packages/aops-apollo
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix cve_list_get api query error

Browse Source 
(cherry picked from commit 5069d119802b1a62ab632f87f61bba0734a30379)
This commit is contained in:
rabbitali 2023-10-20 21:49:49 +08:00 committed by openeuler-sync-bot
parent 5c4cf76053
commit 2a3b4aa1a2
2 changed files with 67 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

63
0003-fix-cve-list-get-api-query-error.patch Normal file
View File

@ -0,0 +1,63 @@
From b5b9f18abefeed4906a9aa469e4d0a591a2a5809 Mon Sep 17 00:00:00 2001
From: root <root@localhost.localdomain>
Date: Fri, 20 Oct 2023 21:43:36 +0800
Subject: [PATCH 1/1] fix cve_list_get api query error
---
apollo/database/proxy/host.py | 13 ++++++++-----
database/apollo.sql | 10 ++++++----
2 files changed, 14 insertions(+), 9 deletions(-)
diff --git a/apollo/database/proxy/host.py b/apollo/database/proxy/host.py
index b3cabb6..2ce2005 100644
--- a/apollo/database/proxy/host.py
+++ b/apollo/database/proxy/host.py
@@ -126,15 +126,18 @@ class HostMysqlProxy(MysqlProxy):
Returns:
dict
"""
+ subquery = self.session.query(
+ CveHostAssociation.host_id, CveHostAssociation.cve_id, CveHostAssociation.fixed, CveHostAssociation.affected
+ ).filter(CveHostAssociation.host_id.in_(host_ids)).distinct().subquery()
+
host_cve_fixed_list = (
self.session.query(
- CveHostAssociation.host_id,
- func.COUNT(func.IF(CveHostAssociation.fixed == True, 1, None)).label("fixed_cve_num"),
- func.COUNT(func.IF(CveHostAssociation.fixed == False, 1, None)).label("unfixed_cve_num"),
+ subquery.c.host_id,
+ func.COUNT(func.IF(subquery.c.fixed == True, 1, None)).label("fixed_cve_num"),
+ func.COUNT(func.IF(subquery.c.fixed == False, 1, None)).label("unfixed_cve_num"),
)
- .filter(CveHostAssociation.host_id.in_(host_ids))
- .group_by(CveHostAssociation.host_id)
+ .group_by(subquery.c.host_id)
.all()
)
return host_cve_fixed_list
diff --git a/database/apollo.sql b/database/apollo.sql
index a3c4ddc..c756ad2 100644
--- a/database/apollo.sql
+++ b/database/apollo.sql
@@ -179,11 +179,13 @@ BEGIN
SET @cve_list_page_count_sql = CONCAT(@cve_list_page_count_sql, 'AND cve.severity IN (', severity, ') ');
END IF;
- IF order_by_filed IS NULL or order_by_filed ='' THEN
- SET @order_by_filed = 'cve_host_user_count.host_num';
- END IF;
+-- IF order_by_filed IS NULL or order_by_filed ='' THEN
+-- SET @order_by_filed = 'cve_host_user_count.host_num';
+-- END IF;
+-- MySql 5.7 version '@' index error
+
+ SET @cve_list_sql = CONCAT(@cve_list_sql, ' ORDER BY ', order_by_filed ,' ', order_by);
- SET @cve_list_sql = CONCAT(@cve_list_sql, ' ORDER BY ', @order_by_filed ,' ', order_by);
IF end_limt!=0 THEN
SET @cve_list_sql = CONCAT(@cve_list_sql, ' limit ',start_limt ,' ,', end_limt);
--
2.33.0

5
aops-apollo.spec
View File

@ -1,6 +1,6 @@
Name: aops-apollo
Version: v1.3.4
Release: 3
Release: 4
Summary: Cve management service, monitor machine vulnerabilities and provide fix functions.
License: MulanPSL2
URL: https://gitee.com/openeuler/%{name}
@ -69,6 +69,9 @@ popd
%{python3_sitelib}/aops_apollo_tool/*
%changelog
* Fri Oct 20 2023 wenxin<wenxin32@foxmail.com> - v1.3.4-4
- fix cve_list_get api query error
* Fri Oct 20 2023 gongzhengtang<gong_zhengtang@163.com> - v1.3.4-3
- fix query all by cve list api