def process_submission(form):
try:
cves = []
for cve in form.cves.data.split(','):
cves.append(cve.strip())
group = form.group.data
coordinates = CoordinateDict({
coord: form._fields.get('%s_%s' % (group, coord)).data.strip()
for coord in SUBMISSION_GROUPS.get(group, [])
})
files = upload(group, request.files.get('archive', None), coordinates)
for (ondisk, filename, suffix) in files:
submit(
login.current_user.username, ondisk, group, filename, suffix,
cves, coordinates=coordinates
)
current_app.config['INDEX_REFRESH_FLAG'] = True
flash('Archive Submitted for processing', 'info')
except ValueError, ve:
flash(escape(ve.message), 'error')
def cves(group):
"""
Get cves that match the given coordinates for the specified group.
Expectes coordinates as arguments.
:Parameters:
- `group`: The group for which to search in
"""
try:
validkeys = CoordinateDict().validkeys
kwargs = {
'coordinates__%s' % (coord): request.args.get(coord).strip()
for coord in SUBMISSION_GROUPS.get(group)
if coord in request.args and coord in validkeys
}
if len(kwargs) == 0:
raise ValueError('No coordinates given')
kwargs['group'] = group
fields = ['cves', 'coordinates']
cves = Hash.objects.only(*fields).filter(**kwargs)
return stream_items(cves, fields)
except ValueError as ve:
return error(ve.message)
except Exception as e:
current_app.logger.debug(e.message)
return error()
def submit_archive(group):
"""
Allows for authenticated users to submit archives
"""
user = '******' % api_request_user()
try:
if group not in groups():
raise ValueError('Invalid group specified')
if 'cves' not in request.args:
raise ValueError('CVE(s) required')
cves = [cve.strip() for cve in request.args['cves'].split(',')]
coordinates = CoordinateDict({
coord: request.args.get(coord).strip()
for coord in SUBMISSION_GROUPS.get(group)
if coord in request.args
})
files = upload(group, request.files.get('archive', None), coordinates)
for (ondisk, filename, suffix) in files:
submit(
user, ondisk, group, filename, suffix, cves,
coordinates=coordinates
)
return success()
except ValueError as ve:
current_app.logger.info('Invalid submission by %s: %s' %
(user, ve.message))
return error(ve.message)
except Exception as e:
current_app.logger.info(e.message)
return error()
def process_submission(form, group=None):
try:
cves = []
for cve in form.cves.data.split(','):
cves.append(cve.strip())
if group is None:
group = form.group.data
coordinates = CoordinateDict({
coord: form._fields.get('%s' % coord).data.strip()
for coord in SUBMISSION_GROUPS.get(group, [])
})
# remove any empty values
coordinates = dict(
(k, v)
for k, v in coordinates.iteritems()
if v is not None and len(v) > 0
)
# if no coordinates given, make None
if len(coordinates) == 0:
coordinates = None
files = upload(group, request.files.get('archive', None), coordinates)
for (ondisk, filename, suffix) in files:
submit(
login.current_user.username, ondisk, group, filename, suffix,
cves, coordinates=coordinates
)
current_app.config['INDEX_REFRESH_FLAG'] = True
flash('Archive Submitted for processing', 'info')
except ValueError, ve:
flash(escape(ve.message), 'error')
