Fix NPE raised if a vulnerability notification doesn't have a level filter

Fixes #1990
2016-10-14 12:10:54 -04:00 · 2016-10-14 12:10:54 -04:00 · 886489c666
commit 886489c666
parent 7f9e01a1fe
2 changed files with 44 additions and 4 deletions
--- a/endpoints/notificationevent.py
+++ b/endpoints/notificationevent.py
@ -111,6 +111,9 @@ def _build_summary(event_data):


 class VulnerabilityFoundEvent(NotificationEvent):
+  CONFIG_LEVEL = 'level'
+  VULNERABILITY_KEY = 'vulnerability'
+
  @classmethod
  def event_name(cls):
    return 'vulnerability_found'
@ -141,19 +144,25 @@ class VulnerabilityFoundEvent(NotificationEvent):
        'id': 'CVE-FAKE-CVE',
        'description': 'A futurist vulnerability',
        'link': 'https://security-tracker.debian.org/tracker/CVE-FAKE-CVE',
-        'priority': get_priority_for_index(event_config['level'])
+        'priority': get_priority_for_index(event_config[VulnerabilityFoundEvent.CONFIG_LEVEL])
      },
    })

  def should_perform(self, event_data, notification_data):
    event_config = json.loads(notification_data.event_config_json)
-    filter_level_index = int(event_config['level'])
+    if VulnerabilityFoundEvent.CONFIG_LEVEL not in event_config:
+      return True

-    event_severity = PRIORITY_LEVELS.get(event_data['vulnerability']['priority'])
+    if VulnerabilityFoundEvent.VULNERABILITY_KEY not in event_data:
+      return False
+
+    vuln_info = event_data.get(VulnerabilityFoundEvent.VULNERABILITY_KEY, {})
+    event_severity = PRIORITY_LEVELS.get(vuln_info.get('priority', 'Unknown'))
    if event_severity is None:
      return False

    actual_level_index = int(event_severity['index'])
+    filter_level_index = int(event_config[VulnerabilityFoundEvent.CONFIG_LEVEL])
    return actual_level_index <= filter_level_index

  def get_summary(self, event_data, notification_data):