From 3cb6262be889c3f307aecf77cd2ee643909850a6 Mon Sep 17 00:00:00 2001 From: blupants Date: Sun, 23 Jun 2024 18:31:35 -0500 Subject: [PATCH] Refactored ticket data format --- src/n0s1/controllers/asana_controller.py | 5 +- src/n0s1/controllers/confluence_controller.py | 5 +- src/n0s1/controllers/hollow_controller.py | 28 +++++++++- src/n0s1/controllers/jira_controller.py | 5 +- src/n0s1/controllers/linear_controller.py | 5 +- src/n0s1/controllers/wrike_controller.py | 5 +- src/n0s1/n0s1.py | 55 ++++++++++--------- 7 files changed, 69 insertions(+), 39 deletions(-) diff --git a/src/n0s1/controllers/asana_controller.py b/src/n0s1/controllers/asana_controller.py index f5f3b6c..ab01fdf 100644 --- a/src/n0s1/controllers/asana_controller.py +++ b/src/n0s1/controllers/asana_controller.py @@ -53,7 +53,7 @@ def is_connected(self): def get_data(self, include_coments=False, limit=None): if not self._client: - return None, None, None, None, None + return {} if workspaces := self._client.workspaces.get_workspaces(): for w in workspaces: @@ -74,7 +74,8 @@ def get_data(self, include_coments=False, limit=None): if s.get("type", "").lower() == "comment".lower(): comment = s.get("text", "") comments.append(comment) - yield title, description, comments, url, task_gid + ticket = self.pack_data(title, description, comments, url, task_gid) + yield ticket def post_comment(self, task_gid, comment): if not self._client: diff --git a/src/n0s1/controllers/confluence_controller.py b/src/n0s1/controllers/confluence_controller.py index b2c673d..22b2930 100644 --- a/src/n0s1/controllers/confluence_controller.py +++ b/src/n0s1/controllers/confluence_controller.py @@ -123,7 +123,7 @@ def is_connected(self): def get_data(self, include_coments=False, limit=None): if not self._client: - return None, None, None, None, None + return {} space_start = 0 if not limit or limit < 0: @@ -195,7 +195,8 @@ def get_data(self, include_coments=False, limit=None): if len(comments_result) <= 0: comments_finished = True - yield title, description, comments, url, page_id + ticket = self.pack_data(title, description, comments, url, page_id) + yield ticket if len(pages) <= 0: pages_finished = True diff --git a/src/n0s1/controllers/hollow_controller.py b/src/n0s1/controllers/hollow_controller.py index cd3c7c8..7a5898e 100644 --- a/src/n0s1/controllers/hollow_controller.py +++ b/src/n0s1/controllers/hollow_controller.py @@ -19,7 +19,7 @@ def is_connected(self): return False def get_data(self, include_coments=False, limit=None): - return None, None, None, None, None + return {} def post_comment(self, issue, comment): return self.is_connected() @@ -28,4 +28,28 @@ def log_message(self, message, level=logging.INFO): if self.log_message_callback: self.log_message_callback(message, level) else: - print(message) \ No newline at end of file + print(message) + + def pack_data(self, title, description, comments, url, ticket_key): + ticket_data = { + "ticket": { + "title": { + "name": "title", + "data": title, + "data_type": "str" + }, + "description": { + "name": "description", + "data": description, + "data_type": "str" + }, + "comments": { + "name": "comments", + "data": comments, + "data_type": "list" + } + }, + "url": url, + "issue_id": ticket_key + } + return ticket_data diff --git a/src/n0s1/controllers/jira_controller.py b/src/n0s1/controllers/jira_controller.py index 5eee0d7..198c0f9 100644 --- a/src/n0s1/controllers/jira_controller.py +++ b/src/n0s1/controllers/jira_controller.py @@ -66,7 +66,7 @@ def is_connected(self): def get_data(self, include_coments=False, limit=None): if not self._client: - return None, None, None, None, None + return {} start = 0 if not limit or limit < 0: limit = 50 @@ -108,7 +108,8 @@ def get_data(self, include_coments=False, limit=None): comments = [] time.sleep(1) - yield title, description, comments, url, issue.key + ticket = self.pack_data(title, description, comments, url, issue.key) + yield ticket def post_comment(self, issue, comment): if not self._client: diff --git a/src/n0s1/controllers/linear_controller.py b/src/n0s1/controllers/linear_controller.py index 9080786..103199d 100644 --- a/src/n0s1/controllers/linear_controller.py +++ b/src/n0s1/controllers/linear_controller.py @@ -54,7 +54,7 @@ def is_connected(self): def get_data(self, include_coments=False, limit=None): if not self._client: - return None, None, None, None, None + return {} for linear_data in self._client.get_issues_and_comments(20): for edge in