def process_submission(form): try: cves = [] for cve in form.cves.data.split(','): cves.append(cve.strip()) group = form.group.data coordinates = CoordinateDict({ coord: form._fields.get('%s_%s' % (group, coord)).data.strip() for coord in SUBMISSION_GROUPS.get(group, []) }) files = upload(group, request.files.get('archive', None), coordinates) for (ondisk, filename, suffix) in files: submit( login.current_user.username, ondisk, group, filename, suffix, cves, coordinates=coordinates ) current_app.config['INDEX_REFRESH_FLAG'] = True flash('Archive Submitted for processing', 'info') except ValueError, ve: flash(escape(ve.message), 'error')
def cves(group): """ Get cves that match the given coordinates for the specified group. Expectes coordinates as arguments. :Parameters: - `group`: The group for which to search in """ try: validkeys = CoordinateDict().validkeys kwargs = { 'coordinates__%s' % (coord): request.args.get(coord).strip() for coord in SUBMISSION_GROUPS.get(group) if coord in request.args and coord in validkeys } if len(kwargs) == 0: raise ValueError('No coordinates given') kwargs['group'] = group fields = ['cves', 'coordinates'] cves = Hash.objects.only(*fields).filter(**kwargs) return stream_items(cves, fields) except ValueError as ve: return error(ve.message) except Exception as e: current_app.logger.debug(e.message) return error()
def submit_archive(group): """ Allows for authenticated users to submit archives """ user = '******' % api_request_user() try: if group not in groups(): raise ValueError('Invalid group specified') if 'cves' not in request.args: raise ValueError('CVE(s) required') cves = [cve.strip() for cve in request.args['cves'].split(',')] coordinates = CoordinateDict({ coord: request.args.get(coord).strip() for coord in SUBMISSION_GROUPS.get(group) if coord in request.args }) files = upload(group, request.files.get('archive', None), coordinates) for (ondisk, filename, suffix) in files: submit( user, ondisk, group, filename, suffix, cves, coordinates=coordinates ) return success() except ValueError as ve: current_app.logger.info('Invalid submission by %s: %s' % (user, ve.message)) return error(ve.message) except Exception as e: current_app.logger.info(e.message) return error()
def process_submission(form, group=None): try: cves = [] for cve in form.cves.data.split(','): cves.append(cve.strip()) if group is None: group = form.group.data coordinates = CoordinateDict({ coord: form._fields.get('%s' % coord).data.strip() for coord in SUBMISSION_GROUPS.get(group, []) }) # remove any empty values coordinates = dict( (k, v) for k, v in coordinates.iteritems() if v is not None and len(v) > 0 ) # if no coordinates given, make None if len(coordinates) == 0: coordinates = None files = upload(group, request.files.get('archive', None), coordinates) for (ondisk, filename, suffix) in files: submit( login.current_user.username, ondisk, group, filename, suffix, cves, coordinates=coordinates ) current_app.config['INDEX_REFRESH_FLAG'] = True flash('Archive Submitted for processing', 'info') except ValueError, ve: flash(escape(ve.message), 'error')