eclipse-sw360 · nikkuma7 · Jan 16, 2025 · GMishx · Jan 27, 2025 · GMishx
@@ -112,6 +112,7 @@
 import org.eclipse.sw360.rest.resourceserver.vulnerability.Sw360VulnerabilityService;
 import org.eclipse.sw360.rest.resourceserver.vulnerability.VulnerabilityController;
 import org.jetbrains.annotations.NotNull;
+import org.jose4j.json.internal.json_simple.JSONObject;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.json.GsonJsonParser;
 import org.springframework.data.domain.Pageable;
@@ -130,6 +131,7 @@
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.util.FileCopyUtils;
 import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
@@ -203,6 +205,8 @@ public class ProjectController implements RepresentationModelProcessor<Repositor
     private static final List<String> enumMainlineStateValues = Stream.of(MainlineState.values())
             .map(MainlineState::name)
             .collect(Collectors.toList());
+    private static final ImmutableMap<String, String> RESPONSE_BODY_FOR_MODERATION_REQUEST_WITH_COMMIT = ImmutableMap.<String, String>builder()
+            .put("message", "Unauthorized user or empty commit message passed.").build();
 
     @NonNull
     private final Sw360ProjectService projectService;
@@ -3546,4 +3550,73 @@ public ResponseEntity<?> createDuplicateProjectWithDependencyNetwork(
             return true;
         };
     }
+
+    @Operation(
+            summary = "Add licenses to linked releases of a project.",
+            description = "This API adds license information to linked releases of a project by processing the approved CLI attachments for each release. It categorizes releases based on the number of CLI attachments (single, multiple, or none) and updates their main and other licenses accordingly.",
+            tags = {"Project"},
+                    parameters = {
+                            @Parameter(
+                                name = "projectId",
+                                description = "The ID of the project whose linked releases need license updates.",
+                                required = true,
+                                example = "12345",
+                                schema = @Schema(type = "string")
+                            )
+                        },
+            responses = {
+                    @ApiResponse(
+                            responseCode = "200",
+                            description = "License information successfully added to linked releases.",
+                            content = @Content(
+                                mediaType = "application/hal+json",
+                                schema = @Schema(type = "object", implementation = JSONObject.class),
+                                examples = @ExampleObject(
+                                    value = "{\n  \"one\": [\"Release1\", \"Release2\"],\n  \"mul\": [\"Release3\"]\n}"
-                                    value = "{\n  \"one\": [\"Release1\", \"Release2\"],\n  \"mul\": [\"Release3\"]\n}"
+                                    value = "{\n  \"releasesWithSingleCLI\": [\"Release1\", \"Release2\"],\n  \"releasesWithMultipleCLI\": [\"Release3\"],\n  \"STATUS\": \"FAILURE\"\n}"
-                                    value = "{\n  \"one\": [\"Release1\", \"Release2\"],\n  \"mul\": [\"Release3\"]\n}"
+                                    value = "{\n  \"releasesWithSingleCLI\": [\"Release1\", \"Release2\"],\n  \"releasesWithMultipleCLI\": [\"Release3\"],\n  \"STATUS\": \"FAILURE\"\n}"
+                                )
+                            )
+                        ),
+                    @ApiResponse(
+                            responseCode = "500",
+                            description = "Error occurred while processing license information for linked releases.",
+                            content = @Content(
+                                mediaType = "application/json",
+                                examples = @ExampleObject(
+                                    value = "{\n  \"error\": \"Error adding license info to linked releases.\"\n}"
+                                )
+                            )
+                        )
+          }
+    )
+    @PostMapping(value = PROJECTS_URL + "/{id}/addLinkedRelesesLicenses")
+    public ResponseEntity<?> addLicenseToLinkedReleases(
+            @Parameter(description = "Project ID", example = "376576")
+            @PathVariable("id") String projectId,
+            @Parameter(description = "Comment message.")
