{-# LANGUAGE DeriveGeneric #-}
{-# LANGUAGE DuplicateRecordFields #-}
{-# LANGUAGE NamedFieldPuns #-}
{-# LANGUAGE OverloadedStrings #-}
{-# LANGUAGE RecordWildCards #-}
{-# LANGUAGE StrictData #-}
{-# LANGUAGE NoImplicitPrelude #-}
{-# OPTIONS_GHC -fno-warn-unused-imports #-}
{-# OPTIONS_GHC -fno-warn-unused-matches #-}

-- Derived from AWS service descriptions, licensed under Apache 2.0.

-- |
-- Module      : Amazonka.SecurityHub.Types.Vulnerability
-- Copyright   : (c) 2013-2023 Brendan Hay
-- License     : Mozilla Public License, v. 2.0.
-- Maintainer  : Brendan Hay
-- Stability   : auto-generated
-- Portability : non-portable (GHC extensions)
module Amazonka.SecurityHub.Types.Vulnerability where

import qualified Amazonka.Core as Core
import qualified Amazonka.Core.Lens.Internal as Lens
import qualified Amazonka.Data as Data
import qualified Amazonka.Prelude as Prelude
import Amazonka.SecurityHub.Types.Cvss
import Amazonka.SecurityHub.Types.SoftwarePackage
import Amazonka.SecurityHub.Types.VulnerabilityFixAvailable
import Amazonka.SecurityHub.Types.VulnerabilityVendor

-- | A vulnerability associated with a finding.
--
-- /See:/ 'newVulnerability' smart constructor.
data Vulnerability = Vulnerability'
  { -- | CVSS scores from the advisory related to the vulnerability.
    cvss :: Prelude.Maybe [Cvss],
    -- | Specifies if all vulnerable packages in a finding have a value for
    -- @FixedInVersion@ and @Remediation@. This field is evaluated for each
    -- vulnerability @Id@ based on the number of vulnerable packages that have
    -- a value for both @FixedInVersion@ and @Remediation@. Valid values are as
    -- follows:
    --
    -- -   @YES@ if all vulnerable packages have a value for both
    --     @FixedInVersion@ and @Remediation@
    --
    -- -   @NO@ if no vulnerable packages have a value for @FixedInVersion@ and
    --     @Remediation@
    --
    -- -   @PARTIAL@ otherwise
    fixAvailable :: Prelude.Maybe VulnerabilityFixAvailable,
    -- | A list of URLs that provide additional information about the
    -- vulnerability.
    referenceUrls :: Prelude.Maybe [Prelude.Text],
    -- | List of vulnerabilities that are related to this vulnerability.
    relatedVulnerabilities :: Prelude.Maybe [Prelude.Text],
    -- | Information about the vendor that generates the vulnerability report.
    vendor :: Prelude.Maybe VulnerabilityVendor,
    -- | List of software packages that have the vulnerability.
    vulnerablePackages :: Prelude.Maybe [SoftwarePackage],
    -- | The identifier of the vulnerability.
    id :: Prelude.Text
  }
  deriving (Prelude.Eq, Prelude.Read, Prelude.Show, Prelude.Generic)

-- |
-- Create a value of 'Vulnerability' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'cvss', 'vulnerability_cvss' - CVSS scores from the advisory related to the vulnerability.
--
-- 'fixAvailable', 'vulnerability_fixAvailable' - Specifies if all vulnerable packages in a finding have a value for
-- @FixedInVersion@ and @Remediation@. This field is evaluated for each
-- vulnerability @Id@ based on the number of vulnerable packages that have
-- a value for both @FixedInVersion@ and @Remediation@. Valid values are as
-- follows:
--
-- -   @YES@ if all vulnerable packages have a value for both
--     @FixedInVersion@ and @Remediation@
--
-- -   @NO@ if no vulnerable packages have a value for @FixedInVersion@ and
--     @Remediation@
--
-- -   @PARTIAL@ otherwise
--
-- 'referenceUrls', 'vulnerability_referenceUrls' - A list of URLs that provide additional information about the
-- vulnerability.
--
-- 'relatedVulnerabilities', 'vulnerability_relatedVulnerabilities' - List of vulnerabilities that are related to this vulnerability.
--
-- 'vendor', 'vulnerability_vendor' - Information about the vendor that generates the vulnerability report.
--
-- 'vulnerablePackages', 'vulnerability_vulnerablePackages' - List of software packages that have the vulnerability.
--
-- 'id', 'vulnerability_id' - The identifier of the vulnerability.
newVulnerability ::
  -- | 'id'
  Prelude.Text ->
  Vulnerability
newVulnerability pId_ =
  Vulnerability'
    { cvss = Prelude.Nothing,
      fixAvailable = Prelude.Nothing,
      referenceUrls = Prelude.Nothing,
      relatedVulnerabilities = Prelude.Nothing,
      vendor = Prelude.Nothing,
      vulnerablePackages = Prelude.Nothing,
      id = pId_
    }

-- | CVSS scores from the advisory related to the vulnerability.
vulnerability_cvss :: Lens.Lens' Vulnerability (Prelude.Maybe [Cvss])
vulnerability_cvss = Lens.lens (\Vulnerability' {cvss} -> cvss) (\s@Vulnerability' {} a -> s {cvss = a} :: Vulnerability) Prelude.. Lens.mapping Lens.coerced

