From a98f68870e90d5d199b81ad9d085f9b064bb163b Mon Sep 17 00:00:00 2001
From: Daniel Patanin <Daniel.Patanin@iteratec.com>
Date: Wed, 17 Apr 2019 15:45:48 +0200
Subject: [PATCH 1/8] Wrapper for Wordpress scanner.

---
 scb-engine/pom.xml                            |   6 +
 scb-scanprocesses/pom.xml                     |   3 +-
 scb-scanprocesses/wordpress-process/pom.xml   |  53 ++++
 .../scanprocess/ProcessInitConfiguration.java |  36 +++
 .../src/main/resources/META-INF/processes.xml |   0
 .../resources/bpmn/wordpress_process.bpmn     | 197 +++++++++++++++
 .../forms/wordpress/approve-results.html      | 120 +++++++++
 .../forms/wordpress/configure-target.html     | 127 ++++++++++
 .../test/WordpressProcessTest.java            | 231 ++++++++++++++++++
 .../src/test/resources/camunda.cfg.xml        |  14 ++
 .../src/test/resources/logback-test.xml       |  27 ++
 11 files changed, 813 insertions(+), 1 deletion(-)
 create mode 100644 scb-scanprocesses/wordpress-process/pom.xml
 create mode 100644 scb-scanprocesses/wordpress-process/src/main/java/io/securecodebox/scanprocess/ProcessInitConfiguration.java
 create mode 100644 scb-scanprocesses/wordpress-process/src/main/resources/META-INF/processes.xml
 create mode 100644 scb-scanprocesses/wordpress-process/src/main/resources/bpmn/wordpress_process.bpmn
 create mode 100644 scb-scanprocesses/wordpress-process/src/main/resources/forms/wordpress/approve-results.html
 create mode 100644 scb-scanprocesses/wordpress-process/src/main/resources/forms/wordpress/configure-target.html
 create mode 100644 scb-scanprocesses/wordpress-process/src/test/java/io/securecodebox/scanprocess/test/WordpressProcessTest.java
 create mode 100644 scb-scanprocesses/wordpress-process/src/test/resources/camunda.cfg.xml
 create mode 100644 scb-scanprocesses/wordpress-process/src/test/resources/logback-test.xml

diff --git a/scb-engine/pom.xml b/scb-engine/pom.xml
index a0325da1..fbe9067b 100644
--- a/scb-engine/pom.xml
+++ b/scb-engine/pom.xml
@@ -195,6 +195,12 @@
                     <version>1.0-SNAPSHOT</version>
                     <scope>runtime</scope>
                 </dependency>
+                <dependency>
+                    <groupId>io.securecodebox.scanprocesses</groupId>
+                    <artifactId>wordpress-process</artifactId>
+                    <version>1.0-SNAPSHOT</version>
+                    <scope>runtime</scope>
+                </dependency>
                 <dependency>
                     <groupId>io.securecodebox.persistenceproviders</groupId>
                     <artifactId>elasticsearch-persistenceprovider</artifactId>
diff --git a/scb-scanprocesses/pom.xml b/scb-scanprocesses/pom.xml
index 6079d5da..0d8cc6b8 100644
--- a/scb-scanprocesses/pom.xml
+++ b/scb-scanprocesses/pom.xml
@@ -23,7 +23,8 @@
         <module>combined-amass-nmap-process</module>
         <module>arachni-process</module>
         <module>amass-process</module>
-    <module>ssh-process</module>
+        <module>ssh-process</module>
+        <module>wordpress-process</module>
   </modules>
 
