def submit_archive(group): """ Allows for authenticated users to submit archives """ user = '******' % api_request_user() try: if group not in groups(): raise ValueError('Invalid group specified') if 'cves' not in request.args: raise ValueError('CVE(s) required') cves = [cve.strip() for cve in request.args['cves'].split(',')] meta = {} for field in current_app.config['SUBMISSION_GROUPS'].get(group): if field in request.args: value = request.args.get(field) if len(value) > 0: meta[field] = value files = upload(group, request.files.get('archive', None), meta) for (ondisk, filename, suffix) in files: submit(user, ondisk, group, filename, suffix, cves, meta) return success() except ValueError as ve: current_app.logger.info('Invalid submission by %s: %s' % (user, ve.message)) return error(ve.message) except Exception as e: current_app.logger.info(e.message) return error()
def hashes_singlegroup(group): if group not in groups(): flash( '%s is not a known group. Displaying all hashes.' % (group), 'error') return render_template('hashes.html', hashes=[]) return hashes([group])
def submit_archive(group): """ Allows for authenticated users to submit archives """ user = '******' % api_request_user() try: if group not in groups(): raise ValueError('Invalid group specified') if 'cves' not in request.args: raise ValueError('CVE(s) required') cves = [cve.strip() for cve in request.args['cves'].split(',')] coordinates = CoordinateDict({ coord: request.args.get(coord).strip() for coord in SUBMISSION_GROUPS.get(group) if coord in request.args }) files = upload(group, request.files.get('archive', None), coordinates) for (ondisk, filename, suffix) in files: submit( user, ondisk, group, filename, suffix, cves, coordinates=coordinates ) return success() except ValueError as ve: current_app.logger.info('Invalid submission by %s: %s' % (user, ve.message)) return error(ve.message) except Exception as e: current_app.logger.info(e.message) return error()
def hashes_multigroup(): # expect a comma seperated arg _groups = request.args.get('groups') if _groups is None: # default to all groups _groups = groups() else: _groups = [str(g.strip()) for g in _groups.split(',')] return hashes(_groups)
def submit_hash(group): """ Allows for authenticated users to submit hashes via json. """ user = '******' % api_request_user() try: if group not in groups(): raise ValueError('Invalid group specified') json_data = request.get_json() if 'cves' not in json_data: raise ValueError('No CVE provided') entry = Hash() entry.mongify(json_data) entry.submitter = user submit( user, 'json-api-hash', group, suffix='Hash', entry=entry, approval='PENDING_APPROVAL') return success() except ValueError as ve: return error(ve.message) except Exception as e: current_app.logger.info('Invalid submission by %s' % (user)) current_app.logger.debug(e) return error()
def on_model_change(self, form, model, is_created): if form.group.data in groups(): model.group = form.group.data super(SubmissionView, self).on_model_change(form, model, is_created)