Filter_Exploit

fatihtokus · Feb 13, 2025 · e48b9d8 · e48b9d8
1 parent 15dd19a
commit e48b9d8
Show file tree

Hide file tree

Showing 8 changed files with 98 additions and 29 deletions.
diff --git a/src/frontend-app/src/components/shared/SeverityTag.tsx b/src/frontend-app/src/components/shared/SeverityTag.tsx
@@ -13,6 +13,21 @@ export function isNegligible(severity: string)
   }
 };
 
+export function isASeverity(severity: string)
+: boolean {
+  switch (severity.toLowerCase()) {
+    case "critical":
+    case "high":
+    case "medium":
+    case "low":
+    case "unknown":
+    case "negligible":
+      return true
+    default:
+      return false;
+  }
+};
+
 const SeverityTag = ({ severity }: { severity: string }) => {
   let color;
 

diff --git a/src/frontend-app/src/components/shared/SeverityToolbar.tsx b/src/frontend-app/src/components/shared/SeverityToolbar.tsx
@@ -6,12 +6,12 @@ import { SeverityCount } from '../../types/ui/index.ts';
 
 interface SeverityToolbarProps {
   result: NormalizedResultForDataTable[];
-  onSeverityClick: (severity: string) => void;
+  onFilterClick: (severity: string) => void;
   onDeduplicationClick: () => void;
   deduplicationOn: boolean;
 }
 
-const SeverityToolbar: React.FC<SeverityToolbarProps> = ({ result, onSeverityClick, onDeduplicationClick, deduplicationOn }) => {
+const SeverityToolbar: React.FC<SeverityToolbarProps> = ({ result, onFilterClick, onDeduplicationClick, deduplicationOn }) => {
   const [resultsPerSeverity, setResultsPerSeverity] = useState<SeverityCount[]>([]);
 
   useEffect(() => {
@@ -64,11 +64,43 @@ const SeverityToolbar: React.FC<SeverityToolbarProps> = ({ result, onSeverityCli
             backgroundColor: color,
             color: '#000', // Set text color to black
           }}
-          onClick={() => onSeverityClick(severity.toLowerCase())}
+          onClick={() => onFilterClick(severity.toLowerCase())}
         >
-          {count} {severity}
+          {severity}({count})
         </Button>
       ))}
+    </Space>
+    <Space>
+      <Button
+          key="hasExploit"
+          style={{
+            backgroundColor: '#DDEE',
+            color: '#000', // Set text color to black
+          }}
+          onClick={() => onFilterClick("hasExploit")}
+        >
+        Has Exploit
+      </Button>
+      <Button
+          key="hasFix"
+          style={{
+            backgroundColor: '#DDEE',
+            color: '#000', // Set text color to black
+          }}
+          onClick={() => onFilterClick("hasFix")}
+        >
+        Has fix
+      </Button>
+      <Button
+          key="hasNoFix"
+          style={{
+            backgroundColor: '#DDEE',
+            color: '#000', // Set text color to black
+          }}
+          onClick={() => onFilterClick("hasNoFix")}
+        >
+        Has no fix
+      </Button>
       </Space>
       <Checkbox onClick={() => onDeduplicationClick()} checked={deduplicationOn}>
         Enable Deduplication

diff --git a/src/frontend-app/src/components/trivy-report/Licenses.tsx b/src/frontend-app/src/components/trivy-report/Licenses.tsx
@@ -5,9 +5,8 @@ import type { ColumnType, ColumnsType } from "antd/es/table";
 import type { FilterConfirmProps } from "antd/es/table/interface";
 import { useRef, useState, useEffect } from "react";
 import { NormalizedResultForDataTable, DataIndexForNormalizedResultForDataTable } from "../../types";
-import { filterDropdown, localeCompare, severityCompare, removeDuplicateResults } from "../../utils";
+import { filterResultByKeyword, filterDropdown, localeCompare, severityCompare, removeDuplicateResults } from "../../utils";
 import SeverityToolbar from '../shared/SeverityToolbar.tsx';
-import { isNegligible } from '../shared/SeverityTag';
 import SeverityTag from "../shared/SeverityTag";
 import { severityFilters } from "../../constants";
 import Highlighter from "react-highlight-words";
@@ -44,9 +43,8 @@ const Secrets: React.FC<Props> = ({ result }) => {
     setFilteredData(deduplicationOn ? removeDuplicateResults(result) : result);
   };
 
-  const handleSeverityClick = (severity: string) => {
-    const filtered = result.filter(item => severity === 'all' || item.Severity?.toLowerCase() === severity || isNegligible(item.Severity?.toLowerCase() || 'UNKNOWN'));
-    setFilteredData(filtered);
+  const handleFilterClick = (filterValue: string) => {
+    updateFilteredData(filterResultByKeyword(result, filterValue));
   };
 
   const handleSearch = (selectedKeys: string[], confirm: (param?: FilterConfirmProps) => void, dataIndex: DataIndexForNormalizedResultForDataTable) => {
@@ -190,7 +188,7 @@ const Secrets: React.FC<Props> = ({ result }) => {
 
   return (
     <>
-      <SeverityToolbar result={deduplicatedResults} onSeverityClick={handleSeverityClick} onDeduplicationClick={toggleDeduplication} deduplicationOn={deduplicationOn}/>
+      <SeverityToolbar result={deduplicatedResults} onFilterClick={handleFilterClick} onDeduplicationClick={toggleDeduplication} deduplicationOn={deduplicationOn}/>
       <Table columns={columns} dataSource={filteredData} pagination={{ defaultPageSize: 20 }} size="small" sticky 
       expandable={{
         expandedRowRender: (license) => (

diff --git a/src/frontend-app/src/components/trivy-report/Misconfigurations.tsx b/src/frontend-app/src/components/trivy-report/Misconfigurations.tsx
@@ -10,7 +10,7 @@ import SeverityTag from "../shared/SeverityTag";
 import { severityFilters } from "../../constants";
 import { NormalizedResultForDataTable, DataIndexForNormalizedResultForDataTable } from "../../types";
 import Highlighter from "react-highlight-words";
-import { filterDropdown, localeCompare, severityCompare, removeDuplicateResults } from "../../utils";
+import { filterResultByKeyword, filterDropdown, localeCompare, severityCompare, removeDuplicateResults } from "../../utils";
 import SeverityToolbar from '../shared/SeverityToolbar.tsx';
 import CodeDisplay from '../shared/CodeDisplay.tsx';
 
@@ -38,9 +38,8 @@ const Misconfigurations: React.FC<MisconfigurationsProps> = ({ result }) => {
     updateDeduplicatedResults(result);
   }, [deduplicationOn]);
 
-  const handleSeverityClick = (severity: string) => {
-    const filtered = result.filter(item => severity === 'all' || item.Severity?.toLowerCase() === severity); //doesn't work for negligible
-    updateFilteredData(filtered);
+  const handleFilterClick = (filterValue: string) => {
+    updateFilteredData(filterResultByKeyword(result, filterValue));
   };
 
   const updateDeduplicatedResults = (result: NormalizedResultForDataTable[]) => {
@@ -192,7 +191,7 @@ const Misconfigurations: React.FC<MisconfigurationsProps> = ({ result }) => {
 
   return (
     <>
-    <SeverityToolbar result={deduplicatedResults} onSeverityClick={handleSeverityClick} onDeduplicationClick={toggleDeduplication} deduplicationOn={deduplicationOn}/>
+    <SeverityToolbar result={deduplicatedResults} onFilterClick={handleFilterClick} onDeduplicationClick={toggleDeduplication} deduplicationOn={deduplicationOn}/>
     <Table columns={columns} dataSource={filteredData} pagination={{ defaultPageSize: 20 }} size="small" sticky 
       expandable={{
         expandedRowRender: (misconfiguration) => (

