Esempio n. 1
0
class Vendor(BaseModel):
    __tablename__ = "vendors"

    name = db.Column(db.String(), nullable=False, unique=True)

    # Relationships
    products = db.relationship("Product", back_populates="vendor")
    users = db.relationship("User", secondary=users_vendors)

    def __repr__(self):
        return "<Vendor {}>".format(self.name)
Esempio n. 2
0
class Product(BaseModel):
    __tablename__ = "products"

    name = db.Column(db.String(), nullable=False, index=True)

    # Relationships
    vendor_id = db.Column(UUIDType(binary=False), db.ForeignKey("vendors.id"))
    vendor = db.relationship("Vendor", back_populates="products")
    users = db.relationship("User", secondary=users_products)

    def __repr__(self):
        return "<Product {}>".format(self.name)
Esempio n. 3
0
class Cve(BaseModel):
    __tablename__ = "cves"

    # CVE are sorted by last modified date, we need to index it.
    updated_at = db.Column(
        db.DateTime(timezone=True),
        default=db.func.now(),
        onupdate=db.func.now(),
        nullable=False,
        index=True,
    )

    cve_id = db.Column(db.String(), nullable=False, index=True)
    json = db.Column(JSONB)

    # We used initially secondary relationships to fetch the list of
    # associated vendors, products and cwes. But it was complicated
    # to maintain, and the performance were poor. So we now use the
    # JSONB data type associated to the GIN index type.
    vendors = db.Column(JSONB)
    cwes = db.Column(JSONB)

    # Keep the summary separated when searching keywords
    summary = db.Column(db.String(), nullable=False)

    # Keep CVSS separated when searching a particupal score
    cvss2 = db.Column(db.Float())
    cvss3 = db.Column(db.Float())

    # Relationships
    events = db.relationship("Event", back_populates="cve")
    changes = db.relationship("Change", back_populates="cve")
    alerts = db.relationship("Alert", back_populates="cve")

    # Index
    __table_args__ = (
        db.Index("cves_vendors_gin_idx", vendors, postgresql_using="gin"),
        db.Index("cves_cwes_gin_idx", cwes, postgresql_using="gin"),
    )

    def __repr__(self):
        return "<Cve {}>".format(self.cve_id)

    @property
    def cvss_weight(self):
        """Only used to sort several CVE by their CVSS"""
        w = 0
        if self.cvss2:
            w += self.cvss2
        if self.cvss3:
            w += self.cvss3
        return w
Esempio n. 4
0
class Change(BaseModel):
    __tablename__ = "changes"

    json = db.Column(JSONType)

    # Relationships
    cve_id = db.Column(UUIDType(binary=False), db.ForeignKey("cves.id"))
    cve = db.relationship("Cve", back_populates="changes")

    task_id = db.Column(UUIDType(binary=False), db.ForeignKey("tasks.id"))
    task = db.relationship("Task", back_populates="changes")

    events = db.relationship("Event", back_populates="change")
Esempio n. 5
0
class Report(BaseModel):
    __tablename__ = "reports"

    public_link = db.Column(db.String(), default=generate_public_link)
    seen = db.Column(db.Boolean(), default=False)
    details = db.Column(JSONType)

    user_id = db.Column(UUIDType(binary=False), db.ForeignKey("users.id"))
    user = db.relationship("User", back_populates="reports")

    alerts = db.relationship("Alert", back_populates="report")

    def __repr__(self):
        return "<Report {}>".format(self.id)
Esempio n. 6
0
class Event(BaseModel):
    __tablename__ = "events"

    type = db.Column(ChoiceType(EVENT_TYPES))
    details = db.Column(JSONType)
    review = db.Column(db.Boolean, default=False)

    # Relationships
    cve_id = db.Column(UUIDType(binary=False), db.ForeignKey("cves.id"))
    cve = db.relationship("Cve", back_populates="events")
    change_id = db.Column(UUIDType(binary=False), db.ForeignKey("changes.id"))
    change = db.relationship("Change", back_populates="events")
    alerts = db.relationship("Alert", secondary=alerts_events)

    def __repr__(self):
        return "<Event {}>".format(self.type)
Esempio n. 7
0
class Task(BaseModel):
    __tablename__ = "tasks"

