Documentation
¶
Index ¶
Constants ¶
View Source
const ( // MaxSize defines a maximum result size for tests. MaxSize = 100 // DefaultSize defines a default result size for tests. DefaultSize = 20 // NonExistingID represents a ID that does not exist. NonExistingID = "00000000-0000-0000-0000-000000000000" )
Variables ¶
View Source
var FindingEvents = []model.FindingEvent{ model.FindingEvent{ ID: "", FindingID: "a2a90241-c874-4468-9a32-e8f693b12bdc", SourceID: "8d374ed5-d597-4885-b616-e67e2276790d", Time: time.Time{}, }, model.FindingEvent{ ID: "", FindingID: "884337cd-64fa-43b9-94cc-d7ca9063f34b", SourceID: "8d374ed5-d597-4885-b616-e67e2276790d", Time: time.Time{}, }, model.FindingEvent{ ID: "", FindingID: "9bc5db4c-cf26-4d31-941b-c2a81a7f9aa6", SourceID: "a821207c-5129-42c0-b139-d66f89cc18c0", Time: time.Time{}, }, model.FindingEvent{ ID: "", FindingID: "7e28089c-a738-40d8-a7b3-c94c5f2c5b7d", SourceID: "a821207c-5129-42c0-b139-d66f89cc18c0", Time: time.Time{}, }, model.FindingEvent{ ID: "", FindingID: "7af75c37-b70e-45e2-99ff-21eb636dd887", SourceID: "a02c0e1e-1f0c-4241-b4c7-4a878684b932", Time: time.Time{}, }, model.FindingEvent{ ID: "", FindingID: "b86390d6-8ed2-4165-a0c9-09d7cf5ff051", SourceID: "901d41d4-de2c-4568-ab60-90f3930a2f39", Time: time.Time{}, }, }
View Source
var FindingExposures = []model.FindingExposure{ model.FindingExposure{ FindingID: "a2a90241-c874-4468-9a32-e8f693b12bdc", FoundAt: time.Time{}, FixedAt: time.Time{}, TTR: 5, }, model.FindingExposure{ FindingID: "9bc5db4c-cf26-4d31-941b-c2a81a7f9aa6", FoundAt: time.Time{}, FixedAt: time.Time{}, TTR: 2, }, }
View Source
var Findings = []model.Finding{ model.Finding{ ID: "a2a90241-c874-4468-9a32-e8f693b12bdc", IssueID: "8e0eec6e-51ba-4010-b668-88d0bd8c61b0", TargetID: "ba0bc62b-01ef-495f-b138-a9fa564f1fa9", AffectedResource: "onetimesecret-dev.adevinta.com", Details: "", Resources: nil, Status: "FIXED", Score: 3.9, TotalExposure: 100, }, model.Finding{ ID: "884337cd-64fa-43b9-94cc-d7ca9063f34b", IssueID: "970141d2-541e-45af-a0b6-0e9fce11f9f0", TargetID: "ba0bc62b-01ef-495f-b138-a9fa564f1fa9", AffectedResource: "onetimesecret-dev.adevinta.com", Details: "", Resources: []model.ResourceGroup{ model.ResourceGroup{ Name: "Network", Attributes: []string{"ip", "port"}, Resources: []map[string]string{ { "ip": "127.0.0.1", "port": "80", }, }, }, }, Status: "OPEN", Score: 0, TotalExposure: 124, OpenFinding: &model.OpenFinding{ CurrentExposure: 24, }, }, model.Finding{ ID: "9bc5db4c-cf26-4d31-941b-c2a81a7f9aa6", IssueID: "b7044a17-7550-47ed-9f0f-503b6f832e37", TargetID: "ba0bc62b-01ef-495f-b138-a9fa564f1fa9", AffectedResource: "onetimesecret-dev.adevinta.com", Details: "", Resources: []model.ResourceGroup{ model.ResourceGroup{ Name: "Network", Attributes: []string{"ip", "port"}, Resources: []map[string]string{ { "ip": "127.0.0.1", "port": "80", }, }, }, }, Status: "OPEN", Score: 0, TotalExposure: 48, OpenFinding: &model.OpenFinding{ CurrentExposure: 24, }, }, model.Finding{ ID: "7e28089c-a738-40d8-a7b3-c94c5f2c5b7d", IssueID: "8e0eec6e-51ba-4010-b668-88d0bd8c61b0", TargetID: "a05f65fb-764d-4caf-8560-891922f37948", AffectedResource: "onetimesecret.adevinta.com", Details: "", Resources: []model.ResourceGroup{ model.ResourceGroup{ Name: "Network", Attributes: []string{"ip", "port"}, Resources: []map[string]string{ { "ip": "127.0.0.1", "port": "80", }, }, }, }, Status: "OPEN", Score: 3.9, TotalExposure: 36, OpenFinding: &model.OpenFinding{ CurrentExposure: 12, }, }, model.Finding{ ID: "7af75c37-b70e-45e2-99ff-21eb636dd887", IssueID: "970141d2-541e-45af-a0b6-0e9fce11f9f0", TargetID: "a05f65fb-764d-4caf-8560-891922f37948", AffectedResource: "onetimesecret.adevinta.com", Details: "", Resources: []model.ResourceGroup{ model.ResourceGroup{ Name: "Network", Attributes: []string{"ip", "port"}, Resources: []map[string]string{ { "ip": "127.0.0.1", "port": "80", }, }, }, }, Status: "OPEN", Score: 0, TotalExposure: 72, OpenFinding: &model.OpenFinding{ CurrentExposure: 24, }, }, model.Finding{ ID: "b86390d6-8ed2-4165-a0c9-09d7cf5ff051", IssueID: "b7044a17-7550-47ed-9f0f-503b6f832e37", TargetID: "a05f65fb-764d-4caf-8560-891922f37948", AffectedResource: "onetimesecret.adevinta.com", Details: "", Resources: []model.ResourceGroup{ model.ResourceGroup{ Name: "Network", Attributes: []string{"ip", "port"}, Resources: []map[string]string{ { "ip": "127.0.0.1", "port": "80", }, }, }, }, Status: "OPEN", Score: 0, TotalExposure: 12, OpenFinding: &model.OpenFinding{ CurrentExposure: 6, }, }, }
