Class: Dev::Audit::Report

Inherits:
Object show all
Defined in:
lib/firespring_dev_commands/audit/report.rb,
lib/firespring_dev_commands/audit/report/item.rb,
lib/firespring_dev_commands/audit/report/levels.rb

Overview

The class containing standardized information about an audit report

Defined Under Namespace

Classes: Item, Level

Constant Summary collapse

LEVELS =

All supported audit report levels in ascending order of severity

[
  Level::INFO,
  Level::LOW,
  Level::MODERATE,
  Level::HIGH,
  Level::CRITICAL,
  Level::UNKNOWN
].freeze

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(items, min_severity: ENV.fetch('MIN_SEVERITY', nil), error_on_unknown: ENV.fetch('ERROR_ON_UNKNOWN', nil), ignorelist: ENV['IGNORELIST'].to_s.split(/\s*,\s*/)) ⇒ Report

Returns a new instance of Report.



8
9
10
11
12
13
14
15
16
17
18
19
20
21
 
# File 'lib/firespring_dev_commands/audit/report.rb', line 8

def initialize(
  items,
  min_severity: ENV.fetch('MIN_SEVERITY', nil),
  error_on_unknown: ENV.fetch('ERROR_ON_UNKNOWN', nil),
  ignorelist: ENV['IGNORELIST'].to_s.split(/\s*,\s*/)
)
  # Items should be an array of Item objects
  @items = Array(items)
  raise 'items must all be report items' unless @items.all?(Dev::Audit::Report::Item)

  @min_severity = min_severity || Level::HIGH
  @error_on_unknown = error_on_unknown
  @ignorelist = Array(ignorelist).compact
end

Instance Attribute Details

#error_on_unknownObject

Returns the value of attribute error_on_unknown.



6
7
8
 
# File 'lib/firespring_dev_commands/audit/report.rb', line 6

def error_on_unknown
  @error_on_unknown
end

#filtered_itemsObject

Run the filters against the report items and filter out any which should be excluded



34
35
36
 
# File 'lib/firespring_dev_commands/audit/report.rb', line 34

def filtered_items
  @filtered_items
end

#ignorelistObject

Returns the value of attribute ignorelist.



6
7
8
 
# File 'lib/firespring_dev_commands/audit/report.rb', line 6

def ignorelist
  @ignorelist
end

#itemsObject

Returns the value of attribute items.



6
7
8
 
# File 'lib/firespring_dev_commands/audit/report.rb', line 6

def items
  @items
end

#min_severityObject

Returns the value of attribute min_severity.



6
7
8
 
# File 'lib/firespring_dev_commands/audit/report.rb', line 6

def min_severity
  @min_severity
end

Instance Method Details

#checkObject

Output the text of the filtered report items Exit with a non-zero status if any vulnerabilities were found



40
41
42
43
44
45
 
# File 'lib/firespring_dev_commands/audit/report.rb', line 40

def check
  puts(self)
  return if filtered_items.empty?

  at_exit { exit(1) }
end

#desired_severitiesObject

Get all severities greater than or equal to the minimum severity



24
25
26
27
28
29
30
31
 
# File 'lib/firespring_dev_commands/audit/report.rb', line 24

def desired_severities
  max_severity = if error_on_unknown.to_s.strip == 'true'
                   -1
                 else
                   -2
                 end
  LEVELS.slice(LEVELS.find_index(min_severity)..max_severity)
end

#to_sObject

Returns a string representation of this audit report



48
49
50
51
52
53
54
55
 
# File 'lib/firespring_dev_commands/audit/report.rb', line 48

def to_s
  return 'No security vulnerabilities found'.green if filtered_items.empty?

  [].tap do |ary|
    ary << "Found #{filtered_items.length} security vulnerabilities:".white.on_red
    filtered_items.each { |item| ary << item.to_s }
  end.join("\n")
end