Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Additional permissions required to retrieve SAST scan statistics #225

Closed
nleach999 opened this issue Jul 18, 2023 · 0 comments · Fixed by #226
Closed

Additional permissions required to retrieve SAST scan statistics #225

nleach999 opened this issue Jul 18, 2023 · 0 comments · Fixed by #226
Labels
bug Something isn't working

Comments

@nleach999
Copy link
Collaborator

Description

The permissions in the manual state the required permissions are:

  • SAST->Project & Scans->Save Sast Scan
  • Reports->Generate Scan Reports

But during the scan, 403 errors are reported trying to access the scan statistics endpoint. Additional permissions need to be added:

  • Scan Results->View Results

Expected Behavior

No 403 errors for:

  • /cxrestapi/sast/scans/.../statistics
  • /cxrestapi/sast/scans/.../parsedFiles
  • /cxrestapi/sast/scans/.../failedQueries
  • /cxrestapi/sast/scans/.../failedGeneralQueries
  • /cxrestapi/sast/scans/.../succeededGeneralQueries

Actual Behavior

403 errors are reported, delaying the crawl since each needs to timeout after retry.

Reproduction

  1. Create a service account with the documented permissions
  2. Perform a scan.

Environment Details

CxAnalytix 2.1.1
SAST 9.5.5 HF8
@nleach999 nleach999 added the bug Something isn't working label Jul 18, 2023
nleach999 added a commit that referenced this issue Jul 21, 2023
@nleach999
fix issue #225
c16affd
@nleach999 nleach999 mentioned this issue Aug 4, 2023
Merged
nleach999 added a commit that referenced this issue Aug 4, 2023
@nleach999
Feature/stability (#226)
37e85fd 
* cxone crawl stability

* fix issue #225

* scan stat record stabilization

* documentation updates

* enable odata api
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Feature/stability checkmarx-ts/CxAnalytix
1 participant
@nleach999