Examples with VulnerabilityNotificationContent com.synopsys.integration.blackduck.api.manual.component.VulnerabilityNotificationContent used on opensource projects

Search in sources :

Example 1 with VulnerabilityNotificationContent

use of com.synopsys.integration.blackduck.api.manual.component.VulnerabilityNotificationContent in project hub-alert by blackducksoftware.

the class VulnerabilityUniqueProjectNotificationContentTest method getContentFromNotificationContentTest.

@Test
public void getContentFromNotificationContentTest() {
    String componentVersionOriginName = "Component Version Origin Name";
    String componentVersionOriginId = "Component Version Origin Id";
    AffectedProjectVersion affectedProjectVersion = new AffectedProjectVersion();
    affectedProjectVersion.setProjectName(PROJECT_NAME);
    affectedProjectVersion.setProjectVersionName(PROJECT_VERSION_NAME);
    affectedProjectVersion.setProjectVersion(PROJECT_VERSION_URL);
    VulnerabilityNotificationContent vulnerabilityNotificationContent = new VulnerabilityNotificationContent();
    vulnerabilityNotificationContent.setNewVulnerabilityCount(1);
    vulnerabilityNotificationContent.setUpdatedVulnerabilityCount(1);
    vulnerabilityNotificationContent.setDeletedVulnerabilityCount(1);
    vulnerabilityNotificationContent.setNewVulnerabilityIds(List.of(newVulnerabilityId));
    vulnerabilityNotificationContent.setUpdatedVulnerabilityIds(List.of(updatedVulnerabilityId));
    vulnerabilityNotificationContent.setDeletedVulnerabilityIds(List.of(deletedVulnerabilityId));
    vulnerabilityNotificationContent.setComponentVersion(COMPONENT_VERSION_URL);
    vulnerabilityNotificationContent.setComponentName(COMPONENT_NAME);
    vulnerabilityNotificationContent.setVersionName(VERSION_NAME);
    vulnerabilityNotificationContent.setComponentVersionOriginName(componentVersionOriginName);
    vulnerabilityNotificationContent.setAffectedProjectVersions(List.of(affectedProjectVersion));
    vulnerabilityNotificationContent.setComponentVersionOriginId(componentVersionOriginId);
    VulnerabilityUniqueProjectNotificationContent notificationContent = new VulnerabilityUniqueProjectNotificationContent(vulnerabilityNotificationContent, affectedProjectVersion);
    performAssertions(notificationContent, affectedProjectVersion);
}
Also used : AffectedProjectVersion(com.synopsys.integration.blackduck.api.manual.component.AffectedProjectVersion) VulnerabilityNotificationContent(com.synopsys.integration.blackduck.api.manual.component.VulnerabilityNotificationContent) Test(org.junit.jupiter.api.Test)

Example 2 with VulnerabilityNotificationContent

use of com.synopsys.integration.blackduck.api.manual.component.VulnerabilityNotificationContent in project hub-alert by blackducksoftware.

the class VulnerabilityUniqueProjectNotificationContentTest method getContentTest.

@Test
public void getContentTest() {
    AffectedProjectVersion affectedProjectVersion = new AffectedProjectVersion();
    affectedProjectVersion.setProjectName(PROJECT_NAME);
    affectedProjectVersion.setProjectVersionName(PROJECT_VERSION_NAME);
    affectedProjectVersion.setProjectVersion(PROJECT_VERSION_URL);
    VulnerabilityNotificationContent vulnerabilityNotificationContent = new VulnerabilityNotificationContent();
    VulnerabilityUniqueProjectNotificationContent notificationContent = new VulnerabilityUniqueProjectNotificationContent(vulnerabilityNotificationContent, affectedProjectVersion);
    notificationContent.setNewVulnerabilityIds(List.of(newVulnerabilityId));
    notificationContent.setUpdatedVulnerabilityIds(List.of(updatedVulnerabilityId));
    notificationContent.setDeletedVulnerabilityIds(List.of(deletedVulnerabilityId));
    notificationContent.setComponentVersion(COMPONENT_VERSION_URL);
    notificationContent.setComponentName(COMPONENT_NAME);
    notificationContent.setVersionName(VERSION_NAME);
    notificationContent.setAffectedProjectVersion(affectedProjectVersion);
    performAssertions(notificationContent, affectedProjectVersion);
}
Also used : AffectedProjectVersion(com.synopsys.integration.blackduck.api.manual.component.AffectedProjectVersion) VulnerabilityNotificationContent(com.synopsys.integration.blackduck.api.manual.component.VulnerabilityNotificationContent) Test(org.junit.jupiter.api.Test)

Example 3 with VulnerabilityNotificationContent

use of com.synopsys.integration.blackduck.api.manual.component.VulnerabilityNotificationContent in project hub-alert by blackducksoftware.

the class VulnerabilityNotificationDetailExtractor method extractDetailedContent.

