com.metaeffekt.artifact.analysis.vulnerability.enrichment.vulnerabilitystatus.validation.VulnerabilityStatusValidation Maven / Gradle / Ivy
The newest version!
/*
* Copyright 2021-2024 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.metaeffekt.artifact.analysis.vulnerability.enrichment.vulnerabilitystatus.validation;
import com.metaeffekt.artifact.enrichment.InventoryEnricher;
import lombok.Getter;
import org.metaeffekt.core.inventory.processor.model.AbstractModelBase;
import org.metaeffekt.core.inventory.processor.model.Artifact;
import org.metaeffekt.core.inventory.processor.model.Inventory;
import org.metaeffekt.core.inventory.processor.model.VulnerabilityMetaData;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
@Getter
public class VulnerabilityStatusValidation {
private final List anyArtifactExists = new ArrayList<>();
private final List matchingArtifactExists = new ArrayList<>();
private final List anyVulnerabilityExists = new ArrayList<>();
private final List matchingVulnerabilityExists = new ArrayList<>();
private final List anyArtifactNotExists = new ArrayList<>();
private final List matchingArtifactNotExists = new ArrayList<>();
private final List anyVulnerabilityNotExists = new ArrayList<>();
private final List matchingVulnerabilityNotExists = new ArrayList<>();
public void validateInventory(Inventory inventory, String onVulnerability) throws VulnerabilityStatusValidationException {
if (inventory == null) {
throw new VulnerabilityStatusValidationException("Inventory must not be null.");
} else if (onVulnerability == null) {
throw new VulnerabilityStatusValidationException("Vulnerability must not be null.");
}
if (!anyArtifactExists.isEmpty()) {
boolean matches = false;
for (Artifact artifact : inventory.getArtifacts()) {
if (matchesAny(anyArtifactExists, artifact)) {
matches = true;
break;
}
}
if (!matches) throw new VulnerabilityStatusValidationException("Validation failed on [any artifact exists]");
}
if (!matchingArtifactExists.isEmpty()) {
boolean matches = false;
for (Artifact artifact : inventory.getArtifacts()) {
if (InventoryEnricher.splitVulnerabilitiesCsv(artifact.getVulnerability()).contains(onVulnerability)) {
if (matchesAny(matchingArtifactExists, artifact)) {
matches = true;
break;
}
}
}
if (!matches) throw new VulnerabilityStatusValidationException("Validation failed on [matching artifact exists]");
}
if (!anyVulnerabilityExists.isEmpty()) {
boolean matches = false;
for (VulnerabilityMetaData vulnerabilityMetaData : inventory.getVulnerabilityMetaData()) {
if (matchesAny(anyVulnerabilityExists, vulnerabilityMetaData)) {
matches = true;
break;
}
}
if (!matches) throw new VulnerabilityStatusValidationException("Validation failed on [any vulnerability exists]");
}
if (!matchingVulnerabilityExists.isEmpty()) {
boolean matches = false;
for (VulnerabilityMetaData vulnerabilityMetaData : inventory.getVulnerabilityMetaData()) {
if (onVulnerability.equals(vulnerabilityMetaData.get(VulnerabilityMetaData.Attribute.NAME))) {
if (matchesAny(matchingVulnerabilityExists, vulnerabilityMetaData)) {
matches = true;
break;
}
}
}
if (!matches) {
throw new VulnerabilityStatusValidationException("Validation failed on [matching vulnerability exists]");
}
}
if (!anyArtifactNotExists.isEmpty()) {
boolean matches = false;
for (Artifact artifact : inventory.getArtifacts()) {
if (matchesAny(anyArtifactNotExists, artifact)) {
matches = true;
break;
}
}
if (matches) throw new VulnerabilityStatusValidationException("Validation failed on [any artifact not exists]");
}
if (!matchingArtifactNotExists.isEmpty()) {
boolean matches = false;
for (Artifact artifact : inventory.getArtifacts()) {
if (InventoryEnricher.splitVulnerabilitiesCsv(artifact.getVulnerability()).contains(onVulnerability)) {
if (matchesAny(matchingArtifactNotExists, artifact)) {
matches = true;
break;
}
}
}
if (matches) throw new VulnerabilityStatusValidationException("Validation failed on [matching artifact not exists]");
}
if (!anyVulnerabilityNotExists.isEmpty()) {
boolean matches = false;
for (VulnerabilityMetaData vulnerabilityMetaData : inventory.getVulnerabilityMetaData()) {
if (matchesAny(anyVulnerabilityNotExists, vulnerabilityMetaData)) {
matches = true;
break;
}
}
if (matches) throw new VulnerabilityStatusValidationException("Validation failed on [any vulnerability not exists]");
}
if (!matchingVulnerabilityNotExists.isEmpty()) {
boolean matches = false;
for (VulnerabilityMetaData vulnerabilityMetaData : inventory.getVulnerabilityMetaData()) {
if (onVulnerability.equals(vulnerabilityMetaData.get(VulnerabilityMetaData.Attribute.NAME))) {
if (matchesAny(matchingVulnerabilityNotExists, vulnerabilityMetaData)) {
matches = true;
break;
}
}
}
if (matches) throw new VulnerabilityStatusValidationException("Validation failed on [matching vulnerability not exists]");
}
}
public boolean matchesAny(List validationEntries, AbstractModelBase model) {
for (VulnerabilityStatusValidationEntry validationEntry : validationEntries) {
if (!validationEntry.validate(model)) {
return false;
}
}
return true;
}
public static VulnerabilityStatusValidation fromYamlMap(Map yamlMap) {
VulnerabilityStatusValidation validation = new VulnerabilityStatusValidation();
createValidationEntries(validation.getAnyArtifactExists(), yamlMap, "any artifact", "exists");
createValidationEntries(validation.getMatchingArtifactExists(), yamlMap, "matching artifact", "exists");
createValidationEntries(validation.getAnyVulnerabilityExists(), yamlMap, "any vulnerability", "exists");
createValidationEntries(validation.getMatchingVulnerabilityExists(), yamlMap, "matching vulnerability", "exists");
createValidationEntries(validation.getAnyArtifactNotExists(), yamlMap, "any artifact", "not exists");
createValidationEntries(validation.getMatchingArtifactNotExists(), yamlMap, "matching artifact", "not exists");
createValidationEntries(validation.getAnyVulnerabilityNotExists(), yamlMap, "any vulnerability", "not exists");
createValidationEntries(validation.getMatchingVulnerabilityNotExists(), yamlMap, "matching vulnerability", "not exists");
return validation;
}
private static void createValidationEntries(List validation, Map yamlMap, String type, String exists) {
if (yamlMap.containsKey(type)) {
if (((Map) yamlMap.get(type)).containsKey(exists)) {
validation.addAll(
VulnerabilityStatusValidationEntry.fromYamlList((List © 2015 - 2025 Weber Informatics LLC | Privacy Policy