Loading lib/DatabaseLayer.py +1 −21 Original line number Diff line number Diff line Loading @@ -134,7 +134,7 @@ def setAdmin(user, admin): colUSERS.update({'username': user}, {'$unset': {'master': ""}}) def createUserData(user): colSEEN.insert({"user": user, "seen_cves": [], "bookmarked": []}) colSEEN.insert({"user": user, "seen_cves": []}) def seenCVEs(user): data = colSEEN.find_one({"user": user}) Loading @@ -156,26 +156,6 @@ def removeSeenCVEs(user, CVEs): if type(CVEs) == list: colSEEN.update({"user": user}, {"$pullAll": {"seen_cves": CVEs}}) def bookmarks(user): data = colSEEN.find_one({"user": user}) if not data: createUserData(user) return [] else: return data["bookmarked"] def addBookmarks(user, bms): if type(bms) == str: bms=[bms] if type(bms) == list: bm=list(set(bms)-set(bookmarks(user))) if bm: colSEEN.update({"user": user}, {"$addToSet": {"bookmarked": {"$each": bm}}}) def removeBookmarks(user, bms): if type(bms) == str: bookmarks=[bms] if type(bms) == list: colSEEN.update({"user": user}, {"$pullAll": {"bookmarked": bms}}) def isMasterAccount(user): return False if colUSERS.find({"username": user, "master": True}).count() == 0 else True Loading lib/PluginManager.py +6 −2 Original line number Diff line number Diff line Loading @@ -90,5 +90,9 @@ class PluginManager(): def openPage(self, name, **args): if name.strip() in self.plugins.keys(): # Check if plugin exists if self.plugins[name].isWebPlugin(): # Check if plugin is web plugin return self.plugins[name].getPage(**args) page, content = self.plugins[name].getPage(**args) if page: return ("plugins/%s"%page, content) else: return ("error.html", {'status': {'except': 'plugin-page-missing'}}) return ("error.html", {'status': {'except': 'plugin-not-loaded'}}) web/index.py +7 −36 Original line number Diff line number Diff line Loading @@ -24,6 +24,7 @@ from flask.ext.login import LoginManager, current_user, login_user, logout_user, from passlib.hash import pbkdf2_sha256 from redis import exceptions as redisExceptions import jinja2 import json import re import argparse Loading Loading @@ -115,11 +116,6 @@ def seen_mark(cve): for c in cve: if c["id"] in seen: cve[cve.index(c)]['seen'] = 'yes' def bookmarked_mark(cve): if current_user.is_authenticated(): marked=db.bookmarks(current_user.get_id()) for c in cve: if c["id"] in marked: cve[cve.index(c)]['marked'] = 'yes' def compile(regexes): r=[] Loading Loading @@ -224,7 +220,6 @@ def filter_logic(blacklist, whitelist, unlisted, timeSelect, startDate, endDate, if blacklist == "mark": cve = blacklist_mark(cve) seen_mark(cve) bookmarked_mark(cve) cve = list(cve) return cve Loading Loading @@ -353,7 +348,11 @@ def openPlugin(plugin): return render_template("requiresAuth.html") else: page, args = plugManager.openPage(plugin, current_user=current_user) if page: return render_template("plugins/%s"%page, **args) if page: try: return render_template(page, **args) except jinja2.exceptions.TemplateSyntaxError: return render_template("error.html", status={'except': 'plugin-page-corrupt'}) except jinja2.exceptions.TemplateNotFound: return render_template("error.html", status={'except': 'plugin-page-not-found', 'page': page}) else: abort(404) @app.route('/plugin/<plugin>/_cve_action/<action>', methods=['GET']) Loading Loading @@ -428,35 +427,7 @@ def cve(cveid): cve = markCPEs(cve) if current_user.is_authenticated(): db.addSeenCVEs(current_user.get_id(), cveid) bookmarked="yes" if cveid in db.bookmarks(current_user.get_id()) else "no" else: bookmarked=None return render_template('cve.html', cve=cve, bookmarked=bookmarked) @app.route('/bookmarked') def bookmarked(): cvesp = cves.last(rankinglookup=True, namelookup=True, vfeedlookup=True, capeclookup=True,subscorelookup=True) cve=[cvesp.getcve(cveid=x) for