Created skeleton for saved-searches endpoint

cisagov · Oct 3, 2024 · a33cd8d · a33cd8d
1 parent 6f508a8
commit a33cd8d
Show file tree

Hide file tree

Showing 3 changed files with 139 additions and 92 deletions.
diff --git a/backend/src/xfd_django/xfd_api/api_methods/saved_search.py b/backend/src/xfd_django/xfd_api/api_methods/saved_search.py
@@ -14,95 +14,98 @@
 PAGE_SIZE = 20
 
 
-def create_saved_search(request):
-    data = json.loads(request.body)
-    search = SavedSearch.objects.create(
-        name=data["name"],
-        count=data["count"],
-        sort_direction=data["sortDirection"],
-        sort_field=data["sortField"],
-        search_term=data["searchTerm"],
-        search_path=data["searchPath"],
-        filters=data["filters"],
-        create_vulnerabilities=data["createVulnerabilities"],
-        vulnerability_template=data.get("vulnerabilityTemplate"),
-        created_by=request.user,
-    )
-    return JsonResponse({"status": "Created", "search": search.id}, status=201)
+# def create_saved_search(request):
+#     data = json.loads(request.body)
+#     search = SavedSearch.objects.create(
+#         name=data["name"],
+#         count=data["count"],
+#         sort_direction=data["sortDirection"],
+#         sort_field=data["sortField"],
+#         search_term=data["searchTerm"],
+#         search_path=data["searchPath"],
+#         filters=data["filters"],
+#         create_vulnerabilities=data["createVulnerabilities"],
+#         vulnerability_template=data.get("vulnerabilityTemplate"),
+#         created_by=request.user,
+#     )
+#     return JsonResponse({"status": "Created", "search": search.id}, status=201)
 
 
 def list_saved_searches(request):
     """List all saved searches."""
-    page_size = int(request.GET.get("pageSize", PAGE_SIZE))
-    page = int(request.GET.get("page", 1))
-    searches = SavedSearch.objects.filter(created_by=request.user)
-    total_count = searches.count()
-    searches = searches[(page - 1) * page_size : page * page_size]
-    data = list(searches.values())
-    return JsonResponse({"result": data, "count": total_count}, safe=False)
-
-
-def get_saved_search(request, search_id):
-    if not uuid.UUID(search_id):
-        raise HTTPException({"error": "Invalid UUID"}, status=404)
-
     try:
-        search = SavedSearch.objects.get(id=search_id, created_by=request.user)
-        data = {
-            "id": str(search.id),
-            "name": search.name,
-            "count": search.count,
-            "sort_direction": search.sort_direction,
-            "sort_field": search.sort_field,
-            "search_term": search.search_term,
-            "search_path": search.search_path,
-            "filters": search.filters,
-            "create_vulnerabilities": search.create_vulnerabilities,
-            "vulnerability_template": search.vulnerability_template,
-            "created_by": search.created_by.id,
-        }
-        return JsonResponse(data)
-    except SavedSearch.DoesNotExist as e:
+        page_size = int(request.GET.get("pageSize", PAGE_SIZE))
+        page = int(request.GET.get("page", 1))
+        searches = SavedSearch.objects.filter(created_by=request.user)
+        total_count = searches.count()
+        searches = searches[(page - 1) * page_size : page * page_size]
+        data = list(searches.values())
+        return JsonResponse({"result": data, "count": total_count}, safe=False)
+    except Exception as e:
         raise HTTPException(status_code=404, detail=str(e))
 
