aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--lib/srtgui/api.py17
-rw-r--r--lib/srtgui/reports.py13
-rw-r--r--lib/srtgui/tables.py37
-rw-r--r--lib/srtgui/templatetags/objects_to_dictionaries_filter.py1
-rw-r--r--lib/srtgui/templatetags/projecttags.py32
-rw-r--r--lib/srtgui/typeaheads.py3
-rw-r--r--lib/srtgui/urls.py8
-rw-r--r--lib/srtgui/views.py47
-rw-r--r--lib/srtgui/widgets.py156
9 files changed, 110 insertions, 204 deletions
diff --git a/lib/srtgui/api.py b/lib/srtgui/api.py
index d9e49ef0..7fbfc1e3 100644
--- a/lib/srtgui/api.py
+++ b/lib/srtgui/api.py
@@ -20,19 +20,10 @@
import os
import sys
-import re
import logging
-import json
-from collections import Counter
import subprocess
-from django.http import HttpResponse, JsonResponse
-from django.views.generic import View
-from django.urls import reverse
-from django.db.models import Q, F
-from django.db import Error
-
-from srtgui.templatetags.projecttags import filtered_filesizeformat
+from django.http import JsonResponse
logger = logging.getLogger("srt")
@@ -82,8 +73,8 @@ def execute_process(*args):
# Extract Upstream CVE record details
#
-def readCveDetails_Upstream(cve,cve_datasource):
- from orm.models import CveDetail, DataSource
+def readCveDetails_Upstream(cve, cve_datasource):
+ from orm.models import CveDetail
# Initialize and populate CveDetail object to return
v = CveDetail()
@@ -211,8 +202,6 @@ def readCveDetails_None(cve):
def readCveDetails(cve,cve_datasource):
- from orm.models import CveDetail
-
if None == cve_datasource:
return readCveDetails_None(cve)
elif "Local" == cve_datasource.name:
diff --git a/lib/srtgui/reports.py b/lib/srtgui/reports.py
index 21fca2dc..a7de4ca4 100644
--- a/lib/srtgui/reports.py
+++ b/lib/srtgui/reports.py
@@ -19,20 +19,15 @@
# Please run flake8 on this file before sending patches
import os
-import re
import logging
-import json
-from collections import Counter
-from datetime import datetime, date
+from datetime import datetime
import csv
from orm.models import Cve, CveSource, Vulnerability, Investigation, Defect, Product
-from orm.models import SrtSetting, Package
-from srtgui.api import readCveDetails, writeCveDetails, summaryCveDetails
+from orm.models import Package
+from srtgui.api import readCveDetails, summaryCveDetails
-from django.db.models import Q, F
-from django.db import Error
-from srtgui.templatetags.projecttags import filtered_filesizeformat
+from django.db.models import Q
logger = logging.getLogger("srt")
diff --git a/lib/srtgui/tables.py b/lib/srtgui/tables.py
index 115f49b4..0535a7a1 100644
--- a/lib/srtgui/tables.py
+++ b/lib/srtgui/tables.py
@@ -20,26 +20,18 @@
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
from srtgui.widgets import ToasterTable
-from orm.models import SrtSetting
from orm.models import Cve, Vulnerability, Investigation, CweTable, Product
-from orm.models import Package, PackageToCve
+from orm.models import Package
from orm.models import CpeTable, CpeFilter, Defect, DataSource
from orm.models import PublishPending
-from orm.models import Notify, NotifyAccess, NotifyCategories
-from users.models import SrtUser, UserSafe
+from orm.models import Notify, NotifyCategories
+from users.models import UserSafe
-from django.db.models import Q, Max, Sum, Count, When, Case, Value, IntegerField
-from django.conf.urls import url
-from django.urls import reverse, resolve
-from django.http import HttpResponse
-from django.views.generic import TemplateView
+from django.db.models import Q
from srtgui.tablefilter import TableFilter
from srtgui.tablefilter import TableFilterActionToggle
-from srtgui.tablefilter import TableFilterActionDateRange
-from srtgui.tablefilter import TableFilterActionDay
-import os
import re
# quick development/debugging support
@@ -66,27 +58,6 @@ class CvesTable(ToasterTable):
Cve.STATUS[status][1],
Q(status=Cve.STATUS[status][0]))
)
- if False:
- is_status.add_action(TableFilterActionToggle(
- "new",
- "New",
- Q(status=Cve.NEW))
- )