+            @RequestParam(value = "comment", required = false) String comment
+    ) throws TTransportException, TException {
+        try {
+            User sw360User = restControllerHelper.getSw360UserFromAuthentication();
+            sw360User.setCommentMadeDuringModerationRequest(comment);
+            Project project = projectService.getProjectForUserById(projectId, sw360User);
+
+            if (!restControllerHelper.isWriteActionAllowed(project, sw360User) && comment == null) {
+                return new ResponseEntity<>(RESPONSE_BODY_FOR_MODERATION_REQUEST_WITH_COMMIT, HttpStatus.BAD_REQUEST);
+            }
+            RequestStatus requestStatus = projectService.addLicenseToLinkedReleases(projectId, sw360User);
+
+            switch (requestStatus) {
+            case SENT_TO_MODERATOR:
+                return new ResponseEntity<>(RESPONSE_BODY_FOR_MODERATION_REQUEST, HttpStatus.ACCEPTED);
+            case SUCCESS:
+                return ResponseEntity.ok().body(Map.of("message", "License information successfully added to linked releases."));
+            default:
+                return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body("Error adding license info to linked releases.");
+        }
+
+        } catch (Exception e) {
+            return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR)
+                    .body("Error adding license info to linked releases: " + e.getMessage());
+        }
+    }
 }
@@ -1543,4 +1543,101 @@ public List<ReleaseLink> serveLinkedReleasesInDependencyNetworkByIndexPath(Strin
         ProjectService.Iface sw360ProjectClient = getThriftProjectClient();
         return sw360ProjectClient.getReleaseLinksOfProjectNetWorkByIndexPath(projectId, indexPath, sw360User);
     }
+
+    public RequestStatus addLicenseToLinkedReleases(String projectId, User sw360User)
+            throws TTransportException, TException {
+        ThriftClients thriftClients = new ThriftClients();
+        ProjectService.Iface projectClient = getThriftProjectClient();
+        LicenseInfoService.Iface licenseInfoClient = thriftClients.makeLicenseInfoClient();
+        ComponentService.Iface componentClient = thriftClients.makeComponentClient();
+        JSONObject jsonResult = new JSONObject();
+
+        try {
+            Project project = projectClient.getProjectById(projectId, sw360User);
+            if (project == null) {
+                throw new IllegalArgumentException("Project with ID " + projectId + " not found.");
+            }
+
+            Set<String> releaseIds = CommonUtils.getNullToEmptyKeyset(project.getReleaseIdToUsage());
+            List<Release> releasesWithSingleCLI = new ArrayList<>();
+            List<Release> releasesWithMultipleCLI = new ArrayList<>();
+            boolean isModerationRequired = false;
+
+            for (String releaseId : releaseIds) {
+                Release release = componentClient.getReleaseById(releaseId, sw360User);
+                if (release == null) {
+                    throw new IllegalArgumentException("Release with ID " + releaseId + " not found.");
+                }
+
+                List<Attachment> approvedCliAttachments = SW360Utils.getApprovedClxAttachmentForRelease(release);
+                if (approvedCliAttachments.isEmpty()) {
+                    approvedCliAttachments = SW360Utils.getClxAttachmentForRelease(release);
+                }
+
+                if (approvedCliAttachments.size() == 1) {
+                    processSingleAttachment(approvedCliAttachments.get(0), release, licenseInfoClient, sw360User);
+                    releasesWithSingleCLI.add(release);
+                } else {
+                    if (approvedCliAttachments.size() > 1) {
+                        releasesWithMultipleCLI.add(release);
+                    }
+                    jsonResult.put(SW360Constants.STATUS, SW360Constants.FAILURE);
+                    isModerationRequired = true;
+                }
+
+                componentClient.updateRelease(release, sw360User);
+            }
+
+            jsonResult.put("releasesWithSingleCLI", releasesWithSingleCLI);
+            jsonResult.put("releasesWithMultipleCLI", releasesWithMultipleCLI);
+
+            if (isModerationRequired) {
+                return RequestStatus.SENT_TO_MODERATOR;
+            }
+
+            return RequestStatus.SUCCESS;
+
+        } catch (Exception e) {
+            throw new RuntimeException("Error processing linked releases for project: " + projectId, e);
+        }
+    }
+
