def updateFecha_fin(self, id):
conn = ConexionDB()
cur = conn.conn.cursor()
update = "UPDATE pentest SET fecha_fin = statement_timestamp() WHERE id = %s"
cur.execute(update, (id, ))
conn.conn.commit()
cur.close()
conn.desconectar()
def getLastRecord(self):
conn = ConexionDB()
cur = conn.conn.cursor()
query = "SELECT id, url_ip, fecha_ini, fecha_fin, riesgo_general FROM pentest ORDER BY id DESC LIMIT 1"
cur.execute(query)
row = cur.fetchone()
cur.close()
conn.desconectar()
return row
def getById(self, idd):
conn = ConexionDB()
cur = conn.conn.cursor()
query = "SELECT id, url_ip, fecha_ini, fecha_fin, riesgo_general FROM pentest WHERE id = %s"
cur.execute(query, (idd, ))
row = cur.fetchone()
cur.close()
conn.desconectar()
return row
def insert(self, objDetalle):
conn = ConexionDB()
cur = conn.conn.cursor()
insert = "INSERT INTO detalle (id_pentest, id_prueba, id_riesgoc, riesgo, resultado, recomendacion) VALUES (%s, %s, %s, %s, %s, %s)"
cur.execute(insert, (objDetalle.id_pentest, objDetalle.id_prueba,
objDetalle.id_riesgoc, objDetalle.riesgo,
objDetalle.resultado, objDetalle.recomendacion))
conn.conn.commit()
cur.close()
conn.desconectar()
def getTechImpact(self, codigo):
conn = ConexionDB()
cur = conn.conn.cursor()
query = "SELECT riesgo_imptecnico FROM prueba WHERE codigo = %s"
cur.execute(query, (codigo, ))
row = cur.fetchone()
cur.close()
conn.desconectar()
return row
def getLikelihood(self, codigo):
conn = ConexionDB()
cur = conn.conn.cursor()
query = "SELECT riesgo_probabilidad FROM prueba WHERE codigo = %s"
cur.execute(query, (codigo, ))
row = cur.fetchone()
cur.close()
conn.desconectar()
return row
def getResultado(self, otg, id_pentest):
conn = ConexionDB()
cur = conn.conn.cursor()
# query = """SELECT p.resultado FROM (SELECT id_prueba, resultado FROM detalle WHERE id_prueba = (SELECT id FROM prueba WHERE codigo = %s) AND id_pentest = %s) p"""
query = "SELECT d.resultado FROM (SELECT id, codigo from prueba where codigo = %s) p INNER JOIN detalle d ON p.id=d.id_prueba WHERE id_pentest = %s"
cur.execute(query, (otg, id_pentest))
row = cur.fetchone()
cur.close()
conn.desconectar()
return row
def updateRiesgo_general(self, id):
conn = ConexionDB()
cur = conn.conn.cursor()
update = "UPDATE pentest SET riesgo_general = (SELECT AVG(riesgo) FROM detalle WHERE id_pentest = %s) WHERE id = %s"
cur.execute(update, (
id,
id,
))
conn.conn.commit()
cur.close()
conn.desconectar()
def getById(self, idd):
conn = ConexionDB()
cur = conn.conn.cursor()
query = "SELECT id, id_pentest, id_prueba, riesgo, resultado, recomendacion FROM detalle WHERE id = %s"
cur.execute(query, (idd))
row = cur.fetchone()
cur.close()
conn.desconectar()
if row is not None:
return Detalle(row[0], row[1], row[2], row[3], row[4], row[5])
else:
return None
def getAll(self):
objs = list()
conn = ConexionDB()
cur = conn.conn.cursor()
query = "SELECT id, url_ip, fecha_ini, fecha_fin, riesgo_general FROM pentest"
cur.execute(query)
rows = cur.fetchall()
cur.close()
conn.desconectar()
for p in rows:
objs.append(Pentest(p[0], p[1], p[2], p[3], p[4]))
return objs
def getByName(self, nombre):
conn = ConexionDB()
cur = conn.conn.cursor()
query = "SELECT id, nombre FROM riesgo_cualitativo WHERE nombre = %s"
cur.execute(query, (nombre, ))
row = cur.fetchone()
cur.close()
conn.desconectar()
if row is not None:
return Riesgo_Cualitativo(row[0], row[1])
else:
return None
def getByCodigo(self, codigo):
conn = ConexionDB()
cur = conn.conn.cursor()
query = "SELECT id, codigo, nombre, descripcion, objetivo, id_subcategoria FROM prueba WHERE codigo = %s"
cur.execute(query, (codigo, ))
row = cur.fetchone()
cur.close()
conn.desconectar()
if row is not None:
return Prueba(row[0], row[1], row[2], row[3], row[4], row[5])
else:
return None