diff --git a/sechub-api-java/src/main/resources/reduced-openapi3.json b/sechub-api-java/src/main/resources/reduced-openapi3.json index a1e6b72aff..2c197c4e89 100644 --- a/sechub-api-java/src/main/resources/reduced-openapi3.json +++ b/sechub-api-java/src/main/resources/reduced-openapi3.json @@ -1,1081 +1,1374 @@ { - "openapi": "3.0.1", - "info": { - "title": "SecHub API", - "description": "SecHub API description", - "version": "0.0.0" - }, - "servers": [ - { - "url": "https://localhost" - } - ], - "tags": [ - { - "name": "apiVersion", - "description": "1.0" - } - ], - "paths": { - "/api/admin/admins": { - "get": { - "tags": [ - "admin" - ], - "summary": "Admin lists all admins", - "description": "An administrator downloads a json file containing all names of SecHub admins", - "operationId": "adminListsAllAdmins", - "responses": { - "200": { - "description": "200", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/ListOfUsers" - } - } + "components": { + "schemas": { + "ExecutionProfileCreate": { + "title": "ExecutionProfileCreate", + "type": "object", + "properties": { + "configurations": { + "type": "array", + "description": "Configurations can be linked at creation time as well - see update description", + "items": { + "type": "string" } - } - }, - "security": [ - { - "basic": [ - - ] - } - ] - } - }, - "/api/admin/project": { - "post": { - "tags": [ - "admin" - ], - "summary": "Admin creates a project", - "description": "Admin creates a project", - "operationId": "adminCreatesProject", - "requestBody": { - "content": { - "application/json;charset=UTF-8": { - "schema": { - "$ref": "#/components/schemas/Project" - } + }, + "description": { + "type": "string", + "description": "A short description for the profile" + }, + "projectIds": { + "type": "array", + "description": "Projects can be linked by their ids at creation time as well - see update description", + "items": { + "type": "string" } + }, + "enabled": { + "type": "boolean", + "description": "Enabled state of profile, default is false" } - }, - "responses": { - "201": { - "description": "201" - } - }, - "security": [ - { - "basic": [ - - ] - } - ] - } - }, - "/api/admin/projects": { - "get": { - "tags": [ - "admin" - ], - "summary": "Admin lists all projects", - "description": "An administrator downloads a json file containing all project ids", - "operationId": "adminListsAllProjects", - "responses": { - "200": { - "description": "200", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/ListOfProjects" + } + }, + "ExecutionProfileFetch": { + "title": "ExecutionProfileFetch", + "type": "object", + "properties": { + "configurations": { + "type": "array", + "items": { + "type": "object", + "properties": { + "productIdentifier": { + "type": "string", + "description": "executed product" + }, + "name": { + "type": "string", + "description": "name of configuration" + }, + "executorVersion": { + "type": "number", + "description": "executor version" + }, + "uuid": { + "type": "string", + "description": "uuid of configuration" + }, + "enabled": { + "type": "boolean", + "description": "enabled state of this config" } } } - } - }, - "security": [ - { - "basic": [ - - ] - } - ] - } - }, - "/api/admin/signups": { - "get": { - "tags": [ - "admin" - ], - "summary": "Admin lists open user signups", - "description": "In this usecase the administrator will list the currently unapplied user self registrations/signups.", - "operationId": "adminListsOpenUserSignups", - "responses": { - "200": { - "description": "200", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/ListOfSignups" - } - } + }, + "description": { + "type": "string", + "description": "A short description for the profile" + }, + "projectIds": { + "type": "array", + "description": "Projects can be linked by their ids here", + "items": { + "type": "string" } + }, + "enabled": { + "type": "boolean", + "description": "Enabled state of profile, default is false" } - }, - "security": [ - { - "basic": [ - - ] - } - ] - } - }, - "/api/admin/status": { - "get": { - "tags": [ - "admin" - ], - "summary": "Admin lists status information", - "description": "An administrator fetches current known status information about sechub", - "operationId": "adminListsStatusInformation", - "responses": { - "200": { - "description": "200", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/StatusInformation" + } + }, + "ExecutionProfileUpdate": { + "title": "ExecutionProfileUpdate", + "type": "object", + "properties": { + "configurations": { + "type": "array", + "items": { + "type": "object", + "properties": { + "uuid": { + "type": "string", + "description": "Add uuid for configuration to use here" } } } - } - }, - "security": [ - { - "basic": [ - - ] - } - ] - } - }, - "/api/admin/users": { - "get": { - "tags": [ - "admin" - ], - "summary": "Admin lists all users", - "description": "An administrator downloads a json file containing all user ids", - "operationId": "adminListsAllUsers", - "responses": { - "200": { - "description": "200", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/ListOfUsers" - } - } - } - } - }, - "security": [ - { - "basic": [ - - ] - } - ] - } - }, - "/api/anonymous/signup": { - "post": { - "tags": [ - "anonymous" - ], - "summary": "User self registration", - "description": "User self registration", - "operationId": "userSignup", - "requestBody": { - "content": { - "application/json;charset=UTF-8": { - "schema": { - "$ref": "#/components/schemas/UserSignup" - } - } - } - }, - "responses": { - "200": { - "description": "200" + }, + "description": { + "type": "string", + "description": "A short description for the profile" + }, + "enabled": { + "type": "boolean", + "description": "Enabled state of profile, default is false" } } - } - }, - "/api/admin/config/autoclean": { - "get": { - "tags": [ - "admin" - ], - "summary": "Admin fetches auto cleanup configuration", - "description": "An administrator feches current <> configuration.", - "operationId": "adminFetchesAutoCleanupConfiguration", - "responses": { - "200": { - "description": "200", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/api-admin-project-projectId-104816866" + }, + "ExecutorConfiguration": { + "title": "ExecutorConfiguration", + "type": "object", + "properties": { + "productIdentifier": { + "type": "string", + "description": "Executor product identifier" + }, + "name": { + "type": "string", + "description": "The name of this configuration" + }, + "setup": { + "type": "object", + "properties": { + "baseURL": { + "type": "string", + "description": "Base URL to the product" + }, + "credentials": { + "type": "object", + "properties": { + "password": { + "type": "string", + "description": "Password, either plain (not recommended) or with env:VARIABLENAME, in last case the password will be from environment variable " + }, + "user": { + "type": "string", + "description": "User name, either plain (not recommended) or with env:VARIABLENAME, in last case the user name will be from environment variable " + } + } + }, + "jobParameters": { + "type": "array", + "items": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "Job parameter value" + }, + "key": { + "type": "string", + "description": "Job parameter key" + } + } } } } + }, + "executorVersion": { + "type": "number", + "description": "Executor version" + }, + "enabled": { + "type": "boolean", + "description": "Enabled state of executor, per default false" } - }, - "security": [ - { - "basic": [ - - ] - } - ] + } }, - "put": { - "tags": [ - "admin" - ], - "summary": "Admin updates auto cleanup configuration", - "description": "An administrator changes <> configuration.", - "operationId": "adminUpdatesAutoCleanupConfiguration", - "requestBody": { - "content": { - "application/json;charset=UTF-8": { - "schema": { - "$ref": "#/components/schemas/api-admin-project-projectId-104816866" - } - } - } - }, - "responses": { - "202": { - "description": "202" - } - }, - "security": [ - { - "basic": [ - - ] - } - ] - } - }, - "/api/admin/config/executor": { - "post": { - "tags": [ - "admin" - ], - "summary": "Admin creates an executor configuration", - "description": "An administrator creates an executor a new configuration entry.", - "operationId": "adminCreatesExecutorConfiguration", - "requestBody": { - "content": { - "application/json;charset=UTF-8": { - "schema": { - "$ref": "#/components/schemas/ExecutorConfiguration" - } - } - } - }, - "responses": { - "201": { - "description": "201", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/ExecutorConfigurationId" + "ExecutorConfigurationId": { + "title": "ExecutorConfigurationId", + "type": "object" + }, + "ExecutorConfigurationWithUUID": { + "title": "ExecutorConfigurationWithUUID", + "type": "object", + "properties": { + "productIdentifier": { + "type": "string", + "description": "Executor product identifier" + }, + "name": { + "type": "string", + "description": "The name of this configuration" + }, + "setup": { + "type": "object", + "properties": { + "baseURL": { + "type": "string", + "description": "Base URL to the product" + }, + "credentials": { + "type": "object", + "properties": { + "password": { + "type": "string", + "description": "Password, either plain (not recommended) or with env:VARIABLENAME, in last case the password will be from environment variable " + }, + "user": { + "type": "string", + "description": "User name, either plain (not recommended) or with env:VARIABLENAME, in last case the user name will be from environment variable " + } } - } - } - } - }, - "security": [ - { - "basic": [ - - ] - } - ] - } - }, - "/api/admin/config/executors": { - "get": { - "tags": [ - "admin" - ], - "summary": "Admin fetches executor configuration list", - "description": "An administrator fetches executor configuration list which contains all executor configurations", - "operationId": "adminFetchesExecutorConfigurationList", - "responses": { - "200": { - "description": "200", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/ListOfExecutorConfigurations" + }, + "jobParameters": { + "type": "array", + "items": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "Job parameter value" + }, + "key": { + "type": "string", + "description": "Job parameter key" + } + } } } } + }, + "executorVersion": { + "type": "number", + "description": "Executor version" + }, + "uuid": { + "type": "string", + "description": "The uuid of this configuration" + }, + "enabled": { + "type": "boolean", + "description": "Enabled state of executor" } - }, - "security": [ - { - "basic": [ - - ] - } - ] - } - }, - "/api/admin/info/version": { - "get": { - "tags": [ - "admin" - ], - "summary": "Admin checks server version", - "description": "An administrator checks the current SecHub server version. Only administrators are able to check the server version, because knowing the exact server version makes it easier for penetration tester or attacker to attack the system.", - "operationId": "adminChecksServerVersion", - "responses": { - "200": { - "description": "200", - "content": { - "text/plain;charset=UTF-8": { - "schema": { - "$ref": "#/components/schemas/ServerVersion" - } - } - } - } - }, - "security": [ - { - "basic": [ - - ] - } - ] - } - }, - "/api/admin/jobs/running": { - "get": { - "tags": [ - "admin" - ], - "summary": "Admin lists all running jobs", - "description": "Admin lists all running jobs", - "operationId": "adminListsAllRunningJobs", - "responses": { - "200": { - "description": "200", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/ListOfRunningJobs" + } + }, + "FalsePositives": { + "title": "FalsePositives", + "type": "object", + "properties": { + "falsePositives": { + "type": "array", + "description": "Job data list containing false positive setup based on former jobs", + "items": { + "type": "object", + "properties": { + "metaData": { + "type": "object", + "properties": { + "severity": { + "type": "string", + "description": "Severity of origin report entry marked as false positive" + }, + "code": { + "type": "object", + "properties": { + "start": { + "type": "object", + "properties": { + "sourceCode": { + "type": "string", + "description": "source code" + }, + "relevantPart": { + "type": "string", + "description": "relevant part of source vulnerability" + }, + "location": { + "type": "string", + "description": "location of code" + } + }, + "description": "entry point" + }, + "end": { + "type": "object", + "properties": { + "sourceCode": { + "type": "string", + "description": "source code" + }, + "relevantPart": { + "type": "string", + "description": "relevant part of source vulnerability" + }, + "location": { + "type": "string", + "description": "location of code" + } + }, + "description": "end point (sink)" + } + }, + "description": "Code part. Only available for scan type 'codeScan'" + }, + "owasp": { + "type": "string", + "description": "OWASP At least this field must be set for web scans when no cwe identifier is defined." + }, + "cweId": { + "type": "number", + "description": "CWE (common weakness enumeration). For code scans this is always set." + }, + "cveId": { + "type": "string", + "description": "CVE (common vulnerability and exposures). For infra scans this is always set." + }, + "name": { + "type": "string", + "description": "Name of origin finding marked as false positive" + }, + "scanType": { + "type": "string", + "description": "Scan type - e.g. codeScan" + } + }, + "description": "Meta data for this false positive" + }, + "jobData": { + "type": "object", + "properties": { + "jobUUID": { + "type": "string", + "description": "SecHub job uuid where finding was" + }, + "findingId": { + "type": "number", + "description": "SecHub finding identifier - identifies problem inside the job which shall be markeda as a false positive. *ATTENTION*: at the moment only code scan false positive handling is supported. Infra and web scan findings will lead to a non accepted error!" + }, + "comment": { + "type": "string", + "description": "A comment from author describing why this was marked as a false positive" + } + }, + "description": "Job data parts, can be used as key to identify false positives" + }, + "created": { + "type": "string", + "description": "Creation timestamp" + }, + "author": { + "type": "string", + "description": "User id of author who created false positive" } } } } - }, - "security": [ - { - "basic": [ - - ] - } - ] - } - }, - "/api/admin/project/{projectId}": { - "get": { - "tags": [ - "admin" - ], - "summary": "Admin shows project details", - "description": "An administrator downloads a json file containing json with project details", - "operationId": "adminShowsProjectDetails", - "parameters": [ - { - "name": "projectId", - "in": "path", - "description": "The id for project to show details for", - "required": true, - "schema": { - "type": "string" - } - } - ], - "responses": { - "200": { - "description": "200", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/ProjectDetails" + } + }, + "FalsePositivesForJob": { + "title": "FalsePositivesForJob", + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "description": "The