From 7476f26df12be8fff1ba9ab476a5efe146ae4015 Mon Sep 17 00:00:00 2001
From: gongzt <gong_zhengtang@163.com>
Date: Fri, 20 Oct 2023 17:44:46 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8Dcvelist=E6=94=AF=E6=8C=81?=
 =?UTF-8?q?=E6=9F=A5=E8=AF=A2=E5=85=A8=E9=83=A8api?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

(cherry picked from commit f5e50707ae195afb3d0d4c0f0b9c0bc18a1cd4d5)
---
 0002-fix-query-all-by-cve-list.patch | 80 ++++++++++++++++++++++++++++
 aops-apollo.spec                     |  6 ++-
 2 files changed, 85 insertions(+), 1 deletion(-)
 create mode 100644 0002-fix-query-all-by-cve-list.patch

diff --git a/0002-fix-query-all-by-cve-list.patch b/0002-fix-query-all-by-cve-list.patch
new file mode 100644
index 0000000..e639927
--- /dev/null
+++ b/0002-fix-query-all-by-cve-list.patch
@@ -0,0 +1,80 @@
+From 82efc83dabc56be1fc05a8f31277efca85494591 Mon Sep 17 00:00:00 2001
+From: gongzt <gong_zhengtang@163.com>
+Date: Fri, 20 Oct 2023 17:38:08 +0800
+Subject: cve list支持查询全部数据
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+---
+ apollo/database/proxy/cve.py | 18 ++++++++++--------
+ database/apollo.sql          |  6 +++++-
+ 2 files changed, 15 insertions(+), 9 deletions(-)
+
+diff --git a/apollo/database/proxy/cve.py b/apollo/database/proxy/cve.py
+index 8b56601..afa4831 100644
+--- a/apollo/database/proxy/cve.py
++++ b/apollo/database/proxy/cve.py
+@@ -655,24 +655,26 @@ class CveProxy(CveMysqlProxy, CveEsProxy):
+         description_dict = self._get_cve_description([cve_info["cve_id"] for cve_info in cve_list])
+ 
+         result['result'] = self._add_description_to_cve(cve_list, description_dict)
+-        result['total_page'] = math.ceil(total / data["per_page"])
++        result['total_page'] = math.ceil(total / data.get("per_page", total))
+         result['total_count'] = total
+ 
+         return result
+ 
+     @staticmethod
+     def _sort_and_page_cve_list(data) -> dict:
+-        page, per_page = data.get('page', 1), data.get('per_page', 10)
+-        start_limt = int(per_page) * (int(page) - 1)
+-        end_limt = int(per_page) * int(page)
++        sort_page = dict(start_limt=0, end_limt=0)
++        page, per_page = data.get('page'), data.get('per_page')
++        if all((page, per_page)):
++            sort_page['start_limt'] = int(per_page) * (int(page) - 1)
++            sort_page['end_limt'] = int(per_page) * int(page)
+ 
+         # sort by host num by default
+         order_by_filed = data.get('sort', "cve_host_user_count.host_num")
+         if order_by_filed == "host_num":
+             order_by_filed = "cve_host_user_count.host_num"
+-        order_by = "dsc" if data.get("direction") == "desc" else "asc"
+-
+-        return {"start_limt": start_limt, "end_limt": end_limt, "order_by_filed": order_by_filed, "order_by": order_by}
++        sort_page["order_by_filed"] = order_by_filed
++        sort_page["order_by"] = "dsc" if data.get("direction") == "desc" else "asc"
++        return sort_page
+ 
+     def _query_cve_list(self, data):
+         """
+@@ -686,7 +688,7 @@ class CveProxy(CveMysqlProxy, CveEsProxy):
+         filters = {"username": data["username"], "search_key": None, "affected": True}
+         filters.update(data.get("filter", {}))
+         filters.update(self._sort_and_page_cve_list(data))
+-        if filters["severity"]:
++        if filters.get("severity"):
+             filters["severity"] = ",".join(["'" + serverity + "'" for serverity in filters["severity"]])
+         else:
+             filters["severity"] = None
+diff --git a/database/apollo.sql b/database/apollo.sql
+index 2e0d757..a3c4ddc 100644
+--- a/database/apollo.sql
++++ b/database/apollo.sql
+@@ -183,7 +183,11 @@ BEGIN
+         SET @order_by_filed = 'cve_host_user_count.host_num';
+     END IF;
+ 		
+-    SET @cve_list_sql = CONCAT(@cve_list_sql, ' ORDER BY ', @order_by_filed ,' ', order_by,' limit ',start_limt ,' ,', end_limt);
++    SET @cve_list_sql = CONCAT(@cve_list_sql, ' ORDER BY ', @order_by_filed ,' ', order_by);
++		
++		IF end_limt!=0 THEN
++			SET @cve_list_sql = CONCAT(@cve_list_sql, ' limit ',start_limt ,' ,', end_limt);
++		END IF;
+ 		
+ 		prepare stmt from @cve_list_sql;
+     EXECUTE stmt;
+-- 
+Gitee
+
diff --git a/aops-apollo.spec b/aops-apollo.spec
index 688906b..98ae2c8 100644
--- a/aops-apollo.spec
+++ b/aops-apollo.spec
@@ -1,11 +1,12 @@
 Name:		aops-apollo
 Version:	v1.3.4
-Release:	2
+Release:	3
 Summary:	Cve management service, monitor machine vulnerabilities and provide fix functions.
 License:	MulanPSL2
 URL:		https://gitee.com/openeuler/%{name}
 Source0:	%{name}-%{version}.tar.gz
 Patch0001:  0001-fix-param-error-and-compatible-with-mysql5.patch
+Patch0002:  0002-fix-query-all-by-cve-list.patch
 
 BuildRequires:  python3-setuptools
 Requires:   aops-vulcanus >= v1.3.0
@@ -68,6 +69,9 @@ popd
 %{python3_sitelib}/aops_apollo_tool/*
 
 %changelog
+* Fri Oct 20 2023 gongzhengtang<gong_zhengtang@163.com> - v1.3.4-3
+- fix query all by cve list api
+
 * Fri Oct 20 2023 gongzhengtang<gong_zhengtang@163.com> - v1.3.4-2
 - fix param error and compatible with mysql 5.7