SecHub PDS communication parts for assets and templates #3523

- it is now ensured on every pds job call, that the assets in storage are same as in db. Same logic for admin create/update operation is used. - improved PDSWebScanJobScenario12IntTest which does now uses templates and assets. The test ensures that the PDS instance will receive the pds template meta data. - changed templateDefinition format. Assets now no longer an array but only one entry. Means we have 1:n relation here from asset to templates and no longer m:n. - added unit tests - introduced TemplateData resolver in commons-model which can be used from PDS and wrapper applications - introduced TemplateData inside SecHub convfiguration file - Template and Asset REST controller are now annotated with profile admin access
mercedes-benz · Nov 15, 2024 · 4b7af4c · 4b7af4c
1 parent 249b28b
commit 4b7af4c
Show file tree

Hide file tree

Showing 63 changed files with 1,823 additions and 284 deletions.
diff --git a/sechub-adapter-pds/src/main/java/com/mercedesbenz/sechub/adapter/pds/PDSAdapterV1.java b/sechub-adapter-pds/src/main/java/com/mercedesbenz/sechub/adapter/pds/PDSAdapterV1.java
@@ -565,23 +565,28 @@ private String createJobDataJSON(PDSContext context) throws AdapterException {
     }
 
     private PDSJobData createJobData(PDSContext context) {
-        PDSAdapterConfig config = context.getConfig();
-        PDSAdapterConfigData data = config.getPDSAdapterConfigData();
-        assertConfigDataNotNull(data);
-        Map<String, String> parameters = data.getJobParameters();
-
+        PDSAdapterConfig adapterConfig = context.getConfig();
+        PDSAdapterConfigData adapterConfigData = adapterConfig.getPDSAdapterConfigData();
+        assertConfigDataNotNull(adapterConfigData);
+        Map<String, String> adapterConfigDataJobParameters = adapterConfigData.getJobParameters();
+
+        /*
+         * convert adapter configuration to PDS job data that shall be sent to PDS as
+         * key value parameters:
+         */
         PDSJobData jobData = new PDSJobData();
-        for (String key : parameters.keySet()) {
+
+        for (String key : adapterConfigDataJobParameters.keySet()) {
             PDSJobParameterEntry parameter = new PDSJobParameterEntry();
             parameter.key = key;
-            parameter.value = parameters.get(key);
+            parameter.value = adapterConfigDataJobParameters.get(key);
 
             jobData.parameters.add(parameter);
         }
 
-        UUID secHubJobUUID = data.getSecHubJobUUID();
+        UUID secHubJobUUID = adapterConfigData.getSecHubJobUUID();
         jobData.sechubJobUUID = secHubJobUUID.toString();
-        jobData.productId = data.getPdsProductIdentifier();
+        jobData.productId = adapterConfigData.getPdsProductIdentifier();
 
         return jobData;
     }

diff --git a/...b-adapter/src/main/java/com/mercedesbenz/sechub/adapter/AbstractAdapterConfigBuilder.java b/...b-adapter/src/main/java/com/mercedesbenz/sechub/adapter/AbstractAdapterConfigBuilder.java
@@ -12,6 +12,7 @@
 import org.slf4j.LoggerFactory;
 
 import com.mercedesbenz.sechub.adapter.support.URIShrinkSupport;
+import com.mercedesbenz.sechub.commons.core.ConfigurationFailureException;
 import com.mercedesbenz.sechub.commons.core.security.CryptoAccess;
 
 /**
@@ -69,10 +70,11 @@ protected URIShrinkSupport createURIShrinkSupport() {
      *
      * @param strategy
      * @return builder (configured by strategy)
+     * @throws ConfigurationFailureException
      */
     @Override
     @SuppressWarnings("unchecked")
-    public final B configure(AdapterConfigurationStrategy strategy) {
+    public final B configure(AdapterConfigurationStrategy strategy) throws ConfigurationFailureException {
         strategy.configure((B) this);
         return (B) this;
     }

diff --git a/sechub-adapter/src/main/java/com/mercedesbenz/sechub/adapter/AdapterConfigBuilder.java b/sechub-adapter/src/main/java/com/mercedesbenz/sechub/adapter/AdapterConfigBuilder.java
@@ -3,6 +3,8 @@
 
 import static com.mercedesbenz.sechub.adapter.TimeConstants.*;
 
