diff --git a/common/common.go b/common/common.go index 37f54c43f8c0eb04a71045e946316636d0dd1d84..c1218f71a98b6d94a596fc468a3b2bb8ca3fd50e 100644 --- a/common/common.go +++ b/common/common.go @@ -10,6 +10,7 @@ import ( ) func DesString(dbpwd string) (strs string) { + defer Catchs() if "" != dbpwd || len(dbpwd) > 0 { key := beego.AppConfig.String("key") key1 := []byte(key) @@ -21,6 +22,24 @@ func DesString(dbpwd string) (strs string) { return strs } +func AesString(dbpwd string) (strs string) { + defer Catchs() + pwd := []byte{} + if dbpwd == "" { + pwd = []byte("123") + } else { + pwd = []byte(dbpwd) + } + key := []byte(beego.AppConfig.String("key")) + strs, err := EnPwdCode(pwd, key) + if err != nil { + logs.Error(err) + }else { + logs.Info(strs) + } + return strs +} + func GetTokenExpirTime() (token_expir_time int) { token_expir_time, err := beego.AppConfig.Int("token_expir_time") if err == nil { diff --git a/conf/app.conf b/conf/app.conf index c11b18fdae354ad12f74fae61d4e32b4c378af5c..755aae339592245acadab2ce73bccf4f0a92be18 100644 --- a/conf/app.conf +++ b/conf/app.conf @@ -46,13 +46,13 @@ maxsize=204800 [crontab] ymalflag = 2 getymal = 00 00 23 * * * -cveflag = 2 +cveflag = 1 getcve = 00 00 01 * * * oricveflag = 2 oricvecheck = 00 00 05 * * * getissueflag = 2 getissue = 00 00 05 * * * -issueflag = 2 +issueflag = 1 createissue = * * 05 * * * test = 0/10 * * * * * gittokenflag = 2 @@ -61,7 +61,7 @@ genexcelflag = 2 genexcel = 0 */10 * * * * days = -30 prcnum = 50 -printlogflag = 2 +printlogflag = 1 printlog = 0 */20 * * * * @@ -103,6 +103,10 @@ cveref = https://nvd.nist.gov/vuln/detail/ openeulernum = 3000 # Import cve as data after 2018 cve_number = 2018 +# Manual data import restrictions +cve_number_m = 1990 +# Tool import data restriction +cve_number_t = 2018 # Create an issue's warehouse whitelist;1: open; 2: close issue_whitelist = 2 # List of affected branches diff --git a/conf/product_app.conf b/conf/product_app.conf index 58da96caf1874cf6f74ec07db726a9443b74f831..49c0aebbcb0e82bb33587fa38916c8f0bc1cac37 100644 --- a/conf/product_app.conf +++ b/conf/product_app.conf @@ -99,12 +99,16 @@ cveref = https://nvd.nist.gov/vuln/detail/ openeulernum = 3000 # Import cve as data after 2018 cve_number = 2018 +# Manual data import restrictions +cve_number_m = 1990 +# Tool import data restriction +cve_number_t = 2018 # Create an issue's warehouse whitelist;1: open; 2: close issue_whitelist = 1 # List of affected branches affected_branchs = openEuler-20.03-LTS # Close the highest privilege of issue -close_issue_privilege = 2 +close_issue_privilege = 1 [reflink] diff --git a/controllers/cvedetail.go b/controllers/cvedetail.go index a8446551dbb2ea64b12ef928970ee24d5e01e723..afa83d002d933ce0835627fdf92af6e3f922b248 100644 --- a/controllers/cvedetail.go +++ b/controllers/cvedetail.go @@ -35,6 +35,25 @@ func (u *CveDetailController) Get() { resp["errmsg"] = errcode.RecodeText(errcode.RecodeUnknowErr) resp["body"] = cod defer u.RetData(resp) + //Judge whether it is legal + token := u.GetString("token") + if token == "" { + resp["errno"] = errcode.RecodeSessionErr + resp["errmsg"] = errcode.RecodeText(errcode.RecodeSessionErr) + resp["body"] = []ResultData{} + logs.Error("token 校验失败") + return + } else { + // Check token + ok := models.CheckToken(token) + if !ok { + resp["errno"] = errcode.RecodeSessionErr + resp["errmsg"] = errcode.RecodeText(errcode.RecodeSessionErr) + resp["body"] = []ResultData{} + logs.Error("token 校验失败") + return + } + } cveNum := u.GetString("cveNum") if cveNum == "" { logs.Error("cveNum, 参数错误") diff --git a/controllers/login.go b/controllers/login.go index ae3757af986b6a9039cc1f08539a37729b3b5c0d..848129916929a642da0b65b794328a2bdbd51661 100644 --- a/controllers/login.go +++ b/controllers/login.go @@ -43,7 +43,7 @@ func (u *UserLoginController) Post() { logs.Error(err) return } - logs.Info("登录请求参数:", &req) + //logs.Info("登录请求参数:", req) //Judge