Merge pull request #1388 from Bidaya0/feat/new-project-version-and-api

feat: new project version and api search
HXSecurity · Apr 3, 2023 · 4ed7f04 · 4ed7f04
2 parents 9a56ba2 + 7cf6d48
commit 4ed7f04
Show file tree

Hide file tree

Showing 4 changed files with 130 additions and 6 deletions.
diff --git a/dongtai_web/dast/tests.py b/dongtai_web/dast/tests.py
@@ -246,7 +246,7 @@ def test_positive_create_push(self):
         relcount = IastDastIntegrationRelation.objects.filter(
             iastvul__method_pool_id=method_pool.id).count()
         self.assertEqual(relcount, 1)
-    
+
     def test_positive_create_push_distinct(self):
         from dongtai_engine.tasks import search_vul_from_method_pool
         from dongtai_common.models.agent_method_pool import MethodPool
@@ -280,7 +280,7 @@ def test_positive_create_push_distinct(self):
         relcount = IastDastIntegrationRelation.objects.filter(
             iastvul__method_pool_id=method_pool.id).count()
         self.assertEqual(relcount, 1)
-    
+
     def test_positive_push_create_distinct(self):
         new_data = data1.copy()
         new_data["agent_id"] = [str(self.agent_id)]

diff --git a/dongtai_web/dast/webhook.py b/dongtai_web/dast/webhook.py
@@ -92,10 +92,10 @@ def post(self, request):
             del ser.validated_data[field]
         for project_id, project_version_id in project_info_set:
             dastintegration = IastDastIntegration.objects.filter(
-                    project_id=project_id,
-                    project_version_id=project_version_id,
-                    vul_type=ser.validated_data['vul_type'],
-                    target=ser.validated_data['target'],
+                project_id=project_id,
+                project_version_id=project_version_id,
+                vul_type=ser.validated_data['vul_type'],
+                target=ser.validated_data['target'],
             ).first()
             if dastintegration:
                 logger.debug("dast vul exist, skip")

diff --git a/dongtai_web/urls.py b/dongtai_web/urls.py
@@ -157,6 +157,7 @@
 from dongtai_web.dast.webhook import DastWebhook
 from dongtai_web.dast.page import DastVulsEndPoint
 from dongtai_web.dast.manage import DastManageEndPoint
+from dongtai_web.views.new_project_query import (NewApiRouteSearch, ProjectVersionList)
 
 urlpatterns = [
     path('user/<int:user_id>', UserDetailEndPoint.as_view()),
@@ -451,6 +452,8 @@
     path('api/v2/sca_vul_summary', GetScaSummary.as_view()),
     path('api/v2/app_vul_list_content', GetAppVulsList.as_view()),
     path('api/v2/app_vul_summary', GetAppVulsSummary.as_view()),
+    path('api/v2/api_route/search', NewApiRouteSearch.as_view()),
+    path('api/v2/project_version', ProjectVersionList.as_view()),
 ])
 
 urlpatterns.extend(scaupload_urls)

diff --git a/dongtai_web/views/new_project_query.py b/dongtai_web/views/new_project_query.py
@@ -0,0 +1,121 @@
+#!/usr/bin/env python
+# -*- coding:utf-8 -*-
+# author:sjh
+# software: PyCharm
+# project: lingzhi-webapi
+import logging
+import time
+from dongtai_common.endpoint import R
+from django.db.models import Q
+from django.forms.models import model_to_dict
+from dongtai_common.endpoint import UserEndPoint
+from dongtai_common.models.project_version import IastProjectVersion
+from dongtai_common.models.api_route import IastApiRoute
+from django.utils.translation import gettext_lazy as _
+from dongtai_web.utils import extend_schema_with_envcheck, get_response_serializer
+from rest_framework import serializers
+from rest_framework.serializers import ValidationError
+
+logger = logging.getLogger("django")
+
+
+class ProjectVersionArgSerializer(serializers.Serializer):
+    page_size = serializers.IntegerField(default=20,
+                                         help_text=_('Number per page'))
+    page = serializers.IntegerField(default=1, help_text=_('Page index'))
+    project_id = serializers.IntegerField(default=None,
+                                          help_text=_('Project id'),
+                                          required=False)
+    version_name = serializers.CharField(default=None,
+                                         help_text=_("version_name "),
+                                         required=False)
+
+
+class ApiRouteArgSerializer(serializers.Serializer):
+    page_size = serializers.IntegerField(default=20,
+                                         help_text=_('Number per page'))
+    page = serializers.IntegerField(default=1, help_text=_('Page index'))
+    version_id = serializers.IntegerField(default=None,
+                                          help_text=_('Project id'),
+                                          required=False)
+    project_id = serializers.IntegerField(default=None,
+                                          help_text=_('Project id'),
+                                          required=False)
+    is_cover = serializers.IntegerField(default=None,
+                                        help_text=_('Project id'),
+                                        required=False)
+
+
+class ProjectVersionList(UserEndPoint):
+    name = "api-v1-project-version-delete"
+    description = _("Delete application version information")
+
+    @extend_schema_with_envcheck(
+        [ProjectVersionArgSerializer],
+        tags=[_('Project')],
+        summary=_('Projects List'),
+        description=_("Get the item corresponding to the user, support fuzzy search based on name."),
+    )
+    def get(self, request):
+        ser = ProjectVersionArgSerializer(data=request.GET)
+        try:
+            if ser.is_valid(True):
+                page_size = ser.validated_data['page_size']
+                page = ser.validated_data['page']
+                version_name = ser.validated_data['version_name']
+                project_id = ser.validated_data['project_id']
+        except ValidationError as e:
+            return R.failure(data=e.detail)
+        q = Q()
+        if version_name:
+            q = Q(version_name__contains=version_name)
+        if project_id:
+            q = Q(project_id=project_id)
+        page_info, documents = self.get_paginator(
+            IastProjectVersion.objects.filter(q).order_by('-id').all(), page,
+            page_size)
+        return R.success(
+            data=[model_to_dict(document) for document in documents],
+            page=page_info)
+
+
+class NewApiRouteSearch(UserEndPoint):
+    name = "api-v1-api-route-search"
+    description = _("Delete application version information")
+
+    @extend_schema_with_envcheck(
+        request=ApiRouteArgSerializer,
+        tags=[_('API Route')],
+        summary=_('New api route search'),
+        description=_("Get the item corresponding to the user, support fuzzy search based on name."),
+    )
+    def post(self, request):
+        ser = ApiRouteArgSerializer(data=request.data)
+        try:
+            if ser.is_valid(True):
+                page_size = ser.validated_data['page_size']
+                page = ser.validated_data['page']
+                project_id = ser.validated_data['project_id']
+                version_id = ser.validated_data['version_id']
+                is_cover = ser.validated_data['is_cover']
+        except ValidationError as e:
+            return R.failure(data=e.detail)
+        q = Q()
+        if project_id:
+            q = Q(project_id=project_id)
+        if version_id:
+            q = Q(project_version_id=version_id)
+        if is_cover:
+            q = Q(is_cover=is_cover)
+
+        page_info, documents = self.get_paginator(
+            IastApiRoute.objects.filter(q).order_by('-id').values(
+                'method__method', 'path', 'id', 'project_id',
+                'project_version', 'controller', 'code_class', 'code_file',
+                'is_cover').all(), page, page_size)
+        documents = list(documents)
+        for document in documents:
+            document['method'] = {
+                "httpmethods": document['method__method'].split("/")
+            }
+        return R.success(data=documents, page=page_info)