def notice_table_list(request):
user = request.user
resultdict={}
page = request.POST.get('page')
rows = request.POST.get('limit')
notice_type=request.POST.get('notice_type')
if not notice_type:
notice_type = ''
notice_status=request.POST.get('notice_status')
if not notice_status:
notice_status = ['True','False']
else:
notice_status = [notice_status]
notice_list = models.Notice.objects.filter(notice_user = user,notice_status__in = notice_status,notice_type__icontains=notice_type).order_by('-notice_time')
total = notice_list.count()
notice_list = paging(notice_list,rows,page)
data = []
for notice in notice_list:
dic={}
dic['id'] =escape( notice.id)
dic['notice_title'] =escape( notice.notice_title)
dic['notice_body'] =escape( notice.notice_body)
if notice.notice_status:
dic['notice_status'] =escape( '已读')
else:
dic['notice_status'] =escape( '未读')
dic['notice_time'] =escape( notice.notice_time)
data.append(dic)
resultdict['code']=0
resultdict['msg']="用户申请列表"
resultdict['count']=total
resultdict['data']=data
return JsonResponse(resultdict)
def taskrequesttablelist(request):
user = request.user
resultdict = {}
page = request.POST.get('page')
rows = request.POST.get('limit')
if user.is_superuser:
task_list = models.Task.objects.filter(
task_status=0).order_by('task_starttime')
total = task_list.count()
task_list = paging(task_list, rows, page)
data = []
for item in task_list:
dic = dict()
dic['task_id'] = escape(item.task_id)
dic['task_name'] = escape(item.task_name)
dic['task_type'] = escape(item.task_type)
dic['task_target'] = escape(item.task_target)
dic['task_starttime'] = escape(item.task_starttime)
dic['task_scanner'] = escape(item.task_scanner.scanner_name)
dic['task_user'] = escape(item.task_user.email)
data.append(dic)
resultdict['code'] = 0
resultdict['msg'] = "任务列表"
resultdict['count'] = total
resultdict['data'] = data
return JsonResponse(resultdict)
def asset_vuln(request, asset_id):
user = request.user
resultdict = {}
page = request.GET.get('page')
rows = request.GET.get('limit')
if user.is_superuser:
asset = get_object_or_404(models.Asset, asset_id=asset_id)
else:
asset = get_object_or_404(models.Asset,
asset_user=user,
asset_id=asset_id)
vuln_list = asset.vuln_for_asset.all().order_by('-fix_status', '-leave')
total = vuln_list.count()
vuln_list = paging(vuln_list, rows, page)
data = []
for vuln in vuln_list:
dic = {}
dic['vuln_id'] = escape(vuln.vuln_id)
dic['cve_name'] = escape(vuln.cve_name)
dic['vuln_name'] = escape(vuln.vuln_name)
dic['vuln_type'] = escape(vuln.vuln_type)
dic['leave'] = escape(VULN_LEAVE[vuln.leave])
dic['fix_status'] = escape(VULN_STATUS[vuln.fix_status])
dic['update_data'] = escape(vuln.update_data)
dic['asset'] = escape(vuln.vuln_asset.asset_key)
dic['asset_id'] = escape(vuln.vuln_asset.asset_id)
data.append(dic)
resultdict['code'] = 0
resultdict['msg'] = "端口列表"
resultdict['count'] = total
resultdict['data'] = data
return JsonResponse(resultdict)
def cnvdvulntablelist(request):
resultdict = {}
page = request.POST.get('page')
rows = request.POST.get('limit')
name = request.POST.get('name')
if not name:
name = ''
leave = request.POST.get('leave')
if not leave:
leave = ''
vuln_list = models.Vulnerability.objects.filter(
Q(cve_id__icontains=name) | Q(cnvd_id__icontains=name)
| Q(cve_name__icontains=name)).filter(
leave__icontains=leave).order_by('-update_data')
total = vuln_list.count()
vuln_list = paging(vuln_list, rows, page)
data = []
for vuln_item in vuln_list:
dic = {}
dic['id'] = escape(vuln_item.id)
dic['cve_id'] = escape(vuln_item.cve_id)
