Examples with IssueVulnerabilityModel com.synopsys.integration.alert.api.channel.issue.model.IssueVulnerabilityModel used on opensource projects

Search in sources :

Example 1 with IssueVulnerabilityModel

use of com.synopsys.integration.alert.api.channel.issue.model.IssueVulnerabilityModel in project hub-alert by blackducksoftware.

the class ProjectIssueModelConverterTest method toIssueCommentModelWithEmptyVulnerabilitySeverityTest.

@Test
public void toIssueCommentModelWithEmptyVulnerabilitySeverityTest() {
    IssueVulnerabilityModel vuln1 = createIssueVulnerability(ComponentConcernSeverity.MAJOR_HIGH, "CVE-13579", "https://a-url");
    IssueVulnerabilityDetails vulnerabilityDetails = new IssueVulnerabilityDetails(false, List.of(), List.of(vuln1), List.of());
    ComponentVulnerabilities componentVulnerabilities = new ComponentVulnerabilities(List.of(), List.of(), List.of(), List.of());
    AbstractBomComponentDetails vulnerableBomComponentDetails = createBomComponentDetailsWithComponentVulnerabilities(componentVulnerabilities);
    IssueBomComponentDetails issueBomComponentDetails = IssueBomComponentDetails.fromBomComponentDetails(vulnerableBomComponentDetails);
    ProjectIssueModel projectIssueModel = ProjectIssueModel.vulnerability(PROVIDER_DETAILS, PROJECT_ITEM, PROJECT_VERSION_ITEM, issueBomComponentDetails, vulnerabilityDetails);
    MockIssueTrackerMessageFormatter formatter = MockIssueTrackerMessageFormatter.withIntegerMaxValueLength();
    ProjectIssueModelConverter converter = new ProjectIssueModelConverter(formatter);
    IssueCommentModel<String> issueCommentModel = converter.toIssueCommentModel(EXISTING_ISSUE_DETAILS, projectIssueModel);
    assertEquals(1, issueCommentModel.getComments().size());
    String comments = issueCommentModel.getComments().get(0);
    assertTrue(comments.contains("None"), "Expected missing vulnerability severity to return Severity Status: None");
}
Also used : IssueVulnerabilityDetails(com.synopsys.integration.alert.api.channel.issue.model.IssueVulnerabilityDetails) IssueBomComponentDetails(com.synopsys.integration.alert.api.channel.issue.model.IssueBomComponentDetails) AbstractBomComponentDetails(com.synopsys.integration.alert.processor.api.extract.model.project.AbstractBomComponentDetails) IssueVulnerabilityModel(com.synopsys.integration.alert.api.channel.issue.model.IssueVulnerabilityModel) ProjectIssueModel(com.synopsys.integration.alert.api.channel.issue.model.ProjectIssueModel) ComponentVulnerabilities(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentVulnerabilities) MockIssueTrackerMessageFormatter(com.synopsys.integration.alert.api.channel.issue.convert.mock.MockIssueTrackerMessageFormatter) Test(org.junit.jupiter.api.Test)

Example 2 with IssueVulnerabilityModel

use of com.synopsys.integration.alert.api.channel.issue.model.IssueVulnerabilityModel in project hub-alert by blackducksoftware.

the class ProjectIssueModelConverterTest method toIssueCreationModelVulnerabilityTest.

