Class: SemgrepWebApp::Rule

Inherits:
BaseModel
  • Object
show all
Defined in:
lib/semgrep_web_app/models/rule.rb

Overview

Rule Model.

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Methods inherited from BaseModel

#check_for_conflict, #process_additional_properties, #process_array, #process_basic_value, #process_hash, #to_hash, #to_json

Constructor Details

#initialize(category: SKIP, confidence: SKIP, cwe_categories: SKIP, has_validators: SKIP, id: SKIP, languages: SKIP, last_change_at: SKIP, last_change_by: SKIP, owasp_categories: SKIP, path: SKIP, policy_mode: SKIP, registry_maintainer: SKIP, rulesets: SKIP, secret_type: SKIP, severity: SKIP, source: SKIP, technologies: SKIP, url: SKIP, vulnerability_class: SKIP, additional_properties: nil) ⇒ Rule

Returns a new instance of Rule.



166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
# File 'lib/semgrep_web_app/models/rule.rb', line 166

def initialize(category: SKIP, confidence: SKIP, cwe_categories: SKIP,
               has_validators: SKIP, id: SKIP, languages: SKIP,
               last_change_at: SKIP, last_change_by: SKIP,
               owasp_categories: SKIP, path: SKIP, policy_mode: SKIP,
               registry_maintainer: SKIP, rulesets: SKIP, secret_type: SKIP,
               severity: SKIP, source: SKIP, technologies: SKIP, url: SKIP,
               vulnerability_class: SKIP, additional_properties: nil)
  # Add additional model properties to the instance
  additional_properties = {} if additional_properties.nil?

  @category = category unless category == SKIP
  @confidence = confidence unless confidence == SKIP
  @cwe_categories = cwe_categories unless cwe_categories == SKIP
  @has_validators = has_validators unless has_validators == SKIP
  @id = id unless id == SKIP
  @languages = languages unless languages == SKIP
  @last_change_at = last_change_at unless last_change_at == SKIP
  @last_change_by = last_change_by unless last_change_by == SKIP
  @owasp_categories = owasp_categories unless owasp_categories == SKIP
  @path = path unless path == SKIP
  @policy_mode = policy_mode unless policy_mode == SKIP
  @registry_maintainer = registry_maintainer unless registry_maintainer == SKIP
  @rulesets = rulesets unless rulesets == SKIP
  @secret_type = secret_type unless secret_type == SKIP
  @severity = severity unless severity == SKIP
  @source = source unless source == SKIP
  @technologies = technologies unless technologies == SKIP
  @url = url unless url == SKIP
  @vulnerability_class = vulnerability_class unless vulnerability_class == SKIP
  @additional_properties = additional_properties
end

Instance Attribute Details

#categoryString

Category the Rule is associated with.

Returns:

  • (String)


15
16
17
# File 'lib/semgrep_web_app/models/rule.rb', line 15

def category
  @category
end

#confidenceConfidence

Confidence based on the Rule's false-positive rate.

value description
CONFIDENCE_HIGH
CONFIDENCE_MEDIUM
CONFIDENCE_LOW

Returns:



24
25
26
# File 'lib/semgrep_web_app/models/rule.rb', line 24

def confidence
  @confidence
end

#cwe_categoriesArray[String]

The CWE associated with the Rule.

Returns:

  • (Array[String])


28
29
30
# File 'lib/semgrep_web_app/models/rule.rb', line 28

def cwe_categories
  @cwe_categories
end

#has_validatorsTrueClass | FalseClass

When True, the secrets rule has validators.

Returns:

  • (TrueClass | FalseClass)


32
33
34
# File 'lib/semgrep_web_app/models/rule.rb', line 32

def has_validators
  @has_validators
end

#idString

ID of the Rule.

Returns:

  • (String)


36
37
38
# File 'lib/semgrep_web_app/models/rule.rb', line 36

def id
  @id
end

#languagesArray[String]

Languages the Rule applies to.

Returns:

  • (Array[String])


40
41
42
# File 'lib/semgrep_web_app/models/rule.rb', line 40

def languages
  @languages
end

#last_change_atDateTime

Timestamp of when the Rule was last changed.

Returns:

  • (DateTime)


44
45
46
# File 'lib/semgrep_web_app/models/rule.rb', line 44

def last_change_at
  @last_change_at
end

#last_change_byString

Username of who last changed the Rule.

Returns:

  • (String)


48
49
50
# File 'lib/semgrep_web_app/models/rule.rb', line 48

def last_change_by
  @last_change_by
end

#owasp_categoriesArray[String]

Owasp categories the Rule is associated with.

Returns:

  • (Array[String])


52
53
54
# File 'lib/semgrep_web_app/models/rule.rb', line 52

def owasp_categories
  @owasp_categories
end

#pathString

Full path of the Rule.

