Commit d3bd32f5 authored by Alexandre Dulaunoy's avatar Alexandre Dulaunoy
Browse files

Merge pull request #77 from adulau/master 

Web interface updates and bug fixes
parents 1f5aefe2 25836b3b

lib/cpelist.py

+3 −3
Original line number Diff line number Diff line
@@ -80,7 +80,7 @@ class CPEList: 
            print("Error removing item from database: {:d}".format(ex))

            sys.exit()



    def update(self, cpeOld, cpeNew):

    def update(self, cpeOld, cpeNew, cpeType):

        try:

            cpeOld = cpeOld.strip()

            cpeNew = cpeNew.strip()
@@ -97,9 +97,9 @@ class CPEList: 
                        # allow multiple comments

                        comments = cpeNew.split('#')

                        del comments[0]

                        cpeListElement = {'id': cpeID, 'comments': comments}

                        cpeListElement = {'id': cpeID, 'comments': comments, 'type':cpeType}

                    else:

                        cpeListElement = {'id': cpeNew}

                        cpeListElement = {'id': cpeNew, 'type':cpeType}

                    cpeDeleteElement = {'id': cpeOld.split('#')[0]}

                    self.collection.update(cpeDeleteElement, cpeListElement, upsert=False, multi=False)

                    return True

sbin/db_blacklist.py

+2 −2
Original line number Diff line number Diff line
@@ -74,9 +74,9 @@ def removeBlacklist(cpe): 
    return oList.remove(cpe)





def updateBlacklist(cpeOld, cpeNew):

def updateBlacklist(cpeOld, cpeNew, cpeType):

    oList = CPEList(collection, args)

    return oList.update(cpeOld, cpeNew)

    return oList.update(cpeOld, cpeNew, cpeType)



if __name__ == '__main__':

    oList = CPEList(collection, args)

sbin/db_whitelist.py

+2 −2
Original line number Diff line number Diff line
@@ -74,9 +74,9 @@ def removeWhitelist(cpe): 
    return oList.remove(cpe)





def updateWhitelist(cpeOld, cpeNew):

def updateWhitelist(cpeOld, cpeNew, cpeType):

    oList = CPEList(collection, args)

    return oList.update(cpeOld, cpeNew)

    return oList.update(cpeOld, cpeNew, cpeType)



if __name__ == '__main__':

    oList = CPEList(collection, args)

web/index.py

+17 −35
Original line number Diff line number Diff line
@@ -85,7 +85,7 @@ def getBrowseList(vendor): 


def getWhitelist():

    collection = db.mgmt_whitelist

    whitelist = collection.find()

    whitelist = list(collection.find())

    for x in whitelist:x.pop("_id")

    return whitelist
@@ -141,7 +141,7 @@ def seen_mark(cve): 


def getBlacklist():

    collection = db.mgmt_blacklist

    blacklist = collection.find()

    blacklist = list(collection.find())

    for x in blacklist:x.pop("_id")

    return blacklist
@@ -571,16 +571,13 @@ def whitelistExport(force=None, path=None): 
@login_required

def whitelistDrop():

    dropWhitelist()

    status = ["wl_dropped", "success"]

    return render_template('admin.html', status=status, stats=adminStats())

    return render_template('admin.html', status=["wl_dropped", "success"], stats=adminStats())





@app.route('/admin/whitelist/view')

@app.route('/admin/whitelist')

@login_required

def whitelistView():

    whitelist = getWhitelist()

    status = ["default", "none"]

    return render_template('list.html', rules=whitelist, status=status, listType="Whitelist")

    return render_template('list.html', rules=getWhitelist(), status=["default", "none"], listType="Whitelist")





@app.route('/admin/addToList')
@@ -590,7 +587,7 @@ def listAdd(): 
    cpeType = request.args.get('type')

    lst = request.args.get('list')

    status = ["added", "success"] if addCPEToList(cpe, lst, cpeType) else ["already_exists", "info"]

    returnList = list(getWhitelist()) if lst=="whitelist" else list(getBlacklist())

    returnList = getWhitelist() if lst=="whitelist" else getBlacklist()

    return jsonify({"status":status, "rules":returnList, "listType":lst.title()})
@@ -607,18 +604,21 @@ def listRemove(): 
        status = ["removed", "success"] if (result > 0) else ["already_removed", "info"]

    else:

        status = ["invalid_url", "error"]

    returnList = list(getWhitelist()) if lst=="whitelist" else list(getBlacklist())

    returnList = getWhitelist() if lst=="whitelist" else getBlacklist()

    return jsonify({"status":status, "rules":returnList, "listType":lst.title()})





@app.route('/admin/whitelist/edit', methods=['POST'])

@app.route('/admin/editInList')

@login_required

def whitelistEdit():

def listEdit():

    print('here')

    oldCPE = request.args.get('oldCPE')

    newCPE = request.args.get('cpe')

    lst = request.args.get('list')

    CPEType = request.args.get('type')

    print('here')

    if oldCPE and newCPE:

        result = updateWhitelist(oldCPE, newCPE) if lst=="whitelist" else updateBlacklist(oldCPE, newCPE)

        result = updateWhitelist(oldCPE, newCPE, CPEType) if lst=="whitelist" else updateBlacklist(oldCPE, newCPE, CPEType)

        if (result):

            status = ["updated", "success"]

        else:
@@ -626,10 +626,10 @@ def whitelistEdit(): 
    else:

        status = ["invalid_url", "error"]

    returnList = list(getWhitelist()) if lst=="whitelist" else list(getBlacklist())

    print(status)

    return jsonify({"rules":returnList, "status":status, "listType":lst})

    





@app.route('/admin/blacklist/import', methods=['POST'])

@login_required

def blacklistImport():
@@ -664,31 +664,13 @@ def blacklistExport(): 
@login_required

def blacklistDrop():

    dropBlacklist()

    status = ["bl_dropped", "success"]

    return render_template('admin.html', status=status, stats=adminStats())

    return render_template('admin.html', status=["bl_dropped", "success"], stats=adminStats())





@app.route('/admin/blacklist/view')

@app.route('/admin/blacklist')

@login_required

def blacklistView():

    blacklist = getBlacklist()

    status = ["default", "none"]

    return render_template('list.html', rules=blacklist, status=status, listType="Blacklist")



@app.route('/admin/blacklist/edit', methods=['POST'])

@login_required

def blacklistEdit():

    oldCPE = request.form.get('oldCPE')

    newCPE = request.form.get('cpe')

    if oldCPE and newCPE:

        if (updateBlacklist(oldCPE, newCPE)):

            status = ["updated", "success"]

        else:

            status = ["update_failed", "error"]

    else:

        status = ["invalid_url", "error"]

    blacklist = getBlacklist()

    return render_template('list.html', rules=blacklist, status=status, listType="Blacklist")

    return render_template('list.html', rules=getBlacklist(), status=["default", "none"], listType="Blacklist")





@app.route('/admin/listmanagement/add')

web/static/js/custom/table.js

+0 −2
Original line number Diff line number Diff line
@@ -11,8 +11,6 @@ function postList(url, cves) { 
}

//Selectable table

$(document).ready(function() {

  var table = $('#CVEs');

  var duration = 500;

  $('#CVEs tbody').on( 'click', 'tr', function () {

    if($('#markseen').is(':checked') || $('#markunseen').is(':checked')){

      $(this).toggleClass('selected');

CRA Git | Maintained and supported by SUSTech CRA and CCSE