x in db.bookmarks(current_user.get_id())] return render_template('bookmarked.html', cve=cve) @app.route('/_bookmark', methods=['GET']) def bookmark(): bms = request.args.get('cve', type=str).split(",") try: db.addBookmarks(current_user.get_id(), bms) return jsonify({"status":"bookmarked"}) except: return jsonify({"status": "bookmarking_failed"}) @app.route('/_un-bookmark', methods=['GET']) def unbookmark(): bms = request.args.get('cve', type=str).split(",") try: db.removeBookmarks(current_user.get_id(), bms) return jsonify({"status":"bookmarked"}) except Exception as e: print(e) return jsonify({"status": "bookmarking_failed"}) return render_template('cve.html', cve=cve) @app.route('/browse/<vendor>') @app.route('/browse/') Loading web/static/js/custom/statusses.js +0 −2 Original line number Diff line number Diff line Loading @@ -21,8 +21,6 @@ case "bl_already_filled": setStatus(list+" is already filled. You can force to drop the database", "info"); break; case "wl_dropped": case "bl_dropped": setStatus(list+" dropped", "success"); _ok=true;break; case "bookmarked": _ok=true;break; case "bookmarking_failed": setStatus("Bookmarking failed", "danger "); break; case "added_to_list": briefShow("Rule added to the "+data["listType"], "success", "ok"); _ok=true;break; case "could_not_add_to_list": briefShow("Could not add the CPE to the " +data["listType"], "danger", "remove"); break; case "removed_from_list": briefShow("Rule removed from the "+data["listType"], "success", "ok"); _ok=true;break; Loading web/templates/bookmarked.html +0 −4 Original line number Diff line number Diff line {% extends 'layouts/master-page' %} {% block title %}Bookmarked CVEs{% endblock %} {% block head %} <!-- css --> <link href="/static/css/custom/filter.css" rel="stylesheet" /> {% endblock %} {% block content %} <!-- breadcrumb --> <ol class="breadcrumb"> Loading Loading
lib/DatabaseLayer.py +1 −21 Original line number Diff line number Diff line Loading @@ -134,7 +134,7 @@ def setAdmin(user, admin): colUSERS.update({'username': user}, {'$unset': {'master': ""}}) def createUserData(user): colSEEN.insert({"user": user, "seen_cves": [], "bookmarked": []}) colSEEN.insert({"user": user, "seen_cves": []}) def seenCVEs(user): data = colSEEN.find_one({"user": user}) Loading @@ -156,26 +156,6 @@ def removeSeenCVEs(user, CVEs): if type(CVEs) == list: colSEEN.update({"user": user}, {"$pullAll": {"seen_cves": CVEs}}) def bookmarks(user): data = colSEEN.find_one({"user": user}) if not data: createUserData(user) return [] else: return data["bookmarked"] def addBookmarks(user, bms): if type(bms) == str: bms=[bms] if type(bms) == list: bm=list(set(bms)-set(bookmarks(user))) if bm: colSEEN.update({"user": user}, {"$addToSet": {"bookmarked": {"$each": bm}}}) def removeBookmarks(user, bms): if type(bms) == str: bookmarks=[bms] if type(bms) == list: colSEEN.update({"user": user}, {"$pullAll": {"bookmarked": bms}}) def isMasterAccount(user): return False if colUSERS.find({"username": user, "master": True}).count() == 0 else True Loading
lib/PluginManager.py +6 −2 Original line number Diff line number Diff line Loading @@ -90,5 +90,9 @@ class PluginManager(): def openPage(self, name, **args): if name.strip() in self.plugins.keys(): # Check if plugin exists if self.plugins[name].isWebPlugin(): # Check if plugin is web plugin return self.plugins[name].getPage(**args) page, content = self.plugins[name].getPage(**args) if page: return ("plugins/%s"%page, content) else: return ("error.html", {'status': {'except': 'plugin-page-missing'}}) return ("error.html", {'status': {'except': 'plugin-not-loaded'}})
