def post(self): """ 添加域名到资产组中 """ args = self.parse_args(add_domain_fields) domain = args.pop("domain") scope_id = args.pop("scope_id") if not utils.is_valid_domain(domain): return utils.build_ret(ErrorMsg.DomainInvalid, {"domain": domain}) scope_data = utils.conn_db('asset_scope').find_one({"_id": ObjectId(scope_id)}) if not scope_data: return utils.build_ret(ErrorMsg.NotFoundScopeID, {"scope_id": scope_id}) if utils.get_fld(domain) not in scope_data["scope"]: return utils.build_ret(ErrorMsg.DomainNotFoundViaScope, {"domain": domain}) domain_data = utils.conn_db("asset_domain").find_one({"domain": domain, "scope_id": scope_id}) if domain_data: return utils.build_ret(ErrorMsg.DomainInScope, {"domain": domain}) options = { "celery_action": CeleryAction.ADD_DOMAIN_TO_SCOPE, "data": { "domain": domain, "scope_id": scope_id } } celerytask.arl_task.delay(options=options) return utils.build_ret(ErrorMsg.Success, options["data"])
def post(self): """ 资产组添加 """ args = self.parse_args(add_asset_scope_fields) name = args.pop('name') scope = args.pop('scope') black_scope = args.pop('black_scope') black_scope_array = [] if black_scope: black_scope_array = re.split(r",|\s", black_scope) scope_array = re.split(r",|\s", scope) for x in scope_array: if not utils.is_valid_domain(x): return utils.build_ret(ErrorMsg.DomainInvalid, {"scope": x}) if not scope_array: return utils.build_ret(ErrorMsg.DomainInvalid, {"scope": ""}) scope_data = { "name": name, "scope": scope, "scope_array": scope_array, "black_scope": black_scope, "black_scope_array": black_scope_array, } conn('asset_scope').insert(scope_data) scope_id = str(scope_data.pop("_id")) scope_data["scope_id"] = scope_id data = {"message": "success", "data": scope_data, "code": 200} return data
def post(self): """ 添加资产范围 """ args = self.parse_args(add_scope_fields) scope = str(args.pop('scope', "")).lower() scope_id = args.pop('scope_id', "") table = 'asset_scope' query = {'_id': ObjectId(scope_id)} scope_data = utils.conn_db(table).find_one(query) if not scope_data: return utils.build_ret(ErrorMsg.NotFoundScopeID, { "scope_id": scope_id, "scope": scope }) scope_type = scope_data.get("scope_type") if scope_type not in [AssetScopeType.IP, AssetScopeType.DOMAIN]: scope_type = AssetScopeType.DOMAIN scope_array = re.split(r",|\s", scope) # 清除空白符 scope_array = list(filter(None, scope_array)) if not scope_array: return utils.build_ret(ErrorMsg.DomainInvalid, {"scope": ""}) for x in scope_array: new_scope = x if scope_type == AssetScopeType.DOMAIN: if not utils.is_valid_domain(x): return utils.build_ret(ErrorMsg.DomainInvalid, {"scope": x}) if scope_type == AssetScopeType.IP: transfer = utils.ip.transfer_ip_scope(x) if transfer is None: return utils.build_ret(ErrorMsg.ScopeTypeIsNotIP, {"scope": x}) new_scope = transfer if new_scope in scope_data.get("scope_array", []): return utils.build_ret(ErrorMsg.ExistScope, { "scope_id": scope_id, "scope": x }) scope_data["scope_array"].append(new_scope) scope_data["scope"] = ",".join(scope_data["scope_array"]) utils.conn_db(table).find_one_and_replace(query, scope_data) return utils.build_ret(ErrorMsg.Success, { "scope_id": scope_id, "scope": scope })
def post(self): """ 添加域名到资产组中 """ args = self.parse_args(add_domain_fields) raw_domain = args.pop("domain") domain_list = re.split(r",|\s", raw_domain) domain_list = list(set(filter(None, domain_list))) scope_id = args.pop("scope_id") scope_data = utils.conn_db('asset_scope').find_one( {"_id": ObjectId(scope_id)}) if not scope_data: return utils.build_ret(ErrorMsg.NotFoundScopeID, {"scope_id": scope_id}) domain_in_scope_list = [] add_domain_list = [] for domain in domain_list: if not utils.is_valid_domain(domain): return utils.build_ret(ErrorMsg.DomainInvalid, {"domain": domain}) if utils.get_fld(domain) not in scope_data["scope"]: return utils.build_ret(ErrorMsg.DomainNotFoundViaScope, {"domain": domain}) domain_data = utils.conn_db("asset_domain").find_one({ "domain": domain, "scope_id": scope_id }) if domain_data: domain_in_scope_list.append(domain) continue add_domain_list.append(domain) for domain in add_domain_list: options = { "celery_action": CeleryAction.ADD_DOMAIN_TO_SCOPE, "data": { "domain": domain, "scope_id": scope_id } } celerytask.arl_task.delay(options=options) ret_data = { "domain": ",".join(add_domain_list), "scope_id": scope_id, "domain_in_scope": ",".join(domain_in_scope_list) } if len(add_domain_list) == 0: return utils.build_ret(ErrorMsg.DomainNotFoundNotInScope, ret_data) return utils.build_ret(ErrorMsg.Success, ret_data)
