def add(request): # firmware_id = req_post_param(request, "firmware_id") title = req_post_param(request, "title") author = req_post_param(request, "author") type = req_post_param(request, "type") platform = req_post_param(request, "platform") # 获取可用的firmware_id,内部检查取值范围和是否冲突(firmware_id需要唯一) firmware_id = firmware_db.get_suggest_firmware_id(None) # with utils.sys.config.g_mongo_client.start_session(causal_consistency=True) as session: # """事物必须在session下执行,with保证了session的正常关闭""" # with session.start_transaction(): # """一旦出现异常会自动调用session.abort_transaction()""" # 获取各字段的索引号,如果是新值,则添加一条新索引,并返回新的id号 author_id = firmware_db.fetch_field_id('author', author) type_id = firmware_db.fetch_field_id('type', type) platform_id = firmware_db.fetch_field_id('platform', platform) # 组装漏洞信息,并添加 item = {'description': [firmware_id, title], 'date_published': SysUtils.get_now_time().strftime('%Y-%m-%d'), 'verified': 0, 'port': 0, 'customized': 1, 'author': {'id': author_id, 'name': author}, 'type': {'id': type_id, 'name': type}, 'platform': {'id': platform_id, 'platform': platform}, 'firmware_id': firmware_id} result = firmware_db.add(item) # 为性能测试中降低CPU使用率,小段延时 time.sleep(1.0) # 本版本不检查成功与否 #SysLog.success('新建漏洞', '成功添加漏洞信息,漏洞ID={}'.format(firmware_id)) return app_ok_p({'firmware_id': firmware_id, 'customized': 1, 'date_published': item['date_published']})
def fetch(request): firmware_id = req_get_param(request, 'firmware_id') if StrUtils.is_blank(firmware_id): return sys_app_err('ERROR_INVALID_PARAMETER') doc = firmware_db.fetch(firmware_id) if doc is None: #SysLog.fail('提取漏洞', '没有提取到漏洞信息(ID={})'.format(firmware_id)) return sys_app_err('ERROR_FWID_NOT_FOUND') #SysLog.success('提取漏洞', '成功提取漏洞信息(ID={})'.format(firmware_id)) return app_ok_p(doc)
def poc_query(request): offset = req_get_param_int(request, 'offset') count = req_get_param_int(request, 'count') # 获取信息总数 total = firmware_pocs.count() # 指定偏移量越界,则报错 if offset >= total: return app_err_p(Error.NO_MORE_DATA, {'total': total, 'count': 0}) # 读取利用方法数据 docs = firmware_pocs.query(offset, count) #SysLog.success('查询POC', '成功查询漏洞的POC,总数={}'.format(len(docs))) return app_ok_p({'total': total, 'count': len(docs), 'items': docs})
def search(request): offset = req_get_param_int(request, 'offset') count = req_get_param_int(request, 'count') value = req_get_param(request, 'value') # 查找利用信息 result_cursor = firmware_db.search(value) item_list = list(result_cursor) # 获取信息总数,并判断指定偏移量是否越界 total = len(item_list) if total == 0 or offset >= total: return app_err_p(Error.NO_MORE_DATA, {'total': total, 'count': 0}) # 读取指定位置和数量的利用信息 if count > total - offset: count = total - offset item_list = item_list[offset: offset + count] # 为性能测试中降低CPU使用率,小段延时 time.sleep(1.0) #SysLog.success('搜索漏洞', '成功搜索漏洞信息,查询到漏洞信息总数={}'.format(len(item_list))) return app_ok_p({'total': total, 'count': len(item_list), 'items': item_list})
def filter(request): offset = req_get_param_int(request, 'offset') count = req_get_param_int(request, 'count') field = req_get_param(request, 'field') value = req_get_param(request, 'value') # 查找利用信息 result_cursor = firmware_db.filter(field, value) if result_cursor is None: return app_err(Error.INVALID_REQ_PARAM) item_list = list(result_cursor) # 获取信息总数,并判断指定偏移量是否越界 total = len(item_list) if total == 0 or offset >= total: return app_err_p(Error.NO_MORE_DATA, {'total': total, 'count': 0}) # 读取指定位置和数量的利用信息 if count > total - offset: count = total - offset item_list = item_list[offset: offset + count] #SysLog.success('查询漏洞', '成功查询漏洞信息,查询到漏洞信息总数={}'.format(len(item_list))) return app_ok_p({'total': total, 'count': len(item_list), 'items': item_list})
def max_id(request): max_id = firmware_db.max_firmware_id() return app_ok_p({'max_id': max_id})
def query_platform(request): return app_ok_p(firmware_db.query_platform())
def query_type(request): return app_ok_p(firmware_db.query_type())