def __init__(self):
"""
"""
conf = get_config()
if not conf:
raise Exception(u'配置文件读取失败!')
self.api = GitlabAPIHandler(api_url=conf['gitlab']['api_url'], token=conf['gitlab']['token'])
self.activity_limit_month = conf['gitlab']['activity_month'] or 12
self.tz = timezone('Asia/Shanghai')
self.pool = ThreadPool(20)
def __upload_upgrade(local_file, remote_file):
"""
:param local_file:
:param remote_file:
:return:
"""
try:
web_conf = get_config()
if web_conf['project']['upload_type'] == 2:
ftp = FTPWork(
host=web_conf['project']['ftp_host'],
port=web_conf['project']['ftp_port'],
username=web_conf['project']['ftp_username'],
password=web_conf['project']['ftp_password'],
debug=False
)
upgrade_path = os.path.join(web_conf['project']['ftp_path'], 'upgrade')
ftp.make_dir(upgrade_path)
remote_file = os.path.join(upgrade_path, remote_file)
for i in range(0, 3):
try:
ftp.upload_file(local_file, remote_file)
size = ftp.get_size(remote_file)
if size:
break
except Exception as ex:
if i == 2:
raise ex
ftp.close()
create_syslog_obj(
title='上传升级包成功',
description=remote_file,
level=LOG_LEVEL.INFO
)
return 'ftp://{0}:{1}{2}'.format(
web_conf['project']['ftp_host'],
web_conf['project']['ftp_port'],
os.path.join(upgrade_path, remote_file)
)
except Exception as ex:
import traceback
create_syslog_obj(
title='上传升级包失败',
description=str(ex),
stack_trace=traceback.format_exc(),
level=LOG_LEVEL.ERROR
)
return None
def get(self, request):
"""
:param request:
:return:
"""
try:
web_config = get_config()
data = None
upgrade = get_last_client_package()
if upgrade:
download_path, download_type = upgrade.path, ''
if upgrade.path:
if 'ftp' in upgrade.path:
download_path = urlparse(upgrade.path).path
download_type = 'ftp'
status_code = status.HTTP_200_OK
data = {
'version': upgrade.version,
'md5': upgrade.hash,
'release_time': upgrade.created_at.isoformat(),
'download_path': download_path,
'download_type': download_type,
}
if web_config['option']['seecode_node_secret']:
data = {
'secret': RSA.encrypt_str(str(data))
}
else:
status_code = status.HTTP_404_NOT_FOUND
return JsonResponse(
data=data,
status=status_code,
code=status_code
)
except Exception as ex:
import traceback;
traceback.print_exc()
return JsonResponse(
desc=str(ex),
code=status.HTTP_400_BAD_REQUEST,
status=status.HTTP_200_OK
)
def show(request, group_id):
"""
:param request:
:param group_id:
:return:
"""
model = get_group_by_id(group_id=group_id)
if not model:
return HttpResponseRedirect('/project/group/?errmsg={0}'.format(
urlquote('分组未找到!')))
conf = get_config()
if conf and model:
api_url = '{0}groups/{1}'.format(conf['gitlab']['api_url'],
model.git_id)
return render(request, 'project/group/edit.html', {
'nav': 'pro',
'model': model,
'api_url': api_url,
})
def is_association_settings(group_id):
"""
:param group_id:
:return:
"""
result = False
if group_id:
conf = get_config()
if group_id == conf['port']['ops_group'] or group_id == conf['port'][
'sec_group']:
result = True
elif group_id == conf['soft']['ops_group'] or group_id == conf['soft'][
'sec_group']:
result = True
elif group_id == conf['test']['sec_group']:
result = True
elif group_id == conf['vuln']['sec_group']:
result = True
return result
def download_cloud_result(local_file, remote_file_log):
"""
:param local_file:
:param remote_file_log:
:return:
"""
try:
web_conf = get_config()
if web_conf['project']['upload_type'] == 2:
if not conf.storage['ftp']:
conf.storage['ftp'] = FTPWork(
host=web_conf['project']['ftp_host'],
port=web_conf['project']['ftp_port'],
username=web_conf['project']['ftp_username'],
password=web_conf['project']['ftp_password'],
)
conf.storage['ftp'].download_file(local_file, remote_file_log)
except Exception as ex:
import traceback
create_syslog_obj(title='下载扫描日志失败',
