From 47b0c3b021c803b1eeac813b545995af100be3b7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C5=A0est=C3=A1k=20V=C3=ADt?= <Vit.Sestak@ysoft.com>
Date: Thu, 25 Aug 2016 23:58:39 +0200
Subject: [PATCH] Added a workaround for long loading of vulnerabilities page

---
 app/services/OdcService.scala | 21 +++++++++++++++++++--
 build.sbt                     |  6 +++++-
 2 files changed, 24 insertions(+), 3 deletions(-)

diff --git a/app/services/OdcService.scala b/app/services/OdcService.scala
index c7ea0fa..16c8d8c 100644
--- a/app/services/OdcService.scala
+++ b/app/services/OdcService.scala
@@ -1,15 +1,18 @@
 package services
 
 import java.lang.{Boolean => JBoolean}
-import java.util.{Map => JMap}
+import java.sql.{Array => _, _}
+import java.util.{Properties, Map => JMap}
 
 import _root_.org.owasp.dependencycheck.data.nvdcve.CveDB
 import _root_.org.owasp.dependencycheck.dependency.VulnerableSoftware
 import _root_.org.owasp.dependencycheck.utils.{DependencyVersion, DependencyVersionUtil, Settings}
 import com.github.nscala_time.time.Imports._
 import com.google.inject.Inject
-import models.odc.{Vulnerabilities, OdcProperty}
+import com.mockrunner.mock.jdbc.MockConnection
 import models.odc.tables._
+import models.odc.{OdcProperty, Vulnerabilities}
+import play.api.Logger
 import play.api.db.slick.{DatabaseConfigProvider, HasDatabaseConfigProvider}
 import play.db.NamedDatabase
 
@@ -116,10 +119,24 @@ class OdcService @Inject()(@NamedDatabase("odc") protected val dbConfigProvider:
 
 private[services] object CveDbHelper {
 
+  class DummyDriver extends Driver{
+    override def acceptsURL(url: String): Boolean = {url.startsWith("jdbc:dummy:")}
+    override def jdbcCompliant(): Boolean = false
+    override def connect(url: String, info: Properties): Connection = new MockConnection()
+    override def getParentLogger = throw new SQLFeatureNotSupportedException()
+    override def getPropertyInfo(url: String, info: Properties): Array[DriverPropertyInfo] = {Array()}
+    override def getMinorVersion: Int = 1
+    override def getMajorVersion: Int = 1
+  }
+
+  org.apache.geronimo.jdbc.DelegatingDriver.registerDriver(new DummyDriver())
 
   def matchSofware(vulnerableSoftware: Map[String, Boolean], vendor: String, product: String, identifiedVersion: DependencyVersion) = {
     if(Settings.getInstance() == null){
       Settings.initialize()// Initiallize ODC environment on first use; Needed for each thread.
+      Settings.setString(Settings.KEYS.DB_CONNECTION_STRING, "jdbc:dummy:")
+      // Workaround: At first initialization, it will complain that the DB is empty. On next initializations, it will not complain.
+      try{new CveDB()}catch {case e: Throwable => Logger.info("A workaround-related exception, safe to ignore", e)}
     }
     val cd = new CveDB()
     import scala.collection.JavaConversions._
diff --git a/build.sbt b/build.sbt
index be87075..3eb2087 100644
--- a/build.sbt
+++ b/build.sbt
@@ -75,7 +75,7 @@ libraryDependencies += "net.codingwell" %% "scala-guice" % "4.0.0"
 
 libraryDependencies += "com.iheart" %% "ficus" % "1.2.3"
 
-libraryDependencies += "org.owasp" % "dependency-check-core" % "1.3.0"
+libraryDependencies += "org.owasp" % "dependency-check-core" % "1.4.2"
 
 libraryDependencies += "com.typesafe.play" %% "play-mailer" % "3.0.1"
 
@@ -85,6 +85,10 @@ libraryDependencies += "org.apache.httpcomponents" % "httpclient" % "4.3.6" // e
 
 libraryDependencies += "commons-collections" % "commons-collections" % "3.2.2" // evict the vulnerable version
 
+libraryDependencies += "org.apache.geronimo.modules" % "geronimo-jdbc" % "2.0.2"
+
+libraryDependencies += "com.mockrunner" % "mockrunner-jdbc" % "1.1.1"
+
 routesImport += "binders.QueryBinders._"
 
 // Uncomment to use Akka