initial working structure for launchdarkly analyzer

pkg/analyzer/analyzers/launchdarkly/launchdarkly.go

@@ -2,6 +2,7 @@
 package launchdarkly
 
 import (
+	"errors"
 	"fmt"
 	"os"
 
@@ -24,7 +25,18 @@ func (a Analyzer) Type() analyzers.AnalyzerType {
 }
 
 func (a Analyzer) Analyze(_ context.Context, credInfo map[string]string) (*analyzers.AnalyzerResult, error) {
-	return nil, nil
+	// check if the `key` exist in the credentials info
+	key, exist := credInfo["key"]
+	if !exist {
+		return nil, errors.New("key not found in credentials info")
+	}
+
+	info, err := AnalyzePermissions(a.Cfg, key)
+	if err != nil {
+		return nil, err
+	}
+
+	return secretInfoToAnalyzerResult(info), nil
 }
 
 func AnalyzeAndPrintPermissions(cfg *config.Config, token string) {
@@ -61,12 +73,73 @@ func AnalyzePermissions(cfg *config.Config, token string) (*SecretInfo, error) {
 
 	// capture resources in secretInfo
 	if err := CaptureResources(client, token, secretInfo); err != nil {
-		return nil, fmt.Errorf("failed to fetch caller identity: %v", err)
+		return nil, fmt.Errorf("failed to fetch resources: %v", err)
 	}
 
 	return secretInfo, nil
 }
 
+// secretInfoToAnalyzerResult translate secret info to Analyzer Result
+func secretInfoToAnalyzerResult(info *SecretInfo) *analyzers.AnalyzerResult {
+	if info == nil {
+		return nil
+	}
+
+	result := analyzers.AnalyzerResult{
+		AnalyzerType: analyzers.AnalyzerTypeElevenLabs,
+		Metadata:     map[string]any{},
+		Bindings:     make([]analyzers.Binding, 0),
+	}
+
+	// extract information from resource to create bindings and append to result bindings
+	for _, resource := range info.Resources {
+		binding := analyzers.Binding{
+			Resource: *secretInforesourceToAnalyzerResource(resource),
+			Permission: analyzers.Permission{
+				Value: getPermissionType(info.User.Token),
+			},
+		}
+
+		binding.Resource.Parent = secretInforesourceToAnalyzerResource(*resource.ParentResource)
+
+		result.Bindings = append(result.Bindings, binding)
+
+	}
+
+	return &result
+}
+
+// secretInforesourceToAnalyzerResource translate secret info resource to analyzer resource for binding
+func secretInforesourceToAnalyzerResource(resource Resource) *analyzers.Resource {
+	analyzerRes := analyzers.Resource{
+		FullyQualifiedName: resource.ID,
+		Name:               resource.Name,
+		Type:               resource.Type,
+		Metadata:           map[string]any{},
+	}
+
+	for key, value := range resource.MetaData {
+		analyzerRes.Metadata[key] = value
+	}
+
+	return &analyzerRes
+}
+
+// getPermissionType return what type of permission is assigned to token
+func getPermissionType(token Token) string {
+	permission := ""
+
+	if token.Role != "" {
+		permission = token.Role
+	} else if token.hasInlineRole() {
+		permission = "Inline Policy"
+	} else if token.hasCustomRoles() {
+		permission = "Custom Roles"
+	}
+
+	return permission
+}
+
 // printUser print User information from secret info to cli
 func printUser(user User) {
 	// print caller information
@@ -112,17 +185,7 @@ func printUser(user User) {
 // printPermissionsType print permissions type token has
 func printPermissionsType(token Token) {
 	// print permission type. It can be either admin, writer, reader or has inline policy or any custom roles assigned
-	permission := ""
-
-	if token.Role != "" {
-		permission = token.Role
-	} else if token.hasInlineRole() {
-		permission = "Inline Policy"
-	} else if token.hasCustomRoles() {
-		permission = "Custom Roles"
-	}
-
-	color.Green("\n[i] Permission Type: %s", permission)
+	color.Green("\n[i] Permission Type: %s", getPermissionType(token))
 }
 
 func printResources(resources []Resource) {

pkg/analyzer/analyzers/launchdarkly/models.go

@@ -6,11 +6,14 @@
 	MetadataKey = "key"
 
 	// resource types
-	applicationType = "Application"
-	repositoryType  = "Repository"
-	projectType     = "Project"
-	environmentType = "Environment"
-	experimentType  = "Expirement"
+	applicationKey  = "Application"
+	repositoryKey   = "Repository"
+	projectKey      = "Project"
+	environmentKey  = "Environment"
+	experimentKey   = "Expirement"
+	holdoutsKey     = "Holdout"
+	membersKey      = "Member"
+	destinationsKey = "Destination"
 )
 
 type SecretInfo struct {
@@ -80,28 +83,6 @@
 	MetaData       map[string]string
 }
 
-// addPermission add a new permission to secret info permissions list.
-func (s *SecretInfo) addPermission(perm string) {
-	s.mu.Lock()
-	defer s.mu.Unlock()
-
-	s.Permissions = append(s.Permissions, perm)
-}
-
-// hasPermission checks if a particular permission exist in secret info permissions list.
-func (s *SecretInfo) hasPermission(perm string) bool {
-	s.mu.RLock()
-	defer s.mu.RUnlock()
-
-	for _, permission := range s.Permissions {
-		if permission == perm {
-			return true
-		}
-	}
-
-	return false
-}
-
 // appendResources append resource to secret info resources list
 func (s *SecretInfo) appendResource(resource Resource) {
 	s.mu.Lock()
@@ -125,22 +106,6 @@
 	return resources
 }
 
-// getResourceByID returns a copy of the resource matching the given ID, or nil if not found.
-func (s *SecretInfo) getResourceByID(id string) *Resource {
-	s.mu.RLock()
-	defer s.mu.RUnlock()
-
-	for _, resource := range s.Resources {
-		if resource.ID == id {
-			// return a copy of the resource to avoid accidently making changes in the actual resource
-			copyResource := resource
-			return &copyResource
-		}
-	}
-
-	return nil
-}
-
 // hasCustomRoles check if token has any custom roles assigned
 func (t Token) hasCustomRoles() bool {
 	return len(t.CustomRoles) > 0
@@ -152,7 +117,7 @@
 }
 
 // isAllowed check if policy allow the statement
 func (p Policy) isAllowed() bool {
 	return p.Effect == "allow"
 }