Skip to content

Commit 1738194

Browse files
TG1999TG1999
committed
Fix API errors
Signed-off-by: Tushar Goel <[email protected]>
1 parent 297ab51 commit 1738194

File tree

2 files changed

+89
-24
lines changed

2 files changed

+89
-24
lines changed

vulnerabilities/api.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -323,7 +323,7 @@ def get_vulnerabilities_for_a_package(self, package, fix) -> dict:
323323
otherwise return vulnerabilities fixed by the `package`.
324324
"""
325325
fixed_packages = self.get_fixed_packages(package=package)
326-
if fix:
326+
if not fix:
327327
qs = package.affected_by_vulnerabilities.all()
328328
else:
329329
qs = package.fixing_vulnerabilities.all()

vulnerabilities/tests/test_api.py

Lines changed: 88 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -570,6 +570,65 @@ def setUp(self):
570570
def test_api_with_lesser_and_greater_fixed_by_packages(self):
571571
response = self.csrf_client.get(f"/api/packages/{self.pkg_2_13_1.id}", format="json").data
572572

573+
# expected = {
574+
# "url": "http://testserver/api/packages/{0}".format(self.pkg_2_13_1.id),
575+
# "purl": "pkg:maven/com.fasterxml.jackson.core/[email protected]",
576+
# "type": "maven",
577+
# "namespace": "com.fasterxml.jackson.core",
578+
# "name": "jackson-databind",
579+
# "version": "2.13.1",
580+
# "qualifiers": {},
581+
# "subpath": "",
582+
# "is_vulnerable": True,
583+
# "next_non_vulnerable_version": "2.14.0-rc1",
584+
# "latest_non_vulnerable_version": "2.14.0-rc1",
585+
# "affected_by_vulnerabilities": [
586+
# {
587+
# "url": "http://testserver/api/vulnerabilities/{0}".format(self.vul3.id),
588+
# "vulnerability_id": "VCID-vul3-vul3-vul3",
589+
# "summary": "This is VCID-vul3-vul3-vul3",
590+
# "references": [],
591+
# "fixed_packages": [],
592+
# "aliases": ["CVE-2021-46877", "GHSA-3x8x-79m2-3w2w"],
593+
# "resource_url": "http://testserver/vulnerabilities/VCID-vul3-vul3-vul3",
594+
# }
595+
# ],
596+
# "fixing_vulnerabilities": [
597+
# {
598+
# "url": "http://testserver/api/vulnerabilities/{0}".format(self.vul1.id),
599+
# "vulnerability_id": "VCID-vul1-vul1-vul1",
600+
# "summary": "This is VCID-vul1-vul1-vul1",
601+
# "references": [],
602+
# "fixed_packages": [
603+
# {
604+
# "url": "http://testserver/api/packages/{0}".format(
605+
# self.pkg_2_12_6_1.id
606+
# ),
607+
# "purl": "pkg:maven/com.fasterxml.jackson.core/[email protected]",
608+
# "is_vulnerable": True,
609+
# "affected_by_vulnerabilities": [
610+
# {"vulnerability": "VCID-vul2-vul2-vul2"}
611+
# ],
612+
# "resource_url": "http://testserver/packages/pkg:maven/com.fasterxml.jackson.core/[email protected]",
613+
# },
614+
# {
615+
# "url": "http://testserver/api/packages/{0}".format(self.pkg_2_13_2.id),
616+
# "purl": "pkg:maven/com.fasterxml.jackson.core/[email protected]",
617+
# "is_vulnerable": True,
618+
# "affected_by_vulnerabilities": [
619+
# {"vulnerability": "VCID-vul2-vul2-vul2"}
620+
# ],
621+
# "resource_url": "http://testserver/packages/pkg:maven/com.fasterxml.jackson.core/[email protected]",
622+
# },
623+
# ],
624+
# "aliases": ["CVE-2020-36518", "GHSA-57j2-w4cx-62h2"],
625+
# "resource_url": "http://testserver/vulnerabilities/VCID-vul1-vul1-vul1",
626+
# }
627+
# ],
628+
# "resource_url": "http://testserver/packages/pkg:maven/com.fasterxml.jackson.core/[email protected]",
629+
# "risk_score": None,
630+
# }
631+
573632
expected = {
574633
"url": "http://testserver/api/packages/{0}".format(self.pkg_2_13_1.id),
575634
"purl": "pkg:maven/com.fasterxml.jackson.core/[email protected]",
@@ -583,50 +642,56 @@ def test_api_with_lesser_and_greater_fixed_by_packages(self):
