feat: retrieve memberships of a cwe by id (#7)

Author: alemagio

__tests__/CweManager.test.js

@@ -1,7 +1,7 @@
 const { CweManager } = require('../index')
 
 describe('Cwe Manager', () => {
-  describe('Cwe Manager supports instnatiation with custom data', () => {
+  describe('Cwe Manager supports instantiation with custom data', () => {
     test('Cwe Manager instnatiated with custom hierarchy', () => {
       const cweManager = new CweManager({
         cweHierarchy: [{ weaknessId: '31337', parentId: '31338' }]
@@ -50,4 +50,18 @@ describe('Cwe Manager', () => {
       'A set of CWE IDs that are childs of another CWE ID should return true (one parent for all)'
     )
   })
+
+  describe('Cwe Manager Memberships', () => {
+    test('A CWE ID that has no memberships should return null', () => {
+      const cweManager = new CweManager()
+      const result = cweManager.getMemberships({ weaknessId: 'notfoundid' })
+      expect(result).toBe(null)
+    })
+
+    test('A CWE ID with memberships should return an array of ids', () => {
+      const cweManager = new CweManager()
+      const result = cweManager.getMemberships({ weaknessId: '778' })
+      expect(result).toStrictEqual(['1009', '1036', '1210', '1308'])
+    })
+  })
 })

build/build.js

@@ -13,6 +13,7 @@ const RAW_INPUT_XML_FILENAME = 'cwe-archive.xml'
 const RAW_OUTPUT_JSON_FILENAME = 'cwe-archive.json'
 const OUTPUT_JSON_DICT_FILENAME = 'cwe-dictionary.json'
 const OUTPUT_JSON_HIERARCHY_FILENAME = 'cwe-hierarchy.json'
+const OUTPUT_JSON_MEMBERSHIPS_FILENAME = 'cwe-memberships.json'
 const ARCHIVE_DOWNLOAD_OPTIONS = {
   hostname: 'cwe.mitre.org',
   port: 443,
@@ -36,7 +37,9 @@ updateArchive()
       jsonData: rawJsonCweArchive
     })
 
-    const { cweDictionary, cweHierarchy } = createCweDictionary({ cweArchive: rawJsonCweArchive })
+    const { cweDictionary, cweHierarchy, cweMemberships } = createCweDictionary({
+      cweArchive: rawJsonCweArchive
+    })
 
     writeJsonToFile({
       jsonFilepath: path.join(__dirname, '..', 'raw', OUTPUT_JSON_DICT_FILENAME),
@@ -48,6 +51,11 @@ updateArchive()
       jsonData: cweHierarchy
     })
 
+    writeJsonToFile({
+      jsonFilepath: path.join(__dirname, '..', 'raw', OUTPUT_JSON_MEMBERSHIPS_FILENAME),
+      jsonData: cweMemberships
+    })
+
     debug('finished')
   })
   .catch(console.error)

build/xmlParser.js

@@ -8,8 +8,23 @@ const debug = require('debug')('cwe-sdk:build')
 
 function createCweDictionary({ cweArchive }) {
   const allWeaknesses = cweArchive.Weakness_Catalog.Weaknesses.Weakness
+  const allCategories = cweArchive.Weakness_Catalog.Categories.Category
+  const membershipMap = new Map()
+  allCategories
+    .filter(category => category.Relationships)
+    .forEach(category => {
+      const memberIds = Array.from(category.Relationships.Has_Member).map(
+        member => member.attr['@_CWE_ID']
+      )
+      memberIds.forEach(memberId => {
+        const current = membershipMap.get(memberId) || []
+        current.push(category.attr['@_ID'])
+        membershipMap.set(memberId, current)
+      })
+    })
   const cweDictionary = {}
   const cweHierarchy = []
+  const cweMemberships = []
 
   allWeaknesses.forEach(function(weakness) {
     const weaknessId = weakness['attr']['@_ID']
@@ -37,12 +52,21 @@ function createCweDictionary({ cweArchive }) {
           })
         }
       }
+
+      const weaknessMembership = membershipMap.get(weaknessId)
+      if (weaknessMembership) {
+        cweMemberships.push({
+          weaknessId,
+          memberships: weaknessMembership
+        })
+      }
     }
   })
 
   return {
     cweDictionary,
-    cweHierarchy
+    cweHierarchy,
+    cweMemberships
   }
 }
 

raw/cwe-memberships.json

@@ -2,10 +2,11 @@
 
 const CWE_HIERARCHY = require('../raw/cwe-hierarchy.json')
 const CWE_DICTIONARY = require('../raw/cwe-dictionary.json')
+const CWE_MEMBERSHIPS = require('../raw/cwe-memberships.json')
 const debug = require('debug')('cwe-sdk:manager')
 
 module.exports = class CweManager {
-  constructor({ cweHierarchy = null, cweDictionary = null } = {}) {
+  constructor({ cweHierarchy = null, cweDictionary = null, cweMemberships = null } = {}) {
     if (cweHierarchy) {
       debug('manager received cweHierarchy to be used')
       this.cweHierarchy = cweHierarchy
@@ -19,6 +20,21 @@ module.exports = class CweManager {
     } else {
       this.cweDictionary = CWE_DICTIONARY
     }
+
+    if (cweMemberships) {
+      debug('manager received cweMemberships to be used')
+      this.cweMemberships = cweMemberships
+    } else {
+      this.cweMemberships = CWE_MEMBERSHIPS
+    }
+  }
+
+  getMemberships({ weaknessId }) {
+    const weakness = this.cweMemberships.find(weakness => weakness.weaknessId === weaknessId)
+    if (!weakness) {
+      return null
+    }
+    return weakness.memberships
   }
 
   isChildOf({ indirect = false, weaknessId, parentId }) {