Merge pull request #115 from owenlxu/master

merge tencent issue

src/backend/analyst/biz-analyst/src/main/kotlin/com/tencent/bkrepo/analyst/component/manager/ResultItemDao.kt

@@ -28,10 +28,10 @@
 package com.tencent.bkrepo.analyst.component.manager
 
 import com.mongodb.client.result.DeleteResult
-import com.tencent.bkrepo.common.api.pojo.Page
-import com.tencent.bkrepo.common.query.model.PageLimit
 import com.tencent.bkrepo.analyst.dao.ScannerSimpleMongoDao
 import com.tencent.bkrepo.analyst.pojo.request.LoadResultArguments
+import com.tencent.bkrepo.common.api.pojo.Page
+import com.tencent.bkrepo.common.query.model.PageLimit
 import org.springframework.data.domain.PageRequest
 import org.springframework.data.mongodb.core.query.Criteria
 import org.springframework.data.mongodb.core.query.Query
@@ -52,14 +52,17 @@ abstract class ResultItemDao<T : ResultItem<*>> : ScannerSimpleMongoDao<T>() {
         arguments: LoadResultArguments
     ): Page<T> {
         val pageable = PageRequest.of(pageLimit.pageNumber - 1, pageLimit.pageSize)
-        val criteria = buildCriteria(credentialsKey, sha256, scanner)
-        customizePageBy(criteria, arguments)
-        val query = Query(criteria).with(pageable)
+        val criteria = customizePageBy(buildCriteria(credentialsKey, sha256, scanner), arguments)
+        val query = customizeQuery(Query(criteria).with(pageable), arguments)
         val total = count(Query.of(query).limit(0).skip(0))
         val data = find(query)
         return Page(pageLimit.pageNumber, pageLimit.pageSize, total, data)
     }
 
+    protected open fun customizeQuery(query: Query, arguments: LoadResultArguments): Query {
+        return query
+    }
+
     protected open fun customizePageBy(criteria: Criteria, arguments: LoadResultArguments): Criteria {
         return criteria
     }

src/backend/analyst/biz-analyst/src/main/kotlin/com/tencent/bkrepo/analyst/component/manager/arrowhead/Converter.kt

@@ -27,12 +27,6 @@
 
 package com.tencent.bkrepo.analyst.component.manager.arrowhead
 
-import com.tencent.bkrepo.common.analysis.pojo.scanner.arrowhead.ApplicationItem
-import com.tencent.bkrepo.common.analysis.pojo.scanner.arrowhead.CveSecItem
-import com.tencent.bkrepo.common.analysis.pojo.scanner.arrowhead.License
-import com.tencent.bkrepo.common.analysis.pojo.scanner.standard.LicenseResult
-import com.tencent.bkrepo.common.analysis.pojo.scanner.standard.SecurityResult
-import com.tencent.bkrepo.repository.constant.SYSTEM_USER
 import com.tencent.bkrepo.analyst.component.manager.arrowhead.model.TApplicationItem
 import com.tencent.bkrepo.analyst.component.manager.arrowhead.model.TApplicationItemData
 import com.tencent.bkrepo.analyst.component.manager.arrowhead.model.TCveSecItem
@@ -42,6 +36,13 @@ import com.tencent.bkrepo.analyst.component.manager.knowledgebase.TLicense
 import com.tencent.bkrepo.analyst.component.manager.standard.model.TLicenseResult
 import com.tencent.bkrepo.analyst.component.manager.standard.model.TSecurityResult
 import com.tencent.bkrepo.analyst.component.manager.standard.model.TSecurityResultData
+import com.tencent.bkrepo.common.analysis.pojo.scanner.arrowhead.ApplicationItem
+import com.tencent.bkrepo.common.analysis.pojo.scanner.arrowhead.CveSecItem
+import com.tencent.bkrepo.common.analysis.pojo.scanner.arrowhead.License
+import com.tencent.bkrepo.common.analysis.pojo.scanner.standard.LicenseResult
+import com.tencent.bkrepo.common.analysis.pojo.scanner.standard.SecurityResult
+import com.tencent.bkrepo.common.analysis.pojo.scanner.utils.levelOf
+import com.tencent.bkrepo.repository.constant.SYSTEM_USER
 import java.time.LocalDateTime
 
