def create_task_by_app_id(**kwargs):
"""
:param kwargs:
:return:
"""
app_id = kwargs.get('app_id', None)
group_id = kwargs.get('group_id', None)
is_force_scan = kwargs.get('is_force_scan', False)
scan_way = kwargs.get('scan_way', 1)
version = kwargs.get('version', '')
if not all((app_id, group_id)):
raise ParameterIsEmptyException('"app_id, group_id" parameters cannot be empty.')
app_obj = get_app_by_id(app_id=app_id)
group_obj = get_t_group_by_id(group_id=group_id)
task = create_task_obj(
app_obj=app_obj,
group_obj=group_obj,
is_force_scan=is_force_scan,
scan_way=scan_way,
version=version,
)
return task
def check_scan_task(app_id):
"""
:return:
"""
task_obj = _get_task_obj(app_id=app_id, status=[2, 3, 4, 5])
if task_obj:
app_obj = get_app_by_id(app_id=app_id)
raise ScanTaskAlreadyExists(""{0}"扫描任务已存在,请等待其执行完成.".format(
app_obj.app_name))
def index(request):
"""
:param request:
:return:
"""
pro_id = request.GET.get('pro', '')
app_id = request.GET.get('a', '')
keyword = request.GET.get('k', '')
archive = request.GET.get('archive', '')
dork_query = get_dork_query(keyword)
page_num = parse_int(request.GET.get('p', 1), 1)
page_size = parse_int(request.GET.get('ps', 20), 20)
sql_where = {'is_archive': False}
project_obj = None
app_obj = None
if pro_id:
sql_where['app__project__id'] = int(pro_id)
project_obj = get_project_by_id(pro_id)
if app_id:
sql_where['app__id'] = int(app_id)
app_obj = get_app_by_id(app_id)
if keyword:
if dork_query['data']:
for q, k in dork_query['data'].items():
if q == 'name':
sql_where['name'] = k
elif q == 'group':
sql_where['group_id'] = k
elif q == 'origin':
sql_where['file_name__icontains'] = k
else:
keyword = keyword.strip()
sql_where['name__icontains'] = keyword
if archive == '1':
sql_where['is_archive'] = True
items = DependentInfo.objects.filter(**sql_where).order_by('-created_at')
paginator = Paginator(items, page_size, request=request, pre_name=u"组件")
page = paginator.page(page_num)
return render(
request, 'project/component/index.html', {
'nav': 'pro',
'page': page,
'keyword': keyword,
'project_obj': project_obj,
'app_obj': app_obj,
'archive': archive,
})
def show(request, app_id):
"""
:param request:
:param app_id:
:return:
"""
model = get_app_by_id(app_id=app_id)
if not model:
return HttpResponseRedirect('/project/app/?errmsg={0}'.format(u'项目未找到!'))
file_list = FileStatisticsInfo.objects.filter(app__id=app_id)
risk_statistics = get_app_risk_by_id(app_id=app_id)
return render(request, 'project/app/show.html', {
'nav': 'pro',
'model': model,
'file_list': file_list,
'risk_statistics': risk_statistics,
})
def index(request, task_id=None):
"""
:param request:
:param task_id:
:return:
"""
app_id = strip(request.GET.get('app', ''))
e = strip(request.GET.get('e', ''))
cate = strip(request.GET.get('c', ''))
risk = strip(request.GET.get('r', ''))
done = strip(request.GET.get('d', ''))
keyword = request.GET.get('k', '')
a = request.GET.get('a', '')
page_num = parse_int(request.GET.get('p', 1), 1)
page_size = parse_int(request.GET.get('ps', 20), 20)
sql_where = {}
app_obj = None
if task_id:
task = get_task_by_id(task_id)
if task:
app_obj = get_app_by_id(task.app.id)
sql_where['app__id'] = task.app.id
if app_id:
app_obj = get_app_by_id(app_id)
sql_where['app__id'] = app_id
if e:
sql_where['tactic__engine__id'] = int(e)
if risk:
sql_where['tactic__risk'] = risk
if cate:
sql_where['tactic__type'] = int(cate)
if keyword:
keyword = keyword.strip()
sql_where['title__icontains'] = keyword
if a:
if a == '1':
sql_where['is_send_alarm'] = True
elif a == '2':
sql_where['scm_url__isnull'] = False
if done:
if done == '1':
sql_where['status__in'] = [2, 3, 4, 5]
elif done == '2':
sql_where['status'] = 1
elif done == '3':
sql_where['is_false_positive'] = True
items = IssueInfo.objects.filter(**sql_where).order_by("-updated_at")
paginator = Paginator(items, page_size, request=request, pre_name=u"问题")
page = paginator.page(page_num)
return render(
request, 'scan/issue/index.html', {
'nav': 'scan',
'page': page,
'e': e,
'c': cate,
'r': risk,
'd': done,
'alarm': a,
'app_obj': app_obj,
'keyword': keyword,
'issues_type': TACTIC_TYPE,
'risk_list': RISK_TYPE,
'engine_list': get_all_engine(),
'issues_status': ISSUE_STATUS,
})
def index(request):
"""
:param request:
:return:
"""
if request.method == 'POST':
try:
save(request)
return HttpResponseRedirect('/scan/task/?msg={0}'.format(
urlquote('下发扫描任务成功!')))
except Exception as ex:
import traceback
traceback.print_exc()
return HttpResponseRedirect('/scan/task/?errmsg={0}'.format(
urlquote(str(ex))))
else:
group = request.GET.get('g', '')
status = request.GET.get('s', '')
app = request.GET.get('a', '')
keyword = request.GET.get('k', '')
form_dt = request.GET.get('dt', '')
page_num = parse_int(request.GET.get('p', 1), 1)
page_size = parse_int(request.GET.get('ps', 20), 20)
sql_where = {}
if status:
sql_where['status'] = int(status)
if app:
sql_where['app__id'] = int(app)
app = get_app_by_id(app)
if group:
group = TaskGroupInfo.objects.filter(id=group).first()
if form_dt:
try:
start_date, end_date = form_dt.split(" - ")
sql_where['start_time__gte'] = '{0} 00:00:00'.format(
start_date)
sql_where['start_time__lte'] = '{0} 23:59:59'.format(end_date)
except:
pass
items = TaskInfo.objects.filter(**sql_where).order_by('-created_at')
paginator = Paginator(items,
page_size,
request=request,
pre_name=u"任务")
page = paginator.page(page_num)
return render(
request, 'scan/task/index.html', {
'nav': 'scan',
'page': page,
's': status,
'group': group,
'app': app,
'keyword': keyword,
'form_dt': form_dt,
'scan_status': SCAN_STATUS,
'template_list': get_profile_all(),
'sched_list': get_sched_all(),
'group_type_list': TASK_GROUP_TYPE,
})