Mercurial > farol > farol
diff farol/main.py @ 7:8f41bb7f4681
Move the Document management routines to a document Blueprint
author | Benoît Allard <benoit.allard@greenbone.net> |
---|---|
date | Thu, 25 Sep 2014 17:03:35 +0200 |
parents | 3478e20885fd |
children | 2ce3676c9b2e |
line wrap: on
line diff
--- a/farol/main.py Thu Sep 25 15:49:33 2014 +0200 +++ b/farol/main.py Thu Sep 25 17:03:35 2014 +0200 @@ -24,17 +24,16 @@ import os -from farolluz.cvrf import (CVRF, CVRFPublisher, CVRFTracking, CVRFTrackingID, - CVRFGenerator, CVRFRevision, CVRFReference, CVRFAcknowledgment, CVRFNote, - ValidationError, CVRFAggregateSeverity) -from farolluz.parsers.cvrf import parse, parseVersion, parseDate +from farolluz.cvrf import CVRF, ValidationError +from farolluz.parsers.cvrf import parse from farolluz.py2 import urlopen from farolluz.renderer import render as render_cvrf from farolluz.utils import utcnow -from flask import Flask, request, render_template, redirect, url_for, flash, abort +from flask import Flask, request, render_template, redirect, url_for, flash from werkzeug import secure_filename +from .document import document from .session import get_current, set_current, has_current, del_current, document_required from .vulnerability import vulnerability from .producttree import producttree @@ -44,6 +43,7 @@ app.config.from_object('farol.config.Config') app.config.from_pyfile('farol.cfg', silent=True) +app.register_blueprint(document, url_prefix='/document') app.register_blueprint(vulnerability, url_prefix='/vulnerability') app.register_blueprint(producttree, url_prefix='/producttree') @@ -83,6 +83,10 @@ def makeId(string): return secure_filename(string) +@app.route('/') +def welcome(): + return render_template('welcome.j2') + @app.route('/new', methods=['GET', 'POST']) def new(): if request.method != 'POST': @@ -104,243 +108,7 @@ set_current(parse(request.form['text'].encode('utf-8'))) else: set_current(CVRF(request.form['title'], request.form['type'])) - return redirect(url_for('document')) - -@app.route('/') -@document_required -def document(): - cvrf = get_current() - return render_template('doc.j2', cvrf=cvrf) - -@app.route('/title/edit', methods=['GET', 'POST']) -@document_required -def edit_title(): - if request.method != 'POST': - return render_template('edit_title.j2', title = get_current()._title, _type = get_current()._type) - - - get_current()._title = request.form['title'] - get_current()._type = request.form['type'] - return redirect(url_for('document')) - -@app.route('/publisher/edit', methods=['GET', 'POST']) -@document_required -def edit_publisher(): - if request.method != 'POST': - return render_template('edit_publisher.j2', publisher = get_current()._publisher or CVRFPublisher(''), types=CVRFPublisher.TYPES) - - publisher = CVRFPublisher(request.form['type'], request.form['vendorid'] or None) - publisher.setContact(request.form['contact'] or None) - publisher.setAuthority(request.form['authority'] or None) - get_current().setPublisher(publisher) - return redirect(url_for('document')) - -@app.route('/tracking/edit', methods=['GET', 'POST']) -@document_required -def edit_tracking(): - wasNone = False - tracking = get_current()._tracking - if tracking is None: - wasNone = True - tracking = CVRFTracking(CVRFTrackingID(''), 'Draft', (0,), utcnow(), utcnow()) - generator = tracking._generator - if not tracking._generator: - generator = CVRFGenerator() - if request.method != 'POST': - return render_template('edit_tracking.j2', tracking=tracking, version='.'.join('%s'%v for v in tracking._version), generator=generator, now=utcnow(), statuses=tracking.STATUSES) - - tracking._identification._id = request.form['id'] - aliases = [] - if request.form['id_aliases']: - aliases = [a.strip() for a in request.form['id_aliases'].split(',')] - tracking._identification._aliases = aliases - tracking._status = request.form['status'] - tracking._version = parseVersion(request.form['version']) - tracking._initialDate = parseDate(request.form['initial']) - tracking._currentDate = parseDate(request.form['current']) - if wasNone: - get_current().setTracking(tracking) - if (not request.form['gen_engine']) and (not request.form['gen_date']): - generator = None - else: - generator._engine = request.form['gen_engine'] or None - if request.form['gen_date']: - generator._date = parseDate(request.form['gen_date']) - else: - generator._date = None - tracking.setGenerator(generator) - return redirect(url_for('document')) - -@app.route('/revision/<int:index>/edit', methods=['GET', 'POST']) -@document_required -def edit_revision(index): - cvrf = get_current() - if cvrf._tracking is None: - abort(404) - try: - revision = cvrf._tracking._history[index] - except IndexError: - abort(404) - if request.method != 'POST': - return render_template('edit_revision.j2', number='.'.join('%s'%v for v in revision._number), date=revision._date, description=revision._description, action='Update') - - revision._number = parseVersion(request.form['number']) - revision._date = parseDate(request.form['date']) - revision._description = request.form['description'] - return redirect(url_for('document')) - -@app.route('/revision/add', methods=['GET', 'POST']) -@document_required -def add_revision(): - tracking = get_current()._tracking - if request.method != 'POST': - version = tracking._version - version = version[:-1] + (version[-1] + 1,) - return render_template('edit_revision.j2', number='.'