Skip to content

Application Name Mapping #50

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: 1.0.35_pre_release
Choose a base branch
from
Open

Application Name Mapping #50

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
64 changes: 45 additions & 19 deletions CheckmarxOneAppListIntegration_sys_script_include_f60f0ee047131110328ca368436d43ba.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ CheckmarxOneAppListIntegration.prototype = Object.extendsObject(sn_vul.Applicati

UTIL: new CheckmarxOneUtil(),
MSG: 'CheckmarxOne AppListIntegration:',
retrieveData: function() {
retrieveData: function () {
gs.debug(this.MSG + 'retrieveData');
var response = "<null/>";
try {
Expand Down Expand Up @@ -54,7 +54,7 @@ CheckmarxOneAppListIntegration.prototype = Object.extendsObject(sn_vul.Applicati
},

//Creates XML summary for Projects
getAppList: function(filteredCount, offset) {
getAppList: function (filteredCount, offset) {
try {
var config = this.UTIL._getConfig(this.IMPLEMENTATION);
var appListRootNodeStart = "<appInfoList><xml id=\"checkmarxone\"><projects>";
Expand All @@ -63,28 +63,54 @@ CheckmarxOneAppListIntegration.prototype = Object.extendsObject(sn_vul.Applicati
//to start offset from 0 and config.limit
var newoffset = offset - config.limit;
var projects = this.UTIL.getNextProjectList(this.IMPLEMENTATION, newoffset);
var groups = '';
var groupval = ' ';
var createdDate = this._getCurrentDeltaStartTime();
var uniqueAppIds = [];

// Collect all unique application IDs from relevant projects
for (var i = 0; i < projects.length; i++) {
Copy link

@cx-rakesh-kadu cx-rakesh-kadu Oct 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Optional : var project = projects[i]; and var appId = appIds[j]; and then use project and appID as below.

var uniqueAppIds = [];

for (var i = 0; i < projects.length; i++) {
var project = projects[i];

if (project.createdAt > createdDate) {
    var appIds = project.applicationIds || [];

    for (var j = 0; j < appIds.length; j++) {
        var appId = appIds[j];

        if (uniqueAppIds.indexOf(appId) === -1) {
            uniqueAppIds.push(appId);
        }
    }
}

}

if (projects[i].createdAt > createdDate) {
var appIds = projects[i].applicationIds || [];
for (var j = 0; j < appIds.length; j++) {
if (uniqueAppIds.indexOf(appIds[j]) === -1) {
uniqueAppIds.push(appIds[j]);
}
}
}
}
var appIdParam = uniqueAppIds.join(',');
if (appIdParam && appIdParam.length > 0) {
var appNameMap = this.UTIL.getApplicationMapName(this.IMPLEMENTATION, appIdParam);
}

for (var item in projects) {
Copy link

@cx-rakesh-kadu cx-rakesh-kadu Oct 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is there any chance that project will be null?

if (projects[item].createdAt > createdDate) {
var projectTags = this._getProjectTags(JSON.stringify(projects[item].tags));
var applicationIds = '';
var primaryBranch = '';
groups = +projects[item].groups.toString();
var groups = '';
var applicationInfoXml = '';
if (!gs.nil(projects[item].groups)) {
groups = projects[item].groups.toString();
}

if (null != projects[item].applicationIds && projects[item].applicationIds.length > 0)
applicationIds = projects[item].applicationIds.toString();
// Build <applications> block
if (projects[item].applicationIds && projects[item].applicationIds.length > 0 && appIdParam && appIdParam.length > 0) {
Copy link

@cx-rakesh-kadu cx-rakesh-kadu Oct 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Optional: repeatedly using projects[item], which makes the code harder to read and maintain
Define a project variable once
var project = projects[item];

applicationInfoXml += '<applications>';
for (var k = 0; k < projects[item].applicationIds.length; k++) {
var appId = projects[item].applicationIds[k];
var appName = appNameMap[appId] || 'UnknownAppName';
applicationInfoXml += '<application id="' + this.UTIL.escapeXmlChars(appId) +
'" name="' + this.UTIL.escapeXmlChars(appName) + '"/>';
}
applicationInfoXml += '</applications>';
}
if (null != projects[item].mainBranch && projects[item].mainBranch.length > 0)
primaryBranch = projects[item].mainBranch.toString();

