DAST rescan

src/main/java/com/hcl/appscan/jenkins/plugin/builders/AppScanBuildStep.java

@@ -273,7 +273,7 @@ private Map<String, String> getScanProperties(Run<?,?> build, TaskListener liste
 			Map<String, String> properties = m_scanner.getProperties(resolver);
 			properties.put(CoreConstants.SCANNER_TYPE, m_scanner.getType());
 			properties.put(CoreConstants.APP_ID, m_application);
-			properties.put(CoreConstants.SCAN_NAME, resolver == null ? m_name : Util.replaceMacro(m_name, resolver) + "_" + SystemUtil.getTimeStamp()); //$NON-NLS-1$
+			properties.put(CoreConstants.SCAN_NAME, (resolver == null ? m_name : Util.replaceMacro(m_name, resolver)) + "_" + SystemUtil.getTimeStamp()); //$NON-NLS-1$
 			properties.put(CoreConstants.EMAIL_NOTIFICATION, Boolean.toString(m_emailNotification));
 			properties.put(CoreConstants.PERSONAL_SCAN, Boolean.toString(m_personalScan));
 			properties.put("FullyAutomatic", Boolean.toString(!m_intervention));
@@ -338,14 +338,20 @@ private void validateGeneralSettings(boolean isAppScan360, Map<String, String> p
     }
 
     private void scanIdValidation(Map<String, String> properties, IProgress progress) throws JSONException, IOException {
-        IScanServiceProvider scanServiceProvider = new CloudScanServiceProvider(progress, m_authProvider);
-        JSONObject scanDetails = scanServiceProvider.getScanDetails(properties.get(CoreConstants.SCAN_ID));
+        JSONObject scanDetails = ServiceUtil.scanSpecificDetails(properties.get(CoreConstants.SCANNER_TYPE), properties.get(CoreConstants.SCAN_ID), m_authProvider);
         if(scanDetails == null) {
             throw new AbortException(Messages.error_invalid_scan_id());
-        } else if (!scanDetails.get(CoreConstants.APP_ID).equals(properties.get(CoreConstants.APP_ID))) {
-            throw new AbortException(Messages.error_invalid_scan_id_application());
-        } else if (!scanDetails.get("Technology").equals(ServiceUtil.updatedScanType(properties.get(CoreConstants.SCANNER_TYPE)))) {
-            throw new AbortException(Messages.error_invalid_scan_id_scan_type());
+        } else {
+            String status = scanDetails.getJSONObject("LatestExecution").getString("Status");
+            if(!(status.equals("Ready") || status.equals("Paused") || status.equals("Failed"))) {
+                throw new AbortException(Messages.error_scan_id_validation_status());
+            } else if (!scanDetails.get("RescanAllowed").equals(true) && scanDetails.get("ParsedFromUploadedFile").equals(true)) {
+                throw new AbortException(Messages.error_scan_id_validation_rescan_allowed());
+            } else if (properties.get(CoreConstants.SCANNER_TYPE).equals(Scanner.STATIC_ANALYZER) && scanDetails.containsKey("GitRepoPlatform") && scanDetails.get("GitRepoPlatform")!=null) {
+                throw new AbortException(Messages.error_invalid_scan_id_git_repo());
+            } else if (!scanDetails.get(CoreConstants.APP_ID).equals(properties.get(CoreConstants.APP_ID))) {
+                throw new AbortException(Messages.error_invalid_scan_id_application());
+            }
         }
     }
 

src/main/java/com/hcl/appscan/jenkins/plugin/scanners/DynamicAnalyzer.java

@@ -6,10 +6,18 @@
 
 package com.hcl.appscan.jenkins.plugin.scanners;
 
+import java.time.ZoneId;
+import java.time.ZonedDateTime;
+import java.time.format.DateTimeFormatter;
 import java.util.HashMap;
 import java.util.Map;
 