 </project>
\ No newline at end of file
diff --git a/scb-scanprocesses/wordpress-process/pom.xml b/scb-scanprocesses/wordpress-process/pom.xml
new file mode 100644
index 00000000..0d04a9f4
--- /dev/null
+++ b/scb-scanprocesses/wordpress-process/pom.xml
@@ -0,0 +1,53 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <parent>
+        <groupId>io.securecodebox.scanprocesses</groupId>
+        <artifactId>default-process-collection</artifactId>
+        <version>0.0.1-SNAPSHOT</version>
+    </parent>
+
+    <groupId>io.securecodebox.scanprocesses</groupId>
+    <artifactId>wordpress-process</artifactId>
+    <version>1.0-SNAPSHOT</version>
+
+    <dependencies>
+        <dependency>
+            <groupId>io.securecodebox.core</groupId>
+            <artifactId>sdk</artifactId>
+            <version>${project.parent.version}</version>
+        </dependency>
+
+        <!-- Test Dependencies -->
+        <dependency>
+            <groupId>com.h2database</groupId>
+            <artifactId>h2</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.camunda.bpm.springboot</groupId>
+            <artifactId>camunda-bpm-spring-boot-starter-test</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.camunda.bpm.extension.mockito</groupId>
+            <artifactId>camunda-bpm-mockito</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.camunda.bpm.extension</groupId>
+            <artifactId>camunda-bpm-assert-scenario</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.camunda.bpm.extension</groupId>
+            <artifactId>camunda-bpm-process-test-coverage</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.camunda.bpm.extension</groupId>
+            <artifactId>camunda-bpm-assert</artifactId>
+        </dependency>
+    </dependencies>
+
+</project>
diff --git a/scb-scanprocesses/wordpress-process/src/main/java/io/securecodebox/scanprocess/ProcessInitConfiguration.java b/scb-scanprocesses/wordpress-process/src/main/java/io/securecodebox/scanprocess/ProcessInitConfiguration.java
new file mode 100644
index 00000000..6912cde3
--- /dev/null
+++ b/scb-scanprocesses/wordpress-process/src/main/java/io/securecodebox/scanprocess/ProcessInitConfiguration.java
@@ -0,0 +1,36 @@
+/*
+ *
+ *  SecureCodeBox (SCB)
+ *  Copyright 2015-2018 iteratec GmbH
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  	http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ * /
+ */
+
+package io.securecodebox.scanprocess;
+
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Configuration;
+
+/**
+ * The secureCodeBox by default only scans for components in the package io.securecodebox.scanprocess.
+ * <p>
+ * This configuration ensures that your defined package package also gets scanned, please don't move or remove this configuration.
+ *
+ * @author Rüdiger Heins - iteratec GmbH
+ * @since 09.05.18
+ */
+@ComponentScan("io.securecodebox.scanprocesses")
+@Configuration
+public class ProcessInitConfiguration {
+}
diff --git a/scb-scanprocesses/wordpress-process/src/main/resources/META-INF/processes.xml b/scb-scanprocesses/wordpress-process/src/main/resources/META-INF/processes.xml
new file mode 100644
index 00000000..e69de29b
diff --git a/scb-scanprocesses/wordpress-process/src/main/resources/bpmn/wordpress_process.bpmn b/scb-scanprocesses/wordpress-process/src/main/resources/bpmn/wordpress_process.bpmn
new file mode 100644
index 00000000..bc86da49
--- /dev/null
+++ b/scb-scanprocesses/wordpress-process/src/main/resources/bpmn/wordpress_process.bpmn
@@ -0,0 +1,197 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<bpmn:definitions xmlns:bpmn="http://www.omg.org/spec/BPMN/20100524/MODEL" xmlns:bpmndi="http://www.omg.org/spec/BPMN/20100524/DI" xmlns:di="http://www.omg.org/spec/DD/20100524/DI" xmlns:dc="http://www.omg.org/spec/DD/20100524/DC" xmlns:camunda="http://camunda.org/schema/1.0/bpmn" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" id="Definitions_1" targetNamespace="http://bpmn.io/schema/bpmn" exporter="Camunda Modeler" exporterVersion="1.12.0">
+  <bpmn:process id="wordpress-process" name="WordPress Scan" isExecutable="true" camunda:versionTag="3" camunda:historyTimeToLive="30">
+    <bpmn:startEvent id="StartEvent_Configure" name="target configured" camunda:formKey="embedded:app:forms/wordpress/configure-target.html">
+      <bpmn:extensionElements>
+        <camunda:executionListener delegateExpression="${checkForAutomatedRunListener}" event="start" />
+        <camunda:formData>
+          <camunda:formField id="DEFAULT_CONTEXT" type="string" defaultValue="${propertyValueProvider.defaultContext}" />
+          <camunda:formField id="DEFAULT_TARGET_NAME" type="string" defaultValue="${propertyValueProvider.defaultTargetName}" />
+          <camunda:formField id="DEFAULT_TARGET_LOCATION" type="string" defaultValue="${propertyValueProvider.defaultTargetLocation}" />
+          <camunda:formField id="DEFAULT_TARGET_URI" type="string" defaultValue="${propertyValueProvider.defaultTargetUri}" />
+        </camunda:formData>
+      </bpmn:extensionElements>
+      <bpmn:outgoing>SequenceFlow_TargetConfigured</bpmn:outgoing>
+    </bpmn:startEvent>
+    <bpmn:sequenceFlow id="SequenceFlow_TargetConfigured" sourceRef="StartEvent_Configure" targetRef="ServiceTask_DoScan" />
+    <bpmn:endEvent id="EndEvent_FinishedPortscan" name="WordPress Scan finished">
+      <bpmn:incoming>SequenceFlow_SummaryCreated</bpmn:incoming>
+    </bpmn:endEvent>
+    <bpmn:sequenceFlow id="SequenceFlow_PortscanFinished" name="finished&#10;&#10;" sourceRef="ServiceTask_DoScan" targetRef="ExclusiveGateway_AutomatedFinish" />
+    <bpmn:sequenceFlow id="SequenceFlow_ResultReviewed" name="result reviewed" sourceRef="UserTask_ApproveResults" targetRef="ExclusiveGateway_ResultApproved" />
+    <bpmn:userTask id="UserTask_ApproveResults" name="Review scan results" camunda:formKey="embedded:app:forms/wordpress/approve-results.html" camunda:candidateGroups="_securebox_admin, _securebox_productowner, _securebox_developer, approver">
+      <bpmn:extensionElements>
+        <camunda:formData />
+      </bpmn:extensionElements>
+      <bpmn:incoming>SequenceFlow_ManualFinish</bpmn:incoming>
+      <bpmn:outgoing>SequenceFlow_ResultReviewed</bpmn:outgoing>
+    </bpmn:userTask>
+    <bpmn:exclusiveGateway id="ExclusiveGateway_ResultApproved" name="Is scan result approved?">
+      <bpmn:incoming>SequenceFlow_ResultReviewed</bpmn:incoming>
+      <bpmn:outgoing>SequenceFlow_ResultApproved</bpmn:outgoing>
+      <bpmn:outgoing>SequenceFlow_ResultRejected</bpmn:outgoing>
+    </bpmn:exclusiveGateway>
+    <bpmn:sequenceFlow id="SequenceFlow_ResultApproved" name="result approved" sourceRef="ExclusiveGateway_ResultApproved" targetRef="ServiceTask_CreateSummary">
+      <bpmn:conditionExpression xsi:type="bpmn:tFormalExpression"><![CDATA[${PROCESS_RESULT_APPROVED == 'approved'}]]></bpmn:conditionExpression>
+    </bpmn:sequenceFlow>
+    <bpmn:exclusiveGateway id="ExclusiveGateway_AutomatedFinish" name="is automated run?">
+      <bpmn:incoming>SequenceFlow_PortscanFinished</bpmn:incoming>
+      <bpmn:outgoing>SequenceFlow_ManualFinish</bpmn:outgoing>
+      <bpmn:outgoing>SequenceFlow_AutomatedFinish</bpmn:outgoing>
+    </bpmn:exclusiveGateway>
+    <bpmn:sequenceFlow id="SequenceFlow_ManualFinish" name="manual finish&#10;&#10;" sourceRef="ExclusiveGateway_AutomatedFinish" targetRef="UserTask_ApproveResults">
+      <bpmn:conditionExpression xsi:type="bpmn:tFormalExpression">${PROCESS_AUTOMATED == false}</bpmn:conditionExpression>
+    </bpmn:sequenceFlow>
+    <bpmn:sequenceFlow id="SequenceFlow_AutomatedFinish" name="automated finish" sourceRef="ExclusiveGateway_AutomatedFinish" targetRef="ServiceTask_CreateSummary">
+      <bpmn:conditionExpression xsi:type="bpmn:tFormalExpression">${PROCESS_AUTOMATED == true}</bpmn:conditionExpression>
+    </bpmn:sequenceFlow>
+    <bpmn:serviceTask id="ServiceTask_DoScan" name="Run the scan" camunda:asyncBefore="true" camunda:type="external" camunda:topic="wordpress_webserverscan">
+      <bpmn:extensionElements />
+      <bpmn:incoming>SequenceFlow_TargetConfigured</bpmn:incoming>
+      <bpmn:outgoing>SequenceFlow_PortscanFinished</bpmn:outgoing>
+    </bpmn:serviceTask>
+    <bpmn:sequenceFlow id="SequenceFlow_SummaryCreated" name="summary created" sourceRef="ServiceTask_CreateSummary" targetRef="EndEvent_FinishedPortscan" />
+    <bpmn:serviceTask id="ServiceTask_CreateSummary" name="Create Report Summary" camunda:asyncBefore="true" camunda:delegateExpression="${summaryGeneratorDelegate}">
+      <bpmn:extensionElements />
+      <bpmn:incoming>SequenceFlow_ResultApproved</bpmn:incoming>
+      <bpmn:incoming>SequenceFlow_1i44eck</bpmn:incoming>
+      <bpmn:incoming>SequenceFlow_AutomatedFinish</bpmn:incoming>
+      <bpmn:outgoing>SequenceFlow_SummaryCreated</bpmn:outgoing>
+    </bpmn:serviceTask>
+    <bpmn:dataObjectReference id="DataObjectReference_0vhjx0n" name="PROCESS_FINDINGS" dataObjectRef="DataObject_0lpf2y8" />
+    <bpmn:dataObject id="DataObject_0lpf2y8" />
+    <bpmn:sequenceFlow id="SequenceFlow_ResultRejected" name="result rejected" sourceRef="ExclusiveGateway_ResultApproved" targetRef="DoesNothingTask">
+      <bpmn:conditionExpression xsi:type="bpmn:tFormalExpression"><![CDATA[${PROCESS_RESULT_APPROVED == 'disapproved'}]]></bpmn:conditionExpression>
+    </bpmn:sequenceFlow>
+    <bpmn:task id="DoesNothingTask" name="Does Nothing">
+      <bpmn:incoming>SequenceFlow_ResultRejected</bpmn:incoming>
+      <bpmn:outgoing>SequenceFlow_1i44eck</bpmn:outgoing>
+    </bpmn:task>
+    <bpmn:sequenceFlow id="SequenceFlow_1i44eck" sourceRef="DoesNothingTask" targetRef="ServiceTask_CreateSummary" />
+    <bpmn:textAnnotation id="TextAnnotation_0lm3esn">
+      <bpmn:text>results in a generic format</bpmn:text>
+    </bpmn:textAnnotation>
+    <bpmn:association id="Association_16qrr9w" sourceRef="DataObjectReference_0vhjx0n" targetRef="TextAnnotation_0lm3esn" />
+  </bpmn:process>
+  <bpmndi:BPMNDiagram id="BPMNDiagram_1">
+    <bpmndi:BPMNPlane id="BPMNPlane_1" bpmnElement="wordpress-process">
+      <bpmndi:BPMNShape id="_BPMNShape_StartEvent_2" bpmnElement="StartEvent_Configure">
+        <dc:Bounds x="28" y="310" width="36" height="36" />
+        <bpmndi:BPMNLabel>
+          <dc:Bounds x="4" y="356" width="83" height="13" />
+        </bpmndi:BPMNLabel>
+      </bpmndi:BPMNShape>
+      <bpmndi:BPMNEdge id="SequenceFlow_093mevy_di" bpmnElement="SequenceFlow_TargetConfigured">
+        <di:waypoint x="64" y="328" />
+        <di:waypoint x="142" y="328" />
+        <bpmndi:BPMNLabel>
+          <dc:Bounds x="58" y="303" width="90" height="20" />
+        </bpmndi:BPMNLabel>
+      </bpmndi:BPMNEdge>
+      <bpmndi:BPMNShape id="EndEvent_07weexy_di" bpmnElement="EndEvent_FinishedPortscan">
+        <dc:Bounds x="1309" y="186" width="36" height="36" />
+        <bpmndi:BPMNLabel>
+          <dc:Bounds x="1357" y="197" width="90" height="12" />
+        </bpmndi:BPMNLabel>
+      </bpmndi:BPMNShape>
+      <bpmndi:BPMNEdge id="SequenceFlow_0kjlgbs_di" bpmnElement="SequenceFlow_PortscanFinished">
+        <di:waypoint x="242" y="328" />
+        <di:waypoint x="437" y="328" />
+        <bpmndi:BPMNLabel>
+          <dc:Bounds x="316" y="420" width="38" height="37" />
+        </bpmndi:BPMNLabel>
+      </bpmndi:BPMNEdge>
+      <bpmndi:BPMNEdge id="SequenceFlow_00fmvcb_di" bpmnElement="SequenceFlow_ResultReviewed">
+        <di:waypoint x="673" y="202" />
+        <di:waypoint x="760" y="204" />
+        <bpmndi:BPMNLabel>
+          <dc:Bounds x="794" y="176" width="74" height="12" />
+        </bpmndi:BPMNLabel>
+      </bpmndi:BPMNEdge>
+      <bpmndi:BPMNShape id="UserTask_0jv6ygb_di" bpmnElement="UserTask_ApproveResults">
+        <dc:Bounds x="573" y="164" width="100" height="80" />
+      </bpmndi:BPMNShape>
+      <bpmndi:BPMNShape id="ExclusiveGateway_0ukn4uh_di" bpmnElement="ExclusiveGateway_ResultApproved" isMarkerVisible="true">
+        <dc:Bounds x="760" y="179" width="50" height="50" />
+        <bpmndi:BPMNLabel>
+          <dc:Bounds x="752" y="239" width="65" height="25" />
+        </bpmndi:BPMNLabel>
+      </bpmndi:BPMNShape>
+      <bpmndi:BPMNEdge id="SequenceFlow_0gjifhk_di" bpmnElement="SequenceFlow_ResultApproved">
+        <di:waypoint x="810" y="204" />
+        <di:waypoint x="1077" y="204" />
+        <bpmndi:BPMNLabel>
+          <dc:Bounds x="999" y="150" width="76" height="13" />
+        </bpmndi:BPMNLabel>
+      </bpmndi:BPMNEdge>
+      <bpmndi:BPMNShape id="ExclusiveGateway_1bzno3f_di" bpmnElement="ExclusiveGateway_AutomatedFinish" isMarkerVisible="true">
+        <dc:Bounds x="437" y="303" width="50" height="50" />
+        <bpmndi:BPMNLabel>
+          <dc:Bounds x="497" y="322" width="89" height="12" />
+        </bpmndi:BPMNLabel>
+      </bpmndi:BPMNShape>
+      <bpmndi:BPMNEdge id="SequenceFlow_17bwrf0_di" bpmnElement="SequenceFlow_ManualFinish">
+        <di:waypoint x="462" y="303" />
+        <di:waypoint x="462" y="204" />
+        <di:waypoint x="573" y="204" />
+        <bpmndi:BPMNLabel>
+          <dc:Bounds x="379" y="246" width="65" height="37" />
+        </bpmndi:BPMNLabel>
