def create_pv_nodes(self):
"""Create Package and Version nodes, if needed."""
nodes = [] # return (e, p, v) tuples of created/existing nodes; for easier testing
affected_pkgs = {}
all_epvs_created = True
for pv_dict in self._cve_dict.get('affected'):
epv_dict = pv_dict.copy()
epv_dict['ecosystem'] = self._cve_dict.get('ecosystem')
query, bindings = GraphPopulator.construct_graph_nodes(epv_dict)
# Fetch the value of the latest_version from the query created
latest_version = -1
if "latest" in bindings:
latest_version = bindings['latest']
success, json_response = BayesianGraph.execute(self.prepare_payload(query, bindings))
e = epv_dict.get('ecosystem')
p = epv_dict.get('name')
v = epv_dict.get('version')
if p not in affected_pkgs:
tmp = {
"ecosystem": e,
"latest_version": latest_version
}
affected_pkgs[p] = tmp
if not success:
logger.error('CVEIngestionError - Error creating nodes for {e}/{p}/{v}: {r}'.format(
e=e, p=p, v=v, r=str(json_response))
)
all_epvs_created = False
else:
nodes.append((e, p, v))
return nodes, all_epvs_created, affected_pkgs
def create_pv_nodes(self):
"""Create Package and Version nodes, if needed."""
nodes = [
] # return (e, p, v) tuples of created/existing nodes; for easier testing
affected_pkgs = {}
all_epvs_created = True
for pv_dict in self._cve_dict.get('affected'):
epv_dict = pv_dict.copy()
epv_dict['ecosystem'] = self._cve_dict.get('ecosystem')
query = GraphPopulator.construct_graph_nodes(epv_dict)
latest_version = "-1"
# Fetch the value of the latest_version from the query created
if "latest_version" in query:
data = query.split("\'latest_version\'")[1].split(");")[0]
latest_version = data.replace(",", "").strip().replace("'", "")
success, json_response = BayesianGraph.execute(query)
e = epv_dict.get('ecosystem')
p = epv_dict.get('name')
v = epv_dict.get('version')
if p not in affected_pkgs:
tmp = {"ecosystem": e, "latest_version": latest_version}
affected_pkgs[p] = tmp
if not success:
logger.error(
'CVEIngestionError - Error creating nodes for {e}/{p}/{v}: {r}'
.format(e=e, p=p, v=v, r=str(json_response)))
all_epvs_created = False
else:
nodes.append((e, p, v))
return nodes, all_epvs_created, affected_pkgs
def test_execute_invalid_query():
"""Test execution of invalid query."""
invalid_query = "g.count"
status, data = g.execute(invalid_query)
logger.info([status, data])
assert status is False
assert "No such property: count for class:" in data["message"]
def test_return_json_response_data():
"""Test valid response is returned from graph db."""
query = "g.V().count()"
status, data = g.execute(query)
logger.info([status, data])
assert status is True
r = g.return_json_response_data(data)
logger.info(r)
assert r >= 0
def test_http_connection():
"""Test the connection to a graph DB and the result send from the DB."""
result = BayesianGraph.execute("g.V().count()")
code, data = result
logger.info(result)
# logger.info code
# logger.info data
# logger.info data['result']['data']
assert code is True
assert data['result']['data'][0] >= 0
logger.info("Connection to HTTP endpoint: SUCCESS")
def create_pv_nodes(self):
"""Create Package and Version nodes, if needed."""
nodes = [
] # return (e, p, v) tuples of created/existing nodes; for easier testing
affected_pkgs = {}
all_epvs_created = True
p = self._cve_dict.get('package')
e = self._cve_dict.get('ecosystem')
epv_dict = {
"ecosystem": self._cve_dict.get('ecosystem'),
"name": self._cve_dict.get('package')
}
latest_version = ""
for ver in self._cve_dict.get('affected'):
epv_dict['version'] = ver
query = GraphPopulator.construct_graph_nodes(epv_dict)
success, json_response = BayesianGraph.execute(query)
# Fetch the value of the latest_version from the query create
if not latest_version and "latest_version" in query:
data = query.split("\'latest_version\'")[1].split(");")[0]
latest_version = data.replace(",", "").strip().replace("'", "")
if not success:
logger.error(
'CVEIngestionError - Error creating nodes for {e}/{p}/{v}: {r}'
.format(e=e, p=p, v=ver, r=str(json_response)))
all_epvs_created = False
else:
nodes.append((e, p, ver))
if p not in affected_pkgs:
affected_pkg = {"ecosystem": e, "latest_version": latest_version}
affected_pkgs[p] = affected_pkg
# To create the latest version node if not present
if latest_version and latest_version != "-1":
epv_dict['version'] = latest_version
query = GraphPopulator.construct_graph_nodes(epv_dict)
BayesianGraph.execute(query)
return nodes, all_epvs_created, affected_pkgs
def create_pv_nodes(self):
"""Create Package and Version nodes, if needed."""
