Skip to content

Integration of new Features & removal of registry user and org. #1582

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
david-rocca merged 48 commits into from
Dec 8, 2025
Merged

Integration of new Features & removal of registry user and org. #1582

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
48 commits
Select commit Hold shift + click to select a range
5ce5071
Handle conversations in registryOrg create/update
cberger8 Nov 10, 2025
8329b76
Joint approval pass
david-rocca Nov 10, 2025
2c6100d
merge conflicts be gone
david-rocca Nov 10, 2025
0100b88
Small fixes for integration
david-rocca Nov 10, 2025
032c4a9
Default values for conversation object
cberger8 Nov 10, 2025
208893b
Non sec users can request orgs
david-rocca Nov 11, 2025
3279940
fixing tests
david-rocca Nov 11, 2025
0c213bb
Conversations now properly tied to review objects
cberger8 Nov 11, 2025
e46eb1a
resolving regregression
david-rocca Nov 11, 2025
c408dbb
integration tests for new stuff
david-rocca Nov 11, 2025
94ad3a0
auditChanges
emathew5 Nov 12, 2025
f515e64
Merge branch 'dev' into emathew/audit-org-log
emathew5 Nov 12, 2025
d8983df
Added endpoint to get review object by UUID with conversation
cberger8 Nov 18, 2025
da63ecd
Fixed review object endpoints not returning conversation
cberger8 Nov 19, 2025
48a303f
fixing tests
david-rocca Nov 19, 2025
239e475
Integration tests for conversation endpoints
cberger8 Nov 20, 2025
f3a8241
fix tests
emathew5 Nov 24, 2025
bb10cca
Merge branch 'dr_cb_joint_comments' into emathew/audit-org-log
emathew5 Nov 24, 2025
9439f32
remove unused import
david-rocca Nov 24, 2025
1fa78d6
linting issues
david-rocca Nov 24, 2025
51c8107
Pass at removing
david-rocca Nov 19, 2025
3234bdf
Another pass
david-rocca Nov 25, 2025
15a6257
Fixed some unit tests
david-rocca Nov 25, 2025
23c07d4
Old tests are old
david-rocca Nov 25, 2025
4cc8e65
removed incorrect throw documentation
david-rocca Dec 1, 2025
a42d765
Merge branch 'dev' into dr_fix_registry_user_controller
david-rocca Dec 1, 2025
3f90ca6
added more values to the joint approval fields
david-rocca Dec 3, 2025
120e6d7
Various small fixes and clean up
david-rocca Dec 3, 2025
dae69fd
Implemented new secretariat fields on BaseOrg model
cberger8 Dec 3, 2025
faf5e6d
Fixed a typing issue for authority
david-rocca Dec 3, 2025
e940708
now will return all errors at once when making registry orgs
david-rocca Dec 3, 2025
0dfb080
we should now be changing types
david-rocca Dec 4, 2025
ed03e29
Update
david-rocca Dec 5, 2025
2533bf4
linting issues
david-rocca Dec 5, 2025
5c8e098
remove registry query parameters and update swagger
emathew5 Dec 5, 2025
1af6b9e
fix bulk download schema reference
emathew5 Dec 5, 2025
a05e940
remove query check for updateOrg
emathew5 Dec 5, 2025
fb8a43c
Removed hard coded true
david-rocca Dec 5, 2025
7f63def
Removed _id and secret
david-rocca Dec 5, 2025
05845b4
Removed role field from BaseUser schema
cberger8 Dec 5, 2025
588cc8d
Validate role field on user create
cberger8 Dec 5, 2025
c5c4bf5
added some middleware to reject bad things in the body
david-rocca Dec 5, 2025
678c350
Fixing issues
david-rocca Dec 5, 2025
4e4b3e6
Apparently, there is an ancient test that says we should allow this. …
david-rocca Dec 5, 2025
433bc1a
Merge branch 'dev' of github.com:CVEProject/cve-services into dr_fix_…
david-rocca Dec 5, 2025
41ca228
Merge branch 'dev' of github.com:CVEProject/cve-services into dr_fix_…
david-rocca Dec 5, 2025
e4b8440
Merge conflicts
david-rocca Dec 8, 2025
38fa4b9
Merge pull request #1586 from CVEProject/cb_new_secretariat_fields
david-rocca Dec 8, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
126 changes: 51 additions & 75 deletions api-docs/openapi.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1974,18 +1974,12 @@
},
"post": {
"tags": [
"Organization"
"Registry Organization"
],
"summary": "Retrieves all organizations (accessible to Secretariat)",
