Class: HackerOne::Client::Api

Inherits:

Object

• Object
• HackerOne::Client::Api

Defined in:

lib/hackerone/client.rb

Instance Method Summary

• #create_report(title:, summary:, impact:, severity_rating:, source:) ⇒ Object

  Public: create a new report.

• #initialize(program = nil) ⇒ Api constructor

  A new instance of Api.

• #program ⇒ Object
• #report(id) ⇒ Object

  Public: retrieve a report.

• #reporters ⇒ Object
• #reports(since: 3.days.ago, before: nil, state: :new) ⇒ Object

  Returns all reports in a given state, optionally with a time bound.

Constructor Details

#initialize(program = nil) ⇒ Api

Returns a new instance of Api.

# File 'lib/hackerone/client.rb', line 63

def initialize(program = nil)
  @program = program
end

Instance Method Details

#create_report(title:, summary:, impact:, severity_rating:, source:) ⇒ Object

Public: create a new report

title: The title of the report summary: Summary of the report impact: Impact of the report severity_rating: severity of report, must be one of api.hackerone.com/reference/#severity-ratings source: where the report came from, i.e. API, Bugcrowd, etc.

returns an HackerOne::Client::Report object or raises an error if error during creation

Raises:

• (ArgumentError)

# File 'lib/hackerone/client.rb', line 131

def create_report(title:, summary:, impact:, severity_rating:, source:)
  raise ArgumentError, "Program cannot be nil" unless program

  data = {
    "data": {
      "type": "report",
      "attributes": {
        "team_handle": program,
        "title": title,
        "vulnerability_information": summary,
        "impact": impact,
        "severity_rating": severity_rating,
        "source": source
      }
    }
  }
  Report.new(post("reports", data))
end

#program ⇒ Object

# File 'lib/hackerone/client.rb', line 67

def program
  @program || HackerOne::Client.program
end

#report(id) ⇒ Object

Public: retrieve a report

id: the ID of a specific report

returns an HackerOne::Client::Report object or raises an error if no report is found.

# File 'lib/hackerone/client.rb', line 156

def report(id)
  Report.new(get("reports/#{id}"))
end

#reporters ⇒ Object

Raises:

• (ArgumentError)

# File 'lib/hackerone/client.rb', line 71

def reporters
  raise ArgumentError, "Program cannot be nil" unless program
  response = self.class.hackerone_api_connection.get do |req|
    req.url "programs/#{Program.find(program).id}/reporters"
  end

  data = self.class.parse_response(response)
  if data.nil?
    raise RuntimeError, "Expected data attribute in response: #{response.body}"
  end

  data.map do |reporter|
    Reporter.new(reporter)
  end
end

#reports(since: 3.days.ago, before: nil, state: :new) ⇒ Object

Returns all reports in a given state, optionally with a time bound

program: the HackerOne program to search on (configure globally with Hackerone::Client.program=) since (optional): a time bound, don’t include reports earlier than since. Must be a DateTime object. before (optional): a time bound, don’t include reports later than before. Must be a DateTime object. state (optional): state that a report is in, by default new

returns all open reports or an empty array

Raises:

• (ArgumentError)

# File 'lib/hackerone/client.rb', line 95

def reports(since: 3.days.ago, before: nil, state: :new)
  raise ArgumentError, "Program cannot be nil" unless program
  raise ArgumentError, "State is invalid" unless REPORT_STATES.include?(state.to_s)

  response = self.class.hackerone_api_connection.get do |req|
    options = {
      "filter[state][]" => state,
      "filter[program][]" => program
    }
    unless since.nil?
      options["filter[created_at__gt]"] = since.iso8601
    end
    unless before.nil?
      options["filter[created_at__lt]"] = before.iso8601
    end

    req.url "reports", options
  end

  data = self.class.parse_response(response)

  data.map do |report|
    Report.new(report)
  end
end