api version, currently only 1.0 is supported" + }, + "jobData": { + "type": "array", + "description": "Job data list containing false positive setup based on former jobs", + "items": { + "type": "object", + "properties": { + "jobUUID": { + "type": "string", + "description": "SecHub job uuid where finding was" + }, + "findingId": { + "type": "number", + "description": "SecHub finding identifier - identifies problem inside the job which shall be markeda as a false positive. *ATTENTION*: at the moment only code scan false positive handling is supported. Infra and web scan findings will lead to a non accepted error!" + }, + "comment": { + "type": "string", + "description": "A comment describing why this is a false positive" } } } + }, + "type": { + "type": "string", + "description": "The type of the json content. Currently only accepted value is 'falsePositiveJobDataList'." } - }, - "security": [ - { - "basic": [ - - ] - } - ] + } }, - "post": { - "tags": [ - "admin" - ], - "summary": "Admin changes project description", - "description": "An administrator changes the project description", - "operationId": "adminChangesProjectDescription", - "parameters": [ - { - "name": "projectId", - "in": "path", - "description": "The id for project to change details for", - "required": true, - "schema": { - "type": "string" - } + "FullScanDataZIP": { + "title": "FullScanDataZIP", + "type": "object" + }, + "JobId": { + "title": "JobId", + "type": "object", + "properties": { + "jobId": { + "type": "string", + "description": "A unique job id" } - ], - "requestBody": { - "content": { - "application/json;charset=UTF-8": { - "schema": { - "$ref": "#/components/schemas/api-admin-project-projectId-104816866" - } - } + } + }, + "JobStatus": { + "title": "JobStatus", + "type": "object", + "properties": { + "result": { + "type": "string", + "description": "Result of job" + }, + "owner": { + "type": "string", + "description": "Owner / initiator of job" + }, + "jobUUID": { + "type": "string", + "description": "The job uuid" + }, + "created": { + "type": "string", + "description": "Creation timestamp of job" + }, + "ended": { + "type": "string", + "description": "End timestamp of job execution" + }, + "started": { + "type": "string", + "description": "Start timestamp of job execution" + }, + "state": { + "type": "string", + "description": "State of job" + }, + "trafficLight": { + "type": "string", + "description": "Trafficlight of job - but only available when job has been done. Possible states are GREEN, YELLOW, RED, OFF" } - }, - "responses": { - "200": { - "description": "200", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/ProjectDetails" + } + }, + "ListOfExecutionProfiles": { + "title": "ListOfExecutionProfiles", + "type": "object", + "properties": { + "executionProfiles": { + "type": "array", + "items": { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "A profile description" + }, + "id": { + "type": "string", + "description": "The profile id" + }, + "enabled": { + "type": "boolean", + "description": "Enabled state of profile" } } } + }, + "type": { + "type": "string", + "description": "Always `executorProfileList` as an identifier for the list" } - }, - "security": [ - { - "basic": [ - - ] - } - ] + } }, - "delete": { - "tags": [ - "admin" - ], - "summary": "Admin deletes a project", - "description": "Admin deletes a project", - "operationId": "adminDeleteProject", - "parameters": [ - { - "name": "projectId", - "in": "path", - "description": "The id for project to delete", - "required": true, - "schema": { - "type": "string" - } - } - ], - "responses": { - "200": { - "description": "200" - } - }, - "security": [ - { - "basic": [ - - ] - } - ] - } - }, - "/api/admin/signup/{userId}": { - "delete": { - "tags": [ - "admin" - ], - "summary": "Admin deletes user signup", - "description": "In this usecase the administrator will not accept the self registration done by an user but delete the entry.", - "operationId": "adminDeletesSignup", - "parameters": [ - { - "name": "userId", - "in": "path", - "description": "The userId of the signup which shall be deleted", - "required": true, - "schema": { - "type": "string" - } - } - ], - "responses": { - "200": { - "description": "200" - } - }, - "security": [ - { - "basic": [ - - ] - } - ] - } - }, - "/api/admin/user-by-email/{emailAddress}": { - "get": { - "tags": [ - "admin" - ], - "summary": "Admin shows user details for email address", - "description": "An administrator fetches user details for an email address.", - "operationId": "adminShowsUserDetailsForEmailAddress", - "parameters": [ - { - "name": "emailAddress", - "in": "path", - "description": "The email address of user to show details for", - "required": true, - "schema": { - "type": "string" - } + "ListOfExecutorConfigurations": { + "title": "ListOfExecutorConfigurations", + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "Always `executorConfigurationList` as an identifier for the list" }, - { - "name": "Authorization", - "in": "header", - "description": "Basic authentication credentials", - "required": true, - "schema": { - "type": "string" - } - } - ], - "responses": { - "200": { - "description": "200", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/UserDetails" + "executorConfigurations": { + "type": "array", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The configuration name" + }, + "uuid": { + "type": "string", + "description": "The uuid of the configuration" + }, + "enabled": { + "type": "boolean", + "description": "Enabled state of configuration" } } } } - }, - "security": [ - { - "basic": [ - - ] - } - ] - } - }, - "/api/admin/user/{userId}": { - "get": { - "tags": [ - "admin" - ], - "summary": "Admin shows user details", - "description": "An administrator downloads a json file containing json containing user details", - "operationId": "adminShowsUserDetails", - "parameters": [ - { - "name": "userId", - "in": "path", - "description": "The user id of user to show details for", - "required": true, - "schema": { - "type": "string" - } - } - ], - "responses": { - "200": { - "description": "200", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/UserDetails" - } - } - } - } - }, - "security": [ - { - "basic": [ - - ] - } - ] + } }, - "delete": { - "tags": [ - "admin" - ], - "summary": "Admin deletes a user", - "description": "Admin deletes a user", - "operationId": "adminDeletesUser", - "parameters": [ - { - "name": "userId", - "in": "path", - "description": "The userId of the user who shall be deleted", - "required": true, - "schema": { - "type": "string" - } - } - ], - "responses": { - "200": { - "description": "200" - } - }, - "security": [ - { - "basic": [ - - ] - } - ] - } - }, - "/api/anonymous/apitoken/{oneTimeToken}": { - "get": { - "tags": [ - "anonymous" - ], - "summary": "User clicks link to get new api token", - "description": "User clicks link to get new api token", - "operationId": "userClicksLinkToGetNewAPIToken", - "parameters": [ - { - "name": "oneTimeToken", - "in": "path", - "description": "A one time token the user has got by a previous mail from sechub server", - "required": true, - "schema": { - "type": "string" + "ListOfProjects": { + "type": "array", + "description": "List of project Ids", + "items": { + "type": "string" + } + }, + "ListOfRunningJobs": { + "title": "ListOfRunningJobs", + "type": "array", + "items": { + "type": "object", + "properties": { + "owner": { + "type": "string", + "description": "Owner of the job - means user which triggered it" + }, + "jobUUID": { + "type": "string", + "description": "The uuid of the running job" + }, + "configuration": { + "type": "string", + "description": "Configuration used for this job" + }, + "projectId": { + "type": "string", + "description": "The name of the project the job is running for" + }, + "since": { + "type": "string", + "description": "Timestamp since when job has been started" + }, + "status": { + "type": "string", + "description": "A status information " } } - ], - "responses": { - "200": { - "description": "200" - } } - } - }, - "/api/anonymous/check/alive": { - "get": { - "tags": [ - "anonymous" - ], - "summary": "Check if the server is alive and running.", - "description": "An anonymous user or system wants to know if the server is alive and running.", - "operationId": "anonymousCheckAlive_get", - "responses": { - "200": { - "description": "200" - } + }, + "ListOfSignups": { + "title": "ListOfSignups", + "type": "array", + "description": "List of user signups", + "items": { + "type": "object", + "properties": { + "emailAdress": { + "type": "string", + "description": "The email address" + }, + "userId": { + "type": "string", + "description": "The user id" + } + }, + "description": "List of user signups" } }, - "head": { - "tags": [ - "anonymous" - ], - "summary": "Check if the server is alive and running.", - "description": "An anonymous user or system wants to know if the server is alive and running.", - "operationId": "anonymousCheckAlive_head", - "responses": { - "200": { - "description": "200" - } + "ListOfUsers": { + "type": "array", + "description": "List of admin Ids", + "items": { + "type": "string" } - } - }, - "/api/project/{projectId}/false-positives": { - "get": { - "tags": [ - "project" - ], - "summary": "User fetches false positive configuration of project", - "description": "User fetches false positive configuration of project", - "operationId": "userFetchesFalsePositiveConfigurationOfProject", - "parameters": [ - { - "name": "projectId", - "in": "path", - "description": "The project id", - "required": true, - "schema": { - "type": "string" - } - } - ], - "responses": { - "200": { - "description": "200", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/FalsePositives" + }, + "MappingConfiguration": { + "title": "MappingConfiguration", + "type": "object", + "properties": { + "entries": { + "type": "array", + "items": { + "type": "object", + "properties": { + "pattern": { + "type": "string", + "description": "Pattern" + }, + "comment": { + "type": "string", + "description": "Comment" + }, + "replacement": { + "type": "string", + "description": "Replacement" } } } } - }, - "security": [ - { - "basic": [ - - ] - } - ] + } }, - "put": { - "tags": [ - "project" - ], - "summary": "User marks false positives for finished sechub job", - "description": "User marks false positives for finished sechub job", - "operationId": "userMarksFalsePositivesForJob", - "parameters": [ - { - "name": "projectId", - "in": "path", - "description": "The projectId of the project where users adds false positives for", - "required": true, - "schema": { - "type": "string" - } - } - ], - "requestBody": { - "content": { - "application/json;charset=UTF-8": { - "schema": { - "$ref": "#/components/schemas/FalsePositivesForJob" + "MockDataConfiguration": { + "title": "MockDataConfiguration", + "type": "object" + }, + "Project": { + "title": "Project", + "type": "object", + "properties": { + "owner": { + "type": "string", + "description": "Username of the owner of this project. An owner is the person in charge" + }, + "metaData": { + "type": "object", + "properties": { + "*": { + "type": "string", + "description": "An arbitrary metadata key-value pair" } - } - } - }, - "responses": { - "200": { - "description": "200" - } - }, - "security": [ - { - "basic": [ - - ] - } - ] - } - }, - "/api/project/{projectId}/job": { - "post": { - "tags": [ - "project" - ], - "summary": "User creates a new sechub job", - "description": "User creates a new sechub job", - "operationId": "userCreatesNewJob_", - "parameters": [ - { - "name": "projectId", - "in": "path", - "description": "The unique id of the project id where a new sechub job shall be created", - "required": true, - "schema": { - "type": "string" - } - } - ], - "requestBody": { - "content": { - "application/json;charset=UTF-8": { - "schema": { - "$ref": "#/components/schemas/ScanJob" - } - } - } - }, - "responses": { - "200": { - "description": "200", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/JobId" + }, + "description": "An JSON object containing metadata key-value pairs defined for this project" + }, + "apiVersion": { + "type": "string", + "description": "The api version, currently only 1.0 is supported" + }, + "name": { + "type": "string", + "description": "Name of the project to create. Is also used as a unique ID!" + }, + "description": { + "type": "string", + "description": "The description of the project." + }, + "whiteList": { + "type": "object", + "properties": { + "uris": { + "type": "array", + "description": "All URIs used now for whitelisting. Former parts will be replaced completely!", + "items": { + "type": "string" } } } } } - } - }, - "/api/project/{projectId}/jobs": { - "get": { - "tags": [ - "project" - ], - "summary": "User lists jobs for project", - "description": "User lists jobs for project", - "operationId": "userListsJobsforProject", - "parameters": [ - { - "name": "projectId", - "in": "path", - "description": "The id of the project where job information shall be fetched for", - "required": true, - "schema": { - "type": "string" - } + }, + "ProjectDetails": { + "title": "ProjectDetails", + "type": "object", + "properties": { + "owner": { + "type": "string", + "description": "Username of the owner of this project. An owner is the person in charge." }, - { - "name": "size", - "in": "query", - "description": "The wanted (maximum) size for the result set. When not defined, the default will be 1.", - "required": false, - "schema": { - "type": "string" - } + "metaData": { + "type": "object", + "properties": { + "key1": { + "type": "string", + "description": "An arbitrary metadata key" + } + }, + "description": "An JSON object containing metadata key-value pairs defined for this project." }, - { - "name": "page", - "in": "query", - "description": "The wanted page number. When not defined, the default will be 0.", - "required": false, - "schema": { - "type": "string" - } + "accessLevel": { + "type": "string", + "description": "The project access level" }, - { - "name": "metadata.labels.*", - "in": "query", - "description": "An optional dynamic query parameter to filter jobs by labels. The syntax is 'metadata.labels.${labelKey}=${labelValue}'.\n\nIt is possible to query for multiple labels (up to 10 ).