Search in sources :

Example 1 with RiskProfileView

use of com.synopsys.integration.blackduck.api.generated.view.RiskProfileView in project hub-alert by blackducksoftware.

the class VulnerabilityNotificationMessageExtractorTest method createProjectVersionComponentVersionView.

private ProjectVersionComponentVersionView createProjectVersionComponentVersionView(boolean withOrigin) throws IntegrationException {
    ProjectVersionComponentVersionView projectVersionComponentVersionView = new ProjectVersionComponentVersionView();
    projectVersionComponentVersionView.setComponentName(COMPONENT.getValue());
    projectVersionComponentVersionView.setComponentVersion(COMPONENT_VERSION_URL);
    projectVersionComponentVersionView.setComponentVersionName(COMPONENT_VERSION.getValue());
    projectVersionComponentVersionView.setPolicyStatus(ProjectVersionComponentPolicyStatusType.IN_VIOLATION);
    projectVersionComponentVersionView.setUsages(List.of(UsageType.DYNAMICALLY_LINKED));
    ProjectVersionComponentVersionLicensesView projectVersionComponentVersionLicensesView = new ProjectVersionComponentVersionLicensesView();
    projectVersionComponentVersionLicensesView.setLicense("http://licenseLink");
    projectVersionComponentVersionLicensesView.setLicenseDisplay(LICENSE_DISPLAY);
    projectVersionComponentVersionView.setLicenses(List.of(projectVersionComponentVersionLicensesView));
    ResourceLink resourceLink = new ResourceLink();
    resourceLink.setHref(new HttpUrl("https://policyRulesLink"));
    resourceLink.setRel("policy-rules");
    ResourceMetadata meta = new ResourceMetadata();
    meta.setHref(new HttpUrl("https://bomComponentHref"));
    meta.setLinks(List.of(resourceLink));
    projectVersionComponentVersionView.setMeta(meta);
    ResourceLink resourceLinkUpgradeGuidance = new ResourceLink();
    resourceLinkUpgradeGuidance.setHref(new HttpUrl(UPGRADE_GUIDANCE_URL));
    resourceLinkUpgradeGuidance.setRel("upgrade-guidance");
    ResourceMetadata metaUpgradeGuidance = new ResourceMetadata();
    metaUpgradeGuidance.setHref(new HttpUrl("https://upgradeGuidance"));
    metaUpgradeGuidance.setLinks(List.of(resourceLinkUpgradeGuidance));
    RiskProfileView riskProfileView = new RiskProfileView();
    RiskProfileCountsView riskProfileCountsView = new RiskProfileCountsView();
    riskProfileCountsView.setCount(BigDecimal.ONE);
    riskProfileCountsView.setCountType(RiskPriorityType.HIGH);
    riskProfileView.setCounts(List.of(riskProfileCountsView));
    projectVersionComponentVersionView.setSecurityRiskProfile(riskProfileView);
    if (withOrigin) {
        VersionBomOriginView versionBomOriginView = new VersionBomOriginView();
        versionBomOriginView.setMeta(metaUpgradeGuidance);
        projectVersionComponentVersionView.setOrigins(List.of(versionBomOriginView));
    } else {
        projectVersionComponentVersionView.setOrigins(List.of());
    }
    return projectVersionComponentVersionView;
}
Also used : RiskProfileCountsView(com.synopsys.integration.blackduck.api.generated.component.RiskProfileCountsView) VersionBomOriginView(com.synopsys.integration.blackduck.api.manual.temporary.component.VersionBomOriginView) RiskProfileView(com.synopsys.integration.blackduck.api.generated.view.RiskProfileView) ProjectVersionComponentVersionLicensesView(com.synopsys.integration.blackduck.api.generated.component.ProjectVersionComponentVersionLicensesView) ResourceLink(com.synopsys.integration.blackduck.api.core.ResourceLink) ResourceMetadata(com.synopsys.integration.blackduck.api.core.ResourceMetadata) HttpUrl(com.synopsys.integration.rest.HttpUrl) ProjectVersionComponentVersionView(com.synopsys.integration.blackduck.api.generated.view.ProjectVersionComponentVersionView)

