Search in sources :

Example 1 with PolicyRuleView

use of com.synopsys.integration.blackduck.api.generated.view.PolicyRuleView in project hub-alert by blackducksoftware.

the class RuleViolationNotificationMessageExtractorTest method createBomComponentDetailsTest.

@Test
public void createBomComponentDetailsTest() throws IntegrationException {
    BlackDuckServicesFactory blackDuckServicesFactory = Mockito.mock(BlackDuckServicesFactory.class);
    BlackDuckApiClient blackDuckApiClient = Mockito.mock(BlackDuckApiClient.class);
    Mockito.when(blackDuckServicesFactory.getBlackDuckApiClient()).thenReturn(blackDuckApiClient);
    ProjectVersionComponentVersionView projectVersionComponentVersionView = createProjectVersionComponentVersionView();
    Mockito.when(blackDuckApiClient.getResponse(Mockito.any(), Mockito.eq(ProjectVersionComponentVersionView.class))).thenReturn(projectVersionComponentVersionView);
    ComponentPolicyRulesView componentPolicyRulesView = new ComponentPolicyRulesView();
    ResourceMetadata meta = new ResourceMetadata();
    meta.setHref(new HttpUrl(COMPONENT_POLICY_URL));
    componentPolicyRulesView.setMeta(meta);
    componentPolicyRulesView.setName(COMPONENT_POLICY.getPolicyName());
    componentPolicyRulesView.setSeverity(PolicyRuleSeverityType.BLOCKER);
    componentPolicyRulesView.setPolicyApprovalStatus(ProjectVersionComponentPolicyStatusType.IN_VIOLATION_OVERRIDDEN);
    Mockito.when(blackDuckApiClient.getAllResponses(Mockito.eq(projectVersionComponentVersionView.metaPolicyRulesLink()))).thenReturn(List.of(componentPolicyRulesView));
    PolicyRuleView policyRuleView = new PolicyRuleView();
    policyRuleView.setCategory(PolicyRuleCategoryType.UNCATEGORIZED);
    Mockito.when(blackDuckApiClient.getResponse(Mockito.any(), Mockito.eq(PolicyRuleView.class))).thenReturn(policyRuleView);
    RuleViolationUniquePolicyNotificationContent notificationContent = new RuleViolationUniquePolicyNotificationContent(PROJECT, PROJECT_VERSION, PROJECT_VERSION_URL, COMPONENT_VERSIONS_IN_VIOLATION, List.of(componentVersionStatus), policyInfo);
    List<BomComponentDetails> bomComponentDetailsList = extractor.createBomComponentDetails(notificationContent, blackDuckServicesFactory);
    assertEquals(1, bomComponentDetailsList.size());
    BomComponentDetails testBomComponentDetails = bomComponentDetailsList.get(0);
    assertEquals(COMPONENT, testBomComponentDetails.getComponent());
    assertTrue(testBomComponentDetails.getComponentVersion().isPresent());
    assertEquals(COMPONENT_VERSION.getValue(), testBomComponentDetails.getComponentVersion().get().getValue());
    assertEquals(LICENSE_DISPLAY, testBomComponentDetails.getLicense().getValue());
    assertEquals(UsageType.DYNAMICALLY_LINKED.prettyPrint(), testBomComponentDetails.getUsage());
    assertTrue(testBomComponentDetails.getAdditionalAttributes().isEmpty());
    assertEquals(1, testBomComponentDetails.getComponentConcerns().size());
    assertEquals(ItemOperation.ADD, testBomComponentDetails.getComponentConcerns().get(0).getOperation());
    ComponentUpgradeGuidance componentUpgradeGuidance = testBomComponentDetails.getComponentUpgradeGuidance();
    assertFalse(componentUpgradeGuidance.getLongTermUpgradeGuidance().isPresent());
    assertFalse(componentUpgradeGuidance.getShortTermUpgradeGuidance().isPresent());
    assertEquals(1, testBomComponentDetails.getRelevantPolicies().size());
    ComponentPolicy testComponentPolicy = testBomComponentDetails.getRelevantPolicies().get(0);
    assertTrue(testComponentPolicy.getCategory().isPresent());
    assertEquals(PolicyRuleCategoryType.UNCATEGORIZED.toString(), testComponentPolicy.getCategory().get());
}
Also used : ComponentPolicyRulesView(com.synopsys.integration.blackduck.api.generated.view.ComponentPolicyRulesView) ComponentUpgradeGuidance(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentUpgradeGuidance) RuleViolationUniquePolicyNotificationContent(com.synopsys.integration.alert.provider.blackduck.processor.model.RuleViolationUniquePolicyNotificationContent) ComponentPolicy(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentPolicy) BlackDuckApiClient(com.synopsys.integration.blackduck.service.BlackDuckApiClient) PolicyRuleView(com.synopsys.integration.blackduck.api.generated.view.PolicyRuleView) BlackDuckServicesFactory(com.synopsys.integration.blackduck.service.BlackDuckServicesFactory) ResourceMetadata(com.synopsys.integration.blackduck.api.core.ResourceMetadata) HttpUrl(com.synopsys.integration.rest.HttpUrl) ProjectVersionComponentVersionView(com.synopsys.integration.blackduck.api.generated.view.ProjectVersionComponentVersionView) BomComponentDetails(com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails) Test(org.junit.jupiter.api.Test)