var currentGroupVal = (groups.length == 0) ? groupval : projects[item].groups.toString();

appListAll += '<project id="' + this.UTIL.escapeXmlChars(projects[item].id) + '"' +
' createdAt="' + this.UTIL.escapeXmlChars(projects[item].createdAt) + '"' +
' applicationIds="' + this.UTIL.escapeXmlChars(applicationIds) + '"' +
' groups="' + this.UTIL.escapeXmlChars(currentGroupVal) + '">' +
' groups="' + this.UTIL.escapeXmlChars(groups) + '">' +
applicationInfoXml +
'<primaryBranch>' + this.UTIL.escapeCDATA(primaryBranch) + '</primaryBranch>' +
'<projectTags>' + this.UTIL.escapeCDATA(projectTags) + '</projectTags>' +
'<name>' + this.UTIL.escapeCDATA(projects[item].name) + '</name>' +
Expand All @@ -104,14 +130,14 @@ CheckmarxOneAppListIntegration.prototype = Object.extendsObject(sn_vul.Applicati
return reportContent;
},

_getProjectTags: function(tags) {
_getProjectTags: function (tags) {
if (tags == null || tags.length < 3)
return '';
return tags.substring(1, tags.length - 1);
},

// Gets the integration parameters as a map
_getParameters: function(parameters) {
_getParameters: function (parameters) {
var params = {
run: null,
remaining: {}
Expand Down Expand Up @@ -158,7 +184,7 @@ CheckmarxOneAppListIntegration.prototype = Object.extendsObject(sn_vul.Applicati
return params;
},
//to get offset value from total length
_getoffsets: function(filteredCount, totalCount) {
_getoffsets: function (filteredCount, totalCount) {
var config = this.UTIL._getConfig(this.IMPLEMENTATION);
var limit = config.limit;
var offsets = [];
Expand All @@ -176,11 +202,11 @@ CheckmarxOneAppListIntegration.prototype = Object.extendsObject(sn_vul.Applicati
return offsets;
},

_getoffset: function(config, offsetId) {
_getoffset: function (config, offsetId) {
return offsetId;
},
// Gets the start time of the integration
_getCurrentDeltaStartTime: function() {
_getCurrentDeltaStartTime: function () {
try {
var delta = this.UTIL.parseTZDate(this.DELTA_START_TIME) || '1970-01-01T10:16:06.17544Z';
} catch (err) {
Expand All @@ -189,15 +215,15 @@ CheckmarxOneAppListIntegration.prototype = Object.extendsObject(sn_vul.Applicati
}
return delta;
},
_serializeParameters: function(params) {
_serializeParameters: function (params) {
if (params.latest)
params.latest = params.latest.getValue();
else
delete params.latest;
return params;
},

_nextParameters: function(params) {
_nextParameters: function (params) {
params.run = null;
var keys = Object.keys(params.remaining);
if (keys.length) {
Expand All @@ -214,7 +240,7 @@ CheckmarxOneAppListIntegration.prototype = Object.extendsObject(sn_vul.Applicati
return params;
},

shouldRetry: function(process) {
shouldRetry: function (process) {
return true;
},
type: 'CheckmarxOneAppListIntegration'
Expand Down
84 changes: 49 additions & 35 deletions CheckmarxOneAppListProcessor_sys_script_include_716c87ad471f1110328ca368436d438a.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,77 +1,90 @@
var CheckmarxOneAppListProcessor = Class.create();
CheckmarxOneAppListProcessor.prototype = Object.extendsObject(sn_vul.ApplicationVulnerabilityImportProcessorBase, {
/*
* Converts an xml string of application information objects into javascript objects
* passed individually to the VR AppVul API
* Converts an XML string of application information objects into JavaScript objects
* passed individually to the VR AppVul API
*/
MSG: 'CheckmarxOne AppListProcessor:',
UTIL: new x_chec3_chexone.CheckmarxOneUtil(),

process: function(attachment) {
process: function (attachment) {
if (!attachment) {
gs.warn(gs.getMessage('CheckmarxOneAppListProcessor: Called with no attachment'));
gs.warn(this.MSG + ' Called with no attachment');
return;
}

try {
this.UTIL.validateXML(new GlideSysAttachment().getContent(attachment), 'error');
//Parsing the Project List attachment
var xmlContent = new GlideSysAttachment().getContent(attachment);
this.UTIL.validateXML(xmlContent, 'error');

var appDoc = new XMLDocument2();
appDoc.parseXML(new GlideSysAttachment().getContent(attachment));
appDoc.parseXML(xmlContent);
var listNode = appDoc.getNode("/appInfoList/xml/projects");
var iter = listNode.getChildNodeIterator();

