custompayloads: SAST Fixes (SonarLint) & Options panel help button

- AbstractColumnDialog > Use List interface vs ArrayList. - Column > Reduce visibility. - CustomPayloadColumns > Add private constructor to hide implicit one. Remove ID column from Options Panel display. - CustomPayloadMultipleOptionsTableModel > Use List interface vs ArrayList for params. - CustomPayloadsCategoryColumn > Make getExtension static. - CustomPayloadsMultipleOptionsTablePanel > Make showDialog static. - EditableColumn > Reduce visibility. - EditableSelectColumn > Reduce visibility, adjust method naming to proper Java camelCase. - CustomPayloadsApiUnitTest > Remove unused param API.RequestType, and pointless declared throw on shouldHavePrefix. - CHANGELOG > Already has a maint note, added a note about the Options panel help button. - CustomPayloadsOptionsPanel > Added overridden getHelpIndex method. - Help files > Updated to include more detailed info about the functionality. Signed-off-by: kingthorin <[email protected]>
zaproxy · Oct 30, 2024 · 198e62e · 198e62e
1 parent 92543fd
commit 198e62e
Show file tree

Hide file tree

Showing 15 changed files with 84 additions and 30 deletions.
diff --git a/addOns/custompayloads/CHANGELOG.md b/addOns/custompayloads/CHANGELOG.md
@@ -7,6 +7,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 ### Changed
 - Update minimum ZAP version to 2.15.0.
 - Maintenance changes.
+- Add help button to Options panel and add further detailed Help content.
 
 ## [0.13.0] - 2023-11-10
 ### Changed

diff --git a/...payloads/src/main/java/org/zaproxy/zap/extension/custompayloads/AbstractColumnDialog.java b/...payloads/src/main/java/org/zaproxy/zap/extension/custompayloads/AbstractColumnDialog.java
@@ -21,7 +21,6 @@
 
 import java.awt.Dimension;
 import java.awt.Window;
-import java.util.ArrayList;
 import java.util.List;
 import org.zaproxy.zap.utils.DisplayUtils;
 import org.zaproxy.zap.view.StandardFieldsDialog;
@@ -95,7 +94,7 @@ private void createStringTextFieldForColumn(Column<T> column) {
     private void createStringComboFieldForColumn(Column<T> column) {
         EditableSelectColumn<T> selectColumn = (EditableSelectColumn<T>) column;
         String value = column.getTypedValue(model);
-        ArrayList<String> selectableValues = selectColumn.getTypedSelectableValues(model);
+        List<String> selectableValues = selectColumn.getTypedSelectableValues(model);
         this.addComboField(column.getNameKey(), selectableValues, value);
     }
 

diff --git a/addOns/custompayloads/src/main/java/org/zaproxy/zap/extension/custompayloads/Column.java b/addOns/custompayloads/src/main/java/org/zaproxy/zap/extension/custompayloads/Column.java
@@ -19,11 +19,11 @@
  */
 package org.zaproxy.zap.extension.custompayloads;
 
-public abstract class Column<T> {
+abstract class Column<T> {
     Class<?> columnClass;
     String nameKey;
 
-    public Column(Class<?> columnClass, String nameKey) {
+    Column(Class<?> columnClass, String nameKey) {
         this.columnClass = columnClass;
         this.nameKey = nameKey;
     }

diff --git a/...s/src/main/java/org/zaproxy/zap/extension/custompayloads/CustomPayloadCategoryColumn.java b/...s/src/main/java/org/zaproxy/zap/extension/custompayloads/CustomPayloadCategoryColumn.java
@@ -61,7 +61,7 @@ public ArrayList<Object> getSelectableValues(CustomPayload payload) {
         return categoryObjects;
     }
 
-    private ExtensionCustomPayloads getExtension() {
+    private static ExtensionCustomPayloads getExtension() {
         return Control.getSingleton()
                 .getExtensionLoader()
                 .getExtension(ExtensionCustomPayloads.class);

diff --git a/...payloads/src/main/java/org/zaproxy/zap/extension/custompayloads/CustomPayloadColumns.java b/...payloads/src/main/java/org/zaproxy/zap/extension/custompayloads/CustomPayloadColumns.java
@@ -25,6 +25,10 @@
 
 public final class CustomPayloadColumns {
 
+    private CustomPayloadColumns() {
+        // Nothing to do
+    }
+
     public static List<Column<CustomPayload>> createColumns() {
         ArrayList<Column<CustomPayload>> columns = new ArrayList<>();
         columns.add(createEnabledColumn());
@@ -37,9 +41,8 @@ public static List<Column<CustomPayload>> createColumns() {
     public static List<Column<CustomPayload>> createColumnsForOptionsTable() {
         ArrayList<Column<CustomPayload>> columns = new ArrayList<>();
         columns.add(createEnabledColumn());
-        columns.add(createIdColumn());
-        columns.add(createCategoryColumn().AsReadonly());
-        columns.add(createPayloadColumn().AsReadonly());
+        columns.add(createCategoryColumn().asReadonly());
+        columns.add(createPayloadColumn().asReadonly());
         return columns;
     }
 

diff --git a/...java/org/zaproxy/zap/extension/custompayloads/CustomPayloadMultipleOptionsTableModel.java b/...java/org/zaproxy/zap/extension/custompayloads/CustomPayloadMultipleOptionsTableModel.java
@@ -19,7 +19,6 @@
  */
 package org.zaproxy.zap.extension.custompayloads;
 