"description": " <h2>Access Control</h2> <p>User must belong to an organization with the <b>Secretariat</b> role</p> <h2>Expected Behavior</h2> <p><b>Secretariat:</b> Retrieves information about all organizations</p>",
"operationId": "orgAll",
"summary": "Creates an organization (accessible to Secretariat)",
"description": " <h2>Access Control</h2> <p>User must belong to an organization with the <b>Secretariat</b> role</p> <h2>Expected Behavior</h2> <p><b>Secretariat:</b> Creates a new organization</p>",
"operationId": "orgCreateSingle",
"parameters": [
{
"$ref": "#/components/parameters/pageQuery"
},
{
"$ref": "#/components/parameters/registry"
},
{
"$ref": "#/components/parameters/apiEntityHeader"
},
Expand Down Expand Up @@ -2057,6 +2051,29 @@
}
}
}
},
"requestBody": {
"required": true,
"content": {
"application/json": {
"schema": {
"anyOf": [
{
"$ref": "../schemas/registry-org/SecretariatOrg.json"
},
{
"$ref": "../schemas/registry-org/CNAOrg.json"
},
{
"$ref": "../schemas/registry-org/ADPOrg.json"
},
{
"$ref": "../schemas/registry-org/BulkDownloadOrg.json"
}
]
}
}
}
}
}
},
Expand Down Expand Up @@ -2597,9 +2614,6 @@
{
"$ref": "#/components/parameters/active_roles_remove"
},
{
"$ref": "#/components/parameters/registry"
},
{
"$ref": "#/components/parameters/apiEntityHeader"
},
Expand Down Expand Up @@ -2887,10 +2901,14 @@
"operationId": "orgAll",
"parameters": [
{
"$ref": "#/components/parameters/pageQuery"
"name": "registry",
"in": "query",
"schema": {
"type": "string"
}
},
{
"$ref": "#/components/parameters/registry"
"$ref": "#/components/parameters/pageQuery"
},
{
"$ref": "#/components/parameters/apiEntityHeader"
Expand Down Expand Up @@ -2980,9 +2998,6 @@
"description": " <h2>Access Control</h2> <p>User must belong to an organization with the <b>Secretariat</b> role</p> <h2>Expected Behavior</h2> <p><b>Secretariat:</b> Creates an organization</p> ",
"operationId": "orgCreateSingle",
"parameters": [
{
"$ref": "#/components/parameters/registry"
},
{
"$ref": "#/components/parameters/apiEntityHeader"
},
Expand Down Expand Up @@ -3067,14 +3082,7 @@
"content": {
"application/json": {
"schema": {
"oneOf": [
{
"$ref": "../schemas/org/create-org-request.json"
},
{
"$ref": "../schemas/registry-org/create-registry-org-request.json"
}
]
"$ref": "../schemas/org/create-org-request.json"
}
}
}
Expand All @@ -3099,9 +3107,6 @@
},
"description": "The shortname or UUID of the organization"
},
{
"$ref": "#/components/parameters/registry"
},
{
"$ref": "#/components/parameters/apiEntityHeader"
},
Expand All @@ -3118,14 +3123,7 @@
"content": {
"application/json": {
"schema": {
"oneOf": [
{
"$ref": "../schemas/org/get-org-response.json"
},
{
"$ref": "../schemas/registry-org/get-registry-org-response.json"
}
]
"$ref": "../schemas/org/get-org-response.json"
}
}
}
Expand Down Expand Up @@ -3201,6 +3199,13 @@
},
"description": "The shortname of the organization"
},
{
"name": "registry",
"in": "query",
"schema": {
"type": "string"
}
},
{
"$ref": "#/components/parameters/id_quota"
},
Expand All @@ -3216,9 +3221,6 @@
{
"$ref": "#/components/parameters/active_roles_remove"
},
{
"$ref": "#/components/parameters/registry"
},
{
"$ref": "#/components/parameters/apiEntityHeader"
},
Expand All @@ -3235,14 +3237,7 @@
"content": {
"application/json": {
"schema": {
"oneOf": [
{
"$ref": "../schemas/org/update-org-response.json"
},
{
"$ref": "../schemas/registry-org/update-registry-org-response.json"
}
]
"$ref": "../schemas/org/update-org-response.json"
}
}
}
Expand Down Expand Up @@ -3318,9 +3313,6 @@
},
"description": "The shortname of the organization"
},
{
"$ref": "#/components/parameters/registry"
},
{
"$ref": "#/components/parameters/apiEntityHeader"
},
Expand All @@ -3337,14 +3329,7 @@
"content": {
"application/json": {
"schema": {
"oneOf": [
{
"$ref": "../schemas/org/get-org-quota-response.json"
},
{
"$ref": "../schemas/registry-org/get-registry-org-quota-response.json"
}
]
"$ref": "../schemas/org/get-org-quota-response.json"
}
}
}
Expand Down Expand Up @@ -3421,10 +3406,14 @@
