Skip to content

Commit 0dcfd38

Browse files
committed
tmp
1 parent b669233 commit 0dcfd38

35 files changed

Lines changed: 2680 additions & 0 deletions
Lines changed: 64 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,64 @@
1+
<?php
2+
3+
declare(strict_types=1);
4+
5+
use Phinx\Migration\AbstractMigration;
6+
7+
final class VulnerabilityDatabase extends AbstractMigration
8+
{
9+
public function change(): void
10+
{
11+
if ($this->isMigratingUp()) {
12+
// Add settings
13+
$this->execute("INSERT INTO `Instance_Settings`(`IS_ID`, `IS_Name`) VALUES (19, 'Vulnerability Monitoring')");
14+
$this->execute("INSERT INTO `Instance_Settings_Values`(`ISV_IS_ID`, `ISV_Value`) VALUES (19, '0')");
15+
16+
// OS releases (e.g. Ubuntu 22.04 LTS jammy)
17+
$this->table('Operating_Systems', ['id' => 'OS_ID', 'primary_key' => ['OS_ID'], 'signed' => true])
18+
->addColumn('OS_Name', 'string', ['limit' => 50, 'null' => false])
19+
->addColumn('OS_Version', 'string', ['limit' => 50, 'null' => false])
20+
->addColumn('OS_Codename', 'string', ['limit' => 50, 'null' => true])
21+
->addIndex(['OS_Name', 'OS_Version'], ['unique' => true, 'name' => 'unique_os_name_version'])
22+
->create();
23+
24+
// One row per USN/advisory notice
25+
$this->table('Vulnerabilities', ['id' => 'V_ID', 'primary_key' => ['V_ID'], 'signed' => true])
26+
->addColumn('V_Title', 'string', ['limit' => 500, 'null' => false])
27+
->addColumn('V_USN_Id', 'string', ['limit' => 50, 'null' => true])
28+
->addColumn('V_USN_Url', 'string', ['limit' => 500, 'null' => true])
29+
->addColumn('V_Severity', 'string', ['limit' => 20, 'null' => false, 'default' => 'Unknown'])
30+
->addColumn('V_Issued_Date', 'date', ['null' => false])
31+
->addColumn('V_Description', 'text', ['null' => true])
32+
->addColumn('V_OS_ID', 'integer', ['null' => false])
33+
->addIndex(['V_USN_Id'], ['unique' => true, 'name' => 'unique_usn_id'])
34+
->addIndex(['V_Issued_Date'], ['name' => 'idx_vuln_issued_date'])
35+
->addForeignKey('V_OS_ID', 'Operating_Systems', 'OS_ID', ['delete' => 'CASCADE'])
36+
->create();
37+
38+
// Individual CVE records for a vulnerability
39+
$this->table('CVEs', ['id' => 'C_ID', 'primary_key' => ['C_ID'], 'signed' => true])
40+
->addColumn('C_CVE_Id', 'string', ['limit' => 30, 'null' => false])
41+
->addColumn('C_Priority', 'string', ['limit' => 20, 'null' => true])
42+
->addColumn('C_CVSS_Score', 'decimal', ['precision' => 3, 'scale' => 1, 'null' => true])
43+
->addColumn('C_CVSS_Severity', 'string', ['limit' => 20, 'null' => true])
44+
->addColumn('C_CVSS_Vector', 'string', ['limit' => 500, 'null' => true])
45+
->addColumn('C_Public_Date', 'date', ['null' => true])
46+
->addColumn('C_V_ID', 'integer', ['null' => false])
47+
->addIndex(['C_CVE_Id'], ['name' => 'idx_cve_id'])
48+
->addIndex(['C_V_ID'], ['name' => 'idx_cve_vuln'])
49+
->addForeignKey('C_V_ID', 'Vulnerabilities', 'V_ID', ['delete' => 'CASCADE'])
50+
->create();
51+
52+
// Packages affected by a vulnerability (with the fixed version to compare against)
53+
$this->table('Vulnerable_Packages', ['id' => 'VP_ID', 'primary_key' => ['VP_ID'], 'signed' => true])
54+
->addColumn('VP_Package_Name', 'string', ['limit' => 200, 'null' => false])
55+
->addColumn('VP_Fixed_Version', 'string', ['limit' => 200, 'null' => true])
56+
->addColumn('VP_V_ID', 'integer', ['null' => false])
57+
->addIndex(['VP_Package_Name'], ['name' => 'idx_pkg_name'])
58+
->addIndex(['VP_V_ID'], ['name' => 'idx_pkg_vuln'])
59+
->addIndex(['VP_V_ID', 'VP_Package_Name'], ['unique' => true, 'name' => 'unique_vuln_package'])
60+
->addForeignKey('VP_V_ID', 'Vulnerabilities', 'V_ID', ['delete' => 'CASCADE'])
61+
->create();
62+
}
63+
}
64+
}

src/classes/Constants/InstanceSettingsKeys.php

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -39,4 +39,6 @@ class InstanceSettingsKeys
3939
public const TIMERS_MONITOR_DAYS_DURATION = 17;
4040