+      </bpmndi:BPMNEdge>
+      <bpmndi:BPMNEdge id="SequenceFlow_0s3limw_di" bpmnElement="SequenceFlow_AutomatedFinish">
+        <di:waypoint x="462" y="353" />
+        <di:waypoint x="462" y="456" />
+        <di:waypoint x="1127" y="456" />
+        <di:waypoint x="1127" y="244" />
+        <bpmndi:BPMNLabel>
+          <dc:Bounds x="803" y="503" width="81" height="12" />
+        </bpmndi:BPMNLabel>
+      </bpmndi:BPMNEdge>
+      <bpmndi:BPMNShape id="ServiceTask_0pps66n_di" bpmnElement="ServiceTask_DoScan">
+        <dc:Bounds x="142" y="288" width="100" height="80" />
+      </bpmndi:BPMNShape>
+      <bpmndi:BPMNEdge id="SequenceFlow_150f8k2_di" bpmnElement="SequenceFlow_SummaryCreated">
+        <di:waypoint x="1177" y="204" />
+        <di:waypoint x="1309" y="204" />
+        <bpmndi:BPMNLabel>
+          <dc:Bounds x="1187" y="209" width="85" height="13" />
+        </bpmndi:BPMNLabel>
+      </bpmndi:BPMNEdge>
+      <bpmndi:BPMNShape id="ServiceTask_1foo790_di" bpmnElement="ServiceTask_CreateSummary">
+        <dc:Bounds x="1077" y="164" width="100" height="80" />
+      </bpmndi:BPMNShape>
+      <bpmndi:BPMNShape id="DataObjectReference_0vhjx0n_di" bpmnElement="DataObjectReference_0vhjx0n">
+        <dc:Bounds x="288" y="360" width="36" height="50" />
+        <bpmndi:BPMNLabel>
+          <dc:Bounds x="263" y="331" width="86" height="25" />
+        </bpmndi:BPMNLabel>
+      </bpmndi:BPMNShape>
+      <bpmndi:BPMNShape id="TextAnnotation_0lm3esn_di" bpmnElement="TextAnnotation_0lm3esn">
+        <dc:Bounds x="379" y="420" width="102" height="50" />
+      </bpmndi:BPMNShape>
+      <bpmndi:BPMNEdge id="Association_16qrr9w_di" bpmnElement="Association_16qrr9w">
+        <di:waypoint x="324" y="394" />
+        <di:waypoint x="379" y="420" />
+      </bpmndi:BPMNEdge>
+      <bpmndi:BPMNEdge id="SequenceFlow_1z0e6c0_di" bpmnElement="SequenceFlow_ResultRejected">
+        <di:waypoint x="785" y="179" />
+        <di:waypoint x="785" y="65" />
+        <di:waypoint x="995" y="65" />
+        <bpmndi:BPMNLabel>
+          <dc:Bounds x="849" y="96" width="70" height="13" />
+        </bpmndi:BPMNLabel>
+      </bpmndi:BPMNEdge>
+      <bpmndi:BPMNShape id="Task_1691u70_di" bpmnElement="DoesNothingTask">
+        <dc:Bounds x="995" y="25" width="100" height="80" />
+      </bpmndi:BPMNShape>
+      <bpmndi:BPMNEdge id="SequenceFlow_1i44eck_di" bpmnElement="SequenceFlow_1i44eck">
+        <di:waypoint x="1095" y="65" />
+        <di:waypoint x="1127" y="65" />
+        <di:waypoint x="1127" y="164" />
+        <bpmndi:BPMNLabel>
+          <dc:Bounds x="1066" y="43.5" width="90" height="13" />
+        </bpmndi:BPMNLabel>
+      </bpmndi:BPMNEdge>
+    </bpmndi:BPMNPlane>
+  </bpmndi:BPMNDiagram>
+</bpmn:definitions>
diff --git a/scb-scanprocesses/wordpress-process/src/main/resources/forms/wordpress/approve-results.html b/scb-scanprocesses/wordpress-process/src/main/resources/forms/wordpress/approve-results.html
new file mode 100644
index 00000000..d556aa21
--- /dev/null
+++ b/scb-scanprocesses/wordpress-process/src/main/resources/forms/wordpress/approve-results.html
@@ -0,0 +1,120 @@
+<!--
+  ~ /*
+  ~ * SecureCodeBox (SCB)
+  ~ * Copyright 2015-2018 iteratec GmbH
+  ~ *
+  ~ * Licensed under the Apache License, Version 2.0 (the "License");
+  ~ * you may not use this file except in compliance with the License.
+  ~ * You may obtain a copy of the License at
+  ~ *
+  ~ * 	http://www.apache.org/licenses/LICENSE-2.0
+  ~ *
+  ~ * Unless required by applicable law or agreed to in writing, software
+  ~ * distributed under the License is distributed on an "AS IS" BASIS,
+  ~ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  ~ * See the License for the specific language governing permissions and
+  ~ * limitations under the License.
+  ~ */
+  -->
+
+<form role="form" name="configure-reporting">
+
+    <script cam-script type="text/form-script">
+        camForm.on('form-loaded', function () {
+
+            camForm.variableManager.fetchVariable('PROCESS_CONTEXT');
+            camForm.variableManager.fetchVariable('PROCESS_TARGETS');
+            camForm.variableManager.fetchVariable('PROCESS_FINDINGS');
+            camForm.variableManager.fetchVariable('PROCESS_SCANNER_ID');
+        });
+
+        camForm.on('variables-restored', function () {
+            $scope.context = camForm.variableManager.variableValue('PROCESS_CONTEXT');
+
+            $scope.scannerId = camForm.variableManager.variableValue('PROCESS_SCANNER_ID');
+            $scope.scannerResult = JSON.parse(camForm.variableManager.variableValue('PROCESS_FINDINGS'));
+            $scope.scannerTargets = JSON.parse(camForm.variableManager.variableValue('PROCESS_TARGETS'));
+        });
+    </script>
+    <div ng-repeat="target in scannerTargets">
+        <h2>WordPress scan results for "{{ target.name }}"</h2>
+
+        <div class="row">
+            <div class="col-xs-2"><label>Scanner Id:</label></div>
+            <div class="col-xs-10">{{ scannerId }}</div>
+        </div>
+        <div class="row">
+            <div class="col-xs-2"><label>Target Location:</label></div>
+            <div class="col-xs-10">{{ target.location }}</div>
+        </div>
+        <div class="row">
+            <div class="col-xs-2"><label>Business Context:</label></div>
+            <div class="col-xs-10">{{ context }}</div>
+        </div>
+        <div class="row">
+            <div class="col-xs-12">
+                <div class="well well-sm"
+                     style="color: inherit;">
+                    <table class="table table-striped">
+                        <tr>
+                            <th>Host:</th>
+                            <th>Name:</th>
+                            <th>Category:</th>
+                            <th>Severity:</th>
+                            <th>Reference:</th>
+                        </tr>
+                        <tr class="danger" ng-repeat="result in scannerResult">
+                            <td>{{ result.location }}</td>
+                            <td>{{ result.name }}</td>
+                            <td>{{ result.category }}</td>
+                            <td>
+                                <div ng-switch on="result.severity">
+                                <span class="label label-danger" ng-switch-when="HIGH">
+                                    <i aria-hidden="true"
+                                       class="glyphicon glyphicon-fire"></i>
+                                    {{ result.severity }}
+                                </span>
+
+                                    <span class="label label-warning" ng-switch-when="MEDIUM">
+                                    <i aria-hidden="true"
+                                       class="glyphicon glyphicon glyphicon-alert"></i>
+                                    {{ result.severity }}
+                                </span>
+
+                                    <span class="label label-primary" ng-switch-when="LOW">
+                                    <i aria-hidden="true"
+                                       class="glyphicon glyphicon-warning-sign"></i>
+                                    {{ result.severity }}
+                                </span>
+
+                                    <span class="label label-default" ng-switch-default>
+                                    <i aria-hidden="true"
+                                       class="glyphicon glyphicon-education"></i>
+                                    {{ result.severity }}
+                                </span>
+                                </div>
+                            </td>
+                            <td>{{ result.reference.id }}</td>
+                        </tr>
+                    </table>
+                </div>
+            </div>
+        </div>
+    </div>
+    <h2>Approve Result</h2>
+    <!-- reporting configuration -->
+    <div class="form-group">
+        <label for="selectResultApproved">Approve Result</label>
+        <div id="selectResultApproved" class="controls">
+            <!--select box -->
+            <select required
+                    class="form-control"
+                    name="resultApproved"
+                    cam-variable-name="PROCESS_RESULT_APPROVED"
+                    cam-variable-type="String">
+                <option value="approved" checked>Approved (finished)</option>
+                <option value="disapproved">Not Approved (finished)</option>
+            </select>
+        </div>
+    </div>
+</form>
diff --git a/scb-scanprocesses/wordpress-process/src/main/resources/forms/wordpress/configure-target.html b/scb-scanprocesses/wordpress-process/src/main/resources/forms/wordpress/configure-target.html
new file mode 100644
index 00000000..6fc2b296
--- /dev/null
+++ b/scb-scanprocesses/wordpress-process/src/main/resources/forms/wordpress/configure-target.html
@@ -0,0 +1,127 @@
+<!--
+  ~ /*
+  ~ * SecureCodeBox (SCB)
+  ~ * Copyright 2015-2018 iteratec GmbH
+  ~ *
+  ~ * Licensed under the Apache License, Version 2.0 (the "License");
+  ~ * you may not use this file except in compliance with the License.
+  ~ * You may obtain a copy of the License at
+  ~ *
+  ~ * 	http://www.apache.org/licenses/LICENSE-2.0
+  ~ *
+  ~ * Unless required by applicable law or agreed to in writing, software
+  ~ * distributed under the License is distributed on an "AS IS" BASIS,
+  ~ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  ~ * See the License for the specific language governing permissions and
+  ~ * limitations under the License.
+  ~ */
+  -->
+
+<h2>Please configure the WordPress Scan</h2>
+
+<form role="form" name="configure-target">
+
+    <script cam-script type="text/form-script">
+        camForm.on('form-loaded', function () {
+            camForm.variableManager.fetchVariable('DEFAULT_CONTEXT');
+            camForm.variableManager.fetchVariable('DEFAULT_TARGET_NAME');
+            camForm.variableManager.fetchVariable('DEFAULT_TARGET_LOCATION');
+            camForm.variableManager.fetchVariable('DEFAULT_TARGET_URI');
+        });
+
+        camForm.on('variables-fetched', function () {
+            $scope.context = camForm.variableManager.variableValue('DEFAULT_CONTEXT');
+
+            $scope.targetList = [{
+                name: camForm.variableManager.variableValue('DEFAULT_TARGET_NAME'),
+                location: camForm.variableManager.variableValue('DEFAULT_TARGET_LOCATION')
+            }];
+
+            $scope.addTarget = function () {
+                $scope.targetList.push({'name':'', 'location': ''});
+            };
+
+            $scope.checkForEnter = function ($event) {
+                if ($event.key === 'Enter') {
+                    $scope.addTarget();
+                    $event.stopPropagation();
+                    $event.preventDefault();
+                }
+            };
+        });
+
+        camForm.on('submit', function () {
+            camForm.variableManager.createVariable({
+                name: 'PROCESS_TARGETS',
+                type: 'Object',
+                value: JSON.stringify($scope.targetList),
+                valueInfo: {
+                    serializationDataFormat: 'application/json',
+                    objectTypeName: 'java.lang.String'
+                }
+            });
+        });
+
+    </script>
+
+    <div class="row">
+
+        <div class="col-xs-12">
+            <h3>WordPress scan Target</h3>
+
+            <!-- Target Hosts -->
+            <div class="form-group">
+                <div class="controls row form-group" ng-repeat="target in targetList track by $index">
+                    <div class="col-xs-5">
+                        <label>Target Name</label>
+                        <input required class="form-control"
+                               type="text"
+                               placeholder="Public Site Name"
+                               ng-minlength="2"
+                               ng-maxlength="30"
+                               ng-model="target.name"/>
+                    </div>
+                    <div class="col-xs-6">
+                        <label>Target Hosts</label>
+                        <input required class="form-control"
+                               type="text"
+                               placeholder="Hostname/IP address"
+                               ng-minlength="3"
+                               ng-maxlength="100"
+                               ng-model="target.location"
+                               ng-keydown="checkForEnter($event)"
+                        />
+                    </div>
+                    <div class="col-xs-1">
+                        <button class="btn btn-danger btn-lg"
+                                ng-click="targetList.splice($index, 1)"
+                                ng-disabled="targetList.length === 1"
+                                style="position: absolute; right: 15px; top: 0;">
+                            <span class="glyphicon glyphicon-trash"></span>
+                        </button>
+                    </div>
