minor refactoring

Patrowl · Jan 12, 2022 · e27cab7 · e27cab7
1 parent 6abe0a3
commit e27cab7
Show file tree

Hide file tree

Showing 7 changed files with 94 additions and 97 deletions.
diff --git a/backend_app/requirements.txt b/backend_app/requirements.txt
@@ -46,7 +46,7 @@ oauthlib==3.1.0
 openapi-codec==1.3.2
 ordered-set==3.1.1
 packaging==20.3
-psycopg2==2.8.4
+psycopg2==2.9.0
 PyJWT==1.7.1
 pymongo==3.10.1
 pyparsing==2.4.6

diff --git a/backend_app/vpratings/apis.py b/backend_app/vpratings/apis.py
@@ -27,37 +27,36 @@ def get_vprating_metrics(self):
 
 @api_view(['GET'])
 @permission_classes([IsAuthenticated])
-def get_vuln_vector(self, vuln_id): 
-    
+def get_vuln_vector(self, vuln_id):
+
     vuln = get_object_or_404(Vuln, id=vuln_id)
     try:
         org_id = self.session.get('org_id', None)
         org = organization.get_current_organization(user=self.user, org_id=org_id)
     except Exception:
         return JsonResponse("error: unable to get the organization", safe=False, status=500)
-
-    vector = ""
+
     today_date = date.today()
 
-    # Vulnerability 
-    vector = vector + vuln.cvss_vector
-    
+    # Vulnerability
+    vector = "" + vuln.cvss_vector
+
     if vuln.is_confirmed is True:
         vector += "/CL:Y"
-        
-    if type(vuln.published) is datetime: 
+
+    if type(vuln.published) is datetime:
         published_date = vuln.published.date()
         delta = today_date - published_date
         vector += "/VX:" + str(delta.days)
-            
+
     ea_metrics = ['unknown', 'private', 'public']
     em_metrics = ['unknown', 'unproven', 'poc', 'functional']
     et_metrics = ['unknown', 'low', 'medium', 'high', 'trusted']
     ea_idx = ea_max_idx = 0
     em_idx = em_max_idx = 0
     et_idx = et_max_idx = 0
     ex_max_days = 0
-    
+
     exploits = list(
         chain(
             vuln.exploitmetadata_set.all(),
@@ -67,40 +66,40 @@ def get_vuln_vector(self, vuln_id):
 
     for exploit in exploits:
         e = model_to_dict(exploit)
-        
+
         ea_idx = ea_metrics.index(e['availability'])
         if ea_idx > ea_max_idx:
             ea_max_idx = ea_idx
-        
+
         em_idx = em_metrics.index(e['maturity'])
         if em_idx > em_max_idx:
             em_max_idx = em_idx
-        
+
         et_idx = et_metrics.index(e['trust_level'])
         if et_idx > et_max_idx:
             et_max_idx = et_idx
-        
+
         if type(e['published']) is datetime:
             published_date = e['published'].date()
             delta_published_date = today_date - published_date
-            if delta_published_date.days > ex_max_days: 
+            if delta_published_date.days > ex_max_days:
                 ex_max_days = delta_published_date.days
 
     ea_vectors = ['X', 'R', 'U']
     em_vectors = ['X', 'U', 'P', 'F']
     et_vectors = ['X', 'L', 'M', 'H', 'H']
-    
+
     vector += "/EA:" + str(ea_vectors[ea_max_idx])
     vector += "/EM:" + str(em_vectors[em_max_idx])
     vector += "/ET:" + str(et_vectors[et_max_idx])
     vector += "/EX:" + str(ex_max_days)
-    
-    if vuln.is_in_the_news: 
+
+    if vuln.is_in_the_news:
         vector += "/N:Y"
-        
-    if vuln.is_in_the_wild: 
+
+    if vuln.is_in_the_wild:
         vector += "/W:Y"
-    
+
     return JsonResponse(vector, safe=False)
 
 

diff --git a/backend_app/vulns/apis.py b/backend_app/vulns/apis.py
@@ -755,7 +755,8 @@ def get_org_vuln_metadata(self, vuln_id):
 @api_view(['GET'])
 @permission_classes([AllowManageMetadata])
 def get_org_vuln_comment(self, vuln_id):
-    """Return comment linked to a vulnerability and an organization
+    """Return comments linked to a vulnerability and an organization.
+
     Args:
         vuln_id (str): The vuln id
     Returns:
@@ -784,7 +785,8 @@ def get_org_vuln_comment(self, vuln_id):
 @api_view(['POST'])
 @permission_classes([AllowManageMetadata])
 def edit_org_vuln_comment(self, vuln_id):
-    """ Modify the comment linked to a vulnerability and an organization
+    """Update the comments linked to a vulnerability and an organization.
+
     Args:
         vuln_id (str): The vuln id
     Returns:

diff --git a/backend_app/vulns/models.py b/backend_app/vulns/models.py
@@ -16,7 +16,7 @@
     TRUST_LEVELS, TLP_LEVELS,
     EXPLOIT_RELEVANCY_RATES
 )
-from common.utils import _json_serial, organization
+from common.utils import _json_serial
 
 from cpe import CPE as _CPE
 import json
@@ -252,18 +252,15 @@ class Meta:
 
 
 class OrgVulnMetadata(models.Model):
-    """Models for data about one vulnerability linked to an organisation. The class inherit from vulnerabiltiy class. 
-    Args:
-        VulnBase (class): The class of vulnerability 
-    """
-
+    """Model for vulnerability context data linked to an organization."""
+
     STATUS_CHOICES = [
         ('undefined', 'Undefined'),
         ('fixed', 'Fixed'),
         ('not_interesting', 'Not Interesting'),
         ("in_progress", "In Progress")
     ]
-    
+
     organization = models.ForeignKey(Organization, on_delete=models.CASCADE, related_name='org_vulns_metadata')
     vuln = models.ForeignKey(Vuln, on_delete=models.CASCADE, related_name='org_vulns_metadata')
     comment = models.TextField(default="", blank=False)

diff --git a/backend_app/vulns/serializers.py b/backend_app/vulns/serializers.py
@@ -135,23 +135,23 @@ class VulnFilter(FilterSet):
     impact_availability = CharFilter(method='filter_impact_availability', field_name='impact_availability')
     impact_confidentiality = CharFilter(method='filter_impact_confidentiality', field_name='impact_confidentiality')
 
-    def filter_exploit_count__gt(self,  queryset, name, value):
+    def filter_exploit_count__gt(self, queryset, name, value):
         queryset = queryset.annotate(exploit_count=Count('exploitmetadata')).filter(exploit_count__gte=value)
 
-    def filter_exploit_count__gte(self,  queryset, name, value):
+    def filter_exploit_count__gte(self, queryset, name, value):
         queryset = queryset.annotate(exploit_count=Count('exploitmetadata'))
         return queryset.filter(exploit_count__gt=value)
 
-    def filter_exploit_count__lt(self,  queryset, name, value):
+    def filter_exploit_count__lt(self, queryset, name, value):
         queryset = queryset.annotate(exploit_count=Count('exploitmetadata')).filter(exploit_count__lt=value)
 
-    def filter_exploit_count__lte(self,  queryset, name, value):
+    def filter_exploit_count__lte(self, queryset, name, value):
         return queryset.annotate(exploit_count=Count('exploitmetadata')).filter(exploit_count__lte=value)
 
-    def filter_cwe_id(self,  queryset, name, value):
+    def filter_cwe_id(self, queryset, name, value):
         return queryset.filter(cwe__cwe_id__icontains=value)
 
-    def filter_cpe(self,  queryset, name, value):
+    def filter_cpe(self, queryset, name, value):
         try:
             c = value.split(':')
             vendor = c[3]
@@ -167,7 +167,7 @@ def filter_cpe(self,  queryset, name, value):
             pass
         return queryset.filter(vulnerable_products__icontains=value)
 
-    def filter_search(self,  queryset, name, value):
+    def filter_search(self, queryset, name, value):
         if type(value) == str:
             value = value.lower()
 
@@ -180,23 +180,23 @@ def filter_search(self,  queryset, name, value):
             Q(products__name__contains=value)
         ).distinct()
 
