Merge pull request #14 from Corgea/COR-767

COR-767: Enable & Disable Scanning in IDE

Author: Ibrahimrahhal

src/providers/vulnerabilitiesWebviewProvider.ts

@@ -8,6 +8,7 @@ import ViewsManager, { Views } from "../utils/ViewsManager";
 import Vulnerability from "../types/vulnerability";
 import SCAVulnerability from "../types/scaVulnerability";
 import scanningService, { ScanState } from "../services/scanningService";
+import ConfigService from "../services/configService";
 
 export default class VulnerabilitiesWebviewProvider implements vscode.WebviewViewProvider {
   public static readonly viewType = "vulnerabilitiesWebview";
@@ -22,6 +23,7 @@ export default class VulnerabilitiesWebviewProvider implements vscode.WebviewVie
   private _autoRefreshEnabled = false;
   private _autoRefreshInterval?: NodeJS.Timeout;
   private _isInScanningMode = false;
+  private _ideScanningEnabled = true;
 
   constructor(private readonly _extensionUri: vscode.Uri) {
     VulnerabilitiesWebviewProvider._instance = this;
@@ -251,7 +253,7 @@ export default class VulnerabilitiesWebviewProvider implements vscode.WebviewVie
         return;
       }
 
-      // Fetch vulnerabilities
+      // Fetch company configs and vulnerabilities in parallel
       const [response, scaResponse] = await Promise.all([
         APIManager.getProjectVulnerabilities(potentialNames).catch((error: any) => ({
           status: error.status,
@@ -260,7 +262,15 @@ export default class VulnerabilitiesWebviewProvider implements vscode.WebviewVie
         APIManager.getProjectSCAVulnerabilities(potentialNames).catch((error: any) => ({
           status: error.status,
           data: { status: "no_project_found", issues: [] },
-        }))
+        })),
+        // Fetch and store configs on refresh
+        ConfigService.fetchAndStoreConfigs().then(() => 
+          ConfigService.isIdeScanningEnabled()
+        ).then(enabled => {
+          this._ideScanningEnabled = enabled;
+        }).catch(() => {
+          // If config fetch fails, keep current state
+        })
       ]);
 
       // Check project status
@@ -336,6 +346,7 @@ export default class VulnerabilitiesWebviewProvider implements vscode.WebviewVie
       scanState: this._scanState,
       isInScanningMode: this._isInScanningMode,
       autoRefreshEnabled: this._autoRefreshEnabled,
+      ideScanningEnabled: this._ideScanningEnabled,
     });
   }
 
@@ -377,7 +388,8 @@ export default class VulnerabilitiesWebviewProvider implements vscode.WebviewVie
       hasSCAVulnerabilities: ${data.hasSCAVulnerabilities},
       scanState: ${JSON.stringify(data.scanState)},
       isInScanningMode: ${data.isInScanningMode},
-      autoRefreshEnabled: ${data.autoRefreshEnabled}
+      autoRefreshEnabled: ${data.autoRefreshEnabled},
+      ideScanningEnabled: ${data.ideScanningEnabled}
     };
   </script>
 </body>

src/services/authService.ts

@@ -7,13 +7,15 @@ import APIManager from "../utils/apiManager";
 import EventsManager from "../utils/eventsManager";
 import { OnCommand } from "../utils/commandsManager";
 import { withErrorHandling } from "../utils/ErrorHandlingManager";
+import ConfigService from "./configService";
 
 export default class AuthService {
   @OnCommand("corgea.logout")
   public static logout(): void {
     StorageManager.setValue(StorageKeys.isLoggedIn, false);
     StorageManager.setValue(StorageKeys.corgeaUrl, undefined);
     StorageManager.setSecretValue(StorageSecretKeys.corgeaApiKey, "");
+    ConfigService.clearStoredConfigs(); // Clear configs on logout
     EventsManager.emit("internal.logout");
     vscode.window.showInformationMessage(
       "You have been logged out successfully.",
@@ -64,6 +66,7 @@ export default class AuthService {
         if (isValid) {
           StorageManager.setValue(StorageKeys.isLoggedIn, true);
           StorageManager.setSecretValue(StorageSecretKeys.corgeaApiKey, apiKey);
+          await ConfigService.fetchAndStoreConfigs();
           EventsManager.emit("internal.login");
           vscode.window.showInformationMessage(
             "API Key verified successfully. View the Corgea extension to start fixing.",