Example 2 with PolicyRuleView

use of com.synopsys.integration.blackduck.api.generated.view.PolicyRuleView in project hub-alert by blackducksoftware.

the class BlackDuckComponentPolicyDetailsCreatorTest method toComponentPolicyVulnerabilityRuleTest.

@Test
public void toComponentPolicyVulnerabilityRuleTest() throws IntegrationException {
    PolicyRuleExpressionExpressionsView expression = new PolicyRuleExpressionExpressionsView();
    expression.setName(EXAMPLE_VULNERABILITY_EXPRESSION);
    BlackDuckApiClient blackDuckApiClient = Mockito.mock(BlackDuckApiClient.class);
    PolicyRuleExpressionView policyRuleExpression = new PolicyRuleExpressionView();
    policyRuleExpression.setExpressions(List.of(expression));
    BlackDuckComponentPolicyDetailsCreator policyDetailsCreator = new BlackDuckComponentPolicyDetailsCreator(POLICY_SEVERITY_CONVERTER, blackDuckApiClient);
    ComponentPolicyRulesView componentPolicyRulesView = new ComponentPolicyRulesView();
    componentPolicyRulesView.setName("vuln-test-policy");
    componentPolicyRulesView.setSeverity(PolicyRuleSeverityType.TRIVIAL);
    componentPolicyRulesView.setPolicyApprovalStatus(ProjectVersionComponentPolicyStatusType.IN_VIOLATION);
    componentPolicyRulesView.setExpression(policyRuleExpression);
    ResourceMetadata meta = new ResourceMetadata();
    meta.setHref(new HttpUrl("https://someUrl"));
    componentPolicyRulesView.setMeta(meta);
    PolicyRuleView policyRuleView = new PolicyRuleView();
    policyRuleView.setName(componentPolicyRulesView.getName());
    policyRuleView.setCategory(PolicyRuleCategoryType.UNCATEGORIZED);
    Mockito.when(blackDuckApiClient.getResponse(Mockito.any(), Mockito.any())).thenReturn(policyRuleView);
    ComponentPolicy componentPolicy = policyDetailsCreator.toComponentPolicy(componentPolicyRulesView);
    assertTrue(componentPolicy.isVulnerabilityPolicy(), "Expected a vulnerability policy");
}
Also used : PolicyRuleExpressionView(com.synopsys.integration.blackduck.api.generated.component.PolicyRuleExpressionView) BlackDuckComponentPolicyDetailsCreator(com.synopsys.integration.alert.provider.blackduck.processor.message.service.policy.BlackDuckComponentPolicyDetailsCreator) ComponentPolicyRulesView(com.synopsys.integration.blackduck.api.generated.view.ComponentPolicyRulesView) ComponentPolicy(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentPolicy) PolicyRuleExpressionExpressionsView(com.synopsys.integration.blackduck.api.generated.component.PolicyRuleExpressionExpressionsView) BlackDuckApiClient(com.synopsys.integration.blackduck.service.BlackDuckApiClient) PolicyRuleView(com.synopsys.integration.blackduck.api.generated.view.PolicyRuleView) ResourceMetadata(com.synopsys.integration.blackduck.api.core.ResourceMetadata) HttpUrl(com.synopsys.integration.rest.HttpUrl) Test(org.junit.jupiter.api.Test)

