Added dates for vulnerability (#2259)

* Added dates for vulnerability

Author: Cheshiriks

db/test-data/db.changelog-insert.xml

@@ -32,6 +32,7 @@
     <include file="tests-source-version-insert.xml" relativeToChangelogFile="true"/>
     <include file="vulnerability-insert.xml" relativeToChangelogFile="true"/>
     <include file="vulnerability-project-insert.xml" relativeToChangelogFile="true"/>
+    <include file="vulnerability-date-insert.xml" relativeToChangelogFile="true"/>
 
     <changeSet id="add-tests-data" author="nulls">
         <tagDatabase tag="test-data-insert"/>

db/test-data/sqlRequests/vulnerability-date.csv

@@ -0,0 +1,4 @@
+id;date;type;vulnerability_id;user_id;create_date;update_date
+1;"2022-01-01 00:00:00";"DISCOVERED";1;1;"2021-01-01 00:00:00";"2021-01-01 00:00:00"
+2;"2022-02-02 00:00:00";"INTRODUCED";1;1;"2021-01-01 00:00:00";"2021-01-01 00:00:00"
+3;"2022-03-03 00:00:00";"CVE_CREATED";1;1;"2021-01-01 00:00:00";"2021-01-01 00:00:00"

db/test-data/vulnerability-date-insert.xml

@@ -0,0 +1,20 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<databaseChangeLog
+        xmlns="http://www.liquibase.org/xml/ns/dbchangelog"
+        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+        xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog
+                      http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.8.xsd">
+
+    <changeSet id="vulnerability-date-insert" author="frolov" context="dev">
+        <loadData tableName="vulnerability_date" encoding="UTF-8" separator=";" quotchar="&quot;" file="db/test-data/sqlRequests/vulnerability-date.csv">
+            <column header="id" name="id" type="bigint"/>
+            <column header="date" name="date" type="DATETIME(3)"/>
+            <column header="type" name="type" type="varchar(64))"/>
+            <column header="vulnerability_id" name="vulnerability_id" type="bigint"/>
+            <column header="user_id" name="user_id" type="bigint"/>
+            <column header="create_date" name="create_date" type="DATETIME(3)"/>
+            <column header="update_date" name="update_date" type="DATETIME(3)"/>
+        </loadData>
+    </changeSet>
+
+</databaseChangeLog>

db/v-2/tables/db.changelog-tables.xml

@@ -42,6 +42,7 @@
     <include file="comments.xml" relativeToChangelogFile="true"/>
     <include file="contest-sample.xml" relativeToChangelogFile="true"/>
     <include file="contest-sample-field.xml" relativeToChangelogFile="true"/>
+    <include file="vulnerability-date.xml" relativeToChangelogFile="true"/>
 
     <changeSet id="02-tables" author="frolov">
         <tagDatabase tag="v2.0-tables"/>

db/v-2/tables/vulnerability-date.xml

@@ -0,0 +1,34 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<databaseChangeLog
+        xmlns="http://www.liquibase.org/xml/ns/dbchangelog"
+        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+        xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog
+                      http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.8.xsd">
+
+    <changeSet id="vulnerability-date-1" author="frolov" context="dev or prod">
+        <createTable tableName="vulnerability_date">
+            <column name="id" type="bigint" autoIncrement="true">
+                <constraints primaryKey="true" nullable="false"/>
+            </column>
+            <column name="date" type="DATETIME(3)">
+                <constraints nullable="true"/>
+            </column>
+            <column name="type" type="varchar(64)">
+                <constraints nullable="false"/>
+            </column>
+            <column name="vulnerability_id" type="bigint">
+                <constraints foreignKeyName="fk_vulnerability_date_vulnerability" references="vulnerability(id)" nullable="false" deleteCascade="true"/>
+            </column>
+            <column name="user_id" type="bigint">
+                <constraints foreignKeyName="fk_user_vulnerability_date" references="user(id)" nullable="false"/>
+            </column>
+            <column name="create_date" type="DATETIME(3)">
+                <constraints nullable="true"/>
+            </column>
+            <column name="update_date" type="DATETIME(3)">
+                <constraints nullable="true"/>
+            </column>
+        </createTable>
+    </changeSet>
+
+</databaseChangeLog>

save-backend/src/main/kotlin/com/saveourtool/save/backend/controllers/vulnerability/VulnerabilityController.kt

