Merge pull request #462 from DependencyTrack/create-table-for-vulnera…

…bility-policy Create table for vulnerability policy
DependencyTrack · Dec 4, 2023 · 24c3109 · 24c3109
2 parents 9182e9d + d153845
commit 24c3109
Show file tree

Hide file tree

Showing 8 changed files with 565 additions and 0 deletions.
diff --git a/pom.xml b/pom.xml
@@ -259,6 +259,12 @@
             <artifactId>json</artifactId>
             <version>20231013</version>
         </dependency>
+        <dependency>
+            <groupId>com.fasterxml.jackson.datatype</groupId>
+            <artifactId>jackson-datatype-json-org</artifactId>
+            <version>${lib.jackson.version}</version>
+        </dependency>
+
         <!-- Package URL -->
         <dependency>
             <groupId>com.github.package-url</groupId>

diff --git a/src/main/java/org/dependencytrack/model/VulnerabilityPolicy.java b/src/main/java/org/dependencytrack/model/VulnerabilityPolicy.java
@@ -0,0 +1,175 @@
+package org.dependencytrack.model;
+
+import alpine.common.validation.RegexSequence;
+import alpine.server.json.TrimmedStringDeserializer;
+import com.fasterxml.jackson.annotation.JsonIgnore;
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
+import org.cyclonedx.model.vulnerability.Vulnerability;
+import org.dependencytrack.model.vulnerabilitypolicy.VulnerabilityPolicyAnalysis;
+
+import javax.jdo.annotations.Column;
+import javax.jdo.annotations.IdGeneratorStrategy;
+import javax.jdo.annotations.Index;
+import javax.jdo.annotations.PersistenceCapable;
+import javax.jdo.annotations.Persistent;
+import javax.jdo.annotations.PrimaryKey;
+import javax.jdo.annotations.Serialized;
+import javax.jdo.annotations.Unique;
+import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.Pattern;
+import javax.validation.constraints.Size;
+import java.io.Serializable;
+import java.util.Date;
+import java.util.List;
+
+@PersistenceCapable(table= "VULNERABILITY_POLICY")
+@JsonInclude(JsonInclude.Include.NON_NULL)
+@JsonIgnoreProperties(ignoreUnknown = true)
+public class VulnerabilityPolicy implements Serializable {
+
+    @PrimaryKey
+    @Persistent(valueStrategy = IdGeneratorStrategy.NATIVE)
+    @JsonIgnore
+    private long id;
+
+    @Persistent
+    @Column(name = "NAME", allowsNull = "false")
+    @Index(name = "VULNERABILITY_POLICY_NAME_IDX" , unique = "true")
+    @NotBlank
+    @Size(min = 1, max = 255)
+    @Pattern(regexp = RegexSequence.Definition.PRINTABLE_CHARS, message = "The name may only contain printable characters")
+    private String name;
+
+    @Persistent
+    @Column(name = "DESCRIPTION", allowsNull = "true")
+    @Size(max = 4096)
+    @Pattern(regexp = RegexSequence.Definition.PRINTABLE_CHARS, message = "The description may only contain printable characters")
+    private String description;
+
+    @Persistent
+    @Column(name = "AUTHOR", allowsNull = "true", jdbcType = "VARCHAR")
+    @Pattern(regexp = RegexSequence.Definition.PRINTABLE_CHARS, message = "The author may only contain printable characters")
+    private String author;
+
+    @Persistent
+    @Column(name = "CREATED", allowsNull = "true")
+    private Date created;
+
+    @Persistent
+    @Column(name = "UPDATED", allowsNull = "true")
+    private Date updated;
+
+    @Persistent
+    @Column(name = "VALID_FROM", allowsNull = "true")
+    private Date validFrom;
+
+    @Persistent
+    @Column(name = "VALID_UNTIL", allowsNull = "true")
+    private Date validUntil;
+
+    @Persistent(defaultFetchGroup = "true")
+    @JsonDeserialize(using = TrimmedStringDeserializer.class)
+    @Column(name = "CONDITIONS", allowsNull = "false")
+    private String[] conditions;
+
+    @Column(name = "ANALYSIS", allowsNull = "false")
+    @Persistent(defaultFetchGroup = "true")
+    @JsonDeserialize(using = TrimmedStringDeserializer.class)
+    private VulnerabilityPolicyAnalysis analysis;
+
+    @Column(name = "RATINGS", allowsNull = "true")
+    @Persistent(defaultFetchGroup = "true")
+    @JsonDeserialize(using = TrimmedStringDeserializer.class)
+    private List<Vulnerability.Rating> ratings;
+
+    public long getId() {
+        return id;
+    }
+
+    public void setId(long id) {
+        this.id = id;
+    }
+
+    public String getName() {
+        return name;
+    }
+
+    public void setName(String name) {
+        this.name = name;
+    }
+
+    public String getDescription() {
+        return description;
+    }
+
+    public void setDescription(String description) {
+        this.description = description;
+    }
+
+    public String getAuthor() {
+        return author;
+    }
+
+    public void setAuthor(String author) {
+        this.author = author;
+    }
+
+    public Date getCreated() {
+        return created;
+    }
+
+    public void setCreated(Date created) {
+        this.created = created;
+    }
+
+    public Date getUpdated() {
+        return updated;
+    }
+
+    public void setUpdated(Date updated) {
+        this.updated = updated;
+    }
+
+    public Date getValidFrom() {
+        return validFrom;
+    }
+
+    public void setValidFrom(Date validFrom) {
+        this.validFrom = validFrom;
+    }
+
+    public Date getValidUntil() {
+        return validUntil;
+    }
+
+    public void setValidUntil(Date validUntil) {
+        this.validUntil = validUntil;
+    }
+
+    public String[] getConditions() {
+        return conditions;
+    }
+
+    public void setConditions(String[] conditions) {
+        this.conditions = conditions;
+    }
+
+    public VulnerabilityPolicyAnalysis getAnalysis() {
+        return analysis;
+    }
+
+    public void setAnalysis(VulnerabilityPolicyAnalysis vulnerabilityPolicyAnalysis) {
+        this.analysis = vulnerabilityPolicyAnalysis;
+    }
+
+    public List<Vulnerability.Rating> getRatings() {
+        return ratings;
+    }
+
+    public void setRatings(List<Vulnerability.Rating> ratings) {
+        this.ratings = ratings;
+    }
+}
+
diff --git a/src/main/java/org/dependencytrack/model/vulnerabilitypolicy/VulnerabilityPolicyAnalysis.java b/src/main/java/org/dependencytrack/model/vulnerabilitypolicy/VulnerabilityPolicyAnalysis.java
@@ -0,0 +1,7 @@
+package org.dependencytrack.model.vulnerabilitypolicy;
+
+import org.dependencytrack.model.AnalysisJustification;
+import org.dependencytrack.model.AnalysisState;
+
+public record VulnerabilityPolicyAnalysis(AnalysisState state, AnalysisJustification justification, String details, boolean suppress) {
+}
diff --git a/src/main/java/org/dependencytrack/persistence/QueryManager.java b/src/main/java/org/dependencytrack/persistence/QueryManager.java
@@ -82,6 +82,7 @@
 import org.dependencytrack.model.Vulnerability;
 import org.dependencytrack.model.VulnerabilityAlias;
 import org.dependencytrack.model.VulnerabilityMetrics;
+import org.dependencytrack.model.VulnerabilityPolicy;
 import org.dependencytrack.model.VulnerabilityScan;
 import org.dependencytrack.model.VulnerableSoftware;
 import org.dependencytrack.model.WorkflowState;
@@ -149,6 +150,7 @@ public class QueryManager extends AlpineQueryManager {
     private IntegrityMetaQueryManager integrityMetaQueryManager;
 
