Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: new project version and api search #1388

Merged
merged 3 commits into from
Apr 3, 2023
Merged

feat: new project version and api search #1388

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
a615fa6
feat: new project version and api search
Bidaya0 Apr 3, 2023
8a026fc
feat: new project version and api search
Bidaya0 Apr 3, 2023
7cf6d48
feat: new project version and api search
Bidaya0 Apr 3, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions dongtai_web/dast/tests.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -246,7 +246,7 @@ def test_positive_create_push(self):
relcount = IastDastIntegrationRelation.objects.filter(
iastvul__method_pool_id=method_pool.id).count()
self.assertEqual(relcount, 1)

def test_positive_create_push_distinct(self):
from dongtai_engine.tasks import search_vul_from_method_pool
from dongtai_common.models.agent_method_pool import MethodPool
Expand Down Expand Up @@ -280,7 +280,7 @@ def test_positive_create_push_distinct(self):
relcount = IastDastIntegrationRelation.objects.filter(
iastvul__method_pool_id=method_pool.id).count()
self.assertEqual(relcount, 1)

def test_positive_push_create_distinct(self):
new_data = data1.copy()
new_data["agent_id"] = [str(self.agent_id)]
Expand Down
8 changes: 4 additions & 4 deletions dongtai_web/dast/webhook.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -92,10 +92,10 @@ def post(self, request):
del ser.validated_data[field]
for project_id, project_version_id in project_info_set:
dastintegration = IastDastIntegration.objects.filter(
project_id=project_id,
project_version_id=project_version_id,
vul_type=ser.validated_data['vul_type'],
target=ser.validated_data['target'],
project_id=project_id,
project_version_id=project_version_id,
vul_type=ser.validated_data['vul_type'],
target=ser.validated_data['target'],
).first()
if dastintegration:
logger.debug("dast vul exist, skip")
Expand Down
3 changes: 3 additions & 0 deletions dongtai_web/urls.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -157,6 +157,7 @@
from dongtai_web.dast.webhook import DastWebhook
from dongtai_web.dast.page import DastVulsEndPoint
from dongtai_web.dast.manage import DastManageEndPoint
from dongtai_web.views.new_project_query import (NewApiRouteSearch, ProjectVersionList)

urlpatterns = [
path('user/<int:user_id>', UserDetailEndPoint.as_view()),
Expand Down Expand Up @@ -451,6 +452,8 @@
path('api/v2/sca_vul_summary', GetScaSummary.as_view()),
path('api/v2/app_vul_list_content', GetAppVulsList.as_view()),
path('api/v2/app_vul_summary', GetAppVulsSummary.as_view()),
path('api/v2/api_route/search', NewApiRouteSearch.as_view()),
path('api/v2/project_version', ProjectVersionList.as_view()),
])

urlpatterns.extend(scaupload_urls)
Expand Down
121 changes: 121 additions & 0 deletions dongtai_web/views/new_project_query.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,121 @@
#!/usr/bin/env python
# -*- coding:utf-8 -*-
# author:sjh
# software: PyCharm
# project: lingzhi-webapi
import logging
import time
from dongtai_common.endpoint import R
from django.db.models import Q
from django.forms.models import model_to_dict
from dongtai_common.endpoint import UserEndPoint
from dongtai_common.models.project_version import IastProjectVersion
from dongtai_common.models.api_route import IastApiRoute
from django.utils.translation import gettext_lazy as _
from dongtai_web.utils import extend_schema_with_envcheck, get_response_serializer
from rest_framework import serializers
from rest_framework.serializers import ValidationError

logger = logging.getLogger("django")


class ProjectVersionArgSerializer(serializers.Serializer):
page_size = serializers.IntegerField(default=20,
help_text=_('Number per page'))
page = serializers.IntegerField(default=1, help_text=_('Page index'))
project_id = serializers.IntegerField(default=None,
help_text=_('Project id'),
required=False)
version_name = serializers.CharField(default=None,
help_text=_("version_name "),
required=False)


class ApiRouteArgSerializer(serializers.Serializer):
page_size = serializers.IntegerField(default=20,
help_text=_('Number per page'))
page = serializers.IntegerField(default=1, help_text=_('Page index'))
version_id = serializers.IntegerField(default=None,
help_text=_('Project id'),
required=False)
project_id = serializers.IntegerField(default=None,
help_text=_('Project id'),
required=False)
is_cover = serializers.IntegerField(default=None,
help_text=_('Project id'),
required=False)


class ProjectVersionList(UserEndPoint):
name = "api-v1-project-version-delete"
description = _("Delete application version information")

@extend_schema_with_envcheck(
[ProjectVersionArgSerializer],
tags=[_('Project')],
summary=_('Projects List'),
description=_("Get the item corresponding to the user, support fuzzy search based on name."),
)
def get(self, request):
ser = ProjectVersionArgSerializer(data=request.GET)
try:
if ser.is_valid(True):
page_size = ser.validated_data['page_size']
page = ser.validated_data['page']
version_name = ser.validated_data['version_name']
project_id = ser.validated_data['project_id']
except ValidationError as e:
return R.failure(data=e.detail)
q = Q()
if version_name:
q = Q(version_name__contains=version_name)
if project_id:
q = Q(project_id=project_id)
page_info, documents = self.get_paginator(
IastProjectVersion.objects.filter(q).order_by('-id').all(), page,
page_size)
return R.success(
data=[model_to_dict(document) for document in documents],
page=page_info)


class NewApiRouteSearch(UserEndPoint):
name = "api-v1-api-route-search"
description = _("Delete application version information")

@extend_schema_with_envcheck(
request=ApiRouteArgSerializer,
tags=[_('API Route')],
summary=_('New api route search'),
description=_("Get the item corresponding to the user, support fuzzy search based on name."),
)
def post(self, request):
ser = ApiRouteArgSerializer(data=request.data)
try:
if ser.is_valid(True):
page_size = ser.validated_data['page_size']
page = ser.validated_data['page']
project_id = ser.validated_data['project_id']
version_id = ser.validated_data['version_id']
is_cover = ser.validated_data['is_cover']
except ValidationError as e:
return R.failure(data=e.detail)
q = Q()
if project_id:
q = Q(project_id=project_id)
if version_id:
q = Q(project_version_id=version_id)
if is_cover:
q = Q(is_cover=is_cover)

page_info, documents = self.get_paginator(
IastApiRoute.objects.filter(q).order_by('-id').values(
'method__method', 'path', 'id', 'project_id',
'project_version', 'controller', 'code_class', 'code_file',
'is_cover').all(), page, page_size)
documents = list(documents)
for document in documents:
document['method'] = {
"httpmethods": document['method__method'].split("/")
}
return R.success(data=documents, page=page_info)