View Source
var Issues = []model.Issue{ model.Issue{ ID: "8e0eec6e-51ba-4010-b668-88d0bd8c61b0", Summary: "HTTP Subresource Integrity Misconfiguration", CWEID: 358, Description: "Subresource integrity is a recent W3C standard that protects against attackers modifying the contents of JavaScript libraries hosted on content delivery networks (CDNs) in order to create vulnerabilities in all websites that make use of that hosted library. Subresource integrity locks an external JavaScript resource to its known contents at a specific point in time. If the file is modified at any point thereafter supporting web browsers will refuse to load it. As such the use of subresource integrity is mandatory for all external JavaScript resources loaded from sources not hosted on Mozilla-controlled systems.", Recommendations: []string{"Add the \"integrity\" attribute to every external resource loaded into the webpage. Load external resources from https."}, ReferenceLinks: []string{"https://wiki.mozilla.org/Security/Guidelines/Web_Security#Subresource_Integrity", "https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity", "https://observatory.mozilla.org/"}, }, model.Issue{ ID: "970141d2-541e-45af-a0b6-0e9fce11f9f0", Summary: "Mozilla HTTP Observatory", CWEID: 0, Description: "The Mozilla HTTP Observatory is a set of tools to analyze your website and inform you if you are utilizing the many available methods to secure it. Some of the HTTP check results shown in this report come from using this tool. As the tool is giving a global score we are showing it to you too. ", Recommendations: []string{"Fix all the vulnerabilities reported for the HTTP headers of your website to improve the score."}, ReferenceLinks: []string{"https://github.com/mozilla/http-observatory/blob/master/httpobs/docs/scoring.md", "https://observatory.mozilla.org/"}, }, model.Issue{ ID: "b7044a17-7550-47ed-9f0f-503b6f832e37", Summary: "Exposed HTTP Port", CWEID: 0, Description: "An HTTP server is listening at least in one port ot the server.", Recommendations: []string{}, ReferenceLinks: []string{}, }, }
View Source
var Options = struct { MaxSize int DefaultSize int }{ MaxSize: MaxSize, DefaultSize: DefaultSize, }
Options holds test configuration options for the API.
View Source
var Sources = []model.Source{ model.Source{ ID: "a02c0e1e-1f0c-4241-b4c7-4a878684b932", Name: "vulcan", Component: "vulcan-exposed-http", Instance: "2c4892c7-1ff6-41d1-991f-5bc406570b07", Options: "{}", }, model.Source{ ID: "8d374ed5-d597-4885-b616-e67e2276790d", Name: "vulcan", Component: "vulcan-http-headers", Instance: "e3732074-b903-4243-a5da-6dc8f2e6bf07", Options: "{}", }, model.Source{ ID: "901d41d4-de2c-4568-ab60-90f3930a2f39", Name: "vulcan", Component: "vulcan-exposed-http", Instance: "2c4892c7-1ff6-41d1-991f-5bc406570b07", Options: "{\"foo\":\"bar\"}", }, model.Source{ ID: "a821207c-5129-42c0-b139-d66f89cc18c0", Name: "vulcan", Component: "vulcan-http-headers", Instance: "e3732074-b903-4243-a5da-6dc8f2e6bf07", Options: "{\"foo\":\"bar\"}", }, }
View Source
var Targets = []model.Target{ model.Target{ ID: "ba0bc62b-01ef-495f-b138-a9fa564f1fa9", Identifier: "onetimesecret-dev.adevinta.com", Teams: []string{ "e84cfeeb-7a2b-442b-b1cf-15af8b4a52d3", }, }, model.Target{ ID: "a05f65fb-764d-4caf-8560-891922f37948", Identifier: "onetimesecret.adevinta.com", Teams: []string{ "e84cfeeb-7a2b-442b-b1cf-15af8b4a52d3", }, }, model.Target{ ID: "ca591af1-a4e2-49dd-acd4-d9140a23c07a", Identifier: "strongbox.adevinta.com", Teams: []string{ "e84cfeeb-7a2b-442b-b1cf-15af8b4a52d3", }, }, }
Functions ¶
func JSONObject ¶
func JSONObject(t *testing.T, rec *httptest.ResponseRecorder, field string, element interface{})
JSONObject retrieves a JSON object from a ResponseRecorder into a struct or fails the test.
Types ¶
type Case ¶
type Case struct {
Name string
RequestURI string
RequestBody RequestBody
Test func(*testing.T, *httptest.ResponseRecorder)
}
Case represents a sub-test case for the API.
type MockDB ¶
type MockDB struct {
postgresql.DB
}
MockDB composes on top of PosgreSQL to avoid implementing untested methods.
type RequestBody ¶
type RequestBody struct {
Payload interface{}
ContentType string
}
Source Files
Click to show internal directories.
Click to hide internal directories.