+import com.hcl.appscan.sdk.CoreConstants;
+import com.hcl.appscan.sdk.app.CloudApplicationProvider;
 import com.hcl.appscan.sdk.logging.IProgress;
+import org.apache.wink.json4j.JSONArray;
+import org.apache.wink.json4j.JSONException;
+import org.apache.wink.json4j.JSONObject;
 import org.jenkinsci.Symbol;
 import org.kohsuke.stapler.AncestorInPath;
 import org.kohsuke.stapler.DataBoundConstructor;
@@ -41,6 +49,8 @@ public class DynamicAnalyzer extends Scanner {
 
 	private static final String DYNAMIC_ANALYZER = "Dynamic Analyzer"; //$NON-NLS-1$
 
+	private boolean m_incrementalScan;
+	private String m_executionId;
 	private String m_presenceId;
 	private String m_scanFile;
 	private String m_scanType;
@@ -50,15 +60,21 @@ public class DynamicAnalyzer extends Scanner {
 	private String m_loginUser;
 	private Secret m_loginPassword;
 	private String m_trafficFile;
+	private boolean m_rescanDast;
+	private String m_scanId;
 
 	@Deprecated
 	public DynamicAnalyzer(String target) {
-		this(target, false, EMPTY, EMPTY, EMPTY, EMPTY, EMPTY, EMPTY, EMPTY, EMPTY, EMPTY);
+		this(target, false, false, EMPTY, false, EMPTY, EMPTY, EMPTY, EMPTY, EMPTY, EMPTY, EMPTY, EMPTY, EMPTY, EMPTY);
 	}
 
 	@Deprecated
-	public DynamicAnalyzer(String target, boolean hasOptions, String presenceId, String scanFile, String scanType, String optimization, String extraField, String loginUser, String loginPassword, String trafficFile, String loginType) {
+	public DynamicAnalyzer(String target, boolean hasOptions, boolean rescanDast, String scanId, boolean incrementalScan, String executionId, String presenceId, String scanFile, String scanType, String optimization, String extraField, String loginUser, String loginPassword, String trafficFile, String loginType) {
 		super(target, hasOptions);
+		m_rescanDast = rescanDast;
+		m_scanId = scanId;
+		m_incrementalScan = incrementalScan;
+		m_executionId = incrementalScan ? executionId : EMPTY;
 		m_presenceId = presenceId;
 		m_scanFile = scanFile;
 		m_scanType = scanFile != null && !scanFile.equals(EMPTY) ? CUSTOM : scanType;
@@ -74,6 +90,8 @@ public DynamicAnalyzer(String target, boolean hasOptions, String presenceId, Str
 
 	public DynamicAnalyzer(String target, boolean hasOptions) {
 		super(target, hasOptions);
+		m_rescanDast = false;
+		m_scanId = EMPTY;
 		m_presenceId = EMPTY;
 		m_scanFile = EMPTY;
 		m_scanType = EMPTY;
@@ -103,6 +121,41 @@ public String getLoginPassword() {
 		return Secret.toString(m_loginPassword);
 	}
 
+	@DataBoundSetter
+	public void setRescanDast(boolean rescanDast) {
+		m_rescanDast = rescanDast;
+	}
+
+	public boolean getRescanDast() {
+		return m_rescanDast;
+	}
+
+	@DataBoundSetter
+	public void setScanId(String scanId) {
+		m_scanId = scanId;
+	}
+	public String getScanId() {
+		return m_scanId;
+	}
+
+	@DataBoundSetter
+	public void setIncrementalScan(boolean incrementalScan) {
+		m_incrementalScan = incrementalScan;
+	}
+
+	public boolean getIncrementalScan() {
+		return m_incrementalScan;
+	}
+
+	@DataBoundSetter
+	public void setExecutionId(String executionId) {
+		m_executionId = m_incrementalScan ? executionId : EMPTY;
+	}
+
+	public String getExecutionId() {
+		return m_executionId;
+	}
+
 	@DataBoundSetter
 	public void setPresenceId(String presenceId) {
 		m_presenceId = presenceId;
@@ -198,10 +251,23 @@ public void validateSettings(JenkinsAuthenticationProvider authProvider, Map<Str
 		if(!ServiceUtil.hasDastEntitlement(authProvider)) {
 			throw new AbortException(Messages.error_active_subscription_validation(getType()));
 		}
-		if (authProvider.isAppScan360() && properties.containsKey(Scanner.PRESENCE_ID)) {
-			throw new AbortException(Messages.error_presence_AppScan360());
+		if(getRescanDast()) {
+            if(!properties.containsKey(CoreConstants.SCAN_ID)) {
+                throw new AbortException(Messages.error_empty_scan_id());
+            } else if (m_incrementalScan && !properties.containsKey("IncrementalBaseJobId")) {
+                throw new AbortException(Messages.error_empty_execution_id());
+            }
 		}
-        if (!authProvider.isAppScan360() && !properties.containsKey(Scanner.PRESENCE_ID) && !ServiceUtil.isValidUrl(properties.get(TARGET), authProvider, authProvider.getProxy())) {
+        if (authProvider.isAppScan360()) {
+            if (properties.containsKey(Scanner.PRESENCE_ID)) {
+                throw new AbortException(Messages.error_presence_AppScan360());
+            } else if (ServiceUtil.getA360Version(authProvider).substring(0,5).compareTo("1.4.0") != -1) {
+                if (!ServiceUtil.isValidUrl(properties.get(TARGET), authProvider, authProvider.getProxy())) {
+                    throw new AbortException(Messages.error_url_validation(properties.get(TARGET)));
+                }
+            }
+        }
+		if (!getRescanDast() && !authProvider.isAppScan360() && !properties.containsKey(Scanner.PRESENCE_ID) && !ServiceUtil.isValidUrl(properties.get(TARGET), authProvider, authProvider.getProxy())) {
 			throw new AbortException(Messages.error_url_validation(properties.get(TARGET)));
 		}
 	}
@@ -259,7 +325,13 @@ public Map<String, String> getProperties(VariableResolver<String> resolver) thro
 		if (!m_presenceId.equals(EMPTY)) {
 				properties.put(PRESENCE_ID, m_presenceId);
 		}
-
+		if(getRescanDast() && isNullOrEmpty(getScanId()) ){
+			properties.put(CoreConstants.SCAN_ID,getScanId());
+			if(m_incrementalScan && isNullOrEmpty(m_executionId)) {
+				properties.put("IncrementalBaseJobId", m_executionId);
+				properties.put("IsIncrementalRetest", "true");
+			}
+		}
 		return properties;
 	}
 
