Skip to content

Commit

Permalink
Merge pull request #7035 from Checkmarx/AST-40687
Browse files Browse the repository at this point in the history 
fix(query): slight refactor to actually filter the correct/wanted codes
  • Loading branch information
@cx-andrep
cx-andrep authored May 9, 2024
2 parents a69c7d6 + c10053f commit 6a5eadf
Show file tree
Hide file tree
Showing 2 changed files with 123 additions and 8 deletions.
16 changes: 8 additions & 8 deletions assets/queries/openAPI/general/response_operations_body_schema_undefined/query.rego
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,9 +9,9 @@ CxPolicy[result] {
version != "undefined"

operation := doc.paths[p][op]
acceptable_response(operation, op)

response := operation.responses[code]
acceptable_response(code, op)

key := get_key_by_version(version)
not common_lib.valid_key(response, key)

Expand All @@ -31,9 +31,10 @@ CxPolicy[result] {
version == "3.0"

operation := doc.paths[path][op]
acceptable_response(operation, op)
response := operation.responses[code]
acceptable_response(code, op)

count(operation.responses[code].content) == 0
count(response.content) == 0

result := {
"documentId": doc.id,
Expand All @@ -50,9 +51,9 @@ CxPolicy[result] {
version == "3.0"

operation := doc.paths[path][op]
acceptable_response(operation, op)

response := operation.responses[code]
acceptable_response(code, op)

responses := response.content[content_type]
not common_lib.valid_key(responses, "schema")

Expand All @@ -65,13 +66,12 @@ CxPolicy[result] {
}
}

acceptable_response(operation, op) {
acceptable_response(code, op) {
operation_should_have_content := ["get", "put", "post", "delete", "options", "patch", "trace"]
common_lib.equalsOrInArray(operation_should_have_content, lower(op))

response_code_should_not_have_content := ["204", "304"]

response := operation.responses[code]
not common_lib.equalsOrInArray(response_code_should_not_have_content, lower(code))
}

Expand Down
115 changes: 115 additions & 0 deletions assets/queries/openAPI/general/response_operations_body_schema_undefined/test/negative5.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,115 @@
{
"openapi": "3.0.1",
"info": {
"title": "Test",
"description": "test",
"version": "1.0"
},
"servers": [
{
"url": "https://example.com",
"description": "Example"
}
],
"paths": {
"/Header/{SourceID}": {
"get": {
"summary": "Forecast Header Updates",
"description": "Get Forecast Header channel data from MDM for a given source.",
"operationId": "GetForecastHeader",
"parameters": [],
"responses": {
"200": {
"description": "",
"headers": {
"x-test-forecasts-ack-id": {
"schema": {
"type": "string"
}
}
},
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/ForecastHeaders"
}
},
"text/plain": {
"schema": {
"$ref": "#/components/schemas/ForecastHeaders"
},
"examples": {
"default": {
"value": null
}
}
}
}
},
"204": {
"description": "There are no more updates available."
}
}
}
},
"/Detail/{SourceID}": {
"get": {
"summary": "Forecast Detail Updates",
"description": "Get Forecast Header channel data from MDM for a given source.",
"operationId": "GetForecastDetail",
"parameters": [],
"responses": {
"200": {
"description": "",
"headers": {
"x-test-forecastdetails-ack-id": {
"schema": {
"type": "string"
}
}
},
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/ForecastDetails"
}
},
"text/plain": {
"schema": {
"$ref": "#/components/schemas/ForecastDetails"
},
"examples": {
"default": {
"value": null
}
}
}
}
},
"204": {
"description": "There are no more updates available."
}
}
}
}
},
"components": {
"schemas": {
},
"securitySchemes": {
"apiKeyHeader": {
"type": "apiKey",
"name": "Ocp-Apim-Subscription-Key",
"in": "header"
}
}
},
"security": [
{
"apiKeyHeader": []
},
{
"apiKeyQuery": []
}
]
}

0 comments on commit 6a5eadf

Please sign in to comment.