+                </div>
+                <button class="btn btn-primary" ng-click="addTarget()">Add Host</button>
+                <code class="hidden">{{ targetList }}</code>
+            </div>
+
+            <!-- Context (Project/Team/System...) -->
+            <div class="form-group">
+                <label for="inputContext">Business Context (Project/Team/System)</label>
+                <div class="controls">
+                    <input class="form-control"
+                           id="inputContext"
+                           cam-variable-type="String"
+                           cam-variable-name="PROCESS_CONTEXT"
+                           type="text"
+                           placeholder="Project/Team/System"
+                           ng-required="false"
+                           ng-maxlength="50"
+                           ng-model="context"
+                           name="context" />
+                </div>
+            </div>
+
+        </div>
+    </div>
+</form>
diff --git a/scb-scanprocesses/wordpress-process/src/test/java/io/securecodebox/scanprocess/test/WordpressProcessTest.java b/scb-scanprocesses/wordpress-process/src/test/java/io/securecodebox/scanprocess/test/WordpressProcessTest.java
new file mode 100644
index 00000000..02a4d65b
--- /dev/null
+++ b/scb-scanprocesses/wordpress-process/src/test/java/io/securecodebox/scanprocess/test/WordpressProcessTest.java
@@ -0,0 +1,231 @@
+/*
+ *
+ *  SecureCodeBox (SCB)
+ *  Copyright 2015-2018 iteratec GmbH
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  	http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ * /
+ */
+
+package io.securecodebox.scanprocess.test;
+
+import io.securecodebox.constants.DefaultFields;
+import io.securecodebox.scanprocess.delegate.SummaryGeneratorDelegate;
+import org.camunda.bpm.engine.ExternalTaskService;
+import org.camunda.bpm.engine.delegate.DelegateTask;
+import org.camunda.bpm.engine.delegate.Expression;
+import org.camunda.bpm.engine.delegate.TaskListener;
+import org.camunda.bpm.engine.externaltask.LockedExternalTask;
+import org.camunda.bpm.engine.runtime.ProcessInstance;
+import org.camunda.bpm.engine.test.Deployment;
+import org.camunda.bpm.engine.test.ProcessEngineRule;
+import org.camunda.bpm.engine.test.mock.Mocks;
+import org.camunda.bpm.extension.process_test_coverage.junit.rules.TestCoverageProcessEngineRuleBuilder;
+import org.camunda.bpm.scenario.ProcessScenario;
+import org.camunda.bpm.scenario.Scenario;
+import org.camunda.bpm.scenario.delegate.ExternalTaskDelegate;
+import org.camunda.bpm.scenario.delegate.TaskDelegate;
+import org.junit.Before;
+import org.junit.ClassRule;
+import org.junit.Ignore;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.Mock;
+import org.mockito.Mockito;
+import org.mockito.MockitoAnnotations;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import static org.camunda.bpm.engine.test.assertions.ProcessEngineTests.*;
+import static org.camunda.bpm.extension.mockito.CamundaMockito.autoMock;
+import static org.mockito.Mockito.when;
+
+/**
+ * This class tests the process execution of the Default-Process BPMN Model
+ * It verifies that each process task is called when it's supposed to be and
+ * delegation code is executed at the right time
+ * <p>
+ * The tests run in an own Camunda engine which is defined by the camunda.cfg.xml in the resources directory
+ * <p>
+ * The test cases use Camunda BPM's standard framework as well as the
+ * Camunda BPM Assert extension (<a href="https://github.com/camunda/camunda-bpm-assert")/>),
+ * camunda-bpm-mockito (<a href="https://github.com/camunda/camunda-bpm-mockito"/>)
+ * and the Camunda BPM Assert Scenario extension (<a href="https://github.com/camunda/camunda-bpm-assert-scenario"/>)
+ * <p>
+ * Furthermore this class also uses the Camunda BPM Process Test Coverage extension
+ * (<a href="https://github.com/camunda/camunda-bpm-process-test-coverage"/>).
+ * After the test is run we can examine the test coverage in the directory target/process-test-coverage
+ */
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@Deployment(resources = "bpmn/wordpress_process.bpmn")
+
+@Ignore("Ignored until problems with camunda testing frameworks are handled. Introduces via update to camunda 7.10")
+public class WordpressProcessTest {
+
+    //Define the Process Activity IDs
+    private static final String PROCESS_ID = "wordpress-process";
+    private static final String DO_SCAN_TASK_ID = "ServiceTask_DoScan";
+    private static final String CREATE_REPORT_TASK_ID = "ServiceTask_CreateSummary";
+    private static final String APPROVE_RESULTS_TASK_ID = "UserTask_ApproveResults";
+
+    private final Map<String, Object> defaultVariables = new HashMap<>();
+
+    @Rule
+    @ClassRule
+    public static ProcessEngineRule processEngineRule = TestCoverageProcessEngineRuleBuilder.create().build();
+
+    @Mock
+    private ProcessScenario process;
+
+    @Mock
+    SummaryGeneratorDelegate delegate;
+
+    /**
+     * Executed before every test-case
+     * In this method default variables for the process and a default behaviour for the mocks
+     * in the process are defined+
+     */
+    @Before
+    public void init() {
+
+        MockitoAnnotations.initMocks(this);
+
+        //Creating a map of default variables for the process
+        defaultVariables.put(DefaultFields.PROCESS_AUTOMATED.name(), true);
+        defaultVariables.put(DefaultFields.PROCESS_CONTEXT.name(), "BodgeIT");
+
+        /*
+        Mocking everything in the BPMN Model
+        This includes ExecutionListeners, TaskListeners, JavaDelegates, etc.
+        Simply stated: Everything, that's executable code
+
+        If you need to define custom behaviour for the Mocks you can do so by
+        registering Mocks with Camunda's method "Mocks.register(String key, Object value)".
+        Here the key describes a delegateExpression (as defined in BPMN model) and the value
+        describes the implementation of the code which should be executed
+        (Hint: You can put the real implementation as well as a fake one in there)
+
+        Note: Most of the mocking methods seem to work only in combination with delegateExpressions
+        but not with class definitions as delegate implementation.
+
+        If you have the path to your executable code (the class for delegate) as delegate implementation
+        then this guide is helpful:
+        https://blog.akquinet.de/2016/11/04/camunda-bpm-test-your-processes-based-on-plain-old-java-delegates/
+         */
+        autoMock("bpmn/wordpress_process.bpmn");
+
+        /*
+        Here we define a default behaviour for all the tasks in the BPMN model.
+        This behaviour can easily be overridden in test cases.
+
+        The code inside the "thenReturn(...)" method specifies what should happen when process execution
+        waits at the given task
+        As a default behaviour we just complete the task and move on to the next one without changing anything
+
+        Note that we have our own mock implementation in the last two when(...) statements.
+        This is because these tasks are external tasks which cannot be as easily completed as
+        ServiceTasks. They need an external worker to do so.
+         */
+        when(process.waitsAtUserTask(Mockito.anyString())).thenReturn(TaskDelegate::complete);
+        when(process.waitsAtServiceTask(Mockito.anyString())).thenReturn(ExternalTaskDelegate::complete);
+        when(process.waitsAtServiceTask(DO_SCAN_TASK_ID)).thenReturn(task -> startExternalMockProcess("wordpress-process"));
+    }
+
+    @Test
+    public void testAutomatedStart_shouldPass() {
+
+        ProcessInstance processInstance = runtimeService().startProcessInstanceByKey(PROCESS_ID, defaultVariables);
+
+        assertThat(processInstance).isStarted();
+    }
+
+    @Test
+    public void testManualStartWithDefaultConfiguration_shouldPass() {
+        ProcessInstance processInstance = runtimeService().startProcessInstanceByKey(PROCESS_ID, defaultVariables);
+
+        assertThat(processInstance).isStarted();
+        assertThat(processInstance).isWaitingAt(DO_SCAN_TASK_ID);
+    }
+
+    @Test
+    public void testManualRunWithApprovedTestResults() {
+
+        Map<String, Object> variables = new HashMap<>(defaultVariables);
+        changeVariable(variables, DefaultFields.PROCESS_AUTOMATED.name(), false);
+
+        when(process.waitsAtUserTask(APPROVE_RESULTS_TASK_ID)).thenReturn(task -> {
+            variables.put(DefaultFields.PROCESS_RESULT_APPROVED.name(), "approved");
+            task.complete(variables);
+        });
+
+            /*
+            Here we register a custom mock.
+            The BPMN model TaskListener takes an injected field variable which cannot be mocked.
+            Therefore we create our own TaskListener with a dummy implementation and which also
+            holds the variable, that should be injected.
+            Then we register our TaskListener with "Mocks.register(...)" and it gets executed when the delegateExpression
+            is called.
+             */
+        Mocks.register("setFormUrlListener", new TaskListener() {
+
+            @Autowired
+            private Expression scanner_type;
+
+            @Override
+            public void notify(DelegateTask delegateTask) {
+            }
+        });
+
+        Scenario scenario = Scenario.run(process).startByKey(PROCESS_ID, variables).execute();
+
+        assertThat(scenario.instance(process)).isEnded();
+        assertThat(scenario.instance(process)).hasPassed(APPROVE_RESULTS_TASK_ID);
+        assertThat(scenario.instance(process)).variables()
+                .containsEntry(DefaultFields.PROCESS_RESULT_APPROVED.name(), "approved");
+    }
+
+    /**
+     * Executes an external process without doing anything in the task.
+     * In the first step the job is executed on the Camunda engine. Therefore the token for the
+     * provided topic gets pushed. Then an external service is called to pull the token and execute the task
+     *
+     * @param topic the topic for the external task
+     */
+    private void startExternalMockProcess(String topic) {
+
+        ExternalTaskService externalTaskService = processEngine().getExternalTaskService();
+        List<LockedExternalTask> lockedExternalTasks = externalTaskService.fetchAndLock(1, "worker")
+                .topic(topic, 5000L)
+                .execute();
+
+        assertThat(lockedExternalTasks.size()).isEqualTo(1);
+
+        LockedExternalTask task = lockedExternalTasks.get(0);
+        externalTaskService.complete(task.getId(), "worker");
+    }
+
+    private void changeVariable(Map<String, Object> variables, String key, Object value) {
+
+        if (variables.containsKey(key)) {
+            variables.remove(key);
+        }
+        variables.put(key, value);
+    }
+
+}
diff --git a/scb-scanprocesses/wordpress-process/src/test/resources/camunda.cfg.xml b/scb-scanprocesses/wordpress-process/src/test/resources/camunda.cfg.xml
new file mode 100644
index 00000000..d5e7d6f9
--- /dev/null
+++ b/scb-scanprocesses/wordpress-process/src/test/resources/camunda.cfg.xml
@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<beans xmlns="http://www.springframework.org/schema/beans"
+       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xsi:schemaLocation="http://www.springframework.org/schema/beans   http://www.springframework.org/schema/beans/spring-beans.xsd">
+
+    <!-- uses an h2 in-memory database for test execution -->
+    <bean id="processEngineConfiguration" class="org.camunda.bpm.extension.process_test_coverage.junit.rules.ProcessCoverageInMemProcessEngineConfiguration">
+
+        <!-- This property ensures that the JobExecutor isn't started and therefore
+             asynchronous tasks need to be called explicitly to run-->
+        <property name="jobExecutorActivate" value="false" />
+    </bean>
+</beans>
\ No newline at end of file
diff --git a/scb-scanprocesses/wordpress-process/src/test/resources/logback-test.xml b/scb-scanprocesses/wordpress-process/src/test/resources/logback-test.xml
new file mode 100644
index 00000000..81dcdbcd
--- /dev/null
+++ b/scb-scanprocesses/wordpress-process/src/test/resources/logback-test.xml
@@ -0,0 +1,27 @@
+<!--
+  ~ /*
+  ~ * SecureCodeBox (SCB)
+  ~ * Copyright 2015-2018 iteratec GmbH
+  ~ *
+  ~ * Licensed under the Apache License, Version 2.0 (the "License");
+  ~ * you may not use this file except in compliance with the License.
+  ~ * You may obtain a copy of the License at
+  ~ *
+  ~ * 	http://www.apache.org/licenses/LICENSE-2.0
+  ~ *
+  ~ * Unless required by applicable law or agreed to in writing, software
+  ~ * distributed under the License is distributed on an "AS IS" BASIS,
+  ~ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  ~ * See the License for the specific language governing permissions and
+  ~ * limitations under the License.
+  ~ */
+  -->
+
+<configuration debug="true">
+    <include resource="org/springframework/boot/logging/logback/base.xml" />
+
+
+    <root level="INFO">
+        <appender-ref ref="STDOUT" />
+    </root>
+</configuration>