+import com.mercedesbenz.sechub.commons.core.ConfigurationFailureException;
+
 public interface AdapterConfigBuilder {
 
     public static final int DEFAULT_SCAN_RESULT_CHECK_IN_MILLISECONDS = TIME_1_MINUTE_IN_MILLISECONDS;
@@ -30,7 +32,7 @@ public interface AdapterConfigBuilder {
      * @param strategy
      * @return builder (configured by strategy)
      */
-    AdapterConfigBuilder configure(AdapterConfigurationStrategy strategy);
+    AdapterConfigBuilder configure(AdapterConfigurationStrategy strategy) throws ConfigurationFailureException;
 
     /**
      * Set result check interval in minutes.

diff --git a/...b-adapter/src/main/java/com/mercedesbenz/sechub/adapter/AdapterConfigurationStrategy.java b/...b-adapter/src/main/java/com/mercedesbenz/sechub/adapter/AdapterConfigurationStrategy.java
@@ -1,6 +1,8 @@
 // SPDX-License-Identifier: MIT
 package com.mercedesbenz.sechub.adapter;
 
+import com.mercedesbenz.sechub.commons.core.ConfigurationFailureException;
+
 /**
  * A configuration strategy is used to configure a given config adapter builder
  *
@@ -16,6 +18,6 @@ public interface AdapterConfigurationStrategy {
      *
      * @param configBuilder
      */
-    <B extends AdapterConfigBuilder, C extends AdapterConfig> void configure(B configBuilder);
+    <B extends AdapterConfigBuilder, C extends AdapterConfig> void configure(B configBuilder) throws ConfigurationFailureException;
 
 }
diff --git a/...ore/src/main/java/com/mercedesbenz/sechub/commons/core/ConfigurationFailureException.java b/...ore/src/main/java/com/mercedesbenz/sechub/commons/core/ConfigurationFailureException.java
@@ -0,0 +1,16 @@
+// SPDX-License-Identifier: MIT
+package com.mercedesbenz.sechub.commons.core;
+
+public class ConfigurationFailureException extends Exception {
+
+    public ConfigurationFailureException(String message) {
+        super(message);
+    }
+
+    public ConfigurationFailureException(String message, Throwable cause) {
+        super(message, cause);
+    }
+
+    private static final long serialVersionUID = -384180667154600386L;
+
+}
diff --git a/...odel/src/main/java/com/mercedesbenz/sechub/commons/model/login/WebLoginConfiguration.java b/...odel/src/main/java/com/mercedesbenz/sechub/commons/model/login/WebLoginConfiguration.java
@@ -5,6 +5,7 @@
 import java.util.Optional;
 
 import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import com.mercedesbenz.sechub.commons.model.template.TemplateData;
 
 @JsonIgnoreProperties(ignoreUnknown = true)
 public class WebLoginConfiguration {
@@ -19,6 +20,8 @@ public class WebLoginConfiguration {
 
     private WebLoginTOTPConfiguration totp;
 
+    private TemplateData templateData;
+
     public URL getUrl() {
         return url;
     }
@@ -43,4 +46,12 @@ public void setTotp(WebLoginTOTPConfiguration totp) {
         this.totp = totp;
     }
 