web/index.py +7 −36 Original line number Diff line number Diff line Loading @@ -24,6 +24,7 @@ from flask.ext.login import LoginManager, current_user, login_user, logout_user, from passlib.hash import pbkdf2_sha256 from redis import exceptions as redisExceptions import jinja2 import json import re import argparse Loading Loading @@ -115,11 +116,6 @@ def seen_mark(cve): for c in cve: if c["id"] in seen: cve[cve.index(c)]['seen'] = 'yes' def bookmarked_mark(cve): if current_user.is_authenticated(): marked=db.bookmarks(current_user.get_id()) for c in cve: if c["id"] in marked: cve[cve.index(c)]['marked'] = 'yes' def compile(regexes): r=[] Loading Loading @@ -224,7 +220,6 @@ def filter_logic(blacklist, whitelist, unlisted, timeSelect, startDate, endDate, if blacklist == "mark": cve = blacklist_mark(cve) seen_mark(cve) bookmarked_mark(cve) cve = list(cve) return cve Loading Loading @@ -353,7 +348,11 @@ def openPlugin(plugin): return render_template("requiresAuth.html") else: page, args = plugManager.openPage(plugin, current_user=current_user) if page: return render_template("plugins/%s"%page, **args) if page: try: return render_template(page, **args) except jinja2.exceptions.TemplateSyntaxError: return render_template("error.html", status={'except': 'plugin-page-corrupt'}) except jinja2.exceptions.TemplateNotFound: return render_template("error.html", status={'except': 'plugin-page-not-found', 'page': page}) else: abort(404) @app.route('/plugin/<plugin>/_cve_action/<action>', methods=['GET']) Loading Loading @@ -428,35 +427,7 @@ def cve(cveid): cve = markCPEs(cve) if current_user.is_authenticated(): db.addSeenCVEs(current_user.get_id(), cveid) bookmarked="yes" if cveid in db.bookmarks(current_user.get_id()) else "no" else: bookmarked=None return render_template('cve.html', cve=cve, bookmarked=bookmarked) @app.route('/bookmarked') def bookmarked(): cvesp = cves.last(rankinglookup=True, namelookup=True, vfeedlookup=True, capeclookup=True,subscorelookup=True) cve=[cvesp.getcve(cveid=x) for x in db.bookmarks(current_user.get_id())] return render_template('bookmarked.html', cve=cve) @app.route('/_bookmark', methods=['GET']) def bookmark(): bms = request.args.get('cve', type=str).split(",") try: db.addBookmarks(current_user.get_id(), bms) return jsonify({"status":"bookmarked"}) except: return jsonify({"status": "bookmarking_failed"}) @app.route('/_un-bookmark', methods=['GET']) def unbookmark(): bms = request.args.get('cve', type=str).split(",") try: db.removeBookmarks(current_user.get_id(), bms) return jsonify({"status":"bookmarked"}) except Exception as e: print(e) return jsonify({"status": "bookmarking_failed"}) return render_template('cve.html', cve=cve) @app.route('/browse/<vendor>') @app.route('/browse/') Loading
web/static/js/custom/statusses.js +0 −2 Original line number Diff line number Diff line Loading @@ -21,8 +21,6 @@ case "bl_already_filled": setStatus(list+" is already filled. You can force to drop the database", "info"); break; case "wl_dropped": case "bl_dropped": setStatus(list+" dropped", "success"); _ok=true;break; case "bookmarked": _ok=true;break; case "bookmarking_failed": setStatus("Bookmarking failed", "danger "); break; case "added_to_list": briefShow("Rule added to the "+data["listType"], "success", "ok"); _ok=true;break; case "could_not_add_to_list": briefShow("Could not add the CPE to the " +data["listType"], "danger", "remove"); break; case "removed_from_list": briefShow("Rule removed from the "+data["listType"], "success", "ok"); _ok=true;break; Loading
web/templates/bookmarked.html +0 −4 Original line number Diff line number Diff line {% extends 'layouts/master-page' %} {% block title %}Bookmarked CVEs{% endblock %} {% block head %} <!-- css --> <link href="/static/css/custom/filter.css" rel="stylesheet" /> {% endblock %} {% block content %} <!-- breadcrumb --> <ol class="breadcrumb"> Loading