@Test
public void toIssueCreationModelVulnerabilityTest() {
    IssueVulnerabilityModel vuln1 = createIssueVulnerability(ComponentConcernSeverity.MAJOR_HIGH, "CVE-13579", "https://a-url");
    IssueVulnerabilityModel vuln2 = createIssueVulnerability(ComponentConcernSeverity.MAJOR_HIGH, "CVE-24680", "https://a-url");
    IssueVulnerabilityModel vuln3 = createIssueVulnerability(ComponentConcernSeverity.MAJOR_HIGH, "CVE-235711", "https://a-url");
    IssueVulnerabilityModel vuln4 = createIssueVulnerability(ComponentConcernSeverity.MAJOR_HIGH, "CVE-112358", "https://a-url");
    IssueVulnerabilityDetails vulnerabilityDetails = new IssueVulnerabilityDetails(false, List.of(), List.of(vuln1), List.of(vuln2, vuln3, vuln4));
    ProjectIssueModel projectIssueModel = ProjectIssueModel.vulnerability(PROVIDER_DETAILS, PROJECT_ITEM, PROJECT_VERSION_ITEM, ISSUE_BOM_COMPONENT_DETAILS, vulnerabilityDetails);
    IssueCreationModel issueCreationModel = basicIssueCreationModelTest(projectIssueModel);
    assertTrue(issueCreationModel.getTitle().contains(vuln1.getVulnerability().getLabel()), "Expected vulnerability label to be present in the title");
}
Also used : IssueCreationModel(com.synopsys.integration.alert.api.channel.issue.model.IssueCreationModel) IssueVulnerabilityDetails(com.synopsys.integration.alert.api.channel.issue.model.IssueVulnerabilityDetails) IssueVulnerabilityModel(com.synopsys.integration.alert.api.channel.issue.model.IssueVulnerabilityModel) ProjectIssueModel(com.synopsys.integration.alert.api.channel.issue.model.ProjectIssueModel) Test(org.junit.jupiter.api.Test)

Example 3 with IssueVulnerabilityModel

use of com.synopsys.integration.alert.api.channel.issue.model.IssueVulnerabilityModel in project hub-alert by blackducksoftware.

the class ProjectIssueModelConverterTest method toIssueCreationModelWithVulnerabilitySeverityTest.

@Test
public void toIssueCreationModelWithVulnerabilitySeverityTest() {
    MockIssueTrackerMessageFormatter formatter = MockIssueTrackerMessageFormatter.withIntegerMaxValueLength();
    ProjectIssueModelConverter converter = new ProjectIssueModelConverter(formatter);
    IssueVulnerabilityModel vuln = createIssueVulnerability(ComponentConcernSeverity.MAJOR_HIGH, "CVE-13579", "https://a-url");
    IssueVulnerabilityDetails vulnerabilityDetails = new IssueVulnerabilityDetails(false, List.of(), List.of(vuln), List.of());
    ComponentVulnerabilities componentVulnerabilities = new ComponentVulnerabilities(List.of(new LinkableItem("VulnerabilityCritical", "CVE-004")), List.of(new LinkableItem("VulnerabilityHigh", "CVE-005")), List.of(new LinkableItem("VulnerabilityMedium", "CVE-006")), List.of(new LinkableItem("VulnerabilityLow", "CVE-007")));
    AbstractBomComponentDetails vulnerableBomComponentDetails = createBomComponentDetailsWithComponentVulnerabilities(componentVulnerabilities);
    IssueBomComponentDetails issueBomComponentDetails = IssueBomComponentDetails.fromBomComponentDetails(vulnerableBomComponentDetails);
    ProjectIssueModel projectIssueModel = ProjectIssueModel.vulnerability(PROVIDER_DETAILS, PROJECT_ITEM, PROJECT_VERSION_ITEM, issueBomComponentDetails, vulnerabilityDetails);
    IssueCreationModel issueCreationModel = converter.toIssueCreationModel(projectIssueModel, "jobName");
    assertTrue(issueCreationModel.getDescription().contains(ComponentConcernSeverity.CRITICAL.getVulnerabilityLabel()), "Expected highest vulnerability severity in the description to be CRITICAL");
}
Also used : LinkableItem(com.synopsys.integration.alert.common.message.model.LinkableItem) IssueCreationModel(com.synopsys.integration.alert.api.channel.issue.model.IssueCreationModel) IssueVulnerabilityDetails(com.synopsys.integration.alert.api.channel.issue.model.IssueVulnerabilityDetails) IssueBomComponentDetails(com.synopsys.integration.alert.api.channel.issue.model.IssueBomComponentDetails) AbstractBomComponentDetails(com.synopsys.integration.alert.processor.api.extract.model.project.AbstractBomComponentDetails) IssueVulnerabilityModel(com.synopsys.integration.alert.api.channel.issue.model.IssueVulnerabilityModel) ProjectIssueModel(com.synopsys.integration.alert.api.channel.issue.model.ProjectIssueModel) MockIssueTrackerMessageFormatter(com.synopsys.integration.alert.api.channel.issue.convert.mock.MockIssueTrackerMessageFormatter) ComponentVulnerabilities(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentVulnerabilities) Test(org.junit.jupiter.api.Test)

