def _generate_filter_query(self, vulnerability_class, filters, hostname_filters, workspace, marshmallow_params): hosts_os_filter = [host_os_filter for host_os_filter in filters.get('filters', []) if host_os_filter.get('name') == 'host__os'] if hosts_os_filter: # remove host__os filters from filters due to a bug hosts_os_filter = hosts_os_filter[0] filters['filters'] = [host_os_filter for host_os_filter in filters.get('filters', []) if host_os_filter.get('name') != 'host__os'] vulns = search(db.session, vulnerability_class, filters) vulns = vulns.filter(VulnerabilityGeneric.workspace==workspace) if hostname_filters: or_filters = [] for hostname_filter in hostname_filters: or_filters.append(Hostname.name == hostname_filter['val']) vulns_host = vulns.join(Host).join(Hostname).filter(or_(*or_filters)) vulns = vulns_host.union( vulns.join(Service).join(Host).join(Hostname).filter(or_(*or_filters))) if hosts_os_filter: os_value = hosts_os_filter['val'] vulns = vulns.join(Host).join(Service).filter(Host.os==os_value) if 'group_by' not in filters: vulns = vulns.options( joinedload(VulnerabilityGeneric.tags), joinedload(Vulnerability.host), joinedload(Vulnerability.service), joinedload(VulnerabilityWeb.service), ) return vulns
def _filter_vulns(self, vulnerability_class, filters, hostname_filters, workspace, marshmallow_params, is_web): hosts_os_filter = [host_os_filter for host_os_filter in filters.get('filters', []) if host_os_filter.get('name') == 'host__os'] if hosts_os_filter: # remove host__os filters from filters due to a bug hosts_os_filter = hosts_os_filter[0] filters['filters'] = [host_os_filter for host_os_filter in filters.get('filters', []) if host_os_filter.get('name') != 'host__os'] vulns = search(db.session, vulnerability_class, filters) vulns = vulns.filter(VulnerabilityGeneric.workspace==workspace) if hostname_filters: or_filters = [] for hostname_filter in hostname_filters: or_filters.append(Hostname.name == hostname_filter['val']) vulns_host = vulns.join(Host).join(Hostname).filter(or_(*or_filters)) vulns = vulns_host.union( vulns.join(Service).join(Host).join(Hostname).filter(or_(*or_filters))) if hosts_os_filter: os_value = hosts_os_filter['val'] if is_web: exists_part = vulnerability_class.query.join(Service).join(Host).filter(Host.os == os_value).exists() else: filt = RestLessFilter('host__os', 'has', os_value) exists_part = QueryBuilder._create_filter(vulnerability_class, filt) vulns = vulns.filter(exists_part) if is_web: _type = 'VulnerabilityWeb' else: _type = 'Vulnerability' if 'group_by' not in filters: vulns = self.schema_class_dict[_type](**marshmallow_params).dumps( vulns.all()) vulns_data = json.loads(vulns) else: column_names = ['count'] + [field['field'] for field in filters.get('group_by',[])] rows = [list(zip(column_names, row)) for row in vulns.all()] vulns_data = [] for row in rows: vulns_data.append({field[0]:field[1] for field in row}) return vulns_data