def POST(self):
params = web.input()
kw = {
k: params[k].strip()
for k in ("title", "url", "ip", "port", "protocol", "level", "os",
"server_info", "middleware", "description")
}
Host.where(id=params.id.strip()).update(**kw)
return jsonSuccess()
def GET(self):
params = web.input()
try:
projectid = int(params.id)
except (ValueError, AttributeError):
raise web.internalerror("parameter error.")
project = Project.getraw(projectid)
if project:
hosts = Host.where(project_id=projectid,tmp=0).getsraw()
for host in hosts:
host['vuls'] = Vul.where(host_id=host['id']).getsraw('name','url','info','type','level','description')
host['comments'] = Comment.where(host_id=host['id']).getsraw('name','url','info','level','description')
del host['id']
del host['tmp']
del host['project_id']
project['hosts'] = hosts
del project['id']
projectName = "_".join(project['name'].split(" "))
projectFile = os.path.join("static","tmp",projectName+".proj")
try:
with open(projectFile,'w') as fd:
json.dump(project, fd)
except IOError:
raise web.internalerror("save imported project failed")
def GET(self):
params = web.input()
result = Host.where(project_id=params.projectid.strip(),
tmp=0).orderby(params.orderby.strip()).getsraw(
'id', 'title', 'url', 'ip', 'level',
'protocol')
return json.dumps(result)
def GET(self):
params = web.input()
try:
projectid = int(params.id)
except (ValueError, AttributeError):
raise web.internalerror("parameter error.")
project = Project.getraw(projectid)
if project:
hosts = Host.where(project_id=projectid, tmp=0).getsraw()
for host in hosts:
host['vuls'] = Vul.where(host_id=host['id']).getsraw(
'name', 'url', 'info', 'type', 'level', 'description')
host['comments'] = Comment.where(host_id=host['id']).getsraw(
'name', 'url', 'info', 'level', 'description')
del host['id']
del host['tmp']
del host['project_id']
project['hosts'] = hosts
del project['id']
projectName = "_".join(project['name'].split(" "))
projectFile = os.path.join("static", "tmp", projectName + ".proj")
try:
with open(projectFile, 'w') as fd:
json.dump(project, fd)
except IOError:
raise web.internalerror("save imported project failed")
def GET(self):
web.header('Content-Type', 'application/json')
params = web.input()
try:
projectid = int(params.project_id)
except AttributeError as error:
RTD.log.error(error)
raise web.internalerror(error)
iplist = self.getIPList(projectid)
hosts = Host.where(project_id=projectid, tmp=1).orderby("ip").getsraw('id','title','ip','port','protocol')
result = {'iplist':iplist, 'hosts':hosts}
return json.dumps(result)
def GET(self):
web.header('Content-Type', 'application/json')
params = web.input()
try:
projectid = int(params.project_id)
except AttributeError as error:
RTD.log.error(error)
raise web.internalerror(error)
iplist = self.getIPList(projectid)
hosts = Host.where(project_id=projectid, tmp=1).orderby("ip").getsraw(
'id', 'title', 'ip', 'port', 'protocol')
result = {'iplist': iplist, 'hosts': hosts}
return json.dumps(result)
def POST(self):
web.header('Content-Type', 'application/json')
params = web.input(projectfile={})
try:
fileName = params.projectfile.filename
fileStr = params.projectfile.value
except AttributeError:
raise web.internalerror("Missing parameter.")