4141
public const SEARCH_INDEX = 18;
42+
43+
public const VULNERABILITY_MONITOR = 19;
4244
}
Lines changed: 27 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,27 @@
1+
<?php
2+
3+
namespace dhope0000\LXDClient\Controllers\Vulnerabilities;
4+
5+
use dhope0000\LXDClient\Model\Users\FetchUserDetails;
6+
use dhope0000\LXDClient\Tools\Vulnerabilities\Scan\GetImpactedInstancesOverview;
7+
use Symfony\Component\Routing\Attribute\Route;
8+
9+
class GetImpactedInstancesOverviewController
10+
{
11+
public function __construct(
12+
private readonly FetchUserDetails $fetchUserDetails,
13+
private readonly GetImpactedInstancesOverview $getImpactedInstancesOverview,
14+
) {
15+
}
16+
17+
#[Route(path: '/api/Vulnerabilities/GetImpactedInstancesOverviewController/get', name: 'api_vulnerabilities_getimpactedinstancesoverviewcontroller_get', methods: ['POST'])]
18+
public function get(int $userId)
19+
{
20+
$isAdmin = $this->fetchUserDetails->isAdmin($userId);
21+
if (!$isAdmin) {
22+
throw new \Exception('No access', 1);
23+
}
24+
25+
return $this->getImpactedInstancesOverview->get();
26+
}
27+
}
Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,28 @@
1+
<?php
2+
3+
namespace dhope0000\LXDClient\Controllers\Vulnerabilities;
4+
5+
use dhope0000\LXDClient\Model\Vulnerabilities\Vulnerability\FetchVulnerabilityDetails;
6+
use dhope0000\LXDClient\Model\Users\FetchUserDetails;
7+
use Symfony\Component\Routing\Attribute\Route;
8+
9+
class GetVulnerabilitiesController
10+
{
11+
public function __construct(
12+
private readonly FetchUserDetails $fetchUserDetails,
13+
private readonly FetchVulnerabilityDetails $fetchVulnDetails,
14+
) {
15+
}
16+
17+
#[Route(path: '/api/Vulnerabilities/GetVulnerabilitiesController/get', name: 'api_vulnerabilities_getvulnerabilitiescontroller_get', methods: ['POST'])]
18+
public function get(int $userId, string $osFilter = '', int $limit = 100)
19+
{
20+
$isAdmin = $this->fetchUserDetails->isAdmin($userId);
21+
if (!$isAdmin) {
22+
throw new \Exception('No access', 1);
23+
}
24+
25+
$all = $this->fetchVulnDetails->fetchAll($osFilter ?: null);
26+
return array_slice($all, 0, $limit);
27+
}
28+
}
Lines changed: 31 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,31 @@
1+
<?php
2+
3+
namespace dhope0000\LXDClient\Controllers\Vulnerabilities;
4+
5+
use dhope0000\LXDClient\Model\Vulnerabilities\Vulnerability\FetchVulnerabilityDetails;
6+
use dhope0000\LXDClient\Model\Users\FetchUserDetails;
7+
use Symfony\Component\Routing\Attribute\Route;
8+
9+
class GetVulnerabilityOverviewController
10+
{
11+
public function __construct(
12+
private readonly FetchUserDetails $fetchUserDetails,
13+
private readonly FetchVulnerabilityDetails $fetchVulnDetails,
14+
) {
15+
}
16+
17+
#[Route(path: '/api/Vulnerabilities/GetVulnerabilityOverviewController/get', name: 'api_vulnerabilities_getvulnerabilityoverviewcontroller_get', methods: ['POST'])]
18+
public function get(int $userId)
19+
{
20+
$isAdmin = $this->fetchUserDetails->isAdmin($userId);
21+
if (!$isAdmin) {
22+
throw new \Exception('No access', 1);
23+
}
24+
25+
return [
26+
'summary' => $this->fetchVulnDetails->getSummary(),
27+
'severity_breakdown' => $this->fetchVulnDetails->getSeverityBreakdown(),
28+
'os_list' => $this->fetchVulnDetails->getOsList(),
29+
];
30+
}
31+
}
Lines changed: 27 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,27 @@
1+
<?php
2+
3+
namespace dhope0000\LXDClient\Controllers\Vulnerabilities;
4+
5+
use dhope0000\LXDClient\Model\Vulnerabilities\Vulnerability\FetchVulnerabilityDetails;
6+
use dhope0000\LXDClient\Model\Users\FetchUserDetails;
7+
use Symfony\Component\Routing\Attribute\Route;
8+
9+
class SearchVulnerabilitiesController
10+
{
11+
public function __construct(
12+
private readonly FetchUserDetails $fetchUserDetails,
13+
private readonly FetchVulnerabilityDetails $fetchVulnDetails,
14+
) {
15+
}
16+
17+
