def add_proposal(vuln: Vulnerability, form: VulnerabilityDetailsForm): vuln_clone = vuln.copy() form.populate_obj(vuln_clone) vuln_clone.version = None vuln_clone.prev_version = vuln.version vuln_clone.state = VulnerabilityState.READY vuln_clone.creator = g.user # Reset any previous feedback data. vuln_clone.reviewer_id = None vuln_clone.review_feedback = None db.session.add(vuln_clone) db.session.commit() if not vuln_clone.vcdb_id: # TODO: Improve this hack to assign a new vcdb_id here. # Currently, we are just piggy backing on the auto increment of the primary key to ensure uniqueness. # This will likely be prone to race conditions. vuln_clone.vcdb_id = vuln_clone.id db.session.add(vuln_clone) db.session.commit() flash( "Your proposal will be reviewed soon. You can monitor progress in your Proposals Section.", "success")
def add_proposal(vuln: Vulnerability, view: VulnerabilityView, form: VulnerabilityDetailsForm) -> Optional[Vulnerability]: """ Attempts to create a proposal entry which is basically a copy of an existing Vulnerability entry. :param vuln: :param view: :param form: :return: A new Vulnerability copy of the existing entry. """ vuln_clone = vuln.copy() form.populate_obj(vuln_clone) try: update_products(vuln_clone) except InvalidProducts as e: flash_error(e.args[0]) return None with db.session.no_autoflush: changes = vuln.diff(vuln_clone) # ignore metadata changes.pop('date_modified', None) changes.pop('date_created', None) changes.pop('creator', None) changes.pop('state', None) changes.pop('version', None) changes.pop('prev_version', None) changes.pop('reviewer_id', None) changes.pop('reviewer', None) changes.pop('review_feedback', None) changes.pop('id', None) if not changes: flash_error( "No changes detected. Please modify the entry first to propose a change" ) return None logging.debug("Detected changes: %r", changes) vuln_clone.version = None vuln_clone.prev_version = vuln.version vuln_clone.state = VulnerabilityState.READY vuln_clone.creator = g.user # Reset any previous feedback data. vuln_clone.reviewer_id = None vuln_clone.review_feedback = None db.session.add(vuln_clone) db.session.commit() if not vuln_clone.vcdb_id: # TODO: Improve this hack to assign a new vcdb_id here. # Currently, we are just piggy backing on the auto increment of the primary key to ensure uniqueness. # This will likely be prone to race conditions. vuln_clone.vcdb_id = vuln_clone.id db.session.add(vuln_clone) db.session.commit() flash("Your proposal will be reviewed soon.", "success") return vuln_clone
def add_proposal(vuln: Vulnerability, form: VulnerabilityDetailsForm): vuln_clone = vuln.copy() form.populate_obj(vuln_clone) vuln_clone.version = None vuln_clone.prev_version = vuln.version vuln_clone.state = VulnerabilityState.READY vuln_clone.creator = g.user db.session.add(vuln_clone) db.session.commit() flash( "Your proposal will be reviewed soon. You can monitor progress in your Proposals Section.", "success")