update

Author: manuel-sommer

dojo/tools/n0s1/parser.py

@@ -2,7 +2,6 @@
 import json
 
 from dojo.models import Finding
-from dojo.tools.parser_test import ParserTest
 
 
 class N0s1Parser:
@@ -15,45 +14,34 @@ def get_label_for_scan_types(self, scan_type):
     def get_description_for_scan_types(self, scan_type):
         return "JSON output from the n0s1 scanner."
 
-    def get_tests(self, scan_type, handle):
-        data = json.load(handle)
-        tests = []
-
-        # Determine sub-scanner type based on platform or regex_config
-        subscanner = "n0s1"
-        findings = data.get("findings", {})
-        platforms = {f.get("details", {}).get("platform", "") for f in findings.values()}
+    def detect_subscanner(self, data):
+        platforms = {f.get("details", {}).get("platform", "") for f in data.get("findings", {}).values()}
         if "Confluence" in platforms:
-            subscanner = "n0s1 Confluence"
-        elif "GitHub" in platforms:
-            subscanner = "n0s1 GitHub"
-        elif "GitLab" in platforms:
-            subscanner = "n0s1 GitLab"
-        # Add more platform checks as needed
-
-        test = ParserTest(
-            name=subscanner,
-            parser_type=subscanner,
-            version=data.get("tool", {}).get("version", ""),
-            description=f"Scan from {subscanner}",
-        )
+            return "n0s1 Confluence"
+        if "GitHub" in platforms:
+            return "n0s1 GitHub"
+        if "GitLab" in platforms:
+            return "n0s1 GitLab"
+        return "n0s1"
 
-        test.findings = self.get_findings_from_data(data, test)
-        tests.append(test)
-        return tests
+    def get_findings(self, scan_file, test):
+        data = json.load(scan_file)
+        subscanner = self.detect_subscanner(data)
+        if hasattr(test, "test_type") and test.test_type:
+            test.test_type.name = subscanner
+        test.description = f"Scan from {subscanner}"
+        return self.get_findings_from_data(data)
 
-    def get_findings_from_data(self, data, test):
+    def get_findings_from_data(self, data):
         dupes = {}
         regex_configs = {}
         if "regex_config" in data and "rules" in data["regex_config"]:
             for rule in data["regex_config"]["rules"]:
                 regex_configs[rule["id"]] = rule
-
         for finding_id, finding_data in data.get("findings", {}).items():
             details = finding_data.get("details", {})
             regex_ref = details.get("matched_regex_config", {})
             regex_id = regex_ref.get("id")
-
             regex_info = regex_configs.get(regex_id, {})
             merged_regex = {
                 "id": regex_id,
@@ -79,7 +67,6 @@ def get_findings_from_data(self, data, test):
                 continue
             finding = Finding(
                 title=title,
-                test=test,
                 description=description,
                 severity="High",
                 dynamic_finding=True,

unittests/tools/test_n0s1_parser.py

@@ -1,5 +1,7 @@
 
-from dojo.models import Test
+import json
+
+from dojo.models import Test, Test_Type
 from dojo.tools.n0s1.parser import N0s1Parser
 from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path
 
@@ -9,21 +11,20 @@ class TestN0s1Parser(DojoTestCase):
     def test_n0s1_parser_with_multiple_findings(self):
         with (get_unit_tests_scans_path("n0s1") / "many_findings.json").open(encoding="utf-8") as testfile:
             parser = N0s1Parser()
-            findings = parser.get_findings(testfile, Test())
+            test_type = Test_Type(name="n0s1 Scanner")
+            test = Test(test_type=test_type)
+            findings = parser.get_findings(testfile, test)
             self.assertEqual(17, len(findings))
             finding = findings[0]
             self.assertEqual(finding.title, "AWS")
             self.assertIsNotNone(finding.description)
             self.assertTrue(finding.dynamic_finding)
+            self.assertEqual(test.test_type.name, "n0s1 Confluence")
+            self.assertEqual(test.description, "Scan from n0s1 Confluence")
 
-    def test_n0s1_get_tests_returns_correct_subscanner(self):
+    def test_detect_subscanner_returns_correct_type(self):
         with (get_unit_tests_scans_path("n0s1") / "many_findings.json").open(encoding="utf-8") as testfile:
             parser = N0s1Parser()
-            tests = parser.get_tests("n0s1 Scanner", testfile)
-            self.assertEqual(1, len(tests))
-            test = tests[0]
-            self.assertEqual("n0s1 Confluence", test.name)
-            self.assertEqual("n0s1 Confluence", test.parser_type)
-            self.assertEqual("Scan from n0s1 Confluence", test.description)
-            self.assertEqual(17, len(test.findings))
-            self.assertTrue(all(f.dynamic_finding for f in test.findings))
+            data = json.load(testfile)
+            subscanner = parser.detect_subscanner(data)
+            self.assertEqual("n0s1 Confluence", subscanner)