From d5bbf83a75a778dbc09f53f413408eda4e022204 Mon Sep 17 00:00:00 2001
From: Jia Chao <jiac13@chinaunicom.cn>
Date: Tue, 23 Jul 2024 14:29:12 +0800
Subject: [PATCH] =?UTF-8?q?=E5=BC=95=E5=85=A5=20cusa=20=E5=B9=B6=E6=B5=8B?=
 =?UTF-8?q?=E8=AF=95=E5=AE=8C=E6=88=90?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Jia Chao <jiac13@chinaunicom.cn>
---
 Cargo.toml  |  1 +
 src/lib.rs  | 90 +++--------------------------------------------------
 src/test.rs |  2 +-
 3 files changed, 6 insertions(+), 87 deletions(-)

diff --git a/Cargo.toml b/Cargo.toml
index 49a70c6..a10d2ef 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -11,6 +11,7 @@ description = "An xml parser for openEuler cvrf."
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
 
 [dependencies]
+cusa = { git = "https://git.zhgsun.com:8089/jiachao2130/cusa.git", version = "0.1.0" }
 serde = { version = "1", features = ["serde_derive"] }
 tracing = { version = "0.1" }
 xml-rs = { version = "0.8" }
diff --git a/src/lib.rs b/src/lib.rs
index 15dc030..8e37e5d 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -3,11 +3,10 @@
     allow(dead_code, unused_imports, unused_variables, unused_mut)
 )]
 use std::collections::HashMap;
-use std::fmt;
 use std::fs::File;
 use std::io::{self, BufReader};
-use std::str::FromStr;
 
+use cusa::{CUSA, CVE, ParseSeverityError, Severity};
 use serde::{Deserialize, Serialize};
 use tracing::{debug, error, instrument, trace};
 use xml::reader::{EventReader, XmlEvent};
@@ -188,7 +187,7 @@ impl CVRF {
             note.content.parse::<Severity>()
         } else {
             // 正常用不到这里
-            Ok(Severity::Null)
+            Ok(Severity::None)
         }
     }
 
@@ -210,13 +209,13 @@ impl CVRF {
 
     /// 将之转换成精简的公告格式
     #[instrument(skip(self))]
-    pub fn sainfo(&self) -> SaInfo {
+    pub fn sainfo(&self) -> CUSA {
         let mut cves = vec![];
         for v in &self.vulnerabilities {
             cves.push(v.to_cve());
         }
 
-        SaInfo {
+        CUSA {
             id: self.id().to_string(),
             url: self.url(),
             title: self.title().to_string(),
@@ -1043,55 +1042,6 @@ impl Threat {
     }
 }
 
-#[derive(Debug, Clone, PartialOrd, Ord, PartialEq, Eq, Hash, Serialize, Deserialize)]
-pub enum Severity {
-    Null,
-    Low,
-    Moderate,
-    Important,
-    Critical,
-}
-
-impl Severity {
-    pub fn new() -> Self {
-        Severity::Null
-    }
-}
-
-// 为枚举 Severity 实现 FromStr trait
-impl FromStr for Severity {
-    type Err = ParseSeverityError;
-
-    // bug fix: 华为不干人事儿，单词都能拼错，现在只取首字母
-    fn from_str(s: &str) -> Result<Self, Self::Err> {
-        match s.to_lowercase().chars().next() {
-            Some('l') => Ok(Severity::Low),
-            Some('m') => Ok(Severity::Moderate),
-            Some('i') | Some('h') => Ok(Severity::Important),
-            Some('c') => Ok(Severity::Critical),
-            _ => Err(ParseSeverityError::InvalidSeverity),
-        }
-    }
-}
-
-// 定义 ParseSeverityError 枚举类型来表示解析错误
-#[derive(Debug, Clone)]
-pub enum ParseSeverityError {
-    InvalidSeverity,
-}
-
-// 为 ParseSeverityError 实现 Display trait，以便更好地显示错误信息
-impl fmt::Display for ParseSeverityError {
-    fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
-        match self {
-            ParseSeverityError::InvalidSeverity => write!(f, "Invalid severity level"),
-        }
-    }
-}
-
-// 为 ParseSeverityError 实现 std::error::Error trait
-impl std::error::Error for ParseSeverityError {}
-
 // depth = 4
 // <ScoreSet>
 //   <BaseScore>7.5</BaseScore>
@@ -1206,35 +1156,3 @@ impl Remediation {
         }
     }
 }
-
-#[derive(Debug, Clone, Eq, PartialEq, Hash, Serialize, Deserialize)]
-pub struct SaInfo {
-    // sa id
-    pub id: String,
-
-    // sa's url
-    pub url: String,
-
-    // sa title
-    pub title: String,
-
-    // the major severity
-    pub severity: Severity,
-
-    pub description: String,
-
-    // 包含的 cve 列表
-    pub cves: Vec<CVE>,
-}
-
-#[derive(Debug, Clone, Eq, PartialEq, Hash, Serialize, Deserialize)]
-pub struct CVE {
-    // cve id
-    pub id: String,
-
-    // cve 官网地址
-    pub url: String,
-
-    // 严重级别
-    pub severity: Severity,
-}
diff --git a/src/test.rs b/src/test.rs
index 123cee8..48c4160 100644
--- a/src/test.rs
+++ b/src/test.rs
@@ -98,7 +98,7 @@ fn cvrf_works() {
     let cvrf_vulner_cve = "CVE-2023-45288";
     let cvrf_vulner_productstatues_status = "Fixed";
     let cvrf_vulner_productstatues_product = "openEuler-22.03-LTS";
-    let cvrf_vulner_threat = Severity::Important;
+    let cvrf_vulner_threat = cusa::Severity::High;
     let cvrf_vulner_basescore = "7.5";
     let cvrf_vulner_vector = "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H";
     let cvrf_vulner_remedition_type = "Vendor Fix";