getTags().entrySet()) {
        tableAlertTag.insertOrUpdate(alertId, e.getKey(), e.getValue());
    }
}

Example 4 with TableAlertTag

use of org.zaproxy.zap.db.TableAlertTag in project zaproxy by zaproxy.

the class ExtensionAlert method updateAlertInDB.

private void updateAlertInDB(Alert alert) throws HttpMalformedHeaderException, DatabaseException {
    TableAlert tableAlert = getModel().getDb().getTableAlert();
    tableAlert.update(alert.getAlertId(), alert.getName(), alert.getRisk(), alert.getConfidence(), alert.getDescription(), alert.getUri(), alert.getParam(), alert.getAttack(), alert.getOtherInfo(), alert.getSolution(), alert.getReference(), alert.getEvidence(), alert.getCweId(), alert.getWascId(), alert.getSourceHistoryId());
    int alertId = alert.getAlertId();
    TableAlertTag tableAlertTag = getModel().getDb().getTableAlertTag();
    Map<String, String> existingTags = tableAlertTag.getTagsByAlertId(alertId);
    Map<String, String> newTags = alert.getTags();
    for (Map.Entry<String, String> e : existingTags.entrySet()) {
        if (!newTags.containsKey(e.getKey())) {
            tableAlertTag.delete(alertId, e.getKey());
        }
    }
    for (Map.Entry<String, String> e : newTags.entrySet()) {
        tableAlertTag.insertOrUpdate(alertId, e.getKey(), e.getValue());
    }
}

Example 5 with TableAlertTag

use of org.zaproxy.zap.db.TableAlertTag in project zaproxy by zaproxy.

the class ExtensionAlert method refreshAlert.

private void refreshAlert(Session session) throws DatabaseException {
    if (Constant.isLowMemoryOptionSet()) {
        return;
    }
    SiteMap siteTree = this.getModel().getSession().getSiteTree();
    TableAlert tableAlert = getModel().getDb().getTableAlert();
    TableAlertTag tableAlertTag = getModel().getDb().getTableAlertTag();
    // TODO this doesn't work, but should be used when its fixed :/
    // Vector<Integer> v =
    // tableAlert.getAlertListBySession(Model.getSingleton().getSession().getSessionId());
    Vector<Integer> v = tableAlert.getAlertList();
    final ExtensionHistory extensionHistory = Control.getSingleton().getExtensionLoader().getExtension(ExtensionHistory.class);
    for (int i = 0; i < v.size(); i++) {
        int alertId = v.get(i);
        RecordAlert recAlert = tableAlert.read(alertId);
        int historyId = recAlert.getHistoryId();
        HistoryReference historyReference = null;
        if (extensionHistory != null) {
            historyReference = extensionHistory.getHistoryReference(historyId);
        }
        if (historyReference == null) {
            historyReference = this.hrefs.get(historyId);
        }
        Alert alert;
        if (historyReference != null) {
            alert = new Alert(recAlert, historyReference);
        } else {
            alert = new Alert(recAlert);
        }
        alert.setTags(tableAlertTag.getTagsByAlertId(alertId));
        historyReference = alert.getHistoryRef();
        if (historyReference != null) {
            // The ref can be null if hrefs are purged
            addAlertToTree(alert);
            Integer key = historyId;
            if (!hrefs.containsKey(key)) {
                this.hrefs.put(key, alert.getHistoryRef());
            }
        }
    }
    siteTree.nodeStructureChanged(siteTree.getRoot());
}