@@ -6,6 +6,7 @@ import com.saveourtool.save.configs.ApiSwaggerSupport
 import com.saveourtool.save.configs.RequiresAuthorizationSourceHeader
 import com.saveourtool.save.domain.Role
 import com.saveourtool.save.entities.vulnerabilities.Vulnerability
+import com.saveourtool.save.entities.vulnerability.VulnerabilityDateDto
 import com.saveourtool.save.entities.vulnerability.VulnerabilityDto
 import com.saveourtool.save.entities.vulnerability.VulnerabilityProjectDto
 import com.saveourtool.save.filters.VulnerabilityFilter
@@ -226,6 +227,22 @@ class VulnerabilityController(
         ResponseEntity.ok("Projects were successfully saved in vulnerability")
     }
 
+    @PostMapping("/save-date")
+    @Operation(
+        method = "POST",
+        summary = "Save new date.",
+        description = "Save new date.",
+    )
+    @ApiResponse(responseCode = "200", description = "Successfully saved new date in vulnerability")
+    fun saveDate(
+        @RequestBody vulnerabilityDateDto: VulnerabilityDateDto,
+        authentication: Authentication,
+    ): Mono<StringResponse> = blockingToMono {
+        vulnerabilityService.saveDate(vulnerabilityDateDto, authentication)
+    }.map {
+        ResponseEntity.ok("Date was successfully saved in vulnerability")
+    }
+
     @DeleteMapping("/delete-project")
     @Operation(
         method = "Delete",

save-backend/src/main/kotlin/com/saveourtool/save/backend/repository/vulnerability/VulnerabilityDateRepository.kt

@@ -0,0 +1,11 @@
+package com.saveourtool.save.backend.repository.vulnerability
+
+import com.saveourtool.save.entities.vulnerabilities.VulnerabilityDate
+import com.saveourtool.save.spring.repository.BaseEntityRepository
+import org.springframework.stereotype.Repository
+
+/**
+ * Repository of vulnerabilityDateRepository
+ */
+@Repository
+interface VulnerabilityDateRepository : BaseEntityRepository<VulnerabilityDate>

save-backend/src/main/kotlin/com/saveourtool/save/backend/service/vulnerability/VulnerabilityService.kt

@@ -3,21 +3,28 @@ package com.saveourtool.save.backend.service.vulnerability
 import com.saveourtool.save.authservice.utils.AuthenticationDetails
 import com.saveourtool.save.backend.repository.OrganizationRepository
 import com.saveourtool.save.backend.repository.UserRepository
+import com.saveourtool.save.backend.repository.vulnerability.VulnerabilityDateRepository
 import com.saveourtool.save.backend.repository.vulnerability.VulnerabilityProjectRepository
 import com.saveourtool.save.backend.repository.vulnerability.VulnerabilityRepository
 import com.saveourtool.save.entities.vulnerabilities.Vulnerability
+import com.saveourtool.save.entities.vulnerabilities.VulnerabilityDate
 import com.saveourtool.save.entities.vulnerabilities.VulnerabilityProject
+import com.saveourtool.save.entities.vulnerability.VulnerabilityDateDto
 import com.saveourtool.save.entities.vulnerability.VulnerabilityDto
 import com.saveourtool.save.entities.vulnerability.VulnerabilityProjectDto
 import com.saveourtool.save.filters.VulnerabilityFilter
 import com.saveourtool.save.utils.getByIdOrNotFound
 import com.saveourtool.save.utils.orNotFound
+
 import org.springframework.security.core.Authentication
 import org.springframework.stereotype.Service
 import org.springframework.transaction.annotation.Transactional
 import org.springframework.web.server.ResponseStatusException
+
 import java.time.LocalDateTime
+
 import kotlin.random.Random
+import kotlinx.datetime.toJavaLocalDateTime
 
