Warn if lib32- variant is missing when adding a group

When adding a new group, warn if the lib32 variant does not exists via a flashcard. Closes: #120
archlinux · Jun 18, 2018 · 6a7fc65 · 6a7fc65
1 parent 19bc697
commit 6a7fc65
Show file tree

Hide file tree

Showing 2 changed files with 50 additions and 0 deletions.
diff --git a/test/test_group.py b/test/test_group.py
@@ -248,6 +248,37 @@ def test_add_group_with_dot_in_pkgrel(db, client):
     set_and_assert_group_data(db, client, url_for('tracker.add_group'), affected='1.2-3.4')
 
 
+@create_package(name='foo', version='1.2.3-4')
+@create_package(name='lib32-foo', version='1.2.3-4')
+@logged_in
+def test_add_group_mising_lib32(db, client):
+    pkgnames = ['foo']
+    issues = ['CVE-1234-1234', 'CVE-2222-2222']
+    data = default_group_dict(dict(
+        cve='\n'.join(issues),
+        pkgnames='\n'.join(pkgnames),
+        ))
+
+    resp = client.post(url_for('tracker.add_group'), follow_redirects=True, data=data)
+    assert 200 == resp.status_code
+    assert 'Missing AVG for lib32-foo' in resp.data.decode()
+
+
+@create_package(name='foo', version='1.2.3-4')
+@logged_in
+def test_add_group_mising_lib32_invalid(db, client):
+    pkgnames = ['foo']
+    issues = ['CVE-1234-1234', 'CVE-2222-2222']
+    data = default_group_dict(dict(
+        cve='\n'.join(issues),
+        pkgnames='\n'.join(pkgnames),
+        ))
+
+    resp = client.post(url_for('tracker.add_group'), follow_redirects=True, data=data)
+    assert 200 == resp.status_code
+    assert 'Missing AVG for lib32-foo' not in resp.data.decode()
+
+
 @create_package(name='foo')
 @logged_in
 def test_dont_add_group_with_dot_at_beginning_of_pkgrel(db, client):

diff --git a/tracker/view/add.py b/tracker/view/add.py
@@ -10,6 +10,7 @@
 from tracker.model import CVEGroup
 from tracker.model import CVEGroupEntry
 from tracker.model import CVEGroupPackage
+from tracker.model import Package
 from tracker.model.enum import Affected
 from tracker.model.enum import Remote
 from tracker.model.enum import Severity
@@ -199,4 +200,22 @@ def add_group():
 
     db.session.commit()
     flash('Added {}'.format(group.name))
+
+    missing_lib32_variant(pkgnames, group)
+
     return redirect('/{}'.format(group.name))
+
+
+def missing_lib32_variant(pkgnames, group):
+    for pkgname in pkgnames:
+        if 'lib32' in pkgname:
+            continue
+
+        lib32pkg = f'lib32-{pkgname}'
+        if not Package.query.filter(Package.name == lib32pkg).first():
+            continue
+
+        if CVEGroupPackage.query.filter(CVEGroupPackage.pkgname == lib32pkg, CVEGroupPackage.group == group).first():
+            continue
+
+        flash('Missing AVG for {}'.format(lib32pkg))