Skip to content

Commit 3d8648c

Browse files
committed
Add includeBase64Images query param to assessments API endpoints
- Adds ?includeBase64Images=true to bypass image processing by default - Default behavior (false) returns links to Faction images instead of inline base64 - Applies to 7 endpoints: queue, get, vulns, history, vuln, completed, condensed
1 parent 7eef657 commit 3d8648c

3 files changed

Lines changed: 50 additions & 23 deletions

File tree

pom.xml.releaseBackup

Lines changed: 9 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -2,15 +2,15 @@
22
<modelVersion>4.0.0</modelVersion>
33
<groupId>org.faction</groupId>
44
<artifactId>faction</artifactId>
5-
<version>1.7.7-SNAPSHOT</version>
5+
<version>1.8.4-SNAPSHOT</version>
66
<packaging>war</packaging>
77
<name>Faction</name>
88
<scm>
99
<url>https://github.com/factionsecurity/faction.git</url>
1010
<connection>scm:git:https://github.com/factionsecurity/faction.git</connection>
1111
<developerConnection>
1212
scm:git:https://github.com/factionsecurity/faction.git</developerConnection>
13-
<tag>1.7.5</tag>
13+
<tag>1.8.3</tag>
1414
</scm>
1515
<properties>
1616
<aws.java.sdk.version>2.18.16</aws.java.sdk.version>
@@ -102,7 +102,7 @@
102102
<dependency>
103103
<groupId>org.apache.logging.log4j</groupId>
104104
<artifactId>log4j-core</artifactId>
105-
<version>2.21.1</version>
105+
<version>2.25.4</version>
106106
</dependency>
107107
<dependency>
108108
<groupId>javax.servlet</groupId>
@@ -459,6 +459,12 @@
459459
<version>3.10.0</version>
460460
<scope>test</scope>
461461
</dependency>
462+
<dependency>
463+
<groupId>org.testcontainers</groupId>
464+
<artifactId>mongodb</artifactId>
465+
<version>1.20.4</version>
466+
<scope>test</scope>
467+
</dependency>
462468
<dependency>
463469
<groupId>org.projectlombok</groupId>
464470
<artifactId>lombok</artifactId>

release.properties

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,14 @@
11
#release configuration
2-
#Wed Mar 11 01:07:30 CDT 2026
2+
#Wed May 06 16:29:25 CDT 2026
33
projectVersionPolicyId=default
44
scm.branchCommitComment=@{prefix} prepare branch @{releaseLabel}
5-
project.scm.org.faction\:faction.tag=1.7.5
5+
project.scm.org.faction\:faction.tag=1.8.3
66
pinExternals=false
77
projectVersionPolicyConfig=<projectVersionPolicyConfig>${projectVersionPolicyConfig}</projectVersionPolicyConfig>\n
88
exec.activateProfiles=github
99
pushChanges=true
10-
project.dev.org.faction\:faction=1.7.8-SNAPSHOT
11-
project.rel.org.faction\:faction=1.7.7
10+
project.dev.org.faction\:faction=1.8.5-SNAPSHOT
11+
project.rel.org.faction\:faction=1.8.4
1212
scm.rollbackCommitComment=@{prefix} rollback the release of @{releaseLabel}
1313
remoteTagging=true
1414
scm.commentPrefix=[maven-release-plugin]
@@ -20,7 +20,7 @@ scm.developmentCommitComment=@{prefix} prepare for next development iteration
2020
scm.id=faction-web
2121
exec.additionalArguments=-Dmaven.javadoc.skip\=true -Dmaven.test.skipTests\=true -Dmaven.test.skip\=true
2222
scm.tagNameFormat=@{project.version}
23-
scm.tag=1.7.7
23+
scm.tag=1.8.4
2424
exec.snapshotReleasePluginAllowed=false
2525
project.scm.org.faction\:faction.url=https\://github.com/factionsecurity/faction.git
2626
preparationGoals=clean verify

src/com/fuse/api/assessments.java

Lines changed: 36 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -84,7 +84,8 @@ public class assessments {
8484
@Produces(MediaType.APPLICATION_JSON)
8585
@Path("/queue")
8686
public Response getAssessments(
87-
@ApiParam(value = "Authentication Header", required = true) @HeaderParam("FACTION-API-KEY") String apiKey) {
87+
@ApiParam(value = "Authentication Header", required = true) @HeaderParam("FACTION-API-KEY") String apiKey,
88+
@ApiParam(value = "Include base64-encoded images (default false). When false, returns links to Faction images; when true, converts images to base64 data URLs.", required = false) @QueryParam("includeBase64Images") Boolean includeBase64Images) {
8889

