def comparison_report(
system_ids,
baseline_ids,
historical_sys_profile_ids,
reference_id,
auth_key,
data_format,
):
"""
return a comparison report
"""
if len(system_ids) > len(set(system_ids)):
raise HTTPError(
HTTPStatus.BAD_REQUEST,
message="duplicate UUID specified in system_ids list",
)
if len(baseline_ids) > len(set(baseline_ids)):
raise HTTPError(
HTTPStatus.BAD_REQUEST,
message="duplicate UUID specified in baseline_ids list",
)
_validate_uuids(system_ids)
_validate_uuids(baseline_ids)
try:
systems_with_profiles = fetch_systems_with_profiles(
system_ids, auth_key, current_app.logger, get_event_counters()
)
baseline_results = fetch_baselines(baseline_ids, auth_key, current_app.logger)
ensure_correct_system_count(baseline_ids, baseline_results)
comparisons = info_parser.build_comparisons(
systems_with_profiles,
baseline_results,
fetch_historical_sys_profiles(
historical_sys_profile_ids,
auth_key,
current_app.logger,
get_event_counters(),
),
reference_id,
)
metrics.systems_compared.observe(len(system_ids))
if data_format == "csv":
output = make_response(_csvify(comparisons))
output.headers["Content-Disposition"] = "attachment; filename=export.csv"
output.headers["Content-type"] = "text/csv"
return output
else:
return jsonify(comparisons)
except ItemNotReturned as error:
raise HTTPError(HTTPStatus.NOT_FOUND, message=error.message)
def get_baselines(app, timer, baseline_ids, auth_key, logger):
with timer.time():
with app.app_context():
# can raise RBACDenied exception
message = "reading baselines"
current_app.logger.audit(message, request=request)
baseline_results = fetch_baselines(baseline_ids, auth_key,
logger)
ensure_correct_system_count(baseline_ids, baseline_results)
return baseline_results
def comparison_report(
system_ids,
baseline_ids,
historical_sys_profile_ids,
reference_id,
auth_key,
data_format,
short_circuit,
):
"""
return a comparison report
If short_circuit is true, this is a call to see if a single system has
drifted from a single baseline in order to trigger a Notification if
necessary, so the only facts that will be compared will be those present
on the baseline. If the system has drifted from the baseline, the report
will contain the key 'drift_event_notify' set to True, otherwise False.
"""
if len(system_ids + baseline_ids + historical_sys_profile_ids) == 0:
message = "must specify at least one of system, baseline, or HSP"
current_app.logger.audit(str(HTTPStatus.BAD_REQUEST) + " " + message,
request=request,
success=False)
raise HTTPError(
HTTPStatus.BAD_REQUEST,
message=message,
)
if len(system_ids) > len(set(system_ids)):
message = "duplicate UUID specified in system_ids list"
current_app.logger.audit(str(HTTPStatus.BAD_REQUEST) + " " + message,
request=request,
success=False)
raise HTTPError(
HTTPStatus.BAD_REQUEST,
message=message,
)
if len(baseline_ids) > len(set(baseline_ids)):
message = "duplicate UUID specified in baseline_ids list"
current_app.logger.audit(str(HTTPStatus.BAD_REQUEST) + " " + message,
request=request,
success=False)
raise HTTPError(
HTTPStatus.BAD_REQUEST,
message=message,
)
if system_ids:
validate_uuids(system_ids)
if baseline_ids:
validate_uuids(baseline_ids)
if historical_sys_profile_ids:
validate_uuids(historical_sys_profile_ids)
if reference_id:
validate_uuids([reference_id])
if reference_id not in (system_ids + baseline_ids +
historical_sys_profile_ids):
message = "reference id %s does not match any ids from query" % reference_id
current_app.logger.audit(
str(HTTPStatus.BAD_REQUEST) + " " + message,
request=request,
success=False,
)
raise HTTPError(
HTTPStatus.BAD_REQUEST,
message=message,
)
try:
systems_with_profiles = []
baseline_results = []
hsp_results = []
with PT_CR_API_REQUESTS.time():
