Skip to content

Commit

Permalink
Merge pull request #18 from spark1security/ms/ticket-data-format-refa…
Browse files Browse the repository at this point in the history
…ctoring

Refactored ticket data format
  • Loading branch information
blupants authored Jun 24, 2024
2 parents 856ab12 + 3cb6262 commit 9305908
Show file tree
Hide file tree
Showing 7 changed files with 69 additions and 39 deletions.
5 changes: 3 additions & 2 deletions src/n0s1/controllers/asana_controller.py
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ def is_connected(self):

def get_data(self, include_coments=False, limit=None):
if not self._client:
return None, None, None, None, None
return {}

if workspaces := self._client.workspaces.get_workspaces():
for w in workspaces:
Expand All @@ -74,7 +74,8 @@ def get_data(self, include_coments=False, limit=None):
if s.get("type", "").lower() == "comment".lower():
comment = s.get("text", "")
comments.append(comment)
yield title, description, comments, url, task_gid
ticket = self.pack_data(title, description, comments, url, task_gid)
yield ticket

def post_comment(self, task_gid, comment):
if not self._client:
Expand Down
5 changes: 3 additions & 2 deletions src/n0s1/controllers/confluence_controller.py
Original file line number Diff line number Diff line change
Expand Up @@ -123,7 +123,7 @@ def is_connected(self):

def get_data(self, include_coments=False, limit=None):
if not self._client:
return None, None, None, None, None
return {}

space_start = 0
if not limit or limit < 0:
Expand Down Expand Up @@ -195,7 +195,8 @@ def get_data(self, include_coments=False, limit=None):
if len(comments_result) <= 0:
comments_finished = True

yield title, description, comments, url, page_id
ticket = self.pack_data(title, description, comments, url, page_id)
yield ticket

if len(pages) <= 0:
pages_finished = True
Expand Down
28 changes: 26 additions & 2 deletions src/n0s1/controllers/hollow_controller.py
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ def is_connected(self):
return False

def get_data(self, include_coments=False, limit=None):
return None, None, None, None, None
return {}

def post_comment(self, issue, comment):
return self.is_connected()
Expand All @@ -28,4 +28,28 @@ def log_message(self, message, level=logging.INFO):
if self.log_message_callback:
self.log_message_callback(message, level)
else:
print(message)
print(message)

def pack_data(self, title, description, comments, url, ticket_key):
ticket_data = {
"ticket": {
"title": {
"name": "title",
"data": title,
"data_type": "str"
},
"description": {
"name": "description",
"data": description,
"data_type": "str"
},
"comments": {
"name": "comments",
"data": comments,
"data_type": "list"
}
},
"url": url,
"issue_id": ticket_key
}
return ticket_data
5 changes: 3 additions & 2 deletions src/n0s1/controllers/jira_controller.py
Original file line number Diff line number Diff line change
Expand Up @@ -66,7 +66,7 @@ def is_connected(self):

def get_data(self, include_coments=False, limit=None):
if not self._client:
return None, None, None, None, None
return {}
start = 0
if not limit or limit < 0:
limit = 50
Expand Down Expand Up @@ -108,7 +108,8 @@ def get_data(self, include_coments=False, limit=None):
comments = []
time.sleep(1)

yield title, description, comments, url, issue.key
ticket = self.pack_data(title, description, comments, url, issue.key)
yield ticket

def post_comment(self, issue, comment):
if not self._client:
Expand Down
5 changes: 3 additions & 2 deletions src/n0s1/controllers/linear_controller.py
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ def is_connected(self):

def get_data(self, include_coments=False, limit=None):
if not self._client:
return None, None, None, None, None
return {}
for linear_data in self._client.get_issues_and_comments(20):
for edge in linear_data.get("data", {}).get("issues", {}).get("edges", []):
item = edge.get("node", {})
Expand All @@ -68,7 +68,8 @@ def get_data(self, include_coments=False, limit=None):
comment = node.get("body", "")
if len(comment) > 0:
comments.append(comment)
yield title, description, comments, url, issue_key
ticket = self.pack_data(title, description, comments, url, issue_key)
yield ticket

