新增资产批量添加，nessus7扫描器支持，AWVS扫描器支持

we1h0 · Jun 14, 2018 · c6f4423 · c6f4423
1 parent 269b6ac
commit c6f4423
Show file tree

Hide file tree

Showing 48 changed files with 13,952 additions and 109 deletions.
diff --git a/AssetManage/forms.py b/AssetManage/forms.py
@@ -9,6 +9,25 @@
 from django.forms import ModelForm,widgets
 
 
+class HandoverActionForm(ModelForm):
+    class Meta:
+        model = models.Handover
+        fields = ['action_reason']
+        widgets = {
+                   'action_reason':widgets.Textarea(attrs={'class':'form-control','placeholder':'资产交接审批说明'}),
+                   }
+
+class HandoverForm(ModelForm):
+    class Meta:
+        model = models.Handover
+        fields = ['dst_email','reason']
+        widgets = {
+                   'dst_email':widgets.TextInput(attrs={'class':'form-control','placeholder':'请输入对方账号邮箱'}),
+                   'reason':widgets.Textarea(attrs={'class':'form-control','placeholder':'资产转让说明（该操作会将您名下的资产转让 给目标账号，并停用该账号，请谨慎操作）'}),
+                   }
+
+
+
 class AssetUserForm(ModelForm):
     class Meta:
         model = models.AssetUser

diff --git a/AssetManage/models.py b/AssetManage/models.py
@@ -9,7 +9,28 @@
                         ('资产认领','资产认领'),
                         )
 
+ASSET_REQUEST_STATUS=(
+    ('0','审批中'),
+    ('1','审批通过'),
+    ('2','审批拒绝'),
+    )
+
+
+
 
+class Handover(models.Model):
+    dst_email = models.EmailField('目标账号')
+    status = models.CharField('申请状态',max_length = 30,choices=ASSET_REQUEST_STATUS,default='0')
+    reason = models.TextField('转让说明')
+    action_reason = models.TextField('审批说明')
+    request_starttime = models.DateField('添加时间',auto_now_add=True)
+    request_updatetime = models.DateField('更新时间',auto_now=True)
+
+    request_user = models.EmailField('申请账号')
+
+    action_user = models.ForeignKey(User,related_name='handover_action_user',on_delete=models.CASCADE,null=True,blank=True)
+    def __str__(self):
+        return self.id
 
 
 
@@ -55,7 +76,7 @@ class Asset(models.Model):
 
     user_email=models.EmailField('联系人邮箱',null=True,blank=True)
 
-    asset_area = models.ForeignKey(Area,related_name='area_for_asset',verbose_name='所属区域',on_delete=models.CASCADE,null=True,limit_choices_to={'parent__isnull':True})
+    asset_area = models.ForeignKey(Area,related_name='area_for_asset',verbose_name='所属区域',on_delete=models.CASCADE,null=True,blank=True,limit_choices_to={'parent__isnull':True})
     asset_type = models.ForeignKey(AssetType,related_name='type_for_asset',verbose_name='资产类型',on_delete=models.CASCADE,null=True,limit_choices_to={'parent__isnull':False})
     asset_user = models.ManyToManyField(User,related_name='asset_to_user',blank=True)
 
@@ -126,7 +147,7 @@ class OS_Info(models.Model):
     asset = models.OneToOneField(Asset,related_name='os_for_asset',on_delete=models.CASCADE)
 
     def __str__(self):
-        return self.web_status
+        return self.asset.asset_key
 
 
 
@@ -146,12 +167,12 @@ class Internet_Info(models.Model):
     asset = models.OneToOneField(Asset,related_name='internet_for_asset',on_delete=models.CASCADE)
 
     def __str__(self):
-        return self.web_status
+        return self.asset.asset_key
 
 
 
 class Port_Info(models.Model):
-    port = models.IntegerField('开放端口')
+    port = models.CharField('开放端口',max_length=50)
     name = models.CharField('服务名称',max_length=50,null=True)
     product = models.CharField('产品信息',max_length=100,null=True)
     version = models.CharField('应用版本',max_length=50,null=True)

diff --git a/AssetManage/tasks.py b/AssetManage/tasks.py
@@ -45,28 +45,28 @@ def asset_port(user_id,asset_id_list):
                     name = port_list[port_info].get('name')
                     product = port_list[port_info].get('product')
                     version =  port_list[port_info].get('version')
-                    if product != 'Microsoft Windows RPC':
-                        port_get = models.Port_Info.objects.get_or_create(
-                            port=port,
-                            asset = asset,
-                            )
-                        if port_get[1]:
-                            port = port_get[0]
-                            port.product=product
-                            port.name = name
-                            port.version=version
-                            port.save()
+                    port_get = models.Port_Info.objects.get_or_create(
+                        port=port,
+                        asset = asset,
+                        )
+                    if port_get[1]:
+                        port = port_get[0]
+                        port.product=product
+                        port.name = name
+                        port.version=version
+                        port.save()
+                data_manage={
+                              'notice_title':'资产发现通知',
+                              'notice_body':'您对'+ ip +'的端口发现任务完成',
+                              'notice_url':'/asset/user/',
+                              'notice_type':'notice',
+                              }
+                notice_add(user,data_manage)
             else:
                 return False
         else:
             return False
-    data_manage={
-              'notice_title':'资产发现通知',
-              'notice_body':'您的端口发现任务完成，点我查看结果',
-              'notice_url':'/asset/user/',
-              'notice_type':'notice',
-              }
-    notice_add(user,data_manage)
+
     return True
 
 

diff --git a/AssetManage/urls.py b/AssetManage/urls.py
@@ -6,7 +6,7 @@
 '''
 
 from django.urls import path
-from .views import views,assetdetails,port,plugin,file,assetconnect,assetinfo,taskview
+from .views import views,assetdetails,port,plugin,file,assetconnect,assetinfo,taskview,handover,csv
 
 urlpatterns = [
     path('user/',views.assetview,name='assetview'),
@@ -18,6 +18,20 @@
     path('user/details/<str:asset_id>/',assetdetails.assetdetailsview,name='assetdetails'),
 
 
+    path('user/csv/os/',csv.create_csv_os,name='createoscsv'),
+    path('user/csv/web/',csv.create_csv_web,name='createwebcsv'),
+    path('user/csv/vuln/',csv.create_csv_vuln,name='createvulncsv'),
+    path('user/csv/upload/',csv.file_update,name='createuploadcsv'),
+
+
+    path('user/handover/',handover.asset_handover,name='assethandover'),
+
+    path('handover/',handover.handoverview,name='assethandoverview'),
+    path('handover/list/',handover.asset_handover_list,name='assethandoverlist'),
+    path('handover/action/',handover.asset_handover_action,name='assethandoveraction'),
+
+
+
     path('user/task/',taskview.task_action,name='assettaskaction'),
 
     path('user/update/osinfo/<str:os_id>/',assetinfo.osinfpupdate,name='assetosinfoupdate'),

diff --git a/AssetManage/views/assetdetails.py b/AssetManage/views/assetdetails.py
@@ -45,8 +45,6 @@ def assetdetailsview(request,asset_id):
 
     info = []
 
-
-
     for typeinfo in assettypeinfo:
         info.append(typeinfo.key)