Пример #1
0
    def get_previsions(cls, session, end_date=None):
        """ Retrieve future validated requests per user """

        # Searching for requests with an timeframe
        #         [NOW()] ---------- ([end_date])?
        # exemples:
        #      <f --r1---- t>
        #                 <f --r2-- t>
        #                       <f ------r3-------- t>
        #      <f ----------- r4 -------------------- t>
        # => Matching period are periods ending after NOW()
        #   and if an end_date is specified periods starting before it:

        if end_date:
            future_requests = session.query(cls.user_id,func.sum(cls.days)).\
                                filter(cls.date_to >= func.current_timestamp(),
                                        cls.date_from < end_date,
                                       cls.vacation_type_id == 1,
                                       cls.status == 'APPROVED_ADMIN').\
                                    group_by(cls.user_id).\
                                    order_by(cls.user_id);
        else:
            future_requests = session.query(cls.user_id,func.sum(cls.days)).\
                                filter(cls.date_to >= func.current_timestamp(),
                                       cls.vacation_type_id == 1,
                                       cls.status == 'APPROVED_ADMIN').\
                                    group_by(cls.user_id).\
                                    order_by(cls.user_id);

        ret = {}
        for user_id, total in future_requests:
            ret[user_id] = total

        return ret
Пример #2
0
    def test_three(self):
        t = self.tables.t

        actual_ts = testing.db.scalar(func.current_timestamp()) - datetime.timedelta(days=5)
        self._test(
            func.current_timestamp() - datetime.timedelta(days=5),
            {"hour": actual_ts.hour, "year": actual_ts.year, "month": actual_ts.month},
        )
Пример #3
0
def add_ralert_to_to_database(session):
    for adven in ralert_to_add:
        print("Adventure Name: \'%s\', Type: \'%d\'" % (adven[0], adven[1]))
        new_alert = RescueAlert(adven[0],adven[1], func.current_timestamp(), func.current_timestamp())
        user = session.query(User).filter_by(email=adven[2]).first()
        user.rescue_alerts.append(new_alert)
        session.add(user)

    session.commit()
Пример #4
0
    def test_twelve(self):
        t = self.tables.t
        actual_ts = testing.db.scalar(func.current_timestamp()).replace(tzinfo=None) - datetime.datetime(
            2012, 5, 10, 12, 15, 25
        )

        self._test(
            func.current_timestamp() - func.coalesce(t.c.dtme, func.current_timestamp()), {"day": actual_ts.days}
        )
Пример #5
0
def valid_login(u_account):
    """Check if current login pass is acceptable.
    User can login by name, mobile or email.
    Returns a dict {id, name, privilege} if valid."""
    query_str = ''
    if u_account['name']:
        query_str = 'name="' + u_account['name'] + '"'
    elif u_account['mobile']:
        query_str = 'mobile="' + u_account['mobile'] + '"'
    elif u_account['email']:
        query_str = 'email="' + u_account['email'] + '"'
    if not query_str or not u_account['pwd']:
        #Error user info, return 1 is safe
        return '无效的用户名和密码格式'
    query_str += ' and passwd="' + u_account['pwd'] + '"'
    session = open_session()
    try:
        u = session.query(User).filter(query_str).first()
        if u == None:
            return '用户名或密码错误。'
        u.lastactive = func.current_timestamp()
        session.merge(u)
        session.commit()
        return {'id': u.id, 'name': u.name, 'privilege': u.privilege}
    except Exception, ex:
        print ex
        return '出错了,请重试。'
def get_dag_duration_info():
    '''get duration of currently running DagRuns
    :return dag_info
    '''
    driver = Session.bind.driver
    durations = {
        'pysqlite': func.sum(
            (func.julianday(func.current_timestamp()) - func.julianday(DagRun.start_date)) * 86400.0
        ),
        'mysqldb': func.sum(func.timestampdiff(text('second'), DagRun.start_date, func.now())),
        'default': func.sum(func.now() - DagRun.start_date)
    }
    duration = durations.get(driver, durations['default'])

    with session_scope(Session) as session:
        return session.query(
            DagRun.dag_id,
            DagRun.run_id,
            duration.label('duration')
        ).group_by(
            DagRun.dag_id,
            DagRun.run_id
        ).filter(
            DagRun.state == State.RUNNING
        ).all()
Пример #7
0
 def register_changes(self, memento_changes):
     """Create rows in the memento table
     :param memento_changes: an iterator over `memento_change` tuples that 
     need to be stored in the memento table.
     """
     rows = list()
     authentication_id = self._get_authentication_id()
     for m in memento_changes:
         if len(m.primary_key) == 1:
             rows.append(
                 {
                     "model": m.model,
                     "primary_key": m.primary_key[0],
                     "previous_attributes": m.previous_attributes,
                     "memento_type": self.memento_id_by_type.get(m.memento_type, None),
                     "authentication_id": authentication_id,
                 }
             )
     if len(rows):
         table = self._get_memento_table()
         clause = table.insert(creation_date=func.current_timestamp())
         try:
             clause.execute(rows)
         except exc.DatabaseError, e:
             LOGGER.error("Programming Error, could not flush history", exc_info=e)
Пример #8
0
    def test_compile(self):
        for dialect in all_dialects(exclude=("sybase",)):
            bindtemplate = BIND_TEMPLATES[dialect.paramstyle]
            self.assert_compile(
                func.current_timestamp(), "CURRENT_TIMESTAMP", dialect=dialect
            )
            self.assert_compile(func.localtime(), "LOCALTIME", dialect=dialect)
            if dialect.name in ("firebird",):
                self.assert_compile(
                    func.nosuchfunction(), "nosuchfunction", dialect=dialect
                )
            else:
                self.assert_compile(
                    func.nosuchfunction(), "nosuchfunction()", dialect=dialect
                )

            # test generic function compile
            class fake_func(GenericFunction):
                __return_type__ = sqltypes.Integer

                def __init__(self, arg, **kwargs):
                    GenericFunction.__init__(self, arg, **kwargs)

            self.assert_compile(
                fake_func("foo"),
                "fake_func(%s)"
                % bindtemplate
                % {"name": "fake_func_1", "position": 1},
                dialect=dialect,
            )

            functions._registry['_default'].pop('fake_func')
Пример #9
0
    def test_compile(self):
        for dialect in all_dialects(exclude=('sybase', )):
            bindtemplate = BIND_TEMPLATES[dialect.paramstyle]
            self.assert_compile(func.current_timestamp(),
                                "CURRENT_TIMESTAMP", dialect=dialect)
            self.assert_compile(func.localtime(), "LOCALTIME", dialect=dialect)
            if dialect.name in ('firebird',):
                self.assert_compile(func.nosuchfunction(),
                                    "nosuchfunction", dialect=dialect)
            else:
                self.assert_compile(func.nosuchfunction(),
                                    "nosuchfunction()", dialect=dialect)

            # test generic function compile
            class fake_func(GenericFunction):
                __return_type__ = sqltypes.Integer

                def __init__(self, arg, **kwargs):
                    GenericFunction.__init__(self, arg, **kwargs)

            self.assert_compile(
                fake_func('foo'),
                "fake_func(%s)" %
                bindtemplate % {'name': 'fake_func_1', 'position': 1},
                dialect=dialect)
Пример #10
0
def get_last_applied_membership_fee():
    """
    Get the last applied membership fee.
    :rtype: MembershipFee
    """
    return MembershipFee.q.filter(
        MembershipFee.ends_on <= func.current_timestamp()) \
        .order_by(MembershipFee.ends_on.desc()).first()
Пример #11
0
    def disable(self, ends_at=None):
        if ends_at is None:
            ends_at = object_session(self).query(func.current_timestamp()).scalar()

        if self.begins_at is not None and self.begins_at > ends_at:
            self.ends_at = self.begins_at
        else:
            self.ends_at = ends_at
Пример #12
0
 def end_website_run(self, website_run_id):
     upd = ( self.website_run.update().
                 where(
                     self.website_run.c.website_run_id == website_run_id ).
                 values(
                     end_time=func.current_timestamp() )
           )
     result = self.conn.execute(upd)
Пример #13
0
    def test_constructor(self):
        try:
            func.current_timestamp('somearg')
            assert False
        except TypeError:
            assert True

        try:
            func.char_length('a', 'b')
            assert False
        except TypeError:
            assert True

        try:
            func.char_length()
            assert False
        except TypeError:
            assert True
Пример #14
0
 def test_rename_column_serv_compiled_default(self):
     context = op_fixture('mysql')
     op.alter_column('t1', 'c1', new_column_name="c2", existing_type=Integer,
             existing_server_default=func.utc_thing(func.current_timestamp()))
     # this is not a valid MySQL default but the point is to just
     # test SQL expression rendering
     context.assert_(
         "ALTER TABLE t1 CHANGE c1 c2 INTEGER NULL DEFAULT utc_thing(CURRENT_TIMESTAMP)"
     )
def upgrade():
    print "... Create TABLE hebergement_video"
    op.create_table(
        'hebergement_video',
        Column('heb_vid_pk', Integer, primary_key=True, unique=True,
               nullable=False),
        Column('heb_vid_url', String()),
        Column('heb_vid_date', Date(), default=func.current_timestamp()),
        Column('heb_vid_heb_fk', Integer, ForeignKey('hebergement.heb_pk'))
    )
Пример #16
0
def play_with_time(session, name):
    user = session.query(User).filter_by(email='*****@*****.**').first()

    new_alert = RescueAlert(name, 
                            AdventureType.SnowBoarding.value, 
                            func.current_timestamp(), 
                            get_time_plus_minutes(30))
                            #func.current_timestamp().op('AT TIME ZONE')('UTC'))
                            #func.current_timestamp())
    user.rescue_alerts.append(new_alert)
    session.add(user)
    session.commit()
Пример #17
0
 def test_no_paren_fns(self):
     for fn, expected in [
         (func.uid(), "uid"),
         (func.UID(), "UID"),
         (func.sysdate(), "sysdate"),
         (func.row_number(), "row_number()"),
         (func.rank(), "rank()"),
         (func.now(), "CURRENT_TIMESTAMP"),
         (func.current_timestamp(), "CURRENT_TIMESTAMP"),
         (func.user(), "USER"),
     ]:
         self.assert_compile(fn, expected)
Пример #18
0
    def active(self, when=None):
        """
        Tests if the membership overlaps with a given interval. If no interval
        is given, it tests if the membership is active right now.
        :param Interval when: interval in which the membership
        :rtype: bool
        """
        if when is None:
            now = object_session(self).query(func.current_timestamp()).scalar()
            when = single(now)

        return when.overlaps(closed(self.begins_at, self.ends_at))
Пример #19
0
	def create_table(self):
		Table(
			OPLOG_TABLENAME,
			MetaData(bind = self.engine),
			Column('id', Integer, autoincrement=True, nullable=False, primary_key=True),
			Column('time', TIMESTAMP, default=func.current_timestamp(), nullable=False, index=True),
			Column('user', VARCHAR(32), nullable=False, index=True),
			Column('action', Text, nullable=False),
			Column('args', Text, nullable=True),
			Column('others', Text, nullable=True),
			mysql_engine = 'InnoDB',
			mysql_charset = 'utf8',
		).create(checkfirst = True)
Пример #20
0
    def _baseline_5_aggregates(self):
        Animal = self.metadata.tables["Animal"]
        Zoo = self.metadata.tables["Zoo"]

