code review 2

Author: Hubtrick-Git

cmd/devguard/api/api.go

@@ -683,6 +683,7 @@ func BuildRouter(db core.DB) *echo.Echo {
 	licenseRiskRouter.POST("/:licenseRiskID/", licenseRiskController.CreateEvent, neededScope([]string{"manage"}), projectScopedRBAC(core.ObjectAsset, core.ActionUpdate))
 	licenseRiskRouter.POST("/:licenseRiskID/mitigate", licenseRiskController.Mitigate, neededScope([]string{"manage"}), projectScopedRBAC(core.ObjectAsset, core.ActionUpdate))
 	licenseRiskRouter.POST("/:licenseRiskID/finalLicenseDecision", licenseRiskController.MakeFinalLicenseDecision, neededScope([]string{"manage"}), projectScopedRBAC(core.ObjectAsset, core.ActionUpdate))
+
 	routes := server.Routes()
 	sort.Slice(routes, func(i, j int) bool {
 		return routes[i].Path < routes[j].Path

internal/database/models/license_risk_model.go

@@ -22,7 +22,7 @@ func (licenseRisk LicenseRisk) GetType() VulnType {
 }
 
 func (licenseRisk *LicenseRisk) CalculateHash() string {
-	// we should only use static information for the hash thats why the final license decision is not included
+	// we should only use static and unique information for the hash ( maybe we need to add scanner IDs, see pull request)
 	hash := utils.HashString(fmt.Sprintf("%s/%s/%s", licenseRisk.ComponentPurl, licenseRisk.AssetVersionName, licenseRisk.AssetID))
 	return hash
 }

internal/database/repositories/license_risk_repository.go

@@ -39,7 +39,7 @@ func (repository *LicenseRiskRepository) GetAllLicenseRisksForAssetVersionPaged(
 		q = q.Where(f.SQL(), f.Value())
 	}
 	if search != "" && len(search) > 2 {
-		q = q.Where("license_risks.license_id ILIKE ? OR license_risks.component_purl ILIKE ? OR license_risks.scanner_ids ILIKE ?", "%"+search+"%", "%"+search+"%", "%"+search+"%")
+		q = q.Where("license_risks.final_license_decision ILIKE ? OR license_risks.component_purl ILIKE ? OR license_risks.scanner_ids ILIKE ?", "%"+search+"%", "%"+search+"%", "%"+search+"%")
 	}
 
 	err := q.Count(&count).Error