Add url property to Alias model and implement

johnmhoran · johnmhoran · commit fbb895a684fb · 2022-08-23T12:18:24.000-07:00
Reference: #856 Reference: #860 - Added Alias URLs to vulnerability search results and details templates. - Added external link icons to Alias URLs. - Added about info to navbar. - Still need contact info and something re obtaining API key. Signed-off-by: John M. Horan <johnmhoran@gmail.com>
diff --git a/vulnerabilities/migrations/0019_alter_vulnerabilityreference_options.py b/vulnerabilities/migrations/0019_alter_vulnerabilityreference_options.py
@@ -0,0 +1,17 @@
+# Generated by Django 4.0.6 on 2022-08-23 19:15
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('vulnerabilities', '0018_alter_alias_options'),
+    ]
+
+    operations = [
+        migrations.AlterModelOptions(
+            name='vulnerabilityreference',
+            options={'ordering': ['reference_id', 'url']},
+        ),
+    ]
diff --git a/vulnerabilities/models.py b/vulnerabilities/models.py
@@ -124,6 +124,7 @@ class Meta:
             "url",
             "reference_id",
         )
+        ordering = ["reference_id", "url"]
 
     def __str__(self):
         reference_id = f" {self.reference_id}" if self.reference_id else ""
@@ -355,6 +356,18 @@ class Alias(models.Model):
         related_name="aliases",
     )
 
+    @property
+    def url(self):
+        """
+        Create a URL for the alias.
+        """
+        alias: str = self.alias
+        if alias.startswith("CVE"):
+            return f"https://nvd.nist.gov/vuln/detail/{alias}"
+
+        if alias.startswith("GHSA"):
+            return f"https://github.com/advisories/{alias}"
+
     class Meta:
         ordering = ["alias"]
 
diff --git a/vulnerabilities/templates/navbar.html b/vulnerabilities/templates/navbar.html
@@ -21,16 +21,32 @@
         <div class="navbar-item navbar-item is-cursor-help">
             <div class="dropdown is-right is-hoverable ">
                 <div class="dropdown-trigger has-text-grey-light">
-                    v{{ VULNERABLECODE_VERSION }}
+                    About
                 </div>
                     <div class="dropdown-menu navbar-hover-div" role="menu">
                     <div class="dropdown-content">
-                        <div class="dropdown-item">
-                            Related information can be provided here.
+                        <div class="dropdown-item about-hover-div">
+                            A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities.
+                            <ul>
+                                <li>
+                                    Sponsored by NLnet <a href="https://nlnet.nl/project/vulnerabilitydatabase/">https://nlnet.nl/project/vulnerabilitydatabase/</a> for <a href="https://www.aboutcode.org/">https://www.aboutcode.org/</a>
+                                </li>
+                                <li>
+                                    Chat at <a href="https://gitter.im/aboutcode-org/vulnerablecode">https://gitter.im/aboutcode-org/vulnerablecode</a>
+                                </li>
+                                <li>
+                                    Docs at <a href=https://vulnerablecode.readthedocs.org/>https://vulnerablecode.readthedocs.org/</a>
+                                </li>
+                            </ul>
                         </div>
                     </div>
                 </div>
             </div>
         </div>
+        <div class="navbar-item navbar-item is-cursor-help">
+            <div class="dropdown-trigger has-text-grey-light">
+            v{{ VULNERABLECODE_VERSION }}
+            </div>
+        </div>
     </div>
 </nav>
diff --git a/vulnerabilities/templates/vulnerabilities.html b/vulnerabilities/templates/vulnerabilities.html
@@ -118,16 +118,15 @@
                                     <a href="{% url 'vulnerability_view' vulnerability.pk %}?vuln_id={{ vulnerability.vulnerability_id }}" target="_self">{{ vulnerability.vulnerability_id }}</a>
                                 </td>
                                 <td>
-                                    <ul>
-                                        {% for alias in vulnerability.alias %}
-                                            <li>
-                                                {{ alias }}
-                                            </li>
-                                        {% endfor %}
-                                    </ul>
-                                    {% if vulnerability.alias|length > 3 %}
-                                        <button class="button is-small is-fullwidth show-clipped">Show {{ vulnerability.alias|length }} Aliases</button>
-                                    {% endif %}
+                                    {% for alias in vulnerability.alias %}
+                                        {% if alias.url %}
+                                            <a href={{ alias.url }} target="_blank">{{ alias }}<i class="fa fa-external-link fa_link_custom"></i></a>
+                                            <br />
+                                        {% else %}
+                                            {{ alias }}
+                                            <br />
+                                        {% endif %}
+                                    {% endfor %}
                                 </td>
                                 <td>{{ vulnerability.vulnerable_package_count }}</td>
                                 <td>{{ vulnerability.patched_package_count }}</td>
diff --git a/vulnerabilities/templates/vulnerability.html b/vulnerabilities/templates/vulnerability.html
@@ -165,9 +165,13 @@
                                 <td class="two-col-right">
                                     {% if aliases %}
                                         {% for alias in aliases %}
-                                            <p>
+                                            {% if alias.url %}
+                                                <a href={{ alias.url }} target="_blank">{{ alias }}<i class="fa fa-external-link fa_link_custom"></i></a>
+                                                <br />
+                                            {% else %}
                                                 {{ alias }}
-                                            </p>
+                                                <br />
+                                            {% endif %}
                                         {% endfor %}
                                     {% else %}
 
diff --git a/vulnerablecode/static/css/custom.css b/vulnerablecode/static/css/custom.css
@@ -334,4 +334,14 @@ a.small_page_button {
     border: 0;
     border-radius: 6px;
     box-shadow: 0 0.5em 1em -0.125em rgb(10 10 10 / 10%), 0 0px 0 1px rgb(10 10 10 / 2%);
+}
+
+.about-hover-div {
+    width: 500px;
+}
+
+.fa_link_custom {
+    font-size: 10px !important;
+    vertical-align: super;
+    margin-left: 2px;
 }
