def get(self, name):
session_id = get_session_id(session, request)
dao = VulnerabilityDAO(session_id)
vulnerability = dao.get_vulnerability_by_name(name=name)
dao.close()
resp = make_response(json_serialize(vulnerability, session_id=session_id), httplib.OK)
resp.headers['Content-type'] = 'application/json'
return resp
def get(self, name):
session_id = get_session_id(session, request)
dao = VulnerabilityDAO(session_id)
vulnerability = dao.get_vulnerability_by_name(name=name)
dao.close()
resp = make_response(json_serialize(vulnerability, session_id=session_id), OK)
resp.headers['Content-type'] = 'application/json'
return resp
def get(self):
session_id = get_session_id(session, request)
environment_name = request.args.get('environment', '')
dao = VulnerabilityDAO(session_id)
assets = dao.get_vulnerability_types(environment_name=environment_name)
dao.close()
resp = make_response(json_serialize(assets, session_id=session_id), httplib.OK)
resp.contenttype = 'application/json'
return resp
def get(self, name):
session_id = get_session_id(session, request)
environment_name = request.args.get('environment', '')
dao = VulnerabilityDAO(session_id)
vulnerability_type = dao.get_vulnerability_type_by_name(name=name, environment_name=environment_name)
dao.close()
resp = make_response(json_serialize(vulnerability_type, session_id=session_id), httplib.OK)
resp.headers['Content-type'] = 'application/json'
return resp
def get(self):
session_id = get_session_id(session, request)
constraint_id = request.args.get('constraint_id', -1)
dao = VulnerabilityDAO(session_id)
vulnerabilities = dao.get_vulnerabilities(constraint_id=constraint_id)
dao.close()
resp = make_response(json_serialize(vulnerabilities, session_id=session_id), httplib.OK)
resp.contenttype = 'application/json'
return resp
def get(self):
session_id = get_session_id(session, request)
constraint_id = request.args.get('constraint_id', -1)
dao = VulnerabilityDAO(session_id)
vulnerabilities = dao.get_vulnerabilities(constraint_id=constraint_id)
dao.close()
resp = make_response(json_serialize(vulnerabilities, session_id=session_id), OK)
resp.contenttype = 'application/json'
return resp
def get(self):
session_id = get_session_id(session, request)
environment_name = request.args.get('environment', '')
dao = VulnerabilityDAO(session_id)
assets = dao.get_vulnerability_types(environment_name=environment_name)
dao.close()
resp = make_response(json_serialize(assets, session_id=session_id), OK)
resp.contenttype = 'application/json'
return resp
def get(self, name):
session_id = get_session_id(session, request)
environment_name = request.args.get('environment', '')
dao = VulnerabilityDAO(session_id)
vulnerability_type = dao.get_vulnerability_type_by_name(name=name, environment_name=environment_name)
dao.close()
resp = make_response(json_serialize(vulnerability_type, session_id=session_id), OK)
resp.headers['Content-type'] = 'application/json'
return resp
def delete(self, name):
session_id = get_session_id(session, request)
dao = VulnerabilityDAO(session_id)
dao.delete_vulnerability(name=name)
dao.close()
resp_dict = {'message': 'Vulnerability successfully deleted'}
resp = make_response(json_serialize(resp_dict), httplib.OK)
resp.headers['Content-type'] = 'application/json'
return resp
def post(self):
session_id = get_session_id(session, request)
dao = VulnerabilityDAO(session_id)
new_vuln = dao.from_json(request)
vuln_id = dao.add_vulnerability(new_vuln)
dao.close()
resp_dict = {'message': 'Vulnerability successfully added', 'vulnerability_id': vuln_id}
resp = make_response(json_serialize(resp_dict), httplib.OK)
resp.contenttype = 'application/json'
return resp
def delete(self, name):
session_id = get_session_id(session, request)
environment_name = request.args.get('environment', '')
dao = VulnerabilityDAO(session_id)
dao.delete_vulnerability_type(name=name, environment_name=environment_name)
dao.close()
resp_dict = {'message': 'Vulnerability type successfully deleted'}
resp = make_response(json_serialize(resp_dict), OK)
resp.headers['Content-type'] = 'application/json'
return resp
def post(self):
session_id = get_session_id(session, request)
environment_name = request.args.get('environment', '')
dao = VulnerabilityDAO(session_id)
new_value_type = dao.type_from_json(request)
vulnerability_type_id = dao.add_vulnerability_type(new_value_type, environment_name=environment_name)
dao.close()
resp_dict = {'message': 'Vulnerability type successfully added', 'vulnerability_type_id': vulnerability_type_id}
resp = make_response(json_serialize(resp_dict), httplib.OK)
resp.contenttype = 'application/json'
return resp
def get_vulnerable_assets(self, vulnerability_name, environment_name):
"""
:type vulnerability_name: str
:type environment_name: str
:rtype: list[Asset]
"""
vulnerability_dao = VulnerabilityDAO(self.session_id)
try:
found_vulnerability = vulnerability_dao.get_vulnerability_by_name(
vulnerability_name)
vulnerability_id = found_vulnerability.theVulnerabilityId
except ObjectNotFoundHTTPError as ex:
self.close()
raise ex
except ARMHTTPError as ex:
self.close()
raise ex
environment_dao = EnvironmentDAO(self.session_id)
try:
