Example 1 with PolicyViolationLicenseView
use of com.synopsys.integration.blackduck.api.manual.view.PolicyViolationLicenseView in project synopsys-detect by blackducksoftware.
the class RapidScanResultAggregator method aggregateComponentData.
private List<RapidScanComponentDetail> aggregateComponentData(List<DeveloperScanComponentResultView> results) {
// the key is the component identifier
List<RapidScanComponentDetail> componentDetails = new LinkedList<>();
for (DeveloperScanComponentResultView resultView : results) {
String componentName = resultView.getComponentName();
RapidScanComponentDetail componentDetail = createDetail(resultView);
componentDetails.add(componentDetail);
RapidScanComponentGroupDetail componentGroupDetail = componentDetail.getComponentDetails();
RapidScanComponentGroupDetail securityGroupDetail = componentDetail.getSecurityDetails();
RapidScanComponentGroupDetail licenseGroupDetail = componentDetail.getLicenseDetails();
// violating policy names is a super set of policy names so we have to remove the vulnerability and license.
Set<String> policyNames = new LinkedHashSet<>(resultView.getViolatingPolicyNames());
Set<PolicyViolationVulnerabilityView> vulnerabilityViolations = resultView.getPolicyViolationVulnerabilities();
Set<PolicyViolationLicenseView> licenseViolations = resultView.getPolicyViolationLicenses();
Set<String> vulnerabilityPolicyNames = vulnerabilityViolations.stream().map(PolicyViolationVulnerabilityView::getViolatingPolicyNames).flatMap(Collection::stream).collect(Collectors.toSet());
Set<String> licensePolicyNames = licenseViolations.stream().map(PolicyViolationLicenseView::getViolatingPolicyNames).flatMap(Collection::stream).collect(Collectors.toSet());
policyNames.removeAll(vulnerabilityPolicyNames);
policyNames.removeAll(licensePolicyNames);
componentGroupDetail.addPolicies(policyNames);
securityGroupDetail.addPolicies(vulnerabilityPolicyNames);
licenseGroupDetail.addPolicies(licensePolicyNames);
componentGroupDetail.addMessages(resultView::getErrorMessage, resultView::getWarningMessage);
addVulnerabilityData(vulnerabilityViolations, securityGroupDetail);
addLicenseData(licenseViolations, licenseGroupDetail);
}
return componentDetails;
}
Also used :
LinkedHashSet(java.util.LinkedHashSet)
PolicyViolationVulnerabilityView(com.synopsys.integration.blackduck.api.manual.view.PolicyViolationVulnerabilityView)
LinkedList(java.util.LinkedList)
DeveloperScanComponentResultView(com.synopsys.integration.blackduck.api.manual.view.DeveloperScanComponentResultView)
PolicyViolationLicenseView(com.synopsys.integration.blackduck.api.manual.view.PolicyViolationLicenseView)
Example 2 with PolicyViolationLicenseView
use of com.synopsys.integration.blackduck.api.manual.view.PolicyViolationLicenseView in project synopsys-detect by blackducksoftware.
the class RapidScanResultAggregatorTest method createView.
private DeveloperScanComponentResultView createView() {
return new DeveloperScanComponentResultView() {
@Override
public String getComponentName() {
return "component_1";
}
@Override
public String getVersionName() {
return "component_version_1";
}
@Override
public String getComponentIdentifier() {
return "component_1:component_version_1";
}
@Override
public Set<String> getViolatingPolicyNames() {
Set<String> policyNames = new HashSet<>();
policyNames.add("component_policy");
policyNames.add("vulnerability_policy");
policyNames.add("license_policy");
return policyNames;
}
@Override
public Set<PolicyViolationVulnerabilityView> getPolicyViolationVulnerabilities() {
Set<PolicyViolationVulnerabilityView> vulnerabilities = new HashSet<>();
PolicyViolationVulnerabilityView view = new PolicyViolationVulnerabilityView() {
@Override
public String getName() {
return "Vulnerability violation";
}
@Override
public String getDescription() {
return "Violation Description";
}
@Override
public Set<String> getViolatingPolicyNames() {
return Collections.singleton("vulnerability_policy");
}
@Override
public String getErrorMessage() {
return "vulnerability_error_1";
}
@Override
public String getWarningMessage() {
return "vulnerability_warning_1";
}
};
vulnerabilities.add(view);
return vulnerabilities;
}
@Override
public Set<PolicyViolationLicenseView> getPolicyViolationLicenses() {
Set<PolicyViolationLicenseView> licenses = new HashSet<>();
PolicyViolationLicenseView view = new PolicyViolationLicenseView() {
@Override
public String getLicenseName() {
return "License name";
}
@Override
public Set<String> getViolatingPolicyNames() {
return Collections.singleton("license_policy");
}
@Override
public String getErrorMessage() {
return "license_error_1";
}
@Override
public String getWarningMessage() {
return "license_warning_1";
}
};
licenses.add(view);
return licenses;
}
@Override
public String getErrorMessage() {
return "component_1_error_message";
}
@Override
public String getWarningMessage() {
return "component_1_warning_message";
}
};
}
Also used :
DeveloperScanComponentResultView(com.synopsys.integration.blackduck.api.manual.view.DeveloperScanComponentResultView)
PolicyViolationVulnerabilityView(com.synopsys.integration.blackduck.api.manual.view.PolicyViolationVulnerabilityView)
HashSet(java.util.HashSet)
PolicyViolationLicenseView(com.synopsys.integration.blackduck.api.manual.view.PolicyViolationLicenseView)
Aggregations
DeveloperScanComponentResultView (com.synopsys.integration.blackduck.api.manual.view.DeveloperScanComponentResultView)2
PolicyViolationLicenseView (com.synopsys.integration.blackduck.api.manual.view.PolicyViolationLicenseView)2
PolicyViolationVulnerabilityView (com.synopsys.integration.blackduck.api.manual.view.PolicyViolationVulnerabilityView)2
HashSet (java.util.HashSet)1
LinkedHashSet (java.util.LinkedHashSet)1
LinkedList (java.util.LinkedList)1
