SONAR-22542 Index new STIG security standard

author: Léo Geoffroy <leo.geoffroy@sonarsource.com> 2024-07-18 10:08:04 +0200
committer: sonartech <sonartech@sonarsource.com> 2024-07-23 20:02:45 +0000
commit: dcdb0f14b776a8e65ea20dab77ba2486d932b30f (patch)
tree: 01f2fc10b39dfb87d80f11b2eb1962ace85815b6 /server/sonar-webserver-es
parent: 4d71184dc37786c57360965a2940691ee5928b43 (diff)
download: sonarqube-dcdb0f14b776a8e65ea20dab77ba2486d932b30f.tar.gz
sonarqube-dcdb0f14b776a8e65ea20dab77ba2486d932b30f.zip
4 files changed, 28 insertions, 0 deletions
diff --git a/server/sonar-webserver-es/src/main/java/org/sonar/server/issue/index/IssueIndex.java b/server/sonar-webserver-es/src/main/java/org/sonar/server/issue/index/IssueIndex.java
index e2230d914c0..5e4f67e5deb 100644
--- a/server/sonar-webserver-es/src/main/java/org/sonar/server/issue/index/IssueIndex.java
+++ b/server/sonar-webserver-es/src/main/java/org/sonar/server/issue/index/IssueIndex.java
@@ -150,6 +150,7 @@ import static org.sonar.server.issue.index.IssueIndex.Facet.SCOPES;
 import static org.sonar.server.issue.index.IssueIndex.Facet.SEVERITIES;
 import static org.sonar.server.issue.index.IssueIndex.Facet.SONARSOURCE_SECURITY;
 import static org.sonar.server.issue.index.IssueIndex.Facet.STATUSES;
+import static org.sonar.server.issue.index.IssueIndex.Facet.STIG_ASD_V5R3;
 import static org.sonar.server.issue.index.IssueIndex.Facet.TAGS;
 import static org.sonar.server.issue.index.IssueIndex.Facet.TYPES;
 import static org.sonar.server.issue.index.IssueIndexDefinition.FIELD_ISSUE_ASSIGNEE_UUID;
@@ -188,6 +189,7 @@ import static org.sonar.server.issue.index.IssueIndexDefinition.FIELD_ISSUE_SEVE
 import static org.sonar.server.issue.index.IssueIndexDefinition.FIELD_ISSUE_SEVERITY_VALUE;
 import static org.sonar.server.issue.index.IssueIndexDefinition.FIELD_ISSUE_SQ_SECURITY_CATEGORY;
 import static org.sonar.server.issue.index.IssueIndexDefinition.FIELD_ISSUE_STATUS;
+import static org.sonar.server.issue.index.IssueIndexDefinition.FIELD_ISSUE_STIG_ASD_V5R3;
 import static org.sonar.server.issue.index.IssueIndexDefinition.FIELD_ISSUE_TAGS;
 import static org.sonar.server.issue.index.IssueIndexDefinition.FIELD_ISSUE_TYPE;
 import static org.sonar.server.issue.index.IssueIndexDefinition.FIELD_ISSUE_VULNERABILITY_PROBABILITY;
@@ -224,6 +226,7 @@ import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_SCOPES;
 import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_SEVERITIES;
 import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_SONARSOURCE_SECURITY;
 import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_STATUSES;
+import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_STIG_ASD_V5R3;
 import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_TAGS;
 import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_TYPES;
 
@@ -288,6 +291,7 @@ public class IssueIndex {
     OWASP_ASVS_40(PARAM_OWASP_ASVS_40, FIELD_ISSUE_OWASP_ASVS_40, STICKY, DEFAULT_FACET_SIZE),
     OWASP_TOP_10(PARAM_OWASP_TOP_10, FIELD_ISSUE_OWASP_TOP_10, STICKY, DEFAULT_FACET_SIZE),
     OWASP_TOP_10_2021(PARAM_OWASP_TOP_10_2021, FIELD_ISSUE_OWASP_TOP_10_2021, STICKY, DEFAULT_FACET_SIZE),
+    STIG_ASD_V5R3(PARAM_STIG_ASD_V5R3, FIELD_ISSUE_STIG_ASD_V5R3, STICKY, DEFAULT_FACET_SIZE),
     SANS_TOP_25(PARAM_SANS_TOP_25, FIELD_ISSUE_SANS_TOP_25, STICKY, DEFAULT_FACET_SIZE),
     CWE(PARAM_CWE, FIELD_ISSUE_CWE, STICKY, DEFAULT_FACET_SIZE),
     CREATED_AT(PARAM_CREATED_AT, FIELD_ISSUE_FUNC_CREATED_AT, NON_STICKY),
@@ -501,6 +505,7 @@ public class IssueIndex {
     addOwaspAsvsFilter(FIELD_ISSUE_OWASP_ASVS_40, OWASP_ASVS_40, query, filters);
     addSecurityCategoryFilter(FIELD_ISSUE_OWASP_TOP_10, OWASP_TOP_10, query.owaspTop10(), filters);
     addSecurityCategoryFilter(FIELD_ISSUE_OWASP_TOP_10_2021, OWASP_TOP_10_2021, query.owaspTop10For2021(), filters);
+    addSecurityCategoryFilter(FIELD_ISSUE_STIG_ASD_V5R3, STIG_ASD_V5R3, query.stigAsdV5R3(), filters);
     addSecurityCategoryFilter(FIELD_ISSUE_SANS_TOP_25, SANS_TOP_25, query.sansTop25(), filters);
     addSecurityCategoryFilter(FIELD_ISSUE_CWE, CWE, query.cwe(), filters);
     addSecurityCategoryFilter(FIELD_ISSUE_SQ_SECURITY_CATEGORY, SONARSOURCE_SECURITY, query.sonarsourceSecurity(), filters);
@@ -888,6 +893,7 @@ public class IssueIndex {
     addSecurityCategoryFacetIfNeeded(PARAM_OWASP_ASVS_40, OWASP_ASVS_40, options, aggregationHelper, esRequest, query.owaspAsvs40().toArray());
     addSecurityCategoryFacetIfNeeded(PARAM_OWASP_TOP_10, OWASP_TOP_10, options, aggregationHelper, esRequest, query.owaspTop10().toArray());
     addSecurityCategoryFacetIfNeeded(PARAM_OWASP_TOP_10_2021, OWASP_TOP_10_2021, options, aggregationHelper, esRequest, query.owaspTop10For2021().toArray());
+    addSecurityCategoryFacetIfNeeded(PARAM_STIG_ASD_V5R3, STIG_ASD_V5R3, options, aggregationHelper, esRequest, query.stigAsdV5R3().toArray());
     addSecurityCategoryFacetIfNeeded(PARAM_SANS_TOP_25, SANS_TOP_25, options, aggregationHelper, esRequest, query.sansTop25().toArray());
     addSecurityCategoryFacetIfNeeded(PARAM_CWE, CWE, options, aggregationHelper, esRequest, query.cwe().toArray());
     addSecurityCategoryFacetIfNeeded(PARAM_SONARSOURCE_SECURITY, SONARSOURCE_SECURITY, options, aggregationHelper, esRequest, query.sonarsourceSecurity().toArray());
diff --git a/server/sonar-webserver-es/src/main/java/org/sonar/server/issue/index/IssueQuery.java b/server/sonar-webserver-es/src/main/java/org/sonar/server/issue/index/IssueQuery.java
index 233aa77bdd0..bcaa26373a9 100644
--- a/server/sonar-webserver-es/src/main/java/org/sonar/server/issue/index/IssueQuery.java
+++ b/server/sonar-webserver-es/src/main/java/org/sonar/server/issue/index/IssueQuery.java
@@ -80,6 +80,7 @@ public class IssueQuery {
   private final Collection<String> owaspAsvs40;
   private final Integer owaspAsvsLevel;
   private final Collection<String> owaspTop10For2021;
+  private final Collection<String> stigAsdV5R3;
   private final Collection<String> sansTop25;
   private final Collection<String> cwe;
   private final Collection<String> sonarsourceSecurity;
@@ -129,6 +130,7 @@ public class IssueQuery {
     this.owaspAsvsLevel = builder.owaspAsvsLevel;
     this.owaspTop10 = defaultCollection(builder.owaspTop10);
     this.owaspTop10For2021 = defaultCollection(builder.owaspTop10For2021);
+    this.stigAsdV5R3 = defaultCollection(builder.stigAsdV5R3);
     this.sansTop25 = defaultCollection(builder.sansTop25);
     this.cwe = defaultCollection(builder.cwe);
     this.sonarsourceSecurity = defaultCollection(builder.sonarsourceSecurity);
@@ -260,6 +262,10 @@ public class IssueQuery {
     return owaspTop10For2021;
   }
 
