Skip to content

Commit

Permalink
#1163 added datePubilc validator with 24 hour grace period
Browse files Browse the repository at this point in the history
  • Loading branch information
@jdaigneau5
jdaigneau5 committed Jun 28, 2024
1 parent 9d364bd commit e4d9e08
Show file tree
Hide file tree
Showing 3 changed files with 19 additions and 2 deletions.
8 changes: 7 additions & 1 deletion src/controller/cve.controller/cve.middleware.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -168,7 +168,13 @@ function validateDatePublic (dateIndex) {

function datePublicHelper (datePublic) {
const currentDate = new Date().toISOString()
return currentDate > datePublic

// Allows for a 24 grace period before provided datePublic date
let datePublicWithGracePeriod = new Date(datePublic)
datePublicWithGracePeriod.setDate(datePublicWithGracePeriod.getDate() - 1)
datePublicWithGracePeriod = datePublicWithGracePeriod.toISOString()

return currentDate > datePublicWithGracePeriod
}

// Organizations in the ADP pilot are generating JSON programatically, and thus
Expand Down
6 changes: 5 additions & 1 deletion src/controller/cve.controller/index.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ const mw = require('../../middleware/middleware')
const errorMsgs = require('../../middleware/errorMessages')
const controller = require('./cve.controller')
const { body, param, query } = require('express-validator')
const { parseGetParams, parsePostParams, parseError, validateCveCnaContainerJsonSchema, validateCveAdpContainerJsonSchema, validateRejectBody, validateUniqueEnglishEntry, validateDescription } = require('./cve.middleware')
const { parseGetParams, parsePostParams, parseError, validateCveCnaContainerJsonSchema, validateCveAdpContainerJsonSchema, validateRejectBody, validateUniqueEnglishEntry, validateDescription, validateDatePublic } = require('./cve.middleware')
const getConstants = require('../../constants').getConstants
const CONSTANTS = getConstants()
const CHOICES = [CONSTANTS.CVE_STATES.REJECTED, CONSTANTS.CVE_STATES.PUBLISHED]
Expand Down Expand Up @@ -442,6 +442,7 @@ router.post('/cve/:id',
// the lang key to check depends on the state, so pass both
validateUniqueEnglishEntry(['containers.cna.descriptions', 'containers.cna.rejectedReasons']),
validateDescription(['containers.cna.rejectedReasons', 'containers.cna.descriptions', 'containers.cna.problemTypes[0].descriptions']),
validateDatePublic(['containers.cna.datePublic']),
param(['id']).isString().matches(CONSTANTS.CVE_ID_REGEX),
parseError,
parsePostParams,
Expand Down Expand Up @@ -527,6 +528,7 @@ router.put('/cve/:id',
// the lang key to check depends on the state, so pass both
validateUniqueEnglishEntry(['containers.cna.descriptions', 'containers.cna.rejectedReasons']),
validateDescription(['containers.cna.rejectedReasons', 'containers.cna.descriptions', 'containers.cna.problemTypes[0].descriptions']),
validateDatePublic(['containers.cna.datePublic']),
param(['id']).isString().matches(CONSTANTS.CVE_ID_REGEX),
parseError,
parsePostParams,
Expand Down Expand Up @@ -617,6 +619,7 @@ router.post('/cve/:id/cna',
validateCveCnaContainerJsonSchema,
validateUniqueEnglishEntry('cnaContainer.descriptions'),
validateDescription(['cnaContainer.descriptions', 'cnaContainer.problemTypes[0].descriptions']),
validateDatePublic(['containers.cna.datePublic']),
param(['id']).isString().matches(CONSTANTS.CVE_ID_REGEX),
parseError,
parsePostParams,
Expand Down Expand Up @@ -709,6 +712,7 @@ router.put('/cve/:id/cna',
validateCveCnaContainerJsonSchema,
validateUniqueEnglishEntry('cnaContainer.descriptions'),
validateDescription(['cnaContainer.descriptions', 'cnaContainer.problemTypes[0].descriptions']),
validateDatePublic(['containers.cna.datePublic']),
param(['id']).isString().matches(CONSTANTS.CVE_ID_REGEX),
parseError,
parsePostParams,
Expand Down
7 changes: 7 additions & 0 deletions test/unit-tests/cve/validateDatePublicTest.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,5 +22,12 @@ describe('Testing validateDatePublic middleware', () => {
const result = datePublicHelper(validDatePublicRecord.containers.cna.datePublic)
expect(result).to.be.true
})
it('Should return true for records with datePublic within 24 hours of currentDate', () => {
let datePublic = new Date()
datePublic.setDate(datePublic.getDate() - 1)
datePublic = datePublic.toISOString()
const result = datePublicHelper(datePublic)
expect(result).to.be.true
})
})
})

0 comments on commit e4d9e08

Please sign in to comment.