pentest

package
v0.1.5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 9, 2026 License: GPL-3.0 Imports: 7 Imported by: 0

Documentation

Overview

Package pentest defines the Pentest Campaign Management domain types.

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrCampaignNotFound         = fmt.Errorf("%w: campaign not found", shared.ErrNotFound)
	ErrFindingNotFound          = fmt.Errorf("%w: finding not found", shared.ErrNotFound)
	ErrRetestNotFound           = fmt.Errorf("%w: retest not found", shared.ErrNotFound)
	ErrTemplateNotFound         = fmt.Errorf("%w: template not found", shared.ErrNotFound)
	ErrReportNotFound           = fmt.Errorf("%w: report not found", shared.ErrNotFound)
	ErrMemberNotFound           = fmt.Errorf("%w: campaign member not found", shared.ErrNotFound)
	ErrInvalidStatusTransition  = fmt.Errorf("%w: invalid status transition", shared.ErrValidation)
	ErrSystemTemplateReadOnly   = fmt.Errorf("%w: system templates cannot be modified", shared.ErrForbidden)
	ErrMemberAlreadyExists      = fmt.Errorf("%w: user is already a member of this campaign", shared.ErrConflict)
	ErrLastLead                 = fmt.Errorf("%w: campaign must have at least one lead", shared.ErrValidation)
	ErrLeadSelfRemove           = fmt.Errorf("%w: lead cannot remove self, assign another lead first", shared.ErrValidation)
	ErrCampaignLocked           = fmt.Errorf("%w: campaign is locked", shared.ErrForbidden)
	ErrCampaignOnHold           = fmt.Errorf("%w: campaign is on hold, cannot create new items", shared.ErrForbidden)
	ErrNotCampaignMember        = fmt.Errorf("%w: not found", shared.ErrNotFound) // 404 to avoid confirming existence
	ErrInsufficientCampaignRole = fmt.Errorf("%w: insufficient permissions for this campaign", shared.ErrForbidden)
	ErrFindingNotOwned          = fmt.Errorf("%w: insufficient permissions for this finding", shared.ErrForbidden)
	ErrAssignToObserver         = fmt.Errorf("%w: cannot assign to observer (read-only role)", shared.ErrValidation)
)
View Source 
var CampaignStatusTransitions = map[CampaignStatus][]CampaignStatus{
	CampaignStatusPlanning:   {CampaignStatusInProgress, CampaignStatusCanceled},
	CampaignStatusInProgress: {CampaignStatusOnHold, CampaignStatusCompleted, CampaignStatusCanceled},
	CampaignStatusOnHold:     {CampaignStatusInProgress, CampaignStatusCanceled},
	CampaignStatusCompleted:  {CampaignStatusInProgress},
	CampaignStatusCanceled:   {CampaignStatusPlanning},
}

CampaignStatusTransitions defines allowed status transitions.

View Source 
var FindingStatusTransitions = map[FindingStatus][]FindingStatus{
	FindingStatusDraft:         {FindingStatusInReview, FindingStatusConfirmed, FindingStatusFalsePositive, FindingStatusAcceptedRisk},
	FindingStatusInReview:      {FindingStatusConfirmed, FindingStatusFalsePositive, FindingStatusAcceptedRisk},
	FindingStatusConfirmed:     {FindingStatusRemediation, FindingStatusFalsePositive, FindingStatusAcceptedRisk},
	FindingStatusRemediation:   {FindingStatusRetest, FindingStatusFalsePositive, FindingStatusAcceptedRisk},
	FindingStatusRetest:        {FindingStatusVerified, FindingStatusRemediation, FindingStatusFalsePositive, FindingStatusAcceptedRisk},
	FindingStatusVerified:      {},
	FindingStatusFalsePositive: {FindingStatusDraft, FindingStatusConfirmed},
	FindingStatusAcceptedRisk:  {FindingStatusDraft, FindingStatusConfirmed},
}

FindingStatusTransitions defines allowed status transitions.

View Source 
var PentestStatusTransitionRoles = map[string][]CampaignRole{
	"draft->confirmed":            {CampaignRoleLead},
	"draft->in_review":            {CampaignRoleLead, CampaignRoleTester},
	"draft->false_positive":       {CampaignRoleLead},
	"draft->accepted_risk":        {CampaignRoleLead},
	"in_review->confirmed":        {CampaignRoleLead, CampaignRoleReviewer},
	"in_review->false_positive":   {CampaignRoleLead, CampaignRoleReviewer},
	"in_review->accepted_risk":    {CampaignRoleLead, CampaignRoleReviewer},
	"confirmed->remediation":      {CampaignRoleLead, CampaignRoleTester, CampaignRoleReviewer},
	"confirmed->false_positive":   {CampaignRoleLead, CampaignRoleReviewer},
	"confirmed->accepted_risk":    {CampaignRoleLead, CampaignRoleReviewer},
	"remediation->retest":         {CampaignRoleLead, CampaignRoleTester, CampaignRoleReviewer},
	"remediation->false_positive": {CampaignRoleLead, CampaignRoleReviewer},
	"remediation->accepted_risk":  {CampaignRoleLead, CampaignRoleReviewer},
	"retest->verified":            {CampaignRoleLead, CampaignRoleReviewer},
	"retest->remediation":         {CampaignRoleLead, CampaignRoleReviewer},
	"retest->false_positive":      {CampaignRoleLead, CampaignRoleReviewer},
	"retest->accepted_risk":       {CampaignRoleLead, CampaignRoleReviewer},
	"verified->remediation":       {CampaignRoleLead, CampaignRoleReviewer},
	"false_positive->draft":       {CampaignRoleLead, CampaignRoleReviewer},
	"false_positive->confirmed":   {CampaignRoleLead, CampaignRoleReviewer},
	"accepted_risk->draft":        {CampaignRoleLead, CampaignRoleReviewer},
	"accepted_risk->confirmed":    {CampaignRoleLead, CampaignRoleReviewer},
}

PentestStatusTransitionRoles maps "from->to" status transitions to allowed campaign roles.

