STRLCPY/bearer

feat: change risk data structure
vjerci committed 1 year ago

26c7682f

1 parent 48716b86

Revision indexing in progress... (symbol navigation in revisions will be accurate after indexed)

■ ■ ■ ■ ■ ■

pkg/report/output/dataflow/risks/risks.go

		skipped 31 lines
32	32		}
33	33
34	34		type lineHolder struct {
35		-	lineNumber int
	35	+	lineNumber int
	36	+	parent map[string]parentHolder // group detections by parent
	37	+	}
	38	+
	39	+	type parentHolder struct {
	40	+	name string
	41	+	parent *schema.Parent
36	42		dataTypeCategory map[string]dataTypeCategoryHolder // group detections by datatype category
37	43		}
38	44
39	45		type dataTypeCategoryHolder struct {
40	46		name string
41	47		category string
42		-	parent *schema.Parent
43	48		dataType map[string]dataTypeHolder
44	49		}
45	50
46	51		type dataTypeHolder struct {
47		-	parent *schema.Parent
48	52		content *string
49	53		fieldName *string
50	54		objectName *string
		skipped 84 lines
135	139		// create line number entry if it doesn't exist
136	140		if _, exists := file.lineNumber[lineNumber]; !exists {
137	141		file.lineNumber[lineNumber] = lineHolder{
138		-	lineNumber: lineNumber,
	142	+	lineNumber: lineNumber,
	143	+	parent: make(map[string]parentHolder),
	144	+	}
	145	+	}
	146	+
	147	+	line := file.lineNumber[lineNumber]
	148	+	// create datatype parent entry if it doesn't exist
	149	+	parentKey := "undefined_parent"
	150	+	if schema.Parent != nil {
	151	+	parentKey = schema.Parent.Content
	152	+	}
	153	+
	154	+	if _, exists := line.parent[parentKey]; !exists {
	155	+	line.parent[parentKey] = parentHolder{
	156	+	name: parentKey,
	157	+	parent: schema.Parent,
139	158		dataTypeCategory: make(map[string]dataTypeCategoryHolder),
140	159		}
141	160		}
142	161
143		-	line := file.lineNumber[lineNumber]
144		-	// create datatype category entry if it doesn't exist
145		-	if _, exists := line.dataTypeCategory[datatype.Name]; !exists {
	162	+	parent := line.parent[parentKey]
	163	+	// create datatype category if it doesn't exist
	164	+	if _, exists := parent.dataTypeCategory[datatype.Name]; !exists {
146	165		categoryToAdd := dataTypeCategoryHolder{
147	166		name: datatype.Name,
148	167		category: category,
149	168		dataType: make(map[string]dataTypeHolder),
150	169		}
151	170
152		-	if category == "presence" {
153		-	categoryToAdd.parent = schema.Parent
154		-	}
155		-
156		-	line.dataTypeCategory[datatype.Name] = categoryToAdd
	171	+	parent.dataTypeCategory[datatype.Name] = categoryToAdd
157	172		}
158	173
159	174		if category == "datatype" {
160		-	datatypeCategory := line.dataTypeCategory[datatype.Name]
	175	+	datatypeCategory := parent.dataTypeCategory[datatype.Name]
161	176		datatypeKey := schema.FieldName + schema.ObjectName
162	177		// create datatype if it doesn't exists
