修复cvelist支持查询全部api

(cherry picked from commit f5e50707ae195afb3d0d4c0f0b9c0bc18a1cd4d5)
2023-10-20 17:44:46 +08:00 · 2023-10-20 17:44:46 +08:00 · 7476f26df1
commit 7476f26df1
parent 7dd98fc717
2 changed files with 85 additions and 1 deletions
--- a/0002-fix-query-all-by-cve-list.patch
+++ b/0002-fix-query-all-by-cve-list.patch
@ -0,0 +1,80 @@
+From 82efc83dabc56be1fc05a8f31277efca85494591 Mon Sep 17 00:00:00 2001
+From: gongzt <gong_zhengtang@163.com>
+Date: Fri, 20 Oct 2023 17:38:08 +0800
+Subject: cve list支持查询全部数据
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+---
+ apollo/database/proxy/cve.py | 18 ++++++++++--------
+ database/apollo.sql          |  6 +++++-
+ 2 files changed, 15 insertions(+), 9 deletions(-)
+
+diff --git a/apollo/database/proxy/cve.py b/apollo/database/proxy/cve.py
+index 8b56601..afa4831 100644
+--- a/apollo/database/proxy/cve.py
+++ b/apollo/database/proxy/cve.py
+@@ -655,24 +655,26 @@ class CveProxy(CveMysqlProxy, CveEsProxy):
+         description_dict = self._get_cve_description([cve_info["cve_id"] for cve_info in cve_list])
+ 
+         result['result'] = self._add_description_to_cve(cve_list, description_dict)
+-        result['total_page'] = math.ceil(total / data["per_page"])
+        result['total_page'] = math.ceil(total / data.get("per_page", total))
+         result['total_count'] = total
+ 
+         return result
+ 
+     @staticmethod
+     def _sort_and_page_cve_list(data) -> dict:
+-        page, per_page = data.get('page', 1), data.get('per_page', 10)
+-        start_limt = int(per_page) * (int(page) - 1)
+-        end_limt = int(per_page) * int(page)
+        sort_page = dict(start_limt=0, end_limt=0)
+        page, per_page = data.get('page'), data.get('per_page')
+        if all((page, per_page)):
+            sort_page['start_limt'] = int(per_page) * (int(page) - 1)
+            sort_page['end_limt'] = int(per_page) * int(page)
+ 
+         # sort by host num by default
+         order_by_filed = data.get('sort', "cve_host_user_count.host_num")
+         if order_by_filed == "host_num":
+             order_by_filed = "cve_host_user_count.host_num"
+-        order_by = "dsc" if data.get("direction") == "desc" else "asc"
+-
+-        return {"start_limt": start_limt, "end_limt": end_limt, "order_by_filed": order_by_filed, "order_by": order_by}
+        sort_page["order_by_filed"] = order_by_filed
+        sort_page["order_by"] = "dsc" if data.get("direction") == "desc" else "asc"
+        return sort_page
+ 
+     def _query_cve_list(self, data):
+         """
+@@ -686,7 +688,7 @@ class CveProxy(CveMysqlProxy, CveEsProxy):
+         filters = {"username": data["username"], "search_key": None, "affected": True}
+         filters.update(data.get("filter", {}))
+         filters.update(self._sort_and_page_cve_list(data))
+-        if filters["severity"]:
+        if filters.get("severity"):
+             filters["severity"] = ",".join(["'" + serverity + "'" for serverity in filters["severity"]])
+         else:
+             filters["severity"] = None
+diff --git a/database/apollo.sql b/database/apollo.sql
+index 2e0d757..a3c4ddc 100644
+--- a/database/apollo.sql
+++ b/database/apollo.sql
+@@ -183,7 +183,11 @@ BEGIN
+         SET @order_by_filed = 'cve_host_user_count.host_num';
+     END IF;
+ 		
+-    SET @cve_list_sql = CONCAT(@cve_list_sql, ' ORDER BY ', @order_by_filed ,' ', order_by,' limit ',start_limt ,' ,', end_limt);
+    SET @cve_list_sql = CONCAT(@cve_list_sql, ' ORDER BY ', @order_by_filed ,' ', order_by);
+		
+		IF end_limt!=0 THEN
+			SET @cve_list_sql = CONCAT(@cve_list_sql, ' limit ',start_limt ,' ,', end_limt);
+		END IF;
+ 		
+ 		prepare stmt from @cve_list_sql;
+     EXECUTE stmt;
+-- 
+Gitee
+
--- a/aops-apollo.spec
+++ b/aops-apollo.spec
@ -1,11 +1,12 @@
 Name:		aops-apollo
 Version:	v1.3.4
-Release:	2
+Release:	3
 Summary:	Cve management service, monitor machine vulnerabilities and provide fix functions.
 License:	MulanPSL2
 URL:		https://gitee.com/openeuler/%{name}
 Source0:	%{name}-%{version}.tar.gz
 Patch0001:  0001-fix-param-error-and-compatible-with-mysql5.patch
+Patch0002:  0002-fix-query-all-by-cve-list.patch

 BuildRequires:  python3-setuptools
 Requires:   aops-vulcanus >= v1.3.0
@ -68,6 +69,9 @@ popd
 %{python3_sitelib}/aops_apollo_tool/*

 %changelog
+* Fri Oct 20 2023 gongzhengtang<gong_zhengtang@163.com> - v1.3.4-3
+- fix query all by cve list api
+
 * Fri Oct 20 2023 gongzhengtang<gong_zhengtang@163.com> - v1.3.4-2
 - fix param error and compatible with mysql 5.7