use of com.synopsys.integration.alert.provider.blackduck.processor.model.VulnerabilityUniqueProjectNotificationContent in project hub-alert by blackducksoftware.
the class VulnerabilityNotificationMessageExtractorTest method retrieveComponentVersionViewEmptyTest.
@Test
public void retrieveComponentVersionViewEmptyTest() throws IntegrationException {
BlackDuckServicesFactory blackDuckServicesFactory = Mockito.mock(BlackDuckServicesFactory.class);
BlackDuckApiClient blackDuckApiClient = Mockito.mock(BlackDuckApiClient.class);
Mockito.when(blackDuckServicesFactory.getBlackDuckApiClient()).thenReturn(blackDuckApiClient);
Mockito.doThrow(new IntegrationRestException(HttpMethod.GET, new HttpUrl("https://google.com"), HttpStatus.NOT_FOUND.value(), "httpStatusMessageTest", "httpResponseContentTest", "IntegrationRestExceptionForAlertTest")).when(blackDuckApiClient).getResponse(Mockito.any(), Mockito.eq(ProjectVersionComponentVersionView.class));
Mockito.doThrow(new IntegrationRestException(HttpMethod.GET, new HttpUrl("https://google.com"), HttpStatus.NOT_FOUND.value(), "httpStatusMessageTest", "httpResponseContentTest", "IntegrationRestExceptionForAlertTest")).when(blackDuckApiClient).getResponse(Mockito.any(), Mockito.eq(ComponentVersionView.class));
VulnerabilityUniqueProjectNotificationContent notificationContent = createVulnerabilityUniqueProjectNotificationContent();
List<BomComponentDetails> bomComponentDetailsList = extractor.createBomComponentDetails(notificationContent, blackDuckServicesFactory);
assertEquals(1, bomComponentDetailsList.size());
BomComponentDetails testBomComponentDetails = bomComponentDetailsList.get(0);
ComponentUpgradeGuidance componentUpgradeGuidance = testBomComponentDetails.getComponentUpgradeGuidance();
assertFalse(componentUpgradeGuidance.getLongTermUpgradeGuidance().isPresent());
assertFalse(componentUpgradeGuidance.getShortTermUpgradeGuidance().isPresent());
}
use of com.synopsys.integration.alert.provider.blackduck.processor.model.VulnerabilityUniqueProjectNotificationContent in project hub-alert by blackducksoftware.
the class VulnerabilityNotificationMessageExtractorTest method createBomComponentDetailsMissingBomComponentTest.
@Test
public void createBomComponentDetailsMissingBomComponentTest() throws IntegrationException {
BlackDuckServicesFactory blackDuckServicesFactory = Mockito.mock(BlackDuckServicesFactory.class);
BlackDuckApiClient blackDuckApiClient = Mockito.mock(BlackDuckApiClient.class);
Mockito.when(blackDuckServicesFactory.getBlackDuckApiClient()).thenReturn(blackDuckApiClient);
Mockito.doThrow(new IntegrationRestException(HttpMethod.GET, new HttpUrl("https://google.com"), HttpStatus.NOT_FOUND.value(), "httpStatusMessageTest", "httpResponseContentTest", "IntegrationRestExceptionForAlertTest")).when(blackDuckApiClient).getResponse(Mockito.any(), Mockito.eq(ProjectVersionComponentVersionView.class));
ComponentVersionView componentVersionView = createComponentVersionView();
Mockito.when(blackDuckApiClient.getResponse(Mockito.any(), Mockito.eq(ComponentVersionView.class))).thenReturn(componentVersionView);
ComponentVersionUpgradeGuidanceView componentVersionUpgradeGuidanceView = createComponentVersionUpgradeGuidanceView();
UrlSingleResponse<ComponentVersionUpgradeGuidanceView> urlSingleResponse = new UrlSingleResponse<>(new HttpUrl(UPGRADE_GUIDANCE_URL), ComponentVersionUpgradeGuidanceView.class);
Mockito.when(blackDuckApiClient.getResponse(Mockito.eq(urlSingleResponse))).thenReturn(componentVersionUpgradeGuidanceView);
VulnerabilityUniqueProjectNotificationContent notificationContent = createVulnerabilityUniqueProjectNotificationContent();
