Changed to use example alerts

psiinon · psiinon · commit 87ea06a49972 · 2020-08-14T12:09:05.000+02:00
Signed-off-by: Simon Bennetts &lt;psiinon@gmail.com&gt;
diff --git a/scripts/generate_alert_pages.js b/scripts/generate_alert_pages.js
@@ -6,6 +6,7 @@
 // Change the DIR below to match the local directory containing the alert files
 var DIR = "/zap/wrk/zaproxy-website/site/content/docs/alerts/";
 var Alert = Java.type('org.parosproxy.paros.core.scanner.Alert');
+var ArrayList = Java.type('java.util.ArrayList');
 var Constant = Java.type('org.parosproxy.paros.Constant');
 var PluginPassiveScanner = Java.type('org.zaproxy.zap.extension.pscan.PluginPassiveScanner');
 var FileWriter = Java.type('java.io.FileWriter');
@@ -43,65 +44,97 @@ for (var i = 0; i < plugins.length; i++) {
 
 print("Date: " + date);
 
-function printAscanRule(plugin) {
-	if (ignoreList.indexOf(plugin.getId()) !== -1) {
+function printAlerts(alerts, name, type, status, clazz) {
+	var pluginId = alerts[0].getPluginId();
+	if (ignoreList.indexOf(pluginId) !== -1) {
+		print('Plugin ID: ' + pluginId + ' - ignored');
 		return;
 	}
-	print('Plugin ID: ' + plugin.getId());
-	var fw = new FileWriter(DIR + plugin.getId() + ".md");
+	print('Plugin ID: ' + pluginId);
+	var fw = new FileWriter(DIR + pluginId + ".md");
 	var pw = new PrintWriter(fw);
 	pw.println('---');
-	pw.println('title: "' + plugin.getName() + '"');
-	pw.println('alertid: ' + plugin.getId());
-	pw.println('alerttype: "Active Scan Rule"');
-	pw.println('status: ' + plugin.getStatus());
+	pw.println('title: "' + name.replaceAll("\"", "'") + '"');
+	pw.println('alertid: ' + pluginId);
+	pw.println('alerttype: "' + type + '"');
+	pw.println('alertcount: ' + alerts.length);
+	pw.println('status: ' + status);
 	pw.println('type: alert');
 	pw.println('date: ' + date);
 	pw.println('lastmod: ' + date);
 	pw.println('---');
-	pw.println('### Type: Active Scan');
-	pw.println('');
-	pw.println('### Risk: ' + Alert.MSG_RISK[plugin.getRisk()]);
-	pw.println('');
-	pw.println('### Description');
-	pw.println('');
-	pw.println(plugin.getDescription());
-	pw.println('');
-	pw.println('### Solution');
-	pw.println('');
-	pw.println(plugin.getSolution());
-	pw.println('');
-	var refs = plugin.getReference();
-	if (refs && refs.length() > 0) {
-		pw.println('### References');
+    for (var a=0; a < alerts.length; a++) {
+		var alert = alerts[a];
+		pw.println('## Name: ' + alert.getName());
 		pw.println('');
-		var refsArray = refs.split('\n');
-		for (var i = 0; i < refsArray.length; i++) {
-			pw.println('* ' + refsArray[i]);
+		if (a == 0) {
+			pw.println('### Type: ' + type);
+			pw.println('');
+		}
+		if (alert.getRisk() >= 0) {
+			pw.println('### Risk: ' + Alert.MSG_RISK[alert.getRisk()]);
 		}
 		pw.println('');
-	}
-	var cweId = plugin.getCweId();
-	if (cweId > 0) {
-		pw.println('### CWE: [' + plugin.getCweId() + '](https://cwe.mitre.org/data/definitions/' + plugin.getCweId() + '.html)');
+		pw.println('### Description');
 		pw.println('');
-	}
-	var wascId = plugin.getWascId();
-	if (wascId > 0) {
-		pw.println('### WASC:  ' + wascId);
+		pw.println(alert.getDescription());
+		pw.println('');
+		pw.println('### Solution');
+		pw.println('');
+		pw.println(alert.getSolution());
 		pw.println('');
+		var refs = alert.getReference();
+		if (refs && refs.length() > 0) {
+			pw.println('### References');
+			pw.println('');
+			var refsArray = refs.split('\n');
+			for (var i = 0; i < refsArray.length; i++) {
+				pw.println('* ' + refsArray[i]);
+			}
+			pw.println('');
+		}
+		var cweId = alert.getCweId();
+		if (cweId > 0) {
+			pw.println('### CWE: [' + alert.getCweId() + '](https://cwe.mitre.org/data/definitions/' + alert.getCweId() + '.html)');
+			pw.println('');
+		}
+		var wascId = alert.getWascId();
+		if (wascId > 0) {
+			pw.println('### WASC:  ' + wascId);
+			pw.println('');
+		}
 	}
-
+	
 	pw.println('### Code');
 	pw.println('');
-	var clazz = plugin.getClass().getName();
 	var pkgs = clazz.split('.');
 	var pkg = pkgs[pkgs.length - 2];
 	var url = 'https://github.com/zaproxy/zap-extensions/blob/master/addOns/' + pkg + '/src/main/java/' + pkgs.join('/') + '.java';
 	pw.println(' * [' + pkgs.join('/') + '.java' + '](' + url + ')');
 	pw.println('');
+
 	pw.println('###### Last updated: ' + date);
 	pw.close();
+	
+}
+
+function printAscanRule(plugin) {
+	var examples = getPrivateMethod(plugin, ['getExampleAlerts'], '', null);
+	if (examples == null || examples.length == 0) {
+		var alert = new Alert(plugin.getId());
+		alert.setName(plugin.getName());
+		alert.setRisk(plugin.getRisk());
+		alert.setDescription(plugin.getDescription());
+		alert.setSolution(plugin.getSolution());
+		alert.setReference(plugin.getReference());
+		alert.setCweId(plugin.getCweId());
+		alert.setWascId(plugin.getWascId());
+		
+		examples = new ArrayList();
+		examples.add(alert);
+	}
+	
+	printAlerts(examples, plugin.getName(), "Active Scan Rule", plugin.getStatus(), plugin.getClass().getName());
 }
 
 function getPrivateMethod(obj, methods, key, defaultVal) {
@@ -125,69 +158,27 @@ function getPrivateMethod(obj, methods, key, defaultVal) {
 		} catch (e) {
 		}
 	}
-	//print ('Failed on ' + obj.getName() + ' ' + methods);
+	// Helps to show whats left to do :)
+	print ('  Failed on ' + obj.getName() + ' ' + methods);
 	return defaultVal;
 }
 
 function printPscanRule(plugin) {
-	if (ignoreList.indexOf(plugin.getPluginId()) !== -1) {
-		return;
-	}
-	print('Plugin ID: ' + plugin.getPluginId());
-	var fw = new FileWriter(DIR + plugin.getPluginId() + ".md");
-	var pw = new PrintWriter(fw);
-	pw.println('---');
-	pw.println('title: "' + plugin.getName().replaceAll("\"", "'") + '"');
-	pw.println('alertid: ' + plugin.getPluginId());
-	pw.println('alerttype: "Passive Scan Rule"');
-	pw.println('status: ' + plugin.getStatus());
-	pw.println('type: alert');
-	pw.println('date: ' + date);
-	pw.println('lastmod: ' + date);
-	pw.println('---');
-	pw.println('### Type: Passive Scan');
-	pw.println('');
-	pw.println('### Description');
-	pw.println(getPrivateMethod(plugin, ['getDescription', 'getDesc', 'getDescriptionMessage'], 'desc', '_Unavailable_'));
-	pw.println('');
-	pw.println('### Solution');
-	pw.println('');
-	pw.println(getPrivateMethod(plugin, ['getSolution', 'getSoln', 'getSolutionMessage'], 'soln', '_Unavailable_'));
-	pw.println('');
-	var refs = getPrivateMethod(plugin, ['getReferences', 'getRefs', 'getReferenceMessage', 'getReferencesMessage'], 'refs', '');
-	if (refs.length() > 0) {
-		pw.println('### References');
-		pw.println('');
-		var refsArray = refs.split('\n');
-		for (var i = 0; i < refsArray.length; i++) {
-			pw.println('* ' + refsArray[i]);
-		}
-		pw.println('');
-	}
-	try {
-		var cweId = getPrivateMethod(plugin, ['getCweId'], '', '');
-		if (cweId.length() > 0 && parseInt(cweId) > 0) {
-			pw.println('### CWE: [' + cweId + '](https://cwe.mitre.org/data/definitions/' + cweId + '.html)');
-			pw.println('');
-		}
-	} catch (e) {
-	}
-	try {
-		var wascId = getPrivateMethod(plugin, ['getWascId'], '', '');
-		if (wascId.length() > 0 && parseInt(wascId) > 0) {
-			pw.println('### WASC:  ' + wascId);
-			pw.println('');
-		}
-	} catch (e) {
+	var examples = getPrivateMethod(plugin, ['getExampleAlerts'], '', null);
+
+	if (examples == null || examples.length == 0) {
+		var alert = new Alert(plugin.getPluginId());
+		alert.setName(plugin.getName());
+		alert.setRisk(getPrivateMethod(plugin, ['getRisk'], '', -1));
+		alert.setDescription(getPrivateMethod(plugin, ['getDescription', 'getDesc', 'getDescriptionMessage'], 'desc', '_Unavailable_'));
+		alert.setSolution(getPrivateMethod(plugin, ['getSolution', 'getSoln', 'getSolutionMessage'], 'soln', '_Unavailable_'));
+		alert.setReference(getPrivateMethod(plugin, ['getReferences', 'getReference', 'getRefs', 'getReferenceMessage', 'getReferencesMessage'], 'refs', ''));
+		alert.setCweId(getPrivateMethod(plugin, ['getCweId'], '', 0));
+		alert.setWascId(getPrivateMethod(plugin, ['getWascId'], '', 0));
+		
+		examples = new ArrayList();
+		examples.add(alert);
 	}
-	pw.println('### Code');
-	pw.println('');
-	var clazz = plugin.getClass().getName();
-	var pkgs = clazz.split('.');
-	var pkg = pkgs[pkgs.length - 2];
-	var url = 'https://github.com/zaproxy/zap-extensions/blob/master/addOns/' + pkg + '/src/main/java/' + pkgs.join('/') + '.java';
-	pw.println(' * [' + pkgs.join('/') + '.java' + '](' + url + ')');
-	pw.println('');
-	pw.println('###### Last updated: ' + date);
-	pw.close();
+
+	printAlerts(examples, plugin.getName(), "Passive Scan Rule", plugin.getStatus(), plugin.getClass().getName());
 }
