From 5d1806e1dbd7a559528cddc81444283b8dc7f7ee Mon Sep 17 00:00:00 2001 From: drewgillies Date: Wed, 16 Dec 2020 17:20:21 +1000 Subject: [PATCH] Rename vulnerability service --- .../Ingest/AdvisoryIngestor.cs | 4 ++-- src/GitHubVulnerabilities2Db/Job.cs | 4 ++-- .../Configuration/FeatureFlagService.cs | 6 ++++++ .../Configuration/IFeatureFlagService.cs | 5 +++++ .../NuGetGallery.Services.csproj | 4 ++-- ...=> IPackageVulnerabilitiesManagementService.cs} | 4 ++-- ... => PackageVulnerabilitiesManagementService.cs} | 8 ++++---- src/NuGetGallery/App_Data/Files/Content/flags.json | 3 ++- .../App_Start/DefaultDependenciesModule.cs | 4 ++-- src/NuGetGallery/Services/PackageUploadService.cs | 4 ++-- src/VerifyGitHubVulnerabilities/Job.cs | 2 +- ...rifier.cs => PackageVulnerabilitiesVerifier.cs} | 4 ++-- .../VerifyGitHubVulnerabilities.csproj | 2 +- .../AdvisoryIngestorFacts.cs | 4 ++-- tests/NuGetGallery.Facts/NuGetGallery.Facts.csproj | 2 +- .../Services/PackageUploadServiceFacts.cs | 14 +++++++------- ...ackageVulnerabilitiesManagementServiceFacts.cs} | 12 ++++++------ 17 files changed, 49 insertions(+), 37 deletions(-) rename src/NuGetGallery.Services/PackageManagement/{IPackageVulnerabilityService.cs => IPackageVulnerabilitiesManagementService.cs} (88%) rename src/NuGetGallery.Services/PackageManagement/{PackageVulnerabilityService.cs => PackageVulnerabilitiesManagementService.cs} (98%) rename src/VerifyGitHubVulnerabilities/Verify/{PackageVulnerabilityServiceVerifier.cs => PackageVulnerabilitiesVerifier.cs} (97%) rename tests/NuGetGallery.Facts/Services/{PackageVulnerabilityServiceFacts.cs => PackageVulnerabilitiesManagementServiceFacts.cs} (97%) diff --git a/src/GitHubVulnerabilities2Db/Ingest/AdvisoryIngestor.cs b/src/GitHubVulnerabilities2Db/Ingest/AdvisoryIngestor.cs index 77a16b97e6..7aa1672568 100644 --- a/src/GitHubVulnerabilities2Db/Ingest/AdvisoryIngestor.cs +++ b/src/GitHubVulnerabilities2Db/Ingest/AdvisoryIngestor.cs @@ -13,11 +13,11 @@ namespace GitHubVulnerabilities2Db.Ingest { public class AdvisoryIngestor : IAdvisoryIngestor { - private readonly IPackageVulnerabilityService _packageVulnerabilityService; + private readonly IPackageVulnerabilitiesManagementService _packageVulnerabilityService; private readonly IGitHubVersionRangeParser _gitHubVersionRangeParser; public AdvisoryIngestor( - IPackageVulnerabilityService packageVulnerabilityService, + IPackageVulnerabilitiesManagementService packageVulnerabilityService, IGitHubVersionRangeParser gitHubVersionRangeParser) { _packageVulnerabilityService = packageVulnerabilityService ?? throw new ArgumentNullException(nameof(packageVulnerabilityService)); diff --git a/src/GitHubVulnerabilities2Db/Job.cs b/src/GitHubVulnerabilities2Db/Job.cs index e7e07ddd42..ed8facd431 100644 --- a/src/GitHubVulnerabilities2Db/Job.cs +++ b/src/GitHubVulnerabilities2Db/Job.cs @@ -64,8 +64,8 @@ protected void ConfigureIngestionServices(ContainerBuilder containerBuilder) ConfigureGalleryServices(containerBuilder); containerBuilder - .RegisterType() - .As(); + .RegisterType() + .As(); containerBuilder .RegisterType() diff --git a/src/NuGetGallery.Services/Configuration/FeatureFlagService.cs b/src/NuGetGallery.Services/Configuration/FeatureFlagService.cs index d5598af029..2dcf460823 100644 --- a/src/NuGetGallery.Services/Configuration/FeatureFlagService.cs +++ b/src/NuGetGallery.Services/Configuration/FeatureFlagService.cs @@ -25,6 +25,7 @@ public class FeatureFlagService : IFeatureFlagService private const string ManageDeprecationFeatureName = GalleryPrefix + "ManageDeprecation"; private const string ManageDeprecationForManyVersionsFeatureName = GalleryPrefix + "ManageDeprecationMany"; private const string ManageDeprecationApiFeatureName = GalleryPrefix + "ManageDeprecationApi"; + private const string DisplayVulnerabilitiesFeatureName = GalleryPrefix + "DisplayVulnerabilities"; private const string ODataReadOnlyDatabaseFeatureName = GalleryPrefix + "ODataReadOnlyDatabase"; private const string PackagesAtomFeedFeatureName = GalleryPrefix + "PackagesAtomFeed"; private const string SearchSideBySideFlightName = GalleryPrefix + "SearchSideBySide"; @@ -127,6 +128,11 @@ public bool IsManageDeprecationApiEnabled(User user) return _client.IsEnabled(ManageDeprecationApiFeatureName, user, defaultValue: false); } + public bool IsDisplayVulnerabilitiesEnabled() + { + return _client.IsEnabled(DisplayVulnerabilitiesFeatureName, defaultValue: false); + } + public bool AreEmbeddedIconsEnabled(User user) { return _client.IsEnabled(EmbeddedIconFlightName, user, defaultValue: false); diff --git a/src/NuGetGallery.Services/Configuration/IFeatureFlagService.cs b/src/NuGetGallery.Services/Configuration/IFeatureFlagService.cs index 635a3d1c57..50eb7fd90b 100644 --- a/src/NuGetGallery.Services/Configuration/IFeatureFlagService.cs +++ b/src/NuGetGallery.Services/Configuration/IFeatureFlagService.cs @@ -56,6 +56,11 @@ public interface IFeatureFlagService /// bool IsManageDeprecationApiEnabled(User user); + /// + /// Whether or not a package owner can view vulnerability advisory information on their package. + /// + bool IsDisplayVulnerabilitiesEnabled(); + /// /// Whether the user is allowed to publish packages with an embedded icon. /// diff --git a/src/NuGetGallery.Services/NuGetGallery.Services.csproj b/src/NuGetGallery.Services/NuGetGallery.Services.csproj index daa84d8b2f..552e82c055 100644 --- a/src/NuGetGallery.Services/NuGetGallery.Services.csproj +++ b/src/NuGetGallery.Services/NuGetGallery.Services.csproj @@ -161,7 +161,7 @@ - + @@ -170,7 +170,7 @@ - + diff --git a/src/NuGetGallery.Services/PackageManagement/IPackageVulnerabilityService.cs b/src/NuGetGallery.Services/PackageManagement/IPackageVulnerabilitiesManagementService.cs similarity index 88% rename from src/NuGetGallery.Services/PackageManagement/IPackageVulnerabilityService.cs rename to src/NuGetGallery.Services/PackageManagement/IPackageVulnerabilitiesManagementService.cs index ec8417d42f..e114bc37af 100644 --- a/src/NuGetGallery.Services/PackageManagement/IPackageVulnerabilityService.cs +++ b/src/NuGetGallery.Services/PackageManagement/IPackageVulnerabilitiesManagementService.cs @@ -6,10 +6,10 @@ namespace NuGetGallery { - public interface IPackageVulnerabilityService + public interface IPackageVulnerabilitiesManagementService { /// - /// Adds any s to that it is a part of. + /// Adds any s to that it is a part of. /// /// /// Does not commit changes. The caller is expected to commit any changes separately. diff --git a/src/NuGetGallery.Services/PackageManagement/PackageVulnerabilityService.cs b/src/NuGetGallery.Services/PackageManagement/PackageVulnerabilitiesManagementService.cs similarity index 98% rename from src/NuGetGallery.Services/PackageManagement/PackageVulnerabilityService.cs rename to src/NuGetGallery.Services/PackageManagement/PackageVulnerabilitiesManagementService.cs index edd4de3e80..ee0f6b9a48 100644 --- a/src/NuGetGallery.Services/PackageManagement/PackageVulnerabilityService.cs +++ b/src/NuGetGallery.Services/PackageManagement/PackageVulnerabilitiesManagementService.cs @@ -12,16 +12,16 @@ namespace NuGetGallery { - public class PackageVulnerabilityService : IPackageVulnerabilityService + public class PackageVulnerabilitiesManagementService : IPackageVulnerabilitiesManagementService { private readonly