add test and projection mapping

DependencyTrack · Nov 15, 2023 · c595c60 · c595c60
1 parent a0f8c01
commit c595c60
Show file tree

Hide file tree

Showing 6 changed files with 123 additions and 21 deletions.
diff --git a/src/main/java/org/dependencytrack/model/ComponentMetaInformation.java b/src/main/java/org/dependencytrack/model/ComponentMetaInformation.java
@@ -3,5 +3,6 @@
 import java.util.Date;
 
 public record ComponentMetaInformation(Date publishedDate, IntegrityMatchStatus integrityMatchStatus,
-                                       Date lastFetched) {
+                                       Date lastFetched,
+                                       String integrityRepoUrl) {
 }
diff --git a/src/main/java/org/dependencytrack/model/sqlMapping/ComponentProjection.java b/src/main/java/org/dependencytrack/model/sqlMapping/ComponentProjection.java
@@ -60,10 +60,10 @@ public class ComponentProjection {
     @MappedField(sqlColumnName = "PURLCOORDINATES")
     public String purlCoordinates;
 
-    @MappedField(protoFieldName = "swid_tag_id", sqlColumnName = "SWIDTAGID")
+    @MappedField(sqlColumnName = "SWIDTAGID")
     public String swidTagId;
 
-    @MappedField(protoFieldName = "is_internal", sqlColumnName = "INTERNAL")
+    @MappedField(sqlColumnName = "INTERNAL")
     public Boolean internal;
 
     @MappedField(sqlColumnName = "LAST_RISKSCORE")
@@ -107,10 +107,10 @@ public class ComponentProjection {
     @MappedField(sqlColumnName = "LICENSE_URL")
     public String licenseUrl;
 
-    @MappedField(protoFieldName = "license_name", sqlColumnName = "LICENSE")
+    @MappedField(sqlColumnName = "LICENSE")
     public String licenseName;
 
-    @MappedField(protoFieldName = "license_expression", sqlColumnName = "LICENSE_EXPRESSION")
+    @MappedField(sqlColumnName = "LICENSE_EXPRESSION")
     public String licenseExpression;
 
     @MappedField(sqlColumnName = "PUBLISHED_AT")
@@ -158,17 +158,17 @@ public class ComponentProjection {
     @MappedField(sqlColumnName = "P_PURL")
     public String projectPurl;
 
-    @MappedField(protoFieldName = "swid_tag_id", sqlColumnName = "P_SWIDTAGID")
+    @MappedField(sqlColumnName = "P_SWIDTAGID")
     public String projectSwidTagId;
 
-    @MappedField(protoFieldName = "last_bom_import", sqlColumnName = "LAST_BOM_IMPORTED")
+    @MappedField(sqlColumnName = "LAST_BOM_IMPORTED")
     public Date lastBomImport;
 
     @MappedField(sqlColumnName = "LAST_BOM_IMPORTED_FORMAT")
-    public Date lastBomImportFormat;
+    public String lastBomImportFormat;
 
     @MappedField(sqlColumnName = "P_LAST_RISKSCORE")
-    private Double projectLastInheritedRiskScore;
+    public Double projectLastInheritedRiskScore;
 
     @MappedField(sqlColumnName = "P_DIRECT_DEPENDENCIES")
     public String projectDirectDependencies;
@@ -185,12 +185,12 @@ public class ComponentProjection {
     @MappedField(sqlColumnName = "LICENSEID")
     public String licenseId;
 
-    @MappedField(protoFieldName = "is_osi_approved", sqlColumnName = "ISOSIAPPROVED")
+    @MappedField(sqlColumnName = "ISOSIAPPROVED")
     public Boolean isOsiApproved;
 
-    @MappedField(protoFieldName = "is_fsf_libre", sqlColumnName = "FSFLIBRE")
+    @MappedField(sqlColumnName = "FSFLIBRE")
     public Boolean isFsfLibre;
 
-    @MappedField(protoFieldName = "is_custom", sqlColumnName = "ISCUSTOMLICENSE")
+    @MappedField(sqlColumnName = "ISCUSTOMLICENSE")
     public Boolean isCustomLicense;
 }
diff --git a/src/main/java/org/dependencytrack/persistence/ComponentQueryManager.java b/src/main/java/org/dependencytrack/persistence/ComponentQueryManager.java
@@ -182,7 +182,7 @@ public List<Component> getComponents(final Project project, final boolean includ
                         "A0"."LICENSE_EXPRESSION",
                         "A0"."LICENSE_URL",
                         "A0"."MD5",
-                        "A0"."NAME" AS "NUCORDER0",
+                        "A0"."NAME",
                         "A0"."TEXT",
                         "B0"."ACTIVE" AS "P_ACTIVE",
                         "B0"."AUTHOR" AS "P_AUTHOR",
@@ -219,7 +219,7 @@ public List<Component> getComponents(final Project project, final boolean includ
                         "A0"."SHA_512",
                         "A0"."SWIDTAGID",
                         "A0"."UUID",
-                        "A0"."VERSION" AS "NUCORDER1",
+                        "A0"."VERSION",
                         "I0"."LAST_FETCH",
                         "I0"."PUBLISHED_AT",
                         "IA"."INTEGRITY_CHECK_STATUS",
@@ -229,7 +229,7 @@ public List<Component> getComponents(final Project project, final boolean includ
                 LEFT JOIN "INTEGRITY_META_COMPONENT" "I0" ON "A0"."PURL" = "I0"."PURL"
                 LEFT JOIN "INTEGRITY_ANALYSIS" "IA" ON "A0"."ID" = "IA"."COMPONENT_ID"
                 LEFT OUTER JOIN "LICENSE" "D0" ON "A0"."LICENSE_ID" = "D0"."ID"
-                WHERE "A0"."PROJECT_ID" = 1
+                WHERE "A0"."PROJECT_ID" = ?
                 """;
 
