From 356e9b415bb76a4b01ace3f89426390c29b09bd8 Mon Sep 17 00:00:00 2001 From: zhangjianjun_code <7844966+zhangjianjun_code@user.noreply.gitee.com> Date: Wed, 27 Jan 2021 19:48:14 +0800 Subject: [PATCH] Cve changes to the scoring logic that is not affected by the branch --- controllers/hook.go | 216 ++++++++++++++++++---------- cve-py/tabletask/spec_error_task.py | 24 +++- models/modeldb.go | 2 +- 3 files changed, 158 insertions(+), 84 deletions(-) diff --git a/controllers/hook.go b/controllers/hook.go index f36fde0..7985d2b 100644 --- a/controllers/hook.go +++ b/controllers/hook.go @@ -1459,23 +1459,7 @@ func checkIssueAnalysisComplete(i *models.IssueTemplate) (msg, tbStr string, ok tbContent[0] = "已分析" tbContent[1] = "影响性分析说明" tbContent[2] = util.TrimStringNR(i.CveAnalysis) - if i.OpenEulerScore == 0.0 { - msg = fmt.Sprintf("openEulerScore没有填写或正确填写(0-10)") - ok = false - return - } - tbContent[3] = "已分析" - tbContent[4] = "openEulerScore" - tbContent[5] = i.OpenEulerScore - - if i.OpenEulerVector == "" || len(i.OpenEulerVector) < 1 { - msg = fmt.Sprintf("openEulerVector没有正确填写") - ok = false - return - } - tbContent[6] = "已分析" - tbContent[7] = "openEulerVector" - tbContent[8] = util.TrimStringNR(i.OpenEulerVector) + affectedVersionFlag := 1 if i.AffectedVersion != "" { versionfFlag := true affectedVersionArry := strings.Split(i.AffectedVersion, ",") @@ -1484,12 +1468,17 @@ func checkIssueAnalysisComplete(i *models.IssueTemplate) (msg, tbStr string, ok versionArry := strings.Split(affect, ":") if len(versionArry) > 1 { if versionArry[1] == "受影响" || versionArry[1] == "不受影响" { + if versionArry[1] == "受影响" { + affectedVersionFlag = 2 + } continue } else { + affectedVersionFlag = 3 versionfFlag = false break } } else { + affectedVersionFlag = 3 versionfFlag = false break } @@ -1514,6 +1503,32 @@ func checkIssueAnalysisComplete(i *models.IssueTemplate) (msg, tbStr string, ok tbContent[10] = "受影响版本排查" tbContent[11] = "" } + if affectedVersionFlag == 1 { + tbContent[3] = "已分析" + tbContent[4] = "openEulerScore" + tbContent[5] = i.OpenEulerScore + tbContent[6] = "已分析" + tbContent[7] = "openEulerVector" + tbContent[8] = util.TrimStringNR(i.OpenEulerVector) + } else { + if i.OpenEulerScore == 0.0 { + msg = fmt.Sprintf("openEulerScore没有填写或正确填写(0-10)") + ok = false + return + } + tbContent[3] = "已分析" + tbContent[4] = "openEulerScore" + tbContent[5] = i.OpenEulerScore + + if i.OpenEulerVector == "" || len(i.OpenEulerVector) < 1 { + msg = fmt.Sprintf("openEulerVector没有正确填写") + ok = false + return + } + tbContent[6] = "已分析" + tbContent[7] = "openEulerVector" + tbContent[8] = util.TrimStringNR(i.OpenEulerVector) + } tbStr = fmt.Sprintf(tb, tbContent...) return } @@ -1541,23 +1556,7 @@ func checkGaussIssueAnalysisComplete(i *models.IssueTemplate) (msg, tbStr string tbContent[0] = "已分析" tbContent[1] = "影响性分析说明" tbContent[2] = util.TrimStringNR(i.CveAnalysis) - if i.OpenEulerScore == 0.0 { - msg = fmt.Sprintf("openGaussScore没有填写或正确填写(0-10)") - ok = false - return - } - tbContent[3] = "已分析" - tbContent[4] = "openGaussScore" - tbContent[5] = i.OpenEulerScore - - if i.OpenEulerVector == "" || len(i.OpenEulerVector) < 