swagger/scan/passive/
type_checks.rs1use super::*;
2pub trait PassiveTypeScan {
3 fn check_int_attrs(&self) -> Vec<Alert>;
4 fn check_str_attrs(&self) -> Vec<Alert>;
5 fn check_arr_attrs(&self) -> Vec<Alert>;
6 fn check_obj_attrs(&self) -> Vec<Alert>;
7}
8impl<T: OAS + Serialize> PassiveTypeScan for PassiveSwaggerScan<T> {
9 fn check_int_attrs(&self) -> Vec<Alert> {
10 let mut alerts = vec![];
11 let schemas = get_schemas_by_type(&self.swagger, &self.swagger_value, "integer");
12 for (schema, location) in schemas {
13 if schema.minimum.is_none() {
14 alerts.push(Alert::new(
15 Level::Low,
16 "Number schema without a minimum",
17 location.clone(),
18 ));
19 }
20 if schema.maximum.is_none() {
21 alerts.push(Alert::new(
22 Level::Low,
23 "Number schema without a maximum",
24 location,
25 ));
26 }
27 }
28 let schemas = get_schemas_by_type(&self.swagger, &self.swagger_value, "number");
29 for (schema, location) in schemas {
30 if schema.minimum.is_none() {
31 alerts.push(Alert::new(
32 Level::Low,
33 "Number schema without a minimum",
34 location.clone(),
35 ));
36 }
37 if schema.maximum.is_none() {
38 alerts.push(Alert::new(
39 Level::Low,
40 "Number schema without a maximum",
41 location,
42 ));
43 }
44 }
45 alerts
46 }
47 fn check_str_attrs(&self) -> Vec<Alert> {
48 let mut alerts = vec![];
49 let schemas = get_schemas_by_type(&self.swagger, &self.swagger_value, "string");
50 for (schema, location) in schemas {
51 if schema.min_length.is_none() {
52 alerts.push(Alert::new(
53 Level::Low,
54 "String schema without a minimum length",
55 location.clone(),
56 ));
57 }
58 if schema.max_length.is_none() {
59 alerts.push(Alert::new(
60 Level::Low,
61 "String schema without a maximum length",
62 location.clone(),
63 ));
64 }
65 if schema.pattern.is_none() {
66 alerts.push(Alert::new(
67 Level::Low,
68 "String schema without a pattern",
69 location,
70 ));
71 }
72 }
73 alerts
74 }
75 fn check_arr_attrs(&self) -> Vec<Alert> {
76 let mut alerts = vec![];
77 let schemas = get_schemas_by_type(&self.swagger, &self.swagger_value, "array");
78 for (schema, location) in schemas {
79 if schema.min_items.is_none() {
80 alerts.push(Alert::new(
81 Level::Info,
82 "Array schema without an item minimum",
83 location.clone(),
84 ));
85 }
86 if schema.max_items.is_none() {
87 alerts.push(Alert::new(
88 Level::Low,
89 "Array schema without an item maximum",
90 location,
91 ));
92 }
93 }
94 alerts
95 }
96 fn check_obj_attrs(&self) -> Vec<Alert> {
97 let mut alerts = vec![];
98 let schemas = get_schemas_by_type(&self.swagger, &self.swagger_value, "object");
99 for (schema, location) in schemas {
100 if schema.min_properties.is_none() {
101 alerts.push(Alert::new(
102 Level::Low,
103 "Object schema without minimum properties",
104 location.clone(),
105 ));
106 }
107 if schema.max_properties.is_none() {
108 alerts.push(Alert::new(
109 Level::Low,
110 "Object schema without maximum properties",
111 location.clone(),
112 ));
113 }
114 if schema.properties.is_none() {
115 alerts.push(Alert::new(
116 Level::Low,
117 "Object schema without properties",
118 location.clone(),
119 ));
120 } else if schema.properties.unwrap().is_empty() {
121 alerts.push(Alert::new(
122 Level::Low,
123 "Object schema without properties",
124 location,
125 ));
126 }
127 }
128 let schemas = get_schemas_by_type(&self.swagger, &self.swagger_value, "");
129 for (schema, location) in schemas {
130 if schema.min_properties.is_none() {
131 alerts.push(Alert::new(
132 Level::Low,
133 "Object schema without minimum properties",
134 location.clone(),
135 ));
136 }
137 if schema.max_properties.is_none() {
138 alerts.push(Alert::new(
139 Level::Low,
140 "Object schema without maximum properties",
141 location.clone(),
142 ));
143 }
144 if schema.properties.is_none() {
145 alerts.push(Alert::new(
146 Level::Low,
147 "Object schema without properties",
148 location.clone(),
149 ));
150 } else if schema.properties.unwrap().is_empty() {
151 alerts.push(Alert::new(
152 Level::Low,
153 "Object schema without properties",
154 location,
155 ));
156 }
157 }
158 alerts
159 }
160}