 object Converter {
@@ -155,7 +156,9 @@ object Converter {
             pkgVersions = pkgVersions,
             vulId = vulId,
             cveId = cveId ?: "",
-            severity = severity
+            severity = severity,
+            severityLevel = levelOf(severity),
+            cvss = cvss
         )
     }
 
@@ -200,7 +203,7 @@ object Converter {
             des = cve?.description,
             solution = cve?.officialSolution,
             references = cve?.references ?: emptyList(),
-            cvss = cve?.cvss,
+            cvss = securityResult.data.cvss ?: cve?.cvss,
             severity = securityResult.data.severity
         )
     }

src/backend/analyst/biz-analyst/src/main/kotlin/com/tencent/bkrepo/analyst/component/manager/standard/StandardConverter.kt

@@ -83,7 +83,7 @@ class StandardConverter(private val licenseService: SpdxLicenseService) : Scanne
     override fun convertCveResult(result: Any): Page<ArtifactVulnerabilityInfo> {
         result as Page<SecurityResult>
         val pageRequest = Pages.ofRequest(result.pageNumber, result.pageSize)
-        val reports = result.records.mapTo(HashSet(result.records.size)) {
+        val reports = result.records.mapTo(LinkedHashSet(result.records.size)) {
             ArtifactVulnerabilityInfo(
                 vulId = it.cveId ?: it.vulId,
                 severity = ScanPlanConverter.convertToLeakLevel(it.severity),

src/backend/analyst/biz-analyst/src/main/kotlin/com/tencent/bkrepo/analyst/component/manager/standard/dao/SecurityResultDao.kt

@@ -32,7 +32,9 @@ import com.tencent.bkrepo.analyst.component.manager.standard.model.TSecurityResu
 import com.tencent.bkrepo.analyst.component.manager.standard.model.TSecurityResultData
 import com.tencent.bkrepo.analyst.pojo.request.LoadResultArguments
 import com.tencent.bkrepo.analyst.pojo.request.standard.StandardLoadResultArguments
+import org.springframework.data.domain.Sort
 import org.springframework.data.mongodb.core.query.Criteria
+import org.springframework.data.mongodb.core.query.Query
 import org.springframework.data.mongodb.core.query.inValues
 import org.springframework.stereotype.Repository
 
@@ -48,4 +50,9 @@ class SecurityResultDao : ResultItemDao<TSecurityResult>() {
         }
         return criteria
     }
+
+    override fun customizeQuery(query: Query, arguments: LoadResultArguments): Query {
+        query.with(Sort.by(Sort.Direction.DESC, dataKey(TSecurityResultData::severityLevel.name)))
+        return query
+    }
 }

src/backend/analyst/biz-analyst/src/main/kotlin/com/tencent/bkrepo/analyst/component/manager/standard/model/TSecurityResult.kt

@@ -65,5 +65,10 @@ data class TSecurityResultData(
     /**
      * cvss等级， CRITICAL,HIGH,MEDIUM,LOW
      */
-    val severity: String
+    val severity: String,
+    /**
+     * cvss等级, 3,2,1,0
+     */
+    val severityLevel: Int? = null,
+    val cvss: Double? = null
 )

src/backend/auth/api-auth/src/main/kotlin/com/tencent/bkrepo/auth/pojo/user/UserInfo.kt

@@ -19,5 +19,9 @@ data class UserInfo(
     @ApiModelProperty("用户名")
     val locked: Boolean,
     @ApiModelProperty("是否管理员")
-    val admin: Boolean
+    val admin: Boolean,
+    @ApiModelProperty("是否为虚拟用户")
+    val group: Boolean,
+    @ApiModelProperty("关联用户")
+    val asstUsers: List<String> = emptyList(),
 )

src/backend/auth/biz-auth/src/main/kotlin/com/tencent/bkrepo/auth/util/query/UserUpdateHelper.kt