- is_status.add_action(TableFilterActionToggle(
- "investigate",
- "Investigate",
- Q(status=Cve.INVESTIGATE))
- )
- is_status.add_action(TableFilterActionToggle(
- "vulnerable",
- "Is Vulnerable",
- Q(status=Cve.VULNERABLE))
- )
- is_status.add_action(TableFilterActionToggle(
- "not_vulnerable",
- "Not Vulnerable",
- Q(status=Cve.NOT_VULNERABLE))
- )
self.add_filter(is_status)
# Recommends filter
diff --git a/lib/srtgui/templatetags/objects_to_dictionaries_filter.py b/lib/srtgui/templatetags/objects_to_dictionaries_filter.py
index 0dcc7d27..b6c18a86 100644
--- a/lib/srtgui/templatetags/objects_to_dictionaries_filter.py
+++ b/lib/srtgui/templatetags/objects_to_dictionaries_filter.py
@@ -1,5 +1,4 @@
from django import template
-import json
register = template.Library()
diff --git a/lib/srtgui/templatetags/projecttags.py b/lib/srtgui/templatetags/projecttags.py
index 6b3132ed..d7bc5319 100644
--- a/lib/srtgui/templatetags/projecttags.py
+++ b/lib/srtgui/templatetags/projecttags.py
@@ -20,13 +20,11 @@
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
import os
-from datetime import datetime, timedelta
from os.path import relpath
import re
import json as JsonLib
from django import template
-from django.utils import timezone
from django.template.defaultfilters import filesizeformat
from django.utils.safestring import mark_safe
from django.contrib.auth.models import Group
@@ -84,21 +82,18 @@ def json(value, default = None):
@register.filter("whitespace_slice")
def whitespace_space_filter(value, arg):
- try:
- bits = []
- for x in arg.split(":"):
- if len(x) == 0:
- bits.append(None)
+ bits = []
+ for x in arg.split(":"):
+ if len(x) == 0:
+ bits.append(None)
+ else:
+ # convert numeric value to the first whitespace after
+ first_whitespace = value.find(" ", int(x))
+ if first_whitespace == -1:
+ bits.append(int(x))
else:
- # convert numeric value to the first whitespace after
- first_whitespace = value.find(" ", int(x))
- if first_whitespace == -1:
- bits.append(int(x))
- else:
- bits.append(first_whitespace)
- return value[slice(*bits)]
- except (ValueError, TypeError):
- raise
+ bits.append(first_whitespace)
+ return value[slice(*bits)]
@register.filter
def divide(value, arg):
@@ -190,8 +185,8 @@ def check_filter_status(options, filter):
def variable_parent_name(value):
""" filter extended variable names to the parent name
"""
- value=re.sub('_\$.*', '', value)
- return re.sub('_[a-z].*', '', value)
+ value=re.sub(r'_\$.*', '', value)
+ return re.sub(r'_[a-z].*', '', value)
@register.filter
def filter_setin_files(file_list, matchstr):
@@ -256,7 +251,6 @@ def filter_sizeovertotal(package_object, total_size):
return '{:.1%}'.format(float(size)/float(total_size))
-from django.utils.safestring import mark_safe
@register.filter
def format_vpackage_rowclass(size):
if size == -1:
diff --git a/lib/srtgui/typeaheads.py b/lib/srtgui/typeaheads.py
index fb26cf0b..e32c16ad 100644
--- a/lib/srtgui/typeaheads.py
+++ b/lib/srtgui/typeaheads.py
@@ -105,9 +105,6 @@ class MachinesTypeAhead(ToasterTypeAhead):
class DistrosTypeAhead(ToasterTypeAhead):
""" Typeahead for all the distros available in the current project's
configuration """
- def __init__(self):
- super(DistrosTypeAhead, self).__init__()
-
def apply_search(self, search_term, prj, request):
distros = prj.get_available_distros()
distros = distros.order_by("name")
diff --git a/lib/srtgui/urls.py b/lib/srtgui/urls.py
index 7d34e0fb..26c484d8 100644
--- a/lib/srtgui/urls.py
+++ b/lib/srtgui/urls.py
@@ -16,14 +16,10 @@
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-from django.conf.urls import include, url
-from django.views.generic import RedirectView, TemplateView
+from django.conf.urls import url
+from django.views.generic import RedirectView
-from django.http import HttpResponseBadRequest
from srtgui import tables
-#from srtgui import typeaheads
-from srtgui import api
-from srtgui import widgets
from srtgui import views
urlpatterns = [
diff --git a/lib/srtgui/views.py b/lib/srtgui/views.py
