✨ OSIDB-3434: Reusable CvssCalculator for affect fields #443
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
C-Valen
force-pushed
the
feature/OSIDB-3434-cvss-calculator-on-affects
branch
from
95143c5
to
46e47e4
Compare
C-Valen
force-pushed
the
feature/OSIDB-3434-cvss-calculator-on-affects
branch
from
19fa6d0
to
af0ae1d
Compare
C-Valen
force-pushed
the
feature/OSIDB-3434-cvss-calculator-on-affects
branch
from
d03e8e3
to
80ff4b2
Compare
C-Valen
force-pushed
the
feature/OSIDB-3434-cvss-calculator-on-affects
branch
2 times, most recently
from
2a39697
to
2e39eb9
Compare
C-Valen
force-pushed
the
feature/OSIDB-3434-cvss-calculator-on-affects
branch
3 times, most recently
from
0f1e0ab
to
17ee7bd
Compare
|
Update:
|
MrMarble
reviewed
Nov 6, 2024
| @@ -27,6 +27,7 @@ const emit = defineEmits<{ | |||
| 'affect:revert': [value: ZodAffectType]; | |||
| 'affect:toggle-selection': [value: ZodAffectType]; | |||
| 'affect:track': [value: ZodAffectType]; | |||
| 'affect:updateCvss': [affect: ZodAffectType, newVector: string, newScore: null | number, cvssScoreIndex: number]; | |||
There was a problem hiding this comment.
Since we have this event declared multiple times as is passed to multiple children, what do you guys think about exporting the type? That way is only declared once and can be used for the handler as well?
@superbuggy
There was a problem hiding this comment.
As discussed on meeting this will be handled in an independent task/PR (OSIDB-3668)
| affect.cvss_scores[cvssScoreIndex].score = newScore; | ||
| } else if (newVector !== '') { | ||
| affect.cvss_scores.push({ | ||
| issuer: 'RH', |
There was a problem hiding this comment.
Suggested change
| issuer: 'RH', | |
| issuer: IssuerEnum.Rh, |
| } else if (newVector !== '') { | ||
| affect.cvss_scores.push({ | ||
| issuer: 'RH', | ||
| cvss_version: 'V3', |
There was a problem hiding this comment.
Suggested change
| cvss_version: 'V3', | |
| cvss_version: CVSS_V3, |
Comment on lines
103
to
132
| const cvssId = affect.cvss_scores[cvssScoreIndex]?.uuid; | ||
| if (newVector === '' && cvssScoreIndex !== -1 && affect.uuid && cvssId) { | ||
| affect.cvss_scores[cvssScoreIndex].vector = ''; | ||
| affect.cvss_scores[cvssScoreIndex].score = null; | ||
| affectCvssToDelete.value[affect.uuid] = cvssId; | ||
| } else { | ||
| if (affect.uuid && affectCvssToDelete.value[affect.uuid]) { | ||
| delete affectCvssToDelete.value[affect.uuid]; | ||
| } | ||
| if (cvssScoreIndex !== -1) { | ||
| affect.cvss_scores[cvssScoreIndex].vector = newVector; | ||
| affect.cvss_scores[cvssScoreIndex].score = newScore; | ||
| } else if (newVector !== '') { | ||
| affect.cvss_scores.push({ | ||
| issuer: 'RH', | ||
| cvss_version: 'V3', | ||
| comment: '', | ||
| score: newScore, | ||
| vector: newVector, | ||
| embargoed: affect.embargoed, | ||
| alerts: [], | ||
| }); | ||
| } | ||
| } |
There was a problem hiding this comment.
I find this function a bit hard to follow, could you change it a bit? Maybe use an early return instead of the else and maybe add a short comment on what each branch of the conditionals are intended to do
| }, | ||
| }); | ||
| function affectCvss(affect: ZodAffectType) { | ||
| return affect.cvss_scores.find(({ cvss_version, issuer }) => issuer === 'RH' && cvss_version === 'V3'); |
There was a problem hiding this comment.
Suggested change
| return affect.cvss_scores.find(({ cvss_version, issuer }) => issuer === 'RH' && cvss_version === 'V3'); | |
| return affect.cvss_scores.find(({ cvss_version, issuer }) => issuer === IssuerEnum.Rh && cvss_version === CSSV_V3); |
There was a problem hiding this comment.
Why do we need a new component only to show it on a overlay? Can't just mount the same CvssCalculator on a div and move the div to the correct position?
The only change I see is that we are triggering an event on change, we could just trigger that event on a parent with a watch and use the same CvssCalculator
| }, | ||
| }); | ||
| function affectCvss(affect: ZodAffectType) { | ||
| return affect.cvss_scores.find(({ cvss_version, issuer }) => issuer === 'RH' && cvss_version === 'V3'); |
There was a problem hiding this comment.