@@ -35,6 +35,9 @@ object UserUpdateHelper {
         request.admin?.let {
             update.set(TUser::admin.name, request.admin)
         }
+        request.asstUsers?.let {
+            update.set(TUser::asstUsers.name, request.asstUsers)
+        }
         return update.set(TUser::lastModifiedDate.name, LocalDateTime.now())
     }
 

src/backend/auth/biz-auth/src/main/kotlin/com/tencent/bkrepo/auth/util/request/UserRequestUtil.kt

@@ -97,7 +97,9 @@ object UserRequestUtil {
             email = user.email,
             phone = user.phone,
             createdDate = user.createdDate,
-            admin = user.admin
+            admin = user.admin,
+            group = user.group,
+            asstUsers = user.asstUsers
         )
     }
 }

src/backend/common/common-analysis/src/main/kotlin/com/tencent/bkrepo/common/analysis/pojo/scanner/utils/LevelUtils.kt

@@ -41,3 +41,11 @@ fun normalizedLevel(level: String): String {
         else -> Level.CRITICAL.levelName
     }
 }
+
+fun levelOf(levelName: String) = when (levelName.toLowerCase()) {
+    Level.CRITICAL.levelName -> Level.CRITICAL.level
+    Level.HIGH.levelName -> Level.HIGH.level
+    Level.MEDIUM.levelName -> Level.MEDIUM.level
+    Level.LOW.levelName -> Level.LOW.level
+    else -> Int.MAX_VALUE
+}

src/backend/conan/biz-conan/src/main/kotlin/com/tencent/bkrepo/conan/artifact/repository/ConanLocalRepository.kt

@@ -32,7 +32,6 @@ import com.tencent.bkrepo.common.artifact.repository.context.ArtifactUploadConte
 import com.tencent.bkrepo.common.artifact.repository.local.LocalRepository
 import com.tencent.bkrepo.common.artifact.resolve.response.ArtifactChannel
 import com.tencent.bkrepo.common.artifact.resolve.response.ArtifactResource
-import com.tencent.bkrepo.common.artifact.util.PackageKeys
 import com.tencent.bkrepo.common.service.util.SpringContextUtils.Companion.publishEvent
 import com.tencent.bkrepo.conan.constant.EXPORT_SOURCES_TGZ_NAME
 import com.tencent.bkrepo.conan.constant.NAME
@@ -45,7 +44,6 @@ import com.tencent.bkrepo.conan.utils.ObjectBuildUtil
 import com.tencent.bkrepo.conan.utils.ObjectBuildUtil.buildDownloadResponse
 import com.tencent.bkrepo.conan.utils.ObjectBuildUtil.buildPackageUpdateRequest
 import com.tencent.bkrepo.conan.utils.ObjectBuildUtil.buildPackageVersionCreateRequest
-import com.tencent.bkrepo.conan.utils.ObjectBuildUtil.buildPackageVersionUpdateRequest
 import com.tencent.bkrepo.conan.utils.PathUtils.generateFullPath
 import com.tencent.bkrepo.repository.pojo.download.PackageDownloadRecord
 import com.tencent.bkrepo.repository.pojo.node.service.NodeCreateRequest
@@ -110,35 +108,16 @@ class ConanLocalRepository : LocalRepository() {
         sourceType: ArtifactChannel? = null
     ) {
         with(artifactInfo) {
-            val packageVersion = packageClient.findVersionByName(
-                projectId = projectId,
-                repoName = repoName,
-                packageKey = PackageKeys.ofConan(name, userName),
-                version = version
-            ).data
-            if (packageVersion == null) {
-                val packageVersionCreateRequest = buildPackageVersionCreateRequest(
-                    userId = userId,
-                    artifactInfo = artifactInfo,
-                    size = size,
-                    sourceType = sourceType
-                )
-                // TODO 元数据中要加入对应username与channel，可能存在同一制品版本存在不同username与channel
-                val packageUpdateRequest = buildPackageUpdateRequest(artifactInfo)
-                packageClient.createVersion(packageVersionCreateRequest).apply {
-                    logger.info("user: [$userId] create package version [$packageVersionCreateRequest] success!")
-                }
-                packageClient.updatePackage(packageUpdateRequest)
-            } else {
-                val packageVersionUpdateRequest = buildPackageVersionUpdateRequest(
-                    artifactInfo = artifactInfo,
-                    size = size,
-                    sourceType = sourceType,
-                    packageMetadata = packageVersion.packageMetadata
-                )
-                packageClient.updateVersion(packageVersionUpdateRequest).apply {
-                    logger.info("user: [$userId] update package version [$packageVersionUpdateRequest] success!")
-                }
+            val packageVersionCreateRequest = buildPackageVersionCreateRequest(
+                userId = userId,
+                artifactInfo = artifactInfo,
+                size = size,
+                sourceType = sourceType
+            )
+            // TODO 元数据中要加入对应username与channel，可能存在同一制品版本存在不同username与channel
+            val packageUpdateRequest = buildPackageUpdateRequest(artifactInfo)
+            packageClient.createVersion(packageVersionCreateRequest).apply {
+                logger.info("user: [$userId] create package version [$packageVersionCreateRequest] success!")
             }
         }
     }

