Merge pull request #1070 from CVEProject/prod-staging

Updating to v2.1.4

Author: jdaigneau5

api-docs/openapi.json

@@ -1,7 +1,7 @@
 {
     "name": "cve-services",
     "author": "Automation Working Group",
-    "version": "2.1.3",
+    "version": "2.1.4",
     "license": "(CC0)",
     "devDependencies": {
         "apidoc": "^0.53.1",

package.json

@@ -39,47 +39,47 @@ router.get('/cve-id',
     description: 'A filtered list of information about CVE IDs owned by the organization, along with pagination fields if results span multiple pages of data',
     content: {
       "application/json": {
-        schema: { $ref: '/schemas/cve-id/list-cve-ids-response.json' }
+        schema: { $ref: '../schemas/cve-id/list-cve-ids-response.json' }
       }
     }
   }
   #swagger.responses[400] = {
     description: 'Bad Request',
     content: {
       "application/json": {
-        schema: { $ref: '/schemas/errors/bad-request.json' }
+        schema: { $ref: '../schemas/errors/bad-request.json' }
       }
     }
   }
   #swagger.responses[401] = {
     description: 'Not Authenticated',
     content: {
       "application/json": {
-        schema: { $ref: '/schemas/errors/generic.json' }
+        schema: { $ref: '../schemas/errors/generic.json' }
       }
     }
   }
   #swagger.responses[403] = {
     description: 'Forbidden',
     content: {
       "application/json": {
-        schema: { $ref: '/schemas/errors/generic.json' }
+        schema: { $ref: '../schemas/errors/generic.json' }
       }
     }
   }
   #swagger.responses[404] = {
     description: 'Not Found',
     content: {
       "application/json": {
-        schema: { $ref: '/schemas/errors/generic.json' }
+        schema: { $ref: '../schemas/errors/generic.json' }
       }
     }
   }
   #swagger.responses[500] = {
     description: 'Internal Server Error',
     content: {
       "application/json": {
-        schema: { $ref: '/schemas/errors/generic.json' }
+        schema: { $ref: '../schemas/errors/generic.json' }
       }
     }
   }
@@ -121,55 +121,55 @@ router.post('/cve-id',
     description: 'A list of the newly reserved CVE IDs',
     content: {
       'application/json': {
-        schema: { $ref: '/schemas/cve-id/create-cve-ids-response.json' }
+        schema: { $ref: '../schemas/cve-id/create-cve-ids-response.json' }
       }
     }
   }
   #swagger.responses[206] = {
     description: 'A partial list of the CVE IDs the IDR service managed to reserve before encountering a case where no more CVE IDs could be reserved',
     content: {
       'application/json': {
-        schema: { $ref: '/schemas/cve-id/create-cve-ids-partial-response.json' }
+        schema: { $ref: '../schemas/cve-id/create-cve-ids-partial-response.json' }
       }
     }
   }
   #swagger.responses[400] = {
     description: 'Bad Request',
     content: {
       "application/json": {
-        schema: { $ref: '/schemas/errors/bad-request.json' }
+        schema: { $ref: '../schemas/errors/bad-request.json' }
       }
     }
   }
   #swagger.responses[401] = {
     description: 'Not Authenticated',
     content: {
       "application/json": {
-        schema: { $ref: '/schemas/errors/generic.json' }
+        schema: { $ref: '../schemas/errors/generic.json' }
       }
     }
   }
   #swagger.responses[403] = {
     description: 'Forbidden',
     content: {
       "application/json": {
-        schema: { $ref: '/schemas/errors/generic.json' }
+        schema: { $ref: '../schemas/errors/generic.json' }
       }
     }
   }
   #swagger.responses[404] = {
     description: 'Not Found',
     content: {
       "application/json": {
-        schema: { $ref: '/schemas/errors/generic.json' }
+        schema: { $ref: '../schemas/errors/generic.json' }
       }
     }
   }
   #swagger.responses[500] = {
     description: 'Internal Server Error',
     content: {
       "application/json": {
-        schema: { $ref: '/schemas/errors/generic.json' }
+        schema: { $ref: '../schemas/errors/generic.json' }
       }
     }
   }
@@ -208,55 +208,55 @@ router.get('/cve-id/:id',
     description: 'The requested CVE ID information is returned',
     content: {
       "application/json": {
-        schema: { $ref: '/schemas/cve-id/get-cve-id-response.json' }
+        schema: { $ref: '../schemas/cve-id/get-cve-id-response.json' }
       }
     }
   }
   #swagger.responses[400] = {
     description: 'Bad Request',
     content: {
       "application/json": {
-        schema: { $ref: '/schemas/errors/bad-request.json' }
+        schema: { $ref: '../schemas/errors/bad-request.json' }
       }
     }
   }
   #swagger.responses[401] = {
     description: 'Not Authenticated',
     content: {
       "application/json": {
-        schema: { $ref: '/schemas/errors/generic.json' }
+        schema: { $ref: '../schemas/errors/generic.json' }
       }
     }
   }
   #swagger.responses[403] = {
     description: 'Forbidden',
     content: {
       "application/json": {