index 072d81af..122d9133 100644
--- a/lib/srtgui/views.py
+++ b/lib/srtgui/views.py
@@ -20,28 +20,23 @@
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
import os
-import sys
import traceback
import subprocess
from datetime import timedelta, datetime
from decimal import Decimal
-from os.path import dirname
import mimetypes
import json
import re
-from srtgui.templatetags.projecttags import json as jsonfilter
-
-from django.db.models import F, Q, Sum
-from django.db import IntegrityError
-from django.shortcuts import render, redirect, get_object_or_404
+from django.db.models import Q
+from django.shortcuts import render, redirect
from django.db.models.functions import Lower
-from orm.models import Cve, CveLocal, CveSource, CveDetail, CveHistory
+from orm.models import Cve, CveLocal, CveSource, CveHistory
from orm.models import Vulnerability, VulnerabilityHistory, CveToVulnerablility, VulnerabilityToInvestigation, VulnerabilityNotification, VulnerabilityAccess, VulnerabilityComments, VulnerabilityUploads
from orm.models import Investigation, InvestigationHistory, InvestigationToDefect, InvestigationComments, InvestigationNotification, InvestigationAccess, InvestigationUploads
-from orm.models import SrtSetting, CweTable, Product
-from orm.models import Package, PackageToCve
-from orm.models import Investigation, DataSource
+from orm.models import SrtSetting, Product
+from orm.models import Package
+from orm.models import DataSource
from orm.models import Defect, PublishPending
from orm.models import Notify, NotifyAccess, NotifyCategories
@@ -51,12 +46,9 @@ from srtgui.reports import ReportManager
from srtgui.api import readCveDetails, writeCveDetails, summaryCveDetails, execute_process
from django.urls import reverse, resolve
-from django.core.exceptions import MultipleObjectsReturned, ObjectDoesNotExist
-from django.core.paginator import Paginator, EmptyPage, PageNotAnInteger
-from django.core.files.uploadedfile import UploadedFile
-from django.http import HttpResponse, HttpResponseNotFound, JsonResponse, HttpResponseRedirect
+from django.core.paginator import EmptyPage, PageNotAnInteger
+from django.http import HttpResponse
from django.utils import timezone
-from django import forms
import logging
@@ -197,10 +189,7 @@ def _verify_parameters(g, mandatory_parameters):
return None
def _redirect_parameters(view, g, mandatory_parameters, *args, **kwargs):
- try:
- from urllib import unquote, urlencode
- except ImportError:
- from urllib.parse import unquote, urlencode
+ from urllib.parse import unquote, urlencode
url = reverse(view, kwargs=kwargs)
params = {}
for i in g:
@@ -232,8 +221,8 @@ def __get_q_for_val(name, value):
if "OR" in value or "AND" in value:
result = None
for x in value.split("OR"):
- x = __get_q_for_val(name, x)
- result = result | x if result else x
+ x = __get_q_for_val(name, x)
+ result = result | x if result else x
return result
if "AND" in value:
result = None
@@ -310,7 +299,7 @@ def _validate_input(field_input, model):
if True in [field.startswith(x) for x in valid_fields]:
break
else:
- return None, (field, valid_fields)
+ return None, (field, valid_fields)
return field_input, invalid
@@ -383,7 +372,6 @@ def _get_parameters_values(request, default_count, default_order):
# set cookies for parameters. this is usefull in case parameters are set
# manually from the GET values of the link
def _set_parameters_values(pagesize, orderby, request):
- from django.urls import resolve
current_url = resolve(request.path_info).url_name
request.session['%s_count' % current_url] = pagesize
request.session['%s_orderby' % current_url] =orderby
@@ -411,8 +399,8 @@ def _modify_date_range_filter(filter_string):
if 0 > filter_string.find('_daterange'):
return filter_string,''
# normalize GUI dates to database format
- filter_string = filter_string.replace('_daterange','').replace(':','!');
- filter_list = filter_string.split('!');
+ filter_string = filter_string.replace('_daterange','').replace(':','!')
