Merge pull request #1836 from CVEProject/dr_remove_soft_quota

removing soft quota and renmaing hard quota to id_quota

Author: david-rocca

api-docs/openapi.json

@@ -11,7 +11,7 @@
   },
   "servers": [
     {
-      "url": "https://cveawg-dev.mitre.org/api"
+      "url": "urlplaceholder"
     }
   ],
   "paths": {
@@ -2081,7 +2081,7 @@
               "example": {
                 "short_name": "fake_company",
                 "long_name": "Fake Company",
-                "hard_quota": 1000,
+                "id_quota": 1000,
                 "authority": [
                   "CNA"
                 ]
@@ -2208,14 +2208,14 @@
         }
       }
     },
-    "/registry/org/{shortname}/hard_quota": {
+    "/registry/org/{shortname}/id_quota": {
       "get": {
         "tags": [
           "Registry Organization"
         ],
         "summary": "Retrieves an organization's CVE ID quota (accessible to all registered users)",
         "description": "  <h2>Access Control</h2>  <p>All registered users can access this endpoint</p>  <h2>Expected Behavior</h2>  <p><b>Regular, CNA & Admin Users:</b> Retrieves the CVE ID quota for the user's organization</p>  <p><b>Secretariat:</b> Retrieves the CVE ID quota for any organization</p>",
-        "operationId": "orgHardQuota",
+        "operationId": "orgIdQuota",
         "parameters": [
           {
             "name": "shortname",
@@ -2616,7 +2616,7 @@
           "Registry Organization"
         ],
         "summary": "Updates information about the organization specified by short name (accessible Temporarily to Secretariat only)",
-        "description": "  <h2>Access Control</h2>  <p>User must belong to an organization with the <b>Secretariat</b> role temporarily.</p>  <p>In the future, only the organization's admin will be able to request changes to its information.</p>  <p>With Joint Approval required for the following fields:</p>  <h2>Expected Behavior</h2>  <b>This endpoint expects a full organization object in the request body.</b>  <p><b>Secretariat:</b> Updates any organization's information</p>  <p><b>Organization Admin:</b> Requests changes to its organization's information</p>  <ul>  <li>short_name</li>  <li>long_name</li>  <li>authority</li>  <li>aliases</li>  <li>oversees</li>  <li>top_level_root</li>  <li>charter_or_scope</li>  <li>product_list</li>  <li>disclosure_policy</li>  <li>contact_info.websites</li>  <li>contact_info.emails</li>  <li>contact_info.phone</li>  <li>partner_role_type</li>  <li>partner_country</li>  <li>advisory_locations</li>  <li>industry</li>  <li>tl_root_start_date</li>  <li>is_cna_discussion_list</li>  </ul>",
+        "description": "  <h2>Access Control</h2>  <p>User must belong to an organization with the <b>Secretariat</b> role temporarily.</p>  <p>In the future, only the organization's admin will be able to request changes to its information.</p>  <p>With Joint Approval required for the following fields:</p>  <h2>Expected Behavior</h2>  <b>This endpoint expects a full organization object in the request body.</b>  <p><b>Secretariat:</b> Updates any organization's information</p>  <p><b>Organization Admin:</b> Requests changes to its organization's information</p>  <ul>  <li>short_name</li>  <li>long_name</li>  <li>authority</li>  <li>aliases</li>  <li>oversees</li>  <li>top_level_root</li>  <li>charter_or_scope</li>  <li>product_list</li>  <li>disclosure_policy</li>  <li>contact_info.websites</li>  <li>contact_info.emails</li>  <li>contact_info.phone</li>  <li>partner_role_type</li>  <li>partner_country</li>  <li>advisory_locations</li>  <li>advisory_location_require_credentials</li>  <li>vulnerability_advisory_location_for_web_scraping</li>  <li>industry</li>  <li>tl_root_start_date</li>  <li>is_cna_discussion_list</li>  </ul>",
         "operationId": "orgUpdateSingle",
         "parameters": [
           {
@@ -2710,7 +2710,7 @@
               "example": {
                 "short_name": "fake_company",
                 "long_name": "Fake Company",
-                "hard_quota": 1000,
+                "id_quota": 1000,
                 "authority": [
                   "CNA"
                 ]
@@ -3608,6 +3608,13 @@
             },
             "description": "The shortname of the organization"
           },
+          {
+            "name": "registry",
+            "in": "query",
+            "schema": {
+              "type": "string"
+            }
+          },
           {
             "$ref": "#/components/parameters/id_quota"
           },

schemas/registry-org/BaseOrg.json

@@ -106,18 +106,12 @@
         "$ref": "#/definitions/uuidType"
       }
     },
-    "hard_quota": {
+    "id_quota": {
       "description": "The maximum number of CVE IDs this organization can reserve.",
       "type": "integer",
       "minimum": 0,
       "maximum": 100000
     },
-    "soft_quota": {
-      "description": "The threshold for notifying the organization about their remaining CVE ID count.",
-      "type": "integer",
-      "minimum": 0,
-      "maximum": 100000
-    },
     "private_contacts": {
       "type": "array",
       "items": {

