Merge branch 'main' into feature/kobih/import-sarif-file

Checkmarx · Mar 7, 2024 · eccc8fe · eccc8fe · tamarleviCm · Mar 17, 2024
2 parents af62d5d + d9b1019
commit eccc8fe
Show file tree

Hide file tree

Showing 9 changed files with 35 additions and 21 deletions.
diff --git a/internal/commands/project.go b/internal/commands/project.go
@@ -246,7 +246,7 @@ func runCreateProjectCommand(
 				return getAppErr
 			}
 			if application == nil {
-				return errors.Errorf(applicationErrors.ApplicationDoesntExist)
+				return errors.Errorf(applicationErrors.ApplicationDoesntExistOrNoPermission)
 			}
 			applicationID = []string{application.ID}
 		}

diff --git a/internal/commands/project_test.go b/internal/commands/project_test.go
@@ -31,7 +31,7 @@ func TestProjectCreate_ExistingApplication_CreateProjectUnderApplicationSuccessf
 
 func TestProjectCreate_ExistingApplicationWithNoPermission_FailToCreateProject(t *testing.T) {
 	err := execCmdNotNilAssertion(t, "project", "create", "--project-name", "test_project", "--application-name", mock.NoPermissionApp)
-	assert.Assert(t, err.Error() == applicationErrors.ApplicationNoPermission)
+	assert.Assert(t, err.Error() == applicationErrors.ApplicationDoesntExistOrNoPermission)
 }
 
 func TestProjectCreate_OnReceivingHttpBadRequestStatusCode_FailedToCreateScan(t *testing.T) {

diff --git a/internal/commands/scan.go b/internal/commands/scan.go
@@ -809,7 +809,7 @@ func setupScanTypeProjectAndConfig(
 			return getAppErr
 		}
 		if application == nil {
-			return errors.Errorf(applicationErrors.ApplicationDoesntExist)
+			return errors.Errorf(applicationErrors.ApplicationDoesntExistOrNoPermission)
 		}
 		applicationID = []string{application.ID}
 	}
@@ -878,16 +878,29 @@ func getApplication(applicationName string, applicationsWrapper wrappers.Applica
 		params["name"] = applicationName
 		resp, err := applicationsWrapper.Get(params)
 		if err != nil {
+
 			return nil, err
 		}
 		if resp.Applications != nil && len(resp.Applications) > 0 {
-			application := resp.Applications[0]
-			return &application, nil
+			application := verifyApplicationNameExactMatch(applicationName, resp)
+
+			return application, nil
 		}
 	}
 	return nil, nil
 }
 
+func verifyApplicationNameExactMatch(applicationName string, resp *wrappers.ApplicationsResponseModel) *wrappers.Application {
+	var application *wrappers.Application
+	for i := range resp.Applications {
+		if resp.Applications[i].Name == applicationName {
+			application = &resp.Applications[i]
+			break
+		}
+	}
+	return application
+}
+
 func getResubmitConfiguration(scansWrapper wrappers.ScansWrapper, projectID, userScanTypes string) (
 	[]wrappers.Config,
 	error,

diff --git a/internal/commands/scan_test.go b/internal/commands/scan_test.go
@@ -128,9 +128,14 @@ func TestScanCreate_ExistingApplicationAndProject_CreateProjectUnderApplicationS
 	execCmdNilAssertion(t, "scan", "create", "--project-name", "MOCK", "--application-name", "MOCK", "-s", dummyRepo, "-b", "dummy_branch")
 }
 
+func TestScanCreate_ApplicationNameIsNotExactMatch_FailedToCreateScan(t *testing.T) {
+	err := execCmdNotNilAssertion(t, "scan", "create", "--project-name", "MOCK", "--application-name", "MOC", "-s", dummyRepo, "-b", "dummy_branch")
+	assert.Assert(t, err.Error() == applicationErrors.ApplicationDoesntExistOrNoPermission)
+}
+
 func TestScanCreate_ExistingProjectAndApplicationWithNoPermission_FailedToCreateScan(t *testing.T) {
 	err := execCmdNotNilAssertion(t, "scan", "create", "--project-name", "MOCK", "--application-name", mock.ApplicationDoesntExist, "-s", dummyRepo, "-b", "dummy_branch")
-	assert.Assert(t, err.Error() == applicationErrors.ApplicationDoesntExist)
+	assert.Assert(t, err.Error() == applicationErrors.ApplicationDoesntExistOrNoPermission)
 }
 
 func TestScanCreate_ExistingApplication_CreateNewProjectUnderApplicationSuccessfully(t *testing.T) {
@@ -139,7 +144,7 @@ func TestScanCreate_ExistingApplication_CreateNewProjectUnderApplicationSuccessf
 
