diff options
Diffstat (limited to 'lib/srtgui/reports.py')
-rw-r--r-- | lib/srtgui/reports.py | 1326 |
1 files changed, 1326 insertions, 0 deletions
diff --git a/lib/srtgui/reports.py b/lib/srtgui/reports.py new file mode 100644 index 00000000..f27beb34 --- /dev/null +++ b/lib/srtgui/reports.py @@ -0,0 +1,1326 @@ +# +# Security Response Tool Implementation +# +# Copyright (C) 2017-2018 Wind River Systems +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +# Please run flake8 on this file before sending patches + +import os +import re +import logging +import json +from collections import Counter +from datetime import datetime, date + +from orm.models import Cve, Vulnerability, Investigation, Defect, Product +from orm.models import SrtSetting, Access, Keywords + +from django.db.models import Q, F +from django.db import Error +from srtgui.templatetags.projecttags import filtered_filesizeformat + +logger = logging.getLogger("srt") + +SRT_BASE_DIR = os.environ['SRT_BASE_DIR'] +SRT_REPORT_DIR = '%s/reports' % SRT_BASE_DIR + +# quick development/debugging support +from srtgui.api import _log + +def _log_args(msg, *args, **kwargs): + s = '%s:(' % msg + if args: + for a in args: + s += '%s,' % a + s += '),(' + if kwargs: + for key, value in kwargs.items(): + s += '(%s=%s),' % (key,value) + s += ')' + _log(s) + +class Report(): + def __init__(self, parent_page, *args, **kwargs): + self.parent_page = parent_page + self.report_name = '%s%s' % (parent_page[0].upper(),parent_page[1:]) + self.title = self.report_name + self.request = kwargs['request'] + + def get_context_data(self, *args, **kwargs): + context = {} + context['title'] = self.title + context['parent_page'] = self.parent_page + context['report_name'] = self.report_name + context['report_enable_submit'] = '1' + # global variables + context['access'] = Access(int(self.request.session.get('srt_user_id', '0'))) + + return context + + def exec_report(self, *args, **kwargs): + return None + + +class ManagementReport(Report): + """Report for the Management Page""" + + def __init__(self, parent_page, *args, **kwargs): + _log_args("REPORT_MANAGEMENT_INIT(%s)" % parent_page, *args, **kwargs) + super(ManagementReport, self).__init__(parent_page, *args, **kwargs) + + def get_context_data(self, *args, **kwargs): + _log_args("REPORT_MANAGEMENT_CONTEXT", *args, **kwargs) + context = super(ManagementReport, self).get_context_data(*args, **kwargs) + + context['report_type_list'] = '\ + <option value="status">Overall Status</option> \ + <option value="vulnerabilities">Open Vulnerabilities</option> \ + <option value="investigations">Open Investigations</option> \ + ' + context['report_get_title'] = '1' + context['report_recordrange_list'] = '\ + <input type="radio" name="records" value="selected" checked> Selected<br> \ + ' + context['report_columnrange_list'] = '' + context['report_format_list'] = '\ + <input type="radio" name="format" value="txt" checked> Text<br> \ + <input type="radio" name="format" value="csv"> CSV<br> \ + ' + return context + + def exec_report(self, *args, **kwargs): + _log_args("REPORT_MANAGEMENT_EXEC", *args, **kwargs) + super(ManagementReport, self).exec_report(*args, **kwargs) + + request_POST = self.request.POST + + records = request_POST.get('records', '') + format = request_POST.get('format', '') + title = request_POST.get('title', '') + report_type = request_POST.get('report_type', '') + + report_name = '%s/management_%s_%s.%s' % (SRT_REPORT_DIR,report_type,datetime.today().strftime('%Y%m%d%H%M'),format) + with open(report_name, 'w') as file: + + if 'csv' == format: + tab = "\t" + else: + tab = " = " + + if 'status' == report_type: + if 'txt' == format: + file.write("Report : Management - Summary\n") + file.write("\n") + file.write("%s%s%s\n" % ('cve_total',tab,Cve.objects.all().count())) + file.write("%s%s%s\n" % ('cve_new',tab,Cve.objects.filter(status=Cve.NEW).count())) + file.write("%s%s%s\n" % ('cve_open',tab,Cve.objects.filter( Q(status=Cve.INVESTIGATE) & Q(status=Cve.VULNERABLE) ).count())) + file.write("%s%s%s\n" % ('vulnerability_total',tab,Vulnerability.objects.all().count())) + file.write("%s%s%s\n" % ('vulnerability_open',tab,Vulnerability.objects.filter(outcome=Vulnerability.OPEN).count())) + file.write("%s%s%s\n" % ('vulnerability_high',tab,Vulnerability.objects.filter(severity=Vulnerability.HIGH).count())) + file.write("%s%s%s\n" % ('vulnerability_medium',tab,Vulnerability.objects.filter(severity=Vulnerability.MEDIUM).count())) + file.write("%s%s%s\n" % ('vulnerability_low',tab,Vulnerability.objects.filter(severity=Vulnerability.HIGH).count())) + file.write("%s%s%s\n" % ('investigation_total',tab,Investigation.objects.all().count())) + file.write("%s%s%s\n" % ('investigation_open',tab,Investigation.objects.filter(outcome=Investigation.OPEN).count())) + file.write("%s%s%s\n" % ('investigation_high',tab,Investigation.objects.filter(severity=Investigation.HIGH).count())) + file.write("%s%s%s\n" % ('investigation_medium',tab,Investigation.objects.filter(severity=Investigation.MEDIUM).count())) + file.write("%s%s%s\n" % ('investigation_low',tab,Investigation.objects.filter(severity=Investigation.LOW).count())) + file.write("%s%s%s\n" % ('defect_total',tab,Defect.objects.all().count())) + + if 'vulnerabilities' == report_type: + if 'txt' == format: + file.write("Report : Management - Open Vulnerabilities\n") + file.write("\n") + else: + file.write("Name\tStatus\tOutcome\tSeverity\tComments\tCVEs\tInvestigations\n") + for v in Vulnerability.objects.filter(outcome=Vulnerability.OPEN): + if 'txt' == format: + file.write("Name: %s\n" % v.name) + file.write(" Status: %s\n" % v.get_status_text) + file.write(" Outcome: %s\n" % v.get_outcome_text) + file.write(" Severity: %s\n" % v.get_severity_text) + file.write(" Comments: %s\n" % v.comments) + file.write(" CVEs: ") + for i,vc in enumerate(v.vulnerability_to_cve.all()): + if i > 0: + file.write(",") + file.write("%s" % vc.cve.name) + file.write("\n") + file.write(" Investigations: ") + for i,investigation in enumerate(Investigation.objects.filter(vulnerability=v)): + if i > 0: + file.write(",") + file.write("%s" % investigation.name) + file.write("\n") + file.write("\n") + else: + file.write("%s\t%s\t%s\t%s\t%s\t" % (v.name,v.get_status_text,v.get_outcome_text,v.get_severity_text,v.comments)) + for i,vc in enumerate(v.vulnerability_to_cve.all()): + if i > 0: + file.write(",") + file.write("%s" % vc.cve.name) + file.write("\t") + for i,investigation in enumerate(Investigation.objects.filter(vulnerability=v)): + if i > 0: + file.write(",") + file.write("%s" % investigation.name) + file.write("\n") + + if 'investigations' == report_type: + if 'txt' == format: + file.write("Report : Management - Open Vulnerabilities\n") + file.write("\n") + else: + file.write("Name\tStatus\tOutcome\tSeverity\tComments\tDefects\n") + for investigation in Investigation.objects.filter(outcome=Vulnerability.OPEN): + if 'txt' == format: + file.write("Name: %s\n" % investigation.name) + file.write(" Status: %s\n" % investigation.get_status_text) + file.write(" Outcome: %s\n" % investigation.get_outcome_text) + file.write(" Severity: %s\n" % investigation.get_severity_text) + file.write(" Comments: %s\n" % investigation.comments) + file.write(" Defects: ") + for i,id in enumerate(investigation.investigation_to_defect.filter(investigation=investigation)): + if i > 0: + file.write(",") + file.write("%s" % id.defect.name) + file.write("\n") + file.write("\n") + else: + file.write("%s\t%s\t%s\t%s\t%s\t" % (investigation.name,investigation.get_status_text, + investigation.get_outcome_text,investigation.get_severity_text,investigation.comments)) + for i,id in enumerate(investigation.investigation_to_defect.filter(investigation=investigation)): + if i > 0: + file.write(",") + file.write("%s" % id.defect.name) + file.write("\n") + + return report_name,os.path.basename(report_name) + +class CveReport(Report): + """Report for the CVE Page""" + + def __init__(self, parent_page, *args, **kwargs): + _log_args("REPORT_CVE_INIT(%s)" % parent_page, *args, **kwargs) + super(CveReport, self).__init__(parent_page, *args, **kwargs) + + def get_context_data(self, *args, **kwargs): + _log_args("REPORT_CVE_CONTEXT", *args, **kwargs) + context = super(CveReport, self).get_context_data(*args, **kwargs) + + context['report_type_list'] = '\ + <option value="summary">CVE Summary</option> \ + <option value="audit">CVE Audit</option> \ + ' + context['report_get_title'] = '1' + context['report_recordrange_list'] = '\ + <input type="radio" name="records" value="selected" checked> Selected<br> \ + ' + context['report_columnrange_list'] = '' + context['report_format_list'] = '\ + <input type="radio" name="format" value="txt" checked> Text<br> \ + ' + context['report_custom_list'] = '\ + <input type="checkbox" class="checkbox-options" name="cvss_v2" value="cvss_v2"> CVSS_v2<br> \ + <input type="checkbox" class="checkbox-options" name="ref" type="ref"> References<br> \ + <input type="checkbox" class="checkbox-options" name="cpe" type="cpe"> CPE list<br> \ + ' + return context + + def exec_report(self, *args, **kwargs): + _log_args("REPORT_CVE_EXEC", *args, **kwargs) + super(CveReport, self).exec_report(*args, **kwargs) + + request_POST = self.request.POST + + records = request_POST.get('records', '') + format = request_POST.get('format', '') + title = request_POST.get('title', '') + report_type = request_POST.get('report_type', '') + record_list = request_POST.get('record_list', '') + + cvss_v2 = request_POST.get('cvss_v2', '') + ref_list = request_POST.get('ref', '') + cpe = request_POST.get('cpe', '') + + cve = Cve.objects.get(id=record_list) + + report_name = '%s/cve_%s_%s.%s' % (SRT_REPORT_DIR,report_type,datetime.today().strftime('%Y%m%d%H%M'),format) + with open(report_name, 'w') as file: + + if 'csv' == format: + tab = "\t" + else: + tab = " = " + + if ('summary' == report_type) or ('audit' == report_type): + if 'txt' == format: + file.write("Report : CVE %s - Summary\n" % cve.name) + file.write("\n") + file.write("%s%s%s\n" % ('source',tab,cve.source)) + file.write("%s%s%s\n" % ('status',tab,cve.status)) + file.write("%s%s%s\n" % ('cve_data_type',tab,cve.cve_data_type)) + file.write("%s%s%s\n" % ('cve_data_format',tab,cve.cve_data_format)) + file.write("%s%s%s\n" % ('cve_data_version',tab,cve.cve_data_version)) + file.write("%s%s%s\n" % ('description',tab,cve.description)) + file.write("\n") + + file.write("CVSS Version 3:\n") + file.write(" %s%s%s\n" % ('cvssV3_baseScore',tab,cve.cvssV3_baseScore)) + file.write(" %s%s%s\n" % ('cvssV3_baseSeverity',tab,cve.cvssV3_baseSeverity)) + file.write(" %s%s%s\n" % ('cvssV3_vectorString',tab,cve.cvssV3_vectorString)) + file.write(" %s%s%s\n" % ('cvssV3_exploitabilityScore',tab,cve.cvssV3_exploitabilityScore)) + file.write(" %s%s%s\n" % ('cvssV3_impactScore',tab,cve.cvssV3_impactScore)) + file.write(" %s%s%s\n" % ('cvssV3_attackVector',tab,cve.cvssV3_attackVector)) + file.write(" %s%s%s\n" % ('cvssV3_attackComplexity',tab,cve.cvssV3_attackComplexity)) + file.write(" %s%s%s\n" % ('cvssV3_privilegesRequired',tab,cve.cvssV3_privilegesRequired)) + file.write(" %s%s%s\n" % ('cvssV3_userInteraction',tab,cve.cvssV3_userInteraction)) + file.write(" %s%s%s\n" % ('cvssV3_scope',tab,cve.cvssV3_scope)) + file.write(" %s%s%s\n" % ('cvssV3_confidentialityImpact',tab,cve.cvssV3_confidentialityImpact)) + file.write(" %s%s%s\n" % ('cvssV3_integrityImpact',tab,cve.cvssV3_integrityImpact)) + file.write(" %s%s%s\n" % ('cvssV3_availabilityImpact',tab,cve.cvssV3_availabilityImpact)) + + if (cvss_v2): + file.write("\n") + file.write("CVSS Version 