def POST(self):
params = web.input()
kw = {
k: params[k].strip()
for k in ("id", "name", "url", "info", "type", "level",
"description")
}
Vul.where(id=params.id.strip()).update(**kw)
return jsonSuccess()
def POST(self):
params = web.input()
kw = {
k: params[k].strip()
for k in ("name", "url", "info", "type", "level", "description",
"host_id")
}
Vul.insert(**kw)
return jsonSuccess()
def GET(self):
params = web.input()
try:
projectid = int(params.id)
except (ValueError, AttributeError):
raise web.internalerror("parameter error.")
project = Project.getraw(projectid)
if project:
hosts = Host.where(project_id=projectid,tmp=0).getsraw()
for host in hosts:
host['vuls'] = Vul.where(host_id=host['id']).getsraw('name','url','info','type','level','description')
host['comments'] = Comment.where(host_id=host['id']).getsraw('name','url','info','level','description')
del host['id']
del host['tmp']
del host['project_id']
project['hosts'] = hosts
del project['id']
projectName = "_".join(project['name'].split(" "))
projectFile = os.path.join("static","tmp",projectName+".proj")
try:
with open(projectFile,'w') as fd:
json.dump(project, fd)
except IOError:
raise web.internalerror("save imported project failed")
def GET(self):
params = web.input()
try:
projectid = int(params.id)
except (ValueError, AttributeError):
raise web.internalerror("parameter error.")
project = Project.getraw(projectid)
if project:
hosts = Host.where(project_id=projectid, tmp=0).getsraw()
for host in hosts:
host['vuls'] = Vul.where(host_id=host['id']).getsraw(
'name', 'url', 'info', 'type', 'level', 'description')
host['comments'] = Comment.where(host_id=host['id']).getsraw(
'name', 'url', 'info', 'level', 'description')
del host['id']
del host['tmp']
del host['project_id']
project['hosts'] = hosts
del project['id']
projectName = "_".join(project['name'].split(" "))
projectFile = os.path.join("static", "tmp", projectName + ".proj")
try:
with open(projectFile, 'w') as fd:
json.dump(project, fd)
except IOError:
raise web.internalerror("save imported project failed")
def GET(self):
params = web.input()
if not params.id.strip().isdigit():
raise web.internalerror("Parameter type error.")
host = Host.get(params.id.strip())
vuls = Vul.where(host_id=host.id).gets("id")
for vul in vuls:
vul.remove()
comments = Comment.where(host_id=host.id).gets("id")
for comment in comments:
comment.remove()
host.remove()
return jsonSuccess()
def GET(self):
params = web.input()
if not params.id.strip().isdigit():
raise web.internalerror("Parameter type error.")
host = Host.get(params.id.strip())
vuls = Vul.where(host_id=host.id).gets("id")
for vul in vuls:
vul.remove()
comments = Comment.where(host_id=host.id).gets("id")
for comment in comments:
comment.remove()
host.remove()
return jsonSuccess()
def POST(self):
web.header('Content-Type', 'application/json')
params = web.input(projectfile={})
try:
fileName = params.projectfile.filename
fileStr = params.projectfile.value
except AttributeError:
raise web.internalerror("Missing parameter.")
projectDict = json.loads(fileStr)
hosts = projectDict.get("hosts", [])
try:
del projectDict['hosts']
except KeyError:
pass
try:
Project(**projectDict).save()
except DBError as error:
raise web.internalerror("failed to insert project " + str(error))
projectid = Project.where(
name=projectDict.get('name')).getsraw('id')[0]['id']
for host in hosts:
vuls = host.get("vuls", [])
comments = host.get("comments", [])
try:
del host['vuls']
del host['comments']
except KeyError:
pass
host['project_id'] = projectid
Host(**host).save()
kwargs = {
key: host[key]
for key in ['url', 'ip', 'port'] if key in host
}
hostid = Host.where(**kwargs).getsraw('id')[0]['id']
for vul in vuls:
vul['host_id'] = hostid
Vul(**vul).save()
for comment in comments:
comment['host_id'] = hostid
Comment(**comment).save()
return jsonSuccess()
def POST(self):
params = web.input()
kw = {k:params[k].strip() for k in ("id","name","url","info","type","level","description")}
Vul.where(id=params.id.strip()).update(**kw)
return jsonSuccess()
def GET(self):
params = web.input()
Vul.delete(params.id.strip())
return jsonSuccess()
def POST(self):
params = web.input()
kw = {k:params[k].strip() for k in ("name","url","info","type","level","description","host_id")}
Vul.insert(**kw)
return jsonSuccess()
def GET(self):
params = web.input()
result = Vul.getraw(params.id)
return json.dumps(result)
def GET(self):
params = web.input()
result = Vul.where(host_id=params.hostid.strip()).orderby(params.orderby.strip()).getsraw('id','name','level')
return json.dumps(result)
def GET(self):
params = web.input()
Vul.delete(params.id.strip())
return jsonSuccess()
def GET(self):
params = web.input()
result = Vul.getraw(params.id)
return json.dumps(result)
def GET(self):
params = web.input()
result = Vul.where(host_id=params.hostid.strip()).orderby(
params.orderby.strip()).getsraw('id', 'name', 'level')
return json.dumps(result)