whether it is legal if req["userName"] == nil || req["passWord"] == nil { resp["errno"] = errcode.RecodeDataErr @@ -54,7 +54,7 @@ func (u *UserLoginController) Post() { } password := fmt.Sprintf("%s", req["passWord"]) // Encryption first comment - //password = common.DesString(password) + password = common.DesString(password) if password == "" || len(password) == 0 { resp["errno"] = errcode.RecodePwdErr resp["errmsg"] = errcode.RecodeText(errcode.RecodePwdErr) diff --git a/cve-py/import_excels/266_whitelist_2020-11-26.xlsx b/cve-py/import_excels/266_whitelist_2020-11-26.xlsx new file mode 100644 index 0000000000000000000000000000000000000000..9691d07170b150faca2ecd73c828bd20724c23d1 Binary files /dev/null and b/cve-py/import_excels/266_whitelist_2020-11-26.xlsx differ diff --git a/cve-py/import_excels/26_whitelist_2020-11-26.xlsx b/cve-py/import_excels/26_whitelist_2020-11-26.xlsx new file mode 100644 index 0000000000000000000000000000000000000000..98eca1855bd0e96b11792afdb999d92da80845ca Binary files /dev/null and b/cve-py/import_excels/26_whitelist_2020-11-26.xlsx differ diff --git a/cve-py/newexcels/20.03-CVE_2020-11-26.xlsx b/cve-py/newexcels/20.03-CVE_2020-11-26.xlsx new file mode 100644 index 0000000000000000000000000000000000000000..1ed659b011ec0c6d8c825d6b6396ed695064c4e4 Binary files /dev/null and b/cve-py/newexcels/20.03-CVE_2020-11-26.xlsx differ diff --git a/cve-py/newexcels/cve_issue_2020-11-26.xlsx b/cve-py/newexcels/cve_issue_2020-11-26.xlsx new file mode 100644 index 0000000000000000000000000000000000000000..f7c12d6140def0803a44d82e1b1fd66a79ccc980 Binary files /dev/null and b/cve-py/newexcels/cve_issue_2020-11-26.xlsx differ diff --git a/models/issue.go b/models/issue.go index 2d757b4991b77ae4ff403432e3d04f6bc7db31c4..d0280832d2c3234cfb3dc0354b2ec08edbdbee11 100644 --- a/models/issue.go +++ b/models/issue.go @@ -31,8 +31,8 @@ func QueryIssueWhitelist(status int8) ([]IssueRepoWhitelist, error) { o := orm.NewOrm() var irw []IssueRepoWhitelist if status == 0 { - num, err := o.Raw("select repo_id,package_name,version,branchs,status,create_time,"+ - "update_time,delete_time"+ + num, err := o.Raw("select repo_id,package_name,version,branchs,status,create_time," + + "update_time,delete_time" + " from cve_issue_repo_whitelist order by repo_id desc").QueryRows(&irw) if err == nil && num > 0 { logs.Info("cve_issue_repo_whitelist 查询结果:", irw) @@ -59,7 +59,7 @@ func QueryIssueByPackName(packName, days string, prcnum int) ([]VulnCenter, erro var vc []VulnCenter num, err := o.Raw("select cve_id,cve_num,cve_desc,cve_version,repair_time,"+ "pack_name,cve_url,cve_level,data_source,update_time,is_export,cve_detail_url"+ - " from cve_vuln_center where pack_name = ? and " + + " from cve_vuln_center where pack_name = ? and "+ "update_time >= ? and cve_status in (?, ?) "+ "order by cve_id asc limit ?", packName, days, 0, 1, prcnum).QueryRows(&vc) if err == nil && num > 0 { @@ -247,7 +247,7 @@ func ReplacePackageByCveId(pkgList []string, cveId int64) error { platform := "source" if strings.Contains(v, ".x86_64.") { platform = "x86_64" - } else if strings.Contains(v, ".aarch64.") || strings.Contains(v, ".aarch64.") { + } else if strings.Contains(v, ".aarch64.") || strings.Contains(v, ".noarch.") { platform = "aarch64" } pkgUrl := fmt.Sprintf(`https://repo.openeuler.org/openEuler-20.03-LTS/update/%s/Packages/%s`, platform, v) @@ -268,7 +268,7 @@ func QueryPackageByCveId(cveId int64) ([]Package, error) { func InsertIssueTemplate(it *IssueTemplate) (issTempId int64, err error) { o := orm.NewOrm() - if issTempId, err = o.Insert(it); err == nil && issTempId > 0 { + if issTempId, err = o.Insert(it); err == nil && issTempId > 0 { logs.Info("insert cve_issue_template success, issTempId: ", issTempId, "cveNum: ", it.CveNum) } else { logs.Error("insert cve_issue_template failed, cveNum:", it.CveNum, "err: ", err) @@ -477,4 +477,3 @@ func CreateIssueRecord(icr *IssueCreateRecord) (issueRecordId