def add_report():
pokemon = request.args.get('pokemon')
latitude = request.args.get('latitude')
longitude = request.args.get('longitude')
user_id = request.args.get('user_id')
if pokemon is not None and latitude is not None and longitude is not None:
pokemon = float(pokemon)
latitude = float(latitude)
longitude = float(longitude)
report = Reports(latitude, longitude, pokemon, user_id=user_id)
id = report.insert_into_db()
block_dim = 0.01
users_in_radius = User.query.filter(
User.latitude <= latitude + block_dim).filter(
User.latitude >= latitude - block_dim).filter(
User.longitude >= longitude - block_dim).filter(
User.longitude <= longitude + block_dim).all()
for user in users_in_radius:
print(str(user.username) + " is in radius.")
notification = Notifications.query.filter_by(
user=user.id, pokemon=pokemon).first()
if notification is not None:
curr_dir = os.path.dirname(
os.path.realpath(__file__)) + "/pushcert.pem"
send_APN(curr_dir, user.device_token,
pokemonList[int(pokemon)] + " was reported near you!")
return jsonify(success=0, report=report.serialize)
return jsonify(success=1, error='check request params')
def add_report():
time = request.args.get('time')
reporter = 3
latitude = request.args.get('latitude')
longitude = request.args.get('longitude')
type_report = request.args.get('type')
report = Reports(time, reporter, latitude, longitude, type_report)
return jsonify(report=report.insert_into_db())
async def api_create_report(request, *, title):
# logging.info('func:api_create_report')
check_admin(request)
if not title or not title.strip():
raise APIValueError('title', 'title cannot be empty.')
report = Reports(title=title.strip())
await report.save()
return report
def add_report(rboard, rdate, rdeleted, rop):
#newRep = db.session.query(Reports).filter_by(id=id).one()
print(rboard)
print(rdate)
print(rdeleted)
print(rop)
newRep = Reports(board = rboard,
rdate = rdate,
deleted = rdeleted,
op_id = rop,
)
db.session.add(newRep)
db.session.commit()
def insert():
form = WordForm()
if form.validate_on_submit():
name = form.name.data
lat = form.lat.data
lon = form.lon.data
desc = form.description.data
else:
return render_template('submit.html', form=form)
print(name)
print(lat)
print(lon)
print(desc)
# Nuke database
# db.session.execute('DELETE FROM reports WHERE true')
rows = db.session.execute('SELECT * FROM reports')
id = len(rows.fetchall()) + 1
print(id)
#insert = 'INSERT INTO reports (id, name, lon, lat, description) VALUE ({}, \'{}\', \'{}\', \'{}\', \'{}\')'.format(id, name, lat, lon, desc)
#print(insert)
r = Reports(id, name, lat, lon, desc)
db.session.add(r)
db.session.commit()
return render_template('successful.html')
def submit_report():
print('sub')
linked_reqs = request.form.getlist('linked_reqs')
consumers = request.form.get('consumers')
#form_data = request.form
summary=request.form.get('summary','')
summary=unmark_indicators(summary)
#getting rid of pesky dashes
for i in range(8210, 8214):
summary=summary.replace(chr(i),'-')
if request.form.get('is_edited'):
tlp = request.form.get('tlp')
report= Reports.query.filter_by(id=request.form.get('id')).first()
report.title=request.form.get('title')
report.content=summary
report.friendly_id=request.form.get('friendly_id')
#report.tags=request.form.get('tags')
report.is_archived=request.form.get('is_archived')
if report.is_archived:
report.is_archived = 1
else:
report.is_archived = 0
report.tlp=tlp
db.session.commit()
db.session.flush()
goto=url_for('view_report', report_id=report.id)
else:
title = request.form.get('title')
friendly_id = request.form.get('friendly_id')
#tags = request.form.get('tags')
tlp = request.form.get('tlp')