try:
if system_ids:
# can raise RBACDenied exception
message = "reading systems with profiles"
current_app.logger.audit(message, request=request)
systems_with_profiles = fetch_systems_with_profiles(
system_ids, auth_key, current_app.logger,
get_event_counters())
if baseline_ids:
# can raise RBACDenied exception
message = "reading baselines"
current_app.logger.audit(message, request=request)
baseline_results = fetch_baselines(baseline_ids, auth_key,
current_app.logger)
ensure_correct_system_count(baseline_ids, baseline_results)
if historical_sys_profile_ids:
# can raise RBACDenied exception
message = "reading historical system profiles"
current_app.logger.audit(message, request=request)
hsp_results = fetch_historical_sys_profiles(
historical_sys_profile_ids,
auth_key,
current_app.logger,
get_event_counters(),
)
except RBACDenied as error:
message = error.message
current_app.logger.audit(str(HTTPStatus.FORBIDDEN) + " " +
message,
request=request)
raise HTTPError(HTTPStatus.FORBIDDEN, message=message)
with PT_CR_BUILD_COMPARISON.time():
comparisons = info_parser.build_comparisons(
systems_with_profiles,
baseline_results,
hsp_results,
reference_id,
short_circuit,
)
metrics.systems_compared.observe(len(system_ids))
if data_format == "csv":
output = make_response(_csvify(comparisons))
output.headers[
"Content-Disposition"] = "attachment; filename=export.csv"
output.headers["Content-type"] = "text/csv"
return output
else:
return jsonify(comparisons)
except ItemNotReturned as error:
message = error.message
current_app.logger.audit(str(HTTPStatus.NOT_FOUND) + " " + message,
request=request,
success=False)
raise HTTPError(HTTPStatus.NOT_FOUND, message=message)
def comparison_report(
system_ids,
baseline_ids,
historical_sys_profile_ids,
reference_id,
auth_key,
data_format,
):
"""
return a comparison report
"""
if len(system_ids + baseline_ids + historical_sys_profile_ids) == 0:
raise HTTPError(
HTTPStatus.BAD_REQUEST,
message="must specify at least one of system, baseline, or HSP",
)
if len(system_ids) > len(set(system_ids)):
raise HTTPError(
HTTPStatus.BAD_REQUEST,
message="duplicate UUID specified in system_ids list",
)
if len(baseline_ids) > len(set(baseline_ids)):
raise HTTPError(
HTTPStatus.BAD_REQUEST,
message="duplicate UUID specified in baseline_ids list",
)
if system_ids:
validate_uuids(system_ids)
if baseline_ids:
validate_uuids(baseline_ids)
if historical_sys_profile_ids:
validate_uuids(historical_sys_profile_ids)
if reference_id:
validate_uuids([reference_id])
if reference_id not in (system_ids + baseline_ids +
historical_sys_profile_ids):
raise HTTPError(
HTTPStatus.BAD_REQUEST,
message="reference id %s does not match any ids from query" %
reference_id,
)
try:
systems_with_profiles = []
baseline_results = []
hsp_results = []
if system_ids:
systems_with_profiles = fetch_systems_with_profiles(
system_ids, auth_key, current_app.logger, get_event_counters())
if baseline_ids:
baseline_results = fetch_baselines(baseline_ids, auth_key,
current_app.logger)
ensure_correct_system_count(baseline_ids, baseline_results)
if historical_sys_profile_ids:
hsp_results = fetch_historical_sys_profiles(
historical_sys_profile_ids,
auth_key,
current_app.logger,
get_event_counters(),
)
comparisons = info_parser.build_comparisons(systems_with_profiles,
baseline_results,
hsp_results, reference_id)
metrics.systems_compared.observe(len(system_ids))
if data_format == "csv":
output = make_response(_csvify(comparisons))
output.headers[
"Content-Disposition"] = "attachment; filename=export.csv"
output.headers["Content-type"] = "text/csv"
return output
else:
return jsonify(comparisons)
except ItemNotReturned as error:
raise HTTPError(HTTPStatus.NOT_FOUND, message=error.message)