IEntitiesContext _entitiesContext; private readonly IPackageUpdateService _packageUpdateService; - private readonly ILogger _logger; + private readonly ILogger _logger; - public PackageVulnerabilityService( + public PackageVulnerabilitiesManagementService( IEntitiesContext entitiesContext, IPackageUpdateService packageUpdateService, - ILogger logger) + ILogger logger) { _entitiesContext = entitiesContext ?? throw new ArgumentNullException(nameof(entitiesContext)); _packageUpdateService = packageUpdateService ?? throw new ArgumentNullException(nameof(packageUpdateService)); diff --git a/src/NuGetGallery/App_Data/Files/Content/flags.json b/src/NuGetGallery/App_Data/Files/Content/flags.json index 673dfa4800..d4dd2d2e84 100644 --- a/src/NuGetGallery/App_Data/Files/Content/flags.json +++ b/src/NuGetGallery/App_Data/Files/Content/flags.json @@ -22,7 +22,8 @@ "NuGetGallery.ODataV2FindPackagesByIdNonHijacked": "Enabled", "NuGetGallery.ODataV2FindPackagesByIdCountNonHijacked": "Enabled", "NuGetGallery.ODataV2SearchNonHijacked": "Enabled", - "NuGetGallery.ODataV2SearchCountNonHijacked": "Enabled" + "NuGetGallery.ODataV2SearchCountNonHijacked": "Enabled", + "NuGetGallery.DisplayVulnerabilities": "Enabled" }, "Flights": { "NuGetGallery.TyposquattingFlight": { diff --git a/src/NuGetGallery/App_Start/DefaultDependenciesModule.cs b/src/NuGetGallery/App_Start/DefaultDependenciesModule.cs index 3c3e6f0079..636b08b259 100644 --- a/src/NuGetGallery/App_Start/DefaultDependenciesModule.cs +++ b/src/NuGetGallery/App_Start/DefaultDependenciesModule.cs @@ -442,8 +442,8 @@ protected override void Load(ContainerBuilder builder) .As() .InstancePerLifetimeScope(); - builder.RegisterType() - .As() + builder.RegisterType() + .As() .InstancePerLifetimeScope(); services.AddHttpClient(); diff --git a/src/NuGetGallery/Services/PackageUploadService.cs b/src/NuGetGallery/Services/PackageUploadService.cs index 181531b1f7..96baa64af8 100644 --- a/src/NuGetGallery/Services/PackageUploadService.cs +++ b/src/NuGetGallery/Services/PackageUploadService.cs @@ -22,7 +22,7 @@ public class PackageUploadService : IPackageUploadService private readonly IReservedNamespaceService _reservedNamespaceService; private readonly IValidationService _validationService; private readonly ICoreLicenseFileService _coreLicenseFileService; - private readonly IPackageVulnerabilityService _vulnerabilityService; + private readonly IPackageVulnerabilitiesManagementService _vulnerabilityService; private readonly IPackageMetadataValidationService _metadataValidationService; public PackageUploadService( @@ -33,7 +33,7 @@ public PackageUploadService( IValidationService validationService, ICoreLicenseFileService coreLicenseFileService, IDiagnosticsService diagnosticsService, - IPackageVulnerabilityService vulnerabilityService, + IPackageVulnerabilitiesManagementService vulnerabilityService, IPackageMetadataValidationService metadataValidationService) { _packageService = packageService ?? throw new ArgumentNullException(nameof(packageService)); diff --git a/src/VerifyGitHubVulnerabilities/Job.cs b/src/VerifyGitHubVulnerabilities/Job.cs index a17881764b..803c466c6a 100644 --- a/src/VerifyGitHubVulnerabilities/Job.cs +++ b/src/VerifyGitHubVulnerabilities/Job.cs @@ -34,7 +34,7 @@ public override async Task Run() Console.WriteLine($" FOUND {advisories.Count} advisories."); Console.WriteLine("Fetching vulnerabilities from DB..."); - var verifier = new PackageVulnerabilityServiceVerifier(_serviceProvider.GetRequiredService()); + var verifier = new PackageVulnerabilitiesVerifier(_serviceProvider.GetRequiredService()); var ingestor = new AdvisoryIngestor(verifier, new