"description": "The shortname of the organization"
},
{
"$ref": "#/components/parameters/pageQuery"
"name": "registry",
"in": "query",
"schema": {
"type": "string"
}
},
{
"$ref": "#/components/parameters/registry"
"$ref": "#/components/parameters/pageQuery"
},
{
"$ref": "#/components/parameters/apiEntityHeader"
Expand All @@ -3442,14 +3431,7 @@
"content": {
"application/json": {
"schema": {
"oneOf": [
{
"$ref": "../schemas/user/list-users-response.json"
},
{
"$ref": "../schemas/registry-user/list-registry-users-response.json"
}
]
"$ref": "../schemas/user/list-users-response.json"
}
}
}
Expand Down Expand Up @@ -3525,9 +3507,6 @@
},
"description": "The shortname of the organization"
},
{
"$ref": "#/components/parameters/registry"
},
{
"$ref": "#/components/parameters/apiEntityHeader"
},
Expand Down Expand Up @@ -3765,9 +3744,6 @@
{
"$ref": "#/components/parameters/orgShortname"
},
{
"$ref": "#/components/parameters/registry"
},
{
"$ref": "#/components/parameters/apiEntityHeader"
},
Expand Down
17 changes: 17 additions & 0 deletions schemas/registry-org/ADPOrg.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
{
"$schema": "http://json-schema.org/draft-07/schema#",
"$id": "ADPOrg",
"type": "object",
"title": "CVE ADP Organization",
"description": "Schema for a CVE ADP Organization",
"allOf": [
{ "$ref": "./BaseOrg.json" },
{
"properties": {
"authority": {
"const": ["ADP"]
}
}
}
]
}
121 changes: 121 additions & 0 deletions schemas/registry-org/BaseOrg.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,121 @@
{
"$schema": "http://json-schema.org/draft-07/schema#",
"$id": "./BaseOrg.json",
"type": "object",
"title": "CVE Base Organization",
"description": "Base schema for a CVE Organization",
"definitions": {
"uuidType": {
"description": "A version 4 (random) universally unique identifier (UUID) as defined by [RFC 4122](https://tools.ietf.org/html/rfc4122#section-4.1.3).",
"type": "string",
"format": "uuid",
"pattern": "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{4}-[0-9A-Fa-f]{12}$"
},
"uriType": {
"description": "A universal resource identifier (URI), according to [RFC 3986](https://tools.ietf.org/html/rfc3986).",
"type": "string",
"format": "uri",
"pattern": "^(([^:/?#]+):)?(//([^/?#]*))?([^?#]*)(\\?([^#]*))?(#(.*))?",
"minLength": 1,
"maxLength": 2048
},
"shortName": {
"description": "A 2-32 character name that can be used to complement an organization's UUID.",
"type": "string",
"minLength": 2,
"maxLength": 32
},
"longName": {
"description": "A 1-256 character name that can be used to complement an organization's short_name.",
"type": "string",
"minLength": 1,
"maxLength": 256
},
"authority": {
"description": "The authority (role) of this organization within the CVE program",
"type": "string",
"enum": ["CNA", "SECRETARIAT", "BULK_DOWNLOAD", "ADP"]
}
},
"properties": {
"UUID": {
"$ref": "#/definitions/uuidType"
},
"short_name": {
"$ref": "#/definitions/shortName"
},
"long_name": {
"$ref": "#/definitions/longName"
},
"aliases": {
"type": "array",
"uniqueItems": true,
"items": {
"type": "string"
}
},
"authority": {
"type": "array",
"uniqueItems": true,
"items": {
"$ref": "#/definitions/authority"
}
},
"root_or_tlr": {
"type": "boolean"
},
"reports_to": {
"$ref": "#/definitions/uuidType"
},
"users": {
"type": "array",
"uniqueItems": true,
"items": {
"$ref": "#/definitions/uuidType"
}
},
"admins": {
"type": "array",
"uniqueItems": true,
"items": {
"$ref": "#/definitions/uuidType"
}
},
"contact_info": {
"type": "object",
"properties": {
"additional_contact_users": {
"type": "array",
"uniqueItems": true,
"items": {
"$ref": "#/definitions/uuidType"
}
},
"poc": {
"type": "string"
},
"poc_email": {
"type": "string",
"format": "email"
},
"poc_phone": {
"type": "string"
},
"org_email": {
"type": "string",
"format": "email"
},
"website": {
"type": "string",
"format": "uri",
"description": "Organization's website URL"
}
},
"additionalProperties": false
}
},
"required": [
"short_name",
"long_name"
]
}
Loading
Loading