private static String GetFlatPolicyNames(JToken payload)
{
using (var reader = new JTokenReader(payload))
{
StringBuilder b = new StringBuilder();
while (JsonUtils.MoveToNextProperty(reader, "name"))
{
var policyName = ((JProperty)reader.CurrentToken).Value.ToString();
if (JsonUtils.MoveToNextProperty(reader, "isActive"))
{
if (Boolean.Parse(((JProperty)reader.CurrentToken).Value.ToString()))
{
if (b.Length > 0)
{
b.Append(';');
}
b.Append(policyName);
}
}
else
{
throw new InvalidDataException("Expected key 'isActive' but did not find it.");
}
}
return(b.ToString());
}
}
public static IEnumerable <int> GetPolicyIdsForProject(CxRestContext ctx,
CancellationToken token, int projectId)
{
try
{
using (var client = ctx.Json.CreateMnoClient())
using (var policyPayload = client.GetAsync(CxRestContext.MakeUrl(ctx.MnoUrl,
String.Format(PROJECT_POLICY_URL_SUFFIX, projectId)), token).Result)
{
if (!policyPayload.IsSuccessStatusCode)
{
throw new InvalidOperationException
($"Unable to retrieve policies for project {projectId}.");
}
JToken jt = JToken.Load(new JsonTextReader(new StreamReader
(policyPayload.Content.ReadAsStreamAsync().Result)));
LinkedList <int> policyIds = new LinkedList <int>();
using (JTokenReader reader = new JTokenReader(jt))
while (JsonUtils.MoveToNextProperty(reader, "id"))
{
policyIds.AddLast(Convert.ToInt32(((JProperty)reader.CurrentToken).Value));
}
return(policyIds);
}
}
catch (HttpRequestException hex)
{
_log.Error("Communication error.", hex);
throw hex;
}
}
private static GenStatus ReadStatus(JToken responsePayload)
{
using (var reader = new JTokenReader(responsePayload))
if (JsonUtils.MoveToNextProperty(reader, "value"))
{
return(Enum.Parse <GenStatus>(((JProperty)reader.CurrentToken).Value.ToString()));
}
else
{
throw new InvalidDataException("reportId missing in reponse payload");
}
}
private static IEnumerable <RuleDescriptor> ParseRules(CxRestContext ctx,
CancellationToken token, JToken rulePayload)
{
using (var reader = new JTokenReader(rulePayload))
{
LinkedList <RuleDescriptor> rules = new LinkedList <RuleDescriptor>();
while (JsonUtils.MoveToNextProperty(reader, "ruleId"))
{
RuleDescriptor rule = new RuleDescriptor()
{
RuleId = Convert.ToInt32(((JProperty)reader.CurrentToken).Value)
};
if (!JsonUtils.MoveToNextProperty(reader, "name"))
{
continue;
}
rule.Name = ((JProperty)reader.CurrentToken).Value.ToString();
if (!JsonUtils.MoveToNextProperty(reader, "description"))
{
continue;
}
rule.Description = ((JProperty)reader.CurrentToken).Value.ToString();
if (!JsonUtils.MoveToNextProperty(reader, "scanType"))
{
continue;
}
rule.ScanProduct = ((JProperty)reader.CurrentToken).Value.ToString();
if (!JsonUtils.MoveToNextProperty(reader, "ruleType"))
{
continue;
}
rule.RuleType = ((JProperty)reader.CurrentToken).Value.ToString();
if (!JsonUtils.MoveToNextProperty(reader, "createdOn"))
{
continue;
}
rule.CreatedOn = JsonUtils.UtcEpochTimeToDateTime
(Convert.ToInt64(((JProperty)reader.CurrentToken).Value) / 1000);
rules.AddLast(rule);
}
return(rules);
}
}
private static PolicyCollection ParsePolicies(CxRestContext ctx,
CancellationToken token, JToken policyPayload)
{
PolicyCollection result = new PolicyCollection();
using (JTokenReader reader = new JTokenReader(policyPayload))
while (JsonUtils.MoveToNextProperty(reader, "id"))
{
PolicyDescriptor policy = new PolicyDescriptor()
{
PolicyId = Convert.ToInt32(((JProperty)reader.CurrentToken).Value)
};
if (!JsonUtils.MoveToNextProperty(reader, "name"))
{
continue;
}
policy.Name = ((JProperty)reader.CurrentToken).Value.ToString();
if (!JsonUtils.MoveToNextProperty(reader, "description"))
{
continue;
}
policy.Description = ((JProperty)reader.CurrentToken).Value.ToString();
if (!JsonUtils.MoveToNextProperty(reader, "isActive"))
{
continue;
}
policy.isActive = Convert.ToBoolean(((JProperty)reader.CurrentToken).Value);
if (!JsonUtils.MoveToNextProperty(reader, "createdOn"))
{
continue;
}
policy.CreatedOn = JsonUtils.UtcEpochTimeToDateTime
(Convert.ToInt64(((JProperty)reader.CurrentToken).Value) / 1000);
var rules = CxMnoPolicyRules.GetRulesForPolicy(ctx, token, policy.PolicyId);
policy.AddRule(rules);
result.AddPolicy(policy);
}
return(result);
}
public bool MoveNext()
{
while (JsonUtils.MoveToNextProperty(_reader))
{
if (((JProperty)_reader.CurrentToken).Name.CompareTo("id") == 0)
{
_currentScan = new Scan()
{
ProjectId = _projectId,
ScanId = ((JProperty)_reader.CurrentToken).Value.ToString()
};
if (!JsonUtils.MoveToNextProperty(_reader, "startAnalyzeTime"))
{
return(false);
}
// SCA stores times in UTC. SAST stores them in local time.