+ filter_list = filter_string.split('!')
if 4 != len(filter_list):
return filter_string
today = timezone.localtime(timezone.now())
@@ -499,8 +487,6 @@ def management(request):
}
return render(request, 'management.html', context)
-
-import copy
def cve(request, cve_pk, active_tab="1"):
if request.method == "GET":
template = "cve.html"
@@ -619,7 +605,7 @@ def cve_edit(request, cve_pk):
else:
cve_object = Cve.objects.get(name=cve_pk)
cve_pk = cve_object.pk
- except Exception as e:
+ except Exception:
return redirect(landing)
# Create the local CVE edit record if not already present
cve_local_object,created = CveLocal.objects.get_or_create(name=cve_object.name)
@@ -1040,7 +1026,6 @@ def _create_defect(investigation,defect_reason,components):
return d.name
def xhr_triage_commit(request):
- global defect_count
_log("xhr_triage_commit(%s)" % request.POST)
if not 'action' in request.POST:
return HttpResponse(json.dumps({"error":"missing action\n"}), content_type = "application/json")
@@ -1156,7 +1141,7 @@ def xhr_triage_commit(request):
# map vulnerability to CVE
cv = CveToVulnerablility.objects.create(vulnerability=v,cve=cve)
- cv.save();
+ cv.save()
# add audit comment
vc = VulnerabilityHistory.objects.create(vulnerability=v)
vc.date = today
diff --git a/lib/srtgui/widgets.py b/lib/srtgui/widgets.py
index e0033e16..b491a1c4 100644
--- a/lib/srtgui/widgets.py
+++ b/lib/srtgui/widgets.py
@@ -29,27 +29,16 @@ from django.template import Context, Template
from django.template import VariableDoesNotExist
from django.template import TemplateSyntaxError
from django.core.serializers.json import DjangoJSONEncoder
-from django.core.exceptions import FieldError
-from django.utils import timezone
-from django.http import JsonResponse
-from django.urls import reverse
from orm.models import SrtSetting, Cve
-from srtgui.templatetags.projecttags import sectohms, get_tasks
-from srtgui.templatetags.projecttags import json as template_json
import types
import json
import collections
import re
-import os
from srtgui.tablefilter import TableFilterMap
-
-try:
- from urllib import unquote_plus
-except ImportError:
- from urllib.parse import unquote_plus
+from urllib.parse import unquote_plus
import logging
logger = logging.getLogger("srt")
@@ -249,14 +238,10 @@ class ToasterTable(TemplateView):
if "all" in action_name:
return
- try:
- table_filter = self.filter_map.get_filter(filter_name)
- action = table_filter.get_action(action_name)
- action.set_filter_params(action_params)
- self.queryset = action.filter(self.queryset)
- except KeyError:
- # pass it to the user - programming error here
- raise
+ table_filter = self.filter_map.get_filter(filter_name)
+ action = table_filter.get_action(action_name)
+ action.set_filter_params(action_params)
+ self.queryset = action.filter(self.queryset)
def apply_orderby(self, orderby):
# Note that django will execute this when we try to retrieve the data
@@ -357,76 +342,71 @@ class ToasterTable(TemplateView):
'error': "ok",
}
- try:
- for model_obj in page.object_list:
- # Use collection to maintain the order
- required_data = collections.OrderedDict()
-
- for col in self.columns:
- field = col['field_name']
- if not field:
- field = col['static_data_name']
- if not field:
- raise NoFieldOrDataName("Must supply a field_name or"
- "static_data_name for column"
- "%s.%s" %
- (self.__class__.__name__, col)
- )
-
