feat(CVEs): Adds the API endpoint to check CVEs availability for given snap#5100
Merged
feat(CVEs): Adds the API endpoint to check CVEs availability for given snap#5100
Conversation
Demo
Jenkins 
demos.haus 
bartaz
force-pushed
the
cve-availablility-api
branch
from
2dca3e8 to
9de46ac
Compare
bartaz
force-pushed
the
cve-availablility-api
branch
from
9de46ac to
2e953b4
Compare
bartaz
force-pushed
the
cve-availablility-api
branch
2 times, most recently
from
f8f2820 to
da992a8
Compare
Contributor
There was a problem hiding this comment.
Pull Request Overview
This pull request adds a new API endpoint to check for the availability of CVE data for a given snap. Key changes include:
- Adding a new URL rule for the CVE endpoint in the publisher snaps view.
- Implementing access checks and CVE data handling in the cve_views module.
- Introducing a new helper method in cve_helper and adding tests for these endpoints.
Reviewed Changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| webapp/publisher/snaps/views.py | Added URL rule for the new CVE endpoint. |
| webapp/publisher/cve/cve_views.py | Refactored CVE access control and implemented the has_cves endpoint. |
| webapp/publisher/cve/cve_helper.py | Added a static method to check for CVE data availability. |
| tests/publisher/cve/test_has_cve_api.py | Added endpoint tests, though test names reference "policies" instead of "cves". |
| tests/publisher/cve/test_has_cve.py | Added tests for CVE data helper behavior and expected NotFound exception on 404 cases. |
Comments suppressed due to low confidence (1)
tests/publisher/cve/test_has_cve_api.py:41
- [nitpick] The test case name 'test_get_policies_for_canonical_user' is ambiguous for a CVE endpoint; renaming it to 'test_has_cves_for_canonical_user' would improve clarity regarding its intent.
def test_get_policies_for_canonical_user(
M7mdisk
approved these changes
Apr 18, 2025
Contributor
There was a problem hiding this comment.
Pull Request Overview
This pull request adds an API endpoint to verify if a snap has associated CVE data available, incorporating user access validation and proper error handling. Key changes include:
- Adding a new URL rule in publisher/snaps/views.py to expose the endpoint.
- Refactoring CVE access checks into a common helper function (can_user_access_cve_data) in cve_views.py and introducing the has_cve_data method in cve_helper.py.
- Updating and adding tests to ensure proper behavior for canonical and non-canonical users.
Reviewed Changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| webapp/publisher/snaps/views.py | Added URL rule for the new CVE data availability endpoint |
| webapp/publisher/cve/cve_views.py | Moved access checks to a new helper function and refactored views |
| webapp/publisher/cve/cve_helper.py | Introduced static method has_cve_data for verifying CVE data |
| tests/publisher/cve/test_has_cve_api.py | Added tests for the new API endpoint |
| tests/publisher/cve/test_has_cve.py | Added unit tests for the new CVE data checker method |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Done
Adds an API endpoint to check if given snap has CVE data available.
If the user is allowed to see the CVE data (is Canonical publisher and has access to said snap), and there is CVE data available in the snap-cves repo, it should return true, otherwise it should error.
How to QA
Testing
Issue / Card
Fixes WD-20926