dic['cnvd_id'] = escape(vuln_item.cnvd_id)
dic['cve_name'] = escape(vuln_item.cve_name)
dic['leave'] = escape(vuln_item.leave)
dic['update_data'] = escape(vuln_item.update_data)
data.append(dic)
resultdict['code'] = 0
resultdict['msg'] = "漏洞列表"
resultdict['count'] = total
resultdict['data'] = data
return JsonResponse(resultdict)
def userlisttable(request):
user = request.user
resultdict={}
error= ''
page = request.POST.get('page')
rows = request.POST.get('limit')
email = request.POST.get('email')
if not email:
email=''
area = request.POST.get('area')
if not area:
area_get = models.Area.objects.filter(parent__isnull=True)
else:
area_get = models.Area.objects.filter(id =area )
is_active = request.POST.get('is_active')
if not is_active:
is_active= ['True','False']
else:
is_active=[is_active]
if user.is_superuser:
user_list = User.objects.filter(email__icontains = email,
profile__area__in=area_get,
is_active__in = is_active).order_by('-is_superuser','-date_joined')
total = user_list.count()
user_list = paging(user_list,rows,page)
data = []
for user_item in user_list:
dic={}
dic['name'] = user_item.first_name + user_item.last_name
dic['mail'] = user_item.email
dic['date'] = user_item.date_joined
if user_item.profile.area:
dic['area'] =user_item.profile.area.name
else:
dic['area'] = '未知'
dic['title'] = user_item.profile.title
if user_item.is_active:
dic['status'] = '启用'
else:
dic['status'] = '禁用'
dic['lastlogin'] = user_item.last_login
role = user_item.profile.roles.all()
roles=[]
for item in role:
roles.append(item.title)
dic['role'] = roles
data.append(dic)
resultdict['code']=0
resultdict['msg']="用户列表"
resultdict['count']=total
resultdict['data']=data
return JsonResponse(resultdict)
else:
error = '权限错误'
return render(request,'error.html',{'error':error})
def userregisttable(request):
user = request.user
resultdict={}
error= ''
page = request.POST.get('page')
rows = request.POST.get('limit')
email = request.POST.get('email')
if not email:
email=''
status = request.POST.get('status')
if not status:
status=''
is_use = request.POST.get('is_use')
if not is_use:
is_use= ['True','False']
else:
is_use=[is_use]
is_check = request.POST.get('is_check')
if not is_check:
is_check= ['True','False']
else:
is_check=[is_check]
if user.is_superuser:
userrequest_list = models.UserRequest.objects.filter(email__icontains=email,status__icontains=status,is_use__in=is_use,is_check__in=is_check).order_by('is_check','is_use','-updatetime')
total = userrequest_list.count()
userrequest_list = paging(userrequest_list,rows,page)
data = []
for userrequest in userrequest_list:
dic={}
dic['request_id'] =escape( userrequest.id)
dic['email'] =escape( userrequest.email)
if userrequest.is_check:
dic['is_check'] =escape( '已审批')
dic['starttime'] =escape( userrequest.starttime)
if userrequest.action_user:
dic['action_user'] =escape( userrequest.action_user.username)
dic['updatetime'] =escape( userrequest.updatetime)
else:
dic['is_check'] =escape( '待审批')
if userrequest.is_use:
dic['is_use'] =escape( '已使用')
else:
dic['is_use'] =escape( '待使用')
dic['request_type'] =escape( userrequest.request_type.title)
dic['status'] =escape( REAUEST_STATUS[userrequest.status])
data.append(dic)
resultdict['code']=0
resultdict['msg']="用户申请列表"
resultdict['count']=total
resultdict['data']=data
return JsonResponse(resultdict)
else:
error = '权限错误'
return render(request,'error.html',{'error':error})
def vulntablelist(request):
user = request.user
resultdict={}
page = request.POST.get('page')
rows = request.POST.get('limit')