-import java.util.ArrayList;
 import java.util.List;
 import java.util.Set;
 
@@ -66,7 +65,7 @@ public void resetToDefaults() {
         }
     }
 
-    public void addToTable(ArrayList<CustomPayload> payloads) {
+    public void addToTable(List<CustomPayload> payloads) {
         for (CustomPayload payload : payloads) {
             payload.setId(nextPayloadId++);
             addModel(payload);

diff --git a/...ava/org/zaproxy/zap/extension/custompayloads/CustomPayloadsMultipleOptionsTablePanel.java b/...ava/org/zaproxy/zap/extension/custompayloads/CustomPayloadsMultipleOptionsTablePanel.java
@@ -169,7 +169,7 @@ public CustomPayload showAddDialogue() {
         return null;
     }
 
-    private boolean showDialog(CustomPayload payload) {
+    private static boolean showDialog(CustomPayload payload) {
         CustomPayloadDialog dialog =
                 new CustomPayloadDialog(
                         View.getSingleton().getOptionsDialog(null),

diff --git a/...ds/src/main/java/org/zaproxy/zap/extension/custompayloads/CustomPayloadsOptionsPanel.java b/...ds/src/main/java/org/zaproxy/zap/extension/custompayloads/CustomPayloadsOptionsPanel.java
@@ -70,4 +70,9 @@ public void saveParam(Object obj) throws Exception {
         param.setNextPayloadId(tableModel.getNextPayloadId());
         param.setConfirmRemoveToken(tablePanel.isRemoveWithoutConfirmation());
     }
+
+    @Override
+    public String getHelpIndex() {
+        return "custompayloads.options";
+    }
 }
diff --git a/...custompayloads/src/main/java/org/zaproxy/zap/extension/custompayloads/EditableColumn.java b/...custompayloads/src/main/java/org/zaproxy/zap/extension/custompayloads/EditableColumn.java
@@ -19,9 +19,9 @@
  */
 package org.zaproxy.zap.extension.custompayloads;
 
-public abstract class EditableColumn<T> extends Column<T> {
+abstract class EditableColumn<T> extends Column<T> {
 
-    public EditableColumn(Class<?> columnClass, String name) {
+    EditableColumn(Class<?> columnClass, String name) {
         super(columnClass, name);
     }
 
@@ -32,7 +32,7 @@ public boolean isEditable(T model) {
 
     public abstract void setValue(T model, Object value);
 
-    public Column<T> AsReadonly() {
+    public Column<T> asReadonly() {
         return new Column<T>(this.columnClass, this.nameKey) {
 
             @Override

diff --git a/...payloads/src/main/java/org/zaproxy/zap/extension/custompayloads/EditableSelectColumn.java b/...payloads/src/main/java/org/zaproxy/zap/extension/custompayloads/EditableSelectColumn.java
@@ -20,19 +20,20 @@
 package org.zaproxy.zap.extension.custompayloads;
 
 import java.util.ArrayList;
+import java.util.List;
 
-public abstract class EditableSelectColumn<T> extends EditableColumn<T> {
+abstract class EditableSelectColumn<T> extends EditableColumn<T> {
 
-    public EditableSelectColumn(Class<?> columnClass, String name) {
+    EditableSelectColumn(Class<?> columnClass, String name) {
         super(columnClass, name);
     }
 
-    public abstract ArrayList<Object> getSelectableValues(T model);
+    public abstract List<Object> getSelectableValues(T model);
 
-    public <V> ArrayList<V> getTypedSelectableValues(T model) {
-        ArrayList<Object> values = getSelectableValues(model);
+    public <V> List<V> getTypedSelectableValues(T model) {
+        List<Object> values = getSelectableValues(model);
 
-        ArrayList<V> typedValues = new ArrayList<>();
+        List<V> typedValues = new ArrayList<>();
         for (Object value : values) {
             V typedValue = getTypedObject(value);
             typedValues.add(typedValue);