+    public TemplateData getTemplateData() {
+        return templateData;
+    }
+
+    public void setTemplateData(TemplateData templateData) {
+        this.templateData = templateData;
+    }
+
 }
diff --git a/...mons-model/src/main/java/com/mercedesbenz/sechub/commons/model/template/TemplateData.java b/...mons-model/src/main/java/com/mercedesbenz/sechub/commons/model/template/TemplateData.java
@@ -1,12 +1,22 @@
 // SPDX-License-Identifier: MIT
 package com.mercedesbenz.sechub.commons.model.template;
 
+import java.util.LinkedHashMap;
+import java.util.Map;
+
 /**
- * Template data for SecHub configuration model
+ * Template data for SecHub configuration model. Here users can define user
+ * specific template data - e.g. variables like "username", "password"
  *
  * @author Albert Tregnaghi
  *
  */
 public class TemplateData {
 
+    private Map<String, String> variables = new LinkedHashMap<>();
+
+    public Map<String, String> getVariables() {
+        return variables;
+    }
+
 }
diff --git a/...el/src/main/java/com/mercedesbenz/sechub/commons/model/template/TemplateDataResolver.java b/...el/src/main/java/com/mercedesbenz/sechub/commons/model/template/TemplateDataResolver.java
@@ -0,0 +1,42 @@
+// SPDX-License-Identifier: MIT
+package com.mercedesbenz.sechub.commons.model.template;
+
+import java.util.Optional;
+
+import com.mercedesbenz.sechub.commons.model.SecHubConfigurationModel;
+import com.mercedesbenz.sechub.commons.model.SecHubWebScanConfiguration;
+import com.mercedesbenz.sechub.commons.model.login.WebLoginConfiguration;
+
+public class TemplateDataResolver {
+
+    public TemplateData resolveTemplateData(TemplateType type, SecHubConfigurationModel configuration) {
+        if (type == null) {
+            return null;
+        }
+        if (configuration == null) {
+            return null;
+        }
+        switch (type) {
+        case WEBSCAN_LOGIN:
+            return resolveWebScanLoginTemplateData(configuration);
+        default:
+            break;
+        }
+        return null;
+    }
+
+    private TemplateData resolveWebScanLoginTemplateData(SecHubConfigurationModel configuration) {
+        Optional<SecHubWebScanConfiguration> webScanOpt = configuration.getWebScan();
+        if (webScanOpt.isEmpty()) {
+            return null;
+        }
+        SecHubWebScanConfiguration webScan = webScanOpt.get();
+        Optional<WebLoginConfiguration> loginOpt = webScan.getLogin();
+        if (loginOpt.isEmpty()) {
+            return null;
+        }
+        WebLoginConfiguration login = loginOpt.get();
+        return login.getTemplateData();
+
+    }
+}
diff --git a/...odel/src/main/java/com/mercedesbenz/sechub/commons/model/template/TemplateDefinition.java b/...odel/src/main/java/com/mercedesbenz/sechub/commons/model/template/TemplateDefinition.java
@@ -3,6 +3,7 @@
 
 import java.util.ArrayList;
 import java.util.List;
+import java.util.Objects;
 
 import com.fasterxml.jackson.annotation.JsonPropertyOrder;
 import com.mercedesbenz.sechub.commons.model.JSONable;
@@ -14,16 +15,23 @@ public class TemplateDefinition implements JSONable<TemplateDefinition> {
 
     public static final String PROPERTY_TYPE = "type";
     public static final String PROPERTY_ID = "id";
-    public static final String PROPERTY_ASSETS = "assets";
+    public static final String PROPERTY_ASSET_ID = "assetId";
     public static final String PROPERTY_VARIABLES = "variables";
 
     private TemplateType type;
 
-    private List<String> assets = new ArrayList<>();
+    private String assetId;
     private List<TemplateVariable> variables = new ArrayList<>();
 
     private String id;
 
+    public TemplateDefinition() {
+    }
+
+    public static TemplateDefinitionBuilder builder() {
+        return new TemplateDefinitionBuilder();
+    }
+
     public static TemplateDefinition from(String json) {
         return IMPORTER.fromJSON(json);
     }
@@ -36,8 +44,12 @@ public String getId() {
         return id;
     }
 