_currentScan.StartTime = DateTime.Parse(((JProperty)_reader.CurrentToken).
Value.ToString()).ToLocalTime();
if (!JsonUtils.MoveToNextProperty(_reader, "endAnalyzeTime"))
{
return(false);
}
_currentScan.FinishTime = DateTime.Parse(((JProperty)_reader.CurrentToken).
Value.ToString()).ToLocalTime();
if (!JsonUtils.MoveToNextProperty(_reader, "state"))
{
return(false);
}
if (!JsonUtils.MoveToNextProperty(_reader, "name"))
{
return(false);
}
return(true);
}
}
return(false);
}
private static ViolatedPolicyCollection ParseViolatedRules
(PolicyCollection policies, int projectId, JToken token)
{
ViolatedPolicyCollection violatedRules = new ViolatedPolicyCollection();
using (JTokenReader reader = new JTokenReader(token))
{
while (reader.Read() && reader.CurrentToken.Type != JTokenType.Array)
{
;
}
if (reader.CurrentToken == null || reader.CurrentToken.Type != JTokenType.Array)
{
return(violatedRules);
}
JArray policyViolations = (JArray)reader.CurrentToken;
for (int y = 0; y < policyViolations.Count; y++)
{
if (!JsonUtils.MoveToNextProperty(reader, "policyId"))
{
continue;
}
int currentPolicyId = Convert.ToInt32(((JProperty)reader.CurrentToken).Value);
if (!JsonUtils.MoveToNextProperty(reader, "violations"))
{
continue;
}
JArray ruleViolations = (JArray)((JProperty)reader.CurrentToken).Value;
for (int x = 0; x < ruleViolations.Count; x++)
{
if (!JsonUtils.MoveToNextProperty(reader, "ruleId"))
{
break;
}
var ruleId = Convert.ToInt32(((JProperty)reader.CurrentToken).Value);
var rule = policies.GetPolicyByRuleId(ruleId).Rules[ruleId];
ViolatedRuleDescriptor curRule = new ViolatedRuleDescriptor(rule)
{
ProjectId = projectId,
PolicyId = currentPolicyId
};
if (!JsonUtils.MoveToNextProperty(reader, "firstDetectionDateByArm"))
{
break;
}
curRule.FirstDetectionDate = JsonUtils.UtcEpochTimeToDateTime
(Convert.ToInt64(((JProperty)reader.CurrentToken).Value) / 1000);
if (!JsonUtils.MoveToNextProperty(reader, "scanId"))
{
break;
}
curRule.ScanId = ((JProperty)reader.CurrentToken).Value.ToString();
if (!JsonUtils.MoveToNextProperty(reader, "name"))
{
break;
}
curRule.ViolationName = ((JProperty)reader.CurrentToken).Value.ToString();
if (!JsonUtils.MoveToNextProperty(reader, "severity"))
{
break;
}
curRule.ViolationSeverity = ((JProperty)reader.CurrentToken).Value.ToString();
if (!JsonUtils.MoveToNextProperty(reader, "date"))
{
break;
}
if (((JProperty)reader.CurrentToken).Value.Type != JTokenType.Null)
{
curRule.ViolationOccured = JsonUtils.UtcEpochTimeToDateTime
(Convert.ToInt64(((JProperty)reader.CurrentToken).Value));
}
if (!JsonUtils.MoveToNextProperty(reader, "riskScore"))
{
break;
}
if (((JProperty)reader.CurrentToken).Value.Type != JTokenType.Null)
{
curRule.ViolationRiskScore = Convert.ToDouble
(((JProperty)reader.CurrentToken).Value.ToString());
}
if (!JsonUtils.MoveToNextProperty(reader, "status"))
{
break;
}
curRule.ViolationStatus = ((JProperty)reader.CurrentToken).Value.ToString();
