Skip to content

Commit

Permalink
Modify UI, update dictionary and tests #1228
Browse files Browse the repository at this point in the history 
Reference: #1228

Signed-off-by: John M. Horan <johnmhoran@gmail.com>
  • Loading branch information
@johnmhoran
johnmhoran committed Nov 22, 2023
1 parent 9a9401a commit 5c6838c
Show file tree
Hide file tree
Showing 4 changed files with 42 additions and 14 deletions.
15 changes: 15 additions & 0 deletions vulnerabilities/models.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -723,8 +723,11 @@ def fixed_package_details(self):
purl_dict.update({"vulnerabilities": []})

purl_dict["closest_non_vulnerable_fix"] = ""
purl_dict["closest_non_vulnerable_fix_version"] = ""
purl_dict["closest_non_vulnerable_fix_url"] = ""

purl_dict["most_recent_non_vulnerable_fix"] = ""
purl_dict["most_recent_non_vulnerable_fix_version"] = ""
purl_dict["most_recent_non_vulnerable_fix_url"] = ""

for vuln in qs:
Expand Down Expand Up @@ -775,7 +778,9 @@ def fixed_package_details(self):

if dict_vuln["vulnerability"] == str(vuln):
dict_vuln["closest_fixed_by_purl"] = str(closest_fixed_package)

if len(vuln_matching_fixed_packages) > 0:
dict_vuln["closest_fixed_by_version"] = str(closest_fixed_package.version)
dict_vuln["closest_fixed_by_url"] = closest_fixed_package.get_absolute_url()
closest_fixed_package_vulns_dict = [
{
Expand All @@ -788,19 +793,29 @@ def fixed_package_details(self):
"closest_fixed_by_vulnerabilities"
] = closest_fixed_package_vulns_dict
else:
dict_vuln["closest_fixed_by_version"] = ""
dict_vuln["closest_fixed_by_url"] = ""
dict_vuln["closest_fixed_by_vulnerabilities"] = []

purl_dict["closest_non_vulnerable_fix"] = str(closest_non_vulnerable_fix)

if len(vuln_matching_fixed_packages) > 0:
purl_dict["closest_non_vulnerable_fix_version"] = str(
closest_non_vulnerable_fix.version
)
purl_dict[
"closest_non_vulnerable_fix_url"
] = closest_non_vulnerable_fix.get_absolute_url()
purl_dict["most_recent_non_vulnerable_fix_version"] = str(
most_recent_non_vulnerable_fix.version
)
purl_dict[
"most_recent_non_vulnerable_fix_url"
] = most_recent_non_vulnerable_fix.get_absolute_url()
else:
purl_dict["closest_non_vulnerable_fix_version"] = ""
purl_dict["closest_non_vulnerable_fix_url"] = ""
purl_dict["most_recent_non_vulnerable_fix_version"] = ""
purl_dict["most_recent_non_vulnerable_fix_url"] = ""

purl_dict["most_recent_non_vulnerable_fix"] = str(
Expand Down
35 changes: 22 additions & 13 deletions vulnerabilities/templates/package_details.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,18 +47,18 @@
<tbody>
<tr>
<td class="two-col-left">
Closest non-vulnerable purl
Non-vulnerable version
</td>
<td class="two-col-right">
<a href="{{ fixed_package_details.closest_non_vulnerable_fix_url }}?search={{ fixed_package_details.closest_non_vulnerable_fix }}" target="_self">{{ fixed_package_details.closest_non_vulnerable_fix }}</a>
<a href="{{ fixed_package_details.closest_non_vulnerable_fix_url }}?search={{ fixed_package_details.closest_non_vulnerable_fix }}" target="_self">{{ fixed_package_details.closest_non_vulnerable_fix_version }}</a>
</td>
</tr>
<tr>
<td class="two-col-left">
Latest non-vulnerable purl
Latest non-vulnerable version
</td>
<td class="two-col-right">
<a href="{{ fixed_package_details.most_recent_non_vulnerable_fix_url }}?search={{ fixed_package_details.most_recent_non_vulnerable_fix }}" target="_self">{{ fixed_package_details.most_recent_non_vulnerable_fix }}</a>
<a href="{{ fixed_package_details.most_recent_non_vulnerable_fix_url }}?search={{ fixed_package_details.most_recent_non_vulnerable_fix }}" target="_self">{{ fixed_package_details.most_recent_non_vulnerable_fix_version }}</a>
</td>
</tr>
</tbody>
Expand All @@ -80,7 +80,7 @@
<th style="width: 175px;">Vulnerability</th>
<th>Summary</th>
<th style="width: 225px;">Aliases</th>
<th style="width: 300px;">Closest fixed by packages</th>
<th style="width: 300px;">Fixed by packages</th>
</tr>
</thead>