\nThe filter works as an AND combination: Only jobs having all wanted label key value combinations are returned.", - "required": false, - "schema": { + "description": { + "type": "string", + "description": "The project description." + }, + "whiteList": { + "type": "array", + "description": "A list of all whitelisted URIs. Only these ones can be scanned for the project!", + "items": { "type": "string" } }, - { - "name": "withMetaData", - "in": "query", - "description": "An optional parameter to define if meta data shall be fetched as well. When not defined, the default will be false.", - "required": false, - "schema": { + "projectId": { + "type": "string", + "description": "The name of the project" + }, + "users": { + "type": "array", + "description": "A list of all users having access to the project", + "items": { "type": "string" } } - ], - "responses": { - "200": { - "description": "200", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/ProjectJobList" - } - } - } - } } - } - }, - "/api/project/{projectId}/mockdata": { - "get": { - "tags": [ - "project" - ], - "summary": "User retrieves mock data configuration for project", - "description": "User retrieves mock data configuration for project", - "operationId": "userRetrievesProjectMockdata", - "parameters": [ - { - "name": "projectId", - "in": "path", - "description": "", - "required": true, - "schema": { - "type": "string" - } - } - ], - "responses": { - "200": { - "description": "200", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/MockDataConfiguration" + }, + "ProjectJobList": { + "title": "ProjectJobList", + "type": "object", + "properties": { + "totalPages": { + "type": "number", + "description": "The total pages available" + }, + "page": { + "type": "number", + "description": "The page number" + }, + "content": { + "type": "array", + "items": { + "type": "object", + "properties": { + "executedBy": { + "type": "string", + "description": "User who initiated the job" + }, + "metaData": { + "type": "object", + "properties": { + "*": { + "type": "object", + "description": "Meta data of job - but only contained in result, when query parameter `withMetaData` is defined as 'true'." + } + } + }, + "jobUUID": { + "type": "string", + "description": "The job uuid" + }, + "created": { + "type": "string", + "description": "Creation timestamp of job" + }, + "executionResult": { + "type": "string", + "description": "Execution result of job" + }, + "executionState": { + "type": "string", + "description": "Execution state of job" + }, + "ended": { + "type": "string", + "description": "End timestamp of job execution" + }, + "started": { + "type": "string", + "description": "Start timestamp of job execution" + }, + "trafficLight": { + "type": "string", + "description": "Trafficlight of job - but only available when job has been done. Possible states are GREEN, YELLOW, RED, OFF" } } } } - }, - "security": [ - { - "basic": [ - - ] + } + }, + "ProjectMetaData": { + "title": "ProjectMetaData", + "type": "object", + "properties": { + "metaData": { + "type": "object", + "properties": { + "key1": { + "type": "string", + "description": "An arbitrary metadata key." + } + }, + "description": "Metadata object. Contains key-value pairs." + }, + "apiVersion": { + "type": "string", + "description": "The api version, currently only 1.0 is supported" } - ] + } }, - "put": { - "tags": [ - "project" - ], - "summary": "User defines mock data configuration for project", - "description": "User defines mock data configuration for project", - "operationId": "userDefinesProjectMockdata", - "parameters": [ - { - "name": "projectId", - "in": "path", - "description": "", - "required": true, - "schema": { - "type": "string" + "ProjectScanLogs": { + "title": "ProjectScanLogs", + "type": "array", + "description": "An array of scan log summary entries", + "items": { + "type": "object", + "properties": { + "executedBy": { + "type": "string", + "description": "The user id of the user which executed the scan" + }, + "sechubJobUUID": { + "type": "string", + "description": "The uuid of corresponding sechub Job." + }, + "ended": { + "type": "string", + "description": "The timestamp when the scan was ended" + }, + "started": { + "type": "string", + "description": "The timestamp when the scan was started" + }, + "status": { + "type": "string", + "description": "A status field about scan situation" } - } - ], - "requestBody": { - "content": { - "application/json;charset=UTF-8": { - "schema": { - "$ref": "#/components/schemas/MockDataConfiguration" + }, + "description": "An array of scan log summary entries" + } + }, + "ProjectWhitelistUpdate": { + "title": "ProjectWhitelistUpdate", + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "description": "The api version, currently only 1.0 is supported" + }, + "whiteList": { + "type": "object", + "properties": { + "uris": { + "type": "array", + "description": "All URIS used now for whitelisting. Former parts will be replaced completely!", + "items": { + "type": "string" + } } } } - }, - "responses": { - "200": { - "description": "200" - } - }, - "security": [ - { - "basic": [ - - ] - } - ] - } - }, - "/api/admin/config/execution/profiles": { - "get": { - "tags": [ - "admin" - ], - "summary": "Admin fetches execution profile list", - "description": "An administrator fetches execution profile list", - "operationId": "adminFetchesExecutionProfileList", - "responses": { - "200": { - "description": "200", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/ListOfExecutionProfiles" + } + }, + "ScanJob": { + "title": "ScanJob", + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "description": "The api version, currently only 1.0 is supported" + }, + "data": { + "type": "object", + "properties": { + "sources": { + "type": "array", + "items": { + "type": "object", + "properties": { + "fileSystem": { + "type": "object", + "properties": { + "folders": { + "type": "array", + "description": "Sources from given file system folders", + "items": { + "type": "string" + } + }, + "files": { + "type": "array", + "description": "Sources from given file system files", + "items": { + "type": "string" + } + } + } + }, + "name": { + "type": "string", + "description": "Unique reference name" + } + } + } + }, + "binaries": { + "type": "array", + "items": { + "type": "object", + "properties": { + "fileSystem": { + "type": "object", + "properties": { + "folders": { + "type": "array", + "description": "Binaries from given file system folders", + "items": { + "type": "string" + } + }, + "files": { + "type": "array", + "description": "Binaries from given file system files", + "items": { + "type": "string" + } + } + } + }, + "name": { + "type": "string", + "description": "Unique reference name" + } + } } } } - } - }, - "security": [ - { - "basic": [ - - ] - } - ] - } - }, - "/api/admin/config/executor/{uuid}": { - "get": { - "tags": [ - "admin" - ], - "summary": "Admin fetches executor configuration", - "description": "An administrator fetches one explicit executor configuration by its uuid.", - "operationId": "adminFetchesExecutorConfiguration", - "parameters": [ - { - "name": "uuid", - "in": "path", - "description": "The configuration uuid", - "required": true, - "schema": { - "type": "string" - } - } - ], - "responses": { - "200": { - "description": "200", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/ExecutorConfigurationWithUUID" + }, + "secretScan": { + "type": "object", + "properties": { + "use": { + "type": "array", + "description": "Referenced data configuration objects by their unique names", + "items": { + "type": "string" } } - } - } - }, - "security": [ - { - "basic": [ - - ] - } - ] - }, - "put": { - "tags": [ - "admin" + }, + "description": "Secret scan configuration block" + }, + "licenseScan": { + "type": "object", + "properties": { + "use": { + "type": "array", + "description": "Referenced data configuration objects by their unique names", + "items": { + "type": "string" + } + } + }, + "description": "License scan configuration block" + }, + "infraScan": { + "type": "object", + "properties": { + "uris": { + "type": "array", + "description": "Infrastructure URIs to scan for", + "items": { + "type": "string" + } + }, + "ips": { + "type": "array", + "description": "Infrastructure IPs to scan for", + "items": { + "type": "string" + } + } + }, + "description": "Infrastructure configuration block" + }, + "codeScan": { + "type": "object", + "properties": { + "fileSystem": { + "type": "object", + "properties": { + "folders": { + "type": "array", + "description": "Code scan sources from given file system folders", + "items": { + "type": "string" + } + }, + "files": { + "type": "array", + "description": "Code scan sources from given file system files", + "items": { + "type": "string" + } + } + } + }, + "use": { + "type": "array", + "description": "Referenced data configuration objects by their unique names", + "items": { + "type": "string" + } + } + }, + "description": "Code scan configuration block" + }, + "webScan": { + "type": "object", + "properties": { + "maxScanDuration": { + "type": "object", + "properties": { + "duration": { + "type": "number", + "description": "Duration of the scan as integer" + }, + "unit": { + "type": "string", + "description": "Unit of the duration. Possible values are: millisecond(s), second(s), minute(s), hour(s), day(s)" + } + } + }, + "headers": { + "type": "array", + "description": "List of HTTP headers. Can be used for authentication or anything else.", + "items": { + "type": "object", + "properties": { + "onlyForUrls": { + "type": "array", + "description": "Optional list of URLs this header shall be used for like: https://mywebapp.com/path/. Can contain wildcards like: https://mywebapp.com/path/<*>/with/wildcard", + "items": { + "type": "string" + } + }, + "name": { + "type": "string", + "description": "Name of the defined HTTP header." + }, + "sensitive": { + "type": "boolean", + "description": "Defines header masking. If 'true' the header value will be replaced with '********' inside the report, 'false' will show the value as is. Default is set to 'true'." + }, + "value": { + "type": "string", + "description": "Value of the defined HTTP header." + } + } + } + }, + "clientCertificate": { + "type": "object", + "properties": { + "password": { + "type": "string", + "description": "Password the client certificate file is protected with" + }, + "use": { + "type": "array", + "description": "Reference to the data section containing the client certificate definition file. Always use 'sources' with a single 'file' instead 'folders'.", + "items": { + "type": "string" + } + } + } + }, + "excludes": { + "type": "array", + "description": "Exclude URL sub-paths to scan. Example: /admin", + "items": { + "type": "string" + } + }, + "includes": { + "type": "array", + "description": "Include URL sub-paths to scan. Example: /hidden", + "items": { + "type": "string" + } + }, + "api": { + "type": "object", + "properties": { + "use": { + "type": "array", + "description": "Reference to the data section containing the API definition files. Always use 'sources' with 'files' instead 'folders'.", + "items": { + "type": "string" + } + }, + "type": { + "type": "string", + "description": "Type of the API definition files that will be provided" + } + } + }, + "login": { + "type": "object", + "properties": { + "form": { + "type": "object", + "properties": { + "script": { + "type": "object", + "properties": { + "pages": { + "type": "array", + "items": { + "type": "object", + "properties": { + "actions": { + "type": "array", + "items": { + "type": "object", + "properties": { + "unit": { + "type": "string", + "description": "the time unit to wait: millisecond, second, minute, hour, day." + }, + "description": { + "type": "string", + "description": "description" + }, + "selector": { + "type": "string", + "description": "css selector" + }, + "type": { + "type": "string", + "description": "action type: username, password, input, click, wait" + }, + "value": { + "type": "string", + "description": "value" + } + } + } + } + } + } + } + }, + "description": "script" + } + }, + "description": "form login definition" + }, + "basic": { + "type": "object", + "properties": { + "password": { + "type": "string", + "description": "password" + }, + "user": { + "type": "string", + "description": "username" + } + }, + "description": "basic login definition" + }, + "url": { + "type": "string", + "description": "Login URL" + } + }, + "description": "Webscan login definition" + }, + "url": { + "type": "string", + "description": "Webscan URI to scan for" + } + }, + "description": "Webscan configuration block" + } + } + }, + "SecHubReport": { + "title": "SecHubReport", + "type": "object" + }, + "ServerVersion": { + "title": "ServerVersion", + "type": "object" + }, + "StatusInformation": { + "title": "StatusInformation", + "type": "array", + "items": { + "type": "object", + "properties": { + "value": { + "type": "string", + "description": "Status value" + }, + "key": { + "type": "string", + "description": "Status key identifier" + } + } + } + }, + "UserDetails": { + "title": "UserDetails", + "type": "object", + "properties": { + "projects": { + "type": "array", + "description": "The projects the user has access to", + "items": { + "type": "string" + } + }, + "superAdmin": { + "type": "boolean", + "description": "True, when this user is a super administrator" + }, + "userId": { + "type": "string", + "description": "The name of the user" + }, + "email": { + "type": "string", + "description": "The mail adress of the user" + }, + "ownedProjects": { + "type": "array", + "description": "The projects the user is owner of", + "items": { + "type": "string" + } + } + } + }, + "UserSignup": { + "title": "UserSignup", + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "description": "The api version, currently only 1.0 is supported" + }, + "emailAdress": { + "type": "string", + "description": "Email adress" + }, + "userId": { + "type": "string", + "description": "Wanted userid, the userid must be lowercase only!" + } + } + }, + "api-admin-project-projectId-104816866": { + "type": "object" + } + }, + "securitySchemes": { + "basic": { + "type": "http", + "scheme": "basic" + } + } + }, + "info": { + "title": "SecHub API", + "description": "SecHub API description", + "version": "0.0.0" + }, + "openapi": "3.0.1", + "paths": { + "/api/admin/admins": { + "get": { + "tags": [ + "admin" ], - "summary": "Admin updates executor configuration setup", - "description": "An administrator updateds dedicated executor configuration. The update does change description, enabled state and also used executors, but Will NOT change any associations between profile and projects.", - "operationId": "adminUpdatesExecutorConfig", + "summary": "Admin lists all admins", + "description": "An administrator downloads a json file containing all names of SecHub admins", + "operationId": "adminListsAllAdmins", + "responses": { + "200": { + "description": "200", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ListOfUsers" + } + } + } + } + }, + "security": [ + { + "basic": [ + + ] + } + ] + } + }, + "/api/admin/config/autoclean": { + "get": { + "tags": [ + "admin" + ], + "summary": "Admin fetches auto cleanup configuration", + "description": "An administrator feches current <> configuration.", + "operationId": "adminFetchesAutoCleanupConfiguration", + "responses": { + "200": { + "description": "200", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/api-admin-project-projectId-104816866" + } + } + } + } + }, + "security": [ + { + "basic": [ + + ] + } + ] + }, + "put": { + "tags": [ + "admin" + ], + "summary": "Admin updates auto cleanup configuration", + "description": "An administrator changes <> configuration.", + "operationId": "adminUpdatesAutoCleanupConfiguration", + "requestBody": { + "content": { + "application/json;charset=UTF-8": { + "schema": { + "$ref": "#/components/schemas/api-admin-project-projectId-104816866" + } + } + } + }, + "responses": { + "202": { + "description": "202" + } + }, + "security": [ + { + "basic": [ + + ] + } + ] + } + }, + "/api/admin/config/execution/profile/{profileId}": { + "get": { + "tags": [ + "admin" + ], + "summary": "Admin fetches execution profile", + "description": "An administrator fetches details about an execution profile", + "operationId": "adminFetchesExecutionProfile", "parameters": [ { - "name": "uuid", + "name": "profileId", "in": "path", - "description": "The configuration uuid", + "description": "The profile id", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "200", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ExecutionProfileFetch" + } + } + } + } + }, + "security": [ + { + "basic": [ + + ] + } + ] + }, + "put": { + "tags": [ + "admin" + ], + "summary": "Admin updates execution profile", + "description": "An administrator updateds dedicated execution profile", + "operationId": "adminUpdatesExecutionProfile", + "parameters": [ + { + "name": "profileId", + "in": "path", + "description": "The profile id", "required": true, "schema": { "type": "string" @@ -1086,7 +1379,7 @@ "content": { "application/json;charset=UTF-8": { "schema": { - "$ref": "#/components/schemas/ExecutorConfiguration" + "$ref": "#/components/schemas/ExecutionProfileUpdate" } } } @@ -1104,18 +1397,58 @@ } ] }, + "post": { + "tags": [ + "admin" + ], + "summary": "Admin creates an execution profile", + "description": "An administrator creates an execution profile", + "operationId": "adminCreatesExecutionProfile", + "parameters": [ + { + "name": "profileId", + "in": "path", + "description": "The profile id", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json;charset=UTF-8": { + "schema": { + "$ref": "#/components/schemas/ExecutionProfileCreate" + } + } + } + }, + "responses": { + "201": { + "description": "201" + } + }, + "security": [ + { + "basic": [ + + ] + } + ] + }, "delete": { "tags": [ "admin" ], - "summary": "Admin deletes executor configuration", - "description": "An administrator deletes an executor by removing the configuration entry identified by its uuid", - "operationId": "adminDeletesExecutorConfiguration", + "summary": "Admin deletes execution profile", + "description": "An administrator deletes execution profile", + "operationId": "adminDeletesExecutionProfile", "parameters": [ { - "name": "uuid", + "name": "profileId", "in": "path", - "description": "The configuration uuid", + "description": "The profile id", "required": true, "schema": { "type": "string" @@ -1136,19 +1469,28 @@ ] } }, - "/api/admin/config/mapping/{mappingId}": { - "get": { + "/api/admin/config/execution/profile/{profileId}/project/{projectId}": { + "post": { "tags": [ "admin" ], - "summary": "Admin fetches mapping configuration", - "description": "An administrator fetches mapping configuration by its ID.", - "operationId": "adminFetchesMappingConfiguration", + "summary": "Admin assigns execution profile to project", + "description": "An administrator assigns an execution profile to an existing project", + "operationId": "adminAssignsExecutionProfileToProject", "parameters": [ { - "name": "mappingId", + "name": "profileId", "in": "path", - "description": "The mapping Id", + "description": "The profile id", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "projectId", + "in": "path", + "description": "The project id ", "required": true, "schema": { "type": "string" @@ -1156,15 +1498,8 @@ } ], "responses": { - "200": { - "description": "200", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/MappingConfiguration" - } - } - } + "201": { + "description": "201" } }, "security": [ @@ -1175,33 +1510,33 @@ } ] }, - "put": { + "delete": { "tags": [ "admin" ], - "summary": "Admin updates mapping configuration", - "description": "An administrator changes mapping configuration. Mappings represents a generic mechanism to replace a given string, matched by configured regular expression pattern with a replacement string. Some of the mappings are used for adapter behaviour.", - "operationId": "adminUpdatesMappingConfiguration", + "summary": "Admin unassigns execution profile from project", + "description": "An administrator unassigns an execution profile from a projects.", + "operationId": "adminUnassignsExecutionProfileFromProject", "parameters": [ { - "name": "mappingId", + "name": "profileId", + "in": "path", + "description": "The profile id", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "projectId", "in": "path", - "description": "The mappingID, identifiying which mapping shall be updated", + "description": "The project id ", "required": true, "schema": { "type": "string" } } ], - "requestBody": { - "content": { - "application/json;charset=UTF-8": { - "schema": { - "$ref": "#/components/schemas/MappingConfiguration" - } - } - } - }, "responses": { "200": { "description": "200" @@ -1216,28 +1551,24 @@ ] } }, - "/api/admin/jobs/cancel/{jobUUID}": { - "post": { + "/api/admin/config/execution/profiles": { + "get": { "tags": [ "admin" ], - "summary": "Admin cancels a job", - "description": "Administrator does cancel a job by its Job UUID", - "operationId": "adminCancelsJob", - "parameters": [ - { - "name": "jobUUID", - "in": "path", - "description": "The job UUID", - "required": true, - "schema": { - "type": "string" - } - } - ], + "summary": "Admin fetches execution profile list", + "description": "An administrator fetches execution profile list", + "operationId": "adminFetchesExecutionProfileList", "responses": { "200": { - "description": "200" + "description": "200", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ListOfExecutionProfiles" + } + } + } } }, "security": [ @@ -1249,28 +1580,33 @@ ] } }, - "/api/admin/jobs/restart-hard/{jobUUID}": { + "/api/admin/config/executor": { "post": { "tags": [ "admin" ], - "summary": "Admin restarts a job (hard)", - "description": "Admin restarts a job (hard)", - "operationId": "adminRestartsJobHard", - "parameters": [ - { - "name": "jobUUID", - "in": "path", - "description": "The job UUID", - "required": true, - "schema": { - "type": "string" + "summary": "Admin creates an executor configuration", + "description": "An administrator creates an executor a new configuration entry.", + "operationId": "adminCreatesExecutorConfiguration", + "requestBody": { + "content": { + "application/json;charset=UTF-8": { + "schema": { + "$ref": "#/components/schemas/ExecutorConfiguration" + } } } - ], + }, "responses": { - "200": { - "description": "200" + "201": { + "description": "201", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ExecutorConfigurationId" + } + } + } } }, "security": [ @@ -1282,19 +1618,19 @@ ] } }, - "/api/admin/jobs/restart/{jobUUID}": { - "post": { + "/api/admin/config/executor/{uuid}": { + "get": { "tags": [ "admin" ], - "summary": "Admin restarts a job", - "description": "Admin restarts a job", - "operationId": "adminRestartsJob", + "summary": "Admin fetches executor configuration", + "description": "An administrator fetches one explicit executor configuration by its uuid.", + "operationId": "adminFetchesExecutorConfiguration", "parameters": [ { - "name": "jobUUID", + "name": "uuid", "in": "path", - "description": "The job UUID", + "description": "The configuration uuid", "required": true, "schema": { "type": "string" @@ -1303,7 +1639,14 @@ ], "responses": { "200": { - "description": "200" + "description": "200", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ExecutorConfigurationWithUUID" + } + } + } } }, "security": [ @@ -1313,21 +1656,19 @@ ] } ] - } - }, - "/api/admin/project/{projectId}/metadata": { - "post": { + }, + "put": { "tags": [ "admin" ], - "summary": "Update project metadata", - "description": "Update project metadata", - "operationId": "updateProjectMetaData", + "summary": "Admin updates executor configuration setup", + "description": "An administrator updateds dedicated executor configuration. The update does change description, enabled state and also used executors, but Will NOT change any associations between profile and projects.", + "operationId": "adminUpdatesExecutorConfig", "parameters": [ { - "name": "projectId", + "name": "uuid", "in": "path", - "description": "The id of the project for which metadata shall be updated", + "description": "The configuration uuid", "required": true, "schema": { "type": "string" @@ -1338,7 +1679,7 @@ "content": { "application/json;charset=UTF-8": { "schema": { - "$ref": "#/components/schemas/ProjectMetaData" + "$ref": "#/components/schemas/ExecutorConfiguration" } } } @@ -1355,36 +1696,25 @@ ] } ] - } - }, - "/api/admin/project/{projectId}/whitelist": { - "post": { + }, + "delete": { "tags": [ "admin" ], - "summary": "Update project whitelist", - "description": "Update project whitelist", - "operationId": "updateProjectWhitelist", + "summary": "Admin deletes executor configuration", + "description": "An administrator deletes an executor by removing the configuration entry identified by its uuid", + "operationId": "adminDeletesExecutorConfiguration", "parameters": [ { - "name": "projectId", + "name": "uuid", "in": "path", - "description": "The id of the project for which whitelist shall be updated", + "description": "The configuration uuid", "required": true, "schema": { "type": "string" } } ], - "requestBody": { - "content": { - "application/json;charset=UTF-8": { - "schema": { - "$ref": "#/components/schemas/ProjectWhitelistUpdate" - } - } - } - }, "responses": { "200": { "description": "200" @@ -1399,32 +1729,21 @@ ] } }, - "/api/admin/scan/download/{jobUUID}": { + "/api/admin/config/executors": { "get": { "tags": [ "admin" ], - "summary": "Admin downloads all details about a scan job", - "description": "An administrator downloads a ZIP file containing full details of a scan. Main reason for this use case is for debugging when there are problems with security products. Another reason is for developers to adopt new security products easier.", - "operationId": "adminDownloadsFullScanDataForJob", - "parameters": [ - { - "name": "jobUUID", - "in": "path", - "description": "The job UUID", - "required": true, - "schema": { - "type": "string" - } - } - ], + "summary": "Admin fetches executor configuration list", + "description": "An administrator fetches executor configuration list which contains all executor configurations", + "operationId": "adminFetchesExecutorConfigurationList", "responses": { "200": { "description": "200", "content": { - "application/zip": { + "application/json": { "schema": { - "$ref": "#/components/schemas/FullScanDataZIP" + "$ref": "#/components/schemas/ListOfExecutorConfigurations" } } } @@ -1439,17 +1758,35 @@ ] } }, - "/api/admin/scheduler/disable/job-processing": { - "post": { + "/api/admin/config/mapping/{mappingId}": { + "get": { "tags": [ "admin" ], - "summary": "Admin disables job processing in scheduler", - "description": "An administrator disables scheduler job processing. This can be a preparation for system wide update - when scheduling is stoped, user can ask for new SecHub Jobs etc. But as long as scheduler is stopped nothing is executed - so JVMs/PODs can be updated in cluster", - "operationId": "adminDisablesSchedulerJobProcessing", + "summary": "Admin fetches mapping configuration", + "description": "An administrator fetches mapping configuration by its ID.", + "operationId": "adminFetchesMappingConfiguration", + "parameters": [ + { + "name": "mappingId", + "in": "path", + "description": "The mapping Id", + "required": true, + "schema": { + "type": "string" + } + } + ], "responses": { - "202": { - "description": "202" + "200": { + "description": "200", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/MappingConfiguration" + } + } + } } }, "security": [ @@ -1459,19 +1796,37 @@ ] } ] - } - }, - "/api/admin/scheduler/enable/job-processing": { - "post": { + }, + "put": { "tags": [ "admin" ], - "summary": "Admin enables scheduler job processing", - "description": "An administrator starts scheduler job processing. This can be a necessary step after a system wide update where processing of jobs was stoped before.", - "operationId": "adminEnablesSchedulerJobProcessing", + "summary": "Admin updates mapping configuration", + "description": "An administrator changes mapping configuration. Mappings represents a generic mechanism to replace a given string, matched by configured regular expression pattern with a replacement string. Some of the mappings are used for adapter behaviour.", + "operationId": "adminUpdatesMappingConfiguration", + "parameters": [ + { + "name": "mappingId", + "in": "path", + "description": "The mappingID, identifiying which mapping shall be updated", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json;charset=UTF-8": { + "schema": { + "$ref": "#/components/schemas/MappingConfiguration" + } + } + } + }, "responses": { - "202": { - "description": "202" + "200": { + "description": "200" } }, "security": [ @@ -1483,17 +1838,24 @@ ] } }, - "/api/admin/scheduler/status/refresh": { - "post": { + "/api/admin/info/version": { + "get": { "tags": [ "admin" ], - "summary": "Admin get scheduler status", - "description": "An administrator wants to update information about scheduler status", - "operationId": "adminTriggersRefreshOfSchedulerStatus", + "summary": "Admin checks server version", + "description": "An administrator checks the current SecHub server version. Only administrators are able to check the server version, because knowing the exact server version makes it easier for penetration tester or attacker to attack the system.", + "operationId": "adminChecksServerVersion", "responses": { - "202": { - "description": "202" + "200": { + "description": "200", + "content": { + "text/plain;charset=UTF-8": { + "schema": { + "$ref": "#/components/schemas/ServerVersion" + } + } + } } }, "security": [ @@ -1505,19 +1867,19 @@ ] } }, - "/api/admin/signup/accept/{userId}": { + "/api/admin/jobs/cancel/{jobUUID}": { "post": { "tags": [ "admin" ], - "summary": "Admin applies self registration", - "description": "In this usecase the administrator will accept the self registration done by an user.", - "operationId": "adminAcceptsSignup", + "summary": "Admin cancels a job", + "description": "Administrator does cancel a job by its Job UUID", + "operationId": "adminCancelsJob", "parameters": [ { - "name": "userId", + "name": "jobUUID", "in": "path", - "description": "The userId of the signup which shall be accepted", + "description": "The job UUID", "required": true, "schema": { "type": "string" @@ -1525,8 +1887,8 @@ } ], "responses": { - "201": { - "description": "201" + "200": { + "description": "200" } }, "security": [ @@ -1538,19 +1900,19 @@ ] } }, - "/api/anonymous/refresh/apitoken/{emailAddress}": { + "/api/admin/jobs/restart-hard/{jobUUID}": { "post": { "tags": [ - "anonymous" + "admin" ], - "summary": "User requests new API token", - "description": "User requests new API token", - "operationId": "userRequestsNewApiToken", + "summary": "Admin restarts a job (hard)", + "description": "Admin restarts a job (hard)", + "operationId": "adminRestartsJobHard", "parameters": [ { - "name": "emailAddress", + "name": "jobUUID", "in": "path", - "description": "Email address for user where api token shall be refreshed.", + "description": "The job UUID", "required": true, "schema": { "type": "string" @@ -1561,31 +1923,29 @@ "200": { "description": "200" } - } + }, + "security": [ + { + "basic": [ + + ] + } + ] } }, - "/api/project/{projectId}/job/{jobUUID}": { - "get": { + "/api/admin/jobs/restart/{jobUUID}": { + "post": { "tags": [ - "project" + "admin" ], - "summary": "User checks sechub job state", - "description": "User checks sechub job state", - "operationId": "userChecksJobStatus", + "summary": "Admin restarts a job", + "description": "Admin restarts a job", + "operationId": "adminRestartsJob", "parameters": [ - { - "name": "projectId", - "in": "path", - "description": "The id of the project where sechub job was started for", - "required": true, - "schema": { - "type": "string" - } - }, { "name": "jobUUID", "in": "path", - "description": "The SecHub jobUUID. During the job creation this unique job identifier is automatically generated by SecHub.", + "description": "The job UUID", "required": true, "schema": { "type": "string" @@ -1594,58 +1954,33 @@ ], "responses": { "200": { - "description": "200", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/JobStatus" - } - } - } + "description": "200" } - } + }, + "security": [ + { + "basic": [ + + ] + } + ] } }, - "/api/project/{projectId}/report/{jobUUID}": { + "/api/admin/jobs/running": { "get": { "tags": [ - "project" - ], - "summary": "User downloads sechub job report", - "description": "User downloads sechub job report", - "operationId": "userDownloadsJobReport_", - "parameters": [ - { - "name": "projectId", - "in": "path", - "description": "The project Id", - "required": true, - "schema": { - "type": "string" - } - }, - { - "name": "jobUUID", - "in": "path", - "description": "The job UUID", - "required": true, - "schema": { - "type": "string" - } - } + "admin" ], + "summary": "Admin lists all running jobs", + "description": "Admin lists all running jobs", + "operationId": "adminListsAllRunningJobs", "responses": { "200": { "description": "200", "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/SecHubReport" - } - }, - "text/html;charset=UTF-8": { - "schema": { - "$ref": "#/components/schemas/SecHubReport" + "$ref": "#/components/schemas/ListOfRunningJobs" } } } @@ -1660,35 +1995,26 @@ ] } }, - "/api/admin/config/execution/profile/{profileId}": { - "get": { + "/api/admin/project": { + "post": { "tags": [ "admin" ], - "summary": "Admin fetches execution profile", - "description": "An administrator fetches details about an execution profile", - "operationId": "adminFetchesExecutionProfile", - "parameters": [ - { - "name": "profileId", - "in": "path", - "description": "The profile id", - "required": true, - "schema": { - "type": "string" + "summary": "Admin creates a project", + "description": "Admin creates a project", + "operationId": "adminCreatesProject", + "requestBody": { + "content": { + "application/json;charset=UTF-8": { + "schema": { + "$ref": "#/components/schemas/Project" + } } } - ], + }, "responses": { - "200": { - "description": "200", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/ExecutionProfileFetch" - } - } - } + "201": { + "description": "201" } }, "security": [ @@ -1698,37 +2024,37 @@ ] } ] - }, - "put": { + } + }, + "/api/admin/project/{projectId}": { + "get": { "tags": [ "admin" ], - "summary": "Admin updates execution profile", - "description": "An administrator updateds dedicated execution profile", - "operationId": "adminUpdatesExecutionProfile", + "summary": "Admin shows project details", + "description": "An administrator downloads a json file containing json with project details", + "operationId": "adminShowsProjectDetails", "parameters": [ { - "name": "profileId", + "name": "projectId", "in": "path", - "description": "The profile id", + "description": "The id for project to show details for", "required": true, "schema": { "type": "string" } } ], - "requestBody": { - "content": { - "application/json;charset=UTF-8": { - "schema": { - "$ref": "#/components/schemas/ExecutionProfileUpdate" - } - } - } - }, "responses": { "200": { - "description": "200" + "description": "200", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ProjectDetails" + } + } + } } }, "security": [ @@ -1743,14 +2069,14 @@ "tags": [ "admin" ], - "summary": "Admin creates an execution profile", - "description": "An administrator creates an execution profile", - "operationId": "adminCreatesExecutionProfile", + "summary": "Admin changes project description", + "description": "An administrator changes the project description", + "operationId": "adminChangesProjectDescription", "parameters": [ { - "name": "profileId", + "name": "projectId", "in": "path", - "description": "The profile id", + "description": "The id for project to change details for", "required": true, "schema": { "type": "string" @@ -1761,14 +2087,21 @@ "content": { "application/json;charset=UTF-8": { "schema": { - "$ref": "#/components/schemas/ExecutionProfileCreate" + "$ref": "#/components/schemas/api-admin-project-projectId-104816866" } } } }, "responses": { - "201": { - "description": "201" + "200": { + "description": "200", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ProjectDetails" + } + } + } } }, "security": [ @@ -1783,14 +2116,14 @@ "tags": [ "admin" ], - "summary": "Admin deletes execution profile", - "description": "An administrator deletes execution profile", - "operationId": "adminDeletesExecutionProfile", + "summary": "Admin deletes a project", + "description": "Admin deletes a project", + "operationId": "adminDeleteProject", "parameters": [ { - "name": "profileId", + "name": "projectId", "in": "path", - "description": "The profile id", + "description": "The id for project to delete", "required": true, "schema": { "type": "string" @@ -1912,15 +2245,57 @@ } }, { - "name": "userId", + "name": "userId", + "in": "path", + "description": "The user id of the user to unassign from project", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "200" + } + }, + "security": [ + { + "basic": [ + + ] + } + ] + } + }, + "/api/admin/project/{projectId}/metadata": { + "post": { + "tags": [ + "admin" + ], + "summary": "Update project metadata", + "description": "Update project metadata", + "operationId": "updateProjectMetaData", + "parameters": [ + { + "name": "projectId", "in": "path", - "description": "The user id of the user to unassign from project", + "description": "The id of the project for which metadata shall be updated", "required": true, "schema": { "type": "string" } } ], + "requestBody": { + "content": { + "application/json;charset=UTF-8": { + "schema": { + "$ref": "#/components/schemas/ProjectMetaData" + } + } + } + }, "responses": { "200": { "description": "200" @@ -2017,28 +2392,90 @@ ] } }, - "/api/admin/user/{userId}/email/{emailAddress}": { - "put": { + "/api/admin/project/{projectId}/whitelist": { + "post": { "tags": [ "admin" ], - "summary": "Admin updates user email address", - "description": "Admin updates user email address", - "operationId": "adminUpdatesUserEmailAddress", + "summary": "Update project whitelist", + "description": "Update project whitelist", + "operationId": "updateProjectWhitelist", "parameters": [ { - "name": "userId", + "name": "projectId", "in": "path", - "description": "The userId of the user whose email address will be changed", + "description": "The id of the project for which whitelist shall be updated", "required": true, "schema": { "type": "string" } - }, + } + ], + "requestBody": { + "content": { + "application/json;charset=UTF-8": { + "schema": { + "$ref": "#/components/schemas/ProjectWhitelistUpdate" + } + } + } + }, + "responses": { + "200": { + "description": "200" + } + }, + "security": [ { - "name": "emailAddress", + "basic": [ + + ] + } + ] + } + }, + "/api/admin/projects": { + "get": { + "tags": [ + "admin" + ], + "summary": "Admin lists all projects", + "description": "An administrator downloads a json file containing all project ids", + "operationId": "adminListsAllProjects", + "responses": { + "200": { + "description": "200", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ListOfProjects" + } + } + } + } + }, + "security": [ + { + "basic": [ + + ] + } + ] + } + }, + "/api/admin/scan/download/{jobUUID}": { + "get": { + "tags": [ + "admin" + ], + "summary": "Admin downloads all details about a scan job", + "description": "An administrator downloads a ZIP file containing full details of a scan. Main reason for this use case is for debugging when there are problems with security products. Another reason is for developers to adopt new security products easier.", + "operationId": "adminDownloadsFullScanDataForJob", + "parameters": [ + { + "name": "jobUUID", "in": "path", - "description": "The new email address", + "description": "The job UUID", "required": true, "schema": { "type": "string" @@ -2047,7 +2484,14 @@ ], "responses": { "200": { - "description": "200" + "description": "200", + "content": { + "application/zip": { + "schema": { + "$ref": "#/components/schemas/FullScanDataZIP" + } + } + } } }, "security": [ @@ -2059,19 +2503,85 @@ ] } }, - "/api/admin/user/{userId}/grant/superadmin": { + "/api/admin/scheduler/disable/job-processing": { "post": { "tags": [ "admin" ], - "summary": "Admin grants admin rights to user", - "description": "An administrator grants admin rights to another user. So this user will become also an administrator.", - "operationId": "adminGrantsAdminRightsToUser", + "summary": "Admin disables job processing in scheduler", + "description": "An administrator disables scheduler job processing. This can be a preparation for system wide update - when scheduling is stoped, user can ask for new SecHub Jobs etc. But as long as scheduler is stopped nothing is executed - so JVMs/PODs can be updated in cluster", + "operationId": "adminDisablesSchedulerJobProcessing", + "responses": { + "202": { + "description": "202" + } + }, + "security": [ + { + "basic": [ + + ] + } + ] + } + }, + "/api/admin/scheduler/enable/job-processing": { + "post": { + "tags": [ + "admin" + ], + "summary": "Admin enables scheduler job processing", + "description": "An administrator starts scheduler job processing. This can be a necessary step after a system wide update where processing of jobs was stoped before.", + "operationId": "adminEnablesSchedulerJobProcessing", + "responses": { + "202": { + "description": "202" + } + }, + "security": [ + { + "basic": [ + + ] + } + ] + } + }, + "/api/admin/scheduler/status/refresh": { + "post": { + "tags": [ + "admin" + ], + "summary": "Admin get scheduler status", + "description": "An administrator wants to update information about scheduler status", + "operationId": "adminTriggersRefreshOfSchedulerStatus", + "responses": { + "202": { + "description": "202" + } + }, + "security": [ + { + "basic": [ + + ] + } + ] + } + }, + "/api/admin/signup/accept/{userId}": { + "post": { + "tags": [ + "admin" + ], + "summary": "Admin applies self registration", + "description": "In this usecase the administrator will accept the self registration done by an user.", + "operationId": "adminAcceptsSignup", "parameters": [ { "name": "userId", "in": "path", - "description": "The userId of the user who becomes admin", + "description": "The userId of the signup which shall be accepted", "required": true, "schema": { "type": "string" @@ -2079,8 +2589,8 @@ } ], "responses": { - "200": { - "description": "200" + "201": { + "description": "201" } }, "security": [ @@ -2092,19 +2602,19 @@ ] } }, - "/api/admin/user/{userId}/revoke/superadmin": { - "post": { + "/api/admin/signup/{userId}": { + "delete": { "tags": [ "admin" ], - "summary": "Admin revokes admin rights from an admin", - "description": "An administrator revokes existing admin rights from another administrator.", - "operationId": "adminRevokesAdminRightsFromAdmin", + "summary": "Admin deletes user signup", + "description": "In this usecase the administrator will not accept the self registration done by an user but delete the entry.", + "operationId": "adminDeletesSignup", "parameters": [ { "name": "userId", "in": "path", - "description": "The userId of the user who becomes admin", + "description": "The userId of the signup which shall be deleted", "required": true, "schema": { "type": "string" @@ -2125,37 +2635,86 @@ ] } }, - "/api/project/{projectId}/false-positive/{jobUUID}/{findingId}": { - "delete": { + "/api/admin/signups": { + "get": { + "tags": [ + "admin" + ], + "summary": "Admin lists open user signups", + "description": "In this usecase the administrator will list the currently unapplied user self registrations/signups.", + "operationId": "adminListsOpenUserSignups", + "responses": { + "200": { + "description": "200", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ListOfSignups" + } + } + } + } + }, + "security": [ + { + "basic": [ + + ] + } + ] + } + }, + "/api/admin/status": { + "get": { + "tags": [ + "admin" + ], + "summary": "Admin lists status information", + "description": "An administrator fetches current known status information about sechub", + "operationId": "adminListsStatusInformation", + "responses": { + "200": { + "description": "200", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/StatusInformation" + } + } + } + } + }, + "security": [ + { + "basic": [ + + ] + } + ] + } + }, + "/api/admin/user-by-email/{emailAddress}": { + "get": { "tags": [ - "project" + "admin" ], - "summary": "User unmarks existing false positive definitons", - "description": "User unmarks existing false positive definitons", - "operationId": "userUnmarksFalsePositives", + "summary": "Admin shows user details for email address", + "description": "An administrator fetches user details for an email address.", + "operationId": "adminShowsUserDetailsForEmailAddress", "parameters": [ { - "name": "projectId", - "in": "path", - "description": "The project id", - "required": true, - "schema": { - "type": "string" - } - }, - { - "name": "jobUUID", + "name": "emailAddress", "in": "path", - "description": "Job uuid", + "description": "The email address of user to show details for", "required": true, "schema": { "type": "string" } }, { - "name": "findingId", - "in": "path", - "description": "Finding id - in combination with job UUID this defines the false positive to remove", + "name": "Authorization", + "in": "header", + "description": "Basic authentication credentials", "required": true, "schema": { "type": "string" @@ -2164,7 +2723,14 @@ ], "responses": { "200": { - "description": "200" + "description": "200", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/UserDetails" + } + } + } } }, "security": [ @@ -2176,28 +2742,19 @@ ] } }, - "/api/project/{projectId}/job/{jobUUID}/approve": { - "put": { + "/api/admin/user/{userId}": { + "get": { "tags": [ - "project" + "admin" ], - "summary": "User approves sechub job", - "description": "User approves sechub job", - "operationId": "userApprovesJob", + "summary": "Admin shows user details", + "description": "An administrator downloads a json file containing json containing user details", + "operationId": "adminShowsUserDetails", "parameters": [ { - "name": "projectId", - "in": "path", - "description": "The id of the project where sechub job shall be approved", - "required": true, - "schema": { - "type": "string" - } - }, - { - "name": "jobUUID", + "name": "userId", "in": "path", - "description": "The SecHub jobUUID. During the job creation this unique job identifier is automatically generated by SecHub.", + "description": "The user id of user to show details for", "required": true, "schema": { "type": "string" @@ -2206,95 +2763,36 @@ ], "responses": { "200": { - "description": "200" - } - } - } - }, - "/api/project/{projectId}/job/{jobUUID}/binaries": { - "post": { - "tags": [ - "project" - ], - "summary": "User uploads binaries", - "description": "User uploads binaries", - "operationId": "userUploadsBinaries", - "parameters": [ - { - "name": "projectId", - "in": "path", - "description": "The id of the project for which the binaries are uploaded for", - "required": true, - "schema": { - "type": "string" - } - }, - { - "name": "jobUUID", - "in": "path", - "description": "The SecHub jobUUID. During the job creation this unique job identifier is automatically generated by SecHub.", - "required": true, - "schema": { - "type": "string" - } - }, - { - "name": "checkSum", - "in": "query", - "description": "A sha256 checksum for file upload validation", - "required": true, - "schema": { - "type": "string" - } - }, - { - "name": "x-file-size", - "in": "header", - "description": "The file size of the tar-archive to upload in bytes. Needs to be a positive integer value.", - "required": true, - "schema": { - "type": "string" + "description": "200", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/UserDetails" + } + } } } - ], - "responses": { - "200": { - "description": "200" + }, + "security": [ + { + "basic": [ + + ] } - } - } - }, - "/api/project/{projectId}/job/{jobUUID}/sourcecode": { - "post": { + ] + }, + "delete": { "tags": [ - "project" + "admin" ], - "summary": "User uploads source code", - "description": "User uploads source code", - "operationId": "userUploadsSourceCode", + "summary": "Admin deletes a user", + "description": "Admin deletes a user", + "operationId": "adminDeletesUser", "parameters": [ { - "name": "projectId", - "in": "path", - "description": "The id of the project where sourcecode shall be uploaded for", - "required": true, - "schema": { - "type": "string" - } - }, - { - "name": "jobUUID", + "name": "userId", "in": "path", - "description": "The SecHub jobUUID. During the job creation this unique job identifier is automatically generated by SecHub.", - "required": true, - "schema": { - "type": "string" - } - }, - { - "name": "checkSum", - "in": "query", - "description": "A sha256 checksum for file upload validation", + "description": "The userId of the user who shall be deleted", "required": true, "schema": { "type": "string" @@ -2305,31 +2803,38 @@ "200": { "description": "200" } - } + }, + "security": [ + { + "basic": [ + + ] + } + ] } }, - "/api/project/{projectId}/report/spdx/{jobUUID}": { - "get": { + "/api/admin/user/{userId}/email/{emailAddress}": { + "put": { "tags": [ - "project" + "admin" ], - "summary": "User downloads job report in SPDX format", - "description": "User downloads job report in SPDX format", - "operationId": "userDownloadsSpdxJobReport_json", + "summary": "Admin updates user email address", + "description": "Admin updates user email address", + "operationId": "adminUpdatesUserEmailAddress", "parameters": [ { - "name": "projectId", + "name": "userId", "in": "path", - "description": "The project Id", + "description": "The userId of the user whose email adress will be changed", "required": true, "schema": { "type": "string" } }, { - "name": "jobUUID", + "name": "emailAddress", "in": "path", - "description": "The job UUID", + "description": "The new email address", "required": true, "schema": { "type": "string" @@ -2338,14 +2843,7 @@ ], "responses": { "200": { - "description": "200", - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/SecHubReport" - } - } - } + "description": "200" } }, "security": [ @@ -2357,28 +2855,19 @@ ] } }, - "/api/admin/config/execution/profile/{profileId}/project/{projectId}": { + "/api/admin/user/{userId}/grant/superadmin": { "post": { "tags": [ "admin" ], - "summary": "Admin assigns execution profile to project", - "description": "An administrator assigns an execution profile to an existing project", - "operationId": "adminAssignsExecutionProfileToProject", + "summary": "Admin grants admin rights to user", + "description": "An administrator grants admin rights to another user. So this user will become also an administrator.", + "operationId": "adminGrantsAdminRightsToUser", "parameters": [ { - "name": "profileId", - "in": "path", - "description": "The profile id", - "required": true, - "schema": { - "type": "string" - } - }, - { - "name": "projectId", + "name": "userId", "in": "path", - "description": "The project id ", + "description": "The userId of the user who becomes admin", "required": true, "schema": { "type": "string" @@ -2386,8 +2875,8 @@ } ], "responses": { - "201": { - "description": "201" + "200": { + "description": "200" } }, "security": [ @@ -2397,28 +2886,21 @@ ] } ] - }, - "delete": { + } + }, + "/api/admin/user/{userId}/revoke/superadmin": { + "post": { "tags": [ "admin" ], - "summary": "Admin unassigns execution profile from project", - "description": "An administrator unassigns an execution profile from a projects.", - "operationId": "adminUnassignsExecutionProfileFromProject", + "summary": "Admin revokes admin rights from an admin", + "description": "An administrator revokes existing admin rights from another administrator.", + "operationId": "adminRevokesAdminRightsFromAdmin", "parameters": [ { - "name": "profileId", - "in": "path", - "description": "The profile id", - "required": true, - "schema": { - "type": "string" - } - }, - { - "name": "projectId", + "name": "userId", "in": "path", - "description": "The project id ", + "description": "The userId of the user who becomes admin", "required": true, "schema": { "type": "string" @@ -2438,1205 +2920,749 @@ } ] } - } - }, - "components": { - "schemas": { - "ListOfExecutorConfigurations": { - "title": "ListOfExecutorConfigurations", - "type": "object", - "properties": { - "type": { - "type": "string", - "description": "Always `executorConfigurationList` as an identifier for the list" - }, - "executorConfigurations": { - "type": "array", - "items": { - "type": "object", - "properties": { - "name": { - "type": "string", - "description": "The configuration name" - }, - "uuid": { - "type": "string", - "description": "The uuid of the configuration" - }, - "enabled": { - "type": "boolean", - "description": "Enabled state of configuration" - } - } - } - } - } - }, - "MappingConfiguration": { - "title": "MappingConfiguration", - "type": "object", - "properties": { - "entries": { - "type": "array", - "items": { - "type": "object", - "properties": { - "pattern": { - "type": "string", - "description": "Pattern" - }, - "comment": { - "type": "string", - "description": "Comment" - }, - "replacement": { - "type": "string", - "description": "Replacement" - } - } - } - } - } - }, - "ListOfUsers": { - "type": "array", - "description": "List of admin Ids", - "items": { - "type": "string" - } - }, - "UserDetails": { - "title": "UserDetails", - "type": "object", - "properties": { - "projects": { - "type": "array", - "description": "The projects the user has access to", - "items": { - "type": "string" - } - }, - "superAdmin": { - "type": "boolean", - "description": "True, when this user is a super administrator" - }, - "userId": { - "type": "string", - "description": "The name of the user" - }, - "email": { - "type": "string", - "description": "The mail address of the user" - }, - "ownedProjects": { - "type": "array", - "description": "The projects the user is owner of", - "items": { - "type": "string" - } - } - } - }, - "ListOfSignups": { - "title": "ListOfSignups", - "type": "array", - "description": "List of user signups", - "items": { - "type": "object", - "properties": { - "emailAddress": { - "type": "string", - "description": "The email address" - }, - "userId": { - "type": "string", - "description": "The user id" - } - }, - "description": "List of user signups" - } - }, - "Project": { - "title": "Project", - "type": "object", - "properties": { - "owner": { - "type": "string", - "description": "Username of the owner of this project. An owner is the person in charge" - }, - "metaData": { - "type": "object", - "properties": { - "*": { - "type": "string", - "description": "An arbitrary metadata key-value pair" - } - }, - "description": "An JSON object containing metadata key-value pairs defined for this project" - }, - "apiVersion": { - "type": "string", - "description": "The api version, currently only 1.0 is supported" - }, - "name": { - "type": "string", - "description": "Name of the project to create. Is also used as a unique ID!" - }, - "description": { - "type": "string", - "description": "The description of the project." - }, - "whiteList": { - "type": "object", - "properties": { - "uris": { - "type": "array", - "description": "All URIs used now for whitelisting. Former parts will be replaced completely!", - "items": { - "type": "string" + }, + "/api/admin/users": { + "get": { + "tags": [ + "admin" + ], + "summary": "Admin lists all users", + "description": "An administrator downloads a json file containing all user ids", + "operationId": "adminListsAllUsers", + "responses": { + "200": { + "description": "200", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ListOfUsers" } } } } - } - }, - "ExecutorConfigurationId": { - "title": "ExecutorConfigurationId", - "type": "object" - }, - "UserSignup": { - "title": "UserSignup", - "type": "object", - "properties": { - "emailAddress": { - "type": "string", - "description": "Email address" - }, - "apiVersion": { - "type": "string", - "description": "The api version, currently only 1.0 is supported" - }, - "userId": { - "type": "string", - "description": "Wanted userid, the userid must be lowercase only!" - } - } - }, - "ProjectJobList": { - "title": "ProjectJobList", - "type": "object", - "properties": { - "totalPages": { - "type": "number", - "description": "The total pages available" - }, - "page": { - "type": "number", - "description": "The page number" - }, - "content": { - "type": "array", - "items": { - "type": "object", - "properties": { - "executedBy": { - "type": "string", - "description": "User who initiated the job" - }, - "metaData": { - "type": "object", - "properties": { - "*": { - "type": "object", - "description": "Meta data of job - but only contained in result, when query parameter `withMetaData` is defined as 'true'." - } - } - }, - "jobUUID": { - "type": "string", - "description": "The job uuid" - }, - "created": { - "type": "string", - "description": "Creation timestamp of job" - }, - "executionResult": { - "type": "string", - "description": "Execution result of job" - }, - "executionState": { - "type": "string", - "description": "Execution state of job" - }, - "ended": { - "type": "string", - "description": "End timestamp of job execution" - }, - "started": { - "type": "string", - "description": "Start timestamp of job execution" - }, - "trafficLight": { - "type": "string", - "description": "Trafficlight of job - but only available when job has been done. Possible states are GREEN, YELLOW, RED, OFF" - } - } + }, + "security": [ + { + "basic": [ + + ] + } + ] + } + }, + "/api/anonymous/apitoken/{oneTimeToken}": { + "get": { + "tags": [ + "anonymous" + ], + "summary": "User clicks link to get new api token", + "description": "User clicks link to get new api token", + "operationId": "userClicksLinkToGetNewAPIToken", + "parameters": [ + { + "name": "oneTimeToken", + "in": "path", + "description": "A one time token the user has got by a previous mail from sechub server", + "required": true, + "schema": { + "type": "string" } } + ], + "responses": { + "200": { + "description": "200" + } + } + } + }, + "/api/anonymous/check/alive": { + "get": { + "tags": [ + "anonymous" + ], + "summary": "Check if the server is alive and running.", + "description": "An anonymous user or system wants to know if the server is alive and running.", + "operationId": "anonymousCheckAlive_get", + "responses": { + "200": { + "description": "200" + } } }, - "ExecutorConfiguration": { - "title": "ExecutorConfiguration", - "type": "object", - "properties": { - "productIdentifier": { - "type": "string", - "description": "Executor product identifier" - }, - "name": { - "type": "string", - "description": "The name of this configuration" - }, - "setup": { - "type": "object", - "properties": { - "baseURL": { - "type": "string", - "description": "Base URL to the product" - }, - "credentials": { - "type": "object", - "properties": { - "password": { - "type": "string", - "description": "Password, either plain (not recommended) or with env:VARIABLENAME, in last case the password will be from environment variable " - }, - "user": { - "type": "string", - "description": "User name, either plain (not recommended) or with env:VARIABLENAME, in last case the user name will be from environment variable " - } - } - }, - "jobParameters": { - "type": "array", - "items": { - "type": "object", - "properties": { - "value": { - "type": "string", - "description": "Job parameter value" - }, - "key": { - "type": "string", - "description": "Job parameter key" - } - } - } - } + "head": { + "tags": [ + "anonymous" + ], + "summary": "Check if the server is alive and running.", + "description": "An anonymous user or system wants to know if the server is alive and running.", + "operationId": "anonymousCheckAlive_head", + "responses": { + "200": { + "description": "200" + } + } + } + }, + "/api/anonymous/refresh/apitoken/{emailAddress}": { + "post": { + "tags": [ + "anonymous" + ], + "summary": "User requests new API token", + "description": "User requests new API token", + "operationId": "userRequestsNewApiToken", + "parameters": [ + { + "name": "emailAddress", + "in": "path", + "description": "Email address for user where api token shall be refreshed.", + "required": true, + "schema": { + "type": "string" } - }, - "executorVersion": { - "type": "number", - "description": "Executor