Class: HackerOne::Client::Api

Inherits:

Object

• Object
• HackerOne::Client::Api

Defined in:

lib/hackerone/client.rb

Instance Method Summary

• #add_report_reference(id, reference) ⇒ Object

  Idempotent: Add a report reference to a project.

• #initialize(program = nil) ⇒ Api constructor

  A new instance of Api.

• #program ⇒ Object
• #report(id) ⇒ Object

  Public: retrieve a report.

• #reporters ⇒ Object
• #reports(since: 3.days.ago) ⇒ Object

  Returns all open reports, optionally with a time bound.

• #state_change(id, state, message = nil) ⇒ Object

  Idempotent: change the state of a report.

• #triage(id, reference) ⇒ Object

  Idempotent: add the issue reference and put the report into the “triage” state.

Constructor Details

#initialize(program = nil) ⇒ Api

Returns a new instance of Api.

# File 'lib/hackerone/client.rb', line 54

def initialize(program = nil)
  @program = program
end

Instance Method Details

#add_report_reference(id, reference) ⇒ Object

Idempotent: Add a report reference to a project

id: the ID of the report state: value for the reference (e.g. issue number or relative path to cross-repo issue)

returns an HackerOne::Client::Report object or raises an error if no report is found.

# File 'lib/hackerone/client.rb', line 121

def add_report_reference(id, reference)
  body = {
    data: {
      type: "issue-tracker-reference-id",
      attributes: {
        reference: reference
      }
    }
  }

  Report.new(post("reports/#{id}/issue_tracker_reference_id", body))
end

#program ⇒ Object

# File 'lib/hackerone/client.rb', line 58

def program
  @program || HackerOne::Client.program
end

#report(id) ⇒ Object

Public: retrieve a report

id: the ID of a specific report

returns an HackerOne::Client::Report object or raises an error if no report is found.

# File 'lib/hackerone/client.rb', line 170

def report(id)
  Report.new(get("reports/#{id}"))
end

#reporters ⇒ Object

Raises:

• (ArgumentError)

# File 'lib/hackerone/client.rb', line 62

def reporters
  raise ArgumentError, "Program cannot be nil" unless program
  response = self.class.hackerone_api_connection.get do |req|
    req.url "programs/#{Program.find(program).id}/reporters"
  end

  data = self.class.parse_response(response)
  if data.nil?
    raise RuntimeError, "Expected data attribute in response: #{response.body}"
  end

  data.map do |reporter|
    Reporter.new(reporter)
  end
end

#reports(since: 3.days.ago) ⇒ Object

Returns all open reports, optionally with a time bound

program: the HackerOne program to search on (configure globally with Hackerone::Client.program=) since (optional): a time bound, don’t include reports earlier than since. Must be a DateTime object.

returns all open reports or an empty array

Raises:

• (ArgumentError)

# File 'lib/hackerone/client.rb', line 84

def reports(since: 3.days.ago)
  raise ArgumentError, "Program cannot be nil" unless program
  response = self.class.hackerone_api_connection.get do |req|
    options = {
      "filter[state][]" => "new",
      "filter[program][]" => program,
      "filter[created_at__gt]" => since.iso8601
    }
    req.url "reports", options
  end

  data = self.class.parse_response(response)

  data.map do |report|
    Report.new(report)
  end
end

#state_change(id, state, message = nil) ⇒ Object

Idempotent: change the state of a report. See STATES for valid values.

id: the ID of the report state: the state in which the report is to be put in

returns an HackerOne::Client::Report object or raises an error if no report is found.

Raises:

• (ArgumentError)

# File 'lib/hackerone/client.rb', line 141

def state_change(id, state, message = nil)
  raise ArgumentError, "state (#{state}) must be one of #{STATES}" unless STATES.include?(state)

  body = {
    data: {
      type: "state-change",
      attributes: {
        state: state
      }
    }
  }

  if message
    body[:data][:attributes][:message] = message
  elsif STATES_REQUIRING_STATE_CHANGE_MESSAGE.include?(state)
    fail ArgumentError, "State #{state} requires a message. No message was supplied."
  else
    # message is in theory optional, but a value appears to be required.
    body[:data][:attributes][:message] = ""
  end
  post("reports/#{id}/state_changes", body)
end

#triage(id, reference) ⇒ Object

Idempotent: add the issue reference and put the report into the “triage” state.

id: the ID of the report state: value for the reference (e.g. issue number or relative path to cross-repo issue)

returns an HackerOne::Client::Report object or raises an error if no report is found.

# File 'lib/hackerone/client.rb', line 109

def triage(id, reference)
  add_report_reference(id, reference)
  state_change(id, :triaged)
end