Exemplo n.º 1
0
 def __init__(self, request):
     self.request = request
     self.option = self.post_value('option')
     self.software_id = self.post_value('software_id')
     self.cve_id = self.post_value('cve_id')
     self.cve_matches = CVEMatches()
     self.alerts = Alerts()
Exemplo n.º 2
0
class GetHandler:
    def __init__(self, request):
        self.request = request
        self.cve_matches = CVEMatches()
        self.cve_matcher = CVEMatcher()
        self.uri_binding = self.get_uri_binding_from_get_request()
        self.software_id = self.get_software_id_from_get_request()

    def create_http_response(self, context):
        return HttpResponse(template.render(context, self.request))

    def handle_get_request(self):
        pass

    def get_uri_binding_from_get_request(self):
        return self.request.GET.get('uri_binding')

    def get_software_id_from_get_request(self):
        return self.request.GET.get('software_id')

    def get_option_from_get_request(self):
        return self.request.GET.get('option')

    def get_cve_id_from_get_request(self):
        return self.request.GET.get('cve_id')

    def create_context(self):
        return {
            'cve_matches': self.get_cpe_cve_matches(),
            'uri_binging': self.uri_binding,
            'software_id': self.software_id,
            'software': self.get_software(),
            'cve_search_url': config.get_cve_search_url()
        }

    def get_cpe_cve_matches(self):
        matches = self.search_matches()
        self.insert_new_matches(matches)
        return self.get_new_matches()

    def search_matches(self):
        return self.cve_matcher.search_cves_for_cpe(self.uri_binding)

    def insert_new_matches(self, matches):
        self.cve_matches.insert_software_cve_matches(self.software_id, matches)

    def get_new_matches(self):
        return self.cve_matches.get_software_cve_matches(self.software_id)

    def get_software(self):
        return Inventory().get_software_by_id(self.software_id)
Exemplo n.º 3
0
class PostHandler:

    def __init__(self, request):
        self.request = request
        self.option = self.post_value('option')
        self.software_id = self.post_value('software_id')
        self.cve_id = self.post_value('cve_id')
        self.cve_matches = CVEMatches()
        self.alerts = Alerts()

    def handle_post_request(self):
        if self.option == 'set_cve_as_negative':
            self.cve_matches.set_cve_match_as_negative(self.software_id, self.cve_id)
        elif self.option == 'notify':
            was_sent = self.alerts.send_sw_alert_by_email(self.software_id)
            if not was_sent:
                return HttpResponse('failed')
        return HttpResponse('ok')

    def post_value(self, key):
        return self.request.POST.get(key)
Exemplo n.º 4
0
class PostHandler:
    def __init__(self, request):
        self.alerts = Alerts()
        self.cve_matches = CVEMatches()
        self.request = request
        self.software_id = self.request.POST.get('software_id')
        self.new_status = self.request.POST.get('new_status')

    def handle_post_request(self):
        self.set_cves_as_negatives()
        self.alerts.change_alert_status(self.software_id, self.new_status)

    def set_cves_as_negatives(self):
        if self.new_status == 'removed':
            alert = self.alerts.get_software_alert(self.software_id)
            for cve in alert.get('cves'):
                self.cve_matches.set_cve_match_as_negative(
                    self.software_id, cve)

    @staticmethod
    def create_http_response():
        return HttpResponse(
            '<script type="text/javascript">window.close(); '
            'window.opener.parent.location.href = "/iva/alerts";</script>')
Exemplo n.º 5
0
class PostHandler:
    def __init__(self, request):
        self.cve_matches = CVEMatches()
        self.request = request
        self.software_id = self.post_value('software_id')
        self.cve_id_master = self.post_value('cve_id_master')
        self.option = self.post_value('option')

    def handle_request(self):
        if self.option == 'set_group_as_positive':
            self.set_group_as_positive()
        elif self.option == 'set_group_as_negative':
            self.set_group_as_negative()
        elif self.option == 'set_group_as_removed':
            self.set_group_as_removed()
        elif self.option == 'restore_group':
            self.restore_group()

    def set_group_as_positive(self):
        self.cve_matches.set_cve_matches_group_as_positive(
            self.software_id, self.cve_id_master)

    def set_group_as_negative(self):
        self.cve_matches.set_cve_matches_group_as_negative(
            self.software_id, self.cve_id_master)

    def set_group_as_removed(self):
        self.cve_matches.set_cve_matches_group_as_removed(
            self.software_id, self.cve_id_master)

    def restore_group(self):
        self.cve_matches.restore_cve_matches_group(self.software_id,
                                                   self.cve_id_master)

    def create_http_response(self):
        return HttpResponse('OK')

    def post_value(self, key):
        return self.request.POST.get(key)
Exemplo n.º 6
0
 def __init__(self, request):
     self.request = request
     self.cve_matches = CVEMatches()
     self.cve_matcher = CVEMatcher()
     self.uri_binding = self.get_uri_binding_from_get_request()
     self.software_id = self.get_software_id_from_get_request()
Exemplo n.º 7
0
 def __init__(self, request):
     self.alerts = Alerts()
     self.cve_matches = CVEMatches()
     self.request = request
     self.software_id = self.request.POST.get('software_id')
     self.new_status = self.request.POST.get('new_status')
Exemplo n.º 8
0
def update_software_cve_matches(software):
    CVEMatches().insert_software_cve_matches(software.get('id'), get_cve_matches(software))
Exemplo n.º 9
0
 def get_grouped_matches(self):
     return CVEMatches(
     ).get_software_cve_matches_with_same_cpe_entries_as_cve(
         self.software_id, self.cve_id)