def check_for_update(cve_json, task):
cve_id = cve_json["cve"]["CVE_data_meta"]["ID"]
cve_obj = Cve.query.filter_by(cve_id=cve_id).first()
events = []
# A new CVE has been added
if not cve_obj:
cve_obj = CveUtil.create_cve(cve_json)
logger.info("{} created (ID: {})".format(cve_id, cve_obj.id))
events = [CveUtil.create_event(cve_obj, cve_json, "new_cve", {})]
# Existing CVE has changed
elif CveUtil.cve_has_changed(cve_obj, cve_json):
logger.info("{} has changed, parsing it...".format(cve_obj.cve_id))
events = []
checks = BaseCheck.__subclasses__()
# Loop on each kind of check
for check in checks:
c = check(cve_obj, cve_json)
event = c.execute()
if event:
events.append(event)
# Change the last updated date
cve_obj.updated_at = arrow.get(cve_json["lastModifiedDate"]).datetime
cve_obj.json = cve_json
db.session.commit()
# Create the change
if events:
CveUtil.create_change(cve_obj, cve_json, task, events)
def test_has_changed(app, open_file):
cve_json = open_file("cves/CVE-2020-26116.json")
cve_db = CveUtil.create_cve(cve_json)
cve_db.updated_at = datetime.datetime.now() - datetime.timedelta(days=1)
db.session.commit()
assert CveUtil.cve_has_changed(cve_db, cve_json)