Extend DastSiteProfile with more config options
-
Review changes -
-
Download -
Patches
-
Plain diff
Merged
Philip Cunningham requested to merge philipcunningham-add-excluded-urls-and-request-headers-to-dast-profiles-277353 into master
Related Issue(s)
What does this MR do?
adds additional some additional configuration for DastSiteProfiles
and stubs out some of GraphQL arguments and fields until the backend for storing them securely is in place.
Why?
we want to offer users more control over their dast
on-demand scans.
GraphQL
Query
query project($fullPath: ID!) {
project(fullPath: $fullPath) {
dastSiteProfiles(first: 1) {
nodes {
id
profileName
targetUrl
editPath
excludedUrls
requestHeaders
validationStatus
normalizedTargetUrl
auth { enabled url usernameField passwordField username password }
referencedInSecurityPolicies
}
}
}
}
Mutations
dastSiteProfileCreate
mutation($dastSiteProfileCreateInput: DastSiteProfileCreateInput!) {
dastSiteProfileCreate(input: $dastSiteProfileCreateInput) {
clientMutationId
errors
id
}
}
{
"dastSiteProfileCreateInput":{
"fullPath":"namespace10/project10",
"profileName":"Open-source intermediate methodology",
"targetUrl":"http://example18.test",
"excludedUrls":"http://example18.test/signout",
"requestHeaders":"Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:47.0) Gecko/20100101 Firefox/47.0",
"auth":{
"enabled":false
}
}
}
dastSiteProfileUpdate
mutation($dastSiteProfileUpdateInput: DastSiteProfileUpdateInput!) {
dastSiteProfileUpdate(input: $dastSiteProfileUpdateInput) {
clientMutationId
errors
id
}
}
{
"dastSiteProfileUpdateInput":{
"fullPath":"namespace25/project25",
"id":"gid://gitlab/DastSiteProfile/24",
"profileName":"c7ad43f42039f195dc8654f6389f57b9",
"targetUrl":"http://example36.test",
"excludedUrls":"http://example36.test/signout",
"requestHeaders":"Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:47.0) Gecko/20100101 Firefox/47.0",
"auth":{
"enabled":false
}
}
}
Database
Migrations
% rails db:migrate:up VERSION=20210302025305
== 20210302025305 AddExcludedUrlsAndRequestHeadersToDastSiteProfiles: migrating
-- add_column(:dast_site_profiles, :excluded_urls, :text)
-> 0.0016s
-- add_column(:dast_site_profiles, :auth_enabled, :boolean, {:default=>false, :null=>false})
-> 0.0028s
-- add_column(:dast_site_profiles, :auth_url, :text)
-> 0.0012s
-- add_column(:dast_site_profiles, :auth_username_field, :text)
-> 0.0009s
-- add_column(:dast_site_profiles, :auth_password_field, :text)
-> 0.0009s
-- add_column(:dast_site_profiles, :auth_username, :text)
-> 0.0009s
-- transaction_open?()
-> 0.0000s
-- current_schema()
-> 0.0002s
-- execute("ALTER TABLE dast_site_profiles\nADD CONSTRAINT check_07ae59ac33\nCHECK ( char_length(excluded_urls) <= 2048 )\nNOT VALID;\n")
-> 0.0012s
-- current_schema()
-> 0.0002s
-- execute("SET statement_timeout TO 0")
-> 0.0006s
-- execute("ALTER TABLE dast_site_profiles VALIDATE CONSTRAINT check_07ae59ac33;")
-> 0.0012s
-- execute("RESET ALL")
-> 0.0006s
-- transaction_open?()
-> 0.0000s
-- current_schema()
-> 0.0002s
-- execute("ALTER TABLE dast_site_profiles\nADD CONSTRAINT check_d446f7047b\nCHECK ( char_length(auth_url) <= 1024 )\nNOT VALID;\n")
-> 0.0010s
-- current_schema()
-> 0.0002s
-- execute("ALTER TABLE dast_site_profiles VALIDATE CONSTRAINT check_d446f7047b;")
-> 0.0011s
-- transaction_open?()
-> 0.0000s
-- current_schema()
-> 0.0002s
-- execute("ALTER TABLE dast_site_profiles\nADD CONSTRAINT check_5203110fee\nCHECK ( char_length(auth_username_field) <= 255 )\nNOT VALID;\n")
-> 0.0012s
-- current_schema()
-> 0.0002s
-- execute("ALTER TABLE dast_site_profiles VALIDATE CONSTRAINT check_5203110fee;")
-> 0.0014s
-- transaction_open?()
-> 0.0000s
-- current_schema()
-> 0.0004s
-- execute("ALTER TABLE dast_site_profiles\nADD CONSTRAINT check_c329dffdba\nCHECK ( char_length(auth_password_field) <= 255 )\nNOT VALID;\n")
-> 0.0011s
-- current_schema()
-> 0.0002s
-- execute("ALTER TABLE dast_site_profiles VALIDATE CONSTRAINT check_c329dffdba;")
-> 0.0010s
-- transaction_open?()