def post(self): """ 资产组添加 """ args = self.parse_args(add_asset_scope_fields) name = args.pop('name') scope = args.pop('scope') black_scope = args.pop('black_scope') scope_type = args.pop('scope_type') if scope_type not in [AssetScopeType.IP, AssetScopeType.DOMAIN]: scope_type = AssetScopeType.DOMAIN black_scope_array = [] if black_scope: black_scope_array = re.split(r",|\s", black_scope) scope_array = re.split(r",|\s", scope) # 清除空白符 scope_array = list(filter(None, scope_array)) new_scope_array = [] for x in scope_array: if scope_type == AssetScopeType.DOMAIN: if not utils.is_valid_domain(x): return utils.build_ret(ErrorMsg.DomainInvalid, {"scope": x}) new_scope_array.append(x) if scope_type == AssetScopeType.IP: transfer = utils.ip.transfer_ip_scope(x) if transfer is None: return utils.build_ret(ErrorMsg.ScopeTypeIsNotIP, {"scope": x}) new_scope_array.append(transfer) if not new_scope_array: return utils.build_ret(ErrorMsg.DomainInvalid, {"scope": ""}) scope_data = { "name": name, "scope_type": scope_type, "scope": ",".join(new_scope_array), "scope_array": new_scope_array, "black_scope": black_scope, "black_scope_array": black_scope_array, } conn('asset_scope').insert(scope_data) scope_id = str(scope_data.pop("_id")) scope_data["scope_id"] = scope_id return utils.build_ret(ErrorMsg.Success, scope_data)
def post(self): """ 添加资产范围 """ args = self.parse_args(add_scope_fields) scope = str(args.pop('scope', "")).lower() scope_array = re.split(r",|\s", scope) # 清除空白符 scope_array = list(filter(None, scope_array)) if not scope_array: return utils.build_ret(ErrorMsg.DomainInvalid, {"scope": ""}) scope_id = args.pop('scope_id', "") table = 'asset_scope' query = {'_id': ObjectId(scope_id)} scope_data = utils.conn_db(table).find_one(query) if not scope_data: return utils.build_ret(ErrorMsg.NotFoundScopeID, { "scope_id": scope_id, "scope": scope }) logger.info(scope_array) for x in scope_array: if not utils.is_valid_domain(x): return utils.build_ret(ErrorMsg.DomainInvalid, {"scope": x}) if x in scope_data.get("scope_array", []): return utils.build_ret(ErrorMsg.ExistScope, { "scope_id": scope_id, "scope": x }) scope_data["scope_array"].append(x) scope_data["scope"] = ",".join(scope_data["scope_array"]) utils.conn_db(table).find_one_and_replace(query, scope_data) return utils.build_ret(ErrorMsg.Success, { "scope_id": scope_id, "scope": scope })
def _get_ip_domain_list(self, target_lists): ip_list = set() domain_list = set() for item in target_lists: if not item: continue if utils.is_vaild_ip_target(item): if not utils.not_in_black_ips(item): raise Exception("{} 在黑名单IP中".format(item)) ip_list.add(item) elif utils.is_valid_domain(item): domain_list.add(item) else: raise Exception("{} 无效的目标".format(item)) return ip_list, domain_list
def get(self): """ 任务同步资产组查询 """ args = self.parser.parse_args() target = args.pop("target") if not utils.is_valid_domain(target): return utils.build_ret(ErrorMsg.DomainInvalid, {"target": target}) args["scope_array"] = utils.get_fld(target) args["size"] = 100 args["order"] = "_id" data = self.build_data(args=args, collection='asset_scope') ret = [] for item in data["items"]: if utils.is_in_scopes(target, item["scope_array"]): ret.append(item) data["items"] = ret data["total"] = len(ret) return data
def post(self): """ 任务提交 """ args = self.parse_args(add_task_fields) name = args.pop('name') target = args.pop('target') target = target.strip().lower() task_data = { "name": name, "target": target, "start_time": "-", "end_time": "-", "task_tag": "task", #标记为正常下发的任务 "service": [], "status": "waiting", "options": args, "type": "domain" } logger.info(task_data) target_lists = re.split(r",|\s", target) # 清除空白符 target_lists = list(filter(None, target_lists)) ip_target_list = [] ret_items = [] for item in target_lists: if not utils.is_valid_domain( item) and not utils.is_vaild_ip_target(item): return utils.build_ret(ErrorMsg.TargetInvalid, data={"target": item}) if utils.is_vaild_ip_target(item): if not utils.not_in_black_ips(item): return utils.build_ret(ErrorMsg.IPInBlackIps, data={"ip": item}) for item in target_lists: if utils.is_valid_domain(item): ret_item = {"target": item, "type": "domain"} domain_task_data = task_data.copy() domain_task_data["target"] = item _task_data = submit_task(domain_task_data) ret_item["task_id"] = _task_data.get("task_id", "") ret_item["celery_id"] = _task_data.get("celery_id", "") ret_items.append(ret_item) elif utils.is_vaild_ip_target(item): if utils.not_in_black_ips(item): ip_target_list.append(item) else: ret_item = { "target": item, "type": "in black ip list", "task_id": "", "celery_id": "" } ret_items.append(ret_item) else: ret_item = { "target": item, "type": "unknown", "task_id": "", "celery_id": "" } ret_items.append(ret_item) if ip_target_list: ip_task_data = task_data.copy() ip_task_data["target"] = " ".join(ip_target_list) ip_task_data["type"] = "ip" ret_item = { "target": ip_task_data["target"], "type": ip_task_data["type"] } _task_data = submit_task(ip_task_data) ret_item["task_id"] = _task_data.get("task_id", "") ret_item["celery_id"] = _task_data.get("celery_id", "") ret_items.append(ret_item) ret_data = { "items": ret_items, "options": args, "message": "success", "code": 200 } return ret_data