def process(self):
"""Delete CVE node from graph."""
json_payload = self.prepare_payload()
try:
# Delete cve and its references
call_gremlin(json_payload)
except ValueError as e:
logger.error('Snyk CVEDeletionError - Error deleting vulnerability: {c}'.
format(c=self._cve_id_dict.get('id')))
raise InternalServerError("Snyk CVEDeletionError - While deleting vulnerability") from e
def put(payload):
"""Update CVEDB version."""
json_payload = {
'gremlin': cvedb_version_replace_script_template,
'bindings': {
'cvedb_version': payload.get('version')
}
}
call_gremlin(json_payload)
return payload.get('version')
def get():
"""Get CVEDB version."""
json_payload = {
'gremlin': cvedb_version_get_script_template,
}
response = call_gremlin(json_payload)
data = response.get('result', {}).get('data', [])
return data[0] if data else None
def process(self):
"""Add or replace CVE node in graph."""
# Create EPV nodes first and get a list of failed EPVs
# If any of the EPV creation failed, then do not attempt further processing
succesfull_epvs, all_epvs_succesfull, affected_pkgs = self.create_pv_nodes()
if all_epvs_succesfull:
try:
# Create CVE node
call_gremlin(
self.prepare_payload(*self.get_qstring_for_cve_node())
)
except ValueError:
logger.error('CVEIngestionError - Error creating CVE node: {c}'.format(
c=self._cve_dict['cve_id']))
else:
try:
# Connect CVE node with affected EPV nodes
for query_str in self.get_qstrings_for_edges():
call_gremlin(self.prepare_payload(query_str, self._get_default_bindings()))
logger.debug("CVEIngestionDebug - CVE sub-graph succesfully created for "
"CVE node: {c}".format(c=self._cve_dict['cve_id']))
logger.info("Updating non cve latest version")
update_non_cve_version(affected_pkgs)
except ValueError:
logger.error("CVEIngestionError - Error creating CVE edges."
"Rolling back CVE node: {c}".format(c=self._cve_dict['cve_id']))
call_gremlin(self.prepare_payload(cvedb_roll_back_cve_template,
self._get_default_bindings()))
else:
logger.error('CVEIngestionError - Error creating EPV nodes for CVE node: {c}'.format(
c=self._cve_dict['cve_id']))
def process(self):
"""Add or replace CVE node in graph."""
# Create EPV nodes first and get a list of failed EPVs
# If any of the EPV creation failed, then do not attempt further processing
succesfull_epvs, all_epvs_succesfull, affected_pkgs = self.create_pv_nodes(
)
logger.info("PV nodes created for snyk")
if all_epvs_succesfull:
for vulnerability in self._snyk_pkg_data.get('vulnerabilities'):
try:
# Create CVE node
call_gremlin(
self.prepare_payload(
*self.get_qstring_for_cve_node(vulnerability)))
except ValueError as e:
logger.error(
'Snyk CVEIngestionError - Error creating CVE node: {c}'
.format(c=vulnerability['id']))
raise InternalServerError(
"Snyk CVEIngestionError - "
"While Error creating CVE node.") from e
else:
if len(vulnerability.get('affected')) > 0:
try:
# Connect CVE node with affected EPV nodes
edge_query = add_affected_snyk_edge_script_template
edge_bindings = self._get_default_bindings(
vulnerability)
for vuln_version in vulnerability.get('affected'):
edge_bindings['vuln_version'] = vuln_version
call_gremlin(
self.prepare_payload(
edge_query, edge_bindings))
logger.info(
"Snyk CVEIngestionDebug - CVE sub-graph succesfully "
"created for CVE node: {c}".format(
c=vulnerability['id']))
logger.info(
"Updating non cve latest version (snyk)")
update_non_cve_version(affected_pkgs)
except ValueError as e:
logger.error(
"Snyk CVEIngestionError - Error creating CVE edges."
"Rolling back CVE node: {c}".format(
c=vulnerability['id']))
call_gremlin(
self.prepare_payload(
snyk_roll_back_cve_template,
self._get_default_bindings(vulnerability)))
raise InternalServerError(
"Snyk CVEIngestionError - "
"While creating CVE edges.") from e
else:
logger.error(
'CVEIngestionError - Error creating EPV nodes for package: {e} {p}'
.format(e=self._snyk_pkg_data.get('ecosystem'),
p=self._snyk_pkg_data.get('package')))
raise InternalServerError(
"CVEIngestionError - While creating EPV nodes for package.")
def get_cves(self, script, bindings):
"""Call Gremlin and get the CVE information."""
json_payload = self.prepare_payload(script, bindings)
response = call_gremlin(json_payload)
cve_list = response.get('result', {}).get('data', [])
return {'count': len(cve_list), 'cve_ids': cve_list}
def process(self):
"""Delete CVE node from graph."""
json_payload = self.prepare_payload()
call_gremlin(json_payload)
def test_bad_gremlin_call(mocker):
"""Test utils.call_gremlin()."""
mocker.return_value = RequestsMockResponse({}, 500)
with pytest.raises(ValueError):
call_gremlin({'dummy': 'payload'})
def test_gremlin_call(mocker):
"""Test utils.call_gremlin()."""
mocker.return_value = RequestsMockResponse({}, 200)
assert call_gremlin({'dummy': 'payload'}) == {}
