def delete(self, project_id: int) -> Tuple[dict, int]:
ProjectQuota.query.filter_by(project_id=project_id).delete()
ProjectQuota.commit()
return {
"message":
f"ProjectQuota with project_id {project_id} was successfully deleted"
}, 200
def post(self, project_id: Optional[int] = None) -> Tuple[dict, int]:
data = self._parser_post.parse_args()
project = Project.get_or_404(project_id)
project_quota = ProjectQuota(
project_id=project.id,
performance_test_runs=data["performance_test_runs"],
code_repositories=data["code_repositories"],
dast_scans=data["dast_scans"],
public_pool_workers=data["public_pool_workers"],
storage_space=data["storage_space"],
data_retention_limit=data["data_retention_limit"],
tasks_limit=data["tasks_limit"])
project_quota.insert()
return {"message": f"ProjectQuota was successfully created"}, 201
def post(self, project_id: int):
args = self._parser_post.parse_args(strict=False)
project = Project.get_or_404(project_id)
# TODO move sast/dast quota checks to a new endpoint, which will be triggered before the scan
if args["scan_type"].lower() == 'sast':
if not ProjectQuota.check_quota(project_id=project_id,
quota='sast_scans'):
return {
"Forbidden":
"The number of sast scans allowed in the project has been exceeded"
}
elif args["scan_type"].lower() == 'dast':
if not ProjectQuota.check_quota(project_id=project_id,
quota='dast_scans'):
return {
"Forbidden":
"The number of dast scans allowed in the project has been exceeded"
}
report = SecurityResults(
scan_time=datetime.utcnow().strftime("%Y-%m-%d %H:%M:%S"),
project_id=project.id,
scan_duration=args["scan_time"],
project_name=args["project_name"],
app_name=args["app_name"],
dast_target=args["dast_target"],
sast_code=args["sast_code"],
scan_type=args["scan_type"],
findings=args["findings"] -
(args["false_positives"] + args["excluded"]),
false_positives=args["false_positives"],
excluded=args["excluded"],
info_findings=args["info_findings"],
environment=args["environment"])
report.insert()
statistic = Statistic.query.filter_by(project_id=project_id).first()
if args["scan_type"].lower() == 'sast':
setattr(statistic, 'sast_scans', Statistic.sast_scans + 1)
elif args["scan_type"].lower() == 'dast':
setattr(statistic, 'dast_scans', Statistic.dast_scans + 1)
statistic.commit()
return {"id": report.id}
def check_tasks_quota(task):
if not ProjectQuota.check_quota(project_id=task['project_id'], quota='tasks_executions'):
data = {"ts": int(mktime(datetime.utcnow().timetuple())), 'results': 'Forbidden',
'stderr': "The number of task executions allowed in the project has been exceeded"}
headers = {
"Content-Type": "application/json",
"Token": task['token']
}
auth_token = unsecret("{{secret.auth_token}}", project_id=task['project_id'])
if auth_token:
headers['Authorization'] = f'bearer {auth_token}'
post(f'{APP_HOST}/api/v1/task/{task["task_id"]}/results', headers=headers, data=dumps(data))
raise Forbidden(description="The number of task executions allowed in the project has been exceeded")
def post(self, project_id: int):
args = self.post_parser.parse_args(strict=False)
project = Project.get_or_404(project_id)
if args.get("file"):
file = args["file"]
if file.filename == "":
return {"message": "file not selected", "code": 400}, 400
elif args.get("url"):
file = File(args.get("url"))
else:
return {"message": "Task file is not specified", "code": 400}, 400
if file and allowed_file(file.filename):
if not ProjectQuota.check_quota(project_id=project.id,
quota='tasks_count'):
raise Forbidden(
description=
"The number of tasks allowed in the project has been exceeded"
)
task_id = create_task(project, file, args).task_id
return {"file": task_id, "code": 0}, 200
def post(self, project_id: int):
args = self._parser_post.parse_args(strict=False)
project = Project.get_or_404(project_id)
if not ProjectQuota.check_quota(project_id=project_id,
quota='performance_test_runs'):
return {
"Forbidden":
"The number of performance test runs allowed in the project has been exceeded"
}
report = APIReport(name=args["test_name"],
status=args["status"],
project_id=project.id,
environment=args["environment"],
type=args["type"],
end_time="",
start_time=args["start_time"],
failures=0,
total=0,
thresholds_missed=0,
throughput=0,
vusers=args["vusers"],
pct95=0,
duration=args["duration"],
build_id=args["build_id"],
lg_type=args["lg_type"],
onexx=0,
twoxx=0,
threexx=0,
fourxx=0,
fivexx=0,
requests="",
release_id=args.get("release_id"),
test_uid=args.get("test_id"))
report.insert()
statistic = Statistic.query.filter_by(project_id=project_id).first()
setattr(statistic, 'performance_test_runs',
Statistic.performance_test_runs + 1)
statistic.commit()
return report.to_json()
def execute_lambda(self, task, event, *args, **kwargs):
if not ProjectQuota.check_quota(project_id=task['project_id'], quota='tasks_executions'):
data = {"ts": int(mktime(datetime.utcnow().timetuple())), 'results': 'Forbidden',
'stderr': "The number of task executions allowed in the project has been exceeded"}
headers = {
"Content-Type": "application/json",
"Token": task['token']
}
auth_token = unsecret("{{secret.auth_token}}", project_id=task['project_id'])
if auth_token:
headers['Authorization'] = f'bearer {auth_token}'
post(f'{APP_HOST}/api/v1/task/{task["task_id"]}/results', headers=headers, data=dumps(data))
raise Forbidden(description="The number of task executions allowed in the project has been exceeded")
statistic = db_session.query(Statistic).filter(Statistic.project_id == task['project_id']).first()
setattr(statistic, 'tasks_executions', Statistic.tasks_executions + 1)
statistic.commit()
res = run_lambda(task, event)
if task['callback']:
event['result'] = res
task = db_session.query(Task).filter(Task.task_id == task['callback'])[0].to_json()
execute_lambda.apply_async(kwargs=dict(task=task, event=event))
return res