Get vulnerabilities from CPE

Signed-off-by: Tushar Goel <tushar.goel.dav@gmail.com>

vulnerabilities/api.py

@@ -177,3 +177,38 @@ class VulnerabilityViewSet(viewsets.ReadOnlyModelViewSet):
     paginate_by = 50
     filter_backends = (filters.DjangoFilterBackend,)
     filterset_class = VulnerabilityFilterSet
+
+
+class VulnerabilityReferenceFilterSet(filters.FilterSet):
+    class Meta:
+        model = VulnerabilityReference
+        fields = ["reference_id"]
+
+
+class CPEFilterSet(filters.FilterSet):
+    cpe = filters.CharFilter(method="filter_cpe")
+
+    class Meta:
+        model = VulnerabilityReference
+        fields = ["reference_id"]
+
+    def filter_cpe(self, queryset, name, value):
+        cpe = unquote(value)
+        return self.queryset.filter(reference_id=cpe)
+
+
+class CPESerializer(serializers.HyperlinkedModelSerializer):
+
+    vulnerability = MinimalVulnerabilitySerializer(read_only=True)
+
+    class Meta:
+        model = VulnerabilityReference
+        fields = ["vulnerability"]
+
+
+class CPEViewSet(viewsets.ReadOnlyModelViewSet):
+    queryset = VulnerabilityReference.objects.filter(reference_id__startswith="cpe")
+    serializer_class = CPESerializer
+    paginate_by = 50
+    filter_backends = (filters.DjangoFilterBackend,)
+    filterset_class = CPEFilterSet

vulnerablecode/urls.py

@@ -26,6 +26,7 @@
 from django.urls import path
 from rest_framework.routers import DefaultRouter
 
+from vulnerabilities.api import CPEViewSet
 from vulnerabilities.api import PackageViewSet
 from vulnerabilities.api import VulnerabilityViewSet
 from vulnerabilities.views import HomePage
@@ -47,6 +48,7 @@ def __init__(self, *args, **kwargs):
 api_router.register(r"packages", PackageViewSet)
 # `DefaultRouter` requires `basename` when registering viewsets that don't define a queryset.
 api_router.register(r"vulnerabilities", VulnerabilityViewSet, basename="vulnerability")
+api_router.register(r"cpes", CPEViewSet, basename="cpe")
 
 urlpatterns = [
     path("admin/", admin.site.urls),