From 318ad494e275d0404b2f1af768506a25c27028e2 Mon Sep 17 00:00:00 2001 From: liulei <450962@qq.com> Date: Tue, 31 Oct 2023 10:17:37 +0800 Subject: [PATCH 1/2] Add an interface for querying file list MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- zeus/conf/constant.py | 2 + zeus/config_manager/view.py | 42 +++++++++++- zeus/function/verify/config.py | 8 +++ zeus/vulnerability_manage/url.py | 113 +++++++++++++++++++++++++++++++ 4 files changed, 163 insertions(+), 2 deletions(-) create mode 100644 zeus/vulnerability_manage/url.py diff --git a/zeus/conf/constant.py b/zeus/conf/constant.py index df2948d..44065be 100644 --- a/zeus/conf/constant.py +++ b/zeus/conf/constant.py @@ -34,6 +34,7 @@ CERES_CVE_SCAN = "aops-ceres apollo --scan '%s'" CERES_CVE_FIX = "aops-ceres apollo --fix '%s'" CERES_CVE_ROLLBACK = "aops-ceres apollo --rollback '%s'" CERES_SYNC_CONF = "aops-ceres sync --conf '%s'" +CERES_OBJECT_FILE_CONF = "aops-ceres ragdoll --list '%s'" # zeus route ADD_HOST = "/manage/host/add" @@ -56,6 +57,7 @@ GET_GROUP = "/manage/host/group/get" COLLECT_CONFIG = '/manage/config/collect' SYNC_CONFIG = '/manage/config/sync' +OBJECT_FILE_CONFIG = '/manage/config/objectfile' USER_LOGIN = "/manage/account/login" LOGOUT = "/manage/account/logout" diff --git a/zeus/config_manager/view.py b/zeus/config_manager/view.py index 0aa9682..bde6dbf 100644 --- a/zeus/config_manager/view.py +++ b/zeus/config_manager/view.py @@ -22,10 +22,10 @@ from typing import List, Dict from vulcanus.multi_thread_handler import MultiThreadHandler from vulcanus.restful.resp import state from vulcanus.restful.response import BaseResponse -from zeus.conf.constant import CERES_COLLECT_FILE, CERES_SYNC_CONF +from zeus.conf.constant import CERES_COLLECT_FILE, CERES_SYNC_CONF, OBJECT_FILE_CONF, CERES_OBJECT_FILE_CONF from zeus.database.proxy.host import HostProxy from zeus.function.model import ClientConnectArgs -from zeus.function.verify.config import CollectConfigSchema, SyncConfigSchema +from zeus.function.verify.config import CollectConfigSchema, SyncConfigSchema, ObjectFileConfigSchema from zeus.host_manager.ssh import execute_command_and_parse_its_result, execute_command_sftp_result @@ -290,3 +290,41 @@ class SyncConfig(BaseResponse): sync_result['sync_result'] = True return self.response(code=state.SUCCEED, data={"resp": sync_result}) return self.response(code=state.UNKNOWN_ERROR, data={"resp": sync_result}) + + +class ObjectFileConfig(BaseResponse): + + @staticmethod + def object_file_config_content(host_info: Dict, file_directory: str): + command = CERES_OBJECT_FILE_CONF % file_directory + status, content = execute_command_and_parse_its_result( + ClientConnectArgs(host_info.get("host_ip"), host_info.get("ssh_port"), + host_info.get("ssh_user"), host_info.get("pkey")), command) + return status, content + + @BaseResponse.handle(schema=ObjectFileConfigSchema, token=False) + def post(self, **params): + object_file_result = { + "object_file_paths": list(), + "object_file_result": False + } + # Query host address from database + proxy = HostProxy() + if not proxy.connect(): + return self.response(code=state.DATABASE_CONNECT_ERROR, data={"resp": object_file_result}) + + status, host_list = proxy.get_host_info( + {"username": "admin", "host_list": [params.get('host_id')]}, True) + if