 func TestScanCreate_ExistingApplicationWithNoPermission_FailedToCreateScan(t *testing.T) {
 	err := execCmdNotNilAssertion(t, "scan", "create", "--project-name", "NewProject", "--application-name", mock.NoPermissionApp, "-s", dummyRepo, "-b", "dummy_branch")
-	assert.Assert(t, err.Error() == applicationErrors.ApplicationNoPermission)
+	assert.Assert(t, err.Error() == applicationErrors.ApplicationDoesntExistOrNoPermission)
 }
 
 func TestScanCreate_OnReceivingHttpBadRequestStatusCode_FailedToCreateScan(t *testing.T) {
@@ -154,7 +159,7 @@ func TestScanCreate_OnReceivingHttpInternalServerErrorStatusCode_FailedToCreateS
 
 func TestCreateScanInsideApplicationProjectExistNoPermissions(t *testing.T) {
 	err := execCmdNotNilAssertion(t, "scan", "create", "--project-name", "MOCK", "--application-name", mock.NoPermissionApp, "-s", dummyRepo, "-b", "dummy_branch")
-	assert.Assert(t, err.Error() == applicationErrors.ApplicationNoPermission)
+	assert.Assert(t, err.Error() == applicationErrors.ApplicationDoesntExistOrNoPermission)
 }
 
 func TestCreateScanSourceDirectory(t *testing.T) {

diff --git a/internal/errors/cli-errors.go b/internal/errors/cli-errors.go
@@ -1,11 +1,7 @@
 package clierrors
 
 const (
-	ApplicationDoesntExist  = "Provided application does not exist"
-	ApplicationNoPermission = "User have no permission to the application"
-	MissingImportFlags      = "importFileType and importFilePath are required"
-)
-
-const (
-	FailedToGetApplication = "Failed to get application"
-)
+	ApplicationDoesntExistOrNoPermission = "Provided application does not exist or user has no permission to the application"
+	MissingImportFlags                   = "importFileType and importFilePath are required"
+	FailedToGetApplication               = "Failed to get application"
+)
diff --git a/internal/wrappers/application-http.go b/internal/wrappers/application-http.go
@@ -46,7 +46,7 @@ func (a *ApplicationsHTTPWrapper) Get(params map[string]string) (*ApplicationsRe
 		}
 		return nil, nil
 	case http.StatusForbidden:
-		return nil, errors.Errorf(applicationErrors.ApplicationNoPermission)
+		return nil, errors.Errorf(applicationErrors.ApplicationDoesntExistOrNoPermission)
 	case http.StatusOK:
 		model := ApplicationsResponseModel{}
 		err = decoder.Decode(&model)

diff --git a/internal/wrappers/mock/application-mock.go b/internal/wrappers/mock/application-mock.go
@@ -12,10 +12,10 @@ type ApplicationsMockWrapper struct{}
 
 func (a ApplicationsMockWrapper) Get(params map[string]string) (*wrappers.ApplicationsResponseModel, error) {
 	if params["name"] == NoPermissionApp {
-		return nil, errors.Errorf(applicationErrors.ApplicationNoPermission)
+		return nil, errors.Errorf(applicationErrors.ApplicationDoesntExistOrNoPermission)
 	}
 	if params["name"] == ApplicationDoesntExist {
-		return nil, errors.Errorf(applicationErrors.ApplicationDoesntExist)
+		return nil, errors.Errorf(applicationErrors.ApplicationDoesntExistOrNoPermission)
 	}
 	if params["name"] == FakeHTTPStatusBadRequest {
 		return nil, errors.Errorf(applicationErrors.FailedToGetApplication)

diff --git a/test/integration/project_test.go b/test/integration/project_test.go
@@ -101,7 +101,7 @@ func TestProjectCreate_ApplicationDoesntExist_FailAndReturnErrorMessage(t *testi
 		flag(params.ApplicationName), "application-that-doesnt-exist",
 	)
 
-	assertError(t, err, applicationErrors.ApplicationDoesntExist)
+	assertError(t, err, applicationErrors.ApplicationDoesntExistOrNoPermission)
 }
 
 func TestProjectCreate_ApplicationExists_CreateProjectSuccessfully(t *testing.T) {

diff --git a/test/integration/scan_test.go b/test/integration/scan_test.go
@@ -107,7 +107,7 @@ func TestScanCreate_ApplicationDoesntExist_FailScanWithError(t *testing.T) {
 	}
 
 	err, _ := executeCommand(t, args...)
-	assertError(t, err, applicationErrors.ApplicationDoesntExist)
+	assertError(t, err, applicationErrors.ApplicationDoesntExistOrNoPermission)
 }
 
 // Create scans from current dir, zip and url and perform assertions in executeScanAssertions