        # TODO: convert to ORM
        engine = self.metadata.bind
        for x in range(ITERATIONS):

            # views

            view = engine.execute(select([Animal.c.Legs])).fetchall()
            legs = sorted([x[0] for x in view])
            expected = {
                "Leopard": 73.5,
                "Slug": 0.75,
                "Tiger": None,
                "Lion": None,
                "Bear": None,
                "Ostrich": 103.2,
                "Centipede": None,
                "Emperor Penguin": None,
                "Adelie Penguin": None,
                "Millipede": None,
                "Ape": None,
                "Tick": None,
            }
            for species, lifespan in engine.execute(
                select([Animal.c.Species, Animal.c.Lifespan])
            ).fetchall():
                assert lifespan == expected[species]
            expected = ["Montr\xe9al Biod\xf4me", "Wild Animal Park"]
            e = select(
                [Zoo.c.Name],
                and_(
                    Zoo.c.Founded != None,  # noqa
                    Zoo.c.Founded <= func.current_timestamp(),
                    Zoo.c.Founded >= datetime.date(1990, 1, 1),
                ),
            )
            values = [val[0] for val in engine.execute(e).fetchall()]
            assert set(values) == set(expected)

            # distinct

            legs = [
                x[0]
                for x in engine.execute(
                    select([Animal.c.Legs], distinct=True)
                ).fetchall()
            ]
            legs.sort()
Пример #21
0
 def test_rename_column_serv_compiled_default(self):
     context = op_fixture("mysql")
     op.alter_column(
         "t1",
         "c1",
         existing_type=Integer,
         server_default=func.utc_thing(func.current_timestamp()),
     )
     # this is not a valid MySQL default but the point is to just
     # test SQL expression rendering
     context.assert_(
         "ALTER TABLE t1 ALTER COLUMN c1 "
         "SET DEFAULT utc_thing(CURRENT_TIMESTAMP)"
     )
Пример #22
0
    def _baseline_5_aggregates(self):
        Animal = self.metadata.tables['Animal']
        Zoo = self.metadata.tables['Zoo']

        # TODO: convert to ORM
        engine = self.metadata.bind
        for x in range(ITERATIONS):

            # views

            view = engine.execute(select([Animal.c.Legs])).fetchall()
            legs = sorted([x[0] for x in view])
            expected = {
                'Leopard': 73.5,
                'Slug': .75,
                'Tiger': None,
                'Lion': None,
                'Bear': None,
                'Ostrich': 103.2,
                'Centipede': None,
                'Emperor Penguin': None,
                'Adelie Penguin': None,
                'Millipede': None,
                'Ape': None,
                'Tick': None,
            }
            for species, lifespan in engine.execute(
                    select([Animal.c.Species, Animal.c.Lifespan])).fetchall():
                assert lifespan == expected[species]
            expected = ['Montr\xe9al Biod\xf4me', 'Wild Animal Park']
            e = select([Zoo.c.Name],
                       and_(Zoo.c.Founded != None,
                            Zoo.c.Founded <= func.current_timestamp(),
                            Zoo.c.Founded >= datetime.date(1990,
                                                           1,
                                                           1)))
            values = [val[0] for val in engine.execute(e).fetchall()]
            assert set(values) == set(expected)

            # distinct

            legs = [
                x[0]
                for x in engine.execute(
                    select([Animal.c.Legs],
                           distinct=True)).fetchall()]
            legs.sort()
Пример #23
0
def add_host_deployment(dep_id, host_id, user, status, package_id):
    """Add host deployment for a given host and deployment"""

    host_dep = HostDeployment(
        deployment_id=dep_id,
        host_id=host_id,
        user=user,
        status=status,
        realized=func.current_timestamp(),
        package_id=package_id,
    )

    # Commit to DB immediately
    Session.add(host_dep)
    Session.commit()

    return host_dep
Пример #24
0
def add_user(name, pwd, mobile='', email='', bindto=None, privilege=0):
    """Add a new user with name, password, mobile, email.
    Once created successfully, return the user id, name and privilege."""
    session = open_session()
    try:
        #If existed, it will raise error
        user = User(name=name, passwd=pwd, mobile=mobile, email=email, lastactive=func.current_timestamp(), bindto=bindto, privilege=privilege)
        session.add(user)
        session.flush()
        #Add an account to this user
        a = Acct(uid=user.id)
        session.add(a)
        session.commit()
        return {'id':user.id, 'name':user.name, 'privilege':user.privilege}
    except Exception, ex:
        session.rollback()
        print ex
        return False
Пример #25
0
def add_deployment(user):
    """Add deployment for a given package ID"""

    dep = Deployment(
        user=user,
        # THIS NEEDS TO BE REMOVED ONCE THE NEW DEPLOY CODE
        # IS IN PLACE - KEL 20150827
        status='complete',
        declared=func.current_timestamp()
    )

    # Commit to DB immediately
    Session.add(dep)
    Session.commit()

    Session.flush()   # Needed to get DeploymentID generated

    return dep
Пример #26
0
def add_dataset_meta(name, file_name='', human_name='', description='',
    val_attr='', count_q=False, area_q=False, dist_q=False,
    temp_q=False, weighted_q=False, access_q=False,
    voronoi=False, duration='interval', demo=False):
    """ Add infotmation about a dataset in the meta table """
    if human_name == '':
        human_name = name
    meta_table = Table('sf_meta', Base.metadata,
        autoload=True, autoload_with=engine, extend_existing=True)
    row = {'table_name': name, 'file_name': file_name,
        'human_name': human_name,'description': description,
        'last_update': func.current_timestamp(), 'val_attr': val_attr,
        'count_q': count_q, 'area_q': area_q, 'dist_q': dist_q,
        'temp_q': temp_q, 'weighted_q': weighted_q, 'access_q': access_q,
        'voronoi': voronoi, 'duration': duration, 'demo': demo}
    ins = meta_table.insert(row)
    conn = engine.contextual_connect()
    conn.execute(ins)
    return 'Meta information for {0} inserted.'.format(name)
Пример #27
0
    def search_location(self, loc):
        shops = self.fb_bot.search_restaurant(loc.lat, loc.lon)
        loc.found = len(shops)
        updated = 0
        for shop in shops:
            updated += self._save_fb_shop(shop.get('id'), loc)
        logger.info(
            "Track_id: {track_id}  Found: {found}  Updated: {updated}".format(
                track_id=loc.id_,
                found=loc.found,
                updated=updated))

        loc.update_ts = func.current_timestamp()
        try:
            self.session.commit()
        except exc.SQLAlchemyError as err:
            self.session.rollback()
            logger.error(err)
        return updated
Пример #28
0
    def _fetch_rating(self, fb_shop):
        info = self.fb_bot.fetch(fb_shop.fbid)
        if not info:
            logger.error(
                "fbid: %s FB API GraphMethodException" % fb_shop.fbid)
            return 0

        fb_shop.update_ts = func.current_timestamp()
        fb_shop.likes = info.get('likes', 0)
        fb_shop.checkins = info.get('checkins', 0)
        fb_shop.talking = info.get('talking_about_count', 0)
        try:
            self.session.commit()
            status = 1
        except exc.SQLAlchemyError as err:
            self.session.rollback()
            logger.error(err)
            status = 0
        return status
Пример #29
0
def _update_by_type(session, table_type, info):
    """Update a record. Return if succeeded."""
    record = session.query(tables[table_type]).get(int(info['id']))
    if record == None:
        #'**Record from ' + table_type + ' by ' + str(key) + ' not found'
        return False
    count = 0
    for item, value in info.items():
        if hasattr(record, item):
            setattr(record, item, value)
            count += 1
    print '**Record from ' + table_type + ' by ' + str(key) + ' updated'
    if count:
        if table_type == 'user':
            setattr(record, 'lastactive', func.current_timestamp())
        session.merge(record)
        return True
    else:
        return False
Пример #30
0
def add_package_definition(deploy_type, validation_type, name, path,
                           arch, build_type, build_host):
    """Add base definition for a package"""

    pkg_def = PackageDefinition(
        deploy_type=deploy_type,
        validation_type=validation_type,
        pkg_name=name,
        path=path,
        arch=arch,
        build_type=build_type,
        build_host=build_host,
        created=func.current_timestamp()
    )
    Session.add(pkg_def)

    Session.flush()   # Needed to get pkg_ef_id generated

    return pkg_def
Пример #31
0
 def test_ansi_functions_with_args(self):
     ct = func.current_timestamp("somearg")
     self.assert_compile(ct, "CURRENT_TIMESTAMP(:current_timestamp_1)")
Пример #32
0
class Vulnerability(MainBase):
    # __fulltext_columns__ = ('comment',)
    __tablename__ = "vulnerability"
    comment = Column(Text, nullable=False)
    date_created = Column(DateTime,
                          default=func.current_timestamp(),
                          index=True)
    exploit_exists = Column(Boolean, default=False)
    # N.B. Don't use a ForeignKey constraint on NVD here as the nvd data might be
    # updated dynamically (e.g. row deleted and then added by go-cve-dictionary).
    cve_id = Column(String(255), nullable=True, unique=True)
    creator_id = Column(Integer, ForeignKey(User.id), nullable=True)
    creator = relationship(User)

    resource_links = relationship(
        VulnerabilityResources,
        backref="vulnerability",
        cascade="all, delete-orphan",
        single_parent=True,
    )

    commits = relationship(
        VulnerabilityGitCommits,
        backref="vulnerability",
        cascade="all, delete-orphan",
        single_parent=True,
        lazy="joined",
    )

    nvd = relationship(
        "Nvd",
        backref="vulns",
        primaryjoin="remote(Nvd.cve_id) == foreign(Vulnerability.cve_id)",
    )

    _has_annotations = None

    def set_has_annotations(self, status=True):
        self._has_annotations = status

    @hybrid_property
    def has_annotations(self):
        if self._has_annotations is not None:
            return self._has_annotations

        if self.commits:
            for c in self.commits:
                if c.comments:
                    self._has_annotations = True
                    return True
        return False

    @has_annotations.expression
    def has_annotations(self):
        return self.commits.any(VulnerabilityGitCommits.comments.any())

    @property
    def master_commit(self):
        # TODO: refactor assumption that the first commit is the "master" one!
        if self.commits:
            return self.commits[0]
        return None

    def __repr__(self):
        return f"Vulnerability Info({vars(self)})"

    @classmethod
    def get_by_id(cls, id):
        return cls.query.filter_by(
            id=id).options(default_vuln_view_options).first()

    @classmethod
    def get_by_cve_id(cls, cve_id):
        return (cls.query.filter_by(
            cve_id=cve_id).options(default_vuln_view_options).first())

