def export(self, data_dir):
page_num = 0
total_pages = 0
done = False
apps = []
while (not done):
data = self.get_paged_app_data(RequestsAuthPluginVeracodeHMAC(), page_num)
JsonExport.saveFormatted(data, data_dir + "Data"+str(page_num))
try:
total_pages = data["page"]["total_pages"]
log.info("Got page %d of %d", page_num+1, total_pages)
for app in data["_embedded"]["applications"]:
log.debug("Got app data for profile %s", app["profile"]["name"])
apps.append(app)
page_num = page_num + 1
if (page_num >= total_pages):
done = True
except KeyError as e:
# TODO: Handle Key Error exception properly
log.debug("KeyError exception: %s", e)
done = True
self.to_string(apps[0], f"App 1 of {len(apps)}")
json_file_base = data_dir + "Apps"
JsonExport.saveFormatted(apps, json_file_base)
log.info("Saved %d Veracode App Profiles to %s.json", len(apps), json_file_base)
def deliver_dictionary( self,
dictionary_to_json,
dictionary_to_pickle,
project_name ):
""" Write the dictionary as a pickle and as a json file """
## write the current dict to a pickle file to compare next scrape
## The pickle file is used in the process_project_url method.
## This is a little sloppy, as the pickle directory is also defined
## separately in self.pickle_project_filename
try:
os.makedirs( "pickle" )
except OSError as e:
if e.errno != errno.EEXIST:
raise
temp_file = open(self.pickle_project_filename, "w")
pickle.dump( dictionary_to_pickle, temp_file )
temp_file.close()
## Dump data into a unique json in the data/project_name directory
## Please Note: The results of the "data/"+project_name string.
JsonExport.write( dictionary_to_json, project_name, "data/"+project_name )
return ()
def standalone_writer( extracted_data_dict ):
"""
The FINAL part of the standalone functions for this code. This will be automatically
used if the function at the bottom is called to tool out a new parser.
Otherwise, no changes here do anything.
"""
import JsonExport ## Make sure JsonExport.py is available in this directory...
JsonExport.write( extracted_data_dict, "standalone_parse", "standalone_parse" )
def get_data_request(self, url, filename="JsonData", export=False):
try:
#scan_details_url = data["_embedded"]["analyses"][0]["_links"]["scans"]["href"]
log.debug("Sending request to %s", url)
response = requests.get(url, auth=RequestsAuthPluginVeracodeHMAC(), headers=self.headers, verify=verifyCert)
if response.ok:
if (export):
json_file_base = data_dir + filename
JsonExport.saveFormatted(response.json(), json_file_base)
log.info("Saved data to %s.json", json_file_base)
return response.json()
else:
log.error("Request for %s failed with %s code", filename, response.text)
#sys.exit(1)
except requests.RequestException as e:
log.error("Request for %s failed.", filename)
print(e)
def object_exporter ( json_db_dict, project_name ):
JsonExport.write( json_db_dict, project_name, project_name )
##### cannot find this method's documentation. why does it require project name fro two separate arguments. does it creat a python dictionary?
return
def get_analysis(self, scan_name, export=False, recurse=True):
log.info("Exporting scan spec data for scan named '%s'", scan_name)
api_base="https://api.veracode.com/was/configservice/v1/analyses"
try:
arg1 = "name=" + scan_name
log.debug("Sending request to %s", api_base)
response = requests.get(api_base+"?"+arg1, auth=RequestsAuthPluginVeracodeHMAC(), headers=self.headers, verify=verifyCert)
analysis_summary = response.json()
if response.ok:
# Get Analysis Summary data
if (export):
json_file_base = data_dir + "Exported_Analysis_Summary"
JsonExport.saveFormatted(analysis_summary, json_file_base)
log.info("Saved Veracode scan spec for '%s' to %s.json", scan_name, json_file_base)
# If recursion is requested, get data for embedded links
if (recurse):
# Get Scan Details data
url = analysis_summary["_embedded"]["analyses"][0]["_links"]["scans"]["href"]
scan_details = self.get_data_request(url, "Exported_Detailed_Scan", export)
# Get Analysis Details data
url = analysis_summary["_embedded"]["analyses"][0]["_links"]["self"]["href"]
analysis = self.get_data_request(url, "Exported_Analysis", export)
# Get Latest Analysis Occurrence data
url = analysis_summary["_embedded"]["analyses"][0]["_links"]["latest_occurrence"]["href"]
latest_occurrence = self.get_data_request(url, "Exported_Detailed_Scan", export)
# Get analysis_occurrence_id from latest scan occurrence
analysis_occurrence_id = latest_occurrence["analysis_occurrence_id"]
base_url="https://api.veracode.com/was/configservice/v1"
url = "%s/analysis_occurrences/%s/scan_occurrences" % (base_url, analysis_occurrence_id)
detailed_scan_occurrence = self.get_data_request(url, "Exported_DetailedScanOccurrence", export)
summary = detailed_scan_occurrence["_embedded"]["scan_occurrences"][0]["summary"]
log.debug("Summary: %s", json.dumps(summary, sort_keys=True, indent=0))
very_high_sev = int(detailed_scan_occurrence["_embedded"]["scan_occurrences"][0]["count_of_very_high_sev_flaws"])
high_sev = int(detailed_scan_occurrence["_embedded"]["scan_occurrences"][0]["count_of_high_sev_flaws"])
medium_sev = int(detailed_scan_occurrence["_embedded"]["scan_occurrences"][0]["count_of_medium_sev_flaws"])
low_sev = int(detailed_scan_occurrence["_embedded"]["scan_occurrences"][0]["count_of_low_sev_flaws"])
total = very_high_sev + high_sev + medium_sev
if (total > 0):
log.warn("FAILED. (VeryHigh:%d, High:%s, Med:%s, Low:%s)", very_high_sev, high_sev, medium_sev, low_sev)
else:
log.info("PASSED. (VeryHigh:%d, High:%s, Med:%s, Low:%s)", very_high_sev, high_sev, medium_sev, low_sev)
# Get Audits data
url = analysis_summary["_embedded"]["analyses"][0]["_links"]["audits"]["href"]
audit_data = self.get_data_request(url, "Exported_Audit_Data", export)
return (analysis_summary, scan_details, analysis, latest_occurrence, audit_data)
else:
return (analysis_summary)
else:
log.error("Request for scan spec failed with %s code", response.text)
sys.exit(1)
except requests.RequestException as e:
log.error("Request for scan data failed.")
print(e)
sys.exit(1)
def object_exporter ( json_db_dict, project_name ):
JsonExport.write( json_db_dict, project_name, project_name )
return