更改参数有效性校验长度判断错误、增加导出cve信息接口添加host id不存在的提示

2022-12-02 17:36:52 +08:00 · 2022-12-02 17:36:52 +08:00 · 36175f6bb2
commit 36175f6bb2
parent 6cb7429fe5
4 changed files with 254 additions and 3 deletions
--- a/aops-apollo.spec
+++ b/aops-apollo.spec
@ -1,11 +1,13 @@
 Name:		aops-apollo
 Version:	v1.1.1
-Release:	1
+Release:	2
 Summary:	Cve management service, monitor machine vulnerabilities and provide fix functions.
 License:	MulanPSL2
 URL:		https://gitee.com/openeuler/%{name}
 Source0:	%{name}-%{version}.tar.gz
-
+Patch0001:  cveinfo_api_add_host_id_not_exists_tip.patch
 Patch0002:  param_length_validate.patch
 Patch0003:  fix_host_repo_filter_query_failed.patch
 BuildRequires:  python3-setuptools
 Requires:   aops-vulcanus >= %{version}-%{release}
@ -20,7 +22,7 @@ Cve management service, monitor machine vulnerabilities and provide fix function
 %prep
-%autosetup -n %{name}-%{version}
+%autosetup -n %{name}-%{version} -p1
 # build for aops-apollo
 %py3_build
@ -40,6 +42,9 @@ Cve management service, monitor machine vulnerabilities and provide fix function
 %changelog
 * Fri Dec 02 2022 gongzhengtang<gong_zhengtang@163.com> - v1.1.1-2
 - fix param length validate and other bugs
 * Fri Dec 02 2022 wenxin<shusheng.wen@outlook.com> - v1.1.1-1
 - fix some bugs
--- a/cveinfo_api_add_host_id_not_exists_tip.patch
+++ b/cveinfo_api_add_host_id_not_exists_tip.patch
@ -0,0 +1,131 @@
 From c2e08fd35d24f855347e1cc12acbd814051f64f3 Mon Sep 17 00:00:00 2001
 From: young <954906362@qq.com>
 Date: Fri, 2 Dec 2022 11:47:11 +0800
 Subject: [PATCH 1/2] 导出cve信息接口添加host id不存在的提示
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
 ---
 apollo/conf/constant.py                          |  1 +
 apollo/database/proxy/cve.py                     |  1 +
 apollo/handler/cve_handler/view.py               | 15 +++++++++------
 apollo/handler/task_handler/callback/cve_scan.py |  4 ++--
 4 files changed, 13 insertions(+), 8 deletions(-)
 diff --git a/apollo/conf/constant.py b/apollo/conf/constant.py
 index 95e4181..4fc8a62 100644
 --- a/apollo/conf/constant.py
 +++ b/apollo/conf/constant.py
@@ -120,5 +120,6 @@ ES_TEST_FLAG = False
 REPO_FILE = "/etc/yum.repos.d/aops-update.repo"
 FILE_NUMBER = 1
 +NO_FILE = 0
 FILE_UPLOAD_PATH = "/opt/aops/cve/upload"
 CSV_SAVED_PATH = "/opt/aops/cve/saved"
 diff --git a/apollo/database/proxy/cve.py b/apollo/database/proxy/cve.py
 index c2291a4..38021d3 100644
 --- a/apollo/database/proxy/cve.py
 +++ b/apollo/database/proxy/cve.py
@@ -1275,4 +1275,5 @@ class CveProxy(CveMysqlProxy, CveEsProxy):
         if host_info_query:
             host_info = host_info_query[0]
             return host_info.host_name, cve_list
 +        LOGGER.error(f"{host_id} not found in database")
         return "", cve_query
 diff --git a/apollo/handler/cve_handler/view.py b/apollo/handler/cve_handler/view.py
 index 4a7466e..d9409a7 100644
 --- a/apollo/handler/cve_handler/view.py
 +++ b/apollo/handler/cve_handler/view.py
@@ -22,7 +22,7 @@ import shutil
 from flask import jsonify
 from apollo.conf import configuration
 -from apollo.conf.constant import FILE_UPLOAD_PATH, CSV_SAVED_PATH, FILE_NUMBER
 +from apollo.conf.constant import FILE_UPLOAD_PATH, CSV_SAVED_PATH, FILE_NUMBER, NO_FILE
 from apollo.database import SESSION
 from apollo.database.proxy.cve import CveProxy, CveMysqlProxy
 from apollo.function.customize_exception import ParseAdvisoryError
@@ -452,11 +452,14 @@ class VulExportExcel(BaseResponse):
         for host_id in host_id_list:
             host_name, cve_info_list = proxy.query_host_name_and_related_cves(host_id, username)
 -
 -            self.filename = f"{host_name}.csv"
 -            csv_head = ["cve_id", "status"]
 -            export_csv(cve_info_list, os.path.join(
