def mutate(self,
info,
finding_id: str,
approval_status: str,
uuid: str = '') -> object:
project_name = get_finding_project_name(finding_id)
success = False
if uuid:
success = update_approval_status(finding_id, uuid, approval_status)
else:
success = update_all_pending_vulns(finding_id, approval_status)
if success:
update_last_vuln_date(finding_id)
util.invalidate_cache(finding_id)
util.invalidate_cache(project_name)
util.cloudwatch_log(
info.context, 'Security: Approve vulnerability from {project}\
project succesfully'.format(project=project_name))
else:
util.cloudwatch_log(
info.context, 'Security: Attempted to approve\
vulnerability from {project} project'.format(
project=project_name))
ret = ApproveVulnerability(success=success)
return ret
def mutate(_, info, finding_id: str, vulnerabilities: List) -> object:
project_name = get_finding_project_name(finding_id)
success = delete_tags(finding_id, cast(_List[str], vulnerabilities))
if success:
util.invalidate_cache(finding_id)
util.invalidate_cache(project_name)
util.cloudwatch_log(info.context, f'Delete tags from {finding_id}')
return DeleteTags(success=success)
def mutate(self, info, finding_id, justification):
project_name = project_domain.get_finding_project_name(finding_id)
user_info = util.get_jwt_content(info.context)
success = finding_domain.verify_finding(
finding_id, user_info['user_email'], justification,
str.join(' ', [user_info['first_name'], user_info['last_name']]))
if success:
util.invalidate_cache(finding_id)
util.invalidate_cache(project_name)
util.cloudwatch_log(
info.context, 'Security: Verified the '
f'finding_id: {finding_id}')
ret = VerifyFinding(success=success)
return ret
def mutate(self, info, **parameters):
finding_id = parameters.get('finding_id')
project_name = get_finding_project_name(finding_id)
user_info = util.get_jwt_content(info.context)
success = verify_vulnerabilities(
finding_id, user_info['user_email'],
str.join(' ', [
user_info.get('first_name', ''),
user_info.get('last_name', '')
]), info, parameters)
if success:
util.invalidate_cache(finding_id)
util.invalidate_cache(project_name)
util.cloudwatch_log(
info.context, 'Security: Verified a request '
f'in finding_id: {finding_id}')
return VerifyRequestVuln(success=success)
def mutate(self, info, finding_id: str, justification: str,
vulnerabilities: List) -> object:
project_name = get_finding_project_name(finding_id)
user_info = util.get_jwt_content(info.context)
success = request_verification(
finding_id, user_info['user_email'],
str.join(' ', [
user_info.get('first_name', ''),
user_info.get('last_name', '')
]), justification, cast(_List[str], vulnerabilities))
if success:
util.invalidate_cache(finding_id)
util.invalidate_cache(project_name)
util.cloudwatch_log(
info.context, 'Security: Verified a request '
f'in finding_id: {finding_id}')
return RequestVerificationVuln(success=success)
def mutate(self, info, **kwargs):
"""Delete vulnerability from database."""
finding_id = kwargs.get('finding_id')
uuid = kwargs.get('id')
justification = kwargs.get('justification')
project = get_finding_project_name(finding_id)
user_email = util.get_jwt_content(info.context)['user_email']
success = delete_vulnerability(finding_id, uuid, justification,
user_email)
if success:
util.invalidate_cache(finding_id)
util.invalidate_cache(project)
util.cloudwatch_log(
info.context, f'Security: Deleted vulnerability: {uuid} '
f'from {project} project succesfully')
else:
util.cloudwatch_log(
info.context, 'Security: Attempted to delete vulnerability: '
f'{uuid} from {project} project')
ret = DeleteVulnerability(success=success)
return ret
def test_get_finding_project_name(self):
finding_id = '475041513'
test_data = get_finding_project_name(finding_id)
assert test_data == 'unittesting'