GitHubVersionRangeParser()); await ingestor.IngestAsync(advisories); diff --git a/src/VerifyGitHubVulnerabilities/Verify/PackageVulnerabilityServiceVerifier.cs b/src/VerifyGitHubVulnerabilities/Verify/PackageVulnerabilitiesVerifier.cs similarity index 97% rename from src/VerifyGitHubVulnerabilities/Verify/PackageVulnerabilityServiceVerifier.cs rename to src/VerifyGitHubVulnerabilities/Verify/PackageVulnerabilitiesVerifier.cs index e99a7c7086..fbf75bfe07 100644 --- a/src/VerifyGitHubVulnerabilities/Verify/PackageVulnerabilityServiceVerifier.cs +++ b/src/VerifyGitHubVulnerabilities/Verify/PackageVulnerabilitiesVerifier.cs @@ -11,11 +11,11 @@ namespace VerifyGitHubVulnerabilities.Verify { - public class PackageVulnerabilityServiceVerifier : IPackageVulnerabilityService + public class PackageVulnerabilitiesVerifier : IPackageVulnerabilitiesManagementService { private readonly IEntitiesContext _entitiesContext; - public PackageVulnerabilityServiceVerifier( + public PackageVulnerabilitiesVerifier( IEntitiesContext entitiesContext) { _entitiesContext = entitiesContext ?? throw new ArgumentNullException(nameof(entitiesContext)); diff --git a/src/VerifyGitHubVulnerabilities/VerifyGitHubVulnerabilities.csproj b/src/VerifyGitHubVulnerabilities/VerifyGitHubVulnerabilities.csproj index a955d81c28..001f4cdc29 100644 --- a/src/VerifyGitHubVulnerabilities/VerifyGitHubVulnerabilities.csproj +++ b/src/VerifyGitHubVulnerabilities/VerifyGitHubVulnerabilities.csproj @@ -49,7 +49,7 @@ - + diff --git a/tests/GitHubVulnerabilities2Db.Facts/AdvisoryIngestorFacts.cs b/tests/GitHubVulnerabilities2Db.Facts/AdvisoryIngestorFacts.cs index 7288278c81..478a2ca88d 100644 --- a/tests/GitHubVulnerabilities2Db.Facts/AdvisoryIngestorFacts.cs +++ b/tests/GitHubVulnerabilities2Db.Facts/AdvisoryIngestorFacts.cs @@ -132,14 +132,14 @@ public class MethodFacts { public MethodFacts() { - PackageVulnerabilityServiceMock = new Mock(); + PackageVulnerabilityServiceMock = new Mock(); GitHubVersionRangeParserMock = new Mock(); Ingestor = new AdvisoryIngestor( PackageVulnerabilityServiceMock.Object, GitHubVersionRangeParserMock.Object); } - public Mock PackageVulnerabilityServiceMock { get; } + public Mock PackageVulnerabilityServiceMock { get; } public Mock GitHubVersionRangeParserMock { get; } public AdvisoryIngestor Ingestor { get; } } diff --git a/tests/NuGetGallery.Facts/NuGetGallery.Facts.csproj b/tests/NuGetGallery.Facts/NuGetGallery.Facts.csproj index 63f158c906..f584f4efba 100644 --- a/tests/NuGetGallery.Facts/NuGetGallery.Facts.csproj +++ b/tests/NuGetGallery.Facts/NuGetGallery.Facts.csproj @@ -110,7 +110,7 @@ - + diff --git a/tests/NuGetGallery.Facts/Services/PackageUploadServiceFacts.cs b/tests/NuGetGallery.Facts/Services/PackageUploadServiceFacts.cs index 66bec90362..37196ce61a 100644 --- a/tests/NuGetGallery.Facts/Services/PackageUploadServiceFacts.cs +++ b/tests/NuGetGallery.Facts/Services/PackageUploadServiceFacts.cs @@ -32,7 +32,7 @@ private static PackageUploadService CreateService( Mock packageService = null, Mock reservedNamespaceService = null, Mock validationService = null, - Mock vulnerabilityService = null) + Mock vulnerabilityService = null) { packageService = packageService ?? new Mock(); @@ -64,7 +64,7 @@ private static PackageUploadService CreateService( if (vulnerabilityService == null) { - vulnerabilityService = new Mock(); + vulnerabilityService = new Mock(); } validationService = validationService ?? new Mock(); @@ -96,7 +96,7 @@ public async Task WillCallCreatePackageAsyncCorrectly() var key = 0; var packageService = new Mock(); packageService.Setup(x => x.FindPackageRegistrationById(It.IsAny())).Returns((PackageRegistration)null); - var