From 5d89467c1e96521a54255a1777bce6fea746f494 Mon Sep 17 00:00:00 2001 From: Marcel Haag Date: Mon, 24 Oct 2022 15:25:09 +0200 Subject: [PATCH] feat: As a user I want to have an comments overview --- .../pentest-comments.component.html | 84 +++++++++++++++++- .../pentest-comments.component.scss | 38 ++++++++ .../pentest-comments.component.spec.ts | 80 ++++++++++++++++- .../pentest-comments.component.ts | 88 ++++++++++++++++++- .../pentest-content.component.html | 2 +- .../pentest-findings.component.html | 22 ++--- .../pentest-findings.component.scss | 5 ++ .../pentest-findings.component.ts | 9 +- .../src/assets/i18n/de-DE.json | 31 ++++++- .../src/assets/i18n/en-US.json | 31 ++++++- .../src/shared/models/comment.model.ts | 45 ++++++++++ .../src/shared/models/finding.model.ts | 10 +-- .../src/shared/services/pentest.service.ts | 29 ++++++ .../src/main/kotlin/comment/Comment.kt | 12 +++ .../src/main/kotlin/comment/CommentEntity.kt | 18 ++++ .../api/pentest => finding}/Finding.kt | 4 +- .../src/main/kotlin/finding/FindingEntity.kt | 23 +++++ .../api/pentest => finding}/Severity.kt | 2 +- 18 files changed, 497 insertions(+), 36 deletions(-) create mode 100644 security-c4po-angular/src/shared/models/comment.model.ts create mode 100644 security-c4po-api/src/main/kotlin/comment/Comment.kt create mode 100644 security-c4po-api/src/main/kotlin/comment/CommentEntity.kt rename security-c4po-api/src/main/kotlin/{com/securityc4po/api/pentest => finding}/Finding.kt (91%) create mode 100644 security-c4po-api/src/main/kotlin/finding/FindingEntity.kt rename security-c4po-api/src/main/kotlin/{com/securityc4po/api/pentest => finding}/Severity.kt (65%) diff --git a/security-c4po-angular/src/app/pentest/pentest-content/pentest-comments/pentest-comments.component.html b/security-c4po-angular/src/app/pentest/pentest-content/pentest-comments/pentest-comments.component.html index 9c3ea02..1cd871d 100644 --- a/security-c4po-angular/src/app/pentest/pentest-content/pentest-comments/pentest-comments.component.html +++ b/security-c4po-angular/src/app/pentest/pentest-content/pentest-comments/pentest-comments.component.html @@ -1 +1,83 @@ -

pentest-comments works!

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ {{ 'comment.commentId' | translate }} + + {{ comment.data['commentId'] || '-' }} + + {{ 'comment.title' | translate }} + + {{ comment.data['title'] }} + + {{ 'comment.description' | translate }} + + {{ comment.data['description'] }} + + {{ 'comment.relatedFindings' | translate }} + + + +
+ + +
+
+
+ +
+

+ {{'comment.no.comments' | translate}} +

+
+ + diff --git a/security-c4po-angular/src/app/pentest/pentest-content/pentest-comments/pentest-comments.component.scss b/security-c4po-angular/src/app/pentest/pentest-content/pentest-comments/pentest-comments.component.scss index e69de29..8e97d7e 100644 --- a/security-c4po-angular/src/app/pentest/pentest-content/pentest-comments/pentest-comments.component.scss +++ b/security-c4po-angular/src/app/pentest/pentest-content/pentest-comments/pentest-comments.component.scss @@ -0,0 +1,38 @@ +@import '../../../../assets/@theme/styles/themes'; + +.comment-table { + // width: calc(78vw - 18%); + width: 90vw; + + .comment-cell { + // Add style here + } + + .comment-cell:hover { + // cursor: default; + background-color: nb-theme(color-basic-transparent-focus); + } + + .related-finding-cell { + // cursor: pointer; + font-family: Courier, serif; + color: nb-theme(color-info-default); + } + + .cell-actions { + width: max-content; + max-width: 200px; + + .add-comment-button { + .new-comment-icon { + padding-right: 0.5rem; + } + } + } +} + +.error-text { + padding-top: 0.5rem; + font-size: 1.25rem; + font-weight: bold; +} diff --git a/security-c4po-angular/src/app/pentest/pentest-content/pentest-comments/pentest-comments.component.spec.ts