def _generate_filter_query(self, vulnerability_class, filters, hostname_filters, workspace, marshmallow_params):
hosts_os_filter = [host_os_filter for host_os_filter in filters.get('filters', []) if host_os_filter.get('name') == 'host__os']
if hosts_os_filter:
# remove host__os filters from filters due to a bug
hosts_os_filter = hosts_os_filter[0]
filters['filters'] = [host_os_filter for host_os_filter in filters.get('filters', []) if host_os_filter.get('name') != 'host__os']
vulns = search(db.session,
vulnerability_class,
filters)
vulns = vulns.filter(VulnerabilityGeneric.workspace==workspace)
if hostname_filters:
or_filters = []
for hostname_filter in hostname_filters:
or_filters.append(Hostname.name == hostname_filter['val'])
vulns_host = vulns.join(Host).join(Hostname).filter(or_(*or_filters))
vulns = vulns_host.union(
vulns.join(Service).join(Host).join(Hostname).filter(or_(*or_filters)))
if hosts_os_filter:
os_value = hosts_os_filter['val']
vulns = vulns.join(Host).join(Service).filter(Host.os==os_value)
if 'group_by' not in filters:
vulns = vulns.options(
joinedload(VulnerabilityGeneric.tags),
joinedload(Vulnerability.host),
joinedload(Vulnerability.service),
joinedload(VulnerabilityWeb.service),
)
return vulns
def _filter_vulns(self, vulnerability_class, filters, hostname_filters, workspace, marshmallow_params, is_web):
hosts_os_filter = [host_os_filter for host_os_filter in filters.get('filters', []) if host_os_filter.get('name') == 'host__os']
if hosts_os_filter:
# remove host__os filters from filters due to a bug
hosts_os_filter = hosts_os_filter[0]
filters['filters'] = [host_os_filter for host_os_filter in filters.get('filters', []) if host_os_filter.get('name') != 'host__os']
vulns = search(db.session,
vulnerability_class,
filters)
vulns = vulns.filter(VulnerabilityGeneric.workspace==workspace)
if hostname_filters:
or_filters = []
for hostname_filter in hostname_filters:
or_filters.append(Hostname.name == hostname_filter['val'])
vulns_host = vulns.join(Host).join(Hostname).filter(or_(*or_filters))
vulns = vulns_host.union(
vulns.join(Service).join(Host).join(Hostname).filter(or_(*or_filters)))
if hosts_os_filter:
os_value = hosts_os_filter['val']
if is_web:
exists_part = vulnerability_class.query.join(Service).join(Host).filter(Host.os == os_value).exists()
else:
filt = RestLessFilter('host__os', 'has', os_value)
exists_part = QueryBuilder._create_filter(vulnerability_class, filt)
vulns = vulns.filter(exists_part)
if is_web:
_type = 'VulnerabilityWeb'
else:
_type = 'Vulnerability'
if 'group_by' not in filters:
vulns = self.schema_class_dict[_type](**marshmallow_params).dumps(
vulns.all())
vulns_data = json.loads(vulns)
else:
column_names = ['count'] + [field['field'] for field in filters.get('group_by',[])]
rows = [list(zip(column_names, row)) for row in vulns.all()]
vulns_data = []
for row in rows:
vulns_data.append({field[0]:field[1] for field in row})
return vulns_data