Simplify CVSS code in a more object-oriented manner

addons/cvss.typ

@@ -4,50 +4,32 @@
 #let isUsed = state("isUsed", false)
 
 // Statistics, used e.g. for the management summary
-#let riskCategoryStats = (
-  Critical: state("riskCriticalStat", 0),
-  High: state("riskHighStat", 0),
-  Medium: state("riskMediumStat", 0),
-  Low: state("riskLowStat", 0),
-  None: state("riskInformativeStat", 0),
-  Other: state("riskOtherStat", 0)
+#let riskCategories = (
+  "CRITICAL": (color: red, title: "Critical", state: state("riskCriticalStat", 0)),
+  "HIGH": (color: orange, title: "High", state: state("riskHighStat", 0)),
+  "MEDIUM": (color: yellow, title: "Medium", state: state("riskMediumStat", 0)),
+  "LOW": (color: lime, title: "Low", state: state("riskLowStat", 0)),
+  "NONE": (color: white, title: "None", state: state("riskInformativeStat", 0)),
+  "OTHER": (color: gray, title: "Other", state: state("riskOtherStat", 0))
 )
 
 // Function to update the statistics
 #let updateRiskCategoryStats(status) = {
+  status = upper(status)
+  // check argument
+  panicOnInvalid(status, riskCategories.keys())
+
   // Update status
-  if status == "Critical" {
-    context(riskCategoryStats.Critical.update(v => v + 1))
-  } else if status == "High" {
-    context(riskCategoryStats.High.update(v => v + 1))
-  } else if status == "Medium" {
-    context(riskCategoryStats.Medium.update(v => v + 1))
-  } else if status == "Low" {
-    context(riskCategoryStats.Low.update(v => v + 1))
-  } else if status == "None" {
-    context(riskCategoryStats.None.update(v => v + 1))
-  } else if status == "Other" {
-    context(riskCategoryStats.Other.update(v => v + 1))
-  } else {
-    panic("Unknown state: " + status)
-  }
+  context(riskCategories.at(status).state.update(v => v + 1))
 }
 
 // Return the table cell formatted according to its content - for the CVSS result
-#let colorize(str) = {
-  if str == "Critical" {
-    table.cell(str, fill: red, align: center)
-  } else if str == "High" {
-    table.cell(str, fill: orange, align: center)
-  } else if str == "Medium" {
-    table.cell(str, fill: yellow, align: center)
-  } else if str == "Low" {
-    table.cell(str, fill: lime, align: center)
-  } else if str == "None" {
-    table.cell(str, fill: white, align: center)
-  } else {
-    panic("Unknown CVSS state: " + str)
-  }
+#let coloredCell(status) = {
+  status = upper(status)
+  // check argument
+  panicOnInvalid(status, riskCategories.keys())
+
+  table.cell(riskCategories.at(status).title, fill: riskCategories.at(status).color, align: center)
 }
 
 // Create a small CIA table to be included for every finding
@@ -75,15 +57,15 @@
 
   let status = "?"
   if baseScore >= 9.0 {
-    status = "Critical"
+    status = "CRITICAL"
   } else if baseScore >= 7.0 {
-    status = "High"
+    status = "HIGH"
   } else if baseScore >= 4.0 {
-    status = "Medium"
+    status = "MEDIUM"
   } else if baseScore >= 0.1 {
-    status = "Low"
+    status = "LOW"
   } else {
-    status = "None"
+    status = "NONE"
   }
 
   block(
@@ -98,7 +80,7 @@
           table.cell(colspan: 3)[*Impact Metrics*],
           table.cell(rowspan: 2, align: bottom)[*#sym.sum*],
           [*AV*], [*AC*], [*PR*], [*UI*], [*S*], [*C*], [*I*], [*A*],
-          attackVector, attackComplexity, privilegesRequired, userInteraction, scope, cia.colorize(confidentiality), cia.colorize(integrity), cia.colorize(availability), colorize(status),
+          attackVector, attackComplexity, privilegesRequired, userInteraction, scope, cia.colorize(confidentiality), cia.colorize(integrity), cia.colorize(availability), coloredCell(status),
         )
       )
       #align(right)[