 -                self.filepath, self.filename), csv_head)
 +            if host_name:
 +                self.filename = f"{host_name}.csv"
 +                csv_head = ["cve_id", "status"]
 +                export_csv(cve_info_list, os.path.join(
 +                    self.filepath, self.filename), csv_head)
 +
 +        if len(os.listdir(self.filepath)) == NO_FILE:
 +            return NO_DATA
         if len(os.listdir(self.filepath)) > FILE_NUMBER:
             zip_filename, zip_save_path = compress_cve(self.filepath, "host.zip")
             if zip_filename and zip_save_path:
 diff --git a/apollo/handler/task_handler/callback/cve_scan.py b/apollo/handler/task_handler/callback/cve_scan.py
 index 817e4e4..1416ed0 100644
 --- a/apollo/handler/task_handler/callback/cve_scan.py
 +++ b/apollo/handler/task_handler/callback/cve_scan.py
@@ -32,11 +32,11 @@ class CveScanCallback(TaskCallback):
             task_id: task id,
             task_info: task info, e.g.:
                 {
 -                    status:0,
 +                    "status":0,
                     "host_id":"127.0.0.1",
                     "installed_packages":["string"],
                     "os_version":"string",
 -                    "cves:["string"]
 +                    "cves":["string"]
                 }
         Returns:
 -- 
 Gitee
 From f831f7f4e6562df58905211a8a608162a2e5953f Mon Sep 17 00:00:00 2001
 From: young <954906362@qq.com>
 Date: Fri, 2 Dec 2022 15:21:56 +0800
 Subject: [PATCH 2/2] 去掉不必要的常量
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
 ---
 apollo/conf/constant.py            | 1 -
 apollo/handler/cve_handler/view.py | 2 +-
 2 files changed, 1 insertion(+), 2 deletions(-)
 diff --git a/apollo/conf/constant.py b/apollo/conf/constant.py
 index 4fc8a62..95e4181 100644
 --- a/apollo/conf/constant.py
 +++ b/apollo/conf/constant.py
@@ -120,6 +120,5 @@ ES_TEST_FLAG = False
 REPO_FILE = "/etc/yum.repos.d/aops-update.repo"
 FILE_NUMBER = 1
 -NO_FILE = 0
 FILE_UPLOAD_PATH = "/opt/aops/cve/upload"
 CSV_SAVED_PATH = "/opt/aops/cve/saved"
 diff --git a/apollo/handler/cve_handler/view.py b/apollo/handler/cve_handler/view.py
 index d9409a7..f10be78 100644
 --- a/apollo/handler/cve_handler/view.py
 +++ b/apollo/handler/cve_handler/view.py
@@ -458,7 +458,7 @@ class VulExportExcel(BaseResponse):
                 export_csv(cve_info_list, os.path.join(
                     self.filepath, self.filename), csv_head)
 -        if len(os.listdir(self.filepath)) == NO_FILE:
 +        if len(os.listdir(self.filepath)) == 0:
             return NO_DATA
         if len(os.listdir(self.filepath)) > FILE_NUMBER:
             zip_filename, zip_save_path = compress_cve(self.filepath, "host.zip")
 -- 
 Gitee
--- a/fix_host_repo_filter_query_failed.patch
+++ b/fix_host_repo_filter_query_failed.patch
@ -0,0 +1,56 @@
 From cf87cb8c7eb076049fc335db8e4edce0a5f09e74 Mon Sep 17 00:00:00 2001
 From: gongzt <gong_zhengtang@163.com>
 Date: Fri, 2 Dec 2022 17:29:49 +0800
 Subject: [PATCH] 修复主机列表查询时选择未设置repo查询无数据
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
 ---
 apollo/database/proxy/host.py      | 9 +++++++--
 apollo/handler/cve_handler/view.py | 2 +-
 2 files changed, 8 insertions(+), 3 deletions(-)
 diff --git a/apollo/database/proxy/host.py b/apollo/database/proxy/host.py
 index 5510125..7fd793a 100644
 --- a/apollo/database/proxy/host.py
 +++ b/apollo/database/proxy/host.py
@@ -16,7 +16,7 @@ Author:
 Description: Host table operation
 """
 from sqlalchemy.exc import SQLAlchemyError
 -from sqlalchemy import func, case
 +from sqlalchemy import func, case, or_
 from vulcanus.log.log import LOGGER
 from vulcanus.restful.status import NO_DATA, DATABASE_QUERY_ERROR, SUCCEED
@@ -202,7 +202,12 @@ class HostMysqlProxy(MysqlProxy):
