|
1
|
|
|
from skf.database import db |
|
|
|
|
|
|
2
|
|
|
from skf.api.security import log, val_num, val_float |
|
3
|
|
|
from skf.database.checklists import checklists |
|
4
|
|
|
from skf.database.checklists_kb import checklists_kb |
|
5
|
|
|
|
|
6
|
|
|
|
|
7
|
|
|
def get_checklist_item(checklist_id): |
|
8
|
|
|
log("User requested specific checklist item", "LOW", "PASS") |
|
9
|
|
|
val_float(checklist_id) |
|
10
|
|
|
|
|
11
|
|
|
result = checklists_kb.query.filter(checklists_kb.checklistID == checklist_id).one() |
|
12
|
|
|
return result |
|
13
|
|
|
|
|
14
|
|
|
|
|
15
|
|
|
def get_checklist_items(): |
|
16
|
|
|
log("User requested list of checklist items", "LOW", "PASS") |
|
17
|
|
|
result = checklists_kb.query.group_by(checklists_kb.checklistID).paginate(1, 1500, False) |
|
18
|
|
|
return order_checklist_items(result) |
|
19
|
|
|
|
|
20
|
|
|
|
|
21
|
|
|
def get_checklist_items_lvl(lvl): |
|
22
|
|
|
log("User requested list of checklist items based on level", "LOW", "PASS") |
|
23
|
|
|
val_num(lvl) |
|
24
|
|
|
# ASVS kbID's below 400 |
|
25
|
|
|
# MASVS kbID's between 400 and 799 |
|
26
|
|
|
if lvl == 1: # ASVS Level 1 |
|
27
|
|
|
result = checklists_kb.query.filter((checklists_kb.kbID < 400) & checklists_kb.checklist_items.has(level = 0) | checklists_kb.checklist_items.has(level = 1)).group_by(checklists_kb.checklistID).paginate(1, 1500, False) |
|
28
|
|
|
elif lvl == 2: # ASVS Level 2 |
|
29
|
|
|
result = checklists_kb.query.filter((checklists_kb.kbID < 400) & checklists_kb.checklist_items.has(level = 0) | checklists_kb.checklist_items.has(level = 1) | checklists_kb.checklist_items.has(level = 2)).group_by(checklists_kb.checklistID).paginate(1, 1500, False) |
|
30
|
|
|
elif lvl == 3: # ASVS Level 3 |
|
31
|
|
|
result = checklists_kb.query.filter((checklists_kb.kbID < 400) & checklists_kb.checklist_items.has(level = 0) | checklists_kb.checklist_items.has(level = 1) | checklists_kb.checklist_items.has(level = 2) | checklists_kb.checklist_items.has(level = 3)).group_by(checklists_kb.checklistID).paginate(1, 1500, False) |
|
32
|
|
|
elif lvl == 4: # MASVS Level 1 |
|
33
|
|
|
result = checklists_kb.query.filter((checklists_kb.kbID >= 400) & (checklists_kb.kbID < 1000) & (checklists_kb.checklist_items.has(level = 0) | checklists_kb.checklist_items.has(level = 1))).group_by(checklists_kb.checklistID).paginate(1, 1500, False) |
|
34
|
|
|
elif lvl == 5: # MASVS Level 2 |
|
35
|
|
|
result = checklists_kb.query.filter((checklists_kb.kbID >= 400) & (checklists_kb.kbID < 1000) & (checklists_kb.checklist_items.has(level = 0) | checklists_kb.checklist_items.has(level = 1) | checklists_kb.checklist_items.has(level = 2))).group_by(checklists_kb.checklistID).paginate(1, 1500, False) |
|
36
|
|
|
elif lvl == 6: # MASVS Level R |
|
37
|
|
|
result = checklists_kb.query.filter((checklists_kb.kbID >= 400) & (checklists_kb.kbID < 1000) & (checklists_kb.checklist_items.has(level = 0) | checklists_kb.checklist_items.has(level = 1) | checklists_kb.checklist_items.has(level = 2) | checklists_kb.checklist_items.has(level = 'R'))).group_by(checklists_kb.checklistID).paginate(1, 1500, False) |
|
38
|
|
|
return order_checklist_items(result, lvl) |
|
39
|
|
|
|
|
40
|
|
|
|
|
41
|
|
|
def order_checklist_items(checklist_items, lvl): |
|
42
|
|
|
ordered_checklist_items = [] |
|
43
|
|
|
for item in checklist_items.items: |