vulnerabilityService = new Mock(); + var vulnerabilityService = new Mock(); var id = "Microsoft.Aspnet.Mvc"; var packageUploadService = CreateService(packageService, vulnerabilityService: vulnerabilityService); @@ -151,7 +151,7 @@ public async Task WillMarkPackageRegistrationVerifiedFlagCorrectly(bool shouldMa .Setup(r => r.GetReservedNamespacesForId(It.IsAny())) .Returns(testNamespaces.ToList().AsReadOnly()); - var vulnerabilityService = new Mock(); + var vulnerabilityService = new Mock(); var packageUploadService = CreateService( reservedNamespaceService: reservedNamespaceService, @@ -193,7 +193,7 @@ public async Task WillMarkPackageRegistrationNotVerifiedIfIdMatchesNonOwnedShare .Setup(r => r.GetReservedNamespacesForId(It.IsAny())) .Returns(testNamespaces.ToList().AsReadOnly()); - var vulnerabilityService = new Mock(); + var vulnerabilityService = new Mock(); var packageUploadService = CreateService( reservedNamespaceService: reservedNamespaceService, @@ -741,7 +741,7 @@ public abstract class FactsBase protected readonly Mock _telemetryService; protected readonly Mock _licenseFileService; protected readonly Mock _diagnosticsService; - protected readonly Mock _vulnerabilityService; + protected readonly Mock _vulnerabilityService; protected readonly Mock _metadataValidationService; protected Package _package; protected Stream _packageFile; @@ -784,7 +784,7 @@ public FactsBase() .Setup(ds => ds.GetSource(It.IsAny())) .Returns(Mock.Of()); - _vulnerabilityService = new Mock(); + _vulnerabilityService = new Mock(); _metadataValidationService = new Mock(); diff --git a/tests/NuGetGallery.Facts/Services/PackageVulnerabilityServiceFacts.cs b/tests/NuGetGallery.Facts/Services/PackageVulnerabilitiesManagementServiceFacts.cs similarity index 97% rename from tests/NuGetGallery.Facts/Services/PackageVulnerabilityServiceFacts.cs rename to tests/NuGetGallery.Facts/Services/PackageVulnerabilitiesManagementServiceFacts.cs index 6bf73722a5..d2940efe62 100644 --- a/tests/NuGetGallery.Facts/Services/PackageVulnerabilityServiceFacts.cs +++ b/tests/NuGetGallery.Facts/Services/PackageVulnerabilitiesManagementServiceFacts.cs @@ -13,7 +13,7 @@ namespace NuGetGallery.Services { - public class PackageVulnerabilityServiceFacts + public class PackageVulnerabilitiesManagementServiceFacts { public class TheApplyExistingVulnerabilitiesToPackageMethod : MethodFacts { @@ -211,7 +211,7 @@ public async Task WithExistingVulnerability_Withdrawn_RemovesAndUnmarks(bool has .Verifiable(); } - var service = GetService(); + var service = GetService(); // Act await service.UpdateVulnerabilityAsync(vulnerability, true); @@ -258,7 +258,7 @@ public async Task WithExistingVulnerability_NotWithdrawn_NoRanges_RemovesAndUnma .Verifiable(); } - var service = GetService(); + var service = GetService(); // Act await service.UpdateVulnerabilityAsync(vulnerability, false); @@ -440,7 +440,7 @@ public async Task WithExistingVulnerability_NotWithdrawn_UpdatesPackages( .Verifiable(); } - var service = GetService(); + var service = GetService(); // Act await service.UpdateVulnerabilityAsync(vulnerability, false); @@ -469,7 +469,7 @@ public MethodFacts() _databaseMock = new Mock(); Context = GetFakeContext(); UpdateServiceMock = GetMock(); - Service = GetService(); + Service = GetService(); _transactionMock .Setup(x => x.Commit()) @@ -487,7 +487,7 @@ public MethodFacts() private Mock _databaseMock { get; } protected FakeEntitiesContext Context { get; } protected Mock UpdateServiceMock { get; } - protected PackageVulnerabilityService Service { get; } + protected PackageVulnerabilitiesManagementService Service { get; } protected void VerifyTransaction() {