Search in sources :

Example 1 with ComponentConcernSeverity

use of com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcernSeverity in project hub-alert by blackducksoftware.

the class IssueVulnerabilityDetailsConverter method createIssueVulnerabilityCollectionSectionPieces.

private List<String> createIssueVulnerabilityCollectionSectionPieces(String operationParticiple, Collection<IssueVulnerabilityModel> vulnerabilities) {
    List<String> vulnDetailsSectionPieces = new LinkedList<>();
    vulnDetailsSectionPieces.add(formatter.getLineSeparator());
    vulnDetailsSectionPieces.add(formatter.encode(operationParticiple));
    String encodedSeverityPrefix = formatter.encode(LABEL_SEVERITY);
    ComponentConcernSeverity currentSeverity = ComponentConcernSeverity.UNSPECIFIED_UNKNOWN;
    for (IssueVulnerabilityModel vulnerability : vulnerabilities) {
        ComponentConcernSeverity vulnerabilitySeverity = vulnerability.getSeverity();
        if (!currentSeverity.equals(vulnerabilitySeverity)) {
            currentSeverity = vulnerabilitySeverity;
            vulnDetailsSectionPieces.add(formatter.getLineSeparator());
            vulnDetailsSectionPieces.add(encodedSeverityPrefix);
            vulnDetailsSectionPieces.add(formatter.encode(currentSeverity.getVulnerabilityLabel()));
            vulnDetailsSectionPieces.add(formatter.getLineSeparator());
        }
        LinkableItem vulnerabilityItem = vulnerability.getVulnerability();
        Optional<String> optionalUrl = vulnerabilityItem.getUrl().map(formatter::encode);
        String encodedValue = formatter.encode(vulnerabilityItem.getValue());
        String vulnerabilityDetail;
        if (optionalUrl.isPresent()) {
            vulnerabilityDetail = formatter.createLink(encodedValue, optionalUrl.get());
        } else {
            vulnerabilityDetail = encodedValue;
        }
        vulnerabilityDetail = String.format("[%s%s%s]", formatter.getNonBreakingSpace(), vulnerabilityDetail, formatter.getNonBreakingSpace());
        vulnDetailsSectionPieces.add(vulnerabilityDetail);
        vulnDetailsSectionPieces.add(formatter.getNonBreakingSpace());
    }
    return vulnDetailsSectionPieces;
}
Also used : ComponentConcernSeverity(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcernSeverity) LinkableItem(com.synopsys.integration.alert.common.message.model.LinkableItem) IssueVulnerabilityModel(com.synopsys.integration.alert.api.channel.issue.model.IssueVulnerabilityModel) LinkedList(java.util.LinkedList)

Example 2 with ComponentConcernSeverity

use of com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcernSeverity in project hub-alert by blackducksoftware.

the class VulnerabilityNotificationMessageExtractor method createVulnerabilityConcern.

private ComponentConcern createVulnerabilityConcern(VulnerabilitySourceQualifiedId vulnerability, ItemOperation itemOperation) {
    VulnerabilitySeverityType vulnerabilitySeverity = EnumUtils.getEnum(VulnerabilitySeverityType.class, vulnerability.getSeverity());
    ComponentConcernSeverity componentConcernSeverity;
    if (null == vulnerabilitySeverity) {
        componentConcernSeverity = ComponentConcernSeverity.UNSPECIFIED_UNKNOWN;
    } else {
        componentConcernSeverity = SEVERITY_TYPE_MAP.getOrDefault(vulnerabilitySeverity, ComponentConcernSeverity.UNSPECIFIED_UNKNOWN);
    }
    return ComponentConcern.vulnerability(itemOperation, vulnerability.getVulnerabilityId(), componentConcernSeverity, vulnerability.getVulnerability());
}
Also used : ComponentConcernSeverity(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcernSeverity) VulnerabilitySeverityType(com.synopsys.integration.blackduck.api.generated.enumeration.VulnerabilitySeverityType)

Example 3 with ComponentConcernSeverity

use of com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcernSeverity in project hub-alert by blackducksoftware.

the class BlackDuckPolicyComponentConcernCreator method fromPolicyInfo.

public ComponentConcern fromPolicyInfo(PolicyInfo policyInfo, ItemOperation itemOperation) {
    String policyName = policyInfo.getPolicyName();
    String policyUrl = policyInfo.getPolicy();
    String policySeverity = policyInfo.getSeverity();
    if (StringUtils.isNotBlank(policySeverity)) {
        ComponentConcernSeverity componentConcernSeverity = policySeverityConverter.toComponentConcernSeverity(policySeverity);
        return ComponentConcern.severePolicy(itemOperation, policyName, componentConcernSeverity, policyUrl);
    }
    return ComponentConcern.policy(itemOperation, policyName, policyUrl);
}
Also used : ComponentConcernSeverity(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcernSeverity)

Example 4 with ComponentConcernSeverity

use of com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcernSeverity in project hub-alert by blackducksoftware.

the class BlackDuckComponentPolicyDetailsCreator method toComponentPolicy.