From c3092719559e27c282c79676fa32e892e5f7fd87 Mon Sep 17 00:00:00 2001
From: dpatanin <daniel.patanin@iteratec.com>
Date: Wed, 8 May 2019 13:53:01 +0200
Subject: [PATCH 2/8] added advanced configuration options

---
 .../forms/wordpress/approve-results.html      |   2 +
 .../forms/wordpress/configure-target.html     | 172 +++++++++++++++++-
 2 files changed, 173 insertions(+), 1 deletion(-)

diff --git a/scb-scanprocesses/wordpress-process/src/main/resources/forms/wordpress/approve-results.html b/scb-scanprocesses/wordpress-process/src/main/resources/forms/wordpress/approve-results.html
index d556aa21..2efa97f8 100644
--- a/scb-scanprocesses/wordpress-process/src/main/resources/forms/wordpress/approve-results.html
+++ b/scb-scanprocesses/wordpress-process/src/main/resources/forms/wordpress/approve-results.html
@@ -59,6 +59,7 @@ <h2>WordPress scan results for "{{ target.name }}"</h2>
                         <tr>
                             <th>Host:</th>
                             <th>Name:</th>
+                            <th>Description</th>
                             <th>Category:</th>
                             <th>Severity:</th>
                             <th>Reference:</th>
@@ -66,6 +67,7 @@ <h2>WordPress scan results for "{{ target.name }}"</h2>
                         <tr class="danger" ng-repeat="result in scannerResult">
                             <td>{{ result.location }}</td>
                             <td>{{ result.name }}</td>
+                            <td>{{ result.description }}</td>
                             <td>{{ result.category }}</td>
                             <td>
                                 <div ng-switch on="result.severity">
diff --git a/scb-scanprocesses/wordpress-process/src/main/resources/forms/wordpress/configure-target.html b/scb-scanprocesses/wordpress-process/src/main/resources/forms/wordpress/configure-target.html
index 6fc2b296..3300b05e 100644
--- a/scb-scanprocesses/wordpress-process/src/main/resources/forms/wordpress/configure-target.html
+++ b/scb-scanprocesses/wordpress-process/src/main/resources/forms/wordpress/configure-target.html
@@ -37,6 +37,17 @@ <h2>Please configure the WordPress Scan</h2>
                 location: camForm.variableManager.variableValue('DEFAULT_TARGET_LOCATION')
             }];
 
