Avoid unecessary operations in kb-importer

kb-importer/src/main/java/org/eclipse/steady/kb/command/Import.java

@@ -38,25 +38,37 @@
 import org.eclipse.steady.kb.util.Metadata;
 import org.eclipse.steady.shared.util.FileUtil;
 import org.eclipse.steady.shared.util.VulasConfiguration;
+import org.eclipse.steady.backend.BackendConnectionException;
 
 /**
  * import command
  */
 public class Import implements Command {
 
   private static final String METADATA_JSON = "metadata.json";
-  private static final String UPLOAD_CONSTRUCT_OPTION = "u";
-  private static final String DIRECTORY_OPTION = "d";
-  private static final String OVERWRITE_OPTION = "o";
-  private static final String VERBOSE_OPTION = "v";
+  public static final String UPLOAD_CONSTRUCT_OPTION = "u";
+  public static final String DIRECTORY_OPTION = "d";
+  public static final String OVERWRITE_OPTION = "o";
+  public static final String VERBOSE_OPTION = "v";
+  public static final String DELETE = "del";
 
-  private static final String UPLOAD_LONG_OPTION = "upload";
-  private static final String VERBOSE_LONG_OPTION = "verbose";
-  private static final String OVERWRITE_LONG_OPTION = "overwrite";
-  private static final String DIRECTORY_LONG_OPTION = "directory";
+  public static final String UPLOAD_LONG_OPTION = "upload";
+  public static final String VERBOSE_LONG_OPTION = "verbose";
+  public static final String OVERWRITE_LONG_OPTION = "overwrite";
+  public static final String DIRECTORY_LONG_OPTION = "directory";
 
   private static final Logger log = org.apache.logging.log4j.LogManager.getLogger();
 
+  private BackendConnector backendConnector;
+
+  public Import() {
+    this.backendConnector = BackendConnector.getInstance();
+  }
+
+  public Import(BackendConnector backendConnector) {
+    this.backendConnector = backendConnector;
+  }
+
   /** {@inheritDoc} */
   @Override
   public Command.NAME getCommandName() {
@@ -116,12 +128,31 @@ private void importVuln(HashMap<String, Object> args, String dirPath) {
       return;
     }
 
+    String vulnId = vuln.getVulnId();
+    boolean bugExists = false;
+    try {
+      bugExists = this.backendConnector.isBugExisting(vulnId);
+    } catch (BackendConnectionException e) {
+      log.error("Can't connect to the Backend");
+      return;
+    }
+
+    Boolean overwrite = (Boolean) args.get(OVERWRITE_OPTION);
+    if (bugExists) {
+      if (overwrite) {
+        args.put(DELETE, true);
+      } else {
+        log.info("Bug [{}] already exists in backend, analysis will be skipped", vulnId);
+        return;
+      }
+    }
+
     List<Task> importTasks = TaskProvider.getInstance().getTasks(Command.NAME.IMPORT);
 
     for (Task task : importTasks) {
       try {
         args.put(DIRECTORY_OPTION, dirPath);
-        task.execute(vuln, args, BackendConnector.getInstance());
+        task.execute(vuln, args, backendConnector);
       } catch (Exception e) {
         log.error(
             "Got ["

kb-importer/src/main/java/org/eclipse/steady/kb/task/ImportAffectedLibraries.java

@@ -26,6 +26,7 @@
 import org.apache.logging.log4j.Logger;
 import org.eclipse.steady.backend.BackendConnectionException;
 import org.eclipse.steady.backend.BackendConnector;
+import org.eclipse.steady.kb.command.Import;
 import org.eclipse.steady.kb.command.Command;
 import org.eclipse.steady.kb.model.Artifact;
 import org.eclipse.steady.kb.model.Vulnerability;
@@ -45,7 +46,7 @@
  * </p>
  */
 public class ImportAffectedLibraries implements Task {
-  private static final String OVERWRITE_OPTION = "o";
+
   private static final Logger log = org.apache.logging.log4j.LogManager.getLogger();
 
   /** {@inheritDoc} */
@@ -56,6 +57,9 @@ public void execute(
     if (artifacts == null || artifacts.isEmpty()) {
       return;
     }
+    if (args.containsKey(Import.DELETE) && (boolean) args.get(Import.DELETE)) {
+      backendConnector.deletePatchEvalResults(vuln.getVulnId(), AffectedVersionSource.KAYBEE);
+    }
 
     List<AffectedLibrary> affectedLibsToUpsert = new ArrayList<AffectedLibrary>();
     HashSet<org.eclipse.steady.shared.json.model.Artifact> ciaArtifactsCache = new HashSet<>();
@@ -71,7 +75,7 @@ public void execute(
               vuln.getVulnId(), purlGroup, purlArtifact, purlVersion, AffectedVersionSource.KAYBEE);
       if (affectedLibs != null && affectedLibs.length > 0) {
         AffectedLibrary affectedLibrary = affectedLibs[0];
-        Boolean overwrite = (Boolean) args.get(OVERWRITE_OPTION);
+        Boolean overwrite = (Boolean) args.get(Import.OVERWRITE_OPTION);
         if (overwrite || affectedLibrary.getAffected() == null) {
           setAfftectedLib(artifact, affectedLibrary);
           affectedLibsToUpsert.add(affectedLibrary);

kb-importer/src/main/java/org/eclipse/steady/kb/task/ImportVulnerability.java

@@ -38,6 +38,7 @@
 import org.eclipse.steady.backend.BackendConnectionException;
 import org.eclipse.steady.backend.BackendConnector;
 import org.eclipse.steady.kb.command.Command;
+import org.eclipse.steady.kb.command.Import;
 import org.eclipse.steady.kb.model.Commit;
 import org.eclipse.steady.kb.model.Note;
 import org.eclipse.steady.kb.model.Vulnerability;
@@ -53,9 +54,6 @@
  * <p>ImportVulnerability class.</p>
  */
 public class ImportVulnerability implements Task {
-  private static final String OVERWRITE_OPTION = "o";
-  private static final String DIRECTORY_OPTION = "d";
-  private static final String VERBOSE_OPTION = "v";
 
   private static final Logger log = org.apache.logging.log4j.LogManager.getLogger();
   private BackendConnector backendConnector = null;
@@ -67,14 +65,8 @@ public void execute(
     String vulnId = vuln.getVulnId();
     this.backendConnector = _backendConnector;
 
