com.metaeffekt.artifact.analysis.vulnerability.enrichment.warnings.InventoryWarningEntry Maven / Gradle / Ivy
/*
* Copyright 2021-2024 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.metaeffekt.artifact.analysis.vulnerability.enrichment.warnings;
import com.metaeffekt.artifact.analysis.vulnerability.enrichment.InventoryAttribute;
import org.json.JSONObject;
import org.metaeffekt.core.inventory.processor.model.AbstractModelBase;
import org.metaeffekt.core.inventory.processor.model.Artifact;
import org.metaeffekt.core.inventory.processor.model.Inventory;
import org.metaeffekt.core.inventory.processor.model.VulnerabilityMetaData;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.stream.Collectors;
public class InventoryWarningEntry {
private final static Logger LOG = LoggerFactory.getLogger(InventoryWarningEntry.class);
public T source;
public String warning;
public String creator;
public InventoryWarningEntry(T source, String warning, String creator) {
if (source == null) {
throw new IllegalArgumentException("Source must not be null");
}
this.source = source;
this.warning = warning;
this.creator = creator;
}
public T getSource() {
return source;
}
public String getWarning() {
return warning;
}
public String getCreator() {
return creator;
}
public JSONObject toJson() {
final String sourceName;
if (source instanceof Artifact) {
sourceName = ((Artifact) source).getId();
} else if (source instanceof VulnerabilityMetaData) {
sourceName = ((VulnerabilityMetaData) source).get(VulnerabilityMetaData.Attribute.NAME);
} else {
throw new IllegalStateException("Unknown source type: " + source.getClass() + ", add handling in " + InventoryWarningEntry.class + ".toJson()");
}
return new JSONObject()
.put("source", sourceName)
.put("warning", warning)
.put("creator", creator);
}
public static Map>> groupBySource(List> entries) {
return entries.stream().collect(Collectors.groupingBy(InventoryWarningEntry::getSource));
}
public static InventoryWarningEntry fromToJson(JSONObject json, Inventory inventory, InventoryFindable finder) {
final String sourceString = json.getString("source");
final T instance = finder.find(sourceString, inventory);
final T effectiveInstance;
if (instance == null) {
LOG.warn("Could not find object with id " + sourceString + " when parsing inventory warnings, creating virtual object.");
effectiveInstance = finder.create(sourceString);
} else {
effectiveInstance = instance;
}
return new InventoryWarningEntry<>(effectiveInstance,
json.getString("warning"),
json.getString("creator")
);
}
private interface InventoryFindable {
T find(String sourceString, Inventory inventory);
T create(String sourceString);
}
public final static ArtifactFindable ARTIFACT_FINDABLE = new ArtifactFindable();
public final static VulnerabilityMetaDataFindable VULNERABILITY_META_DATA_FINDABLE = new VulnerabilityMetaDataFindable();
public static class ArtifactFindable implements InventoryFindable {
@Override
public Artifact find(String sourceString, Inventory inventory) {
return inventory.findArtifact(sourceString);
}
@Override
public Artifact create(String sourceString) {
Artifact virtualArtifact = new Artifact();
virtualArtifact.setId(sourceString);
virtualArtifact.set(InventoryAttribute.DESCRIPTION.getKey(), "Virtual artifact created by the inventory warnings.");
return virtualArtifact;
}
}
public static class VulnerabilityMetaDataFindable implements InventoryFindable {
@Override
public VulnerabilityMetaData find(String sourceString, Inventory inventory) {
return inventory.getVulnerabilityMetaData().stream()
.filter(v -> Objects.equals(v.get(VulnerabilityMetaData.Attribute.NAME), sourceString))
.findFirst()
.orElse(null);
}
@Override
public VulnerabilityMetaData create(String sourceString) {
VulnerabilityMetaData virtualVulnerability = new VulnerabilityMetaData();
virtualVulnerability.set(VulnerabilityMetaData.Attribute.NAME, sourceString);
virtualVulnerability.set(InventoryAttribute.DESCRIPTION.getKey(), "Virtual vulnerability created by the inventory warnings.");
return virtualVulnerability;
}
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy