def update_dynamic_fields():
"""
Executes the following functions that update dynamic field entries:
skaldship.general.do_host_status
skaldship.exploits.connect_exploits
"""
response.title = "%s :: Update Dynamic Fields" % (settings.title)
users = db(db.auth_user).select()
userlist = []
for user in users:
userlist.append([user.id, user.username])
ag = db(db.t_hosts).select(db.t_hosts.f_asset_group, distinct=True).as_list()
asset_groups = map((lambda x: x["f_asset_group"]), ag)
form = SQLFORM.factory(
Field("f_exploit_link", type="boolean", default=True, label=T("Exploit linking")),
Field("f_host_status", type="boolean", default=True, label=T("Host Service/Vuln counts")),
Field(
"f_asset_group",
type="list:string",
label=T("Asset Group"),
requires=IS_EMPTY_OR(IS_IN_SET(asset_groups, multiple=False)),
),
Field("f_taskit", type="boolean", default=auth.user.f_scheduler_tasks, label=T("Run in background task")),
)
from skaldship.general import do_host_status
from skaldship.exploits import connect_exploits
if form.accepts(request.vars, session):
if form.vars.f_exploit_link:
connect_exploits()
if form.vars.f_host_status:
if form.vars.f_taskit:
task = scheduler.queue_task(
do_host_status,
pvars=dict(asset_group=form.vars.f_asset_group),
group_name=settings.scheduler_group_name,
sync_output=5,
timeout=300, # 5 minutes
)
if task.id:
redirect(URL("tasks", "status", args=task.id))
else:
resp_text = "Error submitting job: %s" % (task.errors)
else:
do_host_status(asset_group=form.vars.f_asset_group)
response.flash = "Task completed!"
elif form.errors:
response.flash = "Error in form"
return dict(form=form, err404=get_oreally_404(request.folder))
def update_dynamic_fields():
"""
Executes the following functions that update dynamic field entries:
skaldship.hosts.do_host_status
skaldship.exploits.connect_exploits
"""
response.title = "%s :: Update Dynamic Fields" % (settings.title)
users = db(db.auth_user).select()
userlist = []
for user in users:
userlist.append( [ user.id, user.username ] )
ag = db(db.t_hosts).select(db.t_hosts.f_asset_group, distinct=True).as_list()
asset_groups = map((lambda x: x['f_asset_group']), ag)
form = SQLFORM.factory(
Field('f_exploit_link', type='boolean', default=True, label=T('Exploit linking')),
Field('f_host_status', type='boolean', default=True, label=T('Host Service/Vuln counts')),
Field('f_asset_group', type='list:string', label=T('Asset Group'), requires=IS_EMPTY_OR(IS_IN_SET(asset_groups, multiple=False))),
Field('f_taskit', type='boolean', default=auth.user.f_scheduler_tasks, label=T('Run in background task')),
)
from skaldship.hosts import do_host_status
from skaldship.exploits import connect_exploits
if form.accepts(request.vars, session):
if form.vars.f_exploit_link:
connect_exploits()
if form.vars.f_host_status:
if form.vars.f_taskit:
task = scheduler.queue_task(
do_host_status,
pvars=dict(asset_group=form.vars.f_asset_group),
group_name=settings.scheduler_group_name,
sync_output=5,
timeout=settings.scheduler_timeout,
)
if task.id:
redirect(URL('tasks', 'status', args=task.id))
else:
resp_text = "Error submitting job: %s" % (task.errors)
else:
do_host_status(asset_group=form.vars.f_asset_group)
response.flash = "Task completed!"
elif form.errors:
response.flash = 'Error in form'
return dict(
form=form,
err404=get_oreally_404(request.folder),
)
def purge_data():
# Purges all the data except user tables
response.title = "%s :: Database Purge" % (settings.title)
users = db(db.auth_user).select()
userlist = []
for user in users:
userlist.append([user.id, user.username])
hosts = db(db.t_hosts).select()
hostlist = []
for host in hosts:
hostlist.append([host.id, host_title_maker(host)])
ag_rows = db(db.t_hosts).select(db.t_hosts.f_asset_group,
distinct=True).as_list()
asset_groups = []
for ag in ag_rows:
asset_groups.append(ag['f_asset_group'])
form = SQLFORM.factory(
Field('host',
type='list:integer',
label=T('Delete a host'),
requires=IS_EMPTY_OR(IS_IN_SET(hostlist))),
Field('engineer',
type='list:integer',
label=T('Hosts by user'),
requires=IS_EMPTY_OR(IS_IN_SET(userlist))),
Field('asset_group',
type='string',
label=T('Asset Group'),
requires=IS_EMPTY_OR(IS_IN_SET(asset_groups))),
Field('all_data', type='boolean', label=T('Truncate all tables')),
Field('are_you_sure',
type='boolean',
label=T('Are you sure?'),
requires=IS_NOT_EMPTY(error_message='ARE YOU SURE?!?!')),
)
if form.accepts(request.vars, session):
if not form.vars.are_you_sure:
form.errors.are_you_sure = 'ARE YOU SURE?'
else:
if form.vars.all_data:
db.t_hosts.truncate(mode="CASCADE")
db.t_services.truncate(mode="CASCADE")
db.t_os.truncate(mode="CASCADE")
db.t_host_os_refs.truncate(mode="CASCADE")
db.t_apps.truncate(mode="CASCADE")
db.t_services_apps_refs.truncate(mode="CASCADE")
db.t_service_vulns.truncate(mode="CASCADE")
db.t_service_info.truncate(mode="CASCADE")
db.t_accounts.truncate(mode="CASCADE")
db.t_host_notes.truncate(mode="CASCADE")
db.t_evidence.truncate(mode="CASCADE")
db.t_snmp.truncate(mode="CASCADE")
db.commit()
response.flash = 'All data purged'
elif form.vars.host:
host_id = form.vars.host
del db.t_hosts[host_id]
response.flash = "Host %s purged" % (form.vars.host)
elif form.vars.engineer:
# TODO: Test this
delcnt = db(
db.t_hosts.f_engineer == form.vars.engineer).delete()
db.commit()
response.flash = "Hosts owned by %s purged (%d records)" % (
form.vars.engineer, delcnt)
elif form.vars.asset_group:
delcnt = db(db.t_hosts.f_asset_group ==
form.vars.asset_group).delete()
db.commit()
response.flash = "Asset group %s purged (%d records)" % (
form.vars.asset_group, delcnt)
elif form.errors:
response.flash = 'Error in form'
return dict(
form=form,
err404=get_oreally_404(request.folder),
)
def error():
response.title = "%s :: Error!" % (settings.title)
return dict(err404=get_oreally_404(request.folder), msg=request.vars.msg)
def purge_data():
# Purges all the data except user tables
response.title = "%s :: Database Purge" % (settings.title)
users = db(db.auth_user).select()
userlist = []
for user in users:
userlist.append( [ user.id, user.username ] )
hosts = db(db.t_hosts).select()
hostlist = []
for host in hosts:
hostlist.append( [ host.id, host_title_maker(host) ] )
ag_rows = db(db.t_hosts).select(db.t_hosts.f_asset_group, distinct=True).as_list()
asset_groups = []
for ag in ag_rows:
asset_groups.append(ag['f_asset_group'])
form = SQLFORM.factory(
Field('host', type='list:integer', label=T('Delete a host'), requires=IS_EMPTY_OR(IS_IN_SET(hostlist))),
Field('engineer', type='list:integer', label=T('Hosts by user'), requires=IS_EMPTY_OR(IS_IN_SET(userlist))),
Field('asset_group', type='string', label=T('Asset Group'), requires=IS_EMPTY_OR(IS_IN_SET(asset_groups))),
Field('all_data', type='boolean', label=T('Truncate all tables')),
Field('are_you_sure', type='boolean', label=T('Are you sure?'), requires=IS_NOT_EMPTY(error_message='ARE YOU SURE?!?!')),
)
if form.accepts(request.vars, session):
if not form.vars.are_you_sure:
form.errors.are_you_sure = 'ARE YOU SURE?'
else:
if form.vars.all_data:
db.t_hosts.truncate(mode="CASCADE")
db.t_services.truncate(mode="CASCADE")
db.t_os.truncate(mode="CASCADE")
db.t_host_os_refs.truncate(mode="CASCADE")
db.t_apps.truncate(mode="CASCADE")
db.t_services_apps_refs.truncate(mode="CASCADE")
db.t_service_vulns.truncate(mode="CASCADE")
db.t_service_info.truncate(mode="CASCADE")
db.t_accounts.truncate(mode="CASCADE")
db.t_host_notes.truncate(mode="CASCADE")
db.t_evidence.truncate(mode="CASCADE")
db.t_snmp.truncate(mode="CASCADE")
db.commit()
response.flash = 'All data purged'
elif form.vars.host:
host_id = form.vars.host
del db.t_hosts[host_id]
response.flash = "Host %s purged" % (form.vars.host)
elif form.vars.engineer:
# TODO: Test this
delcnt = db(db.t_hosts.f_engineer == form.vars.engineer).delete()
db.commit()
response.flash = "Hosts owned by %s purged (%d records)" % (form.vars.engineer, delcnt)
elif form.vars.asset_group:
delcnt = db(db.t_hosts.f_asset_group == form.vars.asset_group).delete()
db.commit()
response.flash = "Asset group %s purged (%d records)" % (form.vars.asset_group, delcnt)
elif form.errors:
response.flash = 'Error in form'
return dict(
form=form,
err404=get_oreally_404(request.folder),
)
def error():
response.title = "%s :: Error!" % (settings.title)
return dict(
err404=get_oreally_404(request.folder),
msg=request.vars.msg
)