public ComponentPolicy toComponentPolicy(ComponentPolicyRulesView componentPolicyRulesView) {
    ComponentConcernSeverity componentConcernSeverity = policySeverityConverter.toComponentConcernSeverity(componentPolicyRulesView.getSeverity().name());
    boolean overridden = ProjectVersionComponentPolicyStatusType.IN_VIOLATION_OVERRIDDEN.equals(componentPolicyRulesView.getPolicyApprovalStatus());
    boolean vulnerabilityPolicy = isVulnerabilityPolicy(componentPolicyRulesView);
    Optional<PolicyRuleView> policyRuleView = retrievePolicyRuleView(componentPolicyRulesView.getHref());
    String category = policyRuleView.map(PolicyRuleView::getCategory).map(PolicyRuleCategoryType::name).orElse(null);
    return new ComponentPolicy(componentPolicyRulesView.getName(), componentConcernSeverity, overridden, vulnerabilityPolicy, componentPolicyRulesView.getDescription(), category);
}
Also used : ComponentConcernSeverity(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcernSeverity) ComponentPolicy(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentPolicy) PolicyRuleView(com.synopsys.integration.blackduck.api.generated.view.PolicyRuleView)

Example 5 with ComponentConcernSeverity

use of com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcernSeverity in project hub-alert by blackducksoftware.

the class ComponentConcernConverter method createVulnerabilityConcernsForOperation.

private List<String> createVulnerabilityConcernsForOperation(String verb, List<ComponentConcern> vulnerabilityConcerns) {
    if (vulnerabilityConcerns.isEmpty()) {
        return List.of();
    }
    List<String> vulnerabilitiesForOperationSectionPieces = new LinkedList<>();
    vulnerabilitiesForOperationSectionPieces.add(String.format(TRIPLE_STRING_REPLACEMENT, formattedVulnerabilitiesString, verb, formattedColonSpace));
    ComponentConcernSeverity severity = ComponentConcernSeverity.BLOCKER;
    for (ComponentConcern vulnerabilityConcern : vulnerabilityConcerns) {
        ComponentConcernSeverity concernSeverity = vulnerabilityConcern.getSeverity();
        if (!severity.equals(concernSeverity)) {
            severity = concernSeverity;
            vulnerabilitiesForOperationSectionPieces.add(formatter.getLineSeparator());
            vulnerabilitiesForOperationSectionPieces.add(String.format("%s%s%s%s%s", formatter.getNonBreakingSpace(), formattedDash, formatter.getNonBreakingSpace(), formatter.encode(concernSeverity.getVulnerabilityLabel()), formattedColonSpace));
        }
        String vulnerabilityConcernString = createVulnerabilityConcernString(vulnerabilityConcern);
        vulnerabilitiesForOperationSectionPieces.add(vulnerabilityConcernString);
        vulnerabilitiesForOperationSectionPieces.add(formatter.getNonBreakingSpace());
    }
    vulnerabilitiesForOperationSectionPieces.add(formatter.getLineSeparator());
    return vulnerabilitiesForOperationSectionPieces;
}
Also used : ComponentConcernSeverity(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcernSeverity) ComponentConcern(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcern) LinkedList(java.util.LinkedList)

Aggregations

ComponentConcernSeverity (com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcernSeverity)7 LinkedList (java.util.LinkedList)3 LinkableItem (com.synopsys.integration.alert.common.message.model.LinkableItem)2 BomComponentDetailConverter (com.synopsys.integration.alert.api.channel.convert.BomComponentDetailConverter)1 LinkableItemConverter (com.synopsys.integration.alert.api.channel.convert.LinkableItemConverter)1 IssueBomComponentDetails (com.synopsys.integration.alert.api.channel.issue.model.IssueBomComponentDetails)1 IssueCommentModel (com.synopsys.integration.alert.api.channel.issue.model.IssueCommentModel)1 IssueComponentUnknownVersionDetails (com.synopsys.integration.alert.api.channel.issue.model.IssueComponentUnknownVersionDetails)1 IssueCreationModel (com.synopsys.integration.alert.api.channel.issue.model.IssueCreationModel)1 IssuePolicyDetails (com.synopsys.integration.alert.api.channel.issue.model.IssuePolicyDetails)1 IssueTransitionModel (com.synopsys.integration.alert.api.channel.issue.model.IssueTransitionModel)1 IssueVulnerabilityDetails (com.synopsys.integration.alert.api.channel.issue.model.IssueVulnerabilityDetails)1 IssueVulnerabilityModel (com.synopsys.integration.alert.api.channel.issue.model.IssueVulnerabilityModel)1 ProjectIssueModel (com.synopsys.integration.alert.api.channel.issue.model.ProjectIssueModel)1 ExistingIssueDetails (com.synopsys.integration.alert.api.channel.issue.search.ExistingIssueDetails)1 IssueOperation (com.synopsys.integration.alert.common.channel.issuetracker.enumeration.IssueOperation)1 ChunkedStringBuilder (com.synopsys.integration.alert.common.channel.message.ChunkedStringBuilder)1 ChunkedStringBuilderRechunker (com.synopsys.integration.alert.common.channel.message.ChunkedStringBuilderRechunker)1 RechunkedModel (com.synopsys.integration.alert.common.channel.message.RechunkedModel)1 ItemOperation (com.synopsys.integration.alert.common.enumeration.ItemOperation)1