src/services/configService.ts

@@ -0,0 +1,61 @@
+import APIManager from "../utils/apiManager";
+import StorageManager, { StorageKeys } from "../utils/storageManager";
+import { withErrorHandling } from "../utils/ErrorHandlingManager";
+
+export interface CompanyConfigs {
+  ide: {
+    ide_scanning_enabled: boolean;
+  };
+}
+
+export default class ConfigService {
+  private static defaultConfigs: CompanyConfigs = {
+    ide: {
+      ide_scanning_enabled: true, 
+    },
+  };
+
+  @withErrorHandling()
+  public static async fetchAndStoreConfigs(): Promise<CompanyConfigs> {
+    try {
+      const response = await APIManager.getCompanyConfigs();
+      if (response.status === "ok" && response.configs) {
+        await StorageManager.setValue(StorageKeys.companyConfigs, response.configs);
+        return response.configs;
+      } else {
+        return await this.getStoredConfigs();
+      }
+    } catch (error) {
+      console.warn("Failed to fetch company configs, using stored or default configs:", error);
+      return await this.getStoredConfigs();
+    }
+  }
+
+
+  public static async getStoredConfigs(): Promise<CompanyConfigs> {
+    try {
+      const storedConfigs = await StorageManager.getValue<CompanyConfigs>(StorageKeys.companyConfigs);
+      return storedConfigs || this.defaultConfigs;
+    } catch (error) {
+      console.warn("Failed to get stored configs, using defaults:", error);
+      return this.defaultConfigs;
+    }
+  }
+
+
+  public static async isIdeScanningEnabled(): Promise<boolean> {
+    const configs = await this.getStoredConfigs();
+    return configs.ide.ide_scanning_enabled;
+  }
+
+
+  public static async clearStoredConfigs(): Promise<void> {
+    try {
+      await StorageManager.setValue(StorageKeys.companyConfigs, undefined);
+    } catch (error) {
+      console.warn("Failed to clear stored configs:", error);
+    }
+  }
+
+  public static activate() {}
+}

src/services/index.ts

@@ -2,10 +2,12 @@ import AuthService from "./authService";
 import VulnerabilityService from "./vulnerabilityService";
 import VulnerabilityHighlightingService from "./vulnerabilityHighlightingService";
 import scanningService from "./scanningService";
+import ConfigService from "./configService";
 
 export default [
   AuthService,
   VulnerabilityService,
   VulnerabilityHighlightingService,
   scanningService,
+  ConfigService,
 ];

src/services/scanningService.ts

@@ -12,6 +12,7 @@ import StorageManager, {
 import ErrorHandlingManager, { withErrorHandling } from "../utils/ErrorHandlingManager";
 import EventsManager from "../utils/eventsManager";
 import WorkspaceManager from "../utils/workspaceManager";
+import ConfigService from "./configService";
 const kill = require('tree-kill');
 
 export interface ScanProgress {
@@ -54,7 +55,17 @@ export default class scanningService {
   };
 
   @OnCommand("corgea.scan-uncommitted")
+  @withErrorHandling()
   public static async scanUncommittedFiles() {
+    // Check if IDE scanning is enabled
+    const isIdeScanningEnabled = await ConfigService.isIdeScanningEnabled();
+    if (!isIdeScanningEnabled) {
+      vscode.window.showInformationMessage(
+        "IDE scanning is disabled for your organization. Please contact your administrator to enable this feature."
+      );
+      return;
+    }
+    
     await scanningService.scanProject(false);
   }
 
