diff --git a/genmai_admin/gin-vue-admin/server/api/v1/Scan/SAST_Scan.go b/genmai_admin/gin-vue-admin/server/api/v1/Scan/SAST_Scan.go index a95d8585a6fcea368b22a500b589a7539d16a6af..0a3025e4b89a988f8a17f862b6c8a9cb478e0b5c 100644 --- a/genmai_admin/gin-vue-admin/server/api/v1/Scan/SAST_Scan.go +++ b/genmai_admin/gin-vue-admin/server/api/v1/Scan/SAST_Scan.go @@ -16,1516 +16,465 @@ import ( "github.com/gin-gonic/gin" ) -// Project 定义模块结构 -type Project struct { - Description string `json:"description"` - ID int `json:"id"` - ProjectName string `json:"project_name"` - Owner string `json:"owner"` - Ruleset string `json:"ruleset"` - Sld string `json:"sld"` - Tld string `json:"tld"` - UpdateTime string `json:"update_time"` -} - -// CreateProject 创建项目 -func CreateProject_zhihua(project Project) ([]Project, error) { - // 响应结构 - type projectsResponse struct { - Message string `json:"message"` - ProjectName string `json:"ProjectName"` - } - - // 序列化请求数据 - jsonBody, err := json.Marshal(project) - if err != nil { - return nil, fmt.Errorf("序列化请求失败: %w", err) - } - - // 发送POST请求 - url := "http://10.41.118.125:3000/server/api/v1/sast/CreateProject" - resp, err := http.Post(url, "application/json", bytes.NewBuffer(jsonBody)) - if err != nil { - return nil, fmt.Errorf("发送请求失败: %w", err) - } - defer resp.Body.Close() - - // 检查响应状态码 - if resp.StatusCode != http.StatusOK { - return nil, fmt.Errorf("请求失败,状态码: %d", resp.StatusCode) - } - - // 解析响应 - var response projectsResponse - if err := json.NewDecoder(resp.Body).Decode(&response); err != nil { - return nil, fmt.Errorf("解析响应失败: %w", err) - } - - projects := []Project{} - projects = append(projects, project) - - return projects, nil -} - -func (scanArgsApi *ScanArgsApi) CreateProject(c *gin.Context) { - var project Project - c.ShouldBindJSON(&project) - - // 调用CreateProject函数获取模块数组 - projects, err := CreateProject_zhihua(project) - if err != nil { - c.JSON(200, gin.H{ - "Message": "创建失败!", - "Project": projects, - }) - return - } - - c.JSON(200, gin.H{ - "Message": "创建成功!", - "Project": projects, - }) -} - -// GetProjects 获取项目的所有模块 -func GetProjectList_zhihua() ([]Project, error) { - // 响应结构 - type projectsResponse struct { - Message string `json:"message"` - Projects []Project `json:"ProjectList"` - } - - // 发送POST请求 - url := "http://10.41.118.125:3000/server/api/v1/sast/GetProjectList" - resp, err := http.Post(url, "application/json", nil) - if err != nil { - return nil, fmt.Errorf("发送请求失败: %w", err) - } - defer resp.Body.Close() - - // 检查响应状态码 - if resp.StatusCode != http.StatusOK { - return nil, fmt.Errorf("请求失败,状态码: %d", resp.StatusCode) - } - - // 解析响应 - var response projectsResponse - if err := json.NewDecoder(resp.Body).Decode(&response); err != nil { - return nil, fmt.Errorf("解析响应失败: %w", err) - } - - return response.Projects, nil -} func (scanArgsApi *ScanArgsApi) GetProjectList(c *gin.Context) { - // 调用GetProjects函数获取模块数组 - projects, err := GetProjectList_zhihua() - if err != nil { - c.JSON(200, gin.H{ - "Message": "查询失败!", - "Data": projects, - "Total": len(projects), - }) - return - } - - // 按照ID由大到小排序 - sort.Slice(projects, func(i, j int) bool { - // 假设元素结构体的ID字段为ID(根据实际结构体字段名修改) - return projects[i].ID > projects[j].ID - }) - - c.JSON(200, gin.H{ - "Message": "查询成功!", - "Data": projects, - "Total": len(projects), - }) -} - -// DeleteProject 删除项目 -func DeleteProject_zhihua(project Project) ([]Project, error) { - // 响应结构 - type projectsResponse struct { - Code int `json:"Code"` - Message string `json:"Message"` - } - - // 序列化请求数据 - jsonBody, err := json.Marshal(project) - if err != nil { - return nil, fmt.Errorf("序列化请求失败: %w", err) - } - - // 发送POST请求 - url := "http://10.41.118.125:3000/server/api/v1/sast/DeleteProject" - resp, err := http.Post(url, "application/json", bytes.NewBuffer(jsonBody)) - if err != nil { - return nil, fmt.Errorf("发送请求失败: %w", err) - } - defer resp.Body.Close() - - // 检查响应状态码 - if resp.StatusCode != http.StatusOK { - return nil, fmt.Errorf("请求失败,状态码: %d", resp.StatusCode) - } - - // 解析响应 - var response projectsResponse - if err := json.NewDecoder(resp.Body).Decode(&response); err != nil { - return nil, fmt.Errorf("解析响应失败: %w", err) - } - - if response.Message != "删除项目成功" { - return nil, fmt.Errorf("删除项目失败: %s", response.Message) - } - - projects := []Project{} - projects = append(projects, project) - - return projects, nil -} - -func (scanArgsApi *ScanArgsApi) DeleteProject(c *gin.Context) { - var project Project - c.ShouldBindJSON(&project) - - // 调用DeleteProject函数获取模块数组 - projects, err := DeleteProject_zhihua(project) - if err != nil { - c.JSON(200, gin.H{ - "Message": "删除失败!", - "Project": projects, - }) - return - } - - c.JSON(200, gin.H{ - "Message": "删除成功!", - "Project": projects, - }) -} - -// EditProject 编辑项目 -func EditProject_zhihua(project Project) ([]Project, error) { - // 响应结构 - type projectsResponse struct { - Code int `json:"Code"` - Message string `json:"Message"` - } - - // 序列化请求数据 - jsonBody, err := json.Marshal(project) - if err != nil { - return nil, fmt.Errorf("序列化请求失败: %w", err) - } - - // 发送POST请求 - url := "http://10.41.118.125:3000/server/api/v1/sast/EditProject" - resp, err := http.Post(url, "application/json", bytes.NewBuffer(jsonBody)) - if err != nil { - return nil, fmt.Errorf("发送请求失败: %w", err) - } - defer resp.Body.Close() - - // 检查响应状态码 - if resp.StatusCode != http.StatusOK { - return nil, fmt.Errorf("请求失败,状态码: %d", resp.StatusCode) - } - - // 解析响应 - var response projectsResponse - if err := json.NewDecoder(resp.Body).Decode(&response); err != nil { - return nil, fmt.Errorf("解析响应失败: %w", err) - } - - if response.Message != "编辑扫描项目成功" { - return nil, fmt.Errorf("编辑项目失败: %s", response.Message) - } - - projects := []Project{} - projects = append(projects, project) - - return projects, nil -} - -func (scanArgsApi *ScanArgsApi) EditProject(c *gin.Context) { - var project Project - c.ShouldBindJSON(&project) - - // 调用EditProject函数获取模块数组 - projects, err := EditProject_zhihua(project) - if err != nil { - c.JSON(200, gin.H{ - "Message": "编辑失败!", - "Project": projects, - }) - return - } - - c.JSON(200, gin.H{ - "Message": "编辑成功!", - "Project": projects, - }) -} - -// Module 定义模块结构 -type Module struct { - Branch string `json:"branch"` - Description string `json:"description"` - FetchMode string `json:"fetch_mode"` - ID int `json:"id"` - ModuleName string `json:"module_name"` - Owner string `json:"owner"` - Passwd string `json:"passwd"` - ProjectName string `json:"project_name"` - Ruleset string `json:"ruleset"` - Sld string `json:"sld"` - Tld string `json:"tld"` - UpdateTime string `json:"update_time"` - URL string `json:"url"` - User string `json:"user"` - Expiration string `json:"expiration"` -} - -// CreateModule 创建模块 -func CreateModule_zhihua(module Module) ([]Module, error) { - // 响应结构 - type modulesResponse struct { - Message string `json:"message"` - ModuleName string `json:"ModuleName"` - ProjectName string `json:"ProjectName"` - } - - // 序列化请求数据 - jsonBody, err := json.Marshal(module) - if err != nil { - return nil, fmt.Errorf("序列化请求失败: %w", err) - } - - // 发送POST请求 - url := "http://10.41.118.125:3000/server/api/v1/sast/CreateModule" - resp, err := http.Post(url, "application/json", bytes.NewBuffer(jsonBody)) - if err != nil { - return nil, fmt.Errorf("发送请求失败: %w", err) - } - defer resp.Body.Close() - - // 检查响应状态码 - if resp.StatusCode != http.StatusOK { - return nil, fmt.Errorf("请求失败,状态码: %d", resp.StatusCode) - } - - // 解析响应 - var response modulesResponse - if err := json.NewDecoder(resp.Body).Decode(&response); err != nil { - return nil, fmt.Errorf("解析响应失败: %w", err) - } - - modules := []Module{} - modules = append(modules, module) - - return modules, nil -} - -func (scanArgsApi *ScanArgsApi) CreateModule(c *gin.Context) { - var module Module - c.ShouldBindJSON(&module) - - // 调用智化系统 - // 响应结构 - type modulesResponse struct { - Message string `json:"message"` - ModuleName string `json:"ModuleName"` - ProjectName string `json:"ProjectName"` - } - - // 序列化请求数据 - jsonBody, err := json.Marshal(module) - if err != nil { - c.JSON(200, gin.H{ - "Message": "创建失败!", - }) - return - } - - // 发送POST请求 - url := "http://10.41.118.125:3000/server/api/v1/sast/CreateModule" - resp, err := http.Post(url, "application/json", bytes.NewBuffer(jsonBody)) - if err != nil { - c.JSON(200, gin.H{ - "Message": "创建失败!", - }) - return - } - defer resp.Body.Close() - - // 解析响应 - var response modulesResponse - if err := json.NewDecoder(resp.Body).Decode(&response); err != nil { - c.JSON(200, gin.H{ - "Message": "创建失败!", - }) - return - } - - // 检查响应状态码 - if resp.StatusCode != http.StatusOK { - c.JSON(200, gin.H{ - "Message": "创建失败!