Expand Down Expand Up @@ -111,10 +111,24 @@
{% for abc in value %}
{% if abc.vulnerability == vulnerability.vulnerability_id %}

<a href="{{ abc.closest_fixed_by_url }}?search={{ abc.closest_fixed_by_purl }}" target="_self">{{ abc.closest_fixed_by_purl }}</a>
{% if abc.closest_fixed_by_purl == "There are no reported fixed packages." %}
<span>There are no reported fixed packages.</span>
{% else %}
<a href="{{ abc.closest_fixed_by_url }}?search={{ abc.closest_fixed_by_purl }}" target="_self">{{ abc.closest_fixed_by_purl }}</a>
{% endif %}
<br />

<span>Vulnerabilities:</span> {{ abc.closest_fixed_by_vulnerabilities|length }}
{% if abc.closest_fixed_by_purl == "There are no reported fixed packages." %}
<span></span>
{% else %}

{% if abc.closest_fixed_by_vulnerabilities|length != 1 %}
<span>Affected by {{ abc.closest_fixed_by_vulnerabilities|length }} other vulnerabilities.</span>
{% else %}
<span>Affected by {{ abc.closest_fixed_by_vulnerabilities|length }} other vulnerability.</span>
{% endif %}

{% endif %}

{% if abc.closest_fixed_by_vulnerabilities|length != 0 %}
<div class="dropdown is-hoverable has-text-weight-normal is-right">
Expand All @@ -125,12 +139,7 @@
<div class="dropdown-content dropdown-instructions-box-shadow">
<div class="dropdown-item">
<div style="max-height: 200px; overflow-y: auto;">
The <strong>closest fixed-by purl</strong> has {{ abc.closest_fixed_by_vulnerabilities|length }}
{% if abc.closest_fixed_by_vulnerabilities|length == 1 %}
vulnerability:
{% else %}
vulnerabilities:
{% endif %}
This version is affected by these other vulnerabilities:
<div style="padding-top: 5px;">
{% for closest_vuln in abc.closest_fixed_by_vulnerabilities %}
<div>
Expand Down
4 changes: 4 additions & 0 deletions vulnerabilities/tests/test_models.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -224,6 +224,7 @@ def test_get_vulnerable_packages(self):
{
"vulnerability": "VCID-123",
"closest_fixed_by_purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.13.2",
"closest_fixed_by_version": "2.13.2",
"closest_fixed_by_url": "/packages/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.13.2",
"closest_fixed_by_vulnerabilities": [
{
Expand All @@ -235,13 +236,16 @@ def test_get_vulnerable_packages(self):
{
"vulnerability": "VCID-456",
"closest_fixed_by_purl": "There are no reported fixed packages.",
"closest_fixed_by_version": "",
"closest_fixed_by_url": "",
"closest_fixed_by_vulnerabilities": [],
},
],
"closest_non_vulnerable_fix": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.14.0-rc1",
"closest_non_vulnerable_fix_version": "",
"closest_non_vulnerable_fix_url": "",
"most_recent_non_vulnerable_fix": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.14.0-rc1",
"most_recent_non_vulnerable_fix_version": "",
"most_recent_non_vulnerable_fix_url": "",
}

Expand Down
2 changes: 1 addition & 1 deletion vulnerablecode/static/css/custom.css
View file
Original file line number Diff line number Diff line change
Expand Up @@ -196,7 +196,7 @@ code {
}

.two-col-left {
width: 250px;
width: 255px;
text-align: right !important;
font-weight: bold;
padding-right: 15px !important;
Expand Down

0 comments on commit 5c6838c

Please sign in to comment.