diff --git a/pkg/report/output/dataflow/paths/paths.go b/pkg/report/output/dataflow/paths/paths.go index 3f524eb82..ebfeb2d1f 100644 --- a/pkg/report/output/dataflow/paths/paths.go +++ b/pkg/report/output/dataflow/paths/paths.go @@ -33,6 +33,7 @@ func (holder *Holder) AddOperation(detectorType detectors.Type, detection operat detection.Source.Filename, fullFilename, *detection.Source.StartLineNumber, + detection.Value.Type, detection.Value.Path, urls, ) @@ -43,6 +44,7 @@ func (holder *Holder) addPath( fileName string, fullFilename string, lineNumber int, + httpMethod string, path string, urls []string, ) { @@ -59,6 +61,7 @@ func (holder *Holder) addPath( FullFilename: fullFilename, FullName: fileName, LineNumber: &lineNumber, + HttpMethod: httpMethod, Path: path, Urls: urls, }) diff --git a/pkg/report/output/dataflow/paths/paths_test.go b/pkg/report/output/dataflow/paths/paths_test.go new file mode 100644 index 000000000..6795e7f7d --- /dev/null +++ b/pkg/report/output/dataflow/paths/paths_test.go @@ -0,0 +1,85 @@ +package paths_test + +import ( + "os" + "testing" + + "github.com/stretchr/testify/assert" + + "github.com/bearer/bearer/pkg/commands/process/settings" + "github.com/bearer/bearer/pkg/report/output/dataflow" + "github.com/bearer/bearer/pkg/report/output/dataflow/types" + "github.com/bearer/bearer/pkg/report/output/detectors" + outputtypes "github.com/bearer/bearer/pkg/report/output/types" + globaltypes "github.com/bearer/bearer/pkg/types" +) + +func TestDataflowPaths(t *testing.T) { + config := settings.Config{} + var lineNumber *int = new(int) + *lineNumber = 558 + + testCases := []struct { + Name string + Config settings.Config + FileContent string + Want []types.Path + }{ + { + Name: "OpenAPI paths", + Config: config, + FileContent: `{ "detector_type": "openapi", "source": { "end_column_number": 8, "end_line_number": 558, "filename": "testdata/v3yaml/petstore-openapi.yaml", "full_filename": "", "language": "YAML", "language_type": "data", "start_column_number": 5, "start_line_number": 558, "text": "get" }, "type": "operation", "value": { "path": "/user/*", "type": "GET", "url": [ { "url": "{protocol}://api.example.com", "variables": [ { "Name": "protocol", "Values": [ "http", "https" ] } ] }, { "url": "https://{environment}.example.com/v2", "variables": [ { "Name": "environment", "Values": [ "api", "api.dev", "api.staging" ] } ] }, { "url": "{server}/v1", "variables": [ { "Name": "server", "Values": [ "https://api.example.com" ] } ] } ] } }`, + Want: []types.Path{ + { + DetectorName: "openapi", + Detections: []*types.Detection{ + { + FullFilename: "testdata/v3yaml/petstore-openapi.yaml", + FullName: "testdata/v3yaml/petstore-openapi.yaml", + LineNumber: lineNumber, + Path: "/user/*", + HttpMethod: "GET", + Urls: []string{ + "{protocol}://api.example.com", + "https://{environment}.example.com/v2", + "{server}/v1", + }, + }, + }, + }, + }, + }, + } + + for _, test := range testCases { + t.Run(test.Name, func(t *testing.T) { + file, err := os.CreateTemp("", "*test.jsonlines") + if err != nil { + t.Fatalf("failed to create tmp file for report %s", err) + return + } + defer os.Remove(file.Name()) + _, err = file.Write([]byte(test.FileContent)) + if err != nil { + t.Fatalf("failed to write to tmp file %s", err) + return + } + file.Close() + + output := &outputtypes.ReportData{} + if err = detectors.AddReportData(output, globaltypes.Report{ + Path: file.Name(), + }, test.Config); err != nil { + t.Fatalf("failed to get detectors output %s", err) + return + } + + if err = dataflow.AddReportData(output, test.Config, false, true); err != nil { + t.Fatalf("failed to get dataflow output %s", err) + return + } + + assert.Equal(t, test.Want, output.Dataflow.Paths) + }) + } +} diff --git a/pkg/report/output/dataflow/types/paths.go b/pkg/report/output/dataflow/types/paths.go index 43a919d7b..0a18236c0 100644 --- a/pkg/report/output/dataflow/types/paths.go +++ b/pkg/report/output/dataflow/types/paths.go @@ -9,6 +9,7 @@ type Detection struct { FullFilename string `json:"full_filename" yaml:"full_filename"` FullName string `json:"full_name" yaml:"full_name"` LineNumber *int `json:"line_number" yaml:"line_number"` - Path string `json:"path" yam:"path"` + Path string `json:"path" yaml:"path"` + HttpMethod string `json:"http_method" yaml:"http_method"` Urls []string `json:"urls" yaml:"urls"` }