\n" + response.Message, - }) - return - } - - c.JSON(200, gin.H{ - "Message": "创建成功!", - "ModuleName": response.ModuleName, - "ProjectName": response.ProjectName, - }) -} - -// GetModules 获取项目的所有模块 -func GetModulesOfProject_zhihua(projectName string) ([]Module, error) { - // 请求参数结构 - type projectRequest struct { - ProjectName string `json:"project_name"` - } - - // 响应结构 - type modulesResponse struct { - Message string `json:"message"` - Modules []Module `json:"modules"` - } - - // 构建请求数据 - reqData := projectRequest{ - ProjectName: projectName, - } - - // 序列化请求数据 - jsonBody, err := json.Marshal(reqData) - if err != nil { - return nil, fmt.Errorf("序列化请求失败: %w", err) - } - - // 发送POST请求 - url := "http://10.41.118.125:3000/server/api/v1/sast/GetModulesOfProject" - resp, err := http.Post(url, "application/json", bytes.NewBuffer(jsonBody)) - if err != nil { - return nil, fmt.Errorf("发送请求失败: %w", err) - } - defer resp.Body.Close() - - // 检查响应状态码 - if resp.StatusCode != http.StatusOK { - return nil, fmt.Errorf("请求失败,状态码: %d", resp.StatusCode) - } - - // 解析响应 - var response modulesResponse - if err := json.NewDecoder(resp.Body).Decode(&response); err != nil { - return nil, fmt.Errorf("解析响应失败: %w", err) - } - - return response.Modules, nil -} - -func (scanArgsApi *ScanArgsApi) GetModulesOfProject(c *gin.Context) { - // projectName := "终端研发部V11项目" - - type ModuleRequest struct { - ProjectName string `json:"projectname" form:"projectname" ` - } - var moduleRequest ModuleRequest - c.ShouldBindJSON(&moduleRequest) - project := moduleRequest.ProjectName - - // 调用GetModules函数获取模块数组 - modules, err := GetModulesOfProject_zhihua(project) - if err != nil { - c.JSON(200, gin.H{ - "Message": "查询失败!", - "Data": modules, - "Total": len(modules), - }) - return - } - - // 按照ID由大到小排序 - sort.Slice(modules, func(i, j int) bool { - // 假设元素结构体的ID字段为ID(根据实际结构体字段名修改) - return modules[i].ID > modules[j].ID - }) - - c.JSON(200, gin.H{ - "Message": "查询成功!", - "Data": modules, - "Total": len(modules), - }) -} - -// DeleteModule 删除模块 -func DeleteModule_zhihua(module Module) ([]Module, error) { - // 响应结构 - type modulesResponse struct { - Code int `json:"Code"` - Message string `json:"message"` - Message2 string `json:"Message"` - ModuleName string `json:"ModuleName"` - ProjectName string `json:"ProjectName"` - } - - // 序列化请求数据 - jsonBody, err := json.Marshal(module) - if err != nil { - return nil, fmt.Errorf("序列化请求失败: %w", err) - } - - // 发送POST请求 - url := "http://10.41.118.125:3000/server/api/v1/sast/DeleteModule" - resp, err := http.Post(url, "application/json", bytes.NewBuffer(jsonBody)) - if err != nil { - return nil, fmt.Errorf("发送请求失败: %w", err) - } - defer resp.Body.Close() - - // 检查响应状态码 - if resp.StatusCode != http.StatusOK { - return nil, fmt.Errorf("请求失败,状态码: %d", resp.StatusCode) - } - - // 解析响应 - var response modulesResponse - if err := json.NewDecoder(resp.Body).Decode(&response); err != nil { - return nil, fmt.Errorf("解析响应失败: %w", err) - } - - if response.Message != "删除模块成功" { - return nil, fmt.Errorf("删除模块失败: %s", response.Message2) - } - - modules := []Module{} - modules = append(modules, module) - - return modules, nil -} - -func (scanArgsApi *ScanArgsApi) DeleteModule(c *gin.Context) { - var module Module - c.ShouldBindJSON(&module) - - // 调用DeleteModule函数获取模块数组 - modules, err := DeleteModule_zhihua(module) - if err != nil { - c.JSON(200, gin.H{ - "Message": "删除失败!", - "Module": modules, - }) - return - } - - c.JSON(200, gin.H{ - "Message": "删除成功!", - "Module": modules, - }) -} - -// EditModule 编辑模块 -func EditModule_zhihua(module Module) ([]Module, error) { - // 响应结构 - type modulesResponse struct { - Code int `json:"Code"` - Message string `json:"message"` - Message2 string `json:"Message"` - ModuleName string `json:"ModuleName"` - ProjectName string `json:"ProjectName"` - } - - // 序列化请求数据 - jsonBody, err := json.Marshal(module) - if err != nil { - return nil, fmt.Errorf("序列化请求失败: %w", err) - } - - // 发送POST请求 - url := "http://10.41.118.125:3000/server/api/v1/sast/EditModule" - resp, err := http.Post(url, "application/json", bytes.NewBuffer(jsonBody)) - if err != nil { - return nil, fmt.Errorf("发送请求失败: %w", err) - } - defer resp.Body.Close() - - // 检查响应状态码 - if resp.StatusCode != http.StatusOK { - return nil, fmt.Errorf("请求失败,状态码: %d", resp.StatusCode) - } - - // 解析响应 - var response modulesResponse - if err := json.NewDecoder(resp.Body).Decode(&response); err != nil { - return nil, fmt.Errorf("解析响应失败: %w", err) - } - - if response.Message != "编辑模块成功" { - return nil, fmt.Errorf("编辑模块失败: %s", response.Message2) - } - - modules := []Module{} - modules = append(modules, module) - - return modules, nil -} - -func (scanArgsApi *ScanArgsApi) EditModule(c *gin.Context) { - var module Module - c.ShouldBindJSON(&module) - - // 调用EditModule函数获取模块数组 - modules, err := EditModule_zhihua(module) - if err != nil { - c.JSON(200, gin.H{ - "Message": "编辑失败!", - "Module": modules, - "Error": err.Error(), - }) - return - } - - c.JSON(200, gin.H{ - "Message": "编辑成功!", - "Module": modules, - }) -} - -// Task 定义任务结构 -type Task struct { - ID int `json:"ID"` - Status string `json:"status"` - CreatedAt string `json:"CreatedAt"` - UpdatedAt string `json:"update_time"` - FileName string `json:"file_name"` - ReportID int `json:"id"` - ModuleName string `json:"module_name"` - ProjectName string `json:"project_name"` - Ruleset string `json:"ruleset"` - RunHistoryID int `json:"run_history_id"` - RunID int `json:"run_id"` - Incremental string `json:"incremental"` - ChangeID string `json:"change_id"` - Request_id string `json:"Request_id"` -} - -// RangeInfo 表示代码范围信息 -type RangeInfo struct { - EndCol int `json:"end_col"` - EndLine int `json:"end_line"` - StartCol int `json:"start_col"` - StartLine int `json:"start_line"` -} - -// FileInfo 表示文件信息 -type FileInfo struct { - ID string `json:"id"` - OriginalPath string `json:"original_path"` - Path string `json:"path"` -} - -// BugPathPosition 表示缺陷路径位置 -type BugPathPosition struct { - File FileInfo `json:"file"` - Range RangeInfo `json:"range"` -} - -// BugPathEvent 表示缺陷路径事件 -type BugPathEvent struct { - Column int `json:"column"` - File FileInfo `json:"file"` - Line int `json:"line"` - Message string `json:"message"` - Range RangeInfo `json:"range"` -} - -// ReportItem 表示单个扫描报告项 -type ReportItem struct { - AnalyzerName string `json:"analyzer_name"` - AnalyzerResultFilePath string `json:"analyzer_result_file_path"` - Annotations map[string]interface{} `json:"annotations"` - BugPathEvents []BugPathEvent `json:"bug_path_events"` - BugPathPositions []BugPathPosition `json:"bug_path_positions"` - Category string `json:"category"` - CheckerName string `json:"checker_name"` - Column int `json:"column"` - File FileInfo `json:"file"` - Line int `json:"line"` - MacroExpansions []interface{} `json:"macro_expansions"` - Message string `json:"message"` - Notes []interface{} `json:"notes"` - ReportHash string `json:"report_hash"` - ReviewStatus string `json:"review_status"` - Severity string `json:"severity"` - Type interface{} `json:"type"` // 可以是string或null -} - -// ReportZhihua 包含扫描报告的详细信息 -type ReportZhihua struct { - Reports []ReportItem `json:"reports"` - Version int `json:"version"` -} - -func (scanArgsApi *ScanArgsApi) StartScan(c *gin.Context) { - var task Task - c.ShouldBindJSON(&task) - - // 调用智化系统 - // 响应结构 - type reportsResponse struct { - Code int `json:"Code"` - Message string `json:"Message"` - ModuleName string `json:"ModuleName"` - ProjectName string `json:"ProjectName"` - Request_id string `json:"Request_id"` - Ruleset string `json:"Ruleset"` - } - - // 序列化请求数据 - jsonBody, err := json.Marshal(task) - if err != nil { - c.JSON(200, gin.H{ - "Message": "创建失败!", - }) - return - } - - // 发送POST请求 - url := "http://10.41.118.125:3000/server/api/v1/sast/StartScan" - resp, err := http.Post(url, "application/json", bytes.NewBuffer(jsonBody)) - if err != nil { - c.JSON(200, gin.H{ - "Message": "创建失败!", - }) - return - } - defer resp.Body.Close() - - // 检查响应状态码 - if resp.StatusCode != http.StatusOK { - c.JSON(200, gin.H{ - "Message": "创建失败!", - }) - return - } - - // 解析响应 - var response reportsResponse - if err := json.NewDecoder(resp.Body).Decode(&response); err != nil { - c.JSON(200, gin.H{ - "Message": "创建失败!", - }) - return - } - - - task2 := &Scan.SASTTaskInfo{CreateTime: time.Now(), EndTime: time.Now(), CostTimeMs: 0, TaskStatus: "运行中", ProjectName: response.ProjectName, ModuleName: response.ModuleName, ChangeID: task.ChangeID, Request_id: response.Request_id, IsInternalAPI: 1} - global.GVA_DB.Create(&task2) - - c.JSON(200, gin.H{ - "Message": "创建成功!", - "Report": response, - }) -} - -// GetReport 获取报告 -func GetReport_zhihua(report Task) ([]Task, error) { - // Request 表示SAST扫描的完整响应结构 - type Request struct { - ID string `json:"id"` - } - - // SASTResponse 表示SAST扫描的完整响应结构 - type SASTResponse struct { - ID string `json:"ID"` - Message string `json:"Message"` - ModuleName string `json:"ModuleName"` - ProjectName string `json:"ProjectName"` - Ruleset string `json:"Ruleset"` - FileName string `json:"FileName"` - RunID int `json:"Run_id"` - RunHistoryID int `json:"Run_history_id"` - Task ReportZhihua `json:"Report"` - } - - request := Request{ - ID: report.Request_id, - } - - // 序列化请求数据 - jsonBody, err := json.Marshal(request) - if err != nil { - return nil, fmt.Errorf("序列化请求失败: %w", err) - } - - // 发送POST请求 - url := "http://10.41.118.125:3000/server/api/v1/sast/GetReport" - resp, err := http.Post(url, "application/json", bytes.NewBuffer(jsonBody)) - if err != nil { - return nil, fmt.Errorf("发送请求失败: %w", err) - } - defer resp.Body.Close() - - // 检查响应状态码 - if resp.StatusCode != http.StatusOK { - return nil, fmt.Errorf("请求失败,状态码: %d", resp.StatusCode) - } - - // 解析响应 - var response SASTResponse - if err := json.NewDecoder(resp.Body).Decode(&response); err != nil { - return nil, fmt.Errorf("解析响应失败: %w", err) - } + var searchInfo Scan.SearchInfo + c.ShouldBindJSON(&searchInfo) + page := searchInfo.SearchPage + var total int64 + if searchInfo.SearchMode == "all" { + var searchInfoList []Scan.TaskInfo + global.GVA_DB.Model(&Scan.TaskInfo{}).Where("scanmodes NOT LIKE ?", "%quality%").Count(&total) + // global.GVA_DB.Model(&Scan.TaskInfo{}).Count(&total) + // 分页查询 + offset := (page - 1) * 10 + limit := 10 + // if err := global.GVA_DB.Order("id DESC").Offset(offset).Limit(limit).Find(&searchInfoList).Error; err != nil { + if err := global.GVA_DB.Where("scanmodes NOT LIKE ?", "%quality%").Order("id DESC").Offset(offset).Limit(limit).Find(&searchInfoList).Error; err != nil { + c.JSON(200, gin.H{ + "Message": "查询失败!", + }) + } else { + c.JSON(200, gin.H{ + "Message": "查询成功!", + "Data": searchInfoList, + "Total": total, + }) + } + } else if searchInfo.SearchMode == "report" { + if searchInfo.StartTimeRange != nil { + if len(searchInfo.StartTimeRange) == 2 { + if searchInfo.StartTimeRange[0].Format("15:04:05") == "16:00:00" && searchInfo.StartTimeRange[1].Format("15:04:05") == "16:00:00" { + searchInfo.StartTimeRange[0] = time.Date(searchInfo.StartTimeRange[0].Year(), searchInfo.StartTimeRange[0].Month(), searchInfo.StartTimeRange[0].Day(), 0, 0, 0, 0, searchInfo.StartTimeRange[0].Location()) + searchInfo.StartTimeRange[1] = time.Date(searchInfo.StartTimeRange[1].Year(), searchInfo.StartTimeRange[1].Month(), searchInfo.StartTimeRange[1].Day(), 23, 59, 59, 0, searchInfo.StartTimeRange[1].Location()) + // 将日期加一天 + searchInfo.StartTimeRange[0] = searchInfo.StartTimeRange[0].AddDate(0, 0, 1) + searchInfo.StartTimeRange[1] = searchInfo.StartTimeRange[1].AddDate(0, 0, 1) + } + } + } + var searchInfoList []Scan.TaskInfo + query := global.GVA_DB + if searchInfo.SearchUserName != "" { + query = query.Where("username LIKE ?", "%"+searchInfo.SearchUserName+"%") + } + if searchInfo.SearchTaskName != "" { + query = query.Where("fileid LIKE ?", "%"+searchInfo.SearchTaskName+"%") + } + if searchInfo.StartTimeRange != nil { + if len(searchInfo.StartTimeRange) == 2 { + if !searchInfo.StartTimeRange[0].IsZero() && !searchInfo.StartTimeRange[1].IsZero() { + query = query.Where("startTime >= ? AND endTime <= ?", searchInfo.StartTimeRange[0], searchInfo.StartTimeRange[1]) + } + } + } + // 获取符合条件的总数据量 + query.Model(&Scan.TaskInfo{}).Count(&total) - report.FileName = response.FileName - report.ModuleName = response.ModuleName - report.ProjectName = response.ProjectName - report.Ruleset = response.Ruleset - report.RunID = response.RunID - report.RunHistoryID = response.RunHistoryID + // 分页查询 + pageSize := 10 + query = query.Order("id DESC").Offset((page - 1) * pageSize).Limit(pageSize) - reports := []Task{} - reports = append(reports, report) + if err := query.Find(&searchInfoList).Error; err != nil { + c.JSON(200, gin.H{ + "Message": "查询失败!", + }) + } else { + c.JSON(200, gin.H{ + "Message": "查询成功!", + "Data": searchInfoList, + "Total": total, + }) + } + } else if searchInfo.SearchMode == "detail" { + ID := searchInfo.SearchId + var searchInfoList []Scan.TaskInfo + global.GVA_DB.Where("id = ?", ID).First(&searchInfoList) + var searchDetail Scan.SearchDetail + for _, task := range searchInfoList { + searchDetail.BuildID = task.Buildid + searchDetail.TimeStamp = task.Timestamp + } + config, err := loadConfig("admin_config.yaml") + if err != nil { + c.JSON(200, gin.H{ + "Code": "200", + "Message": "读取配置文件失败", + }) + return + } + url := fmt.Sprintf("http://%s:%d/mock-server/api/v2/findTaskDetail", config.Ip, config.Port) + client := &http.Client{} - return reports, nil -} + // 将 data 编码为 JSON + dataBytes, err := json.Marshal(searchDetail) + if err != nil { + c.JSON(200, gin.H{ + "Code": "200", + "Message": "编码请求体失败", + }) + return + } -func (scanArgsApi *ScanArgsApi) GetReportOfRequestID(c *gin.Context) { - var report Task - c.ShouldBindJSON(&report) + req, err := http.NewRequest("POST", url, bytes.NewBuffer(dataBytes)) + if err != nil { + c.JSON(200, gin.H{ + "Code": "200", + "Message": "创建请求失败", + }) + return + } - // 调用 GetReport_zhihua 函数获取模块数组 - reports, err := GetReport_zhihua(report) + req.Header.Set("Content-Type", "application/json") + accessTokenCookie := &http.Cookie{ + Name: "accessToken", + Value: utils.GetToken(c), + } - // GetReport_zhihua 返回错误时,删除任务信息 - if err != nil { - c.JSON(200, gin.H{ - "Message": "获取失败", - "Report": reports, - }) - return - } + // 将新的Cookie添加到请求中 + req.AddCookie(accessTokenCookie) - report = reports[0] - // 如果RunHistoryID大于0,说明扫描任务已完成,添加报告信息 - if report.RunHistoryID > 0 { - task := Scan.SASTTaskInfo{} - err = global.GVA_DB.Where("request_id = ?", report.Request_id).First(&task).Error + resp, err := client.Do(req) if err != nil { c.JSON(200, gin.H{ - "Message": "获取失败", - "Report": reports, + "Code": "200", + "Message": "发送请求失败", }) return } - createTime := task.CreateTime - endTime := time.Now().UTC() - costTimeMs := endTime.Sub(createTime).Milliseconds() - changeID := task.ChangeID - - err = global.GVA_DB.Model(&Scan.SASTTaskInfo{}). - Where("request_id = ?", report.Request_id). - Updates(Scan.SASTTaskInfo{ - CreateTime: createTime, - EndTime: endTime, - CostTimeMs: costTimeMs, - TaskStatus: "已完成", - FileName: report.FileName, - Ruleset: report.Ruleset, - RunHistoryID: report.RunHistoryID, - RunID: report.RunID, - ProjectName: report.ProjectName, - ModuleName: report.ModuleName, - ChangeID: changeID, - }).Error + defer resp.Body.Close() + body, err := ioutil.ReadAll(resp.Body) if err != nil { c.JSON(200, gin.H{ - "Message": "获取失败", - "Report": reports, + "Code": "200", + "Message": "读取响应失败", }) return } - } - - c.JSON(200, gin.H{ - "Message": "获取成功!", - "Report": reports, - }) -} - -// GetReports 获取项目的所有模块 -func GetReportsOfModule_zhihua(projectName string, moduleName string) ([]Task, error) { - // 请求参数结构 - type moduleRequest struct { - ProjectName string `json:"project_name"` - ModuleName string `json:"module_name"` - } - - // 响应结构 - type reportsResponse struct { - Message string `json:"message"` - Reports []Task `json:"ScanTaskList"` - } - - // 构建请求数据 - reqData := moduleRequest{ - ProjectName: projectName, - ModuleName: moduleName, - } - - // 序列化请求数据 - jsonBody, err := json.Marshal(reqData) - if err != nil { - return nil, fmt.Errorf("序列化请求失败: %w", err) - } - - // 发送POST请求 - url := "http://10.41.118.125:3000/server/api/v1/sast/GetScanTaskList" - resp, err := http.Post(url, "application/json", bytes.NewBuffer(jsonBody)) - if err != nil { - return nil, fmt.Errorf("发送请求失败: %w", err) - } - defer resp.Body.Close() - - // 检查响应状态码 - if resp.StatusCode != http.StatusOK { - return nil, fmt.Errorf("请求失败,状态码: %d", resp.StatusCode) - } - - // 解析响应 - var response reportsResponse - if err := json.NewDecoder(resp.Body).Decode(&response); err != nil { - return nil, fmt.Errorf("解析响应失败: %w", err) - } - - return response.Reports, nil -} - -// 自定义 Contains 函数:判断 id 是否在 ids 切片中 -func ContainsInt(ids []int, id int) bool { - for _, item := range ids { - if item == id { - return true - } - } - return false -} - -func (scanArgsApi *ScanArgsApi) GetTasksOfModule(c *gin.Context) { - type ReportRequest struct { - ProjectName string `json:"projectname" form:"projectname" ` - ModuleName string `json:"modulename" form:"modulename" ` - } - var reportRequest ReportRequest - c.ShouldBindJSON(&reportRequest) - module := reportRequest.ModuleName - project := reportRequest.ProjectName - - // 查询数据库中该项目该模块的任务状态 - var tasks []Scan.SASTTaskInfo - var run_history_ids []int - err := global.GVA_DB.Where("project_name = ? AND module_name = ?", project, module).Find(&tasks).Error - if err != nil { - c.JSON(200, gin.H{ - "Message": "查询失败!", - "Data": tasks, - "Total": len(tasks), - }) - return - } - for _, task := range tasks { - run_history_ids = append(run_history_ids, task.RunHistoryID) - } - - // 调用GetReports函数获取模块数组 - reports := []Task{} - reports, err = GetReportsOfModule_zhihua(project, module) - - for _, report := range reports { - if ContainsInt(run_history_ids, report.RunHistoryID) { - continue + type Response struct { + Code int `json:"Code"` + Message interface{} `json:"Message"` + VersionInfo string `json:"VersionInfo"` + ReleaseID string `json:"ReleaseID"` + Modes []string `json:"Modes"` + Abstracts []string `json:"Abstracts"` + AbstractRepairs []string `json:"AbstractRepairs"` + VulnSlices map[string]string `json:"VulnSlices"` + VulnDetail map[int]interface{} `json:"VulnDetail"` } - task := Scan.SASTTaskInfo{TaskStatus: "已完成", FileName: report.FileName, Ruleset: report.Ruleset, RunHistoryID: report.RunHistoryID, RunID: report.RunID, ProjectName: report.ProjectName, ModuleName: report.ModuleName, Request_id: report.Request_id, ChangeID: report.ChangeID} - tasks = append(tasks, task) - } - - // 按照ID由大到小排序,ID相同则按照 RunHistoryID 由大到小排序 - sort.Slice(tasks, func(i, j int) bool { - // 先比较ID,ID大的排在前面 - if tasks[i].Id != tasks[j].Id { - return tasks[i].Id > tasks[j].Id - } - // 若ID相同,再比较RunHistoryID,RunHistoryID大的排在前面 - return tasks[i].RunHistoryID > tasks[j].RunHistoryID - }) - - c.JSON(200, gin.H{ - "Message": "查询成功!", - "Data": tasks, - "Total": len(tasks), - }) -} - -func (scanArgsApi *ScanArgsApi) DeleteSASTTask(c *gin.Context) { - type TaskRequest struct { - ID int `json:"id" form:"id" ` - } - var taskRequest TaskRequest - c.ShouldBindJSON(&taskRequest) - id := taskRequest.ID - - // 删除数据库中该项目该模块的任务状态 - err := global.GVA_DB.Where("id = ?", id).Delete(&Scan.SASTTaskInfo{}).Error - if err != nil { - c.JSON(200, gin.H{ - "Message": "删除失败!", - "Data": id, - }) - return - } - - c.JSON(200, gin.H{ - "Message": "删除成功!", - "Data": id, - }) -} - -type Issue struct { - ID int `json:"ID"` - FilePath string `json:"file_path"` - Message string `json:"message"` - CheckerName string `json:"checker_name"` - Severity string `json:"severity"` - ReportHash string `json:"report_hash"` - AnalyzerName string `json:"analyzer_name"` - Category string `json:"category"` - ReviewStatus string `json:"review_status"` - BugPathLength int `json:"bug_path_length"` -} - -// DownloadReport_zhihua 下载JSON报告 -type ReportRequest struct { - FileName string `json:"file_name"` -} - -func DownloadReport_zhihua_byte(fileName string) ([]byte, error) { - // 发送POST请求到下载报告接口 - reportRequest := map[string]string{ - "file_name": fileName, - } - jsonBody, err := json.Marshal(reportRequest) - if err != nil { - return nil, fmt.Errorf("序列化请求失败: %w", err) - } - - url := "http://10.41.118.125:3000/server/api/v1/sast/DownloadReport" - resp, err := http.Post(url, "application/json", bytes.NewBuffer(jsonBody)) - if err != nil { - return nil, fmt.Errorf("发送请求失败: %w", err) - } - defer resp.Body.Close() - - // 检查响应状态码 - if resp.StatusCode != http.StatusOK { - return nil, fmt.Errorf("请求失败,状态码: %d", resp.StatusCode) - } - - // 读取响应体 - reportData, err := ioutil.ReadAll(resp.Body) - if err != nil { - return nil, fmt.Errorf("读取响应失败: %w", err) - } - - return reportData, nil -} - -func (scanArgsApi *ScanArgsApi) DownloadReport(c *gin.Context) { - var reportReq ReportRequest - if err := c.ShouldBindJSON(&reportReq); err != nil { - c.JSON(http.StatusOK, gin.H{ - "Message": "参数错误", - "Error": err.Error(), - }) - return - } - - fileName := reportReq.FileName - // 调用DownloadReport函数获取报告数据 - reportData, err := DownloadReport_zhihua_byte(fileName) - if err != nil { - fmt.Printf("下载报告失败: %v\n", err) - c.JSON(http.StatusOK, gin.H{ - "Message": "下载报告失败", - "Error": err.Error(), - }) - return - } - - // 设置响应头,返回JSON数据 - c.Header("Content-Type", "application/json") - c.Header("Content-Disposition", "attachment; filename=\""+fileName+"\"") - c.String(http.StatusOK, string(reportData)) -} - -// GetModules 获取项目的所有模块 -func DownloadReport_zhihua(filename string) ([]ReportItem, error) { - // 请求参数结构 - type Request struct { - FileName string `json:"file_name"` - } - - // 响应结构 - type Response struct { - Reports []ReportItem `json:"reports"` - Version int `json:"version"` - } - - // 构建请求数据 - reqData := Request{ - FileName: filename, - } - - // 序列化请求数据 - jsonBody, err := json.Marshal(reqData) - if err != nil { - return nil, fmt.Errorf("序列化请求失败: %w", err) - } - - // 发送POST请求 - url := "http://10.41.118.125:3000/server/api/v1/sast/DownloadReport" - resp, err := http.Post(url, "application/json", bytes.NewBuffer(jsonBody)) - if err != nil { - return nil, fmt.Errorf("发送请求失败: %w", err) - } - defer resp.Body.Close() - - // 检查响应状态码 - if resp.StatusCode != http.StatusOK { - return nil, fmt.Errorf("请求失败,状态码: %d", resp.StatusCode) - } - - // 解析响应 - var response Response - if err := json.NewDecoder(resp.Body).Decode(&response); err != nil { - return nil, fmt.Errorf("解析响应失败: %w", err) - } - - return response.Reports, nil -} - -func (scanArgsApi *ScanArgsApi) GetIssueList(c *gin.Context) { - type Request struct { - FileName string `json:"file_name" form:"file_name" ` - } - var issueRequest Request - c.ShouldBindJSON(&issueRequest) - file_name := issueRequest.FileName - - // 调用GetModules函数获取模块数组 - reportItems, err := DownloadReport_zhihua(file_name) - if err != nil { - c.JSON(200, gin.H{ - "Message": "查询失败!", - }) - return - } - var list []Issue - for idx, item := range reportItems { - issue := Issue{ - ID: idx + 1, - FilePath: item.File.Path, - Message: item.Message, - CheckerName: item.CheckerName, - Severity: item.Severity, - ReportHash: item.ReportHash, - AnalyzerName: item.AnalyzerName, - Category: item.Category, - ReviewStatus: item.ReviewStatus, - BugPathLength: len(item.BugPathEvents), + var response Response + // 使用json.Unmarshal解析JSON字符串 + json.Unmarshal([]byte(body), &response) + if response.Message == "Identity authentication failed" { + c.JSON(200, gin.H{ + "Code": "200", + "Message": "Identity authentication failed", + }) + return } - list = append(list, issue) - } - - c.JSON(200, gin.H{ - "Message": "查询成功!", - "Data": list, - "Total": len(list), - }) -} - -// Audit 定义模块结构 -type Audit struct { - BugHash string `json:"bug_hash"` - Status string `json:"status"` - Author string `json:"author"` - Message string `json:"message"` -} - -// CodeAudit 创建模块 -func CodeAudit_zhihua(audit Audit) ([]Audit, error) { - // 响应结构 - type auditsResponse struct { - Message string `json:"Message"` - } - - // 序列化请求数据 - jsonBody, err := json.Marshal(audit) - - if err != nil { - return nil, fmt.Errorf("序列化请求失败: %w", err) - } - - // 发送POST请求 - url := "http://10.41.118.125:3000/server/api/v1/sast/CodeAudit" - resp, err := http.Post(url, "application/json", bytes.NewBuffer(jsonBody)) - if err != nil { - return nil, fmt.Errorf("发送请求失败: %w", err) - } - defer resp.Body.Close() - - // 检查响应状态码 - if resp.StatusCode != http.StatusOK { - return nil, fmt.Errorf("请求失败,状态码: %d", resp.StatusCode) - } - - // 解析响应 - var response auditsResponse - if err := json.NewDecoder(resp.Body).Decode(&response); err != nil { - return nil, fmt.Errorf("解析响应失败: %w", err) - } - - audits := []Audit{} - audits = append(audits, audit) - - return audits, nil -} - -func (scanArgsApi *ScanArgsApi) CodeAudit(c *gin.Context) { - var audit Audit - c.ShouldBindJSON(&audit) - - // 调用CodeAudit函数获取模块数组 - audits, err := CodeAudit_zhihua(audit) - if err != nil { - fmt.Printf("添加代码审计失败: %v\n", err) - return - } - - c.JSON(200, gin.H{ - "Message": "添加代码审计成功!", - "Audit": audits, - }) -} - -// DelCodeAudit 创建模块 -func DelCodeAudit_zhihua(audit Audit) ([]Audit, error) { - // 响应结构 - type auditsResponse struct { - Message string `json:"Message"` - } - - // 序列化请求数据 - jsonBody, err := json.Marshal(audit) - - if err != nil { - return nil, fmt.Errorf("序列化请求失败: %w", err) - } - - // 发送POST请求 - url := "http://10.41.118.125:3000/server/api/v1/sast/DelCodeAudit" - resp, err := http.Post(url, "application/json", bytes.NewBuffer(jsonBody)) - if err != nil { - return nil, fmt.Errorf("发送请求失败: %w", err) - } - defer resp.Body.Close() - - // 检查响应状态码 - if resp.StatusCode != http.StatusOK { - return nil, fmt.Errorf("请求失败,状态码: %d", resp.StatusCode) - } - - // 解析响应 - var response auditsResponse - if err := json.NewDecoder(resp.Body).Decode(&response); err != nil { - return nil, fmt.Errorf("解析响应失败: %w", err) - } - - audits := []Audit{} - audits = append(audits, audit) - - return audits, nil -} - -func (scanArgsApi *ScanArgsApi) DelCodeAudit(c *gin.Context) { - var audit Audit - c.ShouldBindJSON(&audit) - - // 调用DelCodeAudit函数获取模块数组 - audits, err := DelCodeAudit_zhihua(audit) - if err != nil { - fmt.Printf("删除代码审计失败: %v\n", err) - return - } - - c.JSON(200, gin.H{ - "Message": "删除代码审计成功!", - "Audit": audits, - }) -} - -// 外部接口 -func (scanArgsApi *ScanArgsApi) ExternalGetProjectList(c *gin.Context) { - check, _ := AdminUtils.CheckExternalToken(utils.GetToken(c)) - if check { - scanArgsApi.GetProjectList(c) - } else { - c.JSON(200, gin.H{ - "Code": "200", - "Message": "Identity authentication failed", - }) - } -} - -func (scanArgsApi *ScanArgsApi) ExternalCreateProject(c *gin.Context) { - check, _ := AdminUtils.CheckExternalToken(utils.GetToken(c)) - if check { - scanArgsApi.CreateProject(c) - } else { - c.JSON(200, gin.H{ - "Code": "200", - "Message": "Identity authentication failed", - }) - } -} - -func (scanArgsApi *ScanArgsApi) ExternalDeleteProject(c *gin.Context) { - check, _ := AdminUtils.CheckExternalToken(utils.GetToken(c)) - if check { - scanArgsApi.DeleteProject(c) - } else { - c.JSON(200, gin.H{ - "Code": "200", - "Message": "Identity authentication failed", - }) - } -} - -func (scanArgsApi *ScanArgsApi) ExternalEditProject(c *gin.Context) { - check, _ := AdminUtils.CheckExternalToken(utils.GetToken(c)) - if check { - scanArgsApi.EditProject(c) - } else { - c.JSON(200, gin.H{ - "Code": "200", - "Message": "Identity authentication failed", - }) - } -} - -func (scanArgsApi *ScanArgsApi) ExternalCreateModule(c *gin.Context) { - check, _ := AdminUtils.CheckExternalToken(utils.GetToken(c)) - if check { - scanArgsApi.CreateModule(c) - } else { - c.JSON(200, gin.H{ - "Code": "200", - "Message": "Identity authentication failed", - }) - } -} - -func (scanArgsApi *ScanArgsApi) ExternalGetModulesOfProject(c *gin.Context) { - check, _ := AdminUtils.CheckExternalToken(utils.GetToken(c)) - if check { - scanArgsApi.GetModulesOfProject(c) - } else { - c.JSON(200, gin.H{ - "Code": "200", - "Message": "Identity authentication failed", - }) - } -} - -func (scanArgsApi *ScanArgsApi) ExternalDeleteModule(c *gin.Context) { - check, _ := AdminUtils.CheckExternalToken(utils.GetToken(c)) - if