github-mirrors/odc-analyzer
1
0
Fork 0
mirror of https://github.com/ysoftdevs/odc-analyzer.git synced 2026-03-17 23:04:22 +01:00
Code Issues 2 Packages Projects Releases Wiki Activity

Vulnerabilities are now loaded from the vulnDB

Browse Source
This commit is contained in:
Šesták Vít
2016-02-22 08:36:35 +01:00
parent ae85cef92b
commit da93888262
2 changed files with 37 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
app/services/OdcService.scala
View File

@@ -8,7 +8,7 @@ import _root_.org.owasp.dependencycheck.dependency.VulnerableSoftware
import _root_.org.owasp.dependencycheck.utils.{DependencyVersion, DependencyVersionUtil, Settings}
import com.github.nscala_time.time.Imports._
import com.google.inject.Inject
import models.odc.OdcProperty
import models.odc.{Vulnerabilities, OdcProperty}
import models.odc.tables._
import play.api.db.slick.{DatabaseConfigProvider, HasDatabaseConfigProvider}
import play.db.NamedDatabase
@@ -29,20 +29,27 @@ class OdcService @Inject()(@NamedDatabase("odc") protected val dbConfigProvider:
def getReferences(id: Int): Future[Seq[com.ysoft.odc.Reference]] = db.run(references.filter(_.cveId === id).map(_.base).result)
def getVulnerabilityDetails(id: Int): Future[Option[com.ysoft.odc.Vulnerability]] = {
for {
bareVulnOption <- db.run(vulnerabilities.filter(_.id === id).map(_.base).result).map(_.headOption)
vulnerableSoftware <- getVulnerableSoftware(id)
references <- getReferences(id)
} yield bareVulnOption.map{bareVuln =>
com.ysoft.odc.Vulnerability(
name = bareVuln.cve,
cweOption = bareVuln.cweOption,
cvss = bareVuln.cvss,
description = bareVuln.description,
vulnerableSoftware = vulnerableSoftware,
references = references
)
def getVulnerabilityDetails(id: Int): Future[Option[com.ysoft.odc.Vulnerability]] = getVulnerabilityDetails(_.id === id)
def getVulnerabilityDetails(name: String): Future[Option[com.ysoft.odc.Vulnerability]] = getVulnerabilityDetails(_.cve === name)
def getVulnerabilityDetails(cond: Vulnerabilities => Rep[Boolean]): Future[Option[com.ysoft.odc.Vulnerability]] = {
db.run(vulnerabilities.filter(cond).result).map(_.headOption) flatMap { bareVulnOption =>
bareVulnOption.fold[Future[Option[com.ysoft.odc.Vulnerability]]](Future.successful(None)) { case (id, bareVuln) =>
for {
vulnerableSoftware <- getVulnerableSoftware(id)
references <- getReferences(id)
} yield Some(
com.ysoft.odc.Vulnerability(
name = bareVuln.cve,
cweOption = bareVuln.cweOption,
cvss = bareVuln.cvss,
description = bareVuln.description,
vulnerableSoftware = vulnerableSoftware,
references = references
)
)
}
}
}