From dcdb0f14b776a8e65ea20dab77ba2486d932b30f Mon Sep 17 00:00:00 2001 From: Léo Geoffroy Date: Thu, 18 Jul 2024 10:08:04 +0200 Subject: SONAR-22542 Index new STIG security standard --- .../main/java/org/sonar/server/issue/index/IssueIndex.java | 6 ++++++ .../main/java/org/sonar/server/issue/index/IssueQuery.java | 12 ++++++++++++ .../java/org/sonar/server/issue/index/IssueQueryFactory.java | 1 + .../java/org/sonar/server/issue/index/IssueQueryTest.java | 9 +++++++++ 4 files changed, 28 insertions(+) (limited to 'server/sonar-webserver-es') diff --git a/server/sonar-webserver-es/src/main/java/org/sonar/server/issue/index/IssueIndex.java b/server/sonar-webserver-es/src/main/java/org/sonar/server/issue/index/IssueIndex.java index e2230d914c0..5e4f67e5deb 100644 --- a/server/sonar-webserver-es/src/main/java/org/sonar/server/issue/index/IssueIndex.java +++ b/server/sonar-webserver-es/src/main/java/org/sonar/server/issue/index/IssueIndex.java @@ -150,6 +150,7 @@ import static org.sonar.server.issue.index.IssueIndex.Facet.SCOPES; import static org.sonar.server.issue.index.IssueIndex.Facet.SEVERITIES; import static org.sonar.server.issue.index.IssueIndex.Facet.SONARSOURCE_SECURITY; import static org.sonar.server.issue.index.IssueIndex.Facet.STATUSES; +import static org.sonar.server.issue.index.IssueIndex.Facet.STIG_ASD_V5R3; import static org.sonar.server.issue.index.IssueIndex.Facet.TAGS; import static org.sonar.server.issue.index.IssueIndex.Facet.TYPES; import static org.sonar.server.issue.index.IssueIndexDefinition.FIELD_ISSUE_ASSIGNEE_UUID; @@ -188,6 +189,7 @@ import static org.sonar.server.issue.index.IssueIndexDefinition.FIELD_ISSUE_SEVE import static org.sonar.server.issue.index.IssueIndexDefinition.FIELD_ISSUE_SEVERITY_VALUE; import static org.sonar.server.issue.index.IssueIndexDefinition.FIELD_ISSUE_SQ_SECURITY_CATEGORY; import static org.sonar.server.issue.index.IssueIndexDefinition.FIELD_ISSUE_STATUS; +import static org.sonar.server.issue.index.IssueIndexDefinition.FIELD_ISSUE_STIG_ASD_V5R3; import static org.sonar.server.issue.index.IssueIndexDefinition.FIELD_ISSUE_TAGS; import static org.sonar.server.issue.index.IssueIndexDefinition.FIELD_ISSUE_TYPE; import static org.sonar.server.issue.index.IssueIndexDefinition.FIELD_ISSUE_VULNERABILITY_PROBABILITY; @@ -224,6 +226,7 @@ import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_SCOPES; import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_SEVERITIES; import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_SONARSOURCE_SECURITY; import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_STATUSES; +import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_STIG_ASD_V5R3; import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_TAGS; import static org.sonarqube.ws.client.issue.IssuesWsParameters.PARAM_TYPES; @@ -288,6 +291,7 @@ public class IssueIndex { OWASP_ASVS_40(PARAM_OWASP_ASVS_40, FIELD_ISSUE_OWASP_ASVS_40, STICKY, DEFAULT_FACET_SIZE), OWASP_TOP_10(PARAM_OWASP_TOP_10, FIELD_ISSUE_OWASP_TOP_10, STICKY, DEFAULT_FACET_SIZE), OWASP_TOP_10_2021(PARAM_OWASP_TOP_10_2021, FIELD_ISSUE_OWASP_TOP_10_2021, STICKY, DEFAULT_FACET_SIZE), + STIG_ASD_V5R3(PARAM_STIG_ASD_V5R3, FIELD_ISSUE_STIG_ASD_V5R3, STICKY, DEFAULT_FACET_SIZE), SANS_TOP_25(PARAM_SANS_TOP_25, FIELD_ISSUE_SANS_TOP_25, STICKY, DEFAULT_FACET_SIZE), CWE(PARAM_CWE, FIELD_ISSUE_CWE, STICKY, DEFAULT_FACET_SIZE), CREATED_AT(PARAM_CREATED_AT, FIELD_ISSUE_FUNC_CREATED_AT, NON_STICKY), @@ -501,6 +505,7 @@ public class IssueIndex { addOwaspAsvsFilter(FIELD_ISSUE_OWASP_ASVS_40, OWASP_ASVS_40, query, filters); addSecurityCategoryFilter(FIELD_ISSUE_OWASP_TOP_10, OWASP_TOP_10, query.owaspTop10(), filters); addSecurityCategoryFilter(FIELD_ISSUE_OWASP_TOP_10_2021, OWASP_TOP_10_2021, query.owaspTop10For2021(), filters); + addSecurityCategoryFilter(FIELD_ISSUE_STIG_ASD_V5R3, STIG_ASD_V5R3, query.stigAsdV5R3(), filters); addSecurityCategoryFilter(FIELD_ISSUE_SANS_TOP_25, SANS_TOP_25, query.sansTop25(), filters); addSecurityCategoryFilter(FIELD_ISSUE_CWE, CWE, query.cwe(), filters); addSecurityCategoryFilter(FIELD_ISSUE_SQ_SECURITY_CATEGORY, SONARSOURCE_SECURITY, query.sonarsourceSecurity(), filters); @@ -888,6 +893,7 @@ public class IssueIndex { addSecurityCategoryFacetIfNeeded(PARAM_OWASP_ASVS_40, OWASP_ASVS_40, options, aggregationHelper, esRequest, query.owaspAsvs40().toArray()); addSecurityCategoryFacetIfNeeded(PARAM_OWASP_TOP_10, OWASP_TOP_10, options, aggregationHelper, esRequest, query.owaspTop10().toArray()); addSecurityCategoryFacetIfNeeded(PARAM_OWASP_TOP_10_2021, OWASP_TOP_10_2021, options, aggregationHelper, esRequest, query.owaspTop10For2021().toArray()); + addSecurityCategoryFacetIfNeeded(PARAM_STIG_ASD_V5R3, STIG_ASD_V5R3, options, aggregationHelper, esRequest, query.stigAsdV5R3().toArray()); addSecurityCategoryFacetIfNeeded(PARAM_SANS_TOP_25, SANS_TOP_25, options, aggregationHelper, esRequest, query.sansTop25().toArray()); addSecurityCategoryFacetIfNeeded(PARAM_CWE, CWE, options, aggregationHelper, esRequest, query.cwe().toArray()); addSecurityCategoryFacetIfNeeded(PARAM_SONARSOURCE_SECURITY, SONARSOURCE_SECURITY, options, aggregationHelper, esRequest, query.sonarsourceSecurity().toArray()); diff --git a/server/sonar-webserver-es/src/main/java/org/sonar/server/issue/index/IssueQuery.java b/server/sonar-webserver-es/src/main/java/org/sonar/server/issue/index/IssueQuery.java index 233aa77bdd0..bcaa26373a9 100644 --- a/server/sonar-webserver-es/src/main/java/org/sonar/server/issue/index/IssueQuery.java +++ b/server/sonar-webserver-es/src/main/java/org/sonar/server/issue/index/IssueQuery.java @@ -80,6 +80,7 @@ public class IssueQuery { private final Collection owaspAsvs40; private final Integer owaspAsvsLevel; private final Collection owaspTop10For2021; + private final Collection stigAsdV5R3; private final Collection sansTop25; private final Collection cwe; private final Collection sonarsourceSecurity; @@ -129,6 +130,7 @@ public class IssueQuery { this.owaspAsvsLevel = builder.owaspAsvsLevel; this.owaspTop10 = defaultCollection(builder.owaspTop10); this.owaspTop10For2021 = defaultCollection(builder.owaspTop10For2021); + this.stigAsdV5R3 = defaultCollection(builder.stigAsdV5R3); this.sansTop25 = defaultCollection(builder.sansTop25); this.cwe = defaultCollection(builder.cwe); this.sonarsourceSecurity = defaultCollection(builder.sonarsourceSecurity); @@ -260,6 +262,10 @@ public class IssueQuery { return owaspTop10For2021; } + public Collection stigAsdV5R3() { + return stigAsdV5R3; + } + public Collection sansTop25() { return sansTop25; } @@ -392,6 +398,7 @@ public class IssueQuery { private Integer owaspAsvsLevel; private Collection owaspTop10; private Collection owaspTop10For2021; + private Collection stigAsdV5R3; private Collection sansTop25; private Collection cwe; private Collection sonarsourceSecurity; @@ -552,6 +559,11 @@ public class IssueQuery { return this; } + public Builder stigAsdR5V3(@Nullable Collection o) { + this.stigAsdV5R3 = o; + return this; + } + public Builder sansTop25(@Nullable Collection s) { this.sansTop25 = s; return this; diff --git a/server/sonar-webserver-es/src/main/java/org/sonar/server/issue/index/IssueQueryFactory.java b/server/sonar-webserver-es/src/main/java/org/sonar/server/issue/index/IssueQueryFactory.java index 7e4a69a5ea3..43fb8a0cb26 100644 --- a/server/sonar-webserver-es/src/main/java/org/sonar/server/issue/index/IssueQueryFactory.java +++ b/server/sonar-webserver-es/src/main/java/org/sonar/server/issue/index/IssueQueryFactory.java @@ -152,6 +152,7 @@ public class IssueQueryFactory { .owaspAsvsLevel(request.getOwaspAsvsLevel()) .owaspTop10(request.getOwaspTop10()) .owaspTop10For2021(request.getOwaspTop10For2021()) + .stigAsdR5V3(request.getStigAsdV5R3()) .sansTop25(request.getSansTop25()) .cwe(request.getCwe()) .sonarsourceSecurity(request.getSonarsourceSecurity()) diff --git a/server/sonar-webserver-es/src/test/java/org/sonar/server/issue/index/IssueQueryTest.java b/server/sonar-webserver-es/src/test/java/org/sonar/server/issue/index/IssueQueryTest.java index 5b33aae4067..003a1db746d 100644 --- a/server/sonar-webserver-es/src/test/java/org/sonar/server/issue/index/IssueQueryTest.java +++ b/server/sonar-webserver-es/src/test/java/org/sonar/server/issue/index/IssueQueryTest.java @@ -127,6 +127,15 @@ class IssueQueryTest { assertThat(query.owaspTop10For2021()).containsOnly("a3", "a4"); } + @Test + void build_stig_query() { + IssueQuery query = IssueQuery.builder() + .stigAsdR5V3(List.of("V-222400", "V-222401")) + .build(); + + assertThat(query.stigAsdV5R3()).containsOnly("V-222400", "V-222401"); + } + @Test void build_query_without_dates() { -- cgit v1.2.3