AI fixing the SQL Limit objects on the reporting.
This commit is contained in:
@@ -59,38 +59,38 @@ public interface ReportingRepository extends JpaRepository<com.psg.dlsysinfo.dl_
|
||||
"WHERE cdv.deviceId IN (SELECT d.deviceId FROM Devices d WHERE d.client.clientId = :clientId)")
|
||||
LocalDateTime findLastVulnerabilityScanDate(@Param("clientId") Long clientId);
|
||||
|
||||
// Top Vulnerabilities Query
|
||||
// Top Vulnerabilities Query - Using native SQL for LIMIT support
|
||||
|
||||
@Query("SELECT new com.psg.dlsysinfo.dl_sysinfo_server.dto.TopVulnerabilityDTO(" +
|
||||
"cdv.cveId, " +
|
||||
"cdv.description, " +
|
||||
"cdv.severity, " +
|
||||
"cdv.score, " +
|
||||
"COUNT(DISTINCT cdv.deviceId)) " +
|
||||
"FROM CachedDeviceVuln cdv " +
|
||||
"WHERE cdv.deviceId IN (SELECT d.deviceId FROM Devices d WHERE d.client.clientId = :clientId) " +
|
||||
"GROUP BY cdv.cveId, cdv.description, cdv.severity, cdv.score " +
|
||||
@Query(value = "SELECT cdv.cve_id as cveId, " +
|
||||
"cdv.description as title, " +
|
||||
"cdv.severity as severity, " +
|
||||
"cdv.score as score, " +
|
||||
"COUNT(DISTINCT cdv.device_id) as affectedDevices " +
|
||||
"FROM cached_device_vulns cdv " +
|
||||
"WHERE cdv.device_id IN (SELECT d.device_id FROM devices d WHERE d.client_id = :clientId) " +
|
||||
"GROUP BY cdv.cve_id, cdv.description, cdv.severity, cdv.score " +
|
||||
"ORDER BY " +
|
||||
"CASE WHEN UPPER(cdv.severity) = 'CRITICAL' THEN 0 " +
|
||||
" WHEN UPPER(cdv.severity) = 'HIGH' THEN 1 " +
|
||||
" WHEN UPPER(cdv.severity) = 'MEDIUM' THEN 2 " +
|
||||
" WHEN UPPER(cdv.severity) = 'LOW' THEN 3 " +
|
||||
" ELSE 4 END, " +
|
||||
"COUNT(DISTINCT cdv.deviceId) DESC")
|
||||
List<TopVulnerabilityDTO> findTopVulnerabilities(@Param("clientId") Long clientId,
|
||||
@Param("limit") int limit);
|
||||
"COUNT(DISTINCT cdv.device_id) DESC " +
|
||||
"LIMIT 20",
|
||||
nativeQuery = true)
|
||||
List<Object[]> findTopVulnerabilitiesNative(@Param("clientId") Long clientId);
|
||||
|
||||
// Vulnerable Software Query
|
||||
// Vulnerable Software Query - Using native SQL for LIMIT support
|
||||
|
||||
@Query("SELECT new com.psg.dlsysinfo.dl_sysinfo_server.dto.VulnerableSoftwareDTO(" +
|
||||
"cis.softwareName, " +
|
||||
"COUNT(cis.id), " +
|
||||
"SUM(CASE WHEN cis.totalCves > 0 THEN 1 ELSE 0 END), " +
|
||||
"MAX(COALESCE(cis.totalCves, 0))) " +
|
||||
"FROM CachedInstalledSoftware cis " +
|
||||
"WHERE cis.deviceId IN (SELECT d.deviceId FROM Devices d WHERE d.client.clientId = :clientId) " +
|
||||
"GROUP BY cis.softwareName " +
|
||||
"ORDER BY (SUM(CASE WHEN cis.totalCves > 0 THEN 1 ELSE 0 END) * 1.0 / COUNT(cis.id) * MAX(COALESCE(cis.totalCves, 0))) DESC")
|
||||
List<VulnerableSoftwareDTO> findVulnerableSoftware(@Param("clientId") Long clientId,
|
||||
@Param("limit") int limit);
|
||||
@Query(value = "SELECT cis.software_name as softwareName, " +
|
||||
"COUNT(cis.id) as totalInstances, " +
|
||||
"SUM(CASE WHEN cis.total_cves > 0 THEN 1 ELSE 0 END) as vulnerableInstances, " +
|
||||
"MAX(COALESCE(cis.total_cves, 0)) as totalCves " +
|
||||
"FROM cached_installed_software cis " +
|
||||
"WHERE cis.device_id IN (SELECT d.device_id FROM devices d WHERE d.client_id = :clientId) " +
|
||||
"GROUP BY cis.software_name " +
|
||||
"ORDER BY (SUM(CASE WHEN cis.total_cves > 0 THEN 1 ELSE 0 END) * 1.0 / COUNT(cis.id) * MAX(COALESCE(cis.total_cves, 0))) DESC " +
|
||||
"LIMIT 20",
|
||||
nativeQuery = true)
|
||||
List<Object[]> findVulnerableSoftwareNative(@Param("clientId") Long clientId);
|
||||
}
|
||||
|
||||
@@ -10,8 +10,11 @@ import org.springframework.cache.annotation.Cacheable;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
|
||||
import java.math.BigDecimal;
|
||||
import java.math.BigInteger;
|
||||
import java.time.LocalDateTime;
|
||||
import java.util.List;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
@Service
|
||||
@RequiredArgsConstructor
|
||||
@@ -62,7 +65,17 @@ public class ReportingService {
|
||||
@Transactional(readOnly = true)
|
||||
public List<TopVulnerabilityDTO> getTopVulnerabilities(Long clientId) {
|
||||
log.info("Fetching top vulnerabilities for client: {}", clientId);
|
||||
return reportingRepository.findTopVulnerabilities(clientId, 20);
|
||||
List<Object[]> results = reportingRepository.findTopVulnerabilitiesNative(clientId);
|
||||
|
||||
return results.stream()
|
||||
.map(row -> TopVulnerabilityDTO.builder()
|
||||
.cveId((String) row[0])
|
||||
.title((String) row[1])
|
||||
.severity((String) row[2])
|
||||
.score(row[3] != null ? ((Number) row[3]).doubleValue() : null)
|
||||
.affectedDevices(row[4] != null ? ((Number) row[4]).longValue() : 0L)
|
||||
.build())
|
||||
.collect(Collectors.toList());
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -73,6 +86,15 @@ public class ReportingService {
|
||||
@Transactional(readOnly = true)
|
||||
public List<VulnerableSoftwareDTO> getVulnerableSoftware(Long clientId) {
|
||||
log.info("Fetching vulnerable software for client: {}", clientId);
|
||||
return reportingRepository.findVulnerableSoftware(clientId, 20);
|
||||
List<Object[]> results = reportingRepository.findVulnerableSoftwareNative(clientId);
|
||||
|
||||
return results.stream()
|
||||
.map(row -> VulnerableSoftwareDTO.builder()
|
||||
.softwareName((String) row[0])
|
||||
.totalInstances(row[1] != null ? ((Number) row[1]).longValue() : 0L)
|
||||
.vulnerableInstances(row[2] != null ? ((Number) row[2]).longValue() : 0L)
|
||||
.totalCves(row[3] != null ? ((Number) row[3]).longValue() : 0L)
|
||||
.build())
|
||||
.collect(Collectors.toList());
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user