def get_remediated_findings():
"""Summary mail send with findings that have not been verified yet."""
rollbar.report_message(
'Warning: Function to get remediated findings is running', 'warning')
active_projects = project_domain.get_active_projects()
findings = []
for project in active_projects:
findings += project_dal.get_pending_verification_findings(project)
if findings:
try:
mail_to = [FI_MAIL_CONTINUOUS, FI_MAIL_PROJECTS]
context = {'findings': list()}
for finding in findings:
context['findings'].append({
'finding_name': finding['finding'],
'finding_url':
'{url!s}/dashboard#!/project/{project!s}/{finding!s}/description'
.format(url=BASE_URL,
project=str.lower(str(finding['project_name'])),
finding=finding['finding_id']),
'project': str.upper(str(finding['project_name']))})
context['total'] = len(findings)
send_mail_new_remediated(mail_to, context)
except (TypeError, KeyError) as ex:
rollbar.report_message(
'Warning: An error ocurred getting data for remediated email',
'warning', extra_data=ex, payload_data=locals())
else:
LOGGER.info('There are no findings to verificate')
def get_new_vulnerabilities():
"""Summary mail send with the findings of a project."""
rollbar.report_message(
'Warning: Function to get new vulnerabilities is running', 'warning')
projects = project_domain.get_active_projects()
fin_attrs = 'finding_id, historic_treatment, project_name, finding'
for project in projects:
context = {'updated_findings': list(), 'no_treatment_findings': list()}
try:
finding_requests = project_domain.get_released_findings(project, fin_attrs)
for act_finding in finding_requests:
finding_url = get_finding_url(act_finding)
msj_finding_pending = \
create_msj_finding_pending(act_finding)
delta = calculate_vulnerabilities(act_finding)
finding_text = format_vulnerabilities(delta, act_finding)
if msj_finding_pending:
context['no_treatment_findings'].append({'finding_name': msj_finding_pending,
'finding_url': finding_url})
if finding_text:
context['updated_findings'].append({'finding_name': finding_text,
'finding_url': finding_url})
context['project'] = str.upper(str(act_finding['project_name']))
context['project_url'] = '{url!s}/dashboard#!/project/' \
'{project!s}/indicators' \
.format(url=BASE_URL, project=act_finding['project_name'])
except (TypeError, KeyError):
rollbar.report_message(
'Error: An error ocurred getting new vulnerabilities '
'notification email',
'error', payload_data=locals())
raise
if context['updated_findings']:
mail_to = prepare_mail_recipients(project)
send_mail_new_vulnerabilities(mail_to, context)
def get_new_releases():
"""Summary mail send with findings that have not been released yet."""
rollbar.report_message('Warning: Function to get new releases is running',
'warning')
test_projects = FI_TEST_PROJECTS.split(',')
projects = project_domain.get_active_projects()
email_context = defaultdict(list)
cont = 0
for project in projects:
if project not in test_projects:
try:
finding_requests = finding_domain.get_findings(
finding_domain.filter_deleted_findings(project_domain.list_drafts(project)))
for finding in finding_requests:
if 'releaseDate' not in finding:
submission = finding.get('historicState')
status = submission[-1].get('state')
category = ('unsubmitted' if status in ('CREATED', 'REJECTED')
else 'unreleased')
email_context[category].append({
'finding_name': finding.get('finding'),
'finding_url':
'{url!s}/dashboard#!/project/{project!s}/drafts/'
'{finding!s}/description'
.format(url=BASE_URL,
project=project,
finding=finding.get('findingId')),
'project': project.upper()
})
cont += 1
except (TypeError, KeyError):
rollbar.report_message(
'Warning: An error ocurred getting data for new drafts email',
'warning')
else:
# ignore test projects
pass
if cont > 0:
email_context['total_unreleased'] = len(email_context['unreleased'])
email_context['total_unsubmitted'] = len(email_context['unsubmitted'])
approvers = FI_MAIL_REVIEWERS.split(',')
mail_to = [FI_MAIL_PROJECTS]
mail_to.extend(approvers)
send_mail_new_releases(mail_to, email_context)
else:
rollbar.report_message('Warning: There are no new drafts',
'warning')
def update_indicators():
"""Update in dynamo indicators."""
rollbar.report_message(
'Warning: Function to update indicators in DynamoDB is running', 'warning')
projects = project_domain.get_active_projects()
for project in projects:
indicators = get_project_indicators(project)
try:
response = project_dal.update(project, indicators)
if response:
util.invalidate_cache(project)
else:
rollbar.report_message(
'Error: An error ocurred updating indicators of '
'the project {project} in dynamo'.format(project=project),
'error')
except ClientError:
rollbar.report_message(
'Error: An error ocurred updating '
'indicators of the project {project}'.format(project=project),
'error')
def reset_expired_accepted_findings():
""" Update treatment if acceptance date expires """
rollbar.report_message('Warning: Function to update treatment if'
'acceptance date expires is running', 'warning')
today = datetime.now().strftime('%Y-%m-%d %H:%M:%S')
projects = project_domain.get_active_projects()
for project in projects:
findings = finding_domain.get_findings(
finding_domain.filter_deleted_findings(
project_domain.list_findings(project)))
for finding in findings:
finding_id = finding.get('findingId')
historic_treatment = finding.get('historicTreatment', [{}])
is_accepted_expired = historic_treatment[-1].get('acceptance_date', today) < today
is_undefined_accepted_expired = (
historic_treatment[-1].get('treatment') == 'ACCEPTED_UNDEFINED' and
historic_treatment[-1].get('acceptance_status') == 'SUBMITTED' and
datetime.strptime(historic_treatment[-1].get('date'), "%Y-%m-%d %H:%M:%S")
+ timedelta(days=5) <= datetime.strptime(today, "%Y-%m-%d %H:%M:%S"))
if is_accepted_expired or is_undefined_accepted_expired:
updated_values = {'treatment': 'NEW'}
finding_domain.update_treatment(finding_id, updated_values, '')
util.invalidate_cache(finding_id)
def test_get_active_projects(self):
test_data = get_active_projects()
assert test_data is not None
def send_unsolved_to_all() -> List[bool]:
"""Send email with unsolved events to all projects """
rollbar.report_message('Warning: Function to send email with unsolved events is running',
'warning')
projects = project_domain.get_active_projects()
return [send_unsolved_events_email(x) for x in projects]