Rework the vulnerability_analysis_form_view #102

Signed-off-by: tdruez <[email protected]>

product_portfolio/templates/product_portfolio/tabs/tab_packages_vulnerabilities.html

@@ -104,7 +104,7 @@
                     data-bs-target="#vulnerability-analysis-modal"
                     data-vulnerability-id="{{ vulnerability.vulnerability_id }}"
                     data-package-identifier="{{ product_package.package.identifier }}"
-                    data-edit-url="{% url 'product_portfolio:vulnerability_analysis_form' product.uuid vulnerability.vulnerability_id product_package.package.uuid %}"
+                    data-edit-url="{% url 'product_portfolio:vulnerability_analysis_form' product_package.uuid vulnerability.vulnerability_id %}"
               >
                 <button type="button" data-bs-toggle="tooltip" title="Edit" class="btn btn-link p-0" aria-label="Edit">
                   <i class="far fa-edit fa-sm"></i>

product_portfolio/urls.py

@@ -82,7 +82,7 @@ def product_path(path_segment, view):
         name="edit_productrelation_ajax",
     ),
     path(
-        "<uuid:product_uuid>/vulnerability_analysis/<str:vulnerability_id>/<uuid:package_uuid>/",
+        "vulnerability_analysis/<uuid:productpackage_uuid>/<str:vulnerability_id>/",
         vulnerability_analysis_form_view,
         name="vulnerability_analysis_form",
     ),

product_portfolio/views.py

@@ -2523,32 +2523,30 @@ def improve_packages_from_purldb_view(request, dataspace, name, version=""):
 
 
 @login_required
-def vulnerability_analysis_form_view(request, product_uuid, vulnerability_id, package_uuid):
+def vulnerability_analysis_form_view(request, productpackage_uuid, vulnerability_id):
     user = request.user
     dataspace = user.dataspace
     form_class = VulnerabilityAnalysisForm
     perms = "change_product"
 
     product_qs = Product.objects.get_queryset(user, perms=perms)
-    product = get_object_or_404(product_qs, uuid=product_uuid)
-    vulnerability_qs = Vulnerability.objects.scope(dataspace)
-    vulnerability = get_object_or_404(vulnerability_qs, vulnerability_id=vulnerability_id)
     product_package_qs = ProductPackage.objects.product_secured(user, perms=perms)
-    product_package = get_object_or_404(
-        product_package_qs, product=product, package__uuid=package_uuid
-    )
+    vulnerability_qs = Vulnerability.objects.scope(dataspace)
     vulnerability_analysis_qs = VulnerabilityAnalysis.objects.scope(dataspace)
 
+    product_package = get_object_or_404(product_package_qs, uuid=productpackage_uuid)
+    vulnerability = get_object_or_404(vulnerability_qs, vulnerability_id=vulnerability_id)
+
     # Fetch the existing Analysis values for each affected products
     product_analysis = vulnerability_analysis_qs.filter(
         product=OuterRef("pk"),
         package=OuterRef("packages__pk"),
         vulnerability=OuterRef("packages__affected_by_vulnerabilities__pk"),
     )
     affected_products = (
-        product_qs.exclude(pk=product.pk)
+        product_qs.exclude(pk=product_package.product.pk)
         .filter(
-            packages__uuid=package_uuid,
+            packages__id=product_package.package_id,
             packages__affected_by_vulnerabilities=vulnerability,
         )
         .annotate(
@@ -2558,7 +2556,6 @@ def vulnerability_analysis_form_view(request, product_uuid, vulnerability_id, pa
             analysis_detail=Subquery(product_analysis.values("detail")[:1]),
         )
     )
-
     vulnerability_analysis = vulnerability_analysis_qs.get_or_none(
         product_package=product_package,
         vulnerability=vulnerability,