b/security-c4po-angular/src/app/pentest/pentest-content/pentest-comments/pentest-comments.component.spec.ts index d201a86..ebabf09 100644 --- a/security-c4po-angular/src/app/pentest/pentest-content/pentest-comments/pentest-comments.component.spec.ts +++ b/security-c4po-angular/src/app/pentest/pentest-content/pentest-comments/pentest-comments.component.spec.ts @@ -1,20 +1,92 @@ -import { ComponentFixture, TestBed } from '@angular/core/testing'; +import {ComponentFixture, TestBed} from '@angular/core/testing'; -import { PentestCommentsComponent } from './pentest-comments.component'; +import {PentestCommentsComponent} from './pentest-comments.component'; +import {PROJECT_STATE_NAME, ProjectState, ProjectStateModel} from '@shared/stores/project-state/project-state'; +import {Category} from '@shared/models/category.model'; +import {PentestStatus} from '@shared/models/pentest-status.model'; +import {NgxsModule, Store} from '@ngxs/store'; +import {CommonModule} from '@angular/common'; +import {BrowserAnimationsModule} from '@angular/platform-browser/animations'; +import {HttpClientTestingModule} from '@angular/common/http/testing'; +import {FontAwesomeModule} from '@fortawesome/angular-fontawesome'; +import {NbButtonModule, NbTreeGridModule} from '@nebular/theme'; +import {ThemeModule} from '@assets/@theme/theme.module'; +import {TranslateLoader, TranslateModule} from '@ngx-translate/core'; +import {HttpLoaderFactory} from '../../../common-app.module'; +import {HttpClient} from '@angular/common/http'; +import {NotificationService} from '@shared/services/notification.service'; +import {NotificationServiceMock} from '@shared/services/notification.service.mock'; +import {MockComponent} from 'ng-mocks'; +import {LoadingSpinnerComponent} from '@shared/widgets/loading-spinner/loading-spinner.component'; + +const DESIRED_PROJECT_STATE_SESSION: ProjectStateModel = { + selectedProject: { + id: '56c47c56-3bcd-45f1-a05b-c197dbd33111', + client: 'E Corp', + title: 'Some Mock API (v1.0) Scanning', + createdAt: new Date('2019-01-10T09:00:00'), + tester: 'Novatester', + testingProgress: 0, + createdBy: '11c47c56-3bcd-45f1-a05b-c197dbd33110' + }, + // Manages Categories + disabledCategories: [], + selectedCategory: Category.INFORMATION_GATHERING, + // Manages Pentests of Category + disabledPentests: [], + selectedPentest: { + id: '56c47c56-3bcd-45f1-a05b-c197dbd33112', + category: Category.INFORMATION_GATHERING, + refNumber: 'OTF-001', + childEntries: [], + status: PentestStatus.NOT_STARTED, + findingsIds: [], + commentsIds: ['56c47c56-3bcd-45f1-a05b-c197dbd33112'] + }, +}; describe('PentestCommentsComponent', () => { let component: PentestCommentsComponent; let fixture: ComponentFixture; + let store: Store; beforeEach(async () => { await TestBed.configureTestingModule({ - declarations: [ PentestCommentsComponent ] + declarations: [ + PentestCommentsComponent, + MockComponent(LoadingSpinnerComponent) + ], + imports: [ + CommonModule, + BrowserAnimationsModule, + HttpClientTestingModule, + FontAwesomeModule, + NbButtonModule, + NbTreeGridModule, + ThemeModule.forRoot(), + TranslateModule.forRoot({ + loader: { + provide: TranslateLoader, + useFactory: HttpLoaderFactory, + deps: [HttpClient] + } + }), + NgxsModule.forRoot([ProjectState]) + ], + providers: [ + {provide: NotificationService, useValue: new NotificationServiceMock()} + ] }) - .compileComponents(); + .compileComponents(); }); beforeEach(() => { fixture = TestBed.createComponent(PentestCommentsComponent); + store = TestBed.inject(Store); + store.reset({ + ...store.snapshot(), + [PROJECT_STATE_NAME]: DESIRED_PROJECT_STATE_SESSION + }); component = fixture.componentInstance; fixture.detectChanges(); }); diff --git a/security-c4po-angular/src/app/pentest/pentest-content/pentest-comments/pentest-comments.component.ts