    @classmethod
    def get_by_commit_hash(cls, commit_hash):
        return (cls.query.join(
            Vulnerability.commits,
            aliased=True).filter_by(commit_hash=commit_hash).options(
                default_vuln_view_options).first())

    def to_json(self):
        """Prepare object for Json serialisation."""
        products = [{
            'vendor': v,
            'product': p
        } for v, p in self.nvd.get_products()]
        cwes = [{'id': c.cwe_id, 'name': c.cwe_name} for c in self.nvd.cwes]
        return {
            'is_processed': True,
            'comment': self.comment,
            'cve_id': self.cve_id,
            'exploit_exists': self.exploit_exists,
            'has_annotations': self.has_annotations,
            'master_commit': self.master_commit.to_json(),
            'products': products,
            'langs': self.nvd.get_languages(),
            'description': self.nvd.description,
            'cwes': cwes,
            'score': self.nvd.score,
            'references': [l.link for l in self.nvd.references]
        }

    def to_json_full(self):
        """Serialize object properties as dict."""
        ressources = [
            r.to_json() for r in self.resource_links
            if self.resource_links is not None
        ]
        commits = [
            c.to_json() for c in self.commits if self.commits is not None
        ]
        return {
            'is_processed': True,
            'date_created': self.date_created,
            'date_modified': self.date_modified,
            'comment': self.comment,
            'exploit_exists': self.exploit_exists,
            'cve_id': self.cve_id,
            'creator':
            self.creator.to_json() if self.creator is not None else None,
            'resource_links': ressources,
            'commits': commits,
            'nvd': self.nvd._to_json_full() if self.nvd is not None else None,
            'has_annotations': self.has_annotations
        }
Пример #33
0
class Base(object):

    __abstract__ = True
    date_created = Column('date_created', DateTime, default=func.current_timestamp(), nullable=False)
    date_modified = Column('date_modified', DateTime, default=func.current_timestamp(),
                           onupdate=func.current_timestamp(), nullable=False)
Пример #34
0
class Vulnerability(MainBase):  # pylint: disable=too-many-public-methods
    # __fulltext_columns__ = ('comment',)
    __tablename__ = "vulnerability"
    vcdb_id = Column(Integer, default=None, nullable=True)
    version = Column(Integer, default=None, nullable=True)
    prev_version = Column(Integer, default=None, nullable=True)
    state = Column(Enum(VulnerabilityState),
                   default=VulnerabilityState.NEW,
                   nullable=False)
    reviewer_id = Column(Integer,
                         ForeignKey(User.id, name="fk_reviewer_id"),
                         nullable=True)
    reviewer = relationship(User, foreign_keys=[reviewer_id])
    review_feedback = Column(Text)
    feedback_reviewer_id = Column(
        Integer,
        ForeignKey(User.id,
                   name="fk_feedback_reviewer_id",
                   ondelete="RESTRICT"),
        nullable=True,
    )
    feedback_reviewer = relationship(User, foreign_keys=[feedback_reviewer_id])
    comment = Column(Text, nullable=False)
    date_created = Column(DateTime,
                          default=func.current_timestamp(),
                          index=True)
    exploit_exists = Column(Boolean, default=False)
    # N.B. Don't use a ForeignKey constraint on NVD here as the nvd data might
    # be updated dynamically (e.g. row deleted and then added by
    # go-cve-dictionary).
    cve_id = Column(String(255), nullable=True, index=True)
    UniqueConstraint(vcdb_id, version, name="uk_vcdb_id_version")
    creator_id = Column(Integer,
                        ForeignKey(User.id, ondelete="RESTRICT"),
                        nullable=True)
    creator = relationship(User, foreign_keys=[creator_id])

    resources = relationship(
        VulnerabilityResources,
        cascade="all, delete-orphan",
        single_parent=True,
    )

    commits = relationship(
        VulnerabilityGitCommits,
        cascade="all, delete-orphan",
        single_parent=True,
        lazy="joined",
    )

    nvd = relationship(
        "Nvd",
        backref="vulns",
        primaryjoin="remote(Nvd.cve_id) == foreign(Vulnerability.cve_id)",
    )

    products = relationship(
        "Product",
        secondary=vulnerable_products,
        backref="vulnerabilities",
    )

    _has_annotations = None

    def user_can_read(self, user: User):
        return self.state == VulnerabilityState.PUBLISHED or self.is_creator(
            user)

    def user_can_update(self, user: User):
        return self.is_creator(user)

    def user_can_annotate(self, user: User):
        return False  # disable for now
        return self.is_creator(user)  # pylint: disable=unreachable

    def user_can_delete(self, user: User):
        return (self.is_creator(user) and self.state in (
            VulnerabilityState.READY,
            VulnerabilityState.NEW,
            VulnerabilityState.NEEDS_IMPROVEMENT,
        ) or user.is_admin() and self.state == VulnerabilityState.ARCHIVED)

    def reviewer_can_read(self, user: User):
        return (self.state == VulnerabilityState.READY or self.state in (
            VulnerabilityState.IN_REVIEW,
            VulnerabilityState.REVIEWED,
            VulnerabilityState.ARCHIVED,
        ) and self.is_reviewer(user))

    _permissions = {
        PredefinedRoles.ADMIN: {
            MANAGE: ALL,
        },
        PredefinedRoles.USER: {
            READ: user_can_read,
            UPDATE: user_can_update,
            DELETE: user_can_delete,
            ANNOTATE: user_can_annotate,
        },
        PredefinedRoles.REVIEWER: {
            READ: reviewer_can_read,
            ASSIGN: True,
            APPROVE: True,
            REJECT: True,
        },
    }

    def set_has_annotations(self, status: bool = True):
        self._has_annotations = status

    @hybrid_property
    def has_annotations(self):
        if self._has_annotations is not None:
            return self._has_annotations

        if self.commits:
            for commit in self.commits:
                if commit.comments:
                    self._has_annotations = True
                    return True
        return False

    @has_annotations.expression  # type: ignore[no-redef]
    def has_annotations(self):
        return self.commits.any(VulnerabilityGitCommits.comments.any())

    @property
    def master_commit(self):
        # TODO: refactor assumption that the first commit is the "master" one!
        if self.commits and self.commits[0].commit_link:
            return self.commits[0]
        return None

    def __repr__(self):
        return f"Vulnerability Info({vars(self)})"

    @classmethod
    def get_by_vcdb_id(cls, id: str, published_only: bool = True):  # pylint: disable=redefined-builtin
        state_filter = None
        if published_only:
            state_filter = VulnerabilityState.PUBLISHED
        return (cls.query.filter_by(
            vcdb_id=id,
            state=state_filter).options(default_vuln_view_options).order_by(
                cls.version.desc()).first())

    @classmethod
    def get_by_id(cls, id: str):  # pylint: disable=redefined-builtin
        return cls.query.filter_by(
            id=id).options(default_vuln_view_options).first()

    @classmethod
    def get_by_cve_id(cls, cve_id: str, published_only: bool = True):
        state_filter = None
        if published_only:
            state_filter = VulnerabilityState.PUBLISHED
        return (cls.query.filter_by(
            cve_id=cve_id,
            state=state_filter).options(default_vuln_view_options).first())

    @classmethod
    def get_by_commit_hash(cls, commit_hash: str):
        return (cls.query.join(
            Vulnerability.commits,
            aliased=True).filter_by(commit_hash=commit_hash).options(
                default_vuln_view_options).first())

    def get_contributors(self):
        return User.query.join(Vulnerability.creator).filter(
            Vulnerability.vcdb_id == self.vcdb_id, Vulnerability.is_published)

    def to_json(self):
        """Prepare object for Json serialisation."""
        products = [{
            "vendor": v,
            "product": p
        } for v, p in self.nvd.get_products()]
        cwes = [{"id": c.cwe_id, "name": c.cwe_name} for c in self.nvd.cwes]
        return {
            "comment": self.comment,
            "cve_id": self.cve_id,
            "cwes": cwes,
            "description": self.nvd.description,
            "exploit_exists": self.exploit_exists,
            "has_annotations": self.has_annotations,
            "is_processed": True,
            "langs": self.nvd.get_languages(),
            "master_commit": self.master_commit.to_json(),
            "products": products,
            "references": [l.link for l in self.nvd.references],
            "score": self.nvd.score,
        }

    def to_json_full(self):
        """Serialize object properties as dict."""
        data = self.to_json()
        data["resources"] = [
            r.to_json() for r in self.resources if self.resources is not None
        ]
        data["commits"] = [
            c.to_json() for c in self.commits if self.commits is not None
        ]
        data["nvd"] = self.nvd.to_json_raw_data(
        ) if self.nvd is not None else None
        data["creator"] = self.creator.to_json(
        ) if self.creator is not None else None
        data["date_created"] = self.date_created
        data["date_modified"] = self.date_modified

        return data

    def update_state(self, new_state):
        state_machine = VulnerabilityState(self)
        state_machine.next_state(new_state)
        self.state = new_state

    @hybrid_property
    def is_new(self):
        return self.state == VulnerabilityState.NEW

    @hybrid_property
    def is_published(self):
        return self.state == VulnerabilityState.PUBLISHED

    @hybrid_property
    def is_archived(self):
        return self.state == VulnerabilityState.ARCHIVED

    @hybrid_property
    def needs_improvement(self):
        return self.state == VulnerabilityState.NEEDS_IMPROVEMENT

    @hybrid_property
    def is_reviewable(self):
        return self.state == VulnerabilityState.READY

    @hybrid_property
    def is_in_review(self):
        return self.state == VulnerabilityState.IN_REVIEW

    @hybrid_property
    def is_publishable(self):
        return self.state == VulnerabilityState.REVIEWED

    def is_reviewer(self, reviewer):
        return self.reviewer == reviewer

    def is_creator(self, creator):
        return self.creator == creator

    @hybrid_property
    def has_feedback(self):
        return bool(self.review_feedback)

    def make_reviewable(self):
        self.update_state(VulnerabilityState.READY)

    def accept_review(self, reviewer):
        self.reviewer = reviewer
        self.update_state(VulnerabilityState.IN_REVIEW)

    def deny_review(self):
        self.reviewer = None
        self.update_state(VulnerabilityState.READY)

    def accept_change(self):
        self.update_state(VulnerabilityState.REVIEWED)

    def deny_change(self, reviewer, reason):
        self.feedback_reviewer = reviewer
        self.review_feedback = reason
        self.update_state(VulnerabilityState.NEEDS_IMPROVEMENT)

    def archive_entry(self):
        self.update_state(VulnerabilityState.ARCHIVED)

    def return_to_review_pool(self):
        self.reviewer = None
        self.update_state(VulnerabilityState.READY)

    def publish_change(self):
        self.version = self.next_version_number()
        # TODO: Assign a new vcdb_id if required at this point.
        #       This is mostly relevant for fully new entry proposals.
        self.update_state(VulnerabilityState.PUBLISHED)

    def next_version_number(self):
        prev_version = (Vulnerability.query.filter_by(
            vcdb_id=self.vcdb_id).with_entities(func.max(
                Vulnerability.version)).first()[0])
        if not prev_version:
            prev_version = 0
        return prev_version + 1

    @staticmethod
    def get_num_proposals_action_required(user):  # pylint: disable=invalid-name
        return Vulnerability.query.filter(
            Vulnerability.creator == user,
            Vulnerability.state.in_(
                [VulnerabilityState.NEW,
                 VulnerabilityState.NEEDS_IMPROVEMENT]),
        ).count()

    @staticmethod
    def get_num_proposals_pending(user):
        return Vulnerability.query.filter(
            Vulnerability.creator == user,
            Vulnerability.state.in_([
                VulnerabilityState.READY,
                VulnerabilityState.IN_REVIEW,
                VulnerabilityState.REVIEWED,
            ]),
        ).count()

