Adhere to new models for summary pipeline

TG1999 · TG1999 · commit 23620565478e · 2025-03-31T12:46:12.000+05:30
Signed-off-by: Tushar Goel &lt;tushar.goel.dav@gmail.com&gt;
diff --git a/vulnerabilities/pipelines/fill_vulnerability_summary_pipeline.py b/vulnerabilities/pipelines/fill_vulnerability_summary_pipeline.py
@@ -33,11 +33,6 @@ def populate_missing_summaries(self):
             f"Processing {vulnerabilities_qs.count()} vulnerabilities without summaries",
             level=logging.INFO,
         )
-        # nvd_importer_advisories = Advisory.objects.filter(created_by="nvd_importer").exclude(summary="")
-        # self.log(
-        #     f"Found {nvd_importer_advisories.count()} advisories with summaries from NVD importer",
-        #     level=logging.INFO,
-        # )
 
         progress = LoopProgress(total_iterations=vulnerabilities_qs.count(), logger=self.log)
 
@@ -51,7 +46,9 @@ def populate_missing_summaries(self):
                 )
                 continue
 
-            matching_advisories = Advisory.objects.filter(aliases=cve_alias)
+            matching_advisories = Advisory.objects.filter(
+                aliases=cve_alias, created_by="nvd_importer"
+            ).exclude(summary="")
 
             if matching_advisories.exists():
                 best_advisory = matching_advisories.order_by("-date_collected").first()
@@ -63,4 +60,4 @@ def populate_missing_summaries(self):
                     level=logging.INFO,
                 )
             else:
-                self.log(f"No advisory found for alias {alias}", level=logging.INFO)
+                self.log(f"No advisory found for alias {cve_alias}", level=logging.INFO)
diff --git a/vulnerabilities/tests/pipelines/test_fill_vulnerability_summary_pipeline.py b/vulnerabilities/tests/pipelines/test_fill_vulnerability_summary_pipeline.py
@@ -38,16 +38,17 @@ def test_fill_missing_summaries_from_nvd(self):
         alias = Alias.objects.create(alias="CVE-2024-1234", vulnerability=vulnerability)
 
         # Create an NVD advisory with a summary
-        Advisory.objects.create(
+        adv = Advisory.objects.create(
             summary="Test vulnerability summary",
             created_by="nvd_importer",
             date_collected=datetime.datetime(2024, 1, 1, tzinfo=pytz.UTC),
-            aliases=["CVE-2024-1234"],
+            unique_content_id="Test",
         )
+        adv.aliases.add(alias)
 
         # Run the pipeline
         pipeline = PopulateVulnerabilitySummariesPipeline()
-        pipeline.fill_missing_summaries()
+        pipeline.populate_missing_summaries()
 
         # Check that the vulnerability now has a summary
         vulnerability.refresh_from_db()
@@ -66,7 +67,7 @@ def test_no_matching_advisory(self):
 
         # Run the pipeline
         pipeline = PopulateVulnerabilitySummariesPipeline()
-        pipeline.fill_missing_summaries()
+        pipeline.populate_missing_summaries()
 
         # Check that the vulnerability still has no summary
         vulnerability.refresh_from_db()
@@ -85,7 +86,7 @@ def test_vulnerability_without_alias(self):
 
         # Run the pipeline
         pipeline = PopulateVulnerabilitySummariesPipeline()
-        pipeline.fill_missing_summaries()
+        pipeline.populate_missing_summaries()
 
         # Check that the vulnerability still has no summary
         vulnerability.refresh_from_db()
@@ -104,16 +105,18 @@ def test_non_nvd_advisory_ignored(self):
         alias = Alias.objects.create(alias="CVE-2024-1234", vulnerability=vulnerability)
 
         # Create a non-NVD advisory with a summary
-        Advisory.objects.create(
+        adv = Advisory.objects.create(
             summary="Test vulnerability summary",
             created_by="other_importer",
             date_collected=datetime.datetime(2024, 1, 1, tzinfo=pytz.UTC),
-            aliases=["CVE-2024-1234"],
+            unique_content_id="Test",
         )
 
+        adv.aliases.add(alias)
+
         # Run the pipeline
         pipeline = PopulateVulnerabilitySummariesPipeline()
-        pipeline.fill_missing_summaries()
+        pipeline.populate_missing_summaries()
 
         # Check that the vulnerability still has no summary
         vulnerability.refresh_from_db()
@@ -130,23 +133,27 @@ def test_multiple_matching_advisories(self):
         alias = Alias.objects.create(alias="CVE-2024-1234", vulnerability=vulnerability)
 
         # Create two NVD advisories with the same alias
-        Advisory.objects.create(
+        adv1 = Advisory.objects.create(
             summary="First matching advisory",
             created_by="nvd_importer",
             date_collected=datetime.datetime(2024, 1, 1, tzinfo=pytz.UTC),
-            aliases=["CVE-2024-1234"],
+            unique_content_id="Test",
         )
 
-        Advisory.objects.create(
+        adv1.aliases.add(alias)
+
+        adv2 = Advisory.objects.create(
             summary="Second matching advisory",
             created_by="nvd_importer",
             date_collected=datetime.datetime(2024, 1, 2, tzinfo=pytz.UTC),
-            aliases=["CVE-2024-1234"],
+            unique_content_id="Test-1",
         )
 
+        adv2.aliases.add(alias)
+
         # Run the pipeline
         pipeline = PopulateVulnerabilitySummariesPipeline()
-        pipeline.fill_missing_summaries()
+        pipeline.populate_missing_summaries()
 
         # Check that the vulnerability now has the most recent summary
         vulnerability.refresh_from_db()