|
44
|
|
|
numbers = item.checklistID.split('.') |
|
45
|
|
|
category = int(numbers[0]) |
|
46
|
|
|
category_requirement = int(numbers[1]) |
|
47
|
|
|
if (len(ordered_checklist_items) == 0): |
|
48
|
|
|
ordered_checklist_items.append(item) |
|
49
|
|
|
else: |
|
50
|
|
|
y = 0 |
|
51
|
|
|
while y < len(ordered_checklist_items): |
|
52
|
|
|
numbers_ordered = ordered_checklist_items[y].checklistID.split('.') |
|
53
|
|
|
category_ordered = int(numbers_ordered[0]) |
|
54
|
|
|
category_requirement_ordered = int(numbers_ordered[1]) |
|
55
|
|
|
if (category < category_ordered): |
|
56
|
|
|
ordered_checklist_items.insert(y, item) |
|
57
|
|
|
break |
|
58
|
|
|
else: |
|
59
|
|
|
if (category == category_ordered): |
|
60
|
|
|
if (category_requirement < category_requirement_ordered): |
|
61
|
|
|
ordered_checklist_items.insert(y, item) |
|
62
|
|
|
break |
|
63
|
|
|
y = y + 1 |
|
64
|
|
|
if (y == len(ordered_checklist_items)): |
|
65
|
|
|
ordered_checklist_items.insert(y, item) |
|
66
|
|
|
|
|
67
|
|
|
if (not(lvl == 6)): |
|
68
|
|
|
i = 0 |
|
69
|
|
|
previousItemLevel = -1 |
|
70
|
|
|
orderedWithEmpties = [] |
|
71
|
|
|
for item in ordered_checklist_items: |
|
72
|
|
|
if ((item.checklist_items.level == 0 and previousItemLevel == 0) or (item.checklist_items.content == "Resiliency Against Reverse Engineering Requirements" and not (lvl == 6))): |
|
73
|
|
|
if (item.checklist_items.content == "Resiliency Against Reverse Engineering Requirements"): |
|
74
|
|
|
orderedWithEmpties.append(item) |
|
75
|
|
|
previousItemLevel = item.checklist_items.level |
|
76
|
|
|
checklist_empty = checklists("0.0", "Requirements of Reverse Engineering can be added to form a level " + str(lvl-3) + "+R.", -1, 0) |
|
77
|
|
|
checklists_kb_empty = checklists_kb("0.0", checklist_empty, 0, None) |
|
78
|
|
|
orderedWithEmpties.append(checklists_kb_empty) |
|
79
|
|
|
else: |
|
80
|
|
|
checklist_empty = checklists("0.0", "No items for this category in this checklist level", -1, 0) |
|
81
|
|
|
checklists_kb_empty = checklists_kb("0.0", checklist_empty, 0, None) |
|
82
|
|
|
orderedWithEmpties.append(checklists_kb_empty) |
|
83
|
|
|
orderedWithEmpties.append(item) |
|
84
|
|
|
previousItemLevel = item.checklist_items.level |
|
85
|
|
|
else: |
|
86
|
|
|
orderedWithEmpties.append(item) |
|
87
|
|
|
previousItemLevel = item.checklist_items.level |
|
88
|
|
|
i = i + 1; |
|
89
|
|
|
checklist_items.items = orderedWithEmpties |
|
90
|
|
|
else: |
|
91
|
|
|
orderedWithR6 = [] |
|
92
|
|
|
checklist_empty = checklists("0.0", "Using Requirements of Reverse Engineering you can form the levels L1+R or L2+R.", -1, 0) |
|
93
|
|
|
checklists_kb_empty = checklists_kb("0.0", checklist_empty, 0, None) |
|
94
|
|
|
orderedWithR6.append(checklists_kb_empty) |
|
95
|
|
|
for item in ordered_checklist_items: |
|
96
|
|
|
if (item.checklist_items.level == 'R'): |
|
97
|
|
|
checklist_modified = checklists(item.checklistID, item.checklist_items.content, 6, item.checklist_items.kbID) |
|
98
|
|
|
modifiedItem = checklists_kb(item.checklistID, checklist_modified, item.kbID, item.kb_items) |
|
99
|
|
|
orderedWithR6.append(modifiedItem) |
|
100
|
|
|
else: |
|
101
|
|
|
orderedWithR6.append(item) |
|
102
|
|
|
checklist_items.items = orderedWithR6 |
|
103
|
|
|
return checklist_items |
|
104
|
|
|
|
blabla1337 /
skf-flask
Loading history...