def update_vulnerabilities_date(analyst: str, finding_id: str):
"""Update vulnerabilities date when a verification is required."""
vulnerabilities = cast(List[Dict[str, str]],
finding_dal.get_vulnerabilities(finding_id))
for vuln in vulnerabilities:
all_states = cast(List[Dict[str, str]], vuln.get('historic_state', []))
current_state: Dict[str, str] = all_states[len(all_states) - 1]
tzn = pytz.timezone(settings.TIME_ZONE) # type: ignore
last_date = datetime.strptime(
str(current_state.get('date')).split(' ')[0], '%Y-%m-%d')
last_date = cast(datetime, last_date.replace(tzinfo=tzn).date())
current_date = datetime.now(tz=tzn).date()
if last_date != current_date:
historic_state: List[Dict[str, str]] = []
current_time = datetime.now(
tz=tzn).today().strftime('%Y-%m-%d %H:%M:%S')
last_state = {
'date': current_time,
'state': current_state.get('state', ''),
'analyst': analyst
}
historic_state.append(last_state)
vuln_dal.update_state(finding_id, vuln.get('UUID', ''),
'historic_state', historic_state, [vuln])
else:
# A finding that change the same day should not be updated
pass
def delete_vulnerability(finding_id: str, vuln_id: str, justification: str,
user_email: str) -> bool:
vulnerability = vuln_dal.get(finding_id, uuid=vuln_id)
success = False
if vulnerability and vulnerability[0].get('historic_state'):
all_states = cast(List[Dict[str, str]],
vulnerability[0].get('historic_state'))
current_state = all_states[-1].get('state')
if current_state == 'open':
tzn = pytz.timezone(settings.TIME_ZONE) # type: ignore
current_day = datetime.now(
tz=tzn).today().strftime('%Y-%m-%d %H:%M:%S')
new_state = {
'date': current_day,
'state': 'DELETED',
'justification': justification,
'analyst': user_email
}
success = vuln_dal.update_state(
finding_id, str(vulnerability[0].get('UUID', '')),
'historic_state', [new_state],
cast(List[Dict[str, str]], vulnerability))
return success
def reject_vulnerability(finding_id: str, historic_state: List[Dict[str, str]],
vulnerability: List[Dict[str,
str]], vuln_id: str) -> bool:
""" Reject vulnerability: remove last_state of historic_state or remove
if only one state present in historic_state """
historic_state.pop()
response = False
if historic_state:
response = vuln_dal.update_state(finding_id,
str(vulnerability[0].get('UUID', '')),
'historic_state', historic_state,
vulnerability)
else:
response = vuln_dal.delete(vuln_id, finding_id)
return response
def approve_vulnerability(finding_id: str, historic_state: List[Dict[str,
str]],
last_state: Dict[str, str],
vulnerability: List[Dict[str, str]]) -> bool:
""" Approve vulnerability """
tzn = pytz.timezone(settings.TIME_ZONE) # type: ignore
current_day = datetime.now(tz=tzn).today().strftime('%Y-%m-%d %H:%M:%S')
current_state = {
'date': current_day,
'state': last_state.get('state', ''),
'approval_status': 'APPROVED',
'analyst': last_state.get('analyst', '')
}
historic_state[-1] = current_state
return vuln_dal.update_state(finding_id,
str(vulnerability[0].get('UUID', '')),
'historic_state', historic_state,
vulnerability)
def update_vuln_state(info, vulnerability: List[Dict[str, str]],
item: Dict[str, str], finding_id: str,
current_day: str) -> bool:
"""Update vulnerability state."""
historic_state = cast(List[Dict[str, str]],
vulnerability[0].get('historic_state'))
last_state = historic_state[len(historic_state) - 1]
response = False
if last_state.get('state') != item.get('state'):
historic_state = []
user_data = cast(UserType, util.get_jwt_content(info.context))
analyst = str(user_data['user_email'])
if util.is_api_token(user_data):
current_state = {
'date': current_day,
'state': item.get('state', ''),
'origin': item.get('origin', ''),
'approval_status': 'PENDING',
'analyst': 'api-{email}'.format(email=analyst)
}
else:
current_state = {
'date': current_day,
'state': item.get('state', ''),
'analyst': analyst
}
historic_state.append(current_state)
remove_treatment_manager = True
if item.get('state') == 'closed':
remove_treatment_manager = vuln_dal.update(
finding_id, vulnerability[0].get('UUID', ''),
{'treatment_manager': None})
response = vuln_dal.update_state(
finding_id, str(vulnerability[0].get(
'UUID', '')), 'historic_state', historic_state,
vulnerability) and remove_treatment_manager
else:
response = True
return response