Integrate new Zap reports

Author: binarymist

Dockerfile

@@ -7,7 +7,7 @@
 # the Business Source License, use of this software will be governed
 # by the Apache License, Version 2.0
 
-FROM node:16-alpine
+FROM node:17-alpine
 
 ARG LOCAL_USER_ID
 ARG LOCAL_GROUP_ID

config/config.js

@@ -137,11 +137,6 @@ const schema = {
         doc: 'The location of the report.',
         format: String,
         default: '/var/log/purpleteam/outcomes/'
-      },
-      formats: {
-        doc: 'The supported formats that reports will be written in.',
-        format: Array,
-        default: ['html', 'json', 'md']
       }
     },
     upload: {

src/api/app/do/sUt.aPi.js

@@ -50,6 +50,7 @@ class Api extends Sut {
           scanningStrategy: Joi.string().min(2).regex(/^[-\w/]{1,200}$/).default('ApiStandard'),
           postScanningStrategy: Joi.string().min(2).regex(/^[-\w/]{1,200}$/).default('ApiStandard'),
           reportingStrategy: Joi.string().min(2).regex(/^[-\w/]{1,200}$/).default('Standard'),
+          reports: Joi.object({ templateThemes: Joi.array().items(Joi.object({ name: Joi.string().min(1).max(100).regex(/^[a-z0-9]+/i).required() })).required() }),
           username: Joi.string().min(2).required(),
           openApi: Joi.object({
             importFileContentBase64: Joi.string().base64({ paddingRequired: true }),
@@ -177,7 +178,8 @@ class Api extends Sut {
       args: {
         log: this.log,
         publisher: this.publisher,
-        sutPropertiesSubSet: this.getProperties('testSession')
+        baseUrl: this.baseUrl(),
+        sutPropertiesSubSet: this.getProperties(['testSession', 'context'])
       }
     };
   }

src/api/app/do/sUt.browserApp.js

@@ -56,6 +56,7 @@ class BrowserApp extends Sut {
           scanningStrategy: Joi.string().min(2).regex(/^[-\w/]{1,200}$/).default('BrowserAppStandard'),
           postScanningStrategy: Joi.string().min(2).regex(/^[-\w/]{1,200}$/).default('BrowserAppStandard'),
           reportingStrategy: Joi.string().min(2).regex(/^[-\w/]{1,200}$/).default('Standard'),
+          reports: Joi.object({ templateThemes: Joi.array().items(Joi.object({ name: Joi.string().min(1).max(100).regex(/^[a-z0-9]+/i).required() })).required() }),
           username: Joi.string().min(2).required(),
           password: Joi.string().min(2),
           aScannerAttackStrength: Joi.string().valid(...this.#configSchemaProps.sut._cvtProperties.aScannerAttackStrength.format).uppercase().default(this.config.get('sut.aScannerAttackStrength')), // eslint-disable-line no-underscore-dangle
@@ -222,7 +223,8 @@ class BrowserApp extends Sut {
       args: {
         log: this.log,
         publisher: this.publisher,
-        sutPropertiesSubSet: this.getProperties('testSession')
+        baseUrl: this.baseUrl(),
+        sutPropertiesSubSet: this.getProperties(['testSession', 'context'])
       }
     };
   }

src/emissaries/zAp.js

@@ -21,7 +21,6 @@ const internals = {
     apiKey: Joi.string().required(),
     apiFeedbackSpeed: Joi.number().integer().positive(),
     reportDir: Joi.string().required().valid(config.get('emissary.report.dir')),
-    reportFormats: Joi.array().default(config.get('emissary.report.formats')),
     uploadDir: Joi.string().required().valid(config.get('emissary.upload.dir')),
     spider: Joi.object({
       maxDepth: Joi.number().integer().positive(),
@@ -114,9 +113,6 @@ internals.zApApiRoutes = {
     newContext:                   async (params) => internals.zApApi('JSON/context/action/newContext/',                     { searchParams: new URLSearchParams(params) })
   },
   core: {
-    htmlreport:                   async (params) => internals.zApApi('OTHER/core/other/htmlreport/',  { responseType: 'text', searchParams: new URLSearchParams(params) }),
-    jsonreport:                   async (params) => internals.zApApi('OTHER/core/other/jsonreport/',                        { searchParams: new URLSearchParams(params) }),
-    mdreport:                     async (params) => internals.zApApi('OTHER/core/other/mdreport/',    { responseType: 'text', searchParams: new URLSearchParams(params) }),
     viewNumberOfAlerts:           async (params) => internals.zApApi('JSON/core/view/numberOfAlerts/',                      { searchParams: new URLSearchParams(params) }),
     viewUrls:                     async (params) => internals.zApApi('JSON/core/view/urls/',                                { searchParams: new URLSearchParams(params) })
   },
@@ -221,7 +217,7 @@ const postScanProcess = (sUt) => {
 
 const createReports = async (sUt) => {
   const { Strategy, args } = sUt.getReportingStrategy();
-  const reporting = new Strategy({ ...args, emissaryPropertiesSubSet: getProperties(['reportDir', 'reportFormats']), zAp: { aPi: internals.zApApiRoutes } });
+  const reporting = new Strategy({ ...args, emissaryPropertiesSubSet: getProperties(['uploadDir', 'reportDir']), zAp: { aPi: internals.zApApiRoutes } });
   await reporting.createReports();
 };