List<BomComponentDetails> bomComponentDetailsList = extractor.createBomComponentDetails(notificationContent, blackDuckServicesFactory);
assertEquals(1, bomComponentDetailsList.size());
BomComponentDetails testBomComponentDetails = bomComponentDetailsList.get(0);
assertEquals(COMPONENT, testBomComponentDetails.getComponent());
assertTrue(testBomComponentDetails.getComponentVersion().isPresent());
assertEquals(COMPONENT_VERSION.getValue(), testBomComponentDetails.getComponentVersion().get().getValue());
assertTrue(testBomComponentDetails.getRelevantPolicies().isEmpty());
assertEquals(BlackDuckMessageLabels.VALUE_UNKNOWN_LICENSE, testBomComponentDetails.getLicense().getValue());
assertEquals(BlackDuckMessageLabels.VALUE_UNKNOWN_USAGE, testBomComponentDetails.getUsage());
assertTrue(testBomComponentDetails.getAdditionalAttributes().isEmpty());
assertEquals(3, testBomComponentDetails.getComponentConcerns().size());
ComponentUpgradeGuidance componentUpgradeGuidance = testBomComponentDetails.getComponentUpgradeGuidance();
assertTrue(componentUpgradeGuidance.getLongTermUpgradeGuidance().isPresent());
assertTrue(componentUpgradeGuidance.getShortTermUpgradeGuidance().isPresent());
}
use of com.synopsys.integration.alert.provider.blackduck.processor.model.VulnerabilityUniqueProjectNotificationContent in project hub-alert by blackducksoftware.
the class VulnerabilityNotificationMessageExtractorTest method safelyRetrieveItemsEmptyTest.
@Test
public void safelyRetrieveItemsEmptyTest() throws IntegrationException {
BlackDuckServicesFactory blackDuckServicesFactory = Mockito.mock(BlackDuckServicesFactory.class);
BlackDuckApiClient blackDuckApiClient = Mockito.mock(BlackDuckApiClient.class);
Mockito.when(blackDuckServicesFactory.getBlackDuckApiClient()).thenReturn(blackDuckApiClient);
Mockito.doThrow(new IntegrationRestException(HttpMethod.GET, new HttpUrl("https://google.com"), HttpStatus.NOT_FOUND.value(), "httpStatusMessageTest", "httpResponseContentTest", "IntegrationRestExceptionForAlertTest")).when(blackDuckApiClient).getResponse(Mockito.any(), Mockito.eq(ProjectVersionComponentVersionView.class));
ComponentVersionView componentVersionView = createComponentVersionView();
Mockito.when(blackDuckApiClient.getResponse(Mockito.any(), Mockito.eq(ComponentVersionView.class))).thenReturn(componentVersionView);
UrlSingleResponse<ComponentVersionUpgradeGuidanceView> urlSingleResponse = new UrlSingleResponse<>(new HttpUrl(UPGRADE_GUIDANCE_URL), ComponentVersionUpgradeGuidanceView.class);
Mockito.doThrow(new IntegrationRestException(HttpMethod.GET, new HttpUrl("https://google.com"), HttpStatus.NOT_FOUND.value(), "httpStatusMessageTest", "httpResponseContentTest", "IntegrationRestExceptionForAlertTest")).when(blackDuckApiClient).getResponse(Mockito.eq(urlSingleResponse));
VulnerabilityUniqueProjectNotificationContent notificationContent = createVulnerabilityUniqueProjectNotificationContent();
List<BomComponentDetails> bomComponentDetailsList = extractor.createBomComponentDetails(notificationContent, blackDuckServicesFactory);
assertEquals(1, bomComponentDetailsList.size());
BomComponentDetails testBomComponentDetails = bomComponentDetailsList.get(0);
ComponentUpgradeGuidance componentUpgradeGuidance = testBomComponentDetails.getComponentUpgradeGuidance();
assertFalse(componentUpgradeGuidance.getLongTermUpgradeGuidance().isPresent());
assertFalse(componentUpgradeGuidance.getShortTermUpgradeGuidance().isPresent());
}
use of com.synopsys.integration.alert.provider.blackduck.processor.model.VulnerabilityUniqueProjectNotificationContent in project hub-alert by blackducksoftware.
the class VulnerabilityNotificationMessageExtractorTest method createBomComponentDetailsMissingOriginTest.
