Version 3.3.0: Add rule details (#40)

Author: ildyria

openapi.json

@@ -3,7 +3,7 @@
   "info": {
     "title": "Repository Scanner (RESC)",
     "description": "RESC API helps you to perform several operations upon findings obtained from multiple source code repositories.",
-    "version": "3.3.5"
+    "version": "3.5.0"
   },
   "paths": {
     "/resc/v1/health": {
@@ -625,6 +625,74 @@
         }
       }
     },
+    "/resc/v1/rule-packs/{rule_pack_version}/rules": {
+      "get": {
+        "tags": [
+          "resc-rule-packs"
+        ],
+        "summary": "Get unique rule from rule pack",
+        "description": "Retrieve the rule data from a rule_name and rule_pack\n\n- **db_connection**: Session of the database connection\n- **rule_pack_version**: filter on rule pack version\n- **rule_name**: filter on rule pack version\n- **return**: List[str] The output will contain a list of strings of unique rules in the findings table",
+        "operationId": "get_rule_from_rule_pack_resc_v1_rule_packs__rule_pack_version__rules_get",
+        "parameters": [
+          {
+            "required": true,
+            "schema": {
+              "type": "string",
+              "title": "Rule Pack Version"
+            },
+            "name": "rule_pack_version",
+            "in": "path"
+          },
+          {
+            "required": true,
+            "schema": {
+              "type": "string",
+              "title": "RuleName"
+            },
+            "name": "rule_name",
+            "in": "query"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Retrieve the rule data for a rule pack",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/RuleRead"
+                }
+              }
+            }
+          },
+          "404": {
+            "description": "Scan <scan_id> not found",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/Model404"
+                }
+              }
+            }
+          },
+          "422": {
+            "description": "RulePackVersion and RuleName required",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/Model422"
+                }
+              }
+            }
+          },
+          "500": {
+            "description": "Internal server error. Contact your system administrator"
+          },
+          "503": {
+            "description": "Unable to communicate with DataBase, Please contact your system administrator"
+          }
+        }
+      }
+    },
     "/resc/v1/findings": {
       "get": {
         "tags": [
@@ -4720,6 +4788,68 @@
         ],
         "title": "RulePackVersion"
       },
+      "RuleRead": {
+        "properties": {
+          "rule_name": {
+            "type": "string",
+            "maxLength": 400,
+            "minLength": 1,
+            "title": "Rule Name"
+          },
+          "description": {
+            "type": "string",
+            "maxLength": 4000,
+            "title": "Description"
+          },
+          "comment": {
+            "type": "string",
+            "maxLength": 2000,
+            "title": "Comment"
+          },
+          "entropy": {
+            "type": "number",
+            "title": "Entropy"
+          },
+          "secret_group": {
+            "type": "integer",
+            "title": "Secret Group"
+          },
+          "regex": {
+            "type": "string",
+            "title": "Regex"
+          },
+          "path": {
+            "type": "string",
+            "title": "Path"
+          },
+          "keywords": {
+            "type": "string",
+            "title": "Keywords"
+          },
+          "rule_pack": {
+            "type": "string",
+            "pattern": "^(\\d+\\.)?(\\d+\\.)?(\\*|\\d+)$",
+            "title": "Rule Pack"
+          },
+          "allow_list": {
+            "type": "integer",
+            "exclusiveMinimum": 0.0,
+            "title": "Allow List"
+          },
+          "id_": {
+            "type": "integer",
+            "exclusiveMinimum": 0.0,
+            "title": "Id "
+          }
+        },
+        "type": "object",
+        "required": [
+          "rule_name",
+          "rule_pack",
+          "id_"
+        ],
+        "title": "RuleRead"
+      },
       "ScanCreate": {
         "properties": {
           "scan_type": {

package.json

@@ -1,6 +1,6 @@
 {
   "name": "resc-frontend",
-  "version": "3.2.9",
+  "version": "3.3.0",
   "author": "ABN AMRO Bank",
   "description": "Repository Scanner Frontend",
   "license": "MIT",

