Merge pull request #411 from rbt-mm/master-global-audit-view-vulnerabilities

Global Audit View: Vulnerabilities

Author: nscuro

src/containers/DefaultContainer.vue

@@ -93,6 +93,22 @@
           icon: 'fa fa-balance-scale',
           permission: permissions.VIEW_PORTFOLIO
         },
+          {
+            title: true,
+            name: this.$t('message.global_audit'),
+            class: '',
+            wrapper: {
+              element: '',
+              attributes: {}
+            },
+            permission: permissions.VIEW_VULNERABILITY
+          },
+          {
+            name: this.$t('message.vulnerability_audit'),
+            url: '/vulnerabilityAudit',
+            icon: 'fa fa-tasks',
+            permission: permissions.VIEW_VULNERABILITY
+          },
         {
           title: true,
           name: this.$t('message.administration'),
@@ -114,7 +130,7 @@
           url: '/admin',
           icon: 'fa fa-cogs',
           permission: permissions.SYSTEM_CONFIGURATION
-        }
+        },
       ]
       }
     },

src/i18n/locales/en.json

@@ -82,6 +82,8 @@
     "last_bom_import": "Last BOM Import",
     "overview": "Overview",
     "audit": "Audit",
+    "global_audit": "Global Audit",
+    "vulnerability_audit": "Vulnerability Audit",
     "audit_vulnerabilities": "Audit Vulnerabilities",
     "policy_violations": "Policy Violations",
     "policy_violations_by_classification": "Policy Violations by Classification",
@@ -136,6 +138,8 @@
     "project_cloning_in_progress": "The project is being created with the cloning options specified",
     "vulnerability": "Vulnerability",
     "analysis": "Analysis",
+    "analysis_status": "Analysis Status",
+    "analysis_state": "Analysis State",
     "analysis_tooltip": "The current state of an occurrence of a vulnerability",
     "justification": "Justification",
     "justification_tooltip": "The rationale of why the impact analysis state was asserted to be \"Not Affected\"",
@@ -218,6 +222,7 @@
     "rollback": "Rollback",
     "workaround_available": "Workaround available",
     "response": "Vendor Response (project)",
+    "vendor_response": "Vendor Response",
     "response_tooltip": "A response to the vulnerability by the manufacturer, supplier, or project responsible for the affected component or service",
     "analysis_details_tooltip": "Details (explanation, workaround details, and other impact information)",
     "updated": "Updated",
@@ -541,6 +546,14 @@
     "version_distance_minor": "minor",
     "version_distance_patch": "patch",
     "version_distance_tooltip": "Specify the difference between version numbers, or empty to ignore",
+    "filters": "Filters",
+    "clear_all": "Clear all",
+    "text_search": "Text Search",
+    "from": "From",
+    "to": "To",
+    "vulnerabilities_by_occurrence": "Vulnerabilities By Occurrence",
+    "grouped_vulnerabilities": "Grouped Vulnerabilities",
+    "occurrences_in_projects": "Occurrences in projects",
     "matrix": "Matrix"
   },
   "admin": {

src/router/index.js

@@ -13,6 +13,7 @@ const Dashboard = () => import('@/views/Dashboard');
 const ProjectList = () => import('@/views/portfolio/projects/ProjectList');
 const ComponentSearch = () => import('@/views/portfolio/components/ComponentSearch');
 const VulnerabilityList = () => import('@/views/portfolio/vulnerabilities/VulnerabilityList');
+const VulnerabilityAudit = () => import('@/views/globalAudit/VulnerabilityAudit');
 const LicenseList = () => import('@/views/portfolio/licenses/LicenseList');
 const PolicyManagement = () => import('@/views/policy/PolicyManagement');
 const Project = () => import('@/views/portfolio/projects/Project');
@@ -655,6 +656,18 @@ function configRoutes() {
             }
           ]
         },
+        {
+          path: 'vulnerabilityAudit',
+          name: 'Vulnerability Audit',
+          alias: ['vulnerabilityAudit/occurrences', 'vulnerabilityAudit/grouped'],
+          component: VulnerabilityAudit,
+          meta: {
+            title: i18n.t('message.vulnerability_audit'),
+            i18n: 'message.vulnerability_audit',
+            sectionPath: '/globalAudit',
+            permission: 'VIEW_VULNERABILITY'
+          }
+        },
         // The following route redirects URLs from legacy Dependency-Track UI to new URL format.
         {
           // Old: http://host/project/?uuid=3a38aedf-e9e9-4e0a-8913-2d99951aa76d