Functions

func IsTransitionAllowedForRole added in v0.1.3 

func IsTransitionAllowedForRole(from, to string, role CampaignRole) bool

IsTransitionAllowedForRole checks if a status transition is allowed for the given campaign role.

func MapToCTEMStatus added in v0.1.3 

func MapToCTEMStatus(pentestStatus string) (mappedStatus string, excluded bool)

MapToCTEMStatus maps a pentest finding status to its CTEM dashboard equivalent. Returns the mapped status and whether it should be excluded from the dashboard.

func RequireCampaignWritable added in v0.1.3 

func RequireCampaignWritable(status CampaignStatus, allowExistingUpdates bool) error

RequireCampaignWritable checks if the campaign status allows writes. allowExistingUpdates: if true, on_hold allows updating existing items (but not creating new ones).

func RequireFindingOwnership added in v0.1.3 

func RequireFindingOwnership(createdBy, assignedTo *shared.ID, userID shared.ID, role CampaignRole, action string) error

RequireFindingOwnership checks if a user can perform an action on a finding based on ownership. createdBy and assignedTo are pointers (nil if user deleted or unassigned). Lead bypasses all ownership checks.

func ResolveRetestFindingStatus added in v0.1.3 

func ResolveRetestFindingStatus(retestResult string, role CampaignRole) string

ResolveRetestFindingStatus determines the finding status change after a retest, based on the retest result and the submitter's campaign role.

func ValidateAssigneeRole added in v0.1.3 

func ValidateAssigneeRole(role CampaignRole) error

ValidateAssigneeRole checks if a role is valid for finding assignment. Observers cannot be assigned findings (read-only role).

func ValidateFindingScope added in v0.1.3 

func ValidateFindingScope(scopeAssetIDs, scopeAssetGroupIDs []string, assetID string) string

ValidateFindingScope checks if an asset is within the campaign's defined scope. Returns a warning string if out of scope, empty string if in scope or no scope defined.

Types

type Campaign 

type Campaign struct {
	// contains filtered or unexported fields
}

Campaign represents a pentest campaign.

func NewCampaign 

func NewCampaign(tenantID shared.ID, name string, campaignType CampaignType, priority CampaignPriority) (*Campaign, error)

NewCampaign creates a new pentest campaign.

func ReconstituteCampaign 

func ReconstituteCampaign(
	id, tenantID shared.ID,
	name, description string,
	campaignType CampaignType, status CampaignStatus, priority CampaignPriority,
	scopeItems []map[string]any, rulesOfEngagement map[string]any,
	methodology string, startDate, endDate *time.Time,
	leadUserID *shared.ID, teamUserIDs, objectives []string,
	clientName, clientContact string,
	assetIDs, assetGroupIDs, tags []string,
	metadata map[string]any,
	createdAt, updatedAt time.Time, createdBy *shared.ID,
) *Campaign

ReconstituteCampaign creates a Campaign from persisted data.

func (*Campaign) AssetGroupIDs 

func (c *Campaign) AssetGroupIDs() []string

func (*Campaign) AssetIDs 

func (c *Campaign) AssetIDs() []string

func (*Campaign) CampaignType 

func (c *Campaign) CampaignType() CampaignType

func (*Campaign) ClientContact 

func (c *Campaign) ClientContact() string

func (*Campaign) ClientName 

func (c *Campaign) ClientName() string

func (*Campaign) CreatedAt 

func (c *Campaign) CreatedAt() time.Time

func (*Campaign) CreatedBy 

func (c *Campaign) CreatedBy() *shared.ID

func (*Campaign) Description 

func (c *Campaign) Description() string

func (*Campaign) EndDate 

func (c *Campaign) EndDate() *time.Time

func (*Campaign) ID 

func (c *Campaign) ID() shared.ID

Getters

func (*Campaign) LeadUserID 

func (c *Campaign) LeadUserID() *shared.ID

func (*Campaign) Metadata 

func (c *Campaign) Metadata() map[string]any

func (*Campaign) Methodology 

func (c *Campaign) Methodology() string

func (*Campaign) Name 

func (c *Campaign) Name() string

func (*Campaign) Objectives 

func (c *Campaign) Objectives() []string

func (*Campaign) Priority 

func (c *Campaign) Priority() CampaignPriority

func (*Campaign) RulesOfEngagement 

func (c *Campaign) RulesOfEngagement() map[string]any

func (*Campaign) ScopeItems 

func (c *Campaign) ScopeItems() []map[string]any

func (*Campaign) SetAssets added in v0.1.3 

func (c *Campaign) SetAssets(assetIDs, assetGroupIDs []string)

