From fae251dcc2146ce2251cda5098b0cfb76ec2b0b0 Mon Sep 17 00:00:00 2001
From: Andrew Pollock <andrewpollock@users.noreply.github.com>
Date: Wed, 11 Sep 2024 12:03:14 +1000
Subject: [PATCH] feat: machine readable record feedback Datastore model
 (#2582)

Datastore model for holding state on individual OSV record data quality
findings

Part of #2189

---------

Co-authored-by: Rex P <106129829+another-rex@users.noreply.github.com>
---
 docker/importer/importer_test.py | 26 ++++++++++++++++++++++++++
 osv/models.py                    | 21 +++++++++++++++++++++
 2 files changed, 47 insertions(+)

diff --git a/docker/importer/importer_test.py b/docker/importer/importer_test.py
index 36ede131f24..09a532468e2 100644
--- a/docker/importer/importer_test.py
+++ b/docker/importer/importer_test.py
@@ -910,6 +910,32 @@ def test_few_updates(self, unused_mock_time: mock.MagicMock,
     ])
 
 
+@mock.patch('importer.utcnow', lambda: datetime.datetime(2024, 1, 1))
+class ImportFindingsTest(unittest.TestCase):
+  """Import Finding tests."""
+
+  def setUp(self):
+    tests.reset_emulator()
+
+    tests.mock_datetime(self)
+
+  def test_add_finding(self):
+    """Test that creating an import finding works."""
+    expected = osv.ImportFinding(
+        bug_id='CVE-2024-1234',
+        findings=[
+            osv.ImportFindings.INVALID_VERSION,
+        ],
+        first_seen=importer.utcnow(),
+        last_attempt=importer.utcnow(),
+    )
+    expected.put()
+
+    for actual in osv.ImportFinding.query(
+        osv.ImportFinding.bug_id == expected.bug_id):
+      self.assertEqual(expected, actual)
+
+
 if __name__ == '__main__':
   run_slow_tests = (
       os.environ.get('CLOUD_BUILD', 0) != 1 and 'RUN_SLOW_TESTS' in os.environ)
diff --git a/osv/models.py b/osv/models.py
index 1a312025996..d61deda51f1 100644
--- a/osv/models.py
+++ b/osv/models.py
@@ -891,6 +891,27 @@ class AliasDenyListEntry(ndb.Model):
   bug_id: str = ndb.StringProperty()
 
 
+class ImportFindings(enum.IntEnum):
+  """The possible quality findings about an individual record."""
+  NONE = 0
+  DELETED = 1
+  INVALID_JSON = 2
+  INVALID_PACKAGE = 3
+  INVALID_PURL = 4
+  INVALID_VERSION = 5
+  INVALID_COMMIT = 6
+  INVALID_RANGE = 7
+  BAD_ALIASED_CVE = 8
+
+
+class ImportFinding(ndb.Model):
+  """Quality findings about an individual record."""
+  bug_id: str = ndb.StringProperty()
+  findings: list[ImportFindings] = ndb.IntegerProperty(repeated=True)
+  first_seen: datetime = ndb.DateTimeProperty()
+  last_attempt: datetime = ndb.DateTimeProperty()
+
+
 def get_source_repository(source_name):
   """Get source repository."""
   return SourceRepository.get_by_id(source_name)