Loading web/index.py +51 −65 Original line number Diff line number Diff line Loading @@ -165,7 +165,7 @@ def getBlacklistRegexes(): def getSeenCVEs(): cu=current_user.get_id() collection = db.seen collection = db.mgmt_seen userdata = collection.find({"user":cu}) if userdata.count()==0: collection.insert({"user":cu, "seen_cves":[]}) Loading Loading @@ -303,6 +303,28 @@ def markCPEs(cve): return cve def getFilterSettingsFromPost(): blacklist = request.form.get('blacklistSelect') whitelist = request.form.get('whitelistSelect') unlisted = request.form.get('unlistedSelect') timeSelect = request.form.get('timeSelect') startDate = request.form.get('startDate') endDate = request.form.get('endDate') timeTypeSelect = request.form.get('timeTypeSelect') cvssSelect = request.form.get('cvssSelect') cvss = request.form.get('cvss') rejectedSelect = request.form.get('rejectedSelect') hideSeen = request.form.get('hideSeen') settings = {'blacklistSelect': blacklist, 'whitelistSelect': whitelist, 'unlistedSelect': unlisted, 'timeSelect': timeSelect, 'startDate': startDate, 'endDate': endDate, 'timeTypeSelect': timeTypeSelect, 'cvssSelect': cvssSelect, 'cvss': cvss, 'rejectedSelect': rejectedSelect, "hideSeen": hideSeen} # retrieving data cve = filter_logic(blacklist, whitelist, unlisted, timeSelect, startDate, endDate, timeTypeSelect, cvssSelect, cvss, rejectedSelect, hideSeen, pageLength, 0) return(settings,cve) @login_manager.user_loader def load_user(id): return User.get(id) Loading @@ -328,25 +350,7 @@ def index(): @app.route('/', methods=['POST']) def filterPost(): blacklist = request.form.get('blacklistSelect') whitelist = request.form.get('whitelistSelect') unlisted = request.form.get('unlistedSelect') timeSelect = request.form.get('timeSelect') startDate = request.form.get('startDate') endDate = request.form.get('endDate') timeTypeSelect = request.form.get('timeTypeSelect') cvssSelect = request.form.get('cvssSelect') cvss = request.form.get('cvss') rejectedSelect = request.form.get('rejectedSelect') hideSeen = request.form.get('hideSeen') settings = {'blacklistSelect': blacklist, 'whitelistSelect': whitelist, 'unlistedSelect': unlisted, 'timeSelect': timeSelect, 'startDate': startDate, 'endDate': endDate, 'timeTypeSelect': timeTypeSelect, 'cvssSelect': cvssSelect, 'cvss': cvss, 'rejectedSelect': rejectedSelect, "hideSeen": hideSeen} # retrieving data cve = filter_logic(blacklist, whitelist, unlisted, timeSelect, startDate, endDate, timeTypeSelect, cvssSelect, cvss, rejectedSelect, hideSeen, pageLength, 0) settings,cve = getFilterSettingsFromPost() return render_template('index.html', settings=settings, cve=cve, r=0, pageLength=pageLength) Loading @@ -354,56 +358,33 @@ def filterPost(): def filterLast(r): if not r: r = 0 blacklist = request.form.get('blacklistSelect') whitelist = request.form.get('whitelistSelect') unlisted = request.form.get('unlistedSelect') timeSelect = request.form.get('timeSelect') startDate = request.form.get('startDate') endDate = request.form.get('endDate') timeTypeSelect = request.form.get('timeTypeSelect') cvssSelect = request.form.get('cvssSelect') cvss = request.form.get('cvss') rejectedSelect = request.form.get('rejectedSelect') hideSeen = request.form.get('hideSeen') settings = {'blacklistSelect': blacklist, 'whitelistSelect': whitelist, 'unlistedSelect': unlisted, 'timeSelect': timeSelect, 'startDate': startDate, 'endDate': endDate, 'timeTypeSelect': timeTypeSelect, 'cvssSelect': cvssSelect, 'cvss': cvss, 'rejectedSelect': rejectedSelect, "hideSeen": hideSeen} # retrieving data cve = filter_logic(blacklist, whitelist, unlisted, timeSelect, startDate, endDate, timeTypeSelect, cvssSelect, cvss, rejectedSelect, hideSeen, pageLength, r) settings,cve = getFilterSettingsFromPost() return render_template('index.html', settings=settings, cve=cve, r=r, pageLength=pageLength) @app.route('/r/<int:r>/seen', methods=['POST']) def seen(r): if not r: r = 0 seenlist=request.form.get('list').split(",") # retrieving