check { - scanArgsApi.DeleteModule(c) - } else { - c.JSON(200, gin.H{ - "Code": "200", - "Message": "Identity authentication failed", - }) - } -} - -func (scanArgsApi *ScanArgsApi) ExternalEditModule(c *gin.Context) { - check, _ := AdminUtils.CheckExternalToken(utils.GetToken(c)) - if check { - scanArgsApi.EditModule(c) - } else { - c.JSON(200, gin.H{ - "Code": "200", - "Message": "Identity authentication failed", - }) - } -} - -func (scanArgsApi *ScanArgsApi) ExternalStartScan(c *gin.Context) { - check, _ := AdminUtils.CheckExternalToken(utils.GetToken(c)) - if check { - var task Task - c.ShouldBindJSON(&task) - - // 调用智化系统 - // 响应结构 - type reportsResponse struct { - Code int `json:"Code"` - Message string `json:"Message"` - ModuleName string `json:"ModuleName"` - ProjectName string `json:"ProjectName"` - Request_id string `json:"Request_id"` - Ruleset string `json:"Ruleset"` + //判断信息是否正常 + if response.VulnDetail == nil { + response.VulnDetail = make(map[int]interface{}) } - - // 序列化请求数据 - jsonBody, err := json.Marshal(task) + //处理POC信息 + type HomeSearchArg struct { + HSInfo string `json:"HSInfo"` + } + var HSSearchInfoArg HomeSearchArg + HSSearchInfoArg.HSInfo = "Poc" + url = fmt.Sprintf("http://%s:%d/mock-server/api/v2/searchVulnDataInfo", config.Ip, config.Port) + client = &http.Client{} + // 将 data 编码为 JSON + dataBytes, err = json.Marshal(HSSearchInfoArg) if err != nil { c.JSON(200, gin.H{ - "Message": "创建失败!", + "Code": "200", + "Message": "编码请求体失败", }) return } - - // 发送POST请求 - url := "http://10.41.118.125:3000/server/api/v1/sast/StartScan" - resp, err := http.Post(url, "application/json", bytes.NewBuffer(jsonBody)) + req, err = http.NewRequest("POST", url, bytes.NewBuffer(dataBytes)) if err != nil { c.JSON(200, gin.H{ - "Message": "创建失败!", + "Code": "200", + "Message": "创建请求失败", + }) + return + } + req.Header.Set("Content-Type", "application/json") + accessTokenCookie = &http.Cookie{ + Name: "accessToken", + Value: utils.GetToken(c), + } + // 将新的Cookie添加到请求中 + req.AddCookie(accessTokenCookie) + resp, err = client.Do(req) + if err != nil { + c.JSON(200, gin.H{ + "Code": "200", + "Message": "发送请求失败", }) return } defer resp.Body.Close() - - // 检查响应状态码 - if resp.StatusCode != http.StatusOK { + body, err = ioutil.ReadAll(resp.Body) + if err != nil { c.JSON(200, gin.H{ - "Message": "创建失败!", + "Code": "200", + "Message": "读取响应失败", }) return } - - // 解析响应 - var response reportsResponse - if err := json.NewDecoder(resp.Body).Decode(&response); err != nil { + type POCResponse struct { + Data map[string]interface{} `json:"SystemData"` + } + var pocresponse POCResponse + // 使用json.Unmarshal解析JSON字符串 + json.Unmarshal([]byte(body), &pocresponse) + var PocVulnList = make(map[string]interface{}) + POCSlice := strings.Split(response.VulnSlices["system"], ",") + POCScanMap := make(map[string]bool) + // 去重 + for _, item := range POCSlice { + item = strings.TrimSpace(item) + if item != "" { + POCScanMap[item] = true + } + } + for pocid := range POCScanMap { + for _, pocdetail := range pocresponse.Data { + if pocdetailmap, ok := pocdetail.(map[string]interface{}); ok { + if pocid == pocdetailmap["Id"] { + PocVulnList[pocid] = pocdetail + } + } + } + } + response.VulnDetail[0] = PocVulnList + //获取基线的数据 + HSSearchInfoArg.HSInfo = "BaseLine" + url = fmt.Sprintf("http://%s:%d/mock-server/api/v2/searchVulnDataInfo", config.Ip, config.Port) + client = &http.Client{} + // 将 data 编码为 JSON + dataBytes, err = json.Marshal(HSSearchInfoArg) + if err != nil { c.JSON(200, gin.H{ - "Message": "创建失败!", + "Code": "200", + "Message": "编码请求体失败", + }) + return + } + req, err = http.NewRequest("POST", url, bytes.NewBuffer(dataBytes)) + if err != nil { + c.JSON(200, gin.H{ + "Code": "200", + "Message": "创建请求失败", + }) + return + } + req.Header.Set("Content-Type", "application/json") + accessTokenCookie = &http.Cookie{ + Name: "accessToken", + Value: utils.GetToken(c), + } + // 将新的Cookie添加到请求中 + req.AddCookie(accessTokenCookie) + resp, err = client.Do(req) + if err != nil { + c.JSON(200, gin.H{ + "Code": "200", + "Message": "发送请求失败", + }) + return + } + defer resp.Body.Close() + body, err = ioutil.ReadAll(resp.Body) + if err != nil { + c.JSON(200, gin.H{ + "Code": "200", + "Message": "读取响应失败", + }) + return + } + var baselineresponse POCResponse + // 使用json.Unmarshal解析JSON字符串 + json.Unmarshal([]byte(body), &baselineresponse) + var BaseLineVulnList = make(map[string]interface{}) + BaseLineSlice := strings.Split(response.VulnSlices["baseline"], ",") + BaseLineScanMap := make(map[string]bool) + // 去重 + for _, item := range BaseLineSlice { + item = strings.TrimSpace(item) + if item != "" { + BaseLineScanMap[item] = true + } + } + for BaseLineid := range BaseLineScanMap { + for _, BaseLinedetail := range baselineresponse.Data { + if BaseLinedetailmap, ok := BaseLinedetail.(map[string]interface{}); ok { + if BaseLineid == BaseLinedetailmap["Id"] { + BaseLineVulnList[BaseLineid] = BaseLinedetail + } + } + } + } + response.VulnDetail[2] = BaseLineVulnList + //处理DBus信息 + // HSSearchInfoArg.HSInfo = "DBus" + // url = fmt.Sprintf("http://%s:%d/mock-server/api/v2/searchVulnDataInfo", config.Ip, config.Port) + // client = &http.Client{} + // // 将 data 编码为 JSON + // dataBytes, err = json.Marshal(HSSearchInfoArg) + // if err != nil { + // c.JSON(200, gin.H{ + // "Code": "200", + // "Message": "编码请求体失败", + // }) + // return + // } + // req, err = http.NewRequest("POST", url, bytes.NewBuffer(dataBytes)) + // if err != nil { + // c.JSON(200, gin.H{ + // "Code": "200", + // "Message": "创建请求失败", + // }) + // return + // } + // req.Header.Set("Content-Type", "application/json") + // accessTokenCookie = &http.Cookie{ + // Name: "accessToken", + // Value: utils.GetToken(c), + // } + // // 将新的Cookie添加到请求中 + // req.AddCookie(accessTokenCookie) + // resp, err = client.Do(req) + // if err != nil { + // c.JSON(200, gin.H{ + // "Code": "200", + // "Message": "发送请求失败", + // }) + // return + // } + // defer resp.Body.Close() + // body, err = ioutil.ReadAll(resp.Body) + // if err != nil { + // c.JSON(200, gin.H{ + // "Code": "200", + // "Message": "读取响应失败", + // }) + // return + // } + // var DBusresponse POCResponse + // // 使用json.Unmarshal解析JSON字符串 + // json.Unmarshal([]byte(body), &DBusresponse) + var DBusVulnList = make(map[string]interface{}) + DBusSlice := strings.Split(response.VulnSlices["dbus"], ",") + DBusScanMap := make(map[string]bool) + // 去重 + for _, item := range DBusSlice { + item = strings.TrimSpace(item) + if item != "" { + DBusScanMap[item] = true + } + } + for DBusid := range DBusScanMap { + var lines_ = make(map[string]string) + lines_["Id"] = DBusid + DBusVulnList[DBusid] = lines_ + // for _, DBusdetail := range DBusresponse.Data { + // if DBusdetailmap, ok := DBusdetail.(map[string]interface{}); ok { + // if DBusid == DBusdetailmap["Id"] { + // DBusVulnList[DBusid] = DBusdetail + // } + // } + // } + } + response.VulnDetail[3] = DBusVulnList + if response.Message == "Find Task Detail Success" { + c.JSON(http.StatusOK, gin.H{ + "Code": 200, + "Message": "查询成功!", + "VersionInfo": response.VersionInfo, + "ReleaseID": response.ReleaseID, + "Modes": response.Modes, + "Abstracts": response.Abstracts, + "AbstractRepairs": response.AbstractRepairs, + "BuildID": searchDetail.BuildID, + "VulnDetail": response.VulnDetail, }) return } - - - task2 := &Scan.SASTTaskInfo{CreateTime: time.Now(), EndTime: time.Now(), CostTimeMs: 0, TaskStatus: "运行中", ProjectName: response.ProjectName, ModuleName: response.ModuleName, ChangeID: task.ChangeID, Request_id: response.Request_id, IsInternalAPI: 0} - global.GVA_DB.Create(&task2) - - c.JSON(200, gin.H{ - "Message": "创建成功!", - "Report": response, - }) - } else { - c.JSON(200, gin.H{ - "Code": "200", - "Message": "Identity authentication failed", - }) - } -} - -func (scanArgsApi *ScanArgsApi) ExternalGetReportOfRequestID(c *gin.Context) { - check, _ := AdminUtils.CheckExternalToken(utils.GetToken(c)) - if check { - scanArgsApi.GetReportOfRequestID(c) - } else { - c.JSON(200, gin.H{ - "Code": "200", - "Message": "Identity authentication failed", - }) - } -} - -func (scanArgsApi *ScanArgsApi) ExternalGetTasksOfModule(c *gin.Context) { - check, _ := AdminUtils.CheckExternalToken(utils.GetToken(c)) - if check { - scanArgsApi.GetTasksOfModule(c) - } else { - c.JSON(200, gin.H{ - "Code": "200", - "Message": "Identity authentication failed", - }) - } -} - -func (scanArgsApi *ScanArgsApi) ExternalDeleteSASTTask(c *gin.Context) { - check, _ := AdminUtils.CheckExternalToken(utils.GetToken(c)) - if check { - scanArgsApi.DeleteSASTTask(c) - } else { - c.JSON(200, gin.H{ - "Code": "200", - "Message": "Identity authentication failed", - }) - } -} - -func (scanArgsApi *ScanArgsApi) ExternalSASTDownloadReport(c *gin.Context) { - check, _ := AdminUtils.CheckExternalToken(utils.GetToken(c)) - if check { - scanArgsApi.DownloadReport(c) - } else { c.JSON(200, gin.H{ - "Code": "200", - "Message": "Identity authentication failed", + "Code": response.Code, + "Message": response.Message, }) - } -} - -func (scanArgsApi *ScanArgsApi) ExternalGetIssueList(c *gin.Context) { - check, _ := AdminUtils.CheckExternalToken(utils.GetToken(c)) - if check { - scanArgsApi.GetIssueList(c) + return } else { - c.JSON(200, gin.H{ - "Code": "200", - "Message": "Identity authentication failed", - }) - } -} + if searchInfo.StartTimeRange != nil { + if len(searchInfo.StartTimeRange) == 2 { + if searchInfo.StartTimeRange[0].Format("15:04:05") == "16:00:00" && searchInfo.StartTimeRange[1].Format("15:04:05") == "16:00:00" { + searchInfo.StartTimeRange[0] = time.Date(searchInfo.StartTimeRange[0].Year(), searchInfo.StartTimeRange[0].Month(), searchInfo.StartTimeRange[0].Day(), 0, 0, 0, 0, searchInfo.StartTimeRange[0].Location()) + searchInfo.StartTimeRange[1] = time.Date(searchInfo.StartTimeRange[1].Year(), searchInfo.StartTimeRange[1].Month(), searchInfo.StartTimeRange[1].Day(), 23, 59, 59, 0, searchInfo.StartTimeRange[1].Location()) + // 将日期加一天 + searchInfo.StartTimeRange[0] = searchInfo.StartTimeRange[0].AddDate(0, 0, 1) + searchInfo.StartTimeRange[1] = searchInfo.StartTimeRange[1].AddDate(0, 0, 1) + } + } + } -func (scanArgsApi *ScanArgsApi) ExternalCodeAudit(c *gin.Context) { - check, _ := AdminUtils.CheckExternalToken(utils.GetToken(c)) - if check { - scanArgsApi.CodeAudit(c) - } else { - c.JSON(200, gin.H{ - "Code": "200", - "Message": "Identity authentication failed", - }) - } -} + var searchInfoList []Scan.TaskInfo + query := global.GVA_DB + if searchInfo.SearchId != "" { + query = query.Where("id LIKE ?", "%"+searchInfo.SearchId+"%") + } + if searchInfo.SearchTaskName != "" { + query = query.Where("taskname LIKE ?", "%"+searchInfo.SearchTaskName+"%") + } + if searchInfo.SearchIsoName != "" { + query = query.Where("isoname LIKE ?", "%"+searchInfo.SearchIsoName+"%") + } + if searchInfo.SearchUserName != "" { + query = query.Where("username LIKE ?", "%"+searchInfo.SearchUserName+"%") + } + if searchInfo.SearchTaskStatus != "" { + if searchInfo.SearchTaskStatus == "incomplete" { + query = query.Where("taskstatus = ?", "失败") + } else if searchInfo.SearchTaskStatus == "completed" { + query = query.Where("taskstatus = ?", "已完成") + } else if searchInfo.SearchTaskStatus == "error" { + query = query.Where("taskstatus = ?", "异常") + } else if searchInfo.SearchTaskStatus == "timeout" { + query = query.Where("taskstatus = ?", "超时") + } else { + query = query.Where("taskstatus = ?", "进行中") + } + } + if searchInfo.StartTimeRange != nil { + if len(searchInfo.StartTimeRange) == 2 { + if !searchInfo.StartTimeRange[0].IsZero() && !searchInfo.StartTimeRange[1].IsZero() { + query = query.Where("startTime >= ? AND endTime <= ?", searchInfo.StartTimeRange[0], searchInfo.StartTimeRange[1]) + } + } + } -func (scanArgsApi *ScanArgsApi) ExternalDelCodeAudit(c *gin.Context) { - check, _ := AdminUtils.CheckExternalToken(utils.GetToken(c)) - if check { - scanArgsApi.DelCodeAudit(c) - } else { - c.JSON(200, gin.H{ - "Code": "200", - "Message": "Identity authentication failed", - }) + // 获取符合条件的总数据量 + // query.Model(&Scan.TaskInfo{}).Count(&total) + query.Model(&Scan.TaskInfo{}).Where("scanmodes NOT LIKE ?", "%quality%").Count(&total) + // 分页查询 + pageSize := 10 + // query = query.Order("id DESC").Offset((page - 1) * pageSize).Limit(pageSize) + query = query.Where("scanmodes NOT LIKE ?", "%quality%").Order("id DESC").Offset((page - 1) * pageSize).Limit(pageSize) + if err := query.Find(&searchInfoList).Error; err != nil { + c.JSON(200, gin.H{ + "Message": "查询失败!", + }) + } else { + c.JSON(200, gin.H{ + "Message": "查询成功!", + "Data": searchInfoList, + "Total": total, + }) + } } -} +} \ No newline at end of file diff --git a/genmai_admin/gin-vue-admin/server/model/Scan/sys_vuln_scan.go b/genmai_admin/gin-vue-admin/server/model/Scan/sys_vuln_scan.go index 1edae8896e17e5f54fcabf2deab5b95dbdd76168..ab4cbb65bd06316b089a130de7301f767f116d02 100755 --- a/genmai_admin/gin-vue-admin/server/model/Scan/sys_vuln_scan.go +++ b/genmai_admin/gin-vue-admin/server/model/Scan/sys_vuln_scan.go @@ -61,421 +61,3 @@ type SASTTaskInfo struct { Request_id string `json:"Request_id" form:"Request_id" gorm:"column:Request_id;comment:;"` //Request_id IsInternalAPI int `json:"is_internal_api" form:"is_internal_api" gorm:"column:is_internal_api;comment:;"` //是否内部接口 } - -type SearchInfo struct { - SearchId string `json:"SearchId" form:"SearchId" ` //Id - SearchTaskName string `json:"SearchTaskName" form:"SearchTaskName" ` //任务名称 - SearchIsoName string `json:"SearchIsoName" form:"SearchIsoName" ` //镜像名称 - SearchUserName string `json:"SearchUserName" form:"SearchUserName" ` //用户名 - SearchPackageName string `json:"SearchPackageName" form:"SearchPackageName" ` //包名 - SearchPackageVersion string `json:"SearchPackageVersion" form:"SearchPackageVersion"` //包版本 - SearchHashValue string `json:"SearchHashValue" form:"SearchHashValue" ` //hash值 - SearchScanModule string `json:"SearchScanModule" form:"SearchScanModule" ` //扫描模块 - SearchProduct string `json:"SearchProduct" form:"SearchProduct" ` //产品 - SearchTaskStatus string `json:"SearchTaskStatus" form:"SearchTaskStatus" ` //任务状态 - StartTimeRange []time.Time `json:"StartTimeRange" form:"StartTimeRange" ` //起止时间 - SearchMode string `json:"SearchMode" form:"SearchMode" ` //搜索模式 - SearchPage int `json:"SearchPage" form:"SearchPage" ` //页码 -} -type SearchDetail struct { - BuildID string `json:"BuildID" form:"BuildID" ` //BuildID - TimeStamp string `json:"TimeStamp" form:"TimeStamp" ` //时间戳 -} -type TasksNeedUpdate struct { - TaskStatusMap map[string]interface{} `json:"TaskStatusMap" form:"TaskStatusMap" ` //任务状态映射 -} - -// 补丁检测误报记录 -type CodeScanMisreportArgs struct { - SrcSha256 string `json:"src_sha256" form:"src_sha256" gorm:"column:src_sha256;"` //源码包sha256 - SrcPackage string `json:"src_package" form:"src_package" gorm:"column:src_package;"` //源码包名 - Version string `json:"version" form:"version" gorm:"column:version;"` //版本 - VulnNumber string `json:"vuln_number" form:"vuln_number" gorm:"column:vuln_number;"` //漏洞编号 - Conclusion string `json:"conclusion" form:"conclusion" gorm:"column:conclusion;"` //结论 - PatchContent string `json:"patch_content" form:"patch_content" gorm:"column:patch_content;"` //补丁内容 -} - -// 质量测试任务 -type QualityTaskInfo struct { - Id int `json:"id" form:"id" gorm:"column:id;comment:;"` //Id - Taskname string `json:"taskname" form:"taskname" gorm:"column:taskname;comment:;"` //任务标签 - Username string `json:"username" form:"username" gorm:"column:username;comment:;"` //用户名 - TaskStatus string `json:"taskstatus" form:"taskstatus" gorm:"column:taskstatus;comment:;"` //任务状态 - Scanmodes string `json:"scanmodes" form:"scanmodes" gorm:"column:scanmodes;comment:;"` //扫描模块 - AutoStatus string `json:"autostatus" form:"autostatus" gorm:"column:autostatus;comment:;"` //自动审核状态 - Timestamp string `json:"timestamp" form:"timestamp" gorm:"column:timestamp;comment:;"` //时间戳 - StartTime time.Time `json:"startTime" form:"startTime" gorm:"column:startTime;comment:;"` //开始时间 - EndTime time.Time `json:"endTime" form:"endTime" gorm:"column:endTime;comment:;"` //结束时间 -} - -// 质量测试子任务 -type QualityTasksInfo struct { - Id int `json:"id" form:"id" gorm:"column:id;comment:;"` //Id - Taskname string `json:"taskname" form:"taskname" gorm:"column:taskname;comment:;"` //任务标签 - TaskStatus string `json:"taskstatus" form:"taskstatus" gorm:"column:taskstatus;comment:;"` //任务状态 - Isoname string `json:"isoname" form:"isoname" gorm:"column:isoname;comment:;"` //镜像名称 - Buildid string `json:"buildid" form:"buildid" gorm:"column:buildid;comment:;"` - Taskid int `json:"taskid" form:"taskid" gorm:"column:taskid;comment:;"` - Fileid string `json:"fileid" form:"fileid" gorm:"column:fileid;comment:;"` //文件名 - StartTime time.Time `json:"startTime" form:"startTime" gorm:"column:startTime;comment:;"` //开始时间 - EndTime time.Time `json:"endTime" form:"endTime" gorm:"column:endTime;comment:;"` //结束时间 - TimeStamp string `json:"timestamp" form:"timestamp" gorm:"column:timestamp;comment:;"` //时间戳 - RequestID string `json:"RequestID" form:"RequestID" gorm:"column:request_id;comment:;"` //Request_id -} - -// 镜像测试任务 -type ISOTaskInfo struct { - Id int `json:"id" form:"id" gorm:"column:id;comment:;"` //Id - Taskname string `json:"taskname" form:"taskname" gorm:"column:taskname;comment:;"` //任务标签 - Username string `json:"username" form:"username" gorm:"column:username;comment:;"` //用户名 - TaskStatus string `json:"taskstatus" form:"taskstatus" gorm:"column:taskstatus;comment:;"` //任务状态 - Scanmodes string `json:"scanmodes" form:"scanmodes" gorm:"column:scanmodes;comment:;"` //扫描模块 - AutoStatus string `json:"autostatus" form:"autostatus" gorm:"column:autostatus;comment:;"` //自动审核状态 - Timestamp string `json:"timestamp" form:"timestamp" gorm:"column:timestamp;comment:;"` //时间戳 - StartTime time.Time `json:"startTime" form:"startTime" gorm:"column:startTime;comment:;"` //开始时间 - EndTime time.Time `json:"endTime" form:"endTime" gorm:"column:endTime;comment:;"` //结束时间 -} - -// 镜像测试子任务 -type ISOTasksInfo struct { - Id int `json:"id" form:"id" gorm:"column:id;comment:;"` //Id - Taskname string `json:"taskname" form:"taskname" gorm:"column:taskname;comment:;"` //任务标签 - TaskStatus string `json:"taskstatus" form:"taskstatus" gorm:"column:taskstatus;comment:;"` //任务状态 - Isoname string `json:"isoname" form:"isoname" gorm:"column:isoname;comment:;"` //镜像名称 - Buildid string `json:"buildid" form:"buildid" gorm:"column:buildid;comment:;"` - Taskid int `json:"taskid" form:"taskid" gorm:"column:taskid;comment:;"` - Fileid string `json:"fileid" form:"fileid" gorm:"column:fileid;comment:;"` //文件名 - StartTime time.Time `json:"startTime" form:"startTime" gorm:"column:startTime;comment:;"` //开始时间 - EndTime time.Time `json:"endTime" form:"endTime" gorm:"column:endTime;comment:;"` //结束时间 - TimeStamp string `json:"timestamp" form:"timestamp" gorm:"column:timestamp;comment:;"` //时间戳 - RequestID string `json:"RequestID" form:"RequestID" gorm:"column:request_id;comment:;"` //Request_id -} -type CustomTestArgs struct { - global.GVA_MODEL - Module []string `json:"module" form:"module" gorm:"column:module;comment:;type:text" swaggertype:"array,object"` //Module - Scanmode []string `json:"scanmode" form:"scanmode" gorm:"column:scanmode;comment:;type:text" swaggertype:"array,object"` //Scanmode - Input map[string]string `json:"input" form:"input" gorm:"column:input;comment:;type:text" swaggertype:"array,object"` //Input - Packagelist []PackageInfo `json:"packagelist" form:"packagelist"` - ScanStage string `json:"scanStage" form:"scanStage" gorm:"column:scanStage;comment:;"` - RepairStatus string `json:"repairStatus" form:"repairStatus" gorm:"column:repairStatus;comment:;"` //修复状态 - UpdateSourceAddress []string `json:"updateSourceAddress" form:"updateSourceAddress" gorm:"column:updateSourceAddress;comment:;"` - BuildID string `json:"buildid" form:"buildid" gorm:"column:buildid;comment:;type:text" swaggertype:"array,object"` - Version string `json:"version" form:"version" gorm:"column:version;comment:;type:text" swaggertype:"array,object"` - TaskName string `json:"taskname" form:"taskname" gorm:"column:taskname;comment:;"` - Product string `json:"product" form:"product" gorm:"column:product;comment:;type:text" swaggertype:"array,object"` -} -type DeleteTaskArgs struct { - TaskName string `json:"TaskName"` - UserName string `json:"UserName"` -} - -// 补丁测试任务 -type PedsTaskInfo struct { - Id int `json:"id" form:"id" gorm:"column:id;comment:;"` - Sha string `json:"sha" form:"sha" gorm:"column:sha;comment:;"` - PatchSha string `json:"patchsha" form:"patchsha" gorm:"column:patchsha;comment:;"` - Packagename string `json:"packagename" form:"packagename" gorm:"column:packagename;comment:;"` //包名列表 - Product string `json:"product" form:"product" gorm:"column:product;comment:;"` //产品 - TaskStatus string `json:"taskstatus" form:"taskstatus" gorm:"column:taskstatus;comment:;"` //任务状态 - Username string `json:"username" form:"username" gorm:"column:username;comment:;"` //用户名 - StartTime time.Time `json:"startTime" form:"startTime" gorm:"column:startTime;comment:;"` //开始时间 - EndTime time.Time `json:"endTime" form:"endTime" gorm:"column:endTime;comment:;"` //结束时间 - Scanmodes string `json:"scanmodes" form:"scanmodes" gorm:"column:scanmodes;comment:;"` //扫描模块 - Request_id string `json:"Request_id" form:"Request_id" gorm:"column:request_id;comment:;"` //Request_id - Fileid string `json:"fileid" form:"fileid" gorm:"column:fileid;comment:;"` //文件名 - Timestamp string `json:"timestamp" form:"timestamp" gorm:"column:timestamp;comment:;"` -} - -// 代码扫描信息结构体 -type PackageInfo struct { - Product string `json:"product"` - Sha string `json:"sha"` - PackageFullName string `json:"packagefullname"` -} - -// 人员信息结构体 -type PersonInfo struct { - RYPK string `gorm:"column:RYPK;primaryKey"` // 主键 - RYBM string `gorm:"column:RYBM"` // 人员编码 - XM string `gorm:"column:XM"` // 姓名 - SJH string `gorm:"column:SJH"` // 手机号 - DZYJ sql.NullString `gorm:"column:DZYJ"` // 电子邮件 - YGH string `gorm:"column:YGH"` // 员工号 - SSYJBMBM string `gorm:"column:SSYJBMBM"` // 所属一级部门编码 - SSYJBMMC string `gorm:"column:SSYJBMMC"` // 所属一级部门名称 - SSEJBMBM sql.NullString `gorm:"column:SSEJBMBM"` // 所属二级部门编码 - SSEJBMMC sql.NullString `gorm:"column:SSEJBMMC"` // 所属二级部门名称 - BMBM string `gorm:"column:BMBM"` // 部门编码 - BMMC string `gorm:"column:BMMC"` // 部门名称 - ZYBJ string `gorm:"column:ZYBJ"` // 在用标记(1:在用;0:停用) - Zjgxsj string `gorm:"column:zjgxsj"` // 时间戳 -} - -// 蓝信通知结构体 -type LanXinMessageArgs struct { - MessageText string `json:"messageText"` - PhoneNumbers []string `json:"phoneNumbers"` -} - -// 漏洞分析父任务列表 -type VulnanalysisParentTask struct { - TaskID int `gorm:"primaryKey;column:task_id;autoIncrement" json:"TaskID"` - VulnNumber string `gorm:"column:vuln_number;type:varchar(255);not null" json:"VulnNumber"` - VulnFormalNumber string `gorm:"column:vuln_formal_number;type:varchar(255);not null" json:"VulnFormalNumber"` - VulnExtraNumber string `gorm:"column:vuln_extra_number;type:varchar(255);not null" json:"VulnExtraNumber"` - Level string `gorm:"column:level;type:varchar(255);not null" json:"Level"` - ResponsiblePerson string `gorm:"column:responsible_person;type:varchar(255);not null" json:"ResponsiblePerson"` - TaskStatus string `gorm:"column:task_status;type:varchar(255);not null" json:"TaskStatus"` - TaskSource string `gorm:"column:task_source;type:varchar(255);" json:"TaskSource"` - TaskFlag string `gorm:"column:task_flag;type:varchar(255);" json:"TaskFlag"` - TaskEntryTime string `gorm:"column:task_entry_time" json:"TaskEntryTime"` - TaskUpdateTime string `gorm:"column:task_update_time" json:"TaskUpdateTime"` - TaskHandleReason string `gorm:"column:task_handle_reason;type:varchar(255)" json:"TaskHandleReason"` - AIApproverPerson string `gorm:"column:ai_approver_person;type:varchar(255)" json:"AIApproverPerson"` - AIRejectReason string `gorm:"column:ai_reject_reason;type:varchar(255)" json:"AIRejectReason"` - AISubmitTime string `gorm:"column:ai_submit_time" json:"AISubmitTime"` - AIApproverTime string `gorm:"column:ai_approver_time" json:"AIApproverTime"` - PrincipleApproverPerson string `gorm:"column:principle_approver_person;type:varchar(255)" json:"PrincipleApproverPerson"` - PrincipleRejectReason string `gorm:"column:principle_reject_reason;type:varchar(255)" json:"PrincipleRejectReason"` - PrincipleSubmitTime string `gorm:"column:principle_submit_time" json:"PrincipleSubmitTime"` - PrincipleApproverTime string `gorm:"column:principle_approver_time" json:"PrincipleApproverTime"` - InfluenceApproverPerson string `gorm:"column:influence_approver_person;type:varchar(255)" json:"InfluenceApproverPerson"` - InfluenceRejectReason string `gorm:"column:influence_reject_reason;type:varchar(255)" json:"InfluenceRejectReason"` - InfluenceSubmitTime string `gorm:"column:influence_submit_time" json:"InfluenceSubmitTime"` - InfluenceApproverTime string `gorm:"column:influence_approver_time" json:"InfluenceApproverTime"` - ReadStatus string `gorm:"column:read_status;type:varchar(255)" json:"ReadStatus"` -} - -// 漏洞分析任务列表 -type VulnanalysisTask struct { - TaskID int `gorm:"primaryKey;column:task_id;autoIncrement" json:"TaskID"` - VulnNumber string `gorm:"column:vuln_number;type:varchar(255);not null" json:"VulnNumber"` - VulnExtraNumber string `gorm:"column:vuln_extra_number;type:varchar(255);not null" json:"VulnExtraNumber"` - HazardLevel string `gorm:"column:hazard_level;type:varchar(255);not null" json:"HazardLevel"` - ComponentName string `gorm:"column:component_name;type:varchar(255);not null" json:"ComponentName"` - ResponsiblePerson string `gorm:"column:responsible_person;type:varchar(255);not null" json:"ResponsiblePerson"` - TaskSource string `gorm:"column:task_source;type:varchar(255);not null" json:"TaskSource"` - TaskStatus string `gorm:"column:task_status;type:varchar(255);not null" json:"TaskStatus"` - TaskEntryTime string `gorm:"column:task_entry_time" json:"TaskEntryTime"` - TaskUpdateTime string `gorm:"column:task_update_time" json:"TaskUpdateTime"` - TaskFlag string `gorm:"column:task_flag" json:"TaskFlag"` - AIApproverPerson string `gorm:"column:ai_approver_person;type:varchar(255)" json:"AIApproverPerson"` - AIRejectReason string `gorm:"column:ai_reject_reason;type:varchar(255)" json:"AIRejectReason"` - PrincipleApproverPerson string `gorm:"column:principle_approver_person;type:varchar(255)" json:"PrincipleApproverPerson"` - PrincipleRejectReason string `gorm:"column:principle_reject_reason;type:varchar(255)" json:"PrincipleRejectReason"` - InfluenceApproverPerson string `gorm:"column:influence_approver_person;type:varchar(255)" json:"InfluenceApproverPerson"` - InfluenceRejectReason string `gorm:"column:influence_reject_reason;type:varchar(255)" json:"InfluenceRejectReason"` - AISubmitTime string `gorm:"column:ai_submit_time" json:"AISubmitTime"` - PrincipleSubmitTime string `gorm:"column:principle_submit_time" json:"PrincipleSubmitTime"` - InfluenceSubmitTime string `gorm:"column:influence_submit_time" json:"InfluenceSubmitTime"` - AIApproverTime string `gorm:"column:ai_approver_time" json:"AIApproverTime"` - PrincipleApproverTime string `gorm:"column:principle_approver_time" json:"PrincipleApproverTime"` - InfluenceApproverTime string `gorm:"column:influence_approver_time" json:"InfluenceApproverTime"` -} - -// 获取漏洞分析任务列表参数 -type GetVulAnalysisTaskListArgs struct { - Page int `json:"Page"` //当前页码 - PageSize int `json:"PageSize"` //每页显示的数量 - GetVulnNumber string `json:"GetVulnNumber"` //编号 - GetComponentName string `json:"GetComponentName"` //组件名称 - GetResponsiblePerson string `json:"GetResponsiblePerson"` //负责人 - GetLevel []string `json:"GetLevel"` //等级 - GetParentTaskStatus []string `json:"GetParentTaskStatus"` //父任务状态 - GetTaskStatus []string `json:"GetTaskStatus"` //任务状态 - GetTaskSource []string `json:"GetTaskSource"` //任务来源 - GetTaskFlag []string `json:"GetTaskFlag"` //任务标记 - GetAIApproverPerson []string `json:"GetAIApproverPerson"` //AI审批 - GetTimeRange []time.Time `json:"GetTimeRange"` //时间范围 -} - -// 获取漏洞上游信息列表参数 -type GetSelectCVEOrgInfoArgs struct { - VulnNumber string `json:"VulnNumber"` //漏洞编号 - VulnExtraNumber string `json:"VulnExtraNumber"` //额外编号 - ComponentName string `json:"ComponentName"` // 组件名称 - Org string `json:"Org"` //源 -} - -// 导入的漏洞基础信息 -type ImportVulnBaseInfoArgs struct { - VulnNumber string `json:"VulnNumber"` //漏洞编号 - Info string `json:"Info"` // 漏洞描述 - Cvss string `json:"Cvss"` // CVSS -} - -// 分析任务的漏洞基础信息 -type EssenceList struct { - ID int `json:"ID"` // 自增主键 - VulnNumber string `json:"VulnNumber"` // 漏洞编号 - VulnExtraNumber string `json:"VulnExtraNumber"` // 额外编号 - HazardLevel string `json:"HazardLevel"` // 危害等级 - ComponentName string `json:"ComponentName"` // 组件名称 - CVEName string `json:"CVEName"` // CVE名称 - // Type string `json:"Type"` // 漏洞类型 - CWEID string `json:"CWEID"` // CWE编号 - CWEType string `json:"CWEType"` // CWE类型 - Info string `json:"Info"` // 漏洞描述 - CVSS string `json:"CVSS"` // CVSS向量(格式:CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) - CvssScore string `json:"CvssScore"` // CVSS评分(范围:0.0-10.0) - Links string `json:"Links"` // 参考链接(多URL用逗号分隔) - // POCLinks string `json:"POCLinks"` // POC链接 - // PedsLinks string `json:"PedsLinks"` // PED链接 - InTime string `json:"InTime"` // 感知时间 - UpdateTime string `json:"UpdateTime"` // 更新时间 - Approve string `json:"Approve"` // 审批状态 -} - -// 漏洞分析报告 -type ReportList struct { - ID int `json:"ID"` // 自增主键 - VulnNumber string `json:"VulnNumber"` // 漏洞编号 - VulnExtraNumber string `json:"VulnExtraNumber"` // 额外编号 - ComponentName string `json:"ComponentName"` // 组件名称 - Info string `json:"Info"` // 漏洞描述 - CVSS string `json:"CVSS"` // CVSS向量(格式:CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) - Principle string `json:"Principle"` // 漏洞原理 - POCUse string `json:"POCUse"` // 验证步骤(含环境搭建、漏洞验证方法) - OSRelationship string `json:"OSRelationship"` // 操作系统关联性 - Precondition string `json:"Precondition"` // 漏洞触发前提条件 - Possibility string `json:"Possibility"` // 漏洞利用可能性分析 - DesktopMitigationMeasures string `json:"DesktopMitigationMeasures"` // 桌面环境漏洞缓解措施 - ServerMitigationMeasures string `json:"ServerMitigationMeasures"` // 服务器环境漏洞缓解措施 - // FormalWay string `json:"FormalWay"` // 修复建议 - Approve string `json:"Approve"` // 审批状态 -} - -// 漏洞影响域 -type PatchLink struct { - SourceType string `json:"SourceType"` // 源类型 - Source string `json:"Source"` // 来源 - ExternalLink string `json:"ExternalLink"` // 外网链接 - InternalLink string `json:"InternalLink"` // 内网链接 - Score int64 `json:"Score"` // 评分 -} -type InfluenceList struct { - ID int `gorm:"column:id;primaryKey;autoIncrement" json:"ID"` // 自增主键 - VulnNumber string `gorm:"column:vuln_number" json:"VulnNumber"` // 漏洞编号 - VulnExtraNumber string `gorm:"column:vuln_extra_number" json:"VulnExtraNumber"` // 漏洞的额外标识编号 - ComponentName string `gorm:"column:component_name" json:"ComponentName"` // 漏洞所属组件 - ProductType string `gorm:"column:product_type" json:"ProductType"` // 产品形态:桌面、服务器、嵌入式、星光 - ComponentVersion string `gorm:"column:component_version" json:"ComponentVersion"` // 组件版本 - ComponentParentVersion string `gorm:"column:component_parent_version" json:"ComponentParentVersion"` // 组件父版本 - ComponentRepairVersion string `gorm:"column:component_repair_version" json:"ComponentRepairVersion"` // 组件修复版本 - Sha256 string `gorm:"column:sha256" json:"SHA256"` // SHA256 - PedsResult string `gorm:"column:peds_result" json:"PedsResult"` // 补丁检测结果 - PedsReason string `gorm:"column:peds_reason" json:"PedsReason"` // 补丁检测原因 - AnalysisResult string `gorm:"column:analysis_result" json:"AnalysisResult"` // 影响分析结果 - AnalysisReason string `gorm:"column:analysis_reason" json:"AnalysisReason"` // 影响分析原因 - RepairResult string `gorm:"column:repair_result" json:"RepairResult"` // 修复结果 - PatchLinks []PatchLink `gorm:"column:patch_links;serializer:json" json:"PatchLinks"` // 补丁链接 - Approve string `gorm:"column:approve" json:"Approve"` // 漏洞审批状态 -} -type InfluenceProductList struct { - ID int `gorm:"column:id;primaryKey;autoIncrement" json:"ID"` // 自增主键 - DistroID string `gorm:"distro_id" json:"DistroID"` // 镜像ID - BuildID string `gorm:"build_id" json:"BuildID"` // 构建ID - IsoName string `gorm:"iso_name" json:"IsoName"` // 镜像名称 - ProductType string `gorm:"product_type" json:"ProductType"` // 产品形态:桌面、服务器、嵌入式、星光 - VulnNumber string `gorm:"column:vuln_number" json:"VulnNumber"` // 漏洞编号 - VulnExtraNumber string `gorm:"column:vuln_extra_number" json:"VulnExtraNumber"` // 漏洞的额外标识编号 - ComponentName string `gorm:"column:component_name" json:"ComponentName"` // 漏洞所属组件 - Version string `gorm:"version" json:"Version"` // 组件版本 - Sha256 string `gorm:"sha256" json:"Sha256"` // SHA256 - DownloadUrl []string `gorm:"download_url;serializer:json" json:"DownloadUrl"` // 下载链接 - AnalysisResult string `gorm:"analysis_result" json:"AnalysisResult"` // 分析结论 - AnalysisReason string `gorm:"analysis_reason" json:"AnalysisReason"` // 分析原因 - PatchLinks []PatchLink `gorm:"column:patch_links;serializer:json" json:"PatchLinks"` // 补丁链接 - Approve string `gorm:"column:approve" json:"Approve"` // 漏洞审批状态 -} - -// 影响域列表 -type InfluenceISOList struct { - ID int `gorm:"column:id;primaryKey;autoIncrement" json:"ID"` // 自增主键 - ProductID int `gorm:"column:product_id" json:"ProductID"` //产品ID - ProductLine string `gorm:"column:product_line" json:"ProductLine"` // 产品线 - ProductionLine string `gorm:"column:production_line" json:"ProductionLine"` // 产线 - ProductName string `gorm:"column:product_name" json:"ProductName"` // 产品名称 - Version string `gorm:"column:version" json:"Version"` // 版本 - SubVersion string `gorm:"column:sub_version" json:"SubVersion"` // 子版本 - FrameWork string `gorm:"column:frame_work" json:"FrameWork"` // 架构 - BuildID string `gorm:"column:build_id" json:"BuildID"` // 构建ID - SHA256 string `gorm:"column:sha256" json:"SHA256"` // 组件SHA256 - MD5sum string `gorm:"column:md5sum" json:"MD5sum"` // 组件MD5 - ComponentVersion string `json:"ComponentVersion"` // 组件版本 -} - -// 导入分析任务 -type ImportVulAnalysisTaskArgs struct { - Type string `json:"Type"` // 任务处理类型 - VulnNumber string `json:"VulnNumber"` // 漏洞编号, - VulnExtraNumber string `json:"VulnExtraNumber"` // 额外编号, - HazardLevel string `json:"HazardLevel"` // 危害等级, - ComponentName string `json:"ComponentName"` // 组件名称, - TaskSource string `json:"TaskSource"` // 任务来源, - TaskFlag string `json:"TaskFlag"` // 任务标签, - Text string `json:"Text"` // 通知文本, - AIWorkFlow string `json:"AIWorkFlow"` // AI工作流 - Info string `json:"Info"` // 漏洞描述 - Cvss string `json:"Cvss"` // CVSS评分, -} -type VMImportVulAnalysisTaskArgs struct { - // Type string `json:"Type"` // 任务处理类型 - VulnNumber string `json:"VulnNumber"` // 漏洞编号, - VulnExtraNumber string `json:"all_title"` // 额外编号, - HazardLevel string `json:"hazard_level"` // 危害等级, - TaskSource string `json:"TaskSource"` // 任务来源, - TaskFlag string `json:"type"` // 任务标签, - AIWorkFlow string `json:"AIWorkFlow"` // AI工作流 -} - -// 构建及处理影响域数据参数列表 -type HandleInfluenceAnalysisTaskArgs struct { - VulnNumber string `json:"VulnNumber"` // 漏洞编号, - VulnExtraNumber string `json:"VulnExtraNumber"` // 额外编号, - ComponentName string `json:"ComponentName"` // 组件名称, - ProductList []InfluenceISOList `json:"ProductList"` // 影响域列表, -} - -// 更新分析任务状态 -type UpdateVulAnalysisTaskStatusArgs struct { - VulnNumber string `json:"VulnNumber"` // 漏洞编号 - ComponentName string `json:"ComponentName"` // 组件名称, - Type string `json:"Type"` // 更新模式 - Part string `json:"Part"` // 更新部分 - Text string `json:"Text"` // 通知文本 -} - -// 更新分析任务结果状态 -type UpdateVulAnalysisTaskResultArgs struct { - VulnNumber string `json:"VulnNumber"` // 漏洞编号 - ComponentName string `json:"ComponentName"` // 漏洞所属组件 - TableName string `json:"TableName"` // 更新表名 - Type string `json:"Type"` // 更新类型 -} - -// 删除漏洞分析结果 -type DeleteAnalysisResultArgs struct { - VulnNumber string `json:"VulnNumber"` // 漏洞编号 - ComponentName string `json:"ComponentName"` // 漏洞所属组件 - Part string `json:"Part"` //需要删除的部分 -} - -// 获取分析任务统计数据 -type GetAnalysisTrendArgs struct { - GetPerson string `json:"GetPerson"` // 获取人员 - GetTimeRange []time.Time `json:"GetTimeRange"` //时间范围 -} - -// 用户登录参数 -type AdminUser struct { - Username string `json:"username" binding:"required"` - Password string `json:"password" binding:"required"` - Captcha string `json:"captcha" binding:"required"` - CaptchaId string `json:"captchaId" binding:"required"` -} - -// TableName ScanArgs ScanArgs自定义表名 scan_args -func (ScanArgs) TableName() string { - return "scan_args" -} diff --git a/genmai_admin/web/src/view/FunctionManagement/SASTScan/S_Scan.vue b/genmai_admin/web/src/view/FunctionManagement/SASTScan/S_Scan.vue new file mode 100644 index 0000000000000000000000000000000000000000..e9830d2f8324bdf42b97316aa44f71e2583c9f4e --- /dev/null +++ b/genmai_admin/web/src/view/FunctionManagement/SASTScan/S_Scan.vue @@ -0,0 +1,247 @@ + + + \ No newline at end of file