DAST Site validation - Model Layer - Backend
- overview: &2912 (closed)
- parent issue: #233020 (closed)
- context
Summary
create new model called dast_site_token.
Column | Type | Collation | Nullable | Default | Storage | Stats target | Description
----------------+--------------------------+-----------+----------+----------------------------------------+----------+--------------+-------------
id | bigint | | not null | nextval('dast_sites_id_seq'::regclass) | plain | |
project_id | bigint | | not null | | plain | |
token | text | | not null | | extended | |
url | text | | not null | | extended | |
expired_at | timestamp with time zone | | not null | | plain | |
created_at | timestamp with time zone | | not null | | plain | |
updated_at | timestamp with time zone | | not null | | plain | |-
tokenis auuidv4and will have a uniqueness constraint -
expired_atis timestamp indicating when the token was used -
urlis th eurl to be validated
create new model called dast_site_validation:
Column | Type | Collation | Nullable | Default | Storage | Stats target | Description
-----------------------------+--------------------------+-----------+----------+----------------------------------------+----------+--------------+-------------
id | bigint | | not null | nextval('dast_sites_id_seq'::regclass) | plain | |
project_id | bigint | | not null | | plain | |
dast_site_token_id | bigint | | not null | | plain | |
domain | text | | not null | | extended | |
validation_strategy | text | | not null | | extended | |
validation_started_at | timestamp with time zone | | | | plain | |
validation_passed_at | timestamp with time zone | | | | plain | |
validation_failed_at | timestamp with time zone | | | | plain | |
validation_last_retried_at | timestamp with time zone | | | | plain | |
created_at | timestamp with time zone | | not null | | plain | |
updated_at | timestamp with time zone | | not null | | plain | |-
statuswill be computed based on result of values ofvalidation_started_at,validation_passed_atandvalidation_failed_at -
domainis the hostname that has been confirmed as being owned -
validation_strategywill determine how adast_siteis validated (e.g.metadata,file,headers, etc) and may use a different representation other thantexte.g.intviaenum
extend dast_site to include nullable dast_site_validation_id:
Column | Type | Collation | Nullable | Default | Storage | Stats target | Description
-------------------------+--------------------------+-----------+----------+----------------------------------------+----------+--------------+-------------
id | bigint | | not null | nextval('dast_sites_id_seq'::regclass) | plain | |
project_id | bigint | | not null | | plain | |
+ dast_site_validation_id | bigint | | | | plain | |
created_at | timestamp with time zone | | not null | | plain | |
updated_at | timestamp with time zone | | not null | | plain | |
url | text | | not null | | extended | |-
dast_site_validation_idisnullableto indicate that validation is not always necessary (e.g.passivescan case)
Implementation Plan
-
create dast_site_token -
create dast_site_validation -
extend dast_siteto havedast_site_validation_id(+ associations) -
add computed statustodast_site_validation
Edited by Philip Cunningham