src/components/ScanFindings/FindingPanel.vue

@@ -37,6 +37,7 @@
           <b-tabs pills card>
             <AuditTab :finding="findingRef"></AuditTab>
             <HistoryTab :finding="findingRef"></HistoryTab>
+            <RuleTab :ruleName="findingRef.rule_name" :rulePack="findingRef.rule_pack"></RuleTab>
           </b-tabs>
         </b-card>
       </div>
@@ -47,6 +48,7 @@
 <script setup lang="ts">
 import AuditTab from '@/components/ScanFindings/AuditTab.vue';
 import HistoryTab from '@/components/ScanFindings/HistoryTab.vue';
+import RuleTab from '@/components/ScanFindings/RuleTab.vue';
 import type { AugmentedDetailedFindingRead } from '@/services/shema-to-types';
 import { ref } from 'vue';
 

src/components/ScanFindings/HistoryTab.vue

@@ -10,7 +10,6 @@
       </div>
 
       <div class="pr-1" v-if="hasRecords">
-        <!-- sticky-header="230px" -->
         <b-table
           id="audit-history-table"
           :items="auditList"

src/components/ScanFindings/RuleTab.vue

@@ -0,0 +1,54 @@
+<template>
+  <div>
+    <b-tab title="RULE" title-item-class="tab-pills" v-on:click="fetchRuleForRulePack">
+      <SpinnerVue v-if="!loadedData" />
+
+      <div class="pr-1" v-if="loadedData && rule">
+        <b-card-text v-if="rule?.description"
+          ><span class="fw-bold">Description: </span>{{ rule.description }}</b-card-text
+        >
+        <b-card-text v-if="rule?.regex"
+          ><span class="fw-bold">Regex: </span>{{ rule.regex }}</b-card-text
+        >
+        <b-card-text v-if="rule?.path"
+          ><span class="fw-bold">Path: </span>{{ rule.path }}</b-card-text
+        >
+        <b-card-text v-if="rule?.comment"
+          ><span class="fw-bold">Comment: </span>{{ rule.comment }}</b-card-text
+        >
+      </div>
+      <div class="pr-1" v-if="loadedData && !rule">Rule not found.</div>
+    </b-tab>
+  </div>
+</template>
+
+<script setup lang="ts">
+import AxiosConfig from '@/configuration/axios-config';
+import RulePackService from '@/services/rule-pack-service';
+import SpinnerVue from '@/components/Common/SpinnerVue.vue';
+import type { RuleRead } from '@/services/shema-to-types';
+import { ref } from 'vue';
+
+const loadedData = ref(false);
+
+type Props = {
+  ruleName: string;
+  rulePack: string;
+};
+const props = defineProps<Props>();
+
+const rule = ref(null as RuleRead | null);
+
+function fetchRuleForRulePack() {
+  loadedData.value = false;
+  RulePackService.getRuleFromRulePack(props.rulePack, props.ruleName)
+    .then((response) => {
+      rule.value = response.data;
+      loadedData.value = true;
+    })
+    .catch((error) => {
+      loadedData.value = true;
+      AxiosConfig.handleError(error);
+    });
+}
+</script>

src/services/rule-pack-service.ts

@@ -82,6 +82,17 @@ const RulePackService = {
       version: toRaw(rulePackVersion),
     });
   },
+
+  async getRuleFromRulePack(
+    rulePackVersion: string,
+    ruleId: string,
+  ): Promise<
+    AxiosResponse<
+      paths['/resc/v1/rule-packs/{rule_pack_version}/rules']['get']['responses']['200']['content']['application/json']
+    >
+  > {
+    return axios.get(`/rule-packs/${rulePackVersion}/rules?rule_name=${ruleId}`);
+  },
 };
 
 export default RulePackService;

