From fd84983f8609c6c01fe968fe4f402d4166507368 Mon Sep 17 00:00:00 2001 From: linbangquan <1437892690@qq.com> Date: Mon, 13 Nov 2023 17:26:10 +0800 Subject: [PATCH] =?UTF-8?q?[=E5=8A=9F=E8=83=BD]=20=E5=90=8E=E7=AB=AF-CVE?= =?UTF-8?q?=E4=BE=9D=E8=B5=96=E6=89=AB=E6=8F=8F=E7=BB=93=E6=9E=9C=E5=B1=95?= =?UTF-8?q?=E7=A4=BA=E9=AB=98=E5=8D=B1=E4=B8=AA=E6=95=B0=E5=88=B0=E7=89=88?= =?UTF-8?q?=E6=9C=AC=E4=B8=AD=E5=BF=83=E4=B8=8A?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 关联 #[1023906381529088]后端-CVE依赖扫描结果展示高危个数到版本中心上 http://192.168.0.96:8090/demo/rdm.html#/task-detail/939050947543040/939050947543050/1023906381529088 --- .../api/version/SearchDeployVersionApi.java | 44 +++++++++++++------ .../dao/mapper/DeployVersionMapper.java | 3 ++ .../deploy/dao/mapper/DeployVersionMapper.xml | 14 ++++++ 3 files changed, 48 insertions(+), 13 deletions(-) diff --git a/src/main/java/neatlogic/module/deploy/api/version/SearchDeployVersionApi.java b/src/main/java/neatlogic/module/deploy/api/version/SearchDeployVersionApi.java index 461b14f4..1b9bfc98 100644 --- a/src/main/java/neatlogic/module/deploy/api/version/SearchDeployVersionApi.java +++ b/src/main/java/neatlogic/module/deploy/api/version/SearchDeployVersionApi.java @@ -1,6 +1,6 @@ package neatlogic.module.deploy.api.version; -import neatlogic.framework.asynchronization.threadlocal.TenantContext; +import com.alibaba.fastjson.JSONObject; import neatlogic.framework.auth.core.AuthAction; import neatlogic.framework.common.constvalue.ApiParamType; import neatlogic.framework.common.dto.BasePageVo; @@ -12,12 +12,13 @@ import neatlogic.framework.restful.constvalue.OperationTypeEnum; import neatlogic.framework.restful.core.privateapi.PrivateApiComponentBase; import neatlogic.framework.util.TableResultUtil; import neatlogic.module.deploy.dao.mapper.DeployVersionMapper; -import com.alibaba.fastjson.JSONObject; import org.apache.commons.collections4.CollectionUtils; +import org.apache.commons.collections4.MapUtils; import org.springframework.stereotype.Service; import javax.annotation.Resource; import java.util.ArrayList; +import java.util.HashMap; import java.util.List; import java.util.Map; import java.util.stream.Collectors; @@ -36,7 +37,7 @@ public class SearchDeployVersionApi extends PrivateApiComponentBase { @Override public String getName() { - return "查询发布版本列表"; + return "nmdav.searchdeployversionapi.getname"; } @Override @@ -50,20 +51,20 @@ public class SearchDeployVersionApi extends PrivateApiComponentBase { } @Input({ - @Param(name = "defaultValue", desc = "默认值", type = ApiParamType.JSONARRAY), - @Param(name = "keyword", desc = "关键词", type = ApiParamType.STRING), - @Param(name = "startTimeRange", type = ApiParamType.JSONOBJECT, desc = "上传时间范围 (入参:{startTime(开始时间)与endTime(结束时间)},或者{timeRange(时间范围)与timeUnit(时间范围参数)})"), - @Param(name = "appSystemIdList", desc = "应用系统id列表", type = ApiParamType.JSONARRAY), - @Param(name = "appModuleIdList", desc = "应用模块id列表", type = ApiParamType.JSONARRAY), - @Param(name = "statusList", desc = "状态", type = ApiParamType.JSONARRAY), - @Param(name = "currentPage", desc = "当前页", type = ApiParamType.INTEGER), - @Param(name = "pageSize", desc = "每页最大数", type = ApiParamType.INTEGER) + @Param(name = "defaultValue", desc = "common.defaultvalue", type = ApiParamType.JSONARRAY), + @Param(name = "keyword", desc = "common.keyword", type = ApiParamType.STRING), + @Param(name = "startTimeRange", type = ApiParamType.JSONOBJECT, desc = "common.planstarttime", help = "入参:{startTime(开始时间)与endTime(结束时间)},或者{timeRange(时间范围)与timeUnit(时间范围参数)}"), + @Param(name = "appSystemIdList", desc = "term.appsystemidlist", type = ApiParamType.JSONARRAY), + @Param(name = "appModuleIdList", desc = "term.cmdb.appmoduleidlist", type = ApiParamType.JSONARRAY), + @Param(name = "statusList", desc = "common.status", type = ApiParamType.JSONARRAY), + @Param(name = "currentPage", desc = "common.currentpage", type = ApiParamType.INTEGER), + @Param(name = "pageSize", desc = "common.pagesize", type = ApiParamType.INTEGER) }) @Output({ - @Param(name = "tbodyList", explode = DeployVersionVo[].class, desc = "发布版本列表"), + @Param(name = "tbodyList", explode = DeployVersionVo[].class, desc = "common.tbodylist"), @Param(explode = BasePageVo.class) }) - @Description(desc = "查询发布版本列表") + @Description(desc = "nmdav.searchdeployversionapi.getname") @Override public Object myDoService(JSONObject paramObj) throws Exception { DeployVersionVo paramVersionVo = paramObj.toJavaObject(DeployVersionVo.class); @@ -77,6 +78,14 @@ public class SearchDeployVersionApi extends PrivateApiComponentBase { returnVersionList = deployVersionMapper.getDeployVersionByIdList(idList); List versionVoListIncludeEnvList = deployVersionMapper.getDeployVersionIncludeEnvListByVersionIdList(idList); Map> allEnvListMap = versionVoListIncludeEnvList.stream().collect(Collectors.toMap(DeployVersionVo::getId, DeployVersionVo::getEnvList)); + Map> versionId2Map = new HashMap<>(); + List> versionHighestSeverityCveCountList = deployVersionMapper.getVersionHighestSeverityCveCountListByVersionIdListGroupByVersionIdAndHighestSeverity(idList); + for (Map map : versionHighestSeverityCveCountList) { + Long versionId = (Long) map.get("versionId"); + String highestSeverity = (String) map.get("highestSeverity"); + Long cveCount = (Long) map.get("cveCount"); + versionId2Map.computeIfAbsent(versionId, key -> new HashMap<>()).put(highestSeverity, cveCount); + } //补充版本的环境 for (DeployVersionVo returnVersion : returnVersionList) { List returnVersionEnvList = new ArrayList<>(); @@ -93,6 +102,15 @@ public class SearchDeployVersionApi extends PrivateApiComponentBase { } } returnVersion.setEnvList(returnVersionEnvList); + Map HighestSeverity2CveCountMap = versionId2Map.get(returnVersion.getId()); + if (MapUtils.isNotEmpty(HighestSeverity2CveCountMap)) { + Long highCveCount = HighestSeverity2CveCountMap.get("HIGH"); + Long criticalCveCount = HighestSeverity2CveCountMap.get("CRITICAL"); + Long criticalStarCveCount = HighestSeverity2CveCountMap.get("CRITICAL*"); + returnVersion.setHighCveCount(highCveCount == null ? 0 : highCveCount); + returnVersion.setCriticalCveCount(criticalCveCount == null ? 0 : criticalCveCount); + returnVersion.setCriticalStarCveCount(criticalStarCveCount == null ? 0 : criticalStarCveCount); + } } } } diff --git a/src/main/java/neatlogic/module/deploy/dao/mapper/DeployVersionMapper.java b/src/main/java/neatlogic/module/deploy/dao/mapper/DeployVersionMapper.java index 9d26e4d0..93de1daa 100644 --- a/src/main/java/neatlogic/module/deploy/dao/mapper/DeployVersionMapper.java +++ b/src/main/java/neatlogic/module/deploy/dao/mapper/DeployVersionMapper.java @@ -7,6 +7,7 @@ import neatlogic.framework.deploy.dto.version.*; import org.apache.ibatis.annotations.Param; import java.util.List; +import java.util.Map; /** * @author longrf @@ -86,6 +87,8 @@ public interface DeployVersionMapper { DeployVersionTheadVo getDeployVersionTheadByUserUuid(@Param("userUuid") String userUuid); + List> getVersionHighestSeverityCveCountListByVersionIdListGroupByVersionIdAndHighestSeverity(List versionIdList); + int unFreezeDeployVersionById(@Param("id") Long id, @Param("isFreeze") Long isFreeze); int updateDeployVersionDependencyBuildTimeById(Long id); diff --git a/src/main/java/neatlogic/module/deploy/dao/mapper/DeployVersionMapper.xml b/src/main/java/neatlogic/module/deploy/dao/mapper/DeployVersionMapper.xml index 779d0fa6..98c5a21e 100644 --- a/src/main/java/neatlogic/module/deploy/dao/mapper/DeployVersionMapper.xml +++ b/src/main/java/neatlogic/module/deploy/dao/mapper/DeployVersionMapper.xml @@ -886,6 +886,20 @@ limitations under the License. from deploy_version_thead where user_uuid = #{userUuid} + + + update deploy_version set is_freeze = #{isFreeze} -- Gitee