description=str(ex),
stack_trace=traceback.format_exc(),
level=LOG_LEVEL.ERROR)
def index(request):
"""
:param request:
:return:
"""
if request.method == 'POST':
gitlab_url = request.POST.get('gitlab_url', '')
gitlab_token = request.POST.get('gitlab_token', '')
gitlab_account = request.POST.get('gitlab_account', '')
gitlab_api = request.POST.get('gitlab_api_url', '')
gitlab_activity_month = request.POST.get('gitlab_activity_month', 12)
sonarqube_url = request.POST.get('sonarqube_url', '')
sonarqube_token = request.POST.get('sonarqube_token', '')
upload_type = request.POST.get('upload_type', 1)
local_upload_root = request.POST.get('local_upload_root', '')
ftp_host = request.POST.get('ftp_host', '')
ftp_username = request.POST.get('ftp_username', '')
ftp_password = request.POST.get('ftp_password', '')
ftp_path = request.POST.get('ftp_path', '')
ftp_port = request.POST.get('ftp_port', 21)
upload_file_type = request.POST.get('upload_file_type', '')
upload_file_size = request.POST.get('upload_file_size', '')
seecode_workdir = request.POST.get('seecode_workdir', '')
seecode_sys_level = request.POST.get('seecode_sys_level', '')
seecode_domain = request.POST.get('seecode_domain', '')
seecode_node_secret = parse_bool(request.POST.get('seecode_node_secret', False))
cache.set('seecode_conf', None, 0)
conf = get_config()
if not conf:
conf = {
'gitlab': {},
'sonarqube': {},
'option': {},
'sync': {},
'project': {}
}
if gitlab_url:
conf['gitlab']['url'] = gitlab_url.strip()
if gitlab_token:
conf['gitlab']['token'] = gitlab_token.strip()
if gitlab_account:
conf['gitlab']['account'] = gitlab_account.strip()
if gitlab_api:
conf['gitlab']['api_url'] = gitlab_api.strip()
if gitlab_activity_month:
conf['gitlab']['activity_month'] = int(gitlab_activity_month)
if sonarqube_url:
conf['sonarqube']['url'] = sonarqube_url.strip()
if sonarqube_token:
conf['sonarqube']['token'] = sonarqube_token.strip()
if seecode_workdir:
conf['option']['seecode_workdir'] = seecode_workdir.strip()
if seecode_sys_level:
conf['option']['seecode_sys_level'] = int(seecode_sys_level)
conf['option']['seecode_node_secret'] = seecode_node_secret
conf['option']['seecode_domain'] = seecode_domain
if upload_type:
conf['project']['upload_type'] = int(upload_type) # 1 local 2 ftp
if local_upload_root:
conf['project']['upload_root'] = local_upload_root.strip()
if ftp_host:
conf['project']['ftp_host'] = ftp_host.strip()
if ftp_username:
conf['project']['ftp_username'] = ftp_username.strip()
if ftp_password:
conf['project']['ftp_password'] = ftp_password.strip()
if ftp_path:
conf['project']['ftp_path'] = ftp_path.strip()
if ftp_port:
conf['project']['ftp_port'] = int(ftp_port)
if upload_file_type:
conf['project']['upload_file_type'] = upload_file_type.strip()
if upload_file_size:
conf['project']['upload_file_size'] = int(upload_file_size)
update_config_obj(
config_id=1,
content=str(conf)
)
return HttpResponseRedirect('/sys/settings/')
else:
conf = get_config()
return render(request, 'system/settings.html', {
'nav': 'sys',
'conf': conf,
'log_type': SYSLOG_LEVEL,
'month_type': MONTH_TYPE,
})
def create_project(request):
"""
:param request:
:return:
"""
name = request.POST.get('name', '')
group = request.POST.get('group', '')
project_type = request.POST.get('type', '')
ssh_url = request.POST.get('ssh_url', '')
upload = request.FILES.get('upload', '')
description = request.POST.get('description', '')
conf = get_config()
if project_type == '1': # 线上
if not all((ssh_url, name, group)):
raise Exception('缺少"ssh_url, name, group"关键参数。')
group_obj = get_group_by_id(group_id=group)
key = pinyin.get(name.strip(), format='strip', delimiter="")
proj_obj = create_project_obj(
group_obj=group_obj,
default_branch='master',
name=name.strip(),
path=key,
