Return the response for exact PackageURLs requested for.
(self, request)
| 355 | pagination_class=None, |
| 356 | ) |
| 357 | def bulk_lookup(self, request): |
| 358 | """ |
| 359 | Return the response for exact PackageURLs requested for. |
| 360 | """ |
| 361 | serializer = self.serializer_class(data=request.data) |
| 362 | if not serializer.is_valid(): |
| 363 | return Response( |
| 364 | status=status.HTTP_400_BAD_REQUEST, |
| 365 | data={ |
| 366 | "error": serializer.errors, |
| 367 | "message": "A non-empty 'purls' list of PURLs is required.", |
| 368 | }, |
| 369 | ) |
| 370 | validated_data = serializer.validated_data |
| 371 | purls = validated_data.get("purls") |
| 372 | |
| 373 | # Fetch packages matching the provided purls |
| 374 | packages = Package.objects.for_purls(purls).with_is_vulnerable() |
| 375 | |
| 376 | # Collect vulnerabilities associated with these packages |
| 377 | vulnerabilities = set() |
| 378 | for package in packages: |
| 379 | vulnerabilities.update(package.affected_by_vulnerabilities.all()) |
| 380 | vulnerabilities.update(package.fixing_vulnerabilities.all()) |
| 381 | |
| 382 | # Serialize vulnerabilities with vulnerability_id as keys |
| 383 | vulnerability_data = { |
| 384 | vuln.vulnerability_id: VulnerabilityV2Serializer(vuln).data for vuln in vulnerabilities |
| 385 | } |
| 386 | |
| 387 | # Serialize packages |
| 388 | package_data = PackageV2Serializer( |
| 389 | packages, |
| 390 | many=True, |
| 391 | context={"request": request}, |
| 392 | ).data |
| 393 | |
| 394 | return Response( |
| 395 | { |
| 396 | "vulnerabilities": vulnerability_data, |
| 397 | "packages": package_data, |
| 398 | } |
| 399 | ) |
| 400 | |
| 401 | @extend_schema( |
| 402 | request=PackageBulkSearchRequestSerializer, |
nothing calls this directly
no test coverage detected