adding learn-more command (#155)

tiagobcx · web-flow · commit b8a7712839f3 · 2022-09-01T13:37:08.000+01:00
diff --git a/src/main/java/com/checkmarx/ast/learnMore/LearnMore.java b/src/main/java/com/checkmarx/ast/learnMore/LearnMore.java
@@ -0,0 +1,77 @@
+package com.checkmarx.ast.learnMore;
+
+import com.checkmarx.ast.codebashing.CodeBashing;
+import com.checkmarx.ast.remediation.KicsRemediation;
+import com.fasterxml.jackson.annotation.JsonCreator;
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import com.fasterxml.jackson.databind.JavaType;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
+import com.fasterxml.jackson.databind.type.TypeFactory;
+import lombok.Value;
+import org.apache.commons.lang3.StringUtils;
+
+import java.io.IOException;
+import java.util.List;
+
+@Value
+@JsonDeserialize()
+@JsonInclude(JsonInclude.Include.NON_NULL)
+@JsonIgnoreProperties(ignoreUnknown = true)
+
+public class LearnMore {
+
+    String queryId;
+    String queryName;
+    String queryDescriptionId;
+    String resultDescription;
+    String risk;
+    String cause;
+    String generalRecommendations;
+    List<Sample> samples;
+
+    @JsonCreator
+    public LearnMore(@JsonProperty("queryID") String queryId, @JsonProperty("queryName") String queryName,@JsonProperty("queryDescriptionID") String queryDescriptionId, @JsonProperty("resultDescription") String resultDescription,@JsonProperty("risk") String risk,@JsonProperty("cause") String cause,@JsonProperty("generalRecommendations") String generalRecommendations,@JsonProperty("samples") List<Sample> samples) {
+        this.queryId = queryId;
+        this.queryName = queryName;
+        this.queryDescriptionId = queryDescriptionId;
+        this.resultDescription = resultDescription;
+        this.risk = risk;
+        this.cause = cause;
+        this.generalRecommendations = generalRecommendations;
+        this.samples = samples;
+    }
+
+    public static <T> List<T> listFromLine(String line) {
+        return parse(line, TypeFactory.defaultInstance().constructCollectionType(List.class, LearnMore.class));
+    }
+
+    public static <T> T fromLine(String line) {
+        return parse(line, TypeFactory.defaultInstance().constructType(LearnMore.class));
+    }
+
+    private static <T> T parse(String line, JavaType type) {
+        T result = null;
+        try {
+            if (!StringUtils.isBlank(line) && isValidJSON(line)) {
+                result = new ObjectMapper().readValue(line, type);
+
+            }
+        } catch (IOException e) {
+            e.printStackTrace();
+        }
+        return result;
+    }
+
+    private static boolean isValidJSON(final String json) {
+        try {
+            final ObjectMapper mapper = new ObjectMapper();
+            mapper.readTree(json);
+            return true;
+        } catch (IOException e) {
+            return false;
+        }
+    }
+}
diff --git a/src/main/java/com/checkmarx/ast/learnMore/Sample.java b/src/main/java/com/checkmarx/ast/learnMore/Sample.java
@@ -0,0 +1,26 @@
+package com.checkmarx.ast.learnMore;
+
+import com.fasterxml.jackson.annotation.JsonCreator;
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
+import lombok.Value;
+
+@Value
+@JsonDeserialize()
+@JsonInclude(JsonInclude.Include.NON_NULL)
+@JsonIgnoreProperties(ignoreUnknown = true)
+
+public class Sample {
+    String progLanguage;
+    String code;
+    String title;
+
+    @JsonCreator
+    public Sample(@JsonProperty("progLanguage") String progLanguage, @JsonProperty("code") String code,@JsonProperty("title") String title) {
+        this.progLanguage = progLanguage;
+        this.code = code;
+        this.title = title;
+    }
+}
diff --git a/src/main/java/com/checkmarx/ast/wrapper/CxConstants.java b/src/main/java/com/checkmarx/ast/wrapper/CxConstants.java
@@ -59,4 +59,9 @@ public final class CxConstants {
     static final String CMD_UTILS = "utils";
     static final String CMD_REMEDIATION = "remediation";
     static final String SUB_CMD_REMEDIATION_SCA = "sca";
+    static final String SUB_CMD_REMEDIATION_KICS = "kics";
+    static final String KICS_REMEDIATION_RESULTS_FILE = "--results-file";
+    static final String KICS_REMEDIATION_KICS_FILE = "--kics-files";
+    static final String KICS_REMEDIATION_SIMILARITY = "--similarity-ids";
+    static final String SUB_CMD_LEARN_MORE = "learn-more";
 }
diff --git a/src/main/java/com/checkmarx/ast/wrapper/CxWrapper.java b/src/main/java/com/checkmarx/ast/wrapper/CxWrapper.java
@@ -2,6 +2,7 @@
 