nodes = [
] # return (e, p, v) tuples of created/existing nodes; for easier testing
all_epvs_created = True
for pv_dict in self._cve_dict.get('affected'):
epv_dict = pv_dict.copy()
epv_dict['ecosystem'] = self._cve_dict.get('ecosystem')
query = GraphPopulator.construct_graph_nodes(epv_dict)
success, json_response = BayesianGraph.execute(query)
e = epv_dict.get('ecosystem')
p = epv_dict.get('name')
v = epv_dict.get('version')
if not success:
logger.error(
'CVEIngestionError - Error creating nodes for {e}/{p}/{v}: {r}'
.format(e=e, p=p, v=v, r=str(json_response)))
all_epvs_created = False
else:
nodes.append((e, p, v))
return nodes, all_epvs_created
def create_pv_nodes(self):
"""Create Package and Version nodes, if needed."""
nodes = [] # return (e, p, v) tuples of created/existing nodes; for easier testing
affected_pkgs = {}
all_epvs_created = True
p = self._snyk_pkg_data.get('package')
e = self._snyk_pkg_data.get('ecosystem')
latest_version = self._snyk_pkg_data.get('latest_version')
latest_non_cve_version = ''
epv_dict = {
"ecosystem": e,
"name": p,
"latest_version": latest_version
}
if latest_version not in self._snyk_pkg_data.get('affected'):
logger.info("Latest version is not affected {}".format(p))
latest_non_cve_version = latest_version
else:
logger.info("Latest version is affected {p} {v}".format(p=p, v=latest_version))
if e == 'golang':
itr_list = self._snyk_pkg_data.get('all_ver')
epv_dict['gh_link'] = self._snyk_pkg_data.get('gh_link')
epv_dict['license'] = self._snyk_pkg_data.get('license')
else:
itr_list = self._snyk_pkg_data.get('affected')
for ver in itr_list:
epv_dict['version'] = ver
query = GraphPopulator.construct_graph_nodes(epv_dict)
success, json_response = BayesianGraph.execute(query)
# Fetch the value of the latest_version from the query create
if not latest_version and "latest_version" in query:
data = query.split("\'latest_version\'")[1].split(");")[0]
latest_version = data.replace(",", "").strip().replace("'", "")
if not success:
logger.error('CVEIngestionError - Error creating nodes for {e}/{p}/{v}: {r}'.format(
e=e, p=p, v=ver, r=str(json_response))
)
all_epvs_created = False
else:
nodes.append((e, p, ver))
# To create the latest version node if not present
if latest_version and latest_version != "-1" and e != "golang":
epv_dict['version'] = latest_version
logger.info("Creating latest version node {e} {p} {v}".format(e=epv_dict['ecosystem'],
p=epv_dict['name'],
v=epv_dict['version']))
query = GraphPopulator.construct_graph_nodes(epv_dict)
BayesianGraph.execute(query)
res = ""
if latest_non_cve_version:
res = update_non_cve_on_pkg(e, p, latest_non_cve_version)
if p not in affected_pkgs and res != "Success":
affected_pkg = {
"ecosystem": e,
"latest_version": latest_version
}
affected_pkgs[p] = affected_pkg
return nodes, all_epvs_created, affected_pkgs
def handle_properties(ecosystem, package, version):
"""
Handle (update/delete) properties associated with given EPV.
Update replaces properties with the same name.
Expects JSON payload in following format:
{
"properties": [
{
"name": "cve_ids",
"value": "CVE-3005-0001:10"
}
]
}
"value" can be omitted in DELETE requests.
:param ecosystem: str, ecosystem
:param package: str, package name
:param version: str, package version
:return: 200 on success, 400 on failure
"""
# TODO: reduce cyclomatic complexity
input_json = request.get_json()
properties = input_json.get('properties')
error = flask.jsonify({'error': 'invalid input'})
if not properties:
return error, 400
input_json = {
k: GraphPopulator.sanitize_text_for_query(str(v))
for k, v in input_json.items()
}
if request.method == 'PUT':
if [
x for x in properties
if not x.get('name') or x.get('value') is None
]:
return error, 400
log_msg = '[{m}] Updating properties for {e}/{p}/{v} with payload {b}'
current_app.logger.info(
log_msg.format(m=request.method,
e=ecosystem,
p=package,
v=version,
b=input_json))
query_statement = "g.V()" \
".has('pecosystem','{ecosystem}')" \
".has('pname','{pkg_name}')" \
".has('version','{version}')".format(ecosystem=ecosystem,
pkg_name=package,
version=version)
statement = ''
if request.method in ('DELETE', 'PUT'):
# build "delete" part of the statement
drop_str = ""
for prop in properties:
drop_str += query_statement
drop_str += ".properties('{property}').drop().iterate();".format(
property=prop['name'])
statement += drop_str
if request.method == 'PUT':
# build "add" part of the statement
add_str = ""
for prop in properties:
add_str += ".property('{property}','{value}')".format(
property=prop['name'], value=prop['value'])
statement += query_statement + add_str + ';'
current_app.logger.info('Gremlin statement: {s}'.format(s=statement))
success, response_json = BayesianGraph.execute(statement)
if not success:
current_app.logger.error(
"Failed to update properties for {e}/{p}/{v}".format(e=ecosystem,
p=package,
v=version))
return flask.jsonify(response_json), 400
return flask.jsonify(response_json), 200