data if current_user.is_authenticated(): col = db.mgmt_seen col.update({"user":current_user.get_id()},{"$addToSet":{"seen_cves":{"$each":seenlist}}}) settings,cve = getFilterSettingsFromPost() return render_template('index.html', settings=settings, cve=cve, r=r, pageLength=pageLength) @app.route('/seen', methods=['POST']) def seen(): @app.route('/r/<int:r>/unseen', methods=['POST']) def unseen(r): if not r: r = 0 blacklist = request.form.get('blacklistSelect') whitelist = request.form.get('whitelistSelect') unlisted = request.form.get('unlistedSelect') timeSelect = request.form.get('timeSelect') startDate = request.form.get('startDate') endDate = request.form.get('endDate') timeTypeSelect = request.form.get('timeTypeSelect') cvssSelect = request.form.get('cvssSelect') cvss = request.form.get('cvss') rejectedSelect = request.form.get('rejectedSelect') hideSeen = request.form.get('hideSeen') settings = {'blacklistSelect': blacklist, 'whitelistSelect': whitelist, 'unlistedSelect': unlisted, 'timeSelect': timeSelect, 'startDate': startDate, 'endDate': endDate, 'timeTypeSelect': timeTypeSelect, 'cvssSelect': cvssSelect, 'cvss': cvss, 'rejectedSelect': rejectedSelect, "hideSeen": hideSeen} seenlist=request.form.get('list').split(",") # retrieving data if current_user.is_authenticated(): print(current_user) # TODO: implement #col.update({"user":"_dummy_"},{"$addToSet":{"seen_cves":{"$each":["cve-2010-1235","cve-2010-1236"]}}}) cve = filter_logic(blacklist, whitelist, unlisted, timeSelect, startDate, endDate, timeTypeSelect, cvssSelect, cvss, rejectedSelect, hideSeen, pageLength, r) return render_template('index.html', settings=settings, cve=cve, r=0, pageLength=pageLength) col = db.mgmt_seen col.update({"user":current_user.get_id()},{"$pullAll":{"seen_cves":seenlist}}) settings,cve = getFilterSettingsFromPost() return render_template('index.html', settings=settings, cve=cve, r=r, pageLength=pageLength) @app.route('/api/cpe2.3/<path:cpe>', methods=['GET']) Loading Loading @@ -465,6 +446,11 @@ def apisearch(vendor=None, product=None): r.append(cve) return (json.dumps(r)) @app.route('/seenCVEs', methods=['POST']) def see(): cves=request.form.get('blacklistSelect') return render_template('index.html', cve=cve) @app.route('/cve/<cveid>') def cve(cveid): cveid = cveid.upper() Loading @@ -476,7 +462,7 @@ def cve(cveid): if current_user.is_authenticated(): l = getSeenCVEs() if not cveid in l: col=db.seen col=db.mgmt_seen col.update({"user":current_user.get_id()},{"$addToSet":{"seen_cves":cveid}}) return render_template('cve.html', cve=cve) Loading web/static/js/custom/scripts.js +0 −27 Original line number Diff line number Diff line Loading @@ -25,30 +25,3 @@ jQuery(document).ready(function() { return false; }) }); //Selectable table $(document).ready(function() { var table = $('#CVEs'); var duration = 500; $('#CVEs tbody').on( 'click', 'tr', function () { $(this).toggleClass('selected'); var rows= $('#CVEs tbody tr.selected'); if (rows.length > 0) { jQuery('.select-submit').fadeIn(duration); } else { jQuery('.select-submit').fadeOut(duration); } }); $('.select-submit').click( function () { var rows= $('#CVEs tbody tr.selected'); var cvelist=[]; for (i=0;i<rows.length;i++){ cvelist.push(rows[i].cells[1].innerHTML.replace(/<\/?[^>]+(>|$)/g, "").trim()); } alert(cvelist); for (x in cvelist){ jQuery('#'+cvelist[x]).removeClass('selected'); } return false; }); }); web/static/js/custom/table.js 0 → 100644 +45 −0 Original line number Diff line number Diff line function postList(url, cves) { var form = document.getElementById("filter"); form.action = url; document.body.appendChild(form); var list = document.createElement("INPUT"); list.type = "hidden"; list.name = "list" list.value = cves form.appendChild(list); form.submit(); } //Selectable table $(document).ready(function() { var table = $('#CVEs'); var duration = 500; $('#CVEs tbody').on( 'click', 'tr', function () { if($('#markseen').is(':checked') || $('#markunseen').is(':checked')){ $(this).toggleClass('selected'); var rows= $('#CVEs tbody tr.selected'); if (rows.length > 0) { $('.select-submit').fadeIn(duration); } else { $('.select-submit').fadeOut(duration); } } }); $('.select-submit').click( function () { var rows= $('#CVEs tbody tr.selected'); var cvelist=[]; for (i=0;i<rows.length;i++){ cvelist.push(rows[i].cells[1].innerHTML.replace(/<\/?