Add --with-raw flag to DBProtect converter (#1499)

* Updated DBProtect to include withraw

Signed-off-by: Charles Hu <[email protected]>

* Removed object literals

---------

Signed-off-by: Charles Hu <[email protected]>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>

README.md

@@ -545,12 +545,13 @@ convert ckl2POAM              Translate DISA Checklist CKL file(s) to POA&M file
 convert dbprotect2hdf         Translate a DBProtect report in "Check Results
                               Details" XML format into a Heimdall Data Format JSON file
   USAGE
-    $ saf convert dbprotect2hdf -i <dbprotect-xml> -o <hdf-scan-results-json> [-h]
+    $ saf convert dbprotect2hdf -i <dbprotect-xml> -o <hdf-scan-results-json> [-h] [-w]
 
   FLAGS
     -h, --help                            Show CLI help.
     -i, --input=<dbprotect-xml>           (required) 'Check Results Details' XML File
     -o, --output=<hdf-scan-results-json>  (required) Output HDF JSON File
+    -w, --with-raw                        Include raw input file in HDF JSON file
 
   EXAMPLES
     $ saf convert dbprotect2hdf -i check_results_details_report.xml -o output-hdf-name.json

src/commands/convert/dbprotect2hdf.ts

@@ -4,7 +4,7 @@ import {DBProtectMapper as Mapper} from '@mitre/hdf-converters'
 import {checkInput, checkSuffix} from '../../utils/global'
 
 export default class DBProtect2HDF extends Command {
-  static usage = 'convert dbprotect2hdf -i <dbprotect-xml> -o <hdf-scan-results-json> [-h]'
+  static usage = 'convert dbprotect2hdf -i <dbprotect-xml> -o <hdf-scan-results-json> [-h] [-w]'
 
   static description = 'Translate a DBProtect report in "Check Results Details" XML format into a Heimdall Data Format JSON file'
 
@@ -14,16 +14,17 @@ export default class DBProtect2HDF extends Command {
     help: Flags.help({char: 'h'}),
     input: Flags.string({char: 'i', required: true, description: '\'Check Results Details\' XML File'}),
     output: Flags.string({char: 'o', required: true, description: 'Output HDF JSON File'}),
+    'with-raw': Flags.boolean({char: 'w', required: false, description: 'Include raw input file in HDF JSON file'}),
   }
 
   async run() {
     const {flags} = await this.parse(DBProtect2HDF)
 
     // Check for correct input type
     const data = fs.readFileSync(flags.input, 'utf8')
-    checkInput({data: data, filename: flags.input}, 'dbProtect', 'DBProtect report in "Check Results Details" XML format')
+    checkInput({data, filename: flags.input}, 'dbProtect', 'DBProtect report in "Check Results Details" XML format')
 
-    const converter = new Mapper(data)
+    const converter = new Mapper(data, flags['with-raw'])
     fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf()))
   }
 }

test/commands/convert/dbprotect2hdf.spec.ts

@@ -0,0 +1,49 @@
+import {expect, test} from '@oclif/test'
+import tmp from 'tmp'
+import path from 'path'
+import fs from 'fs'
+import {omitHDFChangingFields} from '../utils'
+
+describe('Test dbprotect', () => {
+  const tmpobj = tmp.dirSync({unsafeCleanup: true})
+
+  test
+    .stdout()
+    .command(['convert dbprotect2hdf', '-i', path.resolve('./test/sample_data/dbprotect/sample_input_report/DbProtect-Check-Results-Details-XML-Sample.xml'), '-o', `${tmpobj.name}/dbprotecttest.json`])
+    .it('hdf-converter output test - check results', () => {
+      const test = JSON.parse(fs.readFileSync(`${tmpobj.name}/dbprotecttest.json`, 'utf8'))
+      const sample = JSON.parse(fs.readFileSync(path.resolve('./test/sample_data/dbprotect/dbprotect-check-hdf.json'), 'utf8'))
+      expect(omitHDFChangingFields(test)).to.eql(omitHDFChangingFields(sample))
+    })
+
+  test
+    .stdout()
+    .command(['convert dbprotect2hdf', '-i', path.resolve('./test/sample_data/dbprotect/sample_input_report/DbProtect-Findings-Detail-XML-Sample.xml'), '-o', `${tmpobj.name}/dbprotecttest.json`])
+    .it('hdf-converter output test - findings results', () => {
+      const test = JSON.parse(fs.readFileSync(`${tmpobj.name}/dbprotecttest.json`, 'utf8'))
+      const sample = JSON.parse(fs.readFileSync(path.resolve('./test/sample_data/dbprotect/dbprotect-findings-hdf.json'), 'utf8'))
+      expect(omitHDFChangingFields(test)).to.eql(omitHDFChangingFields(sample))
+    })
+})
+
+describe('Test dbprotect using withraw flag', () => {
+  const tmpobj = tmp.dirSync({unsafeCleanup: true})
+
+  test
+    .stdout()
+    .command(['convert dbprotect2hdf', '-i', path.resolve('./test/sample_data/dbprotect/sample_input_report/DbProtect-Check-Results-Details-XML-Sample.xml'), '-o', `${tmpobj.name}/dbprotecttest.json`, '-w'])
+    .it('hdf-converter withraw output test - check results', () => {
+      const test = JSON.parse(fs.readFileSync(`${tmpobj.name}/dbprotecttest.json`, 'utf8'))
+      const sample = JSON.parse(fs.readFileSync(path.resolve('./test/sample_data/dbprotect/dbprotect-check-hdf-withraw.json'), 'utf8'))
+      expect(omitHDFChangingFields(test)).to.eql(omitHDFChangingFields(sample))
+    })
+
+  test
+    .stdout()
+    .command(['convert dbprotect2hdf', '-i', path.resolve('./test/sample_data/dbprotect/sample_input_report/DbProtect-Findings-Detail-XML-Sample.xml'), '-o', `${tmpobj.name}/dbprotecttest.json`, '-w'])
+    .it('hdf-converter withraw output test - findings results', () => {
+      const test = JSON.parse(fs.readFileSync(`${tmpobj.name}/dbprotecttest.json`, 'utf8'))
+      const sample = JSON.parse(fs.readFileSync(path.resolve('./test/sample_data/dbprotect/dbprotect-findings-hdf-withraw.json'), 'utf8'))
+      expect(omitHDFChangingFields(test)).to.eql(omitHDFChangingFields(sample))
+    })
+})