b/security-c4po-angular/src/app/pentest/pentest-content/pentest-comments/pentest-comments.component.ts index e87568a..98dc6c9 100644 --- a/security-c4po-angular/src/app/pentest/pentest-content/pentest-comments/pentest-comments.component.ts +++ b/security-c4po-angular/src/app/pentest/pentest-content/pentest-comments/pentest-comments.component.ts @@ -1,5 +1,16 @@ -import { Component, OnInit } from '@angular/core'; +import {Component, Input, OnInit} from '@angular/core'; +import {BehaviorSubject, Observable} from 'rxjs'; +import {Pentest} from '@shared/models/pentest.model'; +import * as FA from '@fortawesome/free-solid-svg-icons'; +import {NbGetters, NbTreeGridDataSource, NbTreeGridDataSourceBuilder} from '@nebular/theme'; +import {PentestService} from '@shared/services/pentest.service'; +import {NotificationService, PopupType} from '@shared/services/notification.service'; +import {UntilDestroy, untilDestroyed} from '@ngneat/until-destroy'; +import {filter, tap} from 'rxjs/operators'; +import {Comment, CommentEntry, transformCommentsToObjectiveEntries} from '@shared/models/comment.model'; +import {isNotNullOrUndefined} from 'codelyzer/util/isNotNullOrUndefined'; +@UntilDestroy() @Component({ selector: 'app-pentest-comments', templateUrl: './pentest-comments.component.html', @@ -7,9 +18,80 @@ import { Component, OnInit } from '@angular/core'; }) export class PentestCommentsComponent implements OnInit { - constructor() { } + @Input() + pentestInfo$: BehaviorSubject = new BehaviorSubject(null); - ngOnInit(): void { + // HTML only + readonly fa = FA; + // comments$: BehaviorSubject = new BehaviorSubject(null); + loading$: BehaviorSubject = new BehaviorSubject(true); + + columns: Array = [ + CommentColumns.COMMENT_ID, CommentColumns.TITLE, CommentColumns.DESCRIPTION, CommentColumns.RELATED_FINDINGS, CommentColumns.ACTIONS + ]; + dataSource: NbTreeGridDataSource; + + data: CommentEntry[] = []; + + getters: NbGetters = { + dataGetter: (node: CommentEntry) => node, + childrenGetter: (node: CommentEntry) => node.childEntries || undefined, + expandedGetter: (node: CommentEntry) => !!node.expanded, + }; + + constructor(private readonly pentestService: PentestService, + private dataSourceBuilder: NbTreeGridDataSourceBuilder, + private notificationService: NotificationService) { + this.dataSource = dataSourceBuilder.create(this.data, this.getters); } + ngOnInit(): void { + this.loadCommentsData(); + } + + loadCommentsData(): void { + this.pentestService.getCommentsByPentestId(this.pentestInfo$.getValue() ? this.pentestInfo$.getValue().id : '') + .pipe( + untilDestroyed(this), + filter(isNotNullOrUndefined), + tap(() => this.loading$.next(true)) + ) + .subscribe({ + next: (comments: Comment[]) => { + this.data = transformCommentsToObjectiveEntries(comments); + this.dataSource.setData(this.data, this.getters); + this.loading$.next(false); + }, + error: err => { + console.log(err); + this.notificationService.showPopup('comment.popup.not.found', PopupType.FAILURE); + this.loading$.next(false); + } + }); + } + + onClickAddComment(): void { + console.info('Coming soon..'); + } + + onClickEditComment(comment): void { + console.info('Coming soon..'); + } + + onClickDeleteComment(comment): void { + console.info('Coming soon..'); + } + + // HTML only + isLoading(): Observable { + return this.loading$.asObservable(); + } +} + +enum CommentColumns { + COMMENT_ID = 'commentId', + TITLE = 'title', + DESCRIPTION = 'description', + RELATED_FINDINGS = 'relatedFindings', + ACTIONS = 'actions' } diff --git a/security-c4po-angular/src/app/pentest/pentest-content/pentest-content.component.html b/security-c4po-angular/src/app/pentest/pentest-content/pentest-content.component.html index 8f1b8f8..5a98ec8 100644 --- a/security-c4po-angular/src/app/pentest/pentest-content/pentest-content.component.html +++ b/security-c4po-angular/src/app/pentest/pentest-content/pentest-content.component.html @@ -8,7 +8,7 @@ - + diff --git a/security-c4po-angular/src/app/pentest/pentest-content/pentest-findings/pentest-findings.component.html b/security-c4po-angular/src/app/pentest/pentest-content/pentest-findings/pentest-findings.component.html index 6641145..38bfbd8 100644 --- a/security-c4po-angular/src/app/pentest/pentest-content/pentest-findings/pentest-findings.component.html +++ b/security-c4po-angular/src/app/pentest/pentest-content/pentest-findings/pentest-findings.component.html @@ -14,8 +14,17 @@ {{ finding.data['findingId'] || '-' }} - + + + {{ 'finding.severity' | translate }} + + + + + + + {{ 'finding.title' | translate }} @@ -24,7 +33,7 @@ - + {{ 'finding.impact' | translate }} @@ -32,15 +41,6 @@ {{ finding.data['impact'] }} - - - - {{ 'finding.severity' | translate }} - - - - - diff --git a/security-c4po-angular/src/app/pentest/pentest-content/pentest-findings/pentest-findings.component.scss b/security-c4po-angular/src/app/pentest/pentest-content/pentest-findings/pentest-findings.component.scss index 905609c..c4ec461 100644 --- a/security-c4po-angular/src/app/pentest/pentest-content/pentest-findings/pentest-findings.component.scss +++ b/security-c4po-angular/src/app/pentest/pentest-content/pentest-findings/pentest-findings.component.scss @@ -13,6 +13,11 @@ background-color: nb-theme(color-basic-transparent-focus); } + .cell-severity { + width: 125px; + max-width: 125px; + } + .cell-actions { width: max-content; max-width: 180px; diff --git a/security-c4po-angular/src/app/pentest/pentest-content/pentest-findings/pentest-findings.component.ts b/security-c4po-angular/src/app/pentest/pentest-content/pentest-findings/pentest-findings.component.ts index de8aa08..70bc6e7 100644 --- a/security-c4po-angular/src/app/pentest/pentest-content/pentest-findings/pentest-findings.component.ts +++ b/security-c4po-angular/src/app/pentest/pentest-content/pentest-findings/pentest-findings.component.ts @@ -3,11 +3,12 @@ import {PentestService} from '@shared/services/pentest.service'; import {BehaviorSubject, Observable, of} from 'rxjs'; import {Pentest} from '@shared/models/pentest.model'; import {UntilDestroy, untilDestroyed} from '@ngneat/until-destroy'; -import {tap} from 'rxjs/operators'; +import {filter, tap} from 'rxjs/operators'; import {NotificationService, PopupType} from '@shared/services/notification.service'; import {Finding, FindingEntry, transformFindingsToObjectiveEntries} from '@shared/models/finding.model'; import {NbGetters, NbTreeGridDataSource, NbTreeGridDataSourceBuilder} from '@nebular/theme'; import * as FA from '@fortawesome/free-solid-svg-icons'; +import {isNotNullOrUndefined} from 'codelyzer/util/isNotNullOrUndefined'; @UntilDestroy() @Component({ @@ -26,7 +27,7 @@ export class PentestFindingsComponent implements OnInit { loading$: BehaviorSubject = new BehaviorSubject(true); columns: Array = [ - FindingColumns.FINDING_ID, FindingColumns.TITLE, FindingColumns.IMPACT, FindingColumns.SEVERITY, FindingColumns.ACTIONS + FindingColumns.FINDING_ID, FindingColumns.SEVERITY, FindingColumns.TITLE, FindingColumns.IMPACT, FindingColumns.ACTIONS ]; dataSource: NbTreeGridDataSource; @@ -45,7 +46,6 @@ export class PentestFindingsComponent implements OnInit { } ngOnInit(): void { - console.warn('Selected Pentest: ', this.pentestInfo$.getValue()); this.loadFindingsData(); } @@ -53,6 +53,7 @@ export class PentestFindingsComponent implements OnInit { this.pentestService.getFindingsByPentestId(this.pentestInfo$.getValue() ? this.pentestInfo$.getValue().id : '') .pipe( untilDestroyed(this), + filter(isNotNullOrUndefined), tap(() => this.loading$.next(true)) ) .subscribe({ @@ -89,8 +90,8 @@ export class PentestFindingsComponent implements OnInit { enum FindingColumns { FINDING_ID = 'findingId', + SEVERITY = 'severity', TITLE = 'title', IMPACT = 'impact', - SEVERITY = 'severity', ACTIONS = 'actions' } diff --git a/security-c4po-angular/src/assets/i18n/de-DE.json b/security-c4po-angular/src/assets/i18n/de-DE.json index e5cb369..16dbf2f 100644 --- a/security-c4po-angular/src/assets/i18n/de-DE.json +++ b/security-c4po-angular/src/assets/i18n/de-DE.json @@ -90,11 +90,20 @@ }, "finding": { "findingId": "Fund Id", - "title": "Title", + "title": "Titel", "impact": "Auswirkung", "severity": "Schwere", "add": "Fund hinzufügen", - "no.findings": "Keine Funde verfügbar" + "no.findings": "Keine Funde verfügbar", + "popup": { + "not.found": "Keine Funde gefunden", + "save.success": "Fund erfolgreich gespeichert", + "save.failed": "Fund konnte nicht gespeichert werden", + "update.success": "Fund erfolgreich aktualisiert", + "update.failed": "Fund konnte nicht aktualisiert werden", + "delete.success": "Fund erfolgreich gelöscht", + "delete.failed": "Fund konnte nicht gelöscht werden" + } }, "severities": { "low": "Niedrig", @@ -102,6 +111,24 @@ "high": "Hoch", "critical": "Kritisch" }, + "comment": { + "commentId": "Kommentar Id", + "title": "Titel", + "description": "Beschreibung", + "relatedFindings": "Verwandte Funde", + "add": "Kommentar hinzufügen", + "no.relatedFindings": "Nicht verbunden mit Fund", + "no.comments": "Keine Kommentare verfügbar", + "popup": { + "not.found": "Keine Kommentare gefunden", + "save.success": "Kommentar erfolgreich gespeichert", + "save.failed": "Kommentar konnte nicht gespeichert werden", + "update.success": "Kommentar erfolgreich aktualisiert", + "update.failed": "Kommentar konnte nicht aktualisiert werden", + "delete.success": "Kommentar erfolgreich gelöscht", + "delete.failed": "Kommentar konnte nicht gelöscht werden" + } + }, "pentest": { "testId": "Nr.", "title": "Titel", diff --git a/security-c4po-angular/src/assets/i18n/en-US.json b/security-c4po-angular/src/assets/i18n/en-US.json index b56656a..a3a4d1f 100644 --- a/security-c4po-angular/src/assets/i18n/en-US.json +++ b/security-c4po-angular/src/assets/i18n/en-US.json @@ -90,11 +90,20 @@ }, "finding": { "findingId": "Finding Id", + "severity": "Severity", "title": "Title", "impact": "Impact", - "severity": "Severity", "add": "Add finding", - "no.findings": "No findings available" + "no.findings": "No findings available", + "popup": { + "not.found": "No finding found", + "save.success": "Finding saved successfully", + "save.failed": "Finding could not be saved", + "update.success": "Finding updated successfully", + "update.failed": "Finding could not be updated", + "delete.success": "Finding deleted successfully", + "delete.failed": "Finding could not be deleted" + } }, "severities": { "low": "Low", @@ -102,6 +111,24 @@ "high": "High", "critical": "Critical" }, + "comment": { + "commentId": "Comment Id", + "title": "Title", + "description": "Description", + "relatedFindings": "Related Findings", + "add": "Add comment", + "no.comments": "No comments available", + "no.relatedFindings": "Not related to finding", + "popup": { + "not.found": "No comment found", + "save.success": "Comment saved successfully", + "save.failed": "Comment could not be saved", + "update.success": "Comment updated successfully", + "update.failed": "Comment could not be updated", + "delete.success": "Comment deleted successfully", + "delete.failed": "Comment could not be deleted" + } + }, "pentest": { "testId": "No.", "title": "Title", diff --git a/security-c4po-angular/src/shared/models/comment.model.ts b/security-c4po-angular/src/shared/models/comment.model.ts new file mode 100644 index 0000000..3fb3105 --- /dev/null +++ b/security-c4po-angular/src/shared/models/comment.model.ts @@ -0,0 +1,45 @@ +import {v4 as UUID} from 'uuid'; +import {Severity} from '@shared/models/severity.enum'; + +export