diff --git a/src/frontend-app/src/components/trivy-report/Secrets.tsx b/src/frontend-app/src/components/trivy-report/Secrets.tsx
@@ -5,9 +5,8 @@ import type { ColumnType, ColumnsType } from "antd/es/table";
 import type { FilterConfirmProps } from "antd/es/table/interface";
 import { useRef, useState, useEffect } from "react";
 import { NormalizedResultForDataTable, DataIndexForNormalizedResultForDataTable } from "../../types";
-import { filterDropdown, localeCompare, severityCompare, removeDuplicateResults } from "../../utils";
+import { filterResultByKeyword, filterDropdown, localeCompare, severityCompare, removeDuplicateResults } from "../../utils";
 import SeverityToolbar from '../shared/SeverityToolbar.tsx';
-import { isNegligible } from '../shared/SeverityTag';
 import CodeDisplay from '../shared/CodeDisplay.tsx';
 
 import SeverityTag from "../shared/SeverityTag";
@@ -46,9 +45,8 @@ const Secrets: React.FC<SecretsProps> = ({ result }) => {
     setFilteredData(deduplicationOn ? removeDuplicateResults(result) : result);
   };
 
-  const handleSeverityClick = (severity: string) => {
-    const filtered = result.filter(item => severity === 'all' || item.Severity?.toLowerCase() === severity || isNegligible(item.Severity?.toLowerCase() || 'UNKNOWN'));
-    setFilteredData(filtered);
+  const handleFilterClick = (filterValue: string) => {
+    updateFilteredData(filterResultByKeyword(result, filterValue));
   };
 
   const handleSearch = (selectedKeys: string[], confirm: (param?: FilterConfirmProps) => void, dataIndex: DataIndexForNormalizedResultForDataTable) => {
@@ -201,7 +199,7 @@ const Secrets: React.FC<SecretsProps> = ({ result }) => {
 
   return (
     <>
-      <SeverityToolbar result={deduplicatedResults} onSeverityClick={handleSeverityClick} onDeduplicationClick={toggleDeduplication} deduplicationOn={deduplicationOn}/>
+      <SeverityToolbar result={deduplicatedResults} onFilterClick={handleFilterClick} onDeduplicationClick={toggleDeduplication} deduplicationOn={deduplicationOn}/>
       <Table columns={columns} dataSource={filteredData} pagination={{ defaultPageSize: 20 }} size="small" sticky 
       expandable={{
         expandedRowRender: (secret) => (

diff --git a/src/frontend-app/src/components/trivy-report/Vulnerabilities.tsx b/src/frontend-app/src/components/trivy-report/Vulnerabilities.tsx
@@ -8,8 +8,7 @@ import type { InputRef } from 'antd';
 import type { ColumnType, ColumnsType } from 'antd/es/table';
 import type { FilterConfirmProps } from 'antd/es/table/interface';
 import { NormalizedResultForDataTable, DataIndexForNormalizedResultForDataTable } from '../../types';
-import { filterDropdown, localeCompare, severityCompare, numberCompare, removeDuplicateResults } from '../../utils';
-import { isNegligible } from '../shared/SeverityTag';
+import { filterResultByKeyword, filterDropdown, localeCompare, severityCompare, numberCompare, removeDuplicateResults } from '../../utils';
 import SeverityTag from '../shared/SeverityTag';
 import { severityFilters } from '../../constants';
 import SeverityToolbar from '../shared/SeverityToolbar';
@@ -59,9 +58,8 @@ const Vulnerabilities: React.FC<VulnerabilitiesProps> = ({ result }) => {
     setSearchText('');
   };
 
