PowerShellForFOD

1.0.0.4

Public/Get-FODVulnerabilities.ps1

                                function Get-FODVulnerabilities {

    <#

    .SYNOPSIS

        Get information about FOD vulnerabilities.

    .DESCRIPTION

        Get information about FOD vulnerabilities.

    .PARAMETER ReleaseId    

        The Id of the Release to get vulnerabilities for.

    .PARAMETER Filters

        A delimited list of field filters.

    .PARAMETER OrderBy

        The field name to order the results by.

    .PARAMETER OrderByDirection

        The direction to order the results by. ASC and DESC are valid values.

    .PARAMETER Fields

        Comma separated list of fields to return.

    .PARAMETER ExcludeFilters

        Filter data should be excluded in the return value.

    .PARAMETER IncludeFixed

        Items that have been fixed should be included in the return value.

    .PARAMETER IncludeSuppressed

        items that have been suppressed should be included in the return value.

    .PARAMETER KeywordSearch

        Used for keyword searches.

    .PARAMETER Paging

        If specified, and more data is available after loading limit of vulnerabilities,

        continue querying FOD until we have retrieved all the data available.

    .PARAMETER Limit

        Limit the number of vulnerabilities returned to this number.

        Maximum value is 50.

        Default is 50.

    .PARAMETER Raw

        If specified, provide raw output and do not parse any responses.

    .PARAMETER Token

        FOD token to use.

        If empty, the value from PS4FOD will be used.

    .PARAMETER Proxy

        Proxy server to use.

        Default value is the value set by Set-FODConfig

    .EXAMPLE

        # Get all of the vulnerabilities for release id 1000 through Paging

        Get-FODVulnerabilities -Release Id 1000 -Paging

     .EXAMPLE

        # Get all vulnerabilities with "critical" or "high" severity for release id 1000

        Get-FODVulnerabilities -Release Id 1000 -Paging -Filters "severityString:Critical|High"

    .LINK

        https://api.ams.fortify.com/swagger/ui/index#!/Vulnerabilities/VulnerabilitiesV3_GetVulnerabilities

    .FUNCTIONALITY

        Fortify on Demand

    #>

    [CmdletBinding()]

    param (

        [Parameter(Mandatory)]

        [int]$ReleaseId,

        [string]$Filters,

        [string]$OrderBy,

        [string]$OrderByDirection,

        [string]$Fields,

        [switch]$ExcludeFilters,

        [switch]$IncludeFixed,

        [switch]$IncludeSuppressed,

        [string]$KeywordSearch,

        [switch]$Raw,

        [switch]$Paging,

        [int]$Limit = 50,

        [Parameter()]

        [ValidateNotNullOrEmpty()]

        [string]$Token = $Script:PS4FOD.Token,

        [Parameter()]

        [ValidateNotNullOrEmpty()]

        [string]$ApiUri = $Script:PS4FOD.ApiUri,

        [Parameter()]

        [ValidateNotNullOrEmpty()]

        [string]$Proxy = $Script:PS4FOD.Proxy,

        [switch]$ForceVerbose = $Script:PS4FOD.ForceVerbose

    )

    begin

    {

        $Params = @{}

        if ($Proxy) {

            $Params['Proxy'] = $Proxy

        }

        if ($ForceVerbose) {

            $Params.Add('ForceVerbose', $True)

            $VerbosePreference = "Continue"

        }

        Write-Verbose "Get-FODVulnerabilities Bound Parameters: $( $PSBoundParameters | Remove-SensitiveData | Out-String )"

        $Body = @{

            offset = 0

            limit = $Limit

        }

        if ($Filters) {

            $Body.Add("filters", $Filters)

        }

        if ($OrderBy) {

            $Body.Add("orderBy", $OrderBy)

        }

        if ($OrderByDirection) {

            if ($OrderByDirection -eq "ASC" -or $OrderByDirection -eq "DESC") {

                $Body.Add("orderByDirection", $OrderByDirection)

            } else {

                Write-Error "OrderBy can only be ASC or DESC."

                throw

            }

        }

        if ($Fields) {

            $Body.Add("fields", $Fields)

        }

        if ($ExcludeFilters) {

            $Body.Add("excludeFilters", "true")

        } else {

            #$Body.Add("excludeFilters", "false")

        }

        if ($IncludeFixed) {

            $Body.Add("includeFixed", "true")

        } else {

            #$Body.Add("includeFixed", "false")

        }

        if ($IncludeSuppressed) {

            $Body.Add("includeSuppressed", "true")

        } else {

            #$Body.Add("includeSuppressed", "false")

        }

        if ($KeywordSearch) {

            $Body.Add("keywordSearch", $KeywordSearch)

        }

        if ($Limit -gt 50) {

            Write-Error "Maximum value for Limit is 50."

            throw

        }

        $RawVulnerabilities = @()

        $HasMore = $false

        $TotalCount = 0

        $LoadedCount = 0

        $LoadLimit = $Limit

    }

    process

    {

        do {

            Write-Verbose "Send-FODApi -Method Get -Operation '/api/v3/releases/$ReleaseId/vulnerabilities'" #$Params

            $Response = Send-FODApi -Method Get -Operation "/api/v3/releases/$ReleaseId/vulnerabilities" -Body $Body @Params

            $TotalCount = $Response.totalCount

            if ($LoadedCount -lt ($TotalCount - $LoadLimit)) {

                $HasMore = $true

                $LoadedCount += $LoadLimit

                $Body.Remove("offset")

                $Body.Add("offset", $LoadedCount)

            } else {

                $HasMore = $false

            }

            $RawVulnerabilities += $Response.items

        } until (

        -not $Paging -or

                -not $HasMore

        )

        Write-Verbose "Loaded $LoadedCount vulnerabilities"

    }

    end {

        if ($Raw) {

            $RawVulnerabilities

        } else {

            Parse-FODVulnerability -InputObject $RawVulnerabilities

        }

    }

}