From b2e13d9786987f34d60752963835cb2302939e5d Mon Sep 17 00:00:00 2001 From: sjh Date: Thu, 10 Feb 2022 12:35:16 +0800 Subject: [PATCH 1/4] add summary project and type --- iast/views/vul_details.py | 20 ++++++++++++++------ webapi/urls.py | 2 +- 2 files changed, 15 insertions(+), 7 deletions(-) diff --git a/iast/views/vul_details.py b/iast/views/vul_details.py index 915c9394..647e51f7 100644 --- a/iast/views/vul_details.py +++ b/iast/views/vul_details.py @@ -20,7 +20,7 @@ from django.utils.translation import gettext_lazy as _ from iast.utils import extend_schema_with_envcheck, get_response_serializer from rest_framework import serializers - +import time logger = logging.getLogger('dongtai-webapi') @@ -78,6 +78,7 @@ class _VulDetailResponseDataSerializer(serializers.Serializer): _ResponseSerializer = get_response_serializer(_VulDetailResponseDataSerializer()) + class VulDetail(UserEndPoint): def get_server(self): @@ -344,15 +345,22 @@ def get(self, request, id): :param request: :return: """ + print("======") + print(time.time()) self.vul_id = id auth_agents = self.get_auth_agents_with_user(request.user) try: + print("====0000000===") + print(time.time()) + data = { + 'vul': self.get_vul(auth_agents), + 'server': self.get_server(), + 'strategy': self.get_strategy() + } + print("======----------") + print(time.time()) return R.success( - data={ - 'vul': self.get_vul(auth_agents), - 'server': self.get_server(), - 'strategy': self.get_strategy() - } + data ) except Exception as e: logger.error(_('[{}] Vulnerability information parsing error, error message: {}').format(__name__,e)) diff --git a/webapi/urls.py b/webapi/urls.py index 0142320f..58f0e9c0 100644 --- a/webapi/urls.py +++ b/webapi/urls.py @@ -33,7 +33,7 @@ path('api/XZPcGFKoxYXScwGjQtJx8u/schema/swagger-ui/', SpectacularSwaggerView.as_view(url_name='schema'), name='swagger-ui'), - path('api/XZPcGFKoxYXScwGjQtJx8u/schema/redoc/', + path('c', SpectacularRedocView.as_view(url_name='schema'), name='redoc'), ]) From b554b1c5a20ce7e3f25bd550da12e3bdf18f594d Mon Sep 17 00:00:00 2001 From: sjh Date: Tue, 15 Feb 2022 16:28:54 +0800 Subject: [PATCH 2/4] gitaction debug --- iast/views/vul_details.py | 20 ++++++-------------- webapi/settings.py | 1 + 2 files changed, 7 insertions(+), 14 deletions(-) diff --git a/iast/views/vul_details.py b/iast/views/vul_details.py index 647e51f7..915c9394 100644 --- a/iast/views/vul_details.py +++ b/iast/views/vul_details.py @@ -20,7 +20,7 @@ from django.utils.translation import gettext_lazy as _ from iast.utils import extend_schema_with_envcheck, get_response_serializer from rest_framework import serializers -import time + logger = logging.getLogger('dongtai-webapi') @@ -78,7 +78,6 @@ class _VulDetailResponseDataSerializer(serializers.Serializer): _ResponseSerializer = get_response_serializer(_VulDetailResponseDataSerializer()) - class VulDetail(UserEndPoint): def get_server(self): @@ -345,22 +344,15 @@ def get(self, request, id): :param request: :return: """ - print("======") - print(time.time()) self.vul_id = id auth_agents = self.get_auth_agents_with_user(request.user) try: - print("====0000000===") - print(time.time()) - data = { - 'vul': self.get_vul(auth_agents), - 'server': self.get_server(), - 'strategy': self.get_strategy() - } - print("======----------") - print(time.time()) return R.success( - data + data={ + 'vul': self.get_vul(auth_agents), + 'server': self.get_server(), + 'strategy': self.get_strategy() + } ) except Exception as e: logger.error(_('[{}] Vulnerability information parsing error, error message: {}').format(__name__,e)) diff --git a/webapi/settings.py b/webapi/settings.py index 0079b871..589defd1 100644 --- a/webapi/settings.py +++ b/webapi/settings.py @@ -119,6 +119,7 @@ def get_installed_apps(): USE_L10N = True MODELTRANSLATION_FALLBACK_LANGUAGES = ('zh', 'en') MIDDLEWARE = [ + 'dongtai_agent_python.middlewares.django_middleware.FireMiddleware', 'django.middleware.gzip.GZipMiddleware', 'utils.CSPMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware', From c3e4960a95ff7152fc7563ee8fd6dee88dd4168a Mon Sep 17 00:00:00 2001 From: cm Date: Thu, 10 Mar 2022 17:13:05 +0800 Subject: [PATCH 3/4] vul list simple --- iast/base/agent.py | 17 +++++++++++++++++ iast/views/vuls.py | 37 ++++++++++++++++++++++--------------- 2 files changed, 39 insertions(+), 15 deletions(-) diff --git a/iast/base/agent.py b/iast/base/agent.py index 64f73108..104a8d31 100644 --- a/iast/base/agent.py +++ b/iast/base/agent.py @@ -65,6 +65,23 @@ def get_user_agent_pro(auth_users, bindId): return result +# add by song +def get_user_agent_pro_by_agent_id(ids): + agentInfo = IastAgent.objects.filter(id__in=ids).values("id", "bind_project_id", "server_id","server__container") + result = { + "pidArr": {}, + "serverArr": {}, + "serverNameArr": {} + } + if agentInfo: + for item in agentInfo: + + result["pidArr"][item['id']] = item['bind_project_id'] + result["serverNameArr"][item['id']] = item['server__container'] + result["serverArr"][item['id']] = item['server_id'] + return result + + def get_all_server(ids): alls = IastServer.objects.filter(id__in=ids).values("id", "container") result = {} diff --git a/iast/views/vuls.py b/iast/views/vuls.py index 5490d9bf..a914e9f4 100644 --- a/iast/views/vuls.py +++ b/iast/views/vuls.py @@ -3,7 +3,7 @@ # author:owefsad # software: PyCharm # project: lingzhi-webapi - +import time from dongtai.endpoint import R from dongtai.endpoint import UserEndPoint from dongtai.models.vul_level import IastVulLevel @@ -11,7 +11,7 @@ from dongtai.models.strategy import IastStrategyModel from iast.base.agent import get_agents_with_project, get_user_project_name, \ - get_user_agent_pro, get_all_server + get_user_agent_pro, get_all_server,get_user_agent_pro_by_agent_id from iast.base.project_version import get_project_version, get_project_version_by_id from iast.serializers.vul import VulSerializer from django.utils.translation import gettext_lazy as _ @@ -279,13 +279,10 @@ def get(self, request): q = ~Q(hook_type_id=0) queryset = queryset.filter(q) projects_info = get_user_project_name(auth_users) - agentArr = get_user_agent_pro(auth_users, projects_info.keys()) - agentPro = agentArr['pidArr'] - agentServer = agentArr['serverArr'] - server_ids = agentArr['server_ids'] - allServer = get_all_server(server_ids) + # server_ids = agentArr['server_ids'] allType = IastVulLevel.objects.all().order_by("id") allTypeArr = {} + if allType: for item in allType: allTypeArr[item.id] = item.name_value @@ -293,21 +290,31 @@ def get(self, request): page = request.query_params.get('page', 1) page_size = request.query_params.get("pageSize", 20) page_summary, page_data = self.get_paginator(queryset, page, page_size) + # need todo change datas = VulSerializer(page_data, many=True).data pro_length = len(datas) if pro_length > 0: + need_ids = [] + agent_ids = [] + for ind in range(pro_length): + item = datas[ind] + agent_ids.append(item['agent_id']) + # need_ids.append(agentServer.get(item['agent_id'], 0)) + # edit by song + agentArr = get_user_agent_pro_by_agent_id(agent_ids) + agentPro = agentArr['pidArr'] + # agentServer = agentArr['serverArr'] + agentServerName = agentArr['serverNameArr'] + # allServer = get_all_server(need_ids) + for index in range(pro_length): item = datas[index] item['index'] = index - item['project_name'] = projects_info.get( - agentPro.get(item['agent_id'], 0), - _("The application has not been binded")) + item['project_name'] = projects_info.get(agentPro.get(item['agent_id'], 0), _("The application has not been binded")) item['project_id'] = agentPro.get(item['agent_id'], 0) - item['server_name'] = allServer.get( - agentServer.get(item['agent_id'], 0), "JavaApplication") - item['server_type'] = VulSerializer.split_container_name( - item['server_name']) - + # item['server_name'] = allServer.get(agentServer.get(item['agent_id'], 0), "JavaApplication") + item['server_name'] = agentServerName.get(item['agent_id'], "JavaApplication") + item['server_type'] = VulSerializer.split_container_name( item['server_name']) item['level_type'] = item['level_id'] item['level'] = allTypeArr.get(item['level_id'], "") end['data'].append(item) From db4b0498cde11b57d5f34192261b50f689cb221b Mon Sep 17 00:00:00 2001 From: cm Date: Thu, 10 Mar 2022 17:16:14 +0800 Subject: [PATCH 4/4] rm agent --- webapi/settings.py | 2 +- webapi/urls.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/webapi/settings.py b/webapi/settings.py index 08ece5ae..2c70bbef 100644 --- a/webapi/settings.py +++ b/webapi/settings.py @@ -119,7 +119,7 @@ def get_installed_apps(): USE_L10N = True MODELTRANSLATION_FALLBACK_LANGUAGES = ('zh', 'en') MIDDLEWARE = [ - 'dongtai_agent_python.middlewares.django_middleware.FireMiddleware', + # 'dongtai_agent_python.middlewares.django_middleware.FireMiddleware', 'django.middleware.gzip.GZipMiddleware', 'utils.CSPMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware', diff --git a/webapi/urls.py b/webapi/urls.py index 58f0e9c0..0142320f 100644 --- a/webapi/urls.py +++ b/webapi/urls.py @@ -33,7 +33,7 @@ path('api/XZPcGFKoxYXScwGjQtJx8u/schema/swagger-ui/', SpectacularSwaggerView.as_view(url_name='schema'), name='swagger-ui'), - path('c', + path('api/XZPcGFKoxYXScwGjQtJx8u/schema/redoc/', SpectacularRedocView.as_view(url_name='schema'), name='redoc'), ])