         if filter_dict.get("host_group"):
             filters.add(Host.host_group_name.in_(filter_dict["host_group"]))
         if filter_dict.get("repo"):
 -            filters.add(Host.repo_name.in_(filter_dict["repo"]))
 +            repos = [repo if repo else None for repo in filter_dict["repo"]]
 +            if None in repos:
 +                filters.add(or_(Host.repo_name.is_(None),
 +                                Host.repo_name.in_(repos)))
 +            else:
 +                filters.add(Host.repo_name.in_(repos))
         return filters
 diff --git a/apollo/handler/cve_handler/view.py b/apollo/handler/cve_handler/view.py
 index f10be78..7524b10 100644
 --- a/apollo/handler/cve_handler/view.py
 +++ b/apollo/handler/cve_handler/view.py
@@ -22,7 +22,7 @@ import shutil
 from flask import jsonify
 from apollo.conf import configuration
 -from apollo.conf.constant import FILE_UPLOAD_PATH, CSV_SAVED_PATH, FILE_NUMBER, NO_FILE
 +from apollo.conf.constant import FILE_UPLOAD_PATH, CSV_SAVED_PATH, FILE_NUMBER
 from apollo.database import SESSION
 from apollo.database.proxy.cve import CveProxy, CveMysqlProxy
 from apollo.function.customize_exception import ParseAdvisoryError
 -- 
 Gitee
--- a/param_length_validate.patch
+++ b/param_length_validate.patch
@ -0,0 +1,59 @@
 From 3a85482819891c6cdfa1d47be372640c0c67620c Mon Sep 17 00:00:00 2001
 From: gongzt <gong_zhengtang@163.com>
 Date: Thu, 1 Dec 2022 23:06:53 +0800
 Subject: [PATCH] 更改参数有效性校验长度判断错误
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
 ---
 apollo/function/schema/task.py      | 9 ++++++---
 apollo/handler/task_handler/view.py | 5 -----
 2 files changed, 6 insertions(+), 8 deletions(-)
 diff --git a/apollo/function/schema/task.py b/apollo/function/schema/task.py
 index e19c3ed..59f72db 100644
 --- a/apollo/function/schema/task.py
 +++ b/apollo/function/schema/task.py
@@ -151,9 +151,12 @@ class GenerateRepoTaskSchema(Schema):
     """
     validators for parameter of /vulnerability/task/repo/generate
     """
 -    task_name = fields.String(required=True, validate=lambda s: 0 < s <= 20)
 -    description = fields.String(required=True, validate=lambda s: 0 < s <= 50)
 -    repo_name = fields.String(required=True, validate=lambda s: 0 < s <= 20)
 +    task_name = fields.String(
 +        required=True, validate=lambda s: 0 < len(s) <= 20)
 +    description = fields.String(
 +        required=True, validate=lambda s: 0 < len(s) <= 50)
 +    repo_name = fields.String(
 +        required=True, validate=lambda s: 0 < len(s) <= 20)
     info = fields.List(fields.Nested(CveHostInfoDictSchema), required=True,
                        validate=lambda s: len(s) > 0)
 diff --git a/apollo/handler/task_handler/view.py b/apollo/handler/task_handler/view.py
 index cfd0d9b..318f693 100644
 --- a/apollo/handler/task_handler/view.py
 +++ b/apollo/handler/task_handler/view.py
@@ -102,10 +102,6 @@ class VulScanHost(BaseResponse):
         """
         access_token = request.headers.get('access_token')
         # connect to database
 -        task_proxy = TaskProxy(configuration)
 -        if not task_proxy.connect(SESSION):
 -            return DATABASE_CONNECT_ERROR
 -
         proxy = TaskMysqlProxy()
         if not proxy.connect(SESSION):
             LOGGER.error("Connect to database fail, return.")
@@ -116,7 +112,6 @@ class VulScanHost(BaseResponse):
         host_list = args['host_list']
         host_info = proxy.get_scan_host_info(username, host_list)
         if not self._verify_param(host_list, host_info):
 -            proxy.close()
             LOGGER.error(
                 "There are some host in %s that can not be scanned.", host_list)
             return PARAM_ERROR
 -- 
 Gitee