def get_incomplete_scans(self):
if self.pendingRescans == [] or self.dispatchedRescans == []:
from app.models import RescanTask
self.pendingRescans = RescanTask.getPendingTasks()
self.dispatchedRescans = RescanTask.getDispatchedTasks()
return self.pendingRescans + self.dispatchedRescans
def rescan_host(ip):
rescanForm = RescanForm()
if not (rescanForm.validate_on_submit()
or current_app.ScopeManager.is_acceptable_target(ip)):
flash(f"Could not handle rescan request for {ip}", "danger")
return redirect(url_for("host.host", ip=ip))
incompleteScans = current_app.ScopeManager.get_incomplete_scans()
scan_dispatched = {}
for scan in incompleteScans:
scan_dispatched[scan.target] = scan
if ip in scan_dispatched:
scan = scan_dispatched[ip]
scan_window = current_app.agentConfig["scanTimeout"] * 2
if (scan.dispatched and
(datetime.utcnow() - scan.date_dispatched).seconds > scan_window):
# It should never take this long so mark it as not dispatched
scan.dispatched = False
db.session.commit()
current_app.ScopeManager.update_pending_rescans()
current_app.ScopeManager.update_dispatched_rescans()
flash(f"Refreshed stale rescan request for {ip}", "success")
return redirect(url_for("host.host", ip=ip))
flash(f"There's an outstanding rescan request for {ip}", "warning")
return redirect(url_for("host.host", ip=ip))
rescan = RescanTask(user_id=current_user.id, target=ip)
db.session.add(rescan)
db.session.commit()
current_app.ScopeManager.update_pending_rescans()
current_app.ScopeManager.update_dispatched_rescans()
flash(f"Requested rescan of {ip}", "success")
return redirect(url_for("host.host", ip=ip))
def test_rescan_lifecycle(app):
scope_items = ["192.168.0.0/16"]
user = User(email="*****@*****.**")
db.session.add(user)
for s in scope_items:
item = ScopeItem(target=s, blacklist=False)
db.session.add(item)
current_app.ScopeManager.update()
assert current_app.ScopeManager.get_pending_rescans() == []
assert current_app.ScopeManager.get_dispatched_rescans() == []
assert current_app.ScopeManager.get_incomplete_scans() == []
r = RescanTask(target="192.168.123.45", user_id=user.id)
db.session.add(r)
current_app.ScopeManager.update_pending_rescans()
assert len(current_app.ScopeManager.get_pending_rescans()) == 1
assert len(current_app.ScopeManager.get_incomplete_scans()) == 1
r.dispatchTask()
db.session.add(r)
current_app.ScopeManager.update_pending_rescans()
current_app.ScopeManager.update_dispatched_rescans()
assert len(current_app.ScopeManager.get_pending_rescans()) == 0
assert len(current_app.ScopeManager.get_dispatched_rescans()) == 1
assert len(current_app.ScopeManager.get_incomplete_scans()) == 1
r.completeTask("testscanid")
db.session.add(r)
current_app.ScopeManager.update_pending_rescans()
current_app.ScopeManager.update_dispatched_rescans()
assert len(current_app.ScopeManager.get_pending_rescans()) == 0
assert len(current_app.ScopeManager.get_dispatched_rescans()) == 0
assert len(current_app.ScopeManager.get_incomplete_scans()) == 0
def rescan_host(ip):
rescanForm = RescanForm()
if not rescanForm.validate_on_submit():
flash("Form failed to validate", "danger")
return redirect(request.referrer)
if not current_app.ScopeManager.is_acceptable_target(ip):
# Someone is requesting we scan an ip that isn't allowed
flash(f"We're not allowed to scan {ip}", "danger")
return redirect(request.referrer)
incompleteScans = current_app.ScopeManager.get_incomplete_scans()
scan_dispatched = {}
for scan in incompleteScans:
scan_dispatched[scan.target] = scan.dispatched
if ip in scan_dispatched:
if scan_dispatched[ip]:
status = "dispatched"
if (datetime.utcnow() - scan.date_dispatched).seconds > 1200:
# 20 minutes have past since dispatch, something probably went wrong
# move it back to not dispatched and update the cached rescan data
scan.dispatched = False
db.session.add(scan)
db.session.commit()
current_app.ScopeManager.update_pending_rescans()
current_app.ScopeManager.update_dispatched_rescans()
flash(f"Refreshed existing rescan request for {ip}", "success")
return redirect(request.referrer)
else:
status = "pending"
flash(f"There's already a {status} rescan request for {ip}", "warning")
return redirect(request.referrer)
rescan = RescanTask(user_id=current_user.id, target=ip)
db.session.add(rescan)
db.session.commit()
current_app.ScopeManager.update_pending_rescans()
current_app.ScopeManager.update_dispatched_rescans()
flash(f"Requested rescan of {ip}", "success")
return redirect(request.referrer)
def rescan_host(ip):
rescanForm = RescanForm()
if rescanForm.validate_on_submit():
if not isAcceptableTarget(ip):
# Someone is requesting we scan an ip that isn't allowed
flash("We're not allowed to scan %s" % ip, "danger")
return redirect(request.referrer)
incompleteScans = current_app.ScopeManager.getIncompleteScans()
for scan in incompleteScans:
if ip == scan.target:
if scan.dispatched == True:
status = "dispatched"
if (datetime.utcnow() -
scan.date_dispatched).seconds > 1200:
# 20 minutes have past since dispatch, something probably wen't seriously wrong
# move it back to not dispatched and update the cached rescan data
scan.dispatched = False
db.session.add(scan)
db.session.commit()
current_app.ScopeManager.updatePendingRescans()
current_app.ScopeManager.updateDispatchedRescans()
flash("Refreshed existing rescan request for %s" % ip,
"success")
return redirect(request.referrer)
else:
status = "pending"
flash(
"There's already a %s rescan request for %s" %
(status, ip), "warning")
return redirect(request.referrer)
rescan = RescanTask(user_id=current_user.id, target=ip)
db.session.add(rescan)
db.session.commit()
flash("Requested rescan of %s" % ip, "success")
current_app.ScopeManager.updatePendingRescans()
current_app.ScopeManager.updateDispatchedRescans()
return redirect(request.referrer)
def updatePendingRescans(self):
from app.models import RescanTask
self.pendingRescans = RescanTask.getPendingTasks()
def updateDispatchedRescans(self):
from app.models import RescanTask
self.dispatchedRescans = RescanTask.getDispatchedTasks()