def user_repo_scan():
"""Experimental endpoint."""
# TODO: please refactor this method is it would be possible to test it properly
# json data and files cannot be a part of same request. Hence, we need to use form data here.
validate_string = "{} cannot be empty"
resp_dict = {"status": "success", "summary": ""}
git_url = request.headers.get("git-url")
if not git_url:
validate_string = validate_string.format("git-url")
resp_dict["status"] = 'failure'
resp_dict["summary"] = validate_string
return flask.jsonify(resp_dict), 400
req_json = request.json
set_direct = set()
set_transitive = set()
if req_json is None:
validate_string = validate_string.format("input json")
resp_dict["status"] = 'failure'
resp_dict["summary"] = validate_string
return flask.jsonify(resp_dict), 400
result_ = req_json.get("result", None)
if result_ is None:
validate_string = validate_string.format("Result dictionary")
resp_dict["status"] = 'failure'
resp_dict["summary"] = validate_string
return flask.jsonify(resp_dict), 400
for res_ in result_:
details_ = res_.get("details", None)
set_direct, set_transitive = DataExtractor.get_details_from_results(
details_)
dependencies = {
'direct': list(set_direct),
'transitive': list(set_transitive)
}
try:
repo_cves = RepoDependencyCreator.create_repo_node_and_get_cve(
github_repo=git_url, deps_list=dependencies)
# We get a list of reports here since the functionality is meant to be
# re-used for '/notify' call as well.
repo_reports = RepoDependencyCreator.generate_report(
repo_cves=repo_cves, deps_list=dependencies)
for repo_report in repo_reports:
notification = UserNotification.generate_notification(
report=repo_report)
UserNotification.send_notification(notification=notification,
token=SERVICE_TOKEN)
except Exception as ex:
return flask.jsonify({"error": ex.__str__()}), 500
resp_dict.update({
"summary":
"Report for {} is being generated in the background. You will "
"be notified via your preferred openshift.io notification mechanism "
"on its completion.".format(git_url)
})
return flask.jsonify(resp_dict), 200
def user_repo_scan_experimental(): # pragma: no cover
"""Experimental endpoint."""
# json data and files cannot be a part of same request. Hence, we need to use form data here.
git_url = request.form.get('git-url')
resp_dict = {
"status": "success",
"summary": ""
}
files = request.files.getlist("dependencyFile[]")
validate_string = "{} cannot be empty"
if not git_url:
validate_string = validate_string.format("git-url")
resp_dict["status"] = 'failure'
resp_dict["summary"] = validate_string
return flask.jsonify(resp_dict), 400
if not files:
validate_string = validate_string.format("files")
resp_dict["status"] = 'failure'
resp_dict["summary"] = validate_string
return flask.jsonify(resp_dict), 400
for file in files:
if file.filename == 'direct-dependencies.txt':
direct_dependencies_string = file.read().decode('utf-8')
elif file.filename == 'transitive-dependencies.txt':
transitive_dependencies_string = file.read().decode('utf-8')
else:
resp_dict["status"] = 'failure'
resp_dict["summary"] = "File name should be either direct-dependencies.txt or" \
"transitive-dependencies.txt"
return flask.jsonify(resp_dict), 400
set_direct_dependencies = MavenParser.parse_output_file(direct_dependencies_string)
set_transitive_dependencies = MavenParser.parse_output_file(transitive_dependencies_string)
# we need to remove direct dependencies from the transitive ones.
set_transitive_dependencies = set_transitive_dependencies - set_direct_dependencies
dependencies = {
'direct': list(set_direct_dependencies),
'transitive': list(set_transitive_dependencies)
}
try:
repo_cves = RepoDependencyCreator.create_repo_node_and_get_cve(
github_repo=git_url, deps_list=dependencies)
# We get a list of reports here since the functionality is meant to be
# re-used for '/notify' call as well.
repo_reports = RepoDependencyCreator.generate_report(repo_cves=repo_cves,
deps_list=dependencies)
for repo_report in repo_reports:
notification = UserNotification.generate_notification(report=repo_report)
UserNotification.send_notification(notification=notification,
token=SERVICE_TOKEN)
except Exception as ex:
return flask.jsonify({
"error": ex.__str__()
}), 500
resp_dict.update({
"summary": "Report for {} is being generated in the background. You will "
"be notified via your preferred openshift.io notification mechanism "
"on its completion.".format(git_url)
})
return flask.jsonify(resp_dict), 200