From fcb8a477407f0b863116ba1bc51c2d342cc27b16 Mon Sep 17 00:00:00 2001 From: checkmarx-kobi-hagmi Date: Thu, 30 May 2024 13:42:25 +0300 Subject: [PATCH] small CR fixes --- .../com/checkmarx/ast/wrapper/CxWrapper.java | 2 +- src/test/java/com/checkmarx/ast/ScanTest.java | 9 +- src/test/resources/csharp-file.cs | 538 ++++++++++++++++++ 3 files changed, 545 insertions(+), 4 deletions(-) create mode 100644 src/test/resources/csharp-file.cs diff --git a/src/main/java/com/checkmarx/ast/wrapper/CxWrapper.java b/src/main/java/com/checkmarx/ast/wrapper/CxWrapper.java index 2375917..a3bfb3c 100644 --- a/src/main/java/com/checkmarx/ast/wrapper/CxWrapper.java +++ b/src/main/java/com/checkmarx/ast/wrapper/CxWrapper.java @@ -217,7 +217,7 @@ public List projectList(String filter) throws IOException, InterruptedE return Execution.executeCommand(withConfigArguments(arguments), logger, Project::listFromLine); } - public ScanResult ScanVorpal(String fileSource, Boolean vorpalLatestVersion) throws IOException, InterruptedException, CxException { + public ScanResult ScanVorpal(String fileSource, boolean vorpalLatestVersion) throws IOException, InterruptedException, CxException { this.logger.info("Fetching Vorpal scanResult"); List arguments = new ArrayList<>(); diff --git a/src/test/java/com/checkmarx/ast/ScanTest.java b/src/test/java/com/checkmarx/ast/ScanTest.java index d9eed0b..4cd4c98 100644 --- a/src/test/java/com/checkmarx/ast/ScanTest.java +++ b/src/test/java/com/checkmarx/ast/ScanTest.java @@ -6,6 +6,9 @@ import org.junit.jupiter.api.Assertions; import org.junit.jupiter.api.Test; +import java.nio.file.Files; +import java.nio.file.Path; +import java.nio.file.Paths; import java.util.List; import java.util.Map; import java.util.UUID; @@ -22,15 +25,15 @@ void testScanShow() throws Exception { @Test void testScanVorpalSuccessfulResponse() throws Exception { - ScanResult scanResult = wrapper.ScanVorpal("my-file.cs", true); - Assertions.assertEquals("1234567890", scanResult.getRequestId()); + ScanResult scanResult = wrapper.ScanVorpal("src/test/resources/csharp-file.cs", true); + Assertions.assertNotNull(scanResult.getRequestId()); Assertions.assertTrue(scanResult.isStatus()); Assertions.assertNull(scanResult.getError()); } @Test void testScanVorpalFailureResponse() throws Exception { - ScanResult scanResult = wrapper.ScanVorpal("my-file.cs", false); + ScanResult scanResult = wrapper.ScanVorpal("src/test/resources/csharp-file.cs", false); Assertions.assertEquals("1111", scanResult.getRequestId()); Assertions.assertFalse(scanResult.isStatus()); Assertions.assertNotNull(scanResult.getError()); diff --git a/src/test/resources/csharp-file.cs b/src/test/resources/csharp-file.cs new file mode 100644 index 0000000..8cd3837 --- /dev/null +++ b/src/test/resources/csharp-file.cs @@ -0,0 +1,538 @@ +using ast_visual_studio_extension.CxWrapper.Exceptions; +using ast_visual_studio_extension.CxWrapper.Models; +using log4net; +using Newtonsoft.Json; +using System; +using System.Collections.Generic; +using System.IO; +using System.Text.RegularExpressions; +using System.Threading.Tasks; +using System.Windows.Navigation; + +namespace ast_visual_studio_extension.CxCLI +{ + public class CxWrapper + { + private readonly CxConfig cxConfig; + private readonly ILog logger; + + public CxWrapper(CxConfig cxConfiguration, Type type) + { + cxConfiguration.Validate(); + cxConfig = cxConfiguration; + + + logger = LogManager.GetLogger(type); + } + + /// + /// Auth Validate command + /// + /// + public string AuthValidate() + { + logger.Info(CxConstants.LOG_RUNNING_AUTH_VALIDATE_CMD); + + List authValidateArguments = new List + { + CxConstants.CLI_AUTH_CMD, + CxConstants.CLI_VALIDATE_CMD + }; + + return