Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(rest): API to get vulnerability tracking status #2014

Merged
merged 2 commits into from
Oct 4, 2023
Merged

feat(rest): API to get vulnerability tracking status #2014

merged 2 commits into from
Oct 4, 2023

Conversation

keerthi-bl
Copy link
Contributor

Please provide a summary of your changes here.

  • Did you add or update any new dependencies that are required for your change?
    No

Suggest Reviewer

You can suggest reviewers here with an @mention.

How To Test?

How should these changes be tested by the reviewer?

End Point : http://localhost:8080/resource/api/vulnerabilities/trackingstatus/8b3aa2f81a764fb482d6391516d153db

Sample Response :

{
"_embedded": {
"sw360:releaseClearingStatusDatas": [
{
"release": {
"type": "release",
"name": "Component2",
"version": "1.0",
"componentId": "cb38c33187934c85a3c024414ff2dd2a",
"releaseDate": "",
"externalIds": {},
"additionalData": {},
"attachments": [
{
"filename": "projects-2023-03-02.xlsx",
"sha1": "349851d0913535925073ca0d34077bd5bd06c002",
"attachmentType": "SOURCE",
"createdBy": "admin@sw360.org",
"createdTeam": "DEPARTMENT",
"createdComment": "",
"createdOn": "2023-06-15",
"checkedComment": "",
"checkStatus": "NOTCHECKED"
}
],
"createdOn": "2023-01-25",
"mainlineState": "OPEN",
"clearingState": "NEW_CLEARING",
"externalToolProcesses": [],
"createdBy": "admin@sw360.org",
"contributors": [],
"subscribers": [],
"roles": {},
"mainLicenseIds": [],
"otherLicenseIds": [],
"vendor": {
"type": "vendor",
"url": "http://localhost:8999",
"shortName": "DV",
"fullName": "Demo Vendor"
},
"languages": [],
"operatingSystems": [
"Linux"
],
"softwarePlatforms": [],
"sourceCodeDownloadurl": "",
"binaryDownloadurl": "",
"externalToolProcessesIterator": [],
"cpeId": "",
"eccInformation": {
"eccStatus": "IN_PROGRESS"
}
},
"componentType": "SERVICE",
"projectNames": "Demo Project (11)",
"mainlineStates": "Open",
"accessible": true,
"setMainlineStates": true,
"setProjectNames": true,
"setComponentType": true,
"setRelease": true,
"setAccessible": true
}
]
},
"_links": {
"curies": [
{
"href": "http://localhost:8080/resource/docs/{rel}.html",
"name": "sw360",
"templated": true
}
]
}
}

Checklist

Must:

  • All related issues are referenced in commit messages and in PR

@ag4ums ag4ums added needs code review needs general test This is general testing, meaning that there is no org specific issue to check for New-UI Level for the API and UI level changes for the new-ui REST WIP work in progress labels Jun 26, 2023
@smrutis1 smrutis1 self-requested a review June 30, 2023 07:42
@keerthi-bl keerthi-bl force-pushed the fix/vulnerabilitytrackstatus branch 3 times, most recently from e003dc0 to 33e3406 Compare July 6, 2023 13:09
@keerthi-bl
Copy link
Contributor Author

As per the discussion, the response structure has been changed as follows and committed the changes.

Sample response :
[
{
"releaseid": "e397e509eb2344e28d11898fea168bb0",
"name": "Component2",
"projectorigin": "Demo Project (11)",
"svmtrackingstatus": null,
"shortstatus": null,
"type": "SERVICE"
}
]

@keerthi-bl keerthi-bl force-pushed the fix/vulnerabilitytrackstatus branch from 21ccf67 to 7853c47 Compare July 7, 2023 08:02
@ag4ums ag4ums requested a review from KoukiHama July 10, 2023 07:40
@ag4ums ag4ums removed the WIP work in progress label Jul 10, 2023
@KoukiHama KoukiHama requested review from tienlee and hoangnt2 and removed request for smrutis1 July 31, 2023 11:40
@keerthi-bl
feat(rest): API to get vulnerability tracking status
16dae1a 
Signed-off-by: Keerthi B L <keerthi.bl@siemens.com>

feat(rest): API to get vulnerability tracking status

Signed-off-by: Keerthi B L <keerthi.bl@siemens.com>
@keerthi-bl keerthi-bl force-pushed the fix/vulnerabilitytrackstatus branch 2 times, most recently from 96e0f64 to 546e622 Compare August 23, 2023 08:49
@keerthi-bl
Copy link
Contributor Author

Review comments addressed.

