Loading api_process_findings.py +14 −16 Original line number Diff line number Diff line Loading @@ -149,6 +149,12 @@ class ProcessingSettings: missing_templates: List[str] = field(default_factory=list) # todo: missing templates might not include grouped findings which don't have their own fid in the resulting findings.json output_unspecified: dict = field(default_factory=dict) def add_msg(self, level: str, msg: str): if level not in ['info', 'warning', 'error']: logger.warning(f'Adding ProcessingSettings with incorrect level: {level}') self.user_msgs.append((level, msg)) self.save() @staticmethod def __get_folder_path(folder_name: str) -> str: assert folder_name == secure_filename(folder_name) Loading Loading @@ -363,8 +369,7 @@ def _upload_missing_templates(ps: ProcessingSettings): PwndocTemplateManager.add_single_locale_template(og_template_tns) except AssertionError as e: logger.error(f'Upload of template failed.', stack_info=True, exc_info=True) ps.user_msgs.append(('error', f"Upload of template with FID {fid} failed. This shouldn't happen, but to not totally block the import it was skipped.")) ps.save() ps.add_msg('error', f"Upload of template with FID {fid} failed. This shouldn't happen, but to not totally block the import it was skipped.") TemplateScan2Report.delete_template_files(["og"]) PwndocTemplateManager.update_template_db_from_pwndoc() # Update DB to have a current state. Loading @@ -387,8 +392,7 @@ def process_scanner_result_using_scan2report(folder_name: str) -> bool: args = shlex.split(ps.scan2report_args) if "--output" in args: ps.user_msgs.append(('error', "Don't specify --output as a parameter, use selector of audit ID instead.")) ps.save() ps.add_msg('error', "Don't specify --output as a parameter, use selector of audit ID instead.") return False output_path = ps.get_result_path() Loading Loading @@ -452,8 +456,7 @@ def combine_with_existing_finding(ps: ProcessingSettings, new_finding: dict, exi # From this point on we're aiming to modify the old_finding, NOT the new_finding. if len(existing_raw_finding_with_dict) >= 2: ps.user_msgs.append(('warning', f"There are already multiple findings with fid {fid} in a single audit. That is not supported.")) ps.save() ps.add_msg('warning', f"There are already multiple findings with fid {fid} in a single audit. That is not supported.") old_finding = existing_raw_finding_with_dict[0] Loading Loading @@ -537,19 +540,16 @@ def upload_scan_findings_to_pwndoc(folder_name: str) -> bool: not_changed_findings.add(single_finding.fid) except Exception as e: logger.exception("Exception on PwnDoc processing and upload") ps.user_msgs.append(('error', f'Failed to process and upload finding {single_finding.fid}.')) ps.save() ps.add_msg('error', f'Failed to process and upload finding {single_finding.fid}.') upload_open_ports_to_pwndoc(ps) if len(not_changed_findings) > 0: ps.user_msgs.append(('info', f"The following findings were not updated, because their scope did not expand: {not_changed_findings}")) ps.save() ps.add_msg('info', f"The following findings were not updated, because their scope did not expand: {not_changed_findings}") # For those where scope is expanded, only PoC is modified. ps.set_step_status(ProcessingSteps.PWNDOC_FINDINGS_UPLOAD, ProcessingStatus.DONE) ps.user_msgs.append(('info', f'OK, added or updated {new_or_changed_count} findings - you can now find them in PwnDoc.')) ps.save() ps.add_msg('info', f'OK, added or updated {new_or_changed_count} findings - you can now find them in PwnDoc.') return True Loading Loading @@ -581,8 +581,7 @@ def upload_single_finding_to_pwndoc(single_finding: TemplateScan2Report, locale: The limit is {PWNDOC_UPLOAD_LIMIT/1024/1024} MB while the request was {len_of_content/1024/1024} MB.) """ logger.exception(error_msg) ps.user_msgs.append(('error', error_msg)) ps.save() ps.add_msg('error', error_msg) return False return True Loading @@ -594,8 +593,7 @@ def upload_open_ports_to_pwndoc(ps: ProcessingSettings): helpers.table_of_services.set_tns_table_of_services(ps.audit_id, services_as_pwndoc_scope) except AssertionError as e: if "Size must be between" in str(e): ps.user_msgs.append(('error', f"The table of opened ports couldn't be updated as the size limit of the audit (16MB) was reached.")) ps.save() ps.add_msg('error', f"The table of opened ports couldn't be updated as the size limit of the audit (16MB) was reached.") else: raise Loading Loading