 /**
  * A service that provides `Vulnerability`
@@ -27,6 +34,7 @@ import kotlin.random.Random
 class VulnerabilityService(
     private val vulnerabilityRepository: VulnerabilityRepository,
     private val vulnerabilityProjectRepository: VulnerabilityProjectRepository,
+    private val vulnerabilityDateRepository: VulnerabilityDateRepository,
     private val userRepository: UserRepository,
     private val organizationRepository: OrganizationRepository,
 ) {
@@ -151,6 +159,7 @@ class VulnerabilityService(
             isActive = false,
             userId = user.requiredId(),
             organization = organizationNew,
+            dates = emptySet(),
         )
         val vulnerabilityNew = vulnerabilityRepository.saveAndFlush(vulnerability)
         val newName = "SOTV-${LocalDateTime.now().year}-${vulnerabilityNew.id}"
@@ -167,6 +176,14 @@ class VulnerabilityService(
                         vulnerability = vulnerabilityNew,
                     )
                 }
+                dates = vulnerabilityDto.dates.map { dto ->
+                    VulnerabilityDate(
+                        date = dto.date.toJavaLocalDateTime(),
+                        type = dto.type,
+                        vulnerability = vulnerabilityNew,
+                        userId = user.requiredId(),
+                    )
+                }.toSet()
             }
         )
     }
@@ -251,6 +268,32 @@ class VulnerabilityService(
         }
     }
 
+    /**
+     * @param vulnerabilityDateDto dto of vulnerability date
+     * @param authentication - auth info of a current user
+     */
+    @Transactional
+    fun saveDate(
+        vulnerabilityDateDto: VulnerabilityDateDto,
+        authentication: Authentication,
+    ) {
+        val userId = (authentication.details as AuthenticationDetails).id
+        val user = userRepository.getByIdOrNotFound(userId)
+
+        vulnerabilityRepository.findByName(vulnerabilityDateDto.vulnerabilityName)?.let { vulnerability ->
+            vulnerabilityDateRepository.save(
+                vulnerabilityDateDto.let { dto ->
+                    VulnerabilityDate(
+                        date = dto.date.toJavaLocalDateTime(),
+                        type = dto.type,
+                        vulnerability = vulnerability,
+                        userId = user.requiredId(),
+                    )
+                }
+            )
+        }
+    }
+
     /**
      * @param name name of project
      * @param vulnerabilityName name of vulnerability

save-cloud-common/src/commonMain/kotlin/com/saveourtool/save/entities/vulnerability/VulnerabilityDateDto.kt

@@ -0,0 +1,16 @@
+package com.saveourtool.save.entities.vulnerability
+
+import kotlinx.datetime.LocalDateTime
+import kotlinx.serialization.Serializable
+
+/**
+ * @property date
+ * @property type
+ * @property vulnerabilityName
+ */
+@Serializable
+data class VulnerabilityDateDto(
+    val date: LocalDateTime,
+    val type: VulnerabilityDateType,
+    val vulnerabilityName: String,
+)

save-cloud-common/src/commonMain/kotlin/com/saveourtool/save/entities/vulnerability/VulnerabilityDateType.kt

@@ -0,0 +1,45 @@
+package com.saveourtool.save.entities.vulnerability
+
+import kotlin.js.JsExport
+import kotlinx.serialization.Serializable
+
+/**
+ * Enum of vulnerability date type
+ * @property value pretty name
+ */
+@Serializable
+@JsExport
+enum class VulnerabilityDateType(val value: String) {
+    /**
+     * Date of CVE created
+     */
+    CVE_CREATED("CVE created"),
+
+    /**
+     * Date of CVE updated
+     */
+    CVE_UPDATED("CVE updated"),
+
+    /**
+     * Date of discovered
+     */
+    DISCOVERED("Discovered"),
+
+    /**
+     * Date of fixed
+     */
+    FIXED("Fixed"),
+
+    /**
+     * Date of introduced
+     */
+    INTRODUCED("Introduced"),
+
+    /**
+     * Date of released
+     */
+    RELEASED("Released"),
+    ;
+
+    override fun toString(): String = value
+}