2:\n") + file.write(" %s%s%s\n" % ('cvssV2_baseScore',tab,cve.cvssV2_baseScore)) + file.write(" %s%s%s\n" % ('cvssV2_severity',tab,cve.cvssV2_severity)) + file.write(" %s%s%s\n" % ('cvssV2_vectorString',tab,cve.cvssV2_vectorString)) + file.write(" %s%s%s\n" % ('cvssV2_exploitabilityScore',tab,cve.cvssV2_exploitabilityScore)) + file.write(" %s%s%s\n" % ('cvssV2_impactScore',tab,cve.cvssV2_impactScore)) + file.write(" %s%s%s\n" % ('cvssV2_accessVector',tab,cve.cvssV2_accessVector)) + file.write(" %s%s%s\n" % ('cvssV2_accessComplexity',tab,cve.cvssV2_accessComplexity)) + file.write(" %s%s%s\n" % ('cvssV2_authentication',tab,cve.cvssV2_authentication)) + file.write(" %s%s%s\n" % ('cvssV2_confidentialityImpact',tab,cve.cvssV2_confidentialityImpact)) + file.write(" %s%s%s\n" % ('cvssV2_integrityImpact',tab,cve.cvssV2_integrityImpact)) + + if (ref_list): + file.write("\n") + file.write("References:\n") + for i,ref in enumerate(cve.references.all()): + file.write(" %s\n" % ref.hyperlink) + + if (cpe): + file.write("\n") + file.write("CPE Table:\n") + for cpe in cve.cpe_list.split("|"): + if '<config>' == cpe: + file.write(" Configation:\n") + elif '<and>' == cpe: + file.write(" * AND\n") + elif '<or>' == cpe: + file.write(" * OR\n") + else : + file.write(" %s\n" % cpe) + + if 'audit' == report_type: + + for cv in cve.cve_to_vulnerability.all(): + v = cv.vulnerability + file.write("\n") + file.write("-------------------------------------------\n") + file.write("Vulnerability: %s\n" % v.name) + file.write(" Status: %s\n" % v.get_status_text) + file.write(" Outcome: %s\n" % v.get_outcome_text) + file.write(" Severity: %s\n" % v.get_severity_text) + file.write(" Comments: %s\n" % v.comments) + file.write("\n") + file.write(" Investigations:\n") + for investigation in Investigation.objects.filter(vulnerability=v): + file.write(" Name: %s\n" % investigation.name) + file.write(" Status: %s\n" % investigation.get_status_text) + file.write(" Outcome: %s\n" % investigation.get_outcome_text) + file.write(" Severity: %s\n" % investigation.get_severity_text) + file.write(" Defects: ") + for i,id in enumerate(investigation.investigation_to_defect.all()): + if i > 0: + file.write(",") + file.write("%s (%s)" % (id.defect.name,id.defect.get_status_text)) + file.write("\n") + + file.write("\n") + file.write(" Comments:\n") + for i,vc in enumerate(v.vulnerability_comments.all()): + file.write(" %s (%s): %s\n" % (vc.date,vc.author,vc.comment)) + + file.write("\n") + file.write(" Audit Trail:\n") + for i,vh in enumerate(v.vulnerability_history.all()): + file.write(" %s (%s): %s\n" % (vh.date,vh.author,vh.comment)) + + file.write("\n") + else: + file.write("Investigations: no attached investigations as this time\n") + + return report_name,os.path.basename(report_name) + +class VulnerabilityReport(Report): + """Report for the Vulnerability Page""" + + def __init__(self, parent_page, *args, **kwargs): + _log_args("REPORT_VULNERABILITY_INIT(%s)" % parent_page, *args, **kwargs) + super(VulnerabilityReport, self).__init__(parent_page, *args, **kwargs) + + def get_context_data(self, *args, **kwargs): + _log_args("REPORT_VULNERABILITY_CONTEXT", *args, **kwargs) + context = super(VulnerabilityReport, self).get_context_data(*args, **kwargs) + + context['report_type_list'] = '\ + <option value="summary">Vulnerability Summary</option> \ + <option value="audit">Vulnerability Audit</option> \ + ' + context['report_get_title'] = '1' + context['report_recordrange_list'] = '\ + <input type="radio" name="records" value="selected" checked> Selected<br> \ + ' + context['report_columnrange_list'] = '' + context['report_format_list'] = '\ + <input type="radio" name="format" value="txt" checked> Text<br> \ + ' + return context + + def exec_report(self, *args, **kwargs): + _log_args("REPORT_VULNERABILITY_EXEC", *args, **kwargs) + super(VulnerabilityReport, self).exec_report(*args, **kwargs) + + request_POST = self.request.POST + + records = request_POST.get('records', '') + format = request_POST.get('format', '') + title = request_POST.get('title', '') + report_type = request_POST.get('report_type', '') + record_list = request_POST.get('record_list', '') + + v = Vulnerability.objects.get(id=record_list) + + report_name = '%s/vulnerability_%s_%s.%s' % (SRT_REPORT_DIR,report_type,datetime.today().strftime('%Y%m%d%H%M'),format) + with open(report_name, 'w') as file: + + if 'csv' == format: + tab = "\t" + else: + tab = " = " + + if ('summary' == report_type) or ('audit' == report_type): + if 'txt' == format: + file.write("Report : Vulnerability %s - Summary\n" % v.name) + file.write("\n") + + file.write("Vulnerability: %s\n" % v.name) + file.write(" Status: %s\n" % v.get_status_text) + file.write(" Outcome: %s\n" % v.get_outcome_text) + file.write(" Severity: %s\n" % v.get_severity_text) + file.write(" Comments: %s\n" % v.comments) + + file.write("\n") + file.write("Affected Products:\n") + found_p = False + for i,p in enumerate(v.get_affected_list): + found_p = True + file.write("%2d) Product: %s\n" % (i,p.product.long_name)) + found_i = False + for investigation in Investigation.objects.filter(vulnerability=v,product=p.product): + found_i = True + file.write(" Investigation: %s\n" % investigation.name) + file.write(" Status: %s\n" % investigation.get_status_text) + file.write(" Outcome: %s\n" % investigation.get_outcome_text) + file.write(" Severity: %s\n" % investigation.get_severity_text) + file.write(" Defects: ") + for j,id in enumerate(investigation.investigation_to_defect.all()): + if j > 0: + file.write(",") + file.write("%s (%s)" % (id.defect.name,id.defect.get_status_text)) + file.write("\n") + if not found_i: + file.write(" No investigations found\n") + if not found_p: + file.write(" No affected products found\n") + + file.write("\n") + file.write("Related Products:\n") + found_p = False + for i,p in enumerate(v.get_related_list): + found_p = True + file.write("%2d) Product: %s\n" % (i,p.product.long_name)) + if not found_p: + file.write(" No related products found\n") + + file.write("\n") + file.write("Comments:\n") + found_c = False + for i,vc in enumerate(v.vulnerability_comments.all()): + found_c = True + file.write(" %2d) %s (%s): %s\n" % (i,vc.date,vc.author,vc.comment)) + if not found_c: + file.write(" No comments found\n") + + if 'audit' == report_type: + file.write("\n") + file.write("Audit Trail:\n") + for i,vh in enumerate(v.vulnerability_history.all()): + file.write(" %2d) %s (%s): %s\n" % (i,vh.date,vh.author,vh.comment)) + + file.write("\n") + + return report_name,os.path.basename(report_name) + +class InvestigationReport(Report): + """Report for the Investigation Page""" + + def __init__(self, parent_page, *args, **kwargs): + _log_args("REPORT_INVESTIGATION_INIT(%s)" % parent_page, *args, **kwargs) + super(InvestigationReport, self).