[^>]+(>|$)/g, "").trim()); } var r=getr(); var url = "" if($('#markseen').is(':checked')){url="seen";} else if($('#markunseen').is(':checked')){url="unseen";} else{return false;} postList("/r/"+r+"/"+url,cvelist); for (x in cvelist){ $('#'+cvelist[x]).removeClass('selected'); } return false; }); }); web/templates/index.html +7 −1 Original line number Diff line number Diff line Loading @@ -10,6 +10,7 @@ <!-- javascript --> <script type="text/javascript" src="/static/js/custom/filter.js"></script> <script type="text/javascript" src="/static/js/custom/table.js"></script> <script type="text/javascript"> function setSettings(){ {% if settings is defined%} Loading @@ -33,6 +34,9 @@ form.action = url; form.submit(); } function getr(){ return {{r}}; } function next(n){ setSettings(); var multiplier = {{ r }} + ( n * {{ pageLength }}); Loading Loading @@ -147,7 +151,9 @@ {% include 'pager.html' %} <!-- Search results --> {% if current_user.is_authenticated() %} <input type="checkbox" id="chkSelectable"> Enable select <input type="radio" id="dontmark" name="selectTable" value="none" checked>Don't mark <input type="radio" id="markseen" name="selectTable" value="see">Mark seen <input type="radio" id="markunseen" name="selectTable" value="unsee">Mark unseen {% endif %} {% include 'table.html' %} <!-- Pager --> Loading web/templates/table.html +1 −1 Original line number Diff line number Diff line Loading @@ -38,4 +38,4 @@ </tbody> </table> <a href="#" class="back-to-top">Back to Top</a> <a href="#" class="select-submit">seen / unseen</a> <a href="#" class="select-submit">Mark selected</a> Loading
web/index.py +51 −65 Original line number Diff line number Diff line Loading @@ -165,7 +165,7 @@ def getBlacklistRegexes(): def getSeenCVEs(): cu=current_user.get_id() collection = db.seen collection = db.mgmt_seen userdata = collection.find({"user":cu}) if userdata.count()==0: collection.insert({"user":cu, "seen_cves":[]}) Loading Loading @@ -303,6 +303,28 @@ def markCPEs(cve): return cve def getFilterSettingsFromPost(): blacklist = request.form.get('blacklistSelect') whitelist = request.form.get('whitelistSelect') unlisted = request.form.get('unlistedSelect') timeSelect = request.form.get('timeSelect') startDate = request.form.get('startDate') endDate = request.form.get('endDate') timeTypeSelect = request.form.get('timeTypeSelect') cvssSelect = request.form.get('cvssSelect') cvss = request.form.get('cvss') rejectedSelect = request.form.get('rejectedSelect') hideSeen = request.form.get('hideSeen') settings = {'blacklistSelect': blacklist, 'whitelistSelect': whitelist, 'unlistedSelect': unlisted, 'timeSelect': timeSelect, 'startDate': startDate, 'endDate': endDate, 'timeTypeSelect': timeTypeSelect, 'cvssSelect': cvssSelect, 'cvss': cvss, 'rejectedSelect': rejectedSelect, "hideSeen": hideSeen} # retrieving data cve = filter_logic(blacklist, whitelist, unlisted, timeSelect, startDate, endDate, timeTypeSelect, cvssSelect, cvss, rejectedSelect, hideSeen, pageLength, 0) return(settings,cve) @login_manager.user_loader def load_user(id): return User.get(id) Loading @@ -328,25 +350,7 @@ def index(): @app.route('/', methods=['POST']) def filterPost(): blacklist = request.form.get('blacklistSelect') whitelist = request.form.get('whitelistSelect') unlisted = request.form.get('unlistedSelect') timeSelect = request.form.get('timeSelect') startDate = request.form.get('startDate') endDate = request.form.get('endDate') timeTypeSelect = request.form.get('timeTypeSelect') cvssSelect = request.form.get('cvssSelect') cvss = request.form.get('cvss') rejectedSelect = request.form.get('rejectedSelect') hideSeen = request.form.get('hideSeen') settings = {'blacklistSelect': blacklist, 'whitelistSelect': whitelist, 'unlistedSelect': unlisted, 'timeSelect': timeSelect, 'startDate': startDate, 'endDate': endDate, 'timeTypeSelect': timeTypeSelect, 'cvssSelect': cvssSelect, 'cvss': cvss, 'rejectedSelect': rejectedSelect, "hideSeen": hideSeen} # retrieving data cve = filter_logic(blacklist, whitelist, unlisted, timeSelect, startDate, endDate, timeTypeSelect, cvssSelect, cvss, rejectedSelect, hideSeen, pageLength, 0) settings,cve = getFilterSettingsFromPost() return render_template('index.html', settings=settings, cve=cve, r=0, pageLength=pageLength) Loading @@ -354,56 +358,33 @@ def filterPost(): def filterLast(r): if not r: r = 0 blacklist = request.form.get('blacklistSelect') whitelist = request.form.get('whitelistSelect') unlisted = request.form.get('unlistedSelect') timeSelect = request.form.get('timeSelect') startDate = request.form.get('startDate') endDate = request.form.get('endDate') timeTypeSelect = request.form.get('timeTypeSelect') cvssSelect = request.form.get('cvssSelect') cvss = request.form.get('cvss') rejectedSelect = request.form.get('rejectedSelect') hideSeen = request.form.get('hideSeen') settings = {'blacklistSelect': blacklist, 'whitelistSelect': whitelist, 'unlistedSelect': unlisted, 'timeSelect': timeSelect, 'startDate': startDate, 'endDate': endDate, 'timeTypeSelect': timeTypeSelect, 'cvssSelect': cvssSelect, 'cvss': cvss, 'rejectedSelect': rejectedSelect, "hideSeen": hideSeen} # retrieving data cve = filter_logic(blacklist, whitelist, unlisted, timeSelect, startDate, endDate, timeTypeSelect, cvssSelect, cvss, rejectedSelect, hideSeen, pageLength, r) settings,cve = getFilterSettingsFromPost() return render_template('index.html', settings=settings, cve=cve, r=r, pageLength=pageLength) @app.route('/r/<int:r>/seen', methods=['POST']) def seen(r): if not r: r = 0 seenlist=request.form.get('list').split(",") # retrieving data if current_user.is_authenticated(): col = db.mgmt_seen col.update({"user":current_user.get_id()},{"$addToSet":{"seen_cves":{"$each":seenlist}}}) settings,cve = getFilterSettingsFromPost() return render_template('index.html', settings=settings, cve=cve, r=r, pageLength=pageLength) @app.route('/seen', methods=['POST']) def seen(): @app.route('/r/<int:r>/unseen', methods=['POST']) def unseen(r): if not r: r = 0 blacklist = request.form.get('blacklistSelect') whitelist = request.form.get('whitelistSelect') unlisted = request.form.get('unlistedSelect') timeSelect = request.form.get('timeSelect') startDate = request.form.get('startDate') endDate = request.form.get('endDate') timeTypeSelect = request.form.get('timeTypeSelect') cvssSelect = request.form.get('cvssSelect') cvss = request.form.get('cvss') rejectedSelect = request.form.get('rejectedSelect') hideSeen = request.form.get('hideSeen') settings = {'blacklistSelect': blacklist, 'whitelistSelect': whitelist, 'unlistedSelect': unlisted, 'timeSelect': timeSelect, 'startDate': startDate, 'endDate': endDate, 'timeTypeSelect': timeTypeSelect, 'cvssSelect': cvssSelect, 'cvss': cvss, 'rejectedSelect': rejectedSelect, "hideSeen": hideSeen} seenlist=request.form.get('list').split(",") # retrieving data if current_user.is_authenticated(): print(current_user) # TODO: implement #col.update({"user":"_dummy_"},{"$addToSet":{"seen_cves":{"$each":["cve-2010-1235","cve-2010-1236"]}}}) cve = filter_logic(blacklist, whitelist, unlisted, timeSelect, startDate, endDate, timeTypeSelect, cvssSelect, cvss, rejectedSelect, hideSeen, pageLength, r) return render_template('index.html', settings=settings, cve=cve, r=0, pageLength=pageLength) col = db.mgmt_seen col.update({"user":current_user.get_id()},{"$pullAll":{"seen_cves":seenlist}}) settings,cve = getFilterSettingsFromPost() return render_template('index.html', settings=settings, cve=cve, r=r, pageLength=pageLength) @app.route('/api/cpe2.3/<path:cpe>', methods=['GET']) Loading