Refactor to reduce nesting

Threagile · May 31, 2024 · 73788dc · 73788dc
1 parent 7efb65d
commit 73788dc
Showing 1 changed file with 19 additions and 18 deletions.
diff --git a/pkg/security/risks/builtin/missing_identity_store_rule.go b/pkg/security/risks/builtin/missing_identity_store_rule.go
@@ -54,26 +54,27 @@ func (r *MissingIdentityStoreRule) GenerateRisks(input *types.Model) ([]*types.R
 	for _, id := range input.SortedTechnicalAssetIDs() { // use the sorted one to always get the same tech asset with the highest sensitivity as example asset
 		technicalAsset := input.TechnicalAssets[id]
 		for _, commLink := range technicalAsset.CommunicationLinksSorted() { // use the sorted one to always get the same tech asset with the highest sensitivity as example asset
-			if commLink.Authorization == types.EndUserIdentityPropagation {
-				riskIdentified = true
-				targetAsset := input.TechnicalAssets[commLink.TargetId]
-				if impact == types.LowImpact {
-					mostRelevantAsset = targetAsset
-					if targetAsset.HighestProcessedConfidentiality(input) >= types.Confidential ||
-						targetAsset.HighestProcessedIntegrity(input) >= types.Critical ||
-						targetAsset.HighestProcessedAvailability(input) >= types.Critical {
-						impact = types.MediumImpact
-					}
-				}
-				if targetAsset.Confidentiality >= types.Confidential ||
-					targetAsset.Integrity >= types.Critical ||
-					targetAsset.Availability >= types.Critical {
+			if commLink.Authorization != types.EndUserIdentityPropagation {
+				continue
+			}
+			riskIdentified = true
+			targetAsset := input.TechnicalAssets[commLink.TargetId]
+			if impact == types.LowImpact {
+				mostRelevantAsset = targetAsset
+				if targetAsset.HighestProcessedConfidentiality(input) >= types.Confidential ||
+					targetAsset.HighestProcessedIntegrity(input) >= types.Critical ||
+					targetAsset.HighestProcessedAvailability(input) >= types.Critical {
 					impact = types.MediumImpact
 				}
-				// just for referencing the most interesting asset
-				if technicalAsset.HighestSensitivityScore() > mostRelevantAsset.HighestSensitivityScore() {
-					mostRelevantAsset = technicalAsset
-				}
+			}
+			if targetAsset.Confidentiality >= types.Confidential ||
+				targetAsset.Integrity >= types.Critical ||
+				targetAsset.Availability >= types.Critical {
+				impact = types.MediumImpact
+			}
+			// just for referencing the most interesting asset
+			if technicalAsset.HighestSensitivityScore() > mostRelevantAsset.HighestSensitivityScore() {
+				mostRelevantAsset = technicalAsset
 			}
 		}
 	}