From 95a541a7cd17486d60f0ef13a03756f6bbc799f0 Mon Sep 17 00:00:00 2001
From: gongzt <gong_zhengtang@163.com>
Date: Mon, 23 Oct 2023 09:44:30 +0800
Subject: Fixed many issues with cvelist queries (package fuzzy matching, page confusion, sorting is not supported) and rpm packet loss when generating repair tasks
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 apollo/database/proxy/cve.py  | 19 ++++++++-----------
 apollo/database/proxy/task.py |  6 ++++--
 database/apollo.sql           | 13 ++++---------
 3 files changed, 16 insertions(+), 22 deletions(-)

diff --git a/apollo/database/proxy/cve.py b/apollo/database/proxy/cve.py
index afa4831..2b82cf6 100644
--- a/apollo/database/proxy/cve.py
+++ b/apollo/database/proxy/cve.py
@@ -655,25 +655,22 @@ class CveProxy(CveMysqlProxy, CveEsProxy):
         description_dict = self._get_cve_description([cve_info["cve_id"] for cve_info in cve_list])
 
         result['result'] = self._add_description_to_cve(cve_list, description_dict)
-        result['total_page'] = math.ceil(total / data.get("per_page", total))
-        result['total_count'] = total
-
+        if total:
+            result['total_page'] = math.ceil(total / data.get("per_page", total))
+            result['total_count'] = total
         return result
 
     @staticmethod
     def _sort_and_page_cve_list(data) -> dict:
-        sort_page = dict(start_limt=0, end_limt=0)
+        sort_page = dict(start_limt=0, limt_size=0)
         page, per_page = data.get('page'), data.get('per_page')
         if all((page, per_page)):
             sort_page['start_limt'] = int(per_page) * (int(page) - 1)
-            sort_page['end_limt'] = int(per_page) * int(page)
+            sort_page['limt_size'] = int(per_page)
 
         # sort by host num by default
-        order_by_filed = data.get('sort', "cve_host_user_count.host_num")
-        if order_by_filed == "host_num":
-            order_by_filed = "cve_host_user_count.host_num"
-        sort_page["order_by_filed"] = order_by_filed
-        sort_page["order_by"] = "dsc" if data.get("direction") == "desc" else "asc"
+        sort_page["order_by_filed"] = data.get('sort', "host_num")
+        sort_page["order_by"] = "dsc" if data.get("direction") == "dsc" else "asc"
         return sort_page
 
     def _query_cve_list(self, data):
@@ -695,7 +692,7 @@ class CveProxy(CveMysqlProxy, CveEsProxy):
 
         # Call stored procedure: GET_CVE_LIST_PRO
         pro_result_set = self.session.execute(
-            "CALL GET_CVE_LIST_PRO(:username,:search_key,:severity,:fixed,:affected,:order_by_filed,:order_by,:start_limt,:end_limt)",
+            "CALL GET_CVE_LIST_PRO(:username,:search_key,:severity,:fixed,:affected,:order_by_filed,:order_by,:start_limt,:limt_size)",
             filters,
         )
         cursor = pro_result_set.cursor
diff --git a/apollo/database/proxy/task.py b/apollo/database/proxy/task.py
index de151b2..b1d53c4 100644
--- a/apollo/database/proxy/task.py
+++ b/apollo/database/proxy/task.py
@@ -2832,9 +2832,11 @@ class TaskProxy(TaskMysqlProxy, TaskEsProxy):
         )
         cve_host_package_dict = dict()
         for host_id in host_rpms["host_ids"]:
-            filter_host_package = filter(lambda host_package: host_package.host_id == int(host_id), cve_host_packages)
+            filter_host_package = list(
+                filter(lambda host_package: host_package.host_id == int(host_id), cve_host_packages)
+            )
             if not host_rpm_dict:
-                installed_rpm = self._filter_installed_rpm(list(filter_host_package))
+                installed_rpm = self._filter_installed_rpm(filter_host_package)
                 cve_host_package_dict[host_id] = installed_rpm
                 continue
 
diff --git a/database/apollo.sql b/database/apollo.sql
index c756ad2..a87f85c 100644
--- a/database/apollo.sql
+++ b/database/apollo.sql
@@ -124,7 +124,7 @@ CREATE TABLE IF NOT EXISTS `task_rollback`(
   PRIMARY KEY (`id`) USING BTREE
 ) ENGINE = InnoDB CHARACTER SET = utf8mb4 COLLATE = utf8mb4_unicode_ci ROW_FORMAT = Dynamic;
 
-CREATE PROCEDURE GET_CVE_LIST_PRO(IN username VARCHAR(20), IN search_key VARCHAR(100), IN severity VARCHAR(20), IN fixed TINYINT, IN affected TINYINT,IN order_by_filed VARCHAR(100),IN order_by VARCHAR(20),IN start_limt INT,IN end_limt INT)
+CREATE PROCEDURE GET_CVE_LIST_PRO(IN username VARCHAR(20), IN search_key VARCHAR(100), IN severity VARCHAR(200), IN fixed TINYINT, IN affected TINYINT,IN order_by_filed VARCHAR(100),IN order_by VARCHAR(20),IN start_limt INT,IN limt_size INT)
 BEGIN
 		
 		DROP TABLE IF EXISTS cve_host_user_count;
@@ -135,9 +135,6 @@ BEGIN
         cve_host_match FORCE INDEX (ix_cve_host_match_host_id)
     WHERE 1=1 ';
 
-    IF search_key is not null and search_key !='' THEN
-        SET @tmp_cve_host_count_sql = CONCAT(@tmp_cve_host_count_sql, ' AND LOCATE("', search_key, '", cve_id) > 0 ');
-    END IF;
     IF fixed is not null THEN
         SET @tmp_cve_host_count_sql = CONCAT(@tmp_cve_host_count_sql, ' AND fixed = ', fixed, ' ');
     END IF;
@@ -183,12 +180,10 @@ BEGIN
 --         SET @order_by_filed = 'cve_host_user_count.host_num';
 --     END IF;
 -- 		 MySql 5.7 version '@' index error 
+    SET @cve_list_sql = CONCAT('select s.* from ( ', @cve_list_sql,' ) as s ',' ORDER BY ', order_by_filed ,'  ', order_by);
 
-    SET @cve_list_sql = CONCAT(@cve_list_sql, ' ORDER BY ', order_by_filed ,' ', order_by);
-		
-		
-		IF end_limt!=0 THEN
-			SET @cve_list_sql = CONCAT(@cve_list_sql, ' limit ',start_limt ,' ,', end_limt);
+		IF limt_size!=0 THEN
+			SET @cve_list_sql = CONCAT(@cve_list_sql, ' limit ',start_limt ,' ,', limt_size);
 		END IF;
 		
 		prepare stmt from @cve_list_sql;
-- 
Gitee