@Override
public List<DetailedNotificationContent> extractDetailedContent(AlertNotificationModel alertNotificationModel, VulnerabilityNotificationView notificationView) {
    VulnerabilityNotificationContent notificationContent = notificationView.getContent();
    List<String> applicableSeverityTypes = new LinkedList<>(getApplicableSeverityTypes(notificationContent));
    // Separating this notification to be per project should fix a bug with alerts being sent about unrelated projects
    return notificationContent.getAffectedProjectVersions().stream().map(affectedProjectVersion -> new VulnerabilityUniqueProjectNotificationContent(notificationContent, affectedProjectVersion)).map(vulnerabilityUniqueProjectNotificationContent -> DetailedNotificationContent.vulnerability(// This leaves the AlertNotificationModel as the original but modifies the NotificationContent field
    alertNotificationModel, vulnerabilityUniqueProjectNotificationContent, vulnerabilityUniqueProjectNotificationContent.getAffectedProjectVersion().getProjectName(), vulnerabilityUniqueProjectNotificationContent.getAffectedProjectVersion().getProjectVersionName(), applicableSeverityTypes)).collect(Collectors.toList());
}
Also used : DetailedNotificationContent(com.synopsys.integration.alert.processor.api.detail.DetailedNotificationContent) AlertNotificationModel(com.synopsys.integration.alert.common.rest.model.AlertNotificationModel) VulnerabilityNotificationContent(com.synopsys.integration.blackduck.api.manual.component.VulnerabilityNotificationContent) VulnerabilitySeverityType(com.synopsys.integration.blackduck.api.generated.enumeration.VulnerabilitySeverityType) Set(java.util.Set) Autowired(org.springframework.beans.factory.annotation.Autowired) Collectors(java.util.stream.Collectors) StringUtils(org.apache.commons.lang3.StringUtils) HashSet(java.util.HashSet) List(java.util.List) Component(org.springframework.stereotype.Component) VulnerabilitySourceQualifiedId(com.synopsys.integration.blackduck.api.manual.component.VulnerabilitySourceQualifiedId) VulnerabilityUniqueProjectNotificationContent(com.synopsys.integration.alert.provider.blackduck.processor.model.VulnerabilityUniqueProjectNotificationContent) VulnerabilityNotificationView(com.synopsys.integration.blackduck.api.manual.view.VulnerabilityNotificationView) LinkedList(java.util.LinkedList) NotificationDetailExtractor(com.synopsys.integration.alert.processor.api.detail.NotificationDetailExtractor) VulnerabilityNotificationContent(com.synopsys.integration.blackduck.api.manual.component.VulnerabilityNotificationContent) VulnerabilityUniqueProjectNotificationContent(com.synopsys.integration.alert.provider.blackduck.processor.model.VulnerabilityUniqueProjectNotificationContent) LinkedList(java.util.LinkedList)

Example 4 with VulnerabilityNotificationContent

use of com.synopsys.integration.blackduck.api.manual.component.VulnerabilityNotificationContent in project hub-alert by blackducksoftware.

the class VulnerabilityNotificationDetailExtractorTest method verifyExtraction.

