From 1834ef0fb577ecc8509bdf8f561f48235ca303ec Mon Sep 17 00:00:00 2001 From: Hritik Vijay Date: Sun, 29 Aug 2021 16:24:15 +0530 Subject: [PATCH] Fix UI break Recent model changes break the UI as now the PackageRelatedVulnerability contains a ``fix`` flag to mark the relationship as a fix. This is leveraged to eliminate multiple columns like patched_package or vulnerable_package. Known defects (in current PR): -[x] UI break -[ ] might crash in multiple imports / improves -[ ] No improver than default improver is implemented yet -[ ] normalized function of ``AdvisoryData`` has no body -[ ] nginx importer still has remains of set_api etc -[x] Inference -> AdvisoryData encapsulation -[ ] Duplicated data in database -[ ] ??? Knows defects (to be solved in different PR): -[ ] inconsistent naming - will be resolved in a different PR -[ ] unordered imports Signed-off-by: Hritik Vijay --- vulnerabilities/models.py | 8 ++++---- vulnerabilities/views.py | 9 +++++---- 2 files changed, 9 insertions(+), 8 deletions(-) diff --git a/vulnerabilities/models.py b/vulnerabilities/models.py index 72fc05c58..e7bd4ac4f 100644 --- a/vulnerabilities/models.py +++ b/vulnerabilities/models.py @@ -89,7 +89,7 @@ def vulnerable_to(self): """ Returns packages which are vulnerable to this vulnerability. """ - return self.vulnerable_packages.all() + return self.packages.filter(vulnerabilities__packagerelatedvulnerability__fix=False) @property def resolved_to(self): @@ -97,7 +97,7 @@ def resolved_to(self): Returns packages, which first received patch against this vulnerability in their particular version history. """ - return self.patched_packages.all().distinct() + return self.packages.filter(vulnerabilities__packagerelatedvulnerability__fix=True) def __str__(self): return self.vulnerability_id or self.summary @@ -149,14 +149,14 @@ def vulnerable_to(self): """ Returns vulnerabilities which are affecting this package. """ - return self.vulnerabilities.all() + return self.vulnerabilities.filter(packagerelatedvulnerability__fix=False) @property def resolved_to(self): """ Returns the vulnerabilities which this package is patched against. """ - return self.resolved_vulnerabilities.all().distinct() + return self.vulnerabilities.filter(packagerelatedvulnerability__fix=True) class Meta: unique_together = ("name", "namespace", "type", "version", "qualifiers", "subpath") diff --git a/vulnerabilities/views.py b/vulnerabilities/views.py index 8757239d7..6bdc6c285 100644 --- a/vulnerabilities/views.py +++ b/vulnerabilities/views.py @@ -24,6 +24,7 @@ from django.core.paginator import Paginator from django.db.models import Count +from django.db.models import Q from django.http import HttpResponse from django.shortcuts import render, redirect from django.urls import reverse @@ -73,8 +74,8 @@ def request_to_queryset(request): models.Package.objects.all() .filter(name__icontains=package_name, type__icontains=package_type) .annotate( - vulnerability_count=Count("vulnerabilities"), - patched_vulnerability_count=Count("resolved_vulnerabilities"), + vulnerability_count=Count("vulnerabilities", filter=Q(vulnerabilities__packagerelatedvulnerability__fix=False)), + patched_vulnerability_count=Count("vulnerabilities",filter=Q(vulnerabilities__packagerelatedvulnerability__fix=True)), ) .prefetch_related() ) @@ -101,8 +102,8 @@ def request_to_vulnerabilities(request): vuln_id = request.GET["vuln_id"] return list( models.Vulnerability.objects.filter(vulnerability_id__icontains=vuln_id).annotate( - vulnerable_package_count=Count("vulnerable_packages"), - patched_package_count=Count("patched_packages"), + vulnerable_package_count=Count("packages", filter=Q(packagerelatedvulnerability__fix=False)), + patched_package_count=Count("packages", filter=Q(packagerelatedvulnerability__fix=True)), ) )