vulnerability-lookup/vulnerability-lookup
13
1
Fork 0
mirror of https://github.com/cve-search/vulnerability-lookup.git synced 2024-12-26 23:47:27 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

new: [website] Added a button in the admin dashboard to trigger the update of the documentation.
Some checks are pending
CodeQL / Analyze (push) Waiting to run
Details
Deploy Jekyll with GitHub Pages dependencies preinstalled / build (push) Waiting to run
Details
Deploy Jekyll with GitHub Pages dependencies preinstalled / deploy (push) Blocked by required conditions
Details
MyPy / Python 3.10 sample (push) Waiting to run
Details
MyPy / Python 3.11 sample (push) Waiting to run
Details
MyPy / Python 3.12 sample (push) Waiting to run
Details
API Test / Python 3.10 sample (push) Waiting to run
Details
API Test / Python 3.11 sample (push) Waiting to run
Details
API Test / Python 3.12 sample (push) Waiting to run
Details
Models Tests / Python 3.10 sample (push) Waiting to run
Details
Models Tests / Python 3.11 sample (push) Waiting to run
Details
Models Tests / Python 3.12 sample (push) Waiting to run
Details

Browse source
This commit is contained in:
Cédric Bonhomme 2024-11-24 11:23:26 +01:00
parent 4318ec2144
commit 6f38ccf36a
Signed by untrusted user who does not match committer: cedric
GPG key ID: A1CB94DE57B7A70D
3 changed files with 30 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
website/lib/utils.py
View file

@ -31,10 +31,12 @@ def exec_cmd(command: str) -> str:
return result.strip()
def exec_cmd_no_wait(command: str) -> None:
def exec_cmd_no_wait(command: str, cwd: str="") -> None:
"""Execute a command in a sub process."""
args = shlex.split(command)
subprocess.Popen(args, stdout=subprocess.PIPE, cwd=get_homedir())
if cwd == "":
cwd = get_homedir().absolute().as_posix()
subprocess.Popen(args, stdout=subprocess.PIPE, cwd=cwd)
def find_cve_ids(text: str) -> List[str]:

18
website/web/templates/admin/dashboard.html
View file

@ -43,10 +43,11 @@
<div class="row">
<div class="col">
<h2 id="instance-status">Maintenance</h2>
<button id="maintenance-warning-lists" class="btn btn-primary" type="button" title="Update the MISP Warning lists in background.">Update MISP Warning lists</button>
<button id="maintenance-backup-database" class="btn btn-primary" type="button" title="Backup the database in background.">Backup database</button>
<button id="maintenance-dump-feeds" class="btn btn-primary" type="button" title="Dump all feeds in background.">Dump all feeds</button>
<button id="maintenance-dump-sightings" class="btn btn-primary" type="button" title="Dump all sightings in background.">Dump sightings</button>
<button id="maintenance-warning-lists" class="btn btn-primary m-1" type="button" title="Update the MISP Warning lists in background.">Update MISP Warning lists</button>
<button id="maintenance-backup-database" class="btn btn-primary m-1" type="button" title="Backup the database in background.">Backup database</button>
<button id="maintenance-dump-feeds" class="btn btn-primary m-1" type="button" title="Dump all feeds in background.">Dump all feeds</button>
<button id="maintenance-dump-sightings" class="btn btn-primary m-1" type="button" title="Dump all sightings in background.">Dump sightings</button>
<button id="maintenance-update-documentation" class="btn btn-primary m-1" type="button" title="Update the documentation.">Update the documentation</button>
</div>
</div>
<br />
@ -95,6 +96,10 @@
rpc_maintainance("/admin/command/dump_sightings");
}
function dump_documentation() {
rpc_maintainance("/admin/command/update_documentation");
}
document.addEventListener("DOMContentLoaded", function() {
var jsonContainer = document.getElementById("json-container");
jsonContainer.innerHTML = prettyPrintJson.toHtml(JSON.parse(jsonContainer.innerText));
@ -118,6 +123,11 @@
{
showModal('Confirm', "Dump all sightings in background ?", dump_sightings, event);
})
document.getElementById("maintenance-update-documentation").addEventListener('click',function (event)
{
showModal('Confirm', "Update the documentation ?", dump_documentation, event);
})
});
</script>
{% endblock %}

12
website/web/views/admin.py
View file

@ -24,6 +24,7 @@ from werkzeug import Response as WerkzeugResponse
from werkzeug.security import generate_password_hash
from vulnerabilitylookup.default import get_config
from vulnerabilitylookup.default import get_homedir
from website.models import User, Comment, Bundle, Sighting
from website.lib.utils import exec_cmd_no_wait
from website.web.bootstrap import db
@ -31,6 +32,7 @@ from website.web.bootstrap import vulnerabilitylookup
from website.web.forms import UserForm
from website.web.permissions import admin_permission
admin_bp = Blueprint("admin_bp", __name__, url_prefix="/admin")
@ -97,6 +99,16 @@ def dump_sightings() -> WerkzeugResponse:
return jsonify({"message": "Command executed."})
@admin_bp.route("/command/update_documentation", methods=["GET"])
@login_required # type: ignore[misc]
@admin_permission.require(http_exception=403) # type: ignore[misc]
def update_documentation() -> WerkzeugResponse:
cwd = get_homedir().joinpath("docs/").absolute().as_posix()
exec_cmd_no_wait("poetry install --only docs")
exec_cmd_no_wait("poetry run make html", cwd=cwd)
return jsonify({"message": "Command executed."})
#
# Users
#