583642
"next_non_vulnerable_version": "2.14.0-rc1",
584643
"latest_non_vulnerable_version": "2.14.0-rc1",
585644
"affected_by_vulnerabilities": [
586-
{
587-
"url": "http://testserver/api/vulnerabilities/{0}".format(self.vul3.id),
588-
"vulnerability_id": "VCID-vul3-vul3-vul3",
589-
"summary": "This is VCID-vul3-vul3-vul3",
590-
"references": [],
591-
"fixed_packages": [],
592-
"aliases": ["CVE-2021-46877", "GHSA-3x8x-79m2-3w2w"],
593-
"resource_url": "http://testserver/vulnerabilities/VCID-vul3-vul3-vul3",
594-
}
595-
],
596-
"fixing_vulnerabilities": [
597645
{
598646
"url": "http://testserver/api/vulnerabilities/{0}".format(self.vul1.id),
599647
"vulnerability_id": "VCID-vul1-vul1-vul1",
600648
"summary": "This is VCID-vul1-vul1-vul1",
601649
"references": [],
602650
"fixed_packages": [
603651
{
604-
"url": "http://testserver/api/packages/{0}".format(
605-
self.pkg_2_12_6_1.id
606-
),
607-
"purl": "pkg:maven/com.fasterxml.jackson.core/[email protected]",
652+
"url": "http://testserver/api/packages/{0}".format(self.pkg_2_13_2.id),
653+
"purl": "pkg:maven/com.fasterxml.jackson.core/[email protected]",
608654
"is_vulnerable": True,
609655
"affected_by_vulnerabilities": [
610656
{"vulnerability": "VCID-vul2-vul2-vul2"}
611657
],
612-
"resource_url": "http://testserver/packages/pkg:maven/com.fasterxml.jackson.core/[email protected]",
658+
"resource_url": "http://testserver/packages/pkg:maven/com.fasterxml.jackson.core/[email protected]",
659+
}
660+
],
661+
"aliases": ["CVE-2020-36518", "GHSA-57j2-w4cx-62h2"],
662+
"resource_url": "http://testserver/vulnerabilities/VCID-vul1-vul1-vul1",
663+
}
664+
],
665+
"fixing_vulnerabilities": [
666+
{
667+
"url": "http://testserver/api/vulnerabilities/{0}".format(self.vul3.id),
668+
"vulnerability_id": "VCID-vul3-vul3-vul3",
669+
"summary": "This is VCID-vul3-vul3-vul3",
670+
"references": [],
671+
"fixed_packages": [
672+
{
673+
"url": "http://testserver/api/packages/{0}".format(self.pkg_2_12_6.id),
674+
"purl": "pkg:maven/com.fasterxml.jackson.core/[email protected]",
675+
"is_vulnerable": False,
676+
"affected_by_vulnerabilities": [],
677+
"resource_url": "http://testserver/packages/pkg:maven/com.fasterxml.jackson.core/[email protected]",
613678
},
614679
{
615-
"url": "http://testserver/api/packages/{0}".format(self.pkg_2_13_2.id),
616-
"purl": "pkg:maven/com.fasterxml.jackson.core/[email protected].2",
680+
"url": "http://testserver/api/packages/{0}".format(self.pkg_2_13_1.id),
681+
"purl": "pkg:maven/com.fasterxml.jackson.core/[email protected].1",
617682
"is_vulnerable": True,
618683
"affected_by_vulnerabilities": [
619-
{"vulnerability": "VCID-vul2-vul2-vul2"}
684+
{"vulnerability": "VCID-vul1-vul1-vul1"}
620685
],
621-
"resource_url": "http://testserver/packages/pkg:maven/com.fasterxml.jackson.core/[email protected].2",
686+
"resource_url": "http://testserver/packages/pkg:maven/com.fasterxml.jackson.core/[email protected].1",
622687
},
623688
],
624-
"aliases": ["CVE-2020-36518", "GHSA-57j2-w4cx-62h2"],
625-
"resource_url": "http://testserver/vulnerabilities/VCID-vul1-vul1-vul1",
689+
"aliases": ["CVE-2021-46877", "GHSA-3x8x-79m2-3w2w"],
690+
"resource_url": "http://testserver/vulnerabilities/VCID-vul3-vul3-vul3",
626691
}
627692
],
628-
"resource_url": "http://testserver/packages/pkg:maven/com.fasterxml.jackson.core/[email protected]",
629693
"risk_score": None,
694+
"resource_url": "http://testserver/packages/pkg:maven/com.fasterxml.jackson.core/[email protected]",
630695
}
631696

632697
assert response == expected

0 commit comments

Comments
 (0)