Example 3 with PolicyRuleView

use of com.synopsys.integration.blackduck.api.generated.view.PolicyRuleView in project hub-alert by blackducksoftware.

the class PolicyOverrideNotificationMessageExtractorTest method createBomComponentDetailsTest.

@Test
public void createBomComponentDetailsTest() throws IntegrationException {
    BlackDuckServicesFactory blackDuckServicesFactory = Mockito.mock(BlackDuckServicesFactory.class);
    BlackDuckApiClient blackDuckApiClient = Mockito.mock(BlackDuckApiClient.class);
    Mockito.when(blackDuckServicesFactory.getBlackDuckApiClient()).thenReturn(blackDuckApiClient);
    ProjectVersionComponentVersionView projectVersionComponentVersionView = createProjectVersionComponentVersionView();
    Mockito.when(blackDuckApiClient.getResponse(Mockito.any(), Mockito.any())).thenReturn(projectVersionComponentVersionView);
    ComponentPolicyRulesView componentPolicyRulesView = new ComponentPolicyRulesView();
    ResourceMetadata meta = new ResourceMetadata();
    meta.setHref(new HttpUrl("https://someUrlPolicyRuleView"));
    componentPolicyRulesView.setMeta(meta);
    componentPolicyRulesView.setName(COMPONENT_POLICY.getPolicyName());
    componentPolicyRulesView.setSeverity(PolicyRuleSeverityType.BLOCKER);
    componentPolicyRulesView.setPolicyApprovalStatus(ProjectVersionComponentPolicyStatusType.IN_VIOLATION_OVERRIDDEN);
    Mockito.when(blackDuckApiClient.getAllResponses(Mockito.eq(projectVersionComponentVersionView.metaPolicyRulesLink()))).thenReturn(List.of(componentPolicyRulesView));
    PolicyRuleView policyRuleView = new PolicyRuleView();
    policyRuleView.setCategory(PolicyRuleCategoryType.UNCATEGORIZED);
    Mockito.when(blackDuckApiClient.getResponse(Mockito.eq(componentPolicyRulesView.getHref()), Mockito.any())).thenReturn(policyRuleView);
    List<BomComponentDetails> bomComponentDetailsList = extractor.createBomComponentDetails(policyOverrideUniquePolicyNotificationContent, blackDuckServicesFactory);
    assertEquals(1, bomComponentDetailsList.size());
    BomComponentDetails testBomComponentDetails = bomComponentDetailsList.get(0);
    assertEquals(COMPONENT, testBomComponentDetails.getComponent());
    assertEquals(1, testBomComponentDetails.getComponentConcerns().size());
    assertTrue(testBomComponentDetails.getComponentVersion().isPresent());
    assertEquals(COMPONENT_VERSION.getValue(), testBomComponentDetails.getComponentVersion().get().getValue());
    assertEquals(LICENSE_DISPLAY, testBomComponentDetails.getLicense().getValue());
    assertEquals(UsageType.DYNAMICALLY_LINKED.prettyPrint(), testBomComponentDetails.getUsage());
    assertEquals(1, testBomComponentDetails.getAdditionalAttributes().size());
    ComponentUpgradeGuidance componentUpgradeGuidance = testBomComponentDetails.getComponentUpgradeGuidance();
    assertFalse(componentUpgradeGuidance.getLongTermUpgradeGuidance().isPresent());
    assertFalse(componentUpgradeGuidance.getShortTermUpgradeGuidance().isPresent());
    assertEquals(1, testBomComponentDetails.getRelevantPolicies().size());
    ComponentPolicy testComponentPolicy = testBomComponentDetails.getRelevantPolicies().get(0);
    assertTrue(testComponentPolicy.getCategory().isPresent());
    assertEquals(PolicyRuleCategoryType.UNCATEGORIZED.toString(), testComponentPolicy.getCategory().get());
}
Also used : ComponentPolicyRulesView(com.synopsys.integration.blackduck.api.generated.view.ComponentPolicyRulesView) ComponentUpgradeGuidance(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentUpgradeGuidance) ComponentPolicy(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentPolicy) BlackDuckApiClient(com.synopsys.integration.blackduck.service.BlackDuckApiClient) PolicyRuleView(com.synopsys.integration.blackduck.api.generated.view.PolicyRuleView) BlackDuckServicesFactory(com.synopsys.integration.blackduck.service.BlackDuckServicesFactory) ResourceMetadata(com.synopsys.integration.blackduck.api.core.ResourceMetadata) HttpUrl(com.synopsys.integration.rest.HttpUrl) ProjectVersionComponentVersionView(com.synopsys.integration.blackduck.api.generated.view.ProjectVersionComponentVersionView) BomComponentDetails(com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails) Test(org.junit.jupiter.api.Test)

