Skip to content

Commit

Permalink
optimization
Browse files Browse the repository at this point in the history
  • Loading branch information
@siewer
siewer committed Sep 16, 2024
1 parent a268f5f commit 5769e92
Show file tree
Hide file tree
Showing 6 changed files with 58 additions and 14 deletions.
2 changes: 1 addition & 1 deletion src/main/java/io/mixeway/api/dashboard/controller/DashboardController.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@ public SourceDetectionChartData getSourceTrendData(Principal principal) throws I

@PreAuthorize("hasAuthority('ROLE_USER')")
@GetMapping(value = "/projects")
public List<Projects> getProjects(Principal principal) {
public List<ProjectDTO> getProjects(Principal principal) {
return dashboardService.getProjects(principal);
}

Expand Down
23 changes: 23 additions & 0 deletions src/main/java/io/mixeway/api/dashboard/model/ProjectDTO.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
package io.mixeway.api.dashboard.model;

import lombok.Data;

@Data
public class ProjectDTO {
private Long id;
private String ciid;
private String name;
private String description;
private int risk;
private int enableVulnManage;

// Constructor
public ProjectDTO(Long id, String ciid, String name, String description, int risk, int enableVulnManage) {
this.id = id;
this.ciid = ciid;
this.name = name;
this.description = description;
this.risk = risk;
this.enableVulnManage = enableVulnManage;
}
}
15 changes: 2 additions & 13 deletions src/main/java/io/mixeway/api/dashboard/service/DashboardService.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,19 +67,8 @@ public SourceDetectionChartData getSourceTrendData(Principal principal) {

return findVulnHistoryService.getSourceTrendData(principal);
}
public List<Projects> getProjects(Principal principal) {
List<Projects> projects = new ArrayList<>();
for (Project p : permissionFactory.getProjectForPrincipal(principal)){
Projects projects1 = new Projects();
projects1.setId(p.getId());
projects1.setCiid(p.getCiid());
projects1.setName(p.getName());
projects1.setDescription(p.getDescription());
projects1.setRisk(p.getRisk());
projects1.setEnableVulnManage(p.isEnableVulnManage() ? 1 : 0 );
projects.add(projects1);
}
return projects;
public List<ProjectDTO> getProjects(Principal principal) {
return permissionFactory.getProjectForPrincipalWithDTO(principal);
}

public ResponseEntity<Status> putProject(String projectName, String projectDescription, String ciid, int enableVulnManage, Principal principal) {
Expand Down
11 changes: 11 additions & 0 deletions src/main/java/io/mixeway/db/repository/ProjectRepository.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
import java.util.List;
import java.util.Optional;

import io.mixeway.api.dashboard.model.ProjectDTO;
import io.mixeway.db.entity.Project;
import io.mixeway.db.entity.User;
import org.springframework.data.jpa.repository.JpaRepository;
Expand Down Expand Up @@ -40,4 +41,14 @@ public interface ProjectRepository extends JpaRepository<Project, Long>{
@Query(value="select distinct(p.id) from project p, asset a, interface i where p.id=a.project_id and i.asset_id=a.id and i.scanrunning=true", nativeQuery = true)
List<Long> getProjectIdWithScanRunningOnInterface();


@Query("SELECT new io.mixeway.api.dashboard.model.ProjectDTO(p.id, p.ciid, p.name, p.description, p.risk, " +
"CASE WHEN p.enableVulnManage = true THEN 1 ELSE 0 END) " +
"FROM Project p JOIN p.users u WHERE u.username = :username")
List<ProjectDTO> findProjectDTOsByUsername(@Param("username") String username);

@Query("SELECT new io.mixeway.api.dashboard.model.ProjectDTO(p.id, p.ciid, p.name, p.description, p.risk, " +
"CASE WHEN p.enableVulnManage = true THEN 1 ELSE 0 END) " +
"FROM Project p")
List<ProjectDTO> findAllProjectDTOs();
}
16 changes: 16 additions & 0 deletions src/main/java/io/mixeway/utils/PermissionFactory.java
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
package io.mixeway.utils;

import io.mixeway.api.dashboard.model.ProjectDTO;
import io.mixeway.config.Constants;
import io.mixeway.db.entity.Project;
import io.mixeway.db.entity.User;
Expand Down Expand Up @@ -142,6 +143,21 @@ public List<Project> getProjectForPrincipal(Principal principal){
}
}

public List<ProjectDTO> getProjectForPrincipalWithDTO(Principal principal){
Optional<User> userOptional = userRepository.findByUsernameOrApiKey(principal.getName(), principal.getName());
if (userOptional.isPresent()) {
String permission = userOptional.get().getPermisions();
if (Arrays.asList(Constants.ROLE_API, Constants.ROLE_USER, Constants.ROLE_PROJECT_OWNER, Constants.ROLE_EDITOR_RUNNER).contains(permission)) {
// Return projects for the user
return projectRepository.findProjectDTOsByUsername(principal.getName());
} else if (Arrays.asList(Constants.ROLE_ADMIN, Constants.ROLE_AUDITOR).contains(permission)) {
// Return all projects
return projectRepository.findAllProjectDTOs();
}
}
return Collections.emptyList();
}

/**
* Update user permissions
*
Expand Down
5 changes: 5 additions & 0 deletions src/main/resources/db/changelog/db.changelog-master.sql
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1410,3 +1410,8 @@ update assethistory set low=0 where low is null;
CREATE INDEX idx_project_vulnerability_project_id ON projectvulnerability (project_id);
CREATE INDEX idx_project_vulnerability_status_id ON projectvulnerability (status_id);
CREATE INDEX idx_project_vulnerability_grade ON projectvulnerability (grade);

--changeset siewer:add_new_indexes
CREATE INDEX idx_user_id ON users (id);
CREATE INDEX idx_users_project_users ON user_project(users_id);
CREATE INDEX idx_users_project_project ON user_project(project_id);

0 comments on commit 5769e92

Please sign in to comment.