diff --git a/internal/commands/project.go b/internal/commands/project.go index 22667cc39..f5ce41bc0 100644 --- a/internal/commands/project.go +++ b/internal/commands/project.go @@ -246,7 +246,7 @@ func runCreateProjectCommand( return getAppErr } if application == nil { - return errors.Errorf(applicationErrors.ApplicationDoesntExist) + return errors.Errorf(applicationErrors.ApplicationDoesntExistOrNoPermission) } applicationID = []string{application.ID} } diff --git a/internal/commands/project_test.go b/internal/commands/project_test.go index 7a7358883..347e5e937 100644 --- a/internal/commands/project_test.go +++ b/internal/commands/project_test.go @@ -31,7 +31,7 @@ func TestProjectCreate_ExistingApplication_CreateProjectUnderApplicationSuccessf func TestProjectCreate_ExistingApplicationWithNoPermission_FailToCreateProject(t *testing.T) { err := execCmdNotNilAssertion(t, "project", "create", "--project-name", "test_project", "--application-name", mock.NoPermissionApp) - assert.Assert(t, err.Error() == applicationErrors.ApplicationNoPermission) + assert.Assert(t, err.Error() == applicationErrors.ApplicationDoesntExistOrNoPermission) } func TestProjectCreate_OnReceivingHttpBadRequestStatusCode_FailedToCreateScan(t *testing.T) { diff --git a/internal/commands/scan.go b/internal/commands/scan.go index b4e624909..f3b7b098a 100644 --- a/internal/commands/scan.go +++ b/internal/commands/scan.go @@ -809,7 +809,7 @@ func setupScanTypeProjectAndConfig( return getAppErr } if application == nil { - return errors.Errorf(applicationErrors.ApplicationDoesntExist) + return errors.Errorf(applicationErrors.ApplicationDoesntExistOrNoPermission) } applicationID = []string{application.ID} } @@ -878,16 +878,29 @@ func getApplication(applicationName string, applicationsWrapper wrappers.Applica params["name"] = applicationName resp, err := applicationsWrapper.Get(params) if err != nil { + return nil, err } if resp.Applications != nil && len(resp.Applications) > 0 { - application := resp.Applications[0] - return &application, nil + application := verifyApplicationNameExactMatch(applicationName, resp) + + return application, nil } } return nil, nil } +func verifyApplicationNameExactMatch(applicationName string, resp *wrappers.ApplicationsResponseModel) *wrappers.Application { + var application *wrappers.Application + for i := range resp.Applications { + if resp.Applications[i].Name == applicationName { + application = &resp.Applications[i] + break + } + } + return application +} + func getResubmitConfiguration(scansWrapper wrappers.ScansWrapper, projectID, userScanTypes string) ( []wrappers.Config, error, diff --git a/internal/commands/scan_test.go b/internal/commands/scan_test.go index 3719253cb..658661460 100644 --- a/internal/commands/scan_test.go +++ b/internal/commands/scan_test.go @@ -128,9 +128,14 @@ func TestScanCreate_ExistingApplicationAndProject_CreateProjectUnderApplicationS execCmdNilAssertion(t, "scan", "create", "--project-name", "MOCK", "--application-name", "MOCK", "-s", dummyRepo, "-b", "dummy_branch") } +func TestScanCreate_ApplicationNameIsNotExactMatch_FailedToCreateScan(t *testing.T) { + err := execCmdNotNilAssertion(t, "scan", "create", "--project-name", "MOCK", "--application-name", "MOC", "-s", dummyRepo, "-b", "dummy_branch") + assert.Assert(t, err.Error() == applicationErrors.ApplicationDoesntExistOrNoPermission) +} + func TestScanCreate_ExistingProjectAndApplicationWithNoPermission_FailedToCreateScan(t *testing.T) { err := execCmdNotNilAssertion(t, "scan", "create", "--project-name", "MOCK", "--application-name", mock.ApplicationDoesntExist, "-s", dummyRepo, "-b", "dummy_branch") - assert.Assert(t, err.Error() == applicationErrors.ApplicationDoesntExist) + assert.Assert(t, err.Error() == applicationErrors.ApplicationDoesntExistOrNoPermission) } func TestScanCreate_ExistingApplication_CreateNewProjectUnderApplicationSuccessfully(t *testing.T) { @@ -139,7 +144,7 @@ func TestScanCreate_ExistingApplication_CreateNewProjectUnderApplicationSuccessf func TestScanCreate_ExistingApplicationWithNoPermission_FailedToCreateScan(t *testing.T) { err := execCmdNotNilAssertion(t, "scan", "create", "--project-name", "NewProject", "--application-name", mock.NoPermissionApp, "-s", dummyRepo, "-b", "dummy_branch") - assert.Assert(t, err.Error() == applicationErrors.ApplicationNoPermission) + assert.Assert(t, err.Error() == applicationErrors.ApplicationDoesntExistOrNoPermission) } func TestScanCreate_OnReceivingHttpBadRequestStatusCode_FailedToCreateScan(t *testing.T) { @@ -154,7 +159,7 @@ func TestScanCreate_OnReceivingHttpInternalServerErrorStatusCode_FailedToCreateS func TestCreateScanInsideApplicationProjectExistNoPermissions(t *testing.T) { err := execCmdNotNilAssertion(t, "scan", "create", "--project-name", "MOCK", "--application-name", mock.NoPermissionApp, "-s", dummyRepo, "-b", "dummy_branch") - assert.Assert(t, err.Error() == applicationErrors.ApplicationNoPermission) + assert.Assert(t, err.Error() == applicationErrors.ApplicationDoesntExistOrNoPermission) } func TestCreateScanSourceDirectory(t *testing.T) { diff --git a/internal/errors/application-errors.go b/internal/errors/application-errors.go index 029b3f139..92aebb0c0 100644 --- a/internal/errors/application-errors.go +++ b/internal/errors/application-errors.go @@ -1,8 +1,7 @@ package applicationerrors const ( - ApplicationDoesntExist = "Provided application does not exist" - ApplicationNoPermission = "User have no permission to the application" + ApplicationDoesntExistOrNoPermission = "Provided application does not exist or user has no permission to the application" ) const ( diff --git a/internal/wrappers/application-http.go b/internal/wrappers/application-http.go index 957d66245..c53ffdf17 100644 --- a/internal/wrappers/application-http.go +++ b/internal/wrappers/application-http.go @@ -46,7 +46,7 @@ func (a *ApplicationsHTTPWrapper) Get(params map[string]string) (*ApplicationsRe } return nil, nil case http.StatusForbidden: - return nil, errors.Errorf(applicationErrors.ApplicationNoPermission) + return nil, errors.Errorf(applicationErrors.ApplicationDoesntExistOrNoPermission) case http.StatusOK: model := ApplicationsResponseModel{} err = decoder.Decode(&model) diff --git a/internal/wrappers/mock/application-mock.go b/internal/wrappers/mock/application-mock.go index a04a32584..dce914bc7 100644 --- a/internal/wrappers/mock/application-mock.go +++ b/internal/wrappers/mock/application-mock.go @@ -12,10 +12,10 @@ type ApplicationsMockWrapper struct{} func (a ApplicationsMockWrapper) Get(params map[string]string) (*wrappers.ApplicationsResponseModel, error) { if params["name"] == NoPermissionApp { - return nil, errors.Errorf(applicationErrors.ApplicationNoPermission) + return nil, errors.Errorf(applicationErrors.ApplicationDoesntExistOrNoPermission) } if params["name"] == ApplicationDoesntExist { - return nil, errors.Errorf(applicationErrors.ApplicationDoesntExist) + return nil, errors.Errorf(applicationErrors.ApplicationDoesntExistOrNoPermission) } if params["name"] == FakeHTTPStatusBadRequest { return nil, errors.Errorf(applicationErrors.FailedToGetApplication) diff --git a/test/integration/project_test.go b/test/integration/project_test.go index 015f6419b..7d2db4548 100644 --- a/test/integration/project_test.go +++ b/test/integration/project_test.go @@ -101,7 +101,7 @@ func TestProjectCreate_ApplicationDoesntExist_FailAndReturnErrorMessage(t *testi flag(params.ApplicationName), "application-that-doesnt-exist", ) - assertError(t, err, applicationErrors.ApplicationDoesntExist) + assertError(t, err, applicationErrors.ApplicationDoesntExistOrNoPermission) } func TestProjectCreate_ApplicationExists_CreateProjectSuccessfully(t *testing.T) { diff --git a/test/integration/scan_test.go b/test/integration/scan_test.go index d738f5c69..85efc568a 100644 --- a/test/integration/scan_test.go +++ b/test/integration/scan_test.go @@ -107,7 +107,7 @@ func TestScanCreate_ApplicationDoesntExist_FailScanWithError(t *testing.T) { } err, _ := executeCommand(t, args...) - assertError(t, err, applicationErrors.ApplicationDoesntExist) + assertError(t, err, applicationErrors.ApplicationDoesntExistOrNoPermission) } // Create scans from current dir, zip and url and perform assertions in executeScanAssertions