if (!JsonUtils.MoveToNextProperty(reader, "state"))
{
break;
}
curRule.ViolationState = ((JProperty)reader.CurrentToken).Value.ToString();
violatedRules.AddViolatedRule(curRule);
}
}
}
return(violatedRules);
}
public bool MoveNext()
{
while (JsonUtils.MoveToNextProperty(_reader))
{
if (((JProperty)_reader.CurrentToken).Name.CompareTo("id") == 0)
{
_currentScan = new Scan()
{
ScanId = ((JProperty)_reader.CurrentToken).Value.ToString()
};
if (!JsonUtils.MoveToNextProperty(_reader, "project"))
{
return(false);
}
if (!JsonUtils.MoveToNextProperty(_reader, "id"))
{
return(false);
}
_currentScan.ProjectId = Convert.ToInt32(((JProperty)_reader.CurrentToken).Value.ToString());
if (!JsonUtils.MoveToNextProperty(_reader, "dateAndTime"))
{
return(false);
}
if (!JsonUtils.MoveToNextProperty(_reader, "startedOn"))
{
return(false);
}
_currentScan.StartTime = DateTime.Parse(((JProperty)_reader.CurrentToken).Value.ToString());
if (!JsonUtils.MoveToNextProperty(_reader, "finishedOn"))
{
return(false);
}
_currentScan.FinishTime = DateTime.Parse(((JProperty)_reader.CurrentToken).Value.ToString());
if (!JsonUtils.MoveToNextProperty(_reader, "scanState"))
{
return(false);
}
if (!JsonUtils.MoveToNextProperty(_reader, "filesCount"))
{
return(false);
}
_currentScan.FileCount = Convert.ToInt32(((JProperty)_reader.CurrentToken).Value);
if (!JsonUtils.MoveToNextProperty(_reader, "linesOfCode"))
{
return(false);
}
_currentScan.LinesOfCode = Convert.ToInt64(((JProperty)_reader.CurrentToken).Value);
if (!JsonUtils.MoveToNextProperty(_reader, "failedLinesOfCode"))
{
return(false);
}
_currentScan.FailedLinesOfCode = Convert.ToInt64(((JProperty)_reader.CurrentToken).Value);
if (!JsonUtils.MoveToNextProperty(_reader, "cxVersion"))
{
return(false);
}
_currentScan.CxVersion = ((JProperty)_reader.CurrentToken).Value.ToString();
if (!JsonUtils.MoveToNextProperty(_reader, "languageStateCollection"))
{
return(false);
}
_currentScan.Languages = GetLanguages(_reader.CurrentToken);
if (!JsonUtils.MoveToNextProperty(_reader, "isPublic"))
{
return(false);
}
bool isPublic = Convert.ToBoolean(((JProperty)_reader.CurrentToken).Value.ToString());
if (!JsonUtils.MoveToNextProperty(_reader, "isIncremental"))
{
return(false);
}
if (Convert.ToBoolean(((JProperty)_reader.CurrentToken).Value.ToString()))
{
_currentScan.ScanType = "Incremental";
}
else
{
_currentScan.ScanType = "Full";
}
if (!JsonUtils.MoveToNextProperty(_reader, "scanRisk"))
{
return(false);
}
_currentScan.ScanRisk = Convert.ToInt32(((JProperty)_reader.CurrentToken).Value);
if (!JsonUtils.MoveToNextProperty(_reader, "scanRiskSeverity"))
{
return(false);
}
_currentScan.ScanRiskSeverity = Convert.ToInt32(((JProperty)_reader.CurrentToken).Value);
if (!JsonUtils.MoveToNextProperty(_reader, "partialScanReasons"))
{
return(false);
}
// IsPublic?
if (!isPublic)
{
// Scan isn't public, move to the next scan.
_currentScan = new Scan();
continue;
}
return(true);
}
}
return(false);
}