Returns:

  • (String)


56
57
58
# File 'lib/semgrep_web_app/models/rule.rb', line 56

def path
  @path
end

#policy_modePolicyMode

Mode behavior: Monitor / Comment / Block / Disabled

value description
MODE_MONITOR Monitor mode, silently report findings
MODE_COMMENT Comment mode, leaves PR comments but does not block
MODE_BLOCK Block mode, leaves PR comments and blocks PR
MODE_DISABLED Disabled mode, not active

Returns:



66
67
68
# File 'lib/semgrep_web_app/models/rule.rb', line 66

def policy_mode
  @policy_mode
end

#registry_maintainerString

The Registry maintainer associated with the Rule (if applicable).

Returns:

  • (String)


70
71
72
# File 'lib/semgrep_web_app/models/rule.rb', line 70

def registry_maintainer
  @registry_maintainer
end

#rulesetsArray[String]

Rulesets to which the Rule belongs (if applicable).

Returns:

  • (Array[String])


74
75
76
# File 'lib/semgrep_web_app/models/rule.rb', line 74

def rulesets
  @rulesets
end

#secret_typeString

The secret type (if applicable).

Returns:

  • (String)


78
79
80
# File 'lib/semgrep_web_app/models/rule.rb', line 78

def secret_type
  @secret_type
end

#severitySeverity

Severity level ("seriousness" of the finding)

value description
SEVERITY_HIGH
SEVERITY_MEDIUM
SEVERITY_LOW
SEVERITY_CRITICAL

Returns:



88
89
90
# File 'lib/semgrep_web_app/models/rule.rb', line 88

def severity
  @severity
end

#sourceSource

Source of the Rule

value description
SOURCE_PRO From Pro rules
SOURCE_COMMUNITY From Semgrep Community rules
SOURCE_CUSTOM From Custom rules

Returns:



97
98
99
# File 'lib/semgrep_web_app/models/rule.rb', line 97

def source
  @source
end

#technologiesArray[String]

Technologies the Rule is associated with.

Returns:

  • (Array[String])


101
102
103
# File 'lib/semgrep_web_app/models/rule.rb', line 101

def technologies
  @technologies
end

#urlString

The URL of the Rule.

Returns:

  • (String)


105
106
107
# File 'lib/semgrep_web_app/models/rule.rb', line 105

def url
  @url
end

#vulnerability_classArray[String]

Vulnerability classes the Rule is associated with.

Returns:

  • (Array[String])


109
110
111
# File 'lib/semgrep_web_app/models/rule.rb', line 109

def vulnerability_class
  @vulnerability_class
end

Class Method Details

.from_hash(hash) ⇒ Object

Creates an instance of the object from a hash.



199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
# File 'lib/semgrep_web_app/models/rule.rb', line 199

def self.from_hash(hash)
  return nil unless hash

  # Extract variables from the hash.
  category = hash.key?('category') ? hash['category'] : SKIP
  confidence = hash.key?('confidence') ? hash['confidence'] : SKIP
  cwe_categories = hash.key?('cweCategories') ? hash['cweCategories'] : SKIP
  has_validators = hash.key?('hasValidators') ? hash['hasValidators'] : SKIP
  id = hash.key?('id') ? hash['id'] : SKIP
  languages = hash.key?('languages') ? hash['languages'] : SKIP
  last_change_at = if hash.key?('lastChangeAt')
                     (DateTimeHelper.from_rfc3339(hash['lastChangeAt']) if hash['lastChangeAt'])
                   else
                     SKIP
                   end
  last_change_by = hash.key?('lastChangeBy') ? hash['lastChangeBy'] : SKIP
  owasp_categories =
    hash.key?('owaspCategories') ? hash['owaspCategories'] : SKIP
  path = hash.key?('path') ? hash['path'] : SKIP
  policy_mode = hash.key?('policyMode') ? hash['policyMode'] : SKIP
  registry_maintainer =
    hash.key?('registryMaintainer') ? hash['registryMaintainer'] : SKIP
  rulesets = hash.key?('rulesets') ? hash['rulesets'] : SKIP
  secret_type = hash.key?('secretType') ? hash['secretType'] : SKIP
  severity = hash.key?('severity') ? hash['severity'] : SKIP
  source = hash.key?('source') ? hash['source'] : SKIP
  technologies = hash.key?('technologies') ? hash['technologies'] : SKIP
  url = hash.key?('url') ? hash['url'] : SKIP
  vulnerability_class =
    hash.key?('vulnerabilityClass') ? hash['vulnerabilityClass'] : SKIP

  # Create a new hash for additional properties, removing known properties.
  new_hash = hash.reject { |k, _| names.value?(k) }

  additional_properties = APIHelper.get_additional_properties(
    new_hash, proc { |value| value }
  )

  # Create object from extracted values.
  Rule.new(category: category,
           confidence: confidence,
           cwe_categories: cwe_categories,
           has_validators: has_validators,
           id: id,
           languages: languages,
           last_change_at: last_change_at,
           last_change_by: last_change_by,
           owasp_categories: owasp_categories,
           path: path,
           policy_mode: policy_mode,
           registry_maintainer: registry_maintainer,
           rulesets: rulesets,
           secret_type: secret_type,
           severity: severity,
           source: source,
           technologies: technologies,
           url: url,
           vulnerability_class: vulnerability_class,
           additional_properties: additional_properties)
end

.namesObject

A mapping from model property names to API property names.



