feat: fix custom detector bug related to data extraction from session…

… policy (#217)

* feat: add extract arguments for various node types

* fix: cookies tests

* fix: extract arguments for identifiers

* feat: refractor tests so it is clearer to read

* feat: add different tests for each use case

* feat: add support for hash assigments of strings key

* feat: add support for simple hash extraction

integration/custom_detectors/.snapshots/TestCustomDetectors-detect_rails_cookies

@@ -40,14 +40,6 @@ risks:
               parent:
                 line_number: 2
                 content: cookies.signed[:info] = user.email
-        - name: Physical Address
-          stored: false
-          locations:
-            - filename: testdata/ruby/detect_rails_cookies.rb
-              line_number: 3
-              parent:
-                line_number: 2
-                content: cookies.signed[:info] = user.email
 components: []
 
 

pkg/detectors/custom/.snapshots/TestInsecureCommunicationJSON

@@ -1,15 +1,15 @@
 [
- {
-  "type": "custom_risk",
-  "detector_type": "detect_rails_insecure_communication",
-  "source": {
-   "filename": "config.rb",
-   "language": "Ruby",
-   "language_type": "programming",
-   "line_number": 3,
-   "column_number": 1,
-   "text": "Rails.application.configure do\n  config.force_ssl = false\nend\n"
-  },
-  "value": null
- }
+	{
+		"type": "custom_risk",
+		"detector_type": "detect_rails_insecure_communication",
+		"source": {
+			"filename": "config.rb",
+			"language": "Ruby",
+			"language_type": "programming",
+			"line_number": 3,
+			"column_number": 1,
+			"text": "Rails.application.configure do\n  config.force_ssl = false\nend\n"
+		},
+		"value": null
+	}
 ]

pkg/detectors/custom/.snapshots/TestInsecureFTPJSON

@@ -1,34 +1,34 @@
 [
- {
-  "type": "custom_risk",
-  "detector_type": "detect_rails_insecure_ftp",
-  "source": {
-   "filename": "config.rb",
-   "language": "Ruby",
-   "language_type": "programming",
-   "line_number": 5,
-   "column_number": 7,
-   "text": "Net::FTP.new()\n"
-  },
-  "value": {
-   "line_number": 5,
-   "content": "Net::FTP.new(\"ftp.ruby-lang.org\")"
-  }
- },
- {
-  "type": "custom_risk",
-  "detector_type": "detect_rails_insecure_ftp",
-  "source": {
-   "filename": "config.rb",
-   "language": "Ruby",
-   "language_type": "programming",
-   "line_number": 12,
-   "column_number": 1,
-   "text": "Net::FTP.open()\n"
-  },
-  "value": {
-   "line_number": 12,
-   "content": "Net::FTP.open('example.com') do |ftp|\n  ftp.login\n  files = ftp.chdir('pub/lang/ruby/contrib')\n  files = ftp.list('n*')\n  ftp.getbinaryfile('nif.rb-0.91.gz', 'nif.gz', 1024)\nend"
-  }
- }
+	{
+		"type": "custom_risk",
+		"detector_type": "detect_rails_insecure_ftp",
+		"source": {
+			"filename": "config.rb",
+			"language": "Ruby",
+			"language_type": "programming",
+			"line_number": 5,
+			"column_number": 7,
+			"text": "Net::FTP.new()\n"
+		},
+		"value": {
+			"line_number": 5,
+			"content": "Net::FTP.new(\"ftp.ruby-lang.org\")"
+		}
+	},
+	{
+		"type": "custom_risk",
+		"detector_type": "detect_rails_insecure_ftp",
+		"source": {
+			"filename": "config.rb",
+			"language": "Ruby",
+			"language_type": "programming",
+			"line_number": 12,
+			"column_number": 1,
+			"text": "Net::FTP.open()\n"
+		},
+		"value": {
+			"line_number": 12,
+			"content": "Net::FTP.open('example.com') do |ftp|\n  ftp.login\n  files = ftp.chdir('pub/lang/ruby/contrib')\n  files = ftp.list('n*')\n  ftp.getbinaryfile('nif.rb-0.91.gz', 'nif.gz', 1024)\nend"
+		}
+	}
 ]

