|
1
|
|
|
# -*- coding: utf-8 -*- |
|
2
|
|
|
""" |
|
3
|
|
|
Security Knowledge Framework is an expert system application |
|
4
|
|
|
that uses OWASP Application Security Verification Standard, code examples |
|
5
|
|
|
and helps developers in pre-development & post-development. |
|
6
|
|
|
Copyright (C) 2017 Glenn ten Cate, Riccardo ten Cate |
|
7
|
|
|
This program is free software: you can redistribute it and/or modify |
|
8
|
|
|
it under the terms of the GNU Affero General Public License as |
|
9
|
|
|
published by the Free Software Foundation, either version 3 of the |
|
10
|
|
|
License, or (at your option) any later version. |
|
11
|
|
|
This program is distributed in the hope that it will be useful, |
|
12
|
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
13
|
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
14
|
|
|
GNU Affero General Public License for more details. |
|
15
|
|
|
You should have received a copy of the GNU Affero General Public License |
|
16
|
|
|
along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
17
|
|
|
""" |
|
18
|
|
|
|
|
19
|
|
|
import logging.config, os, re |
|
|
|
|
|
|
20
|
|
|
|
|
21
|
|
|
from flask import Flask, Blueprint |
|
22
|
|
|
from flask_cors import CORS, cross_origin |
|
|
|
|
|
|
23
|
|
|
from skf import settings |
|
24
|
|
|
from skf.db_tools import init_md_checklists, init_md_knowledge_base, init_md_code_examples, init_db, update_db |
|
|
|
|
|
|
25
|
|
|
from skf.api.projects.endpoints.project_items import ns as project_namespace |
|
26
|
|
|
from skf.api.projects.endpoints.project_item import ns as project_namespace |
|
27
|
|
|
from skf.api.projects.endpoints.project_delete import ns as project_namespace |
|
28
|
|
|
from skf.api.projects.endpoints.project_new import ns as project_namespace |
|
29
|
|
|
from skf.api.projects.endpoints.project_stats import ns as project_namespace |
|
30
|
|
|
from skf.api.projects.endpoints.project_update import ns as project_namespace |
|
31
|
|
|
from skf.api.sprints.endpoints.sprint_item import ns as sprints_namespace |
|
32
|
|
|
from skf.api.sprints.endpoints.sprint_delete import ns as sprints_namespace |
|
33
|
|
|
from skf.api.sprints.endpoints.sprint_new import ns as sprints_namespace |
|
34
|
|
|
from skf.api.sprints.endpoints.sprint_stats import ns as sprints_namespace |
|
35
|
|
|
from skf.api.sprints.endpoints.sprint_update import ns as sprints_namespace |
|
36
|
|
|
from skf.api.sprints.endpoints.sprint_results import ns as sprints_namespace |
|
37
|
|
|
from skf.api.sprints.endpoints.sprint_results_audit import ns as sprints_namespace |
|
38
|
|
|
from skf.api.sprints.endpoints.sprint_results_audit_export import ns as sprints_namespace |
|
39
|
|
|
from skf.api.checklist.endpoints.checklist_items import ns as checklist_namespace |
|
40
|
|
|
from skf.api.checklist.endpoints.checklist_item import ns as checklist_namespace |
|
41
|
|
|
from skf.api.checklist.endpoints.checklist_level import ns as checklist_namespace |
|
42
|
|
|
from skf.api.code.endpoints.code_items import ns as code_namespace |
|
43
|
|
|
from skf.api.code.endpoints.code_item import ns as code_namespace |
|
44
|
|
|
from skf.api.code.endpoints.code_item_update import ns as code_namespace |
|
45
|
|
|
from skf.api.code.endpoints.code_items_lang import ns as code_namespace |
|
46
|
|
|
from skf.api.user.endpoints.user_create import ns as users_namespace |
|
47
|
|
|
from skf.api.user.endpoints.user_activate import ns as users_namespace |
|
48
|
|
|
from skf.api.user.endpoints.user_login import ns as users_namespace |
|
49
|
|
|
from skf.api.user.endpoints.user_list import ns as users_namespace |
|
50
|
|
|
from skf.api.user.endpoints.user_manage import ns as users_namespace |
|
51
|
|
|
from skf.api.kb.endpoints.kb_items import ns as kb_namespace |
|
52
|
|
|
from skf.api.kb.endpoints.kb_item import ns as kb_namespace |
|
53
|
|
|
from skf.api.kb.endpoints.kb_item_update import ns as kb_namespace |
|
54
|
|
|
from skf.api.questions_pre.endpoints.question_pre_items import ns as questions_pre_namespace |
|
55
|
|
|
from skf.api.questions_pre.endpoints.question_pre_store import ns as questions_pre_namespace |
|
56
|
|
|
from skf.api.questions_pre.endpoints.question_pre_update import ns as questions_pre_namespace |
|
57
|
|
|
from skf.api.questions_sprint.endpoints.question_sprint_items import ns as questions_sprint_namespace |
