Skip to content

Commit

Permalink
Merge pull request eclipse-sw360#126 from siemens/vulnerabilities_add2
Browse files Browse the repository at this point in the history
feat(add_vulnerability): Create vulnerability integration complete
  • Loading branch information
heliocastro authored Sep 27, 2023
2 parents 51fecfa + a2f47d0 commit 978eef4
Show file tree
Hide file tree
Showing 11 changed files with 359 additions and 47 deletions.
15 changes: 15 additions & 0 deletions messages/en.json
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,10 @@
">=": ">=",
"Attachment Usages": "Attachment Usages",
"Add Additional Data": "Add Additional Data",
"Advisory Vendor": "Advisory Vendor",
"Advisory Name": "Advisory Name",
"Advisory Url": "Advisory Url",
"Assigned External Component Ids": "Assigned External Component Ids",
"Analyst": "Analyst",
"as of": "as of",
"authentication": "authentication",
Expand Down Expand Up @@ -83,6 +87,8 @@
"Cloud Service": "Cloud Service",
"Categories": "Categories",
"Change Log Id": "Change Log Id",
"Click to add Assigned External Component Id": "Click to add Assigned External Component Id",
"Click to add Vulnerability Reference": "Click to add Vulnerability Reference",
"Change Log": "Change Log",
"Change State": "Change State",
"Change Type": "Change Type",
Expand Down Expand Up @@ -145,6 +151,7 @@
"Click to add Releases": "Click to add Releases",
"Change Vulnerability Rating And Action?": "Change Vulnerability Rating And Action?",
"Create Account": "Create Account",
"Click to add Vendor Advisory": "Click to add Vendor Advisory",
"Created By (Email)": "Created By (Email)",
"Can not remove vulnerability because it is used by release": "Can not remove vulnerability because it is used by release",
"Created by": "Created by",
Expand Down Expand Up @@ -211,6 +218,8 @@
"Enter additional data key": "Enter additional data key",
"Enter additional data value": "Enter additional data value",
"External Ids": "External Ids",
"Enter Vulnerability Reference": "Enter Vulnerability Reference",
"Enter Assigned External Component Id": "Enter Assigned External Component Id",
"External URLs": "External URLs",
"external urls": "external urls",
"Enter external id key": "Enter external id key",
Expand All @@ -223,6 +232,9 @@
"Embedded Software": "Embedded Software",
"Email": "Email",
"Enter": "Enter",
"Enter Advisory Vendor": "Enter Advisory Vendor",
"Enter Advisory Name": "Enter Advisory Name",
"Enter Advisory Url": "Enter Advisory Url",
"Enter text search": "Enter text search",
"Enable Security Vulnerability Monitoring": "Enable Security Vulnerability Monitoring",
"ECC": "ECC",
Expand Down Expand Up @@ -637,6 +649,7 @@
"Vendor advisories": "Vendor advisories",
"Vulnerability scoring": "Vulnerability scoring",
"Vulnerable configurations": "Vulnerable configurations",
"Vulnerability Configuration": "Vulnerability Configuration",
"VISIBILITY_INFO": "Private: Only visible by creator (and admin which applies to all visibility levels) \n Me and Moderators: Visible by creator and moderators \n Group and Moderators: All users of the same group and the moderators \n Everyone: Every user who is logged into the system",
"Visibility": "Visibility",
"Vulnerability has been deleted": "Vulnerability has been deleted",
Expand All @@ -654,7 +667,9 @@
"Visual SourceSafe": "Visual SourceSafe",
"Vulnerabilities": "Vulnerabilities",
"Vulnerable Configuration": "Vulnerable Configuration",
"Vulnerability References": "Vulnerability References",
"Vulnerability matching statistics": "Vulnerability matching statistics",
"Vendor Advisories": "Vendor Advisories",
"Welcome to SW360!": "Welcome to SW360!",
"Wiki": "Wiki",
"Weighting": "Weighting",
Expand Down
15 changes: 15 additions & 0 deletions messages/ja.json
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,13 @@
"<=": "<=",
">=": ">=",
"Attachment Usages": "Attachment Usages",
"Assigned External Component Ids": "Assigned External Component Ids",
"Application Software": "NOT TRANSLATED",
"Analyst": "NOT TRANSLATED",
"as of": "as of",
"Advisory Vendor": "Advisory Vendor",
"Advisory Name": "Advisory Name",
"Advisory Url": "Advisory Url",
"authentication": "authentication",
"Accountant": "NOT TRANSLATED",
"ADJACENT_NETWORK": "ADJACENT_NETWORK",