status != state.SUCCEED: + return self.response(code=status, data={"resp": object_file_result}) + + host_info = host_list[0] + status, content = self.object_file_config_content(host_info, params.get('file_directory')) + if status == state.SUCCEED: + object_file_result['object_file_result'] = True + content_res = json.loads(content) + if content_res.get("resp"): + resp = content_res.get("resp") + object_file_result['object_file_paths'] = resp + return self.response(code=state.SUCCEED, data={"resp": object_file_result}) + return self.response(code=state.UNKNOWN_ERROR, data={"resp": object_file_result}) diff --git a/zeus/function/verify/config.py b/zeus/function/verify/config.py index 6e5bf64..1ef7b97 100644 --- a/zeus/function/verify/config.py +++ b/zeus/function/verify/config.py @@ -45,3 +45,11 @@ class SyncConfigSchema(Schema): host_id = fields.Integer(required=True, validate=lambda s: s > 0) file_path = fields.String(required=True, validate=lambda s: len(s) > 0) content = fields.String(required=True, validate=lambda s: len(s) > 0) + + +class ObjectFileConfigSchema(Schema): + """ + validators for ObjectFileConfigSchema + """ + host_id = fields.Integer(required=True, validate=lambda s: s > 0) + file_directory = fields.String(required=True, validate=lambda s: len(s) > 0) diff --git a/zeus/vulnerability_manage/url.py b/zeus/vulnerability_manage/url.py new file mode 100644 index 0000000..fe464ac --- /dev/null +++ b/zeus/vulnerability_manage/url.py @@ -0,0 +1,113 @@ +#!/usr/bin/python3 +# ****************************************************************************** +# Copyright (c) Huawei Technologies Co., Ltd. 2021-2021. All rights reserved. +# licensed under the Mulan PSL v2. +# You can use this software according to the terms and conditions of the Mulan PSL v2. +# You may obtain a copy of Mulan PSL v2 at: +# http://license.coscl.org.cn/MulanPSL2 +# THIS SOFTWARE IS PROVIDED ON AN 'AS IS' BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR +# PURPOSE. +# See the Mulan PSL v2 for more details. +# ******************************************************************************/ +""" +Time: +Author: +Description: url set +""" +from zeus.account_manager import view as account_view +from zeus.agent_manager import view as agent_view +from zeus.conf.constant import ( + ADD_GROUP, + ADD_HOST, + ADD_HOST_BATCH, + ADD_USER, + AGENT_METRIC_SET, + AGENT_PLUGIN_INFO, + AGENT_PLUGIN_SET, + AUTH_REDIRECT_URL, + BIND_AUTH_ACCOUNT, + CHANGE_PASSWORD, + COLLECT_CONFIG, + DELETE_GROUP, + DELETE_HOST, + EXECUTE_CVE_FIX, + EXECUTE_CVE_ROLLBACK, + EXECUTE_CVE_SCAN, + EXECUTE_REPO_SET, + GET_GROUP, + GET_HOST_COUNT, + GET_HOST_TEMPLATE_FILE, + GITEE_AUTH_LOGIN, + HOST_SCENE_GET, + LOGOUT, + QUERY_HOST, + QUERY_HOST_DETAIL, + QUERY_METRIC_DATA, + QUERY_METRIC_LIST, + QUERY_METRIC_NAMES, + REFRESH_TOKEN, + UPDATE_HOST, + USER_LOGIN, + SYNC_CONFIG, + OBJECT_FILE_CONFIG +) +from zeus.config_manager import view as config_view +from zeus.host_manager import view as host_view +from zeus.metric_manager import view as metric_view +from zeus.vulnerability_manage import view as vulnerability_view + +URLS = [] + +SPECIFIC_URLS = { + "ACCOUNT_URLS": [ + (account_view.Login, USER_LOGIN), + (account_view.ChangePassword, CHANGE_PASSWORD), + (account_view.AddUser, ADD_USER), + (account_view.GiteeAuthLogin, GITEE_AUTH_LOGIN), + (account_view.AuthRedirectUrl, AUTH_REDIRECT_URL), + (account_view.BindAuthAccount, BIND_AUTH_ACCOUNT), + (account_view.RefreshToken, REFRESH_TOKEN), + (account_view.Logout, LOGOUT), + ], + "HOST_URLS": [ + (host_view.AddHost, ADD_HOST), + (host_view.AddHostBatch, ADD_HOST_BATCH), + (host_view.DeleteHost, DELETE_HOST), + (host_view.UpdateHost, UPDATE_HOST), + (host_view.GetHost, QUERY_HOST), + (host_view.GetHostInfo, QUERY_HOST_DETAIL), + (host_view.GetHostCount, GET_HOST_COUNT), + (host_view.GetHostTemplateFile, GET_HOST_TEMPLATE_FILE), + ], + "HOST_GROUP_URLS": [ + (host_view.AddHostGroup, ADD_GROUP), + (host_view.DeleteHostGroup, DELETE_GROUP), + (host_view.GetHostGroup, GET_GROUP), + ], + "CONFIG_URLS": [ + (config_view.CollectConfig, COLLECT_CONFIG), + (config_view.SyncConfig, SYNC_CONFIG), + (config_view.ObjectFileConfig, OBJECT_FILE_CONFIG) + ], + 'AGENT_URLS': [ + (agent_view.AgentPluginInfo, AGENT_PLUGIN_INFO), + (agent_view.SetAgentPluginStatus, AGENT_PLUGIN_SET), + (agent_view.SetAgentMetricStatus, AGENT_METRIC_SET), + (agent_view.GetHostScene, HOST_SCENE_GET), + ], + 'CVE_URLS': [ + (vulnerability_view.ExecuteRepoSetTask, EXECUTE_REPO_SET), + (vulnerability_view.ExecuteCveScanTask, EXECUTE_CVE_SCAN), + (vulnerability_view.ExecuteCveFixTask, EXECUTE_CVE_FIX), + (vulnerability_view.ExecuteCveRollbackTask, EXECUTE_CVE_ROLLBACK), + ], + 'METRIC': [ + (metric_view.QueryHostMetricNames, QUERY_METRIC_NAMES), + (metric_view.QueryHostMetricData, QUERY_METRIC_DATA), + (metric_view.QueryHostMetricList, QUERY_METRIC_LIST), + ], +} + +for _, value in SPECIFIC_URLS.items(): + URLS.extend(value) -- Gitee From bf654cd0d5086b29ab3e5b27cdc42cc0f8cc24ed Mon Sep 17 00:00:00 2001 From: liulei <450962@qq.com> Date: Tue, 31 Oct 2023 10:29:27 +0800 Subject: [PATCH 2/2] Add an interface for querying file list MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- zeus/url.py | 4 +- zeus/vulnerability_manage/url.py | 113 ------------------------------- 2 files changed, 3 insertions(+), 114 deletions(-) delete mode 100644 zeus/vulnerability_manage/url.py diff --git a/zeus/url.py b/zeus/url.py index 597dcc7..fe464ac 100644 --- a/zeus/url.py +++ b/zeus/url.py @@ -50,6 +50,7 @@ from zeus.conf.constant import ( UPDATE_HOST, USER_LOGIN, SYNC_CONFIG, + OBJECT_FILE_CONFIG ) from zeus.config_manager import view as config_view from zeus.host_manager import view as host_view @@ -86,7 +87,8 @@ SPECIFIC_URLS = { ], "CONFIG_URLS": [ (config_view.CollectConfig, COLLECT_CONFIG), - (config_view.SyncConfig, SYNC_CONFIG) + (config_view.SyncConfig, SYNC_CONFIG), + (config_view.ObjectFileConfig, OBJECT_FILE_CONFIG) ], 'AGENT_URLS': [ (agent_view.AgentPluginInfo, AGENT_PLUGIN_INFO), diff --git a/zeus/vulnerability_manage/url.py b/zeus/vulnerability_manage/url.py deleted file mode 100644 index fe464ac..0000000 --- a/zeus/vulnerability_manage/url.py +++ /dev/null @@ -1,113 +0,0 @@ -#!