← Back to branch summary

~launchpad-pqm/launchpad/devel 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166

# Copyright 2009 Canonical Ltd.  This software is licensed under the
# GNU Affero General Public License version 3 (see the file LICENSE).

"""CVE views."""

__metaclass__ = type

__all__ = [
    'CveContextMenu',
    'CveLinkView',
    'CveSetContextMenu',
    'CveSetNavigation',
    'CveSetView',
    'CveUnlinkView',
    ]

from zope.component import getUtility

from canonical.launchpad.webapp import (
    canonical_url,
    ContextMenu,
    GetitemNavigation,
    Link,
    )
from canonical.launchpad.webapp.batching import BatchNavigator
from lp.app.browser.launchpadform import (
    action,
    LaunchpadFormView,
    )
from lp.app.validators.cve import valid_cve
from lp.bugs.interfaces.cve import (
    ICve,
    ICveSet,
    )


class CveSetNavigation(GetitemNavigation):

    usedfor = ICveSet


class CveContextMenu(ContextMenu):

    usedfor = ICve
    links = ['linkbug', 'unlinkbug']

    def linkbug(self):
        text = 'Link to bug'
        return Link('+linkbug', text, icon='edit')

    def unlinkbug(self):
        enabled = bool(self.context.bugs)
        text = 'Remove bug link'
        return Link('+unlinkbug', text, icon='edit', enabled=enabled)


class CveSetContextMenu(ContextMenu):

    usedfor = ICveSet
    links = ['findcve', 'allcve']

    def allcve(self):
        text = 'All registered CVEs'
        return Link('+all', text)

    def findcve(self):
        text = 'Find CVEs'
        summary = 'Find CVEs in Launchpad'
        return Link('', text, summary)


class CveLinkView(LaunchpadFormView):
    """This view will be used for objects that can be linked to a CVE,
    currently that is only IBug.
    """
    schema = ICve
    field_names = ['sequence']

    def validate(self, data):
        sequence = data.get('sequence')
        if sequence is None:
            # Don't attempt to look up this CVE; its number is not valid.
            return
        cve = getUtility(ICveSet)[sequence]
        if cve is None:
            self.addError('%s is not a known CVE sequence number.' % sequence)

    @action('Continue', name='continue')
    def continue_action(self, action, data):
        cve = getUtility(ICveSet)[data['sequence']]
        self.context.bug.linkCVE(cve, self.user)
        self.request.response.addInfoNotification(
            'CVE-%s added.' % data['sequence'])

    label = 'Link to CVE report'

    page_title = label

    @property
    def next_url(self):
        return canonical_url(self.context)

    cancel_url = next_url


class CveUnlinkView(CveLinkView):
    """This view is used to unlink a CVE from a bug."""

    @action('Continue', name='continue')
    def continue_action(self, action, data):
        cve = getUtility(ICveSet)[data['sequence']]
        self.context.bug.unlinkCVE(cve, self.user)
        self.request.response.addInfoNotification(
            'CVE-%s removed.' % data['sequence'])

    @property
    def label(self):
        return  'Bug # %s Remove link to CVE report' % self.context.bug.id

    page_title = label

    heading = 'Remove links to bug reports'


class CveSetView:

    def __init__(self, context, request):
        self.context = context
        self.request = request
        self.notices = []
        self.results = None
        self.text = self.request.form.get('text', None)
        self.searchrequested = False

        if self.text:
            self.pre_search()

    label = 'Launchpad CVE tracker'
    page_title = label

    def getAllBatched(self):
        return BatchNavigator(self.context.getAll(), self.request)

    def pre_search(self):
        # see if we have an exact match, and redirect if so; otherwise,
        # do a search for it.
        sequence = self.text
        if sequence[:4].lower() in ['cve-', 'can-']:
            sequence = sequence[4:].strip()
        if valid_cve(sequence):
            # try to find the CVE, and redirect to it if we do
            cveset = getUtility(ICveSet)
            cve = cveset[sequence]
            if cve:
                self.request.response.redirect(canonical_url(cve))
        self.searchrequested = True

    def searchresults(self):
        """Use searchtext to find the list of Products that match
        and then present those as a list. Only do this the first
        time the method is called, otherwise return previous results.
        """
        if self.results is None:
            self.results = self.context.search(text=self.text)
            self.matches = self.results.count()
        return self.results