def _filter(self, filters, workspace_name): try: filters = FlaskRestlessSchema().load(json.loads(filters)) or {} hostname_filters = [] if filters: filters['filters'], hostname_filters = self._hostname_filters( filters.get('filters', [])) except (ValidationError, JSONDecodeError) as ex: logger.exception(ex) flask.abort(400, "Invalid filters") workspace = self._get_workspace(workspace_name) marshmallow_params = { 'many': True, 'context': {}, 'exclude': ('_attachments', ) } if 'group_by' not in filters: offset = None limit = None if 'offset' in filters: offset = filters.pop('offset') if 'limit' in filters: limit = filters.pop( 'limit') # we need to remove pagination, since try: vulns = self._generate_filter_query(VulnerabilityGeneric, filters, hostname_filters, workspace, marshmallow_params) except AttributeError as e: flask.abort(400, e) total_vulns = vulns if limit: vulns = vulns.limit(limit) if offset: vulns = vulns.offset(offset) vulns = self.schema_class_dict['VulnerabilityWeb']( **marshmallow_params).dump(vulns.all()) return vulns, total_vulns.count() else: vulns = self._generate_filter_query( VulnerabilityGeneric, filters, hostname_filters, workspace, marshmallow_params, ) column_names = ['count'] + [ field['field'] for field in filters.get('group_by', []) ] rows = [list(zip(column_names, row)) for row in vulns.all()] vulns_data = [] for row in rows: vulns_data.append({field[0]: field[1] for field in row}) return vulns_data, len(rows)
def _filter(self, filters, workspace_name, confirmed=False): try: filters = FlaskRestlessSchema().load(json.loads(filters)) _, hostname_filters = self._hostname_filters(filters.get('filters', [])) except (ValidationError, JSONDecodeError) as ex: logger.exception(ex) flask.abort(400, "Invalid filters") if confirmed: if 'filters' not in filters: filters = {} filters['filters'] = [] filters['filters'].append({ "name": "confirmed", "op": "==", "val": "true" }) workspace = self._get_workspace(workspace_name) marshmallow_params = {'many': True, 'context': {}} normal_vulns_data = self._filter_vulns(Vulnerability, filters, hostname_filters, workspace, marshmallow_params, False) web_vulns_data = self._filter_vulns(VulnerabilityWeb, filters, hostname_filters, workspace, marshmallow_params, True) return normal_vulns_data + web_vulns_data