+  public Collection<String> stigAsdV5R3() {
+    return stigAsdV5R3;
+  }
+
   public Collection<String> sansTop25() {
     return sansTop25;
   }
@@ -392,6 +398,7 @@ public class IssueQuery {
     private Integer owaspAsvsLevel;
     private Collection<String> owaspTop10;
     private Collection<String> owaspTop10For2021;
+    private Collection<String> stigAsdV5R3;
     private Collection<String> sansTop25;
     private Collection<String> cwe;
     private Collection<String> sonarsourceSecurity;
@@ -552,6 +559,11 @@ public class IssueQuery {
       return this;
     }
 
+    public Builder stigAsdR5V3(@Nullable Collection<String> o) {
+      this.stigAsdV5R3 = o;
+      return this;
+    }
+
     public Builder sansTop25(@Nullable Collection<String> s) {
       this.sansTop25 = s;
       return this;
diff --git a/server/sonar-webserver-es/src/main/java/org/sonar/server/issue/index/IssueQueryFactory.java b/server/sonar-webserver-es/src/main/java/org/sonar/server/issue/index/IssueQueryFactory.java
index 7e4a69a5ea3..43fb8a0cb26 100644
--- a/server/sonar-webserver-es/src/main/java/org/sonar/server/issue/index/IssueQueryFactory.java
+++ b/server/sonar-webserver-es/src/main/java/org/sonar/server/issue/index/IssueQueryFactory.java
@@ -152,6 +152,7 @@ public class IssueQueryFactory {
         .owaspAsvsLevel(request.getOwaspAsvsLevel())
         .owaspTop10(request.getOwaspTop10())
         .owaspTop10For2021(request.getOwaspTop10For2021())
+        .stigAsdR5V3(request.getStigAsdV5R3())
         .sansTop25(request.getSansTop25())
         .cwe(request.getCwe())
         .sonarsourceSecurity(request.getSonarsourceSecurity())
diff --git a/server/sonar-webserver-es/src/test/java/org/sonar/server/issue/index/IssueQueryTest.java b/server/sonar-webserver-es/src/test/java/org/sonar/server/issue/index/IssueQueryTest.java
index 5b33aae4067..003a1db746d 100644
--- a/server/sonar-webserver-es/src/test/java/org/sonar/server/issue/index/IssueQueryTest.java
+++ b/server/sonar-webserver-es/src/test/java/org/sonar/server/issue/index/IssueQueryTest.java
@@ -127,6 +127,15 @@ class IssueQueryTest {
     assertThat(query.owaspTop10For2021()).containsOnly("a3", "a4");
   }
 
+  @Test
+  void build_stig_query() {
+    IssueQuery query = IssueQuery.builder()
+      .stigAsdR5V3(List.of("V-222400", "V-222401"))
+      .build();
+
+    assertThat(query.stigAsdV5R3()).containsOnly("V-222400", "V-222401");
+  }
+
 
   @Test
   void build_query_without_dates() {
author	Léo Geoffroy <leo.geoffroy@sonarsource.com>	2024-07-18 10:08:04 +0200
committer	sonartech <sonartech@sonarsource.com>	2024-07-23 20:02:45 +0000
commit	dcdb0f14b776a8e65ea20dab77ba2486d932b30f (patch)
tree	01f2fc10b39dfb87d80f11b2eb1962ace85815b6 /server/sonar-webserver-es
parent	4d71184dc37786c57360965a2940691ee5928b43 (diff)
download	sonarqube-dcdb0f14b776a8e65ea20dab77ba2486d932b30f.tar.gz sonarqube-dcdb0f14b776a8e65ea20dab77ba2486d932b30f.zip