@Test
public void createBomComponentDetailsMissingOriginTest() throws IntegrationException {
BlackDuckServicesFactory blackDuckServicesFactory = Mockito.mock(BlackDuckServicesFactory.class);
BlackDuckApiClient blackDuckApiClient = Mockito.mock(BlackDuckApiClient.class);
Mockito.when(blackDuckServicesFactory.getBlackDuckApiClient()).thenReturn(blackDuckApiClient);
ProjectVersionComponentVersionView projectVersionComponentVersionView = createProjectVersionComponentVersionView(false);
Mockito.when(blackDuckApiClient.getResponse(Mockito.any(), Mockito.eq(ProjectVersionComponentVersionView.class))).thenReturn(projectVersionComponentVersionView);
ComponentVersionUpgradeGuidanceView componentVersionUpgradeGuidanceView = createComponentVersionUpgradeGuidanceView();
// A UrlSingleResponse is needed to Mock the blackDuckApiClient in BlackDuckMessageComponentVersionUpgradeGuidanceService::requestUpgradeGuidanceItems
UrlSingleResponse<ComponentVersionUpgradeGuidanceView> urlSingleResponse = new UrlSingleResponse<>(new HttpUrl(UPGRADE_GUIDANCE_URL), ComponentVersionUpgradeGuidanceView.class);
Mockito.when(blackDuckApiClient.getResponse(Mockito.eq(urlSingleResponse))).thenReturn(componentVersionUpgradeGuidanceView);
VulnerabilityUniqueProjectNotificationContent notificationContent = createVulnerabilityUniqueProjectNotificationContent();
List<BomComponentDetails> bomComponentDetailsList = extractor.createBomComponentDetails(notificationContent, blackDuckServicesFactory);
assertEquals(1, bomComponentDetailsList.size());
BomComponentDetails testBomComponentDetails = bomComponentDetailsList.get(0);
assertEquals(COMPONENT, testBomComponentDetails.getComponent());
assertTrue(testBomComponentDetails.getComponentVersion().isPresent());
assertEquals(COMPONENT_VERSION.getValue(), testBomComponentDetails.getComponentVersion().get().getValue());
assertEquals(LICENSE_DISPLAY, testBomComponentDetails.getLicense().getValue());
assertEquals(UsageType.DYNAMICALLY_LINKED.prettyPrint(), testBomComponentDetails.getUsage());
assertTrue(testBomComponentDetails.getAdditionalAttributes().isEmpty());
assertTrue(testBomComponentDetails.getRelevantPolicies().isEmpty());
assertNotNull(testBomComponentDetails.getComponentVulnerabilities());
assertEquals(3, testBomComponentDetails.getComponentConcerns().size());
ComponentUpgradeGuidance componentUpgradeGuidance = testBomComponentDetails.getComponentUpgradeGuidance();
assertTrue(componentUpgradeGuidance.getLongTermUpgradeGuidance().isEmpty());
assertTrue(componentUpgradeGuidance.getShortTermUpgradeGuidance().isEmpty());
}
use of com.synopsys.integration.alert.provider.blackduck.processor.model.VulnerabilityUniqueProjectNotificationContent in project hub-alert by blackducksoftware.
the class VulnerabilityNotificationDetailExtractor method extractDetailedContent.
@Override
public List<DetailedNotificationContent> extractDetailedContent(AlertNotificationModel alertNotificationModel, VulnerabilityNotificationView notificationView) {
VulnerabilityNotificationContent notificationContent = notificationView.getContent();
List<String> applicableSeverityTypes = new LinkedList<>(getApplicableSeverityTypes(notificationContent));
// Separating this notification to be per project should fix a bug with alerts being sent about unrelated projects
return notificationContent.getAffectedProjectVersions().stream().map(affectedProjectVersion -> new VulnerabilityUniqueProjectNotificationContent(notificationContent, affectedProjectVersion)).map(vulnerabilityUniqueProjectNotificationContent -> DetailedNotificationContent.vulnerability(// This leaves the AlertNotificationModel as the original but modifies the NotificationContent field
alertNotificationModel, vulnerabilityUniqueProjectNotificationContent, vulnerabilityUniqueProjectNotificationContent.getAffectedProjectVersion().getProjectName(), vulnerabilityUniqueProjectNotificationContent.getAffectedProjectVersion().getProjectVersionName(), applicableSeverityTypes)).collect(Collectors.toList());
}
Aggregations