Expand Down Expand Up @@ -73,6 +77,8 @@
"Cancel": "キャンセル",
"complexity": "complexity",
"Click to add row to Additional Data": "NOT TRANSLATED",
"Click to add Assigned External Component Id": "Click to add Assigned External Component Id",
"Click to add Vulnerability Reference": "Click to add Vulnerability Reference",
"Click to add row to External Id": "NOT TRANSLATED",
"Click to add row to External Url": "NOT TRANSLATED",
"Click to add Releases": "クリックしてリリースを追加します",
Expand Down Expand Up @@ -158,6 +164,7 @@
"CPE ID": "CPE ID",
"CVS": "CVS",
"CriticalFilesFound": "Critical Files Found",
"Click to add Vendor Advisory": "Click to add Vendor Advisory",
"Customer Project": "NOT TRANSLATED",
"Contains OSS": "Contains OSS",
"COMPLETE": "COMPLETE",
Expand Down Expand Up @@ -209,13 +216,18 @@
"Export SBOM": "Export SBOM",
"Edit Projects": "Edit Projects",
"External URLs": "NOT TRANSLATED",
"Enter Advisory Vendor": "Enter Advisory Vendor",
"Enter Advisory Name": "Enter Advisory Name",
"Enter Advisory Url": "Enter Advisory Url",
"Enter external id key": "NOT TRANSLATED",
"Enter external url key": "NOT TRANSLATED",
"Enter CVE Year": "Enter CVE Year",
"Enter CVE Number": "Enter CVE Number",
"Enter external id value": "NOT TRANSLATED",
"Enter external url value": "NOT TRANSLATED",
"Enter additional data key": "NOT TRANSLATED",
"Enter Vulnerability Reference": "Enter Vulnerability Reference",
"Enter Assigned External Component Id": "Enter Assigned External Component Id",
"Enter additional data value": "NOT TRANSLATED",
"End User": "NOT TRANSLATED",
"Enter owner's accounting unit": "NOT TRANSLATED",
Expand Down Expand Up @@ -641,8 +653,11 @@
"Version": "バージョン",
"vector": "vector",
"Vulnerable Configuration": "Vulnerable Configuration",
"Vulnerability Configuration": "Vulnerability Configuration",
"Visual SourceSafe": "ビジュアルソースセーフ",
"Vulnerabilities": "脆弱性",
"Vulnerability References": "Vulnerability References",
"Vendor Advisories": "Vendor Advisories",
"Vulnerability has been deleted": "Vulnerability has been deleted",
"Vulnerability matching statistics": "脆弱性マッチング統計",
"Welcome to SW360!": "SW360へようこそ!",
Expand Down
15 changes: 15 additions & 0 deletions messages/vi.json
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,11 @@
"<=": "<=",
">=": ">=",
"Attachment Usages": "Attachment Usages",
"Assigned External Component Ids": "Assigned External Component Ids",
"Application Software": "NOT TRANSLATED",
"Advisory Vendor": "Advisory Vendor",
"Advisory Name": "Advisory Name",
"Advisory Url": "Advisory Url",
"Analyst": "NOT TRANSLATED",
"Accountant": "NOT TRANSLATED",
"Advanced Filter": "Advanced Filter",
Expand Down Expand Up @@ -75,6 +79,8 @@
"CVE ID": "CVE ID",
"complexity": "complexity",
"Cloud Service": "NOT TRANSLATED",
"Click to add Assigned External Component Id": "Click to add Assigned External Component Id",
"Click to add Vulnerability Reference": "Click to add Vulnerability Reference",
"Click to add row to Additional Data": "NOT TRANSLATED",
"Click to add row to External Id": "NOT TRANSLATED",
"Click to add row to External Url": "NOT TRANSLATED",
Expand Down Expand Up @@ -164,6 +170,7 @@
"CPE ID": "CPE ID",
"CVS": "CVS",
"Created on": "Được Tạo Vào",
"Click to add Vendor Advisory": "Click to add Vendor Advisory",
"ClearCase": "ClearCase",
"CycloneDX": "CycloneDX",
"Clearing summary": "Clearing summary",
Expand Down Expand Up @@ -209,6 +216,8 @@
"Export SBOM": "Export SBOM",
"Edit Projects": "Edit Projects",
"External Ids": "NOT TRANSLATED",
"Enter Vulnerability Reference": "Enter Vulnerability Reference",
"Enter Assigned External Component Id": "Enter Assigned External Component Id",
"External URLs": "NOT TRANSLATED",
"external urls": "NOT TRANSLATED",
"Enter external id key": "NOT TRANSLATED",
Expand Down Expand Up @@ -248,6 +257,9 @@
"Enter Owner Accounting Unit": "Nhập Owner Billing",
"Enter Name": "Nhập Tên",
"Enter Blog URL": "Nhập Url Blog",
"Enter Advisory Vendor": "Enter Advisory Vendor",
"Enter Advisory Name": "Enter Advisory Name",
"Enter Advisory Url": "Enter Advisory Url",
"Enter Wiki URL": "Nhập Url Wiki",
"Enter Mailing List URL": "Nhập Url Danh sách gửi thư",
"Enter Description": "Nhập Miêu tả",
Expand Down Expand Up @@ -631,6 +643,7 @@
"vector": "vector",
"Vendors": "Nhà cung cấp",
"Verification": "Xác minh",
"Vulnerability Configuration": "Vulnerability Configuration",
"Vulnerability has been deleted": "Vulnerability has been deleted",
"Vulnerability is created": "Vulnerability is created",
"Vulnerability with the same External Id already exists": "Vulnerability with the same External Id already exists",
Expand All @@ -641,6 +654,8 @@
"Vulnerability Summary": "Vulnerability Summary",
"Vendor advisories": "Vendor advisories",
"Vulnerability scoring": "Vulnerability scoring",
"Vulnerability References": "Vulnerability References",
"Vendor Advisories": "Vendor Advisories",
"Vulnerable configurations": "Vulnerable configurations",
"Vulnerability matching statistics": "Thống kê phù hợp với lỗ hổng",
"Visual SourceSafe": "Nguồn trực quanAn toàn",
Expand Down
15 changes: 15 additions & 0 deletions messages/zh.json
Original file line number Diff line number Diff line change
Expand Up @@ -5,8 +5,12 @@
"<=": "<=",
">=": ">=",
"Attachment Usages": "Attachment Usages",
"Assigned External Component Ids": "Assigned External Component Ids",
"Application Software": "NOT TRANSLATED",
"Analyst": "NOT TRANSLATED",
"Advisory Vendor": "Advisory Vendor",
"Advisory Name": "Advisory Name",
"Advisory Url": "Advisory Url",
"Add Vulnerability": "Add Vulnerability",
"All": "All",
"Accountant": "NOT TRANSLATED",
Expand Down Expand Up @@ -78,6 +82,8 @@
"Categories": "类别",
"Commercial Details": "商用详细信息",
"Commercial Details Administration": "商业详细信息管理",
"Click to add Assigned External Component Id": "Click to add Assigned External Component Id",
"Click to add Vulnerability Reference": "Click to add Vulnerability Reference",
"Cancel": "取消",
"Change Log": "更改日志",
"Change Log Id": "更改日志 id",
Expand Down Expand Up @@ -148,6 +154,7 @@
"Clearing Standard": "明确标准",
"Cloud Backend": "NOT TRANSLATED",
"Change Vulnerability Rating And Action?": "是否更改漏洞等级和操作?",
"Click to add Vendor Advisory": "Click to add Vendor Advisory",
"Create Account": "创建账户",
"Created By (Email)": "创建者(电子邮件)",
"CriticalFilesFound": "Critical Files Found",
Expand Down Expand Up @@ -214,6 +221,8 @@
"Enter external url key": "NOT TRANSLATED",
"Enter external id value": "NOT TRANSLATED",
"Enter external url value": "NOT TRANSLATED",
"Enter Vulnerability Reference": "Enter Vulnerability Reference",
"Enter Assigned External Component Id": "Enter Assigned External Component Id",
"Enter additional data key": "NOT TRANSLATED",
"Enter additional data value": "NOT TRANSLATED",
"Enter one word tag": "NOT TRANSLATED",
Expand All @@ -225,6 +234,9 @@
"Enable Security Vulnerability Monitoring": "NOT TRANSLATED",
"ECC": "NOT TRANSLATED",
"ECC Comment": "出口管制注释",
"Enter Advisory Vendor": "Enter Advisory Vendor",
"Enter Advisory Name": "Enter Advisory Name",
"Enter Advisory Url": "Enter Advisory Url",
"ECC Details": "出口管制详细信息",
"Enter Vulnerability External Id": "Enter Vulnerability External Id",
"Enter Vulnerability Title": "Enter Vulnerability Title",
Expand Down Expand Up @@ -624,13 +636,16 @@
"Vulnerability Detail": "Vulnerability Detail",
"vector": "vector",
"VULNERABILITIES": "VULNERABILITIES",
"Vulnerability References": "Vulnerability References",
"Vendor Advisories": "Vendor Advisories",
"Vulnerability has been deleted": "Vulnerability has been deleted",
"Vendor Name": "供应商名称",
"Vulnerable Configuration": "Vulnerable Configuration",
"Vulnerability Impact": "Vulnerability Impact",
"Vulnerability Access": "Vulnerability Access",
"Vendors": "供应商",
"Verification": "検証",
"Vulnerability Configuration": "Vulnerability Configuration",
"Vulnerability Summary": "Vulnerability Summary",
"Vendor advisories": "Vendor advisories",
"Vulnerability scoring": "Vulnerability scoring",
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -27,10 +27,15 @@ import VulnerabilityImpact from '../../components/VulnerabilityImpact'
import VulnerabilityAccess from '../../components/VulnerabilityAccess'
import { ToastContainer } from 'react-bootstrap'
import CVEReferences from '../../components/CVEReferences'
import AddValues from '../../components/AddValues'
import AddVendorAdvisory from '../../components/VendorAdvisories'
import AddKeyValueComponent from '@/components/AddKeyValue'
import InputKeyValue from '@/object-types/InputKeyValue'

