Examples with TableAlertTag org.zaproxy.zap.db.TableAlertTag used on opensource projects

Search in sources :

Example 6 with TableAlertTag

use of org.zaproxy.zap.db.TableAlertTag in project zaproxy by zaproxy.

the class AlertAPI method handleApiView.

@Override
public ApiResponse handleApiView(String name, JSONObject params) throws ApiException {
    ApiResponse result = null;
    if (VIEW_ALERT.equals(name)) {
        TableAlert tableAlert = Model.getSingleton().getDb().getTableAlert();
        TableAlertTag tableAlertTag = Model.getSingleton().getDb().getTableAlertTag();
        RecordAlert recordAlert;
        Map<String, String> alertTags;
        try {
            recordAlert = tableAlert.read(this.getParam(params, PARAM_ID, -1));
            alertTags = tableAlertTag.getTagsByAlertId(this.getParam(params, PARAM_ID, -1));
        } catch (DatabaseException e) {
            logger.error("Failed to read the alert from the session:", e);
            throw new ApiException(ApiException.Type.INTERNAL_ERROR);
        }
        if (recordAlert == null) {
            throw new ApiException(ApiException.Type.DOES_NOT_EXIST);
        }
        Alert alert = new Alert(recordAlert);
        alert.setTags(alertTags);
        result = new ApiResponseElement(alertToSet(alert));
    } else if (VIEW_ALERTS.equals(name)) {
        final ApiResponseList resultList = new ApiResponseList(name);
        processAlerts(this.getParam(params, PARAM_BASE_URL, (String) null), this.getParam(params, PARAM_START, -1), this.getParam(params, PARAM_COUNT, -1), getRiskId(params), new Processor<Alert>() {

            @Override
            public void process(Alert alert) {
                resultList.addItem(alertToSet(alert));
            }
        });
        result = resultList;
    } else if (VIEW_NUMBER_OF_ALERTS.equals(name)) {
        CounterProcessor<Alert> counter = new CounterProcessor<>();
        processAlerts(this.getParam(params, PARAM_BASE_URL, (String) null), this.getParam(params, PARAM_START, -1), this.getParam(params, PARAM_COUNT, -1), getRiskId(params), counter);
        result = new ApiResponseElement(name, Integer.toString(counter.getCount()));
    } else if (VIEW_ALERTS_SUMMARY.equals(name)) {
        final int[] riskSummary = { 0, 0, 0, 0 };
        Processor<Alert> counter = new Processor<Alert>() {

            @Override
            public void process(Alert alert) {
                riskSummary[alert.getRisk()]++;
            }
        };
        processAlerts(this.getParam(params, PARAM_BASE_URL, (String) null), -1, -1, NO_RISK_ID, counter);
        Map<String, Object> alertData = new HashMap<>();
        for (int i = 0; i < riskSummary.length; i++) {
            alertData.put(Alert.MSG_RISK[i], riskSummary[i]);
        }
        result = new ApiResponseSet<Object>("risk", alertData) {