Suggested change
| return affect.cvss_scores.find(({ cvss_version, issuer }) => issuer === 'RH' && cvss_version === 'V3'); | |
| return affect.cvss_scores.find(({ cvss_version, issuer }) => issuer === IssuerEnum.Rh && cvss_version === CVSS_V3); |
C-Valen
force-pushed
the
feature/OSIDB-3434-cvss-calculator-on-affects
branch
3 times, most recently
from
c935959
to
8170bda
Compare
C-Valen
force-pushed
the
feature/OSIDB-3434-cvss-calculator-on-affects
branch
from
8170bda
to
af41930
Compare
MrMarble
reviewed
Nov 11, 2024
src/components/CvssSection.vue
Outdated
| @@ -23,7 +23,9 @@ const props = defineProps<{ | |||
| const showAllCvss = ref(false); | |||
|
|
|||
| const otherCvss = computed(() => props.allCvss.filter(cvssItem => | |||
| (!(cvssItem.cvss_version === 'V3' && (cvssItem.issuer === IssuerEnum.Rh || cvssItem.issuer === IssuerEnum.Nist))))); | |||
| ( | |||
| !(cvssItem.cvss_version === 'CVSS_V3' && (cvssItem.issuer === IssuerEnum.Rh || cvssItem.issuer === IssuerEnum.Nist)) | |||
There was a problem hiding this comment.
Suggested change
| !(cvssItem.cvss_version === 'CVSS_V3' && (cvssItem.issuer === IssuerEnum.Rh || cvssItem.issuer === IssuerEnum.Nist)) | |
| !(cvssItem.cvss_version === CVSS_V3 && (cvssItem.issuer === IssuerEnum.Rh || cvssItem.issuer === IssuerEnum.Nist)) |
MrMarble
reviewed
Nov 11, 2024
| }, | ||
| }); | ||
| function affectCvss(affect: ZodAffectType) { | ||
| return affect.cvss_scores.find(({ cvss_version, issuer }) => issuer === IssuerEnum.Rh && cvss_version === 'CVSS_V3'); |
There was a problem hiding this comment.
Suggested change
| return affect.cvss_scores.find(({ cvss_version, issuer }) => issuer === IssuerEnum.Rh && cvss_version === 'CVSS_V3'); | |
| return affect.cvss_scores.find(({ cvss_version, issuer }) => issuer === IssuerEnum.Rh && cvss_version === CVSS_V3); |
MrMarble
reviewed
Nov 11, 2024
| } else if (newVector !== '') { | ||
| affect.cvss_scores.push({ | ||
| issuer: IssuerEnum.Rh, | ||
| cvss_version: 'CVSS_V3', |
There was a problem hiding this comment.
Suggested change
| cvss_version: 'CVSS_V3', | |
| cvss_version: CVSS_V3, |
🔥 Remove unused class 🐛 Fix wrong element attrs
C-Valen
force-pushed
the
feature/OSIDB-3434-cvss-calculator-on-affects
branch
from
af41930
to
0b0d9ae
Compare
superbuggy
reviewed
Nov 12, 2024
| 'background-color': hslForBackground, | ||
| }; | ||
| }; | ||
|
|
There was a problem hiding this comment.
Is this just used in the buttons?
| @@ -0,0 +1,170 @@ | |||
| <script setup lang="ts"> | |||
There was a problem hiding this comment.
Could we change the name to CvssFactorButtons.vue?
superbuggy
reviewed
Nov 12, 2024
|
|
||
| function reset() { | ||
| cvssScore.value = null; | ||
| emit('updateAffectCvss', '', null); |
There was a problem hiding this comment.
Should this be emit('affect:cvss:update', '', null)?
There was a problem hiding this comment.
As commented off thread, it needs to be discussed what convention we get into and apply it to all emits
✨ Use new CvssCalculator components
✅ Update snapshots ✅ Add overlayed calculator test suite
C-Valen
force-pushed
the
feature/OSIDB-3434-cvss-calculator-on-affects
branch
from
0b0d9ae
to
f257219
Compare
superbuggy
approved these changes
Nov 12, 2024
MrMarble
approved these changes
Nov 12, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
OSIDB-3434: Reusable CvssCalculator for affect fields
Checklist:
Summary:
Refactors CvssCalculator component to make it reusable in different layouts and uses it on the CVSS fields of the affect table.
Changes:
CvssCalculatorcomponentOverlayedCvssCalculatorcomponentDemo:
OSIM-CvssCalculator-OnAffects-Demo.mp4
*UPDATE:
Refactor made to reduce the width of the CVSS columns in the affect table. In order to achieve that, now it is only displayed the CVSS Score by default, and the vector in a tooltip when hovering the cell. In edit mode the CVSS Vector input has been moved into the calculator's popup div, that way the column can be kept in reduced size while supporting all the functionalities of the CVSS Calculator.
*UPDATEv2:
It has been added a padding bottom on the flaw affects section to fix some UI bugs caused on the overplayed calculator, cause part of it was outside of the section.
Normal CVSS Score display:
CVSS Vector tooltip:
Edit mode with calculator closed:
Edit mode with calculator opened:
Closes OSIDB-3434
Closes OSIDB-3511