Allow calculation of CVSS3 score using SQL functions, like a madman. #399
Conversation
Provide enough escape-hatches around filterin/sorting to do my evil deeds. Do some evil deeds in SQL to allow sorting/filtering by synthetic `average_score` on advisories. Do even more evil, by writing entirely too many SQL functions. Lay in appropriate DOWN migration for cvss3 scoring functions.
|
@carlosthe19916 this should allow sorting by Relates to #383 |
jcrossley3
left a comment
jcrossley3
left a comment
There was a problem hiding this comment.
I feel a little dirty approving this. But I don't have any better ideas.
| // To be able to ORDER or WHERE using a synthetic column, we must first | ||
| // SELECT col, extra_col FROM (SELECT col, random as extra_col FROM...) | ||
| // which involves mucking about inside the Select<E> to re-target from | ||
| // the original underlying table it expects the entity to live in. |
There was a problem hiding this comment.
This is a little terrifying.
There was a problem hiding this comment.
Apparently it's normal! We so similar for SELECT COUNT(*) FROM ( <original select> ) on the limiter stuff.
|
So we are doing all this work just to avoid having an intermediate search model? |
|
Just a comment after having seen the PLSQL code. |
|
Marco: yes we should probably just store the computer score. Will still need the extra magic to sort and filter by the AVG() but it would reduce the work of the DB by some. I'll enhance. |
4 participants
Provide enough escape-hatches around filterin/sorting to do my evil deeds. Do some evil deeds in SQL to allow sorting/filtering by synthetic
average_scoreon advisories. Do even more evil, by writing entirely too many SQL functions. Lay in appropriate DOWN migration for cvss3 scoring functions.