use of com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcernSeverity in project hub-alert by blackducksoftware.
the class IssueVulnerabilityDetailsConverter method createIssueVulnerabilityCollectionSectionPieces.
private List<String> createIssueVulnerabilityCollectionSectionPieces(String operationParticiple, Collection<IssueVulnerabilityModel> vulnerabilities) {
List<String> vulnDetailsSectionPieces = new LinkedList<>();
vulnDetailsSectionPieces.add(formatter.getLineSeparator());
vulnDetailsSectionPieces.add(formatter.encode(operationParticiple));
String encodedSeverityPrefix = formatter.encode(LABEL_SEVERITY);
ComponentConcernSeverity currentSeverity = ComponentConcernSeverity.UNSPECIFIED_UNKNOWN;
for (IssueVulnerabilityModel vulnerability : vulnerabilities) {
ComponentConcernSeverity vulnerabilitySeverity = vulnerability.getSeverity();
if (!currentSeverity.equals(vulnerabilitySeverity)) {
currentSeverity = vulnerabilitySeverity;
vulnDetailsSectionPieces.add(formatter.getLineSeparator());
vulnDetailsSectionPieces.add(encodedSeverityPrefix);
vulnDetailsSectionPieces.add(formatter.encode(currentSeverity.getVulnerabilityLabel()));
vulnDetailsSectionPieces.add(formatter.getLineSeparator());
}
LinkableItem vulnerabilityItem = vulnerability.getVulnerability();
Optional<String> optionalUrl = vulnerabilityItem.getUrl().map(formatter::encode);
String encodedValue = formatter.encode(vulnerabilityItem.getValue());
String vulnerabilityDetail;
if (optionalUrl.isPresent()) {
vulnerabilityDetail = formatter.createLink(encodedValue, optionalUrl.get());
} else {
vulnerabilityDetail = encodedValue;
}
vulnerabilityDetail = String.format("[%s%s%s]", formatter.getNonBreakingSpace(), vulnerabilityDetail, formatter.getNonBreakingSpace());
vulnDetailsSectionPieces.add(vulnerabilityDetail);
vulnDetailsSectionPieces.add(formatter.getNonBreakingSpace());
}
return vulnDetailsSectionPieces;
}
use of com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcernSeverity in project hub-alert by blackducksoftware.
the class VulnerabilityNotificationMessageExtractor method createVulnerabilityConcern.
private ComponentConcern createVulnerabilityConcern(VulnerabilitySourceQualifiedId vulnerability, ItemOperation itemOperation) {
VulnerabilitySeverityType vulnerabilitySeverity = EnumUtils.getEnum(VulnerabilitySeverityType.class, vulnerability.getSeverity());
ComponentConcernSeverity componentConcernSeverity;
if (null == vulnerabilitySeverity) {
componentConcernSeverity = ComponentConcernSeverity.UNSPECIFIED_UNKNOWN;
} else {
componentConcernSeverity = SEVERITY_TYPE_MAP.getOrDefault(vulnerabilitySeverity, ComponentConcernSeverity.UNSPECIFIED_UNKNOWN);
}
return ComponentConcern.vulnerability(itemOperation, vulnerability.getVulnerabilityId(), componentConcernSeverity, vulnerability.getVulnerability());
}
use of com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcernSeverity in project hub-alert by blackducksoftware.
the class BlackDuckPolicyComponentConcernCreator method fromPolicyInfo.
public ComponentConcern fromPolicyInfo(PolicyInfo policyInfo, ItemOperation itemOperation) {
String policyName = policyInfo.getPolicyName();
String policyUrl = policyInfo.getPolicy();
String policySeverity = policyInfo.getSeverity();
if (StringUtils.isNotBlank(policySeverity)) {
ComponentConcernSeverity componentConcernSeverity = policySeverityConverter.toComponentConcernSeverity(policySeverity);
return ComponentConcern.severePolicy(itemOperation, policyName, componentConcernSeverity, policyUrl);
}
return ComponentConcern.policy(itemOperation, policyName, policyUrl);
}
use of com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcernSeverity in project hub-alert by blackducksoftware.
the class BlackDuckComponentPolicyDetailsCreator method toComponentPolicy.
public ComponentPolicy toComponentPolicy(ComponentPolicyRulesView componentPolicyRulesView) {
ComponentConcernSeverity componentConcernSeverity = policySeverityConverter.toComponentConcernSeverity(componentPolicyRulesView.getSeverity().name());
boolean overridden = ProjectVersionComponentPolicyStatusType.IN_VIOLATION_OVERRIDDEN.equals(componentPolicyRulesView.getPolicyApprovalStatus());
boolean vulnerabilityPolicy = isVulnerabilityPolicy(componentPolicyRulesView);
Optional<PolicyRuleView> policyRuleView = retrievePolicyRuleView(componentPolicyRulesView.getHref());
String category = policyRuleView.map(PolicyRuleView::getCategory).map(PolicyRuleCategoryType::name).orElse(null);
return new ComponentPolicy(componentPolicyRulesView.getName(), componentConcernSeverity, overridden, vulnerabilityPolicy, componentPolicyRulesView.getDescription(), category);
}
use of com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcernSeverity in project hub-alert by blackducksoftware.
the class ComponentConcernConverter method createVulnerabilityConcernsForOperation.
private List<String> createVulnerabilityConcernsForOperation(String verb, List<ComponentConcern> vulnerabilityConcerns) {
if (vulnerabilityConcerns.isEmpty()) {
return List.of();
}
List<String> vulnerabilitiesForOperationSectionPieces = new LinkedList<>();
vulnerabilitiesForOperationSectionPieces.add(String.format(TRIPLE_STRING_REPLACEMENT, formattedVulnerabilitiesString, verb, formattedColonSpace));
ComponentConcernSeverity severity = ComponentConcernSeverity.BLOCKER;
for (ComponentConcern vulnerabilityConcern : vulnerabilityConcerns) {
ComponentConcernSeverity concernSeverity = vulnerabilityConcern.getSeverity();
if (!severity.equals(concernSeverity)) {
severity = concernSeverity;
vulnerabilitiesForOperationSectionPieces.add(formatter.getLineSeparator());
vulnerabilitiesForOperationSectionPieces.add(String.format("%s%s%s%s%s", formatter.getNonBreakingSpace(), formattedDash, formatter.getNonBreakingSpace(), formatter.encode(concernSeverity.getVulnerabilityLabel()), formattedColonSpace));
}
String vulnerabilityConcernString = createVulnerabilityConcernString(vulnerabilityConcern);
vulnerabilitiesForOperationSectionPieces.add(vulnerabilityConcernString);
vulnerabilitiesForOperationSectionPieces.add(formatter.getNonBreakingSpace());
}
vulnerabilitiesForOperationSectionPieces.add(formatter.getLineSeparator());
return vulnerabilitiesForOperationSectionPieces;
}
Aggregations