def site_add_edit(request, siteid=None):
if not Group.objects.all().exists():
return render(request, "missing_group.html")
if siteid:
site = get_object_or_404(Site, id=siteid)
form = SiteForm(request.POST or None, instance=site)
template = 'site_edit.html'
else:
site = None
form = SiteForm(request.POST or None)
template = 'site_add.html'
if form.is_valid():
site = form.save()
if siteid:
messages.success(request,
'The site "%s" has been updated.' % site.hostname)
AddLogEntry(username=request.user,
type='configchange',
event='Edited site "%s"' % site.hostname)
else:
messages.success(request,
'The site "%s" has been created.' % site.hostname)
AddLogEntry(username=request.user,
type='configchange',
event='Created new site "%s"' % site.hostname)
return HttpResponseRedirect(
reverse('site_details', kwargs={'siteid': site.id}))
return render(request, template, {'form': form, 'site': site})
def group_add_edit(request, groupid=None):
if groupid:
group = get_object_or_404(Group, id=groupid)
form = GroupForm(request.POST or None, instance=group)
template = 'group_edit.html'
else:
group = None
form = GroupForm(request.POST or None)
template = 'group_add.html'
if form.is_valid():
group = form.save()
if groupid:
messages.success(request,
'The group "%s" has been updated.' % group.name)
AddLogEntry(username=request.user,
type='configchange',
event='Edited group "%s"' % group.name)
else:
messages.success(request,
'The group "%s" has been created.' % group.name)
AddLogEntry(username=request.user,
type='configchange',
event='Created new group "%s"' % group.name)
return HttpResponseRedirect(reverse('group_list'))
return render(request, template, {'form': form, 'group': group})
def StartScan(sitecheck):
### get apiclientstate from DB
apiclientstate = ApiClientState.objects.get(id=1)
### check how many assessments this tlsscout instance is running in total
ourass = SiteCheck.objects.filter(start_time__isnull=False,
finish_time__isnull=True)
if ourass:
if ourass.count() >= apiclientstate.max_concurrent_assessments:
#print "can't start any more new assessments at this time, urgent or not"
return False
### check how many of the running assessments are not urgent
if ourass.filter(urgent=False).count(
) >= settings.SSLLABS_POLITE_CONCURRENT_CHECKS:
#print "can't start any more assessments unless they are urgent"
urgentonly = True
else:
#print "new assessments can be started"
urgentonly = False
else:
#print "new assessments can be started"
urgentonly = False
### can this sitecheck be started?
if sitecheck.urgent or not urgentonly:
if sitecheck.urgent:
AddLogEntry(username='******',
type='engine',
event='Starting urgent check of site %s' %
sitecheck.site.hostname)
else:
AddLogEntry(username='******',
type='engine',
event='Starting regular scheduled check of site %s' %
sitecheck.site.hostname)
### make an API call to start the check
hostinfo = Analyze(
host=sitecheck.site.hostname,
startNew="on",
publish="on" if sitecheck.site.group.publish else "off",
ignorename="on"
if sitecheck.site.group.ignore_name_mismatch else "off",
all="done",
sitecheck=sitecheck)
sitecheck.start_time = timezone.now()
sitecheck.json_result = json.dumps(hostinfo)
if hostinfo and 'status' in hostinfo:
if 'statusMessage' in hostinfo:
sitecheck.status_message = "%s: %s" % (
hostinfo['status'], hostinfo['statusMessage'])
else:
sitecheck.status_message = hostinfo['status']
else:
sitecheck.status_message = "unknown (API didn't supply a status message)"
sitecheck.save()
def __UpdateRunningChecks(self):
runningchecks = SiteCheck.objects.filter(start_time__isnull=False, finish_time__isnull=True)
### loop through them and check each to see if it is finished yet
for check in runningchecks:
### make an API call to see if the check has finished
hostinfo = GetResults(check)
if not hostinfo:
### something went wrong while running the check, error
check.status = "APIERROR"
check.status_message = "Something went wrong while updating status this check"
elif 'status' not in hostinfo:
### hostinfo does not contain a status field, error
check.status = "APIERROR"
check.status_message = "No 'status' value was received from the SSL Labs API"
check.finish_time=timezone.now()
elif hostinfo['status'] == "DNS":
### check is in status DNS
check.status = "DNS"
check.status_message = None
elif hostinfo['status'] == "ERROR":
### check has failed with an error
check.status = "ERROR"
check.status_message = None
check.finish_time=timezone.now()
elif hostinfo['status'] == "IN_PROGRESS":
### check is still running, patience pls
check.status = "IN_PROGRESS"
check.status_message = None
check.json_result = json.dumps(hostinfo)
check.save()
self.__ParseResultJson(sitecheck=check, hostinfo=hostinfo)
AddLogEntry(username='******', type='engine', event='Check of site %s is still running' % check.site.hostname)
elif hostinfo['status'] == "READY":
### check is finished, yay
check.status = "READY"
check.status_message = None
check.json_result = json.dumps(hostinfo)
check.finish_time=timezone.now()
check.save()
self.__ParseResultJson(sitecheck=check, hostinfo=hostinfo)
AddLogEntry(username='******', type='engine', event='Check of site %s is finished' % check.site.hostname)
### check for changes compared to previous check, send alerts if enabled
self.__CheckForChanges(site=check.site)
else:
### hostinfo field has an unknown value, error
check.status = "APIERROR"
check.status_message = "An unexpected 'status' value was received from the SSL Labs API"
check.finish_time=timezone.now()
### save the check and continue
check.save()
continue
def enable_site_alert(request, siteid):
site = get_object_or_404(Site, id=siteid)
form = EnableSiteAlertForm(request.POST or None)
# check if alerting is already enabled for this site
try:
alert = SiteAlert.objects.get(user=request.user, site=site)
messages.error(
request,
'Alerting is already enabled for the site "%s"' % site.hostname)
except SiteAlert.DoesNotExist:
if form.is_valid():
alert = SiteAlert(user=request.user, site=site)
alert.save()
messages.success(
request, 'Alerting has now been enabled for the site "%s"' %
site.hostname)
AddLogEntry(
username=request.user,
type='configchange',
event='Enabled alerting for the user %s for the site %s' %
(alert.user, site.hostname))
return HttpResponseRedirect(
reverse('site_details', kwargs={'siteid': site.id}))
return render(request, 'enable_site_alert.html', {
'form': form,
'site': site
})
def enable_group_alert(request, groupid):
group = get_object_or_404(Group, id=groupid)
form = EnableGroupAlertForm(request.POST or None)
# check if alerting is already enabled for this group
try:
alert = GroupAlert.objects.get(user=request.user, group=group)
messages.error(
request,
'Alerting is already enabled for the group "%s"' % group.name)
except GroupAlert.DoesNotExist:
if form.is_valid():
alert = GroupAlert(user=request.user, group=group)
alert.save()
messages.success(
request, 'Alerting has now been enabled for the group "%s"' %
group.name)
AddLogEntry(
username=request.user,
type='configchange',
event='Enabled alerting for the user "%s" for the group "%s"' %
(alert.user, group.name))
return HttpResponseRedirect(
reverse('group_details', kwargs={'groupid': group.id}))
return render(request, 'enable_group_alert.html', {
'form': form,
'group': group
})
def group_check(request, groupid):
group = get_object_or_404(Group, id=groupid)
form = ScheduleGroupCheckForm(request.POST or None, instance=group)
if group.sites.count() == 0:
return render(request, 'group_check_zero_sites.html', {
'group': group,
})
if form.is_valid():
sites = Site.objects.filter(group=group)
checkcounter = 0
for site in sites:
if not start_urgent_check_ok(site):
messages.error(request, 'A check of the site "%s" is already running, or an urgent check is already scheduled. Not scheduling a new urgent check.' % site.hostname)
else:
check = SiteCheck(site=site, urgent=True)
check.save()
checkcounter += 1
if checkcounter > 0:
messages.success(request, 'Scheduled an urgent check for %s sites in the group "%s"' % (checkcounter, group.name))
AddLogEntry(username=request.user, type='configchange', event='Scheduled an urgent check of the sites in the group "%s"' % group.name)
else:
messages.error(request, 'No new urgent checks scheduled!')
