Merge pull request #18 from GDATASoftwareAG/major-update-gdata-vaas

Implement API changes of major gdata/vaas 8.0.0 and add PUP verdict
GDATASoftwareAG · May 3, 2024 · 0a46603 · 0a46603
2 parents 15d1486 + 35c3d8d
commit 0a46603
Show file tree

Hide file tree

Showing 5 changed files with 21 additions and 34 deletions.
diff --git a/composer.json b/composer.json
@@ -9,7 +9,7 @@
 		}
 	],
 	"require": {
-		"gdata/vaas": "^7.2.3"
+		"gdata/vaas": "^8.0.0"
 	},
 	"require-dev": {
 		"nextcloud/ocp": "dev-stable28",

diff --git a/lib/BackgroundJobs/ScanJob.php b/lib/BackgroundJobs/ScanJob.php
@@ -27,7 +27,7 @@ public function __construct(ITimeFactory $time, TagService $tagService, VerdictS
 
         $this->setInterval(5 * 60);
         $this->setAllowParallelRuns(false);
-        $this->setTimeSensitivity(self::TIME_INSENSITIVE);
+        $this->setTimeSensitivity(self::TIME_SENSITIVE);
     }
 
     /**
@@ -49,12 +49,13 @@ protected function run($argument): void
         }
 
         $maliciousTag = $this->tagService->getTag(TagService::MALICIOUS);
+        $pupTag = $this->tagService->getTag(TagService::PUP);
         $cleanTag = $this->tagService->getTag(TagService::CLEAN);
         $unscannedTag = $this->tagService->getTag(TagService::UNSCANNED);
 
         if ($unscannedTagIsDisabled) {
             if ($autoScanOnlyNewFiles) {
-                $excludedTagIds = [$unscannedTag->getId(), $maliciousTag->getId(), $cleanTag->getId()];
+                $excludedTagIds = [$unscannedTag->getId(), $maliciousTag->getId(), $cleanTag->getId(), $pupTag->getId()];
             } else {
                 $excludedTagIds = [$unscannedTag->getId()];
             }
@@ -63,7 +64,7 @@ protected function run($argument): void
             if ($autoScanOnlyNewFiles) {
                 $fileIds = $this->tagService->getFileIdsWithTag(TagService::UNSCANNED, $quantity, 0);
             } else {
-                $fileIds = $this->tagService->getRandomTaggedFileIds([$maliciousTag->getId(), $cleanTag->getId(), $unscannedTag->getId()], $quantity, $unscannedTag);
+                $fileIds = $this->tagService->getRandomTaggedFileIds([$maliciousTag->getId(), $cleanTag->getId(), $unscannedTag->getId(), $pupTag->getId()], $quantity, $unscannedTag);
             }
         }
 

diff --git a/lib/BackgroundJobs/TagUnscannedJob.php b/lib/BackgroundJobs/TagUnscannedJob.php
@@ -24,7 +24,7 @@ public function __construct(ITimeFactory $time, IConfig $appConfig, TagService $
 
         $this->setInterval(5 * 60);
         $this->setAllowParallelRuns(false);
-        $this->setTimeSensitivity(self::TIME_INSENSITIVE);
+        $this->setTimeSensitivity(self::TIME_SENSITIVE);
     }
 
     /**
@@ -42,9 +42,10 @@ protected function run($argument): void
 
         $unscannedTag = $this->tagService->getTag(TagService::UNSCANNED);
         $maliciousTag = $this->tagService->getTag(TagService::MALICIOUS);
+        $pupTag = $this->tagService->getTag(TagService::PUP);
         $cleanTag = $this->tagService->getTag(TagService::CLEAN);
 
-        $excludedTagIds = [$unscannedTag->getId(), $maliciousTag->getId(), $cleanTag->getId()];
+        $excludedTagIds = [$unscannedTag->getId(), $maliciousTag->getId(), $cleanTag->getId(), $pupTag->getId()];
 
         $fileIds = $this->tagService->getFileIdsWithoutTags($excludedTagIds, 1000);
 