8990
EntityManager em = HibHelper.getInstance().getEMF().createEntityManager();
9091
List<AssessmentDTO> dtos = new ArrayList<>();
@@ -95,7 +96,9 @@ public Response getAssessments(
9596
List<Assessment> asmts = AssessmentQueries.getAssessmentsByUserId(em, u, u.getId(),
9697
AssessmentQueries.OnlyNonCompleted);
9798
for (Assessment a : asmts) {
98-
AssessmentQueries.updateImages(a);
99+
if (Boolean.TRUE.equals(includeBase64Images)) {
100+
AssessmentQueries.updateImages(a);
101+
}
99102
AssessmentDTO dto = AssessmentDTO.fromEntity(a);
100103

101104
// Add custom fields if any
@@ -141,7 +144,8 @@ public Response getAssessments(
141144
@Path("/{aid}")
142145
public Response getAssessment(
143146
@ApiParam(value = "Authentication Header", required = true) @HeaderParam("FACTION-API-KEY") String apiKey,
144-
@ApiParam(value = "Assessment ID", required = true) @PathParam("aid") Long aid) {
147+
@ApiParam(value = "Assessment ID", required = true) @PathParam("aid") Long aid,
148+
@ApiParam(value = "Include base64-encoded images (default false). When false, returns links to Faction images; when true, converts images to base64 data URLs.", required = false) @QueryParam("includeBase64Images") Boolean includeBase64Images) {
145149

146150
EntityManager em = HibHelper.getInstance().getEMF().createEntityManager();
147151
try {
@@ -185,7 +189,9 @@ public Response getAssessment(
185189
}
186190

187191
// Convert to DTO
188-
AssessmentQueries.updateImages(assessment);
192+
if (Boolean.TRUE.equals(includeBase64Images)) {
193+
AssessmentQueries.updateImages(assessment);
194+
}
189195
AssessmentDTO dto = AssessmentDTO.fromEntity(assessment);
190196

191197
// Add custom fields from the assessment entity
@@ -585,7 +591,8 @@ public Response updateAssessment(
585591
@Path("/vulns/{aid}")
586592
public Response getVulns(
587593
@ApiParam(value = "Authentication Header", required = true) @HeaderParam("FACTION-API-KEY") String apiKey,
588-
@ApiParam(value = "Assessment ID", required = true) @PathParam("aid") Long aid) {
594+
@ApiParam(value = "Assessment ID", required = true) @PathParam("aid") Long aid,
595+
@ApiParam(value = "Include base64-encoded images (default false). When false, returns links to Faction images; when true, converts images to base64 data URLs.", required = false) @QueryParam("includeBase64Images") Boolean includeBase64Images) {
589596

590597
EntityManager em = HibHelper.getInstance().getEMF().createEntityManager();
591598
List<VulnerabilityDTO> dtos = new ArrayList<>();
@@ -599,8 +606,10 @@ public Response getVulns(
599606
return Response.status(401).entity(String.format(Support.ERROR, "No Assessment")).build();
600607
for (Assessment a : asmts) {
601608
for (Vulnerability v : a.getVulns()) {
602-
v.updateRiskLevels();
603-
AssessmentQueries.updateImages(a, v);
609+
if (Boolean.TRUE.equals(includeBase64Images)) {
610+
AssessmentQueries.updateImages(a, v);
611+
}
612+
v.updateRiskLevels();
604613
v.updateRiskLevels(em);
605614
VulnerabilityDTO dto = VulnerabilityDTO.fromEntity(v);
606615

@@ -643,7 +652,8 @@ public Response getVulns(
643652
@Path("/history/{appid}")
644653
public Response getHistory(
645654
@ApiParam(value = "Authentication Header", required = true) @HeaderParam("FACTION-API-KEY") String apiKey,
646-
@ApiParam(value = "Application ID Header", required = true) @PathParam("appid") String appid) {
655+
@ApiParam(value = "Application ID Header", required = true) @PathParam("appid") String appid,
656+
@ApiParam(value = "Include base64-encoded images (default false). When false, returns links to Faction images; when true, converts images to base64 data URLs.", required = false) @QueryParam("includeBase64Images") Boolean includeBase64Images) {
647657

648658
EntityManager em = HibHelper.getInstance().getEMF().createEntityManager();
649659
List<VulnerabilityDTO> dtos = new ArrayList<>();
@@ -657,7 +667,9 @@ public Response getHistory(
657667
return Response.status(401).entity(String.format(Support.ERROR, "No Assessment")).build();
658668
for (Assessment a : asmts) {
659669
for (Vulnerability v : a.getVulns()) {
660-
AssessmentQueries.updateImages(a, v);
670+
if (Boolean.TRUE.equals(includeBase64Images)) {
671+
AssessmentQueries.updateImages(a, v);
672+
}
661673
v.updateRiskLevels(em);
662674
VulnerabilityDTO dto = VulnerabilityDTO.fromEntity(v);
663675

