Automation tab might use outdated jobs

[thc202]

Describe the bug

The Automation tab dos not refresh the plan when jobs are added/removed which leads to issues.

Steps to reproduce the behavior

1. Create a plan with the report job.
2. Remove the Report Generation add-on.
3. Run the plan. Notice errors in the log/console, e.g.:

   java.util.MissingResourceException: Can't find resource for bundle java.util.PropertyResourceBundle, key reports.automation.dialog.summary
   	at java.util.ResourceBundle.getObject(ResourceBundle.java:564) ~[?:?]
   	at java.util.ResourceBundle.getString(ResourceBundle.java:521) ~[?:?]
   	at org.zaproxy.zap.utils.I18N.getStringImpl(I18N.java:182) ~[main/:?]
   	at org.zaproxy.zap.utils.I18N.getString(I18N.java:314) ~[main/:?]
   	at org.zaproxy.addon.reports.automation.ReportJob.getSummary(ReportJob.java:405) ~[?:?]
   	at org.zaproxy.addon.automation.gui.PlanTreeTableModel.getValueAt(PlanTreeTableModel.java:190) ~[?:?]
   	at org.jdesktop.swingx.JXTreeTable$TreeTableModelAdapter.getValueAt(JXTreeTable.java:2445) ~[swingx-all-1.6.5-1.jar:1.6.5-1]
   

4. Attempt to edit the report job which leads to other errors, e.g.:

   Exception in thread "AWT-EventQueue-0"
   java.lang.NoClassDefFoundError: org/zaproxy/addon/reports/automation/ReportJobDialog
   	at org.zaproxy.addon.reports.automation.ReportJob.showDialog(ReportJob.java:400) ~[?:?]
   	at org.zaproxy.addon.automation.gui.AutomationPanel$3.mouseClicked(AutomationPanel.java:645) ~[?:?]
   	at java.awt.AWTEventMulticaster.mouseClicked(AWTEventMulticaster.java:278) ~[?:?]
   

Expected behavior

The Automation tab should properly handle dynamic changes of jobs (update/removal).

Software versions

Automation Framework v0.27.0

[Avinash-Acharya]

2. Remove the Report Generation add-on.

How to proceed with this? Does it mean to uninstall the Report Generation addon?

[thc202]

Yes.

[code-sparsh]

Hey! Is something like this good? -

Every time someone runs a plan, it would first check if all the jobs mentioned in that plan have their corresponding addOns installed or not. And if not installed, mark that job run as fail and give a message like "spider addOn not installed" in the output window of the automation tab

I mean here -

Also, is this a problem just with the GUI? or with other methods too like the CLI? (Actually I have just checked with GUI as of now, so that's why asking).

[thc202]

That does not address the problem since the GUI still shows jobs that might no longer be present or are outdated (i.e. step 4). IMO the tab should try (re)load the plan after jobs are added/removed (if present in the plan), which would recreate the GUi or fail with an error if the jobs are unrecognised.

Yes, this is a GUI specific problem (label added to be clearer).

[aryangupta701]

hello I want to work on this issue

[code-sparsh]

@aryangupta701, ahh sorry but have you actually started working on it? I was actually brainstorming on this issue from past few days and I think I have some progress too. I guess I should have asked for assignment beforehand, but I forgot somehow :(

My bad :(
If you have really started working on it, it's totally fair that you take the issue. otherwise, if you can handover this to me it would be really great. Please let me know.

[aryangupta701]

Not yet. You can take over this issue. :)

[code-sparsh]

@aryangupta701 Thanks :)

[code-sparsh]

@thc202 @kingthorin, little help needed as I had few doubts -

1. Is there any specific event defined in ZAP which is fired whenever an add-on is uninstalled?
2. I was going through all the files of Automation. and I found an event called "JOB_REMOVED". Initially I thought it must be getting fired automatically after the add-on is uninstalled of that particular job. But I tested it and its not the case.

I do need to listen for events right? in order to implement this. Because only then it would show dynamic changes to the GUI tab. Please correct me if I am wrong.

Also, sorry for actually delaying it. I wanted to take the least amount of help for this issue and do it all by myself. But I am little stuck here now. I think I have went through all the files of Automation.

[kingthorin]

It looks like there's an event you could use: https://github.com/zaproxy/zaproxy/blob/main/zap/src/main/java/org/zaproxy/zap/extension/autoupdate/UninstallationProgressDialogue.java#L391

[code-sparsh]

It looks like there's an event you could use: https://github.com/zaproxy/zaproxy/blob/main/zap/src/main/java/org/zaproxy/zap/extension/autoupdate/UninstallationProgressDialogue.java#L391

ohh okay, Thanks!
I will check that out.

[thc202]

That's internal, you should use an AddOnInstallationStatusListener instead, e.g.:

zaproxy/zap/src/main/java/org/zaproxy/zap/extension/help/ExtensionHelp.java

Line 497 in d771fae

private class AddOnInstallationStatusListenerImpl implements AddOnInstallationStatusListener {

Although, the jobs are added/removed through the ExtensionAutomation itself (e.g. registerAutomationJob).

[kingthorin]

Thanks @thc202

[code-sparsh]

Although, the jobs are added/removed through the ExtensionAutomation itself (e.g. registerAutomationJob).

@thc202 Thanks for this!
I think I got it now :)