-    public List<String> getAssets() {
-        return assets;
+    public void setAssetId(String assetId) {
+        this.assetId = assetId;
+    }
+
+    public String getAssetId() {
+        return assetId;
     }
 
     public List<TemplateVariable> getVariables() {
@@ -52,6 +64,73 @@ public TemplateType getType() {
         return type;
     }
 
+    @Override
+    public Class<TemplateDefinition> getJSONTargetClass() {
+        return TemplateDefinition.class;
+    }
+
+    @Override
+    public int hashCode() {
+        return Objects.hash(assetId, id, type, variables);
+    }
+
+    @Override
+    public boolean equals(Object obj) {
+        if (this == obj)
+            return true;
+        if (obj == null)
+            return false;
+        if (getClass() != obj.getClass())
+            return false;
+        TemplateDefinition other = (TemplateDefinition) obj;
+        return Objects.equals(assetId, other.assetId) && Objects.equals(id, other.id) && type == other.type && Objects.equals(variables, other.variables);
+    }
+
+    public static class TemplateDefinitionBuilder {
+
+        private String assetId;
+        private String templateId;
+        private TemplateType templateType;
+
+        private TemplateDefinitionBuilder() {
+
+        }
+
+        public TemplateDefinitionBuilder assetId(String assetId) {
+            this.assetId = assetId;
+            return this;
+        }
+
+        public TemplateDefinitionBuilder templateId(String templateId) {
+            this.templateId = templateId;
+            return this;
+        }
+
+        public TemplateDefinitionBuilder templateType(TemplateType templateType) {
+            this.templateType = templateType;
+            return this;
+        }
+
+        public TemplateDefinition build() {
+            if (assetId == null) {
+                throw new IllegalStateException("assetId not defined");
+            }
+            if (templateId == null) {
+                throw new IllegalStateException("templateId not defined");
+            }
+            if (templateType == null) {
+                throw new IllegalStateException("templateType not defined");
+            }
+            TemplateDefinition def = new TemplateDefinition();
+            def.id = templateId;
+            def.type = templateType;
+            def.assetId = assetId;
+
+            return def;
+        }
+
+    }
+
     public static class TemplateVariable {
         public static final String PROPERTY_NAME = "name";
         public static final String PROPERTY_OPTIONAL = "optional";
@@ -85,6 +164,23 @@ public void setValidation(TemplateVariableValidation validation) {
             this.validation = validation;
         }
 
+        @Override
+        public int hashCode() {
+            return Objects.hash(name, optional, validation);
+        }
+
+        @Override
+        public boolean equals(Object obj) {
+            if (this == obj)
+                return true;
+            if (obj == null)
+                return false;
+            if (getClass() != obj.getClass())
+                return false;
+            TemplateVariable other = (TemplateVariable) obj;
+            return Objects.equals(name, other.name) && optional == other.optional && Objects.equals(validation, other.validation);
+        }
+
     }
 
     public static class TemplateVariableValidation {
@@ -120,11 +216,24 @@ public String getRegularExpression() {
         public void setRegularExpression(String regularExpression) {
             this.regularExpression = regularExpression;
         }
-    }
 
-    @Override
-    public Class<TemplateDefinition> getJSONTargetClass() {
-        return TemplateDefinition.class;
+        @Override
+        public int hashCode() {
+            return Objects.hash(maxLength, minLength, regularExpression);
+        }
+
+        @Override
+        public boolean equals(Object obj) {
+            if (this == obj)
+                return true;
+            if (obj == null)
+                return false;
+            if (getClass() != obj.getClass())
+                return false;
+            TemplateVariableValidation other = (TemplateVariableValidation) obj;
+            return Objects.equals(maxLength, other.maxLength) && Objects.equals(minLength, other.minLength)
+                    && Objects.equals(regularExpression, other.regularExpression);
+        }
     }
 
 }