-  const handleSeverityClick = (severity: string) => {
-    const filtered = result.filter(item => severity === 'all' || item.Severity?.toLowerCase() === severity || isNegligible(item.Severity?.toLowerCase() || 'UNKNOWN'));
-    updateFilteredData(filtered);
+  const handleFilterClick = (filterValue: string) => {
+    updateFilteredData(filterResultByKeyword(result, filterValue));
   };
 
   const toggleDeduplication = () => {
@@ -197,7 +195,7 @@ const Vulnerabilities: React.FC<VulnerabilitiesProps> = ({ result }) => {
       key: 'Exploits',
       width: '5%',
       ...getColumnSearchProps('Exploits'),
-      sorter: (a: NormalizedResultForDataTable, b: NormalizedResultForDataTable) => numberCompare(a.Exploits, b.Exploits),
+      sorter: (a: NormalizedResultForDataTable, b: NormalizedResultForDataTable) => localeCompare(a.Exploits, b.Exploits),
       sortDirections: ['descend', 'ascend'],
       render: (exploits, vulnerability) => exploits == 'CISA' && <Exploits vulnerabilityID={vulnerability.ID? vulnerability.ID : ''}/>,
     }, 
@@ -243,7 +241,7 @@ const Vulnerabilities: React.FC<VulnerabilitiesProps> = ({ result }) => {
 
   return (
     <>
-      <SeverityToolbar result={deduplicatedResults} onSeverityClick={handleSeverityClick} onDeduplicationClick={toggleDeduplication} deduplicationOn={deduplicationOn}/>
+      <SeverityToolbar result={deduplicatedResults} onFilterClick={handleFilterClick} onDeduplicationClick={toggleDeduplication} deduplicationOn={deduplicationOn}/>
       <Table
         columns={columns}
         dataSource={filteredData}

diff --git a/src/frontend-app/src/types/index.ts b/src/frontend-app/src/types/index.ts
@@ -7,7 +7,7 @@ export class NormalizedResultForDataTable {
   NVD_V2Score?: number;
   NVD_V3Score?: number;
   EPSS_Score?: number;
-  Exploits?: string;
+  Exploits: string = "";
   Severity?: string;
   InstalledVersion?: string;
   FixedVersion?: string;

diff --git a/src/frontend-app/src/utils/index.tsx b/src/frontend-app/src/utils/index.tsx
@@ -1,5 +1,6 @@
 import { NormalizedResultForDataTable } from "../types";
 import { CisaExploit } from "../types/external/cisaExploit";
+import { isASeverity } from '../components/shared/SeverityTag';
 import { CommonScanResult, CommonResult, Holder } from "../types/external/defaultResult";
 
 export function removeDuplicateResults(results: NormalizedResultForDataTable[])
@@ -152,6 +153,34 @@ export function filterDropdown(rowValue: any, searchValue: any) {
     .includes((searchValue as string).toLowerCase());
 }
 
+export function filterResultByKeyword(results: NormalizedResultForDataTable[], keyword: string): NormalizedResultForDataTable[] {
+  console.info("Filtering by keyword: " + keyword);
+
+  if (keyword === 'negligible' || keyword === 'unknown') {
+    return results.filter(item => item.Severity?.toLowerCase() === 'negligible' || item.Severity?.toLowerCase() === 'unknown');
+  }
+
+  if (isASeverity(keyword)) {
+    console.info("Filtering by severity keyword ");
+    return results.filter(item => item.Severity?.toLowerCase() === keyword);
+  }
+
+  if (keyword === 'hasExploit') {
+    return results.filter(item => item.Exploits);
+  }
+
+  if (keyword === 'hasFix') {
+    return results.filter(item => item.FixedVersion);
+  }
+
+  if (keyword === 'hasNoFix') {
+    return results.filter(item => !item.FixedVersion);
+  }
+
+  // keyword = all
+  return results;
+}
+
 export function localeCompare(argument1: any, argument2: any) {
   return argument1 && argument2 ? argument1.localeCompare(argument2) : 0;
 }