Execution.ExecuteCommand(WithConfigArguments(authValidateArguments), line => line); + } + + /// + /// Get Results command + /// + /// + /// + /// + public Results GetResults(Guid scanId) + { + string results = GetResults(scanId.ToString(), ReportFormat.json); + + return JsonConvert.DeserializeObject(results); + } + + /// + /// Get Results Summary command + /// + /// + /// + public ResultsSummary GetResultsSummary(string scanId) + { + string results = GetResults(scanId, ReportFormat.summaryJSON); + + return JsonConvert.DeserializeObject(results); + } + + /// + /// Get Results with provided report format + /// + /// + /// + /// + public string GetResults(string scanId, ReportFormat reportFormat) + { + logger.Info(string.Format(CxConstants.LOG_RUNNING_GET_RESULTS_CMD, scanId)); + + string tempDir = Path.GetTempPath(); + // Remove backslashes at the end of path, due to paths with spaces + // \"C:\\My temp\\\"" -> "C:\My temp\" -> the last double quotes gets escaped + // \"C:\\My temp\" -> "C:\My temp" + if (tempDir.EndsWith("\\")) + { + tempDir = tempDir.Substring(0, tempDir.Length - 1); + } + + string fileName = Guid.NewGuid().ToString(); + + List resultsArguments = new List + { + CxConstants.CLI_RESULTS_CMD, + CxConstants.CLI_SHOW_CMD, + CxConstants.FLAG_SCAN_ID, scanId.ToString(), + CxConstants.FLAG_REPORT_FORMAT, reportFormat.ToString(), + CxConstants.FLAG_OUTPUT_NAME, fileName, + CxConstants.FLAG_OUTPUT_PATH, tempDir, + CxConstants.FLAG_AGENT, CxCLI.CxConstants.EXTENSION_AGENT, + }; + + string extension = string.Empty; + + switch (reportFormat) + { + case ReportFormat.json: + extension = ".json"; + break; + case ReportFormat.summaryJSON: + extension = ".json"; + break; + case ReportFormat.summaryHTML: + extension = ".html"; + break; + } + + return Execution.ExecuteCommand(WithConfigArguments(resultsArguments), tempDir, fileName + extension); + } + + /// + /// Get Projects command with default filter + /// + /// + public List GetProjects() + { + return GetProjects(CxConstants.LIMIT_FILTER); + } + + /// + /// Get Projects command with provided filter + /// + /// + /// + public List GetProjects(string filter) + { + logger.Info(CxConstants.LOG_RUNNING_GET_PROJECTS_CMD); + + List resultsArguments = new List + { + CxConstants.CLI_PROJECT_CMD, + CxConstants.CLI_LIST_CMD, + CxConstants.FLAG_FILTER, + filter, + CxConstants.FLAG_FORMAT, + CxConstants.JSON_FORMAT_VALUE + }; + + string projects = Execution.ExecuteCommand(WithConfigArguments(resultsArguments), Execution.CheckValidJSONString); + + return JsonConvert.DeserializeObject>(projects); + } + + /// + /// Show project command + /// + /// + /// + public Project ProjectShow(string projectId) + { + logger.Info(string.Format(CxConstants.LOG_RUNNING_PROJECT_SHOW_CMD, projectId)); + + List projectShowArguments = new List + { + CxConstants.CLI_PROJECT_CMD, + CxConstants.CLI_SHOW_CMD, + CxConstants.FLAG_PROJECT_ID, + projectId, + CxConstants.FLAG_FORMAT, + CxConstants.JSON_FORMAT_VALUE + }; + + string project = Execution.ExecuteCommand(WithConfigArguments(projectShowArguments), Execution.CheckValidJSONString); + + return JsonConvert.DeserializeObject(project); + } + + /// + /// Get Branches command + /// + /// + /// + public List GetBranches(string projectId) + { + logger.Info(string.Format(CxConstants.LOG_RUNNING_GET_BRANCHES_CMD, projectId)); + + List branchesArguments = new List + { + CxConstants.CLI_PROJECT_CMD, + CxConstants.CLI_BRANCHES_CMD, + CxConstants.FLAG_PROJECT_ID, + projectId + }; + + string branches = Execution.ExecuteCommand(WithConfigArguments(branchesArguments), Execution.CheckValidJSONString); + + return JsonConvert.DeserializeObject>(branches); + } + + /// + /// Get scans command + /// + /// + /// + /// + public