Loading @@ -465,6 +446,11 @@ def apisearch(vendor=None, product=None): r.append(cve) return (json.dumps(r)) @app.route('/seenCVEs', methods=['POST']) def see(): cves=request.form.get('blacklistSelect') return render_template('index.html', cve=cve) @app.route('/cve/<cveid>') def cve(cveid): cveid = cveid.upper() Loading @@ -476,7 +462,7 @@ def cve(cveid): if current_user.is_authenticated(): l = getSeenCVEs() if not cveid in l: col=db.seen col=db.mgmt_seen col.update({"user":current_user.get_id()},{"$addToSet":{"seen_cves":cveid}}) return render_template('cve.html', cve=cve) Loading
web/static/js/custom/scripts.js +0 −27 Original line number Diff line number Diff line Loading @@ -25,30 +25,3 @@ jQuery(document).ready(function() { return false; }) }); //Selectable table $(document).ready(function() { var table = $('#CVEs'); var duration = 500; $('#CVEs tbody').on( 'click', 'tr', function () { $(this).toggleClass('selected'); var rows= $('#CVEs tbody tr.selected'); if (rows.length > 0) { jQuery('.select-submit').fadeIn(duration); } else { jQuery('.select-submit').fadeOut(duration); } }); $('.select-submit').click( function () { var rows= $('#CVEs tbody tr.selected'); var cvelist=[]; for (i=0;i<rows.length;i++){ cvelist.push(rows[i].cells[1].innerHTML.replace(/<\/?[^>]+(>|$)/g, "").trim()); } alert(cvelist); for (x in cvelist){ jQuery('#'+cvelist[x]).removeClass('selected'); } return false; }); });
web/static/js/custom/table.js 0 → 100644 +45 −0 Original line number Diff line number Diff line function postList(url, cves) { var form = document.getElementById("filter"); form.action = url; document.body.appendChild(form); var list = document.createElement("INPUT"); list.type = "hidden"; list.name = "list" list.value = cves form.appendChild(list); form.submit(); } //Selectable table $(document).ready(function() { var table = $('#CVEs'); var duration = 500; $('#CVEs tbody').on( 'click', 'tr', function () { if($('#markseen').is(':checked') || $('#markunseen').is(':checked')){ $(this).toggleClass('selected'); var rows= $('#CVEs tbody tr.selected'); if (rows.length > 0) { $('.select-submit').fadeIn(duration); } else { $('.select-submit').fadeOut(duration); } } }); $('.select-submit').click( function () { var rows= $('#CVEs tbody tr.selected'); var cvelist=[]; for (i=0;i<rows.length;i++){ cvelist.push(rows[i].cells[1].innerHTML.replace(/<\/?[^>]+(>|$)/g, "").trim()); } var r=getr(); var url = "" if($('#markseen').is(':checked')){url="seen";} else if($('#markunseen').is(':checked')){url="unseen";} else{return false;} postList("/r/"+r+"/"+url,cvelist); for (x in cvelist){ $('#'+cvelist[x]).removeClass('selected'); } return false; }); });
web/templates/index.html +7 −1 Original line number Diff line number Diff line Loading @@ -10,6 +10,7 @@ <!-- javascript --> <script type="text/javascript" src="/static/js/custom/filter.js"></script> <script type="text/javascript" src="/static/js/custom/table.js"></script> <script type="text/javascript"> function setSettings(){ {% if settings is defined%} Loading @@ -33,6 +34,9 @@ form.action = url; form.submit(); } function getr(){ return {{r}}; } function next(n){ setSettings(); var multiplier = {{ r }} + ( n * {{ pageLength }}); Loading Loading @@ -147,7 +151,9 @@ {% include 'pager.html' %} <!-- Search results --> {% if current_user.is_authenticated() %} <input type="checkbox" id="chkSelectable"> Enable select <input type="radio" id="dontmark" name="selectTable" value="none" checked>Don't mark <input type="radio" id="markseen" name="selectTable" value="see">Mark seen <input type="radio" id="markunseen" name="selectTable" value="unsee">Mark unseen {% endif %} {% include 'table.html' %} <!-- Pager --> Loading
web/templates/table.html +1 −1 Original line number Diff line number Diff line Loading @@ -38,4 +38,4 @@ </tbody> </table> <a href="#" class="back-to-top">Back to Top</a> <a href="#" class="select-submit">seen / unseen</a> <a href="#" class="select-submit">Mark selected</a>