Example 4 with IssueVulnerabilityModel

use of com.synopsys.integration.alert.api.channel.issue.model.IssueVulnerabilityModel in project hub-alert by blackducksoftware.

the class ProjectIssueModelConverterTest method toIssueCommentModelWithVulnerabilitySeverityTest.

@Test
public void toIssueCommentModelWithVulnerabilitySeverityTest() {
    IssueVulnerabilityModel vuln1 = createIssueVulnerability(ComponentConcernSeverity.MAJOR_HIGH, "CVE-13579", "https://a-url");
    IssueVulnerabilityDetails vulnerabilityDetails = new IssueVulnerabilityDetails(false, List.of(), List.of(vuln1), List.of());
    ComponentVulnerabilities componentVulnerabilities = new ComponentVulnerabilities(List.of(new LinkableItem("VulnerabilityCritical", "CVE-004")), List.of(new LinkableItem("VulnerabilityHigh", "CVE-005")), List.of(new LinkableItem("VulnerabilityMedium", "CVE-006")), List.of(new LinkableItem("VulnerabilityLow", "CVE-007")));
    AbstractBomComponentDetails vulnerableBomComponentDetails = createBomComponentDetailsWithComponentVulnerabilities(componentVulnerabilities);
    IssueBomComponentDetails issueBomComponentDetails = IssueBomComponentDetails.fromBomComponentDetails(vulnerableBomComponentDetails);
    ProjectIssueModel projectIssueModel = ProjectIssueModel.vulnerability(PROVIDER_DETAILS, PROJECT_ITEM, PROJECT_VERSION_ITEM, issueBomComponentDetails, vulnerabilityDetails);
    MockIssueTrackerMessageFormatter formatter = MockIssueTrackerMessageFormatter.withIntegerMaxValueLength();
    ProjectIssueModelConverter converter = new ProjectIssueModelConverter(formatter);
    IssueCommentModel<String> issueCommentModel = converter.toIssueCommentModel(EXISTING_ISSUE_DETAILS, projectIssueModel);
    assertEquals(1, issueCommentModel.getComments().size());
    String comments = issueCommentModel.getComments().get(0);
    assertTrue(comments.contains(ComponentConcernSeverity.CRITICAL.getVulnerabilityLabel()), "Expected highest vulnerability severity in the comment to be CRITICAL");
}
Also used : LinkableItem(com.synopsys.integration.alert.common.message.model.LinkableItem) IssueVulnerabilityDetails(com.synopsys.integration.alert.api.channel.issue.model.IssueVulnerabilityDetails) IssueBomComponentDetails(com.synopsys.integration.alert.api.channel.issue.model.IssueBomComponentDetails) AbstractBomComponentDetails(com.synopsys.integration.alert.processor.api.extract.model.project.AbstractBomComponentDetails) IssueVulnerabilityModel(com.synopsys.integration.alert.api.channel.issue.model.IssueVulnerabilityModel) ProjectIssueModel(com.synopsys.integration.alert.api.channel.issue.model.ProjectIssueModel) ComponentVulnerabilities(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentVulnerabilities) MockIssueTrackerMessageFormatter(com.synopsys.integration.alert.api.channel.issue.convert.mock.MockIssueTrackerMessageFormatter) Test(org.junit.jupiter.api.Test)

Example 5 with IssueVulnerabilityModel

use of com.synopsys.integration.alert.api.channel.issue.model.IssueVulnerabilityModel in project hub-alert by blackducksoftware.

