fix

Author: siewer

backend/src/main/java/io/mixeway/mixewayflowapi/api/threatintel/service/ThreatIntelService.java

@@ -3,6 +3,8 @@
 import io.mixeway.mixewayflowapi.api.threatintel.dto.ItemListResponse;
 import io.mixeway.mixewayflowapi.api.threatintel.dto.RemovedVulnerabilityDTO;
 import io.mixeway.mixewayflowapi.api.threatintel.dto.ReviewedVulnerabilityDTO;
+import io.mixeway.mixewayflowapi.db.entity.CodeRepo;
+import io.mixeway.mixewayflowapi.db.entity.Team;
 import io.mixeway.mixewayflowapi.domain.coderepo.FindCodeRepoService;
 import io.mixeway.mixewayflowapi.domain.finding.FindFindingService;
 import io.mixeway.mixewayflowapi.domain.team.FindTeamService;
@@ -38,9 +40,11 @@ public ResponseEntity<List<ReviewedVulnerabilityDTO>> getSupressedThreats(Princi
 
     public ResponseEntity<ItemListResponse> getThreatsForTeam(Principal principal, String remoteId) {
         ItemListResponse itemListResponse = findFindingService.getThreatIntelFindingsForTeam(principal,remoteId);
-        itemListResponse.setNumberOfTeams(findTeamService.findAllTeams(principal).size());
-        itemListResponse.setNumberOfAllProjects(findCodeRepoService.findCodeRepoForUser(principal).size());
-        itemListResponse.setOpenedVulnerabilities(findFindingService.countOpenedVulnerabilities(principal));
+        List<Team> team = findTeamService.findByRemoteId(remoteId);
+        List<CodeRepo> codeRepos = findCodeRepoService.findbyTeamIn(team);
+        itemListResponse.setNumberOfTeams(team.size());
+        itemListResponse.setNumberOfAllProjects(codeRepos.size());
+        itemListResponse.setOpenedVulnerabilities(findFindingService.countOpenedVulnerabilitiesForRepos(codeRepos));
         return new ResponseEntity<>(itemListResponse,HttpStatus.OK);
     }
 }

backend/src/main/java/io/mixeway/mixewayflowapi/domain/coderepo/FindCodeRepoService.java

@@ -77,4 +77,7 @@ public Optional<CodeRepo> findAllByUrl(String url) {
     }
 
 
+    public List<CodeRepo> findbyTeamIn(List<Team> team) {
+        return codeRepoRepository.findByTeamIn(team);
+    }
 }

backend/src/main/java/io/mixeway/mixewayflowapi/domain/finding/FindFindingService.java

@@ -154,6 +154,9 @@ private ItemListResponse mapProjectionsToItems(List<ItemProjection> projections)
     public Long countOpenedVulnerabilities(Principal principal){
         return findingRepository.countAllByCodeRepoInAndStatusIn(findCodeRepoService.findCodeRepoForUser(principal), Arrays.asList("NEW", "EXISTING"));
     }
+    public Long countOpenedVulnerabilitiesForRepos(List<CodeRepo> codeRepos){
+        return findingRepository.countAllByCodeRepoInAndStatusIn(codeRepos, Arrays.asList("NEW", "EXISTING"));
+    }
 
     public List<RemovedVulnerabilityDTO> getTopRemovedVulns(Principal principal){
 

backend/src/main/resources/db/changelog/data_dump_test.sql

@@ -792,4 +792,8 @@ SELECT pg_catalog.setval('public.vulnerability_id_seq', 20, true);
 --
 -- PostgreSQL database dump complete
 --
+INSERT INTO users (username, password, active, reset_password)
+VALUES
+    ('team_user', '$2a$10$test', true, false),
+    ('unauthorized_user', '$2a$10$test', true, false);
 

