Mercurial > farol > farol
view farol/main.py @ 12:4219d6fb4c38
Implement three kind of caches
author | Benoît Allard <benoit.allard@greenbone.net> |
---|---|
date | Tue, 30 Sep 2014 12:18:52 +0200 |
parents | a32f9b86edb4 |
children | d5265a0da13a |
line wrap: on
line source
# -*- encoding: utf-8 -*- # Description: # Farol Web Application # # Authors: # BenoƮt Allard <benoit.allard@greenbone.net> # # Copyright: # Copyright (C) 2014 Greenbone Networks GmbH # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version 2 # of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. import os from farolluz.cvrf import CVRF, ValidationError from farolluz.parsers.cvrf import parse from farolluz.py2 import urlopen from farolluz.renderer import render as render_cvrf from farolluz.utils import utcnow from flask import Flask, request, render_template, redirect, url_for, flash from werkzeug import secure_filename from . import cache from .document import document from .session import get_current, set_current, has_current, document_required from .vulnerability import vulnerability from .producttree import producttree app = Flask(__name__, instance_relative_config=True) app.config.from_object('farol.config.Config') app.config.from_pyfile('farol.cfg', silent=True) app.register_blueprint(cache.mod, url_prefix='/cache') app.register_blueprint(document, url_prefix='/document') app.register_blueprint(vulnerability, url_prefix='/vulnerability') app.register_blueprint(producttree, url_prefix='/producttree') if not app.debug: import logging from logging import FileHandler file_handler = FileHandler(os.path.join(app.instance_path, 'farol.log')) file_handler.setLevel(logging.WARNING) app.logger.addHandler(file_handler) @app.context_processor def cache_content(): """ List the documents in cache """ return dict(caching=cache.caching_type(), cache=cache.cache_content()) @app.context_processor def doc_properties(): if not has_current(): return {'has_current': False} cvrf = get_current() vulns = [(v.getTitle(), v._ordinal) for v in cvrf._vulnerabilities] prods = [] if cvrf._producttree: prods = [(p._name, p._productid) for p in cvrf._producttree._products] try: cvrf.validate() error = None except ValidationError as ve: error = ve return dict(has_current=True, vulnerabilities=vulns, products=prods, error=error) @app.template_filter('secure_filename') def makeId(string): return secure_filename(string) @app.route('/') def welcome(): return render_template('welcome.j2') def parse_url(url): set_current(parse(urlopen(url).read())) @app.route('/new', methods=['GET', 'POST']) def new(): if request.method != 'POST': return render_template('new.j2', has_document=has_current(), now=utcnow()) if 'rhsa' in request.form: year, index = request.form['id'].split(':') parse_url("https://www.redhat.com/security/data/cvrf/%(year)s/cvrf-rhsa-%(year)s-%(index)s.xml" % {'year': year, 'index': index}) elif 'oracle' in request.form: parse_url("http://www.oracle.com/ocom/groups/public/@otn/documents/webcontent/%s.xml" % request.form['id']) elif 'cisco' in request.form: kind, date, name = request.form['id'].split('-', 2) kind = {'sa': 'Advisory', 'sr': 'Response'}[kind] parse_url("http://tools.cisco.com/security/center/contentxml/CiscoSecurity%(kind)s/cisco-%(id)s/cvrf/cisco-%(id)s_cvrf.xml" % {'kind': kind, 'id': request.form['id']}) elif 'nasl' in request.form: flash("I'm not able to parse NASL scripts yet", 'danger') return redirect(url_for('new')) elif 'url' in request.form: parse_url(request.form['url']) elif 'local' in request.files: upload = request.files['local'] if not upload.filename.endswith('.xml'): flash('Uploaded files should end in .xml', 'danger') return redirect(url_for('new')) fpath = os.path.join('/tmp', secure_filename(upload.filename)) upload.save(fpath) with open(fpath, 'rt') as f: set_current(parse(f)) os.remove(fpath) elif 'text' in request.form: set_current(parse(request.form['text'].encode('utf-8'))) else: set_current(CVRF(request.form['title'], request.form['type'])) return redirect(url_for('document.view')) @app.route('/render/<format_>') @document_required def render(format_): cvrf = get_current() doc = render_cvrf(cvrf, format_ + '.j2') return render_template('render.j2', format_=format_, title=cvrf._title, type_=cvrf._type, doc=doc ) @app.route('/about') def about(): return render_template('about.j2', instance_dir=app.instance_path)