report = Reports(title=title, content=summary,creator=current_user.name,friendly_id=friendly_id,is_archived=False,tlp=tlp)
add_db_entry(report)
goto=url_for('active_reports')
#send a webhook
hooks=Organization.query.filter(Organization.slack_webhook_on_report_create.is_(True)).all()
hooks=[hook.slack_webhook for hook in hooks if hook.slack_webhook]
message='A new report, {}, has been created. To view the report, go to: {}{}'.format(report.title,request.host_url[0:-1], url_for('view_report', report_id=report.id))
wh_data = {
"attachments":[
{
"fallback":message,
"pretext":message,
"color":"#6658EA",
"fields":[
{
"title":"Writer",
"value":report.creator,
"short":'true'
},
{
"title":"ID",
"value":report.friendly_id,
"short":'true'
},
{
"title":"Title",
"value":report.title,
}
]
}
]
}
send_webhook(wh_data, hooks)
ReportTags.query.filter(ReportTags.report == report.id).delete()
if request.form.get('tags'):
tag_list=json.loads(request.form.get('tags'))
for tag in tag_list:
rt=ReportTags(report=report.id, tag=tag['value'])
add_db_entry(rt)
parse_indicators(summary,report.id, queue)
delete_report_requirement_links(report_id=report.id)
add_report_requirement_links(report_ids=[report.id], req_ids=linked_reqs)
return redirect(goto)
def tasks():
scantypes = ['-sT', '-sT', '-sS', '-sA', '-sW', '-sM', '-sN', '-sF', '-sX', '-sU']
if request.method == 'GET':
skip = int(request.args['skip'])
limit = int(request.args['limit'])
sort_by = request.args['sort_by']
sort_context = int(request.args['sort_context'])
search = request.args['search']
if sort_context == -1:
sort_by = '-' + sort_by
query = Reports.objects(user_id=session['current_user']).all().order_by(sort_by)
if search != '':
query = Reports.objects(user_id=session['current_user']).filter(targets__contains=search).all().order_by(
sort_by)
_nmap_tasks = []
paginator = Pagination(query, skip / limit + 1, 10)
_dbreports = paginator.items
for _dbreport in _dbreports:
_nmap_task = celery_pipe.AsyncResult(_dbreport['task_id'])
_report = {
'id': _nmap_task.id,
'targets': _dbreport['targets'],
'options': _dbreport['options'],
'create_date': _dbreport['create_date'],
'status': _nmap_task.status,
'ready': 0
}
if _nmap_task.result and 'done' in _nmap_task.result:
_report.update({'progress': float(_nmap_task.result['done'])})
elif _nmap_task.result and 'report' in _nmap_task.result:
_report.update({'progress': 100})
else:
_report.update({'progress': 0})
if _nmap_task.status in READY_STATES:
_report.update({'ready': 1})
_nmap_tasks.append(_report)
response_content = {
'recordsTotal': Reports.objects.count(),
'recordsFiltered': paginator.total,
'data': _nmap_tasks
}
return jsonify(response_content), 200
elif request.method == 'POST':
data = request.get_json()
if data['targets'] == '':
response_content = {
'code': '403',
'message': 'The targets is not correct!'
}
return jsonify(response_content), 200
scani = int(data.get('scanTechniques', 0))
if data.get('ports', '') != '':
portlist = '-p ' + data.get('ports')
else:
portlist = ''
noping = '-Pn' if data.get('noping', False) else ''
osdetect = '-O' if data.get('osDetection', False) else ''
bannerdetect = '-sV' if data.get('bannerDetection', False) else ''
nse_script = ''
if data.get('scripts', '') != '':
nse_script = '--script={0}'.format(data.get('scripts'))
options = '{0} {1} {2} {3} {4} {5}'.format(scantypes[scani],
portlist,
noping,
osdetect,
bannerdetect,
nse_script)
_celery_task = celery_nmap_scan.delay(targets=str(data['targets']), options=str(options))
report = Reports(user_id=session['current_user'], task_id=_celery_task.id, targets=data['targets'],
options=options)
report.save()
response_content = {
'code': '200',
'message': 'Successful!'
}
return jsonify(response_content), 200