the class IssueVulnerabilityDetailsConverter method createIssueVulnerabilityCollectionSectionPieces.

private List<String> createIssueVulnerabilityCollectionSectionPieces(String operationParticiple, Collection<IssueVulnerabilityModel> vulnerabilities) {
    List<String> vulnDetailsSectionPieces = new LinkedList<>();
    vulnDetailsSectionPieces.add(formatter.getLineSeparator());
    vulnDetailsSectionPieces.add(formatter.encode(operationParticiple));
    String encodedSeverityPrefix = formatter.encode(LABEL_SEVERITY);
    ComponentConcernSeverity currentSeverity = ComponentConcernSeverity.UNSPECIFIED_UNKNOWN;
    for (IssueVulnerabilityModel vulnerability : vulnerabilities) {
        ComponentConcernSeverity vulnerabilitySeverity = vulnerability.getSeverity();
        if (!currentSeverity.equals(vulnerabilitySeverity)) {
            currentSeverity = vulnerabilitySeverity;
            vulnDetailsSectionPieces.add(formatter.getLineSeparator());
            vulnDetailsSectionPieces.add(encodedSeverityPrefix);
            vulnDetailsSectionPieces.add(formatter.encode(currentSeverity.getVulnerabilityLabel()));
            vulnDetailsSectionPieces.add(formatter.getLineSeparator());
        }
        LinkableItem vulnerabilityItem = vulnerability.getVulnerability();
        Optional<String> optionalUrl = vulnerabilityItem.getUrl().map(formatter::encode);
        String encodedValue = formatter.encode(vulnerabilityItem.getValue());
        String vulnerabilityDetail;
        if (optionalUrl.isPresent()) {
            vulnerabilityDetail = formatter.createLink(encodedValue, optionalUrl.get());
        } else {
            vulnerabilityDetail = encodedValue;
        }
        vulnerabilityDetail = String.format("[%s%s%s]", formatter.getNonBreakingSpace(), vulnerabilityDetail, formatter.getNonBreakingSpace());
        vulnDetailsSectionPieces.add(vulnerabilityDetail);
        vulnDetailsSectionPieces.add(formatter.getNonBreakingSpace());
    }
    return vulnDetailsSectionPieces;
}
Also used : ComponentConcernSeverity(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcernSeverity) LinkableItem(com.synopsys.integration.alert.common.message.model.LinkableItem) IssueVulnerabilityModel(com.synopsys.integration.alert.api.channel.issue.model.IssueVulnerabilityModel) LinkedList(java.util.LinkedList)

Aggregations

IssueVulnerabilityModel (com.synopsys.integration.alert.api.channel.issue.model.IssueVulnerabilityModel)6 IssueVulnerabilityDetails (com.synopsys.integration.alert.api.channel.issue.model.IssueVulnerabilityDetails)5 ProjectIssueModel (com.synopsys.integration.alert.api.channel.issue.model.ProjectIssueModel)4 ComponentVulnerabilities (com.synopsys.integration.alert.processor.api.extract.model.project.ComponentVulnerabilities)4 Test (org.junit.jupiter.api.Test)4 MockIssueTrackerMessageFormatter (com.synopsys.integration.alert.api.channel.issue.convert.mock.MockIssueTrackerMessageFormatter)3 IssueBomComponentDetails (com.synopsys.integration.alert.api.channel.issue.model.IssueBomComponentDetails)3 LinkableItem (com.synopsys.integration.alert.common.message.model.LinkableItem)3 AbstractBomComponentDetails (com.synopsys.integration.alert.processor.api.extract.model.project.AbstractBomComponentDetails)3 IssueCreationModel (com.synopsys.integration.alert.api.channel.issue.model.IssueCreationModel)2 LinkedList (java.util.LinkedList)2 ItemOperation (com.synopsys.integration.alert.common.enumeration.ItemOperation)1 ComponentConcern (com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcern)1 ComponentConcernSeverity (com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcernSeverity)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial