Added latest committer email for JSON bug tracker (#1301)

* Added latest committer email for JSON bug tracker

* Added documentation

* updated testcase

* added null checks

* updated testcase

* update testcases

* Updated testcase

* updated testcase

build-11.gradle

@@ -5,7 +5,7 @@ buildscript {
 
 
 
-         CxSBSDK = "0.5.66"
+         CxSBSDK = "0.5.67"
 
          ConfigProviderVersion = "1.0.9"
         //cxVersion = "8.90.5"

build.gradle

@@ -1,7 +1,7 @@
 buildscript {
     ext {
 
-CxSBSDK = "0.5.66"
+CxSBSDK = "0.5.67"
 
         ConfigProviderVersion = "1.0.10"
         //cxVersion = "8.90.5"

docs/Bug-Trackers-and-Feedback-Channels.md

@@ -655,16 +655,19 @@ cx-xml:
 The file system path as well as the file naming format is required.
 
 ## <a name="json">Json</a>
-The JSON bug-tracker (defined as Json), is useful if you would like to retrieve all of the latest scan results per project (batch mode) from Checkmarx per project, Team, or entire instance. The CxFlow JSON configuration block requires you to specify the path where reports are created and file name format to when creating reports, example:
+The JSON bug-tracker (defined as Json), is useful if you would like to retrieve all the latest scan results per project (batch mode) from Checkmarx per project, Team, or entire instance. The CxFlow JSON configuration block requires you to specify the path where reports are created and file name format to when creating reports, example:
 
 ```
 json:
    file-name-format: "[NAMESPACE]-[REPO]-[BRANCH]-[TIME].xml"
    data-folder: "C:\\tmp
+   latest-committer-email: true
 ```
 
 The report contents will be a JSON representation of the ScanResults object, which includes issues based on the filtering specified in the main config block (cx-flow). You can determine how results Checkmarx found by looking at the "scanSummary" section, and you can determine how many results CxFlow reported after applying filters by looking at the "flow-summary" section. Each vulnerability found will appear in the "xissues" list.
 
