Katello · stbenjam · Dec 3, 2014 · Nov 25, 2014
diff --git a/app/controllers/katello/api/v2/errata_controller.rb b/app/controllers/katello/api/v2/errata_controller.rb
@@ -16,8 +16,28 @@ class Api::V2::ErrataController < Api::V2::ApiController
     include Katello::Concerns::Api::V2::RepositoryContentController
     include Katello::Concerns::Api::V2::RepositoryDbContentController
 
+    api :GET, "/errata", N_("List errata")
+    param :content_view_version_id, :identifier, :desc => N_("content view version identifier")
+    param :content_view_filter_id, :identifier, :desc => N_("content view filter identifier")
+    param :repository_id, :number, :desc => N_("repository identifier")
+    param :environment_id, :number, :desc => N_("environment identifier")
+    param :cve, String, :desc => N_("CVE identifier")
+    param_group :search, Api::V2::ApiController
+    def index
+      super
+    end
+
+    def custom_index_relation(collection)
+      collection = filter_by_cve(params[:cve], collection) if params[:cve]
+      collection
+    end
+
     private
 
+    def filter_by_cve(cve, collection)
+      collection.joins(:cves).where('katello_erratum_cves.cve_id' => cve)
+    end
+
     def filter_by_content_view_filter(filter)
       resource_class.where(:errata_id => filter.erratum_rules.pluck(:errata_id))
     end

diff --git a/app/controllers/katello/concerns/api/v2/repository_db_content_controller.rb b/app/controllers/katello/concerns/api/v2/repository_db_content_controller.rb
@@ -55,6 +55,7 @@ def index_relation
         collection = filter_by_content_view_version(@version, collection) if @version
         collection = filter_by_environment(@environment, collection) if @environment
         collection = filter_by_repos(Repository.readable.in_organization(@organization), collection) if @organization
+        collection = self.custom_index_relation(collection) if self.respond_to?(:custom_index_relation)
         collection
       end
 

diff --git a/test/controllers/api/v2/errata_controller_test.rb b/test/controllers/api/v2/errata_controller_test.rb
@@ -88,6 +88,14 @@ def test_index_with_filters
       get :index, :content_view_filter_id => package_group_filter
     end
 
+    def test_index_with_cve
+      cve = katello_erratum_cves(:cve)
+
+      get :index, :cve => cve.cve_id
+      assert_response :success
+      assert_template %w(katello/api/v2/errata/index)
+    end
+
     def test_index_protected
       assert_protected_action(:index, @auth_permissions, @unauth_permissions) do
         get :index, :repository_id => @repo.id

diff --git a/test/fixtures/models/katello_erratum_cves.yml b/test/fixtures/models/katello_erratum_cves.yml
@@ -0,0 +1,4 @@
+cve:
+  erratum_id: <%= ActiveRecord::Fixtures.identify(:security) %>
+  cve_id: "CVE-2223-0322"
+  href: "https://www.redhat.com/security/data/cve/CVE-2233-0322.html"
diff --git a/test/katello_test_helper.rb b/test/katello_test_helper.rb
@@ -84,6 +84,7 @@ module FixtureTestCase
     self.set_fixture_class :katello_user_notices => "Katello::UserNotice"
     self.set_fixture_class :katello_errata => "Katello::Erratum"
     self.set_fixture_class :katello_erratum_packages => "Katello::ErratumPackage"
+    self.set_fixture_class :katello_erratum_cves => "Katello::ErratumCve"
     self.set_fixture_class :katello_repository_errata => "Katello::RepositoryErratum"
     self.set_fixture_class :katello_system_errata => "Katello::SystemErratum"