Add new filters to image view

Starttoaster · Apr 16, 2024 · 1c51664 · 1c51664
1 parent 26b462f
commit 1c51664
Show file tree

Hide file tree

Showing 4 changed files with 60 additions and 37 deletions.
diff --git a/internal/web/server.go b/internal/web/server.go
@@ -61,17 +61,10 @@ func imageHandler(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	// Get scrape data from exporter
-	data, err := scrapeImageData(w)
-	if err != nil {
-		return
-	}
-	imageData := views.GetImagesView(data)
-
 	// Parse URL query params
 	q := r.URL.Query()
 
-	// Check image query params -- 404 if not found in image data, or param not passed
+	// Check query params -- 404 if required params not passed
 	imageName := q.Get("image")
 	if imageName == "" {
 		log.Logger.Error("image name query param missing from request")
@@ -84,6 +77,17 @@ func imageHandler(w http.ResponseWriter, r *http.Request) {
 		http.NotFound(w, r)
 		return
 	}
+	severity := q.Get("severity")
+	hasFix := q.Get("hasfix")
+	resources := q.Get("resources")
+	notResources := q.Get("notresources")
+
+	// Get scrape data from exporter
+	data, err := scrapeImageData(w)
+	if err != nil {
+		return
+	}
+	imageData := views.GetImagesView(data)
 	v, ok := imageData.Images[views.Image{
 		Image:  imageName,
 		Digest: imageDigest,
@@ -94,10 +98,7 @@ func imageHandler(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	// Check severity query param if it exists
-	severity := q.Get("severity")
-
-	// Get vulnerability list that matches severity, if specified
+	// Get vulnerability list that matches filters
 	view := views.ImageVulnerabilityView{
 		Image:  imageName,
 		Digest: imageDigest,
@@ -108,17 +109,38 @@ func imageHandler(w http.ResponseWriter, r *http.Request) {
 			continue
 		}
 
+		// Filter if no fix version if hasfix=true
+		if strings.EqualFold(hasFix, "true") && vuln.FixedVersion == "" {
+			continue
+		}
+
+		// Filter if a fix version if hasfix=false
+		if strings.EqualFold(hasFix, "false") && vuln.FixedVersion != "" {
+			continue
+		}
+
+		// Filter if vulnerability resource does not equal resource in resources list
+		if resources != "" {
+			filters := strings.Split(resources, ",")
+			found := filterByList(filters, vuln.Resource)
+			if !found {
+				continue
+			}
+		}
+
+		// Filter if vulnerability resource equals specified resource in the notresource list
+		if notResources != "" {
+			filters := strings.Split(notResources, ",")
+			found := filterByList(filters, vuln.Resource)
+			if found {
+				continue
+			}
+		}
+
 		// append to data list to pass to template
 		view.Data = append(view.Data, views.ImageVulnerabilityData{
-			ID: id,
-			Vulnerability: views.Vulnerability{
-				Severity:          vuln.Severity,
-				Score:             vuln.Score,
-				Resource:          vuln.Resource,
-				Title:             vuln.Title,
-				VulnerableVersion: vuln.VulnerableVersion,
-				FixedVersion:      vuln.FixedVersion,
-			},
+			ID:            id,
+			Vulnerability: vuln,
 		})
 	}
 	view = views.SortImageVulnerabilityView(view)
@@ -130,3 +152,14 @@ func imageHandler(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 }
+
+func filterByList(filters []string, item string) bool {
+	var found bool
+	for _, filter := range filters {
+		if strings.EqualFold(filter, item) {
+			found = true
+			break
+		}
+	}
+	return found
+}
diff --git a/static/css/output.css b/static/css/output.css
@@ -667,10 +667,6 @@ video {
   max-width: 1280px;
 }
 
-.flex-shrink-0 {
-  flex-shrink: 0;
-}
-
 .-translate-x-full {
   --tw-translate-x: -100%;
   transform: translate(var(--tw-translate-x), var(--tw-translate-y)) rotate(var(--tw-rotate)) skewX(var(--tw-skew-x)) skewY(var(--tw-skew-y)) scaleX(var(--tw-scale-x)) scaleY(var(--tw-scale-y));

diff --git a/static/image.html b/static/image.html
@@ -21,12 +21,6 @@
                     </svg>
                     <span class="ms-3">Images</span>
                  </a>
-                 <a href="#roles" class="flex items-center p-2 text-gray-900 rounded-lg dark:text-white hover:bg-gray-100 dark:hover:bg-gray-700 group">
-                    <svg class="flex-shrink-0 w-5 h-5 text-gray-500 transition duration-75 dark:text-gray-400 group-hover:text-gray-900 dark:group-hover:text-white" aria-hidden="true" xmlns="http://www.w3.org/2000/svg" fill="currentColor" viewBox="0 0 20 18">
-                        <path d="M14 2a3.963 3.963 0 0 0-1.4.267 6.439 6.439 0 0 1-1.331 6.638A4 4 0 1 0 14 2Zm1 9h-1.264A6.957 6.957 0 0 1 15 15v2a2.97 2.97 0 0 1-.184 1H19a1 1 0 0 0 1-1v-1a5.006 5.006 0 0 0-5-5ZM6.5 9a4.5 4.5 0 1 0 0-9 4.5 4.5 0 0 0 0 9ZM8 10H5a5.006 5.006 0 0 0-5 5v2a1 1 0 0 0 1 1h11a1 1 0 0 0 1-1v-2a5.006 5.006 0 0 0-5-5Z"/>
-                     </svg>
-                    <span class="ms-3">Roles</span>
-                 </a>
               </li>
            </ul>
         </div>
@@ -63,6 +57,9 @@
                         <th scope="col" class="px-6 py-3">
                             Score
                         </th>
+                        <th scope="col" class="px-6 py-3">
+                            Resource
+                        </th>
                         <th scope="col" class="px-6 py-3">
                             Title
                         </th>
@@ -96,6 +93,9 @@
                         <td class="px-6 py-4">
                             {{ $data.Score }}
                         </td>
+                        <td class="px-6 py-4">
+                            {{ $data.Resource }}
+                        </td>
                         <td class="px-6 py-4">
                             {{ $data.Title }}
                         </td>

diff --git a/static/images.html b/static/images.html
@@ -22,12 +22,6 @@
                     </svg>
                     <span class="ms-3">Images</span>
                  </a>
-                 <a href="#roles" class="flex items-center p-2 text-gray-900 rounded-lg dark:text-white hover:bg-gray-100 dark:hover:bg-gray-700 group">
-                    <svg class="flex-shrink-0 w-5 h-5 text-gray-500 transition duration-75 dark:text-gray-400 group-hover:text-gray-900 dark:group-hover:text-white" aria-hidden="true" xmlns="http://www.w3.org/2000/svg" fill="currentColor" viewBox="0 0 20 18">
-                        <path d="M14 2a3.963 3.963 0 0 0-1.4.267 6.439 6.439 0 0 1-1.331 6.638A4 4 0 1 0 14 2Zm1 9h-1.264A6.957 6.957 0 0 1 15 15v2a2.97 2.97 0 0 1-.184 1H19a1 1 0 0 0 1-1v-1a5.006 5.006 0 0 0-5-5ZM6.5 9a4.5 4.5 0 1 0 0-9 4.5 4.5 0 0 0 0 9ZM8 10H5a5.006 5.006 0 0 0-5 5v2a1 1 0 0 0 1 1h11a1 1 0 0 0 1-1v-2a5.006 5.006 0 0 0-5-5Z"/>
-                     </svg>
-                    <span class="ms-3">Roles</span>
-                 </a>
               </li>
            </ul>
         </div>