Example 4 with PolicyRuleView

use of com.synopsys.integration.blackduck.api.generated.view.PolicyRuleView in project hub-alert by blackducksoftware.

the class PolicyNotificationFilterCustomFunctionAction method createPagedActionResponse.

@Override
public ActionResponse<NotificationFilterModelOptions> createPagedActionResponse(FieldModel fieldModel, HttpServletContentWrapper servletContentWrapper, int pageNumber, int pageSize, String searchTerm) throws IntegrationException {
    Optional<FieldValueModel> fieldValueModel = fieldModel.getFieldValueModel(ProviderDescriptor.KEY_NOTIFICATION_TYPES);
    Collection<String> selectedNotificationTypes = fieldValueModel.map(FieldValueModel::getValues).orElse(List.of());
    int totalPages = 1;
    List<NotificationFilterModel> options = List.of();
    if (isJobFilterableByPolicy(selectedNotificationTypes)) {
        try {
            Optional<BlackDuckServicesFactory> blackDuckServicesFactory = createBlackDuckServicesFactory(fieldModel);
            if (blackDuckServicesFactory.isPresent()) {
                BlackDuckPageResponse<PolicyRuleView> policyRulesPage = retrievePolicyRules(blackDuckServicesFactory.get(), pageNumber, pageSize, searchTerm);
                totalPages = (policyRulesPage.getTotalCount() + (pageSize - 1)) / pageSize;
                options = convertToNotificationFilterModel(policyRulesPage.getItems());
            }
        } catch (IntegrationException e) {
            logger.errorAndDebug("There was an issue communicating with Black Duck. " + e.getMessage(), e);
            throw new AlertException("Unable to communicate with Black Duck.", e);
        }
    }
    NotificationFilterModelOptions notificationFilterModelOptions = new NotificationFilterModelOptions(totalPages, pageNumber, pageSize, options);
    return new ActionResponse<>(HttpStatus.OK, notificationFilterModelOptions);
}
Also used : IntegrationException(com.synopsys.integration.exception.IntegrationException) PolicyRuleView(com.synopsys.integration.blackduck.api.generated.view.PolicyRuleView) BlackDuckServicesFactory(com.synopsys.integration.blackduck.service.BlackDuckServicesFactory) ActionResponse(com.synopsys.integration.alert.common.action.ActionResponse) FieldValueModel(com.synopsys.integration.alert.common.rest.model.FieldValueModel) AlertException(com.synopsys.integration.alert.api.common.model.exception.AlertException)

