From a8fe95ae482c5662676e6b54fd4caa8eb8e7d304 Mon Sep 17 00:00:00 2001 From: Ilya Siamionau Date: Tue, 21 May 2024 23:44:26 +0200 Subject: [PATCH] =?UTF-8?q?CM-35955=20-=20Add=20=E2=80=9CIgnore=20this=20v?= =?UTF-8?q?iolation=E2=80=9D=20for=20secrets=20violation=20card?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../annotationAppliers/IacApplier.kt | 6 +-- .../annotationAppliers/SastApplier.kt | 6 +-- .../annotationAppliers/ScaApplier.kt | 10 ++--- .../annotationAppliers/SecretApplier.kt | 8 ++-- .../com/cycode/plugin/cli/CliIgnoreType.kt | 7 ++++ .../components/treeView/TreeView.kt | 2 +- .../common/CommonViolationCardContentTab.kt | 1 + .../common/actions/CardActions.kt | 33 +++++++++++++++ .../SecretViolationCardContentTab.kt | 16 +++++++- .../components/actions/SecretActions.kt | 26 ++++++++++++ .../CycodeIgnoreIntentionQuickFix.kt | 40 +++---------------- .../plugin/intentions/CycodeIgnoreType.kt | 7 ---- .../cycode/plugin/services/CycodeService.kt | 36 ++++++++++++++++- .../messages/CycodeBundle.properties | 1 + 14 files changed, 136 insertions(+), 63 deletions(-) create mode 100644 src/main/kotlin/com/cycode/plugin/cli/CliIgnoreType.kt create mode 100644 src/main/kotlin/com/cycode/plugin/components/toolWindow/components/violationCardContentTab/common/actions/CardActions.kt create mode 100644 src/main/kotlin/com/cycode/plugin/components/toolWindow/components/violationCardContentTab/secretViolationCardContentTab/components/actions/SecretActions.kt delete mode 100644 src/main/kotlin/com/cycode/plugin/intentions/CycodeIgnoreType.kt diff --git a/src/main/kotlin/com/cycode/plugin/annotators/annotationAppliers/IacApplier.kt b/src/main/kotlin/com/cycode/plugin/annotators/annotationAppliers/IacApplier.kt index 60bf9a9..660bf3d 100644 --- a/src/main/kotlin/com/cycode/plugin/annotators/annotationAppliers/IacApplier.kt +++ b/src/main/kotlin/com/cycode/plugin/annotators/annotationAppliers/IacApplier.kt @@ -3,10 +3,10 @@ package com.cycode.plugin.annotators.annotationAppliers import com.cycode.plugin.CycodeBundle import com.cycode.plugin.annotators.convertSeverity import com.cycode.plugin.annotators.validateTextRange +import com.cycode.plugin.cli.CliIgnoreType import com.cycode.plugin.cli.CliResult import com.cycode.plugin.cli.CliScanType import com.cycode.plugin.intentions.CycodeIgnoreIntentionQuickFix -import com.cycode.plugin.intentions.CycodeIgnoreType import com.cycode.plugin.intentions.CycodeOpenViolationCardIntentionQuickFix import com.cycode.plugin.services.ScanResultsService import com.intellij.lang.annotation.AnnotationHolder @@ -65,14 +65,14 @@ class IacApplier(private val scanResults: ScanResultsService) : AnnotationApplie .withFix( CycodeIgnoreIntentionQuickFix( CliScanType.Iac, - CycodeIgnoreType.PATH, + CliIgnoreType.PATH, detection.detectionDetails.getFilepath() ) ) .withFix( CycodeIgnoreIntentionQuickFix( CliScanType.Iac, - CycodeIgnoreType.RULE, + CliIgnoreType.RULE, detection.detectionRuleId ) ) diff --git a/src/main/kotlin/com/cycode/plugin/annotators/annotationAppliers/SastApplier.kt b/src/main/kotlin/com/cycode/plugin/annotators/annotationAppliers/SastApplier.kt index a1ab8c0..72b7f0e 100644 --- a/src/main/kotlin/com/cycode/plugin/annotators/annotationAppliers/SastApplier.kt +++ b/src/main/kotlin/com/cycode/plugin/annotators/annotationAppliers/SastApplier.kt @@ -3,10 +3,10 @@ package com.cycode.plugin.annotators.annotationAppliers import com.cycode.plugin.CycodeBundle import com.cycode.plugin.annotators.convertSeverity import com.cycode.plugin.annotators.validateTextRange +import com.cycode.plugin.cli.CliIgnoreType import com.cycode.plugin.cli.CliResult import