class Comment { + id?: string; + title: string; + description?: string; + relatedFindings?: Array; + + constructor(title: string, + description: string, + id?: string, + relatedFindings?: Array) { + this.id = id ? id : UUID(); + this.title = title; + this.description = description; + this.relatedFindings = relatedFindings; + } +} + +export interface CommentEntry { + commentId: string; + title: string; + description: string; + relatedFindings: Array; + kind?: string; + childEntries?: []; + expanded?: boolean; +} + +export function transformCommentsToObjectiveEntries(findings: Comment[]): CommentEntry[] { + const findingEntries: CommentEntry[] = []; + findings.forEach((value: Comment) => { + findingEntries.push({ + commentId: value.id, + title: value.title, + description: value.description, + relatedFindings: value.relatedFindings, + kind: 'cell', + childEntries: null, + expanded: false + } as CommentEntry); + }); + return findingEntries; +} diff --git a/security-c4po-angular/src/shared/models/finding.model.ts b/security-c4po-angular/src/shared/models/finding.model.ts index 58e3db4..2c53345 100644 --- a/security-c4po-angular/src/shared/models/finding.model.ts +++ b/security-c4po-angular/src/shared/models/finding.model.ts @@ -3,27 +3,27 @@ import {Severity} from '@shared/models/severity.enum'; export class Finding { id?: string; + severity: Severity; title: string; description?: string; impact: string; - severity: Severity; affectedUrls?: Array; reproduction?: string; mitigation?: string; constructor(title: string, + severity: Severity, description: string, impact: string, - severity: Severity, reproduction: string, id?: string, affectedUrls?: Array, mitigation?: string) { this.id = id ? id : UUID(); + this.severity = severity; this.title = title; this.description = description; this.impact = impact; - this.severity = severity; this.affectedUrls = affectedUrls ? affectedUrls : null; this.reproduction = reproduction; this.mitigation = mitigation ? mitigation : null; @@ -32,9 +32,9 @@ export class Finding { export interface FindingEntry { findingId: string; + severity: Severity; title: string; impact: string; - severity: Severity; kind?: string; childEntries?: []; expanded?: boolean; @@ -45,9 +45,9 @@ export function transformFindingsToObjectiveEntries(findings: Finding[]): Findin findings.forEach((value: Finding) => { findingEntries.push({ findingId: value.id, + severity: value.severity, title: value.title, impact: value.impact, - severity: value.severity, kind: 'cell', childEntries: null, expanded: false diff --git a/security-c4po-angular/src/shared/services/pentest.service.ts b/security-c4po-angular/src/shared/services/pentest.service.ts index a852a96..a7df8f1 100644 --- a/security-c4po-angular/src/shared/services/pentest.service.ts +++ b/security-c4po-angular/src/shared/services/pentest.service.ts @@ -10,6 +10,7 @@ import {catchError, map, switchMap} from 'rxjs/operators'; import {getTempPentestsForCategory} from '@shared/functions/categories/get-temp-pentests-for-category.function'; import {Finding} from '@shared/models/finding.model'; import {Severity} from '@shared/models/severity.enum'; +import {Comment} from '@shared/models/comment.model'; @Injectable({ providedIn: 'root' @@ -92,4 +93,32 @@ export class PentestService { ]); } } + + /** + * Get Comments for Pentest Id + * @param pentestId the id of the project + */ + public getCommentsByPentestId(pentestId: string): Observable { + console.warn('Comments for:', pentestId); + if (pentestId) { + return this.http.get(`${this.apiBaseURL}/${pentestId}/comments`); + } else { + // return of([]); + // Todo: Remove mocked Comments + return of([ + { + id: 'ca96cc19-88ff-4874-8406-dc892620afd2', + title: 'This is a lit test finding ma brother', + description: 'fucked up a lot man. better fix