src/services/schema.d.ts

@@ -128,6 +128,18 @@ export interface paths {
      */
     post: operations['mark_rule_pack_as_outdated_resc_v1_rule_packs_mark_as_outdated_post'];
   };
+  '/resc/v1/rule-packs/{rule_pack_version}/rules': {
+    /**
+     * Get unique rule from rule pack
+     * @description Retrieve the rule data from a rule_name and rule_pack
+     *
+     * - **db_connection**: Session of the database connection
+     * - **rule_pack_version**: filter on rule pack version
+     * - **rule_name**: filter on rule pack version
+     * - **return**: List[str] The output will contain a list of strings of unique rules in the findings table
+     */
+    get: operations['get_rule_from_rule_pack_resc_v1_rule_packs__rule_pack_version__rules_get'];
+  };
   '/resc/v1/findings': {
     /**
      * Get findings
@@ -1381,6 +1393,31 @@ export interface components {
       /** Version */
       version: string;
     };
+    /** RuleRead */
+    RuleRead: {
+      /** Rule Name */
+      rule_name: string;
+      /** Description */
+      description?: string;
+      /** Comment */
+      comment?: string;
+      /** Entropy */
+      entropy?: number;
+      /** Secret Group */
+      secret_group?: number;
+      /** Regex */
+      regex?: string;
+      /** Path */
+      path?: string;
+      /** Keywords */
+      keywords?: string;
+      /** Rule Pack */
+      rule_pack: string;
+      /** Allow List */
+      allow_list?: number;
+      /** Id */
+      id_: number;
+    };
     /** ScanCreate */
     ScanCreate: {
       /** @default BASE */
@@ -1923,6 +1960,53 @@ export interface operations {
       };
     };
   };
+  /**
+   * Get unique rule from rule pack
+   * @description Retrieve the rule data from a rule_name and rule_pack
+   *
+   * - **db_connection**: Session of the database connection
+   * - **rule_pack_version**: filter on rule pack version
+   * - **rule_name**: filter on rule pack version
+   * - **return**: List[str] The output will contain a list of strings of unique rules in the findings table
+   */
+  get_rule_from_rule_pack_resc_v1_rule_packs__rule_pack_version__rules_get: {
+    parameters: {
+      query: {
+        rule_name: string;
+      };
+      path: {
+        rule_pack_version: string;
+      };
+    };
+    responses: {
+      /** @description Retrieve the rule data for a rule pack */
+      200: {
+        content: {
+          'application/json': components['schemas']['RuleRead'];
+        };
+      };
+      /** @description Scan <scan_id> not found */
+      404: {
+        content: {
+          'application/json': components['schemas']['Model404'];
+        };
+      };
+      /** @description RulePackVersion and RuleName required */
+      422: {
+        content: {
+          'application/json': components['schemas']['Model422'];
+        };
+      };
+      /** @description Internal server error. Contact your system administrator */
+      500: {
+        content: never;
+      };
+      /** @description Unable to communicate with DataBase, Please contact your system administrator */
+      503: {
+        content: never;
+      };
+    };
+  };
   /**
    * Get findings
    * @description Retrieve all findings objects paginated

src/services/shema-to-types.ts

@@ -44,6 +44,7 @@ export type RepositoryEnrichedRead = components['schemas']['RepositoryEnrichedRe
 export type RepositoryRead = components['schemas']['RepositoryRead'];
 export type RuleFindingCountModel = components['schemas']['RuleFindingCountModel'];
 export type RulePackRead = components['schemas']['RulePackRead'];
+export type RuleRead = components['schemas']['RuleRead'];
 export type ScanCreate = components['schemas']['ScanCreate'];
 export type ScanRead = components['schemas']['ScanRead'];
 export type ScanType = components['schemas']['ScanType'];

tests/resources/mock_rule.json

@@ -0,0 +1,12 @@
+{
+    "data": {
+      "rule_name": "rule1",
+      "description": "some description",
+      "comment": "some comment for CLI",
+      "regex": "BEGIN PRIVATE KEY some base64 fluff END PRIVATE KEY",
+      "path": "something.pem",
+      "rule_pack": "1.0.0",
+      "allow_list": 0,
+      "id_": 15
+    }
+  }