__init__(parent_page, *args, **kwargs) + + def get_context_data(self, *args, **kwargs): + _log_args("REPORT_INVESTIGATION_CONTEXT", *args, **kwargs) + context = super(InvestigationReport, self).get_context_data(*args, **kwargs) + + context['report_type_list'] = '\ + <option value="summary">Investigation Summary</option> \ + <option value="audit">Investigation Audit</option> \ + ' + context['report_get_title'] = '1' + context['report_recordrange_list'] = '\ + <input type="radio" name="records" value="selected" checked> Selected<br> \ + ' + context['report_columnrange_list'] = '' + context['report_format_list'] = '\ + <input type="radio" name="format" value="txt" checked> Text<br> \ + ' + return context + + def exec_report(self, *args, **kwargs): + _log_args("REPORT_INVESTIGATION_EXEC", *args, **kwargs) + super(InvestigationReport, self).exec_report(*args, **kwargs) + + request_POST = self.request.POST + + records = request_POST.get('records', '') + format = request_POST.get('format', '') + title = request_POST.get('title', '') + report_type = request_POST.get('report_type', '') + record_list = request_POST.get('record_list', '') + + investigation = Investigation.objects.get(id=record_list) + + report_name = '%s/investigation_%s_%s.%s' % (SRT_REPORT_DIR,report_type,datetime.today().strftime('%Y%m%d%H%M'),format) + with open(report_name, 'w') as file: + + if 'csv' == format: + tab = "\t" + else: + tab = " = " + + if ('summary' == report_type) or ('audit' == report_type): + if 'txt' == format: + file.write("Report : Investigation %s - Summary\n" % investigation.name) + file.write("\n") + + file.write("Name: %s\n" % investigation.name) + file.write(" Status: %s\n" % investigation.get_status_text) + file.write(" Outcome: %s\n" % investigation.get_outcome_text) + file.write(" Severity: %s\n" % investigation.get_severity_text) + file.write(" Defects: ") + for i,id in enumerate(investigation.investigation_to_defect.all()): + if i > 0: + file.write(",") + file.write("%s (%s)" % (id.defect.name,id.defect.get_status_text)) + file.write("\n") + + file.write("\n") + file.write("Comments:\n") + found_c = False + for i,vc in enumerate(investigation.investigation_comments.all()): + found_c = True + file.write(" %s (%s): %s\n" % (ic.date,ic.author,ic.comment)) + if not found_c: + file.write(" No comments found\n") + + if 'audit' == report_type: + file.write("\n") + file.write(" Audit Trail:\n") + for i,ih in enumerate(investigation.investigation_history.all()): + file.write(" %s (%s): %s\n" % (ih.date,ih.author,ih.comment)) + + file.write("\n") + + return report_name,os.path.basename(report_name) + +class DefectReport(Report): + """Report for the Defect Page""" + + def __init__(self, parent_page, *args, **kwargs): + _log_args("REPORT_DEFECT_INIT(%s)" % parent_page, *args, **kwargs) + super(DefectReport, self).__init__(parent_page, *args, **kwargs) + + def get_context_data(self, *args, **kwargs): + _log_args("REPORT_DEFECT_CONTEXT", *args, **kwargs) + context = super(DefectReport, self).get_context_data(*args, **kwargs) + + context['report_type_list'] = '\ + <option value="summary">Defect Summary</option> \ + ' + context['report_get_title'] = '1' + context['report_recordrange_list'] = '\ + <input type="radio" name="records" value="selected" checked> Selected<br> \ + ' + context['report_columnrange_list'] = '' + context['report_format_list'] = '\ + <input type="radio" name="format" value="txt" checked> Text<br> \ + <input type="radio" name="format" value="csv"> CSV<br> \ + ' + return context + + def exec_report(self, *args, **kwargs): + _log_args("REPORT_DEFECT_EXEC", *args, **kwargs) + super(DefectReport, self).exec_report(*args, **kwargs) + + request_POST = self.request.POST + + records = request_POST.get('records', '') + format = request_POST.get('format', '') + title = request_POST.get('title', '') + report_type = request_POST.get('report_type', '') + record_list = request_POST.get('record_list', '') + + report_name = '%s/defect_%s_%s.%s' % (SRT_REPORT_DIR,report_type,datetime.today().strftime('%Y%m%d%H%M'),format) + with open(report_name, 'w') as file: + + if 'csv' == format: + tab = "\t" + else: + tab = "," + + if ('summary' == report_type): + if 'csv' == format: + file.write("Name\tSummary\tPriority\tStatus\tResolution\tReleased Version\tURL\tInvestigations\tProduct\n") + if 'txt' == format: + file.write("Report : Defects Table\n") + file.write("\n") + file.write("Name,Summary,Priority,Status,Resolution,Released Version,URL,Investigations,Product\n") + + defect = Defect.objects.get(id=record_list) + file.write("%s%s" % (defect.name,tab)) + file.write("%s%s" % (defect.summary,tab)) + file.write("%s%s" % (defect.get_priority_text,tab)) + file.write("%s%s" % (defect.get_status_text,tab)) + file.write("%s%s" % (defect.get_resolution_text,tab)) + file.write("%s%s" % (defect.release_version,tab)) + file.write("%s%s" % (defect.publish,tab)) + file.write("%s%s" % (defect.url,tab)) + for i,di in enumerate(defect.defect_to_investigation.all()): + if i > 0: + file.write(" ") + file.write("%s" % (di.investigation.name)) + file.write("%s" % tab) + tab='' # EOL + file.write("%s%s" % (defect.product.long_name,tab)) + file.write("\n") + + return report_name,os.path.basename(report_name) + + +class CvesReport(Report): + """Report for the CVEs Page""" + + def __init__(self, parent_page, *args, **kwargs): + _log_args("REPORT_CVES_INIT(%s)" % parent_page, *args, **kwargs) + super(CvesReport, self).