refactor: only retrieve actual vulnerabilities

Align the code with the ingestion module, only returning actual vulnerabilities.
trustification · Jul 16, 2024 · 4e4d514 · 4e4d514
1 parent e05b48d
commit 4e4d514
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 39 deletions.
diff --git a/modules/fundamental/src/vulnerability/endpoints/test.rs b/modules/fundamental/src/vulnerability/endpoints/test.rs
@@ -86,6 +86,9 @@ async fn all_vulnerabilities(ctx: TrustifyContext) -> Result<(), anyhow::Error>
         .link_to_vulnerability("CVE-345", None, Transactional::None)
         .await?;
 
+    graph.ingest_vulnerability("CVE-123", (), ()).await?;
+    graph.ingest_vulnerability("CVE-345", (), ()).await?;
+
     let uri = "/api/v1/vulnerability";
 
     let request = TestRequest::get().uri(uri).to_request();

diff --git a/modules/fundamental/src/vulnerability/service/mod.rs b/modules/fundamental/src/vulnerability/service/mod.rs
@@ -1,13 +1,17 @@
-use sea_orm::{prelude::*, EntityTrait, QueryFilter, QuerySelect};
-
-use crate::vulnerability::model::{VulnerabilityDetails, VulnerabilitySummary};
-use crate::Error;
-use trustify_common::db::limiter::LimiterTrait;
-use trustify_common::db::query::{Filtering, Query};
-use trustify_common::db::Database;
-use trustify_common::db::Transactional;
-use trustify_common::model::{Paginated, PaginatedResults};
-use trustify_entity::{advisory_vulnerability, vulnerability};
+use crate::{
+    vulnerability::model::{VulnerabilityDetails, VulnerabilitySummary},
+    Error,
+};
+use sea_orm::{prelude::*, EntityTrait, QueryFilter};
+use trustify_common::{
+    db::{
+        limiter::LimiterTrait,
+        query::{Filtering, Query},
+        Database, Transactional,
+    },
+    model::{Paginated, PaginatedResults},
+};
+use trustify_entity::vulnerability;
 
 pub struct VulnerabilityService {
     db: Database,
@@ -26,15 +30,11 @@ impl VulnerabilityService {
     ) -> Result<PaginatedResults<VulnerabilitySummary>, Error> {
         let connection = self.db.connection(&tx);
 
-        let limiter = vulnerability::Entity::find()
-            .right_join(advisory_vulnerability::Entity)
-            .column_as(
-                advisory_vulnerability::Column::VulnerabilityId,
-                vulnerability::Column::Id,
-            )
-            .distinct_on([advisory_vulnerability::Column::VulnerabilityId])
-            .filtering(search)?
-            .limiting(&connection, paginated.offset, paginated.limit);
+        let limiter = vulnerability::Entity::find().filtering(search)?.limiting(
+            &connection,
+            paginated.offset,
+            paginated.limit,
+        );
 
         let total = limiter.total().await?;
 
@@ -61,26 +61,7 @@ impl VulnerabilityService {
                 VulnerabilityDetails::from_entity(&vulnerability, &connection).await?,
             ))
         } else {
-            // no root vulnerability has been ingested, so let's see if there's
-            // any advisories referencing it.
-
-            let advisory_vulns = advisory_vulnerability::Entity::find()
-                .filter(advisory_vulnerability::Column::VulnerabilityId.eq(identifier))
-                .all(&connection)
-                .await?;
-
-            if advisory_vulns.is_empty() {
-                Ok(None)
-            } else {
-                Ok(Some(
-                    VulnerabilityDetails::from_advisory_vulnerabilities(
-                        identifier,
-                        &advisory_vulns,
-                        &connection,
-                    )
-                    .await?,
-                ))
-            }
+            Ok(None)
         }
     }
 }