Class: HackerOne::Client::Api

Inherits:

Object

• Object
• HackerOne::Client::Api

Defined in:

lib/hackerone/client.rb

Instance Method Summary

• #add_report_reference(id, reference) ⇒ Object

  Idempotent: Add a report reference to a project.

• #initialize(program = nil) ⇒ Api constructor

  A new instance of Api.

• #program ⇒ Object
• #report(id) ⇒ Object

  Public: retrieve a report.

• #reports(since: 3.days.ago) ⇒ Object

  Returns all open reports, optionally with a time bound.

• #state_change(id, state) ⇒ Object

  Idempotent: change the state of a report.

• #triage(id, reference) ⇒ Object

  Idempotent: add the issue reference and put the report into the “triage” state.

Constructor Details

#initialize(program = nil) ⇒ Api

Returns a new instance of Api.

# File 'lib/hackerone/client.rb', line 40

def initialize(program = nil)
  @program = program
end

Instance Method Details

#add_report_reference(id, reference) ⇒ Object

Idempotent: Add a report reference to a project

id: the ID of the report state: value for the reference (e.g. issue number or relative path to cross-repo issue)

returns an HackerOne::Client::Report object or raises an error if no report is found.

# File 'lib/hackerone/client.rb', line 94

def add_report_reference(id, reference)
  body = {
    data: {
      type: "issue-tracker-reference-id",
      attributes: {
        reference: reference
      }
    }
  }

  post("reports/#{id}/issue_tracker_reference_id", body)
end

#program ⇒ Object

# File 'lib/hackerone/client.rb', line 44

def program
  @program || HackerOne::Client.program
end

#report(id) ⇒ Object

Public: retrieve a report

id: the ID of a specific report

returns an HackerOne::Client::Report object or raises an error if no report is found.

# File 'lib/hackerone/client.rb', line 135

def report(id)
  get("reports/#{id}")
end

#reports(since: 3.days.ago) ⇒ Object

Returns all open reports, optionally with a time bound

program: the HackerOne program to search on (configure globally with Hackerone::Client.program=) since (optional): a time bound, don’t include reports earlier than since. Must be a DateTime object.

returns all open reports or an empty array

Raises:

• (ArgumentError)

# File 'lib/hackerone/client.rb', line 54

def reports(since: 3.days.ago)
  raise ArgumentError, "Program cannot be nil" unless program
  response = self.class.hackerone_api_connection.get do |req|
    options = {
      "filter[state][]" => "new",
      "filter[program][]" => program,
      "filter[created_at__gt]" => since.iso8601
    }
    req.url "reports", options
  end

  data = JSON.parse(response.body, :symbolize_names => true)[:data]
  if data.nil?
    raise RuntimeError, "Expected data attribute in response: #{response.body}"
  end

  data.map do |report|
    Report.new(report)
  end
end

#state_change(id, state) ⇒ Object

Idempotent: change the state of a report. See STATES for valid values.

id: the ID of the report state: the state in which the report is to be put in

returns an HackerOne::Client::Report object or raises an error if no report is found.

Raises:

• (ArgumentError)

# File 'lib/hackerone/client.rb', line 114

def state_change(id, state)
  raise ArgumentError, "state (#{state}) must be one of #{STATES}" unless STATES.include?(state)

  body = {
    data: {
      type: "state-change",
      attributes: {
        message: "This is has been triaged internally.",
        state: state
      }
    }
  }
  post("reports/#{id}/state_changes", body)
end

#triage(id, reference) ⇒ Object

Idempotent: add the issue reference and put the report into the “triage” state.

id: the ID of the report state: value for the reference (e.g. issue number or relative path to cross-repo issue)

returns an HackerOne::Client::Report object or raises an error if no report is found.

# File 'lib/hackerone/client.rb', line 82

def triage(id, reference)
  add_report_reference(id, reference)
  state_change(id, :triaged)
end