     private IntegrityAnalysisQueryManager integrityAnalysisQueryManager;
+    private VulnerabilityPolicyQueryManager vulnerabilityPolicyQueryManager;
 
     private TagQueryManager tagQueryManager;
 
@@ -408,6 +410,13 @@ private IntegrityAnalysisQueryManager getIntegrityAnalysisQueryManager() {
         return integrityAnalysisQueryManager;
     }
 
+    private VulnerabilityPolicyQueryManager getVulnerabilityPolicyQueryManager() {
+        if (vulnerabilityPolicyQueryManager == null) {
+            vulnerabilityPolicyQueryManager = (request == null) ? new VulnerabilityPolicyQueryManager(getPersistenceManager()) : new VulnerabilityPolicyQueryManager(getPersistenceManager(), request);
+        }
+        return vulnerabilityPolicyQueryManager;
+    }
+
     /**
      * Get the IDs of the {@link Team}s a given {@link Principal} is a member of.
      *
@@ -1928,4 +1937,24 @@ public ComponentMetaInformation getMetaInformation(UUID uuid) {
     public List<Component> getComponentsByPurl(String purl) {
         return getComponentQueryManager().getComponentsByPurl(purl);
     }
+
+    public int createVulnerabilityPolicy(VulnerabilityPolicy vulnerabilityPolicy) {
+        return getVulnerabilityPolicyQueryManager().createVulnerabilityPolicy(vulnerabilityPolicy);
+    }
+
+    public List<VulnerabilityPolicy> getAllVulnerabilityPolicies() {
+        return getVulnerabilityPolicyQueryManager().getAllVulnerabilityPolicies();
+    }
+
+    public int deleteVulnerabilityPolicyByName(String vulnerabilityPolicyName) {
+        return getVulnerabilityPolicyQueryManager().deleteVulnerabilityPolicyByName(vulnerabilityPolicyName);
+    }
+
+    public int updateVulnerablePolicyByName(VulnerabilityPolicy vulnerabilityPolicy) {
+        return getVulnerabilityPolicyQueryManager().updateVulnerabilityPolicyByName(vulnerabilityPolicy);
+    }
+
+    public VulnerabilityPolicy getVulnerabilityPolicyByName(String vulnerabilityPolicyName) {
+        return getVulnerabilityPolicyQueryManager().getVulnerabilityPolicyByName(vulnerabilityPolicyName);
+    }
 }