@@ -53,7 +54,7 @@ protected function run($argument): void
         }
 
         foreach ($fileIds as $fileId) {
-            if ($this->tagService->hasCleanOrMaliciousTag($fileId)) {
+            if ($this->tagService->hasCleanMaliciousOrPupTag($fileId)) {
                 continue;
             }
             $this->tagService->setTag($fileId, TagService::UNSCANNED);

diff --git a/lib/Service/TagService.php b/lib/Service/TagService.php
@@ -15,6 +15,7 @@ class TagService
 {
     public const CLEAN = 'Clean';
     public const MALICIOUS = 'Malicious';
+    public const PUP = 'Pup';
     public const UNSCANNED = 'Unscanned';
 
     private ISystemTagManager $tagService;
@@ -86,10 +87,11 @@ public function removeTagFromFile(string $tagName, int $fileId): bool
      * @param int $fileId
      * @return bool
      */
-    public function hasCleanOrMaliciousTag(int $fileId): bool
+    public function hasCleanMaliciousOrPupTag(int $fileId): bool
     {
         if ($this->tagMapper->haveTag([$fileId], 'files', $this->getTag(self::CLEAN)->getId()) ||
-            $this->tagMapper->haveTag([$fileId], 'files', $this->getTag(self::MALICIOUS)->getId())) {
+            $this->tagMapper->haveTag([$fileId], 'files', $this->getTag(self::MALICIOUS)->getId()) || 
+            $this->tagMapper->haveTag([$fileId], 'files', $this->getTag(self::PUP)->getId())) {
             return true;
         }
         return false;
@@ -181,6 +183,7 @@ public function resetAllTags(): void
         $this->removeTag(self::CLEAN);
         $this->removeTag(self::MALICIOUS);
         $this->removeTag(self::UNSCANNED);
+        $this->removeTag(self::PUP);
         $this->logger->info("All tags removed");
     }
 }
diff --git a/lib/Service/VerdictService.php b/lib/Service/VerdictService.php
@@ -114,34 +114,13 @@ public function scanFileById(int $fileId): VaasVerdict
         $this->vaas->Connect($this->authenticator->getToken());
         $verdict = $this->vaas->ForFile($filePath);
 
-        $detections = $verdict->Detections;
-        $sha256 = $verdict->Sha256;
-        if (!empty($verdict->LibMagic)) {
-            $mimeType = $verdict->LibMagic->mime_type;
-            $fileType = $verdict->LibMagic->file_type;
-        } else {
-            $mimeType = "None";
-            $fileType = "None";
-        }
-        if (empty($detections)) {
-            $detections = "None";
-        } else {
-            $detections = implode(", ", $detections);
-        }
-        if (empty($mimeType)) {
-            $mimeType = "None";
-        }
-        if (empty($fileType)) {
-            $fileType = "None";
-        }
-        if (empty($sha256)) {
-            $sha256 = "None";
-        }
-
-        $this->logger->info("VaaS scan result for " . $node->getName() . " (" . $fileId . "): Detections: " . $detections . ", Mime type: " . $mimeType . ", File type: " . $fileType . ", SHA256: " . $sha256);
+        $this->logger->info("VaaS scan result for " . $node->getName() . " (" . $fileId . "): Verdict: " 
+            . $verdict->Verdict->value . ", Detection: " . $verdict->Detection . ", SHA256: " . $verdict->Sha256 . 
+            ", FileType: " . $verdict->FileType . ", MimeType: " . $verdict->MimeType . ", UUID: " . $verdict->Guid);
 
         $this->tagService->removeTagFromFile(TagService::CLEAN, $fileId);
         $this->tagService->removeTagFromFile(TagService::MALICIOUS, $fileId);
+        $this->tagService->removeTagFromFile(TagService::PUP, $fileId);
         $this->tagService->removeTagFromFile(TagService::UNSCANNED, $fileId);
 
         switch ($verdict->Verdict->value) {
@@ -156,6 +135,9 @@ public function scanFileById(int $fileId): VaasVerdict
                 } catch (Exception) {
                 }
                 break;
+            case TagService::PUP:
+                $this->tagService->setTag($fileId, TagService::PUP);
+                break;
             default:
                 $this->tagService->setTag($fileId, TagService::UNSCANNED);
                 break;