+The boolean property `latest-committer-email` needs to be true in order to retrieve the latest committer email. By default, it is false. This property is only compatible with WEB mode.
+
 The "XIssue" item looks like the following sample:
 
 ```

src/main/java/com/checkmarx/flow/controller/ADOController.java

@@ -293,7 +293,10 @@ public ResponseEntity<EventResponse> pushRequest(
                     .organizationId(determineNamespace(resourceContainers))
                     .gitUrl(gitUrl)
                     .build();
-
+            if(body.getResource().getCommits()!=null)
+            {
+                request.setLatestCommitterEmail(body.getResource().getCommits().get(0).getAuthor().getEmail());
+            }
             setScmInstance(controllerRequest, request);
             request.putAdditionalMetadata(ADOService.PROJECT_SELF_URL, getTheProjectURL(body.getResourceContainers()));
             addMetadataToScanRequest(adoDetailsRequest, request);

src/main/java/com/checkmarx/flow/controller/GitHubController.java

@@ -377,7 +377,10 @@ public ResponseEntity<EventResponse> pushRequest(
 
             request.putAdditionalMetadata(HTMLHelper.WEB_HOOK_PAYLOAD, body);
             request.setId(uid);
-
+            if(event.getCommits()!=null && event.getCommits().size()!=0)
+            {
+                request.setLatestCommitterEmail(event.getCommits().get(0).getAuthor().getEmail());
+            }
             //only initiate scan/automation if branch is applicable
             if(helperService.isBranch2Scan(request, branches)){
                 log.debug(repository.getId()+" :: Calling  isBranch2Scan function End : "+System.currentTimeMillis());

src/main/java/com/checkmarx/flow/controller/GitLabController.java

@@ -248,7 +248,6 @@ public ResponseEntity<EventResponse> pushRequest(
 
             BugTracker bt = ScanUtils.getBugTracker(controllerRequest.getAssignee(), bugType, jiraProperties, controllerRequest.getBug());
             FilterConfiguration filter = filterFactory.getFilter(controllerRequest, flowProperties);
-
             Project proj = body.getProject();
 
             String gitUrl = proj.getGitHttpUrl();
@@ -285,6 +284,10 @@ public ResponseEntity<EventResponse> pushRequest(
             /*Determine emails*/
             List<String> emails = new ArrayList<>();
             String commitEndpoint = null;
+            if(body.getCommits().get(0).getAuthor().getEmail()!=null)
+            {
+                request.setLatestCommitterEmail(body.getCommits().get(0).getAuthor().getEmail());
+            }
             commitEndpoint = setUserEmail(body, bugType, proj, request, emails, commitEndpoint);
 
             request.setMergeNoteUri(commitEndpoint);

src/main/java/com/checkmarx/flow/controller/bitbucket/cloud/BitbucketCloudController.java

@@ -295,7 +295,10 @@ public ResponseEntity<EventResponse> pushRequest(
                     .gitUrl(gitUrl)
                     .build();
 
-
+            if(body.getPush().getChanges().get(0).getCommits().get(0).getAuthor().getUsername()!=null)
+            {
+                request.setLatestCommitterEmail(body.getPush().getChanges().get(0).getCommits().get(0).getAuthor().getUsername());
+            }
             setScmInstance(controllerRequest, request);
             fillRequestWithAdditionalData(request, repository, body.toString());
             checkForConfigAsCode(request);

src/main/java/com/checkmarx/flow/custom/JsonIssueTracker.java

@@ -54,6 +54,9 @@ public void complete(ScanRequest request, ScanResults results) throws MachinaExc
         try {
             ObjectMapper mapper = new ObjectMapper();
             mapper.setSerializationInclusion(JsonInclude.Include.NON_NULL);
+            if(properties.isLatestCommitterEmail()) {
+                results.setLatestCommitterEmail(request.getLatestCommitterEmail());
+            }
             if(request != null && results != null) {
                 mapper.writeValue(new File(request.getFilename()).getCanonicalFile(), results);
             } else {

src/main/java/com/checkmarx/flow/custom/JsonProperties.java

@@ -11,6 +11,7 @@ public class JsonProperties {
     //TEAM, PROJECT, APP, BRANCH, REPO, NAMESPACE, TIME (YYYYMMDD.HHMMSS
     private String fileNameFormat = "[APP]-[BRANCH]-[TIME]";
     private String dataFolder = "/tmp";
+    private boolean latestCommitterEmail = false;
 
     public String getFileNameFormat() {
         return fileNameFormat;
@@ -27,4 +28,10 @@ public String getDataFolder() {
     public void setDataFolder(String dataFolder) {
         this.dataFolder = dataFolder;
     }
+    public boolean isLatestCommitterEmail() {
+        return latestCommitterEmail;
+    }
+    public void setLatestCommitterEmail(boolean latestCommitterEmail) {
+        this.latestCommitterEmail = latestCommitterEmail;
+    }
 }

src/main/java/com/checkmarx/flow/dto/ScanRequest.java

@@ -154,6 +154,8 @@ public class ScanRequest {
 
     @Getter @Setter @Builder.Default
     private boolean publicScan=true;
+    @Getter @Setter
+    private String latestCommitterEmail;
 
     public ScanRequest(ScanRequest other) {
         this.namespace = other.namespace;

src/main/java/com/checkmarx/flow/handlers/bitbucket/server/BitbucketServerPushHandler.java

@@ -74,7 +74,10 @@ public ResponseEntity<EventResponse> execute(String uid) {
                     .filter(filter)
                     .hash(latestCommit)
                     .build();
-
+            if(emails.get(0)!=null)
+            {
+                request.setLatestCommitterEmail(emails.get(0));
+            }
             webhookUtils.setScmInstance(controllerRequest, request);
             setBrowseUrl(request);
             fillRequestWithCommonAdditionalData(request, toProjectKey, toSlug, webhookPayload);