def add_asset(): """ Add a asset to the database """ add_asset = True form = AssetForm() if form.validate_on_submit(): asset = Asset( comments=form.comments.data, inventory_id=Inventory.query.first().id, location=Location.query.first().id, managed_by=current_user.id, assigned_to=current_user.id, certified_by=current_user.id, ) try: # add asset to the database db.session.add(asset) db.session.commit() flash('You have successfully added a new Asset.') except: # in case asset name already exists flash('Error: Asset cannot be created.') # redirect to assets page return redirect(url_for('assets.list_assets')) # load department template return render_template('assets/asset.html', action="Add", add_asset=add_asset, form=form, title="Add Asset")
def new_asset(): ''' Create new asset ''' form = AssetForm() if form.validate_on_submit(): my_asset = Asset() form.populate_obj(my_asset) db.session.add(my_asset) try: db.session.commit() # User info flash('Asset created correctly', 'success') return redirect(url_for('assets')) except: db.session.rollback() flash('Error generating asset.', 'danger') return render_template('web/new_asset.html', form=form)
def edit_asset(id): ''' Edit asset :param id: Id from asset ''' my_asset = Asset.query.filter_by(id=id).first() form = AssetForm(obj=my_asset) if form.validate_on_submit(): try: # Update asset form.populate_obj(my_asset) db.session.add(my_asset) db.session.commit() # User info flash('Saved successfully', 'success') except: db.session.rollback() flash('Error update asset.', 'danger') return render_template('web/edit_asset.html', form=form)
def add_asset(id): """ Add a asset to the database """ #check_admin add_asset = True form = AssetForm() if form.validate_on_submit(): asset = Asset( name=form.name.data, description=form.description.data, analyse_id=id, sensitivity=form.sensitivity.data, criticality=form.criticality.data, ) try: # add asset to the database db.session.add(asset) db.session.commit() flash('You have successfully added a new asset.') except: # in case asset name already exists flash('Error: asset name already exists.') # redirect to the assets page #return redirect(url_for('home.list_assets')) return redirect(url_for('home.edit_analyse', id=id)) # load asset template w, h = 4, 4 myscores = [[0 for x in range(w)] for y in range(h)] # analyse = Analyse.query.get_or_404(id) return render_template('home/assets/asset.html', add_asset=add_asset, myscores=myscores, analyse_id=id, form=form, title='Add Asset')
def edit_asset(id): """ Edit an asset """ add_asset = False asset = Asset.query.get_or_404(id) form = AssetForm(obj=asset) if form.validate_on_submit(): asset.comments = form.comments.data db.session.commit() flash('You have successfully edited the asset.') # redirect to the departments page return redirect(url_for('assets.list_assets')) return render_template('assets/asset.html', action="Edit", add_asset=add_asset, form=form, asset=asset, title="Edit Asset")
def edit_asset(id): """ Edit a asset """ #check_admin add_asset = False asset = Asset.query.get_or_404(id) analyse = Analyse.query.get_or_404(asset.analyse_id) attackers = Attacker.query.all() form = AssetForm(obj=asset) if form.validate_on_submit(): asset.name = form.name.data asset.description = form.description.data #asset.analyse_id = form.analyse_id.data asset.criticality = form.criticality.data asset.sensitivity = form.sensitivity.data myexpsum = 0.0 myexparr = [0, 0, 0, 0] for attacker in attackers: myassetattacker = AssetAttacker.query.filter_by( asset_id=id).filter_by(attacker_id=attacker.id).first() myexparr[attacker.wert - 1] = max(myexparr[attacker.wert - 1], myassetattacker.wert) risk = myexparr[0] + myexparr[1] * 2 + myexparr[2] * 3 + myexparr[3] * 4 wu = max(form.criticality.data, form.sensitivity.data) myexpsum = (int(wu) * risk) asset.exposition = myexpsum / 10.0 db.session.add(asset) db.session.commit() #flash('You have successfully edited the asset.') # redirect to the asset page #return redirect(url_for('home.list_assets')) #asset = Asset.query.get(assetattacker.asset_id) return redirect(url_for('home.edit_analyse', id=asset.analyse_id)) form.description.data = asset.description form.name.data = asset.name #analyse = Analyse.query.get(asset.analyse_id) #form.analyse.default = asset.analyse_id # trying to set default select value form.sensitivity.data = str(asset.sensitivity) form.criticality.data = str(asset.criticality) form.exposition.data = asset.exposition # add an assetattacker per asset and attackers # get current asset.id id w, h = 4, 4 myscores = [[0 for x in range(w)] for y in range(h)] for attacker in attackers: attacker.myassetattacker = AssetAttacker.query.filter_by( asset_id=id).filter_by(attacker_id=attacker.id).first() if not (attacker.myassetattacker): mya = AssetAttacker() mya.asset_id = id mya.attacker_id = attacker.id mya.wert = -1 db.session.add(mya) db.session.commit() try: #myscores[ max((attacker.myassetattacker.wert-1),0) ][asset.wa-1] = "True" for myassetattackervaluemax in range( 0, max((attacker.myassetattacker.wert), 0)): myscores[max((attacker.wert - 1), 0)][myassetattackervaluemax] = "True" except: a = 2 return render_template('home/assets/asset.html', add_asset=add_asset, attackers=attackers, form=form, myscores=myscores, analyse_id=analyse.id, title="Edit Asset")