Revert package status change, add fucntionality to filter by cve status when requested

mtruj013 · mtruj013 · commit 5ec90de5f310 · 2022-11-14T14:34:03.000+01:00
diff --git a/tests/test_routes.py b/tests/test_routes.py
@@ -136,7 +136,7 @@ def test_cves_returns_200_for_non_existing_version(self):
         )
 
     def test_cves_returns_422_for_non_existing_package_status(self):
-        response = self.client.get("/security/cves.json?package_status=none")
+        response = self.client.get("/security/cves.json?status=no-exist")
 
         assert response.status_code == 422
         assert "Cannot find a status" in response.json["errors"]
diff --git a/webapp/schemas.py b/webapp/schemas.py
@@ -461,14 +461,14 @@ class CVEsAPISchema(Schema):
         description="List of release codenames ",
         allow_none=True,
     ),
-    "status": String(
+    "cve_status": String(
         description="CVE status",
         enum=["not-in-ubuntu", "active", "rejected"],
         allow_none=True,
     ),
-    "package_status": List(
+    "status": List(
         StatusStatuses(),
-        description="List of statuses",
+        description="List of package statuses",
         allow_none=True,
     ),
     "order": String(
diff --git a/webapp/views.py b/webapp/views.py
@@ -81,13 +81,20 @@ def get_cves(**kwargs):
     offset = kwargs.get("offset", 0)
     component = kwargs.get("component")
     versions = kwargs.get("version")
+    cve_status = kwargs.get("cve_status")
     status = kwargs.get("status")
-    package_status = kwargs.get("package_status")
     order_by = kwargs.get("order")
     show_hidden = kwargs.get("show_hidden", False)
 
-    # query cves by filters
-    cves_query: Query = db.session.query(CVE).filter(CVE.status == "active")
+    # query cves by filters. Default filter by active CVEs
+    if cve_status:
+        cves_query: Query = db.session.query(CVE).filter(
+            CVE.status == cve_status
+        )
+    else:
+        cves_query: Query = db.session.query(CVE).filter(
+            CVE.status == "active"
+        )
 
     # filter by priority
     if priority:
@@ -103,10 +110,6 @@ def get_cves(**kwargs):
             )
         )
 
-    # filter by CVE status
-    if status:
-        cves_query = cves_query.filter(CVE.status == status)
-
     # build CVE statuses filter parameters
     parameters = []
 
@@ -119,9 +122,9 @@ def get_cves(**kwargs):
         parameters.append(Status.component == component)
 
     # filter by package status and version
-    if _should_filter_by_version_and_status(package_status, versions):
+    if _should_filter_by_version_and_status(status, versions):
         clean_versions = _get_clean_versions(versions)
-        clean_statuses = _get_clean_statuses(package_status)
+        clean_statuses = _get_clean_statuses(status)
 
         # filter for cves.statuses by status-version criteria
         # exclude stauses that don't satisfy any status-version criteria

Original file line number	Diff line number	Diff line change
`@@ -136,7 +136,7 @@ def test_cves_returns_200_for_non_existing_version(self):`
`136`	`136`	`)`
`137`	`137`
`138`	`138`	`def test_cves_returns_422_for_non_existing_package_status(self):`
`139`		`- response = self.client.get("/security/cves.json?package_status=none")`
	`139`	`+ response = self.client.get("/security/cves.json?status=no-exist")`
`140`	`140`
`141`	`141`	`assert response.status_code == 422`
`142`	`142`	`assert "Cannot find a status" in response.json["errors"]`