1 { - msg = fmt.Sprintf("openGaussVector没有正确填写") - ok = false - return - } - tbContent[6] = "已分析" - tbContent[7] = "openGaussVector" - tbContent[8] = util.TrimStringNR(i.OpenEulerVector) + affectedVersionFlag := 1 if i.AffectedVersion != "" { versionfFlag := true affectedVersionArry := strings.Split(i.AffectedVersion, ",") @@ -1566,12 +1565,17 @@ func checkGaussIssueAnalysisComplete(i *models.IssueTemplate) (msg, tbStr string versionArry := strings.Split(affect, ":") if len(versionArry) > 1 { if versionArry[1] == "受影响" || versionArry[1] == "不受影响" { + if versionArry[1] == "受影响" { + affectedVersionFlag = 2 + } continue } else { + affectedVersionFlag = 3 versionfFlag = false break } } else { + affectedVersionFlag = 3 versionfFlag = false break } @@ -1596,6 +1600,32 @@ func checkGaussIssueAnalysisComplete(i *models.IssueTemplate) (msg, tbStr string tbContent[10] = "受影响版本排查" tbContent[11] = "" } + if affectedVersionFlag == 1 { + tbContent[3] = "已分析" + tbContent[4] = "openGaussScore" + tbContent[5] = i.OpenEulerScore + tbContent[6] = "已分析" + tbContent[7] = "openGaussVector" + tbContent[8] = util.TrimStringNR(i.OpenEulerVector) + } else { + if i.OpenEulerScore == 0.0 { + msg = fmt.Sprintf("openGaussScore没有填写或正确填写(0-10)") + ok = false + return + } + tbContent[3] = "已分析" + tbContent[4] = "openGaussScore" + tbContent[5] = i.OpenEulerScore + + if i.OpenEulerVector == "" || len(i.OpenEulerVector) < 1 { + msg = fmt.Sprintf("openGaussVector没有正确填写") + ok = false + return + } + tbContent[6] = "已分析" + tbContent[7] = "openGaussVector" + tbContent[8] = util.TrimStringNR(i.OpenEulerVector) + } tbStr = fmt.Sprintf(tb, tbContent...) return } @@ -1626,28 +1656,7 @@ func checkIssueClosedAnalysisComplete(i *models.IssueTemplate) (msg, tbStr strin tbContent[1] = "影响性分析说明" tbContent[2] = util.TrimStringNR(i.CveAnalysis) } - if i.OpenEulerScore == 0.0 { - tbContent[3] = "待分析" - tbContent[4] = "openEulerScore" - tbContent[5] = fmt.Sprintf("openEulerScore没有填写或正确填写(0-10)") - msg = fmt.Sprintf("openEulerScore没有填写或正确填写(0-10)") - ok = false - } else { - tbContent[3] = "已分析" - tbContent[4] = "openEulerScore" - tbContent[5] = i.OpenEulerScore - } - if util.TrimString(i.OpenEulerVector) == "" || len(util.TrimString(i.OpenEulerVector)) < 1 { - tbContent[6] = "待分析" - tbContent[7] = "openEulerVector" - tbContent[8] = fmt.Sprintf("openEulerVector没有正确填写") - msg = fmt.Sprintf("openEulerVector没有正确填写") - ok = false - } else { - tbContent[6] = "已分析" - tbContent[7] = "openEulerVector" - tbContent[8] = util.TrimStringNR(i.OpenEulerVector) - } + affectedVersionFlag := 1 if i.AffectedVersion != "" { versionfFlag := true affectedVersionArry := strings.Split(i.AffectedVersion, ",") @@ -1656,12 +1665,17 @@ func checkIssueClosedAnalysisComplete(i *models.IssueTemplate) (msg, tbStr strin versionArry := strings.Split(affect, ":") if len(versionArry) > 1 { if versionArry[1] == "受影响" || versionArry[1] == "不受影响" { + if versionArry[1] == "受影响" { + affectedVersionFlag = 2 + } continue } else { + affectedVersionFlag = 3 versionfFlag = false break } } else { + affectedVersionFlag = 3 versionfFlag = false break } @@ -1683,6 +1697,37 @@ func checkIssueClosedAnalysisComplete(i *models.IssueTemplate) (msg, tbStr strin tbContent[10] = "受影响版本排查" tbContent[11] = "" } + if affectedVersionFlag == 1 { + tbContent[3] = "已分析" + tbContent[4] = "openEulerScore" + tbContent[5] = i.OpenEulerScore + tbContent[6] = "已分析" + tbContent[7] = "openEulerVector" + tbContent[8] = util.TrimStringNR(i.OpenEulerVector) + } else { + if i.OpenEulerScore == 0.0 { + tbContent[3] = "待分析" + tbContent[4] = "openEulerScore" + tbContent[5] = fmt.Sprintf("openEulerScore没有填写或正确填写(0-10)") + msg = fmt.Sprintf("openEulerScore没有填写或正确填写(0-10)") + ok = false + } else { + tbContent[3] = "已分析" + tbContent[4] = "openEulerScore" + tbContent[5] = i.OpenEulerScore + } + if util.TrimString(i.OpenEulerVector) == "" || len(util.TrimString(i.OpenEulerVector)) < 1 { + tbContent[6] = "待分析" + tbContent[7] = "openEulerVector" + tbContent[8] = fmt.Sprintf("openEulerVector没有正确填写") + msg = fmt.Sprintf("openEulerVector没有正确填写") + ok = false + } else { + tbContent[6] = "已分析" + tbContent[7] = "openEulerVector" + tbContent[8] = util.TrimStringNR(i.OpenEulerVector) + } + } tbStr = fmt.Sprintf(tb, tbContent...) return } @@ -1713,28 +1758,7 @@ func checkGaussIssueClosedAnalysisComplete(i *models.IssueTemplate) (msg, tbStr tbContent[1] = "影响性分析说明" tbContent[2] = util.TrimStringNR(i.CveAnalysis) } - if i.OpenEulerScore == 0.0 { - tbContent[3] = "待分析" - tbContent[4] = "openGaussScore" - tbContent[5] = fmt.Sprintf("openGaussScore没有填写或正确填写(0-10)") - msg = fmt.Sprintf("openGaussScore没有填写或正确填写(0-10)") - ok = false - } else { - tbContent[3] = "已分析" - tbContent[4] = "openGaussScore" - tbContent[5] = i.OpenEulerScore - } - if util.TrimString(i.OpenEulerVector) == "" || len(util.TrimString(i.OpenEulerVector)) < 1 { - tbContent[6] = "待分析" - tbContent[7] = "openGaussVector" - tbContent[8] = fmt.Sprintf("openGaussVector没有正确填写") - msg = fmt.Sprintf("openGaussVector没有正确填写") - ok = false - } else { - tbContent[6] = "已分析" - tbContent[7] = "openGaussVector" - tbContent[8] = util.TrimStringNR(i.OpenEulerVector) - } + affectedVersionFlag := 1 if i.AffectedVersion != "" { versionfFlag := true affectedVersionArry := strings.Split(i.AffectedVersion, ",") @@ -1743,12 +1767,17 @@ func checkGaussIssueClosedAnalysisComplete(i *models.IssueTemplate) (msg, tbStr versionArry := strings.Split(affect, ":") if len(versionArry) > 1 { if versionArry[1] == "受影响" || versionArry[1] == "不受影响" { + if versionArry[1] == "受影响" { + affectedVersionFlag = 2 + } continue } else { + affectedVersionFlag = 3 versionfFlag = false break } } else { + affectedVersionFlag = 3 versionfFlag = false break } @@ -1770,6 +1799,37 @@ func checkGaussIssueClosedAnalysisComplete(i *models.IssueTemplate) (msg, tbStr tbContent[10] = "受影响版本排查" tbContent[11] = "" } + if affectedVersionFlag == 1 { + tbContent[3] = "已分析" + tbContent[4] = "openGaussScore" + tbContent[5] = i.OpenEulerScore + tbContent[6] = "已分析" + tbContent[7] = "openGaussVector" + tbContent[8] = util.TrimStringNR(i.OpenEulerVector) + } else { + if i.OpenEulerScore == 0.0 { + tbContent[3] = "待分析" + tbContent[4] = "openGaussScore" + tbContent[5] = fmt.Sprintf("openGaussScore没有填写或正确填写(0-10)") + msg = fmt.Sprintf("openGaussScore没有填写或正确填写(0-10)") + ok = false + } else { + tbContent[3] = "已分析" + tbContent[4] = "openGaussScore" + tbContent[5] = i.OpenEulerScore + } + if util.TrimString(i.OpenEulerVector) == "" || len(util.TrimString(i.OpenEulerVector)) < 1 { + tbContent[6] = "待分析" + tbContent[7] = "openGaussVector" + tbContent[8] = fmt.Sprintf("openGaussVector没有正确填写") + msg = fmt.Sprintf("openGaussVector没有正确填写") + ok = false + } else { + tbContent[6] = "已分析" + tbContent[7] = "openGaussVector" + tbContent[8] = util.TrimStringNR(i.OpenEulerVector) + } + } tbStr = fmt.Sprintf(tb, tbContent...) return } diff --git a/cve-py/tabletask/spec_error_task.py b/cve-py/tabletask/spec_error_task.py index 398100b..d86e03c 100644 --- a/cve-py/tabletask/spec_error_task.py +++ b/cve-py/tabletask/spec_error_task.py @@ -68,10 +68,22 @@ def parse_error_excels(file_name): table_one = data.sheet_by_name("Sheet1") row_number = table_one.nrows for i in range(1, row_number): - cve_num_list.append(table_one.cell(i, 1).value) - cve_desc_list.append(table_one.cell(i, 4).value) - cve_owner_list.append(table_one.cell(i, 2).value) - pack_name_list.append(table_one.cell(i, 3).value) + if table_one.cell(i, 1).value: + cve_num_list.append(table_one.cell(i, 1).value) + else: + continue + if table_one.cell(i, 4).value: + cve_desc_list.append(table_one.cell(i, 4).value) + else : + cve_desc_list.append("") + if table_one.cell(i, 2).value: + cve_owner_list.append(table_one.cell(i, 2).value) + else: + cve_owner_list.append("") + if table_one.cell(i, 3).value: + pack_name_list.append(table_one.cell(i, 3).value) + else: + pack_name_list.append("") list_all = [cve_num_list, cve_desc_list, cve_owner_list, pack_name_list] except IndexError as e: print("Subscript out of bounds", e) @@ -82,7 +94,7 @@ def parse_error_excels(file_name): def add_error_details(): """ - Conditions for filtering incorrect data + Conditions for filtering incorrect data Returns: """ @@ -90,6 +102,8 @@ def add_error_details(): files = os.listdir('./spec_error_excels') for file in files: result = parse_error_excels(file) + if not result[0]: + continue print('开始批量插入人工CVE过滤条件') objects = [] pwd = urllib.parse.quote_plus(Config.DBPWD) diff --git a/models/modeldb.go b/models/modeldb.go index 9f120d0..763e55c 100644 --- a/models/modeldb.go +++ b/models/modeldb.go @@ -288,7 +288,7 @@ type OriginUpstream struct { Ids string `orm:"size(256);column(cve_un_ids);unique" description:" 唯一编号,根据此字段去重数据, 唯一识别码,可以填cve编号"` CveNum string `orm:"size(256);column(cve_num);index" description:"cve编号"` UpdateType string `orm:"size(32);column(update_type);" description:"数据上传类型:insert, update, delete"` - CvePackName string `orm:"size(512);column(cve_packname);index;null" description:"Cve在上游对应的包名"` + CvePackName string `orm:"size(512);column(cve_packname);null" description:"Cve在上游对应的包名"` PackName string `orm:"size(512);column(git_packname);index;null" description:"Cve对应的openEuler包名称(或者影响的包名)"` Title string `orm:"size(1024);column(cve_title);null" description:"标题"` AffectProduct string `orm:"size(512);column(affect_porduct);null" description:"Cve影响的组件, 对应"` -- Gitee