def scanschedule():
site = request.json
scan_id = site.get('scan_id')
schedule = site.get('schedule')
plan = site.get('plan')
target = site.get('target')
removeSite = schedule.get('remove')
enabled = True
crontab = {}
message = "Scan Schedule not set"
if removeSite is not None:
# Removing scan from scanschedule results in incomplete removal because of celerybeat-mongo running in background
# Hence we just set "enabled" to false
enabled = False
message = "Removed Schedule for: " + target
else:
enabled = True
message="Scheduled Scan successfully set for site: " + target
crontab = {
'minute':str(schedule.get('minute')),
'hour':str(schedule.get('hour')),
'day_of_week':str(schedule.get('dayOfWeek')),
'day_of_month':str(schedule.get('dayOfMonth')),
'month_of_year':str(schedule.get('monthOfYear'))
}
# Validate Crontab schedule values
crontab_errors = check_cron(crontab)
if crontab_errors:
message = "Error in crontab values"
return jsonify(message=message,success=False,errors=crontab_errors)
data = {
'task': "minion.backend.tasks.run_scheduled_scan",
'args': [target, plan],
'site': target,
'queue':'scanschedule',
'routing_key':'scanschedule',
'exchange':'', #Exchange is not required. Fails sometimes if exchange is provided. #TODO Figure out why
'plan': plan,
'name': target + ":" + plan,
'enabled': enabled,
'crontab': crontab
}
# Insert/Update existing schedule by target and plan
schedule = scanschedules.find_one({"site":target, "plan":plan})
if not schedule:
scanschedules.insert(data)
else:
scanschedules.update({"site":target, "plan":plan},
{"$set": {"crontab": crontab, "enabled":enabled}});
return jsonify(message=message,success=True)
def get_reports_sites():
result = []
group_name = request.args.get('group_name')
user_email = request.args.get('user')
if user_email is not None:
# User specified, so return recent scans for each site/plan that the user can see
user = users.find_one({'email': user_email})
if user is None:
return jsonify(success=False, reason='no-such-user')
if group_name:
site_list = _find_sites_for_user_by_group_name(user_email, group_name)
else:
site_list = _find_sites_for_user(user_email)
for site_url in sorted(site_list):
site = sites.find_one({'url': site_url})
if site is not None:
for plan_name in site['plans']:
schedule = scanschedules.find_one({'site':site_url, 'plan':plan_name})
crontab = None
scheduleEnabled = False
if schedule is not None:
crontab = schedule['crontab']
scheduleEnabled = schedule['enabled']
l = list(scans.find({'configuration.target':site['url'], 'plan.name': plan_name}).sort("created", -1).limit(1))
if len(l) == 1:
scan = summarize_scan(sanitize_scan(l[0]))
s = {v: scan.get(v) for v in ('id', 'created', 'state', 'issues')}
result.append({'target': site_url, 'plan': plan_name, 'scan': scan, 'crontab': crontab, 'scheduleEnabled': scheduleEnabled})
else:
result.append({'target': site_url, 'plan': plan_name, 'scan': None, 'crontab': crontab, 'scheduleEnabled': scheduleEnabled})
return jsonify(success=True, report=result)
def get_reports_sites():
result = []
group_name = request.args.get('group_name')
user_email = request.args.get('user')
if user_email is not None:
# User specified, so return recent scans for each site/plan that the user can see
user = users.find_one({'email': user_email})
if user is None:
return jsonify(success=False, reason='no-such-user')
if group_name:
site_list = _find_sites_for_user_by_group_name(
user_email, group_name)
else:
site_list = _find_sites_for_user(user_email)
for site_url in sorted(site_list):
site = sites.find_one({'url': site_url})
if site is not None:
for plan_name in site['plans']:
schedule = scanschedules.find_one({
'site': site_url,
'plan': plan_name
})
crontab = None
scheduleEnabled = False
if schedule is not None:
crontab = schedule['crontab']
scheduleEnabled = schedule['enabled']
l = list(
scans.find({
'configuration.target': site['url'],
'plan.name': plan_name
}).sort("created", -1).limit(1))
if len(l) == 1:
scan = summarize_scan(sanitize_scan(l[0]))
s = {
v: scan.get(v)
for v in ('id', 'created', 'state', 'issues')
}
result.append({
'target': site_url,
'plan': plan_name,
'scan': scan,
'crontab': crontab,
'scheduleEnabled': scheduleEnabled
})
else:
result.append({
'target': site_url,
'plan': plan_name,
'scan': None,
'crontab': crontab,
'scheduleEnabled': scheduleEnabled
})
return jsonify(success=True, report=result)
def scanschedule():
site = request.json
scan_id = site.get('scan_id')
schedule = site.get('schedule')
plan = site.get('plan')
target = site.get('target')
removeSite = schedule.get('remove')
enabled = True
crontab = {}
message = "Scan Schedule not set"
if removeSite is not None:
# Removing scan from scanschedule results in incomplete removal because of celerybeat-mongo running in background
# Hence we just set "enabled" to false
enabled = False
message = "Removed Schedule for: " + target
else:
enabled = True
message = "Scheduled Scan successfully set for site: " + target
crontab = {
'minute': str(schedule.get('minute')),
'hour': str(schedule.get('hour')),
'day_of_week': str(schedule.get('dayOfWeek')),
'day_of_month': str(schedule.get('dayOfMonth')),
'month_of_year': str(schedule.get('monthOfYear'))
}
# Validate Crontab schedule values
crontab_errors = check_cron(crontab)
if crontab_errors:
message = "Error in crontab values"
return jsonify(message=message, success=False, errors=crontab_errors)
data = {
'task': "minion.backend.tasks.run_scheduled_scan",
'args': [target, plan],
'site': target,
'queue': 'scanschedule',
'routing_key': 'scanschedule',
'exchange':
'', #Exchange is not required. Fails sometimes if exchange is provided. #TODO Figure out why
'plan': plan,
'name': target + ":" + plan,
'enabled': enabled,
'crontab': crontab
}
# Insert/Update existing schedule by target and plan
schedule = scanschedules.find_one({"site": target, "plan": plan})
if not schedule:
scanschedules.insert(data)
else:
scanschedules.update({
"site": target,
"plan": plan
}, {"$set": {
"crontab": crontab,
"enabled": enabled
}})
return jsonify(message=message, success=True)
