def main_api():
commit_hash = request.args.get('commit_hash', 0, type=str)
item_hash = request.args.get('item_hash', 0, type=str)
item_path = request.args.get('item_path', None, type=str)
commit_link = request.args.get('commit_link', '', type=str)
repo_url = request.args.get('repo_url', '', type=str)
if 'github.com' in commit_link:
resource_url = commit_link
else:
resource_url = repo_url or commit_link
vcs_handler = get_vcs_handler(app, resource_url)
if not vcs_handler:
return create_json_response('Please provide a valid resource URL.', 400)
#try:
# Return a specific file's content if requested instead.
if item_hash:
content = vcs_handler.getFileContent(item_hash, item_path)
if not content:
err = 'Could not retrieve object with hash {}.'.format(item_hash)
logging.error(err)
return create_json_response(str(err), 400)
logging.info('Retrieved %s: %d bytes', item_hash, len(content))
return content
return vcs_handler.fetchCommitData(commit_hash)
def main_api():
commit_hash = request.args.get("commit_hash", 0, type=str)
item_hash = request.args.get("item_hash", 0, type=str)
item_path = request.args.get("item_path", None, type=str)
commit_link = request.args.get("commit_link", "", type=str)
repo_url = request.args.get("repo_url", "", type=str)
if "github.com" in commit_link:
resource_url = commit_link
else:
resource_url = repo_url or commit_link
vcs_handler = get_vcs_handler(app, resource_url)
if not vcs_handler:
return create_json_response("Please provide a valid resource URL.", 400)
# try:
# Return a specific file's content if requested instead.
if item_hash:
content = vcs_handler.get_file_content(item_hash, item_path)
if not content:
err = f"Could not retrieve object with hash {item_hash}."
logging.error(err)
return create_json_response(str(err), 400)
logging.info("Retrieved %s: %d bytes", item_hash, len(content))
return content
return vcs_handler.fetch_commit_data(commit_hash)
def annotation_data(vcdb_id):
vulnerability_details = get_vulnerability_details(vcdb_id)
vulnerability_details.validate_and_simplify_id()
view = vulnerability_details.vulnerability_view
master_commit = view.master_commit
if not master_commit:
logging.error("Vuln (id: %r) has no linked Git commits!", view.id)
return create_json_response("Entry has no linked Git link!", 404)
master_commit = vulnerability_details.get_master_commit()
files_schema = RepositoryFilesSchema(many=True)
return files_schema.jsonify(master_commit.repository_files)
def annotation_data(vuln_id):
vulnerability_details = _get_vulnerability_details(vuln_id)
vulnerability_details.validate()
vuln_view = vulnerability_details.vulnerability_view
master_commit = vuln_view.master_commit
if not master_commit:
logging.error(f"Vuln (id: {vuln_view.id}) has no linked Git commits!")
return create_json_response("Entry has no linked Git link!", 404)
master_commit = vulnerability_details.getMasterCommit()
files_schema = RepositoryFilesSchema(many=True)
return files_schema.jsonify(master_commit.repository_files)
def bug_save_editor_data():
try:
vulnerability_details = VulnerabilityDetails()
vulnerability_details.validate()
except InvalidIdentifierException as e:
return create_json_response(str(e), 400)
vuln_view = vulnerability_details.vulnerability_view
if request.method == "POST":
if not vuln_view:
return create_json_response("Please create an entry first", 404)
if not vuln_view.master_commit:
current_app.logger.error(
f"Vuln (id: {vuln_view.id}) has no linked Git commits!")
return create_json_response("Entry has no linked Git link!", 404)
master_commit = vulnerability_details.getMasterCommit()
# print("DATA: {request.json}"
old_files = master_commit.repository_files
current_app.logger.debug("%d old files", len(old_files))
# Flush any old custom content of this vulnerability first.
new_files = []
for file in request.get_json():
for of in old_files:
if of.file_path == file["path"] or of.file_hash == file["hash"]:
current_app.logger.debug(
"Found old file: %s",
(file["path"], file["hash"], file["name"]))
file_obj = of
break
else:
current_app.logger.debug(
"Creating new file: %s",
(file["path"], file["hash"], file["name"]))
file_obj = RepositoryFiles(
file_name=file["name"],
file_path=file["path"],
file_patch="DEPRECATED",
file_hash=file["hash"],
)
# Create comment objects.
new_comments = []
for comment in file["comments"]:
comment_obj = RepositoryFileComments(
row_from=comment["row_from"],
row_to=comment["row_to"],
text=comment["text"],
sort_pos=comment["sort_pos"],
creator=g.user,
)
new_comments.append(comment_obj)
update_file_comments(file_obj, new_comments)
# Create marker objects.
new_markers = []
for marker in file["markers"]:
marker_obj = RepositoryFileMarkers(
row_from=marker["row_from"],
row_to=marker["row_to"],
column_from=marker["column_from"],
column_to=marker["column_to"],
marker_class=marker["class"],
creator=g.user,
)
new_markers.append(marker_obj)
update_file_markers(file_obj, new_markers)
new_files.append(file_obj)
current_app.logger.debug("Setting %d files", len(new_files))
master_commit.repository_files = new_files
# Update / Insert entries into the database.
db.session.commit()
return create_json_response("Update successful.")
return create_json_response("Accepting only POST requests.", 400)
def bug_save_editor_data():
try:
vulnerability_details = VulnerabilityDetails()
vulnerability_details.validate()
except InvalidIdentifierException as e:
return create_json_response(str(e), 400)
vuln_view = vulnerability_details.vulnerability_view
if request.method == 'POST':
if not vuln_view:
return create_json_response('Please create an entry first', 404)
if not vuln_view.master_commit:
current_app.logger.error(
'Vuln (id: {:d}) has no linked Git commits!'.format(
vuln_view.id))
return create_json_response('Entry has no linked Git link!', 404)
master_commit = vulnerability_details.getMasterCommit()
#print("DATA: {:s}".format(str(request.json)))
old_files = master_commit.repository_files
current_app.logger.debug('%d old files', len(old_files))
# Flush any old custom content of this vulnerability first.
new_files = []
for file in request.get_json():
for of in old_files:
if of.file_path == file['path'] or of.file_hash == file['hash']:
current_app.logger.debug(
'Found old file: %s',
(file['path'], file['hash'], file['name']))
file_obj = of
break
else:
current_app.logger.debug(
'Creating new file: %s',
(file['path'], file['hash'], file['name']))
file_obj = RepositoryFiles(
file_name=file['name'],
file_path=file['path'],
file_patch='DEPRECATED',
file_hash=file['hash'],
)
# Create comment objects.
new_comments = []
for comment in file['comments']:
comment_obj = RepositoryFileComments(
row_from=comment['row_from'],
row_to=comment['row_to'],
text=comment['text'],
sort_pos=comment['sort_pos'],
creator=g.user,
)
new_comments.append(comment_obj)
update_file_comments(file_obj, new_comments)
# Create marker objects.
new_markers = []
for marker in file['markers']:
marker_obj = RepositoryFileMarkers(
row_from=marker['row_from'],
row_to=marker['row_to'],
column_from=marker['column_from'],
column_to=marker['column_to'],
marker_class=marker['class'],
creator=g.user,
)
new_markers.append(marker_obj)
update_file_markers(file_obj, new_markers)
new_files.append(file_obj)
current_app.logger.debug('Setting %d files', len(new_files))
master_commit.repository_files = new_files
# Update / Insert entries into the database.
db.session.commit()
return create_json_response('Update successful.')
return create_json_response('Accepting only POST requests.', 400)