diff --git a/...in/javahelp/org/zaproxy/zap/extension/custompayloads/resources/help/contents/options.html b/...in/javahelp/org/zaproxy/zap/extension/custompayloads/resources/help/contents/options.html
@@ -0,0 +1,48 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
+<HTML>
+<HEAD>
+<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=utf-8">
+<TITLE>Options Custom Payloads screen</TITLE>
+</HEAD>
+<BODY>
+<H1>Options Custom Payloads screen</H1>
+<p>
+<strong>Note</strong>: Payload categories which are not listed in the table may be available via the Add button as not all rules which support
+custom payloads have default payloads.
+<p>
+This screen/table allows you to configure <a href="custompayloads.html">Custom Payload</a> options:
+
+<H2>Custom Payloads Table</H2>
+
+<H3>Enabled</H3>
+A checkbox indicating whether or not the particular custom payload is to be used or not.
+
+<H3>Category</H3>
+Indicates the category and by association the scan rule for which the custpm payload value should be used.
+(The categories should be fairly obviously relatable to a scan rule, and are also mentioned in the help entry for the scan rules.)
+
+<h3>Payload</H3>
+Yhe value of the specific custom payload.
+
+<H2>Custom Payloads Buttons</H2>
+
+<H3>Add</H3>
+Allows users to add a custom payload, setting the enable state, category, and payload value.
+
+<H3>Modify/Remove</H3>
+Either modify or remove the custom payload defined by the selected row.
+
+<H3>Enable All/Desable All</h3>
+Sets the enable state of all custom payloads as applicable.
+
+<H3>Add Missing Defaults</H3>
+Facilitates restoration of one or more missing default custom payloads if they've been previously removed.
+
+<H3>Reset to Defaults</H3>
+Removes all payloads and restores just the defaults. (<strong>Note</strong>: User added payloads will be lost.)
+
+<H3>Add Multiple Payloads</H3>
+Allows the user to import a text file of payloads (one payload per line) for the selected category.
+
+</BODY>
+</HTML>
diff --git a/...loads/src/main/javahelp/org/zaproxy/zap/extension/custompayloads/resources/help/index.xml b/...loads/src/main/javahelp/org/zaproxy/zap/extension/custompayloads/resources/help/index.xml
@@ -7,4 +7,5 @@
     <!-- index entries are merged (sorted) into core index -->
     <indexitem text="custompayloads" target="custompayloads" />
     <indexitem text="Custom Payloads API" target="custompayloads.api" />
+    <indexitem text="Custom Payloads Options" target="custompayloads.options" />
 </index>
diff --git a/...ayloads/src/main/javahelp/org/zaproxy/zap/extension/custompayloads/resources/help/map.jhm b/...ayloads/src/main/javahelp/org/zaproxy/zap/extension/custompayloads/resources/help/map.jhm
@@ -6,4 +6,5 @@
 <map version="1.0">
     <mapID target="custompayloads" url="contents/custompayloads.html" />
     <mapID target="custompayloads.api" url="contents/api.html" />
+    <mapID target="custompayloads.options" url="contents/options.html" />
 </map>
diff --git a/...ayloads/src/main/javahelp/org/zaproxy/zap/extension/custompayloads/resources/help/toc.xml b/...ayloads/src/main/javahelp/org/zaproxy/zap/extension/custompayloads/resources/help/toc.xml
@@ -8,6 +8,7 @@
 		<tocitem text="Add Ons" tocid="addons">
 			<tocitem text="Custom Payloads" target="custompayloads">
 				<tocitem text="API" target="custompayloads.api" />
+				<tocitem text="Options" target="custompayloads.options" />
 			</tocitem>
 		</tocitem>
 	</tocitem>

diff --git a/...ads/src/test/java/org/zaproxy/zap/extension/custompayloads/CustomPayloadsApiUnitTest.java b/...ads/src/test/java/org/zaproxy/zap/extension/custompayloads/CustomPayloadsApiUnitTest.java
@@ -31,8 +31,6 @@
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 import org.parosproxy.paros.Constant;
-import org.zaproxy.zap.extension.api.API;
-import org.zaproxy.zap.extension.api.API.RequestType;
 import org.zaproxy.zap.extension.api.ApiElement;
 import org.zaproxy.zap.extension.api.ApiImplementor;
 import org.zaproxy.zap.extension.api.ApiParameter;
@@ -50,7 +48,7 @@ void setUp() {
     }
 
     @Test
-    void shouldHavePrefix() throws Exception {
+    void shouldHavePrefix() {
         // Given / When
         String prefix = api.getPrefix();
         // Then
@@ -61,17 +59,14 @@ void shouldHavePrefix() throws Exception {
     void shouldHaveDescriptionsForAllApiElements() {
         List<String> missingKeys = new ArrayList<>();
         checkKey(api.getDescriptionKey(), missingKeys);
-        checkApiElements(api, api.getApiActions(), API.RequestType.action, missingKeys);
-        checkApiElements(api, api.getApiOthers(), API.RequestType.other, missingKeys);
-        checkApiElements(api, api.getApiViews(), API.RequestType.view, missingKeys);
+        checkApiElements(api, api.getApiActions(), missingKeys);
+        checkApiElements(api, api.getApiOthers(), missingKeys);
+        checkApiElements(api, api.getApiViews(), missingKeys);
         assertThat(missingKeys, is(empty()));
     }
 
     private static void checkApiElements(
-            ApiImplementor api,
-            List<? extends ApiElement> elements,
-            RequestType type,
-            List<String> missingKeys) {
+            ApiImplementor api, List<? extends ApiElement> elements, List<String> missingKeys) {
         elements.sort((a, b) -> a.getName().compareTo(b.getName()));
         for (ApiElement element : elements) {
             assertThat(