key = request.POST.get('key')
if not key:
key=''
leave = request.POST.get('leave')
if not leave:
leave=''
fix_status = request.POST.get('fix_status')
if not fix_status:
fix_status=''
if user.is_superuser:
vuln_list = models.Vulnerability_scan.objects.filter(
vuln_asset__asset_key__icontains = key,
leave__icontains = leave,
fix_status__icontains = fix_status,
leave__gte = 1,
).order_by('-fix_status','-leave')
else:
vuln_list = models.Vulnerability_scan.objects.filter(
vuln_asset__asset_user=user,
vuln_asset__asset_key__icontains = key,
leave__icontains = leave,
fix_status__icontains = fix_status,
leave__gte = 1,
).order_by('-fix_status','-leave')
total = vuln_list.count()
vuln_list = paging(vuln_list,rows,page)
data = []
for vuln_item in vuln_list:
dic={}
dic['vuln_id'] =escape( vuln_item.vuln_id)
dic['cve_name'] =escape( vuln_item.cve_name)
dic['vuln_name'] =escape( vuln_item.vuln_name)
dic['vuln_type'] =escape( vuln_item.vuln_type)
dic['leave'] =escape( VULN_LEAVE[vuln_item.leave])
dic['fix_status'] =escape( VULN_STATUS[vuln_item.fix_status])
dic['update_data'] =escape( vuln_item.update_data)
dic['asset'] =escape( vuln_item.vuln_asset.asset_key)
dic['asset_id'] =escape( vuln_item.vuln_asset.asset_id)
data.append(dic)
resultdict['code']=0
resultdict['msg']="漏洞列表"
resultdict['count']=total
resultdict['data']=data
return JsonResponse(resultdict)
def articleable_list(request):
user = request.user
resultdict = {}
page = request.POST.get('page')
rows = request.POST.get('limit')
name = request.POST.get('name')
if not name:
name = ''
artuicletype = request.POST.get('type')
if not artuicletype:
type_get = models.ArticleType.objects.filter(parent__isnull=False)
else:
type_get = models.ArticleType.objects.filter(id=artuicletype)
status = request.POST.get('status')
if not status:
status = ''
if user.is_superuser:
article_list = models.Article.objects.filter(
article_name__icontains=name,
article_type__in=type_get,
article_status__icontains=status).order_by('article_status',
'-article_update_time',
'-id')
else:
article_list = models.Article.objects.filter(
article_status='1',
article_name__icontains=name,
article_type__in=type_get,
article_status__icontains=status).order_by('-article_update_time')
total = article_list.count()
article_list = paging(article_list, rows, page)
data = []
for article_item in article_list:
dic = dict()
dic['article_id'] = escape(article_item.article_id)
dic['article_name'] = escape(article_item.article_name)
dic['article_type'] = escape(
article_item.article_type.article_type_name)
dic['article_update_time'] = escape(article_item.article_updatetime)
dic['article_status'] = escape(
ARTICLE_STATUS[article_item.article_status])
dic['article_user'] = escape(article_item.article_user.username)
data.append(dic)
resultdict['code'] = 0
resultdict['msg'] = "知识共享"
resultdict['count'] = total
resultdict['data'] = data
return JsonResponse(resultdict)
def asset_request_list(request):
user = request.user
resultdict = {}
page = request.POST.get('page')
rows = request.POST.get('limit')
email = request.POST.get('email')
if not email:
email = ''
status = request.POST.get('status')
if not status:
status = ''
if user.is_superuser:
request_list = models.AssetRequest.objects.filter(
request_user__email__icontains=email,
asset_request_status__icontains=status).order_by(
'asset_request_status', 'request_start_time')
else:
request_list = user.assetrequest_for_user.filter(
request_user__email__icontains=email,
asset_request_status__icontains=status).order_by(