__init__(parent_page, *args, **kwargs) + + def get_context_data(self, *args, **kwargs): + _log_args("REPORT_CVES_CONTEXT", *args, **kwargs) + context = super(CvesReport, self).get_context_data(*args, **kwargs) + + context['report_type_list'] = '\ + <option value="summary">CVEs Table</option> \ + ' + context['report_get_title'] = '1' + context['report_recordrange_list'] = '\ + <input type="radio" name="records" value="selected" checked> Selected<br> \ + ' + context['report_columnrange_list'] = '' + context['report_format_list'] = '\ + <input type="radio" name="format" value="txt" checked> Text<br> \ + <input type="radio" name="format" value="csv"> CSV<br> \ + ' + return context + + def exec_report(self, *args, **kwargs): + _log_args("REPORT_CVES_EXEC", *args, **kwargs) + super(CvesReport, self).exec_report(*args, **kwargs) + + request_POST = self.request.POST + + records = request_POST.get('records', '') + format = request_POST.get('format', '') + title = request_POST.get('title', '') + report_type = request_POST.get('report_type', '') + record_list = request_POST.get('record_list', '') + + report_name = '%s/cves_%s_%s.%s' % (SRT_REPORT_DIR,report_type,datetime.today().strftime('%Y%m%d%H%M'),format) + with open(report_name, 'w') as file: + + if 'csv' == format: + tab = "\t" + else: + tab = "," + + if ('summary' == report_type): + if 'csv' == format: + file.write("Name\tStatus\tType\tFormat\tVersion\tVulnerabilities\tDescription\n") + if 'txt' == format: + file.write("Report : CVEs Table\n") + file.write("\n") + file.write("Name,Status,Type,Format,Version,Vulnerabilities,Description\n") + + for id in record_list.split(','): + if not id: + continue + cve = Cve.objects.get(id=id) + file.write("%s%s" % (cve.name,tab)) + file.write("%s%s" % (cve.get_status_text,tab)) + file.write("%s%s" % (cve.cve_data_type,tab)) + file.write("%s%s" % (cve.cve_data_format,tab)) + file.write("%s%s" % (cve.cve_data_version,tab)) + + for i,cv in enumerate(cve.cve_to_vulnerability.all()): + if i > 0: + file.write(" ") + file.write("%s" % cv.vulnerability.name) + file.write("%s" % tab) + + file.write("%s%s" % (cve.description,tab)) + file.write("\n") + + return report_name,os.path.basename(report_name) + +class SelectCvesReport(Report): + """Report for the Select CVEs Page""" + + def __init__(self, parent_page, *args, **kwargs): + _log_args("REPORT_SELECTCVES_INIT(%s)" % parent_page, *args, **kwargs) + super(SelectCvesReport, self).__init__(parent_page, *args, **kwargs) + + def get_context_data(self, *args, **kwargs): + _log_args("REPORT_SELECTCVES_CONTEXT", *args, **kwargs) + context = super(SelectCvesReport, self).get_context_data(*args, **kwargs) + + context['report_type_list'] = '\ + <option value="summary">CVEs Table</option> \ + ' + context['report_get_title'] = '1' + context['report_recordrange_list'] = '\ + <input type="radio" name="records" value="selected" checked> Selected<br> \ + ' + context['report_columnrange_list'] = '' + context['report_format_list'] = '\ + <input type="radio" name="format" value="txt" checked> Text<br> \ + <input type="radio" name="format" value="csv"> CSV<br> \ + ' + return context + + def exec_report(self, *args, **kwargs): + _log_args("REPORT_SELECTCVES_EXEC", *args, **kwargs) + super(SelectCvesReport, self).exec_report(*args, **kwargs) + + request_POST = self.request.POST + + records = request_POST.get('records', '') + format = request_POST.get('format', '') + title = request_POST.get('title', '') + report_type = request_POST.get('report_type', '') + record_list = request_POST.get('record_list', '') + + report_name = '%s/select_cves_%s_%s.%s' % (SRT_REPORT_DIR,report_type,datetime.today().strftime('%Y%m%d%H%M'),format) + with open(report_name, 'w') as file: + + if 'csv' == format: + tab = "\t" + else: + tab = "," + + if ('summary' == report_type): + if 'csv' == format: + file.write("Name\tStatus\tType\tFormat\tVersion\tVulnerabilities\tDescription\n") + if 'txt' == format: + file.write("Report : CVEs Table\n") + file.write("\n") + file.write("Name,Status,Type,Format,Version,Vulnerabilities,Description\n") + + for id in record_list.split(','): + if not id: + continue + cve = Cve.objects.get(id=id) + file.write("%s%s" % (cve.name,tab)) + file.write("%s%s" % (cve.get_status_text,tab)) + file.write("%s%s" % (cve.cve_data_type,tab)) + file.write("%s%s" % (cve.cve_data_format,tab)) + file.write("%s%s" % (cve.cve_data_version,tab)) + + for i,cv in enumerate(cve.cve_to_vulnerability.all()): + if i > 0: + file.write(" ") + file.write("%s" % cv.vulnerability.name) + file.write("%s" % tab) + + file.write("%s%s" % (cve.description,tab)) + file.write("\n") + + return report_name,os.path.basename(report_name) + +class VulnerabilitiesReport(Report): + """Report for the Vulnerabilities Page""" + + def __init__(self, parent_page, *args, **kwargs): + _log_args("REPORT_VULNERABILITIES_INIT(%s)" % parent_page, *args, **kwargs) + super(VulnerabilitiesReport, self).__init__(parent_page, *args, **kwargs) + + def get_context_data(self, *args, **kwargs): + _log_args("REPORT_VULNERABILITIES_CONTEXT", *args, **kwargs) + context = super(VulnerabilitiesReport, self).get_context_data(*args, **kwargs) + + context['report_type_list'] = '\ + <option value="summary">Vulnerabilities Table</option> \ + ' + context['report_get_title'] = '1' + context['report_recordrange_list'] = '\ + <input type="radio" name="records" value="selected" checked> Selected<br> \ + ' + context['report_columnrange_list'] = '' + context['report_format_list'] = '\ + <input type="radio" name="format" value="txt" checked> Text<br> \ + <input type="radio" name="format" value="csv"> CSV<br> \ + ' + return context + + def exec_report(self, *args, **kwargs): + _log_args("REPORT_VULNERABILITIES_EXEC", *args, **kwargs) + super(VulnerabilitiesReport, self).exec_report(*args, **kwargs) + + request_POST = self.request.POST + + records = request_POST.get('records', '') + format = request_POST.get('format', '') + title = request_POST.get('title', '') + report_type = request_POST.get('report_type', '') + record_list = request_POST.get('record_list', '') + + report_name = '%s/vulnerabilities_%s_%s.