Don't use Q object for bulk vulnerability api

sbs2001 · sbs2001 · commit fbff4f60d3c1 · 2020-12-24T15:40:52.000+05:30
Signed-off-by: Shivam Sandbhor &lt;shivam.sandbhor@gmail.com&gt;
diff --git a/vulnerabilities/api.py b/vulnerabilities/api.py
@@ -171,16 +171,15 @@ class VulnerabilityViewSet(viewsets.ReadOnlyModelViewSet):
     # TODO: Find a good name for this endpoint
     @action(detail=False, methods=["post"])
     def fetch(self, request):
-        filter_list = Q()
+        filter_list = []
         response = {}
         # TODO: Do some validation here of request body
         for cve_id in request.data["vulnerabilities"]:
-            filter_list |= Q(cve_id=cve_id)
-
+            filter_list.append(cve_id)
             # This handles the case when the said cve doesnt exist in db
             response[cve_id] = {}
 
-        res = Vulnerability.objects.filter(filter_list)
+        res = Vulnerability.objects.filter(cve_id__in=[cve_id])
         for vuln in res:
             response[vuln.cve_id] = VulnerabilitySerializer(vuln, context={"request": request}).data
 
