From 70076fcbffa556ab41c838496b07be578cb4fe2f Mon Sep 17 00:00:00 2001 From: tiagobcx Date: Thu, 1 Sep 2022 10:32:33 +0100 Subject: [PATCH 1/2] adding learn-more command --- .../checkmarx/ast/learnMore/LearnMore.java | 77 +++++++++++++++++++ .../com/checkmarx/ast/learnMore/Sample.java | 26 +++++++ .../checkmarx/ast/wrapper/CxConstants.java | 5 ++ .../com/checkmarx/ast/wrapper/CxWrapper.java | 27 +++++-- .../java/com/checkmarx/ast/LearnMoreTest.java | 17 ++++ 5 files changed, 146 insertions(+), 6 deletions(-) create mode 100644 src/main/java/com/checkmarx/ast/learnMore/LearnMore.java create mode 100644 src/main/java/com/checkmarx/ast/learnMore/Sample.java create mode 100644 src/test/java/com/checkmarx/ast/LearnMoreTest.java diff --git a/src/main/java/com/checkmarx/ast/learnMore/LearnMore.java b/src/main/java/com/checkmarx/ast/learnMore/LearnMore.java new file mode 100644 index 00000000..18e31ec6 --- /dev/null +++ b/src/main/java/com/checkmarx/ast/learnMore/LearnMore.java @@ -0,0 +1,77 @@ +package com.checkmarx.ast.learnMore; + +import com.checkmarx.ast.codebashing.CodeBashing; +import com.checkmarx.ast.remediation.KicsRemediation; +import com.fasterxml.jackson.annotation.JsonCreator; +import com.fasterxml.jackson.annotation.JsonIgnoreProperties; +import com.fasterxml.jackson.annotation.JsonInclude; +import com.fasterxml.jackson.annotation.JsonProperty; +import com.fasterxml.jackson.databind.JavaType; +import com.fasterxml.jackson.databind.ObjectMapper; +import com.fasterxml.jackson.databind.annotation.JsonDeserialize; +import com.fasterxml.jackson.databind.type.TypeFactory; +import lombok.Value; +import org.apache.commons.lang3.StringUtils; + +import java.io.IOException; +import java.util.List; + +@Value +@JsonDeserialize() +@JsonInclude(JsonInclude.Include.NON_NULL) +@JsonIgnoreProperties(ignoreUnknown = true) + +public class LearnMore { + + String queryId; + String queryName; + String queryDescriptionId; + String resultDescription; + String risk; + String cause; + String generalRecommendations; + List samples; + + @JsonCreator + public LearnMore(@JsonProperty("queryID") String queryId, @JsonProperty("queryName") String queryName,@JsonProperty("queryDescriptionID") String queryDescriptionId, @JsonProperty("resultDescription") String resultDescription,@JsonProperty("risk") String risk,@JsonProperty("cause") String cause,@JsonProperty("generalRecommendations") String generalRecommendations,@JsonProperty("samples") List samples) { + this.queryId = queryId; + this.queryName = queryName; + this.queryDescriptionId = queryDescriptionId; + this.resultDescription = resultDescription; + this.risk = risk; + this.cause = cause; + this.generalRecommendations = generalRecommendations; + this.samples = samples; + } + + public static List listFromLine(String line) { + return parse(line, TypeFactory.defaultInstance().constructCollectionType(List.class, LearnMore.class)); + } + + public static T fromLine(String line) { + return parse(line, TypeFactory.defaultInstance().constructType(LearnMore.class)); + } + + private static T parse(String line, JavaType type) { + T result = null; + try { + if (!StringUtils.isBlank(line) && isValidJSON(line)) { + result = new ObjectMapper().readValue(line, type); + + } + } catch (IOException e) { + e.printStackTrace(); + } + return result; + } + + private static boolean isValidJSON(final String json) { + try { + final ObjectMapper mapper = new ObjectMapper(); + mapper.readTree(json); + return true; + } catch (IOException e) { + return false; + } + } +} diff --git a/src/main/java/com/checkmarx/ast/learnMore/Sample.java b/src/main/java/com/checkmarx/ast/learnMore/Sample.java new file mode 100644 index 00000000..bd421574 --- /dev/null +++ b/src/main/java/com/checkmarx/ast/learnMore/Sample.java @@ -0,0 +1,26 @@ +package com.checkmarx.ast.learnMore; + +import com.fasterxml.jackson.annotation.JsonCreator; +import com.fasterxml.jackson.annotation.JsonIgnoreProperties; +import com.fasterxml.jackson.annotation.JsonInclude; +import com.fasterxml.jackson.annotation.JsonProperty; +import com.fasterxml.jackson.databind.annotation.JsonDeserialize; +import lombok.Value; + +@Value +@JsonDeserialize() +@JsonInclude(JsonInclude.Include.NON_NULL) +@JsonIgnoreProperties(ignoreUnknown = true) + +public class Sample { + String progLanguage; + String code; + String title; + + @JsonCreator + public Sample(@JsonProperty("progLanguage") String progLanguage, @JsonProperty("code") String code,@JsonProperty("title") String title) { + this.progLanguage = progLanguage; + this.code = code; + this.title = title; + } +} diff --git a/src/main/java/com/checkmarx/ast/wrapper/CxConstants.java b/src/main/java/com/checkmarx/ast/wrapper/CxConstants.java index 98ea6579..574a41c9 100644 --- a/src/main/java/com/checkmarx/ast/wrapper/CxConstants.java +++ b/src/main/java/com/checkmarx/ast/wrapper/CxConstants.java @@ -59,4 +59,9 @@ public final class CxConstants { static final String CMD_UTILS = "utils"; static final String CMD_REMEDIATION = "remediation"; static final String SUB_CMD_REMEDIATION_SCA = "sca"; + static final String SUB_CMD_REMEDIATION_KICS = "kics"; + static final String KICS_REMEDIATION_RESULTS_FILE = "--results-file"; + static final String KICS_REMEDIATION_KICS_FILE = "--kics-files"; + static final String KICS_REMEDIATION_SIMILARITY = "--similarity-ids"; + static final String SUB_CMD_LEARN_MORE = "learn-more"; } diff --git a/src/main/java/com/checkmarx/ast/wrapper/CxWrapper.java b/src/main/java/com/checkmarx/ast/wrapper/CxWrapper.java index dbd69780..fbd6ebb1 100644 --- a/src/main/java/com/checkmarx/ast/wrapper/CxWrapper.java +++ b/src/main/java/com/checkmarx/ast/wrapper/CxWrapper.java @@ -2,6 +2,7 @@ import com.checkmarx.ast.codebashing.CodeBashing; import com.checkmarx.ast.kicsRealtimeResults.KicsRealtimeResults; +import com.checkmarx.ast.learnMore.LearnMore; import com.checkmarx.ast.predicate.Predicate; import com.checkmarx.ast.project.Project; import com.checkmarx.ast.remediation.KicsRemediation; @@ -348,25 +349,39 @@ public KicsRemediation kicsRemediate(@NonNull String resultsFile, String kicsFil List arguments = new ArrayList<>(); arguments.add(this.executable); - arguments.add("utils"); - arguments.add("remediation"); - arguments.add("kics"); - arguments.add("--results-file"); + arguments.add(CxConstants.CMD_UTILS); + arguments.add(CxConstants.CMD_REMEDIATION); + arguments.add(CxConstants.SUB_CMD_REMEDIATION_KICS); + arguments.add(CxConstants.KICS_REMEDIATION_RESULTS_FILE); arguments.add(resultsFile); - arguments.add("--kics-files"); + arguments.add(CxConstants.KICS_REMEDIATION_KICS_FILE); arguments.add(kicsFile); if (engine.length() > 0) { arguments.add(CxConstants.ENGINE); arguments.add(engine); } if (similarityIds.length() > 0) { - arguments.add("--similarity-ids"); + arguments.add(CxConstants.KICS_REMEDIATION_SIMILARITY); arguments.add(similarityIds); } KicsRemediation remediation = Execution.executeCommand(arguments, logger, KicsRemediation::fromLine); return remediation; } + public List learnMore(String queryId) throws CxException, IOException, InterruptedException { + List arguments = new ArrayList<>(); + arguments.add(this.executable); + arguments.add(CxConstants.CMD_UTILS); + arguments.add(CxConstants.SUB_CMD_LEARN_MORE); + arguments.add(CxConstants.QUERY_ID); + arguments.add(queryId); + arguments.add(CxConstants.FORMAT); + arguments.add(CxConstants.FORMAT_JSON); + + List learnMore = Execution.executeCommand(arguments, logger, LearnMore::listFromLine); + return learnMore; + } + private int getIndexOfBfLNode(List bflNodes, List resultNodes) { int bflNodeNotFound = -1; diff --git a/src/test/java/com/checkmarx/ast/LearnMoreTest.java b/src/test/java/com/checkmarx/ast/LearnMoreTest.java new file mode 100644 index 00000000..e3376954 --- /dev/null +++ b/src/test/java/com/checkmarx/ast/LearnMoreTest.java @@ -0,0 +1,17 @@ +package com.checkmarx.ast; + +import com.checkmarx.ast.learnMore.LearnMore; +import org.junit.jupiter.api.Assertions; +import org.junit.jupiter.api.Test; +import java.util.List; + +class LearnMoreTest extends BaseTest { + private static String QUERY_ID = "16772998409937314312"; + + @Test + void testLearnMore() throws Exception { + List learnMore = wrapper.learnMore(QUERY_ID); + Assertions.assertTrue(learnMore.size()>0); + } + +} From 9a5b39cbf3bb5ca5e615a067adf4eccdc5462bfb Mon Sep 17 00:00:00 2001 From: tiagobcx Date: Fri, 2 Sep 2022 11:47:20 +0100 Subject: [PATCH 2/2] adding auth flags --- src/main/java/com/checkmarx/ast/wrapper/CxWrapper.java | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/main/java/com/checkmarx/ast/wrapper/CxWrapper.java b/src/main/java/com/checkmarx/ast/wrapper/CxWrapper.java index fbd6ebb1..9a220aae 100644 --- a/src/main/java/com/checkmarx/ast/wrapper/CxWrapper.java +++ b/src/main/java/com/checkmarx/ast/wrapper/CxWrapper.java @@ -370,7 +370,6 @@ public KicsRemediation kicsRemediate(@NonNull String resultsFile, String kicsFil public List learnMore(String queryId) throws CxException, IOException, InterruptedException { List arguments = new ArrayList<>(); - arguments.add(this.executable); arguments.add(CxConstants.CMD_UTILS); arguments.add(CxConstants.SUB_CMD_LEARN_MORE); arguments.add(CxConstants.QUERY_ID); @@ -378,7 +377,7 @@ public List learnMore(String queryId) throws CxException, IOException arguments.add(CxConstants.FORMAT); arguments.add(CxConstants.FORMAT_JSON); - List learnMore = Execution.executeCommand(arguments, logger, LearnMore::listFromLine); + List learnMore = Execution.executeCommand(withConfigArguments(arguments), logger, LearnMore::listFromLine); return learnMore; }