use of com.synopsys.integration.rest.HttpUrl in project hub-alert by blackducksoftware.
the class PolicyOverrideNotificationMessageExtractorTest method createBomComponentDetailsTest.
@Test
public void createBomComponentDetailsTest() throws IntegrationException {
BlackDuckServicesFactory blackDuckServicesFactory = Mockito.mock(BlackDuckServicesFactory.class);
BlackDuckApiClient blackDuckApiClient = Mockito.mock(BlackDuckApiClient.class);
Mockito.when(blackDuckServicesFactory.getBlackDuckApiClient()).thenReturn(blackDuckApiClient);
ProjectVersionComponentVersionView projectVersionComponentVersionView = createProjectVersionComponentVersionView();
Mockito.when(blackDuckApiClient.getResponse(Mockito.any(), Mockito.any())).thenReturn(projectVersionComponentVersionView);
ComponentPolicyRulesView componentPolicyRulesView = new ComponentPolicyRulesView();
ResourceMetadata meta = new ResourceMetadata();
meta.setHref(new HttpUrl("https://someUrlPolicyRuleView"));
componentPolicyRulesView.setMeta(meta);
componentPolicyRulesView.setName(COMPONENT_POLICY.getPolicyName());
componentPolicyRulesView.setSeverity(PolicyRuleSeverityType.BLOCKER);
componentPolicyRulesView.setPolicyApprovalStatus(ProjectVersionComponentPolicyStatusType.IN_VIOLATION_OVERRIDDEN);
Mockito.when(blackDuckApiClient.getAllResponses(Mockito.eq(projectVersionComponentVersionView.metaPolicyRulesLink()))).thenReturn(List.of(componentPolicyRulesView));
PolicyRuleView policyRuleView = new PolicyRuleView();
policyRuleView.setCategory(PolicyRuleCategoryType.UNCATEGORIZED);
Mockito.when(blackDuckApiClient.getResponse(Mockito.eq(componentPolicyRulesView.getHref()), Mockito.any())).thenReturn(policyRuleView);
List<BomComponentDetails> bomComponentDetailsList = extractor.createBomComponentDetails(policyOverrideUniquePolicyNotificationContent, blackDuckServicesFactory);
assertEquals(1, bomComponentDetailsList.size());
BomComponentDetails testBomComponentDetails = bomComponentDetailsList.get(0);
assertEquals(COMPONENT, testBomComponentDetails.getComponent());
assertEquals(1, testBomComponentDetails.getComponentConcerns().size());
assertTrue(testBomComponentDetails.getComponentVersion().isPresent());
assertEquals(COMPONENT_VERSION.getValue(), testBomComponentDetails.getComponentVersion().get().getValue());
assertEquals(LICENSE_DISPLAY, testBomComponentDetails.getLicense().getValue());
assertEquals(UsageType.DYNAMICALLY_LINKED.prettyPrint(), testBomComponentDetails.getUsage());
assertEquals(1, testBomComponentDetails.getAdditionalAttributes().size());
ComponentUpgradeGuidance componentUpgradeGuidance = testBomComponentDetails.getComponentUpgradeGuidance();
assertFalse(componentUpgradeGuidance.getLongTermUpgradeGuidance().isPresent());
assertFalse(componentUpgradeGuidance.getShortTermUpgradeGuidance().isPresent());
assertEquals(1, testBomComponentDetails.getRelevantPolicies().size());
ComponentPolicy testComponentPolicy = testBomComponentDetails.getRelevantPolicies().get(0);
assertTrue(testComponentPolicy.getCategory().isPresent());
assertEquals(PolicyRuleCategoryType.UNCATEGORIZED.toString(), testComponentPolicy.getCategory().get());
}
use of com.synopsys.integration.rest.HttpUrl in project hub-alert by blackducksoftware.
the class BlackDuckResponseTestUtility method createProjectVersionComponentVersionView.
public ProjectVersionComponentVersionView createProjectVersionComponentVersionView() throws IntegrationException {
ProjectVersionComponentVersionView projectVersionComponentVersionView = new ProjectVersionComponentVersionView();
projectVersionComponentVersionView.setComponentName("component name");
projectVersionComponentVersionView.setComponentVersion("http://component-version-url");
projectVersionComponentVersionView.setComponentVersionName("component version name");
projectVersionComponentVersionView.setPolicyStatus(ProjectVersionComponentPolicyStatusType.IN_VIOLATION);
projectVersionComponentVersionView.setUsages(List.of(UsageType.DYNAMICALLY_LINKED));
ProjectVersionComponentVersionLicensesView projectVersionComponentVersionLicensesView = new ProjectVersionComponentVersionLicensesView();
projectVersionComponentVersionLicensesView.setLicense("http://license-link");
projectVersionComponentVersionLicensesView.setLicenseDisplay("license-display");
projectVersionComponentVersionView.setLicenses(List.of(projectVersionComponentVersionLicensesView));
ResourceLink resourceLink = new ResourceLink();
resourceLink.setHref(new HttpUrl("https://resource-url"));
resourceLink.setRel("policy-rules");
ResourceMetadata meta = new ResourceMetadata();
meta.setHref(new HttpUrl("https://meta-url"));
meta.setLinks(List.of(resourceLink));
projectVersionComponentVersionView.setMeta(meta);
return projectVersionComponentVersionView;
}
use of com.synopsys.integration.rest.HttpUrl in project hub-alert by blackducksoftware.
the class PolicyOverrideNotificationMessageExtractor method createBomComponentDetails.