'asset_request_status', 'request_start_time')
total = request_list.count()
request_list = paging(request_list, rows, page)
data = []
for request_item in request_list:
dic = {}
dic['request_id'] = escape(request_item.id)
dic['asset_key'] = escape(request_item.asset_key)
dic['asset_type'] = escape(request_item.asset_type.name)
dic['asset_request_status'] = escape(
REQUEST_STATUS[request_item.asset_request_status])
dic['request_action'] = escape(request_item.request_action)
dic['request_user'] = escape(request_item.request_user.username)
dic['request_reason'] = escape(request_item.request_reason)
dic['request_start_time'] = escape(request_item.request_start_time)
if request_item.action_user:
dic['action_user'] = escape(request_item.action_user.username)
dic['request_update_time'] = escape(
request_item.request_update_time)
else:
dic['action_user'] = ''
dic['request_update_time'] = ''
data.append(dic)
resultdict['code'] = 0
resultdict['msg'] = "用户列表"
resultdict['count'] = total
resultdict['data'] = data
return JsonResponse(resultdict)
def MappedTableList(request):
#user= request.user
resultdict = {}
page = request.POST.get('page')
rows = request.POST.get('limit')
name = request.POST.get('name')
if not name:
name = ''
status = request.POST.get('status')
if not status:
status = ['True', 'False']
else:
status = [status]
mappedlist = models.Mapped.objects.filter(
Q(LANip__asset_key__icontains=name)
| Q(WANip__asset_key__icontains=name)
| Q(request_user_num__icontains=name)
| Q(request_email__icontains=name)).filter(
mapped_status__in=status).order_by('mapped_updatetime')
total = mappedlist.count()
mappedlist = paging(mappedlist, rows, page)
data = []
for item in mappedlist:
dic = {}
dic['id'] = item.id
dic['LANip'] = item.LANip.asset_key
dic['LANip_id'] = item.LANip.asset_id
dic['LANPort'] = item.LANPort.port
dic['WANip'] = item.WANip.asset_key
dic['WANip_id'] = item.WANip.asset_id
dic['WANPort'] = item.WANPort.port
dic['Domain'] = item.Domain
if item.mapped_status:
dic['mapped_status'] = '使用中'
else:
dic['mapped_status'] = '已禁用'
dic['start_time'] = item.start_time
dic['end_time'] = item.end_time
dic['request_email'] = item.request_email
dic['action_email'] = item.action_email
data.append(dic)
resultdict['code'] = 0
resultdict['msg'] = "用户列表"
resultdict['count'] = total
resultdict['data'] = data
return JsonResponse(resultdict)
def asset_handover_list(request):
user = request.user
if user.is_superuser:
resultdict = {}
page = request.POST.get('page')
rows = request.POST.get('limit')
email = request.POST.get('email')
if not email:
email = ''
status = request.POST.get('status')
if not status:
status = ['0', '1', '2']
else:
status = [status]
handover_list = models.Handover.objects.filter(
status__in=status).filter(
Q(dst_email__icontains=email)
| Q(request_user__icontains=email)).order_by(
'status', '-request_starttime')
total = handover_list.count()
handover_list = paging(handover_list, rows, page)
data = []
for handover in handover_list:
dic = {}
dic['id'] = handover.id
dic['request_user'] = handover.request_user
dic['dst_email'] = handover.dst_email
dic['reason'] = handover.reason
dic['status'] = REQUEST_STATUS[handover.status]
dic['request_updatetime'] = handover.request_updatetime
data.append(dic)
resultdict['code'] = 0
resultdict['msg'] = "端口列表"
resultdict['count'] = total
resultdict['data'] = data
return JsonResponse(resultdict)
else:
error = '权限错误'
return JsonResponse({'error': error})
def tasktablelist(request):
user = request.user
resultdict = {}
page = request.POST.get('page')