 
-def update_saved_search(request, search_id):
-    if not uuid.UUID(search_id):
-        raise HTTPException(status_code=404, detail={"error": "Invalid UUID"})
-
-    try:
-        search = SavedSearch.objects.get(id=search_id, created_by=request.user)
-    except SavedSearch.DoesNotExist as e:
-        return HTTPException(status_code=404, detail=str(e))
-
-    data = json.loads(request.body)
-    search.name = data.get("name", search.name)
-    search.count = data.get("count", search.count)
-    search.sort_direction = data.get("sortDirection", search.sort_direction)
-    search.sort_field = data.get("sortField", search.sort_field)
-    search.search_term = data.get("searchTerm", search.search_term)
-    search.search_path = data.get("searchPath", search.search_path)
-    search.filters = data.get("filters", search.filters)
-    search.create_vulnerabilities = data.get(
-        "createVulnerabilities", search.create_vulnerabilities
-    )
-    search.vulnerability_template = data.get(
-        "vulnerabilityTemplate", search.vulnerability_template
-    )
-    search.save()
-    return JsonResponse({"status": "Updated", "search": search.id}, status=200)
-
-
-def delete_saved_search(request, search_id):
-    """Delete saved search by id."""
-    if not uuid.UUID(search_id):
-        raise HTTPException(status_code=404, detail={"error": "Invalid UUID"})
-
-    try:
-        search = SavedSearch.objects.get(id=search_id, created_by=request.user)
-        search.delete()
-        return JsonResponse(
-            {"status": "success", "message": f"Saved search id:{search_id} deleted."}
-        )
-    except SavedSearch.DoesNotExist as e:
-        raise HTTPException(status_code=404, detail=str(e))
+# def get_saved_search(request, search_id):
+#     if not uuid.UUID(search_id):
+#         raise HTTPException({"error": "Invalid UUID"}, status=404)
+
+#     try:
+#         search = SavedSearch.objects.get(id=search_id, created_by=request.user)
+#         data = {
+#             "id": str(search.id),
+#             "name": search.name,
+#             "count": search.count,
+#             "sort_direction": search.sort_direction,
+#             "sort_field": search.sort_field,
+#             "search_term": search.search_term,
+#             "search_path": search.search_path,
+#             "filters": search.filters,
+#             "create_vulnerabilities": search.create_vulnerabilities,
+#             "vulnerability_template": search.vulnerability_template,
+#             "created_by": search.created_by.id,
+#         }
+#         return JsonResponse(data)
+#     except SavedSearch.DoesNotExist as e:
+#         raise HTTPException(status_code=404, detail=str(e))
+
+
+# def update_saved_search(request, search_id):
+#     if not uuid.UUID(search_id):
+#         raise HTTPException(status_code=404, detail={"error": "Invalid UUID"})
+
+#     try:
+#         search = SavedSearch.objects.get(id=search_id, created_by=request.user)
+#     except SavedSearch.DoesNotExist as e:
+#         return HTTPException(status_code=404, detail=str(e))
+
+#     data = json.loads(request.body)
+#     search.name = data.get("name", search.name)
+#     search.count = data.get("count", search.count)
+#     search.sort_direction = data.get("sortDirection", search.sort_direction)
+#     search.sort_field = data.get("sortField", search.sort_field)
+#     search.search_term = data.get("searchTerm", search.search_term)
+#     search.search_path = data.get("searchPath", search.search_path)
+#     search.filters = data.get("filters", search.filters)
+#     search.create_vulnerabilities = data.get(
+#         "createVulnerabilities", search.create_vulnerabilities
+#     )
+#     search.vulnerability_template = data.get(
+#         "vulnerabilityTemplate", search.vulnerability_template
+#     )
+#     search.save()
+#     return JsonResponse({"status": "Updated", "search": search.id}, status=200)
+
+
+# def delete_saved_search(request, search_id):
+#     """Delete saved search by id."""
+#     if not uuid.UUID(search_id):
+#         raise HTTPException(status_code=404, detail={"error": "Invalid UUID"})
+
+#     try:
+#         search = SavedSearch.objects.get(id=search_id, created_by=request.user)
+#         search.delete()
+#         return JsonResponse(
+#             {"status": "success", "message": f"Saved search id:{search_id} deleted."}
+#         )
+#     except SavedSearch.DoesNotExist as e:
+#         raise HTTPException(status_code=404, detail=str(e))
diff --git a/backend/src/xfd_django/xfd_api/schema_models/saved_search.py b/backend/src/xfd_django/xfd_api/schema_models/saved_search.py
@@ -19,7 +19,7 @@ class SavedSearch(BaseModel):
     search_term: str
     search_path: str
     filters: Json[Any]
-    create_vulnerabilities: bool
+    create_vulnerabilities: Optional[bool]
     vulnerability_template: Optional[Json[Any]]
     created_by: UUID
     created_at: datetime

diff --git a/backend/src/xfd_django/xfd_api/views.py b/backend/src/xfd_django/xfd_api/views.py
@@ -29,10 +29,11 @@
 from .api_methods.cve import get_cves_by_id, get_cves_by_name
 from .api_methods.domain import get_domain_by_id
 from .api_methods.organization import get_organizations, read_orgs
+from .api_methods.saved_search import list_saved_searches
 from .api_methods.user import get_users
 from .api_methods.vulnerability import get_vulnerability_by_id, update_vulnerability
 from .auth import get_current_active_user
-from .models import Assessment, User
+from .models import Assessment, SavedSearch, User
 from .schema_models import scan as scanSchema
 from .schema_models.assessment import Assessment
 from .schema_models.cpe import Cpe as CpeSchema
@@ -341,13 +342,56 @@ async def call_get_organizations(
 # ========================================
 
 
-# @api_router.get(
-#     "/saved-searches",
-#     dependencies=[Depends(get_current_active_user)],
-#     response_model=savedSearchSchema.GetSavedSearchesResponseModel,
-#     tags=["Saved Searches"],
+@api_router.post(
+    "/saved-searches",
+    tags=["Testing"],
+)
+async def create_saved_search():
+    """Create a new saved search."""
+    return {"status": "ok"}
+
+
+@api_router.get(
+    "/saved-searches",
+    # dependencies=[Depends(get_current_active_user)],
+    # response_model=savedSearchSchema.GetSavedSearchesResponseModel,
+    tags=["Testing"],
+)
+async def call_list_saved_searches():
+    """Retrieve a list of all saved searches."""
+    return {"status": "ok"}
+
+
+@api_router.get(
+    "/saved-searches/{saved_search_id}",
+    tags=["Testing"],
+)
+async def get_saved_search(saved_search_id: str):
+    """Retrieve a saved search by its ID."""
+    return {"status": "ok"}
+
+
+@api_router.put(
+    "/saved-searches/{saved_search_id}",
+    tags=["Testing"],
+)
+async def update_saved_search(saved_search_id: str):
+    """Update a saved search by its ID."""
+    return {"status": "ok"}
+
+
+@api_router.delete(
+    "/saved-searches/{saved_search_id}",
+    tags=["Testing"],
+)
+async def delete_saved_search(saved_search_id: str):
+    """Delete a saved search by its ID."""
+    return {"status": "ok"}
+
 
-# )
+# async def call_list_saved_searches(current_user: User = Depends(get_current_active_user)):
+#     """Retrieve a list of all saved searches."""
+#     return list_saved_searches(current_user)
 
 
 # ========================================