forked from bdekany/uyuni-security-ui
-
Notifications
You must be signed in to change notification settings - Fork 0
/
app.py
91 lines (81 loc) · 3.44 KB
/
app.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
import ssl
from xmlrpc.client import ServerProxy, Fault
from flask import Flask, g, session, redirect, url_for, request, render_template, flash
app = Flask(__name__)
# Set the secret key to some random bytes. Keep this really secret!
app.secret_key = b'_5#y2L"F4Q8zJijhde7382idjd]/'
def get_client():
if not hasattr(g, 'client'):
#context = ssl.create_default_context()
context = ssl._create_unverified_context()
g.client = ServerProxy("https://%s/rpc/api" % (session['hostname']), context=context)
return g.client
def get_name(sid):
# {'name': 'guest1.zypp.lo', 'id': 1000010011, 'last_checkin': <DateTime '20200114T23:00:13' at 0x7f821ffe5400>}
client = get_client()
try:
return client.system.get_name(session['key'], sid)['name']
except Fault as err:
flash("Erreur API : %s" % err.faultString)
return None
@app.route('/')
def index():
if ('username' or 'password' or 'hostname') not in session:
return redirect(url_for('login'))
client = get_client()
try:
score = client.system.get_system_currency_scores(session['key'])
except Fault as err:
flash("Erreur API : %s" % err.faultString)
session.pop('username', None)
return redirect(url_for('login'))
for i in range( len(score) ):
score[i]["name"] = get_name(score[i]["sid"])
return render_template('system_currency.html', score=score)
@app.route('/scans')
def scans():
if ('username' or 'password' or 'hostname') not in session:
return redirect(url_for('login'))
client = get_client()
scans = []
try:
for system in client.system.list_systems(session['key']):
actions = []
sys_name = get_name(system['id'])
for scan in client.system.scap.list_xccdf_scans(session['key'], system["id"]):
detail = client.system.scap.get_xccdf_scan_details(session['key'], scan['xid'])
actions.append({'date': detail['start_time'].value, 'action_id': detail['action_id']})
scans.append({'name': sys_name, 'sid': system["id"], 'actions': actions})
return render_template('scans.html', scans=scans)
except Fault as err:
flash("Erreur API : %s" % err.faultString)
session.pop('username', None)
return redirect(url_for('login'))
@app.route('/download/<int:sys_id>/<int:action_id>')
def download(sys_id=None, action_id=None):
path = "/var/spacewalk/systems/1/%s/actions/%s/report.html" % (sys_id, action_id)
with open(path, 'r') as content_file:
content = content_file.read()
return content
@app.route('/login', methods=['GET', 'POST'])
def login():
if request.method == 'POST':
session['username'] = request.form['username']
session['password'] = request.form['password']
session['hostname'] = request.form['hostname']
client = get_client()
try:
session['key'] = client.auth.login(session['username'],
session['password'])
except Fault as err:
flash("Erreur API : %s" % err.faultString)
session.pop('username', None)
return redirect(url_for('login'))
return redirect(url_for('index'))
return render_template('login.html')
@app.route('/logout')
def logout():
# remove the username from the session if it's there
flash("Disconnected!")
session.pop('username', None)
return redirect(url_for('index'))