version" - }, - "enabled": { - "type": "boolean", - "description": "Enabled state of executor, per default false" + } + ], + "responses": { + "200": { + "description": "200" } } - }, - "ProjectDetails": { - "title": "ProjectDetails", - "type": "object", - "properties": { - "owner": { - "type": "string", - "description": "Username of the owner of this project. An owner is the person in charge." - }, - "metaData": { - "type": "object", - "properties": { - "key1": { - "type": "string", - "description": "An arbitrary metadata key" + } + }, + "/api/anonymous/signup": { + "post": { + "tags": [ + "anonymous" + ], + "summary": "User self registration", + "description": "User self registration", + "operationId": "userSignup", + "requestBody": { + "content": { + "application/json;charset=UTF-8": { + "schema": { + "$ref": "#/components/schemas/UserSignup" } - }, - "description": "An JSON object containing metadata key-value pairs defined for this project." - }, - "accessLevel": { - "type": "string", - "description": "The project access level" - }, - "description": { - "type": "string", - "description": "The project description." - }, - "whiteList": { - "type": "array", - "description": "A list of all whitelisted URIs. Only these ones can be scanned for the project!", - "items": { + } + } + }, + "responses": { + "200": { + "description": "200" + } + } + } + }, + "/api/project/{projectId}/false-positive/{jobUUID}/{findingId}": { + "delete": { + "tags": [ + "project" + ], + "summary": "User unmarks existing false positive definitons", + "description": "User unmarks existing false positive definitons", + "operationId": "userUnmarksFalsePositives", + "parameters": [ + { + "name": "projectId", + "in": "path", + "description": "The project id", + "required": true, + "schema": { "type": "string" } }, - "projectId": { - "type": "string", - "description": "The name of the project" + { + "name": "jobUUID", + "in": "path", + "description": "Job uuid", + "required": true, + "schema": { + "type": "string" + } }, - "users": { - "type": "array", - "description": "A list of all users having access to the project", - "items": { + { + "name": "findingId", + "in": "path", + "description": "Finding id - in combination with job UUID this defines the false positive to remove", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "200" + } + }, + "security": [ + { + "basic": [ + + ] + } + ] + } + }, + "/api/project/{projectId}/false-positives": { + "get": { + "tags": [ + "project" + ], + "summary": "User fetches false positive configuration of project", + "description": "User fetches false positive configuration of project", + "operationId": "userFetchesFalsePositiveConfigurationOfProject", + "parameters": [ + { + "name": "projectId", + "in": "path", + "description": "The project id", + "required": true, + "schema": { "type": "string" } } - } - }, - "MockDataConfiguration": { - "title": "MockDataConfiguration", - "type": "object" - }, - "ListOfExecutionProfiles": { - "title": "ListOfExecutionProfiles", - "type": "object", - "properties": { - "executionProfiles": { - "type": "array", - "items": { - "type": "object", - "properties": { - "description": { - "type": "string", - "description": "A profile description" - }, - "id": { - "type": "string", - "description": "The profile id" - }, - "enabled": { - "type": "boolean", - "description": "Enabled state of profile" + ], + "responses": { + "200": { + "description": "200", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/FalsePositives" } } } - }, - "type": { - "type": "string", - "description": "Always `executorProfileList` as an identifier for the list" } - } + }, + "security": [ + { + "basic": [ + + ] + } + ] }, - "ExecutionProfileUpdate": { - "title": "ExecutionProfileUpdate", - "type": "object", - "properties": { - "configurations": { - "type": "array", - "items": { - "type": "object", - "properties": { - "uuid": { - "type": "string", - "description": "Add uuid for configuration to use here" - } - } + "put": { + "tags": [ + "project" + ], + "summary": "User marks false positives for finished sechub job", + "description": "User marks false positives for finished sechub job", + "operationId": "userMarksFalsePositivesForJob", + "parameters": [ + { + "name": "projectId", + "in": "path", + "description": "The projectId of the project where users adds false positives for", + "required": true, + "schema": { + "type": "string" } - }, - "description": { - "type": "string", - "description": "A short description for the profile" - }, - "enabled": { - "type": "boolean", - "description": "Enabled state of profile, default is false" } - } - }, - "ExecutorConfigurationWithUUID": { - "title": "ExecutorConfigurationWithUUID", - "type": "object", - "properties": { - "productIdentifier": { - "type": "string", - "description": "Executor product identifier" - }, - "name": { - "type": "string", - "description": "The name of this configuration" - }, - "setup": { - "type": "object", - "properties": { - "baseURL": { - "type": "string", - "description": "Base URL to the product" - }, - "credentials": { - "type": "object", - "properties": { - "password": { - "type": "string", - "description": "Password, either plain (not recommended) or with env:VARIABLENAME, in last case the password will be from environment variable " - }, - "user": { - "type": "string", - "description": "User name, either plain (not recommended) or with env:VARIABLENAME, in last case the user name will be from environment variable " - } - } - }, - "jobParameters": { - "type": "array", - "items": { - "type": "object", - "properties": { - "value": { - "type": "string", - "description": "Job parameter value" - }, - "key": { - "type": "string", - "description": "Job parameter key" - } - } - } + ], + "requestBody": { + "content": { + "application/json;charset=UTF-8": { + "schema": { + "$ref": "#/components/schemas/FalsePositivesForJob" } } - }, - "executorVersion": { - "type": "number", - "description": "Executor version" - }, - "uuid": { - "type": "string", - "description": "The uuid of this configuration" - }, - "enabled": { - "type": "boolean", - "description": "Enabled state of executor" } - } - }, - "api-admin-project-projectId-104816866": { - "type": "object" - }, - "StatusInformation": { - "title": "StatusInformation", - "type": "array", - "items": { - "type": "object", - "properties": { - "value": { - "type": "string", - "description": "Status value" - }, - "key": { - "type": "string", - "description": "Status key identifier" + }, + "responses": { + "200": { + "description": "200" + } + }, + "security": [ + { + "basic": [ + + ] + } + ] + } + }, + "/api/project/{projectId}/job": { + "post": { + "tags": [ + "project" + ], + "summary": "User creates a new sechub job", + "description": "User creates a new sechub job", + "operationId": "userCreatesNewJob_", + "parameters": [ + { + "name": "projectId", + "in": "path", + "description": "The unique id of the project id where a new sechub job shall be created", + "required": true, + "schema": { + "type": "string" } } - } - }, - "FalsePositivesForJob": { - "title": "FalsePositivesForJob", - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "description": "The api version, currently only 1.0 is supported" - }, - "jobData": { - "type": "array", - "description": "Job data list containing false positive setup based on former jobs", - "items": { - "type": "object", - "properties": { - "jobUUID": { - "type": "string", - "description": "SecHub job uuid where finding was" - }, - "findingId": { - "type": "number", - "description": "SecHub finding identifier - identifies problem inside the job which shall be markeda as a false positive. *ATTENTION*: at the moment only code scan false positive handling is supported. Infra and web scan findings will lead to a non accepted error!" - }, - "comment": { - "type": "string", - "description": "A comment describing why this is a false positive" + ], + "requestBody": { + "content": { + "application/json;charset=UTF-8": { + "schema": { + "$ref": "#/components/schemas/ScanJob" + } + } + } + }, + "responses": { + "200": { + "description": "200", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/JobId" } } } + } + } + } + }, + "/api/project/{projectId}/job/{jobUUID}": { + "get": { + "tags": [ + "project" + ], + "summary": "User checks sechub job state", + "description": "User checks sechub job state", + "operationId": "userChecksJobStatus", + "parameters": [ + { + "name": "projectId", + "in": "path", + "description": "The id of the project where sechub job was started for", + "required": true, + "schema": { + "type": "string" + } }, - "type": { - "type": "string", - "description": "The type of the json content. Currently only accepted value is 'falsePositiveJobDataList'." + { + "name": "jobUUID", + "in": "path", + "description": "The SecHub jobUUID. During the job creation this unique job identifier is automatically generated by SecHub.", + "required": true, + "schema": { + "type": "string" + } } - } - }, - "FalsePositives": { - "title": "FalsePositives", - "type": "object", - "properties": { - "falsePositives": { - "type": "array", - "description": "Job data list containing false positive setup based on former jobs", - "items": { - "type": "object", - "properties": { - "metaData": { - "type": "object", - "properties": { - "severity": { - "type": "string", - "description": "Severity of origin report entry marked as false positive" - }, - "code": { - "type": "object", - "properties": { - "start": { - "type": "object", - "properties": { - "sourceCode": { - "type": "string", - "description": "source code" - }, - "relevantPart": { - "type": "string", - "description": "relevant part of source vulnerability" - }, - "location": { - "type": "string", - "description": "location of code" - } - }, - "description": "entry point" - }, - "end": { - "type": "object", - "properties": { - "sourceCode": { - "type": "string", - "description": "source code" - }, - "relevantPart": { - "type": "string", - "description": "relevant part of source vulnerability" - }, - "location": { - "type": "string", - "description": "location of code" - } - }, - "description": "end point (sink)" - } - }, - "description": "Code part. Only available for scan type 'codeScan'" - }, - "owasp": { - "type": "string", - "description": "OWASP At least this field must be set for web scans when no cwe identifier is defined." - }, - "cweId": { - "type": "number", - "description": "CWE (common weakness enumeration). For code scans this is always set." - }, - "cveId": { - "type": "string", - "description": "CVE (common vulnerability and exposures). For infra scans this is always set." - }, - "name": { - "type": "string", - "description": "Name of origin finding marked as false positive" - }, - "scanType": { - "type": "string", - "description": "Scan type - e.g. codeScan" - } - }, - "description": "Meta data for this false positive" - }, - "jobData": { - "type": "object", - "properties": { - "jobUUID": { - "type": "string", - "description": "SecHub job uuid where finding was" - }, - "findingId": { - "type": "number", - "description": "SecHub finding identifier - identifies problem inside the job which shall be markeda as a false positive. *ATTENTION*: at the moment only code scan false positive handling is supported. Infra and web scan findings will lead to a non accepted error!" - }, - "comment": { - "type": "string", - "description": "A comment from author describing why this was marked as a false positive" - } - }, - "description": "Job data parts, can be used as key to identify false positives" - }, - "created": { - "type": "string", - "description": "Creation timestamp" - }, - "author": { - "type": "string", - "description": "User id of author who created false positive" + ], + "responses": { + "200": { + "description": "200", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/JobStatus" } } } } } - }, - "ExecutionProfileFetch": { - "title": "ExecutionProfileFetch", - "type": "object", - "properties": { - "configurations": { - "type": "array", - "items": { - "type": "object", - "properties": { - "productIdentifier": { - "type": "string", - "description": "executed product" - }, - "name": { - "type": "string", - "description": "name of configuration" - }, - "executorVersion": { - "type": "number", - "description": "executor version" - }, - "uuid": { - "type": "string", - "description": "uuid of configuration" - }, - "enabled": { - "type": "boolean", - "description": "enabled state of this config" - } - } + } + }, + "/api/project/{projectId}/job/{jobUUID}/approve": { + "put": { + "tags": [ + "project" + ], + "summary": "User approves sechub job", + "description": "User approves sechub job", + "operationId": "userApprovesJob", + "parameters": [ + { + "name": "projectId", + "in": "path", + "description": "The id of the project where sechub job shall be approved", + "required": true, + "schema": { + "type": "string" } }, - "description": { - "type": "string", - "description": "A short description for the profile" + { + "name": "jobUUID", + "in": "path", + "description": "The SecHub jobUUID. During the job creation this unique job identifier is automatically generated by SecHub.", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "200" + } + } + } + }, + "/api/project/{projectId}/job/{jobUUID}/binaries": { + "post": { + "tags": [ + "project" + ], + "summary": "User uploads binaries", + "description": "User uploads binaries", + "operationId": "userUploadsBinaries", + "parameters": [ + { + "name": "projectId", + "in": "path", + "description": "The id of the project for which the binaries are uploaded for", + "required": true, + "schema": { + "type": "string" + } }, - "projectIds": { - "type": "array", - "description": "Projects can be linked by their ids here", - "items": { + { + "name": "jobUUID", + "in": "path", + "description": "The SecHub jobUUID. During the job creation this unique job identifier is automatically generated by SecHub.", + "required": true, + "schema": { "type": "string" } }, - "enabled": { - "type": "boolean", - "description": "Enabled state of profile, default is false" + { + "name": "checkSum", + "in": "query", + "description": "A sha256 checksum for file upload validation", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "x-file-size", + "in": "header", + "description": "The file size of the tar-archive to upload in bytes. Needs to be a positive integer value.", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "200" } } - }, - "FullScanDataZIP": { - "title": "FullScanDataZIP", - "type": "object" - }, - "ServerVersion": { - "title": "ServerVersion", - "type": "object" - }, - "ScanJob": { - "title": "ScanJob", - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "description": "The api version, currently only 1.0 is supported" - }, - "data": { - "type": "object", - "properties": { - "sources": { - "type": "array", - "items": { - "type": "object", - "properties": { - "fileSystem": { - "type": "object", - "properties": { - "folders": { - "type": "array", - "description": "Sources