/usr/bin/python3 -# ****************************************************************************** -# Copyright (c) Huawei Technologies Co., Ltd. 2021-2021. All rights reserved. -# licensed under the Mulan PSL v2. -# You can use this software according to the terms and conditions of the Mulan PSL v2. -# You may obtain a copy of Mulan PSL v2 at: -# http://license.coscl.org.cn/MulanPSL2 -# THIS SOFTWARE IS PROVIDED ON AN 'AS IS' BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR -# IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR -# PURPOSE. -# See the Mulan PSL v2 for more details. -# ******************************************************************************/ -""" -Time: -Author: -Description: url set -""" -from zeus.account_manager import view as account_view -from zeus.agent_manager import view as agent_view -from zeus.conf.constant import ( - ADD_GROUP, - ADD_HOST, - ADD_HOST_BATCH, - ADD_USER, - AGENT_METRIC_SET, - AGENT_PLUGIN_INFO, - AGENT_PLUGIN_SET, - AUTH_REDIRECT_URL, - BIND_AUTH_ACCOUNT, - CHANGE_PASSWORD, - COLLECT_CONFIG, - DELETE_GROUP, - DELETE_HOST, - EXECUTE_CVE_FIX, - EXECUTE_CVE_ROLLBACK, - EXECUTE_CVE_SCAN, - EXECUTE_REPO_SET, - GET_GROUP, - GET_HOST_COUNT, - GET_HOST_TEMPLATE_FILE, - GITEE_AUTH_LOGIN, - HOST_SCENE_GET, - LOGOUT, - QUERY_HOST, - QUERY_HOST_DETAIL, - QUERY_METRIC_DATA, - QUERY_METRIC_LIST, - QUERY_METRIC_NAMES, - REFRESH_TOKEN, - UPDATE_HOST, - USER_LOGIN, - SYNC_CONFIG, - OBJECT_FILE_CONFIG -) -from zeus.config_manager import view as config_view -from zeus.host_manager import view as host_view -from zeus.metric_manager import view as metric_view -from zeus.vulnerability_manage import view as vulnerability_view - -URLS = [] - -SPECIFIC_URLS = { - "ACCOUNT_URLS": [ - (account_view.Login, USER_LOGIN), - (account_view.ChangePassword, CHANGE_PASSWORD), - (account_view.AddUser, ADD_USER), - (account_view.GiteeAuthLogin, GITEE_AUTH_LOGIN), - (account_view.AuthRedirectUrl, AUTH_REDIRECT_URL), - (account_view.BindAuthAccount, BIND_AUTH_ACCOUNT), - (account_view.RefreshToken, REFRESH_TOKEN), - (account_view.Logout, LOGOUT), - ], - "HOST_URLS": [ - (host_view.AddHost, ADD_HOST), - (host_view.AddHostBatch, ADD_HOST_BATCH), - (host_view.DeleteHost, DELETE_HOST), - (host_view.UpdateHost, UPDATE_HOST), - (host_view.GetHost, QUERY_HOST), - (host_view.GetHostInfo, QUERY_HOST_DETAIL), - (host_view.GetHostCount, GET_HOST_COUNT), - (host_view.GetHostTemplateFile, GET_HOST_TEMPLATE_FILE), - ], - "HOST_GROUP_URLS": [ - (host_view.AddHostGroup, ADD_GROUP), - (host_view.DeleteHostGroup, DELETE_GROUP), - (host_view.GetHostGroup, GET_GROUP), - ], - "CONFIG_URLS": [ - (config_view.CollectConfig, COLLECT_CONFIG), - (config_view.SyncConfig, SYNC_CONFIG), - (config_view.ObjectFileConfig, OBJECT_FILE_CONFIG) - ], - 'AGENT_URLS': [ - (agent_view.AgentPluginInfo, AGENT_PLUGIN_INFO), - (agent_view.SetAgentPluginStatus, AGENT_PLUGIN_SET), - (agent_view.SetAgentMetricStatus, AGENT_METRIC_SET), - (agent_view.GetHostScene, HOST_SCENE_GET), - ], - 'CVE_URLS': [ - (vulnerability_view.ExecuteRepoSetTask, EXECUTE_REPO_SET), - (vulnerability_view.ExecuteCveScanTask, EXECUTE_CVE_SCAN), - (vulnerability_view.ExecuteCveFixTask, EXECUTE_CVE_FIX), - (vulnerability_view.ExecuteCveRollbackTask, EXECUTE_CVE_ROLLBACK), - ], - 'METRIC': [ - (metric_view.QueryHostMetricNames, QUERY_METRIC_NAMES), - (metric_view.QueryHostMetricData, QUERY_METRIC_DATA), - (metric_view.QueryHostMetricList, QUERY_METRIC_LIST), - ], -} - -for _, value in SPECIFIC_URLS.items(): - URLS.extend(value) -- Gitee