api_process_findings.py +14 −16 Original line number Diff line number Diff line Loading @@ -149,6 +149,12 @@ class ProcessingSettings: missing_templates: List[str] = field(default_factory=list) # todo: missing templates might not include grouped findings which don't have their own fid in the resulting findings.json output_unspecified: dict = field(default_factory=dict) def add_msg(self, level: str, msg: str): if level not in ['info', 'warning', 'error']: logger.warning(f'Adding ProcessingSettings with incorrect level: {level}') self.user_msgs.append((level, msg)) self.save() @staticmethod def __get_folder_path(folder_name: str) -> str: assert folder_name == secure_filename(folder_name) Loading Loading @@ -363,8 +369,7 @@ def _upload_missing_templates(ps: ProcessingSettings): PwndocTemplateManager.add_single_locale_template(og_template_tns) except AssertionError as e: logger.error(f'Upload of template failed.', stack_info=True, exc_info=True) ps.user_msgs.append(('error', f"Upload of template with FID {fid} failed. This shouldn't happen, but to not totally block the import it was skipped.")) ps.save() ps.add_msg('error', f"Upload of template with FID {fid} failed. This shouldn't happen, but to not totally block the import it was skipped.") TemplateScan2Report.delete_template_files(["og"]) PwndocTemplateManager.update_template_db_from_pwndoc() # Update DB to have a current state. Loading @@ -387,8 +392,7 @@ def process_scanner_result_using_scan2report(folder_name: str) -> bool: args = shlex.split(ps.scan2report_args) if "--output" in args: ps.user_msgs.append(('error', "Don't specify --output as a parameter, use selector of audit ID instead.")) ps.save() ps.add_msg('error', "Don't specify --output as a parameter, use selector of audit ID instead.") return False output_path = ps.get_result_path() Loading Loading @@ -452,8 +456,7 @@ def combine_with_existing_finding(ps: ProcessingSettings, new_finding: dict, exi # From this point on we're aiming to modify the old_finding, NOT the new_finding. if len(existing_raw_finding_with_dict) >= 2: ps.user_msgs.append(('warning', f"There are already multiple findings with fid {fid} in a single audit. That is not supported.")) ps.save() ps.add_msg('warning', f"There are already multiple findings with fid {fid} in a single audit. That is not supported.") old_finding = existing_raw_finding_with_dict[0] Loading Loading @@ -537,19 +540,16 @@ def upload_scan_findings_to_pwndoc(folder_name: str) -> bool: not_changed_findings.add(single_finding.fid) except Exception as e: logger.exception("Exception on PwnDoc processing and upload") ps.user_msgs.append(('error', f'Failed to process and upload finding {single_finding.fid}.')) ps.save() ps.add_msg('error', f'Failed to process and upload finding {single_finding.fid}.') upload_open_ports_to_pwndoc(ps) if len(not_changed_findings) > 0: ps.user_msgs.append(('info', f"The following findings were not updated, because their scope did not expand: {not_changed_findings}")) ps.save() ps.add_msg('info', f"The following findings were not updated, because their scope did not expand: {not_changed_findings}") # For those where scope is expanded, only PoC is modified. ps.set_step_status(ProcessingSteps.PWNDOC_FINDINGS_UPLOAD, ProcessingStatus.DONE) ps.user_msgs.append(('info', f'OK, added or updated {new_or_changed_count} findings - you can now find them in PwnDoc.')) ps.save() ps.add_msg('info', f'OK, added or updated {new_or_changed_count} findings - you can now find them in PwnDoc.') return True Loading Loading @@ -581,8 +581,7 @@ def upload_single_finding_to_pwndoc(single_finding: TemplateScan2Report, locale: The limit is {PWNDOC_UPLOAD_LIMIT/1024/1024} MB while the request was {len_of_content/1024/1024} MB.) """ logger.exception(error_msg) ps.user_msgs.append(('error', error_msg)) ps.save() ps.add_msg('error', error_msg) return False return True Loading @@ -594,8 +593,7 @@ def upload_open_ports_to_pwndoc(ps: ProcessingSettings): helpers.table_of_services.set_tns_table_of_services(ps.audit_id, services_as_pwndoc_scope) except AssertionError as e: if "Size must be between" in str(e): ps.user_msgs.append(('error', f"The table of opened ports couldn't be updated as the size limit of the audit (16MB) was reached.")) ps.save() ps.add_msg('error', f"The table of opened ports couldn't be updated as the size limit of the audit (16MB) was reached.") else: raise Loading