            @Override
            public JSON toJSON() {
                JSONObject response = new JSONObject();
                response.put(name, super.toJSON());
                return response;
            }
        };
    } else if (VIEW_ALERTS_BY_RISK.equals(name)) {
        String url = this.getParam(params, PARAM_URL, "");
        boolean recurse = this.getParam(params, PARAM_RECURSE, false);
        ApiResponseList resultList = new ApiResponseList(name);
        result = resultList;
        // 0 (RISK_INFO) -> 3 (RISK_HIGH)
        ApiResponseList[] list = new ApiResponseList[4];
        for (int i = 0; i < list.length; i++) {
            list[i] = new ApiResponseList(Alert.MSG_RISK[i]);
        }
        AlertTreeModel model = extension.getTreeModel();
        AlertNode root = (AlertNode) model.getRoot();
        Enumeration<?> enumAllAlerts = root.children();
        while (enumAllAlerts.hasMoreElements()) {
            AlertNode child = (AlertNode) enumAllAlerts.nextElement();
            Alert alert = child.getUserObject();
            ApiResponseList alertList = filterAlertInstances(child, url, recurse);
            if (alertList.getItems().size() > 0) {
                list[alert.getRisk()].addItem(alertList);
            }
        }
        Arrays.stream(list).forEach(resultList::addItem);
    } else if (VIEW_ALERT_COUNTS_BY_RISK.equals(name)) {
        String url = this.getParam(params, PARAM_URL, "");
        boolean recurse = this.getParam(params, PARAM_RECURSE, false);
        // 0 (RISK_INFO) -> 3 (RISK_HIGH)
        int[] counts = new int[] { 0, 0, 0, 0 };
        AlertTreeModel model = extension.getTreeModel();
        AlertNode root = (AlertNode) model.getRoot();
        Enumeration<?> enumAllAlerts = root.children();
        while (enumAllAlerts.hasMoreElements()) {
            AlertNode child = (AlertNode) enumAllAlerts.nextElement();
            Alert alert = child.getUserObject();
            ApiResponseList alertList = filterAlertInstances(child, url, recurse);
            if (alertList.getItems().size() > 0) {
                counts[alert.getRisk()] += 1;
            }
        }
        Map<String, Integer> map = new HashMap<>();
        map.put(Alert.MSG_RISK[Alert.RISK_HIGH], counts[Alert.RISK_HIGH]);
        map.put(Alert.MSG_RISK[Alert.RISK_MEDIUM], counts[Alert.RISK_MEDIUM]);
        map.put(Alert.MSG_RISK[Alert.RISK_LOW], counts[Alert.RISK_LOW]);
        map.put(Alert.MSG_RISK[Alert.RISK_INFO], counts[Alert.RISK_INFO]);
        result = new ApiResponseSet<>(name, map);
    } else {
        throw new ApiException(ApiException.Type.BAD_VIEW);
    }
    return result;
}
Also used : ApiResponse(org.zaproxy.zap.extension.api.ApiResponse) ApiResponseSet(org.zaproxy.zap.extension.api.ApiResponseSet) TableAlertTag(org.zaproxy.zap.db.TableAlertTag) ApiResponseElement(org.zaproxy.zap.extension.api.ApiResponseElement) ApiResponseList(org.zaproxy.zap.extension.api.ApiResponseList) Enumeration(java.util.Enumeration) RecordAlert(org.parosproxy.paros.db.RecordAlert) JSONObject(net.sf.json.JSONObject) TableAlert(org.parosproxy.paros.db.TableAlert) Alert(org.parosproxy.paros.core.scanner.Alert) RecordAlert(org.parosproxy.paros.db.RecordAlert) TableAlert(org.parosproxy.paros.db.TableAlert) DatabaseException(org.parosproxy.paros.db.DatabaseException) HashMap(java.util.HashMap) Map(java.util.Map) ApiException(org.zaproxy.zap.extension.api.ApiException)

Aggregations

TableAlert (org.parosproxy.paros.db.TableAlert)6 TableAlertTag (org.zaproxy.zap.db.TableAlertTag)6 RecordAlert (org.parosproxy.paros.db.RecordAlert)5 Alert (org.parosproxy.paros.core.scanner.Alert)4 HashMap (java.util.HashMap)3 Map (java.util.Map)3 DatabaseException (org.parosproxy.paros.db.DatabaseException)3 SiteMap (org.parosproxy.paros.model.SiteMap)3 ArrayList (java.util.ArrayList)2 ApiException (org.zaproxy.zap.extension.api.ApiException)2 Enumeration (java.util.Enumeration)1 JSONObject (net.sf.json.JSONObject)1 ExtensionHistory (org.parosproxy.paros.extension.history.ExtensionHistory)1 HistoryReference (org.parosproxy.paros.model.HistoryReference)1 ApiResponse (org.zaproxy.zap.extension.api.ApiResponse)1 ApiResponseElement (org.zaproxy.zap.extension.api.ApiResponseElement)1 ApiResponseList (org.zaproxy.zap.extension.api.ApiResponseList)1 ApiResponseSet (org.zaproxy.zap.extension.api.ApiResponseSet)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial