address pr review comments

Signed-off-by: mehab <[email protected]>
DependencyTrack · Oct 20, 2023 · dec7141 · dec7141
1 parent 1f6c805
commit dec7141
Show file tree

Hide file tree

Showing 6 changed files with 35 additions and 50 deletions.
diff --git a/src/main/java/org/dependencytrack/persistence/ComponentQueryManager.java b/src/main/java/org/dependencytrack/persistence/ComponentQueryManager.java
@@ -34,7 +34,6 @@
 import org.dependencytrack.model.RepositoryMetaComponent;
 import org.dependencytrack.model.RepositoryType;
 import org.dependencytrack.resources.v1.vo.DependencyGraphResponse;
-import org.dependencytrack.util.ComponentMetaInformationUtil;
 
 import javax.jdo.PersistenceManager;
 import javax.jdo.Query;
@@ -201,7 +200,7 @@ public PaginatedResult getComponents(final Project project, final boolean includ
                     if (RepositoryType.UNSUPPORTED != type) {
                         final RepositoryMetaComponent repoMetaComponent = getRepositoryMetaComponent(type, purl.getNamespace(), purl.getName());
                         component.setRepositoryMeta(repoMetaComponent);
-                        component.setComponentMetaInformation(ComponentMetaInformationUtil.getMetaInformation(purl, component.getUuid()));
+                        component.setComponentMetaInformation(QueryManager.getMetaInformation(purl, component.getUuid()));
                     }
                 }
             }
@@ -333,7 +332,7 @@ public PaginatedResult getComponents(ComponentIdentity identity, Project project
                     if (RepositoryType.UNSUPPORTED != type) {
                         final RepositoryMetaComponent repoMetaComponent = getRepositoryMetaComponent(type, purl.getNamespace(), purl.getName());
                         component.setRepositoryMeta(repoMetaComponent);
-                        component.setComponentMetaInformation(ComponentMetaInformationUtil.getMetaInformation(purl, component.getUuid()));
+                        component.setComponentMetaInformation(QueryManager.getMetaInformation(purl, component.getUuid()));
                     }
                 }
             }

diff --git a/src/main/java/org/dependencytrack/persistence/QueryManager.java b/src/main/java/org/dependencytrack/persistence/QueryManager.java
@@ -46,13 +46,15 @@
 import org.dependencytrack.model.Classifier;
 import org.dependencytrack.model.Component;
 import org.dependencytrack.model.ComponentIdentity;
+import org.dependencytrack.model.ComponentMetaInformation;
 import org.dependencytrack.model.ConfigPropertyConstants;
 import org.dependencytrack.model.Cpe;
 import org.dependencytrack.model.Cwe;
 import org.dependencytrack.model.DependencyMetrics;
 import org.dependencytrack.model.Finding;
 import org.dependencytrack.model.FindingAttribution;
 import org.dependencytrack.model.IntegrityAnalysis;
+import org.dependencytrack.model.IntegrityMatchStatus;
 import org.dependencytrack.model.IntegrityMetaComponent;
 import org.dependencytrack.model.License;
 import org.dependencytrack.model.LicenseGroup;
@@ -1832,4 +1834,23 @@ public IntegrityMetaComponent createIntegrityMetaComponent(IntegrityMetaComponen
     public IntegrityAnalysis getIntegrityAnalysisByComponentUuid(UUID uuid) {
         return getIntegrityAnalysisQueryManager().getIntegrityAnalysisByComponentUuid(uuid);
     }
+
+    public static ComponentMetaInformation getMetaInformation(PackageURL purl, UUID uuid) {
+        Date publishedAt = null;
+        Date lastFetched = null;
+        IntegrityMatchStatus integrityMatchStatus = null;
+
+        try (QueryManager queryManager = new QueryManager()) {
+            final IntegrityMetaComponent integrityMetaComponent = queryManager.getIntegrityMetaComponent(purl.toString());
+            final IntegrityAnalysis integrityAnalysis = queryManager.getIntegrityAnalysisByComponentUuid(uuid);
+            if (integrityMetaComponent != null) {
+                publishedAt = integrityMetaComponent.getPublishedAt();
+                lastFetched = integrityMetaComponent.getLastFetch();
+            }
+            if (integrityAnalysis != null) {
+                integrityMatchStatus = integrityAnalysis.getIntegrityCheckStatus();
+            }
+        }
+        return new ComponentMetaInformation(publishedAt, integrityMatchStatus, lastFetched);
+    }
 }
diff --git a/src/main/java/org/dependencytrack/resources/v1/ComponentResource.java b/src/main/java/org/dependencytrack/resources/v1/ComponentResource.java
@@ -51,7 +51,6 @@
 import org.dependencytrack.model.VulnerabilityAnalysisLevel;
 import org.dependencytrack.model.VulnerabilityScan;
 import org.dependencytrack.persistence.QueryManager;
-import org.dependencytrack.util.ComponentMetaInformationUtil;
 import org.dependencytrack.util.InternalComponentIdentificationUtil;
 import org.dependencytrack.util.PurlUtil;
 import org.hyades.proto.repometaanalysis.v1.FetchMeta;
@@ -154,7 +153,7 @@ public Response getComponentByUuid(
                                 detachedComponent.setRepositoryMeta(repoMetaComponent);
                             }
                             if (includeIntegrityMetaData) {
-                                detachedComponent.setComponentMetaInformation(ComponentMetaInformationUtil.getMetaInformation(component.getPurl(), component.getUuid()));
+                                detachedComponent.setComponentMetaInformation(QueryManager.getMetaInformation(component.getPurl(), component.getUuid()));
                             }
                         }
                     }

diff --git a/src/main/java/org/dependencytrack/util/ComponentMetaInformationUtil.java b/src/main/java/org/dependencytrack/util/ComponentMetaInformationUtil.java
diff --git a/...util/ComponentIdentificationUtilTest.java → ...cytrack/persistence/QueryManagerTest.java b/...util/ComponentIdentificationUtilTest.java → ...cytrack/persistence/QueryManagerTest.java
@@ -1,4 +1,4 @@
-package org.dependencytrack.util;
+package org.dependencytrack.persistence;
 
 import org.dependencytrack.PersistenceCapableTest;
 import org.dependencytrack.model.Component;
@@ -16,8 +16,7 @@
 import static org.dependencytrack.model.IntegrityMatchStatus.HASH_MATCH_PASSED;
 import static org.dependencytrack.model.IntegrityMatchStatus.HASH_MATCH_UNKNOWN;
 
-public class ComponentIdentificationUtilTest extends PersistenceCapableTest {
-
+public class QueryManagerTest extends PersistenceCapableTest {
     @Test
     public void testGetMetaInformation() {
         Project project = qm.createProject("Acme Application", null, null, null, null, null, true, false);
@@ -43,7 +42,7 @@ public void testGetMetaInformation() {
         integrityMetaComponent.setStatus(FetchStatus.PROCESSED);
         qm.createIntegrityMetaComponent(integrityMetaComponent);
         component = qm.createComponent(component, false);
-        ComponentMetaInformation componentMetaInformation = ComponentMetaInformationUtil.getMetaInformation(component.getPurl(), component.getUuid());
+        ComponentMetaInformation componentMetaInformation = QueryManager.getMetaInformation(component.getPurl(), component.getUuid());
         Assert.assertEquals(HASH_MATCH_PASSED, componentMetaInformation.integrityMatchStatus());
         Assert.assertEquals(integrityMetaComponent.getPublishedAt(), componentMetaInformation.publishedDate());
         Assert.assertEquals(integrityMetaComponent.getLastFetch(), componentMetaInformation.lastFetched());

diff --git a/src/test/java/org/dependencytrack/resources/v1/TeamResourceTest.java b/src/test/java/org/dependencytrack/resources/v1/TeamResourceTest.java
@@ -20,14 +20,13 @@
 
 import alpine.common.util.UuidUtil;
 import alpine.model.ConfigProperty;
+import alpine.model.Team;
 import alpine.server.filters.ApiFilter;
 import alpine.server.filters.AuthenticationFilter;
-import alpine.model.Team;
 import org.dependencytrack.ResourceTest;
 import org.dependencytrack.auth.Permissions;
 import org.dependencytrack.model.ConfigPropertyConstants;
 import org.dependencytrack.model.Project;
-import org.dependencytrack.persistence.QueryManager;
 import org.glassfish.jersey.client.ClientProperties;
 import org.glassfish.jersey.server.ResourceConfig;
 import org.glassfish.jersey.servlet.ServletContainer;
@@ -48,15 +47,15 @@ public class TeamResourceTest extends ResourceTest {
     @Override
     protected DeploymentContext configureDeployment() {
         return ServletDeploymentContext.forServlet(new ServletContainer(
-                new ResourceConfig(TeamResource.class)
-                        .register(ApiFilter.class)
-                        .register(AuthenticationFilter.class)))
+                        new ResourceConfig(TeamResource.class)
+                                .register(ApiFilter.class)
+                                .register(AuthenticationFilter.class)))
                 .build();
     }
 
     @Test
     public void getTeamsTest() {
-        for (int i=0; i<1000; i++) {
+        for (int i = 0; i < 1000; i++) {
             qm.createTeam("Team " + i, false);
         }
         Response response = target(V1_TEAM).request()
@@ -91,7 +90,7 @@ public void getTeamByInvalidUuidTest() {
         String body = getPlainTextBody(response);
         Assert.assertEquals("The team could not be found.", body);
     }
-    
+
     @Test
     public void getTeamSelfTest() {
         initializeWithPermissions(Permissions.BOM_UPLOAD, Permissions.PROJECT_CREATION_UPLOAD);
@@ -187,8 +186,8 @@ public void deleteTeamWithAclTest() {
         if (aclToogle == null) {
             qm.createConfigProperty(ConfigPropertyConstants.ACCESS_MANAGEMENT_ACL_ENABLED.getGroupName(), ConfigPropertyConstants.ACCESS_MANAGEMENT_ACL_ENABLED.getPropertyName(), "true", ConfigPropertyConstants.ACCESS_MANAGEMENT_ACL_ENABLED.getPropertyType(), ConfigPropertyConstants.ACCESS_MANAGEMENT_ACL_ENABLED.getDescription());
         } else {
-             aclToogle.setPropertyValue("true");
-             qm.persist(aclToogle);
+            aclToogle.setPropertyValue("true");
+            qm.persist(aclToogle);
         }
         Project project = qm.createProject("Acme Example", null, "1", null, null, null, true, false);
         project.addAccessTeam(team);