linear_data.get("data", {}).get("issues", {}).get("edges", []): item = edge.get("node", {}) @@ -68,7 +68,8 @@ def get_data(self, include_coments=False, limit=None): comment = node.get("body", "") if len(comment) > 0: comments.append(comment) - yield title, description, comments, url, issue_key + ticket = self.pack_data(title, description, comments, url, issue_key) + yield ticket def post_comment(self, issue, comment): if not self._client: diff --git a/src/n0s1/controllers/wrike_controller.py b/src/n0s1/controllers/wrike_controller.py index 038eb4b..f25bd05 100644 --- a/src/n0s1/controllers/wrike_controller.py +++ b/src/n0s1/controllers/wrike_controller.py @@ -59,7 +59,7 @@ def is_connected(self): def get_data(self, include_coments=False, limit=None): if not self._client: - return None, None, None, None, None + return {} t = Tasks(self._client, parameters={"fields": ["description"]}) response = t.query__tasks() @@ -90,7 +90,8 @@ def get_data(self, include_coments=False, limit=None): c_data = json_data.get("data", []) for c in c_data: comments.append(c.get("text", "")) - yield title, description, comments, url, task_id + ticket = self.pack_data(title, description, comments, url, task_id) + yield ticket def post_comment(self, task_id, comment): if not self._client: diff --git a/src/n0s1/n0s1.py b/src/n0s1/n0s1.py index 138892d..f7d43de 100755 --- a/src/n0s1/n0s1.py +++ b/src/n0s1/n0s1.py @@ -406,11 +406,14 @@ def scan(regex_config, controller, scan_arguments): scan_comment = scan_arguments.get("scan_comment", False) post_comment = scan_arguments.get("post_comment", False) limit = scan_arguments.get("limit", None) - for title, description, comments, url, issue_id in controller.get_data(scan_comment, limit): + + for ticket in controller.get_data(scan_comment, limit): + issue_id = ticket.get("issue_id") + url = ticket.get("url") if DEBUG: log_message(f"Scanning [{issue_id}]: {url}") - ticket_data = {"title": title, "description": description, "comments": comments, "url": url, - "issue_id": issue_id} + + comments = ticket.get("ticket", {}).get("comments", {}).get("data", []) label = cfg.get("comment_params", {}).get("label", "") post_comment_for_this_issue = post_comment if post_comment_for_this_issue: @@ -422,30 +425,28 @@ def scan(regex_config, controller, scan_arguments): break scan_arguments["post_comment"] = post_comment_for_this_issue - secret_found, scan_text_result = scan_text(regex_config, title) - scan_text_result["ticket_data"] = ticket_data - scan_text_result["ticket_data"]["field"] = "title" - scan_text_result["ticket_data"]["platform"] = controller.get_name() - scan_text_result["scan_arguments"] = scan_arguments - if secret_found: - report_leaked_secret(scan_text_result, controller) - - secret_found, scan_text_result = scan_text(regex_config, description) - scan_text_result["ticket_data"] = ticket_data - scan_text_result["ticket_data"]["field"] = "description" - scan_text_result["ticket_data"]["platform"] = controller.get_name() - scan_text_result["scan_arguments"] = scan_arguments - if secret_found: - report_leaked_secret(scan_text_result, controller) - - for comment in comments: - secret_found, scan_text_result = scan_text(regex_config, comment) - scan_text_result["ticket_data"] = ticket_data - scan_text_result["ticket_data"]["field"] = "comment" - scan_text_result["ticket_data"]["platform"] = controller.get_name() - scan_text_result["scan_arguments"] = scan_arguments - if secret_found: - report_leaked_secret(scan_text_result, controller) + for key in ticket.get("ticket", {}): + item = ticket.get("ticket", {}).get(key, {}) + name = item.get("name", "") + data = item.get("data", None) + data_type = item.get("data_type", None) + if data_type and data_type.lower() == "str".lower(): + if data: + scan_text_and_report_leaks(controller, data, name, regex_config, scan_arguments, ticket) + elif data_type: + for item_data in data: + if item_data: + scan_text_and_report_leaks(controller, item_data, name, regex_config, scan_arguments, ticket) + + +def scan_text_and_report_leaks(controller, data, name, regex_config, scan_arguments, ticket): + secret_found, scan_text_result = scan_text(regex_config, data) + scan_text_result["ticket_data"] = ticket + scan_text_result["ticket_data"]["field"] = name + scan_text_result["ticket_data"]["platform"] = controller.get_name() + scan_text_result["scan_arguments"] = scan_arguments + if secret_found: + report_leaked_secret(scan_text_result, controller) def main(callback=None):