ASA-9110

src/main/java/com/hcl/appscan/jenkins/plugin/scanners/DynamicAnalyzer.java

@@ -198,6 +198,9 @@ public String upgradeLoginScenario(){
 	}
 
 	public void validateSettings(JenkinsAuthenticationProvider authProvider, Map<String, String> properties, IProgress progress) throws AbortException {
+		if(!ServiceUtil.hasDastEntitlement(authProvider)) {
+			throw new AbortException(Messages.error_dast_subscription_validation());
+		}
 		if (authProvider.isAppScan360() && properties.containsKey(Scanner.PRESENCE_ID)) {
 			throw new AbortException(Messages.error_presence_AppScan360());
 		}
@@ -337,6 +340,9 @@ public FormValidation doCheckScanFile(@QueryParameter String scanFile) {
 
 		public FormValidation doCheckTarget(@QueryParameter String target,@RelativePath("..") @QueryParameter String credentials, @AncestorInPath ItemGroup<?> context, @QueryParameter String presenceId) {
 			JenkinsAuthenticationProvider authProvider = new JenkinsAuthenticationProvider(credentials,context);
+			if(!ServiceUtil.hasDastEntitlement(authProvider)) {
+				return FormValidation.error(Messages.error_dast_subscription_validation());
+			}
 			if(!authProvider.isAppScan360() && presenceId != null && presenceId.equals(EMPTY) && !target.equals(EMPTY) && !ServiceUtil.isValidUrl(target, authProvider, authProvider.getProxy())) {
 				return FormValidation.error(Messages.error_url_validation_ui());
 			}

src/main/java/com/hcl/appscan/jenkins/plugin/scanners/SoftwareCompositionAnalyzer.java

@@ -8,6 +8,7 @@
 import com.hcl.appscan.jenkins.plugin.Messages;
 import com.hcl.appscan.jenkins.plugin.auth.JenkinsAuthenticationProvider;
 import com.hcl.appscan.sdk.logging.IProgress;
+import com.hcl.appscan.sdk.utils.ServiceUtil;
 import hudson.AbortException;
 import hudson.Extension;
 import hudson.RelativePath;
@@ -40,6 +41,10 @@ public String getType() {
     }
 
     public void validateSettings(JenkinsAuthenticationProvider authProvider, Map<String, String> properties, IProgress progress) throws AbortException {
+        if(!ServiceUtil.hasScaEntitlement(authProvider)) {
+            throw new AbortException(Messages.error_sca_subscription_validation());
+        }
+
         if (authProvider.isAppScan360()) {
             throw new AbortException(Messages.error_sca_AppScan360());
         }
@@ -62,6 +67,9 @@ public String getDisplayName() {
 
         public FormValidation doCheckTarget(@QueryParameter String target, @RelativePath("..") @QueryParameter String credentials, @AncestorInPath ItemGroup<?> context) {
             JenkinsAuthenticationProvider authProvider = new JenkinsAuthenticationProvider(credentials,context);
+            if(!ServiceUtil.hasScaEntitlement(authProvider)) {
+                return FormValidation.error(Messages.error_sca_subscription_validation());
+            }
             if(authProvider.isAppScan360()){
                 return FormValidation.error(Messages.error_sca_AppScan360_ui());
             }

src/main/java/com/hcl/appscan/jenkins/plugin/scanners/StaticAnalyzer.java

@@ -184,6 +184,10 @@
         }
 
         public void validateSettings(JenkinsAuthenticationProvider authProvider, Map<String, String> properties, IProgress progress) throws AbortException {
+            if(!ServiceUtil.hasSastEntitlement(authProvider)) {
+                throw new AbortException(Messages.error_sast_subscription_validation());
+            }
+
             if (authProvider.isAppScan360()) {
                 if (properties.containsKey(CoreConstants.OPEN_SOURCE_ONLY)) {
                     throw new AbortException(Messages.error_sca_AppScan360());
@@ -192,7 +196,9 @@
                     progress.setStatus(new Message(Message.WARNING, Messages.warning_include_sca_AppScan360()));
                     properties.remove(CoreConstants.INCLUDE_SCA);
                 }
-            } else if(properties.containsKey(CoreConstants.INCLUDE_SCA) && !ServiceUtil.hasScaEntitlement(authProvider)) {
+            }
+
+            if(properties.containsKey(CoreConstants.INCLUDE_SCA) && !ServiceUtil.hasScaEntitlement(authProvider)) {
                 progress.setStatus(new Message(Message.WARNING, Messages.warning_sca_subscription()));
                 properties.remove(CoreConstants.INCLUDE_SCA);
             }
@@ -201,7 +207,6 @@
             if (properties.containsKey(CoreConstants.INCLUDE_SCA) && properties.containsKey(CoreConstants.UPLOAD_DIRECT) && !properties.get(TARGET).endsWith(".irx")) {
                 throw new AbortException(Messages.error_invalid_format_include_sca());
             }
-
         }
 
         public Map<String,String> getProperties(VariableResolver<String> resolver) {
@@ -249,5 +254,13 @@
             }
             return FormValidation.ok();
         }
+
+        public FormValidation doCheckTarget(@RelativePath("..") @QueryParameter String credentials, @AncestorInPath ItemGroup<?> context, @QueryParameter String presenceId) {
+            JenkinsAuthenticationProvider authProvider = new JenkinsAuthenticationProvider(credentials,context);
+            if(!ServiceUtil.hasSastEntitlement(authProvider)) {
+                    return FormValidation.error(Messages.error_sast_subscription_validation());
+            }
+            return FormValidation.ok();
+        }
 	}
 }

src/main/resources/com/hcl/appscan/jenkins/plugin/Messages.properties

@@ -33,6 +33,9 @@ warning.asoc.certificates = Allowing Untrusted Connections is not applied to thi
 error.application.empty.ui = Application list is empty. Please check the credentials for service connection. 
 error.url.validation.ui = Unless this is a private network, please verify your domain.
 error.url.validation = An error occurred while validating the Starting URL: {0}.
+error.dast.subscription.validation= You don't have a valid DAST subscription.
+error.sast.subscription.validation= You don't have a valid SAST subscription.
+error.sca.subscription.validation= You don't have a valid SCA subscription.
 error.sca.AppScan360.ui= Software Composition Analysis is available in AppScan on Cloud only.
 warning.sca.ui= To scan open-source files, use the Software Composition Analysis (SCA) scan type.
 warning.sca= AppScan on Cloud (ASoC) now performs SAST and SCA analysis as separate scans. To execute an open-source only scan, use the Software Composition Analysis (SCA) scan type.