- # Check if we need to process some static data
- if "static_data_name" in col and col['static_data_name']:
- # Overwrite the field_name with static_data_name
- # so that this can be used as the html class name
- col['field_name'] = col['static_data_name']
-
- try:
- # Render the template given
- required_data[col['static_data_name']] = \
- self.render_static_data(
- col['static_data_template'], model_obj)
- except (TemplateSyntaxError,
- VariableDoesNotExist) as e:
- logger.error("could not render template code"
- "%s %s %s",
- col['static_data_template'],
- e, self.__class__.__name__)
- required_data[col['static_data_name']] =\
- '<!--error-->'
+ for model_obj in page.object_list:
+ # Use collection to maintain the order
+ required_data = collections.OrderedDict()
+
+ for col in self.columns:
+ field = col['field_name']
+ if not field:
+ field = col['static_data_name']
+ if not field:
+ raise NoFieldOrDataName("Must supply a field_name or"
+ "static_data_name for column"
+ "%s.%s" %
+ (self.__class__.__name__, col)
+ )
+
+ # Check if we need to process some static data
+ if "static_data_name" in col and col['static_data_name']:
+ # Overwrite the field_name with static_data_name
+ # so that this can be used as the html class name
+ col['field_name'] = col['static_data_name']
+
+ try:
+ # Render the template given
+ required_data[col['static_data_name']] = \
+ self.render_static_data(
+ col['static_data_template'], model_obj)
+ except (TemplateSyntaxError,
+ VariableDoesNotExist) as e:
+ logger.error("could not render template code"
+ "%s %s %s",
+ col['static_data_template'],
+ e, self.__class__.__name__)
+ required_data[col['static_data_name']] =\
+ '<!--error-->'
+
+ else:
+ # Traverse to any foriegn key in the field
+ # e.g. recipe__layer_version__name
+ model_data = None
+
+ if "__" in field:
+ for subfield in field.split("__"):
+ if not model_data:
+ # The first iteration is always going to
+ # be on the actual model object instance.
+ # Subsequent ones are on the result of
+ # that. e.g. forieng key objects
+ model_data = getattr(model_obj,
+ subfield)
+ else:
+ model_data = getattr(model_data,
+ subfield)
else:
- # Traverse to any foriegn key in the field
- # e.g. recipe__layer_version__name
- model_data = None
-
- if "__" in field:
- for subfield in field.split("__"):
- if not model_data:
- # The first iteration is always going to
- # be on the actual model object instance.
- # Subsequent ones are on the result of
- # that. e.g. forieng key objects
- model_data = getattr(model_obj,
- subfield)
- else:
- model_data = getattr(model_data,
- subfield)
-
- else:
- model_data = getattr(model_obj,
- col['field_name'])
-
- # We might have a model function as the field so
- # call it to return the data needed
- if isinstance(model_data, types.MethodType):
- model_data = model_data()
-
- required_data[col['field_name']] = model_data
-
- data['rows'].append(required_data)
-
- except FieldError:
- # pass it to the user - programming-error here
- raise
+ model_data = getattr(model_obj,
+ col['field_name'])
+
+ # We might have a model function as the field so
+ # call it to return the data needed
+ if isinstance(model_data, types.MethodType):
+ model_data = model_data()
+
+ required_data[col['field_name']] = model_data
+
+ data['rows'].append(required_data)
# apply any row data customization override before converted to JSON
data = self.apply_row_customization(data)