@@ -286,6 +358,22 @@ public String getDisplayName() {
 			return "Dynamic Analysis (DAST)";
 		}
 
+		public ListBoxModel doFillExecutionIdItems(@RelativePath("..") @QueryParameter String credentials, @AncestorInPath ItemGroup<?> context, @QueryParameter String scanId) throws JSONException {
+			IAuthenticationProvider authProvider = new JenkinsAuthenticationProvider(credentials, context);
+			JSONArray executionDetails = ServiceUtil.getExecutionDetails(scanId, authProvider);
+			ListBoxModel model = new ListBoxModel();
+
+			if(executionDetails != null) {
+				for(int i = 0; i < executionDetails.length(); i++) {
+					JSONObject value = executionDetails.getJSONObject(i);
+					ZonedDateTime zdt = ZonedDateTime.parse((String) value.get("CreatedAt")).withZoneSameInstant(ZoneId.systemDefault());
+					DateTimeFormatter formatter = DateTimeFormatter.ofPattern("MMMM dd, yyyy, hh:mm a, z");
+					model.add(zdt.format(formatter), (String) value.get("Id"));
+				}
+			}
+			return model;
+		}
+
 		public ListBoxModel doFillScanTypeItems() {
 			ListBoxModel model = new ListBoxModel();
 			model.add(Messages.option_staging(), STAGING);
@@ -335,17 +423,49 @@ public FormValidation doCheckScanFile(@QueryParameter String scanFile) {
 			return FormValidation.ok();
 		}
 
-		public FormValidation doCheckTarget(@QueryParameter String target,@RelativePath("..") @QueryParameter String credentials, @AncestorInPath ItemGroup<?> context, @QueryParameter String presenceId) {
+		public FormValidation doCheckTarget(@QueryParameter String target,@RelativePath("..") @QueryParameter String credentials, @AncestorInPath ItemGroup<?> context, @QueryParameter String presenceId, @QueryParameter boolean rescanDast) {
 			JenkinsAuthenticationProvider authProvider = new JenkinsAuthenticationProvider(credentials,context);
 			if(!ServiceUtil.hasDastEntitlement(authProvider)) {
 				return FormValidation.error(Messages.error_active_subscription_validation_ui());
 			}
-			if(!authProvider.isAppScan360() && presenceId != null && presenceId.equals(EMPTY) && !target.equals(EMPTY) && !ServiceUtil.isValidUrl(target, authProvider, authProvider.getProxy())) {
+			if(!rescanDast && !authProvider.isAppScan360() && presenceId != null && presenceId.equals(EMPTY) && !target.equals(EMPTY) && !ServiceUtil.isValidUrl(target, authProvider, authProvider.getProxy())) {
 				return FormValidation.error(Messages.error_url_validation_ui());
 			}
+			if (authProvider.isAppScan360() && (ServiceUtil.getA360Version(authProvider).substring(0,5).compareTo("1.4.0") != -1)) {
+				if (!target.equals(EMPTY) && !ServiceUtil.isValidUrl(target, authProvider, authProvider.getProxy())) {
+						return FormValidation.error(Messages.error_url_validation_ui());
+				}
+			}
+			if(rescanDast) {
+				return FormValidation.ok();
+			}
 			return FormValidation.validateRequired(target);
 		}
 
