SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 11:55:40 +01:00
Code Issues Releases Activity Actions

Formatting permission check

Browse source
This commit is contained in:
JanHoefelmeyer 2023-06-21 16:21:23 +02:00
parent 248e0a52a4
commit d393a42d61
1 changed files with 11 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

28
cmd/csaf_checker/roliecheck.go
View file

@ -109,32 +109,24 @@ func (ca *rolieLabelChecker) check(
advisory, advisoryLabel, ca.feedURL, ca.feedLabel)
}
res, err := ca.basicClient.Get(advisory)
switch {
case advisoryRank == 1:
p.badWhitePermissions.use()
case advisoryRank > 2:
p.badAmberRedPermissions.use()
}
res, err := ca.basicClient.Get(advisory)
if err != nil {
switch {
case advisoryRank == 1:
p.badWhitePermissions.error("Unexpected Error %v when trying to fetch: %s", err, advisory)
case advisoryRank > 2:
p.badAmberRedPermissions.error("Unexpected Error %v when trying to fetch: %s", err, advisory)
}
}
switch res.StatusCode {
case http.StatusOK:
if advisoryRank > 2 {
p.badAmberRedPermissions.error("Advisory %s of TLP level %v is not properly access protected.", advisory, advisoryLabel)
}
case http.StatusForbidden:
if advisoryRank == 1 {
} else if res.StatusCode == http.StatusForbidden {
// TODO: Differentiate between error and warning based on whether the advisory appears in a not access protected location as well.
p.badWhitePermissions.warn("Advisory %s of TLP level WHITE is access protected.", advisory)
}
case advisoryRank > 2:
p.badAmberRedPermissions.use()
if err != nil {
p.badAmberRedPermissions.error("Unexpected Error %v when trying to fetch: %s", err, advisory)
} else if res.StatusCode == http.StatusOK {
p.badAmberRedPermissions.error("Advisory %s of TLP level %v is not properly access protected.", advisory, advisoryLabel)
}
}
}