UpdateCommunityBlocklist is called to update either the community blocklist (or other lists the user subscribed to) it takes care of creating the new alert with the associated decisions, and it will as well deleted the "older" overlapping decisions: 1st pull, you get decisions [1,2,3]. it inserts [1
(ctx context.Context, alertItem *models.Alert)
| 191 | // 1st pull, you get decisions [1,2,3]. it inserts [1,2,3] |
| 192 | // 2nd pull, you get decisions [1,2,3,4]. it inserts [1,2,3,4] and will try to delete [1,2,3,4] with a different alert ID and same origin |
| 193 | func (c *Client) UpdateCommunityBlocklist(ctx context.Context, alertItem *models.Alert) (int, int, int, error) { |
| 194 | if alertItem == nil { |
| 195 | return 0, 0, 0, errors.New("nil alert") |
| 196 | } |
| 197 | |
| 198 | if alertItem.StartAt == nil { |
| 199 | return 0, 0, 0, errors.New("nil start_at") |
| 200 | } |
| 201 | |
| 202 | startAtTime, err := time.Parse(time.RFC3339, *alertItem.StartAt) |
| 203 | if err != nil { |
| 204 | return 0, 0, 0, fmt.Errorf("start_at field time '%s': %w: %w", *alertItem.StartAt, err, ParseTimeFail) |
| 205 | } |
| 206 | |
| 207 | if alertItem.StopAt == nil { |
| 208 | return 0, 0, 0, errors.New("nil stop_at") |
| 209 | } |
| 210 | |
| 211 | stopAtTime, err := time.Parse(time.RFC3339, *alertItem.StopAt) |
| 212 | if err != nil { |
| 213 | return 0, 0, 0, fmt.Errorf("stop_at field time '%s': %w: %w", *alertItem.StopAt, err, ParseTimeFail) |
| 214 | } |
| 215 | |
| 216 | ts, err := time.Parse(time.RFC3339, *alertItem.StopAt) |
| 217 | if err != nil { |
| 218 | c.Log.Errorf("While parsing StartAt of item %s : %s", *alertItem.StopAt, err) |
| 219 | |
| 220 | ts = time.Now().UTC() |
| 221 | } |
| 222 | |
| 223 | alertB := c.Ent.Alert. |
| 224 | Create(). |
| 225 | SetScenario(*alertItem.Scenario). |
| 226 | SetMessage(*alertItem.Message). |
| 227 | SetEventsCount(*alertItem.EventsCount). |
| 228 | SetStartedAt(startAtTime). |
| 229 | SetStoppedAt(stopAtTime). |
| 230 | SetSourceScope(*alertItem.Source.Scope). |
| 231 | SetSourceValue(*alertItem.Source.Value). |
| 232 | SetSourceIp(alertItem.Source.IP). |
| 233 | SetSourceRange(alertItem.Source.Range). |
| 234 | SetSourceAsNumber(alertItem.Source.AsNumber). |
| 235 | SetSourceAsName(alertItem.Source.AsName). |
| 236 | SetSourceCountry(alertItem.Source.Cn). |
| 237 | SetSourceLatitude(alertItem.Source.Latitude). |
| 238 | SetSourceLongitude(alertItem.Source.Longitude). |
| 239 | SetCapacity(*alertItem.Capacity). |
| 240 | SetLeakSpeed(*alertItem.Leakspeed). |
| 241 | SetSimulated(*alertItem.Simulated). |
| 242 | SetScenarioVersion(*alertItem.ScenarioVersion). |
| 243 | SetScenarioHash(*alertItem.ScenarioHash). |
| 244 | SetKind(alertItem.Kind). |
| 245 | SetRemediation(true) // it's from CAPI, we always have decisions |
| 246 | |
| 247 | alertRef, err := alertB.Save(ctx) |
| 248 | if err != nil { |
| 249 | return 0, 0, 0, fmt.Errorf("error creating alert: %w: %w", err, BulkError) |
| 250 | } |
no test coverage detected