diff --git a/src/main/java/org/dependencytrack/resources/v1/AnalysisResource.java b/src/main/java/org/dependencytrack/resources/v1/AnalysisResource.java index 6b9d16a7d6..b742a52416 100644 --- a/src/main/java/org/dependencytrack/resources/v1/AnalysisResource.java +++ b/src/main/java/org/dependencytrack/resources/v1/AnalysisResource.java @@ -35,7 +35,6 @@ import org.apache.commons.lang3.StringUtils; import org.dependencytrack.auth.Permissions; import org.dependencytrack.model.Analysis; -import org.dependencytrack.model.AnalysisState; import org.dependencytrack.model.Component; import org.dependencytrack.model.Project; import org.dependencytrack.model.Vulnerability; @@ -166,9 +165,10 @@ public Response updateAnalysis(AnalysisRequest request) { } else { analysis = qm.makeAnalysis(component, vulnerability, request.getAnalysisState(), request.getAnalysisJustification(), request.getAnalysisResponse(), request.getAnalysisDetails(), request.isSuppressed()); analysisStateChange = true; // this is a new analysis - so set to true because it was previously null - if (AnalysisState.NOT_SET != request.getAnalysisState()) { - qm.makeAnalysisComment(analysis, String.format("Analysis: %s → %s", AnalysisState.NOT_SET, request.getAnalysisState()), commenter); - } + AnalysisCommentUtil.makeFirstStateComment(qm, analysis, commenter); + AnalysisCommentUtil.makeFirstJustificationComment(qm, analysis, commenter); + AnalysisCommentUtil.makeFirstAnalysisResponseComment(qm, analysis, commenter); + AnalysisCommentUtil.makeFirstDetailsComment(qm, analysis, commenter); } final String comment = StringUtils.trimToNull(request.getComment()); diff --git a/src/main/java/org/dependencytrack/resources/v1/vo/AnalysisRequest.java b/src/main/java/org/dependencytrack/resources/v1/vo/AnalysisRequest.java index c9f73b9bc0..d875f42dec 100644 --- a/src/main/java/org/dependencytrack/resources/v1/vo/AnalysisRequest.java +++ b/src/main/java/org/dependencytrack/resources/v1/vo/AnalysisRequest.java @@ -54,7 +54,7 @@ public class AnalysisRequest { private final String comment; @JsonDeserialize(using = TrimmedStringDeserializer.class) - @Pattern(regexp = RegexSequence.Definition.PRINTABLE_CHARS_PLUS, message = "The comment may only contain printable characters") + @Pattern(regexp = RegexSequence.Definition.PRINTABLE_CHARS_PLUS, message = "The analysis details may only contain printable characters") private final String analysisDetails; private final AnalysisState analysisState; diff --git a/src/main/java/org/dependencytrack/util/AnalysisCommentUtil.java b/src/main/java/org/dependencytrack/util/AnalysisCommentUtil.java index f76810e27a..c8e72c08b8 100644 --- a/src/main/java/org/dependencytrack/util/AnalysisCommentUtil.java +++ b/src/main/java/org/dependencytrack/util/AnalysisCommentUtil.java @@ -28,35 +28,73 @@ public final class AnalysisCommentUtil { private AnalysisCommentUtil() { } + + public static void makeFirstStateComment(final QueryManager qm, final Analysis analysis, final String commenter) { + if (analysis.getAnalysisState() != null) { + addAnalysisStateComment(qm, analysis, null, analysis.getAnalysisState(), commenter); + } + } + public static boolean makeStateComment(final QueryManager qm, final Analysis analysis, final AnalysisState analysisState, final String commenter) { boolean analysisStateChange = false; if (analysisState != null && analysisState != analysis.getAnalysisState()) { analysisStateChange = true; - qm.makeAnalysisComment(analysis, String.format("Analysis: %s → %s", analysis.getAnalysisState(), analysisState), commenter); + addAnalysisStateComment(qm, analysis, analysis.getAnalysisState(), analysisState, commenter); } return analysisStateChange; } + private static void addAnalysisStateComment(QueryManager qm, Analysis analysis, AnalysisState before, AnalysisState after, String commenter) { + qm.makeAnalysisComment(analysis, String.format("Analysis: %s → %s", before, after), commenter); + } + + public static void makeFirstJustificationComment(QueryManager qm, Analysis analysis, String commenter) { + if (analysis.getAnalysisJustification() != null) { + addAnalysisJustificationComment(qm, analysis, null, analysis.getAnalysisJustification(), commenter); + } + } + public static void makeJustificationComment(final QueryManager qm, final Analysis analysis, final AnalysisJustification analysisJustification, final String commenter) { if (analysisJustification != null) { if (analysis.getAnalysisJustification() == null && AnalysisJustification.NOT_SET != analysisJustification) { - qm.makeAnalysisComment(analysis, String.format("Justification: %s → %s", AnalysisJustification.NOT_SET, analysisJustification), commenter); + addAnalysisJustificationComment(qm, analysis, AnalysisJustification.NOT_SET, analysisJustification, commenter); } else if (analysis.getAnalysisJustification() != null && analysisJustification != analysis.getAnalysisJustification()) { - qm.makeAnalysisComment(analysis, String.format("Justification: %s → %s", analysis.getAnalysisJustification(), analysisJustification), commenter); + addAnalysisJustificationComment(qm, analysis, analysis.getAnalysisJustification(), analysisJustification, commenter); } } } + private static void addAnalysisJustificationComment(QueryManager qm, Analysis analysis, AnalysisJustification before, AnalysisJustification after, String commenter) { + qm.makeAnalysisComment(analysis, String.format("Justification: %s → %s", before, after), commenter); + } + + + public static void makeFirstAnalysisResponseComment(QueryManager qm, Analysis analysis, String commenter) { + if (analysis.getAnalysisResponse() != null) { + addAnalysisResponseComment(qm, analysis, null, analysis.getAnalysisResponse(), commenter); + } + } + public static void makeAnalysisResponseComment(final QueryManager qm, final Analysis analysis, final AnalysisResponse analysisResponse, final String commenter) { if (analysisResponse != null) { if (analysis.getAnalysisResponse() == null && analysis.getAnalysisResponse() != analysisResponse) { - qm.makeAnalysisComment(analysis, String.format("Vendor Response: %s → %s", AnalysisResponse.NOT_SET, analysisResponse), commenter); + addAnalysisResponseComment(qm, analysis, AnalysisResponse.NOT_SET, analysisResponse, commenter); } else if (analysis.getAnalysisResponse() != null && analysis.getAnalysisResponse() != analysisResponse) { - qm.makeAnalysisComment(analysis, String.format("Vendor Response: %s → %s", analysis.getAnalysisResponse(), analysisResponse), commenter); + addAnalysisResponseComment(qm, analysis, analysis.getAnalysisResponse(), analysisResponse, commenter); } } } + private static void addAnalysisResponseComment(QueryManager qm, Analysis analysis, AnalysisResponse before, AnalysisResponse after, String commenter) { + qm.makeAnalysisComment(analysis, String.format("Vendor Response: %s → %s", before, after), commenter); + } + + public static void makeFirstDetailsComment(QueryManager qm, Analysis analysis, String commenter) { + if (analysis.getAnalysisDetails() != null && !analysis.getAnalysisDetails().isEmpty()) { + addAnalysisDetailsComment(qm, analysis, commenter); + } + } + public static void makeAnalysisDetailsComment(final QueryManager qm, final Analysis analysis, final String analysisDetails, final String commenter) { if (analysisDetails != null && !analysisDetails.equals(analysis.getAnalysisDetails())) { final String message = "Details: " + analysisDetails.trim(); @@ -64,6 +102,11 @@ public static void makeAnalysisDetailsComment(final QueryManager qm, final Analy } } + private static void addAnalysisDetailsComment(QueryManager qm, Analysis analysis, String commenter) { + final String message = "Details: " + analysis.getAnalysisDetails().trim(); + qm.makeAnalysisComment(analysis, message, commenter); + } + public static boolean makeAnalysisSuppressionComment(final QueryManager qm, final Analysis analysis, final Boolean suppressed, final String commenter) { boolean suppressionChange = false; if (suppressed != null && analysis.isSuppressed() != suppressed) { @@ -73,4 +116,6 @@ public static boolean makeAnalysisSuppressionComment(final QueryManager qm, fina } return suppressionChange; } + + }