|
58
|
|
|
from skf.api.questions_sprint.endpoints.question_sprint_store import ns as questions_sprint_namespace |
|
59
|
|
|
from skf.api.questions_post.endpoints.question_post_items import ns as questions_post_namespace |
|
60
|
|
|
from skf.api.questions_post.endpoints.question_post_store import ns as questions_post_namespace |
|
61
|
|
|
from skf.api.comment.endpoints.comment_items import ns as comment_namespace |
|
62
|
|
|
from skf.api.comment.endpoints.comment_new import ns as comment_namespace |
|
63
|
|
|
|
|
64
|
|
|
from skf.api.restplus import api |
|
65
|
|
|
from skf.database import db |
|
66
|
|
|
|
|
67
|
|
|
|
|
68
|
|
|
app = Flask(__name__) |
|
69
|
|
|
# TO DO FIX WILDCARD ONLY ALLOW NOW FOR DEV |
|
70
|
|
|
cors = CORS(app, resources={r"/*": {"origins": settings.ORIGINS}}) |
|
71
|
|
|
logging.config.fileConfig('logging.conf') |
|
72
|
|
|
log = logging.getLogger(__name__) |
|
73
|
|
|
|
|
74
|
|
|
|
|
75
|
|
|
def configure_app(flask_app): |
|
76
|
|
|
"""Configure the SKF app.""" |
|
77
|
|
|
#cannot use SERVER_NAME because it will mess up the routing |
|
78
|
|
|
#flask_app.config['SERVER_NAME'] = settings.FLASK_SERVER_NAME |
|
79
|
|
|
flask_app.config['SQLALCHEMY_DATABASE_URI'] = settings.SQLALCHEMY_DATABASE_URI |
|
80
|
|
|
flask_app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = settings.SQLALCHEMY_TRACK_MODIFICATIONS |
|
81
|
|
|
flask_app.config['SWAGGER_UI_DOC_EXPANSION'] = settings.RESTPLUS_SWAGGER_UI_DOC_EXPANSION |
|
82
|
|
|
flask_app.config['RESTPLUS_VALIDATE'] = settings.RESTPLUS_VALIDATE |
|
83
|
|
|
flask_app.config['RESTPLUS_MASK_SWAGGER'] = settings.RESTPLUS_MASK_SWAGGER |
|
84
|
|
|
flask_app.config['ERROR_404_HELP'] = settings.RESTPLUS_ERROR_404_HELP |
|
85
|
|
|
flask_app.config['TESTING'] = settings.TESTING |
|
86
|
|
|
flask_app.config['FLASK_DEBUG'] = settings.FLASK_DEBUG |
|
87
|
|
|
|
|
88
|
|
|
|
|
89
|
|
|
def initialize_app(flask_app): |
|
90
|
|
|
"""Initialize the SKF app.""" |
|
91
|
|
|
configure_app(flask_app) |
|
92
|
|
|
blueprint = Blueprint('api', __name__, url_prefix='/api') |
|
93
|
|
|
api.init_app(blueprint) |
|
94
|
|
|
api.add_namespace(kb_namespace) |
|
95
|
|
|
api.add_namespace(code_namespace) |
|
96
|
|
|
api.add_namespace(users_namespace) |
|
97
|
|
|
api.add_namespace(project_namespace) |
|
98
|
|
|
api.add_namespace(comment_namespace) |
|
99
|
|
|
api.add_namespace(sprints_namespace) |
|
100
|
|
|
api.add_namespace(checklist_namespace) |
|
101
|
|
|
api.add_namespace(questions_pre_namespace) |
|
102
|
|
|
api.add_namespace(questions_post_namespace) |
|
103
|
|
|
api.add_namespace(questions_sprint_namespace) |
|
104
|
|
|
flask_app.register_blueprint(blueprint) |
|
105
|
|
|
db.init_app(flask_app) |
|
106
|
|
|
|
|
107
|
|
|
|
|
108
|
|
|
@app.cli.command('initdb') |
|
109
|
|
|
def initdb_command(): |
|
110
|
|
|
"""Creates the database with all the Markdown files.""" |
|
111
|
|
|
init_db() |
|
112
|
|
|
print('Initialized the database.') |
|
113
|
|
|
|
|
114
|
|
|
|
|
115
|
|
|
@app.cli.command('updatedb') |
|
116
|
|
|
def initdb_command(): |
|
117
|
|
|
"""Update the database with the markdown files.""" |
|
118
|
|
|
update_db() |
|
119
|
|
|
print('Markdown files updated in the database.') |
|
120
|
|
|
|
|
121
|
|
|
|
|
122
|
|
|
def main(): |
|
123
|
|
|
"""Main SKF method""" |
|
124
|
|
|
initialize_app(app) |
|
125
|
|
|
|
|
126
|
|
|
print(app.debug) |
|
127
|
|
|
if app.debug == False: |
|
128
|
|
|
if settings.JWT_SECRET == '': |
|
129
|
|
|
log.info('>>>>> Configure the JWT_SECRET in the settings.py file and choose an unique 128 character long secret <<<<<') |
|
130
|
|
|
else: |
|
131
|
|
|
log.info('>>>>> Starting development server http://'+settings.FLASK_HOST+":"+str(settings.FLASK_PORT)+' <<<<<') |
|
132
|
|
|
app.run(host=settings.FLASK_HOST, port=settings.FLASK_PORT, debug=app.debug) |
|
133
|
|
|
if app.debug == True: |
|
134
|
|
|
if settings.JWT_SECRET == '': |
|
135
|
|
|
log.info('>>>>> Starting development server http://'+settings.FLASK_HOST+":"+str(settings.FLASK_PORT)+' <<<<<') |
|
136
|
|
|
app.run(host=settings.FLASK_HOST, port=settings.FLASK_PORT, debug=app.debug) |
|
137
|
|
|
|
|
138
|
|
|
|
|
139
|
|
|
if __name__ == "__main__": |
|
140
|
|
|
main() |
|
141
|
|
|
|
blabla1337 /
skf-flask
Loading history...
