def index(request):
"""
:param request:
:return:
"""
if request.method == "POST":
try:
save(request)
name = request.POST.get('name', '')
msg = urlquote(' "{0}" 服务注册成功!'.format(name))
return HttpResponseRedirect('/node/service/?msg={0}'.format(msg))
except Exception as ex:
import traceback
traceback.print_exc()
return HttpResponseRedirect('/node/service/?errmsg={0}'.format(
urlquote(str(ex))))
else:
action = request.GET.get('action', '')
if action:
items = ServiceInfo.objects.all()
services = []
for item in items:
services.append({
'name': item.name,
'key': item.key,
'role': 'ui' if item.role == 1 else 'client',
'keyword': item.process_keyword
})
response = HttpResponse(json.dumps(services, indent=2),
content_type='application/json')
response[
'Content-Disposition'] = 'attachment; filename="services.json"'
response.write(codecs.BOM_UTF8)
return response
else:
keyword = request.GET.get('k', '')
page_num = parse_int(request.GET.get('p', 1), 1)
page_size = parse_int(request.GET.get('ps', 20), 20)
sql_where = {}
if keyword:
sql_where['name__icontains'] = keyword.strip()
items = ServiceInfo.objects.filter(
**sql_where).order_by('-created_at')
paginator = Paginator(items,
page_size,
request=request,
pre_name=u"服务")
page = paginator.page(page_num)
return render(
request, 'node/service/index.html', {
'nav': 'node',
'page': page,
'keyword': keyword,
'engines': get_all_engine(),
'node_role': NODE_ROLE_TYPE,
})
def index(request):
"""
:param request:
:return:
"""
if request.method == "POST":
# make upgrade package
action = request.POST.get('action', '')
if action == 'release':
description = request.POST.get('description', '')
create_package_obj(description=description)
elif action == 'archive':
archive(request)
return HttpResponseRedirect('/node/upgrade/')
else:
keyword = request.GET.get('k', '')
page_num = parse_int(request.GET.get('p', 1), 1)
page_size = parse_int(request.GET.get('ps', 20), 20)
sql_where = {}
if keyword:
sql_where['name__icontains'] = keyword.strip()
items = UpgradePackageInfo.objects.filter(
**sql_where).order_by('-created_at')
paginator = Paginator(items,
page_size,
request=request,
pre_name=u"升级包")
page = paginator.page(page_num)
return render(
request, 'node/upgrade/index.html', {
'nav': 'node',
'page': page,
'keyword': keyword,
'engines': get_all_engine(),
'node_role': NODE_ROLE_TYPE,
'version': get_current_client_version,
})
def show(request, profile_id):
"""
:param request:
:param profile_id:
:return:
"""
model = get_profile_by_id(profile_id=profile_id)
template_conf = None
if not model:
return HttpResponseRedirect('/scan/template/?errmsg={0}'.format(urlquote('扫描模板未找到!')))