    @staticmethod
    def get_num_proposals_publishing_pending():  # pylint: disable=invalid-name
        return Vulnerability.query.filter(
            Vulnerability.state == VulnerabilityState.REVIEWED).count()

    @staticmethod
    def get_num_proposals_unassigned():
        return Vulnerability.query.filter(
            Vulnerability.state == VulnerabilityState.READY).count()

    @staticmethod
    def get_num_proposals_assigned():
        return Vulnerability.query.filter(
            Vulnerability.state == VulnerabilityState.IN_REVIEW).count()

    @staticmethod
    def get_num_proposals_assigned_to(user):
        return Vulnerability.query.filter(
            Vulnerability.reviewer == user,
            Vulnerability.state == VulnerabilityState.IN_REVIEW,
        ).count()

    def copy(self):
        new_vuln = copy_obj(self)
        new_vuln.commits = []
        for commit in self.commits:
            new_vuln.commits.append(commit.copy())
        for resource in self.resources:
            new_vuln.resources.append(resource.copy())
        # N.B. We never copy NVD data as it's supposed to stay read only.
        return new_vuln
Пример #35
0
        users.c.name.like(bindparam('name', type_=String) + text("'%'")),
        addresses.c.email_address.like(
            bindparam('name', type_=String) + text("'@%'")))).select_from(
                users.outerjoin(addresses)).order_by(addresses.c.id)
print(conn.execute(s, name='jack').fetchall())

# Functions
print("\nFunctions")
print(func.now())
print(func.concat('x', 'y'))
print(func.xyz_my_goofy_function())

print(
    "Some functions are know by SQLAlchemy thus they don't get the parenthesis added after them"
)
print(func.current_timestamp())

# Below, we use the result function scalar() to just read the first column of the first row and then close the result
print(
    "\nBelow, we use the result function scalar() to just read the first column of the first row and then close the result"
)
print(
    conn.execute(
        select([
            func.max(addresses.c.email_address, type_=String).label('maxemail')
        ])).scalar())

# we can construct using “lexical” column objects as well as bind parameters:
print(
    "\nwe can construct using “lexical” column objects as well as bind parameters:"
)
Пример #36
0
 def __init__(self, request):
     self.name = request.GET['query']
     self.create_date = func.current_timestamp()
     self.request = request
     self.count = 0
Пример #37
0
def approve_update(update: Update, db: Session):
    """Add a comment to an update if it is ready for stable.

    Check that the update is eligible to be pushed to stable but hasn't had comments from Bodhi to
    this effect. Add a comment stating that the update may now be pushed to stable.

    Args:
        update: an update in testing that may be ready for stable.
    """
    if not update.release.mandatory_days_in_testing and not update.autotime:
        # If this release does not have any testing requirements and is not autotime,
        # skip it
        log.info(
            f"{update.release.name} doesn't have mandatory days in testing")
        return
    # If this update was already commented, skip it
    if update.has_stable_comment:
        return
    # If updates have reached the testing threshold, say something! Keep in mind
    # that we don't care about karma here, because autokarma updates get their request set
    # to stable by the Update.comment() workflow when they hit the required threshold. Thus,
    # this function only needs to consider the time requirements because these updates have
    # not reached the karma threshold.
    if not update.meets_testing_requirements:
        return
    log.info(f'{update.alias} now meets testing requirements')
    # Only send email notification about the update reaching
    # testing approval on releases composed by bodhi
    update.comment(db,
                   str(config.get('testing_approval_msg')),
                   author='bodhi',
                   email_notification=update.release.composed_by_bodhi)
    notifications.publish(
        update_schemas.UpdateRequirementsMetStableV1.from_dict(
            dict(update=update)))
    if update.autotime and update.days_in_testing >= update.stable_days:
        log.info(f"Automatically marking {update.alias} as stable")
        # For now only rawhide update can be created using side tag
        # Do not add the release.pending_stable_tag if the update
        # was created from a side tag.
        if update.release.composed_by_bodhi:
            update.set_request(db=db,
                               action=UpdateRequest.stable,
                               username="******")
        # For updates that are not included in composes run by bodhi itself,
        # mark them as stable
        else:
            # Single and Multi build update
            conflicting_builds = update.find_conflicting_builds()
            if conflicting_builds:
                builds_str = str.join(", ", conflicting_builds)
                update.comment(
                    db, "This update cannot be pushed to stable. "
                    f"These builds {builds_str} have a more recent "
                    f"build in koji's {update.release.stable_tag} tag.",
                    author="bodhi")
                update.request = None
                if update.from_tag is not None:
                    update.status = UpdateStatus.pending
                    update.remove_tag(
                        update.release.get_testing_side_tag(update.from_tag))
                else:
                    update.status = UpdateStatus.obsolete
                    update.remove_tag(update.release.pending_testing_tag)
                    update.remove_tag(update.release.candidate_tag)
                db.commit()
                return
            update.add_tag(update.release.stable_tag)
            update.status = UpdateStatus.stable
            update.request = None
            update.pushed = True
            update.date_stable = update.date_pushed = func.current_timestamp()
            update.comment(
                db,
                "This update has been submitted for stable by bodhi",
                author=u'bodhi')
            # Multi build update
            if update.from_tag:
                # Merging the side tag should happen here
                pending_signing_tag = update.release.get_pending_signing_side_tag(
                    update.from_tag)
                testing_tag = update.release.get_testing_side_tag(
                    update.from_tag)
                update.remove_tag(pending_signing_tag)
                update.remove_tag(testing_tag)
                update.remove_tag(update.from_tag)
                koji = buildsys.get_session()
                koji.deleteTag(pending_signing_tag)
                koji.deleteTag(testing_tag)
                # Removes the tag and the build target from koji.
                koji.removeSideTag(update.from_tag)
            else:
                # Single build update
                update.remove_tag(update.release.pending_testing_tag)
                update.remove_tag(update.release.pending_stable_tag)
                update.remove_tag(update.release.pending_signing_tag)
                update.remove_tag(update.release.candidate_tag)
Пример #38
0
 def test_eleven(self):
     self._test(
         func.current_timestamp() - func.current_timestamp(),
         {"year": 0, "month": 0, "day": 0, "hour": 0},
     )
Пример #39
0
 def test_five(self):
     t = self.tables.t
     self._test(
         func.coalesce(t.c.dtme, func.current_timestamp()),
         overrides={"epoch": 1336652125.0},
     )
Пример #40
0
    def run(self, api_version: int, data: dict):
        """
        Process the given message, updating relevant bugs and test cases.

        Duplicate messages: if the server delivers the message multiple times,
        the bugs and test cases are simply re-fetched and updated, so nothing
        bad happens.

        Args:
            api_version: API version number.
            data: Information about a new or edited update.
        """
        action = data["action"]
        alias = data['update'].get('alias')

        log.info("Updates Handler handling  %s, %s" % (alias, action))

        # Go to sleep for a second to try and avoid a race condition
        # https://github.com/fedora-infra/bodhi/issues/458
        time.sleep(1)

        with self.db_factory() as session:
            update = Update.get(alias)
            if not update:
                raise BodhiException("Couldn't find alias '%s' in DB" % alias)

            bugs = []
            if action == "edit":
                # If editing a Pending update, all of whose builds are signed, for a release
                # which isn't composed by Bodhi (i.e. Rawhide), move it directly to Testing.
                if not update.release.composed_by_bodhi \
                        and update.status == UpdateStatus.pending \
                        and update.signed:
                    log.info("Every build in the update is signed, set status to testing")

                    update.status = UpdateStatus.testing
                    update.date_testing = func.current_timestamp()
                    update.request = None

                    log.info(f"Update status of {update.display_name} has been set to testing")

                for idx in data['new_bugs']:
                    bug = Bug.get(idx)

                    # Sanity check
                    if bug is None or bug not in update.bugs:
                        update_bugs_ids = [b.bug_id for b in update.bugs]
                        update.update_bugs(update_bugs_ids + [idx], session)

                        # Now, after update.update_bugs, bug with idx should exists in DB
                        bug = Bug.get(idx)

                    bugs.append(bug)

            elif action == "testing":
                bugs = update.bugs
            else:
                raise NotImplementedError("Should never get here.")

            self.work_on_bugs(session, update, bugs)
            self.fetch_test_cases(session, update)

        if config['test_gating.required']:
            with self.db_factory() as session:
                update = Update.get(alias)
                update.update_test_gating_status()

        log.info("Updates Handler done with %s, %s" % (alias, action))
Пример #41
0
class Membership(IntegerIdModel):
    begins_at = Column(DateTimeTz, nullable=True, index=True, server_default=func.current_timestamp())
    ends_at = Column(DateTimeTz, nullable=True, index=True)

    # many to one from Membership to Group
    group_id = Column(Integer, ForeignKey(Group.id, ondelete="CASCADE"),
                      nullable=False, index=True)
    group = relationship(Group, backref=backref("memberships",
                                                cascade="all, delete-orphan",
                                                order_by='Membership.id'))

    # many to one from Membership to User
    user_id = Column(Integer, ForeignKey(User.id, ondelete="CASCADE"),
                     nullable=False, index=True)
    user = relationship(User, backref=backref("memberships",
                                              cascade="all, delete-orphan"))

    __table_args = (
        CheckConstraint("begins_at IS NULL OR "
                        "ends_at IS NULL OR "
                        "begins_at <= ends_at")
    )

    @hybrid_method
    def active(self, when=None):
        """
        Tests if the membership overlaps with a given interval. If no interval
        is given, it tests if the membership is active right now.
        :param Interval when: interval in which the membership
        :rtype: bool
        """
        if when is None:
            now = object_session(self).query(func.current_timestamp()).scalar()
            when = single(now)

        return when.overlaps(closed(self.begins_at, self.ends_at))

    @active.expression
    def active(cls, when=None):
        """
        Tests if memberships overlap with a given interval. If no interval is
        given, it tests if the memberships are active right now.
        :param Interval when:
        :return:
        """
        if when is None:
            now = session.utcnow()
            when = single(now)

        return and_(
            or_(cls.begins_at == null(), literal(when.end) == null(),
                cls.begins_at <= literal(when.end)),
            or_(literal(when.begin) == null(), cls.ends_at == null(),
                literal(when.begin) <= cls.ends_at)
        ).label("active")

    @validates('ends_at')
    def validate_ends_at(self, _, value):
        if value is None:
            return value
        if self.begins_at is not None:
            assert value >= self.begins_at,\
                "begins_at must be before ends_at"
        return value