description=description.strip(),
ssh_url_to_repo=ssh_url.strip(),
type=project_type,
is_new=False,
user=request.user,
)
if proj_obj:
create_repository_obj(
name='master',
project_obj=proj_obj,
)
else:
if not all((upload, name, group)):
raise Exception('缺少"upload, name, group"关键参数。')
file_name, ext = os.path.splitext(upload.name)
if ext not in conf['project']['upload_file_type']:
raise Exception('不允许上传 {0} 格式问题。'.format(ext))
save_path, full_save_path = upload_file(file_stream=upload, save_relative_path='/projects')
file_size = upload.size
group_obj = get_group_by_id(group_id=group)
hash_md5 = md5sum(full_save_path)
file_origin_name = '{0}{1}'.format(file_name, ext)
if conf['project']['upload_type'] == 1:
file_path = os.path.join(conf['project']['upload_root'], group_obj.path.upper(), name.strip())
make_dir(file_path)
path = os.path.join(file_path, os.path.basename(full_save_path))
shutil.move(full_save_path, path)
else:
try:
ftp = FTPWork(
host=conf['project']['ftp_host'],
port=conf['project']['ftp_port'],
username=conf['project']['ftp_username'],
password=conf['project']['ftp_password'],
)
ftp_path = os.path.join(conf['project']['ftp_path'], 'projects', group_obj.path.upper())
status, _ = ftp.make_dir(ftp_path)
ftp_full_path = '{0}/{1}'.format(ftp_path, os.path.basename(full_save_path))
status, _ = ftp.upload_file(full_save_path, ftp_full_path)
if not status:
raise Exception('FTP上传文件失败,原因:{0}'.format(_))
path = 'ftp://{0}:{1}{2}'.format(
conf['project']['ftp_host'],
conf['project']['ftp_port'],
ftp_full_path,
)
del_file(full_save_path)
except Exception as ex:
raise ex
proj_obj = create_project_obj(
group_obj=group_obj,
default_branch='master',
name=name.strip(),
path=path,
description=description.strip(),
type=project_type,
is_new=False,
user=request.user,
file_size=file_size,
file_hash=hash_md5,
file_origin_name=file_origin_name,
)
create_repository_obj(
name='master',
project_obj=proj_obj,
)
return True
def __init__(self, task_id):
"""
:param task_id:
"""
self.task = get_task_by_id(task_id=task_id)
if not self.task:
raise TaskConfCreateException(
'Task not found, id:{0}.'.format(task_id))
self.sys_conf = get_config()
self.app = self.task.app
self.project = self.app.project
self.group = self.project.group
self.repo = self.app.repo
self.profile = self.task.group.profile
log_level = 'info'
if self.sys_conf['option']['seecode_sys_level'] == 1:
log_level = 'error'
elif self.sys_conf['option']['seecode_sys_level'] == 2:
log_level = 'error'
elif self.sys_conf['option']['seecode_sys_level'] == 3:
log_level = 'warning'
elif self.sys_conf['option']['seecode_sys_level'] == 4:
log_level = 'info'
elif self.sys_conf['option']['seecode_sys_level'] == 5:
log_level = 'debug'
storage_type = 'local'
s_t = self.sys_conf['project']['upload_type']
if s_t == 1:
storage_type = 'local'
elif s_t == 2:
storage_type = 'ftp'
self._task_conf = {
'task_id': self.task.id,
'template': self.profile.name,
'log_level': log_level,
'work_dir': self.sys_conf['option']['seecode_workdir'],
'project_name': self.project.name or '',
'project_branch': self.repo.name or '',
'project_ssh': self.project.ssh_url_to_repo or self.project.path,
'project_web': self.project.web_url or '',
'project_file_origin_name': self.project.file_origin_name or '',
'project_file_hash': self.project.file_hash or '',
'group_name': self.group.name or '',
'group_key': self.group.path or '',
'project_type': 'online' if self.project.type == 1 else 'offline',
'project_storage_type': storage_type,
'evidence_start_line_offset': -1,
'evidence_count': 5,
'result_file': '{0}.json'.format(self.task.id),
'sync_vuln_to_server': True,
'force_sync_code': self.task.is_force_scan,
}
update_task_config(
task_id=self.task.id,
config=str(self._task_conf),
)