%s' % (SRT_REPORT_DIR,report_type,datetime.today().strftime('%Y%m%d%H%M'),format) + with open(report_name, 'w') as file: + + if 'csv' == format: + tab = "\t" + else: + tab = "," + + if ('summary' == report_type): + if 'csv' == format: + file.write("Name\tStatus\tOutcome\tSeverity\tCVEs\tInvestigations\n") + if 'txt' == format: + file.write("Report : Investigations Table\n") + file.write("\n") + file.write("Name,Status,Outcome,Severity,CVEs,Investigations\n") + + for id in record_list.split(','): + if not id: + continue + v = Vulnerability.objects.get(id=id) + file.write("%s%s" % (v.name,tab)) + file.write("%s%s" % (v.get_status_text,tab)) + file.write("%s%s" % (v.get_outcome_text,tab)) + file.write("%s%s" % (v.get_severity_text,tab)) + for i,vc in enumerate(v.vulnerability_to_cve.all()): + if i > 0: + file.write(" ") + file.write("%s" % vc.cve.name) + file.write("%s" % tab) + for i,investigation in enumerate(Investigation.objects.filter(vulnerability=v)): + if i > 0: + file.write(" ") + file.write("%s" % investigation.name) + #file.write("%s" % tab) + file.write("\n") + + return report_name,os.path.basename(report_name) + +class InvestigationsReport(Report): + """Report for the Investigations Page""" + + def __init__(self, parent_page, *args, **kwargs): + _log_args("REPORT_INVESTIGATIONS_INIT(%s)" % parent_page, *args, **kwargs) + super(InvestigationsReport, self).__init__(parent_page, *args, **kwargs) + + def get_context_data(self, *args, **kwargs): + _log_args("REPORT_INVESTIGATIONS_CONTEXT", *args, **kwargs) + context = super(InvestigationsReport, self).get_context_data(*args, **kwargs) + + context['report_type_list'] = '\ + <option value="summary">Investigations Table</option> \ + ' + context['report_get_title'] = '1' + context['report_recordrange_list'] = '\ + <input type="radio" name="records" value="selected" checked> Selected<br> \ + ' + context['report_columnrange_list'] = '' + context['report_format_list'] = '\ + <input type="radio" name="format" value="txt" checked> Text<br> \ + <input type="radio" name="format" value="csv"> CSV<br> \ + ' + return context + + def exec_report(self, *args, **kwargs): + _log_args("REPORT_INVESTIGATIONS_EXEC", *args, **kwargs) + super(InvestigationsReport, self).exec_report(*args, **kwargs) + + request_POST = self.request.POST + + records = request_POST.get('records', '') + format = request_POST.get('format', '') + title = request_POST.get('title', '') + report_type = request_POST.get('report_type', '') + record_list = request_POST.get('record_list', '') + + report_name = '%s/investigations_%s_%s.%s' % (SRT_REPORT_DIR,report_type,datetime.today().strftime('%Y%m%d%H%M'),format) + with open(report_name, 'w') as file: + + if 'csv' == format: + tab = "\t" + else: + tab = "," + + if ('summary' == report_type): + if 'csv' == format: + file.write("Name\tStatus\tOutcome\tSeverity\tProduct\tDefects\n") + if 'txt' == format: + file.write("Report : Investigations Table\n") + file.write("\n") + file.write("Name,Status,Outcome,Severity,Product,Defects\n") + + for id in record_list.split(','): + if not id: + continue + investigation = Investigation.objects.get(id=id) + file.write("%s%s" % (investigation.name,tab)) + file.write("%s%s" % (investigation.get_status_text,tab)) + file.write("%s%s" % (investigation.get_outcome_text,tab)) + file.write("%s%s" % (investigation.get_severity_text,tab)) + file.write("%s%s" % (investigation.product.long_name,tab)) + for i,id in enumerate(investigation.investigation_to_defect.all()): + if i > 0: + file.write(" ") + file.write("%s (%s)" % (id.defect.name,id.defect.get_status_text)) + #file.write("%s" % tab) + file.write("\n") + + return report_name,os.path.basename(report_name) + +class DefectsReport(Report): + """Report for the Defects Page""" + + def __init__(self, parent_page, *args, **kwargs): + _log_args("REPORT_DEFECTS_INIT(%s)" % parent_page, *args, **kwargs) + super(DefectsReport, self).__init__(parent_page, *args, **kwargs) + + def get_context_data(self, *args, **kwargs): + _log_args("REPORT_DEFECTS_CONTEXT", *args, **kwargs) + context = super(DefectsReport, self).get_context_data(*args, **kwargs) + + context['report_type_list'] = '\ + <option value="summary">Defects Table</option> \ + ' + context['report_get_title'] = '1' + context['report_recordrange_list'] = '\ + <input type="radio" name="records" value="selected" checked> Selected<br> \ + ' + context['report_columnrange_list'] = '' + context['report_format_list'] = '\ + <input type="radio" name="format" value="txt" checked> Text<br> \ + <input type="radio" name="format" value="csv"> CSV<br> \ + ' + return context + + def exec_report(self, *args, **kwargs): + _log_args("REPORT_DEFECTS_EXEC", *args, **kwargs) + super(DefectsReport, self).exec_report(*args, **kwargs) + + request_POST = self.request.POST + + records = request_POST.get('records', '') + format = request_POST.get('format', '') + title = request_POST.get('title', '') + report_type = request_POST.get('report_type', '') + record_list = request_POST.get('record_list', '') + + report_name = '%s/defects_%s_%s.