@@ -746,7 +758,8 @@ public Response updateNotes(
746758
@Path("/vuln/{vid}")
747759
public Response getVuln(
748760
@ApiParam(value = "Authentication Header", required = true) @HeaderParam("FACTION-API-KEY") String apiKey,
749-
@ApiParam(value = "Vulnerability ID", required = true) @PathParam("vid") Long vid) {
761+
@ApiParam(value = "Vulnerability ID", required = true) @PathParam("vid") Long vid,
762+
@ApiParam(value = "Include base64-encoded images (default false). When false, returns links to Faction images; when true, converts images to base64 data URLs.", required = false) @QueryParam("includeBase64Images") Boolean includeBase64Images) {
750763

751764
EntityManager em = HibHelper.getInstance().getEMF().createEntityManager();
752765
List<VulnerabilityDTO> dtos = new ArrayList<>();
@@ -778,7 +791,9 @@ public Response getVuln(
778791
v.setDetails(v.getDetails());
779792
}
780793

781-
AssessmentQueries.updateImages(em, v);
794+
if (Boolean.TRUE.equals(includeBase64Images)) {
795+
AssessmentQueries.updateImages(em, v);
796+
}
782797
v.updateRiskLevels(em);
783798
VulnerabilityDTO dto = VulnerabilityDTO.fromEntity(v);
784799

@@ -1323,7 +1338,8 @@ else if (autoCreateCamp) {
13231338
public Response getCompletedAssessments(
13241339
@ApiParam(value = "Authentication Header", required = true) @HeaderParam("FACTION-API-KEY") String apiKey,
13251340
@ApiParam(value = "Start Date (DD/MM/YYYY)", required = true) @FormParam("start") String start,
1326-
@ApiParam(value = "End Date (DD/MM/YYYY)", required = false) @FormParam("end") String end) {
1341+
@ApiParam(value = "End Date (DD/MM/YYYY)", required = false) @FormParam("end") String end,
1342+
@ApiParam(value = "Include base64-encoded images (default false). When false, returns links to Faction images; when true, converts images to base64 data URLs.", required = false) @QueryParam("includeBase64Images") Boolean includeBase64Images) {
13271343
EntityManager em = HibHelper.getInstance().getEMF().createEntityManager();
13281344
List<AssessmentDTO> dtos = new ArrayList<>();
13291345
try {
@@ -1345,7 +1361,9 @@ public Response getCompletedAssessments(
13451361
List<Assessment> completed = AssessmentQueries.getAllCompletedAssessmentsByDateRange(em, u, startDate,
13461362
endDate);
13471363
for (Assessment a : completed) {
1348-
AssessmentQueries.updateImages(a);
1364+
if (Boolean.TRUE.equals(includeBase64Images)) {
1365+
AssessmentQueries.updateImages(a);
1366+
}
13491367
AssessmentDTO dto = AssessmentDTO.fromEntity(a);
13501368

13511369
// Add custom fields if any
@@ -1384,7 +1402,8 @@ public Response getCompletedAssessments(
13841402
public Response getCondensedCompletedAssessments(
13851403
@ApiParam(value = "Authentication Header", required = true) @HeaderParam("FACTION-API-KEY") String apiKey,
13861404
@ApiParam(value = "Start Date (DD/MM/YYYY)", required = true) @QueryParam("start") String start,
1387-
@ApiParam(value = "End Date (DD/MM/YYYY)", required = false) @QueryParam("end") String end) {
1405+
@ApiParam(value = "End Date (DD/MM/YYYY)", required = false) @QueryParam("end") String end,
1406+
@ApiParam(value = "Include base64-encoded images (default false). When false, returns links to Faction images; when true, converts images to base64 data URLs.", required = false) @QueryParam("includeBase64Images") Boolean includeBase64Images) {
13881407
EntityManager em = HibHelper.getInstance().getEMF().createEntityManager();
13891408
List<AssessmentCondensedDTO> dtos = new ArrayList<>();
13901409
try {
@@ -1406,7 +1425,9 @@ public Response getCondensedCompletedAssessments(
14061425
List<Assessment> completed = AssessmentQueries.getAllCompletedAssessmentsByDateRange(em, u, startDate,
14071426
endDate);
14081427
for (Assessment a : completed) {
1409-
AssessmentQueries.updateImages(a);
1428+
if (Boolean.TRUE.equals(includeBase64Images)) {
1429+
AssessmentQueries.updateImages(a);
1430+
}
14101431
AssessmentCondensedDTO dto = AssessmentCondensedDTO.fromEntityWithVulns(a);
14111432
dtos.add(dto);
14121433
}

0 commit comments

Comments
 (0)