You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
249 lines
9.1 KiB
249 lines
9.1 KiB
from mycode.DBManager import app_DBM
|
|
from mycode.TargetManager import g_TM
|
|
|
|
class AssetsManager:
|
|
def __init__(self):
|
|
pass
|
|
|
|
def __del__(self):
|
|
pass
|
|
|
|
def get_IP_assets(self,IP,user,safe_rank):
|
|
ip_assets = []
|
|
ip_assets = app_DBM.get_ip_assets_db(IP,user,safe_rank)
|
|
if not ip_assets:
|
|
ip_assets = []
|
|
return ip_assets
|
|
|
|
def get_IP_info(self,IP):
|
|
ip_info = app_DBM.get_ip_info_db(IP)
|
|
if not ip_info:
|
|
ip_info = []
|
|
return ip_info
|
|
|
|
def get_assets_users(self,uname):
|
|
assets_users = app_DBM.get_assets_users_db(uname)
|
|
if not assets_users:
|
|
assets_users = []
|
|
return assets_users
|
|
|
|
def update_assets_users(self,IP,owner_id,itype = 1):
|
|
return app_DBM.update_assets_users_db(IP,owner_id,itype)
|
|
|
|
def get_port_latest(self,ip):
|
|
return app_DBM.get_port_latest_db(ip)
|
|
|
|
def get_port_history(self,ip):
|
|
#拿ip_id
|
|
strsql = "select id,scan_count from ip_assets where ip_address = %s"
|
|
params = (ip,)
|
|
ip_data = app_DBM.safe_do_select(strsql,params,1)
|
|
ip_id = ip_data[0]
|
|
scan_count = ip_data[1]
|
|
# 1) 拿批次
|
|
sql_batches = '''
|
|
SELECT DISTINCT scan_count, scan_time
|
|
FROM port_assets
|
|
WHERE ip_id=%s
|
|
ORDER BY scan_count ASC;
|
|
'''
|
|
batches = app_DBM.safe_do_select(sql_batches, (ip_id,))
|
|
times = [row[1] for row in batches]
|
|
counts = [row[0] for row in batches]
|
|
if len(times) != scan_count:
|
|
print(f"*****数据批次有问题")
|
|
# 2) 拿所有端口数据
|
|
sql_ports = '''
|
|
SELECT port, service, version, status, scan_count
|
|
FROM port_assets
|
|
WHERE ip_id=%s
|
|
ORDER BY port ASC, scan_count ASC;
|
|
'''
|
|
rows = app_DBM.safe_do_select(sql_ports, (ip_id,))
|
|
# 3) 组织成: { port: { service, version, statuses: [...], changed: [...] } }
|
|
from collections import OrderedDict
|
|
port_dict = OrderedDict()
|
|
for port, service, version, status, sc in rows:
|
|
entry = port_dict.setdefault(port, {
|
|
'service': [],
|
|
'version': [],
|
|
'statuses': [],
|
|
'scancount': [],
|
|
'changed': []
|
|
})
|
|
entry['service'].append(service)
|
|
entry['version'].append(version)
|
|
entry['statuses'].append(status)
|
|
entry['scancount'].append(sc)
|
|
# 4) 计算 changed 数组:与前一批次对比
|
|
for port, info in port_dict.items():
|
|
service = info['service']
|
|
version = info['version']
|
|
statuses = info['statuses']
|
|
#scancount = info['scancount'] #执行次序不用对比
|
|
changed = []
|
|
for i in range(len(service)):
|
|
if i == 0:
|
|
changed.append(0) # 第一个批次,默认无变化
|
|
else:
|
|
if service[i] != service[i-1] or version[i] != version[i-1] or statuses[i] != statuses[i-1]:
|
|
changed.append(1)
|
|
else:
|
|
changed.append(0)
|
|
info['changed'] = changed
|
|
return times,port_dict
|
|
|
|
def get_ip_url_latest(self,ip):
|
|
return app_DBM.get_ip_url_latest_db(ip)
|
|
|
|
def get_ip_url_history(self,ip):
|
|
return app_DBM.get_ip_url_history_db(ip)
|
|
|
|
def get_vul_data(self,ip,nodeName,vulType,vulLevel):
|
|
# 先获取该IP最新的task_id
|
|
task_id = app_DBM.get_last_task_by_ip(ip)
|
|
if not task_id:
|
|
return []
|
|
vuls = app_DBM.get_task_vul(task_id, nodeName, vulType, vulLevel)
|
|
return vuls
|
|
|
|
def del_ip_assets(self,ip):
|
|
bsuccess,error = app_DBM.del_ip_assets(ip)
|
|
return bsuccess,error
|
|
|
|
def get_url_assets(self,url,owner,email):
|
|
url_assets = app_DBM.get_url_assets_db(url,owner,email)
|
|
return url_assets
|
|
|
|
def get_url_to_ip(self,url_id):
|
|
last_to_ips,his_to_ip = app_DBM.get_url_to_ip_db(url_id)
|
|
return last_to_ips,his_to_ip
|
|
|
|
def del_url_assets(self,url_id):
|
|
bsuccess, error = app_DBM.del_url_assets_db(url_id)
|
|
return bsuccess, error
|
|
|
|
def get_owners(self,owner, owner_type, contact, tellnum):
|
|
owner_list = []
|
|
