Using $help to debug, build, and troubleshoot your template at runtime

[attackforge-support]

You can use the $help function to print data relating to the 'Scope' or 'Variables' as your template is executed in ReportGen.

Scope

'Scope' relates to the data that is available to you, at any point in time, to use in your report. It is made up of data that is exported from your project for reporting purposes, and includes additional properties that are injected by ReportGen during runtime.

For example, take the following template:

{$help[My Label][scope]}

It will print all of the data available to you at the root scope.

Now if you move it within a loop on the vulnerabilities:

{#vulnerabilities}
{$help[Vulnerability][scope]}
{/}

You will be able to see the data available to you for every iteration on the loop over every vulnerability:

Notice that 'scope' includes the data for the vulnerability, and '../' include the data for 'one-level-up' which in this case is the root scope.

Now if you move it within a loop on the affected assets on every vulnerability:

{#vulnerabilities}
{#affected_assets}
{$help[Affected Asset][scope]}
{/}{/}

You will be able to see the data available to you for every affected asset, on every vulnerability:

Notice that 'scope' includes the data for the affected asset, '../' includes the data for 'one-level-up' which in this case is the vulnerability, and '../../' includes the data for 'one-level-up' on the vulnerability which in this case is the root scope.

You can access any data, at any time, in your template/report by understanding how to navigate the 'tree' of scope.
You can use '../' or 'parent' to go up a level, and then use the object properties to go down a level. For string arrays, you can access the value using './'

You can use multiple $help functions at a time if it would help you to follow what is happening at every step in your template.

Variables

'Variables' relates to the data that is available to you, at any point in time, based on the variables you have defined and used in your template. It is made up of variables which have been defined using $declare function.

For example, take the following template:

{$declare[VulnerabilityTitles][[]]}
{#vulnerabilities}
{$push[VulnerabilityTitles][“%(title)”]}
{/}
{$help[My Variables][var]}

This template works as follows:

• Declare a new variable 'VulnerabilityTitles' and set it with a value of empty list
• Loop over every vulnerability
• Push the vulnerability 'title' into the list for the variable 'VulnerabilityTitles'
• After the loop finishes, print the $help function for variables

Notice that the $help function now shows the variables set in the template, and their values - in this case every vulnerability title.

Now if you move the $help function to run inside the loop on vulnerabilities:

{$declare[VulnerabilityTitles][[]]}
{#vulnerabilities}
{$push[VulnerabilityTitles][“%(title)”]}
{$help[My Variables][var]}
{/}

It will show you the value of the variables as they exist on every iteration of the loop. In this case we can see the list growing with the new vulnerability title added on every iteration of the loop.