-> 0.0000s
-- current_schema()
-> 0.0002s
-- execute("ALTER TABLE dast_site_profiles\nADD CONSTRAINT check_f22f18002a\nCHECK ( char_length(auth_username) <= 255 )\nNOT VALID;\n")
-> 0.0016s
-- current_schema()
-> 0.0002s
-- execute("ALTER TABLE dast_site_profiles VALIDATE CONSTRAINT check_f22f18002a;")
-> 0.0011s
== 20210302025305 AddExcludedUrlsAndRequestHeadersToDastSiteProfiles: migrated (0.1245s)
% rails db:migrate:down VERSION=20210302025305
== 20210302025305 AddExcludedUrlsAndRequestHeadersToDastSiteProfiles: reverting
-- remove_column(:dast_site_profiles, :auth_username)
-> 0.0018s
-- remove_column(:dast_site_profiles, :auth_password_field)
-> 0.0010s
-- remove_column(:dast_site_profiles, :auth_username_field)
-> 0.0009s
-- remove_column(:dast_site_profiles, :auth_url)
-> 0.0008s
-- remove_column(:dast_site_profiles, :auth_enabled)
-> 0.0008s
-- remove_column(:dast_site_profiles, :excluded_urls)
-> 0.0008s
== 20210302025305 AddExcludedUrlsAndRequestHeadersToDastSiteProfiles: reverted (0.0133s)
Does this MR meet the acceptance criteria?
Conformity
-
Does this MR need a changelog?-
I have included a changelog entry. -
I have not included a changelog entry because _____.
-
-
Documentation (if required) -
Code review guidelines -
Merge request performance guidelines -
Style guides -
Database guides -
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. -
Tested in all supported browsers -
Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
-
Label as security and @ mention @gitlab-com/gl-security/appsec
-
The MR includes necessary changes to maintain consistency between UI, API, email, or other methods -
Security reports checked/validated by a reviewer from the AppSec team
Edited by Mayra Cabrera
Merge request reports
Compare and
Show latest version
- version 41d871be77
- version 40840bfc7f
- version 39fe6922bd
- version 385869e104
- version 3718134dc7
- version 36eace7c4a
- version 351e587b40
- version 34d72db06c
- version 33d375e4a1
- version 32f48d6cdd
- version 31f48d6cdd
- version 30d6456ac8
- version 296607e1c3
- version 28d0339b4b
- version 2773117112
- version 26ac38dfcb
- version 25ad8eb320
- version 248c687028
- version 235ac01087
- version 2225cf052d
- version 2125cf052d
- version 20fc3004b2
- version 1989877a3d
- version 1863f38db3
- version 17e5ed2d68
- version 16554ae253
- version 159ddf29d4
- version 141659e965
- version 138f0d1a70
- version 12a648adb1
- version 1185760862
- version 1075527c94
- version 99a2d0e48
- version 8d5442110
- version 77cc86264
- version 6e09635ca
- version 5b08489c0
- version 4f1856cc4
- version 3a4e04b0a
- version 294b1f37c
- version 13ea9284c
- master (base)
- latest version90906fd88 commits,
- version 41d871be777 commits,
- version 40840bfc7f7 commits,
- version 39fe6922bd7 commits,
- version 385869e1046 commits,
- version 3718134dc75 commits,
- version 36eace7c4a5 commits,
- version 351e587b404 commits,
- version 34d72db06c3 commits,
- version 33d375e4a12 commits,
- version 32f48d6cdd2 commits,
- version 31f48d6cdd2 commits,
- version 30d6456ac81 commit,
- version 296607e1c31 commit,
- version 28d0339b4b1 commit,
- version 27731171121 commit,
- version 26ac38dfcb4 commits,
- version 25ad8eb3203 commits,
- version 248c6870282 commits,
- version 235ac010871 commit,
- version 2225cf052d1 commit,
- version 2125cf052d1 commit,
- version 20fc3004b21 commit,
- version 1989877a3d1 commit,
- version 1863f38db31 commit,
- version 17e5ed2d681 commit,
- version 16554ae2534 commits,
- version 159ddf29d43 commits,
- version 141659e9652 commits,
- version 138f0d1a701 commit,
- version 12a648adb117 commits,
- version 118576086216 commits,
- version 1075527c9415 commits,
- version 99a2d0e4813 commits,
- version 8d544211012 commits,
- version 77cc8626411 commits,
- version 6e09635ca10 commits,
- version 5b08489c09 commits,
- version 4f1856cc48 commits,
- version 3a4e04b0a7 commits,
- version 294b1f37c6 commits,
- version 13ea9284c5 commits,
Compare changes
- Side-by-side
- Inline
Files
2Loading