database: add vulnerability deletion support

2016-01-28 13:35:07 -05:00 · 2016-01-28 13:35:07 -05:00 · 63ebddfd36
commit 63ebddfd36
parent 21f152c03e
5 changed files with 50 additions and 13 deletions
--- a/database/database.go
+++ b/database/database.go
@ -44,8 +44,8 @@ type Datastore interface {
 	// Vulnerability
 	InsertVulnerabilities([]Vulnerability) error
 	// DeleteVulnerability(id string) error
 	FindVulnerability(namespaceName, name string) (Vulnerability, error)
 	DeleteVulnerability(namespaceName, name string) error
 	// Notifications
 	CountAvailableNotifications() (int, error)
--- a/database/pgsql/migrations/20151222113213_Initial.sql
+++ b/database/pgsql/migrations/20151222113213_Initial.sql
@ -113,7 +113,7 @@ CREATE TABLE IF NOT EXISTS Vulnerability_Affects_FeatureVersion (
  id SERIAL PRIMARY KEY,
  vulnerability_id INT NOT NULL REFERENCES Vulnerability ON DELETE CASCADE,
  featureversion_id INT NOT NULL REFERENCES FeatureVersion,
-  fixedin_id INT NOT NULL REFERENCES Vulnerability_FixedIn_Feature,
+  fixedin_id INT NOT NULL REFERENCES Vulnerability_FixedIn_Feature ON DELETE CASCADE,
  UNIQUE (vulnerability_id, featureversion_id));
--- a/database/pgsql/queries.go
+++ b/database/pgsql/queries.go
@ -180,6 +180,11 @@ func init() {
 	queries["f_featureversion_by_feature"] = `
    SELECT id, version FROM FeatureVersion WHERE feature_id = $1`
 	queries["r_vulnerability"] = `
    DELETE FROM Vulnerability
    WHERE namespace_id = (SELECT id FROM Namespace WHERE name = $1)
          AND name = $2`
 	// notification.go
 	queries["i_notification"] = `INSERT INTO Notification(name, kind, data) VALUES($1, $2, $3)`
--- a/database/pgsql/vulnerability.go
+++ b/database/pgsql/vulnerability.go
@ -315,19 +315,13 @@ func (pgSQL *pgSQL) updateVulnerabilityFeatureVersions(tx *sql.Tx, vulnerability
 		} else {
 			// Updating FixedIn by saying that the fixed version is the lowest possible version, it
 			// basically means that the vulnerability doesn't affect the feature (anymore).
-			// Drop it from Vulnerability_FixedIn_Feature and Vulnerability_Affects_FeatureVersion.
+			// Drop it from Vulnerability_FixedIn_Feature and let it cascade to
 			// Vulnerability_Affects_FeatureVersion.
 			err := tx.QueryRow(getQuery("r_vulnerability_fixedin_feature"), vulnerability.ID,
 				fv.Feature.ID).Scan(&fixedInID)
 			if err != nil && err != sql.ErrNoRows {
 				return handleError("r_vulnerability_fixedin_feature", err)
 			}
 			if err == nil {
 				_, err = tx.Exec(getQuery("r_vulnerability_affects_featureversion"), fixedInID)
 				if err != nil {
 					return handleError("r_vulnerability_affects_featureversion", err)
 				}
 			}
 		}
 	}
@ -375,3 +369,21 @@ func linkVulnerabilityToFeatureVersions(tx *sql.Tx, fixedInID, vulnerabilityID,
 	return nil
 }
 func (pgSQL *pgSQL) DeleteVulnerability(namespaceName, name string) error {
 	result, err := pgSQL.Exec(getQuery("r_vulnerability"), namespaceName, name)
 	if err != nil {
 		return handleError("r_vulnerability", err)
 	}
 	affected, err := result.RowsAffected()
 	if err != nil {
 		return handleError("r_vulnerability.RowsAffected()", err)
 	}
 	if affected <= 0 {
 		return cerrors.ErrNotFound
 	}
 	return nil
 }
--- a/database/pgsql/vulnerability_test.go
+++ b/database/pgsql/vulnerability_test.go
@ -64,7 +64,7 @@ func TestFindVulnerability(t *testing.T) {
 		Name:        "CVE-NOPE",
 		Description: "A vulnerability affecting nothing",
 		Namespace:   database.Namespace{Name: "debian:7"},
-    Severity:    types.Unknown,
+		Severity:    types.Unknown,
 	}
 	v2f, err := datastore.FindVulnerability("debian:7", "CVE-NOPE")
@ -73,6 +73,28 @@ func TestFindVulnerability(t *testing.T) {
 	}
 }
 func TestDeleteVulnerability(t *testing.T) {
 	datastore, err := OpenForTest("InsertVulnerability", true)
 	if err != nil {
 		t.Error(err)
 		return
 	}
 	defer datastore.Close()
 	// Delete non-existing Vulnerability.
 	err = datastore.DeleteVulnerability("TestDeleteVulnerabilityNamespace1", "CVE-OPENSSL-1-DEB7")
 	assert.Equal(t, cerrors.ErrNotFound, err)
 	err = datastore.DeleteVulnerability("debian:7", "TestDeleteVulnerabilityVulnerability1")
 	assert.Equal(t, cerrors.ErrNotFound, err)
 	// Delete Vulnerability.
 	err = datastore.DeleteVulnerability("debian:7", "CVE-OPENSSL-1-DEB7")
 	if assert.Nil(t, err) {
 		_, err := datastore.FindVulnerability("debian:7", "CVE-OPENSSL-1-DEB7")
 		assert.Equal(t, cerrors.ErrNotFound, err)
 	}
 }
 func TestInsertVulnerability(t *testing.T) {
 	datastore, err := OpenForTest("InsertVulnerability", false)
 	if err != nil {
@ -241,8 +263,6 @@ func equalsVuln(t *testing.T, expected, actual *database.Vulnerability) {
 	}
 }
 // TODO Test Affects in Feature_Version and here.
 // func TestInsertVulnerabilityNotifications(t *testing.T) {
 // 	Open(&config.DatabaseConfig{Type: "memstore"})
 // 	defer Close()