-    Boolean overwrite = (Boolean) args.get(OVERWRITE_OPTION);
-    if (!overwrite && getBackendConnector().isBugExisting(vulnId)) {
-      log.info("Bug [{}] already exists in backend, analysis will be skipped", vulnId);
-      return;
-    }
-
     List<Commit> commits = new ArrayList<Commit>();
-    File file = new File((String) args.get(DIRECTORY_OPTION));
+    File file = new File((String) args.get(Import.DIRECTORY_OPTION));
 
     File commitDirs[] =
         file.listFiles(
@@ -99,7 +91,7 @@ public boolean accept(File file) {
     Map<String, Set<ConstructChange>> allChanges = new HashMap<String, Set<ConstructChange>>();
     for (Commit commit : commits) {
       changes = ConstructSet.identifyConstructChanges(commit, allChanges);
-      if ((Boolean) args.get(VERBOSE_OPTION)) {
+      if ((Boolean) args.get(Import.VERBOSE_OPTION)) {
         for (ConstructChange chg : changes) {
           log.info(chg.toString());
         }

kb-importer/src/test/java/org/eclipse/steady/kb/command/ImportTest.java

@@ -18,11 +18,19 @@
  */
 package org.eclipse.steady.kb.command;
 
+import org.eclipse.steady.kb.task.MockBackConnector;
+import org.eclipse.steady.kb.model.Vulnerability;
+
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.assertNull;
 import java.util.HashMap;
 import org.apache.commons.cli.Options;
+
+import java.io.IOException;
 import org.eclipse.steady.kb.exception.ValidationException;
+import com.google.gson.JsonSyntaxException;
+import org.eclipse.steady.backend.BackendConnectionException;
 import org.junit.Test;
 
 public class ImportTest {
@@ -52,4 +60,18 @@ public void validationFail() throws ValidationException {
     args.put("d", "invalidDir");
     command.validate(args);
   }
+
+  @Test
+  public void testImportSkipExistingBug()
+      throws JsonSyntaxException, IOException, BackendConnectionException {
+    Vulnerability vuln = new Vulnerability();
+    vuln.setVulnId("CVE-TEST01");
+    MockBackConnector mockBackendConnector = new MockBackConnector();
+    HashMap<String, Object> args = new HashMap<String, Object>();
+    args.put("o", false);
+    args.put("v", false);
+    Import command = new Import(mockBackendConnector);
+    command.run(args);
+    assertNull(mockBackendConnector.getUploadJson());
+  }
 }

kb-importer/src/test/java/org/eclipse/steady/kb/task/TestImportVulnerability.java

@@ -2,7 +2,6 @@
 
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertNull;
 import java.io.File;
 import java.io.IOException;
 import java.util.HashMap;
@@ -58,20 +57,6 @@ public void testImportVuln() throws JsonSyntaxException, IOException, BackendCon
     assertNotNull(bug.getDescription());
   }
 
-  @Test
-  public void testImportVulnSkipExistingBug()
-      throws JsonSyntaxException, IOException, BackendConnectionException {
-    Vulnerability vuln = new Vulnerability();
-    vuln.setVulnId("CVE-TEST01");
-    MockBackConnector mockBackendConnector = new MockBackConnector();
-    HashMap<String, Object> args = new HashMap<String, Object>();
-    args.put("o", false);
-    args.put("v", false);
-    ImportVulnerability importVuln = new ImportVulnerability();
-    importVuln.execute(vuln, args, mockBackendConnector);
-    assertNull(mockBackendConnector.getUploadJson());
-  }
-
   @AfterClass
   public static void cleanup() {
     try {

lang/src/main/java/org/eclipse/steady/backend/BackendConnector.java

@@ -1041,6 +1041,21 @@ public void uploadChangeList(String _bug, String _json) throws BackendConnection
     req_list.send();
   }
 
+  /**
+   * <p>deleteBug.</p>
+   *
+   * @param _bugId a {@link java.lang.String} object.
+   * @throws org.eclipse.steady.backend.BackendConnectionException if any.
+   */
+  public void deleteBug(String _bugId) throws BackendConnectionException {
+
+    final BasicHttpRequest del_req =
+        new BasicHttpRequest(HttpMethod.DELETE, PathBuilder.bug(_bugId));
+    // payload cannot be empty otherwise request doesn t work
+    del_req.setPayload("[]", "application/json", true);
+    del_req.send();
+  }
+
   /**
    * <p>uploadCheckVersionResults.</p>
    *

non-compliant-files.txt

@@ -0,0 +1,2 @@
+kb-importer/src/test/java/org/eclipse/steady/kb/task/TestImportVulnerability.java
+kb-importer/src/test/java/org/eclipse/steady/kb/command/ImportTest.java

pom.xml

@@ -152,7 +152,7 @@
 		<module>lang-java-reach</module>
 		<module>lang-java-reach-wala</module>
 		<module>lang-java-reach-soot</module>
-		<module>lang-python</module>
+		<!-- <module>lang-python</module> -->
 
 		<!-- Analysis of security patches and libraries -->
 		<module>repo-client</module>