+            $scope.config = {
+                WP_STEALTHY: false,
+                WP_ENUMERATE: {plugins: null, themes: null, timthumbs: null, configBackups: null, dbExports: null, userIDs: null, mediaIDs: null},
+                WP_MAX_DURATION: null,
+                WP_THROTTLE: null,
+                WP_REQUEST_TIMEOUT: null,
+                WP_DETECTION_MODE: null,
+                WP_USER_AGENT: null,
+                WP_HEADERS: null
+            };
+
             $scope.addTarget = function () {
                 $scope.targetList.push({'name':'', 'location': ''});
             };
@@ -51,10 +62,17 @@ <h2>Please configure the WordPress Scan</h2>
         });
 
         camForm.on('submit', function () {
+            const targets = $scope.targetList.map((target) => {
+                return {
+                    ...target,
+                    attributes: $scope.config
+                }
+            });
+
             camForm.variableManager.createVariable({
                 name: 'PROCESS_TARGETS',
                 type: 'Object',
-                value: JSON.stringify($scope.targetList),
+                value: JSON.stringify(targets),
                 valueInfo: {
                     serializationDataFormat: 'application/json',
                     objectTypeName: 'java.lang.String'
@@ -64,6 +82,13 @@ <h2>Please configure the WordPress Scan</h2>
 
     </script>
 
+    <script type="text/javascript">
+        function togglediv(id) {
+            var div = document.getElementById(id);
+            div.style.display == 'none' ? div.style.display = 'block' : div.style.display = 'none';
+        }
+    </script>
+
     <div class="row">
 
         <div class="col-xs-12">
@@ -122,6 +147,151 @@ <h3>WordPress scan Target</h3>
                 </div>
             </div>
 
+            <div class="form-group">
+                <label for="stealthy">Stealthy mode: random user agent, passive detection mode and passive plugins version detection.
+                </label>
+                <div class="controls">
+                    <input class="form-control" id="stealthy" type="checkbox" name="stealthy" ng-model="config.WP_STEALTHY" ng-value="true"/>
+                </div>
+            </div>
+
+            <br>
+            <button class="btn btn-info pull-right scanner-btn" onclick="togglediv('wpTimeoutAndDuration');" type="button">
+                <span class="glyphicon glyphicon-time "></span> Durations & Timeouts
+            </button>
+            <div id="wpTimeoutAndDuration" name="timoutAndDuration" style="display: none">
+                <label for="max_scan_duration">Max Scan Duration in Seconds</label>
+                <br>
+                <input id="max_scan_duration" ng-model="config.WP_MAX_DURATION" type="number" class="form-control"/>
+                <br>
+
+                <label for="throttle">Milliseconds to wait before doing another web request</label>
+                <br>
+                <input id="throttle" ng-model="config.WP_THROTTLE" type="number" class="form-control"/>
+                <br>
+
+                <label for="request_timeout">The Request Timeout in Seconds</label>
+                <br>
+                <input id="request_timeout" ng-model="config.WP_REQUEST_TIMEOUT" type="number" class="form-control" placeholder="60"/>
+            </div>
+            <div class="clearfix"></div>
+
+            <br>
+            <button class="btn btn-info pull-right scanner-btn" onclick="togglediv('wpEnumerationProcess');" type="button">
+                <span class="glyphicon glyphicon-th-list "></span> Enumeration Process
+            </button>
+            <div id="wpEnumerationProcess" name="enumerationProcess" style="display: none">
+
+                <fieldset id="plugins">
+                    <legend>Choose Plugin Scope</legend>
+
+                    <label for="vp">Vulnerable Plugins
+                    </label>
+                    <input class="form-control" id="vp" type="radio" name="plugins" ng-model="config.WP_ENUMERATE.plugins" value="vp"/>
+                    <label for="ap">All Plugins
+                    </label>
+                    <input class="form-control" id="ap" type="radio" name="plugins" ng-model="config.WP_ENUMERATE.plugins" value="ap"/>
+                    <label for="p">Plugins
+                    </label>
+                    <input class="form-control" id="p" type="radio" name="plugins" ng-model="config.WP_ENUMERATE.plugins" value="p"/>
+                </fieldset>
+
+                <br>
+                <fieldset id="themes">
+                    <legend>Choose Plugin Scope</legend>
+
+                    <label for="vt">Vulnerable Themes
+                    </label>
+                    <input class="form-control" id="vt" type="radio" name="themes" ng-model="config.WP_ENUMERATE.themes" value="vt"/>
+                    <label for="at">All Themes
+                    </label>
+                    <input class="form-control" id="at" type="radio" name="themes" ng-model="config.WP_ENUMERATE.themes" value="at"/>
+                    <label for="t">Themes
+                    </label>
+                    <input class="form-control" id="t" type="radio" name="themes" ng-model="config.WP_ENUMERATE.themes" value="t"/>
+                </fieldset>
+
+                <fieldset id="additionalEnum">
+                    <legend>Choose Additional Enumeration Options</legend>
+
+                    <label for="tt">Timthumbs
+                    </label>
+                    <input class="form-control" id="tt" type="checkbox" name="timthumbs" ng-model="config.WP_ENUMERATE.timthumbs" value="tt"/>
+                    <label for="cb">Config Backups
+                    </label>
+                    <input class="form-control" id="cb" type="checkbox" name="configBackups" ng-model="config.WP_ENUMERATE.configBackups" value="cb"/>
+                    <label for="dbe">Db Exports
+                    </label>
+                    <input class="form-control" id="dbe" type="checkbox" name="dbExports" ng-model="config.WP_ENUMERATE.dbExports" value="dbe"/>
+                </fieldset>
+
+                <fieldset id="additionalEnumRanges">
+                    <legend>Set Additional Enumeration Range Options</legend>
+
+                    <label for="userIDs">User IDs range.
+                    </label>
+                    <input id="userIDs" ng-model="config.WP_ENUMERATE.userIDs" type="text" class="form-control" placeholder="u1-10"/>
+                    <br>
+                    <label for="mediaIDs"> Media IDs range.
+                    </label>
+                    <input id="mediaIDs" ng-model="config.WP_ENUMERATE.mediaIDs" type="text" class="form-control" placeholder="m1-100"/>
+                </fieldset>
+            </div>
+            <div class="clearfix"></div>
+
+            <br>
+            <button class="btn btn-info pull-right scanner-btn" onclick="togglediv('wpDetectionMode');" type="button">
+                <span class="glyphicon glyphicon-search"></span> Detection Mode
+            </button>
+            <div id="wpDetectionMode" name="detectionMode" style="display: none">
+
+                <fieldset id="detectionMode">
+                    <legend>Choose Plugin Scope</legend>
+
+                    <label for="mixed">Mixed
+                    </label>
+                    <input class="form-control" id="mixed" type="radio" name="detectionMode" ng-model="target.attributes.WP_DETECTION_MODE" value="mixed"/>
+                    <label for="aggressive">Aggressive
+                    </label>
+                    <input class="form-control" id="aggressive" type="radio" name="detectionMode" ng-model="target.attributes.WP_DETECTION_MODE" value="aggressive"/>
+                    <label for="passive">Passive
+                    </label>
+                    <input class="form-control" id="passive" type="radio" name="detectionMode" ng-model="target.attributes.WP_DETECTION_MODE" value="passive"/>
+                </fieldset>
+            </div>
+            <div class="clearfix"></div>
+
+            <br>
+            <button class="btn btn-info pull-right scanner-btn" onclick="togglediv('wpUA');" type="button">
+                <span class="glyphicon glyphicon-user "></span> User Agent
+            </button>
+            <div class="clearfix"></div>
+            <div id="wpUA" style="display: none">
+                <label for="wpUserAgent">User Agent</label>
+                <br>
+                <input id="wpUserAgent" name="wpuserAgent" class="form-control" type="text" ng-model="target.attributes.WP_USER_AGENT"
+                />
+            </div>
+            <div class="clearfix"></div>
+
+            <br>
+            <button class="btn btn-info pull-right scanner-btn" onclick="togglediv('wpHeadersDes');" type="button">
+                <span class="glyphicon glyphicon-sort "></span> Additional Headers
+            </button>
+            <div class="clearfix"></div>
+            <div id="wpHeadersDes" style="display: none">
+                <br>
+                <p>
+                    Additional headers to append in requests<br>
+                    Separator to use between the headers: '; '<br>
+                    Examples: 'X-Forwarded-For: 127.0.0.1', 'X-Forwarded-For: 127.0.0.1; Another: aaa'
+                </p>
+                <label for="wpHeaders">Additional Headers</label>
+                <br>
+                <input id="wpHeaders" name="wpHeaders" class="form-control" type="text" ng-model="target.attributes.WP_HEADERS"
+                />
+            </div>
+
         </div>
     </div>
 </form>

From a6a601cd611df830f30bae7302e73e3e2f1135ec Mon Sep 17 00:00:00 2001
From: dpatanin <daniel.patanin@iteratec.com>
Date: Wed, 15 May 2019 14:14:24 +0200
Subject: [PATCH 3/8] fix wpscan configuration

