Added comments, type hints and other minor changes in the scoutsuite code

2021-02-05 11:05:22 +02:00 · 2021-02-05 11:05:22 +02:00 · 9444067250
parent bcfa8fff78
commit 9444067250
6 changed files with 19 additions and 3 deletions
--- a/monkey/monkey_island/cc/resources/zero_trust/zero_trust_report.py
+++ b/monkey/monkey_island/cc/resources/zero_trust/zero_trust_report.py
@ -26,6 +26,7 @@ class ZeroTrustReport(flask_restful.Resource):
        elif report_data == REPORT_DATA_FINDINGS:
            return jsonify(FindingService.get_all_findings())
        elif report_data == REPORT_DATA_SCOUTSUITE:
+            # Raw ScoutSuite data is already solved as json, no need to jsonify
            return Response(ScoutSuiteRawDataService.get_scoutsuite_data_json(),
                            mimetype='application/json')

--- a/monkey/monkey_island/cc/services/zero_trust/monkey_findings/monkey_zt_finding_service.py
+++ b/monkey/monkey_island/cc/services/zero_trust/monkey_findings/monkey_zt_finding_service.py
@ -11,7 +11,7 @@ from monkey_island.cc.models.zero_trust.monkey_finding_details import MonkeyFind
 class MonkeyZTFindingService:

    @staticmethod
-    def create_or_add_to_existing(test, status, events):
+    def create_or_add_to_existing(test: str, status: str, events: str):
        """
        Create a new finding or add the events to an existing one if it's the same (same meaning same status and same
        test).
--- a/monkey/monkey_island/cc/services/zero_trust/scoutsuite/consts/scoutsuite_findings.py
+++ b/monkey/monkey_island/cc/services/zero_trust/scoutsuite/consts/scoutsuite_findings.py
@ -22,7 +22,7 @@ from .rule_names.vpc_rules import VPCRules
 class ScoutSuiteFinding(ABC):
    @property
    @abstractmethod
-    def rules(self) -> List[str]:
+    def rules(self) -> List[EC2Rules]:
        pass

    @property
--- a/monkey/monkey_island/cc/services/zero_trust/test_common/monkey_finding_data.py
+++ b/monkey/monkey_island/cc/services/zero_trust/test_common/monkey_finding_data.py
@ -5,7 +5,7 @@ EVENTS = [
    {
        "timestamp": "2021-01-20T15:40:28.357Z",
        "title": "Process list",
-        "message": "Monkey on gc-pc-244 scanned the process list",
+        "message": "Monkey on pc-24 scanned the process list",
        "event_type": "monkey_local"
    },
    {
--- a/monkey/monkey_island/cc/ui/src/components/report-components/zerotrust/scoutsuite/RuleDisplay.js
+++ b/monkey/monkey_island/cc/ui/src/components/report-components/zerotrust/scoutsuite/RuleDisplay.js
@ -36,6 +36,8 @@ export default function RuleDisplay(props) {
          <p className={'reference-list-title'}>References:</p>
          {references}
        </div>)
+    } else {
+      return null;
    }
  }

@ -56,6 +58,8 @@ export default function RuleDisplay(props) {
          <p className={'reference-list-title'}>Flagged resources (<b>{props.rule.flagged_items}</b>):</p>
          {resources}
        </div>)
+    } else {
+      return null;
    }
  }
 }
--- a/monkey/monkey_island/cc/ui/src/components/report-components/zerotrust/scoutsuite/ScoutSuiteDataParser.js
+++ b/monkey/monkey_island/cc/ui/src/components/report-components/zerotrust/scoutsuite/ScoutSuiteDataParser.js
@ -15,6 +15,12 @@ export default class ScoutSuiteDataParser {
    return this.getObjectValueByPath(resourcePath, this.runResults);
  }

+  /**
+   * Replaces id's in template path with id's from item path to form actual path to the object
+   * @param itemPath e.g.     s3.buckets.da1e7081077ce92.secure_transport_enabled
+   * @param templatePath e.g. s3.buckets.id
+   * @returns {*} e.g.        s3.buckets.da1e7081077ce92
+   */
  fillTemplatePath(itemPath, templatePath) {
    let itemPathArray = itemPath.split('.');
    let templatePathArray = templatePath.split('.');
@ -42,6 +48,11 @@ export default class ScoutSuiteDataParser {
    return source;
  }

+  /**
+   * Gets next key from the path
+   * @param path e.g. s3.buckets.id
+   * @returns {string|*} s3
+   */
  getNextKeyInPath(path) {
    if (path.indexOf('.') !== -1) {
      return path.substr(0, path.indexOf('.'));