    @validates('begins_at')
    def validate_begins_at(self, _, value):
        if value is None:
            return value
        if self.ends_at is not None:
            assert value <= self.ends_at,\
                "begins_at must be before ends_at"
        return value

    def disable(self, ends_at=None):
        if ends_at is None:
            ends_at = object_session(self).query(func.current_timestamp()).scalar()

        if self.begins_at is not None and self.begins_at > ends_at:
            self.ends_at = self.begins_at
        else:
            self.ends_at = ends_at
Пример #42
0
class Spot(Base):
    __tablename__ = 'spots'

    spot_id = Column(Integer, primary_key=True)
    king_id = Column(
        Integer,
        ForeignKey('user_infos.user_id',
                   use_alter=True,
                   name='fk_spot_kinginfo'))
    queen_id = Column(
        Integer,
        ForeignKey('user_infos.user_id', use_alter=True, name='fk_spot_queen'))

    name = Column(String(50))
    lat = Column(Float)
    lng = Column(Float)
    description = Column(Text)
    is_private = Column(Boolean)
    price = Column(Float)
    popularity = Column(Float)
    created = Column(DateTime, default=func.current_timestamp())

    assoc = relationship('SpotUserAssociation', backref='spot')
    king = relationship('UserInfo',
                        primaryjoin='UserInfo.user_id==Spot.king_id')
    queen = relationship('UserInfo',
                         primaryjoin='UserInfo.user_id==Spot.queen_id')

    attrs = [
        'spot_id',
        'king_id',
        'queen_id',
        'name',
        'lat',
        'lng',
        'description',
        'is_private',
        'price',
        'popularity',
        'created',
    ]

    def __init__(self,
                 spot_id=None,
                 name=None,
                 lat=None,
                 lng=None,
                 description=None,
                 is_private=False,
                 price=None,
                 popularity=None,
                 created=None):
        self.spot_id = spot_id
        self.name = name
        self.lat = lat
        self.lng = lng
        self.description = description
        self.is_private = is_private
        self.price = price
        self.popularity = popularity
        self.created = created

    def __repr__(self):
        return '<Spot {spot_id}>'.format(spot_id=self.spot_id)
Пример #43
0
class Author(db.Model):
    """
    A document author, which may be a single person (in which case it's linked to a Person),
    or it may be an agency.
    """
    __tablename__ = "authors"

    id          = Column(Integer, primary_key=True)
    name        = Column(String(100), index=True, nullable=False, unique=True)
    author_type_id = Column(Integer, ForeignKey('author_types.id'), nullable=False)
    person_id   = Column(Integer, ForeignKey('people.id', ondelete='SET NULL'))

    created_at   = Column(DateTime(timezone=True), index=True, unique=False, nullable=False, server_default=func.now())
    updated_at   = Column(DateTime(timezone=True), server_default=func.now(), onupdate=func.current_timestamp())

    # Associations
    author_type = relationship("AuthorType", lazy=False)
    person      = relationship("Person", lazy=False)

    def json(self):
        return {
            'id': self.id,
            'name': self.person.name if self.person else self.name,
            'author_type': self.author_type.name,
        }


    def __repr__(self):
        return "<Author id=%s, type=%s, name=\"%s\", person=%s>" % (self.id, self.author_type, self.person, self.name.encode('utf-8'))

    @classmethod
    def unknown(cls):
        return cls.get_or_create('Unknown', AuthorType.unknown())

    @classmethod
    def get_or_create(cls, name, author_type, gender=None, race=None):
        """ Get the author with this name or create it if it doesn't exist. """
        a = Author.query.filter(Author.name == name).first()
        if not a:
            a = Author()
            a.name = name[0:100]
            a.author_type = author_type

            if a.author_type.name in ['Journalist', 'Guest Writer']:
                # create an associated person
                a.person = Person.get_or_create(name, gender, race)

            # force a db write (within the transaction) so subsequent lookups
            # find this entity
            db.session.add(a)
            db.session.flush()
        return a
Пример #44
0
    def define_tables(cls, metadata):
        default_generator = cls.default_generator = {"x": 50}

        def mydefault():
            default_generator["x"] += 1
            return default_generator["x"]

        def myupdate_with_ctx(ctx):
            conn = ctx.connection
            return conn.execute(sa.select(sa.text("13"))).scalar()

        def mydefault_using_connection(ctx):
            conn = ctx.connection
            return conn.execute(sa.select(sa.text("12"))).scalar()

        use_function_defaults = testing.against("postgresql", "mssql")
        is_oracle = testing.against("oracle")

        class MyClass(object):
            @classmethod
            def gen_default(cls, ctx):
                return "hi"

        class MyType(TypeDecorator):
            impl = String(50)

            def process_bind_param(self, value, dialect):
                if value is not None:
                    value = "BIND" + value
                return value

        cls.f = 6
        cls.f2 = 11
        with testing.db.connect() as conn:
            currenttime = cls.currenttime = func.current_date(type_=sa.Date)
            if is_oracle:
                ts = conn.scalar(
                    sa.select(
                        func.trunc(
                            func.current_timestamp(),
                            sa.literal_column("'DAY'"),
                            type_=sa.Date,
                        )
                    )
                )
                currenttime = cls.currenttime = func.trunc(
                    currenttime, sa.literal_column("'DAY'"), type_=sa.Date
                )
                def1 = currenttime
                def2 = func.trunc(
                    sa.text("current_timestamp"),
                    sa.literal_column("'DAY'"),
                    type_=sa.Date,
                )

                deftype = sa.Date
            elif use_function_defaults:
                def1 = currenttime
                deftype = sa.Date
                if testing.against("mssql"):
                    def2 = sa.text("getdate()")
                else:
                    def2 = sa.text("current_date")
                ts = conn.scalar(func.current_date())
            else:
                def1 = def2 = "3"
                ts = 3
                deftype = Integer

            cls.ts = ts

        Table(
            "default_test",
            metadata,
            # python function
            Column("col1", Integer, primary_key=True, default=mydefault),
            # python literal
            Column(
                "col2",
                String(20),
                default="imthedefault",
                onupdate="im the update",
            ),
            # preexecute expression
            Column(
                "col3",
                Integer,
                default=func.length("abcdef"),
                onupdate=func.length("abcdefghijk"),
            ),
            # SQL-side default from sql expression
            Column("col4", deftype, server_default=def1),
            # SQL-side default from literal expression
            Column("col5", deftype, server_default=def2),
            # preexecute + update timestamp
            Column("col6", sa.Date, default=currenttime, onupdate=currenttime),
            Column("boolcol1", sa.Boolean, default=True),
            Column("boolcol2", sa.Boolean, default=False),
            # python function which uses ExecutionContext
            Column(
                "col7",
                Integer,
                default=mydefault_using_connection,
                onupdate=myupdate_with_ctx,
            ),
            # python builtin
            Column(
                "col8",
                sa.Date,
                default=datetime.date.today,
                onupdate=datetime.date.today,
            ),
            # combo
            Column("col9", String(20), default="py", server_default="ddl"),
            # python method w/ context
            Column("col10", String(20), default=MyClass.gen_default),
            # fixed default w/ type that has bound processor
            Column("col11", MyType(), default="foo"),
        )
Пример #45
0
def utcnow():
    return session.query(func.current_timestamp()).scalar()
Пример #46
0
 def test_compare_current_timestamp_fn_w_binds(self):
     self._compare_default_roundtrip(
         DateTime(), func.timezone("utc", func.current_timestamp()))
Пример #47
0
class User(db.Model, UserMixin):
    """
    A user who can login and work with Dexter.
    """
    __tablename__ = "users"

    id = Column(Integer, primary_key=True)
    email = Column(String(50), index=True, nullable=False, unique=True)
    first_name = Column(String(50), nullable=False)
    last_name = Column(String(50), nullable=False)
    admin = Column(Boolean, default=False)
    disabled = Column(Boolean, default=False)
    password = Column(String(100), default='')

    default_analysis_nature_id = Column(Integer,
                                        ForeignKey('analysis_natures.id'),
                                        default=1,
                                        nullable=False)

    country_id = Column(Integer, ForeignKey('countries.id'), nullable=False)

    created_at = Column(DateTime(timezone=True),
                        index=True,
                        unique=False,
                        nullable=False,
                        server_default=func.now())
    updated_at = Column(DateTime(timezone=True),
                        server_default=func.now(),
                        onupdate=func.current_timestamp())

    # associations
    default_analysis_nature = relationship("AnalysisNature")
    country = relationship("Country")
    roles = db.relationship('Role',
                            secondary='roles_users',
                            backref=db.backref('users', lazy='dynamic'))

    def short_name(self):
        s = ""
        if self.first_name:
            s += self.first_name

        if self.last_name:
            if s:
                s += " " + self.last_name[0] + "."
            else:
                s = self.last_name

        if not s:
            s = self.email

        return s

    def full_name(self):
        s = '%s %s' % (self.first_name or '', self.last_name or '')
        s = s.strip()

        if not s:
            s = self.email

        return s

    def __repr__(self):
        return "<User email=%s>" % (self.email, )

    # Flask-Security requires an active attribute
    @property
    def active(self):
        return not self.disabled

    @active.setter
    def active(self, value):
        self.disabled = not value

    @classmethod
    def create_defaults(self):
        from . import Country
        from flask_security.utils import encrypt_password

        admin_user = User()
        admin_user.first_name = "Admin"
        admin_user.last_name = "Admin"
        admin_user.admin = True
        admin_user.email = "*****@*****.**"
        admin_user.country = Country.query.filter(
            Country.name == 'South Africa').one()
        admin_user.password = encrypt_password('admin')

        return [admin_user]
Пример #48
0
class User(BaseMixin, db.Model):
    id = db.Column(db.Integer, primary_key=True)
    uid = db.Column(db.String(200), nullable=False, unique=True)
    name = db.Column(db.String(200), nullable=False)
    uid = db.Column(db.String(200), nullable=False)
    odesk_url = db.Column(db.String(200), nullable=False)
    email = db.Column(db.String(200), nullable=False)
    portrait_32_img = db.Column(db.String(200), nullable=True)
    auth_token = db.Column(db.String(200), nullable=False, unique=True)
    created_on = db.Column(db.DateTime, server_default=func.now())
    updated_on = db.Column(db.DateTime, server_default=func.now(),
                           onupdate=func.current_timestamp())

    @validates('email')
    def validate_email(self, key, address):
        assert '@' in address
        return address

    @classmethod
    def get_hash(cls, token):
        import hashlib
        return hashlib.sha224(token).hexdigest()

    @classmethod
    def authenticate(cls, oauth_token, oauth_token_secret, oauth_verifier):
        logging.debug(
            'User Auth: try to authenticate with token %s', oauth_token)
        from auth import OdeskAuth
        auth = OdeskAuth()
        _oauth_token, _oauth_token_secret = auth.authenticate(
            oauth_token, oauth_token_secret, oauth_verifier)
        info = auth.get_my_info(_oauth_token, _oauth_token_secret,
                                oauth_verifier)
        user_info = auth.get_user_info(_oauth_token, _oauth_token_secret,
                                       oauth_verifier)
        logging.info(
            'User Auth: authenticating user %s', info['user']['id'])
        try:
            user = User.query.filter_by(
                uid=info['user']['id']).one()
        except orm_exc.NoResultFound:
            user = User()
            user.uid = info['user']['id']
            logging.debug('User Auth: new user %s added', user.uid)

        import uuid
        auth_token = str(uuid.uuid1())
        user.auth_token = cls.get_hash(auth_token)

        user.name = '{0} {1}'.format(
            info['auth_user']['first_name'],
            info['auth_user']['last_name'])
        user.odesk_url = user_info['info']['profile_url']
        user.portrait_32_img = user_info['info']['portrait_32_img']
        user.email = info['user']['email']

        user.save()
        return auth_token, user

    @classmethod
    def get_auth_url(cls):
        from auth import OdeskAuth
        auth = OdeskAuth()
        return auth.get_auth_url()

    def __repr__(self):
        return "%s <%s>" % (self.name, self.uid)
Пример #49
0
class UserMixin(FlaskUserMixin):
    # login
    uid = Column(GUID(), primary_key=True)
    username = Column(String(32))