---
 .../forms/wordpress/configure-target.html     | 55 ++++++++++++++-----
 1 file changed, 40 insertions(+), 15 deletions(-)

diff --git a/scb-scanprocesses/wordpress-process/src/main/resources/forms/wordpress/configure-target.html b/scb-scanprocesses/wordpress-process/src/main/resources/forms/wordpress/configure-target.html
index 3300b05e..8ee408b9 100644
--- a/scb-scanprocesses/wordpress-process/src/main/resources/forms/wordpress/configure-target.html
+++ b/scb-scanprocesses/wordpress-process/src/main/resources/forms/wordpress/configure-target.html
@@ -87,6 +87,31 @@ <h2>Please configure the WordPress Scan</h2>
             var div = document.getElementById(id);
             div.style.display == 'none' ? div.style.display = 'block' : div.style.display = 'none';
         }
+
+        function updateButtons(id) {
+            var checked = document.getElementById(id).checked;
+            var buttons = [
+                document.getElementById('wpTimeoutAndDurationButton'),
+                document.getElementById('wpEnumerationProcessButton'),
+                document.getElementById('wpDetectionModeButton'),
+                document.getElementById('wpUAButton'),
+                document.getElementById('wpHeadersDesButton')
+            ];
+
+            buttons.forEach(function(element) {
+               element.disabled = checked;
+               reload(element);
+            });
+        }
+
+        function reload(element){
+            var container = element;
+            var content = container.innerHTML;
+            container.innerHTML= content;
+        }
+    </script>
+
+    <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/angularjs/1.6.9/angular.min.js">
     </script>
 
     <div class="row">
@@ -151,12 +176,12 @@ <h3>WordPress scan Target</h3>
                 <label for="stealthy">Stealthy mode: random user agent, passive detection mode and passive plugins version detection.
                 </label>
                 <div class="controls">
-                    <input class="form-control" id="stealthy" type="checkbox" name="stealthy" ng-model="config.WP_STEALTHY" ng-value="true"/>
+                    <input class="form-control" id="stealthy" type="checkbox" name="stealthy" ng-model="config.WP_STEALTHY" onchange="updateButtons('stealthy')"/>
                 </div>
             </div>
 
             <br>
-            <button class="btn btn-info pull-right scanner-btn" onclick="togglediv('wpTimeoutAndDuration');" type="button">
+            <button id="wpTimeoutAndDurationButton" class="btn btn-info pull-right scanner-btn" onclick="togglediv('wpTimeoutAndDuration');" type="button">
                 <span class="glyphicon glyphicon-time "></span> Durations & Timeouts
             </button>
             <div id="wpTimeoutAndDuration" name="timoutAndDuration" style="display: none">
@@ -177,7 +202,7 @@ <h3>WordPress scan Target</h3>
             <div class="clearfix"></div>
 
             <br>
-            <button class="btn btn-info pull-right scanner-btn" onclick="togglediv('wpEnumerationProcess');" type="button">
+            <button id="wpEnumerationProcessButton" class="btn btn-info pull-right scanner-btn" onclick="togglediv('wpEnumerationProcess');" type="button">
                 <span class="glyphicon glyphicon-th-list "></span> Enumeration Process
             </button>
             <div id="wpEnumerationProcess" name="enumerationProcess" style="display: none">
@@ -216,13 +241,13 @@ <h3>WordPress scan Target</h3>
 
                     <label for="tt">Timthumbs
                     </label>
-                    <input class="form-control" id="tt" type="checkbox" name="timthumbs" ng-model="config.WP_ENUMERATE.timthumbs" value="tt"/>
+                    <input class="form-control" id="tt" type="checkbox" name="timthumbs" ng-model="config.WP_ENUMERATE.timthumbs" ng-true-value="tt"/>
                     <label for="cb">Config Backups
                     </label>
-                    <input class="form-control" id="cb" type="checkbox" name="configBackups" ng-model="config.WP_ENUMERATE.configBackups" value="cb"/>
+                    <input class="form-control" id="cb" type="checkbox" name="configBackups" ng-model="config.WP_ENUMERATE.configBackups" ng-true-value="cb"/>
                     <label for="dbe">Db Exports
                     </label>
-                    <input class="form-control" id="dbe" type="checkbox" name="dbExports" ng-model="config.WP_ENUMERATE.dbExports" value="dbe"/>
+                    <input class="form-control" id="dbe" type="checkbox" name="dbExports" ng-model="config.WP_ENUMERATE.dbExports" ng-true-value="dbe"/>
                 </fieldset>
 
                 <fieldset id="additionalEnumRanges">
@@ -240,42 +265,42 @@ <h3>WordPress scan Target</h3>
             <div class="clearfix"></div>
 
             <br>
-            <button class="btn btn-info pull-right scanner-btn" onclick="togglediv('wpDetectionMode');" type="button">
+            <button id="wpDetectionModeButton" class="btn btn-info pull-right scanner-btn" onclick="togglediv('wpDetectionMode');" type="button">
                 <span class="glyphicon glyphicon-search"></span> Detection Mode
             </button>
             <div id="wpDetectionMode" name="detectionMode" style="display: none">
 
                 <fieldset id="detectionMode">
-                    <legend>Choose Plugin Scope</legend>
+                    <legend>Choose Detection Mode</legend>
 
                     <label for="mixed">Mixed
                     </label>
-                    <input class="form-control" id="mixed" type="radio" name="detectionMode" ng-model="target.attributes.WP_DETECTION_MODE" value="mixed"/>
+                    <input class="form-control" id="mixed" type="radio" name="detectionMode" ng-model="config.WP_DETECTION_MODE" value="mixed"/>
                     <label for="aggressive">Aggressive
                     </label>
-                    <input class="form-control" id="aggressive" type="radio" name="detectionMode" ng-model="target.attributes.WP_DETECTION_MODE" value="aggressive"/>
+                    <input class="form-control" id="aggressive" type="radio" name="detectionMode" ng-model="config.WP_DETECTION_MODE" value="aggressive"/>
                     <label for="passive">Passive
                     </label>
-                    <input class="form-control" id="passive" type="radio" name="detectionMode" ng-model="target.attributes.WP_DETECTION_MODE" value="passive"/>
+                    <input class="form-control" id="passive" type="radio" name="detectionMode" ng-model="config.WP_DETECTION_MODE" value="passive"/>
                 </fieldset>
             </div>
             <div class="clearfix"></div>
 
             <br>
-            <button class="btn btn-info pull-right scanner-btn" onclick="togglediv('wpUA');" type="button">
+            <button id="wpUAButton" class="btn btn-info pull-right scanner-btn" onclick="togglediv('wpUA');" type="button">
                 <span class="glyphicon glyphicon-user "></span> User Agent
             </button>
             <div class="clearfix"></div>
             <div id="wpUA" style="display: none">
                 <label for="wpUserAgent">User Agent</label>
                 <br>
-                <input id="wpUserAgent" name="wpuserAgent" class="form-control" type="text" ng-model="target.attributes.WP_USER_AGENT"
+                <input id="wpUserAgent" name="wpuserAgent" class="form-control" type="text" ng-model="config.WP_USER_AGENT"
                 />
             </div>
             <div class="clearfix"></div>
 
             <br>
-            <button class="btn btn-info pull-right scanner-btn" onclick="togglediv('wpHeadersDes');" type="button">
+            <button id="wpHeadersDesButton" class="btn btn-info pull-right scanner-btn" onclick="togglediv('wpHeadersDes');" type="button">
                 <span class="glyphicon glyphicon-sort "></span> Additional Headers
             </button>
             <div class="clearfix"></div>
@@ -288,7 +313,7 @@ <h3>WordPress scan Target</h3>
                 </p>
                 <label for="wpHeaders">Additional Headers</label>
                 <br>
-                <input id="wpHeaders" name="wpHeaders" class="form-control" type="text" ng-model="target.attributes.WP_HEADERS"
+                <input id="wpHeaders" name="wpHeaders" class="form-control" type="text" ng-model="config.WP_HEADERS"
                 />
             </div>
 

From d0aa44136d55a28ac77a32b214a2582112a61dba Mon Sep 17 00:00:00 2001
From: dpatanin <daniel.patanin@iteratec.com>
Date: Wed, 22 May 2019 12:44:10 +0200
Subject: [PATCH 4/8] fix configure target form bug

---
 .../forms/wordpress/configure-target.html     | 74 ++++++++++++++++---
 1 file changed, 64 insertions(+), 10 deletions(-)

diff --git a/scb-scanprocesses/wordpress-process/src/main/resources/forms/wordpress/configure-target.html b/scb-scanprocesses/wordpress-process/src/main/resources/forms/wordpress/configure-target.html
index 8ee408b9..2a471911 100644
--- a/scb-scanprocesses/wordpress-process/src/main/resources/forms/wordpress/configure-target.html
+++ b/scb-scanprocesses/wordpress-process/src/main/resources/forms/wordpress/configure-target.html
@@ -83,14 +83,16 @@ <h2>Please configure the WordPress Scan</h2>
     </script>
 
     <script type="text/javascript">
+
         function togglediv(id) {
-            var div = document.getElementById(id);
+            let div = document.getElementById(id);
             div.style.display == 'none' ? div.style.display = 'block' : div.style.display = 'none';
         }
 