112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
# File 'lib/semgrep_web_app/models/rule.rb', line 112

def self.names
  @_hash = {} if @_hash.nil?
  @_hash['category'] = 'category'
  @_hash['confidence'] = 'confidence'
  @_hash['cwe_categories'] = 'cweCategories'
  @_hash['has_validators'] = 'hasValidators'
  @_hash['id'] = 'id'
  @_hash['languages'] = 'languages'
  @_hash['last_change_at'] = 'lastChangeAt'
  @_hash['last_change_by'] = 'lastChangeBy'
  @_hash['owasp_categories'] = 'owaspCategories'
  @_hash['path'] = 'path'
  @_hash['policy_mode'] = 'policyMode'
  @_hash['registry_maintainer'] = 'registryMaintainer'
  @_hash['rulesets'] = 'rulesets'
  @_hash['secret_type'] = 'secretType'
  @_hash['severity'] = 'severity'
  @_hash['source'] = 'source'
  @_hash['technologies'] = 'technologies'
  @_hash['url'] = 'url'
  @_hash['vulnerability_class'] = 'vulnerabilityClass'
  @_hash
end

.nullablesObject

An array for nullable fields



162
163
164
# File 'lib/semgrep_web_app/models/rule.rb', line 162

def self.nullables
  []
end

.optionalsObject

An array for optional fields



137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
# File 'lib/semgrep_web_app/models/rule.rb', line 137

def self.optionals
  %w[
    category
    confidence
    cwe_categories
    has_validators
    id
    languages
    last_change_at
    last_change_by
    owasp_categories
    path
    policy_mode
    registry_maintainer
    rulesets
    secret_type
    severity
    source
    technologies
    url
    vulnerability_class
  ]
end

Instance Method Details

#inspectObject

Provides a debugging-friendly string with detailed object information.



278
279
280
281
282
283
284
285
286
287
288
289
290
# File 'lib/semgrep_web_app/models/rule.rb', line 278

def inspect
  class_name = self.class.name.split('::').last
  "<#{class_name} category: #{@category.inspect}, confidence: #{@confidence.inspect},"\
  " cwe_categories: #{@cwe_categories.inspect}, has_validators: #{@has_validators.inspect},"\
  " id: #{@id.inspect}, languages: #{@languages.inspect}, last_change_at:"\
  " #{@last_change_at.inspect}, last_change_by: #{@last_change_by.inspect}, owasp_categories:"\
  " #{@owasp_categories.inspect}, path: #{@path.inspect}, policy_mode:"\
  " #{@policy_mode.inspect}, registry_maintainer: #{@registry_maintainer.inspect}, rulesets:"\
  " #{@rulesets.inspect}, secret_type: #{@secret_type.inspect}, severity:"\
  " #{@severity.inspect}, source: #{@source.inspect}, technologies: #{@technologies.inspect},"\
  " url: #{@url.inspect}, vulnerability_class: #{@vulnerability_class.inspect},"\
  " additional_properties: #{@additional_properties}>"
end

#to_custom_last_change_atObject



260
261
262
# File 'lib/semgrep_web_app/models/rule.rb', line 260

def to_custom_last_change_at
  DateTimeHelper.to_rfc3339(last_change_at)
end

#to_sObject

Provides a human-readable string representation of the object.



265
266
267
268
269
270
271
272
273
274
275
# File 'lib/semgrep_web_app/models/rule.rb', line 265

def to_s
  class_name = self.class.name.split('::').last
  "<#{class_name} category: #{@category}, confidence: #{@confidence}, cwe_categories:"\
  " #{@cwe_categories}, has_validators: #{@has_validators}, id: #{@id}, languages:"\
  " #{@languages}, last_change_at: #{@last_change_at}, last_change_by: #{@last_change_by},"\
  " owasp_categories: #{@owasp_categories}, path: #{@path}, policy_mode: #{@policy_mode},"\
  " registry_maintainer: #{@registry_maintainer}, rulesets: #{@rulesets}, secret_type:"\
  " #{@secret_type}, severity: #{@severity}, source: #{@source}, technologies:"\
  " #{@technologies}, url: #{@url}, vulnerability_class: #{@vulnerability_class},"\
  " additional_properties: #{@additional_properties}>"
end