 import com.checkmarx.ast.codebashing.CodeBashing;
 import com.checkmarx.ast.kicsRealtimeResults.KicsRealtimeResults;
+import com.checkmarx.ast.learnMore.LearnMore;
 import com.checkmarx.ast.predicate.Predicate;
 import com.checkmarx.ast.project.Project;
 import com.checkmarx.ast.remediation.KicsRemediation;
@@ -348,25 +349,39 @@ public KicsRemediation kicsRemediate(@NonNull String resultsFile, String kicsFil
 
         List<String> arguments = new ArrayList<>();
         arguments.add(this.executable);
-        arguments.add("utils");
-        arguments.add("remediation");
-        arguments.add("kics");
-        arguments.add("--results-file");
+        arguments.add(CxConstants.CMD_UTILS);
+        arguments.add(CxConstants.CMD_REMEDIATION);
+        arguments.add(CxConstants.SUB_CMD_REMEDIATION_KICS);
+        arguments.add(CxConstants.KICS_REMEDIATION_RESULTS_FILE);
         arguments.add(resultsFile);
-        arguments.add("--kics-files");
+        arguments.add(CxConstants.KICS_REMEDIATION_KICS_FILE);
         arguments.add(kicsFile);
         if (engine.length() > 0) {
             arguments.add(CxConstants.ENGINE);
             arguments.add(engine);
         }
         if (similarityIds.length() > 0) {
-            arguments.add("--similarity-ids");
+            arguments.add(CxConstants.KICS_REMEDIATION_SIMILARITY);
             arguments.add(similarityIds);
         }
         KicsRemediation remediation = Execution.executeCommand(arguments, logger, KicsRemediation::fromLine);
         return remediation;
     }
 
+    public List<LearnMore> learnMore(String queryId) throws CxException, IOException, InterruptedException {
+        List<String> arguments = new ArrayList<>();
+        arguments.add(this.executable);
+        arguments.add(CxConstants.CMD_UTILS);
+        arguments.add(CxConstants.SUB_CMD_LEARN_MORE);
+        arguments.add(CxConstants.QUERY_ID);
+        arguments.add(queryId);
+        arguments.add(CxConstants.FORMAT);
+        arguments.add(CxConstants.FORMAT_JSON);
+
+        List<LearnMore> learnMore = Execution.executeCommand(arguments, logger, LearnMore::listFromLine);
+        return learnMore;
+    }
+
     private int getIndexOfBfLNode(List<Node> bflNodes, List<Node> resultNodes) {
 
         int bflNodeNotFound = -1;
diff --git a/src/test/java/com/checkmarx/ast/LearnMoreTest.java b/src/test/java/com/checkmarx/ast/LearnMoreTest.java
@@ -0,0 +1,17 @@
+package com.checkmarx.ast;
+
+import com.checkmarx.ast.learnMore.LearnMore;
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.Test;
+import java.util.List;
+
+class LearnMoreTest extends BaseTest {
+    private static String QUERY_ID = "16772998409937314312";
+
+    @Test
+    void testLearnMore() throws Exception {
+        List<LearnMore> learnMore = wrapper.learnMore(QUERY_ID);
+        Assertions.assertTrue(learnMore.size()>0);
+    }
+
+}