-        function updateButtons(id) {
-            var checked = document.getElementById(id).checked;
-            var buttons = [
+        function updateButtons() {
+            let checked = document.getElementById('stealthy').checked;
+
+            const buttons = [
                 document.getElementById('wpTimeoutAndDurationButton'),
                 document.getElementById('wpEnumerationProcessButton'),
                 document.getElementById('wpDetectionModeButton'),
@@ -98,19 +100,71 @@ <h2>Please configure the WordPress Scan</h2>
                 document.getElementById('wpHeadersDesButton')
             ];
 
-            buttons.forEach(function(element) {
-               element.disabled = checked;
-               reload(element);
+            const divs = [
+                document.getElementById('wpTimeoutAndDuration'),
+                document.getElementById('wpEnumerationProcess'),
+                document.getElementById('wpDetectionMode'),
+                document.getElementById('wpUA'),
+                document.getElementById('wpHeadersDes')
+            ];
+
+            buttons.forEach(function(button) {
+               button.disabled = checked;
+               reload(button);
+            });
+
+            divs.forEach(function (div) {
+                div.disabled = checked;
+                hideDiv(div);
+                clearInputFields(div);
+                reload(div);
             });
         }
 
         function reload(element){
-            var container = element;
-            var content = container.innerHTML;
+            let container = element;
+            let content = container.innerHTML;
             container.innerHTML= content;
         }
+
+        function hideDiv(div) {
+            div.style.display = 'none';
+        }
+
+        function clearInputFields(divElement) {
+            let elements = getInputFields(divElement);
+
+            for (let element of elements) {
+                if (element) {
+                    switch (element.type) {
+                        case 'text':
+                            element.value = '';
+                        case 'number':
+                            element.value = '';
+                        case 'checkbox':
+                            element.checked = false;
+                        case 'radio':
+                            element.checked = false;
+                    }
+                }
+            }
+        }
+
+        function getInputFields(divElement) {
+            let elements = [];
+
+            for (let element of divElement.childNodes) {
+                if (element.tagName == "input") {
+                    elements.push(element);
+                } else if (element.hasChildNodes()) {
+                    getInputFields(element);
+                }
+            }
+            return elements;
+        }
     </script>
 
+
     <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/angularjs/1.6.9/angular.min.js">
     </script>
 
@@ -176,7 +230,7 @@ <h3>WordPress scan Target</h3>
                 <label for="stealthy">Stealthy mode: random user agent, passive detection mode and passive plugins version detection.
                 </label>
                 <div class="controls">
-                    <input class="form-control" id="stealthy" type="checkbox" name="stealthy" ng-model="config.WP_STEALTHY" onchange="updateButtons('stealthy')"/>
+                    <input class="form-control" id="stealthy" type="checkbox" name="stealthy" ng-model="config.WP_STEALTHY" onchange="updateButtons()"/>
                 </div>
             </div>
 

From 85b81e3e13215b7bf9706bef88c0ea846cb2b66d Mon Sep 17 00:00:00 2001
From: dpatanin <daniel.patanin@iteratec.com>
Date: Wed, 22 May 2019 16:56:29 +0200
Subject: [PATCH 5/8] add jar file in dockerfile

---
 Dockerfile | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/Dockerfile b/Dockerfile
index e513919c..5749c9c5 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -21,6 +21,8 @@ COPY --from=builder ./scb-scanprocesses/sslyze-process/target/sslyze-process-0.0
 COPY --from=builder ./scb-scanprocesses/arachni-process/target/arachni-process-1.0-SNAPSHOT.jar /scb-engine/lib/
 COPY --from=builder ./scb-scanprocesses/ssh-process/target/ssh-process-1.0-SNAPSHOT.jar /scb-engine/lib/
 COPY --from=builder ./scb-scanprocesses/amass-process/target/amass-process-1.0-SNAPSHOT.jar /scb-engine/lib/
+COPY --from=builder ./scb-scanprocesses/wordpress-process/target/wordpress-process-1.0-SNAPSHOT.jar /scb-engine/lib/
+
 
 COPY --from=builder ./scb-persistenceproviders/elasticsearch-persistenceprovider/target/elasticsearch-persistenceprovider-0.0.1-SNAPSHOT-jar-with-dependencies.jar /scb-engine/lib/
 COPY --from=builder ./scb-persistenceproviders/s3-persistenceprovider/target/s3-persistenceprovider-0.0.1-SNAPSHOT-jar-with-dependencies.jar /scb-engine/lib/

From 0e83578fa2fad75a91ad82f0384bae2901cb4c1f Mon Sep 17 00:00:00 2001
From: Jannik Hollenbach <Jannik.Hollenbach@iteratec.de>
Date: Mon, 17 Jun 2019 16:16:40 +0200
Subject: [PATCH 6/8] Update spring boot version

---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index cb8ef41b..5936da5c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -60,7 +60,7 @@
         <camunda.spring.boot.starter.version>3.2.0</camunda.spring.boot.starter.version>
         <!-- END IMPORTANT -->
 
-        <spring-boot.version>2.1.4.RELEASE</spring-boot.version>
+        <spring-boot.version>2.1.5.RELEASE</spring-boot.version>
         <swagger-version>2.9.0</swagger-version>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
     </properties>

From 7c8a5dfd133c84a6202419cbe8d0ce33d93303eb Mon Sep 17 00:00:00 2001
From: dpatanin <daniel.patanin@iteratec.com>
Date: Wed, 3 Jul 2019 12:16:53 +0200
Subject: [PATCH 7/8] adjust code quality in WordPressTest

---
 .../scanprocess/test/WordpressProcessTest.java        | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/scb-scanprocesses/wordpress-process/src/test/java/io/securecodebox/scanprocess/test/WordpressProcessTest.java b/scb-scanprocesses/wordpress-process/src/test/java/io/securecodebox/scanprocess/test/WordpressProcessTest.java
index 02a4d65b..a5628ec2 100644
--- a/scb-scanprocesses/wordpress-process/src/test/java/io/securecodebox/scanprocess/test/WordpressProcessTest.java
+++ b/scb-scanprocesses/wordpress-process/src/test/java/io/securecodebox/scanprocess/test/WordpressProcessTest.java
@@ -81,7 +81,6 @@ public class WordpressProcessTest {
     //Define the Process Activity IDs
     private static final String PROCESS_ID = "wordpress-process";
     private static final String DO_SCAN_TASK_ID = "ServiceTask_DoScan";
-    private static final String CREATE_REPORT_TASK_ID = "ServiceTask_CreateSummary";
     private static final String APPROVE_RESULTS_TASK_ID = "UserTask_ApproveResults";
 
     private final Map<String, Object> defaultVariables = new HashMap<>();
@@ -94,7 +93,7 @@ public class WordpressProcessTest {
     private ProcessScenario process;
 
     @Mock
-    SummaryGeneratorDelegate delegate;
+    protected SummaryGeneratorDelegate delegate;
 
     /**
      * Executed before every test-case
@@ -148,7 +147,7 @@ Note that we have our own mock implementation in the last two when(...) statemen
     }
 
     @Test
-    public void testAutomatedStart_shouldPass() {
+    public void testAutomatedStartShouldPass() {
 
         ProcessInstance processInstance = runtimeService().startProcessInstanceByKey(PROCESS_ID, defaultVariables);
 
@@ -156,7 +155,7 @@ public void testAutomatedStart_shouldPass() {
     }
 
     @Test
-    public void testManualStartWithDefaultConfiguration_shouldPass() {
+    public void testManualStartWithDefaultConfigurationShouldPass() {
         ProcessInstance processInstance = runtimeService().startProcessInstanceByKey(PROCESS_ID, defaultVariables);
 
         assertThat(processInstance).isStarted();
@@ -184,10 +183,10 @@ public void testManualRunWithApprovedTestResults() {
              */
         Mocks.register("setFormUrlListener", new TaskListener() {
 
-            @Autowired
+            @Autowired //Dummy implementation
             private Expression scanner_type;
 
-            @Override
+            @Override //Dummy implementation
             public void notify(DelegateTask delegateTask) {
             }
         });

From 1cbaab742df831ac30d5e2b29e20f48c8842fc3b Mon Sep 17 00:00:00 2001
From: dpatanin <daniel.patanin@iteratec.com>
Date: Wed, 3 Jul 2019 12:56:00 +0200
Subject: [PATCH 8/8] change dummy method comment

---
 .../scanprocess/test/WordpressProcessTest.java         | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/scb-scanprocesses/wordpress-process/src/test/java/io/securecodebox/scanprocess/test/WordpressProcessTest.java b/scb-scanprocesses/wordpress-process/src/test/java/io/securecodebox/scanprocess/test/WordpressProcessTest.java
index a5628ec2..8f3b19cc 100644
--- a/scb-scanprocesses/wordpress-process/src/test/java/io/securecodebox/scanprocess/test/WordpressProcessTest.java
+++ b/scb-scanprocesses/wordpress-process/src/test/java/io/securecodebox/scanprocess/test/WordpressProcessTest.java
@@ -183,10 +183,16 @@ public void testManualRunWithApprovedTestResults() {
              */
         Mocks.register("setFormUrlListener", new TaskListener() {
 
-            @Autowired //Dummy implementation
+            /**
+             * Dummy implementation
+             */
+            @Autowired
             private Expression scanner_type;
 
-            @Override //Dummy implementation
+            /**
+             * Dummy implementation
+             */
+            @Override
             public void notify(DelegateTask delegateTask) {
             }
         });