found_environment = environment_dao.get_environment_by_name(
environment_name)
environment_id = found_environment.theId
except ObjectNotFoundHTTPError as ex:
self.close()
raise ex
except ARMHTTPError as ex:
self.close()
raise ex
try:
vulnerable_assets = self.db_proxy.vulnerableAssets(
vulnerability_id, environment_id)
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARMException as ex:
self.close()
raise ARMHTTPError(ex)
return vulnerable_assets
def get_vulnerable_assets(self, vulnerability_name, environment_name):
"""
:type vulnerability_name: str
:type environment_name: str
:rtype: list[Asset]
"""
vulnerability_dao = VulnerabilityDAO(self.session_id)
try:
found_vulnerability = vulnerability_dao.get_vulnerability_by_name(vulnerability_name)
vulnerability_id = found_vulnerability.theVulnerabilityId
except ObjectNotFoundHTTPError as ex:
self.close()
raise ex
except ARMHTTPError as ex:
self.close()
raise ex
environment_dao = EnvironmentDAO(self.session_id)
try:
found_environment = environment_dao.get_environment_by_name(environment_name)
environment_id = found_environment.theId
except ObjectNotFoundHTTPError as ex:
self.close()
raise ex
except ARMHTTPError as ex:
self.close()
raise ex
try:
vulnerable_assets = self.db_proxy.vulnerableAssets(vulnerability_id, environment_id)
except DatabaseProxyException as ex:
self.close()
raise ARMHTTPError(ex)
except ARMException as ex:
self.close()
raise ARMHTTPError(ex)
return vulnerable_assets
def put(self, name):
session_id = get_session_id(session, request)
dao = VulnerabilityDAO(session_id)
req = dao.from_json(request)
dao.update_vulnerability(req, name=name)
dao.close()
resp_dict = {'message': 'Vulnerability successfully updated'}
resp = make_response(json_serialize(resp_dict), httplib.OK)
resp.headers['Content-type'] = 'application/json'
return resp
def post(self):
session_id = get_session_id(session, request)
dao = VulnerabilityDAO(session_id)
new_vuln = dao.from_json(request)
dao.add_vulnerability(new_vuln)
dao.close()
resp_dict = {'message': new_vuln.name() + ' created'}
resp = make_response(json_serialize(resp_dict), OK)
resp.contenttype = 'application/json'
return resp
def put(self, name):
session_id = get_session_id(session, request)
environment_name = request.args.get('environment', '')
dao = VulnerabilityDAO(session_id)
vulnerability_type = dao.type_from_json(request)
dao.update_vulnerability_type(vulnerability_type, name=name, environment_name=environment_name)
dao.close()
resp_dict = {'message': 'Vulnerability type successfully updated'}
resp = make_response(json_serialize(resp_dict), OK)
resp.headers['Content-type'] = 'application/json'
return resp
def delete(self, name):
session_id = get_session_id(session, request)
dao = VulnerabilityDAO(session_id)
dao.delete_vulnerability(name=name)
dao.close()
resp_dict = {'message': 'Vulnerability successfully deleted'}
resp = make_response(json_serialize(resp_dict), OK)
resp.headers['Content-type'] = 'application/json'
return resp
def put(self, name):
session_id = get_session_id(session, request)
dao = VulnerabilityDAO(session_id)
req = dao.from_json(request)
dao.update_vulnerability(req, name=name)
dao.close()
resp_dict = {'message': 'Vulnerability successfully updated'}
resp = make_response(json_serialize(resp_dict), OK)
resp.headers['Content-type'] = 'application/json'
return resp
def delete(self, name):
session_id = get_session_id(session, request)
environment_name = request.args.get('environment', '')
dao = VulnerabilityDAO(session_id)
dao.delete_vulnerability_type(name=name,
environment_name=environment_name)
dao.close()
resp_dict = {'message': 'Vulnerability type successfully deleted'}
resp = make_response(json_serialize(resp_dict), httplib.OK)
resp.headers['Content-type'] = 'application/json'
return resp
def put(self, name):
session_id = get_session_id(session, request)
environment_name = request.args.get('environment', '')
dao = VulnerabilityDAO(session_id)
vulnerability_type = dao.type_from_json(request)
dao.update_vulnerability_type(vulnerability_type, name=name, environment_name=environment_name)
dao.close()
resp_dict = {'message': 'Vulnerability type successfully updated'}
resp = make_response(json_serialize(resp_dict), httplib.OK)
resp.headers['Content-type'] = 'application/json'
return resp
def post(self):
session_id = get_session_id(session, request)
environment_name = request.args.get('environment', '')
dao = VulnerabilityDAO(session_id)
new_value_type = dao.type_from_json(request)
vulnerability_type_id = dao.add_vulnerability_type(new_value_type, environment_name=environment_name)
dao.close()
resp_dict = {'message': 'Vulnerability type successfully added', 'vulnerability_type_id': vulnerability_type_id}
resp = make_response(json_serialize(resp_dict), OK)
resp.contenttype = 'application/json'
return resp
def post(self):
session_id = get_session_id(session, request)
dao = VulnerabilityDAO(session_id)
new_vuln = dao.from_json(request)
vuln_id = dao.add_vulnerability(new_vuln)
dao.close()
resp_dict = {
'message': 'Vulnerability successfully added',
'vulnerability_id': vuln_id
}
resp = make_response(json_serialize(resp_dict), httplib.OK)
resp.contenttype = 'application/json'
return resp