int64, err error) return icr.IssueRecordId, nil } } - diff --git a/models/modeldb.go b/models/modeldb.go index de080590b4c5874a003a6154cfbd91f51c03024c..ae0412b28945b24ed06fab1b73de6ecc66ab31b0 100644 --- a/models/modeldb.go +++ b/models/modeldb.go @@ -604,6 +604,17 @@ type IssueCreateRecord struct { DeleteTime string `orm:"size(32);column(delete_time);null"` } +type OpenGussYaml struct { + Id int64 `orm:"pk;auto"` + PackageName string `orm:"column(package_name);size(256)" description:"包名称"` + Version string `orm:"size(64);column(version);index" description:"版本号"` + OriginUrl string `orm:"size(512);column(origin_url)" description:"gitee上的地址"` + Status int8 `orm:"default(1);column(status)" description:"1:正常;2:已删除"` + CreateTime string `orm:"size(32);column(create_time)"` + UpdateTime string `orm:"size(32);column(update_time);null"` + DeleteTime string `orm:"size(32);column(delete_time);null"` +} + func CreateDb() bool { BConfig, err := config.NewConfig("ini", "conf/app.conf") if err != nil { @@ -626,7 +637,7 @@ func CreateDb() bool { new(OriginUpstreamFixSuggest), new(OriginUpstreamFixSuggestRefTag), new(OriginUpstreamFixSuggestRef), new(GiteOriginIssue), new(OriginExcel), new(ExportRecord), new(GitRepoGroups), new(GiteRepo), new(GiteRepoMember), new(GiteRepoBranch), new(PackageCpe), new(EmailList), new(IssueAssignee), - new(IssueRepoWhitelist), new(IssueCreateRecord), + new(IssueRepoWhitelist), new(IssueCreateRecord), new(OpenGussYaml), ) logs.Info("table create success!") errosyn := orm.RunSyncdb("default", false, true) diff --git a/task/issuetask.go b/task/issuetask.go index 58d3032ab819ba32243f13319e9517bd235c0c43..e67bd4edf6be47577a72c8222013a29d8f9e502d 100644 --- a/task/issuetask.go +++ b/task/issuetask.go @@ -93,6 +93,16 @@ func CreateIssue() error { logs.Error("config cve::years error:", ok) return ok } + manYears, ok := BConfig.Int("cve::cve_number_m") + if ok != nil { + logs.Error("config cve::manYears error:", ok) + return ok + } + toolYears, ok := BConfig.Int("cve::cve_number_t") + if ok != nil { + logs.Error("config cve::toolYears error:", ok) + return ok + } prcnum, ok := BConfig.Int("crontab::prcnum") if ok != nil { logs.Error("config crontab::prcnum error:", ok) @@ -140,6 +150,11 @@ func CreateIssue() error { if cveNumList != nil && len(cveNumList) > 1 { cveYears, yearErr := strconv.Atoi(cveNumList[1]) if yearErr == nil { + if issueValue.DataSource == 1 { + years = toolYears + } else if issueValue.DataSource == 3 { + years = manYears + } if cveYears <= years { icr := models.IssueCreateRecord{} models.UpdateIssueStatus(issueValue, 4) @@ -233,6 +248,11 @@ func CreateIssue() error { if cveNumList != nil && len(cveNumList) > 1 { cveYears, yearErr := strconv.Atoi(cveNumList[1]) if yearErr == nil { + if issueValue.DataSource == 1 { + years = toolYears + } else if issueValue.DataSource == 3 { + years = manYears + } if cveYears <= years { icr := models.IssueCreateRecord{} models.UpdateIssueStatus(issueValue, 4) diff --git a/taskhandler/cve.go b/taskhandler/cve.go index 38ffb1c825736ca96379cc866186e76c06b956ed..06a47a9e9d03d3bfc39450c570b2165d97085060 100644 --- a/taskhandler/cve.go +++ b/taskhandler/cve.go @@ -673,6 +673,7 @@ func InsertCveGroups(cveData models.OriginUpstream, cveRef string, openeulerNum return true, nil } +// Synchronize the data returned by the Chinese Academy of Sciences func GenCveVuler(cveData models.OriginUpstream, cveRef string, openeulernum int) (bool, error) { if cveData.Ids == "" || cveData.CveNum == "" { logs.Error("当前数据cveNum 为空暂不处理,data: ", cveData) @@ -684,7 +685,7 @@ func GenCveVuler(cveData models.OriginUpstream, cveRef string, openeulernum int) logs.Error("config init error:", err) return false, err } - years, confOk := BConfig.Int("cve::cve_number") + years, confOk := BConfig.Int("cve::cve_number_t") if confOk != nil { logs.Error("config cve::years error:", confOk) return false, errors.New("数据错误,暂时不处理")