From 1245772ace3a767e2e4909b44edbe34473563b0b Mon Sep 17 00:00:00 2001
From: gongzt <gong_zhengtang@163.com>
Date: Fri, 20 Oct 2023 15:15:15 +0800
Subject: fix param error and compatible with mysql 5.7
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 apollo/database/proxy/cve.py | 9 ++++++---
 database/apollo.sql          | 4 ++--
 2 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/apollo/database/proxy/cve.py b/apollo/database/proxy/cve.py
index 257083a..8b56601 100644
--- a/apollo/database/proxy/cve.py
+++ b/apollo/database/proxy/cve.py
@@ -662,8 +662,9 @@ class CveProxy(CveMysqlProxy, CveEsProxy):
 
     @staticmethod
     def _sort_and_page_cve_list(data) -> dict:
-        start_limt = int(data["per_page"]) * (int(data["page"]) - 1)
-        end_limt = int(data["per_page"]) * int(data["page"])
+        page, per_page = data.get('page', 1), data.get('per_page', 10)
+        start_limt = int(per_page) * (int(page) - 1)
+        end_limt = int(per_page) * int(page)
 
         # sort by host num by default
         order_by_filed = data.get('sort', "cve_host_user_count.host_num")
@@ -682,11 +683,13 @@ class CveProxy(CveMysqlProxy, CveEsProxy):
         Returns:
             sqlalchemy.orm.query.Query: attention, two rows may have same cve id with different source package.
         """
-        filters = {"username": data["username"], "search_key": None, "severity": None, "affected": True}
+        filters = {"username": data["username"], "search_key": None, "affected": True}
         filters.update(data.get("filter", {}))
         filters.update(self._sort_and_page_cve_list(data))
         if filters["severity"]:
             filters["severity"] = ",".join(["'" + serverity + "'" for serverity in filters["severity"]])
+        else:
+            filters["severity"] = None
 
         # Call stored procedure: GET_CVE_LIST_PRO
         pro_result_set = self.session.execute(
diff --git a/database/apollo.sql b/database/apollo.sql
index 4e87727..2e0d757 100644
--- a/database/apollo.sql
+++ b/database/apollo.sql
@@ -124,7 +124,7 @@ CREATE TABLE IF NOT EXISTS `task_rollback`(
   PRIMARY KEY (`id`) USING BTREE
 ) ENGINE = InnoDB CHARACTER SET = utf8mb4 COLLATE = utf8mb4_unicode_ci ROW_FORMAT = Dynamic;
 
-CREATE PROCEDURE GET_CVE_LIST_PRO(IN username VARCHAR(20), IN search_key VARCHAR(100), IN severity VARCHAR(20), IN fixed TINYINT, IN affected TINYINT,IN order_by_filed VARCHAR(50),IN order_by VARCHAR(20),IN start_limt INT,IN end_limt INT)
+CREATE PROCEDURE GET_CVE_LIST_PRO(IN username VARCHAR(20), IN search_key VARCHAR(100), IN severity VARCHAR(20), IN fixed TINYINT, IN affected TINYINT,IN order_by_filed VARCHAR(100),IN order_by VARCHAR(20),IN start_limt INT,IN end_limt INT)
 BEGIN
 		
 		DROP TABLE IF EXISTS cve_host_user_count;
@@ -183,7 +183,7 @@ BEGIN
         SET @order_by_filed = 'cve_host_user_count.host_num';
     END IF;
 		
-    SET @cve_list_sql = CONCAT(@cve_list_sql, ' ORDER BY ', order_by_filed ,' ', order_by,' limit ',start_limt ,' ,', end_limt);
+    SET @cve_list_sql = CONCAT(@cve_list_sql, ' ORDER BY ', @order_by_filed ,' ', order_by,' limit ',start_limt ,' ,', end_limt);
 		
 		prepare stmt from @cve_list_sql;
     EXECUTE stmt;
-- 
Gitee