Merge pull request #465 from CVEProject/count-only-parameter

mattrbianchi · web-flow · commit 7b1b48c3c4e8 · 2021-08-12T13:40:08.000-04:00
added functionality to obtain count_only
diff --git a/docs/openapi.yml b/docs/openapi.yml
@@ -924,6 +924,12 @@ paths:
             type: string
             format: date-time
         - $ref: '#/components/parameters/page-query'
+        - in: query
+          name: count_only
+          description: Get count of records that match query. Accepted values are 0 and 1, representing False and True, respectively.
+          required: false
+          schema:
+            type: boolean
       responses:
         200:
           description: A list of CVE records and pagination fields, only allowed by the Secretariat.
diff --git a/src/controller/cve.controller/cve.controller.js b/src/controller/cve.controller/cve.controller.js
@@ -67,6 +67,14 @@ async function getFilteredCves (req, res, next) {
       }
     ]
 
+    // check whether user requested count_only
+    if (req.ctx.query.count_only === '1') {
+      const payload = {}
+      payload.totalCount = await cveRepo.countDocuments(query)
+      logger.info({ uuid: req.ctx.uuid, message: 'The cve records count was sent to the user.' })
+      return res.status(200).json(payload) // only return count number, not the records
+    }
+
     const pg = await cveRepo.aggregatePaginate(agt, options)
     const payload = { cveRecords: pg.itemsList.map(val => { return val.cve }) }
 
diff --git a/src/controller/cve.controller/cve.middleware.js b/src/controller/cve.controller/cve.middleware.js
@@ -10,7 +10,7 @@ function parsePostParams (req, res, next) {
 }
 
 function parseGetParams (req, res, next) {
-  utils.reqCtxMapping(req, 'query', ['page', 'time_modified.lt', 'time_modified.gt'])
+  utils.reqCtxMapping(req, 'query', ['page', 'time_modified.lt', 'time_modified.gt', 'count_only'])
   utils.reqCtxMapping(req, 'params', ['id'])
   next()
 }
diff --git a/src/controller/cve.controller/index.js b/src/controller/cve.controller/index.js
@@ -20,6 +20,7 @@ router.get('/cve',
   query(['page']).optional().isInt({ min: CONSTANTS.PAGINATOR_PAGE }),
   query(['time_modified.lt']).optional().isString().trim().escape().customSanitizer(val => { return toDate(val) }).not().isEmpty(),
   query(['time_modified.gt']).optional().isString().trim().escape().customSanitizer(val => { return toDate(val) }).not().isEmpty(),
+  query(['count_only']).optional().isBoolean(),
   parseError,
   parseGetParams,
   controller.CVE_GET_FILTERED)
diff --git a/test-http/src/test/cve_tests/cve.py b/test-http/src/test/cve_tests/cve.py
@@ -48,6 +48,62 @@ def test_get_cve_by_time_modified():
     assert len(json.loads(res.content.decode())['cveRecords']) >= 2
 
 
+def test_get_cve_by_count_only_true():
+    """ count_only set to True using number 1 """
+    res = requests.get(
+        f'{env.AWG_BASE_URL}{CVE_URL}/',
+        headers=utils.BASE_HEADERS,
+        params={
+            'count_only' : 1
+        }
+
+    )
+    assert len(json.loads(res.content.decode())) == 1 # only count is returned
+    assert json.loads(res.content.decode())['totalCount'] == 114
+    assert res.status_code == 200
+
+
+def test_get_cve_by_count_only_false():
+    """ count_only set to False using number 0, returns all records"""
+    res = requests.get(
+        f'{env.AWG_BASE_URL}{CVE_URL}/',
+        headers=utils.BASE_HEADERS,
+        params={
+            'count_only' : 0
+        }
+
+    )
+    print(json.loads(res.content.decode()))
+    assert len(json.loads(res.content.decode())['cveRecords']) == 114  # all records are returned
+    assert res.status_code == 200
+
+
+def test_get_cve_invalid_count_number():
+    """ count_only can only be set to 0 or 1 """
+    res = requests.get(
+        f'{env.AWG_BASE_URL}{CVE_URL}/',
+        headers=utils.BASE_HEADERS,
+        params={
+            'count_only' : 11
+        }
+    )
+    assert res.status_code == 400
+    response_contains_json(res, 'error', 'BAD_INPUT')
+
+
+def test_get_cve_invalid_count_value():
+    """ count_only can only be set to 0 or 1 """
+    res = requests.get(
+        f'{env.AWG_BASE_URL}{CVE_URL}/',
+        headers=utils.BASE_HEADERS,
+        params={
+            'count_only' : True
+        }
+    )
+    assert res.status_code == 400
+    response_contains_json(res, 'error', 'BAD_INPUT')
+
+
 #### GET /cve/:id ####
 def test_get_cve():
     res = requests.get(

Original file line number	Diff line number	Diff line change
`@@ -67,6 +67,14 @@ async function getFilteredCves (req, res, next) {`
`67`	`67`	`}`
`68`	`68`	`]`
`69`	`69`
	`70`	`+ // check whether user requested count_only`
	`71`	`+ if (req.ctx.query.count_only === '1') {`
	`72`	`+ const payload = {}`
	`73`	`+ payload.totalCount = await cveRepo.countDocuments(query)`
	`74`	`+ logger.info({ uuid: req.ctx.uuid, message: 'The cve records count was sent to the user.' })`
	`75`	`+ return res.status(200).json(payload) // only return count number, not the records`
	`76`	`+ }`
	`77`	`+`
`70`	`78`	`const pg = await cveRepo.aggregatePaginate(agt, options)`
`71`	`79`	`const payload = { cveRecords: pg.itemsList.map(val => { return val.cve }) }`
`72`	`80`
Original file line number	Diff line number	Diff line change
`@@ -10,7 +10,7 @@ function parsePostParams (req, res, next) {`
`10`	`10`	`}`
`11`	`11`
`12`	`12`	`function parseGetParams (req, res, next) {`
`13`		`- utils.reqCtxMapping(req, 'query', ['page', 'time_modified.lt', 'time_modified.gt'])`
	`13`	`+ utils.reqCtxMapping(req, 'query', ['page', 'time_modified.lt', 'time_modified.gt', 'count_only'])`
`14`	`14`	`utils.reqCtxMapping(req, 'params', ['id'])`
`15`	`15`	`next()`
`16`	`16`	`}`