Example 5 with PolicyRuleView

use of com.synopsys.integration.blackduck.api.generated.view.PolicyRuleView in project hub-alert by blackducksoftware.

the class BlackDuckComponentPolicyDetailsCreator method toComponentPolicy.

public ComponentPolicy toComponentPolicy(ComponentPolicyRulesView componentPolicyRulesView) {
    ComponentConcernSeverity componentConcernSeverity = policySeverityConverter.toComponentConcernSeverity(componentPolicyRulesView.getSeverity().name());
    boolean overridden = ProjectVersionComponentPolicyStatusType.IN_VIOLATION_OVERRIDDEN.equals(componentPolicyRulesView.getPolicyApprovalStatus());
    boolean vulnerabilityPolicy = isVulnerabilityPolicy(componentPolicyRulesView);
    Optional<PolicyRuleView> policyRuleView = retrievePolicyRuleView(componentPolicyRulesView.getHref());
    String category = policyRuleView.map(PolicyRuleView::getCategory).map(PolicyRuleCategoryType::name).orElse(null);
    return new ComponentPolicy(componentPolicyRulesView.getName(), componentConcernSeverity, overridden, vulnerabilityPolicy, componentPolicyRulesView.getDescription(), category);
}
Also used : ComponentConcernSeverity(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcernSeverity) ComponentPolicy(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentPolicy) PolicyRuleView(com.synopsys.integration.blackduck.api.generated.view.PolicyRuleView)

Aggregations

PolicyRuleView (com.synopsys.integration.blackduck.api.generated.view.PolicyRuleView)9 ComponentPolicy (com.synopsys.integration.alert.processor.api.extract.model.project.ComponentPolicy)7 BlackDuckApiClient (com.synopsys.integration.blackduck.service.BlackDuckApiClient)7 ResourceMetadata (com.synopsys.integration.blackduck.api.core.ResourceMetadata)6 ComponentPolicyRulesView (com.synopsys.integration.blackduck.api.generated.view.ComponentPolicyRulesView)6 HttpUrl (com.synopsys.integration.rest.HttpUrl)6 Test (org.junit.jupiter.api.Test)6 BlackDuckServicesFactory (com.synopsys.integration.blackduck.service.BlackDuckServicesFactory)4 BomComponentDetails (com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails)3 ComponentUpgradeGuidance (com.synopsys.integration.alert.processor.api.extract.model.project.ComponentUpgradeGuidance)3 BlackDuckComponentPolicyDetailsCreator (com.synopsys.integration.alert.provider.blackduck.processor.message.service.policy.BlackDuckComponentPolicyDetailsCreator)3 ProjectVersionComponentVersionView (com.synopsys.integration.blackduck.api.generated.view.ProjectVersionComponentVersionView)3 PolicyRuleExpressionExpressionsView (com.synopsys.integration.blackduck.api.generated.component.PolicyRuleExpressionExpressionsView)2 PolicyRuleExpressionView (com.synopsys.integration.blackduck.api.generated.component.PolicyRuleExpressionView)2 AlertException (com.synopsys.integration.alert.api.common.model.exception.AlertException)1 ActionResponse (com.synopsys.integration.alert.common.action.ActionResponse)1 FieldValueModel (com.synopsys.integration.alert.common.rest.model.FieldValueModel)1 ComponentConcernSeverity (com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcernSeverity)1 RuleViolationClearedUniquePolicyNotificationContent (com.synopsys.integration.alert.provider.blackduck.processor.model.RuleViolationClearedUniquePolicyNotificationContent)1 RuleViolationUniquePolicyNotificationContent (com.synopsys.integration.alert.provider.blackduck.processor.model.RuleViolationUniquePolicyNotificationContent)1