@@ -66,6 +77,15 @@ export default class scanningService {
   @OnCommand("corgea.scan-full")
   @withErrorHandling()
   public static async scanProject(isFullScan: boolean = true) {
+    // Check if IDE scanning is enabled
+    const isIdeScanningEnabled = await ConfigService.isIdeScanningEnabled();
+    if (!isIdeScanningEnabled) {
+      vscode.window.showInformationMessage(
+        "IDE scanning is disabled for your organization. Please contact your administrator to enable this feature."
+      );
+      return;
+    }
+    
     // Reset scan state
     scanningService._scanCancelledByUser = false;
     scanningService._scanState = {

src/utils/apiManager.ts

@@ -563,4 +563,27 @@ export default class APIManager {
       throw error;
     }
   }
+
+  public static async getCompanyConfigs(): Promise<{
+    status: string;
+    configs: {
+      ide: {
+        ide_scanning_enabled: boolean;
+      };
+    };
+  }> {
+    const corgeaUrl = await APIManager.getBaseUrl();
+    try {
+      const client = await this.getBaseClient();
+      const url = `${corgeaUrl}/api/${this.apiVersion}/configs`;
+      const response = await client.get(url);
+      this.checkForWarnings(response.headers, response.status);
+      return response.data;
+    } catch (error) {
+      console.error(error);
+      throw error;
+    } finally {
+      APIManager.hideLoadingStatus();
+    }
+  }
 }

src/utils/storageManager.ts

@@ -5,6 +5,7 @@ export enum StorageKeys {
   corgeaUrl = "corgeaUrl",
   highlightingEnabled = "highlightingEnabled",
   debugModeEnabled = "debugModeEnabled",
+  companyConfigs = "companyConfigs",
 }
 
 export enum StorageSecretKeys {

src/views/components/TabNavigation/TabNavigation.tsx

@@ -10,6 +10,11 @@ const TabNavigation: React.FC = () => {
   const [showRightIndicator, setShowRightIndicator] = useState(false);
 
   const handleTabClick = (tab: 'code' | 'sca' | 'scanning') => {
+    // Don't allow switching to scanning tab if it's disabled
+    if (tab === 'scanning' && !state.ideScanningEnabled) {
+      return;
+    }
+    
     dispatch({ type: 'SET_ACTIVE_TAB', payload: tab });
 
     // Scroll to active tab if it's not fully visible
@@ -88,28 +93,30 @@ const TabNavigation: React.FC = () => {
 
     event.preventDefault();
 
-    const tabs = ['code', 'sca', 'scanning'] as const;
-    const currentIndex = tabs.indexOf(state.activeTab);
+    // Filter available tabs based on IDE scanning config
+    const allTabs = ['code', 'sca', 'scanning'] as const;
+    const availableTabs = state.ideScanningEnabled ? allTabs : (['code', 'sca'] as const);
+    const currentIndex = availableTabs.indexOf(state.activeTab as any);
 
     let newIndex = currentIndex;
 
     switch (event.key) {
       case 'ArrowLeft':
-        newIndex = currentIndex > 0 ? currentIndex - 1 : tabs.length - 1;
+        newIndex = currentIndex > 0 ? currentIndex - 1 : availableTabs.length - 1;
         break;
       case 'ArrowRight':
-        newIndex = currentIndex < tabs.length - 1 ? currentIndex + 1 : 0;
+        newIndex = currentIndex < availableTabs.length - 1 ? currentIndex + 1 : 0;
         break;
       case 'Home':
         newIndex = 0;
         break;
       case 'End':
-        newIndex = tabs.length - 1;
+        newIndex = availableTabs.length - 1;
         break;
     }
 
     if (newIndex !== currentIndex) {
-      handleTabClick(tabs[newIndex]);
+      handleTabClick(availableTabs[newIndex]);
     }
   };
 
@@ -145,6 +152,14 @@ const TabNavigation: React.FC = () => {
     setTimeout(() => updateScrollIndicators(), 100);
   }, [state.vulnerabilities.length, state.scaVulnerabilities.length, state.scanState.isScanning]);
 