163	178		if _, exists := datatypeCategory.dataType[datatypeKey]; !exists {
164	179		datatypeCategory.dataType[datatypeKey] = dataTypeHolder{
165		-	parent: schema.Parent,
166	180		fieldName: &schema.FieldName,
167	181		objectName: &schema.ObjectName,
168	182		subjectName: subjectName,
		skipped 20 lines
189	203		for _, file := range maputil.ToSortedSlice(detector.files) {
190	204
191	205		for _, line := range maputil.ToSortedSlice(file.lineNumber) {
192		-	location := types.RiskLocation{
193		-	Filename: file.name,
194		-	LineNumber: line.lineNumber,
195		-	}
196	206
197		-	for _, dataTypeCategory := range maputil.ToSortedSlice(line.dataTypeCategory) {
198		-	category := types.RiskDatatypeCategory{
199		-	Name: dataTypeCategory.name,
200		-	Category: dataTypeCategory.category,
201		-	}
	207	+	for _, parent := range maputil.ToSortedSlice(line.parent) {
202	208
203		-	if category.Category == categoryPresence {
204		-	category.Parent = dataTypeCategory.parent
205		-	category.Stored = &stored
	209	+	location := types.RiskLocation{
	210	+	Filename: file.name,
	211	+	LineNumber: line.lineNumber,
	212	+	Parent: parent.parent,
206	213		}
207	214
208		-	for _, dataType := range maputil.ToSortedSlice(dataTypeCategory.dataType) {
209		-	riskDatatype := types.RiskDatatype{
210		-	Parent: dataType.parent,
211		-	SubjectName: dataType.subjectName,
212		-	Stored: stored,
	215	+	for _, dataTypeCategory := range maputil.ToSortedSlice(parent.dataTypeCategory) {
	216	+	match := types.RiskMatch{
	217	+	Name: dataTypeCategory.name,
	218	+	Category: dataTypeCategory.category,
213	219		}
214	220
215		-	if dataType.fieldName != nil {
216		-	riskDatatype.FieldName = *dataType.fieldName
	221	+	if match.Category == categoryPresence {
	222	+	match.Stored = &stored
217	223		}
218		-	if dataType.objectName != nil {
219		-	riskDatatype.ObjectName = *dataType.objectName
	224	+
	225	+	for _, dataType := range maputil.ToSortedSlice(dataTypeCategory.dataType) {
	226	+	riskDatatype := types.RiskDatatype{
	227	+	SubjectName: dataType.subjectName,
	228	+	Stored: stored,
	229	+	}
	230	+
	231	+	if dataType.fieldName != nil {
	232	+	riskDatatype.FieldName = *dataType.fieldName
	233	+	}
	234	+	if dataType.objectName != nil {
	235	+	riskDatatype.ObjectName = *dataType.objectName
	236	+	}
	237	+
	238	+	match.DataTypes = append(match.DataTypes, riskDatatype)
220	239		}
221	240
222		-	category.DataTypes = append(category.DataTypes, riskDatatype)
	241	+	location.Matches = append(location.Matches, match)
223	242		}
224	243
225		-	location.DataTypeCategories = append(location.DataTypeCategories, category)
	244	+	locations = append(locations, location)
226	245		}
227	246
228		-	locations = append(locations, location)
229	247		}
230	248
231	249		}
		skipped 28 lines