if model.config:
template_conf = ast.literal_eval(model.config)
return render(request, 'scan/template/edit.html', {
'nav': 'scan',
'model': model,
'engines': get_all_engine(),
'rule_list': get_tactic_rule_all(),
'plugin_list': get_tactic_plugin_all(),
'template_conf': template_conf,
'statistics': TACTIC_TYPE,
})
def index(request, task_id=None):
"""
:param request:
:param task_id:
:return:
"""
app_id = strip(request.GET.get('app', ''))
e = strip(request.GET.get('e', ''))
cate = strip(request.GET.get('c', ''))
risk = strip(request.GET.get('r', ''))
done = strip(request.GET.get('d', ''))
keyword = request.GET.get('k', '')
a = request.GET.get('a', '')
page_num = parse_int(request.GET.get('p', 1), 1)
page_size = parse_int(request.GET.get('ps', 20), 20)
sql_where = {}
app_obj = None
if task_id:
task = get_task_by_id(task_id)
if task:
app_obj = get_app_by_id(task.app.id)
sql_where['app__id'] = task.app.id
if app_id:
app_obj = get_app_by_id(app_id)
sql_where['app__id'] = app_id
if e:
sql_where['tactic__engine__id'] = int(e)
if risk:
sql_where['tactic__risk'] = risk
if cate:
sql_where['tactic__type'] = int(cate)
if keyword:
keyword = keyword.strip()
sql_where['title__icontains'] = keyword
if a:
if a == '1':
sql_where['is_send_alarm'] = True
elif a == '2':
sql_where['scm_url__isnull'] = False
if done:
if done == '1':
sql_where['status__in'] = [2, 3, 4, 5]
elif done == '2':
sql_where['status'] = 1
elif done == '3':
sql_where['is_false_positive'] = True
items = IssueInfo.objects.filter(**sql_where).order_by("-updated_at")
paginator = Paginator(items, page_size, request=request, pre_name=u"问题")
page = paginator.page(page_num)
return render(
request, 'scan/issue/index.html', {
'nav': 'scan',
'page': page,
'e': e,
'c': cate,
'r': risk,
'd': done,
'alarm': a,
'app_obj': app_obj,
'keyword': keyword,
'issues_type': TACTIC_TYPE,
'risk_list': RISK_TYPE,
'engine_list': get_all_engine(),
'issues_status': ISSUE_STATUS,
})
def index(request):
"""
:param request:
:return:
"""
if request.method == "POST":
try:
tactic_id = request.POST.get('tactic_id', None)
if tactic_id:
msg = '修改策略规则成功!'
else:
msg = '添加策略规则成功!'
save(request)
return HttpResponseRedirect('/tactic/rule/?msg={0}'.format(
urlquote(msg)))
except (Exception, QueryConditionIsEmptyException,
ParameterIsEmptyException) as ex:
import traceback
traceback.print_exc() # FIXME syslog
return HttpResponseRedirect('/tactic/rule/?errmsg={0}'.format(
urlquote(str(ex))))
else:
t = strip(request.GET.get('t', ''))
e = strip(request.GET.get('e', ''))
n = strip(request.GET.get('n', ''))
r = strip(request.GET.get('r', ''))
lang = strip(request.GET.get('l', ''))
keyword = strip(request.GET.get('k', ''))
a = strip(request.GET.get('a', ''))
kb = strip(request.GET.get('kb', ''))
page_num = parse_int(request.GET.get('p', 1), 1)
page_size = parse_int(request.GET.get('ps', 20), 20)
sql_where = {}
if n:
sql_where['nature_type'] = parse_int(n, 0)
if t:
sql_where['type'] = parse_int(t, 0)
if r:
sql_where['risk'] = parse_int(r, 0)
if e:
sql_where['engine__id'] = int(e)
if keyword:
sql_where['name__icontains'] = keyword
if lang:
sql_where['lang__id'] = int(lang)
if a:
if a == '1':
sql_where['alarm_enable'] = True
else:
sql_where['alarm_enable'] = False
if kb:
if kb == '1':
sql_where['vuln__isnull'] = False
else:
sql_where['vuln__isnull'] = True
items = TacticInfo.objects.filter(**sql_where).order_by('-updated_at')
paginator = Paginator(items,
page_size,
request=request,
pre_name=u"规则")
page = paginator.page(page_num)
return render(
request, 'tactic/rule/index.html', {
'nav': 'tactic',
'page': page,
't': t,
'r': r,
'n': n,
'a': a,
'e': e,
'kb': kb,
'l': lang,
'keyword': keyword,
'risk_list': RISK_TYPE,
'tactic_type_list': TACTIC_TYPE,
'match_list': TACTIC_MATCH_TYPE,
'engine_list': get_all_engine(),
'component_match_list': COMPONENT_MATCH_TYPE,
'lang_list': get_lang_all(),
})