%s' % (SRT_REPORT_DIR,report_type,datetime.today().strftime('%Y%m%d%H%M'),format) + with open(report_name, 'w') as file: + + if 'csv' == format: + tab = "\t" + else: + tab = "," + + if ('summary' == report_type): + if 'csv' == format: + file.write("Name\tSummary\tPriority\tStatus\tResolution\tReleased Version\tURL\tInvestigations\tProduct\n") + if 'txt' == format: + file.write("Report : Defects Table\n") + file.write("\n") + file.write("Name,Summary,Priority,Status,Resolution,Released Version,URL,Investigations,Product\n") + + for id in record_list.split(','): + if not id: + continue + defect = Defect.objects.get(id=id) + file.write("%s%s" % (defect.name,tab)) + file.write("%s%s" % (defect.summary,tab)) + file.write("%s%s" % (defect.get_priority_text,tab)) + file.write("%s%s" % (defect.get_status_text,tab)) + file.write("%s%s" % (defect.get_resolution_text,tab)) + file.write("%s%s" % (defect.release_version,tab)) + file.write("%s%s" % (defect.publish,tab)) + file.write("%s%s" % (defect.url,tab)) + for i,di in enumerate(defect.defect_to_investigation.all()): + if i > 0: + file.write(" ") + file.write("%s" % (di.investigation.name)) + file.write("%s" % tab) + tab='' # EOL + file.write("%s%s" % (defect.product.long_name,tab)) + file.write("\n") + + return report_name,os.path.basename(report_name) + +class ProductsReport(Report): + """Report for the Products Page""" + + def __init__(self, parent_page, *args, **kwargs): + _log_args("REPORT_PRODUCTS_INIT(%s)" % parent_page, *args, **kwargs) + super(ProductsReport, self).__init__(parent_page, *args, **kwargs) + + def get_context_data(self, *args, **kwargs): + _log_args("REPORT_PRODUCTS_CONTEXT", *args, **kwargs) + context = super(ProductsReport, self).get_context_data(*args, **kwargs) + + context['report_type_list'] = '\ + <option value="summary">Products Table</option> \ + ' + context['report_get_title'] = '1' + context['report_recordrange_list'] = '\ + <input type="radio" name="records" value="selected" checked> Selected<br> \ + ' + context['report_columnrange_list'] = '' + context['report_format_list'] = '\ + <input type="radio" name="format" value="txt" checked> Text<br> \ + <input type="radio" name="format" value="csv"> CSV<br> \ + ' + return context + + def exec_report(self, *args, **kwargs): + _log_args("REPORT_PRODUCTS_EXEC", *args, **kwargs) + super(ProductsReport, self).exec_report(*args, **kwargs) + + request_POST = self.request.POST + + records = request_POST.get('records', '') + format = request_POST.get('format', '') + title = request_POST.get('title', '') + report_type = request_POST.get('report_type', '') + record_list = request_POST.get('record_list', '') + + report_name = '%s/products_%s_%s.%s' % (SRT_REPORT_DIR,report_type,datetime.today().strftime('%Y%m%d%H%M'),format) + with open(report_name, 'w') as file: + + if 'csv' == format: + tab = "\t" + else: + tab = "," + + if ('summary' == report_type): + if 'csv' == format: + file.write("Name\tVersion\tProfile\tCPE\tSRT SPE\tInvestigations\tDefects\n") + if 'txt' == format: + file.write("Report : Investigations Table\n") + file.write("\n") + file.write("Name,Version,Profile,CPE,SRT SPE,Investigations,Defects\n") + + for id in record_list.split(','): + if not id: + continue + product = Product.objects.get(id=id) + file.write("%s%s" % (product.name,tab)) + file.write("%s%s" % (product.version,tab)) + file.write("%s%s" % (product.profile,tab)) + file.write("%s%s" % (product.cpe,tab)) + file.write("%s%s" % (product.srt_cpe,tab)) + file.write("%s%s" % (product.defect_prefix,tab)) + for i,pi in enumerate(product.product_investigation.all()): + if i > 0: + file.write(" ") + file.write("%s" % (pi.name)) + file.write("%s" % tab) + for i,pd in enumerate(product.product_defect.all()): + if i > 0: + file.write(" ") + file.write("%s" % (pd.name)) + #file.write("%s" % tab) + file.write("\n") + + return report_name,os.path.basename(report_name) + +class PublishCveReport(Report): + """Report for the Publish Cve Page""" + + def __init__(self, parent_page, *args, **kwargs): + _log_args("REPORT_PUBLISHCVE_INIT(%s)" % parent_page, *args, **kwargs) + super(PublishCveReport, self).__init__(parent_page, *args, **kwargs) + + def get_context_data(self, *args, **kwargs): + _log_args("REPORT_PUBLISHCVE_CONTEXT", *args, **kwargs) + context = super(PublishCveReport, self).get_context_data(*args, **kwargs) + + context['report_type_list'] = '\ + <option value="summary">CVE Publish Request Table</option> \ + ' + context['report_get_title'] = '1' + context['report_recordrange_list'] = '\ + <input type="radio" name="records" value="selected" checked> Selected<br> \ + ' + context['report_columnrange_list'] = '' + context['report_format_list'] = '\ + <input type="radio" name="format" value="txt" checked> Text<br> \ + <input type="radio" name="format" value="csv"> CSV<br> \ + ' + return context + + def exec_report(self, *args, **kwargs): + _log_args("REPORT_PUBLISHCVE_EXEC", *args, **kwargs) + super(PublishCveReport, self).exec_report(*args, **kwargs) + + _log("FOO1") + request_POST = self.request.POST + + records = request_POST.get('records', '') + format = request_POST.get('format', '') + title = request_POST.get('title', '') + report_type = request_POST.get('report_type', '') + record_list = request_POST.get('record_list', '') + + _log("FOO2 (%s,%s,%s" % (record_list,format,report_type)) + report_name = '%s/cve_publish_%s_%s.%s' % (SRT_REPORT_DIR,report_type,datetime.today().strftime('%Y%m%d%H%M'),format) + with open(report_name, 'w') as file: + + _log("FOO3") + if 'csv' == format: + tab = "\t" + else: + tab = "," + + if ('summary' == report_type): + if 'csv' == format: + file.write("Name\tStatus\tType\tFormat\tVersion\tVulnerabilities\tDescription\n") + if 'txt' == format: + file.write("Report : CVEs Table\n") + file.write("\n") + file.write("Name,Status,Type,Format,Version,Vulnerabilities,Description\n") + + _log("FOO4") + for id in record_list.split(','): + _log("FOO5:%s" % id) + if not id: + continue + try: + cve = Cve.objects.get(id=id) + file.write("%s%s" % (cve.name,tab)) + file.write("%s%s" % (cve.get_status_text,tab)) + file.write("%s%s" % (cve.cve_data_type,tab)) + file.write("%s%s" % (cve.cve_data_format,tab)) + file.write("%s%s" % (cve.cve_data_version,tab)) + + for i,cv in enumerate(cve.cve_to_vulnerability.all()): + if i > 0: + file.write(" ") + file.write("%s" % cv.vulnerability.name) + file.write("%s" % tab) + + file.write("%s" % (cve.description)) + file.write("\n") + except Exception as e: + _log("FOOX:%s" % e) + + _log("FOO9:%s" % (report_name)) + return report_name,os.path.basename(report_name) + +class PublishPendingCveReport(Report): + """Report for the Publish Cve Page""" + + def __init__(self, parent_page, *args, **kwargs): + _log_args("REPORT_PUBLISHPENDINGCVE_INIT(%s)" % parent_page, *args, **kwargs) + super(PublishPendingCveReport, self).