@Override public ChannelSeverity retrieveByCode(ChannelType channelType, String code) { // To avoid case insensitive query in MySQL List<ChannelSeverity> channelSeverities = (List<ChannelSeverity>) sessionFactory .getCurrentSession() .createQuery( "from ChannelSeverity cs where cs.code = :code " + "and cs.channelType = :channelTypeId") .setString("code", code) .setInteger("channelTypeId", channelType.getId()) .list(); if (channelSeverities == null || channelSeverities.size() == 0) return null; for (ChannelSeverity channelSeverity: channelSeverities) { if (code.equals(channelSeverity.getCode())) return channelSeverity; } return null; }
@Transient @JsonView(AllViews.RestView2_1.class) private String getSeverity() { return getChannelSeverity() == null ? null : getChannelSeverity().getName(); }
@Override public void saveOrUpdate(ChannelSeverity channelSeverity) { if (channelSeverity.getSeverityMap() != null) { sessionFactory.getCurrentSession().saveOrUpdate(channelSeverity.getSeverityMap()); } sessionFactory.getCurrentSession().saveOrUpdate(channelSeverity); sessionFactory.getCurrentSession().flush(); sessionFactory.getCurrentSession().refresh(channelSeverity); }
public static StatisticsCounter getStatisticsCounter(Finding finding) { if (finding != null && finding.getVulnerability() != null && finding.getChannelSeverity() != null && finding.getChannelVulnerability() != null && finding.getScan() != null && finding.getVulnerability().getGenericSeverity() != null && finding.getVulnerability().getGenericVulnerability() != null) { StatisticsCounter counter = new StatisticsCounter(); counter.vulnerabilityId = finding.getVulnerability().getId(); counter.scanId = finding.getScan().getId(); counter.channelSeverityId = finding.getChannelSeverity().getId(); counter.channelVulnerabilityId = finding.getChannelVulnerability().getId(); counter.currentGenericSeverityId = finding.getVulnerability().getGenericSeverity().getId(); counter.genericVulnerabilityId = finding.getVulnerability().getGenericVulnerability().getId(); counter.originalGenericSeverityId = counter.currentGenericSeverityId; counter.finding = finding; return counter; } else { return null; } }
public static Vulnerabilities.Vulnerability.Finding convertTFFindingToSSVLFinding(Finding tfFinding) { Vulnerabilities.Vulnerability.Finding ssvlFinding = factory.createVulnerabilitiesVulnerabilityFinding(); ssvlFinding.setFindingDescription(tfFinding.getChannelVulnerability().getName()); ssvlFinding.setLongDescription(tfFinding.getLongDescription()); ssvlFinding.setNativeID(tfFinding.getNativeId()); ssvlFinding.setAttackString(tfFinding.getAttackString()); ssvlFinding.setScanner(tfFinding.getChannelNameOrNull()); ssvlFinding.setSeverity(tfFinding.getChannelSeverity().getName()); ssvlFinding.setIdentifiedTimestamp(getTimestamp(tfFinding.getScan().getImportTime())); if (!tfFinding.getIsStatic()) ssvlFinding.setSurfaceLocation(convertTFSurfaceLocationToSSVL(tfFinding.getSurfaceLocation())); if (tfFinding.getDataFlowElements() != null) for (DataFlowElement tfDataFlow: tfFinding.getDataFlowElements()) { ssvlFinding.getDataFlowElement().add(convertTFDataFlowElementToSSVL(tfDataFlow)); } ssvlFinding.setDependency(convertTFDependencyToSSVL(tfFinding.getDependency())); return ssvlFinding; }
"where id in " + subquery) .setParameter("channelSeverityId", channelSeverityId) .setParameter("genericSeverity", channelSeverity.getSeverityMap().getGenericSeverity()) .executeUpdate(); "where vulnerabilityId in " + subquery) .setParameter("channelSeverityId", channelSeverityId) .setParameter("genericSeverityId", channelSeverity.getSeverityMap().getGenericSeverity().getId()) .executeUpdate();