    # profile
    admin = Column(Boolean(), default=False)
    face = Column(JSON_GEN())
    points = Column(SmallInteger)
    last_active = Column(TIMESTAMP,
                         server_default=func.now(),
                         onupdate=func.current_timestamp())

    # oauth
    access_token = Column(String(255), unique=True, nullable=False)
    refresh_token = Column(String(255), index=True)
    issued_at = Column(Integer, nullable=False, default=lambda: int(time()))
    expires_in = Column(Integer, nullable=False, default=0)

    def get_id(self):
        return str(self.uid) if self.uid else None

    @property
    def expires_at(self):
        if self.issued_at is None or self.expires_in is None:
            # bugfix for records that have no expiry
            return 0

        return self.issued_at + self.expires_in

    @property
    def is_active(self):
        return True

    @property
    def is_authenticated(self):
        return self.uid is not None

    @property
    def is_anonymous(self):
        return False

    def get_user_id(self):
        # used for oauth2
        return self.uid

    def __hash__(self):
        return hash(self.uid)

    def __repr__(self):
        return "{}({}..)".format(self.username, str(self.uid)[0:4])

    def update_token(self, th):
        self.access_token = th.access_token
        self.issued_at = th.issued_at
        self.expires_in = th.expires_in

        if hasattr(th, 'refresh_token'):
            self.refresh_token = th.refresh_token

    def update_user(self, user):
        if self.access_token != user.access_token and user.access_token is not None:
            self.update_token(user)

        if hasattr(user, 'refresh_token'):
            self.refresh_token = user.refresh_token

        if user.username != self.username and user.username is not None:
            self.username = user.username

        if user.points != self.points and user.points is not None:
            self.points = user.points

        if user.face != self.face and user.face is not None:
            self.face = user.face

        if user.admin != self.admin and user.admin is not None:
            self.admin = user.admin

        if user.last_active != self.last_active and user.last_active is not None:
            self.last_active = user.last_active
Пример #50
0
__all__ = [
    'ATTR_TABLE', 'Attribute', 'and_', 'ENTITY_TABLE', 'Entity', 'func',
    'METADATA', 'not_', 'or_', 'SESSION', 'select', 'VERSION',
    'latest_version', 'CLUSTO_VERSIONING', 'Counter', 'ClustoVersioning',
    'working_version', 'OperationalError', 'ClustoEmptyCommit'
]

METADATA = MetaData()

CLUSTO_VERSIONING = Table('clustoversioning',
                          METADATA,
                          Column('version', Integer, primary_key=True),
                          Column('timestamp',
                                 TIMESTAMP,
                                 default=func.current_timestamp(),
                                 index=True),
                          Column('user', String(64), default=None),
                          Column('description', Text, default=None),
                          mysql_engine='InnoDB')

logging.basicConfig(format='%(asctime)s %(name)s %(levelname)s %(message)s')
audit_log = logging.getLogger('clusto.audit')


class ClustoEmptyCommit(Exception):
    pass


class ClustoSession(sqlalchemy.orm.interfaces.SessionExtension):
    def after_begin(self, session, transaction, connection):
Пример #51
0
class User(Base):
    __tablename__ = 'users'

    uid = Column(postgresql.UUID(as_uuid=True),
                 primary_key=True,
                 default=uuid.uuid4)
    created_at = Column(TIMESTAMP,
                        server_default=func.now(),
                        onupdate=func.current_timestamp())
    last_time = Column(TIMESTAMP,
                       server_default=func.now(),
                       onupdate=func.current_timestamp())

    iso = Column(String(3))
    wid = Column(postgresql.UUID(as_uuid=True))

    username = Column(String(32))
    email = Column(String(128))
    salt = Column(String(128), nullable=True)
    token = Column(String(128), nullable=True)
    password = Column(String(128))

    elo = Column(SmallInteger)
    division = Column(SmallInteger)

    def __init__(self, **kwargs):
        self.uid = kwargs.get('uid')

        self.email = kwargs.get('email')
        self.username = kwargs.get('username')
        self.iso = kwargs.get('iso')
        self.wid = kwargs.get('wid')

        self.salt = kwargs.get('salt')
        self.token = kwargs.get('token')
        self.password = kwargs.get('password')

        self.elo = kwargs.get('elo')
        self.division = kwargs.get('division')

        # data conversion
        if isinstance(self.wid, str):
            self.wid = uuid.UUID(self.wid)
        if isinstance(self.uid, str):
            self.uid = uuid.UUID(self.uid)

    def to_dict(self):
        return {
            "uid": self.uid,
            "username": self.username,
            "iso": self.iso,
            "wid": str(self.wid) if self.wid else None,
            "token": self.token,
            "elo": self.elo,
            "division": self.division,
        }

    def to_game_view(self):
        return {
            "username": self.username,
            "division": self.division,
        }

    def __repr__(self):
        return "{}({},{})".format(self.username, self.division, self.iso)
Пример #52
0
class Vulnerability(MainBase):
    # __fulltext_columns__ = ('comment',)
    __tablename__ = "vulnerability"
    vcdb_id = Column(Integer, default=None, nullable=True)
    version = Column(Integer, default=None, nullable=True)
    prev_version = Column(Integer, default=None, nullable=True)
    state = Column(Enum(VulnerabilityState),
                   default=VulnerabilityState.NEW,
                   nullable=False)
    reviewer_id = Column(Integer,
                         ForeignKey(User.id, name='fk_reviewer_id'),
                         nullable=True)
    reviewer = relationship(User, foreign_keys=[reviewer_id])
    review_feedback = Column(Text)
    feedback_reviewer_id = Column(Integer,
                                  ForeignKey(User.id,
                                             name='fk_feedback_reviewer_id'),
                                  nullable=True)
    feedback_reviewer = relationship(User, foreign_keys=[feedback_reviewer_id])
    comment = Column(Text, nullable=False)
    date_created = Column(DateTime,
                          default=func.current_timestamp(),
                          index=True)
    exploit_exists = Column(Boolean, default=False)
    # N.B. Don't use a ForeignKey constraint on NVD here as the nvd data might
    # be updated dynamically (e.g. row deleted and then added by
    # go-cve-dictionary).
    cve_id = Column(String(255), nullable=True, index=True)
    UniqueConstraint(vcdb_id, version, name='uk_vcdb_id_version')
    creator_id = Column(Integer, ForeignKey(User.id), nullable=True)
    creator = relationship(User, foreign_keys=[creator_id])

    # TODO: Enable this once custom resource links are supported again.
    # resource_links = relationship(
    #     VulnerabilityResources,
    #     backref="vulnerability",
    #     cascade="all, delete-orphan",
    #     single_parent=True,
    # )

    commits = relationship(
        VulnerabilityGitCommits,
        cascade="all, delete-orphan",
        single_parent=True,
        lazy="joined",
    )

    nvd = relationship(
        "Nvd",
        backref="vulns",
        primaryjoin="remote(Nvd.cve_id) == foreign(Vulnerability.cve_id)",
    )

    _has_annotations = None

    _permissions = {
        PredefinedRoles.ADMIN: {
            MANAGE: ALL,
        },
        PredefinedRoles.USER: {
            READ: {
                'state': VulnerabilityState.PUBLISHED,
            },
            UPDATE: lambda vuln, user: vuln.creator == user,
        },
        PredefinedRoles.REVIEWER: {
            READ:
            lambda vuln, user:
            (vuln.state == VulnerabilityState.READY or vuln.state ==
             VulnerabilityState.IN_REVIEW and vuln.reviewer == user),
            ASSIGN:
            True,
            APPROVE:
            True,
            REJECT:
            True,
        }
    }

    def set_has_annotations(self, status: bool = True):
        self._has_annotations = status

    @hybrid_property
    def has_annotations(self):
        if self._has_annotations is not None:
            return self._has_annotations

        if self.commits:
            for commit in self.commits:
                if commit.comments:
                    self._has_annotations = True
                    return True
        return False

    @has_annotations.expression  # type: ignore[no-redef]
    def has_annotations(self):
        return self.commits.any(VulnerabilityGitCommits.comments.any())

    @property
    def master_commit(self):
        # TODO: refactor assumption that the first commit is the "master" one!
        if self.commits and self.commits[0].commit_link:
            return self.commits[0]
        return None

    def __repr__(self):
        return f"Vulnerability Info({vars(self)})"

    @classmethod
    def get_by_vcdb_id(cls, id: str, published_only: bool = True):  # pylint: disable=redefined-builtin
        state_filter = None
        if published_only:
            state_filter = VulnerabilityState.PUBLISHED
        return cls.query.filter_by(
            vcdb_id=id,
            state=state_filter).options(default_vuln_view_options).order_by(
                cls.version.desc()).first()

    @classmethod
    def get_by_id(cls, id: str):  # pylint: disable=redefined-builtin
        return cls.query.filter_by(
            id=id).options(default_vuln_view_options).first()

    @classmethod
    def get_by_cve_id(cls, cve_id: str, published_only: bool = True):
        state_filter = None
        if published_only:
            state_filter = VulnerabilityState.PUBLISHED
        return (cls.query.filter_by(
            cve_id=cve_id,
            state=state_filter).options(default_vuln_view_options).first())

    @classmethod
    def get_by_commit_hash(cls, commit_hash: str):
        return (cls.query.join(
            Vulnerability.commits,
            aliased=True).filter_by(commit_hash=commit_hash).options(
                default_vuln_view_options).first())

    def to_json(self):
        """Prepare object for Json serialisation."""
        products = [{
            'vendor': v,
            'product': p
        } for v, p in self.nvd.get_products()]
        cwes = [{'id': c.cwe_id, 'name': c.cwe_name} for c in self.nvd.cwes]
        return {
            'comment': self.comment,
            'cve_id': self.cve_id,
            'cwes': cwes,
            'description': self.nvd.description,
            'exploit_exists': self.exploit_exists,
            'has_annotations': self.has_annotations,
            'is_processed': True,
            'langs': self.nvd.get_languages(),
            'master_commit': self.master_commit.to_json(),
            'products': products,
            'references': [l.link for l in self.nvd.references],
            'score': self.nvd.score,
        }

    def to_json_full(self):
        """Serialize object properties as dict."""
        data = self.to_json()
        # TODO: Enable this once custom resource_links are supported again.
        #data['resource_links'] = [
        #    r.to_json() for r in self.resource_links
        #    if self.resource_links is not None
        #]
        data['commits'] = [
            c.to_json() for c in self.commits if self.commits is not None
        ]
        data['nvd'] = self.nvd._to_json_full(
        ) if self.nvd is not None else None
        data['creator'] = self.creator.to_json(
        ) if self.creator is not None else None
        data['date_created'] = self.date_created
        data['date_modified'] = self.date_modified

        return data

    def update_state(self, new_state):
        state_machine = VulnerabilityState(self)
        state_machine.next_state(new_state)
        self.state = new_state

    def is_new(self):
        return self.state == VulnerabilityState.NEW

    def needs_improvement(self):
        return self.state == VulnerabilityState.NEEDS_IMPROVEMENT