def post_comment(self, issue, comment):
if not self._client:
Expand Down
5 changes: 3 additions & 2 deletions src/n0s1/controllers/wrike_controller.py
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,7 @@ def is_connected(self):

def get_data(self, include_coments=False, limit=None):
if not self._client:
return None, None, None, None, None
return {}

t = Tasks(self._client, parameters={"fields": ["description"]})
response = t.query__tasks()
Expand Down Expand Up @@ -90,7 +90,8 @@ def get_data(self, include_coments=False, limit=None):
c_data = json_data.get("data", [])
for c in c_data:
comments.append(c.get("text", ""))
yield title, description, comments, url, task_id
ticket = self.pack_data(title, description, comments, url, task_id)
yield ticket

def post_comment(self, task_id, comment):
if not self._client:
Expand Down
55 changes: 28 additions & 27 deletions src/n0s1/n0s1.py
Original file line number Diff line number Diff line change
Expand Up @@ -406,11 +406,14 @@ def scan(regex_config, controller, scan_arguments):
scan_comment = scan_arguments.get("scan_comment", False)
post_comment = scan_arguments.get("post_comment", False)
limit = scan_arguments.get("limit", None)
for title, description, comments, url, issue_id in controller.get_data(scan_comment, limit):

for ticket in controller.get_data(scan_comment, limit):
issue_id = ticket.get("issue_id")
url = ticket.get("url")
if DEBUG:
log_message(f"Scanning [{issue_id}]: {url}")
ticket_data = {"title": title, "description": description, "comments": comments, "url": url,
"issue_id": issue_id}

comments = ticket.get("ticket", {}).get("comments", {}).get("data", [])
label = cfg.get("comment_params", {}).get("label", "")
post_comment_for_this_issue = post_comment
if post_comment_for_this_issue:
Expand All @@ -422,30 +425,28 @@ def scan(regex_config, controller, scan_arguments):
break
scan_arguments["post_comment"] = post_comment_for_this_issue

secret_found, scan_text_result = scan_text(regex_config, title)
scan_text_result["ticket_data"] = ticket_data
scan_text_result["ticket_data"]["field"] = "title"
scan_text_result["ticket_data"]["platform"] = controller.get_name()
scan_text_result["scan_arguments"] = scan_arguments
if secret_found:
report_leaked_secret(scan_text_result, controller)

secret_found, scan_text_result = scan_text(regex_config, description)
scan_text_result["ticket_data"] = ticket_data
scan_text_result["ticket_data"]["field"] = "description"
scan_text_result["ticket_data"]["platform"] = controller.get_name()
scan_text_result["scan_arguments"] = scan_arguments
if secret_found:
report_leaked_secret(scan_text_result, controller)

for comment in comments:
secret_found, scan_text_result = scan_text(regex_config, comment)
scan_text_result["ticket_data"] = ticket_data
scan_text_result["ticket_data"]["field"] = "comment"
scan_text_result["ticket_data"]["platform"] = controller.get_name()
scan_text_result["scan_arguments"] = scan_arguments
if secret_found:
report_leaked_secret(scan_text_result, controller)
for key in ticket.get("ticket", {}):
item = ticket.get("ticket", {}).get(key, {})
name = item.get("name", "")
data = item.get("data", None)
data_type = item.get("data_type", None)
if data_type and data_type.lower() == "str".lower():
if data:
scan_text_and_report_leaks(controller, data, name, regex_config, scan_arguments, ticket)
elif data_type:
for item_data in data:
if item_data:
scan_text_and_report_leaks(controller, item_data, name, regex_config, scan_arguments, ticket)


def scan_text_and_report_leaks(controller, data, name, regex_config, scan_arguments, ticket):
secret_found, scan_text_result = scan_text(regex_config, data)
scan_text_result["ticket_data"] = ticket
scan_text_result["ticket_data"]["field"] = name
scan_text_result["ticket_data"]["platform"] = controller.get_name()
scan_text_result["scan_arguments"] = scan_arguments
if secret_found:
report_leaked_secret(scan_text_result, controller)


def main(callback=None):
Expand Down

0 comments on commit 9305908

Please sign in to comment.