Mercurial > farol
changeset 163:1d63a532ccce
Add possibility to create product Tree from the cpe itself.
| author | Benoît Allard <benoit.allard@greenbone.net> |
|---|---|
| date | Tue, 30 Dec 2014 14:34:21 +0100 |
| parents | 07210df10edd |
| children | 4d8218fbe686 |
| files | farol/producttree.py farol/templates/producttree/edit_product.j2 |
| diffstat | 2 files changed, 15 insertions(+), 3 deletions(-) [+] |
line wrap: on
line diff
--- a/farol/producttree.py Tue Dec 30 14:33:50 2014 +0100 +++ b/farol/producttree.py Tue Dec 30 14:34:21 2014 +0100 @@ -32,6 +32,7 @@ from farolluz.cvrf import (CVRFProductBranch, CVRFFullProductName, CVRFRelationship, CVRFGroup) +from farolluz.parsers.cpe import parse as parseCPE from .session import document_required, get_current producttree = Blueprint('producttree', __name__) @@ -217,16 +218,22 @@ rels = [('', '')] + [(ptree.getNameOfRelationship(r), str(i)) for i, r in ptree.getOrphanedRelationships()] return render_template('producttree/edit_product.j2', product=product, action='Add', orphaned_leaves=leaves, orphaned_relationships=rels, current_rel='') - if request.form['parent_branch'] and request.form['parent_relationship']: + if bool(request.form['parent_branch']) + bool(request.form['parent_relationship']) + bool(request.form['from_cpe']) > 1: flash('Cannot set a parent branch and parent relationship', 'danger') return redirect(url_for('.add_product')) + if request.form['from_cpe'] and not request.form['cpe']: + flash('You need to specify the cpe value to infer the branching/relation from that value.', 'danger') + return redirect(url_for('.add_product')) + parent = ptree if request.form['parent_branch']: try: parent = ptree.getBranch([int(p) for p in request.form['parent_branch'].split('/')]) except (ValueError, IndexError): abort(404) elif request.form['parent_relationship']: parent = ptree._relationships[int(request.form['parent_relationship'])] + elif request.form['from_cpe']: + parent = parseCPE(request.form['cpe']).addToDoc(cvrf, finalProduct=False) product = CVRFFullProductName(request.form['productid'], request.form['name'], parent, request.form['cpe'] or None) ptree.addProduct(product)
--- a/farol/templates/producttree/edit_product.j2 Tue Dec 30 14:33:50 2014 +0100 +++ b/farol/templates/producttree/edit_product.j2 Tue Dec 30 14:34:21 2014 +0100 @@ -24,7 +24,7 @@ -#} {% extends "base.j2" %} -{% from "macros.j2" import textinput, selectinput2, examples %} +{% from "macros.j2" import textinput, selectinput2, examples, checkbox %} {% block title %}Edit the product{% endblock %} {% set active = 'product' %} @@ -40,12 +40,17 @@ <p>The <em>Product ID</em> attribute is required to identify a <strong>Full Product Name</strong> so that it can be referred to from other parts in the document. There is no predefined or required format for the <em>Product ID</em> as long as it uniquely identifies a product in the context of the current document. Examples include incremental integers or Globally Unique Identifiers (GUIDs).</p> {{ examples(['CVRFPID-0004']) }} {% endcall %} -{% call textinput('cpe', "CPE", placeholder="cpe:/a:...", value=product._cpe) %} +{% call textinput('cpe', "CPE", placeholder="cpe:...", value=product._cpe) %} <p>The Common Platform Enumeration (<em>CPE</em>) attribute refers to a method for naming platforms. The structure for CPE is described at http://cpe.mitre.org. The <em>CPE</em> can be either an integer (if MITRE has an entry for the platform in question) or a candidate string from the vendor if no MITRE entry yet exists.</p> {% endcall %} <hr> {{ selectinput2('parent_branch', "Parent Branch", orphaned_leaves , product.getParentPath()) }} +<p class="text-center"><em>-- or --</em></p> {{ selectinput2('parent_relationship', "Parent relationship", orphaned_relationships, current_rel) }} +<p class="text-center"><em>-- or --</em></p> +{% if action == "Add" %} + {{ checkbox('from_cpe', "Create branches/relation from CPE Value") }} +{% endif %} <button class="btn btn-primary" type="submit">{{ action }}</button> <a class="btn btn-danger" href="{{ url_for('.view') }}">Cancel</a>