    def is_reviewable(self):
        return self.state == VulnerabilityState.READY

    def is_in_review(self):
        return self.state == VulnerabilityState.IN_REVIEW

    def is_publishable(self):
        return self.state == VulnerabilityState.REVIEWED

    def is_reviewer(self, reviewer):
        return self.reviewer == reviewer

    def is_creator(self, creator):
        return self.creator == creator

    def has_feedback(self):
        return bool(self.review_feedback)

    def make_reviewable(self):
        self.update_state(VulnerabilityState.READY)

    def accept_review(self, reviewer):
        self.reviewer = reviewer
        self.update_state(VulnerabilityState.IN_REVIEW)

    def deny_review(self):
        self.reviewer = None
        self.update_state(VulnerabilityState.READY)

    def accept_change(self):
        self.update_state(VulnerabilityState.REVIEWED)

    def deny_change(self, reviewer, reason):
        self.feedback_reviewer = reviewer
        self.review_feedback = reason
        self.update_state(VulnerabilityState.NEEDS_IMPROVEMENT)

    def archive_entry(self):
        self.update_state(VulnerabilityState.ARCHIVED)

    def return_to_review_pool(self):
        self.reviewer = None
        self.update_state(VulnerabilityState.READY)

    def publish_change(self):
        self.version = self.next_version_number()
        # TODO: Assign a new vcdb_id if required at this point. This is mostly relevant for fully new entry proposals.
        self.update_state(VulnerabilityState.PUBLISHED)

    def next_version_number(self):
        prev_version = Vulnerability.query.filter_by(vcdb_id=self.vcdb_id) \
            .with_entities(func.max(Vulnerability.version)) \
            .first()[0]
        if not prev_version:
            prev_version = 0
        return prev_version + 1

    @staticmethod
    def get_num_proposals_action_required(user):
        return Vulnerability.query.filter(
            Vulnerability.creator == user,
            Vulnerability.state.in_(
                [VulnerabilityState.NEW,
                 VulnerabilityState.NEEDS_IMPROVEMENT])).count()

    @staticmethod
    def get_num_proposals_pending(user):
        return Vulnerability.query.filter(
            Vulnerability.creator == user,
            Vulnerability.state.in_([
                VulnerabilityState.READY, VulnerabilityState.IN_REVIEW,
                VulnerabilityState.REVIEWED
            ])).count()

    @staticmethod
    def get_num_proposals_publishing_pending():
        return Vulnerability.query.filter(
            Vulnerability.state == VulnerabilityState.REVIEWED).count()

    @staticmethod
    def get_num_proposals_unassigned():
        return Vulnerability.query.filter(
            Vulnerability.state == VulnerabilityState.READY).count()

    @staticmethod
    def get_num_proposals_assigned():
        return Vulnerability.query.filter(
            Vulnerability.state == VulnerabilityState.IN_REVIEW).count()

    @staticmethod
    def get_num_proposals_assigned_to(user):
        return Vulnerability.query.filter(
            Vulnerability.reviewer == user,
            Vulnerability.state == VulnerabilityState.IN_REVIEW).count()

    def copy(self):
        new_vuln = copy_obj(self)
        new_vuln.commits = []
        for commit in self.commits:
            new_vuln.commits.append(commit.copy())
        # N.B. We never copy NVD data as it's supposed to stay read only.
        return new_vuln
Пример #53
0
class Post(db.Model):
    __tablename__ = 'post'

    id = db.Column(db.Integer, primary_key=True)
    title = db.Column(db.String, nullable=False)
    slug = db.Column(db.String, nullable=False, unique=True, index=True)
    featured = db.Column(db.Boolean(), default=False, server_default=sql.expression.false(), nullable=False, index=True)
    body = db.Column(db.Text)
    date = db.Column(db.DateTime(timezone=True), index=True, unique=False, nullable=False, server_default=func.now())
    files = db.relationship("PostFile", lazy='joined')
    created_at = db.Column(db.DateTime(timezone=True), index=True, unique=False, nullable=False, server_default=func.now())
    updated_at = db.Column(db.DateTime(timezone=True), server_default=func.now(), onupdate=func.current_timestamp())

    @validates('slug')
    def validate_slug(self, key, value):
        return value.strip('/')

    def __unicode__(self):
        return unicode(self.title)
Пример #54
0
class Pod(db.Model):
    """Pod model."""

    __tablename__ = 'pod'

    id = Column(UUID(as_uuid=True), primary_key=True, default=uuid.uuid4)
    name = Column(String(255), nullable=False)
    user_id = Column(UUID(as_uuid=True), ForeignKey('user.id', deferrable=True, initially='DEFERRED'), index=True, nullable=False)
    base_id = Column(UUID(as_uuid=True), ForeignKey('base.id'), index=True)

    user = relationship("User", back_populates="pod")

    resources = relationship("Resource")
    queue = relationship("Queue", uselist=False, back_populates="pod")
    modules = relationship("Module", back_populates="pod")
    researches = relationship("Research", back_populates="pod")

    created_at = Column(DateTime, server_default=func.now(), nullable=False)
    updated_at = Column(
        DateTime, server_default=func.now(),
        onupdate=func.current_timestamp(),
        nullable=False,
    )

    def __init__(self, nickname):
        """Create a new pod."""
        self.name = "{nickname}'s pod"
        self.queue = Queue()
        resources = []
        for resource in ResourceTypes:
            resources.append(Resource(resource.name))
        self.resources = resources

    def update_resource_production(self):
        """Update the production of each resource."""
        return

    def update_resources(self):
        """Update the current resource state in the db."""
        for resource in self.resources:
            time_diff = datetime.now() - resource.last_update
            diff_in_seconds = time_diff.total_seconds()
            resource_diff = diff_in_seconds * resource.production / 3600

            resource.amount += resource_diff
            if resource.amount < 0:
                resource.amount = 0
            elif resource.amount > resource.max_amount:
                resource.amount = resource.max_amount
            resource.last_update = datetime.now()

            db.session.add(resource)

    def get_by_name(self, name):
        """Get a resource by name."""
        resource = next((r for r in self.resources if r.name == name), None)
        if resource is None:
            raise LookupError(f'No resource with name {name} found.')
        return resource

    def enough_resources(self, requirements) -> bool:
        """Check if there are enough resources for construction."""
        enough = True
        missing = {}
        self.update_resources()
        for requirement in requirements:
            resource = self.get_by_name(requirement['type'])
            amount = requirement['amount']
            if resource is None:
                print(f'Missing resource: {requirement["type"]}')
            if resource.amount <= amount:
                enough = False
                missing[resource.name] = amount - resource.amount
        return enough, missing

    def subtract_resources(self, requirements) -> bool:
        """Check if there are enough resources for construction."""
        for requirement in requirements:
            resource = self.get_by_name(requirement['type'])
            amount = requirement['amount']
            if (resource.amount - amount) <= 0:
                print(f"Can't afford resource {requirement['type']}: {resource.amount} of {amount}")
                raise Exception
            else:
                resource.amount -= amount
            db.session.add(resource)
        db.session.commit()
        return True

    def add_resources(self, requirements) -> bool:
        """Check if there are enough resources for construction."""
        for requirement in requirements:
            resource = self.get_by_name(requirement['type'])
            amount = requirement['amount']
            resource.amount += amount
            db.session.add(resource)
        db.session.commit()
        return True
Пример #55
0
def main(argv=sys.argv):
    """
    Comment on updates that are eligible to be pushed to stable.

    Queries for updates in the testing state that have a NULL request, looping over them looking for
    updates that are eligible to be pushed to stable but haven't had comments from Bodhi to this
    effect. For each such update it finds it will add a comment stating that the update may now be
    pushed to stable.

    This function is the entry point for the bodhi-approve-testing console script.

    Args:
        argv (list): A list of command line arguments. Defaults to sys.argv.
    """
    logging.basicConfig(level=logging.ERROR)

    if len(argv) != 2:
        usage(argv)

    settings = get_appsettings(argv[1])
    initialize_db(settings)
    db = Session()
    buildsys.setup_buildsystem(config)

    try:
        testing = db.query(Update).filter_by(status=UpdateStatus.testing,
                                             request=None)
        for update in testing:
            if not update.release.mandatory_days_in_testing and not update.autotime:
                # If this release does not have any testing requirements and is not autotime,
                # skip it
                print(
                    f"{update.release.name} doesn't have mandatory days in testing"
                )
                continue

            # If this update was already commented, skip it
            if update.has_stable_comment:
                continue

            # If updates have reached the testing threshold, say something! Keep in mind
            # that we don't care about karma here, because autokarma updates get their request set
            # to stable by the Update.comment() workflow when they hit the required threshold. Thus,
            # this function only needs to consider the time requirements because these updates have
            # not reached the karma threshold.
            if update.meets_testing_requirements:
                print(f'{update.alias} now meets testing requirements')
                # Only send email notification about the update reaching
                # testing approval on releases composed by bodhi
                update.comment(
                    db,
                    str(config.get('testing_approval_msg')),
                    author='bodhi',
                    email_notification=update.release.composed_by_bodhi)

                notifications.publish(
                    update_schemas.UpdateRequirementsMetStableV1.from_dict(
                        dict(update=update)))

                if update.autotime and update.days_in_testing >= update.stable_days:
                    print(f"Automatically marking {update.alias} as stable")
                    # For now only rawhide update can be created using side tag
                    # Do not add the release.pending_stable_tag if the update
                    # was created from a side tag.
                    if update.release.composed_by_bodhi:
                        update.set_request(db=db,
                                           action=UpdateRequest.stable,
                                           username="******")
                    # For updates that are not included in composes run by bodhi itself,
                    # mark them as stable
                    else:
                        # Single and Multi build update
                        conflicting_builds = update.find_conflicting_builds()
                        if conflicting_builds:
                            builds_str = str.join(", ", conflicting_builds)
                            update.comment(
                                db, "This update cannot be pushed to stable. "
                                f"These builds {builds_str} have a more recent "
                                f"build in koji's {update.release.stable_tag} tag.",
                                author="bodhi")
                            update.status = UpdateStatus.pending
                            update.request = None
                            update.remove_tag(
                                update.release.get_testing_side_tag(
                                    update.from_tag))
                            db.commit()
                            continue

                        update.add_tag(update.release.stable_tag)
                        update.status = UpdateStatus.stable
                        update.request = None
                        update.pushed = True
                        update.date_stable = update.date_pushed = func.current_timestamp(
                        )
                        update.comment(
                            db,
                            "This update has been submitted for stable by bodhi",
                            author=u'bodhi')

                        # Multi build update
                        if update.from_tag:
                            # Merging the side tag should happen here
                            pending_signing_tag = update.release.get_pending_signing_side_tag(
                                update.from_tag)
                            testing_tag = update.release.get_testing_side_tag(
                                update.from_tag)

                            update.remove_tag(pending_signing_tag)
                            update.remove_tag(testing_tag)
                            update.remove_tag(update.from_tag)

                            koji = buildsys.get_session()
                            koji.deleteTag(pending_signing_tag)
                            koji.deleteTag(testing_tag)