SetAssets sets asset assignment fields.

func (*Campaign) SetCreatedBy 

func (c *Campaign) SetCreatedBy(userID shared.ID)

SetCreatedBy sets the creator.

func (*Campaign) SetDetails 

func (c *Campaign) SetDetails(methodology, clientName, clientContact string, startDate, endDate *time.Time)

SetDetails sets optional detail fields.

func (*Campaign) SetScope 

func (c *Campaign) SetScope(scopeItems []map[string]any, rulesOfEngagement map[string]any, objectives []string)

SetScope sets scope-related fields.

func (*Campaign) SetTags 

func (c *Campaign) SetTags(tags []string)

SetTags sets campaign tags.

func (*Campaign) SetTeamLegacy added in v0.1.3 

func (c *Campaign) SetTeamLegacy(leadUserID *shared.ID, teamUserIDs []string)

SetTeamLegacy sets deprecated team columns for backward compatibility. Use CampaignMemberRepository for new code.

func (*Campaign) StartDate 

func (c *Campaign) StartDate() *time.Time

func (*Campaign) Status 

func (c *Campaign) Status() CampaignStatus

func (*Campaign) Tags 

func (c *Campaign) Tags() []string

func (*Campaign) TeamUserIDs 

func (c *Campaign) TeamUserIDs() []string

func (*Campaign) TenantID 

func (c *Campaign) TenantID() shared.ID

func (*Campaign) TransitionStatus 

func (c *Campaign) TransitionStatus(newStatus CampaignStatus) error

TransitionStatus changes the campaign status with validation.

func (*Campaign) Update 

func (c *Campaign) Update(name, description string, campaignType CampaignType, priority CampaignPriority)

Update sets mutable fields on the campaign.

func (*Campaign) UpdatedAt 

func (c *Campaign) UpdatedAt() time.Time

type CampaignFilter 

type CampaignFilter struct {
	TenantID    *shared.ID
	Status      *CampaignStatus
	Type        *CampaignType
	Priority    *CampaignPriority
	Search      *string
	UserID      *string  // Filter campaigns by membership (visibility)
	CampaignIDs []string // Pre-resolved campaign IDs for user visibility
}

CampaignFilter defines criteria for filtering campaigns.

type CampaignMember added in v0.1.3 

type CampaignMember struct {
	// contains filtered or unexported fields
}

CampaignMember represents a user's membership in a pentest campaign.

func NewCampaignMember added in v0.1.3 

func NewCampaignMember(tenantID, campaignID, userID shared.ID, role CampaignRole, addedBy *shared.ID) (*CampaignMember, error)

NewCampaignMember creates a new campaign member.

func ReconstituteCampaignMember added in v0.1.3 

func ReconstituteCampaignMember(
	id, tenantID, campaignID, userID shared.ID,
	role CampaignRole, addedBy *shared.ID, createdAt time.Time,
) *CampaignMember

ReconstituteCampaignMember creates a CampaignMember from persisted data.

func ReconstituteCampaignMemberWithUser added in v0.1.3 

func ReconstituteCampaignMemberWithUser(
	id, tenantID, campaignID, userID shared.ID,
	role CampaignRole, addedBy *shared.ID, createdAt time.Time,
	userName, userEmail string,
) *CampaignMember

ReconstituteCampaignMemberWithUser creates a CampaignMember with enriched user info.

func (*CampaignMember) AddedBy added in v0.1.3 

func (m *CampaignMember) AddedBy() *shared.ID

func (*CampaignMember) CampaignID added in v0.1.3 

func (m *CampaignMember) CampaignID() shared.ID

func (*CampaignMember) ChangeRole added in v0.1.3 

func (m *CampaignMember) ChangeRole(role CampaignRole) error

ChangeRole changes the member's role with validation.

func (*CampaignMember) CreatedAt added in v0.1.3 

func (m *CampaignMember) CreatedAt() time.Time

func (*CampaignMember) ID added in v0.1.3 

func (m *CampaignMember) ID() shared.ID

Getters

func (*CampaignMember) Role added in v0.1.3 

func (m *CampaignMember) Role() CampaignRole

func (*CampaignMember) SetRole added in v0.1.3 

func (m *CampaignMember) SetRole(role CampaignRole) error

SetRole changes the member's role (used by repository).

func (*CampaignMember) TenantID added in v0.1.3 

func (m *CampaignMember) TenantID() shared.ID

func (*CampaignMember) UserEmail added in v0.1.3 

func (m *CampaignMember) UserEmail() string

func (*CampaignMember) UserID added in v0.1.3 

func (m *CampaignMember) UserID() shared.ID

func (*CampaignMember) UserName added in v0.1.3 

func (m *CampaignMember) UserName() string

type CampaignMemberFilter added in v0.1.3 

type CampaignMemberFilter struct {
	TenantID   string
	CampaignID string
	UserID     string
	Role       *CampaignRole
}

CampaignMemberFilter defines criteria for filtering campaign members.