com.cycode.plugin.cli.CliScanType import com.cycode.plugin.intentions.CycodeIgnoreIntentionQuickFix -import com.cycode.plugin.intentions.CycodeIgnoreType import com.cycode.plugin.intentions.CycodeOpenViolationCardIntentionQuickFix import com.cycode.plugin.services.ScanResultsService import com.intellij.lang.annotation.AnnotationHolder @@ -62,14 +62,14 @@ class SastApplier(private val scanResults: ScanResultsService) : AnnotationAppli .withFix( CycodeIgnoreIntentionQuickFix( CliScanType.Sast, - CycodeIgnoreType.PATH, + CliIgnoreType.PATH, detection.detectionDetails.getFilepath() ) ) .withFix( CycodeIgnoreIntentionQuickFix( CliScanType.Sast, - CycodeIgnoreType.RULE, + CliIgnoreType.RULE, detection.detectionRuleId ) ) diff --git a/src/main/kotlin/com/cycode/plugin/annotators/annotationAppliers/ScaApplier.kt b/src/main/kotlin/com/cycode/plugin/annotators/annotationAppliers/ScaApplier.kt index 2db6328..d34b4a8 100644 --- a/src/main/kotlin/com/cycode/plugin/annotators/annotationAppliers/ScaApplier.kt +++ b/src/main/kotlin/com/cycode/plugin/annotators/annotationAppliers/ScaApplier.kt @@ -3,12 +3,8 @@ package com.cycode.plugin.annotators.annotationAppliers import com.cycode.plugin.CycodeBundle import com.cycode.plugin.annotators.convertSeverity import com.cycode.plugin.annotators.validateTextRange -import com.cycode.plugin.cli.CliResult -import com.cycode.plugin.cli.CliScanType -import com.cycode.plugin.cli.getPackageFileForLockFile -import com.cycode.plugin.cli.isSupportedLockFile +import com.cycode.plugin.cli.* import com.cycode.plugin.intentions.CycodeIgnoreIntentionQuickFix -import com.cycode.plugin.intentions.CycodeIgnoreType import com.cycode.plugin.intentions.CycodeOpenViolationCardIntentionQuickFix import com.cycode.plugin.services.ScanResultsService import com.intellij.lang.annotation.AnnotationHolder @@ -93,14 +89,14 @@ class ScaApplier(private val scanResults: ScanResultsService) : AnnotationApplie .withFix( CycodeIgnoreIntentionQuickFix( CliScanType.Sca, - CycodeIgnoreType.PATH, + CliIgnoreType.PATH, detection.detectionDetails.getFilepath() ) ) .withFix( CycodeIgnoreIntentionQuickFix( CliScanType.Sca, - CycodeIgnoreType.RULE, + CliIgnoreType.RULE, detection.detectionRuleId ) ) diff --git a/src/main/kotlin/com/cycode/plugin/annotators/annotationAppliers/SecretApplier.kt b/src/main/kotlin/com/cycode/plugin/annotators/annotationAppliers/SecretApplier.kt index cd3662b..5fe5d29 100644 --- a/src/main/kotlin/com/cycode/plugin/annotators/annotationAppliers/SecretApplier.kt +++ b/src/main/kotlin/com/cycode/plugin/annotators/annotationAppliers/SecretApplier.kt @@ -3,10 +3,10 @@ package com.cycode.plugin.annotators.annotationAppliers import com.cycode.plugin.CycodeBundle import com.cycode.plugin.annotators.convertSeverity import com.cycode.plugin.annotators.validateTextRange +import com.cycode.plugin.cli.CliIgnoreType import com.cycode.plugin.cli.CliResult import com.cycode.plugin.cli.CliScanType import com.cycode.plugin.intentions.CycodeIgnoreIntentionQuickFix -import com.cycode.plugin.intentions.CycodeIgnoreType import com.cycode.plugin.intentions.CycodeOpenViolationCardIntentionQuickFix import com.cycode.plugin.services.ScanResultsService import com.intellij.lang.annotation.AnnotationHolder @@ -76,18 +76,18 @@ class SecretApplier(private val scanResults: ScanResultsService) : AnnotationApp .withFix( CycodeIgnoreIntentionQuickFix( CliScanType.Secret, - CycodeIgnoreType.PATH, + CliIgnoreType.PATH, detection.detectionDetails.getFilepath() ) ) .withFix( CycodeIgnoreIntentionQuickFix( CliScanType.Secret, - CycodeIgnoreType.RULE, + CliIgnoreType.RULE, detection.detectionRuleId ) ) - .withFix(CycodeIgnoreIntentionQuickFix(CliScanType.Secret, CycodeIgnoreType.VALUE, detectedValue)) + .withFix(CycodeIgnoreIntentionQuickFix(CliScanType.Secret, CliIgnoreType.VALUE, detectedValue)) .create() } diff --git a/src/main/kotlin/com/cycode/plugin/cli/CliIgnoreType.kt b/src/main/kotlin/com/cycode/plugin/cli/CliIgnoreType.kt new file mode 100644 index 0000000..d2c5533 --- /dev/null +++ b/src/main/kotlin/com/cycode/plugin/cli/CliIgnoreType.kt @@ -0,0 +1,7 @@ +package com.cycode.plugin.cli + +enum class CliIgnoreType { + VALUE, + RULE, + PATH +} diff --git a/src/main/kotlin/com/cycode/plugin/components/toolWindow/components/treeView/TreeView.kt b/src/main/kotlin/com/cycode/plugin/components/toolWindow/components/treeView/TreeView.kt index 7f782ac..3672f53 100644 --- a/src/main/kotlin/com/cycode/plugin/components/toolWindow/components/treeView/TreeView.kt +++ b/src/main/kotlin/com/cycode/plugin/components/toolWindow/components/treeView/TreeView.kt @@ -119,7 +119,7 @@ class TreeView( fun displayViolationCard(detection: DetectionBase) { val card = when (detection) { - is SecretDetection -> SecretViolationCardContentTab().getContent(detection) + is SecretDetection -> SecretViolationCardContentTab(project).getContent(detection) is ScaDetection -> ScaViolationCardContentTab().getContent(detection) is IacDetection -> IacViolationCardContentTab().getContent(detection) is SastDetection -> SastViolationCardContentTab().getContent(detection) diff --git a/src/main/kotlin/com/cycode/plugin/components/toolWindow/components/violationCardContentTab/common/CommonViolationCardContentTab.kt b/src/main/kotlin/com/cycode/plugin/components/toolWindow/components/violationCardContentTab/common/CommonViolationCardContentTab.kt index f99c368..0d7edb5 100644 --- a/src/main/kotlin/com/cycode/plugin/components/toolWindow/components/violationCardContentTab/common/CommonViolationCardContentTab.kt +++ b/src/main/kotlin/com/cycode/plugin/components/toolWindow/components/violationCardContentTab/common/CommonViolationCardContentTab.kt @@ -26,6 +26,7 @@ open class CommonViolationCardContentTab { } // blank JLabel to fill the remaining space otherwise the components are centered + gbc.gridy++ gbc.weighty = 1.0 panel.add(JLabel(" "), gbc) diff --git a/src/main/kotlin/com/cycode/plugin/components/toolWindow/components/violationCardContentTab/common/actions/CardActions.kt b/src/main/kotlin/com/cycode/plugin/components/toolWindow/components/violationCardContentTab/common/actions/CardActions.kt new file mode 100644 index 0000000..5e64f1f --- /dev/null +++ b/src/main/kotlin/com/cycode/plugin/components/toolWindow/components/violationCardContentTab/common/actions/CardActions.kt @@ -0,0 +1,33 @@ +package com.cycode.plugin.components.toolWindow.components.violationCardContentTab.common.actions + +import com.intellij.ui.JBColor +import com.intellij.util.ui.JBUI +import java.awt.FlowLayout +import java.awt.GridBagConstraints +import javax.swing.JButton +import javax.swing.JComponent +import javax.swing.JPanel + +open class CardActions { + private val gbc = GridBagConstraints() + private val panel: JPanel = JPanel(FlowLayout(FlowLayout.RIGHT)) + + init { + gbc.insets = JBUI.insets(2) + + panel.border = JBUI.Borders.compound( + JBUI.Borders.customLine(JBColor.GRAY, 1, 0, 0, 0), + JBUI.Borders.empty(10, 0) + ) + } + + fun addActionButton(text: String, onClick: () -> Unit) { + panel.add(JButton(text).apply { + addActionListener { onClick() } + }, gbc) + } + + fun getContent(): JComponent { + return panel + } +} diff --git a/src/main/kotlin/com/cycode/plugin/components/toolWindow/components/violationCardContentTab/secretViolationCardContentTab/SecretViolationCardContentTab.kt