from given file system folders", - "items": { - "type": "string" - } - }, - "files": { - "type": "array", - "description": "Sources from given file system files", - "items": { - "type": "string" - } - } - } - }, - "name": { - "type": "string", - "description": "Unique reference name" - } - } - } - }, - "binaries": { - "type": "array", - "items": { - "type": "object", - "properties": { - "fileSystem": { - "type": "object", - "properties": { - "folders": { - "type": "array", - "description": "Binaries from given file system folders", - "items": { - "type": "string" - } - }, - "files": { - "type": "array", - "description": "Binaries from given file system files", - "items": { - "type": "string" - } - } - } - }, - "name": { - "type": "string", - "description": "Unique reference name" - } - } - } - } + } + }, + "/api/project/{projectId}/job/{jobUUID}/sourcecode": { + "post": { + "tags": [ + "project" + ], + "summary": "User uploads source code", + "description": "User uploads source code", + "operationId": "userUploadsSourceCode", + "parameters": [ + { + "name": "projectId", + "in": "path", + "description": "The id of the project where sourcecode shall be uploaded for", + "required": true, + "schema": { + "type": "string" } }, - "infraScan": { - "type": "object", - "properties": { - "uris": { - "type": "array", - "description": "Infrastructure URIs to scan for", - "items": { - "type": "string" - } - }, - "ips": { - "type": "array", - "description": "Infrastructure IPs to scan for", - "items": { - "type": "string" - } - } - }, - "description": "Infrastructure configuration block" - }, - "codeScan": { - "type": "object", - "properties": { - "fileSystem": { - "type": "object", - "properties": { - "folders": { - "type": "array", - "description": "Code scan sources from given file system folders", - "items": { - "type": "string" - } - }, - "files": { - "type": "array", - "description": "Code scan sources from given file system files", - "items": { - "type": "string" - } - } - } - }, - "use": { - "type": "array", - "description": "Referenced data configuration objects by their unique names", - "items": { - "type": "string" - } - } - }, - "description": "Code scan configuration block" + { + "name": "jobUUID", + "in": "path", + "description": "The SecHub jobUUID. During the job creation this unique job identifier is automatically generated by SecHub.", + "required": true, + "schema": { + "type": "string" + } }, - "webScan": { - "type": "object", - "properties": { - "headers": { - "type": "array", - "description": "List of HTTP headers. Can be used for authentication or anything else.", - "items": { - "type": "object", - "properties": { - "onlyForUrls": { - "type": "array", - "description": "Optional list of URLs this header shall be used for like: https://mywebapp.com/path/. Can contain wildcards like: https://mywebapp.com/path/<*>/with/wildcard", - "items": { - "type": "string" - } - }, - "name": { - "type": "string", - "description": "Name of the defined HTTP header." - }, - "sensitive": { - "type": "boolean", - "description": "Defines header masking. If 'true' the header value will be replaced with '********' inside the report, 'false' will show the value as is. Default is set to 'true'." - }, - "value": { - "type": "string", - "description": "Value of the defined HTTP header." - } - } - } - }, - "maxScanDuration": { - "type": "object", - "properties": { - "duration": { - "type": "number", - "description": "Duration of the scan as integer" - }, - "unit": { - "type": "string", - "description": "Unit of the duration. Possible values are: millisecond(s), second(s), minute(s), hour(s), day(s)" - } - } - }, - "clientCertificate": { - "type": "object", - "properties": { - "password": { - "type": "string", - "description": "Password the client certificate file is protected with" - }, - "use": { - "type": "array", - "description": "Reference to the data section containing the client certificate definition file. Always use 'sources' with a single 'file' instead 'folders'.", - "items": { - "type": "string" - } - } - } - }, - "excludes": { - "type": "array", - "description": "Exclude URL sub-paths to scan. Example: /admin", - "items": { - "type": "string" - } - }, - "includes": { - "type": "array", - "description": "Include URL sub-paths to scan. Example: /hidden", - "items": { - "type": "string" - } - }, - "api": { - "type": "object", - "properties": { - "use": { - "type": "array", - "description": "Reference to the data section containing the API definition files. Always use 'sources' with 'files' instead 'folders'.", - "items": { - "type": "string" - } - }, - "type": { - "type": "string", - "description": "Type of the API definition files that will be provided" - } + { + "name": "checkSum", + "in": "query", + "description": "A sha256 checksum for file upload validation", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "200" + } + } + } + }, + "/api/project/{projectId}/jobs": { + "get": { + "tags": [ + "project" + ], + "summary": "User lists jobs for project", + "description": "User lists jobs for project", + "operationId": "userListsJobsforProject", + "parameters": [ + { + "name": "projectId", + "in": "path", + "description": "The id of the project where job information shall be fetched for", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "size", + "in": "query", + "description": "The wanted (maximum) size for the result set. When not defined, the default will be 1.", + "required": false, + "schema": { + "type": "string" + } + }, + { + "name": "page", + "in": "query", + "description": "The wanted page number. When not defined, the default will be 0.", + "required": false, + "schema": { + "type": "string" + } + }, + { + "name": "metadata.labels.*", + "in": "query", + "description": "An optional dynamic query parameter to filter jobs by labels. The syntax is 'metadata.labels.${labelKey}=${labelValue}'.\n\nIt is possible to query for multiple labels (up to 10 ).\nThe filter works as an AND combination: Only jobs having all wanted label key value combinations are returned.", + "required": false, + "schema": { + "type": "string" + } + }, + { + "name": "withMetaData", + "in": "query", + "description": "An optional parameter to define if meta data shall be fetched as well. When not defined, the default will be false.", + "required": false, + "schema": { + "type": "string" + } + } + ], + "responses": { + "200": { + "description": "200", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/ProjectJobList" } - }, - "login": { - "type": "object", - "properties": { - "form": { - "type": "object", - "properties": { - "script": { - "type": "object", - "properties": { - "pages": { - "type": "array", - "items": { - "type": "object", - "properties": { - "actions": { - "type": "array", - "items": { - "type": "object", - "properties": { - "unit": { - "type": "string", - "description": "the time unit to wait: millisecond, second, minute, hour, day." - }, - "description": { - "type": "string", - "description": "description" - }, - "selector": { - "type": "string", - "description": "css selector" - }, - "type": { - "type": "string", - "description": "action type: username, password, input, click, wait" - }, - "value": { - "type": "string", - "description": "value" - } - } - } - } - } - } - } - }, - "description": "script" - } - }, - "description": "form login definition" - }, - "basic": { - "type": "object", - "properties": { - "password": { - "type": "string", - "description": "password" - }, - "user": { - "type": "string", - "description": "username" - } - }, - "description": "basic login definition" - }, - "url": { - "type": "string", - "description": "Login URL" - } - }, - "description": "Webscan login definition" - }, - "url": { - "type": "string", - "description": "Webscan URI to scan for" } - }, - "description": "Webscan configuration block" + } } } - }, - "JobId": { - "title": "JobId", - "type": "object", - "properties": { - "jobId": { - "type": "string", - "description": "A unique job id" + } + }, + "/api/project/{projectId}/mockdata": { + "get": { + "tags": [ + "project" + ], + "summary": "User retrieves mock data configuration for project", + "description": "User retrieves mock data configuration for project", + "operationId": "userRetrievesProjectMockdata", + "parameters": [ + { + "name": "projectId", + "in": "path", + "description": "", + "required": true, + "schema": { + "type": "string" + } } - } + ], + "responses": { + "200": { + "description": "200", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/MockDataConfiguration" + } + } + } + } + }, + "security": [ + { + "basic": [ + + ] + } + ] }, - "ExecutionProfileCreate": { - "title": "ExecutionProfileCreate", - "type": "object", - "properties": { - "configurations": { - "type": "array", - "description": "Configurations can be linked at creation time as well - see update description", - "items": { + "put": { + "tags": [ + "project" + ], + "summary": "User defines mock data configuration for project", + "description": "User defines mock data configuration for project", + "operationId": "userDefinesProjectMockdata", + "parameters": [ + { + "name": "projectId", + "in": "path", + "description": "", + "required": true, + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json;charset=UTF-8": { + "schema": { + "$ref": "#/components/schemas/MockDataConfiguration" + } + } + } + }, + "responses": { + "200": { + "description": "200" + } + }, + "security": [ + { + "basic": [ + + ] + } + ] + } + }, + "/api/project/{projectId}/report/spdx/{jobUUID}": { + "get": { + "tags": [ + "project" + ], + "summary": "User downloads job report in SPDX format", + "description": "User downloads job report in SPDX format", + "operationId": "userDownloadsSpdxJobReport_json", + "parameters": [ + { + "name": "projectId", + "in": "path", + "description": "The project Id", + "required": true, + "schema": { "type": "string" } }, - "description": { - "type": "string", - "description": "A short description for the profile" - }, - "projectIds": { - "type": "array", - "description": "Projects can be linked by their ids at creation time as well - see update description", - "items": { + { + "name": "jobUUID", + "in": "path", + "description": "The job UUID", + "required": true, + "schema": { "type": "string" } - }, - "enabled": { - "type": "boolean", - "description": "Enabled state of profile, default is false" } - } - }, - "ProjectWhitelistUpdate": { - "title": "ProjectWhitelistUpdate", - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "description": "The api version, currently only 1.0 is supported" - }, - "whiteList": { - "type": "object", - "properties": { - "uris": { - "type": "array", - "description": "All URIS used now for whitelisting. Former parts will be replaced completely!", - "items": { - "type": "string" + ], + "responses": { + "200": { + "description": "200", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/SecHubReport" } } } } - } - }, - "JobStatus": { - "title": "JobStatus", - "type": "object", - "properties": { - "result": { - "type": "string", - "description": "Result of job" - }, - "owner": { - "type": "string", - "description": "Owner / initiator of job" - }, - "jobUUID": { - "type": "string", - "description": "The job uuid" - }, - "created": { - "type": "string", - "description": "Creation timestamp of job" - }, - "ended": { - "type": "string", - "description": "End timestamp of job execution" - }, - "started": { - "type": "string", - "description": "Start timestamp of job execution" - }, - "state": { - "type": "string", - "description": "State of job" - }, - "trafficLight": { - "type": "string", - "description": "Trafficlight of job - but only available when job has been done. Possible states are GREEN, YELLOW, RED, OFF" + }, + "security": [ + { + "basic": [ + + ] } - } - }, - "ProjectMetaData": { - "title": "ProjectMetaData", - "type": "object", - "properties": { - "metaData": { - "type": "object", - "properties": { - "key1": { - "type": "string", - "description": "An arbitrary metadata key." - } - }, - "description": "Metadata object. Contains key-value pairs." + ] + } + }, + "/api/project/{projectId}/report/{jobUUID}": { + "get": { + "tags": [ + "project" + ], + "summary": "User downloads sechub job report", + "description": "User downloads sechub job report", + "operationId": "userDownloadsJobReport_", + "parameters": [ + { + "name": "projectId", + "in": "path", + "description": "The project Id", + "required": true, + "schema": { + "type": "string" + } }, - "apiVersion": { - "type": "string", - "description": "The api version, currently only 1.0 is supported" - } - } - }, - "ListOfRunningJobs": { - "title": "ListOfRunningJobs", - "type": "array", - "items": { - "type": "object", - "properties": { - "owner": { - "type": "string", - "description": "Owner of the job - means user which triggered it" - }, - "jobUUID": { - "type": "string", - "description": "The uuid of the running job" - }, - "configuration": { - "type": "string", - "description": "Configuration used for this job" - }, - "projectId": { - "type": "string", - "description": "The name of the project the job is running for" - }, - "since": { - "type": "string", - "description": "Timestamp since when job has been started" - }, - "status": { - "type": "string", - "description": "A status information " + { + "name": "jobUUID", + "in": "path", + "description": "The job UUID", + "required": true, + "schema": { + "type": "string" } } - } - }, - "ListOfProjects": { - "type": "array", - "description": "List of project Ids", - "items": { - "type": "string" - } - }, - "SecHubReport": { - "title": "SecHubReport", - "type": "object" - }, - "ProjectScanLogs": { - "title": "ProjectScanLogs", - "type": "array", - "description": "An array of scan log summary entries", - "items": { - "type": "object", - "properties": { - "executedBy": { - "type": "string", - "description": "The user id of the user which executed the scan" - }, - "sechubJobUUID": { - "type": "string", - "description": "The uuid of corresponding sechub Job." - }, - "ended": { - "type": "string", - "description": "The timestamp when the scan was ended" - }, - "started": { - "type": "string", - "description": "The timestamp when the scan was started" - }, - "status": { - "type": "string", - "description": "A status field about scan situation" + ], + "responses": { + "200": { + "description": "200", + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/SecHubReport" + } + }, + "text/html;charset=UTF-8": { + "schema": { + "$ref": "#/components/schemas/SecHubReport" + } + } } - }, - "description": "An array of scan log summary entries" - } - } - }, - "securitySchemes": { - "basic": { - "type": "http", - "scheme": "basic" + } + }, + "security": [ + { + "basic": [ + + ] + } + ] } } - } + }, + "servers": [ + { + "url": "https://localhost" + } + ], + "tags": [ + { + "name": "apiVersion", + "description": "1.0" + } + ] } \ No newline at end of file