List GetScans(string projectId, string branch) + { + logger.Info(string.Format(CxConstants.LOG_RUNNING_GET_SCANS_FOR_BRANCH_CMD, branch)); + + string filter = string.Format(CxConstants.FILTER_SCANS_FOR_BRANCH, projectId, branch); + + return GetScans(filter); + } + + /// + /// Get scans command with no filter + /// + /// + public List GetScans() + { + logger.Info(CxConstants.LOG_RUNNING_GET_SCANS_CMD); + + return GetScans(string.Empty); + } + + /// + /// Get scans command with provided filter + /// + /// + /// + public List GetScans(string filter) + { + List scansArguments = new List + { + CxConstants.CLI_SCAN_CMD, + CxConstants.CLI_LIST_CMD, + CxConstants.FLAG_FORMAT, + CxConstants.JSON_FORMAT_VALUE + }; + + if (!string.IsNullOrEmpty(filter)) + { + scansArguments.Add(CxConstants.FLAG_FILTER); + scansArguments.Add(filter); + } + + string scans = Execution.ExecuteCommand(WithConfigArguments(scansArguments), Execution.CheckValidJSONString); + + return JsonConvert.DeserializeObject>(scans); + } + + /// + /// Scan show command + /// + /// + /// + public Scan ScanShow(string scanId) + { + logger.Info(string.Format(CxConstants.LOG_RUNNING_GET_SCAN_DETAILS_CMD, scanId)); + + List scanArguments = new List + { + CxConstants.CLI_SCAN_CMD, + CxConstants.CLI_SHOW_CMD, + CxConstants.FLAG_SCAN_ID, + scanId, + CxConstants.FLAG_FORMAT, + CxConstants.JSON_FORMAT_VALUE + }; + + string scan = Execution.ExecuteCommand(WithConfigArguments(scanArguments), Execution.CheckValidJSONString); + + return JsonConvert.DeserializeObject(scan); + } + + /// + /// Scan show command + /// + /// + /// + public async Task ScanShowAsync(string scanId) + { + return await Task.Run(() => ScanShow(scanId)); + } + + /// + /// Triage Update command + /// + /// + /// + /// + /// + /// + /// + public void TriageUpdate(string projectId, string similarityId, string scanType, string state, string comment, string severity) + { + logger.Info(CxConstants.LOG_RUNNING_TRIAGE_UPDATE_CMD); + logger.Info(string.Format(CxConstants.LOG_RUNNING_TRIAGE_UPDATE_INFO_CMD, similarityId, state, severity)); + + List triageArguments = new List + { + CxConstants.CLI_TRIAGE_CMD, + CxConstants.CLI_UPDATE_CMD, + CxConstants.FLAG_PROJECT_ID, + projectId, + CxConstants.FLAG_SIMILARITY_ID, + similarityId, + CxConstants.FLAG_SCAN_TYPE, + scanType, + CxConstants.FLAG_STATE, + state + }; + + if (!string.IsNullOrEmpty(comment)) + { + triageArguments.Add(CxConstants.FLAG_COMMENT); + triageArguments.Add(comment); + } + + triageArguments.Add(CxConstants.FLAG_SEVERITY); + triageArguments.Add(severity); + + Execution.ExecuteCommand(WithConfigArguments(triageArguments), line => null); + } + + /// + /// Triage Show command + /// + /// + /// + /// + /// + public List TriageShow(string projectId, string similarityId, string scanType) + { + logger.Info(CxConstants.LOG_RUNNING_TRIAGE_SHOW_CMD); + logger.Info(string.Format(CxConstants.LOG_RUNNING_TRIAGE_SHOW_INFO_CMD, projectId, similarityId, scanType)); + + List triageArguments = new List + { + CxConstants.CLI_TRIAGE_CMD, + CxConstants.CLI_SHOW_CMD, + CxConstants.FLAG_PROJECT_ID, + projectId, + CxConstants.FLAG_SIMILARITY_ID, + similarityId, + CxConstants.FLAG_SCAN_TYPE, + scanType, + CxConstants.FLAG_FORMAT, + CxConstants.JSON_FORMAT_VALUE + }; + + string predicates = Execution.ExecuteCommand(WithConfigArguments(triageArguments), Execution.CheckValidJSONString); + + return JsonConvert.DeserializeObject>(predicates); + } + + /// + /// Codebashing link command + /// + /// + /// + /// + /// + public List CodeBashingList(string cweId, string language, string queryName) + { + logger.Info(CxConstants.LOG_RUNNING_CODEBASHING_CMD); + + List codebashingArguments = new List + { + CxConstants.CLI_RESULTS_CMD, + CxConstants.CLI_CODEBASHING_CMD, + CxConstants.FLAG_LANGUAGE, + language, + CxConstants.FLAG_VULNERABILITY_TYPE, + queryName, + CxConstants.FLAG_CWE_ID, + cweId, + }; + + string codebashingLink = Execution.ExecuteCommand(WithConfigArguments(codebashingArguments), Execution.CheckValidJSONString); + + return JsonConvert.DeserializeObject>(codebashingLink); + } + + /// + /// Learn More and Code Samples + /// + /// + /// + public List LearnMoreAndRemediation(string queryId) + { + List learnMoreRemediation = new List + { + CxConstants.CLI_UTILS_CMD, + CxConstants.CLI_LEARN_MORE_CMD, + CxConstants.FLAG_QUERY_ID, + queryId, + CxConstants.FLAG_FORMAT, + CxConstants.JSON_FORMAT_VALUE, + }; + + string learnMoreRemediationSamples = Execution.ExecuteCommand(WithConfigArguments(learnMoreRemediation), Execution.CheckValidJSONString); + + return JsonConvert.DeserializeObject>(learnMoreRemediationSamples); + } + + /// + /// Tenant settings command + /// + /// + public List TenantSettings() + { + logger.Info(CxConstants.LOG_RUNNING_TENANT_SETTINGS_CMD); + + List arguments = new List + { + CxConstants.CLI_UTILS_CMD, + CxConstants.CLI_TENANT_CMD, + CxConstants.FLAG_FORMAT, + CxConstants.JSON_FORMAT_VALUE + }; + + string jsonStr = Execution.ExecuteCommand(WithConfigArguments(arguments), Execution.CheckValidJSONString); + + var tenantSettings = JsonConvert.DeserializeObject>(jsonStr); + + return tenantSettings ?? throw new CxException(1, "Unable to get tenant settings"); + } + + + /// + /// Check tenant settings for IDE scans enabled + /// + /// + public bool IdeScansEnabled() + { + List tenantSettings = TenantSettings(); + + return bool.Parse(tenantSettings.Find(s => s.Key.Equals(CxConstants.IDE_SCANS_KEY)).Value); + } + + + /// + /// Check tenant settings for IDE scans enabled + /// + /// + public async Task IdeScansEnabledAsync() + { + return await Task.Run(() => IdeScansEnabled()); + } + + /// + /// Scan create command + /// + /// + /// + /// + public Scan ScanCreate(Dictionary parameters, string additionalParameters) + { + logger.Info(CxConstants.LOG_RUNNING_SCAN_CREATE_CMD); + + List scanCreateArguments = new List + { + CxConstants.CLI_SCAN_CMD, + CxConstants.CLI_CREATE_CMD, + CxConstants.FLAG_SCAN_INFO_FORMAT, + CxConstants.JSON_FORMAT_VALUE + }; + + foreach (KeyValuePair entry in parameters) + { + scanCreateArguments.Add(entry.Key); + scanCreateArguments.Add(entry.Value); + } + + scanCreateArguments.AddRange(CxUtils.ParseAdditionalParameters(additionalParameters)); + + string scan = Execution.ExecuteCommand(WithConfigArguments(scanCreateArguments), Execution.CheckValidJSONString); + + return JsonConvert.DeserializeObject(scan); + } + + /// + /// Scan create command async + /// + /// + /// + /// + public async Task ScanCreateAsync(Dictionary parameters, string additionalParameters) + { + return await Task.Run(() => ScanCreate(parameters, additionalParameters)); + } + + /// + /// Scan cancel command + /// + /// + /// + public void ScanCancel(string scanId) + { + logger.Info(CxConstants.LOG_RUNNING_SCAN_CANCEL_CMD); + + List scanCancelArguments = new List + { + CxConstants.CLI_SCAN_CMD, + CxConstants.CLI_CANCEL_CMD, + CxConstants.FLAG_SCAN_ID, + scanId + }; + + Execution.ExecuteCommand(WithConfigArguments(scanCancelArguments), line => null); + } + + /// + /// Scan cancel command + /// + /// + /// + public async Task ScanCancelAsync(string scanId) + { + + await Task.Run(() => ScanCancel(scanId)); + } + + + /// + /// Add base arguments to command + /// + /// + /// + private List WithConfigArguments(List baseArguments) + { + List arguments = new List(); + arguments.AddRange(baseArguments); + arguments.AddRange(cxConfig.ToArguments()); + return arguments; + } + } +}