pkg/detectors/custom/.snapshots/TestInsecureSMTPJSON

@@ -1,28 +1,28 @@
 [
- {
-  "type": "custom_risk",
-  "detector_type": "detect_rails_insecure_smtp",
-  "source": {
-   "filename": "config.rb",
-   "language": "Ruby",
-   "language_type": "programming",
-   "line_number": 3,
-   "column_number": 1,
-   "text": "Rails.application.configure do\n  config.action_mailer.smtp_settings = {\n    openssl_verify_mode: OpenSSL::SSL::VERIFY_NONE\n  }\nend\n"
-  },
-  "value": null
- },
- {
-  "type": "custom_risk",
-  "detector_type": "detect_rails_insecure_smtp",
-  "source": {
-   "filename": "config.rb",
-   "language": "Ruby",
-   "language_type": "programming",
-   "line_number": 9,
-   "column_number": 1,
-   "text": "Rails.application.configure do\n  config.action_mailer.smtp_settings = {\n    openssl_verify_mode: \"none\"\n  }\nend\n"
-  },
-  "value": null
- }
+	{
+		"type": "custom_risk",
+		"detector_type": "detect_rails_insecure_smtp",
+		"source": {
+			"filename": "config.rb",
+			"language": "Ruby",
+			"language_type": "programming",
+			"line_number": 3,
+			"column_number": 1,
+			"text": "Rails.application.configure do\n  config.action_mailer.smtp_settings = {\n    openssl_verify_mode: OpenSSL::SSL::VERIFY_NONE\n  }\nend\n"
+		},
+		"value": null
+	},
+	{
+		"type": "custom_risk",
+		"detector_type": "detect_rails_insecure_smtp",
+		"source": {
+			"filename": "config.rb",
+			"language": "Ruby",
+			"language_type": "programming",
+			"line_number": 9,
+			"column_number": 1,
+			"text": "Rails.application.configure do\n  config.action_mailer.smtp_settings = {\n    openssl_verify_mode: \"none\"\n  }\nend\n"
+		},
+		"value": null
+	}
 ]

pkg/detectors/custom/.snapshots/TestRailSessionHashAssigmentJSON

@@ -0,0 +1,74 @@
+[
+	{
+		"type": "custom",
+		"detector_type": "detect_rails_session",
+		"source": {
+			"filename": "session.rb",
+			"language": "Ruby",
+			"language_type": "programming",
+			"line_number": 4,
+			"column_number": 9,
+			"text": null
+		},
+		"value": {
+			"object_name": "user",
+			"field_name": "first_name",
+			"field_type": "",
+			"field_type_simple": "unknown"
+		}
+	},
+	{
+		"type": "custom",
+		"detector_type": "detect_rails_session",
+		"source": {
+			"filename": "session.rb",
+			"language": "Ruby",
+			"language_type": "programming",
+			"line_number": 4,
+			"column_number": 29,
+			"text": null
+		},
+		"value": {
+			"object_name": "user",
+			"field_name": "last_name",
+			"field_type": "",
+			"field_type_simple": "unknown"
+		}
+	},
+	{
+		"type": "custom",
+		"detector_type": "detect_rails_session",
+		"source": {
+			"filename": "session.rb",
+			"language": "Ruby",
+			"language_type": "programming",
+			"line_number": 9,
+			"column_number": 10,
+			"text": null
+		},
+		"value": {
+			"object_name": "admin",
+			"field_name": "first_name",
+			"field_type": "",
+			"field_type_simple": "unknown"
+		}
+	},
+	{
+		"type": "custom",
+		"detector_type": "detect_rails_session",
+		"source": {
+			"filename": "session.rb",
+			"language": "Ruby",
+			"language_type": "programming",
+			"line_number": 9,
+			"column_number": 32,
+			"text": null
+		},
+		"value": {
+			"object_name": "admin",
+			"field_name": "last_name",
+			"field_type": "",
+			"field_type_simple": "unknown"
+		}
+	}
+]