src/backend/conan/biz-conan/src/main/kotlin/com/tencent/bkrepo/conan/utils/ObjectBuildUtil.kt

@@ -77,7 +77,8 @@ object ObjectBuildUtil {
                 artifactPath = getArtifactFullPath(),
                 stageTag = null,
                 packageMetadata = addPackageMetadata(artifactInfo, sourceType),
-                createdBy = userId
+                createdBy = userId,
+                overwrite = true
             )
         }
     }

src/backend/helm/biz-helm/src/main/kotlin/com/tencent/bkrepo/helm/artifact/repository/HelmLocalRepository.kt

@@ -129,7 +129,7 @@ class HelmLocalRepository(
      */
     override fun onUploadSuccess(context: ArtifactUploadContext) {
         super.onUploadSuccess(context)
-        helmOperationService.initPackageInfo(context)
+        helmOperationService.initPackageInfo(context, true)
         if (CHART == context.getStringAttribute(FILE_TYPE)) {
             publishEvent(
                 ChartUploadEvent(

src/backend/helm/biz-helm/src/main/kotlin/com/tencent/bkrepo/helm/service/impl/AbstractChartService.kt

@@ -70,7 +70,6 @@ import com.tencent.bkrepo.helm.constants.NODE_FULL_PATH
 import com.tencent.bkrepo.helm.constants.NODE_METADATA
 import com.tencent.bkrepo.helm.constants.NODE_NAME
 import com.tencent.bkrepo.helm.constants.NODE_SHA256
-import com.tencent.bkrepo.helm.constants.OVERWRITE
 import com.tencent.bkrepo.helm.constants.PROJECT_ID
 import com.tencent.bkrepo.helm.constants.REDIS_LOCK_KEY_PREFIX
 import com.tencent.bkrepo.helm.constants.REPO_NAME
@@ -244,23 +243,22 @@ open class AbstractChartService : ArtifactService() {
     /**
      * 当helm 本地文件上传后/或从远程代理下载后，创建或更新包/包版本信息
      */
-    fun initPackageInfo(context: ArtifactContext) {
+    fun initPackageInfo(context: ArtifactContext, isOverwrite: Boolean = false) {
         with(context) {
             if (CHART != getStringAttribute(FILE_TYPE)) return
             logger.info("start to update package meta info..")
             val size = getLongAttribute(SIZE)
             val helmChartMetadataMap = getAttribute<Map<String, Any>?>(META_DETAIL)
             helmChartMetadataMap?.let {
                 val helmChartMetadata = HelmMetadataUtils.convertToObject(helmChartMetadataMap)
-                val overWrite = getBooleanAttribute(OVERWRITE) ?: false
                 val sourceType = getAttribute<ArtifactChannel>(SOURCE_TYPE)
                 createVersion(
                     userId = userId,
                     projectId = artifactInfo.projectId,
                     repoName = artifactInfo.repoName,
                     chartInfo = helmChartMetadata,
                     size = size!!,
-                    isOverwrite = overWrite,
+                    isOverwrite = isOverwrite,
                     sourceType = sourceType
                 )
             }
@@ -363,7 +361,7 @@ open class AbstractChartService : ArtifactService() {
                 packageKey = PackageKeys.ofHelm(chartInfo.name),
                 version = chartInfo.version
             ).data
-            if (packageVersion == null) {
+            if (packageVersion == null || isOverwrite) {
                 val packageVersionCreateRequest = ObjectBuilderUtil.buildPackageVersionCreateRequest(