projectDict = json.loads(fileStr)
hosts = projectDict.get("hosts", [])
try:
del projectDict['hosts']
except KeyError:
pass
try:
Project(**projectDict).save()
except DBError as error:
raise web.internalerror("failed to insert project " + str(error))
projectid = Project.where(
name=projectDict.get('name')).getsraw('id')[0]['id']
for host in hosts:
vuls = host.get("vuls", [])
comments = host.get("comments", [])
try:
del host['vuls']
del host['comments']
except KeyError:
pass
host['project_id'] = projectid
Host(**host).save()
kwargs = {
key: host[key]
for key in ['url', 'ip', 'port'] if key in host
}
hostid = Host.where(**kwargs).getsraw('id')[0]['id']
for vul in vuls:
vul['host_id'] = hostid
Vul(**vul).save()
for comment in comments:
comment['host_id'] = hostid
Comment(**comment).save()
return jsonSuccess()
def POST(self):
web.header('Content-Type', 'application/json')
params = web.input(projectfile={})
try:
fileName = params.projectfile.filename
fileStr = params.projectfile.value
except AttributeError:
raise web.internalerror("Missing parameter.")
projectDict = json.loads(fileStr)
hosts = projectDict.get("hosts",[])
try:
del projectDict['hosts']
except KeyError:
pass
try:
Project(**projectDict).save()
except DBError as error:
raise web.internalerror("failed to insert project "+str(error))
projectid = Project.where(name=projectDict.get('name')).getsraw('id')[0]['id']
for host in hosts:
vuls = host.get("vuls",[])
comments = host.get("comments",[])
try:
del host['vuls']
del host['comments']
except KeyError:
pass
host['project_id'] = projectid
Host(**host).save()
kwargs = {key:host[key] for key in ['url','ip','port'] if key in host}
hostid = Host.where(**kwargs).getsraw('id')[0]['id']
for vul in vuls:
vul['host_id'] = hostid
Vul(**vul).save()
for comment in comments:
comment['host_id'] = hostid
Comment(**comment).save()
return jsonSuccess()
def GET(self):
params = web.input()
if not params.id.strip().isdigit():
raise web.internalerror("Parameter type error.")
project = Project.get(params.id.strip())
hosts = Host.where(project_id=project.id).gets("id")
for host in hosts:
vuls = Vul.where(host_id=host.id).gets("id")
for vul in vuls:
vul.remove()
comments = Comment.where(host_id=host.id).gets("id")
for comment in comments:
comment.remove()
host.remove()
project.remove()
return jsonSuccess()
def GET(self):
params = web.input()
if not params.id.strip().isdigit():
raise web.internalerror("Parameter type error.")
project = Project.get(params.id.strip())
hosts = Host.where(project_id=project.id).gets("id")
for host in hosts:
vuls = Vul.where(host_id=host.id).gets("id")
for vul in vuls:
vul.remove()
comments = Comment.where(host_id=host.id).gets("id")
for comment in comments:
comment.remove()
host.remove()
project.remove()
return jsonSuccess()
def getIPList(self, projectid):
try:
hosts = Host.where(project_id=projectid).getsraw("ip")
except (KeyError, AttributeError, FieldError, ModelError, DBError) as error:
RTD.log.error(error)
raise web.internalerror(error)
result = list()
for host in hosts:
try:
pos = host['ip'].rindex(".")
ip = host['ip'][:pos] + ".1"
except (KeyError, ValueError, AttributeError):
continue
for key in result:
if ip == key[0]:
key[1] += 1
break
else:
result.append([ip,1])
return result
def getIPList(self, projectid):
try:
hosts = Host.where(project_id=projectid).getsraw("ip")
except (KeyError, AttributeError, FieldError, ModelError,
DBError) as error:
RTD.log.error(error)
raise web.internalerror(error)
result = list()
for host in hosts:
try:
pos = host['ip'].rindex(".")
ip = host['ip'][:pos] + ".1"
except (KeyError, ValueError, AttributeError):
continue
for key in result:
if ip == key[0]:
key[1] += 1
break
else:
result.append([ip, 1])
return result
def POST(self):
params = web.input()
kw = {k:params[k].strip() for k in ("title","url","ip","port","protocol","level","os","server_info","middleware","description")}
Host.where(id=params.id.strip()).update(**kw)
return jsonSuccess()
def GET(self):
params = web.input()
result = Host.where(project_id=params.projectid.strip(),tmp=0).orderby(params.orderby.strip()).getsraw('id','title','url','ip','level','protocol')
return json.dumps(result)