+
+    private void processSingleAttachment(Attachment attachment, Release release,
+            LicenseInfoService.Iface licenseInfoClient, User sw360User) throws TTransportException, TException {
+        String attachmentName = attachment.getFilename();
+
+        Set<String> mainLicenses = new HashSet<>();
+        Set<String> otherLicenses = new HashSet<>();
+
+        List<LicenseInfoParsingResult> licenseInfoResults = licenseInfoClient.getLicenseInfoForAttachment(release,
+                attachment.getAttachmentContentId(), true, sw360User);
+
+        if (attachmentName.endsWith(SW360Constants.RDF_FILE_EXTENSION)) {
+            licenseInfoResults.forEach(result -> {
+                if (result.getLicenseInfo() != null) {
+                    mainLicenses.addAll(result.getLicenseInfo().getConcludedLicenseIds());
+                    otherLicenses.addAll(result.getLicenseInfo().getLicenseNamesWithTexts().stream()
+                            .map(LicenseNameWithText::getLicenseName).collect(Collectors.toSet()));
+                }
+            });
+            otherLicenses.removeAll(mainLicenses);
+        } else if (attachmentName.endsWith(SW360Constants.XML_FILE_EXTENSION)) {
+            licenseInfoResults.forEach(result -> {
+                if (result.getLicenseInfo() != null) {
+                    result.getLicenseInfo().getLicenseNamesWithTexts().forEach(license -> {
+                        if (SW360Constants.LICENSE_TYPE_GLOBAL.equals(license.getType())) {
+                            mainLicenses.add(license.getLicenseName());
+                        } else {
+                            otherLicenses.add(license.getLicenseName());
+                        }
+                    });
+                }
+            });
+        }
+
+        release.setMainLicenseIds(mainLicenses);
+        release.setOtherLicenseIds(otherLicenses);
+    }
+
 }
@@ -73,6 +73,8 @@
 import org.eclipse.sw360.rest.resourceserver.user.Sw360UserService;
 import org.eclipse.sw360.rest.resourceserver.vulnerability.Sw360VulnerabilityService;
 import org.hamcrest.Matchers;
+import org.jose4j.json.internal.json_simple.JSONArray;
+import org.jose4j.json.internal.json_simple.JSONObject;
 import org.junit.Before;
 import org.junit.Test;
 import org.junit.runner.RunWith;
@@ -1659,7 +1661,6 @@ public void should_document_update_project_vulnerabilities() throws Exception {
                         responseFields(
                                 subsectionWithPath("_embedded.sw360:vulnerabilityDTOes.[]projectRelevance").description("The relevance of project of the vulnerability, possible values are: " + Arrays.asList(VulnerabilityRatingForProject.values())),
                                 subsectionWithPath("_embedded.sw360:vulnerabilityDTOes.[]intReleaseId").description("The release id"),
-                               // subsectionWithPath("_embedded.sw360:vulnerabilityDTOes.[]packageIds").description("The list of package IDs linked to the vulnerability."),
                                 subsectionWithPath("_embedded.sw360:vulnerabilityDTOes.[]comment").description("Any message to add while updating project vulnerabilities"),
                                 subsectionWithPath("_embedded.sw360:vulnerabilityDTOes.[]projectAction").description("The action of vulnerability"),
                                 subsectionWithPath("_embedded.sw360:vulnerabilityDTOes").description("An array of <<resources-vulnerabilities, Vulnerability resources>>"),
@@ -3282,4 +3283,17 @@ public void should_document_get_package_by_project_id() throws Exception {
                 .header("Authorization", TestHelper.generateAuthHeader(testUserId, testUserPassword))
                 .accept(MediaTypes.HAL_JSON)).andExpect(status().isOk());
     }
+
+    @Test
+    public void should_add_license_to_linked_releases() throws Exception {
+        String projectId = "1234567";
+        String comment = "This is a test comment";
+        when(projectServiceMock.addLicenseToLinkedReleases(eq(projectId), any(User.class))).thenReturn(RequestStatus.SUCCESS);
+
+        MockHttpServletRequestBuilder requestBuilder = post("/api/projects/" + projectId + "/addLinkedRelesesLicenses")
+                .contentType(MediaType.APPLICATION_JSON)
+                .param("comment", comment)
+                .header("Authorization", TestHelper.generateAuthHeader(testUserId, testUserPassword));
+        this.mockMvc.perform(requestBuilder).andExpect(status().isOk()).andDo(this.documentationHandler.document());
+    }
 }