Add search in API via alias

TG1999 · TG1999 · commit d365977ebae9 · 2022-06-16T18:34:03.000+05:30
Signed-off-by: Tushar Goel &lt;tushar.goel.dav@gmail.com&gt;
diff --git a/vulnerabilities/api.py b/vulnerabilities/api.py
@@ -157,6 +157,7 @@ def filter_purl(self, queryset, name, value):
 class PackageViewSet(viewsets.ReadOnlyModelViewSet):
     queryset = Package.objects.all()
     serializer_class = PackageSerializer
+    paginate_by = 50
     filter_backends = (filters.DjangoFilterBackend,)
     filterset_class = PackageFilterSet
 
@@ -229,3 +230,19 @@ class CPEViewSet(viewsets.ReadOnlyModelViewSet):
     paginate_by = 50
     filter_backends = (filters.DjangoFilterBackend,)
     filterset_class = CPEFilterSet
+
+
+class AliasFilterSet(filters.FilterSet):
+    alias = filters.CharFilter(method="filter_alias")
+
+    def filter_alias(self, queryset, name, value):
+        alias = unquote(value)
+        return self.queryset.filter(aliases__alias__icontains=alias)
+
+
+class AliasViewSet(viewsets.ReadOnlyModelViewSet):
+    queryset = Vulnerability.objects.all()
+    serializer_class = VulnerabilitySerializer
+    paginate_by = 50
+    filter_backends = (filters.DjangoFilterBackend,)
+    filterset_class = AliasFilterSet
diff --git a/vulnerabilities/tests/test_fix_api.py b/vulnerabilities/tests/test_fix_api.py
@@ -24,6 +24,7 @@
 from django.utils.http import int_to_base36
 from rest_framework import status
 
+from vulnerabilities.models import Alias
 from vulnerabilities.models import Package
 from vulnerabilities.models import Vulnerability
 from vulnerabilities.models import VulnerabilityReference
@@ -125,3 +126,18 @@ def test_api_status(self):
     def test_api_response(self):
         response = self.client.get("/api/cpes/?cpe=cpe:/a:nginx:9", format="json").data
         self.assertEqual(response["count"], 1)
+
+
+class AliasApi(TestCase):
+    def setUp(self):
+        self.vulnerability = Vulnerability.objects.create(summary="test")
+        for i in range(0, 10):
+            Alias.objects.create(alias=f"CVE-{i}", vulnerability=self.vulnerability)
+
+    def test_api_status(self):
+        response = self.client.get("/api/alias/", format="json")
+        self.assertEqual(status.HTTP_200_OK, response.status_code)
+
+    def test_api_response(self):
+        response = self.client.get("/api/alias?alias=CVE-9", format="json").data
+        self.assertEqual(response["count"], 1)
diff --git a/vulnerablecode/urls.py b/vulnerablecode/urls.py
@@ -26,6 +26,7 @@
 from django.urls import path
 from rest_framework.routers import DefaultRouter
 
+from vulnerabilities.api import AliasViewSet
 from vulnerabilities.api import CPEViewSet
 from vulnerabilities.api import PackageViewSet
 from vulnerabilities.api import VulnerabilityViewSet
@@ -49,6 +50,8 @@ def __init__(self, *args, **kwargs):
 # `DefaultRouter` requires `basename` when registering viewsets that don't define a queryset.
 api_router.register(r"vulnerabilities", VulnerabilityViewSet, basename="vulnerability")
 api_router.register(r"cpes", CPEViewSet, basename="cpe")
+api_router.register(r"alias", AliasViewSet, basename="alias")
+
 
 urlpatterns = [
     path("admin/", admin.site.urls),
