From: antoine.vinot Date: Wed, 4 Sep 2024 12:31:58 +0000 (+0200) Subject: SONAR-22914 Create and update APIs for CVEs X-Git-Tag: 10.7.0.96327~109 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=574637dc96a0655344a0623fa1aae861fe073a86;p=sonarqube.git SONAR-22914 Create and update APIs for CVEs --- diff --git a/server/sonar-db-dao/src/it/java/org/sonar/db/issue/IssueDaoIT.java b/server/sonar-db-dao/src/it/java/org/sonar/db/issue/IssueDaoIT.java index 6d6a2e9bd20..13195fb952e 100644 --- a/server/sonar-db-dao/src/it/java/org/sonar/db/issue/IssueDaoIT.java +++ b/server/sonar-db-dao/src/it/java/org/sonar/db/issue/IssueDaoIT.java @@ -53,6 +53,8 @@ import org.sonar.db.component.BranchDto; import org.sonar.db.component.BranchType; import org.sonar.db.component.ComponentDto; import org.sonar.db.component.ComponentTesting; +import org.sonar.db.dependency.CveDto; +import org.sonar.db.dependency.IssuesDependencyDto; import org.sonar.db.protobuf.DbIssues; import org.sonar.db.rule.RuleDto; import org.sonar.db.rule.RuleTesting; @@ -218,6 +220,21 @@ class IssueDaoIT { tuple(LOW, SECURITY)); } + @Test + void selectByKeys_shouldFetchCveIds() { + prepareTables(); + var cveDto1 = new CveDto("cve_uuid_1", "CVE-123", "Some CVE description", 1.0, 2.0, 3.0, 4L, 5L, 6L, 7L); + db.getDbClient().cveDao().insert(db.getSession(), cveDto1); + var cveDto2 = new CveDto("cve_uuid_2", "CVE-456", "Some CVE description", 1.0, 2.0, 3.0, 4L, 5L, 6L, 7L); + db.getDbClient().cveDao().insert(db.getSession(), cveDto2); + db.issues().insertIssuesDependency(new IssuesDependencyDto(ISSUE_KEY1, cveDto1.uuid())); + db.issues().insertIssuesDependency(new IssuesDependencyDto(ISSUE_KEY2, cveDto2.uuid())); + + List issues = underTest.selectByKeys(db.getSession(), asList("I1", "I2", "I3")); + + assertThat(issues).extracting(IssueDto::getCveId).containsExactlyInAnyOrder(cveDto1.id(), cveDto2.id()); + } + @Test void scrollIndexationIssues_shouldReturnDto() throws SQLException { ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); diff --git a/server/sonar-db-dao/src/main/java/org/sonar/db/issue/IssueDto.java b/server/sonar-db-dao/src/main/java/org/sonar/db/issue/IssueDto.java index eae7cd669b1..c60fdb3075d 100644 --- a/server/sonar-db-dao/src/main/java/org/sonar/db/issue/IssueDto.java +++ b/server/sonar-db-dao/src/main/java/org/sonar/db/issue/IssueDto.java @@ -119,6 +119,9 @@ public final class IssueDto implements Serializable { private CleanCodeAttribute cleanCodeAttribute; private CleanCodeAttribute ruleCleanCodeAttribute; + //issues dependency fields, one-one relationship + private String cveId; + public IssueDto() { // nothing to do } @@ -873,6 +876,14 @@ public final class IssueDto implements Serializable { return this; } + public String getCveId() { + return cveId; + } + + public void setCveId(String cveId) { + this.cveId = cveId; + } + @Override public String toString() { return ToStringBuilder.reflectionToString(this, ToStringStyle.SHORT_PREFIX_STYLE); diff --git a/server/sonar-db-dao/src/main/resources/org/sonar/db/issue/IssueMapper.xml b/server/sonar-db-dao/src/main/resources/org/sonar/db/issue/IssueMapper.xml index 422e50a7922..eba1d964f01 100644 --- a/server/sonar-db-dao/src/main/resources/org/sonar/db/issue/IssueMapper.xml +++ b/server/sonar-db-dao/src/main/resources/org/sonar/db/issue/IssueMapper.xml @@ -402,7 +402,8 @@