#[Route(path: '/api/Vulnerabilities/SearchVulnerabilitiesController/search', name: 'api_vulnerabilities_searchvulnerabilitiescontroller_search', methods: ['POST'])]
18+
public function search(int $userId, string $query)
19+
{
20+
$isAdmin = $this->fetchUserDetails->isAdmin($userId);
21+
if (!$isAdmin) {
22+
throw new \Exception('No access', 1);
23+
}
24+
25+
return $this->fetchVulnDetails->search($query);
26+
}
27+
}
Lines changed: 23 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,23 @@
1+
<?php
2+
3+
namespace dhope0000\LXDClient\Model\Vulnerabilities\Cve;
4+
5+
use dhope0000\LXDClient\Model\Database\Database;
6+
7+
class DeleteCvesByIds
8+
{
9+
private \PDO $db;
10+
11+
public function __construct(Database $database)
12+
{
13+
$this->db = $database->dbObject;
14+
}
15+
16+
public function delete(int $vId, array $cveIds): int
17+
{
18+
$placeholders = implode(',', array_fill(0, count($cveIds), '?'));
19+
$stmt = $this->db->prepare("DELETE FROM `CVEs` WHERE `C_V_ID` = :v_id AND `C_CVE_Id` IN ({$placeholders})");
20+
$stmt->execute(array_merge([$vId], $cveIds));
21+
return (int) $stmt->rowCount();
22+
}
23+
}
Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,22 @@
1+
<?php
2+
3+
namespace dhope0000\LXDClient\Model\Vulnerabilities\Cve;
4+
5+
use dhope0000\LXDClient\Model\Database\Database;
6+
7+
class FetchCveIdsByVuln
8+
{
9+
private \PDO $db;
10+
11+
public function __construct(Database $database)
12+
{
13+
$this->db = $database->dbObject;
14+
}
15+
16+
public function fetch(int $vId): array
17+
{
18+
$stmt = $this->db->prepare("SELECT `C_CVE_Id` FROM `CVEs` WHERE `C_V_ID` = :v_id");
19+
$stmt->execute([':v_id' => $vId]);
20+
return $stmt->fetchAll(\PDO::FETCH_COLUMN);
21+
}
22+
}
Lines changed: 42 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,42 @@
1+
<?php
2+
3+
namespace dhope0000\LXDClient\Model\Vulnerabilities\Cve;
4+
5+
use dhope0000\LXDClient\Model\Database\Database;
6+
7+
class InsertCve
8+
{
9+
private \PDO $db;
10+
11+
public function __construct(Database $database)
12+
{
13+
$this->db = $database->dbObject;
14+
}
15+
16+
public function insert(
17+
string $cveId,
18+
int $vId,
19+
?string $priority,
20+
?float $cvssScore,
21+
?string $cvssSeverity,
22+
?string $cvssVector,
23+
?string $publicDate
24+
): int {
25+
$stmt = $this->db->prepare(
26+
"INSERT INTO `CVEs`
27+
(`C_CVE_Id`, `C_V_ID`, `C_Priority`, `C_CVSS_Score`, `C_CVSS_Severity`, `C_CVSS_Vector`, `C_Public_Date`)
28+
VALUES (:cve_id, :v_id, :priority, :cvss_score, :cvss_severity, :cvss_vector, :public_date)"
29+
);
30+
$stmt->execute([
31+
':cve_id' => $cveId,
32+
':v_id' => $vId,
33+
':priority' => $priority,
34+
':cvss_score' => $cvssScore,
35+
':cvss_severity' => $cvssSeverity,
36+
':cvss_vector' => $cvssVector,
37+
':public_date' => $publicDate,
38+
]);
39+
40+
return (int) $this->db->lastInsertId();
41+
}
42+
}
Lines changed: 46 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,46 @@
1+
<?php
2+
3+
namespace dhope0000\LXDClient\Model\Vulnerabilities\Cve;
4+
5+
use dhope0000\LXDClient\Model\Database\Database;
6+
7+
class UpdateCve
8+
{
9+
private \PDO $db;
10+
11+
public function __construct(Database $database)
12+
{
13+
$this->db = $database->dbObject;
14+
}
15+
16+
public function update(
17+
string $cveId,
18+
int $vId,
19+
?string $priority,
20+
?float $cvssScore,
21+
?string $cvssSeverity,
22+
?string $cvssVector,
23+
?string $publicDate
24+
): bool {
25+
$stmt = $this->db->prepare(
26+
"UPDATE `CVEs` SET
27+
`C_Priority` = :priority,
28+
`C_CVSS_Score` = :cvss_score,
29+
`C_CVSS_Severity` = :cvss_severity,
30+
`C_CVSS_Vector` = :cvss_vector,
31+
`C_Public_Date` = :public_date
32+
WHERE `C_CVE_Id` = :cve_id AND `C_V_ID` = :v_id"
33+
);
34+
$stmt->execute([
35+
':cve_id' => $cveId,
36+
':v_id' => $vId,
37+
':priority' => $priority,
38+
':cvss_score' => $cvssScore,
39+
':cvss_severity' => $cvssSeverity,
40+
':cvss_vector' => $cvssVector,
41+
':public_date' => $publicDate,
42+
]);
43+
44+
return $stmt->rowCount() > 0;
45+
}
46+
}

0 commit comments

Comments
 (0)