-        schema: { $ref: '/schemas/errors/generic.json' }
+        schema: { $ref: '../schemas/errors/generic.json' }
       }
     }
   }
   #swagger.responses[404] = {
     description: 'Not Found',
     content: {
       "application/json": {
-        schema: { $ref: '/schemas/errors/generic.json' }
+        schema: { $ref: '../schemas/errors/generic.json' }
       }
     }
   }
   #swagger.responses[429] = {
     description: 'Too Many Requests',
     content: {
       "application/json": {
-        schema: { $ref: '/schemas/errors/generic.json' }
+        schema: { $ref: '../schemas/errors/generic.json' }
       }
     }
   }
   #swagger.responses[500] = {
     description: 'Internal Server Error',
     content: {
       "application/json": {
-        schema: { $ref: '/schemas/errors/generic.json' }
+        schema: { $ref: '../schemas/errors/generic.json' }
       }
     }
   }
@@ -291,47 +291,47 @@ router.put('/cve-id/:id',
     description: 'The updated CVE ID information is returned',
     content: {
       "application/json": {
-        schema: { $ref: '/schemas/cve-id/update-cve-id-response.json' }
+        schema: { $ref: '../schemas/cve-id/update-cve-id-response.json' }
       }
     }
   }
   #swagger.responses[400] = {
     description: 'Bad Request',
     content: {
       "application/json": {
-        schema: { $ref: '/schemas/errors/bad-request.json' }
+        schema: { $ref: '../schemas/errors/bad-request.json' }
       }
     }
   }
   #swagger.responses[401] = {
     description: 'Not Authenticated',
     content: {
       "application/json": {
-        schema: { $ref: '/schemas/errors/generic.json' }
+        schema: { $ref: '../schemas/errors/generic.json' }
       }
     }
   }
   #swagger.responses[403] = {
     description: 'Forbidden',
     content: {
       "application/json": {
-        schema: { $ref: '/schemas/errors/generic.json' }
+        schema: { $ref: '../schemas/errors/generic.json' }
       }
     }
   }
   #swagger.responses[404] = {
     description: 'Not Found',
     content: {
       "application/json": {
-        schema: { $ref: '/schemas/errors/generic.json' }
+        schema: { $ref: '../schemas/errors/generic.json' }
       }
     }
   }
   #swagger.responses[500] = {
     description: 'Internal Server Error',
     content: {
       "application/json": {
-        schema: { $ref: '/schemas/errors/generic.json' }
+        schema: { $ref: '../schemas/errors/generic.json' }
       }
     }
   }
@@ -375,39 +375,39 @@ router.post('/cve-id-range/:year',
     description: 'Bad Request',
     content: {
       "application/json": {
-        schema: { $ref: '/schemas/errors/bad-request.json' }
+        schema: { $ref: '../schemas/errors/bad-request.json' }
       }
     }
   }
   #swagger.responses[401] = {
     description: 'Not Authenticated',
     content: {
       "application/json": {
-        schema: { $ref: '/schemas/errors/generic.json' }
+        schema: { $ref: '../schemas/errors/generic.json' }
       }
     }
   }
   #swagger.responses[403] = {
     description: 'Forbidden',
     content: {
       "application/json": {
-        schema: { $ref: '/schemas/errors/generic.json' }
+        schema: { $ref: '../schemas/errors/generic.json' }
       }
     }
   }
   #swagger.responses[404] = {
     description: 'Not Found',
     content: {
       "application/json": {
-        schema: { $ref: '/schemas/errors/generic.json' }
+        schema: { $ref: '../schemas/errors/generic.json' }
       }
     }
   }
   #swagger.responses[500] = {
     description: 'Internal Server Error',
     content: {
       "application/json": {
-        schema: { $ref: '/schemas/errors/generic.json' }
+        schema: { $ref: '../schemas/errors/generic.json' }
       }
     }
   }

src/controller/cve-id.controller/index.js

@@ -94,6 +94,24 @@ function hasSingleEnglishEntry (langsArr) {
   return true
 }
 
+/**
+ * Temporary description validator that ensures description fields have at least 1 non-whitespace character
+ *
+ * @param {String} descIndex
+ * @returns true
+ * @throws Error
+ */
+function validateDescription (descIndex) {
+  // For each index, check if it exists, then apply custom validator
+  return body(descIndex).optional({ nullable: true }).isArray().custom((descriptions, { req, path }) => {
+    // For each array of descriptions, check if at least one non-whitespace character
+    for (const desc of descriptions) {
+      // Some descriptions use 'value' for field name, problemTypes uses 'description'
+      return (!!desc.value?.trim().length || !!desc.description?.trim().length)
+    }
+  })
+}
+
 function validateRejectBody (req, res, next) {
   const rejectBody = req.body
   const result = validateRejected(rejectBody) // validate function is based on custom schema
@@ -136,5 +154,6 @@ module.exports = {
   validateCveCnaContainerJsonSchema,
   validateUniqueEnglishEntry,
   hasSingleEnglishEntry,
+  validateDescription,
   validateRejectBody
 }