diff --git a/src/main/java/org/dependencytrack/persistence/ComponentQueryManager.java b/src/main/java/org/dependencytrack/persistence/ComponentQueryManager.java index ed2b71377..73ac307f0 100644 --- a/src/main/java/org/dependencytrack/persistence/ComponentQueryManager.java +++ b/src/main/java/org/dependencytrack/persistence/ComponentQueryManager.java @@ -585,6 +585,7 @@ public Component updateComponent(Component transientComponent, boolean commitInd component.setInternal(transientComponent.isInternal()); component.setAuthor(transientComponent.getAuthor()); component.setSupplier(transientComponent.getSupplier()); + component.setExternalReferences(transientComponent.getExternalReferences()); final Component result = persist(component); return result; } diff --git a/src/main/java/org/dependencytrack/resources/v1/ComponentResource.java b/src/main/java/org/dependencytrack/resources/v1/ComponentResource.java index 504d60b58..fbe54a931 100644 --- a/src/main/java/org/dependencytrack/resources/v1/ComponentResource.java +++ b/src/main/java/org/dependencytrack/resources/v1/ComponentResource.java @@ -501,6 +501,7 @@ public Response updateComponent(Component jsonComponent) { component.setSha3_256(StringUtils.trimToNull(jsonComponent.getSha3_256())); component.setSha3_384(StringUtils.trimToNull(jsonComponent.getSha3_384())); component.setSha3_512(StringUtils.trimToNull(jsonComponent.getSha3_512())); + component.setExternalReferences(jsonComponent.getExternalReferences()); final License resolvedLicense = qm.getLicense(jsonComponent.getLicense()); if (resolvedLicense != null) { diff --git a/src/test/java/org/dependencytrack/resources/v1/ComponentResourceTest.java b/src/test/java/org/dependencytrack/resources/v1/ComponentResourceTest.java index 5fc0982f5..e79d8b9b0 100644 --- a/src/test/java/org/dependencytrack/resources/v1/ComponentResourceTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/ComponentResourceTest.java @@ -28,6 +28,7 @@ import org.dependencytrack.ResourceTest; import org.dependencytrack.event.kafka.KafkaTopics; import org.dependencytrack.model.Component; +import org.dependencytrack.model.ExternalReference; import org.dependencytrack.model.FetchStatus; import org.dependencytrack.model.IntegrityAnalysis; import org.dependencytrack.model.IntegrityMatchStatus; @@ -693,17 +694,29 @@ public void updateComponentTest() { component.setPurl("pkg:maven/org.acme/abc"); component.setName("My Component"); component.setVersion("1.0"); - component.setDescription("Test component"); - component = qm.createComponent(component, false); + qm.createComponent(component, false); + + var jsonComponent = new Component(); + jsonComponent.setUuid(component.getUuid()); + jsonComponent.setPurl("pkg:maven/org.acme/abc"); + jsonComponent.setName("My Component"); + jsonComponent.setVersion("1.0"); + jsonComponent.setDescription("Test component"); + var externalReference = new ExternalReference(); + externalReference.setType(org.cyclonedx.model.ExternalReference.Type.WEBSITE); + externalReference.setUrl("test.com"); + jsonComponent.setExternalReferences(List.of(externalReference)); + Response response = jersey.target(V1_COMPONENT).request() .header(X_API_KEY, apiKey) - .post(Entity.entity(component, MediaType.APPLICATION_JSON)); + .post(Entity.entity(jsonComponent, MediaType.APPLICATION_JSON)); Assert.assertEquals(200, response.getStatus(), 0); JsonObject json = parseJsonObject(response); Assert.assertNotNull(json); Assert.assertEquals("My Component", json.getString("name")); Assert.assertEquals("1.0", json.getString("version")); Assert.assertEquals("Test component", json.getString("description")); + Assert.assertEquals(1, json.getJsonArray("externalReferences").size()); assertThat(kafkaMockProducer.history()).satisfiesExactlyInAnyOrder( record -> assertThat(record.topic()).isEqualTo(KafkaTopics.NOTIFICATION_PROJECT_CREATED.name()), record -> {