export default function AddVulnerability({ session }: { session: Session }) {
const t = useTranslations(COMMON_NAMESPACE)
const router = useRouter()
const [vulnerableConfiguration, setVulnerableConfiguration] = useState<InputKeyValue[]>([])
const [vulnerabilityData, setVulnerabilityData] = useState<VulnerabilityData>({
title: '',
description: '',
Expand Down Expand Up @@ -59,8 +64,19 @@ export default function AddVulnerability({ session }: { session: Session }) {
vector: '',
},
cveReferences: [],
references: [],
assignedExtComponentIds: [],
vendorAdvisories: [],
vulnerableConfiguration: {},
})

console.log(vulnerabilityData)

const setDataVulnerableConfiguration = (config: Map<string, string>) => {
const obj = Object.fromEntries(config)
setVulnerabilityData((prev) => ({ ...prev, vulnerableConfiguration: obj }))
}

const [toastData, setToastData] = useState<ToastData>({
show: false,
type: '',
Expand Down Expand Up @@ -111,7 +127,14 @@ export default function AddVulnerability({ session }: { session: Session }) {
cveReferences: Array.from(
new Set(vulnerabilityData.cveReferences.map((elem) => `${elem.year}-${elem.number}`))
),
references: Array.from(new Set(vulnerabilityData.references)).filter((elem) => elem !== ''),
assignedExtComponentIds: Array.from(new Set(vulnerabilityData.assignedExtComponentIds)).filter(
(elem) => elem !== ''
),
vendorAdvisories: Array.from(new Set(vulnerabilityData.vendorAdvisories)),
vulnerableConfiguration: vulnerabilityData.vulnerableConfiguration,
}
console.log(payload)
const response = await ApiUtils.POST('vulnerabilities', payload, session.user.access_token)
if (response.status == HttpStatus.CREATED) {
const data = await response.json()
Expand Down Expand Up @@ -168,6 +191,30 @@ export default function AddVulnerability({ session }: { session: Session }) {
<VulnerabilityImpact setPayload={setVulnerabilityData} />
<VulnerabilityAccess setPayload={setVulnerabilityData} />
<CVEReferences payload={vulnerabilityData} setPayload={setVulnerabilityData} />
<AddValues
componentName='Assigned External Component Ids'
entityName='Assigned External Component Id'
payloadKeyName='assignedExtComponentIds'
payload={vulnerabilityData}
setPayload={setVulnerabilityData}
/>
<AddValues
componentName='Vulnerability References'
entityName='Vulnerability Reference'
payloadKeyName='references'
payload={vulnerabilityData}
setPayload={setVulnerabilityData}
/>
<AddVendorAdvisory payload={vulnerabilityData} setPayload={setVulnerabilityData} />
<div className='row mb-4'>
<AddKeyValueComponent
header={t('Vulnerability Configuration')}
keyName={'Vulnerability configuration'}
setData={setVulnerableConfiguration}
data={vulnerableConfiguration}
setMap={setDataVulnerableConfiguration}
/>
</div>
</form>
</div>
</>
Expand Down
Loading

0 comments on commit 978eef4

Please sign in to comment.