rows = request.POST.get('limit')
name = request.POST.get('name')
if not name:
name = ''
key = request.POST.get('key')
if not key:
key = ''
tasktype = request.POST.get('type')
if not tasktype:
tasktype = ['安全扫描', '扫描同步']
else:
tasktype = [tasktype]
taskstatus = request.POST.get('status')
if not taskstatus:
if user.is_superuser:
taskstatus = ['1', '2', '3', '4', '5']
else:
taskstatus = ['0', '1', '2', '3', '4', '5']
else:
taskstatus = [taskstatus]
if user.is_superuser:
task_list = models.Task.objects.filter(
task_name__icontains=name,
task_type__icontains=key,
task_type__in=tasktype,
task_status__in=taskstatus).order_by('task_status',
'-task_endtime')
else:
task_list = models.Task.objects.filter(
task_user=user,
task_name__icontains=name,
task_type__icontains=key,
task_type__in=tasktype,
task_status__in=taskstatus).order_by('task_status',
'-task_endtime')
total = task_list.count()
task_list = paging(task_list, rows, page)
data = []
for item in task_list:
dic = {}
dic['task_id'] = escape(item.task_id)
dic['task_name'] = escape(item.task_name)
dic['task_type'] = escape(item.task_type)
dic['task_target'] = escape(item.task_target)
dic['task_status'] = escape(TASK_STATUS[item.task_status])
dic['task_starttime'] = escape(item.task_starttime)
dic['task_scanner'] = escape(item.task_scanner.scanner_name)
dic['task_user'] = escape(item.task_user.email)
data.append(dic)
resultdict['code'] = 0
resultdict['msg'] = "任务列表"
resultdict['count'] = total
resultdict['data'] = data
return JsonResponse(resultdict)
def assettablelist(request):
user = request.user
resultdict = {}
page = request.POST.get('page')
rows = request.POST.get('limit')
name = request.POST.get('name')
if not name:
name = ''
key = request.POST.get('key')
if not key:
key = ''
asset_type = request.POST.get('type')
if not asset_type:
type_get = models.AssetType.objects.filter(parent__isnull=False)
else:
type_get = models.AssetType.objects.filter(id=asset_type)
'''
area = request.POST.get('area')
if not area:
area_get = Area.objects.filter(parent__isnull=True)
else:
area_get = Area.objects.filter(id =area )'''
if user.is_superuser:
assetlist = models.Asset.objects.filter(
asset_name__icontains=name,
asset_key__icontains=key,
asset_type__in=type_get,
#asset_area__in=area_get,
).order_by('-asset_score', '-asset_updatetime')
else:
assetlist = user.asset_to_user.all().order_by('-asset_score',
'-asset_updatetime')
user_child_list = user.user_parent.all()
for user_child in user_child_list:
child_asset_list = user_child.asset_to_user.all().order_by(
'-asset_score', '-asset_updatetime')
assetlist = assetlist | child_asset_list
assetlist.filter(
asset_name__icontains=name,
asset_key__icontains=key,
asset_type__in=type_get,
#asset_area__in=area_get,
)
total = assetlist.count()
assetlist = paging(assetlist, rows, page)
data = []
for asset_item in assetlist:
dic = {}
dic['asset_id'] = asset_item.asset_id
dic['asset_name'] = asset_item.asset_name
dic['asset_key'] = asset_item.asset_key
dic['asset_status'] = ASSET_STATUS[asset_item.asset_status]
if asset_item.asset_inuse:
dic['asset_inuse'] = '已认领'
else:
dic['asset_inuse'] = '待认领'
if asset_item.asset_type:
dic['asset_type'] = asset_item.asset_type.name
else:
dic['asset_type'] = '未分类'
dic['user_email'] = asset_item.user_email
dic['asset_score'] = asset_item.asset_score
dic['asset_updatetime'] = asset_item.asset_updatetime
data.append(dic)
resultdict['code'] = 0
resultdict['msg'] = "用户列表"
resultdict['count'] = total
resultdict['data'] = data
return JsonResponse(resultdict)
