def report(self):
""" Report """
# Summary
test_initiation_body = {
"project_name": self.context.get_meta('project_name'),
"app_name": self.context.get_meta("project_description"),
"scan_time": self.context.performers["reporting"].get_module_meta("time_meta", "testing_run_time", None),
"dast_target": self.context.get_meta("dast_target"),
"sast_code": self.context.get_meta("sast_code"),
"scan_type": self.context.get_meta("testing_type"),
"findings": len(self.context.findings),
"false_positives": 0,
"excluded": 0,
"info_findings": 0,
"environment": self.context.get_meta("environment_name")
}
false_positives = 0
excluded = 0
info_findings = 0
for item in self.context.findings:
if item.get_meta("false_positive_finding", False):
false_positives += 1
if item.get_meta("information_finding", False):
info_findings += 1
if item.get_meta("excluded_finding", False):
excluded += 1
test_initiation_body['false_positives'] = false_positives
test_initiation_body['info_findings'] = info_findings
test_initiation_body['excluded_finding'] = excluded
report_id = self.galloper.create_test_results(test_initiation_body)
test_cases = list()
for item in self.context.findings:
issue = {
"report_id": report_id,
"issue_hash": item.get_meta("issue_hash", ""),
"tool_name": item.get_meta("tool", ""),
"description": item.title,
"severity": item.get_meta("severity", SEVERITIES[-1]),
"details": '',
"endpoints": item.get_meta("endpoints"),
"false_positive": 0 if not item.get_meta("false_positive_finding", False) else 1,
"info_finding": 0 if not item.get_meta("information_finding", False) else 1,
"excluded_finding": 0 if not item.get_meta("excluded_finding", False) else 1
}
if isinstance(item, DastFinding):
issue['details'] = markdown.markdown_to_html(item.description)
elif isinstance(item, SastFinding):
issue['details'] = markdown.markdown_to_html("\n\n".join(item.description))
test_cases.append(issue)
log.info("Creating findings")
self.galloper.create_findings(test_cases)
def report(self):
""" Report """
# Summary
for item in self.context.findings:
if item.get_meta("false_positive_finding", False) or item.get_meta("information_finding", False) or \
item.get_meta("excluded_finding", False):
continue
details = ''
if isinstance(item, DastFinding):
details = markdown.markdown_to_html(item.description)
elif isinstance(item, SastFinding):
details = markdown.markdown_to_html("<br/>".join(item.description))
log.debug(self.ado.create_finding(item.title, details, item.get_meta("severity", SEVERITIES[-1]),
assignee=self.assignee, issue_hash=item.get_meta("issue_hash", "")))
log.info("Creating findings")
def _item_to_finding(item):
if isinstance(item, DastFinding):
return HTMLReportFinding(
tool=item.get_meta("tool", ""),
title=item.title,
severity=item.get_meta("severity", SEVERITIES[-1]),
description=markdown.markdown_to_html(item.description))
if isinstance(item, SastFinding):
return HTMLReportFinding(tool=item.get_meta("tool", ""),
title=item.title,
severity=item.get_meta(
"severity", SEVERITIES[-1]),
description=markdown.markdown_to_html(
"\n\n".join(item.description)))
raise ValueError("Unsupported item type")
def project_errors(self):
""" Returns project errors """
result = list()
for item in self.context.errors:
result.append(
HTMLReportError(tool=item.tool,
title=item.error,
description=markdown.markdown_to_html(
item.details)))
result.sort(key=lambda item: (item.tool, item.title))
return result