b/src/main/kotlin/com/cycode/plugin/components/toolWindow/components/violationCardContentTab/secretViolationCardContentTab/SecretViolationCardContentTab.kt index b102474..c41d3f0 100644 --- a/src/main/kotlin/com/cycode/plugin/components/toolWindow/components/violationCardContentTab/secretViolationCardContentTab/SecretViolationCardContentTab.kt +++ b/src/main/kotlin/com/cycode/plugin/components/toolWindow/components/violationCardContentTab/secretViolationCardContentTab/SecretViolationCardContentTab.kt @@ -2,21 +2,33 @@ package com.cycode.plugin.components.toolWindow.components.violationCardContentT import com.cycode.plugin.cli.models.scanResult.secret.SecretDetection import com.cycode.plugin.components.toolWindow.components.violationCardContentTab.common.CommonViolationCardContentTab +import com.cycode.plugin.components.toolWindow.components.violationCardContentTab.secretViolationCardContentTab.components.actions.SecretActions import com.cycode.plugin.components.toolWindow.components.violationCardContentTab.secretViolationCardContentTab.components.companyGuidelines.SecretCompanyGuidelines import com.cycode.plugin.components.toolWindow.components.violationCardContentTab.secretViolationCardContentTab.components.header.SecretHeader import com.cycode.plugin.components.toolWindow.components.violationCardContentTab.secretViolationCardContentTab.components.shortSummary.SecretShortSummary import com.cycode.plugin.components.toolWindow.components.violationCardContentTab.secretViolationCardContentTab.components.summary.SecretSummary import com.cycode.plugin.components.toolWindow.components.violationCardContentTab.secretViolationCardContentTab.components.title.SecretTitle +import com.intellij.openapi.project.Project import javax.swing.JComponent -class SecretViolationCardContentTab : CommonViolationCardContentTab() { +class SecretViolationCardContentTab(val project: Project) : CommonViolationCardContentTab() { fun getContent(detection: SecretDetection): JComponent { val titlePanel = SecretTitle().getContent(detection) val shortSummaryPanel = SecretShortSummary().getContent(detection) val headerContentPanel = SecretHeader().addContent(detection) val summaryPanel = SecretSummary().getContent(detection) val companyGuidelines = SecretCompanyGuidelines().getContent(detection) + val actionsPanel = SecretActions(project).addContent(detection) - return getContent(listOf(titlePanel, shortSummaryPanel, headerContentPanel, summaryPanel, companyGuidelines)) + return getContent( + listOf( + titlePanel, + shortSummaryPanel, + headerContentPanel, + summaryPanel, + companyGuidelines, + actionsPanel, + ) + ) } } diff --git a/src/main/kotlin/com/cycode/plugin/components/toolWindow/components/violationCardContentTab/secretViolationCardContentTab/components/actions/SecretActions.kt b/src/main/kotlin/com/cycode/plugin/components/toolWindow/components/violationCardContentTab/secretViolationCardContentTab/components/actions/SecretActions.kt new file mode 100644 index 0000000..a943b3a --- /dev/null +++ b/src/main/kotlin/com/cycode/plugin/components/toolWindow/components/violationCardContentTab/secretViolationCardContentTab/components/actions/SecretActions.kt @@ -0,0 +1,26 @@ +package com.cycode.plugin.components.toolWindow.components.violationCardContentTab.secretViolationCardContentTab.components.actions + +import com.cycode.plugin.CycodeBundle +import com.cycode.plugin.cli.CliIgnoreType +import com.cycode.plugin.cli.CliScanType +import com.cycode.plugin.cli.models.scanResult.secret.SecretDetection +import com.cycode.plugin.components.toolWindow.components.violationCardContentTab.common.actions.CardActions +import com.cycode.plugin.services.cycode +import com.intellij.openapi.project.Project +import javax.swing.JComponent + +class SecretActions(val project: Project) : CardActions() { + fun addContent(detection: SecretDetection): JComponent { + addActionButton(CycodeBundle.message("secretViolationCardIgnoreViolationBtn"), onClick = { + if (detection.detectionDetails.detectedValue != null) { + cycode(project).applyIgnoreFromFileAnnotation( + CliScanType.Secret, + CliIgnoreType.VALUE, + detection.detectionDetails.detectedValue!! + ) + } + }) + + return getContent() + } +} diff --git a/src/main/kotlin/com/cycode/plugin/intentions/CycodeIgnoreIntentionQuickFix.kt b/src/main/kotlin/com/cycode/plugin/intentions/CycodeIgnoreIntentionQuickFix.kt index 04e9c0d..87cd0c5 100644 --- a/src/main/kotlin/com/cycode/plugin/intentions/CycodeIgnoreIntentionQuickFix.kt +++ b/src/main/kotlin/com/cycode/plugin/intentions/CycodeIgnoreIntentionQuickFix.kt @@ -1,11 +1,9 @@ package com.cycode.plugin.intentions import com.cycode.plugin.CycodeBundle +import com.cycode.plugin.cli.CliIgnoreType import com.cycode.plugin.cli.CliScanType -import com.cycode.plugin.components.toolWindow.updateToolWindowState import com.cycode.plugin.services.cycode -import com.cycode.plugin.services.scanResults -import com.intellij.codeInsight.daemon.DaemonCodeAnalyzer import com.intellij.codeInsight.intention.PriorityAction import com.intellij.codeInsight.intention.impl.BaseIntentionAction import com.intellij.openapi.diagnostic.thisLogger @@ -18,16 +16,16 @@ import javax.swing.Icon class CycodeIgnoreIntentionQuickFix( private val scanType: CliScanType, - private val type: CycodeIgnoreType, + private val type: CliIgnoreType, private val value: String ) : BaseIntentionAction(), PriorityAction, Iconable { override fun getText(): String { with(type) { return when (this) { - CycodeIgnoreType.VALUE -> CycodeBundle.message("ignoreIntentionByValueText", value) - CycodeIgnoreType.RULE -> CycodeBundle.message("ignoreIntentionByRuleText", value) - CycodeIgnoreType.PATH -> CycodeBundle.message("ignoreIntentionByPathText", value) + CliIgnoreType.VALUE -> CycodeBundle.message("ignoreIntentionByValueText", value) + CliIgnoreType.RULE -> CycodeBundle.message("ignoreIntentionByRuleText", value) + CliIgnoreType.PATH -> CycodeBundle.message("ignoreIntentionByPathText", value) } } } @@ -40,28 +38,6 @@ class CycodeIgnoreIntentionQuickFix( return true } - private fun mapTypeToOptionName(type: CycodeIgnoreType): String { - return when (type) { - CycodeIgnoreType.VALUE -> "--by-value" - CycodeIgnoreType.RULE -> "--by-rule" - CycodeIgnoreType.PATH -> "--by-path" - } - } - - private fun applyIgnoreInUi(project: Project) { - // exclude results from the local DB and restart the code analyzer - - val scanResults = scanResults(project) - when (type) { - CycodeIgnoreType.VALUE -> scanResults.excludeResults(byValue = value) - CycodeIgnoreType.RULE -> scanResults.excludeResults(byRuleId = value) - CycodeIgnoreType.PATH -> scanResults.excludeResults(byPath = value) - } - - DaemonCodeAnalyzer.getInstance(project).restart() - updateToolWindowState(project) - } - override fun invoke(project: Project, editor: Editor?, file: PsiFile?) { if (file == null || file != file.originalFile) { /** @@ -75,11 +51,7 @@ class CycodeIgnoreIntentionQuickFix( } thisLogger().warn("Ignore quick fix intention has been invoked") - - // we are removing is from UI first to show how it's blazing fast and then apply it in the background - applyIgnoreInUi(project) - - cycode(project).applyIgnoreFromFileAnnotation(scanType.name.toLowerCase(), mapTypeToOptionName(type), value) + cycode(project).applyIgnoreFromFileAnnotation(scanType, type, value) } override