com.metaeffekt.artifact.enrichment.details.DetailsFillingEnrichmentCertEu Maven / Gradle / Ivy
The newest version!
/*
* Copyright 2021-2024 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.metaeffekt.artifact.enrichment.details;
import com.metaeffekt.artifact.analysis.utils.LazySupplier;
import com.metaeffekt.artifact.analysis.utils.StringUtils;
import com.metaeffekt.artifact.enrichment.configurations.details.DetailsFillingAdvisorCertEuInventoryEnrichmentConfiguration;
import com.metaeffekt.mirror.contents.advisory.AdvisoryEntry;
import com.metaeffekt.mirror.contents.advisory.CertEuAdvisorEntry;
import com.metaeffekt.mirror.contents.base.DataSourceIndicator;
import com.metaeffekt.mirror.contents.base.VulnerabilityContextInventory;
import com.metaeffekt.mirror.contents.store.AdvisoryTypeStore;
import com.metaeffekt.mirror.contents.vulnerability.Vulnerability;
import com.metaeffekt.mirror.download.documentation.EnricherMetadata;
import com.metaeffekt.mirror.download.documentation.InventoryEnrichmentPhase;
import com.metaeffekt.mirror.query.CertEuAdvisorIndexQuery;
import org.metaeffekt.core.inventory.processor.model.Inventory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.io.File;
import java.util.List;
@EnricherMetadata(
name = "CERT-EU Advisor Details", phase = InventoryEnrichmentPhase.SECURITY_ADVISORY_MATCHING,
intermediateFileSuffix = "details-advisor-cert-eu", mavenPropertyName = "certEuAdvisorEnrichment",
explicitConfiguration = DetailsFillingAdvisorCertEuInventoryEnrichmentConfiguration.class
)
public class DetailsFillingEnrichmentCertEu extends DetailsFillingEnrichment {
private static final Logger LOG = LoggerFactory.getLogger(DetailsFillingEnrichmentCertEu.class);
private final LazySupplier certEuAdvisorQuery;
public DetailsFillingEnrichmentCertEu(File baseMirrorDirectory) {
certEuAdvisorQuery = new LazySupplier<>(() -> new CertEuAdvisorIndexQuery(baseMirrorDirectory));
setConfiguration(new DetailsFillingAdvisorCertEuInventoryEnrichmentConfiguration());
}
@Override
protected boolean isApplicable(Vulnerability vulnerability) {
return !vulnerability.getRelatedAdvisorsTypes().contains(AdvisoryTypeStore.CERT_EU);
}
@Override
protected boolean isApplicable(AdvisoryEntry advisory) {
return advisory.getSourceIdentifier() == AdvisoryTypeStore.CERT_EU && StringUtils.isEmpty(advisory.getSummary()) && advisory.getDescription().isEmpty();
}
@Override
protected void fillDetailsOnVulnerability(Inventory inventory, VulnerabilityContextInventory vInventory, Vulnerability queryVulnerability) {
final List advisorEntries = certEuAdvisorQuery.get().findByReferencedId(queryVulnerability.getId());
if (advisorEntries.isEmpty()) {
return;
}
for (CertEuAdvisorEntry advisoryEntry : advisorEntries) {
final AdvisoryEntry constructedAdvisory = vInventory.findOrCreateAdvisoryEntryByName(advisoryEntry.getId(), CertEuAdvisorEntry::new);
constructedAdvisory.addMatchingSource(DataSourceIndicator.vulnerability(queryVulnerability));
queryVulnerability.addSecurityAdvisory(constructedAdvisory);
}
}
@Override
protected void fillDetailsOnAdvisory(Inventory inventory, VulnerabilityContextInventory vInventory, AdvisoryEntry queryAdvisory) {
final CertEuAdvisorEntry foundAdvisory = certEuAdvisorQuery.get().findById(queryAdvisory.getId());
if (foundAdvisory != null) {
queryAdvisory.appendFromDataClass(foundAdvisory);
}
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy