packages/aops-apollo
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix upload sa failed

Browse Source
This commit is contained in:
rearcher 2024-12-03 10:43:29 +08:00
parent 3643cda84d
commit b3e417ee8c
2 changed files with 129 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

124
0006-fix-upload-file.patch Normal file
View File

@ -0,0 +1,124 @@
From 2dbc352d9870049fa0f9226e015e5909007355fe Mon Sep 17 00:00:00 2001
From: rearcher <123781007@qq.com>
Date: Mon, 2 Dec 2024 19:48:20 +0800
Subject: [PATCH] fix upload filed error, optimize the generated rollback task
information
---
apollo/database/proxy/task/cve_rollback.py | 4 +-
apollo/handler/cve_handler/view.py | 45 +++++++++++++++++-----
2 files changed, 38 insertions(+), 11 deletions(-)
diff --git a/apollo/database/proxy/task/cve_rollback.py b/apollo/database/proxy/task/cve_rollback.py
index 0525602..2e761c9 100644
--- a/apollo/database/proxy/task/cve_rollback.py
+++ b/apollo/database/proxy/task/cve_rollback.py
@@ -117,8 +117,8 @@ class CveRollbackTaskProxy(TaskProxy):
host_num = cve_fix_task_info.host_num
if lang.startswith("en"):
- task_name = "ROLLBACK_TASK: %s" % fix_task_name
- description = "ORIGIN_TASK_DESCRIPTION: %s" % fix_task_description
+ task_name = "Rollback task: %s" % fix_task_name
+ description = "Origin task description: %s" % fix_task_description
else:
task_name = "回滚: %s" % fix_task_name
description = "原CVE修复任务描述: %s" % fix_task_description
diff --git a/apollo/handler/cve_handler/view.py b/apollo/handler/cve_handler/view.py
index 200cc0d..25c5d7c 100644
--- a/apollo/handler/cve_handler/view.py
+++ b/apollo/handler/cve_handler/view.py
@@ -20,10 +20,12 @@ import glob
import os
import shutil
import time
+import uuid
from collections import defaultdict
from typing import List, Optional
-from flask import g
+from flask import g, request
+from werkzeug.utils import secure_filename
from vulcanus.database.helper import judge_return_code
from vulcanus.log.log import LOGGER
from vulcanus.restful.resp.state import (
@@ -430,7 +432,36 @@ class VulGetCveTaskHost(BaseResponse):
return self.response(code=status_code, data=result)
-class VulUploadAdvisory(BaseResponse):
+class FileUpload:
+ @classmethod
+ def _upload_file(cls, save_path, file_key="file"):
+ """
+ upload file to save_path
+ Args:
+ save_path (str): path the file to be saved
+ file_key (str): body key for the file
+
+ Returns:
+ int: verify status code
+ str: file_path
+ str: file_name
+ """
+
+ file_name = ""
+ file = request.files.get(file_key)
+ if file is None or not file.filename:
+ return PARAM_ERROR, "", file_name
+ username = g.username
+ filename = secure_filename(file.filename)
+ file_name = str(uuid.uuid4()) + "." + filename.rsplit('.', 1)[-1]
+ if not os.path.exists(os.path.join(save_path, username)):
+ os.makedirs(os.path.join(save_path, username))
+ file_path = os.path.join(save_path, username, file_name)
+ file.save(file_path)
+ return SUCCEED, file_path, file_name
+
+
+class VulUploadAdvisory(BaseResponse, FileUpload):
"""
Restful interface for importing security advisory xml (compressed files or single file)
"""
@@ -442,13 +473,11 @@ class VulUploadAdvisory(BaseResponse):
int: status code
"""
save_path = FILE_UPLOAD_PATH
- status, username, file_name = self.verify_upload_request(save_path)
+ status, file_path, file_name = self._upload_file(save_path)
if status != SUCCEED:
return status
- file_path = os.path.join(save_path, username, file_name)
-
suffix = file_name.split('.')[-1]
if suffix == "xml":
status_code = self._save_single_advisory(proxy, file_path)
@@ -548,7 +577,7 @@ class VulUploadAdvisory(BaseResponse):
return self.response(code=self._handle(callback))
-class VulUploadUnaffected(BaseResponse):
+class VulUploadUnaffected(BaseResponse, FileUpload):
"""
Restful interface for importing unaffected cve xml (compressed files or single file)
"""
@@ -560,13 +589,11 @@ class VulUploadUnaffected(BaseResponse):
int: status code
"""
save_path = FILE_UPLOAD_PATH
- status, username, file_name = self.verify_upload_request(save_path)
+ status, file_path, file_name = self._upload_file(save_path)
if status != SUCCEED:
return status
- file_path = os.path.join(save_path, username, file_name)
-
suffix = file_name.split('.')[-1]
if suffix == "xml":
status_code = self._save_unaffected_cve(proxy, file_path)
--
Gitee

6
aops-apollo.spec
View File

@ -1,6 +1,6 @@
Name: aops-apollo Name: aops-apollo
Version: v2.0.0 Version: v2.0.0
Release: 6 Release: 7
Summary: Cve management service, monitor machine vulnerabilities and provide fix functions. Summary: Cve management service, monitor machine vulnerabilities and provide fix functions.
License: MulanPSL2 License: MulanPSL2
URL: https://gitee.com/openeuler/%{name} URL: https://gitee.com/openeuler/%{name}
@ -10,6 +10,7 @@ Patch0002: 0002-fix-bug-with-host-count-in-cve-fix-task.patch
Patch0003: 0003-fix-issue-with-language-display-in-task-generation.patch Patch0003: 0003-fix-issue-with-language-display-in-task-generation.patch
Patch0004: 0004-fix-repo-query-error-and-adjust-schema.patch Patch0004: 0004-fix-repo-query-error-and-adjust-schema.patch
Patch0005: 0005-set-uwsgi-buffer-size.patch Patch0005: 0005-set-uwsgi-buffer-size.patch
Patch0006: 0006-fix-upload-file.patch
BuildRequires: python3-setuptools BuildRequires: python3-setuptools
Requires: aops-vulcanus >= v2.0.0 Requires: aops-vulcanus >= v2.0.0
@ -67,6 +68,9 @@ popd
%{python3_sitelib}/aops_apollo_tool/* %{python3_sitelib}/aops_apollo_tool/*
%changelog %changelog
* Tue Dec 03 2024 luxuexian<luxuexian@huawei.com> - v2.0.0-7
- fix upload sa failed
* Tue Nov 19 2024 luxuexian<luxuexian@huawei.com> - v2.0.0-6 * Tue Nov 19 2024 luxuexian<luxuexian@huawei.com> - v2.0.0-6
- set-uwsgi-buffer-size to 32k - set-uwsgi-buffer-size to 32k