add cve_version #30

vulmatch/server/arango_helpers.py

@@ -407,10 +407,13 @@ def get_object_by_external_id(self, ext_id):
             RETURN KEEP(doc, KEYS(doc, true))
             '''.replace('@filters', '\n'.join(filters)), bind_vars=bind_vars)
 
-    def get_cxe_object(self, cve_id, type="vulnerability", var='name'):
+    def get_cxe_object(self, cve_id, type="vulnerability", var='name', version_param='cve_version'):
         bind_vars={'@collection': self.collection, 'obj_name': cve_id, "type":type, 'var':var}
         #return Response(bind_vars)
         filters = ['FILTER doc._is_latest']
+        if q := self.query.get(version_param):
+            bind_vars['stix_modified'] = q
+            filters[0] = 'FILTER doc.modified == @stix_modified'
         return self.execute_query('''
             FOR doc in @@collection
             FILTER doc.type == @type AND doc[@var] == @obj_name

vulmatch/server/views.py

@@ -53,7 +53,10 @@
             If you want all the Objects related to this vulnerability you should use the bundle endpoint for the CVE.
             """
         ),
-        responses={200: ArangoDBHelper.get_paginated_response_schema('vulnerabilities', 'vulnerability')}
+        responses={200: ArangoDBHelper.get_paginated_response_schema('vulnerabilities', 'vulnerability')},
+        parameters=ArangoDBHelper.get_schema_operation_parameters()+[
+            OpenApiParameter("cve_version", type=OpenApiTypes.DATETIME, description="Return only vulnerability object where `modified` value matches query")
+        ],
     ),
     bundle=extend_schema(
         summary='Get all objects for a Vulnerability by CVE ID',