Merge pull request #1773 from st1020/feat/package-focus

feat: package focus
HXSecurity · Aug 30, 2023 · 1bcb93e · 1bcb93e
2 parents 4cf5b82 + 590373f
commit 1bcb93e
Show file tree

Hide file tree

Showing 4 changed files with 50 additions and 0 deletions.
diff --git a/dongtai_common/migrations/0018_auto_20230830_1105.py b/dongtai_common/migrations/0018_auto_20230830_1105.py
@@ -0,0 +1,29 @@
+# Generated by Django 3.2.20 on 2023-08-30 11:05
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("dongtai_common", "0017_alter_vulmethodpool_pool_sign"),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name="IastPackageFocus",
+            fields=[
+                ("id", models.BigAutoField(primary_key=True, serialize=False)),
+                ("language_id", models.IntegerField()),
+                ("package_name", models.CharField(max_length=255)),
+                ("package_version", models.CharField(blank=True, default="", max_length=255)),
+            ],
+            options={
+                "db_table": "iast_package_focus",
+            },
+        ),
+        migrations.AddField(
+            model_name="assetv2global",
+            name="is_focus",
+            field=models.BooleanField(default=False),
+        ),
+    ]
diff --git a/dongtai_common/models/assetv2.py b/dongtai_common/models/assetv2.py
@@ -75,6 +75,7 @@ class AssetV2Global(models.Model):
     license_list = models.JSONField(blank=True, default=list)
     language_id = models.IntegerField(default=1, blank=True)
     aql = models.CharField(max_length=255, blank=True, unique=True)
+    is_focus = models.BooleanField(default=False)
 
     class Meta:
         managed = get_managed()

diff --git a/dongtai_common/models/package_focus.py b/dongtai_common/models/package_focus.py
@@ -0,0 +1,11 @@
+from django.db import models
+
+
+class IastPackageFocus(models.Model):
+    id = models.BigAutoField(primary_key=True)
+    language_id = models.IntegerField()
+    package_name = models.CharField(max_length=255)
+    package_version = models.CharField(max_length=255, blank=True, default="")
+
+    class Meta:
+        db_table = "iast_package_focus"
diff --git a/dongtai_web/dongtai_sca/scan/tasks.py b/dongtai_web/dongtai_sca/scan/tasks.py
@@ -7,6 +7,7 @@
 
 from celery import shared_task
 from django.db import IntegrityError
+from django.db.models import Q
 
 from dongtai_common.models.agent import IastAgent
 from dongtai_common.models.asset import Asset
@@ -18,7 +19,9 @@
     IastVulAssetRelation,
     IastVulLevel,
 )
+from dongtai_common.models.package_focus import IastPackageFocus
 from dongtai_conf.settings import SCA_SETUP
+from dongtai_protocol.views.hook_profiles import LANGUAGE_DICT
 from dongtai_web.dongtai_sca.common.dataclass import VulInfo
 
 from .cwe import get_cwe_name
@@ -276,6 +279,11 @@ def new_update_one_sca(
     else:
         packages = get_package_v3(aql=package_name)
     asset_license_list = []
+    is_focus = IastPackageFocus.objects.filter(
+        Q(package_version=package_version) | Q(package_version=""),
+        language_id=LANGUAGE_DICT.get(agent.language, None),
+        package_name=package_name,
+    ).exists()
     for package in packages:
         aql = get_package_aql(package.name, package.ecosystem, package.version)
         license_list = get_license_list_v2(package.license)
@@ -297,6 +305,7 @@ def new_update_one_sca(
                 "signature_value": package.hash,
                 "version": package.version,
                 "license_list": license_list,
+                "is_focus": is_focus,
             },
         )
         AssetV2.objects.update_or_create(