} catch (ex) {
gs.error(this.MSG + "Error occurred while validating or parsing the XML: " + ex);
gs.error(this.MSG + " Error occurred while validating or parsing the XML: " + ex);
throw ex;
}

var errorProcess = '';

while (iter.hasNext()) {
try {
var appNode = iter.next();
var attributes = appNode.getAttributes();
var applicationId = '';
var appId;

var projectTags = '';
var primaryBranch = '';
var infoObj = {};
var appName = '';

var childIter = appNode.getChildNodeIterator();
var projectTagsFlag = 'false';
var primaryBranchFlag = 'false';

while (childIter.hasNext()) {
var childNode = childIter.next();
if (childNode.getNodeName() == "projectTags") {
var nodeName = childNode.getNodeName();

if (nodeName === "projectTags") {
projectTags = childNode.getTextContent();
projectTagsFlag = 'true';
}
if (childNode.getNodeName() == "primaryBranch") {
} else if (nodeName === "primaryBranch") {
primaryBranch = childNode.getTextContent();
primaryBranchFlag = 'true';
} else if (nodeName === "name") {
appName = childNode.getTextContent();
} else if (nodeName === "applications") {
var appList = [];
var appChildIter = childNode.getChildNodeIterator();
while (appChildIter.hasNext()) {
var appChild = appChildIter.next();
if (appChild.getNodeName() === "application") {
appList.push({
id: appChild.getAttribute("id"),
name: appChild.getAttribute("name")
});
}
}
if (appList.length > 0) {
Copy link

@cx-rakesh-kadu cx-rakesh-kadu Oct 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unnecessary check for appList.length, this can be achieve with below code as well.

for (var i = 0; i < appList.length; i++) {
...
}

for (var item in appList) {
infoObj["App Id:" + appList[item].id] = "App name:" + appList[item].name;
}
}
}
if (projectTagsFlag == 'true' && primaryBranchFlag == 'true')
break;
}
if (appNode.getAttribute('applicationIds') && appNode.getAttribute('applicationIds') != {})
infoObj[gs.getMessage("Application Id ")] = appNode.getAttribute('applicationIds').toString();

if (null != primaryBranch && '' != primaryBranch)
if (primaryBranch)
infoObj[gs.getMessage("Primary Branch ")] = primaryBranch.toString();

if (infoObj == {})
infoObj = "";

//map attributes from Checkmarx into the servicenow expected format'
// Build app object
var appObj = {
source_app_id: attributes.id,
app_name: appNode.getLastChild().getTextContent().toString(),
app_name: appName,
apm_app_id: projectTags,
source_assigned_teams: attributes.groups,
description: 'created at' + attributes.createdAt,
source_additional_info: JSON.stringify(infoObj),
description: 'created at ' + attributes.createdAt,
source_additional_info: Object.keys(infoObj).length > 0 ? JSON.stringify(infoObj) : '',
source_app_guid: primaryBranch.toString()

};
//Updating the project information in ServiceNow table

// Updating the project information in ServiceNow table
var result = this.AVR_API.createOrUpdateApp(appObj);
if (result != null) {
if (result.inserted)
Expand All @@ -83,14 +96,15 @@ CheckmarxOneAppListProcessor.prototype = Object.extendsObject(sn_vul.Application
}

} catch (ex) {
errorMessage = gs.getMessage("Error in retriving data for app list integration!");
gs.error(this.MSG + "errorMessage " + ex);
var errorMessage = gs.getMessage("Error in retrieving data for app list integration!");
gs.error(this.MSG + " " + errorMessage + " " + ex);
errorProcess += " | " + ex.getMessage();
}
}

if (!gs.nil(errorProcess))
gs.error(this.MSG + "All errors that occurred while processing project lists: " + errorProcess);
gs.error(this.MSG + " All errors that occurred while processing project lists: " + errorProcess);

this.completeProcess(this.integrationProcessGr, this.import_counts);
},

Expand Down
Loading