__init__(parent_page, *args, **kwargs) + + def get_context_data(self, *args, **kwargs): + _log_args("REPORT_PUBLISHPENDINGCVE_CONTEXT", *args, **kwargs) + context = super(PublishPendingCveReport, self).get_context_data(*args, **kwargs) + context['report_type_list'] = '\ + <option value="summary">CVE Publish Request Table</option> \ + ' + context['report_get_title'] = '1' + context['report_recordrange_list'] = '\ + <input type="radio" name="records" value="selected" checked> Selected<br> \ + ' + context['report_columnrange_list'] = '' + context['report_format_list'] = '\ + <input type="radio" name="format" value="txt" checked> Text<br> \ + <input type="radio" name="format" value="csv"> CSV<br> \ + ' + return context + + def exec_report(self, *args, **kwargs): + _log_args("REPORT_PUBLISHPENDINGCVE_EXEC", *args, **kwargs) + super(PublishPendingCveReport, self).exec_report(*args, **kwargs) + + _log("FOO1") + request_POST = self.request.POST + + records = request_POST.get('records', '') + format = request_POST.get('format', '') + title = request_POST.get('title', '') + report_type = request_POST.get('report_type', '') + record_list = request_POST.get('record_list', '') + + _log("FOO2 (%s,%s,%s" % (record_list,format,report_type)) + report_name = '%s/cve_publish_%s_%s.%s' % (SRT_REPORT_DIR,report_type,datetime.today().strftime('%Y%m%d%H%M'),format) + with open(report_name, 'w') as file: + + _log("FOO3") + if 'csv' == format: + tab = "\t" + else: + tab = "," + + if ('summary' == report_type): + if 'csv' == format: + file.write("Name\tStatus\tType\tFormat\tVersion\tVulnerabilities\tDescription\n") + if 'txt' == format: + file.write("Report : CVEs Table\n") + file.write("\n") + file.write("Name,Status,Type,Format,Version,Vulnerabilities,Description\n") + + _log("FOO4") + for id in record_list.split(','): + if not id: + continue + _log("FOO5:%s" % id) + try: + cve = Cve.objects.get(id=id) + file.write("%s%s" % (cve.name,tab)) + file.write("%s%s" % (cve.get_status_text,tab)) + file.write("%s%s" % (cve.cve_data_type,tab)) + file.write("%s%s" % (cve.cve_data_format,tab)) + file.write("%s%s" % (cve.cve_data_version,tab)) + + for i,cv in enumerate(cve.cve_to_vulnerability.all()): + if i > 0: + file.write(" ") + file.write("%s" % cv.vulnerability.name) + file.write("%s" % tab) + + file.write("%s" % (cve.description)) + file.write("\n") + except Exception as e: + _log("FOOX:%s" % e) + + _log("FOO9:%s" % (report_name)) + return report_name,os.path.basename(report_name) + +class DefaultReport(Report): + """Report for the Default Page""" + + def __init__(self, parent_page, *args, **kwargs): + _log_args("REPORT_GENERIC_INIT(%s)" % parent_page, *args, **kwargs) + super(DefaultReport, self).__init__(parent_page, *args, **kwargs) + self.default_orderby = "name" + + def get_context_data(self, *args, **kwargs): + _log_args("REPORT_GENERIC_CONTEXT", *args, **kwargs) + context = super(DefaultReport, self).get_context_data(*args, **kwargs) + context['report_enable_submit'] = '' + + #context['report_recordrange_list'] = '\ + # <input type="radio" name="records" value="selected" checked> Selected<br> \ + # <input type="radio" name="records" value="all"> all<br> \ + #context['report_columnrange_list'] = '' + # <input type="radio" name="columns" value="selected" checked> Selected<br> + # <input type="radio" name="columns" value="all"> All<br> + #context['report_format_list'] = '\ + # <input type="radio" name="format" value="txt" checked> Text<br> \ + # <input type="radio" name="format" value="csv"> CSV<br> \ + # <input type="radio" name="format" value="rtf"> RTF<br> + # <input type="radio" name="format" value="xml"> XML<br> + # <input type="radio" name="format" value="json"> CVE NIST JSON<br> + + return context + + def exec_report(self, *args, **kwargs): + _log_args("REPORT_GENERIC_EXEC", *args, **kwargs) + super(ManagementReport, self).exec_report(*args, **kwargs) + return None + + +class ReportManager(): + @staticmethod + def get_report_class(parent_page, *args, **kwargs): + if ('management' == parent_page) or ('manage' == parent_page): + return ManagementReport(parent_page, *args, **kwargs) + + elif 'cve' == parent_page: + return CveReport(parent_page, *args, **kwargs) + elif 'vulnerability' == parent_page: + return VulnerabilityReport(parent_page, *args, **kwargs) + elif 'investigation' == parent_page: + return InvestigationReport(parent_page, *args, **kwargs) + elif 'defect' == parent_page: + return DefectReport(parent_page, *args, **kwargs) + + elif 'cves' == parent_page: + return CvesReport(parent_page, *args, **kwargs) + elif 'select-cves' == parent_page: + return SelectCvesReport(parent_page, *args, **kwargs) + elif 'vulnerabilities' == parent_page: + return VulnerabilitiesReport(parent_page, *args, **kwargs) + elif 'investigations' == parent_page: + return InvestigationsReport(parent_page, *args, **kwargs) + elif 'defects' == parent_page: + return DefectsReport(parent_page, *args, **kwargs) + elif 'products' == parent_page: + return ProductsReport(parent_page, *args, **kwargs) + + elif 'select-publish' == parent_page: + return PublishCveReport(parent_page, *args, **kwargs) + elif 'update-published' == parent_page: + return PublishPendingCveReport(parent_page, *args, **kwargs) + + + else: + return DefaultReport(parent_page, *args, **kwargs) + + @staticmethod + def get_context_data(parent_page, *args, **kwargs): + reporter = ReportManager.get_report_class(parent_page, *args, **kwargs) + return reporter.get_context_data(*args, **kwargs) + + @staticmethod + def exec_report(parent_page, *args, **kwargs): + reporter = ReportManager.get_report_class(parent_page, *args, **kwargs) + return reporter.exec_report(*args, **kwargs) |