pkg/detectors/custom/.snapshots/TestRailSessionHashJSON

@@ -0,0 +1,92 @@
+[
+	{
+		"type": "custom",
+		"detector_type": "detect_rails_session",
+		"source": {
+			"filename": "session.rb",
+			"language": "Ruby",
+			"language_type": "programming",
+			"line_number": 2,
+			"column_number": 27,
+			"text": null
+		},
+		"value": {
+			"object_name": "",
+			"field_name": "first_name",
+			"field_type": "",
+			"field_type_simple": "unknown"
+		}
+	},
+	{
+		"type": "custom",
+		"detector_type": "detect_rails_session",
+		"source": {
+			"filename": "session.rb",
+			"language": "Ruby",
+			"language_type": "programming",
+			"line_number": 2,
+			"column_number": 47,
+			"text": null
+		},
+		"value": {
+			"object_name": "",
+			"field_name": "last_name",
+			"field_type": "",
+			"field_type_simple": "unknown"
+		}
+	},
+	{
+		"type": "custom",
+		"detector_type": "detect_rails_session",
+		"source": {
+			"filename": "session.rb",
+			"language": "Ruby",
+			"language_type": "programming",
+			"line_number": 6,
+			"column_number": 27,
+			"text": null
+		},
+		"value": {
+			"object_name": "",
+			"field_name": "first_name",
+			"field_type": "",
+			"field_type_simple": "unknown"
+		}
+	},
+	{
+		"type": "custom",
+		"detector_type": "detect_rails_session",
+		"source": {
+			"filename": "session.rb",
+			"language": "Ruby",
+			"language_type": "programming",
+			"line_number": 6,
+			"column_number": 47,
+			"text": null
+		},
+		"value": {
+			"object_name": "",
+			"field_name": "last_name",
+			"field_type": "",
+			"field_type_simple": "unknown"
+		}
+	},
+	{
+		"type": "custom",
+		"detector_type": "detect_rails_session",
+		"source": {
+			"filename": "session.rb",
+			"language": "Ruby",
+			"language_type": "programming",
+			"line_number": 6,
+			"column_number": 66,
+			"text": null
+		},
+		"value": {
+			"object_name": "",
+			"field_name": "address",
+			"field_type": "",
+			"field_type_simple": "unknown"
+		}
+	}
+]

pkg/detectors/custom/.snapshots/TestRailsSessionsJSON → pkg/detectors/custom/.snapshots/TestRailsSessionsCallJSON

@@ -16,5 +16,23 @@
 			"field_type": "",
 			"field_type_simple": "unknown"
 		}
+	},
+	{
+		"type": "custom",
+		"detector_type": "detect_rails_session",
+		"source": {
+			"filename": "session.rb",
+			"language": "Ruby",
+			"language_type": "programming",
+			"line_number": 6,
+			"column_number": 14,
+			"text": null
+		},
+		"value": {
+			"object_name": "email",
+			"field_name": "domain",
+			"field_type": "",
+			"field_type_simple": "unknown"
+		}
 	}
 ]

pkg/detectors/custom/.snapshots/TestRailsSessionsIdentifierJSON

@@ -0,0 +1,38 @@
+[
+	{
+		"type": "custom",
+		"detector_type": "detect_rails_session",
+		"source": {
+			"filename": "session.rb",
+			"language": "Ruby",
+			"language_type": "programming",
+			"line_number": 5,
+			"column_number": 6,
+			"text": null
+		},
+		"value": {
+			"object_name": "user",
+			"field_name": "email",
+			"field_type": "",
+			"field_type_simple": "unknown"
+		}
+	},
+	{
+		"type": "custom",
+		"detector_type": "detect_rails_session",
+		"source": {
+			"filename": "session.rb",
+			"language": "Ruby",
+			"language_type": "programming",
+			"line_number": 5,
+			"column_number": 12,
+			"text": null
+		},
+		"value": {
+			"object_name": "email",
+			"field_name": "domain",
+			"field_type": "",
+			"field_type_simple": "unknown"
+		}
+	}
+]