    # Relationships
    changes = db.relationship("Change", back_populates="task")

    def __repr__(self):
        return "<Task {}>".format(self.created_at)
Esempio n. 8
0
class User(BaseModel, UserMixin):
    __tablename__ = "users"

    # User authentication information
    username = db.Column(db.String(50), nullable=False, unique=True)
    password = db.Column(db.String(255), nullable=False, server_default="")
    reset_password_token = db.Column(db.String(100),
                                     nullable=False,
                                     server_default="")

    # User email information
    email = db.Column(db.String(255), nullable=False, unique=True)
    email_confirmed_at = db.Column(db.DateTime(timezone=True))

    # Notification parameters
    enable_notifications = db.Column(db.Boolean(),
                                     nullable=False,
                                     server_default=expression.true())
    filters_notifications = db.Column(JSONType, default=get_default_filters)
    frequency_notifications = db.Column(ChoiceType(FREQUENCIES_TYPES),
                                        default="always")

    # User information
    active = db.Column("is_active",
                       db.Boolean(),
                       nullable=False,
                       server_default=expression.false())
    first_name = db.Column(db.String(100), nullable=False, server_default="")
    last_name = db.Column(db.String(100), nullable=False, server_default="")
    admin = db.Column(db.Boolean,
                      unique=False,
                      server_default=expression.false())

    # Relationships
    vendors = db.relationship("Vendor", secondary=users_vendors)
    products = db.relationship("Product", secondary=users_products)
    alerts = db.relationship("Alert", back_populates="user")
    reports = db.relationship("Report", back_populates="user")

    @property
    def is_confirmed(self):
        return bool(self.email_confirmed_at)

    def __repr__(self):
        return "<User {}>".format(self.username)
Esempio n. 9
0
class Alert(BaseModel):
    __tablename__ = "alerts"

    details = db.Column(JSONType)
    notify = db.Column(db.Boolean, default=False)

    # Relationships
    events = db.relationship("Event", secondary=alerts_events)

    user_id = db.Column(UUIDType(binary=False), db.ForeignKey("users.id"))
    user = db.relationship("User", back_populates="alerts")

    cve_id = db.Column(UUIDType(binary=False), db.ForeignKey("cves.id"))
    cve = db.relationship("Cve", back_populates="alerts")

    report_id = db.Column(UUIDType(binary=False),
                          db.ForeignKey("reports.id"),
                          nullable=True)
    report = db.relationship("Report", back_populates="alerts")

    def __repr__(self):
        return "<Alert {}>".format(self.id)
Esempio n. 10
0
class CveTag(BaseModel):
    __tablename__ = "cves_tags"

    tags = db.Column(JSONB)

    # Relationships
    user_id = db.Column(UUIDType(binary=False), db.ForeignKey("users.id"))
    user = db.relationship("User", back_populates="cve_tags")

    cve_id = db.Column(UUIDType(binary=False), db.ForeignKey("cves.id"))

    # Index
    __table_args__ = (db.Index("ix_cves_tags", tags, postgresql_using="gin"), )

    def __repr__(self):
        return "<CveTag {}>".format(self.id)
Esempio n. 11
0
class UserTag(BaseModel):
    __tablename__ = "users_tags"

    name = db.Column(db.String(), nullable=False)
    description = db.Column(db.String())
    color = db.Column(db.String(), nullable=False)

    # Relationships
    user_id = db.Column(UUIDType(binary=False),
                        db.ForeignKey("users.id"),
                        nullable=False)
    user = db.relationship("User", back_populates="tags")

    __table_args__ = (UniqueConstraint("name",
                                       "user_id",
                                       name="ix_userstags_name_userid"), )

    def __repr__(self):
        return "<UserTag {}>".format(self.id)