add fields: mitigation,upstream_fix,references; implement -f +FIELDS

ryran · Oct 25, 2016 · 044789745b2cb53b3d773a6470ba772c2b2616f9 · 0447897
1 parent ae637d6
commit 044789745b2cb53b3d773a6470ba772c2b2616f9
Unified Split

Showing with 59 additions and 13 deletions.

+59 −13 rhsecapi.py
diff --git a/rhsecapi.py b/rhsecapi.py
@@ -36,8 +36,41 @@
 # Globals
 prog = 'rhsecapi'
 vers = {}
-vers['version'] = '0.1.6'
+vers['version'] = '0.1.7'
 vers['date'] = '2016/10/24'
+# Supported CVE fields
+allFields = ['threat_severity',
+             'public_date',
+             'iava',
+             'cwe',
+             'cvss',
+             'cvss3',
+             'bugzilla',
+             'acknowledgement',
+             'details',
+             'statement',
+             'mitigation',
+             'upstream_fix',
+             'references',
+             'affected_release',
+             'package_state',
+             ]
+# All supported fields minus the few text-heavy ones
+mostFields = list(allFields)
+notMostFields = ['acknowledgement',
+                 'details',
+                 'statement',
+                 'mitigation',
+                 'references',
+                 ]
+for f in notMostFields:
+    mostFields.remove(f)
+# Simple set of default fields
+defaultFields = ['threat_severity',
+                 'bugzilla',
+                 'affected_release',
+                 'package_state',
+                 ]


 class RedHatSecDataApiClient:
@@ -218,21 +251,17 @@ def parse_args():
    g1 = p.add_argument_group(
        'CVE QUERY DISPLAY OPTIONS')
    gg1 = g1.add_mutually_exclusive_group()
-    # Supported fields
-    allFields     = ['threat_severity', 'public_date', 'iava', 'cwe', 'cvss', 'cvss3', 'bugzilla', 'acknowledgement', 'details', 'statement', 'affected_release', 'package_state']
-    mostFields    = list(allFields); mostFields.remove('acknowledgement'); mostFields.remove('details'); mostFields.remove('statement')
-    defaultFields = ['threat_severity', 'bugzilla', 'affected_release', 'package_state']
    gg1.add_argument(
-        '-f', '--fields', default=','.join(defaultFields),
-        help="Comma-separated fields to be displayed (default: {0})".format(", ".join(defaultFields)))
+        '-f', '--fields', metavar='+FIELDS', default=','.join(defaultFields),
+        help="Comma-separated fields to be displayed (default: {0}); optionally prepend with plus (+) sign to add fields to the default (e.g., '-f +iava,cvss3')".format(", ".join(defaultFields)))
    gg1.add_argument(
        '-a', '--all-fields', dest='fields', action='store_const',
        const=','.join(allFields),
        help="Print all supported fields (currently: {0})".format(", ".join(allFields)))
    gg1.add_argument(
        '-m', '--most-fields', dest='fields', action='store_const',
        const=','.join(mostFields),
-        help="Print all fields mentioned above except the heavy-text ones -- acknowledgement, details, statement")
+        help="Print all fields mentioned above except the heavy-text ones -- (excluding: {0})".format(", ".join(notMostFields)))
    gg1.add_argument(
        '-j', '--json', action='store_true',
        help="Print full & raw JSON output")
@@ -317,6 +346,8 @@ def parse_args():
        p.print_usage()
        print("\nRun {0} --help for full help page\n\n{1}".format(prog, epilog))
        exit()
+    if o.fields.startswith('+'):
+        o.fields = '{0},{1}'.format(','.join(defaultFields), o.fields[1:])
    return o


@@ -360,7 +391,7 @@ def __init__(self, fields='threat_severity,bugzilla,affected_release,package_sta
        if wrapWidth == 1:
            wrapWidth = self.get_terminal_width() - 2
        if wrapWidth:
-            self.w = textwrap.TextWrapper(width=wrapWidth, initial_indent="   ", subsequent_indent="   ")
+            self.w = textwrap.TextWrapper(width=wrapWidth, initial_indent="   ", subsequent_indent="   ", replace_whitespace=False)
        else:
            self.w = 0

@@ -400,16 +431,22 @@ def _check_field(self, field, jsoninput):
            return True
        return False

-    def _stripjoin(self, input):
+    def _stripjoin(self, input, oneLineEach=False):
        """Strip whitespace from input or input list."""
        text = ""
        if isinstance(input, list):
            for i in input:
                text += i.encode('utf-8').strip()
-                text += "  "
+                if oneLineEach:
+                    text += "\n"
+                else:
+                    text += "  "
        else:
            text = input.encode('utf-8').strip()
-        text = re.sub(r"\n+", "  ", text)
+        if oneLineEach:
+            text = re.sub(r"\n+", "\n   ", text)
+        else:
+            text = re.sub(r"\n+", "  ", text)
        if self.w:
            text = "\n" + "\n".join(self.w.wrap(text))
        return text
@@ -439,7 +476,7 @@ def print_cve(self, cve):

        # If --json was used, done
        if self.rawOutput:
-            self.Print(jprint(j, False))
+            self.Print(jprint(j, False) + "\n")
            return

        # CVE name always printed
@@ -508,6 +545,15 @@ def print_cve(self, cve):
        if self._check_field('statement', j):
            self.Print("  STATEMENT:  {0}\n".format(self._stripjoin(j['statement'])))

+        if self._check_field('mitigation', j):
+            self.Print("  MITIGATION:  {0}\n".format(self._stripjoin(j['mitigation'])))
+
+        if self._check_field('upstream_fix', j):
+            self.Print("  UPSTREAM_FIX:  {0}\n".format(j['upstream_fix']))
+
+        if self._check_field('references', j):
+            self.Print("  REFERENCES:  {0}\n".format(self._stripjoin(j['references'], oneLineEach=True)))
+
        if self._check_field('affected_release', j):
            self.Print("  AFFECTED_RELEASE (ERRATA)\n")
            affected_release = j['affected_release']