.join("%d"%v for v in version), date=utcnow(), action='Add') - - version = parseVersion(request.form['number']) - date = parseDate(request.form['date']) - revision = CVRFRevision(version, date, request.form['description']) - tracking.addRevision(revision) - if 'update_tracking' in request.form: - tracking._version = version - tracking._currentDate = date - return redirect(url_for('document')) - -@app.route('/distribution/edit', methods=['GET', 'POST']) -@document_required -def edit_distribution(): - if request.method != 'POST': - return render_template('edit_distribution.j2', distribution=get_current()._distribution) - - get_current().setDistribution(request.form['distribution']) - return redirect(url_for('document')) - -@app.route('/severity/edit', methods=['GET', 'POST']) -@document_required -def edit_severity(): - severity = get_current()._aggregateseverity - if severity is None: - severity = CVRFAggregateSeverity('') - if request.method != 'POST': - return render_template('edit_severity.j2', severity=severity) - if not request.form['severity']: - severity = None - else: - severity._severity = request.form['severity'] - severity.setNamespace(request.form['namespace'] or None) - get_current().setAggregateSeverity(severity) - return redirect(url_for('document')) - -@app.route('/note/<int:ordinal>') -@document_required -def view_note(ordinal): - note = get_current().getNote(ordinal) - if note is None: - abort(404) - return render_template('view_note.j2', note=note) - -@app.route('/note/<int:ordinal>/edit', methods=['GET', 'POST']) -@document_required -def edit_note(ordinal): - note = get_current().getNote(ordinal) - if note is None: - abort(404) - if request.method != 'POST': - return render_template('edit_note.j2', note=note, types = note.TYPES) - - note._type = request.form['type'] - note._ordinal = int(request.form['ordinal']) - note._note = request.form['note'] - note._title = request.form['title'] or None - note._audience = request.form['audience'] or None - return redirect(url_for('view_note', ordinal=note._ordinal )) - - -@app.route('/note/add', methods=['GET', 'POST']) -@document_required -def add_note(): - if request.method != 'POST': - next_ordinal = 1 - notes = get_current()._notes - if notes: - next_ordinal = notes[-1]._ordinal + 1 - return render_template('edit_note.j2', ordinal=next_ordinal, types=CVRFNote.TYPES, action='Add') - - title = None - audience = None - title = request.form['title'] or None - audience = request.form['audience'] or None - - note = CVRFNote(request.form['type'], int(request.form['ordinal']), request.form['note'], title, audience) - get_current().addNote(note) - return redirect(url_for('document')) - -@app.route('/reference/<int:index>/edit', methods=['GET', 'POST']) -@document_required -def edit_reference(index): - try: - ref = get_current()._references[index] - except IndexError: - abort(404) - if request.method != 'POST': - return render_template('edit_reference.j2', _type=ref._type, url=ref._url, description=ref._description, types=('',) + ref.TYPES) - - ref._type = request.form['type'] or None - ref._url = request.form['url'] - ref._description = request.form['description'] - return redirect(url_for('document')) - - -@app.route('/reference/add', methods=['GET', 'POST']) -@document_required -def add_reference(): - if request.method != 'POST': - return render_template('edit_reference.j2', action='Add', types=('',) + CVRFReference.TYPES) - - ref = CVRFReference(request.form['url'], request.form['description'], request.form['type'] or None) - get_current().addReference(ref) - return redirect(url_for('document')) - -@app.route('/acknowledgment/<int:index>') -@document_required -def view_acknowledgment(index): - try: - ack = get_current()._acknowledgments[index] - except IndexError: - abort(404) - return render_template('view_acknowledgment.j2', acknowledgment=ack, index=index, action='Update') - -@app.route('/acknowledgment/<int:index>/edit', methods=['GET', 'POST']) -@document_required -def edit_acknowledgment(index): - try: - ack = get_current()._acknowledgments[index] - except IndexError: - abort(404) - if request.method != 'POST': - return render_template('edit_acknowledgment.j2', name=ack._name, organization=ack._organization, description=ack._description, url=ack._url, action='Update') - - ack._name = request.form['name'] or None - ack._organization = request.form['organization'] or None - ack._description = request.form['description'] or None - ack._url = request.form['url'] or None - return redirect(url_for('document')) - -@app.route('/acknowledgment/add', methods=['GET', 'POST']) -@document_required -def add_acknowledgment(): - if request.method != 'POST': - return render_template('edit_acknowledgment.j2', action='Add') - - ack = CVRFAcknowledgment() - ack._name = request.form['name'] or None - ack._organization = request.form['organization'] or None - ack._description = request.form['description'] or None - ack._url = request.form['url'] or None - get_current().addAcknowledgment(ack) - return redirect(url_for('document')) - + return redirect(url_for('document.view')) @app.route('/render/<format_>') @document_required @@ -380,7 +148,7 @@ os.remove(fpath) flash('"%s" has been removed from cache' % element) # Get some kind of id, and load the file. - return redirect(url_for('document')) + return redirect(url_for('document.view')) @app.route('/about') def about():