@Override
protected List<BomComponentDetails> createBomComponentDetails(PolicyOverrideUniquePolicyNotificationContent notificationContent, BlackDuckServicesFactory blackDuckServicesFactory) throws IntegrationException {
BlackDuckApiClient blackDuckApiClient = blackDuckServicesFactory.getBlackDuckApiClient();
BlackDuckMessageBomComponentDetailsCreator bomComponentDetailsCreator = detailsCreatorFactory.createBomComponentDetailsCreator(blackDuckServicesFactory);
ComponentConcern policyConcern = policyComponentConcernCreator.fromPolicyInfo(notificationContent.getPolicyInfo(), ItemOperation.DELETE);
String overriderName = String.format("%s %s", notificationContent.getFirstName(), notificationContent.getLastName());
LinkableItem overrider = new LinkableItem(BlackDuckMessageLabels.LABEL_OVERRIDER, overriderName);
BomComponentDetails bomComponentDetails;
try {
ProjectVersionComponentVersionView bomComponent = blackDuckApiClient.getResponse(new HttpUrl(notificationContent.getBomComponent()), ProjectVersionComponentVersionView.class);
bomComponentDetails = bomComponentDetailsCreator.createBomComponentDetails(bomComponent, policyConcern, ComponentUpgradeGuidance.none(), List.of(overrider));
} catch (IntegrationRestException e) {
bomComponent404Handler.logIf404OrThrow(e, notificationContent.getComponentName(), notificationContent.getComponentVersionName());
bomComponentDetails = bomComponentDetailsCreator.createMissingBomComponentDetails(notificationContent.getComponentName(), notificationContent.getBomComponent(), notificationContent.getComponentVersionName(), notificationContent.getBomComponent(), List.of(policyConcern), ComponentUpgradeGuidance.none(), List.of(overrider));
}
return List.of(bomComponentDetails);
}
use of com.synopsys.integration.rest.HttpUrl in project hub-alert by blackducksoftware.
the class VulnerabilityNotificationMessageExtractor method createBomComponentDetails.
@Override
protected List<BomComponentDetails> createBomComponentDetails(VulnerabilityUniqueProjectNotificationContent notificationContent, BlackDuckServicesFactory blackDuckServicesFactory) throws IntegrationException {
BlackDuckApiClient blackDuckApiClient = blackDuckServicesFactory.getBlackDuckApiClient();
BlackDuckMessageBomComponentDetailsCreator bomComponentDetailsCreator = detailsCreatorFactory.createBomComponentDetailsCreator(blackDuckServicesFactory);
AffectedProjectVersion affectedProjectVersion = notificationContent.getAffectedProjectVersion();
String bomComponentUrl = affectedProjectVersion.getBomComponent();
List<ComponentConcern> componentConcerns = createComponentConcerns(notificationContent);
BomComponentDetails bomComponentDetails;
try {
ProjectVersionComponentVersionView bomComponent = blackDuckApiClient.getResponse(new HttpUrl(bomComponentUrl), ProjectVersionComponentVersionView.class);
ComponentUpgradeGuidance componentUpgradeGuidance = createComponentUpgradeGuidance(blackDuckApiClient, bomComponent);
bomComponentDetails = bomComponentDetailsCreator.createBomComponentDetails(bomComponent, componentConcerns, componentUpgradeGuidance, List.of());
} catch (IntegrationRestException e) {
bomComponent404Handler.logIf404OrThrow(e, notificationContent.getComponentName(), notificationContent.getVersionName());
ComponentUpgradeGuidance componentUpgradeGuidance = createComponentUpgradeGuidance(blackDuckApiClient, notificationContent);
bomComponentDetails = bomComponentDetailsCreator.createMissingBomComponentDetailsForVulnerability(notificationContent.getComponentName(), bomComponentUrl, notificationContent.getVersionName(), componentConcerns, componentUpgradeGuidance, List.of());
}
return List.of(bomComponentDetails);
}
use of com.synopsys.integration.rest.HttpUrl in project hub-alert by blackducksoftware.
the class BlackDuckMessageBomComponentDetailsCreator method hasConcernForPolicy.
private boolean hasConcernForPolicy(ComponentPolicyRulesView policyRulesView, List<ComponentConcern> policyConcerns) {
for (ComponentConcern policyConcern : policyConcerns) {
Optional<String> optionalUrl = policyConcern.getUrl();
HttpUrl policyRulesViewHref = policyRulesView.getHref();
if (null != policyRulesViewHref && optionalUrl.isPresent()) {
String componentConcernPolicyUrl = optionalUrl.get();
if (componentConcernPolicyUrl.equals(policyRulesViewHref.string())) {
return true;
}
} else if (policyConcern.getName().equals(policyRulesView.getName())) {
return true;
}
}
return false;
}
Aggregations