Merge pull request #88 from CheckmarxDev/feature/AST-6696-codebashing-link

tiagobcx · web-flow · commit c76630156c82 · 2022-03-07T13:53:49.000Z
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -20,6 +20,7 @@ jobs:
           CX_BASE_URI: ${{ secrets.BASE_URI }}
           CX_TENANT: ${{ secrets.TENANT }}
           CX_SCANID: ${{ secrets.SCANID }}
+          CX_APIKEY: ${{ secrets.CX_APIKEY }}
         run: npm test
   cx-scan:
     runs-on: ubuntu-latest
diff --git a/src/main/codebashing/CxCodeBashing.ts b/src/main/codebashing/CxCodeBashing.ts
@@ -0,0 +1,19 @@
+export default class CxCodeBashing {
+  path: string = "";
+  cweId: string = "";
+  language: string = "";
+  queryName: string = "";
+
+  static parseCodeBashing(resultObject: any[]): CxCodeBashing[] {
+    let codeBashingLink: CxCodeBashing[] = [];
+    codeBashingLink = resultObject.map((member: any) => {
+      let codeBashing = new CxCodeBashing();
+      codeBashing.path = member.path;
+      codeBashing.cweId = member.cwe_id;
+      codeBashing.language = member.lang;
+      codeBashing.queryName = member.cxQueryName;
+      return codeBashing;
+    });
+    return codeBashingLink;
+  }
+}
diff --git a/src/main/wrapper/CxConstants.ts b/src/main/wrapper/CxConstants.ts
@@ -26,6 +26,7 @@ export enum CxConstants {
     CMD_TRIAGE = "triage",
     SUB_CMD_UPDATE = "update",
     CMD_RESULT = "results",
+    CMD_CODE_BASHING = "codebashing",
     SCAN_INFO_FORMAT = "--scan-info-format",
     FORMAT = "--format",
     FORMAT_JSON = "json",
@@ -46,7 +47,11 @@ export enum CxConstants {
     SCAN_TYPE = "CxScan",
     PROJECT_TYPE = "CxProject",
     PREDICATE_TYPE = "CxPredicate",
+    CODE_BASHING_TYPE = "CxCodeBashing",
     SAST = "sast",
+    LANGUAGE = "--language",
+    VULNERABILITY_TYPE = "--vulnerabity-type",
+    CWE_ID = "--cwe-id",
 
     SEVERITY_HIGH = "high",
     SEVERITY_MEDIUM = "medium",
diff --git a/src/main/wrapper/CxWrapper.ts b/src/main/wrapper/CxWrapper.ts
@@ -195,8 +195,15 @@ export class CxWrapper {
         return await exec.executeCommands(this.config.pathToExecutable, commands);
     }
 
+    async codeBashingList(cweId:string,language:string,queryName:string): Promise<CxCommandOutput> {
+        const commands: string[] = [CxConstants.CMD_RESULT, CxConstants.CMD_CODE_BASHING, CxConstants.LANGUAGE, language, CxConstants.VULNERABILITY_TYPE , queryName, CxConstants.CWE_ID , cweId];
+        commands.push(...this.initializeCommands(true));
+        const exec = new ExecutionService();
+        return await exec.executeCommands(this.config.pathToExecutable, commands,CxConstants.CODE_BASHING_TYPE);
+    }
+
     resultsShow(scanId: string, reportFormat: string, outputFileName: string, outputPath: string): string[] {
-        const commands: string[] = [CxConstants.CMD_RESULT,CxConstants.SUB_CMD_SHOW, CxConstants.SCAN_ID, scanId,CxConstants.REPORT_FORMAT , reportFormat];
+        const commands: string[] = [CxConstants.CMD_RESULT, CxConstants.SUB_CMD_SHOW, CxConstants.SCAN_ID, scanId,CxConstants.REPORT_FORMAT , reportFormat];
         if (outputFileName) {
             commands.push(CxConstants.OUTPUT_NAME);
             commands.push(outputFileName);
diff --git a/src/main/wrapper/ExecutionService.ts b/src/main/wrapper/ExecutionService.ts
@@ -6,6 +6,7 @@ import * as os from "os";
 import * as path from "path";
 import CxResult from "../results/CxResult";
 import CxProject from "../project/CxProject";
+import CxCodeBashing from "../codebashing/CxCodeBashing";
 
 const spawn = require('child_process').spawn;
 
@@ -69,15 +70,19 @@ export class ExecutionService {
 
             if (data) {
               let resultObject = JSON.parse(data);
-              switch(output){
-                case 'CxScan':
-                  let scans = CxScan.parseProject(resultObject)
+              switch (output) {
+                case "CxScan":
+                  let scans = CxScan.parseProject(resultObject);
                   cxCommandOutput.payload = scans;
                   break;
-                case 'CxProject':
-                  let projects = CxProject.parseProject(resultObject)
+                case "CxProject":
+                  let projects = CxProject.parseProject(resultObject);
                   cxCommandOutput.payload = projects;
                   break;
+                case "CxCodeBashing":
+                  let codeBashing = CxCodeBashing.parseCodeBashing(resultObject);
+                  cxCommandOutput.payload = codeBashing;
+                  break;
                 default:
                   cxCommandOutput.payload = resultObject;
               }
diff --git a/src/tests/ResultTest.test.ts b/src/tests/ResultTest.test.ts
@@ -40,6 +40,12 @@ describe("Results cases",() => {
         expect(written.payload.length).toBeGreaterThan(0);
     });
 
+    it('Result codebashing successful case', async () => {
+        const auth = new CxWrapper(cxScanConfig);
+        const cxCommandOutput: CxCommandOutput = await auth.codeBashingList("79","PHP","Reflected XSS All Clients");
+        expect(cxCommandOutput.payload.length).toBeGreaterThan(0);
+    });
+
 });
 
 const fileExists = (file:any) => {