Example 2 with RiskProfileView

use of com.synopsys.integration.blackduck.api.generated.view.RiskProfileView in project hub-alert by blackducksoftware.

the class BlackDuckComponentVulnerabilityDetailsCreatorTest method createTestComponentView.

private ProjectVersionComponentVersionView createTestComponentView(Long criticalCounts, Long highCounts, Long mediumCounts, Long lowCounts, Long unknownCounts, Long okCounts) {
    RiskProfileCountsView criticalCountsView = createCountsView(RiskPriorityType.CRITICAL, criticalCounts);
    RiskProfileCountsView highCountsView = createCountsView(RiskPriorityType.HIGH, highCounts);
    RiskProfileCountsView mediumCountsView = createCountsView(RiskPriorityType.MEDIUM, mediumCounts);
    RiskProfileCountsView lowCountsView = createCountsView(RiskPriorityType.LOW, lowCounts);
    RiskProfileCountsView unknownCountsView = createCountsView(RiskPriorityType.UNKNOWN, unknownCounts);
    RiskProfileCountsView okCountsView = createCountsView(RiskPriorityType.OK, okCounts);
    RiskProfileView securityRiskProfile = new RiskProfileView();
    securityRiskProfile.setCounts(List.of(criticalCountsView, highCountsView, mediumCountsView, lowCountsView, unknownCountsView, okCountsView));
    ProjectVersionComponentVersionView projectVersionComponentView = new ProjectVersionComponentVersionView();
    projectVersionComponentView.setSecurityRiskProfile(securityRiskProfile);
    return projectVersionComponentView;
}
Also used : RiskProfileCountsView(com.synopsys.integration.blackduck.api.generated.component.RiskProfileCountsView) RiskProfileView(com.synopsys.integration.blackduck.api.generated.view.RiskProfileView) ProjectVersionComponentVersionView(com.synopsys.integration.blackduck.api.generated.view.ProjectVersionComponentVersionView)

Example 3 with RiskProfileView

use of com.synopsys.integration.blackduck.api.generated.view.RiskProfileView in project hub-alert by blackducksoftware.

the class BlackDuckComponentVulnerabilityDetailsCreator method hasSecurityRisk.

public boolean hasSecurityRisk(ProjectVersionComponentVersionView bomComponent) {
    RiskProfileView riskProfile = bomComponent.getSecurityRiskProfile();
    if (null == riskProfile) {
        return false;
    }
    List<RiskProfileCountsView> counts = riskProfile.getCounts();
    if (null == counts) {
        return false;
    }
    return counts.stream().anyMatch(this::hasSecurityRisk);
}
Also used : RiskProfileCountsView(com.synopsys.integration.blackduck.api.generated.component.RiskProfileCountsView) RiskProfileView(com.synopsys.integration.blackduck.api.generated.view.RiskProfileView)

Aggregations

RiskProfileCountsView (com.synopsys.integration.blackduck.api.generated.component.RiskProfileCountsView)3 RiskProfileView (com.synopsys.integration.blackduck.api.generated.view.RiskProfileView)3 ProjectVersionComponentVersionView (com.synopsys.integration.blackduck.api.generated.view.ProjectVersionComponentVersionView)2 ResourceLink (com.synopsys.integration.blackduck.api.core.ResourceLink)1 ResourceMetadata (com.synopsys.integration.blackduck.api.core.ResourceMetadata)1 ProjectVersionComponentVersionLicensesView (com.synopsys.integration.blackduck.api.generated.component.ProjectVersionComponentVersionLicensesView)1 VersionBomOriginView (com.synopsys.integration.blackduck.api.manual.temporary.component.VersionBomOriginView)1 HttpUrl (com.synopsys.integration.rest.HttpUrl)1