src/shared/utils.js

@@ -38,7 +38,7 @@ export function getRedirectUrl(router) {
 // An array of acceptable root context paths defined in the UI.
 const acceptableRootContextPaths = [
     '/dashboard', '/projects', '/components', '/services', '/vulnerabilities', '/licenses', '/policy', '/admin',
-    '/project', '/component', '/vulnerability', '/license', '/login', '/change-password'
+    '/project', '/component', '/vulnerability', '/license', '/vulnerabilityAudit', '/login', '/change-password'
 ];
 
 /**

src/views/globalAudit/VulnerabilityAudit.vue

@@ -0,0 +1,62 @@
+<template>
+  <div class="animated fadeIn" v-model="tabIndex" v-permission="'VIEW_VULNERABILITY'">
+    <b-tabs class="body-bg-color" style="border-left: 0; border-right:0; border-top:0 ">
+      <b-tab ref="occurrences" style="border-left: 0; border-right:0; border-top:0 " @click="routeTo()" :active="tabIndex === 0" :lazy="!visitedTabs.has(0)">
+        <template v-slot:title><i class="fa fa-shield"></i> {{ $t('message.vulnerabilities_by_occurrence') }}</template>
+        <VulnerabilityAuditByOccurrence />
+      </b-tab>
+      <b-tab ref="grouped" style="border-left: 0; border-right:0; border-top:0 " @click="routeTo('grouped')" :active="tabIndex === 1" :lazy="!visitedTabs.has(1)">
+        <template v-slot:title><i class="fa fa-shield"></i> {{ $t('message.grouped_vulnerabilities') }}</template>
+        <VulnerabilityAuditGroupedByVulnerability />
+      </b-tab>
+    </b-tabs>
+  </div>
+</template>
+
+<script>
+import permissionsMixin from "@/mixins/permissionsMixin";
+import VulnerabilityAuditGroupedByVulnerability from "@/views/globalAudit/VulnerabilityAuditGroupedByVulnerability";
+import VulnerabilityAuditByOccurrence from "@/views/globalAudit/VulnerabilityAuditByOccurrence";
+
+export default {
+  mixins: [permissionsMixin],
+  components: {
+    VulnerabilityAuditByOccurrence,
+    VulnerabilityAuditGroupedByVulnerability,
+  },
+  methods: {
+    routeTo(path) {
+      if (path) {
+        this.visitedTabs.add(path === 'grouped' ? 1 : 0);
+        if (!this.$route.fullPath.toLowerCase().includes('/' + path.toLowerCase())) {
+          this.$router.push({path: '/vulnerabilityAudit/' + path});
+        }
+      } else if (this.$route.fullPath !== '/audit' && this.$route.fullPath !== '/vulnerabilityAudit/') {
+        this.visitedTabs.add(0)
+        this.$router.push({path: '/vulnerabilityAudit/'});
+      }
+    },
+    getTabFromRoute: function () {
+      let pattern = new RegExp("/vulnerabilityAudit\\/([^\\/]*)", "gi");
+      let tab = pattern.exec(this.$route.fullPath.toLowerCase());
+      (tab && tab[1] && tab[1].toLowerCase() === 'grouped') ? this.tabIndex = 1 : this.tabIndex = 0;
+      return this.$refs[(tab && tab[1]) ? tab[1].toLowerCase() : 'occurrences']
+    }
+  },
+  beforeMount() {
+    this.getTabFromRoute();
+    this.visitedTabs.add(this.tabIndex);
+  },
+  watch:{
+    $route (to, from){
+      this.getTabFromRoute().activate();
+    }
+  },
+  data() {
+    return {
+      tabIndex: 0,
+      visitedTabs: new Set()
+    }
+  },
+};
+</script>