type CampaignMemberRepository added in v0.1.3 

type CampaignMemberRepository interface {
	Create(ctx context.Context, member *CampaignMember) error
	GetByID(ctx context.Context, tenantID, id shared.ID) (*CampaignMember, error)
	GetUserRole(ctx context.Context, tenantID string, campaignID string, userID string) (CampaignRole, error)
	UpdateRole(ctx context.Context, tenantID, id shared.ID, role CampaignRole) error
	Delete(ctx context.Context, tenantID, id shared.ID) error
	DeleteByUserID(ctx context.Context, tenantID string, campaignID string, userID string) error
	ListByCampaign(ctx context.Context, tenantID string, campaignID string) ([]*CampaignMember, error)
	ListByUser(ctx context.Context, tenantID string, userID string) ([]*CampaignMember, error)
	CountByRoleInTx(ctx context.Context, tx *sql.Tx, tenantID string, campaignID string, role CampaignRole) (int64, error)
	BatchListByCampaignIDs(ctx context.Context, tenantID string, campaignIDs []string) (map[string][]*CampaignMember, error)
}

CampaignMemberRepository defines the interface for campaign member persistence.

type CampaignPriority 

type CampaignPriority string

CampaignPriority represents the priority of a campaign. 

const (
	CampaignPriorityCritical CampaignPriority = "critical"
	CampaignPriorityHigh     CampaignPriority = "high"
	CampaignPriorityMedium   CampaignPriority = "medium"
	CampaignPriorityLow      CampaignPriority = "low"
)

func ParseCampaignPriority 

func ParseCampaignPriority(s string) (CampaignPriority, error)

ParseCampaignPriority parses a string to CampaignPriority.

type CampaignRepository 

type CampaignRepository interface {
	Create(ctx context.Context, campaign *Campaign) error
	GetByID(ctx context.Context, tenantID, id shared.ID) (*Campaign, error)
	Update(ctx context.Context, campaign *Campaign) error
	Delete(ctx context.Context, tenantID, id shared.ID) error
	List(ctx context.Context, filter CampaignFilter, page pagination.Pagination) (pagination.Result[*Campaign], error)
}

CampaignRepository defines the interface for campaign persistence.

type CampaignRole added in v0.1.3 

type CampaignRole string

CampaignRole represents a user's role within a pentest campaign. 

const (
	CampaignRoleLead     CampaignRole = "lead"
	CampaignRoleTester   CampaignRole = "tester"
	CampaignRoleReviewer CampaignRole = "reviewer"
	CampaignRoleObserver CampaignRole = "observer"
)

func ParseCampaignRole added in v0.1.3 

func ParseCampaignRole(s string) (CampaignRole, error)

ParseCampaignRole parses a string to CampaignRole.

func ValidCampaignRoles added in v0.1.3 

func ValidCampaignRoles() []CampaignRole

ValidCampaignRoles returns all valid campaign roles.

func (CampaignRole) CanGenerateReport added in v0.1.3 

func (r CampaignRole) CanGenerateReport() bool

CanGenerateReport returns true if the role can generate reports.

func (CampaignRole) CanManageCampaign added in v0.1.3 

func (r CampaignRole) CanManageCampaign() bool

CanManageCampaign returns true if the role can edit/delete campaign.

func (CampaignRole) CanManageTeam added in v0.1.3 

func (r CampaignRole) CanManageTeam() bool

CanManageTeam returns true if the role can add/remove/change team members.

func (CampaignRole) CanReview added in v0.1.3 

func (r CampaignRole) CanReview() bool

CanReview returns true if the role can confirm/reject findings.

func (CampaignRole) CanSubmitRetest added in v0.1.3 

func (r CampaignRole) CanSubmitRetest() bool

CanSubmitRetest returns true if the role can submit retests.

func (CampaignRole) CanUploadEvidence added in v0.1.3 

func (r CampaignRole) CanUploadEvidence() bool

CanUploadEvidence returns true if the role can upload evidence.

func (CampaignRole) CanWriteFindings added in v0.1.3 

func (r CampaignRole) CanWriteFindings() bool

CanWriteFindings returns true if the role can create/edit findings.

func (CampaignRole) IsLead added in v0.1.3 

func (r CampaignRole) IsLead() bool

IsLead returns true for lead role.

func (CampaignRole) IsReadOnly added in v0.1.3 

func (r CampaignRole) IsReadOnly() bool

IsReadOnly returns true for observer role.

func (CampaignRole) IsValid added in v0.1.3 

func (r CampaignRole) IsValid() bool

IsValid checks if the role is valid.

type CampaignStats 

type CampaignStats struct {
	TotalFindings    int64   `json:"total_findings"`
	CriticalFindings int64   `json:"critical_findings"`
	HighFindings     int64   `json:"high_findings"`
	MediumFindings   int64   `json:"medium_findings"`
	LowFindings      int64   `json:"low_findings"`
	InfoFindings     int64   `json:"info_findings"`
	Progress         float64 `json:"progress"`
}

CampaignStats holds aggregated campaign statistics.

type CampaignStatus 

type CampaignStatus string

CampaignStatus represents the status of a pentest campaign. 

const (
	CampaignStatusPlanning   CampaignStatus = "planning"
	CampaignStatusInProgress CampaignStatus = "in_progress"
	CampaignStatusOnHold     CampaignStatus = "on_hold"
	CampaignStatusCompleted  CampaignStatus = "completed"
	CampaignStatusCanceled   CampaignStatus = "canceled"
)

func ParseCampaignStatus 

func ParseCampaignStatus(s string) (CampaignStatus, error)

