add policy criteria for expo and sast

xray/services/utils/policybody.go

@@ -56,8 +56,10 @@ type PolicyRule struct {
 
 type PolicyCriteria struct {
 	// Security
-	MinSeverity Severity         `json:"min_severity,omitempty"`
-	CvssRange   *PolicyCvssRange `json:"cvss_range,omitempty"`
+	MinSeverity Severity                `json:"min_severity,omitempty"`
+	CvssRange   *PolicyCvssRange        `json:"cvss_range,omitempty"`
+	Exposures   *PolicyExposureCriteria `json:"exposures,omitempty"`
+	Sast        *PolicySastCriteria     `json:"sast,omitempty"`
 
 	// License
 	AllowedLicenses        []string `json:"allowed_licenses,omitempty"`
@@ -66,6 +68,19 @@ type PolicyCriteria struct {
 	MultiLicensePermissive *bool    `json:"multi_license_permissive,omitempty"`
 }
 
+type PolicyExposureCriteria struct {
+	MinSeverity   Severity `json:"min_severity,omitempty"`
+	Secrets       *bool    `json:"secrets,omitempty"`
+	Applications  *bool    `json:"applications,omitempty"`
+	Services      *bool    `json:"services,omitempty"`
+	IaC           *bool    `json:"iac,omitempty"`
+	MaliciousCode *bool    `json:"malicious_code,omitempty"`
+}
+
+type PolicySastCriteria struct {
+	MinSeverity Severity `json:"min_severity,omitempty"`
+}
+
 type PolicyCvssRange struct {
 	From float64 `json:"from,omitempty"`
 	To   float64 `json:"to,omitempty"`
@@ -93,6 +108,23 @@ func CreateSeverityPolicyCriteria(minSeverity Severity) *PolicyCriteria {
 	}
 }
 
+func CreateExposuresPolicyCriteria(minSeverity Severity, secrets, applications, services, iac, maliciousCode bool) *PolicyExposureCriteria {
+	criteria := &PolicyExposureCriteria{MinSeverity: minSeverity}
+	if secrets {
+		criteria.Secrets = &secrets
+	}
+	if applications {
+		criteria.Applications = &applications
+	}
+	if services {
+		criteria.Services = &services
+	}
+	if iac {
+		criteria.IaC = &iac
+	}
+	return criteria
+}
+
 // Create security policy criteria with range.
 // from - CVSS range from 0.0 to 10.0
 // to - CVSS range from 0.0 to 10.0