Only send vulnerability events if the minimum priority is gte to that specified

Fixes #770
2015-11-10 15:08:14 -05:00 · 2015-11-10 15:08:14 -05:00 · ca7d736db2
commit ca7d736db2
parent 5926501e08
13 changed files with 175 additions and 156 deletions
--- a/static/js/services/vulnerability-service.js
+++ b/static/js/services/vulnerability-service.js
@ -3,89 +3,7 @@
  */
 angular.module('quay').factory('VulnerabilityService', ['Config', function(Config) {
  var vulnService = {};
-
-  // NOTE: This objects are used directly in the external-notification-data service, so make sure
-  // to update that code if the format here is changed.
-  vulnService.LEVELS = {
-    'Unknown': {
-      'title': 'Unknown',
-      'index': '6',
-      'level': 'info',
-
-      'description': 'Unknown is either a security problem that has not been assigned ' +
-                     'to a priority yet or a priority that our system did not recognize',
-      'banner_required': false
-    },
-
-    'Negligible': {
-      'title': 'Negligible',
-      'index': '5',
-      'level': 'info',
-
-      'description': 'Negligible is technically a security problem, but is only theoretical ' +
-                     'in nature, requires a very special situation, has almost no install base, ' +
-                     'or does no real damage.',
-      'banner_required': false
-    },
-
-    'Low': {
-      'title': 'Low',
-      'index': '4',
-      'level': 'warning',
-
-      'description': 'Low is a security problem, but is hard to exploit due to environment, ' +
-                     'requires a user-assisted attack, a small install base, or does very ' +
-                     'little damage.',
-      'banner_required': false
-    },
-
-    'Medium': {
-      'title': 'Medium',
-      'value': 'Medium',
-      'index': '3',
-      'level': 'warning',
-
-      'description': 'Medium is a real security problem, and is exploitable for many people. ' +
-                     'Includes network daemon denial of service attacks, cross-site scripting, ' +
-                     'and gaining user privileges.',
-      'banner_required': false
-    },
-
-    'High': {
-      'title': 'High',
-      'value': 'High',
-      'index': '2',
-      'level': 'warning',
-
-      'description': 'High is a real problem, exploitable for many people in a default installation. ' +
-                     'Includes serious remote denial of services, local root privilege escalations, ' +
-                     'or data loss.',
-      'banner_required': false
-    },
-
-    'Critical': {
-      'title': 'Critical',
-      'value': 'Critical',
-      'index': '1',
-      'level': 'error',
-
-      'description': 'Critical is a world-burning problem, exploitable for nearly all people in ' +
-                     'a installation of the package. Includes remote root privilege escalations, ' +
-                     'or massive data loss.',
-      'banner_required': true
-    },
-
-    'Defcon1': {
-      'title': 'Defcon 1',
-      'value': 'Defcon1',
-      'index': '0',
-      'level': 'error',
-
-      'description': 'Defcon1 is a Critical problem which has been manually highlighted ' +
-                     'by the Quay team. It requires immediate attention.',
-      'banner_required': true
-    }
-  };
+  vulnService.LEVELS = window.__vuln_priority;

  vulnService.getLevels = function() {
    return Object.keys(vulnService.LEVELS).map(function(key) {