+		public FormValidation doCheckScanId(@QueryParameter String scanId, @RelativePath("..") @QueryParameter String application, @RelativePath("..") @QueryParameter String credentials, @AncestorInPath ItemGroup<?> context) throws JSONException {
+			JenkinsAuthenticationProvider provider = new JenkinsAuthenticationProvider(credentials, context);
+			if(scanId!=null && !scanId.isEmpty()) {
+				JSONObject scanDetails = ServiceUtil.scanSpecificDetails(DYNAMIC_ANALYZER, scanId, provider);
+				if (scanDetails == null) {
+				    return FormValidation.error(Messages.error_invalid_scan_id_ui());
+				} else {
+				    String status = scanDetails.getJSONObject("LatestExecution").getString("Status");
+				    if (!(status.equals("Ready") || status.equals("Paused") || status.equals("Failed"))) {
+						return FormValidation.error(Messages.error_scan_id_validation_status());
+				    } else if (!scanDetails.get("RescanAllowed").equals(true) && scanDetails.get("ParsedFromUploadedFile").equals(true)) {
+						return FormValidation.error(Messages.error_invalid_scan_id_rescan_allowed_ui());
+				    } else if (!scanDetails.get(CoreConstants.APP_ID).equals(application)) {
+						return FormValidation.error(Messages.error_invalid_scan_id_application_ui());
+				    }
+				}
+			}
+			return FormValidation.validateRequired(scanId);
+		}
+
+		public FormValidation doCheckExecutionId(@QueryParameter String executionId) {
+			return FormValidation.validateRequired(executionId);
+		}
+
 		public FormValidation doCheckPresenceId(@RelativePath("..") @QueryParameter String credentials, @AncestorInPath ItemGroup<?> context, @QueryParameter String presenceId) {
 			JenkinsAuthenticationProvider authProvider = new JenkinsAuthenticationProvider(credentials,context);
 			if(authProvider.isAppScan360()){

src/main/java/com/hcl/appscan/jenkins/plugin/scanners/Scanner.java

@@ -23,20 +23,11 @@ public abstract class Scanner extends AbstractDescribableImpl<Scanner> implement
 
 	private String m_target;
 	private boolean m_hasOptions;
-	private boolean m_rescan;
-	private String m_scanId;
 
 	public Scanner(String target, boolean hasOptions) {
 		m_target = target;
 		m_hasOptions = hasOptions;
 	}
-
-	public Scanner(String target, boolean hasOptions, boolean rescan, String scanId) {
-		m_target = target;
-		m_hasOptions = hasOptions;
-		m_rescan = rescan;
-		m_scanId = scanId;
-	}
 
 	public boolean getHasOptions() {
 		return m_hasOptions;
@@ -45,14 +36,6 @@ public boolean getHasOptions() {
 	public String getTarget() {
 		return m_target;
 	}
-
-	public boolean isRescan() {
-		return m_rescan;
-	}
-
-	public String getScanId() {
-		return m_scanId;
-	}
 
 	public abstract Map<String, String> getProperties(VariableResolver<String> resolver) throws AbortException;
 

src/main/java/com/hcl/appscan/jenkins/plugin/scanners/SoftwareCompositionAnalyzer.java

@@ -16,28 +16,38 @@
 import hudson.model.ItemGroup;
 import hudson.util.FormValidation;
 import hudson.util.VariableResolver;
+import org.apache.wink.json4j.JSONException;
+import org.apache.wink.json4j.JSONObject;
 import org.jenkinsci.Symbol;
 import org.kohsuke.stapler.AncestorInPath;
 import org.kohsuke.stapler.DataBoundConstructor;
+import org.kohsuke.stapler.DataBoundSetter;
 import org.kohsuke.stapler.QueryParameter;
 
 import java.util.HashMap;
 import java.util.Map;
 
 public class SoftwareCompositionAnalyzer extends Scanner {
 
+    private boolean m_rescan;
+    private String m_scanId;
+
     @Deprecated
     public SoftwareCompositionAnalyzer(String target){
         super(target, false);
     }
 
-    public SoftwareCompositionAnalyzer(String target, boolean rescan, String scanId){
-        super(target, false, rescan, scanId);
+    public SoftwareCompositionAnalyzer(String target, boolean rescan, String scanId) {
+        super(target, false);
+        m_rescan = rescan;
+        m_scanId = scanId;
     }
 
     @DataBoundConstructor
-    public SoftwareCompositionAnalyzer(String target, boolean hasOptions, boolean rescan, String scanId){
-        super(target, false, rescan, scanId);
+    public SoftwareCompositionAnalyzer(String target, boolean hasOptions){
+        super(target, hasOptions);
+        m_rescan = false;
+        m_scanId = EMPTY;
     }
 
 
@@ -46,6 +56,23 @@ public String getType() {
         return SOFTWARE_COMPOSITION_ANALYZER;
     }
 
+    @DataBoundSetter
+    public void setRescan(boolean rescan) {
+        m_rescan = rescan;
+    }
+
+    public boolean getRescan() {
+        return m_rescan;
+    }
+
+    @DataBoundSetter
+    public void setScanId(String scanId) {
+        m_scanId = scanId;
+    }
+    public String getScanId() {
+        return m_scanId;
+    }
+
     public void validateSettings(JenkinsAuthenticationProvider authProvider, Map<String, String> properties, IProgress progress) throws AbortException {
         if(!ServiceUtil.hasScaEntitlement(authProvider)) {
             throw new AbortException(Messages.error_active_subscription_validation(getType()));
@@ -59,7 +86,7 @@ public void validateSettings(JenkinsAuthenticationProvider authProvider, Map<Str
     public Map<String, String> getProperties(VariableResolver<String> resolver) throws AbortException {
         Map<String, String> properties = new HashMap<String, String>();
         properties.put(TARGET, resolver == null ? getTarget() : resolvePath(getTarget(), resolver));
-        if(isRescan() && isNullOrEmpty(getScanId())) {
+        if(getRescan() && isNullOrEmpty(getScanId())) {
             properties.put(CoreConstants.SCAN_ID,getScanId());
         }
         return properties;
@@ -74,10 +101,22 @@ public String getDisplayName() {
             return "Software Composition Analysis (SCA)";
         }
 
-        public FormValidation doCheckScanId(@QueryParameter String scanId, @RelativePath("..") @QueryParameter String application, @RelativePath("..") @QueryParameter String credentials, @AncestorInPath ItemGroup<?> context) {
+        public FormValidation doCheckScanId(@QueryParameter String scanId, @RelativePath("..") @QueryParameter String application, @RelativePath("..") @QueryParameter String credentials, @AncestorInPath ItemGroup<?> context) throws JSONException {
             JenkinsAuthenticationProvider provider = new JenkinsAuthenticationProvider(credentials, context);
-            if(scanId!=null && !scanId.isEmpty() && !ServiceUtil.isScanId(scanId,application,SOFTWARE_COMPOSITION_ANALYZER,provider)) {
-                return FormValidation.error(Messages.error_invalid_scan_id_ui());
+            if(scanId!=null && !scanId.isEmpty()) {
+                JSONObject scanDetails = ServiceUtil.scanSpecificDetails(SOFTWARE_COMPOSITION_ANALYZER, scanId, provider);
+                if(scanDetails == null) {
+                    return FormValidation.error(Messages.error_invalid_scan_id_ui());
+                } else {
+                    String status = scanDetails.getJSONObject("LatestExecution").getString("Status");
+                    if (!(status.equals("Ready") || status.equals("Paused") || status.equals("Failed"))) {
+                        return FormValidation.error(Messages.error_scan_id_validation_status());
+                    } else if (!scanDetails.get("RescanAllowed").equals(true) && scanDetails.get("ParsedFromUploadedFile").equals(true)) {
+                        return FormValidation.error(Messages.error_invalid_scan_id_rescan_allowed_ui());
+                    } else if (!scanDetails.get(CoreConstants.APP_ID).equals(application)) {
+                        return FormValidation.error(Messages.error_invalid_scan_id_application_ui());
+                    }
+                }
             }
             return FormValidation.validateRequired(scanId);
         }