                            # Removes the tag and the build target from koji.
                            koji.removeSideTag(update.from_tag)
                        else:
                            # Single build update
                            update.remove_tag(
                                update.release.pending_testing_tag)
                            update.remove_tag(
                                update.release.pending_stable_tag)
                            update.remove_tag(
                                update.release.pending_signing_tag)
                            update.remove_tag(update.release.candidate_tag)

                db.commit()

    except Exception as e:
        print(str(e))
        db.rollback()
        Session.remove()
        sys.exit(1)
Пример #56
0
    def _baseline_4_expressions(self):
        Zoo = self.metadata.tables["Zoo"]
        Animal = self.metadata.tables["Animal"]
        engine = self.metadata.bind

        def fulltable(select):
            """Iterate over the full result table."""

            return [list(row) for row in engine.execute(select).fetchall()]

        for x in range(ITERATIONS):
            assert len(fulltable(Zoo.select())) == 5
            assert len(fulltable(Animal.select())) == ITERATIONS + 12
            assert len(fulltable(Animal.select(Animal.c.Legs == 4))) == 4
            assert len(fulltable(Animal.select(Animal.c.Legs == 2))) == 5
            assert (
                len(
                    fulltable(
                        Animal.select(
                            and_(Animal.c.Legs >= 2, Animal.c.Legs < 20)
                        )
                    )
                )
                == ITERATIONS + 9
            )
            assert len(fulltable(Animal.select(Animal.c.Legs > 10))) == 2
            assert len(fulltable(Animal.select(Animal.c.Lifespan > 70))) == 2
            assert (
                len(fulltable(Animal.select(Animal.c.Species.startswith("L"))))
                == 2
            )
            assert (
                len(
                    fulltable(Animal.select(Animal.c.Species.endswith("pede")))
                )
                == 2
            )
            assert (
                len(fulltable(Animal.select(Animal.c.LastEscape != None))) == 1
            )  # noqa
            assert (
                len(fulltable(Animal.select(None == Animal.c.LastEscape)))
                == ITERATIONS + 11
            )  # noqa

            # In operator (containedby)

            assert (
                len(fulltable(Animal.select(Animal.c.Species.like("%pede%"))))
                == 2
            )
            assert (
                len(
                    fulltable(
                        Animal.select(
                            Animal.c.Species.in_(["Lion", "Tiger", "Bear"])
                        )
                    )
                )
                == 3
            )

            # Try In with cell references
            class thing(object):
                pass

            pet, pet2 = thing(), thing()
            pet.Name, pet2.Name = "Slug", "Ostrich"
            assert (
                len(
                    fulltable(
                        Animal.select(
                            Animal.c.Species.in_([pet.Name, pet2.Name])
                        )
                    )
                )
                == 2
            )

            # logic and other functions

            assert (
                len(fulltable(Animal.select(Animal.c.Species.like("Slug"))))
                == 1
            )
            assert (
                len(fulltable(Animal.select(Animal.c.Species.like("%pede%"))))
                == 2
            )
            name = "Lion"
            assert (
                len(
                    fulltable(
                        Animal.select(
                            func.length(Animal.c.Species) == len(name)
                        )
                    )
                )
                == ITERATIONS + 3
            )
            assert (
                len(fulltable(Animal.select(Animal.c.Species.like("%i%"))))
                == ITERATIONS + 7
            )

            # Test now(), today(), year(), month(), day()

            assert (
                len(
                    fulltable(
                        Zoo.select(
                            and_(
                                Zoo.c.Founded != None,  # noqa
                                Zoo.c.Founded
                                < func.current_timestamp(_type=Date),
                            )
                        )
                    )
                )
                == 3
            )
            assert (
                len(
                    fulltable(
                        Animal.select(
                            Animal.c.LastEscape
                            == func.current_timestamp(_type=Date)
                        )
                    )
                )
                == 0
            )
            assert (
                len(
                    fulltable(
                        Animal.select(
                            func.date_part("year", Animal.c.LastEscape) == 2004
                        )
                    )
                )
                == 1
            )
            assert (
                len(
                    fulltable(
                        Animal.select(
                            func.date_part("month", Animal.c.LastEscape) == 12
                        )
                    )
                )
                == 1
            )
            assert (
                len(
                    fulltable(
                        Animal.select(
                            func.date_part("day", Animal.c.LastEscape) == 21
                        )
                    )
                )
                == 1
            )
Пример #57
0
           mysql.VARCHAR(length=_MAX_TWEET_USERNAME_LEN),
           nullable=True,
           server_default=""),

    # Tweet contributors JSON object, NULL if none; also, NULL in legacy rows that
    # predate this column.
    # Source: contributors
    Column("contributors", mysql.TEXT(convert_unicode=True), nullable=True),

    # Timestamp when this row was stored
    # NOTE: would have preferred DATETIME, but DATETIME with CURRENT_TIMESTAMP is
    # not possible there until MySQL 5.6.5
    Column("stored_at",
           TIMESTAMP,
           nullable=True,
           server_default=func.current_timestamp()),
    mysql_COLLATE=MYSQL_COLLATE,
    mysql_CHARSET=MYSQL_CHARSET,
)

Index("created_at_idx", twitterTweets.c.created_at)
Index("stored_at_idx", twitterTweets.c.stored_at)

# Twitter metric data samples from twitter_direct_agent
# NOTE: some messages may match multiple metrics
twitterTweetSamples = Table(
    "twitter_tweet_samples",
    metadata,

    # Sequence number; we save the sequence number of the most recently dispatched
    # non-metric data item in the "emitted_non_metric_tracker" table
Пример #58
0
from sqlalchemy.orm import sessionmaker, scoped_session, relationship
from sqlalchemy.orm.exc import NoResultFound
from sqlalchemy import func
from sqlalchemy.dialects.postgresql import JSONB
from arrow.arrow import Arrow

from ztfperiodic.config import app

from flask_login.mixins import UserMixin
from flask_sqlalchemy import SQLAlchemy

db = SQLAlchemy(app)

DBSession = scoped_session(sessionmaker())
EXECUTEMANY_PAGESIZE = 50000
utcnow = func.timezone('UTC', func.current_timestamp())

data_types = {
    int: 'int',
    float: 'float',
    bool: 'bool',
    dict: 'dict',
    str: 'str',
    list: 'list'
}


class Encoder(json.JSONEncoder):
    """Extends json.JSONEncoder with additional capabilities/configurations."""
    def default(self, o):
        if isinstance(o, (datetime, Arrow, date)):
Пример #59
0
class Vulnerability(MainBase):
    # __fulltext_columns__ = ('comment',)
    __tablename__ = "vulnerability"
    vcdb_id = Column(Integer, default=None, nullable=True)
    version = Column(Integer, default=None, nullable=True)
    prev_version = Column(Integer, default=None, nullable=True)
    state = Column(Enum(VulnerabilityState),
                   default=VulnerabilityState.NEW,
                   nullable=False)
    reviewer_id = Column(Integer,
                         ForeignKey(User.id, name='fk_reviewer_id'),
                         nullable=True)
    reviewer = relationship(User, foreign_keys=[reviewer_id])
    review_feedback = Column(Text)
    comment = Column(Text, nullable=False)
    date_created = Column(DateTime,
                          default=func.current_timestamp(),
                          index=True)
    exploit_exists = Column(Boolean, default=False)
    # N.B. Don't use a ForeignKey constraint on NVD here as the nvd data might
    # be updated dynamically (e.g. row deleted and then added by
    # go-cve-dictionary).
    cve_id = Column(String(255), nullable=True, index=True)
    UniqueConstraint(vcdb_id, version, name='uk_vcdb_id_version')
    creator_id = Column(Integer, ForeignKey(User.id), nullable=True)
    creator = relationship(User, foreign_keys=[creator_id])

    # TODO: Enable this once custom resource links are supported again.
    # resource_links = relationship(
    #     VulnerabilityResources,
    #     backref="vulnerability",
    #     cascade="all, delete-orphan",
    #     single_parent=True,
    # )

    commits = relationship(
        VulnerabilityGitCommits,
        cascade="all, delete-orphan",
        single_parent=True,
        lazy="joined",
    )

    nvd = relationship(
        "Nvd",
        backref="vulns",
        primaryjoin="remote(Nvd.cve_id) == foreign(Vulnerability.cve_id)",
    )

    _has_annotations = None

    def set_has_annotations(self, status: bool = True):
        self._has_annotations = status

    @hybrid_property
    def has_annotations(self):
        if self._has_annotations is not None:
            return self._has_annotations

        if self.commits:
            for commit in self.commits:
                if commit.comments:
                    self._has_annotations = True
                    return True
        return False

    @has_annotations.expression  # type: ignore[no-redef]
    def has_annotations(self):
        return self.commits.any(VulnerabilityGitCommits.comments.any())

    @property
    def master_commit(self):
        # TODO: refactor assumption that the first commit is the "master" one!
        if self.commits:
            return self.commits[0]
        return None

    def __repr__(self):
        return f"Vulnerability Info({vars(self)})"

    @classmethod
    def get_by_vcdb_id(cls, id: str):  # pylint: disable=redefined-builtin
        return cls.query.filter_by(
            vcdb_id=id).options(default_vuln_view_options).first()

    @classmethod
    def get_by_id(cls, id: str):  # pylint: disable=redefined-builtin
        return cls.query.filter_by(
            id=id).options(default_vuln_view_options).first()

    @classmethod
    def get_by_cve_id(cls, cve_id: str):
        return (cls.query.filter_by(
            cve_id=cve_id).options(default_vuln_view_options).first())

    @classmethod
    def get_by_commit_hash(cls, commit_hash: str):
        return (cls.query.join(
            Vulnerability.commits,
            aliased=True).filter_by(commit_hash=commit_hash).options(
                default_vuln_view_options).first())

    def to_json(self):
        """Prepare object for Json serialisation."""
        products = [{
            'vendor': v,
            'product': p
        } for v, p in self.nvd.get_products()]
        cwes = [{'id': c.cwe_id, 'name': c.cwe_name} for c in self.nvd.cwes]
        return {
            'comment': self.comment,
            'cve_id': self.cve_id,
            'cwes': cwes,
            'description': self.nvd.description,
            'exploit_exists': self.exploit_exists,
            'has_annotations': self.has_annotations,
            'is_processed': True,
            'langs': self.nvd.get_languages(),
            'master_commit': self.master_commit.to_json(),
            'products': products,
            'references': [l.link for l in self.nvd.references],
            'score': self.nvd.score,
        }

    def to_json_full(self):
        """Serialize object properties as dict."""
        data = self.to_json()
        # TODO: Enable this once custom resource_links are supported again.
        #data['resource_links'] = [
        #    r.to_json() for r in self.resource_links
        #    if self.resource_links is not None
        #]
        data['commits'] = [
            c.to_json() for c in self.commits if self.commits is not None
        ]
        data['nvd'] = self.nvd._to_json_full(
        ) if self.nvd is not None else None
        data['creator'] = self.creator.to_json(
        ) if self.creator is not None else None
        data['date_created'] = self.date_created
        data['date_modified'] = self.date_modified

        return data
Пример #60
0
 class Tag(self.Base):
     __tablename__ = 'tag'
     id = Column(Integer, primary_key=True)
     name = Column(Unicode)
     updated_at = Column(DateTime, server_default=func.now(),
                         onupdate=func.current_timestamp())