return HttpResponseRedirect(reverse('group_details', kwargs={'groupid': groupid}))
return render(request, 'group_check_confirm.html', {
'group': group,
'form': form
})
def site_delete(request, siteid):
### if this site doesn't exist return 404
site = get_object_or_404(Site, id=siteid)
form = DeleteSiteForm(request.POST or None, instance=site)
if form.is_valid():
site.delete()
messages.success(request,
'The site "%s" has been deleted.' % site.hostname)
AddLogEntry(username=request.user,
type='configchange',
event='Deleted the site "%s"' % site.hostname)
return HttpResponseRedirect(reverse('site_list'))
return render(request, 'site_delete_confirm.html', {
'form': form,
'site': site
})
def site_check(request, siteid):
site = get_object_or_404(Site, id=siteid)
if not start_urgent_check_ok(site):
messages.error(
request,
'A check of the site "%s" is already running, or an urgent check is already scheduled. Not scheduling a new urgent check.'
% site.hostname)
else:
check = SiteCheck(site=site, urgent=True)
check.save()
messages.success(
request,
'Scheduled an urgent check for the site "%s"' % site.hostname)
AddLogEntry(request.user,
type='configchange',
event='Scheduled an urgent check of the site "%s"' %
site.hostname)
return HttpResponseRedirect(
reverse('site_details', kwargs={'siteid': siteid}))
def group_delete(request, groupid):
### if this group doesn't exist return 404
group = get_object_or_404(Group, id=groupid)
if group.sites.count() > 0:
return render(request, 'group_delete_fail.html', {
'group': group
})
form = DeleteGroupForm(request.POST or None, instance=group)
if form.is_valid():
group.delete()
messages.success(request, 'The group "%s" has been deleted.' % group.name)
AddLogEntry(username=request.user, type='configchange', event='Deleted the group "%s"' % group.name)
return HttpResponseRedirect(reverse('group_list'))
return render(request, 'group_delete_confirm.html', {
'group': group,
'form': form
})
def disable_tag_alert(request, alertid):
alert = get_object_or_404(TagAlert, id=alertid)
form = DisableTagAlertForm(request.POST or None, instance=alert)
if form.is_valid():
alert.delete()
messages.success(
request,
'Alerting has been disabled for the tag "%s" for the user "%s"' %
(alert.tag, alert.user))
AddLogEntry(
username=request.user,
type='configchange',
event='Disabled alerting for the user "%s" for the tag "%s"' %
(alert.user, alert.tag))
return HttpResponseRedirect(reverse('tag_list'))
return render(request, 'disable_tag_alert.html', {
'form': form,
'tag': alert.tag,
'user': alert.user
})
def disable_site_alert(request, alertid):
alert = get_object_or_404(SiteAlert, id=alertid)
form = DisableSiteAlertForm(request.POST or None, instance=alert)
if form.is_valid():
alert.delete()
messages.success(
request,
'Alerting has been disabled for the site "%s" for user "%s"' %
(alert.site.hostname, alert.user))
AddLogEntry(
username=request.user,
type='configchange',
event='Disabled alerting for the user "%s" for the site "%s"' %
(alert.user, alert.site.hostname))
return HttpResponseRedirect(
reverse('site_details', kwargs={'siteid': alert.site.id}))
return render(request, 'disable_site_alert.html', {
'form': form,
'site': alert.site,
'user': alert.user
})
def enable_tag_alert(request, tagslug):
tag = get_object_or_404(Tag, slug=tagslug)
form = EnableTagAlertForm(request.POST or None)
# check if alerting is already enabled for this tag
try:
alert = TagAlert.objects.get(user=request.user, tag=tag)
messages.error(request,
'Alerting is already enabled for the tag "%s"' % tag)
except TagAlert.DoesNotExist:
if form.is_valid():
alert = TagAlert(user=request.user, tag=tag)
alert.save()
messages.success(
request,
'Alerting has now been enabled for the tag "%s"' % tag)
AddLogEntry(
username=request.user,
type='configchange',
event='Enabled alerting for the user "%s" for the tag "%s"' %
(alert.user, tag))
return HttpResponseRedirect(reverse('tag_list'))
return render(request, 'enable_tag_alert.html', {'form': form, 'tag': tag})