schemas/registry-org/CNAOrg.json

@@ -84,12 +84,7 @@
         }
       }
     },
-    "hard_quota": {
-      "type": "integer",
-      "minimum": 0,
-      "maximum": 100000
-    },
-    "soft_quota": {
+    "id_quota": {
       "type": "integer",
       "minimum": 0,
       "maximum": 100000
@@ -147,6 +142,6 @@
   },
   "required": [
     "short_name",
-    "hard_quota"
+    "id_quota"
   ]
 }

schemas/registry-org/SecretariatOrg.json

@@ -18,16 +18,12 @@
             "$ref": "/BaseOrg#/definitions/uuidType"
           }
         },
-        "hard_quota": {
-          "type": "integer",
-          "minimum": 0
-        },
-        "soft_quota": {
+        "id_quota": {
           "type": "integer",
           "minimum": 0
         }
       },
-      "required": ["hard_quota"]
+      "required": ["id_quota"]
     }
   ]
 }

schemas/registry-org/create-registry-org-response.json

@@ -96,13 +96,9 @@
           "type": "string",
           "description": "List of products associated with the organization"
         },
-        "soft_quota": {
+        "id_quota": {
           "type": "integer",
-          "description": "Soft quota for CVE IDs"
-        },
-        "hard_quota": {
-          "type": "integer",
-          "description": "Hard quota for CVE IDs"
+          "description": "ID quota for CVE IDs"
         },
         "private_contacts": {
           "type": "array",

schemas/registry-org/get-registry-org-quota-response.json

@@ -2,7 +2,7 @@
   "$schema": "http://json-schema.org/draft-07/schema#",
   "type": "object",
   "properties": {
-    "hard_quota": {
+    "id_quota": {
       "type": "integer",
       "format": "int32",
       "description": "The number of CVE IDs the organization is allowed to have in the RESERVED state at one time."

schemas/registry-org/get-registry-org-response.json

@@ -193,13 +193,9 @@
       "format": "date-time",
       "description": "Timestamp of the last update to the organization data"
     },
-    "hard_quota": {
+    "id_quota": {
       "type": "integer",
-      "description": "Hard quota for CVE IDs"
-    },
-    "soft_quota": {
-      "type": "integer",
-      "description": "Soft quota for CVE IDs"
+      "description": "ID quota for CVE IDs"
     },
     "charter_or_scope": {
       "type": "string",

schemas/registry-org/list-registry-orgs-response.json

@@ -222,13 +222,9 @@
             "format": "date-time",
             "description": "Timestamp of the last update to the organization data"
           },
-          "hard_quota": {
+          "id_quota": {
             "type": "integer",
-            "description": "Hard quota for CVE IDs"
-          },
-          "soft_quota": {
-            "type": "integer",
-            "description": "Soft quota for CVE IDs"
+            "description": "ID quota for CVE IDs"
           },
           "charter_or_scope": {
             "type": "string",

schemas/registry-org/update-registry-org-response.json

@@ -85,13 +85,9 @@
           "type": "string",
           "description": "List of products associated with the organization"
         },
-        "soft_quota": {
+        "id_quota": {
           "type": "integer",
-          "description": "Soft quota for CVE IDs"
-        },
-        "hard_quota": {
-          "type": "integer",
-          "description": "Hard quota for CVE IDs"
+          "description": "ID quota for CVE IDs"
         },
         "private_contacts": {
           "type": "array",

src/constants/index.js

@@ -44,7 +44,7 @@ function getConstants () {
     USER_ROLES: [
       'ADMIN'
     ],
-    JOINT_APPROVAL_FIELDS: ['short_name', 'long_name', 'authority', 'aliases', 'oversees', 'top_level_root', 'charter_or_scope', 'product_list', 'disclosure_policy', 'partner_role_type', 'partner_number', 'program_data.cve_website_update_date', 'program_data.cve_website_update_needed', 'program_data.status', 'advisory_locations', 'advisory_location_require_credentials', 'vulnerability_advisory_location_for_web_scraping', 'tl_root_start_date', 'is_cna_discussion_list', 'hard_quota'],
+    JOINT_APPROVAL_FIELDS: ['short_name', 'long_name', 'authority', 'aliases', 'oversees', 'top_level_root', 'charter_or_scope', 'product_list', 'disclosure_policy', 'partner_role_type', 'partner_number', 'program_data.cve_website_update_date', 'program_data.cve_website_update_needed', 'program_data.status', 'advisory_locations', 'advisory_location_require_credentials', 'vulnerability_advisory_location_for_web_scraping', 'tl_root_start_date', 'is_cna_discussion_list', 'id_quota'],
     JOINT_APPROVAL_FIELDS_LEGACY: ['short_name', 'name', 'authority.active_roles', 'policies.id_quota'],
     ORG_EXCLUDED_FIELDS: ['__t', '__v', '_id', 'inUse', 'in_use'],
     ORG_RESTRICTED_FIELDS: ['program_data'],