1 files changed, 163 insertions, 0 deletions
diff --git a/bin/acme/srtool_acme.py b/bin/acme/srtool_acme.py
new file mode 100755
index 00000000..02750ba5
--- /dev/null
+++ b/bin/acme/srtool_acme.py
@@ -0,0 +1,163 @@
+#!/usr/bin/env python3
+#
+# ex:ts=4:sw=4:sts=4:et
+# -*- tab-width: 4; c-basic-offset: 4; indent-tabs-mode: nil -*-
+#
+# Security Response Tool Commandline Tool
+#
+# Copyright (C) 2018       Wind River Systems
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along
+# with this program; if not, write to the Free Software Foundation, Inc.,
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+### Usage Examples (run from top level directory)
+# Init ACME products:   ./bin/yp/srtool_acme.py --init-products
+
+
+###
+### THIS IS A SAMPLE DATASOURCE FOR INSTANTIATING AND
+### MANAGING AN ORGANIZATION'S SRTOOL INTEGRATION
+###
+
+
+import os
+import sys
+import re
+import csv
+import xml.etree.ElementTree as ET
+import argparse
+import sqlite3
+import subprocess
+import json
+import urllib
+from datetime import datetime
+
+# load the srt.sqlite schema indexes
+dir_path = os.path.dirname(os.path.dirname(os.path.realpath(__file__)))
+sys.path.insert(0, dir_path)
+from common.srt_schema import ORM
+
+try:
+    from datetime import datetime, date
+    from urllib.request import urlopen, URLError
+    from urllib.parse import urlparse
+except ImportError:
+    from urllib2 import urlopen, URLError
+    from urlparse import urlparse
+
+srtDbName = 'srt.sqlite'
+
+
+#################################
+# Helper methods
+#
+
+verbose = False
+
+def debugMsg(msg):
+    if verbose:
+        print(msg)
+
+overrides = {}
+
+def set_override(key,value=None):
+    if not value is None:
+        overrides[key] = value
+    elif key in os.environ.keys():
+        overrides[key] = 'yes' if os.environ[key].startswith('1') else 'no'
+    else:
+        overrides[key] = ''
+    if overrides[key]:
+        print("OVERRIDE: %s = %s" % (key,overrides[key]))
+
+def get_override(key):
+    if key in overrides.keys():
+        return overrides[key]
+    return ''
+
+#################################
+# Initialize the product list
+#
+
+###
+### NOTE: THIS WHERE YOU CAN MAP THE ORGANIZATION'S PRODUCT DATA
+### INTO THE SRTOOL SUPPORTED FORMATS
+###
+
+def init_products(source_file):
+
+    source_doc = os.path.join(srtool_basepath,source_file)
+    with open(source_doc) as json_data:
+        dct = json.load(json_data)
+
+    conn = sqlite3.connect(srtDbName)
+    cur = conn.cursor()
+
+    Product_Items = dct['Product_Items']
+    for i, Product_Item  in enumerate(Product_Items):
+        order = Product_Item['order']
+        key = Product_Item['key']
+        name = Product_Item['name']
+        version = Product_Item['version']
+        profile = Product_Item['profile']
+        cpe = Product_Item['cpe']
+        defect_tags = Product_Item['defect_tags']
+        product_tags = Product_Item['product_tags']
+
+        sql = "SELECT 1 FROM orm_product WHERE key = '%s'" % (key, )
+        product = cur.execute(sql).fetchone()
+        if product is None:
+            # NOTE: 'order' is a reserved SQL keyword, so we have to quote it
+            sql = ''' INSERT into orm_product ("order", key, name, version, profile, cpe, defect_tags, product_tags) VALUES (?, ?, ?, ?, ?, ?, ?, ?)'''
+            cur.execute(sql, (order, key, name, version, profile, cpe, defect_tags, product_tags))
+        else:
+            sql = ''' UPDATE orm_product
+                      SET "order" = ?, cpe= ?, defect_tags=?, product_tags=?
+                      WHERE id=?'''
+            cur.execute(sql, (order, cpe, defect_tags, product_tags, product[ORM.PRODUCT_ID]))
+    conn.commit()
+
+#################################
+# main loop
+#
+
+def main(argv):
+    global verbose
+
+    parser = argparse.ArgumentParser(description='srtool_acme.py: Manage SRTool to ACME Corp')
+    parser.add_argument('--init-products', '-p', action='store_const', const='init_products', dest='command', help='Init and import ACME Products')
+    parser.add_argument('--file', dest='file', help='Source file')
+    parser.add_argument('--verbose', '-v', action='store_true', dest='verbose', help='Verbose debugging')
+    args = parser.parse_args()
+
+    master_log = open("./update_logs/master_log.txt", "a")
+
+    verbose = args.verbose
+
+    # required parameter for the following commands
+    if not args.file:
+        print("ERROR: missing 'file' argument")
+        exit(1)
+
+    if 'init_products' == args.command:
+        init_products(args.file)
+    else:
+        print("Command not found")
+
+if __name__ == '__main__':
+    global script_pathname
+    global srtool_basepath
+
+    srtool_scriptpath = os.path.dirname(os.path.dirname(os.path.abspath(sys.argv[0])))
+    srtool_basepath = os.path.dirname(srtool_scriptpath)
+    main(sys.argv[1:])