ParseCampaignStatus parses a string to CampaignStatus.

func ValidCampaignStatuses 

func ValidCampaignStatuses() []CampaignStatus

ValidCampaignStatuses returns all valid campaign statuses.

type CampaignType 

type CampaignType string

CampaignType represents the type of pentest campaign. 

const (
	CampaignTypeExternal          CampaignType = "external"
	CampaignTypeInternal          CampaignType = "internal"
	CampaignTypeWebApp            CampaignType = "web_app"
	CampaignTypeMobile            CampaignType = "mobile"
	CampaignTypeAPI               CampaignType = "api"
	CampaignTypeNetwork           CampaignType = "network"
	CampaignTypeSocialEngineering CampaignType = "social_engineering"
	CampaignTypePhysical          CampaignType = "physical"
	CampaignTypeCloud             CampaignType = "cloud"
	CampaignTypeWireless          CampaignType = "wireless"
)

func ParseCampaignType 

func ParseCampaignType(s string) (CampaignType, error)

ParseCampaignType parses a string to CampaignType. Accepts any non-empty string — types are configurable per tenant via settings.

func ValidCampaignTypes 

func ValidCampaignTypes() []CampaignType

ValidCampaignTypes returns all valid campaign types.

type Finding 

type Finding struct {
	// contains filtered or unexported fields
}

Finding represents a manual pentest finding.

func NewFinding 

func NewFinding(tenantID, campaignID shared.ID, title string, severity FindingSeverity) (*Finding, error)

NewFinding creates a new pentest finding.

func ReconstituteFinding 

func ReconstituteFinding(
	id, tenantID, campaignID shared.ID,
	title, description string, severity FindingSeverity, status FindingStatus,
	cvssScore *float64, cvssVector, cweID, cveID, owaspCategory string,
	affectedAssets, stepsToReproduce []string, pocCode string,
	evidence, requestResponses []map[string]any,
	businessImpact, technicalImpact, remediationGuidance string,
	remediationDeadline *time.Time, referenceURLs []string,
	assignedTo, reviewedBy *shared.ID,
	tags []string, metadata map[string]any,
	createdAt, updatedAt time.Time, createdBy *shared.ID,
) *Finding

ReconstituteFinding creates a Finding from persisted data.

func (*Finding) AffectedAssets 

func (f *Finding) AffectedAssets() []string

func (*Finding) AssignedTo 

func (f *Finding) AssignedTo() *shared.ID

func (*Finding) BusinessImpact 

func (f *Finding) BusinessImpact() string

func (*Finding) CVEID 

func (f *Finding) CVEID() string

func (*Finding) CVSSScore 

func (f *Finding) CVSSScore() *float64

func (*Finding) CVSSVector 

func (f *Finding) CVSSVector() string

func (*Finding) CWEID 

func (f *Finding) CWEID() string

func (*Finding) CampaignID 

func (f *Finding) CampaignID() shared.ID

func (*Finding) CreatedAt 

func (f *Finding) CreatedAt() time.Time

func (*Finding) CreatedBy 

func (f *Finding) CreatedBy() *shared.ID

func (*Finding) Description 

func (f *Finding) Description() string

func (*Finding) Evidence 

func (f *Finding) Evidence() []map[string]any

func (*Finding) ID 

func (f *Finding) ID() shared.ID

Getters

func (*Finding) MarkUpdated 

func (f *Finding) MarkUpdated()

MarkUpdated sets the updated timestamp.

func (*Finding) Metadata 

func (f *Finding) Metadata() map[string]any

func (*Finding) OWASPCategory 

func (f *Finding) OWASPCategory() string

func (*Finding) PoCCode 

func (f *Finding) PoCCode() string

func (*Finding) ReferenceURLs 

func (f *Finding) ReferenceURLs() []string

func (*Finding) RemediationDeadline 

func (f *Finding) RemediationDeadline() *time.Time

func (*Finding) RemediationGuidance 

func (f *Finding) RemediationGuidance() string

func (*Finding) RequestResponses 

func (f *Finding) RequestResponses() []map[string]any

func (*Finding) ReviewedBy 

func (f *Finding) ReviewedBy() *shared.ID

func (*Finding) SetAssignedTo 

func (f *Finding) SetAssignedTo(userID *shared.ID)

SetAssignedTo assigns the finding to a user.

func (*Finding) SetCreatedBy 

func (f *Finding) SetCreatedBy(userID shared.ID)

SetCreatedBy sets the creator.

func (*Finding) SetReviewedBy 

func (f *Finding) SetReviewedBy(userID *shared.ID)

SetReviewedBy sets the reviewer.

func (*Finding) Severity 

func (f *Finding) Severity() FindingSeverity

func (*Finding) Status 

func (f *Finding) Status() FindingStatus

func (*Finding) StepsToReproduce 

func (f *Finding) StepsToReproduce() []string

func (*Finding) Tags 

func (f *Finding) Tags() []string

func (*Finding) TechnicalImpact 

func (f *Finding) TechnicalImpact() string

func (*Finding) TenantID 

func (f *Finding) TenantID() shared.ID

func (*Finding) Title 

func (f *Finding) Title() string

func (*Finding) TransitionStatus 

func (f *Finding) TransitionStatus(newStatus FindingStatus) error

TransitionStatus changes finding status with validation.

