Project Problems

Get All Project Problems

This endpoint retrieves a list of Library Problem resources that are applicable to a particular Project.

GET /api/v2/projects/{project_id}/problems/

URL Parameters

Parameter Description
project_id The id of the Project to retrieve Problems for

Query Parameters

The following parameters may be used to filter the Library Problem resources in the response.

Parameter Description
risk_rating Given a risk rating 0-10, returns all Problems with specified rating
absolute_urls Whether to use absolute or relative urls (default is False)
to_html Whether to convert markdown to html (default is False)
search Filter Problems by performing a textual search on title, description, and Task titles.
risk_relevant_tasks_count Limits the tasks counted for task_count to those relevant for the project's risk policy if True and non-relevant for False. Requires task_count in included fields.

GET /api/v2/projects/1936/problems/ HTTP/1.1
Accept: application/json
Authorization: Token "YOUR SDE ACCESS TOKEN"
HTTP/1.1 200 OK
Content-Type: application/json

{
    "results": [{
        "id": "1936-P257",
        "problem_id": "P257",
        "title": "Privacy Violation",
        "text": "This is some example description.",
        "risk_rating": 5,
        "created": "2010-10-20T13:46:08-04:00",
        "updated": "2019-08-28T16:55:57.214000-04:00",
        "manually_added_from_library": false
    }]
}

Include Parameters

See the Include Parameters section for more details.

Parameter Description
category Includes the category that applies to each Problem
cwe Includes the list of CWEs that apply to each Problem
tasks_count Includes the number of Tasks related to each Problem that are accepted into the particular Project. This is the same count of Tasks that would be returned by the Project Problem Tasks endpoint.
GET /api/v2/projects/1936/problems/?include=category,cwe,tasks_count HTTP/1.1
Accept: application/json
Authorization: Token "YOUR SDE ACCESS TOKEN"
HTTP/1.1 200 OK
Content-Type: application/json

{
    "results": [{
        "id": "1936-P257",
        "problem_id": "P257",
        "title": "Privacy Violation",
        "text": "This is some example description.",
        "risk_rating": 5,
        "created": "2010-10-20T13:46:08-04:00",
        "updated": "2019-08-28T16:55:57.214000-04:00",
        "manually_added_from_library": false,
        "category": "XML and Web Services",
        "cwe": [{
            "url": "http://cwe.mitre.org/data/definitions/359",
            "title": "Exposure of Private Information ('Privacy Violation')",
            "id": 359
        }],
        "tasks_count": 1
    }]
}

Filter Parameters

Problems can be filtered by their various properties, or by properties of their related Tasks. If a related Task filter is passed, we return only Problems that have at least one related Task that matches the filter condition. If no filters are passed, we default to returning all applicable Problems of the particular Project.

Parameter Expected values Description Custom Field Lookup support
risk_rating 1-10 Filter by Problem risk rating Yes
task_priority 1-10 Filter by related Task priority Yes
task_status status item id (TS1) Filter by related Task status Yes
task_assigned_to email Filter by related Task assigned user's email/username Yes

Get a Specific Project Problem

This endpoint retrieves a single Library Problem resource of a particular Project, as specified by the problem_id parameter.

GET /api/v2/projects/{project_id}/problems/{problem_id}/

All the parameters for the 'Get All Project Problems ' endpoint apply here as well.

URL Parameters

Parameter Description
project_id The id of the Project the Problem is associated with
problem_id The id of the Problem to retrieve
GET /api/v2/projects/1936/problems/1936-P3/ HTTP/1.1
Accept: application/json
Authorization: Token "YOUR SDE ACCESS TOKEN"
HTTP/1.1 200 OK
Content-Type: application/json

{
    "id": "1936-P3",
    "problem_id": "P3",
    "title": "Example Library Problem",
    "text": "This is some example description.",
    "risk_rating": 5,
    "created": "2010-10-20T13:46:08-04:00",
    "updated": "2019-08-28T16:55:57.214000-04:00",
    "manually_added_from_library": false
}

Create a new Problem from an existing Library Problem

Add a Library Problem to a project. Only Library Problems that aren't applicable to a Project can be added.

POST /api/v2/projects/{project_id}/problems/

URL Parameters

Parameter Description
project_id The id of the Project the new Problem belongs to

Payload

Fields Required Description
problem_id Yes The id of the Library Problem to add to the Project.

POST /api/v2/projects/1/problems/ HTTP/1.1
Accept: application/json
Authorization: Token "YOUR SDE ACCESS TOKEN"

{
    "problem_id": "P123"
}
HTTP/1.1 201 CREATED
Content-Type: application/json

{
  "id": "2-P123",
  "problem_id": "P123",
  "title": "Sensitive information uncleared before release",
  "text": "If the memory and storage devices of a system or application are not cleared when an operation is finished, its data can become accessible to unauthorized people. In one of the possible scenarios, this may happen when memory is reallocated, or when a resource is released and is no longer in service.",
  "created": "2010-10-20T13:46:09-04:00",
  "updated": "2019-08-28T16:55:58.362000-04:00",
  "risk_rating": 3,
  "manually_added_from_library": true
}

Delete a Problem

Delete a single Problem resource, as specified by the Project and Problem id parameters.

Only manually added Library Problems may be deleted.

DELETE /api/v2/projects/{project_id}/problems/{id}/

URL Parameters

Parameter Description
project_id The id of the Project this Problem belongs to
id The id of the Problem to delete
DELETE /api/v2/projects/2/problems/2-P123/ HTTP/1.1
Accept: application/json
Authorization: Token "YOUR SDE ACCESS TOKEN"
HTTP/1.1 204 NO CONTENT

results matching ""

    No results matching ""