def ingest_data_into_graph(data):
"""Ingests given json object to graph."""
pcve = IngestionData(data)
g = Traversel() # pylint: disable=invalid-name
query = (g.add_update_unique_node_with_diff_properties(
pcve.security_event, pcve.updated_security_event).next())
execute_query(query)
return {'status': 'success'}
def query_graph(args: Dict):
"""Retrives graph nodes based on the given criteria."""
query = _query_template().format(security_event_query=_get_security_event_query_filters(args))
result = execute_query(query)['result']['data']
log.info("Before filtering other condition data count as {count}".format(count=len(result)))
return _filter_data_for_other_condition(args, result)
def query_graph(args: Dict):
"""Retrives graph nodes based on the given criteria"""
query: List[str] = _query_template().format(
security_event_query=_get_security_event_query_filters(args),
probable_vulnerability_query=_get_probable_vuln_query_filters(args),
dependency_query=_get_dependency_query_filters(args))
result = execute_query(query)['result']['data']
return result
def _ingest_pcve(pcve):
g = Traversel() # pylint: disable=invalid-name
query = str(g.add_unique_node(pcve.dependency)
.add_unique_node(pcve.version)
.add_unique_node(pcve.security_event)
.add_unique_node(pcve.probable_cve)
.has_version(pcve.dependency, pcve.version)
.triaged_to(pcve.security_event, pcve.probable_cve)
.affects(pcve.probable_cve, pcve.version)
.next())
return execute_query(query)
def fetch_nodes(payload: object) -> object:
"""Fetch node from graph database."""
if payload and payload.get('gremlin'):
try:
# sanitize the query to drop CRUD operations
query = sanitize_text_for_query(payload['gremlin'])
if query:
return execute_query(query)
except (ValueError, requests.exceptions.Timeout, Exception) as e:
raise e
else:
return {'warning': 'Invalid payload. Check your payload once again'}
def _ingest_feedback(payload):
"""Creates Feedback node into the graphdb based on data"""
# pylint: disable=invalid-name
g = Traversel()
# create SecurityEvent obj with only url as property, which is enough
# to find the existing node to add feedback
security_event = SecurityEvent(url=payload['url'])
feedback_ = Feedback(author=payload['author'],
feedback_type=FeedBackType[payload['feedback_type']],
comments=payload['comments'])
g.has_node(security_event).add_unique_node(feedback_)
if feedback_.feedback_type is FeedBackType.NEGATIVE:
g.weakens(feedback_, security_event)
else:
g.reinforces(feedback_, security_event)
return execute_query(g.next())
def get_feedback(payload):
"""Get the feedbacks for a given security url."""
query = _get_feedback_teamplate().format(url=sanitize(payload['url']))
return execute_query(query)['result']['data']
def add_feedback(payload):
"""Create Feedback node into the graphdb based on data."""
execute_query(_get_feedback_query(payload))
return {'status': 'success'}