Skip to main content

Scans Triggered from IntelliJ

Developers who work in an integrated development environment (IDE) such as CxSAST IntelliJplugin, as part of a much larger development project managed in source control, sometimes prefer to scan their code before uploading it to their source control repository.

The CxSAST IntelliJ plugin allows the developer to scan the code within the project. When scanning code from the CxSAST IntelliJ plugin, the scanned code is always the local code, which resides in the IntelliJ project, regardless of the CxSAST project's Location type (Local/Shared/Source Control). This implies that projects can now contain scans of different location types, and the location type can be viewed as a scan property.

Usually, scan results of local code have no relevance to the entire team, and we would like to limit their visibility only to the scan owner. Furthermore, results of "interim scans." namely, scans carried out. At the same time, the code is still being processed during the work day, which is likely to adversely affect the count of daily issues because issues "detected" through these scans may well be resolved later on before the code is uploaded to the source control repository at the end of the day.

If the user chooses not to make the scan results visible to other users - in other words, to make the scan private - the scan will only be visible to the following entities:

  • The scan's owner (the user)

  • Users with CxAdmin privileges

  • Users whose location in the hierarchy is higher than that of the user

The CxSAST IntelliJ plugin provides the user with two ways to achieve this behavior:

  1. Define the scan as private from within a public project.

  2. Define the project as private, namely, making all of the project's scans inaccessible to other users.

Notice

The operations described in this page must be carried out by a user with the appropriate credentials in CxSAST server. To ensure you have such credentials, see Setting Up the IntelliJ Plugin.

Defining Scans as Private

The process of defining scans as private takes place within IntelliJ.

To define a scan as private in a new public project:

Note

For new projects, the Override the project settings checkbox is disabled.

  1. Right-click a locally stored project.

  2. Select CxViewer > Scan.

  3. Right-click to display the dialog box Create or Select a Project.

    1342439976.png

    As no project with the same name exists in the Server, a new project is created for this scan, and you are allowed to select a preset and a team.

    By default, the check box Project is private is selected. If this setting remains unchanged, all scans within the projects are private.

  4. To define the scan as a private scan within a public project, clear the check box Project is private.

  5. Leave the default setting Scan is private.

To define a scan as private in an existing project:

  1. Go to CxViewer > Scan.

  2. Right-click to display the dialog box Create or Select a Project.

    1342439980.png
  3. The scan is added to an existing project in the Server. If the project is private, the scan will be private (non-modifiable). If the project is public, the only modifiable property is the default definition of the scan as private, which can be changed by clearing the check box Scan is private.

To override preset in an existing project:

  1. Go to CxViewer > Scan.

  2. Right-click to display the dialog box Create or Select a Project. Select an existing project from the dropdown.

    1342439980.png
  3. Check the Override the project settings checkbox to be able to change the preset of the existing project.

  4. The scan is added to an existing project in the Server. If the project is private, the scan will be private (non-modifiable). If the project is public, the only modifiable property is the default definition of the scan as private, which can be changed by clearing the check box Scan is private.

Defining Projects as Private

Create a project as explained above.

To define a project as private:

Making a project private means that all the project's scan results are only visible to the following entities:

  • The scan's owner (the user)

  • Users with Server Manager privileges

  • Users whose location in the hierarchy is higher than that of the user.

    These users can only read or delete private projects defined in lower hierarchy levels, and they cannot edit or modify these projects.