-    def filter_vendor(self,  queryset, name, value):
+    def filter_vendor(self, queryset, name, value):
         return queryset.filter(products__vendor__in=[value])
 
-    def filter_vendor_name(self,  queryset, name, value):
+    def filter_vendor_name(self, queryset, name, value):
         if type(value) == str:
             value = value.lower().replace(" ", "_")
         return queryset.filter(products__vendor__name__contains=value)
 
-    def filter_product(self,  queryset, name, value):
+    def filter_product(self, queryset, name, value):
         return queryset.filter(products__in=[value])
 
-    def filter_product_name(self,  queryset, name, value):
+    def filter_product_name(self, queryset, name, value):
         if type(value) == str:
             value = value.lower().replace(" ", "_")
         return queryset.filter(products__name__contains=value)
 
-    def filter_product_version(self,  queryset, name, value):
+    def filter_product_version(self, queryset, name, value):
         if type(value) == str:
             value = value.lower()
         # print(value)
@@ -209,35 +209,35 @@ def filter_product_version(self,  queryset, name, value):
 
         return queryset.filter(vulnerable_product_versions__all__contains=value).distinct()
 
-    def filter_package(self,  queryset, name, value):
+    def filter_package(self, queryset, name, value):
         return queryset.filter(packages__in=[value])
 
-    def filter_package_name(self,  queryset, name, value):
+    def filter_package_name(self, queryset, name, value):
         if type(value) == str:
             value = value.lower().replace(" ", "_")
         return queryset.filter(packages__name__contains=value)
 
-    def filter_monitored(self,  queryset, name, value):
+    def filter_monitored(self, queryset, name, value):
         return queryset.filter(monitored=value)
 
     # Access
-    def filter_access_vector(self,  queryset, name, value):
+    def filter_access_vector(self, queryset, name, value):
         return queryset.filter(access__vector=value)
 
-    def filter_access_complexity(self,  queryset, name, value):
+    def filter_access_complexity(self, queryset, name, value):
         return queryset.filter(access__complexity=value)
 
-    def filter_access_authentication(self,  queryset, name, value):
+    def filter_access_authentication(self, queryset, name, value):
         return queryset.filter(access__authentication=value)
 
     # Impact
-    def filter_impact_integrity(self,  queryset, name, value):
+    def filter_impact_integrity(self, queryset, name, value):
         return queryset.filter(impact__integrity=value)
 
-    def filter_impact_availability(self,  queryset, name, value):
+    def filter_impact_availability(self, queryset, name, value):
         return queryset.filter(impact__availability=value)
 
-    def filter_impact_confidentiality(self,  queryset, name, value):
+    def filter_impact_confidentiality(self, queryset, name, value):
         return queryset.filter(impact__confidentiality=value)
 
 
@@ -330,14 +330,14 @@ class ExploitMetadataFilter(FilterSet):
     search = CharFilter(method='filter_search', field_name='search')
     cveid = CharFilter(method='filter_cveid', field_name='cveid')
 
-    def filter_search(self,  queryset, name, value):
+    def filter_search(self, queryset, name, value):
         return queryset.filter(
             Q(link__icontains=value) |
             Q(notes__icontains=value) |
             Q(vuln__cveid__icontains=value)
         )
 
-    def filter_cveid(self,  queryset, name, value):
+    def filter_cveid(self, queryset, name, value):
         return queryset.filter(vuln__cveid=value)
 
     sorted_by = OrderingFilter(
@@ -439,14 +439,14 @@ class ThreatMetadataFilter(FilterSet):
     search = CharFilter(method='filter_search', field_name='search')
     cveid = CharFilter(method='filter_cveid', field_name='cveid')
 
-    def filter_search(self,  queryset, name, value):
+    def filter_search(self, queryset, name, value):
         return queryset.filter(
             Q(link__icontains=value) |
             Q(notes__icontains=value) |
             Q(vuln__cveid__icontains=value)
         )
 
-    def filter_cveid(self,  queryset, name, value):
+    def filter_cveid(self, queryset, name, value):
         return queryset.filter(vuln__cveid=value)
 
     sorted_by = OrderingFilter(