                     userId = userId,
                     projectId = projectId,
@@ -373,15 +371,9 @@ open class AbstractChartService : ArtifactService() {
                     isOverwrite = isOverwrite,
                     sourceType = sourceType
                 )
-                val packageUpdateRequest = ObjectBuilderUtil.buildPackageUpdateRequest(
-                    projectId = projectId,
-                    repoName = repoName,
-                    chartInfo = chartInfo
-                )
                 packageClient.createVersion(packageVersionCreateRequest).apply {
                     logger.info("user: [$userId] create package version [$packageVersionCreateRequest] success!")
                 }
-                packageClient.updatePackage(packageUpdateRequest)
             } else {
                 val packageVersionUpdateRequest = ObjectBuilderUtil.buildPackageVersionUpdateRequest(
                     projectId = projectId,

src/backend/oci/biz-oci/src/main/kotlin/com/tencent/bkrepo/oci/service/impl/OciOperationServiceImpl.kt

@@ -758,37 +758,20 @@ class OciOperationServiceImpl(
             // 针对支持多仓库类型，如docker和oci
             val repoType = getRepositoryInfo(ociArtifactInfo).type.name
             val packageKey = PackageKeys.ofName(repoType.toLowerCase(), packageName)
-            val packageVersion = packageClient.findVersionByName(
-                projectId = projectId,
-                repoName = repoName,
-                packageKey = packageKey,
-                version = ociArtifactInfo.reference
-            ).data
             val metadata = mutableMapOf<String, Any>(MANIFEST_DIGEST to manifestDigest.toString())
                 .apply {
                     chartYaml?.let { this.putAll(chartYaml) }
                     sourceType?.let { this[SOURCE_TYPE] = sourceType }
                 }
-            if (packageVersion == null) {
-                val request = ObjectBuildUtils.buildPackageVersionCreateRequest(
-                    ociArtifactInfo = this,
-                    packageName = packageName,
-                    version = ociArtifactInfo.reference,
-                    size = size,
-                    manifestPath = manifestPath,
-                    repoType = repoType
-                )
-                packageClient.createVersion(request)
-            } else {
-                val request = ObjectBuildUtils.buildPackageVersionUpdateRequest(
-                    ociArtifactInfo = this,
-                    version = ociArtifactInfo.reference,
-                    size = size,
-                    manifestPath = manifestPath,
-                    packageKey = packageKey
-                )
-                packageClient.updateVersion(request)
-            }
+            val request = ObjectBuildUtils.buildPackageVersionCreateRequest(
+                ociArtifactInfo = this,
+                packageName = packageName,
+                version = ociArtifactInfo.reference,
+                size = size,
+                manifestPath = manifestPath,
+                repoType = repoType,
+            )
+            packageClient.createVersion(request)
             savePackageMetaData(
                 projectId = projectId,
                 repoName = repoName,