-- | Specifies if all vulnerable packages in a finding have a value for
-- @FixedInVersion@ and @Remediation@. This field is evaluated for each
-- vulnerability @Id@ based on the number of vulnerable packages that have
-- a value for both @FixedInVersion@ and @Remediation@. Valid values are as
-- follows:
--
-- -   @YES@ if all vulnerable packages have a value for both
--     @FixedInVersion@ and @Remediation@
--
-- -   @NO@ if no vulnerable packages have a value for @FixedInVersion@ and
--     @Remediation@
--
-- -   @PARTIAL@ otherwise
vulnerability_fixAvailable :: Lens.Lens' Vulnerability (Prelude.Maybe VulnerabilityFixAvailable)
vulnerability_fixAvailable = Lens.lens (\Vulnerability' {fixAvailable} -> fixAvailable) (\s@Vulnerability' {} a -> s {fixAvailable = a} :: Vulnerability)

-- | A list of URLs that provide additional information about the
-- vulnerability.
vulnerability_referenceUrls :: Lens.Lens' Vulnerability (Prelude.Maybe [Prelude.Text])
vulnerability_referenceUrls = Lens.lens (\Vulnerability' {referenceUrls} -> referenceUrls) (\s@Vulnerability' {} a -> s {referenceUrls = a} :: Vulnerability) Prelude.. Lens.mapping Lens.coerced

-- | List of vulnerabilities that are related to this vulnerability.
vulnerability_relatedVulnerabilities :: Lens.Lens' Vulnerability (Prelude.Maybe [Prelude.Text])
vulnerability_relatedVulnerabilities = Lens.lens (\Vulnerability' {relatedVulnerabilities} -> relatedVulnerabilities) (\s@Vulnerability' {} a -> s {relatedVulnerabilities = a} :: Vulnerability) Prelude.. Lens.mapping Lens.coerced

-- | Information about the vendor that generates the vulnerability report.
vulnerability_vendor :: Lens.Lens' Vulnerability (Prelude.Maybe VulnerabilityVendor)
vulnerability_vendor = Lens.lens (\Vulnerability' {vendor} -> vendor) (\s@Vulnerability' {} a -> s {vendor = a} :: Vulnerability)

-- | List of software packages that have the vulnerability.
vulnerability_vulnerablePackages :: Lens.Lens' Vulnerability (Prelude.Maybe [SoftwarePackage])
vulnerability_vulnerablePackages = Lens.lens (\Vulnerability' {vulnerablePackages} -> vulnerablePackages) (\s@Vulnerability' {} a -> s {vulnerablePackages = a} :: Vulnerability) Prelude.. Lens.mapping Lens.coerced

-- | The identifier of the vulnerability.
vulnerability_id :: Lens.Lens' Vulnerability Prelude.Text
vulnerability_id = Lens.lens (\Vulnerability' {id} -> id) (\s@Vulnerability' {} a -> s {id = a} :: Vulnerability)

instance Data.FromJSON Vulnerability where
  parseJSON =
    Data.withObject
      "Vulnerability"
      ( \x ->
          Vulnerability'
            Prelude.<$> (x Data..:? "Cvss" Data..!= Prelude.mempty)
            Prelude.<*> (x Data..:? "FixAvailable")
            Prelude.<*> (x Data..:? "ReferenceUrls" Data..!= Prelude.mempty)
            Prelude.<*> ( x
                            Data..:? "RelatedVulnerabilities"
                            Data..!= Prelude.mempty
                        )
            Prelude.<*> (x Data..:? "Vendor")
            Prelude.<*> ( x
                            Data..:? "VulnerablePackages"
                            Data..!= Prelude.mempty
                        )
            Prelude.<*> (x Data..: "Id")
      )

instance Prelude.Hashable Vulnerability where
  hashWithSalt _salt Vulnerability' {..} =
    _salt
      `Prelude.hashWithSalt` cvss
      `Prelude.hashWithSalt` fixAvailable
      `Prelude.hashWithSalt` referenceUrls
      `Prelude.hashWithSalt` relatedVulnerabilities
      `Prelude.hashWithSalt` vendor
      `Prelude.hashWithSalt` vulnerablePackages
      `Prelude.hashWithSalt` id

instance Prelude.NFData Vulnerability where
  rnf Vulnerability' {..} =
    Prelude.rnf cvss
      `Prelude.seq` Prelude.rnf fixAvailable
      `Prelude.seq` Prelude.rnf referenceUrls
      `Prelude.seq` Prelude.rnf relatedVulnerabilities
      `Prelude.seq` Prelude.rnf vendor
      `Prelude.seq` Prelude.rnf vulnerablePackages
      `Prelude.seq` Prelude.rnf id

instance Data.ToJSON Vulnerability where
  toJSON Vulnerability' {..} =
    Data.object
      ( Prelude.catMaybes
          [ ("Cvss" Data..=) Prelude.<$> cvss,
            ("FixAvailable" Data..=) Prelude.<$> fixAvailable,
            ("ReferenceUrls" Data..=) Prelude.<$> referenceUrls,
            ("RelatedVulnerabilities" Data..=)
              Prelude.<$> relatedVulnerabilities,
            ("Vendor" Data..=) Prelude.<$> vendor,
            ("VulnerablePackages" Data..=)
              Prelude.<$> vulnerablePackages,
            Prelude.Just ("Id" Data..= id)
          ]
      )