it', + relatedFindings: ['ca96cc19-88ff-4874-8406-dc892620afd4'], + }, + { + id: 'ca96cc19-88ff-4874-8406-dc892620afd4', + title: 'This is a lit test finding ma brother', + description: 'fucked up a lot man. better fix it', + relatedFindings: [], + } + ]); + } + } } diff --git a/security-c4po-api/src/main/kotlin/comment/Comment.kt b/security-c4po-api/src/main/kotlin/comment/Comment.kt new file mode 100644 index 0000000..d2d1a33 --- /dev/null +++ b/security-c4po-api/src/main/kotlin/comment/Comment.kt @@ -0,0 +1,12 @@ +package comment + +import org.springframework.data.mongodb.core.index.Indexed +import java.util.* + +data class Comment ( + @Indexed(background = true, unique = true) + val id: String = UUID.randomUUID().toString(), + val title: String, + val description: String, + val relatedFindings: List? = emptyList() +) diff --git a/security-c4po-api/src/main/kotlin/comment/CommentEntity.kt b/security-c4po-api/src/main/kotlin/comment/CommentEntity.kt new file mode 100644 index 0000000..62c7e5f --- /dev/null +++ b/security-c4po-api/src/main/kotlin/comment/CommentEntity.kt @@ -0,0 +1,18 @@ +package comment + +import com.securityc4po.api.BaseEntity +import org.springframework.data.mongodb.core.mapping.Document + +@Document(collection = "comments") +open class CommentEntity( + data: Comment +) : BaseEntity(data) + +fun CommentEntity.toComment(): Comment { + return Comment( + this.data.id, + this.data.title, + this.data.description, + this.data.relatedFindings + ) +} diff --git a/security-c4po-api/src/main/kotlin/com/securityc4po/api/pentest/Finding.kt b/security-c4po-api/src/main/kotlin/finding/Finding.kt similarity index 91% rename from security-c4po-api/src/main/kotlin/com/securityc4po/api/pentest/Finding.kt rename to security-c4po-api/src/main/kotlin/finding/Finding.kt index f44255f..480676d 100644 --- a/security-c4po-api/src/main/kotlin/com/securityc4po/api/pentest/Finding.kt +++ b/security-c4po-api/src/main/kotlin/finding/Finding.kt @@ -1,4 +1,4 @@ -package com.securityc4po.api.pentest +package finding import org.springframework.data.mongodb.core.index.Indexed import java.util.* @@ -6,10 +6,10 @@ import java.util.* data class Finding ( @Indexed(background = true, unique = true) val id: String = UUID.randomUUID().toString(), + val severity: Severity, val title: String, val description: String, val impact: String, - val severity: Severity, val affectedUrls: List? = emptyList(), val reproduction: String, val mitigation: String diff --git a/security-c4po-api/src/main/kotlin/finding/FindingEntity.kt b/security-c4po-api/src/main/kotlin/finding/FindingEntity.kt new file mode 100644 index 0000000..805e373 --- /dev/null +++ b/security-c4po-api/src/main/kotlin/finding/FindingEntity.kt @@ -0,0 +1,23 @@ +package finding + +import com.securityc4po.api.BaseEntity +import comment.Comment +import org.springframework.data.mongodb.core.mapping.Document + +@Document(collection = "findings") +open class FindingEntity( + data: Finding +) : BaseEntity(data) + +fun FindingEntity.toFinding(): Finding { + return finding.Finding( + this.data.id, + this.data.severity, + this.data.title, + this.data.description, + this.data.impact, + this.data.affectedUrls, + this.data.reproduction, + this.data.mitigation + ) +} diff --git a/security-c4po-api/src/main/kotlin/com/securityc4po/api/pentest/Severity.kt b/security-c4po-api/src/main/kotlin/finding/Severity.kt similarity index 65% rename from security-c4po-api/src/main/kotlin/com/securityc4po/api/pentest/Severity.kt rename to security-c4po-api/src/main/kotlin/finding/Severity.kt index 31d337f..56c5cdb 100644 --- a/security-c4po-api/src/main/kotlin/com/securityc4po/api/pentest/Severity.kt +++ b/security-c4po-api/src/main/kotlin/finding/Severity.kt @@ -1,4 +1,4 @@ -package com.securityc4po.api.pentest +package finding enum class Severity { LOW,