         if (onlyOutdated) {
@@ -255,8 +255,8 @@ AND NOT (NOT EXISTS (
         if (orderBy == null) {
             queryString +=
                     """
-                        ORDER BY "NUCORDER0",
-                        "NUCORDER1" DESC FETCH NEXT 100 ROWS ONLY;
+                        ORDER BY "NAME",
+                        "VERSION" DESC FETCH NEXT 100 ROWS ONLY;
                     """;
         }
         final Query<?> query = pm.newQuery(Query.SQL, queryString);
@@ -269,7 +269,6 @@ AND NOT (NOT EXISTS (
             }
             query.setParameters(project.getId());
             resultSet = List.copyOf(query.executeResultList(ComponentProjection.class));
-            System.out.println(resultSet.size());
         }
         finally {
             query.closeAll();

diff --git a/src/main/java/org/dependencytrack/persistence/QueryManager.java b/src/main/java/org/dependencytrack/persistence/QueryManager.java
@@ -1882,7 +1882,7 @@ public ComponentMetaInformation getMetaInformation(UUID uuid) {
         Connection connection = null;
         PreparedStatement preparedStatement = null;
         String queryString = """
-                SELECT "C"."ID", "C"."PURL", "IMC"."LAST_FETCH",  "IMC"."PUBLISHED_AT", "IA"."INTEGRITY_CHECK_STATUS" FROM "COMPONENT" "C"
+                SELECT "C"."ID", "C"."PURL", "IMC"."LAST_FETCH",  "IMC"."PUBLISHED_AT", "IA"."INTEGRITY_CHECK_STATUS", "IMC"."REPOSITORY_URL" FROM "COMPONENT" "C"
                 JOIN "INTEGRITY_META_COMPONENT" "IMC" ON "C"."PURL" ="IMC"."PURL" LEFT JOIN "INTEGRITY_ANALYSIS" "IA" ON "IA"."COMPONENT_ID" ="C"."ID"  WHERE "C"."UUID" = ?
                 """;
         try {
@@ -1895,6 +1895,7 @@ public ComponentMetaInformation getMetaInformation(UUID uuid) {
                 Date publishedDate = null;
                 Date lastFetch = null;
                 IntegrityMatchStatus integrityMatchStatus = null;
+                String integrityRepoUrl = null;
                 if(resultSet.getTimestamp("PUBLISHED_AT") != null) {
                     publishedDate = Date.from(resultSet.getTimestamp("PUBLISHED_AT").toInstant());
                 }
@@ -1904,7 +1905,10 @@ public ComponentMetaInformation getMetaInformation(UUID uuid) {
                 if(resultSet.getString("INTEGRITY_CHECK_STATUS") != null) {
                     integrityMatchStatus = IntegrityMatchStatus.valueOf(resultSet.getString("INTEGRITY_CHECK_STATUS"));
                 }
-                return new ComponentMetaInformation(publishedDate, integrityMatchStatus, lastFetch);
+                if(resultSet.getString("REPOSITORY_URL") != null) {
+                    integrityRepoUrl = String.valueOf(resultSet.getString("REPOSITORY_URL"));
+                }
+                return new ComponentMetaInformation(publishedDate, integrityMatchStatus, lastFetch, integrityRepoUrl);
 
             }
         } catch (Exception ex) {

diff --git a/src/main/java/org/dependencytrack/util/ComponentUtil.java b/src/main/java/org/dependencytrack/util/ComponentUtil.java
@@ -1,12 +1,109 @@
 package org.dependencytrack.util;
 
+import org.dependencytrack.model.Classifier;
 import org.dependencytrack.model.Component;
+import org.dependencytrack.model.ComponentMetaInformation;
+import org.dependencytrack.model.IntegrityMatchStatus;
+import org.dependencytrack.model.License;
+import org.dependencytrack.model.Project;
 import org.dependencytrack.model.sqlMapping.ComponentProjection;
 
+import java.util.UUID;
+
 public class ComponentUtil {
 
     public static final Component mapToComponent(ComponentProjection result) {
+        Component componentPersistent = new Component();
+        componentPersistent.setAuthor(result.author);
+        componentPersistent.setBlake2b_256(result.blake2b_256);
+        componentPersistent.setBlake2b_384(result.blake2b_384);
+        componentPersistent.setBlake2b_512(result.blake2b_512);
+        componentPersistent.setBlake3(result.blake3);
+        if (result.classifier != null) {
+            componentPersistent.setClassifier(Classifier.valueOf(result.classifier));
+        }
+        componentPersistent.setCopyright(result.copyright);
+        componentPersistent.setCpe(result.cpe);
+        componentPersistent.setDescription(result.description);
+        componentPersistent.setDirectDependencies(result.directDependencies);
+        componentPersistent.setExtension(result.extension);
+        componentPersistent.setGroup(result.group);
+        componentPersistent.setId(result.id);
+        if (result.internal != null) {
+            componentPersistent.setInternal(result.internal);
+        }
+        componentPersistent.setSwidTagId(result.swidTagId);
+        componentPersistent.setLastInheritedRiskScore(result.lastInheritedRiskscore);
+        componentPersistent.setLicense(result.licenseName);
+        componentPersistent.setLicenseUrl(result.licenseUrl);
+        componentPersistent.setLicenseExpression(result.licenseExpression);
+        componentPersistent.setName(result.name);
+        if (result.uuid != null) {
+            componentPersistent.setUuid(UUID.fromString(result.uuid));
+        }
+//        componentPersistent.setExternalReferences();
+        componentPersistent.setPurl(result.purl);
+        componentPersistent.setPurlCoordinates(result.purlCoordinates);
+        componentPersistent.setVersion(result.version);
+        componentPersistent.setMd5(result.md5);
+        componentPersistent.setSha1(result.sha1);
+        componentPersistent.setSha256(result.sha256);
+        componentPersistent.setSha384(result.sha384);
+        componentPersistent.setSha512(result.sha512);
+        componentPersistent.setSha3_256(result.sha3_256);
+        componentPersistent.setSha3_384(result.sha3_384);
+        componentPersistent.setSha3_512(result.sha3_512);
+
+        var project = new Project();
+        if (result.projectId != null) {
+            project.setId(result.projectId);
+        }
+        project.setAuthor(result.projectAuthor);
+        if (result.projectActive != null) {
+            project.setActive(result.projectActive);
+        }
+        project.setDescription(result.projectDescription);
+        project.setCpe(result.projectCpe);
+        project.setPurl(result.projectPurl);
+        project.setSwidTagId(result.projectSwidTagId);
+        project.setPublisher(result.projectPublisher);
+//        project.setExternalReferences();
+        project.setLastInheritedRiskScore(result.projectLastInheritedRiskScore);
+        if (result.projectClassifier != null) {
+            project.setClassifier(Classifier.valueOf(result.projectClassifier));
+        }
+        project.setDirectDependencies(result.projectDirectDependencies);
+        project.setLastBomImport(result.lastBomImport);
+        project.setLastBomImportFormat(result.lastBomImportFormat);
+        project.setName(result.projectName);
+        if (result.projectUuid != null) {
+            project.setUuid(UUID.fromString(result.projectUuid));
+        }
+        project.setVersion(result.projectVersion);
+        componentPersistent.setProject(project);
+
+        var license = new License();
+        if (result.licenseUuid != null) {
+            license.setUuid(UUID.fromString(result.licenseUuid));
+        }
+        if (result.isCustomLicense != null) {
+            license.setCustomLicense(result.isCustomLicense);
+        }
+        if (result.isFsfLibre != null) {
+            license.setFsfLibre(result.isFsfLibre);
+        }
+        license.setLicenseId(result.licenseId);
+        if (result.isOsiApproved != null) {
+            license.setOsiApproved(result.isOsiApproved);
+        }
+        license.setName(result.licenseName);
+        componentPersistent.setResolvedLicense(license);
+
+        var componentMetaInformation = new ComponentMetaInformation(result.publishedAt,
+                result.integrityCheckStatus != null ? IntegrityMatchStatus.valueOf(result.integrityCheckStatus) : null,
+                result.lastFetch, result.integrityRepoUrl);
+        componentPersistent.setComponentMetaInformation(componentMetaInformation);
 
-        return null;
+        return componentPersistent;
     }
 }
diff --git a/src/test/java/org/dependencytrack/persistence/QueryManagerTest.java b/src/test/java/org/dependencytrack/persistence/QueryManagerTest.java
@@ -54,6 +54,7 @@ public void testGetMetaInformation() {
         assertEquals(HASH_MATCH_PASSED, componentMetaInformation.integrityMatchStatus());
         assertEquals(integrityMetaComponent.getPublishedAt(), componentMetaInformation.publishedDate());
         assertEquals(integrityMetaComponent.getLastFetch(), componentMetaInformation.lastFetched());
+        assertEquals(integrityMetaComponent.getRepositoryUrl(), componentMetaInformation.integrityRepoUrl());
     }
 
     @Test