Skip to content

Commit

Permalink
issue-1105 inmem HasSBOM: manage no hasSBOMSpec sent (guacsec#1106)
Browse files Browse the repository at this point in the history
* issue-1105 inmem HasSBOM: test reproducer

Signed-off-by: mrizzi <mrizzi@redhat.com>

* issue-1105 inmem HasSBOM: fix the filter's management

Signed-off-by: mrizzi <mrizzi@redhat.com>

---------

Signed-off-by: mrizzi <mrizzi@redhat.com>
  • Loading branch information
mrizzi authored Jul 31, 2023
1 parent 90cb0b7 commit febfb54
Show file tree
Hide file tree
Showing 2 changed files with 50 additions and 27 deletions.
56 changes: 29 additions & 27 deletions pkg/assembler/backends/inmem/hasSBOM.go
Original file line number Diff line number Diff line change
Expand Up @@ -224,7 +224,7 @@ func (c *demoClient) HasSBOM(ctx context.Context, filter *model.HasSBOMSpec) ([]
c.m.RLock()
defer c.m.RUnlock()

if filter.ID != nil {
if filter != nil && filter.ID != nil {
id64, err := strconv.ParseUint(*filter.ID, 10, 32)
if err != nil {
return nil, gqlerror.Errorf("%v :: invalid ID %v", funcName, err)
Expand Down Expand Up @@ -294,32 +294,34 @@ func (c *demoClient) addHasSBOMIfMatch(out []*model.HasSbom,
filter *model.HasSBOMSpec, link *hasSBOMStruct) (
[]*model.HasSbom, error) {

if noMatch(filter.URI, link.uri) ||
noMatch(toLower(filter.Algorithm), link.algorithm) ||
noMatch(toLower(filter.Digest), link.digest) ||
noMatch(filter.DownloadLocation, link.downloadLocation) ||
noMatch(filter.Origin, link.origin) ||
noMatch(filter.Collector, link.collector) {
return out, nil
}
if filter.Subject != nil {
if filter.Subject.Package != nil {
if link.pkg == 0 {
return out, nil
}
p, err := c.buildPackageResponse(link.pkg, filter.Subject.Package)
if err != nil {
return nil, err
}
if p == nil {
return out, nil
}
} else if filter.Subject.Artifact != nil {
if link.artifact == 0 {
return out, nil
}
if !c.artifactMatch(link.artifact, filter.Subject.Artifact) {
return out, nil
if filter != nil {
if noMatch(filter.URI, link.uri) ||
noMatch(toLower(filter.Algorithm), link.algorithm) ||
noMatch(toLower(filter.Digest), link.digest) ||
noMatch(filter.DownloadLocation, link.downloadLocation) ||
noMatch(filter.Origin, link.origin) ||
noMatch(filter.Collector, link.collector) {
return out, nil
}
if filter.Subject != nil {
if filter.Subject.Package != nil {
if link.pkg == 0 {
return out, nil
}
p, err := c.buildPackageResponse(link.pkg, filter.Subject.Package)
if err != nil {
return nil, err
}
if p == nil {
return out, nil
}
} else if filter.Subject.Artifact != nil {
if link.artifact == 0 {
return out, nil
}
if !c.artifactMatch(link.artifact, filter.Subject.Artifact) {
return out, nil
}
}
}
}
Expand Down
21 changes: 21 additions & 0 deletions pkg/assembler/backends/inmem/hasSBOM_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -465,6 +465,27 @@ func TestHasSBOM(t *testing.T) {
},
ExpQueryErr: true,
},
{
Name: "Query without hasSBOMSpec",
InPkg: []*model.PkgInputSpec{p1},
Calls: []call{
{
Sub: model.PackageOrArtifactInput{
Package: p1,
},
HS: &model.HasSBOMInputSpec{
DownloadLocation: "location one",
},
},
},
Query: nil,
ExpHS: []*model.HasSbom{
{
Subject: p1out,
DownloadLocation: "location one",
},
},
},
}
ignoreID := cmp.FilterPath(func(p cmp.Path) bool {
return strings.Compare(".ID", p[len(p)-1].String()) == 0
Expand Down

0 comments on commit febfb54

Please sign in to comment.