func (*Finding) UpdatedAt 

func (f *Finding) UpdatedAt() time.Time

type FindingFilter 

type FindingFilter struct {
	TenantID   *shared.ID
	CampaignID *shared.ID
	Severity   *FindingSeverity
	Status     *FindingStatus
	Search     *string
}

FindingFilter defines criteria for filtering pentest findings.

type FindingRepository 

type FindingRepository interface {
	Create(ctx context.Context, finding *Finding) error
	GetByID(ctx context.Context, tenantID, id shared.ID) (*Finding, error)
	Update(ctx context.Context, finding *Finding) error
	Delete(ctx context.Context, tenantID, id shared.ID) error
	List(ctx context.Context, filter FindingFilter, page pagination.Pagination) (pagination.Result[*Finding], error)
	CountByCampaign(ctx context.Context, tenantID, campaignID shared.ID) (int64, error)
	GetStatsByCampaign(ctx context.Context, tenantID, campaignID shared.ID) (*CampaignStats, error)
	GetStatsByCampaignIDs(ctx context.Context, tenantID shared.ID, campaignIDs []shared.ID) (map[string]*CampaignStats, error)
}

FindingRepository defines the interface for pentest finding persistence.

type FindingSeverity 

type FindingSeverity string

FindingSeverity represents the severity of a pentest finding. 

const (
	FindingSeverityCritical FindingSeverity = "critical"
	FindingSeverityHigh     FindingSeverity = "high"
	FindingSeverityMedium   FindingSeverity = "medium"
	FindingSeverityLow      FindingSeverity = "low"
	FindingSeverityInfo     FindingSeverity = "info"
)

func ParseFindingSeverity 

func ParseFindingSeverity(s string) (FindingSeverity, error)

ParseFindingSeverity parses a string to FindingSeverity.

type FindingStatus 

type FindingStatus string

FindingStatus represents the status of a pentest finding. 

const (
	FindingStatusDraft         FindingStatus = "draft"
	FindingStatusInReview      FindingStatus = "in_review"
	FindingStatusConfirmed     FindingStatus = "confirmed"
	FindingStatusRemediation   FindingStatus = "remediation"
	FindingStatusRetest        FindingStatus = "retest"
	FindingStatusVerified      FindingStatus = "verified"
	FindingStatusFalsePositive FindingStatus = "false_positive"
	FindingStatusAcceptedRisk  FindingStatus = "accepted_risk"
)

func ParseFindingStatus 

func ParseFindingStatus(s string) (FindingStatus, error)

ParseFindingStatus parses a string to FindingStatus.

func ValidFindingStatuses 

func ValidFindingStatuses() []FindingStatus

ValidFindingStatuses returns all valid finding statuses.

type Report 

type Report struct {
	// contains filtered or unexported fields
}

Report represents a generated pentest report.

func NewReport 

func NewReport(tenantID, campaignID shared.ID, name string, reportType ReportType, format ReportFormat) *Report

NewReport creates a new pentest report.

func ReconstituteReport 

func ReconstituteReport(
	id, tenantID, campaignID shared.ID,
	name string, reportType ReportType, format ReportFormat, status ReportStatus,
	options map[string]any, fileSize int64, downloadURL string,
	generatedAt *time.Time, errorMessage string,
	createdAt time.Time, createdBy *shared.ID,
) *Report

ReconstituteReport creates a Report from persisted data.

func (*Report) CampaignID 

func (r *Report) CampaignID() shared.ID

func (*Report) CreatedAt 

func (r *Report) CreatedAt() time.Time

func (*Report) CreatedBy 

func (r *Report) CreatedBy() *shared.ID

func (*Report) DownloadURL 

func (r *Report) DownloadURL() string

func (*Report) ErrorMessage 

func (r *Report) ErrorMessage() string

func (*Report) FileSize 

func (r *Report) FileSize() int64

func (*Report) Format 

func (r *Report) Format() ReportFormat

func (*Report) GeneratedAt 

func (r *Report) GeneratedAt() *time.Time

func (*Report) ID 

func (r *Report) ID() shared.ID

Getters

func (*Report) MarkCompleted 

func (r *Report) MarkCompleted(downloadURL string, fileSize int64)

MarkCompleted sets the report as completed.

func (*Report) MarkFailed 

func (r *Report) MarkFailed(errorMessage string)

MarkFailed sets the report as failed.

func (*Report) MarkGenerating 

func (r *Report) MarkGenerating()

MarkGenerating sets the report to generating status.

func (*Report) Name 

func (r *Report) Name() string

func (*Report) Options 

func (r *Report) Options() map[string]any

func (*Report) ReportType 

func (r *Report) ReportType() ReportType

func (*Report) SetCreatedBy 

func (r *Report) SetCreatedBy(userID shared.ID)

SetCreatedBy sets the creator.

func (*Report) SetOptions 

func (r *Report) SetOptions(options map[string]any)

SetOptions sets report generation options.

func (*Report) Status 

func (r *Report) Status() ReportStatus

func (*Report) TenantID 

func (r *Report) TenantID() shared.ID

type ReportFilter 

type ReportFilter struct {
	TenantID   *shared.ID
	CampaignID *shared.ID
	Type       *ReportType
	Format     *ReportFormat
	Status     *ReportStatus
}