owner_list = app_DBM.get_owner_db(owner, owner_type, contact, tellnum)
|
|
return owner_list
|
|
|
|
def add_update_owner(self,owner_data, do_mode):
|
|
'''
|
|
:param owner_data:
|
|
:param do_mode:
|
|
:return:
|
|
'''
|
|
id = owner_data["id"]
|
|
user = owner_data["user"]
|
|
type = owner_data["type"]
|
|
contact = owner_data["contact"]
|
|
phone = owner_data["phone"]
|
|
IDno = owner_data["IOno"]
|
|
if not user or not type or not contact or not phone or not IDno:
|
|
return False, "有信息没有填写,请补充完整!", []
|
|
if do_mode =="add":
|
|
strsql = "select ID from assets_user where ID_num = %s or uname = %s;"
|
|
params = (IDno,user)
|
|
data = app_DBM.safe_do_select(strsql, params, 1)
|
|
if data:
|
|
return False, "证件号码或用户名称已经存在,请重新修改", []
|
|
|
|
strsql = "insert into assets_user (itype,uname,tellnum,tell_username,ID_num) values (%s,%s,%s,%s,%s);"
|
|
params = (type,user,phone,contact,IDno)
|
|
bok,new_id = app_DBM.safe_do_sql(strsql,params,1)
|
|
elif do_mode == "edit":
|
|
strsql = "select ID from assets_user where ID_num = %s and ID <> %s"
|
|
params = (IDno,id)
|
|
data = app_DBM.safe_do_select(strsql, params, 1)
|
|
if data:
|
|
return False, "证件号码已经存在,请重新修改", []
|
|
|
|
strsql = "update assets_user set itype=%s,uname=%s,tellnum=%s,tell_username=%s,ID_num=%s where ID=%s;"
|
|
params = (type, user, phone, contact, IDno,id)
|
|
bok,_ = app_DBM.safe_do_sql(strsql,params)
|
|
else:
|
|
return False,"操作模式超出预期",[]
|
|
|
|
if bok:
|
|
owner_list = app_DBM.get_owner_db("", "", "", "")
|
|
return True,"",owner_list
|
|
else:
|
|
return False, "数据库操作失败", []
|
|
|
|
def del_owner(self,id):
|
|
bsuccess,error = app_DBM.del_owner_db(id)
|
|
return bsuccess,error
|
|
|
|
#---------巡检目标------------
|
|
def add_polling_target(self,pollind_targets, owner_name,owner_id):
|
|
suc_list = []
|
|
fail_list = []
|
|
pTlist = pollind_targets.split(',')
|
|
#对目标的合法性进行初步判断
|
|
for pT in pTlist:
|
|
target_type,check_target = g_TM.is_valid_target(pT)
|
|
if not target_type: # 非法目标
|
|
fail_list.append(pT)
|
|
else: #合法目标
|
|
#判断巡检目标是否已存在
|
|
strsql = "select ID from target where scr_target = %s;"
|
|
params = (pT,)
|
|
data = app_DBM.safe_do_select(strsql,params,1)
|
|
if data:
|
|
fail_list.append(pT)
|
|
continue
|
|
#入库---是否调整为批量插入
|
|
if owner_name:
|
|
strsql = "insert into target (scr_target,check_target,owner_id,target_type) values (%s,%s,%s,%s);"
|
|
params = (pT,check_target,owner_id,target_type)
|
|
else:
|
|
strsql = "insert into target (scr_target,check_target,target_type) values (%s,%s,%s);"
|
|
params = (pT, check_target, target_type)
|
|
bok,_ = app_DBM.safe_do_sql(strsql,params)
|
|
if bok:
|
|
suc_list.append(pT)
|
|
else:
|
|
fail_list.append(pT)
|
|
return suc_list,fail_list
|
|
|
|
def get_polling_target(self,PT,owner,PP,safe_rank):
|
|
pTargets = app_DBM.get_polling_target_db(PT,owner,PP,safe_rank)
|
|
return pTargets
|
|
|
|
def update_pt_owner(self,PT,owner_id):
|
|
strsql = "update target set owner_id = %s where scr_target=%s;"
|
|
params = (owner_id,PT)
|
|
bok,_ = app_DBM.safe_do_sql(strsql,params)
|
|
if bok:
|
|
error = ""
|
|
else:
|
|
error = "修改目标所属用户失败,请联系技术支持!"
|
|
return bok,error
|
|
|
|
def update_pt_period(self,PT,polling_type,polling_period,selectedTime):
|
|
strsql = "update target set polling_type=%s,polling_period=%s,polling_start_time=%s where scr_target=%s;"
|
|
params = (polling_type,polling_period,selectedTime,PT)
|
|
bok, _ = app_DBM.safe_do_sql(strsql, params)
|
|
if bok:
|
|
error = ""
|
|
#? 需要更新该目标的巡检计划
|
|
else:
|
|
error = "修改目标巡检策略失败,请联系技术支持!"
|
|
return bok, error
|
|
|
|
def del_pt(self,PT):
|
|
strsql = "delete from target where scr_target=%s;"
|
|
params = (PT,)
|
|
bok, _ = app_DBM.safe_do_sql(strsql, params)
|
|
if bok:
|
|
error = ""
|
|
else:
|
|
error = "删除巡检目标失败,请联系技术支持!"
|
|
return bok, error
|
|
|
|
|
|
|
|
|
|
|
|
g_AssetsM = AssetsManager()
|