backend/src/main/resources/db/changelog/db.changelog-master.sql

@@ -583,3 +583,19 @@ HAVING
             THEN 'notable'
         ELSE NULL
 END IS NOT NULL;
+
+-- changeset siewer:add-comment
+CREATE TABLE comment (
+                         id BIGSERIAL PRIMARY KEY,
+                         message TEXT NOT NULL,
+                         finding_id BIGINT NOT NULL,
+                         user_id BIGINT NOT NULL,
+                         created_date TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+                         updated_date TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
+                         FOREIGN KEY (finding_id) REFERENCES finding(id),
+                         FOREIGN KEY (user_id) REFERENCES users(id)
+);
+
+-- Index for faster lookups
+CREATE INDEX idx_comment_finding ON comment(finding_id);
+CREATE INDEX idx_comment_user ON comment(user_id);

backend/src/test/java/io/mixeway/mixewayflowapi/domain/comment/CreateCommentServiceTest.java

@@ -48,7 +48,7 @@ void createCommentAsAdmin() throws FindingNotFoundException {
         String message = "Test comment";
 
         // When
-        Comment comment = createCommentService.createComment(1L,1L, message, principal);
+        Comment comment = createCommentService.createComment(2L,1L, message, principal);
 
         // Then
         assertNotNull(comment);
@@ -68,7 +68,7 @@ void createCommentAsTeamMember() throws FindingNotFoundException {
         String message = "Test comment from team member";
 
         // When
-        Comment comment = createCommentService.createComment(1L,1L, message, principal);
+        Comment comment = createCommentService.createComment(2L,1L, message, principal);
 
         // Then
         assertNotNull(comment);
@@ -88,7 +88,7 @@ void createCommentUnauthorizedUser() {
 
         // Then
         assertThrows(UnauthorizedAccessException.class, () ->
-                createCommentService.createComment(1L, 1L,message, principal)
+                createCommentService.createComment(2L, 1L,message, principal)
         );
     }
 

frontend/src/app/views/show-repo/show-repo.component.html

@@ -1125,7 +1125,7 @@ <h5 cModalTitle>Vulnerability Details</h5>
                                                 cButton
                                                 color="primary"
                                                 type="submit"
-                                                [disabled]="!newComment?.trim() || isAddingComment">
+                                                [disabled]="!newComment.trim() || isAddingComment">
                                             <c-spinner *ngIf="isAddingComment" size="sm" class="me-1"></c-spinner>
                                             Send
                                         </button>

frontend/src/app/views/threat-intel/threat-score/threat-score.component.ts

@@ -18,6 +18,7 @@ export type ChartOptions = {
     labels: string[];
 };
 
+
 @Component({
     selector: 'app-threat-score',
     standalone: true,
@@ -33,11 +34,11 @@ export type ChartOptions = {
 export class ThreatScoreComponent implements OnChanges {
     @Input()
     threatScore: string = '';
-    public chartOptions: Partial<ChartOptions>;
+    public chartOptions: ChartOptions;
 
     constructor() {
-        // Initialize chartOptions without threatScore
         this.chartOptions = {
+            series: [0], // Initialize with 0
             chart: {
                 type: 'radialBar',
                 offsetY: -20,
@@ -75,7 +76,6 @@ export class ThreatScoreComponent implements OnChanges {
             },
             fill: {
                 type: 'gradient',
-
                 gradient: {
                     shade: 'light',
                     shadeIntensity: 0.4,
@@ -102,23 +102,28 @@ export class ThreatScoreComponent implements OnChanges {
 
     updateChartOptions() {
         // Convert threatScore to a number and update series
-        const score = Number(this.threatScore) || 0; // Default to 0 if invalid
-        let color: string ='';
-        if (score > 80){
+        const score = Number(this.threatScore) || 0;
+        let color: string = '';
+        if (score > 80) {
             color = '#e60303';
-        } else if (score > 60){
+        } else if (score > 60) {
             color = '#e34848';
-        } else if (score > 40){
+        } else if (score > 40) {
             color = '#e47a3a';
-        } else if (score > 20){
+        } else if (score > 20) {
             color = '#bedf76';
         } else {
             color = '#55ec32';
         }
+
+        // Update only the necessary properties
         this.chartOptions = {
             ...this.chartOptions,
             series: [score],
-            fill: {colors: [color]},
+            fill: {
+                ...this.chartOptions.fill,
+                colors: [color]
+            }
         };
     }
 }