Merge pull request #1473 from presidentbeef/add_text_format_option

Add --text-fields option
presidentbeef · Apr 15, 2020 · d2b1b95 · d2b1b95
2 parents 064070d + 6c73813
commit d2b1b95
Show file tree

Hide file tree

Showing 4 changed files with 101 additions and 17 deletions.
diff --git a/lib/brakeman/options.rb b/lib/brakeman/options.rb
@@ -301,6 +301,22 @@ def create_option_parser options
           options[:github_repo] = repo
         end
 
+        opts.on "--text-fields field1,field2,etc.", Array, "Specify fields for text report format" do |format|
+          valid_options = [:category, :category_id, :check, :code, :confidence, :file, :fingerprint, :line, :link, :message, :render_path]
+
+          options[:text_fields] = format.map(&:to_sym)
+
+          if options[:text_fields] == [:all]
+            options[:text_fields] = valid_options
+          else
+            invalid_options = (options[:text_fields] - valid_options)
+
+            unless invalid_options.empty?
+              raise OptionParser::ParseError, "\nInvalid format options: #{invalid_options.inspect}"
+            end
+          end
+        end
+
         opts.on "-w",
           "--confidence-level LEVEL",
           ["1", "2", "3"],

diff --git a/lib/brakeman/report/report_text.rb b/lib/brakeman/report/report_text.rb
@@ -145,24 +145,45 @@ def generate_templates
   end
 
   def output_warning w
-    out = [
-      label('Confidence', confidence(w.confidence)),
-      label('Category', w.warning_type.to_s),
-      label('Check', w.check.gsub(/^Brakeman::Check/, '')),
+    text_format = tracker.options[:text_fields] ||
+      [:confidence, :category, :check, :message, :code, :file, :line]
+
+    text_format.map do |option|
+      format_line(w, option)
+    end.compact
+  end
+
+  def format_line w, option
+    case option
+    when :confidence
+      label('Confidence', confidence(w.confidence))
+    when :category
+      label('Category', w.warning_type.to_s)
+    when :check
+      label('Check', w.check.gsub(/^Brakeman::Check/, ''))
+    when :message
       label('Message', w.message)
-    ]
-
-    if w.code
-      out << label('Code', format_code(w))
-    end
-
-    out << label('File', warning_file(w))
-
-    if w.line
-      out << label('Line', w.line)
+    when :code
+      if w.code
+        label('Code', format_code(w))
+      end
+    when :file
+      label('File', warning_file(w))
+    when :line
+      if w.line
+        label('Line', w.line)
+      end
+    when :link
+      label('Link', w.link)
+    when :fingerprint
+      label('Fingerprint', w.fingerprint)
+    when :category_id
+      label('Category ID', w.warning_code)
+    when :render_path
+      if w.called_from
+        label('Render Path', w.called_from.join(" > "))
+      end
     end
-
-    out
   end
 
   def double_space title, values

diff --git a/test/tests/options.rb b/test/tests/options.rb
@@ -342,6 +342,12 @@ def test_summary_options
     assert_equal :no_summary, options[:summary_only]
   end
 
+  def test_text_report_fields
+    assert_raises OptionParser::ParseError do
+      setup_options_from_input("--text-fields", "not_a_real_field")
+    end
+  end
+
   private
 
   def setup_options_from_input(*args)

diff --git a/test/tests/report_generation.rb b/test/tests/report_generation.rb
@@ -3,7 +3,7 @@
 
 class TestReportGeneration < Minitest::Test
   def setup
-    @@tracker ||= Brakeman.run(:app_path => "#{TEST_PATH}/apps/rails4", :quiet => true, :report_routes => true)
+    @@tracker ||= Brakeman.run(:app_path => "#{TEST_PATH}/apps/rails4", :quiet => true, :report_routes => true, :output_color => false)
     @@report ||= @@tracker.report
   end
 
@@ -83,6 +83,47 @@ def test_text_debug_sanity
     @@tracker.options[:debug] = false
   end
 
+  def test_text_format_all
+    require 'brakeman/options'
+
+    options, _ = Brakeman::Options.parse(["--text-fields", "all"])
+    tracker = Brakeman.run(:app_path => "#{TEST_PATH}/apps/rails5", :quiet => true, :report_routes => true, :text_fields => options[:text_fields], :output_color => false)
+    report = tracker.report.to_s
+
+    assert_includes report, "Confidence:"
+    assert_includes report, "Category:"
+    assert_includes report, "Category ID:"
+    assert_includes report, "Check:"
+    assert_includes report, "Code:"
+    assert_includes report, "File:"
+    assert_includes report, "Fingerprint:"
+    assert_includes report, "Line:"
+    assert_includes report, "Link:"
+    assert_includes report, "Message:"
+    assert_includes report, "Render Path:"
+  end
+
+  def test_text_format
+    @@tracker.options[:text_fields] =
+      [:confidence, :category, :category_id, :code, :fingerprint, :line]
+
+    report = @@report.to_s
+
+    assert_includes report, "Confidence:"
+    assert_includes report, "Category:"
+    assert_includes report, "Category ID:"
+    assert_includes report, "Code:"
+    assert_includes report, "Fingerprint:"
+    assert_includes report, "Line:"
+    refute_includes report, "Check:"
+    refute_includes report, "File:"
+    refute_includes report, "Link:"
+    refute_includes report, "Message:"
+    refute_includes report, "Render Path:"
+  ensure
+    @@tracker.options.delete(:text_fields)
+  end
+
   def test_markdown_sanity
     report = @@report.to_markdown