Update ldapdn audit logic (#44)

* Update ldapdn audit logic * Increment version 3.3.4-SNAPSHOT * Fix file matcher
hygieia · Jun 30, 2020 · e209598 · e209598
1 parent c7931cc
commit e209598
Show file tree

Hide file tree

Showing 4 changed files with 22 additions and 19 deletions.
diff --git a/pom.xml b/pom.xml
@@ -4,7 +4,7 @@
     <artifactId>api-audit</artifactId>
     <packaging>jar</packaging>
     <name>${project.groupId}:${project.artifactId}</name>
-    <version>3.3.3-SNAPSHOT</version>
+    <version>3.3.4-SNAPSHOT</version>
     <description>Hygieia Audit Rest API Layer</description>
     <url>https://github.com/Hygieia/${repository.name}</url>
 

diff --git a/src/main/java/com/capitalone/dashboard/common/CommonCodeReview.java b/src/main/java/com/capitalone/dashboard/common/CommonCodeReview.java
@@ -181,24 +181,22 @@ public static boolean isFileTypeWhitelisted(Commit commit, ApiSettings settings)
         List<String> whitelistedFiles = settings.getDirectCommitWhitelistedFiles();
         Stream<String> combinedStream
                 = Stream.of(commit.getFilesAdded(), commit.getFilesModified(),commit.getFilesRemoved()).filter(Objects::nonNull).flatMap(Collection::stream);
-        Collection<String> updatedFiles = combinedStream.collect(Collectors.toList());
-        boolean isValid = true;
+        List<String> updatedFiles = combinedStream.collect(Collectors.toList());
+        if(CollectionUtils.isEmpty(updatedFiles)) return true;
         for (String file : updatedFiles) {
             if(!findFileMatch(file, whitelistedFiles)) {
-                isValid = false;
+                return false;
             }
         }
-        return isValid;
+        return true;
     }
 
     private static boolean findFileMatch(String fileName, List<String> files){
-      if(fileName.contains("*")){
-          Optional<String> extension = getExtensionByStringHandling(fileName);
-            String EXT_PATTERN = "([^\\s]+(\\.(?i)("+extension.get()+"))$)";
-            java.util.function.Predicate<String> fileFilter = Pattern.compile(EXT_PATTERN).asPredicate();
-            List<String> filesFound = files.stream().filter(fileFilter).collect(Collectors.toList());
-            return filesFound.size()>0;
-        }else return files.parallelStream().anyMatch(file -> file.contains(fileName));
+        Optional<String> extension = getExtensionByStringHandling(fileName);
+        String EXT_PATTERN = "([^\\s]+(\\.(?i)("+extension.get()+"))$)";
+        java.util.function.Predicate<String> fileFilter = Pattern.compile(EXT_PATTERN).asPredicate();
+        List<String> filesFound = files.stream().filter(fileFilter).collect(Collectors.toList());
+        return filesFound.size()>0;
     }
 
     public static Optional<String> getExtensionByStringHandling(String filename) {

diff --git a/src/main/java/com/capitalone/dashboard/evaluator/CodeReviewEvaluator.java b/src/main/java/com/capitalone/dashboard/evaluator/CodeReviewEvaluator.java
@@ -222,10 +222,11 @@ private CodeReviewAuditResponseV2 getPeerReviewResponses(CollectorItem repoItem,
      * Adds SCM_AUTHOR_LOGIN_INVALID status at Code Review level
      */
     private void checkCommitByLDAPUnauthUser(CodeReviewAuditResponseV2 reviewAuditResponseV2, Commit commit) {
+        if (commit.getScmAuthorType() != null && commit.getScmAuthorType().equals(AuthorType.Bot)) {
+            return;
+        }
         if (StringUtils.isEmpty(commit.getScmAuthorLDAPDN()) &&
-                !CommonCodeReview.matchIncrementVersionTag(commit.getScmCommitLog(), settings) &&
-                commit.getScmAuthorType() != null &&
-                !commit.getScmAuthorType().equals(AuthorType.Bot)) {
+                !CommonCodeReview.matchIncrementVersionTag(commit.getScmCommitLog(), settings)) {
             reviewAuditResponseV2.addAuditStatus(CodeReviewAuditStatus.SCM_AUTHOR_LOGIN_INVALID);
             // add commit made by unauth user to commitsByLDAPUnauthUsers list
             reviewAuditResponseV2.addCommitByLDAPUnauthUser(commit);

diff --git a/src/test/java/com/capitalone/dashboard/common/CommonCodeReviewTest.java b/src/test/java/com/capitalone/dashboard/common/CommonCodeReviewTest.java
@@ -46,7 +46,8 @@ public void testIsServiceAccount() {
     @Test
     public void testIsFileTypeWhitelistedPass() {
         List<String> whitelistedFile = new ArrayList<>();
-        whitelistedFile.add("pom.xml");
+        whitelistedFile.add("*.xml");
+        whitelistedFile.add("*.md");
         whitelistedFile.add("readme.md");
         apiSettings.setDirectCommitWhitelistedFiles(whitelistedFile);
         Commit commit = makeCommitWhitelistedFiles();
@@ -56,7 +57,8 @@ public void testIsFileTypeWhitelistedPass() {
     @Test
     public void testIsFileTypeWhitelistedNoFilesInCommit() {
         List<String> whitelistedFile = new ArrayList<>();
-        whitelistedFile.add("pom.xml");
+        whitelistedFile.add("*.xml");
+        whitelistedFile.add("*.md");
         whitelistedFile.add("readme.md");
         apiSettings.setDirectCommitWhitelistedFiles(whitelistedFile);
         Commit commit = makeCommitNoFiles();
@@ -66,7 +68,8 @@ public void testIsFileTypeWhitelistedNoFilesInCommit() {
     @Test
     public void testIsFileTypeWhitelistedFail() {
         List<String> whitelistedFile = new ArrayList<>();
-        whitelistedFile.add("pom.xml");
+        whitelistedFile.add("*.xml");
+        whitelistedFile.add("*.md");
         whitelistedFile.add("readme.md");
         apiSettings.setDirectCommitWhitelistedFiles(whitelistedFile);
         Commit commit = makeCommit();
@@ -129,7 +132,8 @@ private Commit makeCommit() {
         c.setScmAuthorLDAPDN("CN=hygieiaUser,OU=Service Accounts,DC=basic,DC=ds,DC=industry,DC=com");
         c.setScmCommitTimestamp(100000000);
         c.setScmAuthorLogin("hygieiaUser");
-        c.setFilesAdded(Arrays.asList("source1.java", "source2.java"));
+        c.setFilesAdded(Arrays.asList("source1.java", "pom.xml"));
+        c.setFilesRemoved(Arrays.asList());
         return c;
     }