Separate out printing statements with anlayzer logic for SourceGraph (#…

…3119) * Separated printing and analyzes functionality for sourcegraph * remove second call to fetch userinfo in sourcegraph.
trufflesecurity · Jul 31, 2024 · 6fccac7 · 6fccac7
1 parent b4b4eba
commit 6fccac7
Show file tree

Hide file tree

Showing 2 changed files with 37 additions and 23 deletions.
diff --git a/pkg/analyzer/analyzers/sourcegraph/sourcegraph.go b/pkg/analyzer/analyzers/sourcegraph/sourcegraph.go
@@ -4,6 +4,7 @@ package sourcegraph
 
 import (
 	"encoding/json"
+	"fmt"
 	"net/http"
 	"strings"
 
@@ -33,6 +34,11 @@ type UserInfoJSON struct {
 	} `json:"data"`
 }
 
+type SecretInfo struct {
+	User        UserInfoJSON
+	IsSiteAdmin bool
+}
+
 func getUserInfo(cfg *config.Config, key string) (UserInfoJSON, error) {
 	var userInfo UserInfoJSON
 
@@ -98,42 +104,50 @@ func checkSiteAdmin(cfg *config.Config, key string) (bool, error) {
 	return true, nil
 }
 
-func AnalyzePermissions(cfg *config.Config, key string) {
-
-	userInfo, err := getUserInfo(cfg, key)
-	if err != nil {
-		color.Red("Error: %s", err)
+func AnalyzeAndPrintPermissions(cfg *config.Config, key string) {
+	// ToDo: Add in logging
+	if cfg.LoggingEnabled {
+		color.Red("[x] Logging is not supported for this analyzer.")
 		return
 	}
 
-	// second call
-	userInfo, err = getUserInfo(cfg, key)
+	info, err := AnalyzePermissions(cfg, key)
 	if err != nil {
-		color.Red("Error: %s", err)
+		color.Red("[x] Error: %s", err.Error())
 		return
 	}
 
-	if userInfo.Data.CurrentUser.Username == "" {
-		color.Red("[x] Invalid Sourcegraph Access Token")
-		return
-	}
 	color.Green("[!] Valid Sourcegraph Access Token\n\n")
 	color.Yellow("[i] Sourcegraph User Information\n")
-	color.Green("Username: %s\n", userInfo.Data.CurrentUser.Username)
-	color.Green("Email: %s\n", userInfo.Data.CurrentUser.Email)
-	color.Green("Created At: %s\n\n", userInfo.Data.CurrentUser.CreatedAt)
-
-	isSiteAdmin, err := checkSiteAdmin(cfg, key)
-	if err != nil {
-		color.Red("Error: %s", err)
-		return
-	}
+	color.Green("Username: %s\n", info.User.Data.CurrentUser.Username)
+	color.Green("Email: %s\n", info.User.Data.CurrentUser.Email)
+	color.Green("Created At: %s\n\n", info.User.Data.CurrentUser.CreatedAt)
 
-	if isSiteAdmin {
+	if info.IsSiteAdmin {
 		color.Green("[!] Token Permissions: Site Admin")
 	} else {
 		// This is the default for all access tokens as of 6/11/24
 		color.Yellow("[i] Token Permissions: user:full (default)")
 	}
+}
+
+func AnalyzePermissions(cfg *config.Config, key string) (*SecretInfo, error) {
+	userInfo, err := getUserInfo(cfg, key)
+	if err != nil {
+		return nil, err
+	}
+
+	if userInfo.Data.CurrentUser.Username == "" {
+		return nil, fmt.Errorf("invalid Sourcegraph Access Token")
+	}
+
+	isSiteAdmin, err := checkSiteAdmin(cfg, key)
+	if err != nil {
+		return nil, err
+	}
 
+	return &SecretInfo{
+		User:        userInfo,
+		IsSiteAdmin: isSiteAdmin,
+	}, nil
 }
diff --git a/pkg/analyzer/cli.go b/pkg/analyzer/cli.go
@@ -239,7 +239,7 @@ func Run(cmd string) {
 		square.AnalyzeAndPrintPermissions(cfg, *squareKey)
 	case sourcegraphScan.FullCommand():
 		cfg.LogFile = analyzers.CreateLogFileName("sourcegraph")
-		sourcegraph.AnalyzePermissions(cfg, *sourcegraphKey)
+		sourcegraph.AnalyzeAndPrintPermissions(cfg, *sourcegraphKey)
 	case shopifyScan.FullCommand():
 		cfg.LogFile = analyzers.CreateLogFileName("shopify")
 		shopify.AnalyzeAndPrintPermissions(cfg, *shopifyKey, *shopifyStoreURL)