ReportFilter defines criteria for filtering reports.

type ReportFormat 

type ReportFormat string

ReportFormat represents the file format of a report. 

const (
	ReportFormatPDF  ReportFormat = "pdf"
	ReportFormatDOCX ReportFormat = "docx"
	ReportFormatXLSX ReportFormat = "xlsx"
	ReportFormatHTML ReportFormat = "html"
	ReportFormatJSON ReportFormat = "json"
)

func ParseReportFormat 

func ParseReportFormat(s string) (ReportFormat, error)

ParseReportFormat parses a string to ReportFormat.

type ReportRepository 

type ReportRepository interface {
	Create(ctx context.Context, report *Report) error
	GetByID(ctx context.Context, tenantID, id shared.ID) (*Report, error)
	Update(ctx context.Context, report *Report) error
	Delete(ctx context.Context, tenantID, id shared.ID) error
	List(ctx context.Context, filter ReportFilter, page pagination.Pagination) (pagination.Result[*Report], error)
}

ReportRepository defines the interface for report persistence.

type ReportStatus 

type ReportStatus string

ReportStatus represents the status of report generation. 

const (
	ReportStatusDraft      ReportStatus = "draft"
	ReportStatusGenerating ReportStatus = "generating"
	ReportStatusCompleted  ReportStatus = "completed"
	ReportStatusFailed     ReportStatus = "failed"
)

type ReportType 

type ReportType string

ReportType represents the type of pentest report. 

const (
	ReportTypeExecutiveSummary ReportType = "executive_summary"
	ReportTypeTechnical        ReportType = "technical_report"
	ReportTypeFinding          ReportType = "finding_report"
	ReportTypeCompliance       ReportType = "compliance_report"
	ReportTypeRemediation      ReportType = "remediation_report"
	ReportTypeRetest           ReportType = "retest_report"
)

func ParseReportType 

func ParseReportType(s string) (ReportType, error)

ParseReportType parses a string to ReportType.

type Retest 

type Retest struct {
	// contains filtered or unexported fields
}

Retest represents a verification retest of a pentest finding.

func NewRetest 

func NewRetest(tenantID, findingID shared.ID) *Retest

NewRetest creates a new retest.

func ReconstituteRetest 

func ReconstituteRetest(
	id, tenantID, findingID shared.ID,
	status RetestStatus, notes string, evidence []map[string]any,
	testedBy *shared.ID, testedAt *time.Time, createdAt time.Time,
) *Retest

ReconstituteRetest creates a Retest from persisted data.

func (*Retest) Complete 

func (r *Retest) Complete(status RetestStatus, notes string, testedBy shared.ID)

Complete records the retest result.

func (*Retest) CreatedAt 

func (r *Retest) CreatedAt() time.Time

func (*Retest) Evidence 

func (r *Retest) Evidence() []map[string]any

func (*Retest) FindingID 

func (r *Retest) FindingID() shared.ID

func (*Retest) ID 

func (r *Retest) ID() shared.ID

Getters

func (*Retest) Notes 

func (r *Retest) Notes() string

func (*Retest) SetEvidence 

func (r *Retest) SetEvidence(evidence []map[string]any)

SetEvidence sets retest evidence.

func (*Retest) Status 

func (r *Retest) Status() RetestStatus

func (*Retest) TenantID 

func (r *Retest) TenantID() shared.ID

func (*Retest) TestedAt 

func (r *Retest) TestedAt() *time.Time

func (*Retest) TestedBy 

func (r *Retest) TestedBy() *shared.ID

type RetestFilter 

type RetestFilter struct {
	TenantID  *shared.ID
	FindingID *shared.ID
	Status    *RetestStatus
}

RetestFilter defines criteria for filtering retests.

type RetestRepository 

type RetestRepository interface {
	Create(ctx context.Context, retest *Retest) error
	GetByID(ctx context.Context, tenantID, id shared.ID) (*Retest, error)
	Update(ctx context.Context, retest *Retest) error
	ListByFinding(ctx context.Context, tenantID, findingID shared.ID) ([]*Retest, error)
	CountByFinding(ctx context.Context, tenantID, findingID shared.ID) (int64, error)
}

RetestRepository defines the interface for retest persistence.

type RetestStatus 

type RetestStatus string

RetestStatus represents the status of a retest. 

const (
	RetestStatusPending    RetestStatus = "pending"
	RetestStatusInProgress RetestStatus = "in_progress"
	RetestStatusPassed     RetestStatus = "passed"
	RetestStatusFailed     RetestStatus = "failed"
	RetestStatusPartial    RetestStatus = "partial"
	RetestStatusCanceled   RetestStatus = "canceled"
)

func ParseRetestStatus 

func ParseRetestStatus(s string) (RetestStatus, error)

ParseRetestStatus parses a string to RetestStatus.

type Template 

type Template struct {
	// contains filtered or unexported fields
}

Template represents a reusable finding template.

func NewTemplate 

func NewTemplate(tenantID shared.ID, name string, severity FindingSeverity) (*Template, error)

NewTemplate creates a new custom finding template.

