Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(project): remove agent change in project add api. #1108

Merged
merged 1 commit into from
Nov 14, 2022
Merged

fix(project): remove agent change in project add api. #1108

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
88 changes: 35 additions & 53 deletions dongtai_web/views/project_add.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,8 +28,6 @@

class _ProjectsAddBodyArgsSerializer(serializers.Serializer):
name = serializers.CharField(help_text=_('The name of project'))
agent_ids = serializers.CharField(help_text=_(
'The id corresponding to the agent, use, for segmentation.'))
scan_id = serializers.IntegerField(
help_text=_("The id corresponding to the scanning strategy."))
version_name = serializers.CharField(
Expand Down Expand Up @@ -72,16 +70,18 @@ def post(self, request):
with transaction.atomic():
name = request.data.get("name")
mode = "插桩模式"
scan_id = int(request.data.get("scan_id",0))
scan_id = int(request.data.get("scan_id", 0))
auth_users = self.get_auth_users(request.user)
if scan_id == 5:
scan = IastStrategyUser.objects.filter(id=scan_id).first()
else:
scan = IastStrategyUser.objects.filter(id=scan_id, user__in=auth_users).first()
agent_ids = request.data.get("agent_ids", None)
scan = IastStrategyUser.objects.filter(
id=scan_id, user__in=auth_users).first()
base_url = request.data.get('base_url', None)
test_req_header_key = request.data.get('test_req_header_key',None)
test_req_header_value = request.data.get('test_req_header_value', None)
test_req_header_key = request.data.get('test_req_header_key',
None)
test_req_header_value = request.data.get(
'test_req_header_value', None)
description = request.data.get('description', None)
pid = request.data.get("pid", 0)
accessable_ips = []
Expand All @@ -94,39 +94,40 @@ def post(self, request):
if accessable_ips:
parsed_url = urlparse(base_url)
if parsed_url.netloc not in parsed_url:
return R.failure(status=202, msg=_('base_url validate failed'))
return R.failure(status=202,
msg=_('base_url validate failed'))
if base_url and not url_validate(base_url):
return R.failure(status=202, msg=_('base_url validate failed'))
if agent_ids:
try:
agents = [int(i) for i in agent_ids.split(',')]
except Exception as e:
print(e)
return R.failure(status=202, msg=_('Agent parse error'))
else:
agents = []
return R.failure(status=202,
msg=_('base_url validate failed'))
if not scan_id or not name or not mode:
logger.error('require base scan_id and name')
return R.failure(status=202, msg=_('Required scan strategy and name'))
return R.failure(status=202,
msg=_('Required scan strategy and name'))

version_name = request.data.get("version_name", "")
if not version_name:
version_name = "V1.0"
vul_validation = request.data.get("vul_validation", None)

if pid:
project = IastProject.objects.filter(id=pid, user__in=auth_users).first()
project = IastProject.objects.filter(
id=pid, user__in=auth_users).first()
project.name = name
else:

project = IastProject.objects.filter(name=name, user=request.user).first()
project = IastProject.objects.filter(
name=name, user=request.user).first()
if not project:
project = IastProject.objects.create(name=name, user=request.user)
project = IastProject.objects.create(name=name,
user=request.user)
else:
return R.failure(status=203, msg=_('Failed to create, the application name already exists'))
return R.failure(
status=203,
msg=
_('Failed to create, the application name already exists'
))
versionInfo = IastProjectVersion.objects.filter(
project_id=project.id,
current_version=1,
project_id=project.id, current_version=1,
status=1).first()
if versionInfo:
project_version_id = versionInfo.id
Expand All @@ -140,26 +141,19 @@ def post(self, request):
"current_version": 1
}
if not versionInfo or not (
versionInfo.version_name == version_name
and (versionInfo.description == description or not description)):
result = version_modify(project.user,auth_users,
versionInfo.version_name == version_name and
(versionInfo.description == description
or not description)):
result = version_modify(project.user, auth_users,
current_project_version)
if result.get("status", "202") == "202":
logger.error('version update failure')
return R.failure(status=202,
msg=result.get('msg',
_("Version Update Error")))
msg=result.get(
'msg', _("Version Update Error")))
else:
project_version_id = result.get("data", {}).get("version_id", 0)

if agents:
haveBind = IastAgent.objects.filter(
~Q(bind_project_id=project.id),
id__in=agents,
bind_project_id__gt=0,
user__in=auth_users).exists()
if haveBind:
return R.failure(status=202, msg=_('Agent has been bound by other application'))
project_version_id = result.get("data", {}).get(
"version_id", 0)

project.scan = scan
project.mode = mode
Expand All @@ -168,27 +162,15 @@ def post(self, request):
project.latest_time = int(time.time())
if vul_validation is not None:
project.vul_validation = vul_validation
if agents:
project.agent_count = IastAgent.objects.filter(
Q(id__in=agents) | Q(project_name=name),
user__in=auth_users,
).update(bind_project_id=project.id, project_version_id=project_version_id)
else:
project.agent_count = IastAgent.objects.filter(
project_name=name, user=request.user).update(
bind_project_id=-1,
project_version_id=project_version_id)

if base_url:
project.base_url = replace_ending(base_url, '/', '')
if test_req_header_key:
project.test_req_header_key = test_req_header_key
if test_req_header_value:
project.test_req_header_value = test_req_header_value
project.save(update_fields=[
'name', 'scan_id', 'mode', 'agent_count',
'latest_time', 'vul_validation', 'base_url',
'test_req_header_key', 'test_req_header_value'
'name', 'scan_id', 'mode', 'latest_time', 'vul_validation',
'base_url', 'test_req_header_key', 'test_req_header_value'
])
return R.success(msg='操作成功')
except Exception as e:
Expand Down