+  // Handle tab switching when IDE scanning is disabled
+  useEffect(() => {
+    if (!state.ideScanningEnabled && state.activeTab === 'scanning') {
+      // Switch to code tab if scanning tab is disabled and currently active
+      dispatch({ type: 'SET_ACTIVE_TAB', payload: 'code' });
+    }
+  }, [state.ideScanningEnabled, state.activeTab, dispatch]);
+
   return (
     <div className="tab-navigation-container">
       <div className="nav-tabs-wrapper">
@@ -206,23 +221,25 @@ const TabNavigation: React.FC = () => {
                 )}
               </button>
             </li>
-            <li className="nav-item" role="presentation">
-              <button
-                className={`nav-link ${state.activeTab === 'scanning' ? 'active' : ''}`}
-                onClick={() => handleTabClick('scanning')}
-                type="button"
-                role="tab"
-                aria-selected={state.activeTab === 'scanning'}
-              >
-                <i className="fas fa-search"></i>
-                &nbsp;Scanning
-                {state.scanState.isScanning && (
-                  <span className="count-badge scanning-indicator">
-                    <i className="fas fa-spinner fa-spin"></i>
-                  </span>
-                )}
-              </button>
-            </li>
+            {state.ideScanningEnabled && (
+              <li className="nav-item" role="presentation">
+                <button
+                  className={`nav-link ${state.activeTab === 'scanning' ? 'active' : ''}`}
+                  onClick={() => handleTabClick('scanning')}
+                  type="button"
+                  role="tab"
+                  aria-selected={state.activeTab === 'scanning'}
+                >
+                  <i className="fas fa-search"></i>
+                  &nbsp;Scanning
+                  {state.scanState.isScanning && (
+                    <span className="count-badge scanning-indicator">
+                      <i className="fas fa-spinner fa-spin"></i>
+                    </span>
+                  )}
+                </button>
+              </li>
+            )}
           </ul>
         </div>
       </div>

src/views/context/VulnerabilitiesContext.tsx

@@ -74,6 +74,7 @@ export interface VulnerabilitiesState {
   isInScanningMode: boolean;
   autoRefreshEnabled: boolean;
   activeTab: 'code' | 'sca' | 'scanning';
+  ideScanningEnabled: boolean;
 }
 
 type VulnerabilitiesAction =
@@ -86,8 +87,9 @@ type VulnerabilitiesAction =
   | { type: 'SET_SCANNING_MODE'; payload: boolean }
   | { type: 'SET_AUTO_REFRESH'; payload: boolean }
   | { type: 'SET_ACTIVE_TAB'; payload: 'code' | 'sca' | 'scanning' }
-  | { type: 'UPDATE_VULNERABILITY_LISTS'; payload: { 
-      vulnerabilities: Vulnerability[]; 
+  | { type: 'SET_IDE_SCANNING_ENABLED'; payload: boolean }
+  | { type: 'UPDATE_VULNERABILITY_LISTS'; payload: {
+      vulnerabilities: Vulnerability[];
       scaVulnerabilities: SCAVulnerability[];
       fileGroups: FileGroup[];
       packageGroups: PackageGroup[];
@@ -118,7 +120,8 @@ const initialState: VulnerabilitiesState = {
   },
   isInScanningMode: false,
   autoRefreshEnabled: false,
-  activeTab: 'code'
+  activeTab: 'code',
+  ideScanningEnabled: true
 };
 
 function vulnerabilitiesReducer(state: VulnerabilitiesState, action: VulnerabilitiesAction): VulnerabilitiesState {
@@ -151,6 +154,8 @@ function vulnerabilitiesReducer(state: VulnerabilitiesState, action: Vulnerabili
       return { ...state, autoRefreshEnabled: action.payload };
     case 'SET_ACTIVE_TAB':
       return { ...state, activeTab: action.payload };
+    case 'SET_IDE_SCANNING_ENABLED':
+      return { ...state, ideScanningEnabled: action.payload };
     case 'UPDATE_VULNERABILITY_LISTS':
       return {
         ...state,
@@ -263,6 +268,7 @@ export function VulnerabilitiesProvider({ children }: { children: ReactNode }) {
       dispatch({ type: 'SET_SCAN_STATE', payload: data.scanState || initialState.scanState });
       dispatch({ type: 'SET_SCANNING_MODE', payload: data.isInScanningMode });
       dispatch({ type: 'SET_AUTO_REFRESH', payload: data.autoRefreshEnabled });
+      dispatch({ type: 'SET_IDE_SCANNING_ENABLED', payload: data.ideScanningEnabled });
     }
 
     const handleMessage = (event: MessageEvent) => {