func ReconstituteTemplate 

func ReconstituteTemplate(
	id shared.ID, tenantID *shared.ID,
	name string, category TemplateCategory, severity FindingSeverity,
	owaspCategory, cweID, description string,
	stepsToReproduce []string, businessImpact, technicalImpact, remediation string,
	referenceURLs, tags []string, isSystem bool, usageCount int,
	createdAt, updatedAt time.Time, createdBy *shared.ID,
) *Template

ReconstituteTemplate creates a Template from persisted data.

func (*Template) BusinessImpact 

func (t *Template) BusinessImpact() string

func (*Template) CWEID 

func (t *Template) CWEID() string

func (*Template) Category 

func (t *Template) Category() TemplateCategory

func (*Template) CreatedAt 

func (t *Template) CreatedAt() time.Time

func (*Template) CreatedBy 

func (t *Template) CreatedBy() *shared.ID

func (*Template) Description 

func (t *Template) Description() string

func (*Template) ID 

func (t *Template) ID() shared.ID

Getters

func (*Template) IncrementUsage 

func (t *Template) IncrementUsage()

IncrementUsage increments the usage counter.

func (*Template) IsSystem 

func (t *Template) IsSystem() bool

func (*Template) Name 

func (t *Template) Name() string

func (*Template) OWASPCategory 

func (t *Template) OWASPCategory() string

func (*Template) ReferenceURLs 

func (t *Template) ReferenceURLs() []string

func (*Template) Remediation 

func (t *Template) Remediation() string

func (*Template) SetBusinessImpact 

func (t *Template) SetBusinessImpact(b string)

SetBusinessImpact sets the business impact text.

func (*Template) SetCWEID 

func (t *Template) SetCWEID(c string)

SetCWEID sets the CWE identifier.

func (*Template) SetCategory 

func (t *Template) SetCategory(c TemplateCategory)

SetCategory sets the template category.

func (*Template) SetDescription 

func (t *Template) SetDescription(d string)

SetDescription sets the description.

func (*Template) SetOWASPCategory 

func (t *Template) SetOWASPCategory(o string)

SetOWASPCategory sets the OWASP category.

func (*Template) SetReferenceURLs 

func (t *Template) SetReferenceURLs(urls []string)

SetReferenceURLs sets the reference URLs.

func (*Template) SetRemediation 

func (t *Template) SetRemediation(r string)

SetRemediation sets the remediation guidance.

func (*Template) SetStepsToReproduce 

func (t *Template) SetStepsToReproduce(s []string)

SetStepsToReproduce sets steps to reproduce.

func (*Template) SetTags 

func (t *Template) SetTags(tags []string)

SetTags sets the tags.

func (*Template) SetTechnicalImpact 

func (t *Template) SetTechnicalImpact(ti string)

SetTechnicalImpact sets the technical impact text.

func (*Template) Severity 

func (t *Template) Severity() FindingSeverity

func (*Template) StepsToReproduce 

func (t *Template) StepsToReproduce() []string

func (*Template) Tags 

func (t *Template) Tags() []string

func (*Template) TechnicalImpact 

func (t *Template) TechnicalImpact() string

func (*Template) TenantID 

func (t *Template) TenantID() *shared.ID

func (*Template) Update 

func (t *Template) Update(name string, category TemplateCategory, severity FindingSeverity) error

Update sets mutable fields. Returns error if system template.

func (*Template) UpdatedAt 

func (t *Template) UpdatedAt() time.Time

func (*Template) UsageCount 

func (t *Template) UsageCount() int

type TemplateCategory 

type TemplateCategory string

TemplateCategory represents the category of a finding template. 

const (
	TemplateCategoryInjection       TemplateCategory = "injection"
	TemplateCategoryAuthentication  TemplateCategory = "authentication"
	TemplateCategoryAuthorization   TemplateCategory = "authorization"
	TemplateCategoryCryptographic   TemplateCategory = "cryptographic"
	TemplateCategoryConfiguration   TemplateCategory = "configuration"
	TemplateCategoryDisclosure      TemplateCategory = "disclosure"
	TemplateCategorySession         TemplateCategory = "session"
	TemplateCategoryInputValidation TemplateCategory = "input_validation"
	TemplateCategoryLogic           TemplateCategory = "logic"
	TemplateCategoryOther           TemplateCategory = "other"
)

func ParseTemplateCategory 

func ParseTemplateCategory(s string) (TemplateCategory, error)

ParseTemplateCategory parses a string to TemplateCategory. Returns empty string (valid) if input is empty.

type TemplateFilter 

type TemplateFilter struct {
	TenantID *shared.ID
	Category *TemplateCategory
	Severity *FindingSeverity
	IsSystem *bool
	Search   *string
}

TemplateFilter defines criteria for filtering templates.

type TemplateRepository 

type TemplateRepository interface {
	Create(ctx context.Context, template *Template) error
	GetByID(ctx context.Context, tenantID, id shared.ID) (*Template, error)
	Update(ctx context.Context, tenantID shared.ID, template *Template) error
	Delete(ctx context.Context, tenantID, id shared.ID) error
	List(ctx context.Context, filter TemplateFilter, page pagination.Pagination) (pagination.Result[*Template], error)
	IncrementUsageCount(ctx context.Context, tenantID, id shared.ID) error
}

TemplateRepository defines the interface for template persistence.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.