@keerthi-bl
Copy link
Contributor Author

Review comment addressed.

@hoangnt2
Copy link
Contributor

hoangnt2 commented Sep 7, 2023
edited
Loading

@keerthi-bl, the response body doesn't seem to be in JSON type
image

You can try to rewrite the controller like below

    @GetMapping(value = VULNERABILITIES_URL + "/trackingStatus" + "/{projectId}")
    public ResponseEntity<List<Map<String, String>>> getVulnerabilitiesTrackingStatus(@PathVariable("projectId") String projectId) throws TException {
        List<Map<String, String>> result = new ArrayList<>();
        try {
            User user = restControllerHelper.getSw360UserFromAuthentication();
            List<ReleaseClearingStatusData> releaseClearingStatusList = vulnerabilityService
                    .getReleasesClearingStatusWithAccessibility(user, projectId);
            releaseClearingStatusList.forEach(rel -> {
                if (rel.getRelease() != null) {
                    Map<String, String> vulnerabilityTrackingStatus = new TreeMap<>();
                    vulnerabilityTrackingStatus.put("releaseId", rel.getRelease().getId());
                    vulnerabilityTrackingStatus.put("name", rel.getRelease().getName());
                    vulnerabilityTrackingStatus.put("projectOrigin",  rel.getProjectNames());
                    vulnerabilityTrackingStatus.put("svmTrackingStatus",
                            null != rel.getRelease().getExternalIds() && !rel.getRelease().getExternalIds().isEmpty()
                                    ? rel.getRelease().getExternalIds().get("svmComponentId")
                                    : "");
                    vulnerabilityTrackingStatus.put("shortStatus",  null != rel.getRelease().getAdditionalData()
                            && !rel.getRelease().getAdditionalData().isEmpty()
                            ? rel.getRelease().getAdditionalData().get("svmShortStatus")
                            : "");
                    vulnerabilityTrackingStatus.put("type",   rel.getComponentType().toString());

                    result.add(vulnerabilityTrackingStatus);
                }
            });
            return ResponseEntity.ok(result);
        } catch (SW360Exception e) {
            throw new TException(e.why);
        } catch(Exception ex) {
            throw new TException(ex.getMessage());
        }
    }

@keerthi-bl
Copy link
Contributor Author

Review comments addressed.

@keerthi-bl
feat(rest): API to get vulnerability tracking status
7014159 
Signed-off-by: Keerthi B L <keerthi.bl@siemens.com>
@keerthi-bl
Copy link
Contributor Author

Review comments addressed.

hoangnt2
hoangnt2 approved these changes Sep 13, 2023
View reviewed changes
Copy link
Contributor

@hoangnt2 hoangnt2 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changes look good

@ag4ums ag4ums added ready ready to merge and removed needs general test This is general testing, meaning that there is no org specific issue to check for labels Sep 25, 2023
@ag4ums ag4ums merged commit 4a7e171 into eclipse-sw360:main Oct 4, 2023
2 checks passed
@keerthi-bl keerthi-bl mentioned this pull request Oct 5, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hoangnt2 hoangnt2 hoangnt2 approved these changes

@KoukiHama KoukiHama Awaiting requested review from KoukiHama

@tienlee tienlee Awaiting requested review from tienlee

Assignees

@tienlee tienlee

@KoukiHama KoukiHama

Labels
New-UI Level for the API and UI level changes for the new-ui ready ready to merge REST
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@keerthi-bl @hoangnt2 @ag4ums @tienlee @KoukiHama