■ ■ ■ ■ ■ ■

pkg/report/output/dataflow/risks/risks_test.go

		skipped 42 lines
43	43		{
44	44		Filename: "./users.rb",
45	45		LineNumber: 25,
46		-	DataTypeCategories: []types.RiskDatatypeCategory{
	46	+	Matches: []types.RiskMatch{
47	47		{
48		-	Name: "Username",
	48	+	Category: "datatype",
	49	+	Name: "Username",
49	50		DataTypes: []types.RiskDatatype{
50	51		{
51	52		FieldName: "User_name",
		skipped 24 lines
76	77		{
77	78		Filename: "./users.rb",
78	79		LineNumber: 25,
79		-	DataTypeCategories: []types.RiskDatatypeCategory{
	80	+	Matches: []types.RiskMatch{
80	81		{
81		-	Name: "Username",
	82	+	Category: "datatype",
	83	+	Name: "Username",
82	84		DataTypes: []types.RiskDatatype{
83	85		{
84	86		FieldName: "User_name",
		skipped 17 lines
102	104		{
103	105		Filename: "./users.rb",
104	106		LineNumber: 25,
105		-	DataTypeCategories: []types.RiskDatatypeCategory{
	107	+	Matches: []types.RiskMatch{
106	108		{
107		-	Name: "Username",
	109	+	Category: "datatype",
	110	+	Name: "Username",
108	111		DataTypes: []types.RiskDatatype{
109	112		{
110	113		Stored: true,
		skipped 19 lines
130	133		{
131	134		Filename: "./users.rb",
132	135		LineNumber: 25,
133		-	DataTypeCategories: []types.RiskDatatypeCategory{
	136	+	Matches: []types.RiskMatch{
134	137		{
135		-	Name: "Username",
	138	+	Category: "datatype",
	139	+	Name: "Username",
136	140		DataTypes: []types.RiskDatatype{
137	141		{
138	142		FieldName: "User_name",
		skipped 18 lines
157	161		{
158	162		Filename: "./users.rb",
159	163		LineNumber: 25,
160		-	DataTypeCategories: []types.RiskDatatypeCategory{
	164	+	Matches: []types.RiskMatch{
161	165		{
162		-	Name: "Physical Address",
	166	+	Category: "datatype",
	167	+	Name: "Physical Address",
163	168		DataTypes: []types.RiskDatatype{
164	169		{
165	170		FieldName: "address",
		skipped 1 lines
167	172		},
168	173		},
169	174		{
170		-	Name: "Username",
	175	+	Category: "datatype",
	176	+	Name: "Username",
171	177		DataTypes: []types.RiskDatatype{
172	178		{
173	179		FieldName: "User_name",
		skipped 45 lines

■ ■ ■ ■ ■ ■

pkg/report/output/dataflow/types/risks.go

		skipped 7 lines
8	8		}
9	9
10	10		type RiskLocation struct {
11		-	Filename string `json:"filename" yaml:"filename"`
12		-	LineNumber int `json:"line_number" yaml:"line_number"`
13		-	DataTypeCategories []RiskDatatypeCategory `json:"categories,omitempty" yaml:"categories,omitempty"`
	11	+	Filename string `json:"filename" yaml:"filename"`
	12	+	LineNumber int `json:"line_number" yaml:"line_number"`
	13	+	Parent *schema.Parent `json:"parent,omitempty" yaml:"parent,omitempty"`
	14	+	Matches []RiskMatch `json:"matches,omitempty" yaml:"matches,omitempty"`
14	15		}
15	16
16		-	type RiskDatatypeCategory struct {
17		-	Category string `json:"category,omitempty" yaml:"category,omitempty"`
	17	+	type RiskMatch struct {
	18	+	Category string `json:"type,omitempty" yaml:"type,omitempty"`
18	19		Name string `json:"name,omitempty" yaml:"name,omitempty"`
19	20		DataTypes []RiskDatatype `json:"data_types,omitempty" yaml:"data_types,omitempty"`
20		-	Parent *schema.Parent `json:"parent,omitempty" yaml:"parent,omitempty"`
21	21		Stored *bool `json:"stored,omitempty" yaml:"stored,omitempty"`
22	22		}
23	23
24	24		type RiskDatatype struct {
25		-	Parent *schema.Parent `json:"parent,omitempty" yaml:"parent,omitempty"`
26		-	FieldName string `json:"field_name,omitempty" yaml:"field_name,omitempty"`
27		-	ObjectName string `json:"object_name,omitempty" yaml:"object_name,omitempty"`
28		-	SubjectName *string `json:"subject_name,omitempty" yaml:"subject_name,omitempty"`
29		-	Stored bool `json:"stored" yaml:"stored"`
	25	+	FieldName string `json:"field_name,omitempty" yaml:"field_name,omitempty"`
	26	+	ObjectName string `json:"object_name,omitempty" yaml:"object_name,omitempty"`
	27	+	SubjectName *string `json:"subject_name,omitempty" yaml:"subject_name,omitempty"`
	28	+	Stored bool `json:"stored" yaml:"stored"`
30	29		}
31	30

feat: change risk data structure