# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details. # frozen_string_literal: true require 'base64' require 'contrast/components/logger' module Contrast module Agent module Reporting # This is the new FindingEventSource class which will include all the needed information for the new reporting # system to relay this information in the Finding/Trace messages. These FindingEventSource are used by TeamServer # to construct the vulnerability information for the assess feature. They indicate the type of data that the # event represents. class FindingEventSource include Contrast::Components::Logger::InstanceMethods # @return [String] the name of the source attr_reader :name # @return [String] the type of the source attr_reader :type # @param type [String] # @param name [String] def initialize type, name @type = type @name = name end # Convert the instance variables on the class, and other information, into the identifiers required for # TeamServer to process the JSON form of this message. # # @return [Hash] # @raise [ArgumentError] def to_controlled_hash begin validate rescue ArgumentError => e logger.error('FindingEventSource validation failed with: ', e) return end { sourceName: name, # rubocop:disable Security/Module/Name sourceType: type } end # Convert this EventSource into the format expected for route observation # # @return [Hash] # @raise [ArgumentError] def to_controlled_observation_hash begin validate rescue ArgumentError => e logger.error('FindingEventSource observation validation failed with: ', e) return end { name: name, # rubocop:disable Security/Module/Name type: type } end # @raise [ArgumentError] def validate raise(ArgumentError, "#{ self } did not have a proper type. Unable to continue.") unless type && !type.empty? end end end end end