fun getPriority(): PriorityAction.Priority { diff --git a/src/main/kotlin/com/cycode/plugin/intentions/CycodeIgnoreType.kt b/src/main/kotlin/com/cycode/plugin/intentions/CycodeIgnoreType.kt deleted file mode 100644 index 5ac7cd5..0000000 --- a/src/main/kotlin/com/cycode/plugin/intentions/CycodeIgnoreType.kt +++ /dev/null @@ -1,7 +0,0 @@ -package com.cycode.plugin.intentions - -enum class CycodeIgnoreType { - VALUE, - RULE, - PATH -} diff --git a/src/main/kotlin/com/cycode/plugin/services/CycodeService.kt b/src/main/kotlin/com/cycode/plugin/services/CycodeService.kt index 36be695..8a99ae7 100755 --- a/src/main/kotlin/com/cycode/plugin/services/CycodeService.kt +++ b/src/main/kotlin/com/cycode/plugin/services/CycodeService.kt @@ -1,10 +1,13 @@ package com.cycode.plugin.services import com.cycode.plugin.CycodeBundle +import com.cycode.plugin.cli.CliIgnoreType +import com.cycode.plugin.cli.CliScanType import com.cycode.plugin.components.toolWindow.CycodeToolWindowFactory import com.cycode.plugin.components.toolWindow.updateToolWindowState import com.cycode.plugin.components.toolWindow.updateToolWindowStateForAllProjects import com.cycode.plugin.utils.CycodeNotifier +import com.intellij.codeInsight.daemon.DaemonCodeAnalyzer import com.intellij.openapi.Disposable import com.intellij.openapi.components.Service import com.intellij.openapi.diagnostic.thisLogger @@ -139,14 +142,43 @@ class CycodeService(val project: Project) : Disposable { }.queue() } - fun applyIgnoreFromFileAnnotation(optionScanType: String, optionName: String, optionValue: String) { + private fun mapTypeToOptionName(type: CliIgnoreType): String { + return when (type) { + CliIgnoreType.VALUE -> "--by-value" + CliIgnoreType.RULE -> "--by-rule" + CliIgnoreType.PATH -> "--by-path" + } + } + + private fun applyIgnoreInUi(type: CliIgnoreType, value: String) { + // exclude results from the local DB and restart the code analyzer + + val scanResults = scanResults(project) + when (type) { + CliIgnoreType.VALUE -> scanResults.excludeResults(byValue = value) + CliIgnoreType.RULE -> scanResults.excludeResults(byRuleId = value) + CliIgnoreType.PATH -> scanResults.excludeResults(byPath = value) + } + + DaemonCodeAnalyzer.getInstance(project).restart() + updateToolWindowState(project) + } + + fun applyIgnoreFromFileAnnotation(scanType: CliScanType, type: CliIgnoreType, value: String) { + // we are removing is from UI first to show how it's blazing fast and then apply it in the background + applyIgnoreInUi(type, value) + object : Task.Backgroundable(project, CycodeBundle.message("ignoresApplying"), true) { override fun run(indicator: ProgressIndicator) { if (!pluginState.cliAuthed) { return } - cliService.ignore(optionScanType, optionName, optionValue, cancelledCallback = { indicator.isCanceled }) + cliService.ignore( + scanType.name.toLowerCase(), + mapTypeToOptionName(type), + value, + cancelledCallback = { indicator.isCanceled }) } }.queue() } diff --git a/src/main/resources/messages/CycodeBundle.properties b/src/main/resources/messages/CycodeBundle.properties index fe83786..3090628 100755 --- a/src/main/resources/messages/CycodeBundle.properties +++ b/src/main/resources/messages/CycodeBundle.properties @@ -119,6 +119,7 @@ secretViolationCardHeaderFileField=In file: secretViolationCardHeaderShaField=Secret SHA: secretViolationCardSummaryTitle=Summary secretViolationCardCompanyGuidelinesTitle=Company Guidelines +secretViolationCardIgnoreViolationBtn=Ignore this violation # iac violation card iacViolationCardHeaderRuleIdField=Rule ID: iacViolationCardHeaderFileField=In file: