Script Include

checkmarx-ltd · Jun 2, 2023 · bb28088 · bb28088
1 parent 1eebd1f
commit bb28088
Show file tree

Hide file tree

Showing 9 changed files with 1,820 additions and 0 deletions.
diff --git a/Scripts/sys_script_include_1980bcb147935110328ca368436d435a.xml b/Scripts/sys_script_include_1980bcb147935110328ca368436d435a.xml
diff --git a/Scripts/sys_script_include_508f0d54471f1110328ca368436d43f8.xml b/Scripts/sys_script_include_508f0d54471f1110328ca368436d43f8.xml
@@ -0,0 +1,91 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unload unload_date="2023-06-02 11:12:49">
+<sys_script_include action="INSERT_OR_UPDATE">
+<access>package_private</access>
+<active>true</active>
+<api_name>x_chec3_chexone.CheckmarxOneConfigUtilBase</api_name>
+<caller_access/>
+<client_callable>false</client_callable>
+<description>Wrapper class to assemble the components for Checkmarx One Configuration Calls.</description>
+<name>CheckmarxOneConfigUtilBase</name>
+<script><![CDATA[var CheckmarxOneConfigUtilBase = Class.create();
+CheckmarxOneConfigUtilBase.prototype = {
+    initialize: function() {},
+
+    testCredentials: function(config, uniqueId) {
+        var errorMessage = "";
+        var resultObj = {};
+        var result = "true";
+        try {
+            if (!config)
+                return {
+                    "result": "false",
+                    "errorMessage": gs.getMessage("CheckmarxOne configuration not found.")
+                };
+            var response = new x_chec3_chexone.CheckmarxOneUtil().getProjectList(config.getValue("integration_instance"));
+
+        } catch (ex) {
+            result = false;
+            errorMessage = gs.getMessage("Credential validation failed!");
+            gs.warn("Failed to validate Checkmarx credentials!  Reason: {0}", ex);
+        } finally {
+            resultObj = {
+                "result": result,
+                "error": errorMessage,
+            };
+        }
+        return resultObj;
+    },
+
+    saveInstanceParams: function(sys_id) {
+        var gr = new GlideRecord("x_chec3_chexone_checkmarxone_configuration");
+        if (gr.get(sys_id)) {
+            var instance = gr.getValue("integration_instance");
+            var implConfig = new GlideRecord("sn_sec_int_impl_config");
+            implConfig.addQuery("implementation", instance);
+            implConfig.query();
+            while (implConfig.next()) {
+                var configName = implConfig.getDisplayValue("configuration");
+                var configVal = gr.getValue(configName);
+
+                if (implConfig.configuration.elem_type == "boolean")
+                    implConfig.setValue("value", configVal === "1");
+                else
+                    implConfig.setValue("value", configVal);
+                implConfig.update();
+            }
+
+            var newconfig = {
+                "client_secret": gr.client_secret.getDecryptedValue(),
+                "client_id": gr.getValue("client_id"),
+                "tenant": gr.getValue("tenant"),
+                "checkmarxone_api_base_url": gr.getValue("checkmarxone_api_base_url"),
+                "checkmarxone_server_url": gr.getValue("checkmarxone_server_url"),
+                "import_sca": gr.getValue("import_sca") === "1",
+                "import_sast": gr.getValue("import_sast") === "1",
+                "triaging_in_snow": gr.getValue("triaging_in_snow") === "1",
+
+            };
+
+            new sn_sec_int.Implementation().setConfiguration(instance, newconfig);
+            return true;
+        }
+        return false;
+    },
+
+    type: 'CheckmarxOneConfigUtilBase'
+};]]></script>
+<sys_class_name>sys_script_include</sys_class_name>
+<sys_created_by>admin</sys_created_by>
+<sys_created_on>2022-11-17 05:45:19</sys_created_on>
+<sys_id>508f0d54471f1110328ca368436d43f8</sys_id>
+<sys_mod_count>32</sys_mod_count>
+<sys_name>CheckmarxOneConfigUtilBase</sys_name>
+<sys_package display_value="Checkmarx One Vulnerability Integration" source="x_chec3_chexone">3d20e92d47471110328ca368436d436a</sys_package>
+<sys_policy/>
+<sys_scope display_value="Checkmarx One Vulnerability Integration">3d20e92d47471110328ca368436d436a</sys_scope>
+<sys_update_name>sys_script_include_508f0d54471f1110328ca368436d43f8</sys_update_name>
+<sys_updated_by>[email protected]</sys_updated_by>
+<sys_updated_on>2023-05-02 12:57:08</sys_updated_on>
+</sys_script_include>
+</unload>
diff --git a/Scripts/sys_script_include_5c0f0d18471f1110328ca368436d4357.xml b/Scripts/sys_script_include_5c0f0d18471f1110328ca368436d4357.xml
@@ -0,0 +1,28 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unload unload_date="2023-06-02 11:13:23">
+<sys_script_include action="INSERT_OR_UPDATE">
+<access>public</access>
+<active>true</active>
+<api_name>x_chec3_chexone.CheckmarxOneConfigUtil</api_name>
+<caller_access/>
+<client_callable>false</client_callable>
+<description>Wrapper class to assemble the components for CheckmarxConfigUtilBase</description>
+<name>CheckmarxOneConfigUtil</name>
+<script><![CDATA[var CheckmarxOneConfigUtil = Class.create();
+CheckmarxOneConfigUtil.prototype = Object.extendsObject(x_chec3_chexone.CheckmarxOneConfigUtilBase, {
+    type: 'CheckmarxOneConfigUtil'
+});]]></script>
+<sys_class_name>sys_script_include</sys_class_name>
+<sys_created_by>admin</sys_created_by>
+<sys_created_on>2022-11-17 05:44:03</sys_created_on>
+<sys_id>5c0f0d18471f1110328ca368436d4357</sys_id>
+<sys_mod_count>4</sys_mod_count>
+<sys_name>CheckmarxOneConfigUtil</sys_name>
+<sys_package display_value="Checkmarx One Vulnerability Integration" source="x_chec3_chexone">3d20e92d47471110328ca368436d436a</sys_package>
+<sys_policy/>
+<sys_scope display_value="Checkmarx One Vulnerability Integration">3d20e92d47471110328ca368436d436a</sys_scope>
+<sys_update_name>sys_script_include_5c0f0d18471f1110328ca368436d4357</sys_update_name>
+<sys_updated_by>admin</sys_updated_by>
+<sys_updated_on>2023-02-28 04:09:40</sys_updated_on>
+</sys_script_include>
+</unload>
diff --git a/Scripts/sys_script_include_716c87ad471f1110328ca368436d438a.xml b/Scripts/sys_script_include_716c87ad471f1110328ca368436d438a.xml
@@ -0,0 +1,79 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<unload unload_date="2023-06-02 11:13:08">
+<sys_script_include action="INSERT_OR_UPDATE">
+<access>public</access>
+<active>true</active>
+<api_name>x_chec3_chexone.CheckmarxOneAppListProcessor</api_name>
+<caller_access/>
+<client_callable>false</client_callable>
+<description>Converts the appinfo xml data into a json object that can be consumed by the VR Application Vulnerability API.</description>
+<name>CheckmarxOneAppListProcessor</name>
+<script><![CDATA[var CheckmarxOneAppListProcessor = Class.create();
+CheckmarxOneAppListProcessor.prototype = Object.extendsObject(sn_vul.ApplicationVulnerabilityImportProcessorBase, {
+    /*
+     * Converts an xml string of application information objects into javascript objects
+     *    passed individually to the VR AppVul API
+     */
+    MSG: 'CheckmarxOne AppListProcessor:',
+    process: function(attachment) {
+        if (!attachment) {
+            gs.warn(gs.getMessage('CheckmarxOneAppListProcessor: Called with no attachment'));
+            return;
+        }
+        try {
+            //Parsing the Project List attachment
+            var appDoc = new XMLDocument2();
+            appDoc.parseXML(new GlideSysAttachment().getContent(attachment));
+            var listNode = appDoc.getNode("/appInfoList/xml/projects");
+            var iter = listNode.getChildNodeIterator();
+            if (iter.hasNext())
+                iter.next();
+            while (iter.hasNext()) {
+                var appNode = iter.next();
+                var attributes = appNode.getAttributes();
+                //map attributes from Checkmarx into the servicenow expected format'
+                var appObj = {
+                    source_app_id: attributes.id,
+                    app_name: attributes.name,
+                    source_assigned_teams: attributes.groups,
+                    description: attributes.description,
+                };
+                //Updating the project information in ServiceNow table
+                var result = this.AVR_API.createOrUpdateApp(appObj);
+                if (result != null) {
+                    if (result.inserted)
+                        this.import_counts.inserted++;
+                    else if (result.updated)
+                        this.import_counts.updated++;
+                    else if (result.unchanged)
+                        this.import_counts.unchanged++;
+                }
+                if (iter.hasNext())
+                    iter.next();
+            }
+        } catch (ex) {
+            errorMessage = gs.getMessage("Error in retriving data for app list integration!");
+            gs.error(this.MSG + "errorMessage " + ex);
+            throw ex;
+        }
+
+        this.completeProcess(this.integrationProcessGr, this.import_counts);
+    },
+
+
+    type: 'CheckmarxOneAppListProcessor'
+});]]></script>
+<sys_class_name>sys_script_include</sys_class_name>
+<sys_created_by>admin</sys_created_by>
+<sys_created_on>2022-11-21 12:03:00</sys_created_on>
+<sys_id>716c87ad471f1110328ca368436d438a</sys_id>
+<sys_mod_count>44</sys_mod_count>
+<sys_name>CheckmarxOneAppListProcessor</sys_name>
+<sys_package display_value="Checkmarx One Vulnerability Integration" source="x_chec3_chexone">3d20e92d47471110328ca368436d436a</sys_package>
+<sys_policy/>
+<sys_scope display_value="Checkmarx One Vulnerability Integration">3d20e92d47471110328ca368436d436a</sys_scope>
+<sys_update_name>sys_script_include_716c87ad471f1110328ca368436d438a</sys_update_name>
+<sys_updated_by>[email protected]</sys_updated_by>
+<sys_updated_on>2023-03-16 10:55:08</sys_updated_on>
+</sys_script_include>
+</unload>