@Test
public void verifyExtraction() throws IOException {
    VulnerabilityNotificationView vulnerabilityNotificationView = getVulnerabilityNotificationView(VULNERABILITY_COMPLEX_JSON_PATH);
    VulnerabilityNotificationContent content = vulnerabilityNotificationView.getContent();
    VulnerabilityNotificationDetailExtractor vulnerabilityNotificationDetailExtractor = new VulnerabilityNotificationDetailExtractor();
    AlertNotificationModel alertNotificationModel = createAlertNotificationModel();
    List<DetailedNotificationContent> filterableNotificationWrappers = vulnerabilityNotificationDetailExtractor.extractDetailedContent(alertNotificationModel, vulnerabilityNotificationView);
    assertEquals(3, filterableNotificationWrappers.size());
    for (DetailedNotificationContent filterableNotificationWrapper : filterableNotificationWrappers) {
        NotificationContentWrapper notificationContentWrapper = filterableNotificationWrapper.getNotificationContentWrapper();
        assertEquals(NotificationType.VULNERABILITY.name(), notificationContentWrapper.extractNotificationType());
        // The Vuln extractor should return a different object structure
        assertNotEquals(content, notificationContentWrapper.getNotificationContent());
        assertEquals(3, filterableNotificationWrapper.getVulnerabilitySeverities().size());
        assertFalse(filterableNotificationWrapper.getVulnerabilitySeverities().contains(VulnerabilitySeverityType.CRITICAL.name()));
        assertTrue(filterableNotificationWrapper.getPolicyName().isEmpty(), "Expected no policy name to be present");
    }
}
Also used : AlertNotificationModel(com.synopsys.integration.alert.common.rest.model.AlertNotificationModel) VulnerabilityNotificationView(com.synopsys.integration.blackduck.api.manual.view.VulnerabilityNotificationView) DetailedNotificationContent(com.synopsys.integration.alert.processor.api.detail.DetailedNotificationContent) VulnerabilityNotificationContent(com.synopsys.integration.blackduck.api.manual.component.VulnerabilityNotificationContent) NotificationContentWrapper(com.synopsys.integration.alert.processor.api.filter.NotificationContentWrapper) Test(org.junit.jupiter.api.Test)

Example 5 with VulnerabilityNotificationContent

use of com.synopsys.integration.blackduck.api.manual.component.VulnerabilityNotificationContent in project hub-alert by blackducksoftware.

the class NotificationWaitJobTask method isNotificationForNewVulnerabilities.

private boolean isNotificationForNewVulnerabilities(NotificationConfig notificationConfig) {
    JsonObject jsonObject = gson.fromJson(notificationConfig.getContent(), JsonObject.class);
    JsonElement content = jsonObject.get("content");
    VulnerabilityNotificationContent notification = gson.fromJson(content, VulnerabilityNotificationContent.class);
    notification.getNewVulnerabilityCount();
    return notification.getNewVulnerabilityCount() > 0;
}
Also used : JsonElement(com.google.gson.JsonElement) JsonObject(com.google.gson.JsonObject) VulnerabilityNotificationContent(com.synopsys.integration.blackduck.api.manual.component.VulnerabilityNotificationContent)

Aggregations

VulnerabilityNotificationContent (com.synopsys.integration.blackduck.api.manual.component.VulnerabilityNotificationContent)10 AffectedProjectVersion (com.synopsys.integration.blackduck.api.manual.component.AffectedProjectVersion)6 VulnerabilityUniqueProjectNotificationContent (com.synopsys.integration.alert.provider.blackduck.processor.model.VulnerabilityUniqueProjectNotificationContent)5 Test (org.junit.jupiter.api.Test)5 VulnerabilitySourceQualifiedId (com.synopsys.integration.blackduck.api.manual.component.VulnerabilitySourceQualifiedId)3 VulnerabilityNotificationView (com.synopsys.integration.blackduck.api.manual.view.VulnerabilityNotificationView)3 AlertNotificationModel (com.synopsys.integration.alert.common.rest.model.AlertNotificationModel)2 DetailedNotificationContent (com.synopsys.integration.alert.processor.api.detail.DetailedNotificationContent)2 JsonElement (com.google.gson.JsonElement)1 JsonObject (com.google.gson.JsonObject)1 NotificationDetailExtractor (com.synopsys.integration.alert.processor.api.detail.NotificationDetailExtractor)1 NotificationContentWrapper (com.synopsys.integration.alert.processor.api.filter.NotificationContentWrapper)1 VulnerabilitySeverityType (com.synopsys.integration.blackduck.api.generated.enumeration.VulnerabilitySeverityType)1 HashSet (java.util.HashSet)1 LinkedList (java.util.LinkedList)1 List (java.util.List)1 Set (java.util.Set)1 Collectors (java.util.stream.Collectors)1 StringUtils (org.apache.commons.lang3.StringUtils)1 Autowired (org.springframework.beans.factory.annotation.Autowired)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial